diff options
| author | Philip Häusler <msquare@notrademark.de> | 2013-09-10 14:27:31 +0200 |
|---|---|---|
| committer | Philip Häusler <msquare@notrademark.de> | 2013-09-10 14:27:31 +0200 |
| commit | a47b1935cb6310e05e4e6b15512b21b7cd4eec3c (patch) | |
| tree | c966f9f44aace4f40baf2d55bd7c9ffc6c45a85f /includes | |
| parent | 4b2284797641c7c824a6d5efe32bd48884223d94 (diff) | |
#119 added basic shift json export support using same pattern like ical export
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/controller/shifts_controller.php | 34 | ||||
| -rw-r--r-- | includes/model/User_model.php | 24 | ||||
| -rw-r--r-- | includes/pages/admin_shifts.php | 3 | ||||
| -rw-r--r-- | includes/pages/user_atom.php | 23 | ||||
| -rw-r--r-- | includes/pages/user_ical.php | 10 | ||||
| -rw-r--r-- | includes/pages/user_myshifts.php | 4 | ||||
| -rw-r--r-- | includes/pages/user_shifts.php | 6 | ||||
| -rw-r--r-- | includes/sys_user.php | 6 |
8 files changed, 83 insertions, 27 deletions
diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php new file mode 100644 index 00000000..1cd7b5d6 --- /dev/null +++ b/includes/controller/shifts_controller.php @@ -0,0 +1,34 @@ +<?php + +/** + * Export filtered shifts via JSON. (Like iCal Export or shifts view) + */ +function shifts_json_export_controller() { + global $ical_shifts, $user; + + if (isset ($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) + $key = $_REQUEST['key']; + else + die("Missing key."); + + $user = User_by_api_key($key); + if($user === false) + die("Unable to find user."); + if($user == null) + die("Key invalid."); + if(!in_array('shifts_json_export', privileges_for_user($user['UID']))) + die("No privilege for shifts_json_export."); + + if (isset ($_REQUEST['export']) && $_REQUEST['export'] == 'user_shifts') { + require_once ('includes/pages/user_shifts.php'); + view_user_shifts(); + } else { + $ical_shifts = sql_select("SELECT `Shifts`.*, `Room`.`Name` as `room_name` FROM `ShiftEntry` INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($user['UID']) . " ORDER BY `start`"); + } + + header("Content-Type: application/json; charset=utf-8"); + echo json_encode($ical_shifts); + die(); +} + +?>
\ No newline at end of file diff --git a/includes/model/User_model.php b/includes/model/User_model.php index c2d2282e..d79ede17 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -11,4 +11,28 @@ function User($id) { return null; } +/** + * Returns User by api_key. + * @param string $api_key User api key + * @return Matching user, null or false on error + */ +function User_by_api_key($api_key) { + $user = sql_select("SELECT * FROM `User` WHERE `api_key`='" . sql_escape($api_key) . "' LIMIT 1"); + if($user === false) + return false; + if (count($user) == 0) + return null; + return $user[0]; +} + +/** + * Generates a new api key for given user. + * @param User $user + */ +function User_reset_api_key($user) { + $user['api_key'] = md5($user['Nick'] . time() . rand()); + sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); + engelsystem_log("API key resetted."); +} + ?>
\ No newline at end of file diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index 9a0dde35..178e4e88 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -12,7 +12,7 @@ function admin_shifts() { $mode = ''; $angelmode = ''; $length = ''; - $change_hours = ''; + $change_hours = array(); // Locations laden (auch unsichtbare - fuer Erzengel ist das ok) $rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); @@ -209,7 +209,6 @@ function admin_shifts() { $hidden_types = ""; foreach ($needed_angel_types as $type_id => $count) $hidden_types .= '<input type="hidden" name="type_' . $type_id . '" value="' . $count . '" />'; - sort($change_hours); return template_render('../templates/admin_shift_preview.html', array ( 'shifts_table' => $shifts_table, 'name' => $name, diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index fd28510f..c9420c91 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -9,16 +9,19 @@ function user_atom() { else die("Missing key."); - $user = sql_select("SELECT * FROM `User` WHERE `ical_key`='" . sql_escape($key) . "' LIMIT 1"); - if (count($user) == 0) + $user = User_by_api_key($key); + if($user === false) + die("Unable to find user."); + if($user == null) die("Key invalid."); + if(!in_array('atom', privileges_for_user($user['UID']))) + die("No privilege for atom."); - $user = $user[0]; $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings'])? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS)); header('Content-Type: application/atom+xml; charset=utf-8'); $html = '<?xml version="1.0" encoding="utf-8"?> -<feed xmlns="http://www.w3.org/2005/Atom"> + <feed xmlns="http://www.w3.org/2005/Atom"> <title>Engelsystem</title> <id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id> <updated>' . date('Y-m-d\TH:i:sP', $news[0]['Datum']) . "</updated>\n"; @@ -29,11 +32,11 @@ function user_atom() { <id>" . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-${news_entry['ID']}</id> <updated>" . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . "</updated> <summary type=\"html\">" . htmlspecialchars($news_entry['Text']) . "</summary> - </entry>\n"; - } - $html .= "</feed>"; - header("Content-Length: " . strlen($html)); - echo $html; - die(); + </entry>\n"; +} +$html .= "</feed>"; +header("Content-Length: " . strlen($html)); +echo $html; +die(); } ?> diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php index 2b5632e3..d994ce31 100644 --- a/includes/pages/user_ical.php +++ b/includes/pages/user_ical.php @@ -10,11 +10,13 @@ function user_ical() { else die("Missing key."); - $user = sql_select("SELECT * FROM `User` WHERE `ical_key`='" . sql_escape($key) . "' LIMIT 1"); - if (count($user) == 0) + $user = User_by_api_key($key); + if($user === false) + die("Unable to find user."); + if($user == null) die("Key invalid."); - - $user = $user[0]; + if(!in_array('ical', privileges_for_user($user['UID']))) + die("No privilege for ical."); if (isset ($_REQUEST['export']) && $_REQUEST['export'] == 'user_shifts') { require_once ('includes/pages/user_shifts.php'); diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index 4fec4872..a19ee34e 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -17,7 +17,7 @@ function user_myshifts() { if (isset ($_REQUEST['reset'])) { if ($_REQUEST['reset'] == "ack") { - user_reset_ical_key($user); + User_reset_api_key($user); success("Key geändert."); redirect(page_link_to('user_myshifts')); } @@ -118,7 +118,7 @@ function user_myshifts() { 'actions' => "Aktion" ), $myshifts_table), $id == $user['UID'] && count($shifts) == 0 ? error(sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')), true) : '', - "<h2>iCal Export</h2>" . sprintf(Get_Text('inc_schicht_ical_text'), page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'], page_link_to('user_myshifts') . '&reset') + "<h2>iCal Export</h2>" . sprintf(Get_Text('inc_schicht_ical_text'), page_link_to_absolute('ical') . '&key=' . $shifts_user['api_key'], page_link_to('user_myshifts') . '&reset') )); } ?> diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 727bd696..6a7d6ed5 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -690,8 +690,8 @@ function view_user_shifts() { ), $shifts_table); } -if ($user['ical_key'] == "") - user_reset_ical_key($user); +if ($user['api_key'] == "") + User_reset_api_key($user); return msg() . template_render('../templates/user_shifts.html', array ( 'room_select' => make_select($rooms, $_SESSION['user_shifts']['rooms'], "rooms", ucfirst(Get_Text("rooms"))), @@ -704,7 +704,7 @@ return msg() . template_render('../templates/user_shifts.html', array ( 'task_notice' => '<sup>1</sup>' . Get_Text("pub_schichtplan_tasks_notice"), 'new_style_checkbox' => '<label><input type="checkbox" name="new_style" value="1" ' . ($_SESSION['user_shifts']['new_style']? ' checked' : '') . '> Use new style if possible</label>', 'shifts_table' => $shifts_table, - 'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'), htmlspecialchars(make_user_shifts_ical_link($user['ical_key'])), page_link_to('user_myshifts') . '&reset'), + 'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'), htmlspecialchars(make_user_shifts_ical_link($user['api_key'])), page_link_to('user_myshifts') . '&reset'), 'filter' => ucfirst(Get_Text("to_filter")), )); } diff --git a/includes/sys_user.php b/includes/sys_user.php index 231b2b62..53976f5a 100644 --- a/includes/sys_user.php +++ b/includes/sys_user.php @@ -28,12 +28,6 @@ $tshirt_sizes = array ( 'XL-G' => "XL Girl" ); -function user_reset_ical_key($user) { - $user['ical_key'] = md5($user['Nick'] . time() . rand()); - sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); - engelsystem_log("iCal key resetted."); -} - function UID2Nick($UID) { if ($UID > 0) $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'"; |