diff options
author | Philip Häusler <msquare@notrademark.de> | 2013-09-18 01:38:36 +0200 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2013-09-18 01:38:36 +0200 |
commit | bfb0cacd541cc20129a3c0ac77130370741dca18 (patch) | |
tree | 0a0e86e1a53d712065664c12d06603bc044df9ec /includes | |
parent | d50cc21f50cb3ec3afdabb74a20d81bd1a53dfbd (diff) |
mysql to mysqli and a lot of cleanup and mvc
Diffstat (limited to 'includes')
-rw-r--r-- | includes/helper/error_helper.php | 11 | ||||
-rw-r--r-- | includes/helper/message_helper.php | 59 | ||||
-rw-r--r-- | includes/model/LogEntries_model.php | 7 | ||||
-rw-r--r-- | includes/model/Sprache_model.php | 18 | ||||
-rw-r--r-- | includes/model/User_model.php | 7 | ||||
-rw-r--r-- | includes/mysql_provider.php | 176 | ||||
-rw-r--r-- | includes/pages/admin_language.php | 205 | ||||
-rw-r--r-- | includes/pages/admin_news.php | 6 | ||||
-rw-r--r-- | includes/pages/admin_questions.php | 24 | ||||
-rw-r--r-- | includes/pages/admin_user.php | 38 | ||||
-rw-r--r-- | includes/pages/user_messages.php | 207 | ||||
-rw-r--r-- | includes/pages/user_news.php | 15 | ||||
-rw-r--r-- | includes/pages/user_questions.php | 7 | ||||
-rw-r--r-- | includes/pages/user_wakeup.php | 145 | ||||
-rw-r--r-- | includes/sys_auth.php | 5 | ||||
-rw-r--r-- | includes/sys_lang.php | 38 | ||||
-rw-r--r-- | includes/sys_mysql.php | 84 | ||||
-rw-r--r-- | includes/sys_page.php | 55 | ||||
-rw-r--r-- | includes/sys_shift.php | 454 | ||||
-rw-r--r-- | includes/sys_template.php | 252 | ||||
-rw-r--r-- | includes/sys_user.php | 133 | ||||
-rw-r--r-- | includes/view/Shifts_view.php | 11 | ||||
-rw-r--r-- | includes/view/Sprache_view.php | 36 | ||||
-rw-r--r-- | includes/view/User_view.php | 45 |
24 files changed, 847 insertions, 1191 deletions
diff --git a/includes/helper/error_helper.php b/includes/helper/error_helper.php new file mode 100644 index 00000000..d26485d6 --- /dev/null +++ b/includes/helper/error_helper.php @@ -0,0 +1,11 @@ +<?php + +/** + * Displays a fatal message and stops execution. + * @param string $message + */ +function engelsystem_error($message) { + die($message); +} + +?>
\ No newline at end of file diff --git a/includes/helper/message_helper.php b/includes/helper/message_helper.php new file mode 100644 index 00000000..c582c5b1 --- /dev/null +++ b/includes/helper/message_helper.php @@ -0,0 +1,59 @@ +<?php + +/** + * Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher + */ +function msg() { + if (!isset ($_SESSION['msg'])) + return ""; + $msg = $_SESSION['msg']; + $_SESSION['msg'] = ""; + return $msg; +} + +/** + * Rendert eine Information + */ +function info($msg, $immediatly = false) { + if ($immediatly) { + if ($msg == "") + return ""; + return '<p class="info">' . $msg . '</p>'; + } else { + if (!isset ($_SESSION['msg'])) + $_SESSION['msg'] = ""; + $_SESSION['msg'] .= info($msg, true); + } +} + +/** + * Rendert eine Fehlermeldung + */ +function error($msg, $immediatly = false) { + if ($immediatly) { + if ($msg == "") + return ""; + return '<p class="error">' . $msg . '</p>'; + } else { + if (!isset ($_SESSION['msg'])) + $_SESSION['msg'] = ""; + $_SESSION['msg'] .= error($msg, true); + } +} + +/** + * Rendert eine Erfolgsmeldung + */ +function success($msg, $immediatly = false) { + if ($immediatly) { + if ($msg == "") + return ""; + return '<p class="success">' . $msg . '</p>'; + } else { + if (!isset ($_SESSION['msg'])) + $_SESSION['msg'] = ""; + $_SESSION['msg'] .= success($msg, true); + } +} + +?>
\ No newline at end of file diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php index f8a552f2..1fa97356 100644 --- a/includes/model/LogEntries_model.php +++ b/includes/model/LogEntries_model.php @@ -6,17 +6,14 @@ * @param $message Log Message */ function LogEntry_create($nick, $message) { - $timestamp = time(); - - sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'"); + return sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape(time()) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'"); } /** * Returns log entries of the last 24 hours with maximum count of 1000. */ function LogEntries() { - $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000"); - return $log_entries_source; + return sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000"); } diff --git a/includes/model/Sprache_model.php b/includes/model/Sprache_model.php new file mode 100644 index 00000000..55683411 --- /dev/null +++ b/includes/model/Sprache_model.php @@ -0,0 +1,18 @@ +<?php + +/** + * Load a string by key. + * @param string $textid + * @param string $sprache + */ +function Sprache($textid, $sprache) { + $sprache_source = sql_select("SELECT * FROM `Sprache` WHERE `TextID`='" . sql_escape($textid) . "' AND `Sprache`='" . sql_escape($sprache) . "' LIMIT 1"); + if($sprache_source === false) + return false; + if(count($sprache_source) == 1) + return $sprache_source[0]; + return null; +} + + +?>
\ No newline at end of file diff --git a/includes/model/User_model.php b/includes/model/User_model.php index 4e833aef..7eb31e8e 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -1,11 +1,12 @@ <?php - /** * Returns user by id. * @param $id UID */ function User($id) { $user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if($user_source === false) + return false; if(count($user_source) > 0) return $user_source[0]; return null; @@ -31,7 +32,9 @@ function User_by_api_key($api_key) { */ function User_reset_api_key(&$user) { $user['api_key'] = md5($user['Nick'] . time() . rand()); - sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); + $result = sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); + if($result === false) + return false; engelsystem_log("API key resetted."); } diff --git a/includes/mysql_provider.php b/includes/mysql_provider.php new file mode 100644 index 00000000..d9e78fb4 --- /dev/null +++ b/includes/mysql_provider.php @@ -0,0 +1,176 @@ +<?php + +/** + * Close connection. + */ +function sql_close() { + global $sql_connection; + + return $sql_connection->close(); +} + +/** + * Start new transaction. + */ +function sql_transaction_start() { + global $sql_nested_transaction_level; + + if($sql_nested_transaction_level++ == 0) + return sql_query("BEGIN"); + else + return true; +} + +/** + * Commit transaction. + */ +function sql_transaction_commit() { + global $sql_nested_transaction_level; + + if(--$sql_nested_transaction_level == 0) + return sql_query("COMMIT"); + else + return true; +} + +/** + * Stop transaction, revert database. + */ +function sql_transaction_rollback() { + global $sql_nested_transaction_level; + + if(--$sql_nested_transaction_level == 0) + return sql_query("ROLLBACK"); + else + return true; +} + +/** + * Logs an sql error. + * @param string $message + * @return false + */ +function sql_error($message) { + sql_close(); + + $message = trim($message) . "\n"; + $message .= debug_string_backtrace() . "\n"; + + error_log('mysql_provider error: ' . $message); + + return false; +} + +/** + * Connect to mysql server. + * @param string $host Host + * @param string $user Username + * @param string $pass Password + * @param string $db DB to select + * @return mysqli The connection handler + */ +function sql_connect($host, $user, $pass, $db) { + global $sql_connection; + + $sql_connection = new mysqli($host, $user, $pass, $db); + if ($sql_connection->connect_errno) + return sql_error("Unable to connect to MySQL: " . $sql_connection->connect_error); + + $result = $sql_connection->query("SET CHARACTER SET utf8;"); + if (! $result) + return sql_error("Unable to set utf8 character set (" . $sql_connection->errno . ") " . $sql_connection->error); + + $result = $sql_connection->set_charset('utf8'); + if (! $result) + return sql_error("Unable to set utf8 names (" . $sql_connection->errno . ") " . $sql_connection->error); + + return $sql_connection; +} + +/** + * Change the selected db in current mysql-connection. + * @param $db_name + * @return bool true on success, false on error + */ +function sql_select_db($db_name) { + global $sql_connection; + if (!$sql_connection->select_db($db_name)) + return sql_error("No database selected."); + return true; +} + +/** + * MySQL SELECT query + * @param string $query + * @return Result array or false on error + */ +function sql_select($query) { + global $sql_connection; + + $result = $sql_connection->query($query); + if ($result) { + $data = array(); + while ($line = $result->fetch_assoc()) + array_push($data, $line); + return $data; + } else + return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error); +} + +/** + * MySQL execute a query + * @param string $query + * @return mysqli_result|boolean Result resource or false on error + */ +function sql_query($query) { + global $sql_connection; + + $result = $sql_connection->query($query); + if ($result) { + return $result; + } else + usr_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error); +} + +/** + * Returns last inserted id. + * + * @return int + */ +function sql_id() { + global $sql_connection; + return $sql_connection->insert_id; +} + +/** + * Escape a string for a sql query. + * + * @param string $query + * @return string + */ +function sql_escape($query) { + global $sql_connection; + return $sql_connection->real_escape_string($query); +} + +/** + * Count query result lines. + * + * @param string $query + * @return int Count of result lines + */ +function sql_num_query($query) { + global $sql_connection; + return sql_query($query)->num_rows; +} + +function sql_select_single_col($query) { + $result = sql_select($query); + return array_map('array_shift', $result); +} + +function sql_select_single_cell($query) { + return array_shift(array_shift(sql_select($query))); +} + +?> diff --git a/includes/pages/admin_language.php b/includes/pages/admin_language.php index be89fc70..00afe622 100644 --- a/includes/pages/admin_language.php +++ b/includes/pages/admin_language.php @@ -1,110 +1,105 @@ <?php function admin_language() { - global $user; - - $html = ""; - if (!isset ($_POST["TextID"])) { - $html .= Get_Text("Hello") . User_Nick_render($user) . ", <br />\n"; - $html .= Get_Text("pub_sprache_text1") . "<br /><br />\n"; - - $html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>"; - // ausgabe Tabellenueberschift - $SQL_Sprachen = "SELECT `Sprache` FROM `Sprache` GROUP BY `Sprache`;"; - $erg_Sprachen = sql_query($SQL_Sprachen); - - for ($i = 0; $i < mysql_num_rows($erg_Sprachen); $i++) - $Sprachen[mysql_result($erg_Sprachen, $i, "Sprache")] = $i; - - $html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>"; - $html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>"; - foreach ($Sprachen as $Name => $Value) - $html .= "<td class=\"contenttopic\"><b>" . - Get_Text("pub_sprache_Sprache") . " " . $Name . - "</b></td>"; - $html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>"; - $html .= "\t\t</tr>"; - - if (isset ($_GET["ShowEntry"])) { - // ausgabe eintraege - $SQL = "SELECT * FROM `Sprache` ORDER BY `TextID`;"; - $erg = sql_query($SQL); - - $TextID_Old = mysql_result($erg, 0, "TextID"); - for ($i = 0; $i < mysql_num_rows($erg); $i++) { - $TextID_New = mysql_result($erg, $i, "TextID"); - if ($TextID_Old != $TextID_New) { - $html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">"; - $html .= "<tr class=\"content\">\n"; - $html .= "\t\t<td>$TextID_Old " . - "<input name=\"TextID\" type=\"hidden\" value=\"$TextID_Old\"> </td>\n"; - - foreach ($Sprachen as $Name => $Value) { - $Value = html_entity_decode($Value, ENT_QUOTES); - $html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n"; - $Sprachen[$Name] = ""; - } - - $html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n"; - $html .= "</tr>"; - $html .= "</form>\n"; - $TextID_Old = $TextID_New; - } - $Sprachen[mysql_result($erg, $i, "Sprache")] = mysql_result($erg, $i, "Text"); - } /*FOR*/ - } - - //fuer neu eintraege - $html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">"; - $html .= "<tr class=\"content\">\n"; - $html .= "\t\t<td><input name=\"TextID\" type=\"text\" size=\"40\" value=\"new\"> </td>\n"; - - foreach ($Sprachen as $Name => $Value) - $html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Name Text</textarea></td>\n"; - - $html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n"; - $html .= "</tr>"; - $html .= "</form>\n"; - - $html .= "</table>\n"; - } /*if( !isset( $TextID ) )*/ - else { - $html .= "edit: " . $_POST["TextID"] . "<br /><br />"; - foreach ($_POST as $k => $v) { - if ($k != "TextID") { - $sql_test = "SELECT * FROM `Sprache` " . - "WHERE `TextID`='" . sql_escape($_POST["TextID"]) - . "' AND `Sprache`='" - . sql_escape($k) . "'"; - - $erg_test = sql_query($sql_test); - - if (mysql_num_rows($erg_test) == 0) { - $sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " . - "VALUES ('" . sql_escape($_POST["TextID"]) . "', '" - . sql_escape($k) . "', '" - . sql_escape($v) . "')"; - - $html .= $sql_save . "<br />"; - $Erg = sql_query($sql_save); - $html .= success("$k Save: OK<br />\n", true); - } else - if (mysql_result($erg_test, 0, "Text") != $v) { - $sql_save = "UPDATE `Sprache` SET `Text`='" - . sql_escape($v) . "' " . - "WHERE `TextID`='" - . sql_escape($_POST["TextID"]) - . "' AND `Sprache`='" . sql_escape($k) . "' "; - - $html .= $sql_save . "<br />"; - $Erg = sql_query($sql_save); - $html .= success(" $k Update: OK<br />\n", true); - } else - $html .= "\t $k no changes<br />\n"; - } - } - - } - return $html; + global $user; + global $languages; + + $html = ""; + if (!isset ($_POST["TextID"])) { + $html .= Get_Text("Hello") . User_Nick_render($user) . ", <br />\n"; + $html .= Get_Text("pub_sprache_text1") . "<br /><br />\n"; + + $html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>"; + // ausgabe Tabellenueberschift + $html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>"; + $html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>"; + foreach($languages as $language => $language_name) { + $html .= "<td class=\"contenttopic\"><b>" . + Get_Text("pub_sprache_Sprache") . " " . $language . + "</b></td>"; + $Sprachen[$language] = $language_name; + } + $html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>"; + $html .= "\t\t</tr>"; + + if (isset ($_GET["ShowEntry"])) { + // ausgabe eintraege + $sprache_source = sql_select("SELECT * FROM `Sprache` ORDER BY `TextID`, `Sprache`"); + + $TextID_Old = $sprache_source[0]['TextID']; + foreach($sprache_source as $sprache_entry) { + $TextID_New = $sprache_entry['TextID']; + if ($TextID_Old != $TextID_New) { + $html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">"; + $html .= "<tr class=\"content\">\n"; + $html .= "\t\t<td>$TextID_Old " . + "<input name=\"TextID\" type=\"hidden\" value=\"$TextID_Old\"> </td>\n"; + + foreach ($Sprachen as $Name => $Value) { + $Value = html_entity_decode($Value, ENT_QUOTES); + $html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n"; + $Sprachen[$Name] = ""; + } + + $html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n"; + $html .= "</tr>"; + $html .= "</form>\n"; + $TextID_Old = $TextID_New; + } + $Sprachen[$sprache_entry['Sprache']] = $sprache_entry['Text']; + } /*FOR*/ + } + + //fuer neu eintraege + $html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">"; + $html .= "<tr class=\"content\">\n"; + $html .= "\t\t<td><input name=\"TextID\" type=\"text\" size=\"40\" value=\"new\"> </td>\n"; + + foreach ($Sprachen as $Name => $Value) + $html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Name Text</textarea></td>\n"; + + $html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n"; + $html .= "</tr>"; + $html .= "</form>\n"; + + $html .= "</table>\n"; + } /*if( !isset( $TextID ) )*/ + else { + $html .= "edit: " . $_POST["TextID"] . "<br /><br />"; + foreach ($_POST as $k => $v) { + if ($k != "TextID") { + $sql_test = "SELECT * FROM `Sprache` " . + "WHERE `TextID`='" . sql_escape($_POST["TextID"]) + . "' AND `Sprache`='" + . sql_escape($k) . "'"; + + $erg_test = sql_select("SELECT * FROM `Sprache` WHERE `TextID`='" . sql_escape($_POST["TextID"]) . "' AND `Sprache`='" . sql_escape($k) . "'"); + if (count($erg_test) == 0) { + $sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " . + "VALUES ('" . sql_escape($_POST["TextID"]) . "', '" + . sql_escape($k) . "', '" + . sql_escape($v) . "')"; + + $html .= $sql_save . "<br />"; + $Erg = sql_query($sql_save); + $html .= success("$k Save: OK<br />\n", true); + } else + if ($erg_test[0]['Text'] != $v) { + $sql_save = "UPDATE `Sprache` SET `Text`='" + . sql_escape($v) . "' " . + "WHERE `TextID`='" + . sql_escape($_POST["TextID"]) + . "' AND `Sprache`='" . sql_escape($k) . "' "; + + $html .= $sql_save . "<br />"; + $Erg = sql_query($sql_save); + $html .= success(" $k Update: OK<br />\n", true); + } else + $html .= "\t $k no changes<br />\n"; + } + } + + } + return $html; } ?> diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 661aa511..25807151 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -17,6 +17,10 @@ function admin_news() { if (count($news) > 0) { list ($news) = $news; + $user_source = User($news['UID']); + if($user_source === false) + engelsystem_error("Unable to load user."); + $html .= '<a href="' . page_link_to("news") . '">« Back</a>'; $html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n"; @@ -29,7 +33,7 @@ function admin_news() { $html .= " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" . $news["Text"] . "</textarea></td></tr>\n"; $html .= " <tr><td>Engel</td><td>" . - UID2Nick($news["UID"]) . "</td></tr>\n"; + User_Nick_render($user_source) . "</td></tr>\n"; $html .= " <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array ( '1' => "Ja", '0' => "Nein" diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 1e410f07..516d52c9 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -18,28 +18,42 @@ function admin_questions() { if (!isset ($_REQUEST['action'])) { $open_questions = ""; $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0"); - foreach ($questions as $question) + foreach ($questions as $question) { + $user_source = User($question['UID']); + if($user_source === false) + engelsystem_error("Unable to load user."); + $open_questions .= template_render( '../templates/admin_question_unanswered.html', array ( - 'question_nick' => UID2Nick($question['UID']), + 'question_nick' => User_Nick_render($user_source), 'question_id' => $question['QID'], 'link' => page_link_to("admin_questions"), 'question' => str_replace("\n", '<br />', $question['Question']) )); + } $answered_questions = ""; $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0"); - foreach ($questions as $question) + foreach ($questions as $question) { + $user_source = User($question['UID']); + if($user_source === false) + engelsystem_error("Unable to load user."); + + $answer_user_source = User($question['AID']); + if($answer_user_source === false) + engelsystem_error("Unable to load user."); + $answered_questions .= template_render( '../templates/admin_question_answered.html', array ( 'question_id' => $question['QID'], - 'question_nick' => UID2Nick($question['UID']), + 'question_nick' => User_Nick_render($user_source), 'question' => str_replace("\n", "<br />", $question['Question']), - 'answer_nick' => UID2Nick($question['AID']), + 'answer_nick' => User_Nick_render($answer_user_source), 'answer' => str_replace("\n", "<br />", $question['Answer']), 'link' => page_link_to("admin_questions"), )); + } return template_render('../templates/admin_questions.html', array ( 'link' => page_link_to("admin_questions"), diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 0c9f9bbe..58b2947e 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -26,38 +26,38 @@ function admin_user() { $html .= "<table>\n"; $html .= " <tr><td>Nick</td><td>" . "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" . - mysql_result($Erg, 0, "Nick") . "\"></td></tr>\n"; + $user_source['Nick'] . "\"></td></tr>\n"; $html .= " <tr><td>lastLogIn</td><td>" . - date("Y-m-d H:i", mysql_result($Erg, 0, "lastLogIn")) . "</td></tr>\n"; + date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n"; $html .= " <tr><td>Name</td><td>" . "<input type=\"text\" size=\"40\" name=\"eName\" value=\"" . - mysql_result($Erg, 0, "Name") . "\"></td></tr>\n"; + $user_source['Name'] . "\"></td></tr>\n"; $html .= " <tr><td>Vorname</td><td>" . "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" . - mysql_result($Erg, 0, "Vorname") . "\"></td></tr>\n"; + $user_source['Vorname'] . "\"></td></tr>\n"; $html .= " <tr><td>Alter</td><td>" . "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" . - mysql_result($Erg, 0, "Alter") . "\"></td></tr>\n"; + $user_source['Alter'] . "\"></td></tr>\n"; $html .= " <tr><td>Telefon</td><td>" . "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" . - mysql_result($Erg, 0, "Telefon") . "\"></td></tr>\n"; + $user_source['Telefon'] . "\"></td></tr>\n"; $html .= " <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . - mysql_result($Erg, 0, "Handy") . "\"></td></tr>\n"; + $user_source['Handy'] . "\"></td></tr>\n"; $html .= " <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . - mysql_result($Erg, 0, "DECT") . "\"></td></tr>\n"; + $user_source['DECT'] . "\"></td></tr>\n"; $html .= " <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . - mysql_result($Erg, 0, "email") . "\"></td></tr>\n"; + $user_source['email'] . "\"></td></tr>\n"; $html .= " <tr><td>ICQ</td><td>" . "<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"" . - mysql_result($Erg, 0, "ICQ") . "\"></td></tr>\n"; + $user_source['ICQ'] . "\"></td></tr>\n"; $html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . - mysql_result($Erg, 0, "jabber") . "\"></td></tr>\n"; + $user_source['jabber'] . "\"></td></tr>\n"; $html .= " <tr><td>Size</td><td>" . - html_select_key('size', 'eSize', $tshirt_sizes, mysql_result($Erg, 0, "Size")) . "</td></tr>\n"; + html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n"; $options = array ( '1' => "Yes", @@ -66,21 +66,21 @@ function admin_user() { // Gekommen? $html .= " <tr><td>Gekommen</td><td>\n"; - $html .= html_options('eGekommen', $options, mysql_result($Erg, 0, "Gekommen")) . "</td></tr>\n"; + $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n"; // Aktiv? $html .= " <tr><td>Aktiv</td><td>\n"; - $html .= html_options('eAktiv', $options, mysql_result($Erg, 0, "Aktiv")) . "</td></tr>\n"; + $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n"; // T-Shirt bekommen? $html .= " <tr><td>T-Shirt</td><td>\n"; - $html .= html_options('eTshirt', $options, mysql_result($Erg, 0, "Tshirt")) . "</td></tr>\n"; + $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n"; $html .= " <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . - mysql_result($Erg, 0, "Hometown") . "\"></td></tr>\n"; + $user_source['Hometown'] . "\"></td></tr>\n"; - $html .= "</table>\n</td><td valign=\"top\">" . displayavatar($id, false) . "</td></tr>"; + $html .= "</table>\n</td><td valign=\"top\">" . User_Avatar_render($user_source) . "</td></tr>"; $html .= "</td></tr>\n"; $html .= "</table>\n<br />\n"; @@ -113,7 +113,7 @@ function admin_user() { $selected_angel_types = array_unique($selected_angel_types); // Assign angel-types - sql_start_transaction(); + sql_transaction_start(); sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID'])); $user_angel_type_info = array(); if (!empty($selected_angel_types)) { @@ -131,7 +131,7 @@ function admin_user() { if (!empty($accepted_angel_types)) sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = '" . sql_escape($user['UID']) . "' WHERE `user_id` = '" . sql_escape($user_source['UID']) . "' AND `angeltype_id` IN (" . implode(',', $accepted_angel_types) . ")"); } - sql_stop_transaction(); + sql_transaction_commit(); engelsystem_log("Set angeltypes of " . User_Nick_render($user_source) . " to: " . join(", ", $user_angel_type_info)); success("Angeltypes saved."); diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index ed736cc7..fccc6f1d 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -1,107 +1,120 @@ <?php function user_unread_messages() { - global $user, $privileges; + global $user, $privileges; - if (in_array("user_messages", $privileges)) { - $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID'])); + if (in_array("user_messages", $privileges)) { + $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID'])); - if ($new_messages > 0) - return sprintf('<p class="info"><a href="%s">%s %s %s</a></p><hr />', page_link_to("user_messages"), Get_Text("pub_messages_new1"), $new_messages, Get_Text("pub_messages_new2")); - } + if ($new_messages > 0) + return sprintf('<p class="info"><a href="%s">%s %s %s</a></p><hr />', page_link_to("user_messages"), Get_Text("pub_messages_new1"), $new_messages, Get_Text("pub_messages_new2")); + } - return ""; + return ""; } function user_messages() { - global $user; - - if (!isset ($_REQUEST['action'])) { - $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`"); - - $to_select_data = array ( - "" => "Select recipient..." - ); - - foreach ($users as $u) - $to_select_data[$u['UID']] = $u['Nick']; - - $to_select = html_select_key('to', 'to', $to_select_data, ''); - - $messages_html = ""; - $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC"); - foreach ($messages as $message) { - - $messages_html .= sprintf('<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td>' . - '<td>%s</td>', ($message['isRead'] == 'N' ? ' class="new_message"' : ''), ($message['isRead'] == 'N' ? '•' : ''), date("Y-m-d H:i", $message['Datum']), UID2Nick($message['SUID']), UID2Nick($message['RUID']), str_replace("\n", '<br />', $message['Text'])); - - $messages_html .= '<td>'; - if ($message['RUID'] == $user['UID']) { - if ($message['isRead'] == 'N') - $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>'; - } else { - $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>'; - } - $messages_html .= '</td></tr>'; - } - - return template_render('../templates/user_messages.html', array ( - 'link' => page_link_to("user_messages"), - 'greeting' => Get_Text("Hello") . User_Nick_render($user) . ", <br />\n" . Get_Text("pub_messages_text1") . "<br /><br />\n", - 'messages' => $messages_html, - 'new_label' => Get_Text("pub_messages_Neu"), - 'date_label' => Get_Text("pub_messages_Datum"), - 'from_label' => Get_Text("pub_messages_Von"), - 'to_label' => Get_Text("pub_messages_An"), - 'text_label' => Get_Text("pub_messages_Text"), - 'date' => date("Y-m-d H:i"), - 'from' => User_Nick_render($user), - 'to_select' => $to_select, - 'submit_label' => Get_Text("save") - )); - } else { - switch ($_REQUEST['action']) { - case "read" : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing Message ID.", true); - - $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { - sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - redirect(page_link_to("user_messages")); - } else - return error("No Message found.", true); - break; - - case "delete" : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing Message ID.", true); - - $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { - sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - redirect(page_link_to("user_messages")); - } else - return error("No Message found.", true); - break; - - case "send" : - $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); - $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to'])); - if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { - sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); - redirect(page_link_to("user_messages")); - } else { - return error(Get_Text("pub_messages_Send_Error"), true); - } - break; - - default : - return error("Wrong action.", true); - } - } + global $user; + + if (!isset ($_REQUEST['action'])) { + $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`"); + + $to_select_data = array ( + "" => "Select recipient..." + ); + + foreach ($users as $u) + $to_select_data[$u['UID']] = $u['Nick']; + + $to_select = html_select_key('to', 'to', $to_select_data, ''); + + $messages_html = ""; + $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC"); + foreach ($messages as $message) { + $sender_user_source = User($message['SUID']); + if($sender_user_source === false) + engelsystem_error("Unable to load user."); + $receiver_user_source = User($message['RUID']); + if($receiver_user_source === false) + engelsystem_error("Unable to load user."); + + $messages_html .= sprintf( + '<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td><td>%s</td>', + ($message['isRead'] == 'N' ? ' class="new_message"' : ''), + ($message['isRead'] == 'N' ? '•' : ''), + date("Y-m-d H:i", $message['Datum']), + User_Nick_render($sender_user_source), + User_Nick_render($receiver_user_source), + str_replace("\n", '<br />', $message['Text']) + ); + + $messages_html .= '<td>'; + if ($message['RUID'] == $user['UID']) { + if ($message['isRead'] == 'N') + $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>'; + } else { + $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>'; + } + $messages_html .= '</td></tr>'; + } + + return template_render('../templates/user_messages.html', array ( + 'link' => page_link_to("user_messages"), + 'greeting' => Get_Text("Hello") . User_Nick_render($user) . ", <br />\n" . Get_Text("pub_messages_text1") . "<br /><br />\n", + 'messages' => $messages_html, + 'new_label' => Get_Text("pub_messages_Neu"), + 'date_label' => Get_Text("pub_messages_Datum"), + 'from_label' => Get_Text("pub_messages_Von"), + 'to_label' => Get_Text("pub_messages_An"), + 'text_label' => Get_Text("pub_messages_Text"), + 'date' => date("Y-m-d H:i"), + 'from' => User_Nick_render($user), + 'to_select' => $to_select, + 'submit_label' => Get_Text("save") + )); + } else { + switch ($_REQUEST['action']) { + case "read" : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Message ID.", true); + + $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { + sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + redirect(page_link_to("user_messages")); + } else + return error("No Message found.", true); + break; + + case "delete" : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Message ID.", true); + + $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { + sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + redirect(page_link_to("user_messages")); + } else + return error("No Message found.", true); + break; + + case "send" : + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); + $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to'])); + if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { + sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); + redirect(page_link_to("user_messages")); + } else { + return error(Get_Text("pub_messages_Send_Error"), true); + } + break; + + default : + return error("Wrong action.", true); + } + } } ?> diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index a8d819d0..481cf738 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -35,7 +35,12 @@ function display_news($news) { $html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">'; $html .= '<details>'; $html .= date("Y-m-d H:i", $news['Datum']) . ', '; - $html .= UID2Nick($news['UID']); + + $user_source = User($news['UID']); + if($user_source === false) + engelsystem_error("Unable to load user."); + + $html .= User_Nick_render($user_source); if ($p != "news_comments") $html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »</a>'; $html .= '</details>'; @@ -69,11 +74,15 @@ function user_news_comments() { $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); foreach ($comments as $comment) { + $user_source = User($comment['UID']); + if($user_source === false) + engelsystem_error("Unable to load user."); + $html .= '<article class="news_comment">'; - $html .= DisplayAvatar($comment['UID']); + $html .= User_Avatar_render($user_source); $html .= '<details>'; $html .= $comment['Datum'] . ', '; - $html .= UID2Nick($comment['UID']); + $html .= User_Nick_render($user_source); $html .= '</details>'; $html .= '<p>' . nl2br($comment['Text']) . '</p>'; $html .= '</article>'; diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index 5d55f647..97035546 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -12,7 +12,12 @@ function user_questions() { $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0 AND `UID`=" . sql_escape($user['UID'])); foreach ($questions as $question) { $answered_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td>'; - $answered_questions .= '<td>' . UID2Nick($question['AID']) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>'; + + $answer_user_source = User($question['AID']); + if($answer_user_source === false) + engelsystem_error("Unable to load user."); + + $answered_questions .= '<td>' . User_Nick_render($answer_user_source) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>'; $answered_questions .= '<td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Löschen</a></td><tr>'; } diff --git a/includes/pages/user_wakeup.php b/includes/pages/user_wakeup.php index c897d43e..63aff97c 100644 --- a/includes/pages/user_wakeup.php +++ b/includes/pages/user_wakeup.php @@ -1,86 +1,87 @@ <?php function user_wakeup() { - global $user; + global $user; - $html = ""; + $html = ""; - if (isset ($_REQUEST['action'])) { - switch ($_REQUEST['action']) { - case 'create' : - $date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']); - if ($date != null) { - $date = $date->getTimestamp(); - $bemerkung = strip_request_item_nl('Bemerkung'); - $ort = strip_request_item('Ort'); - $SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) " - . "VALUES ('" . sql_escape($user['UID']) . "', '" - . sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'" - . sql_escape($bemerkung) . "')"; - sql_query($SQL); - $html .= success(Get_Text(4), true); - } else - $html .= error("Broken date!", true); - break; + if (isset ($_REQUEST['action'])) { + switch ($_REQUEST['action']) { + case 'create' : + $date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']); + if ($date != null) { + $date = $date->getTimestamp(); + $bemerkung = strip_request_item_nl('Bemerkung'); + $ort = strip_request_item('Ort'); + $SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) " + . "VALUES ('" . sql_escape($user['UID']) . "', '" + . sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'" + . sql_escape($bemerkung) . "')"; + sql_query($SQL); + $html .= success(Get_Text(4), true); + } else + $html .= error("Broken date!", true); + break; - case 'delete' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing wake-up ID.", true); + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing wake-up ID.", true); - $wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); - if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) { - sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); - $html .= success("Wake-up call deleted.", true); - } else - return error("No wake-up found.", true); - break; - } - } + $wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) { + sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + $html .= success("Wake-up call deleted.", true); + } else + return error("No wake-up found.", true); + break; + } + } - $html .= "<p>" . Get_Text("Hello") . User_Nick_render($user) . ",<br />" - . Get_Text("pub_wake_beschreibung") . "</p>\n\n"; - $html .= Get_Text("pub_wake_beschreibung2"); - $html .= ' -<table border="0" width="100%" class="border" cellpadding="2" cellspacing="1"> + $html .= "<p>" . Get_Text("Hello") . User_Nick_render($user) . ",<br />" + . Get_Text("pub_wake_beschreibung") . "</p>\n\n"; + $html .= Get_Text("pub_wake_beschreibung2"); + $html .= ' + <table border="0" width="100%" class="border" cellpadding="2" cellspacing="1"> <tr class="contenttopic"> - <th>' . Get_Text("pub_wake_Datum") . '</th> - <th>' . Get_Text("pub_waeckliste_Nick") . '</th> - <th>' . Get_Text("pub_wake_Ort") . '</th> - <th>' . Get_Text("pub_wake_Bemerkung") . '</th> - <th></th> - </tr> -'; + <th>' . Get_Text("pub_wake_Datum") . '</th> + <th>' . Get_Text("pub_waeckliste_Nick") . '</th> + <th>' . Get_Text("pub_wake_Ort") . '</th> + <th>' . Get_Text("pub_wake_Bemerkung") . '</th> + <th></th> + </tr> + '; - $sql = "SELECT * FROM `Wecken` ORDER BY `Date` ASC"; - $Erg = sql_query($sql); - $count = mysql_num_rows($Erg); + $wecken_source = sql_select("SELECT * FROM `Wecken` ORDER BY `Date` ASC"); + foreach($wecken_source as $wecken) { + $html .= '<tr class="content">'; + $html .= '<td>' . date("Y-m-d H:i", $wecken['Date']) . ' </td>'; - for ($i = 0; $i < $count; $i++) { - $row = mysql_fetch_row($Erg); - $html .= '<tr class="content">'; - $html .= '<td>' . date("Y-m-d H:i", mysql_result($Erg, $i, "Date")) . ' </td>'; - $html .= '<td>' . UID2Nick(mysql_result($Erg, $i, "UID")) . ' </td>'; - $html .= '<td>' . mysql_result($Erg, $i, "Ort") . ' </td>'; - $html .= '<td>' . mysql_result($Erg, $i, "Bemerkung") . ' </td>'; - if (mysql_result($Erg, $i, "UID") == $user['UID']) - $html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . mysql_result($Erg, $i, "ID") . "\">" . Get_Text("pub_wake_del") . '</a></td>'; - else - $html .= '<td></td>'; - $html .= '</tr>'; - } + $user_source = User($wecken['UID']); + if($user_source === false) + engelsystem_error("Unable to load user."); - $html .= '</table><hr />' . Get_Text("pub_wake_Text2"); + $html .= '<td>' . User_Nick_render($user_source) . ' </td>'; + $html .= '<td>' . $wecken['Ort'] . ' </td>'; + $html .= '<td>' . $wecken['Bemerkung'] . ' </td>'; + if ($wecken['UID'] == $user['UID']) + $html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . $wecken['ID'] . "\">" . Get_Text("pub_wake_del") . '</a></td>'; + else + $html .= '<td></td>'; + $html .= '</tr>'; + } - $html .= template_render('../templates/user_wakeup.html', array ( - 'wakeup_link' => page_link_to("user_wakeup"), - 'date_text' => Get_Text("pub_wake_Datum"), - 'date_value' => date("Y-m-d H:i"), - 'place_text' => Get_Text("pub_wake_Ort"), - 'comment_text' => Get_Text("pub_wake_Bemerkung"), - 'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent", - 'submit_text' => Get_Text("pub_wake_bouton") - )); - return $html; + $html .= '</table><hr />' . Get_Text("pub_wake_Text2"); + + $html .= template_render('../templates/user_wakeup.html', array ( + 'wakeup_link' => page_link_to("user_wakeup"), + 'date_text' => Get_Text("pub_wake_Datum"), + 'date_value' => date("Y-m-d H:i"), + 'place_text' => Get_Text("pub_wake_Ort"), + 'comment_text' => Get_Text("pub_wake_Bemerkung"), + 'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent", + 'submit_text' => Get_Text("pub_wake_bouton") + )); + return $html; } ?> diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 4ca56632..a2fd98d8 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -31,8 +31,7 @@ function generate_salt($length = 16) { // set the password of a user function set_password($uid, $password) { - $res = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1"); - return $res && (mysql_affected_rows() > 0); + return sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1"); } // verify a password given a precomputed salt. @@ -72,8 +71,6 @@ function json_auth_service() { if (count($Erg) == 1) { $Erg = $Erg[0]; if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) { - $UID = mysql_result($Erg, 0, "UID"); - $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";"); foreach ($user_privs as $user_priv) $privileges[] = $user_priv['name']; diff --git a/includes/sys_lang.php b/includes/sys_lang.php deleted file mode 100644 index 3a043614..00000000 --- a/includes/sys_lang.php +++ /dev/null @@ -1,38 +0,0 @@ -<?php - - -/** - * Liste verfügbarer Sprachen - */ -$languages = array ( - 'DE' => "Deutsch", - 'EN' => "English" -); - -function Get_Text($TextID, $NoError = false) { - global $con, $error_messages, $debug; - - if (!isset ($_SESSION['Sprache'])) - $_SESSION['Sprache'] = "EN"; - if ($_SESSION['Sprache'] == "") - $_SESSION['Sprache'] = "EN"; - if (isset ($_GET["SetLanguage"])) - $_SESSION['Sprache'] = $_GET["SetLanguage"]; - - $SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='" . $_SESSION['Sprache'] . "'"; - @ $Erg = mysql_query($SQL, $con); - - if (mysql_num_rows($Erg) == 1) - return mysql_result($Erg, 0, "Text"); - elseif ($NoError && !$debug) - return ""; - elseif ($debug) - return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x"; - else - return $TextID; -} - -function Print_Text($TextID, $NoError = false) { - echo Get_Text($TextID, $NoError); -} -?> diff --git a/includes/sys_mysql.php b/includes/sys_mysql.php deleted file mode 100644 index 1315a4f6..00000000 --- a/includes/sys_mysql.php +++ /dev/null @@ -1,84 +0,0 @@ -<?php -function sql_connect($host, $user, $pw, $db) { - global $con; - global $host; - - @ $con = mysql_connect($host, $user, $pw); - - if ($con == null) - die("no mysql-connection"); - - if (!mysql_select_db($db, $con)) - die("mysql db-selection failed"); - - mysql_query("SET CHARACTER SET utf8;", $con); - mysql_query("SET NAMES 'utf8'", $con); -} - -// Do select query -function sql_select($query) { - global $con; - $start = microtime(true); - if ($result = mysql_query($query, $con)) { - $data = array (); - while ($line = mysql_fetch_assoc($result)) { - array_push($data, $line); - } - return $data; - } else { - print_r(debug_backtrace()); - die('MySQL-query error: ' . $query . ", " . mysql_error($con)); - } -} - -function sql_select_single_col($query) { - $result = sql_select($query); - return array_map('array_shift', $result); -} - -function sql_select_single_cell($query) { - return array_shift(array_shift(sql_select($query))); -} - -// Execute a query -function sql_query($query) { - global $con; - $start = microtime(true); - if ($result = mysql_query($query, $con)) { - return $result; - } else { - die('MySQL-query error: ' . $query . ", " . mysql_error($con)); - } -} - -function sql_id() { - global $con; - return mysql_insert_id($con); -} - -function sql_escape($query) { - return mysql_real_escape_string($query); -} - -function sql_num_query($query) { - return mysql_num_rows(sql_query($query)); -} - -function sql_error() { - global $con; - return mysql_error($con); -} - -$sql_transaction_counter = 0; -function sql_start_transaction() { - global $sql_transaction_counter; - if ($sql_transaction_counter++ == 0) - sql_query("START TRANSACTION"); -} - -function sql_stop_transaction() { - global $sql_transaction_counter; - if ($sql_transaction_counter-- == 1) - sql_query("COMMIT"); -} -?> diff --git a/includes/sys_page.php b/includes/sys_page.php index 06e41274..a49e76cb 100644 --- a/includes/sys_page.php +++ b/includes/sys_page.php @@ -46,59 +46,4 @@ function check_email($email) { return (bool) preg_match("#^([a-zA-Z0-9_+\-])+(\.([a-zA-Z0-9_+\-])+)*@((\[(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5]))\]))|((([\p{L}0-9])+(([\-])+([\p{L}0-9])+)*\.)+([\p{L}])+(([\-])+([\p{L}0-9])+)*))$#u", $email); } -/** - * Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher - */ -function msg() { - if (!isset ($_SESSION['msg'])) - return ""; - $msg = $_SESSION['msg']; - $_SESSION['msg'] = ""; - return $msg; -} - -/** - * Rendert eine Information - */ -function info($msg, $immediatly = false) { - if ($immediatly) { - if ($msg == "") - return ""; - return '<p class="info">' . $msg . '</p>'; - } else { - if (!isset ($_SESSION['msg'])) - $_SESSION['msg'] = ""; - $_SESSION['msg'] .= info($msg, true); - } -} - -/** - * Rendert eine Fehlermeldung - */ -function error($msg, $immediatly = false) { - if ($immediatly) { - if ($msg == "") - return ""; - return '<p class="error">' . $msg . '</p>'; - } else { - if (!isset ($_SESSION['msg'])) - $_SESSION['msg'] = ""; - $_SESSION['msg'] .= error($msg, true); - } -} - -/** - * Rendert eine Erfolgsmeldung - */ -function success($msg, $immediatly = false) { - if ($immediatly) { - if ($msg == "") - return ""; - return '<p class="success">' . $msg . '</p>'; - } else { - if (!isset ($_SESSION['msg'])) - $_SESSION['msg'] = ""; - $_SESSION['msg'] .= success($msg, true); - } -} ?> diff --git a/includes/sys_shift.php b/includes/sys_shift.php deleted file mode 100644 index 728e7a83..00000000 --- a/includes/sys_shift.php +++ /dev/null @@ -1,454 +0,0 @@ -<?php - - -/** - * Shiftlänge ausrechnen, kommt im Format 12:23h zurück - */ -function shift_length($shift) { - $length = round(($shift['end'] - $shift['start']) / (60 * 60), 0) . ":"; - $length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h"; - return $length; -} - -function load_shift_basics() { - global $VeranstaltungsTageMax, $Room, $RoomID, $EngelType, $EngelTypeID, $TID2Name, $Veranstaltungstage; - - // erstellt ein Array der Räume - $rooms = sql_select("SELECT `RID`, `Name` FROM `Room` WHERE `Show`='Y' ORDER BY `Number`, `Name`"); - foreach ($rooms as $i => $r) { - $Room[$i] = array ( - 'RID' => $r['RID'], - 'Name' => $r['Name'] - ); - $RoomID[$r['RID']] = $r['Name']; - } - - // erstellt ein Array der Engeltypen - $engel_types = sql_select("SELECT * FROM `EngelType` ORDER BY `name`"); - foreach ($engel_types as $engel_type) { - $EngelType[$i] = array ( - 'id' => $engel_type['id'], - 'name' => $engel_type['name'] . Get_Text("inc_schicht_engel") - ); - $EngelTypeID[$engel_type['id']] = $engel_type['name'] . Get_Text("inc_schicht_engel"); - $TID2Name[$engel_type['id']] = $engel_type['name']; - } - - // Erste Schicht suchen - $Pos = 0; - $first_shift = sql_select("SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1"); - if (count($first_shift) > 0) { - do { - // Startdatum einlesen und link ausgeben - $DateS = substr($first_shift[0]['DateS'], 0, 10); - $VeranstaltungsTage[$Pos++] = $DateS; - - // auslesen den endes und eventuelle weitere tage ausgeben - $last_shift = sql_select("SELECT MAX(`DateE`) FROM `Shifts` WHERE ( (`DateS` like '" . sql_escape($DateS) . "%') AND NOT (`DateE` like '%00:00:00'))"); - $DateE = substr($last_shift[0]['DateE'], 0, 10); - - if (strlen($DateE) == 0) - $DateE = $DateS; - else - while ($DateS != $DateE) { - $DateS = DatumUm1TagErhoehen($DateS); - $VeranstaltungsTage[$Pos++] = $DateS; - } - - // suchen den nächsten eintrag - $first_shift = sql_select("SELECT `DateS` FROM `Shifts` " . "WHERE (`DateS` > '" . sql_escape($DateE) . " 23:59:59' ) " . "ORDER BY `DateS` " . "LIMIT 1"); - } while (count($first_shift) > 0); - } - - $VeranstaltungsTageMax = $Pos -1; -} - -/*####################################################### -# gibt die engelschischten aus # -#######################################################*/ -function ausgabe_Feld_Inhalt($SID, $Man) { - // gibt, nach �bergabe der der SchichtID (SID) und der RaumBeschreibung, - // die eingetragenden und und offenden Schichteint�ge zur�ck - global $EngelType, $EngelTypeID, $TID2Name, $con, $debug, $gmdateOffset; - - $Spalten = ""; - - if (!isset ($_GET["Icon"])) - $_GET["Icon"] = 1; - - /////////////////////////////////////////////////////////////////// - // Schow Admin Page - /////////////////////////////////////////////////////////////////// - $Spalten .= funktion_isLinkAllowed_addLink_OrEmpty("admin/schichtplan.php?action=change&SID=$SID", "edit<br />\n"); - - /////////////////////////////////////////////////////////////////// - // Ausgabe des Schichtnamens - /////////////////////////////////////////////////////////////////// - $SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');"; - $Erg = mysql_query($SQL, $con); - if (mysql_result($Erg, 0, 0) != "") - $Spalten .= "<a href=\"" . mysql_result($Erg, 0, 0) . "\" target=\"_black\"><u>$Man:</u></a><br />"; - else - $Spalten .= "<u>" . - $Man . ":</u><br />"; - - /////////////////////////////////////////////////////////////////// - // SQL abfrage f�r die ben�tigten schichten - /////////////////////////////////////////////////////////////////// - $SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '" . sql_escape($SID) . "') ORDER BY `TID`, `UID` DESC ;"; - $Erg = mysql_query($SQL, $con); - - $Anzahl = mysql_num_rows($Erg); - $Feld = 0; - $Temp_TID_old = -1; - for ($i = 0; $i < $Anzahl; $i++) { - if (isset ($Temp[$Feld]["TID"])) - $Temp_TID_old = $Temp[$Feld]["TID"]; - if (isset ($Temp[$Feld]["UID"])) - $Temp_UID_old = $Temp[$Feld]["UID"]; - - $Temp_TID = mysql_result($Erg, $i, "TID"); - - // wenn sich der Type �ndert wird zumn�sten feld geweckselt - if ($Temp_TID_old != $Temp_TID) - $Feld++; - - $Temp[$Feld]["TID"] = $Temp_TID; - $Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID"); - - // sonderfall ersten durchlauf - if ($i == 0) { - $Temp_TID_old = $Temp[$Feld]["TID"]; - $Temp_UID_old = $Temp[$Feld]["UID"]; - } - - // ist es eine zu vergeben schicht? - if ($Temp[$Feld]["UID"] == 0) { - if (isset ($Temp[$Feld]["free"])) - $Temp[$Feld]["free"]++; - else - $Temp[$Feld]["free"] = 1; - } else - $Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"]; - } // FOR - - /////////////////////////////////////////////////////////////////// - // Aus gabe der Schicht - /////////////////////////////////////////////////////////////////// - if (isset ($Temp)) - if (count($Temp)) - foreach ($Temp as $TempEntry => $TempValue) { - if (!isset ($TempValue["free"])) - $TempValue["free"] = 0; - - // ausgabe EngelType - $Spalten .= $EngelTypeID[$TempValue["TID"]] . " "; - - // ausgabe Eingetragener Engel - if (isset ($TempValue["Engel"])) - if (count($TempValue["Engel"]) > 0) { - if (count($TempValue["Engel"]) == 1) - $Spalten .= Get_Text("inc_schicht_ist") . ":<br />\n"; - else - $Spalten .= Get_Text("inc_schicht_sind") . ":<br />\n"; - - foreach ($TempValue["Engel"] as $TempEngelEntry => $TempEngelID) { - if (funktion_isLinkAllowed("admin/user.php") === TRUE) { - // add color, wenn Engel "Gekommen" - $TempText = ((UIDgekommen($TempEngelID) == "1") ? "<span style=\"color: blue;\">" : "<span style=\"color: red;\">") . - UID2Nick($TempEngelID) . "</span>"; - } else { - $TempText = UID2Nick($TempEngelID); - } - - // add link to user - $TempText = funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal", $TempText); - - $Spalten .= " " . $TempText . - (($_GET["Icon"] == 1) ? DisplayAvatar($TempEngelID) : "") . - "<br />\n"; - - } - $Spalten = substr($Spalten, 0, strlen($Spalten) - 7); - } - - // ausgabe ben�tigter Engel - //////////////////////////// - //in vergangenheit - $SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='" . sql_escape($SID) . "' AND `DateE` >= '" . - gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "')"; - $Ergtime = mysql_query($SQLtime, $con); - if (mysql_num_rows($Ergtime) > 0) { - //wenn keien rechte definiert sind - if (!isset ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]])) - $_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] = "Y"; - - if ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] == "Y") - if ($TempValue["free"] > 0) { - $Spalten .= "<br />\n <a href=\"./schichtplan_add.php?SID=$SID&TID=" . - $TempValue["TID"] . "\">"; - $Spalten .= $TempValue["free"]; - if ($TempValue["free"] != 1) - $Spalten .= Get_Text("inc_schicht_weitere") . - " " . Get_Text("inc_schicht_Engel") . - Get_Text("inc_schicht_wird"); - else - $Spalten .= Get_Text("inc_schicht_weiterer") . - " " . Get_Text("inc_schicht_Engel") . - Get_Text("inc_schicht_werden"); - $Spalten .= Get_Text("inc_schicht_noch_gesucht"); - $Spalten .= "</a>"; - } - } else { - if (isset ($TempValue["free"])) - if ($TempValue["free"] > 0) - $Spalten .= "<br />\n <h3><a>Fehlen noch: " . - $TempValue["free"] . "</a></h3>"; - } - $Spalten .= "<br />\n"; - - } // FOREACH - return $Spalten; -} // function Ausgabe_Feld_Inhalt - -/*####################################################### -# gibt die engelschischten Druckergerecht aus # -#######################################################*/ -function Ausgabe_Feld_Inhalt_Druck($RID, $Man) { - // gibt, nach �bergabe der der SchichtID (SID) und der RaumBeschreibung, - // die eingetragenden und und offenden Schichteint�ge zur�ck - -} // function Ausgabe_Feld_Inhalt - -/*####################################################### -# Ausgabe der Raum Spalten # -#######################################################*/ -function CreateRoomShifts($raum) { - global $Spalten, $ausdatum, $con, $debug, $GlobalZeileProStunde, $error_messages; - - ///////////////////////////////////////////////////////////// - // beginnt die erste schicht vor dem heutigen tag und geht dar�ber hinaus - ///////////////////////////////////////////////////////////// - $SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " . - "WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` > '$ausdatum 23:59:59') AND " . - "(`DateS` < '" . sql_escape($ausdatum) . " 00:00:00') ) ORDER BY `DateS`;"; - $ErgSonder = mysql_query($SQLSonder, $con); - if ((mysql_num_rows($ErgSonder) > 1)) { - if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) { - echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> "; - for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) { - echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" . - mysql_result($ErgSonder, $i, "SID") . "\">" . - mysql_result($ErgSonder, $i, "DateS") . - " '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-24)" . - "</a><br />\n"; - } - } - } - elseif ((mysql_num_rows($ErgSonder) == 1)) { - $Spalten[0] .= "<td valign=\"top\" rowspan=\"" . (24 * $GlobalZeileProStunde) . "\">\n" . - "<h3>↑↑↑</h3>" . - Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) . - "<h3>↓↓↓</h3>" . - "\n</td>\n"; - return; - } - - $ZeitZeiger = 0; - - ///////////////////////////////////////////////////////////// - // beginnt die erste schicht vor dem heutigen tag? - ///////////////////////////////////////////////////////////// - $SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " . - "WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` > '" . sql_escape($ausdatum) . " 00:00:00') AND " . - "(`DateS` < '" . sql_escape($ausdatum) . " 00:00:00') ) ORDER BY `DateS`;"; - - $ErgSonder = mysql_query($SQLSonder, $con); - if ((mysql_num_rows($ErgSonder) > 1)) { - if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) { - echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> "; - for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) { - echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" . - mysql_result($ErgSonder, $i, "SID") . "\">" . - mysql_result($ErgSonder, $i, "DateS") . - " '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-xx)" . - "</a><br />\n"; - } - } - } - elseif ((mysql_num_rows($ErgSonder) == 1)) { - $ZeitZeiger = substr(mysql_result($ErgSonder, 0, "DateE"), 11, 2) + (substr(mysql_result($ErgSonder, 0, "DateE"), 14, 2) / 60); - $Spalten[0] .= "<td valign=\"top\" rowspan=\"" . ($ZeitZeiger * $GlobalZeileProStunde) . "\">\n" . - "<h3>↑↑↑</h3>" . - Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) . - "\n</td>\n"; - } - - ///////////////////////////////////////////////////////////// - // gibt die schichten f�r den tag aus - ///////////////////////////////////////////////////////////// - $SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " . - "WHERE ((`RID` = '" . sql_escape($raum) . "') and " . - "(`DateS` >= '" . sql_escape($ausdatum) . ' ' . sql_escape($ZeitZeiger) . ":00:00') and " . - "(`DateS` like '" . sql_escape($ausdatum) . "%')) ORDER BY `DateS`;"; - $Erg = mysql_query($SQL, $con); - for ($i = 0; $i < mysql_num_rows($Erg); ++ $i) { - $ZeitPos = substr(mysql_result($Erg, $i, "DateS"), 11, 2) + (substr(mysql_result($Erg, $i, "DateS"), 14, 2) / 60); - $len = mysql_result($Erg, $i, "Len"); - - if ($len <= 0) - array_push($error_messages, "Error in shift denition SID=" . mysql_result($Erg, $i, "SID") . " Len=$len"); - - if ($ZeitZeiger < $ZeitPos) { - $Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "<td valign=\"top\" rowspan=\"" . (($ZeitPos - $ZeitZeiger) * $GlobalZeileProStunde) . "\"> </td>\n"; - - $ZeitZeiger += $ZeitPos - $ZeitZeiger; - } - if ($ZeitZeiger == $ZeitPos) { - //sonderfall wenn die schicht �ber dei 24 stunden hinaus geht - // (eintrag abk�rzen, pfeiel ausgeben) - $Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "<td valign=\"top\" rowspan=\"" . - ((($len + $ZeitZeiger) ? $len : 24 - $len + $ZeitZeiger) * $GlobalZeileProStunde) . - "\">\n" . - "" . - Ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) . - ((($ZeitZeiger + $len) > 24) ? "<h3>↓↓↓</h3>" : "") . - "\n</td>\n"; - $ZeitZeiger += $len; - } else { - echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> "; - echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" . - mysql_result($Erg, $i, "SID") . "\">" . - mysql_result($Erg, $i, "DateS") . - " '" . mysql_result($Erg, $i, "Man") . "' " . - " (" . mysql_result($Erg, $i, "SID") . " R$raum) (xx-xx)</a><br /><br />"; - } - } - if ($ZeitZeiger < 24) - $Spalten[($ZeitZeiger * $GlobalZeileProStunde)] .= "<td valign=\"top\" rowspan=\"" . - ((24 - $ZeitZeiger) * $GlobalZeileProStunde) . - "\"> </td>\n"; -} // function CreateRoomShifts - -/*####################################################### -# Ausgabe der freien schichten # -#######################################################*/ -function showEmptyShifts() { - global $con, $debug, $RoomID, $gmdateOffset; - - echo "<table border=\"1\">\n"; - echo "<tr>\n"; - echo "<th>" . Get_Text("inc_schicht_date") . "</th>\n"; - echo "<th>" . Get_Text("inc_schicht_time") . "</th>\n"; - echo "<th>" . Get_Text("inc_schicht_room") . "</th>\n"; - echo "<th>" . Get_Text("inc_schicht_commend") . "</th>\n"; - echo "</tr>\n"; - - $sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` " . - "WHERE (`Shifts`.`DateS`>='" . gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "') " . - "ORDER BY `DateS`, `RID`;"; - $Erg = mysql_query($sql, $con); - - $angezeigt = 0; - for ($i = 0;($i < mysql_num_rows($Erg)) && ($angezeigt < 15); $i++) - if (isset ($RoomID[mysql_result($Erg, $i, "RID")])) - if ($RoomID[mysql_result($Erg, $i, "RID")] != "") { - $Sql2 = "SELECT `UID` FROM `ShiftEntry` " . - "WHERE `SID`=" . mysql_result($Erg, $i, "SID") . " AND " . - "`UID`='0';"; - $Erg2 = mysql_query($Sql2, $con); - - if (mysql_num_rows($Erg2) > 0) { - $angezeigt++; - echo "<tr>\n"; - echo "<td>" . substr(mysql_result($Erg, $i, "DateS"), 0, 10) . "</td>\n"; - echo "<td>" . substr(mysql_result($Erg, $i, "DateS"), 11) . "</td>\n"; - echo "<td>" . $RoomID[mysql_result($Erg, $i, "RID")] . "</td>\n"; - echo "<td>" . - ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) . - "</td>\n"; - echo "</tr>\n"; - } - } - - echo "</table>\n"; - -} //function showEmptyShifts - -/*####################################################### -# Gibt die anzahl der Schichten im Raum zur�ck # -#######################################################*/ -function SummRoomShifts($raum) { - global $ausdatum, $con, $debug, $GlobalZeileProStunde; - - $SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " . - "WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` >= '$ausdatum 00:00:00') AND " . - "(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;"; - - $ErgSonder = mysql_query($SQLSonder, $con); - - return mysql_num_rows($ErgSonder); -} - -function DatumUm1TagErhoehen($Datum) { - $Jahr = substr($Datum, 0, 4); - $Monat = substr($Datum, 5, 2); - $Tag = substr($Datum, 8, 2); - - $Tag++; - - switch ($Monat) { - case 1 : - $Mmax = 31; - break; - case 2 : - $Mmax = 28; - break; - case 3 : - $Mmax = 31; - break; - case 4 : - $Mmax = 30; - break; - case 5 : - $Mmax = 31; - break; - case 6 : - $Mmax = 30; - break; - case 7 : - $Mmax = 31; - break; - case 8 : - $Mmax = 31; - break; - case 9 : - $Mmax = 30; - break; - case 10 : - $Mmax = 31; - break; - case 11 : - $Mmax = 30; - break; - case 12 : - $Mmax = 31; - break; - } - - if ($Tag > $Mmax) { - $Tag = 1; - $Monat++; - } - - if ($Monat > 12) { - $Monat = 1; - $Jahr++; - } - - $Tag = strlen($Tag) == 1 ? "0" . $Tag : $Tag; - $Monat = strlen($Monat) == 1 ? "0" . $Monat : $Monat; - - return ("$Jahr-$Monat-$Tag"); -} -?> diff --git a/includes/sys_template.php b/includes/sys_template.php index a120bb2d..e15af7f8 100644 --- a/includes/sys_template.php +++ b/includes/sys_template.php @@ -5,17 +5,17 @@ * Liste der verfügbaren Themes */ $themes = array ( - "1" => "Standard-Style", - "2" => "ot/Gelber Style", - "3" => "Club-Mate Style", - "5" => "Debian Style", - "6" => "c-base Style", - "7" => "Blau/Gelber Style", - "8" => "Pastel Style", - "4" => "Test Style", - "9" => "Test Style 21c3", - "10" => "Engelsystem 2.0", - "11" => "msquare (29c3)" + "1" => "Standard-Style", + "2" => "ot/Gelber Style", + "3" => "Club-Mate Style", + "5" => "Debian Style", + "6" => "c-base Style", + "7" => "Blau/Gelber Style", + "8" => "Pastel Style", + "4" => "Test Style", + "9" => "Test Style 21c3", + "10" => "Engelsystem 2.0", + "11" => "msquare (29c3)" ); /** @@ -26,14 +26,14 @@ $themes = array ( * @param selected Array mit den Keys, die ausgewählt sind */ function form_checkboxes($name, $label, $items, $selected) { - $html = "<ul>"; - foreach ($items as $key => $item) { - $id = $name . '_' . $key; - $sel = array_search($key, $selected) !== false ? ' checked="checked"' : ""; - $html .= '<li><input type="checkbox" id="' . $id . '" name="' . $id . '" value="checked"' . $sel . ' /><label for="' . $id . '">' . $item . '</label></li>'; - } - $html .= "</ul>"; - return form_element($label, $html); + $html = "<ul>"; + foreach ($items as $key => $item) { + $id = $name . '_' . $key; + $sel = array_search($key, $selected) !== false ? ' checked="checked"' : ""; + $html .= '<li><input type="checkbox" id="' . $id . '" name="' . $id . '" value="checked"' . $sel . ' /><label for="' . $id . '">' . $item . '</label></li>'; + } + $html .= "</ul>"; + return form_element($label, $html); } /** @@ -45,197 +45,223 @@ function form_checkboxes($name, $label, $items, $selected) { * @param disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind */ function form_multi_checkboxes($names, $label, $items, $selected, $disabled = array()) { - $html = "<table><thead><tr>"; - foreach ($names as $title) - $html .= "<th>$title</th>"; - $html .= "</tr></thead><tbody>"; - foreach ($items as $key => $item) { - $html .= "<tr>"; - foreach ($names as $name => $title) { - $id = $name . '_' . $key; - $sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : ""; - if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) - $sel .= ' disabled="disabled"'; - $html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>'; - } - $html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>'; - } - $html .= "</tbody></table>"; - return form_element($label, $html); + $html = "<table><thead><tr>"; + foreach ($names as $title) + $html .= "<th>$title</th>"; + $html .= "</tr></thead><tbody>"; + foreach ($items as $key => $item) { + $html .= "<tr>"; + foreach ($names as $name => $title) { + $id = $name . '_' . $key; + $sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : ""; + if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) + $sel .= ' disabled="disabled"'; + $html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>'; + } + $html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>'; + } + $html .= "</tbody></table>"; + return form_element($label, $html); } /** * Rendert eine Checkbox */ function form_checkbox($name, $label, $selected, $value = 'checked') { - return form_element("", '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /><label for="' . $name . '">' . $label . '</label>'); + return form_element("", '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /><label for="' . $name . '">' . $label . '</label>'); } /** * Rendert einen Infotext in das Formular */ function form_info($label, $text) { - return form_element($label, $text, ""); + return form_element($label, $text, ""); } /** * Rendert den Absenden-Button eines Formulars */ function form_submit($name, $label) { - return form_element('<input class="button save ' . $name . '" type="submit" name="' . $name . '" value="' . $label . '" />', ""); + return form_element('<input class="button save ' . $name . '" type="submit" name="' . $name . '" value="' . $label . '" />', ""); } /** * Rendert ein Formular-Textfeld */ function form_text($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . $value . '" ' . $disabled . '/>', 'form_' . $name); + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . $value . '" ' . $disabled . '/>', 'form_' . $name); } /** * Rendert ein Formular-Passwortfeld */ function form_password($name, $label, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '<input id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name); + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '<input id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name); } /** * Rendert ein Formular-Textfeld */ function form_textarea($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '<textarea id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name); + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '<textarea id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name); } /** * Rendert ein Formular-Auswahlfeld */ function form_select($name, $label, $values, $selected) { - return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name); + return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name); } /** * Rendert ein Formular-Element */ function form_element($label, $input, $for = "") { - return '<div class="form_element">' . '<label for="' . $for . '" class="form_label">' . $label . '</label><div class="form_input">' . $input . '</div></div>'; + return '<div class="form_element">' . '<label for="' . $for . '" class="form_label">' . $label . '</label><div class="form_input">' . $input . '</div></div>'; } /** * Rendert ein Formular */ function form($elements, $action = "") { - return '<form action="' . $action . '" enctype="multipart/form-data" method="post"><div class="form">' . join($elements) . '</div></form>'; + return '<form action="' . $action . '" enctype="multipart/form-data" method="post"><div class="form">' . join($elements) . '</div></form>'; } /** * Generiert HTML Code für eine "Seite". Fügt dazu die übergebenen Elemente zusammen. */ function page($elements) { - return join($elements); + return join($elements); } /** * Rendert eine Datentabelle */ function table($columns, $rows, $data = true) { - if (count($rows) == 0) - return info("No data available.", true); - $html = ""; - $html .= '<table' . ($data ? ' class="data"' : '') . '>'; - $html .= '<thead><tr>'; - foreach ($columns as $key => $column) - $html .= '<th class="' . $key . '">' . $column . '</th>'; - $html .= '</tr></thead>'; - $html .= '<tbody>'; - foreach ($rows as $row) { - $html .= '<tr>'; - foreach ($columns as $key => $column) - if (isset ($row[$key])) - $html .= '<td class="' . $key . '">' . $row[$key] . '</td>'; - else - $html .= '<td class="' . $key . '"> </td>'; - $html .= '</tr>'; - } - $html .= '</tbody>'; - $html .= '</table>'; - return $html; + if (count($rows) == 0) + return info("No data available.", true); + $html = ""; + $html .= '<table' . ($data ? ' class="data"' : '') . '>'; + $html .= '<thead><tr>'; + foreach ($columns as $key => $column) + $html .= '<th class="' . $key . '">' . $column . '</th>'; + $html .= '</tr></thead>'; + $html .= '<tbody>'; + foreach ($rows as $row) { + $html .= '<tr>'; + foreach ($columns as $key => $column) + if (isset ($row[$key])) + $html .= '<td class="' . $key . '">' . $row[$key] . '</td>'; + else + $html .= '<td class="' . $key . '"> </td>'; + $html .= '</tr>'; + } + $html .= '</tbody>'; + $html .= '</table>'; + return $html; } /** * Rendert einen Knopf */ function button($href, $label, $class = "") { - return '<a href="' . $href . '" class="button ' . $class . '">' . $label . '</a>'; + return '<a href="' . $href . '" class="button ' . $class . '">' . $label . '</a>'; } /** * Rendert eine Toolbar mit Knöpfen */ function buttons($buttons = array ()) { - return '<div class="toolbar">' . join(' ', $buttons) . '</div>'; + return '<div class="toolbar">' . join(' ', $buttons) . '</div>'; } // Load and render template function template_render($file, $data) { - if (file_exists($file)) { - $template = file_get_contents($file); - if (is_array($data)) - foreach ($data as $name => $content) { - $template = str_replace("%" . $name . "%", $content, $template); - } - return $template; - } else { - die('Cannot find template file «' . $file . '».'); - } + if (file_exists($file)) { + $template = file_get_contents($file); + if (is_array($data)) + foreach ($data as $name => $content) { + $template = str_replace("%" . $name . "%", $content, $template); + } + return $template; + } else { + die('Cannot find template file «' . $file . '».'); + } } function shorten($str) { - if (strlen($str) < 50) - return $str; - return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, 47) . '...</span>'; + if (strlen($str) < 50) + return $str; + return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, 47) . '...</span>'; } function table_body($array) { - $html = ""; - foreach ($array as $line) { - $html .= "<tr>"; - if (is_array($line)) { - foreach ($line as $td) - $html .= "<td>" . $td . "</td>"; - } else { - $html .= "<td>" . $line . "</td>"; - } - $html .= "</tr>"; - } - return $html; + $html = ""; + foreach ($array as $line) { + $html .= "<tr>"; + if (is_array($line)) { + foreach ($line as $td) + $html .= "<td>" . $td . "</td>"; + } else { + $html .= "<td>" . $line . "</td>"; + } + $html .= "</tr>"; + } + return $html; } function html_options($name, $options, $selected = "") { - $html = ""; - foreach ($options as $value => $label) - $html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label; + $html = ""; + foreach ($options as $value => $label) + $html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label; - return $html; + return $html; } function html_select_key($id, $name, $rows, $selected) { - $html = '<select id="' . $id . '" name="' . $name . '">'; - foreach ($rows as $key => $row) { - if (($key == $selected) || ($row == $selected)) { - $html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>'; - } else { - $html .= '<option value="' . $key . '">' . $row . '</option>'; - } - } - $html .= '</select>'; - return $html; + $html = '<select id="' . $id . '" name="' . $name . '">'; + foreach ($rows as $key => $row) { + if (($key == $selected) || ($row == $selected)) { + $html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>'; + } else { + $html .= '<option value="' . $key . '">' . $row . '</option>'; + } + } + $html .= '</select>'; + return $html; } function img_button($link, $icon, $text, $extra_text = '') { - $translation = empty($text)? '' : Get_Text($text); - return '<a href="' . htmlspecialchars($link) . '"><img src="pic/icons/' . htmlspecialchars($icon) . '.png" alt="' . $translation . '" ' . (empty($translation)? '' : 'title="' . $translation . '"') . '>' . (empty($extra_text)? '' : ' ' . $extra_text) . '</a>'; + $translation = empty($text)? '' : Get_Text($text); + return '<a href="' . htmlspecialchars($link) . '"><img src="pic/icons/' . htmlspecialchars($icon) . '.png" alt="' . $translation . '" ' . (empty($translation)? '' : 'title="' . $translation . '"') . '>' . (empty($extra_text)? '' : ' ' . $extra_text) . '</a>'; +} + + +function ReplaceSmilies($neueckig) { + $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig); + $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig); + $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig); + $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig); + $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig); + $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); + $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); + $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); + $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig); + $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); + $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); + $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); + $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig); + $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig); + $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); + $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); + $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); + $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig); + $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig); + $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig); + + return $neueckig; } ?> diff --git a/includes/sys_user.php b/includes/sys_user.php deleted file mode 100644 index 53976f5a..00000000 --- a/includes/sys_user.php +++ /dev/null @@ -1,133 +0,0 @@ -<?php - -function User_Nick_render($user_source) { - global $user, $privileges; - if($user['UID'] == $user_source['UID'] || in_array('user_shifts_admin', $privileges)) - return '<a href="' . page_link_to('user_myshifts') . '&id=' . $user_source['UID'] . '">' . htmlspecialchars($user_source['Nick']) . '</a>'; - else - return htmlspecialchars($user_source['Nick']); -} - - -/** - * Available T-Shirt sizes - */ -$tshirt_sizes = array ( - '' => "Please select...", - 'S' => "S", - 'M' => "M", - 'L' => "L", - 'XL' => "XL", - '2XL' => "2XL", - '3XL' => "3XL", - '4XL' => "4XL", - '5XL' => "5XL", - 'S-G' => "S Girl", - 'M-G' => "M Girl", - 'L-G' => "L Girl", - 'XL-G' => "XL Girl" -); - -function UID2Nick($UID) { - if ($UID > 0) - $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'"; - else - $SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'"; - - $Erg = sql_select($SQL); - - if (count($Erg) > 0) { - if ($UID > 0) - return $Erg[0]['Nick']; - else - return "Group-" . $Erg[0]['Name']; - } else { - if ($UID == -1) - return "Guest"; - else - return "UserID $UID not found"; - } -} - -function TID2Type($TID) { - global $con; - - $SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'"; - $Erg = mysql_query($SQL, $con); - - if (mysql_num_rows($Erg)) - return mysql_result($Erg, 0); - else - return ""; -} - -function ReplaceSmilies($neueckig) { - $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig); - $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig); - $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig); - $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig); - $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig); - $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); - $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); - $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); - $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig); - $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); - $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); - $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); - $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig); - $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig); - $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); - $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); - $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); - $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig); - $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig); - $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig); - - return $neueckig; -} - -function GetPictureShow($UID) { - global $con; - - $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'"; - $res = mysql_query($SQL, $con); - - if (mysql_num_rows($res) == 1) - return mysql_result($res, 0, 0); - else - return ""; -} - -function displayPicture($UID, $height = "30") { - global $url, $ENGEL_ROOT; - - if ($height > 0) - return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>"); - else - return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>"); -} - -function displayavatar($UID, $height = "30") { - global $con, $url, $ENGEL_ROOT; - - if (GetPictureShow($UID) == 'Y') - return " " . displayPicture($UID, $height); - - $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1"); - if (count($user) > 0) - if ($user[0]['Avatar'] > 0) - return '<div class="avatar">' . (" <img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>'; -} - -function UIDgekommen($UID) { - global $con; - - $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'"; - $Erg = mysql_query($SQL, $con); - - if (mysql_num_rows($Erg)) - return mysql_result($Erg, 0); - else - return "0"; -} -?> diff --git a/includes/view/Shifts_view.php b/includes/view/Shifts_view.php new file mode 100644 index 00000000..824f519a --- /dev/null +++ b/includes/view/Shifts_view.php @@ -0,0 +1,11 @@ +<?php +/** + * Calc shift length in format 12:23h. + * @param Shift $shift + */ +function shift_length($shift) { + $length = round(($shift['end'] - $shift['start']) / (60 * 60), 0) . ":"; + $length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h"; + return $length; +} +?>
\ No newline at end of file diff --git a/includes/view/Sprache_view.php b/includes/view/Sprache_view.php new file mode 100644 index 00000000..88c7435c --- /dev/null +++ b/includes/view/Sprache_view.php @@ -0,0 +1,36 @@ +<?php +/** + * Names of available languages. + */ +$languages = array ( + 'DE' => "Deutsch", + 'EN' => "English" +); + +/** + * Display acutual translation of given text id. + * @param string $TextID + * @param bool $NoError + * @return string + */ +function Get_Text($TextID, $NoError = false) { + global $debug; + + if (!isset ($_SESSION['Sprache'])) + $_SESSION['Sprache'] = "EN"; + if ($_SESSION['Sprache'] == "") + $_SESSION['Sprache'] = "EN"; + if (isset ($_GET["SetLanguage"])) + $_SESSION['Sprache'] = $_GET["SetLanguage"]; + + $sprache_source = Sprache($TextID, $_SESSION['Sprache']); + if($sprache_source === false) + engelsystem_error("Unable to load text key."); + if($sprache_source == null) { + if($NoError && !$debug) + return ""; + return $TextID; + } + return $sprache_source['Text']; +} +?>
\ No newline at end of file diff --git a/includes/view/User_view.php b/includes/view/User_view.php new file mode 100644 index 00000000..eb69b8c4 --- /dev/null +++ b/includes/view/User_view.php @@ -0,0 +1,45 @@ +<?php + +/** + * Available T-Shirt sizes + */ +$tshirt_sizes = array ( + '' => "Please select...", + 'S' => "S", + 'M' => "M", + 'L' => "L", + 'XL' => "XL", + '2XL' => "2XL", + '3XL' => "3XL", + '4XL' => "4XL", + '5XL' => "5XL", + 'S-G' => "S Girl", + 'M-G' => "M Girl", + 'L-G' => "L Girl", + 'XL-G' => "XL Girl" +); + +/** + * Render a users avatar. + * @param User $user + * @return string + */ +function User_Avatar_render($user) { + return '<div class="avatar"> <img src="pic/avatar/avatar' . $user['Avatar'] . '.gif"></div>'; +} + +/** + * Render a user nickname. + * @param User $user_source + * @return string + */ +function User_Nick_render($user_source) { + global $user, $privileges; + if($user['UID'] == $user_source['UID'] || in_array('user_shifts_admin', $privileges)) + return '<a href="' . page_link_to('user_myshifts') . '&id=' . $user_source['UID'] . '">' . htmlspecialchars($user_source['Nick']) . '</a>'; + else + return htmlspecialchars($user_source['Nick']); +} + + +?>
\ No newline at end of file |