diff options
-rw-r--r-- | includes/helper/graph_helper.php | 6 | ||||
-rw-r--r-- | includes/model/AngelType_model.php | 6 | ||||
-rw-r--r-- | includes/model/Message_model.php | 16 | ||||
-rw-r--r-- | includes/model/Room_model.php | 6 | ||||
-rw-r--r-- | includes/model/Shifts_model.php | 14 | ||||
-rw-r--r-- | includes/model/User_model.php | 12 | ||||
-rw-r--r-- | includes/pages/admin_active.php | 24 | ||||
-rw-r--r-- | includes/pages/admin_arrive.php | 12 | ||||
-rw-r--r-- | includes/pages/admin_groups.php | 26 | ||||
-rw-r--r-- | includes/pages/admin_news.php | 12 | ||||
-rw-r--r-- | includes/pages/admin_questions.php | 12 | ||||
-rw-r--r-- | includes/pages/admin_rooms.php | 22 | ||||
-rw-r--r-- | includes/pages/admin_user.php | 34 | ||||
-rw-r--r-- | includes/pages/user_messages.php | 12 | ||||
-rw-r--r-- | includes/pages/user_myshifts.php | 18 | ||||
-rw-r--r-- | includes/pages/user_questions.php | 6 | ||||
-rw-r--r-- | includes/sys_template.php | 30 | ||||
-rw-r--r-- | public/index.php | 84 |
18 files changed, 176 insertions, 176 deletions
diff --git a/includes/helper/graph_helper.php b/includes/helper/graph_helper.php index 180d1ef9..42a6c07a 100644 --- a/includes/helper/graph_helper.php +++ b/includes/helper/graph_helper.php @@ -7,7 +7,7 @@ * @param unknown $colors colors for the data rows * @param unknown $data the data */ -function bargraph($id, $key, $row_names, $colors, $data) { +function bargraph($dom_id, $key, $row_names, $colors, $data) { $labels = []; foreach ($data as $dataset) { $labels[] = $dataset[$key]; @@ -26,10 +26,10 @@ function bargraph($id, $key, $row_names, $colors, $data) { ]; } - return '<canvas id="' . $id . '" style="width: 100%; height: 300px;"></canvas> + return '<canvas id="' . $dom_id . '" style="width: 100%; height: 300px;"></canvas> <script type="text/javascript"> $(function(){ - var ctx = $("#' . $id . '").get(0).getContext("2d"); + var ctx = $("#' . $dom_id . '").get(0).getContext("2d"); var chart = new Chart(ctx).Bar(' . json_encode([ 'labels' => $labels, 'datasets' => $datasets diff --git a/includes/model/AngelType_model.php b/includes/model/AngelType_model.php index 47c13667..21ab3bf2 100644 --- a/includes/model/AngelType_model.php +++ b/includes/model/AngelType_model.php @@ -133,11 +133,11 @@ function AngelType_ids() { /** * Returns angelType by id. * - * @param $id angelType + * @param $angeltype_id angelType * ID */ -function AngelType($id) { - $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); +function AngelType($angeltype_id) { + $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "' LIMIT 1"); if ($angelType_source === false) { return false; } diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php index 92b76a80..0195fbea 100644 --- a/includes/model/Message_model.php +++ b/includes/model/Message_model.php @@ -10,11 +10,11 @@ function Message_ids() { /** * Returns message by id. * - * @param $id message + * @param $message_id message * ID */ -function Message($id) { - $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); +function Message($message_id) { + $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); if ($message_source === false) { return false; } @@ -29,19 +29,19 @@ function Message($id) { * TODO: global $user con not be used in model! * send message * - * @param $id User + * @param $receiver_user_id User * ID of Reciever * @param $text Text * of Message */ -function Message_send($id, $text) { +function Message_send($receiver_user_id, $text) { global $user; $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text)); - $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id)); + $receiver_user_id = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($receiver_user_id)); - if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($to) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) { - sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($to) . "', `Text`='" . sql_escape($text) . "'"); + if (($text != "" && is_numeric($receiver_user_id)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($receiver_user_id) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) { + sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($receiver_user_id) . "', `Text`='" . sql_escape($text) . "'"); return true; } else { return false; diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php index 1768b61b..4d03260a 100644 --- a/includes/model/Room_model.php +++ b/includes/model/Room_model.php @@ -34,10 +34,10 @@ function Room_create($name, $from_frab, $public) { /** * Returns room by id. * - * @param $id RID + * @param $room_id RID */ -function Room($id) { - $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($id) . "' AND `show` = 'Y'"); +function Room($room_id) { + $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($room_id) . "' AND `show` = 'Y'"); if ($room_source === false) { return false; diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index cca5139d..2f90ae48 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -229,16 +229,16 @@ function Shifts_filtered() { /** * Returns Shift by id. * - * @param $id Shift + * @param $shift_id Shift * ID */ -function Shift($id) { +function Shift($shift_id) { $shifts_source = sql_select(" SELECT `Shifts`.*, `ShiftTypes`.`name` FROM `Shifts` JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) - WHERE `SID`='" . sql_escape($id) . "'"); - $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($id) . "'"); + WHERE `SID`='" . sql_escape($shift_id) . "'"); + $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift_id) . "'"); if ($shifts_source === false) { return false; @@ -249,14 +249,14 @@ function Shift($id) { $result['ShiftEntry'] = $shiftsEntry_source; $result['NeedAngels'] = []; - $temp = NeededAngelTypes_by_shift($id); + $temp = NeededAngelTypes_by_shift($shift_id); foreach ($temp as $e) { - $result['NeedAngels'][] = array( + $result['NeedAngels'][] = [ 'TID' => $e['angel_type_id'], 'count' => $e['count'], 'restricted' => $e['restricted'], 'taken' => $e['taken'] - ); + ]; } return $result; diff --git a/includes/model/User_model.php b/includes/model/User_model.php index 3d5416da..7f9170df 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -160,10 +160,10 @@ function User_validate_Nick($nick) { /** * Returns user by id. * - * @param $id UID + * @param $user_id UID */ -function User($id) { - $user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); +function User($user_id) { + $user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); if ($user_source === false) { return false; } @@ -177,10 +177,10 @@ function User($id) { * TODO: Merge into normal user function * Returns user by id (limit informations. * - * @param $id UID + * @param $user_id UID */ -function mUser_Limit($id) { - $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber` FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); +function mUser_Limit($user_id) { + $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber` FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); if ($user_source === false) { return false; } diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index 83f99d5a..733bd506 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -63,40 +63,40 @@ function admin_active() { } if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) { - $id = $_REQUEST['active']; - $user_source = User($id); + $user_id = $_REQUEST['active']; + $user_source = User($user_id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " is active now."); $msg = success(_("Angel has been marked as active."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) { - $id = $_REQUEST['not_active']; - $user_source = User($id); + $user_id = $_REQUEST['not_active']; + $user_source = User($user_id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now."); $msg = success(_("Angel has been marked as not active."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) { - $id = $_REQUEST['tshirt']; - $user_source = User($id); + $user_id = $_REQUEST['tshirt']; + $user_source = User($user_id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now."); $msg = success(_("Angel has got a t-shirt."), true); } else { $msg = error("Angel not found.", true); } } elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) { - $id = $_REQUEST['not_tshirt']; - $user_source = User($id); + $user_id = $_REQUEST['not_tshirt']; + $user_source = User($user_id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt."); $msg = success(_("Angel has got no t-shirt."), true); } else { diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index 932929c2..4a1ee8d7 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -12,10 +12,10 @@ function admin_arrive() { } if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) { - $id = $_REQUEST['reset']; - $user_source = User($id); + $user_id = $_REQUEST['reset']; + $user_source = User($user_id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); engelsystem_log("User set to not arrived: " . User_Nick_render($user_source)); success(_("Reset done. Angel has not arrived.")); redirect(user_link($user_source)); @@ -23,10 +23,10 @@ function admin_arrive() { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) { - $id = $_REQUEST['arrived']; - $user_source = User($id); + $user_id = $_REQUEST['arrived']; + $user_source = User($user_id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); engelsystem_log("User set has arrived: " . User_Nick_render($user_source)); success(_("Angel has been marked as arrived.")); redirect(user_link($user_source)); diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index d26e6de7..69b6bf39 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -35,15 +35,15 @@ function admin_groups() { switch ($_REQUEST["action"]) { case 'edit': if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $group_id = $_REQUEST['id']; } else { return error("Incomplete call, missing Groups ID.", true); } - $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); - if (count($room) > 0) { - list($room) = $room; - $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`"); + $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); + if (count($group) > 0) { + list($group) = $group; + $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`"); $privileges_html = ""; $privileges_form = []; foreach ($privileges as $priv) { @@ -53,7 +53,7 @@ function admin_groups() { $privileges_form[] = form_submit('submit', _("Save")); $html .= page_with_title(_("Edit group"), [ - form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $id) + form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) ]); } else { return error("No Group found.", true); @@ -62,29 +62,29 @@ function admin_groups() { case 'save': if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $group_id = $_REQUEST['id']; } else { return error("Incomplete call, missing Groups ID.", true); } - $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); if (! is_array($_REQUEST['privileges'])) { $_REQUEST['privileges'] = []; } - if (count($room) > 0) { - list($room) = $room; - sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'"); + if (count($group) > 0) { + list($group) = $group; + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'"); $privilege_names = []; foreach ($_REQUEST['privileges'] as $priv) { if (preg_match("/^[0-9]{1,}$/", $priv)) { $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); if (count($group_privileges_source) > 0) { - sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($id) . "', `privilege_id`='" . sql_escape($priv) . "'"); + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'"); $privilege_names[] = $group_privileges_source[0]['name']; } } } - engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names)); + engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names)); redirect(page_link_to("admin_groups")); } else { return error("No Group found.", true); diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 192f3cce..af7046c9 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -8,12 +8,12 @@ function admin_news() { } else { $html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg(); if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $news_id = $_REQUEST['id']; } else { return error("Incomplete call, missing News ID.", true); } - $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1"); + $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); if (count($news) > 0) { switch ($_REQUEST["action"]) { default: @@ -33,9 +33,9 @@ function admin_news() { form_textarea('eText', _("Message"), $news['Text']), form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), form_submit('submit', _("Save")) - ], page_link_to('admin_news&action=save&id=' . $id)); + ], page_link_to('admin_news&action=save&id=' . $news_id)); - $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; + $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; break; case 'save': @@ -47,7 +47,7 @@ function admin_news() { `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' - WHERE `ID`='" . sql_escape($id) . "'"); + WHERE `ID`='" . sql_escape($news_id) . "'"); engelsystem_log("News updated: " . $_POST["eBetreff"]); success(_("News entry updated.")); redirect(page_link_to("news")); @@ -56,7 +56,7 @@ function admin_news() { case 'delete': list($news) = $news; - sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); engelsystem_log("News deleted: " . $news['Betreff']); success(_("News entry deleted.")); redirect(page_link_to("news")); diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 183f7944..f67c6ce8 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -83,17 +83,17 @@ function admin_questions() { switch ($_REQUEST['action']) { case 'answer': if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $question_id = $_REQUEST['id']; } else { return error("Incomplete call, missing Question ID.", true); } - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); if (count($question) > 0 && $question[0]['AID'] == null) { $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']))); if ($answer != "") { - sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); redirect(page_link_to("admin_questions")); } else { @@ -105,14 +105,14 @@ function admin_questions() { break; case 'delete': if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $question_id = $_REQUEST['id']; } else { return error("Incomplete call, missing Question ID.", true); } - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); if (count($question) > 0) { - sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); engelsystem_log("Question deleted: " . $question[0]['Question']); redirect(page_link_to("admin_questions")); } else { diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 3c26048a..155fd7b3 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -38,12 +38,12 @@ function admin_rooms() { if (test_request_int('id')) { $room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'"); if (count($room) > 0) { - $id = $_REQUEST['id']; + $room_id = $_REQUEST['id']; $name = $room[0]['Name']; $from_pentabarf = $room[0]['FromPentabarf']; $public = $room[0]['show']; $number = $room[0]['Number']; - $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); + $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'"); foreach ($needed_angeltypes as $needed_angeltype) { $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; } @@ -58,7 +58,7 @@ function admin_rooms() { if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { $name = strip_request_item('name'); - if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($id)) > 0) { + if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($room_id)) > 0) { $valid = false; $msg .= error(_("This name is already in use."), true); } @@ -95,18 +95,18 @@ function admin_rooms() { } if ($valid) { - if (isset($id)) { - sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); + if (isset($room_id)) { + sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($room_id) . "' LIMIT 1"); engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } else { - $id = Room_create($name, $from_pentabarf, $public, $number); - if ($id === false) { + $room_id = Room_create($name, $from_pentabarf, $public, $number); + if ($room_id === false) { engelsystem_error("Unable to create room."); } engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } - sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); + sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'"); $needed_angeltype_info = array(); foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { $angeltype = AngelType($angeltype_id); @@ -114,7 +114,7 @@ function admin_rooms() { engelsystem_error("Unable to load angeltype."); } if ($angeltype != null) { - sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'"); + sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($room_id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'"); $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; } } @@ -158,7 +158,7 @@ function admin_rooms() { ]); } elseif ($_REQUEST['show'] == 'delete') { if (isset($_REQUEST['ack'])) { - if (! Room_delete($id)) { + if (! Room_delete($room_id)) { engelsystem_error("Unable to delete room."); } @@ -173,7 +173,7 @@ function admin_rooms() { ]), sprintf(_("Do you want to delete room %s?"), $name), buttons([ - button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete') + button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete') ]) ]); } diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index fb3283bd..56987e12 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -13,9 +13,9 @@ function admin_user() { redirect(users_link()); } - $id = $_REQUEST['id']; + $user_id = $_REQUEST['id']; if (! isset($_REQUEST['action'])) { - $user_source = User($id); + $user_source = User($user_id); if ($user_source === false) { engelsystem_error('Unable to load user.'); } @@ -26,7 +26,7 @@ function admin_user() { $html .= "Hallo,<br />" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n"; - $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n"; + $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$user_id\" method=\"post\">\n"; $html .= "<table border=\"0\">\n"; $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n"; $html .= "<tr><td>\n"; @@ -80,7 +80,7 @@ function admin_user() { $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.')); - $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n"; + $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$user_id\" method=\"post\">\n"; $html .= "<table>\n"; $html .= " <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n"; $html .= " <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n"; @@ -96,16 +96,16 @@ function admin_user() { $my_highest_group = $my_highest_group[0]['group_id']; } - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1"); + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1"); if (count($his_highest_group) > 0) { $his_highest_group = $his_highest_group[0]['group_id']; } - if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { - $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n"; + if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) { + $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $user_id . "\" method=\"post\">\n"; $html .= '<table>'; - $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`"); + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`"); foreach ($groups as $group) { $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>'; } @@ -126,12 +126,12 @@ function admin_user() { } else { switch ($_REQUEST['action']) { case 'save_groups': - if ($id != $user['UID']) { + if ($user_id != $user['UID']) { $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`"); - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`"); + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`"); if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { - $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); + $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); $groups = []; $grouplist = []; foreach ($groups_source as $group) { @@ -143,15 +143,15 @@ function admin_user() { $_REQUEST['groups'] = []; } - sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); + sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'"); $user_groups_info = []; foreach ($_REQUEST['groups'] as $group) { if (in_array($group, $grouplist)) { - sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'"); + sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'"); $user_groups_info[] = $groups[$group]['Name']; } } - $user_source = User($id); + $user_source = User($user_id); engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info)); $html .= success("Benutzergruppen gespeichert.", true); } else { @@ -184,7 +184,7 @@ function admin_user() { `force_active`= " . sql_escape($force_active) . ", `Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "', `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' - WHERE `UID` = '" . sql_escape($id) . "' + WHERE `UID` = '" . sql_escape($user_id) . "' LIMIT 1"; sql_query($SQL); engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]); @@ -193,8 +193,8 @@ function admin_user() { case 'change_pw': if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { - set_password($id, $_REQUEST['new_pw']); - $user_source = User($id); + set_password($user_id, $_REQUEST['new_pw']); + $user_source = User($user_id); engelsystem_log("Set new password for " . User_Nick_render($user_source)); $html .= success("Passwort neu gesetzt.", true); } else { diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index a3d17741..4af2a0cb 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -91,14 +91,14 @@ function user_messages() { switch ($_REQUEST['action']) { case "read": if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $message_id = $_REQUEST['id']; } else { return error(_("Incomplete call, missing Message ID."), true); } - $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); + $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { - sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); redirect(page_link_to("user_messages")); } else { return error(_("No Message found."), true); @@ -107,14 +107,14 @@ function user_messages() { case "delete": if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $message_id = $_REQUEST['id']; } else { return error(_("Incomplete call, missing Message ID."), true); } - $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); + $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { - sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); redirect(page_link_to("user_messages")); } else { return error(_("No Message found."), true); diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index f50711a7..b60d2ed8 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -10,12 +10,12 @@ function user_myshifts() { global $user, $privileges; if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) { - $id = $_REQUEST['id']; + $user_id = $_REQUEST['id']; } else { - $id = $user['UID']; + $user_id = $user['UID']; } - list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); if (isset($_REQUEST['reset'])) { if ($_REQUEST['reset'] == "ack") { @@ -28,7 +28,7 @@ function user_myshifts() { button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') ]); } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { - $id = $_REQUEST['edit']; + $user_id = $_REQUEST['edit']; $shift = sql_select("SELECT `ShiftEntry`.`freeloaded`, `ShiftEntry`.`freeload_comment`, @@ -43,7 +43,7 @@ function user_myshifts() { JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' + WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1"); if (count($shift) > 0) { $shift = $shift[0]; @@ -66,7 +66,7 @@ function user_myshifts() { if ($valid) { $result = ShiftEntry_update([ - 'id' => $id, + 'id' => $user_id, 'Comment' => $comment, 'freeloaded' => $freeloaded, 'freeload_comment' => $freeload_comment @@ -85,16 +85,16 @@ function user_myshifts() { } else redirect(page_link_to('user_myshifts')); } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { - $id = $_REQUEST['cancel']; + $user_id = $_REQUEST['cancel']; $shift = sql_select(" SELECT * FROM `Shifts` INNER JOIN `ShiftEntry` USING (`SID`) - WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'"); + WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'"); if (count($shift) > 0) { $shift = $shift[0]; if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) { - $result = ShiftEntry_delete($id); + $result = ShiftEntry_delete($user_id); if ($result === false) { engelsystem_error('Unable to delete shift entry.'); } diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index 6d9ded8e..10e8fef6 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -39,14 +39,14 @@ function user_questions() { break; case 'delete': if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $id = $_REQUEST['id']; + $question_id = $_REQUEST['id']; } else { return error(_("Incomplete call, missing Question ID."), true); } - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { - sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); redirect(page_link_to("user_questions")); } else { return page_with_title(questions_title(), [ diff --git a/includes/sys_template.php b/includes/sys_template.php index 23f4b77b..43ca66f2 100644 --- a/includes/sys_template.php +++ b/includes/sys_template.php @@ -41,9 +41,9 @@ function glyph_bool($boolean) { return '<span class="text-' . ($boolean ? 'success' : 'danger') . '">' . glyph($boolean ? 'ok' : 'remove') . '</span>'; } -function div($class, $content = array(), $id = "") { - $id = $id != '' ? ' id="' . $id . '"' : ''; - return '<div' . $id . ' class="' . $class . '">' . join("\n", $content) . '</div>'; +function div($class, $content = array(), $dom_id = "") { + $dom_id = $dom_id != '' ? ' id="' . $dom_id . '"' : ''; + return '<div' . $dom_id . ' class="' . $class . '">' . join("\n", $content) . '</div>'; } function heading($content, $number = 1) { @@ -84,12 +84,12 @@ function toolbar_dropdown($glyphicon, $label, $submenu, $class = '') { } function toolbar_popover($glyphicon, $label, $content, $class = '') { - $id = md5(microtime() . $glyphicon . $label); + $dom_id = md5(microtime() . $glyphicon . $label); return '<li class="dropdown messages ' . $class . '"> - <a id="' . $id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a> + <a id="' . $dom_id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a> <script type="text/javascript"> $(function(){ - $("#' . $id . '").popover({ + $("#' . $dom_id . '").popover({ trigger: "focus", html: true, content: "' . addslashes(join('', $content)) . '", @@ -145,16 +145,16 @@ function form_spinner($name, $label, $value) { * @return HTML */ function form_date($name, $label, $value, $start_date = '') { - $id = $name . '-date'; + $dom_id = $name . '-date'; $value = is_numeric($value) ? date('Y-m-d', $value) : ''; $start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : ''; return form_element($label, ' - <div class="input-group date" id="' . $id . '"> + <div class="input-group date" id="' . $dom_id . '"> <input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span> </div> <script type="text/javascript"> $(function(){ - $("#' . $id . '").datepicker({ + $("#' . $dom_id . '").datepicker({ language: "' . locale_short() . '", todayBtn: "linked", format: "yyyy-mm-dd", @@ -162,7 +162,7 @@ function form_date($name, $label, $value, $start_date = '') { }); }); </script> - ', $id); + ', $dom_id); } /** @@ -208,14 +208,14 @@ function form_multi_checkboxes($names, $label, $items, $selected, $disabled = ar foreach ($items as $key => $item) { $html .= "<tr>"; foreach ($names as $name => $title) { - $id = $name . '_' . $key; + $dom_id = $name . '_' . $key; $sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : ""; if (! empty($disabled) && ! empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) { $sel .= ' disabled="disabled"'; } - $html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>'; + $html .= '<td style="text-align: center;"><input type="checkbox" id="' . $dom_id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>'; } - $html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>'; + $html .= '<td><label for="' . $dom_id . '">' . $item . '</label></td></tr>'; } $html .= "</tbody></table>"; return form_element($label, $html); @@ -452,8 +452,8 @@ function html_options($name, $options, $selected = "") { return $html; } -function html_select_key($id, $name, $rows, $selected) { - $html = '<select class="form-control" id="' . $id . '" name="' . $name . '">'; +function html_select_key($dom_id, $name, $rows, $selected) { + $html = '<select class="form-control" id="' . $dom_id . '" name="' . $name . '">'; foreach ($rows as $key => $row) { if (($key == $selected) || ($row == $selected)) { $html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>'; diff --git a/public/index.php b/public/index.php index 51c8e7eb..996c2b77 100644 --- a/public/index.php +++ b/public/index.php @@ -19,126 +19,126 @@ $free_pages = [ ]; // Gewünschte Seite/Funktion -$p = ""; +$page = ""; if (! isset($_REQUEST['p'])) { $_REQUEST['p'] = isset($user) ? "news" : "login"; } if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (in_array($_REQUEST['p'], $free_pages) || in_array($_REQUEST['p'], $privileges))) { - $p = $_REQUEST['p']; + $page = $_REQUEST['p']; - $title = $p; + $title = $page; $content = ""; - if ($p == "api") { + if ($page == "api") { require_once realpath(__DIR__ . '/../includes/controller/api.php'); error("Api disabled temporily."); redirect(page_link_to('login')); api_controller(); - } elseif ($p == "ical") { + } elseif ($page == "ical") { require_once realpath(__DIR__ . '/../includes/pages/user_ical.php'); user_ical(); - } elseif ($p == "atom") { + } elseif ($page == "atom") { require_once realpath(__DIR__ . '/../includes/pages/user_atom.php'); user_atom(); - } elseif ($p == "shifts_json_export") { + } elseif ($page == "shifts_json_export") { require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); shifts_json_export_controller(); - } elseif ($p == "shifts_json_export_all") { + } elseif ($page == "shifts_json_export_all") { require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); shifts_json_export_all_controller(); - } elseif ($p == "stats") { + } elseif ($page == "stats") { require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php'); guest_stats(); - } elseif ($p == "user_password_recovery") { + } elseif ($page == "user_password_recovery") { require_once realpath(__DIR__ . '/../includes/controller/users_controller.php'); $title = user_password_recovery_title(); $content = user_password_recovery_controller(); - } elseif ($p == "angeltypes") { + } elseif ($page == "angeltypes") { list($title, $content) = angeltypes_controller(); - } elseif ($p == "shifts") { + } elseif ($page == "shifts") { list($title, $content) = shifts_controller(); - } elseif ($p == "users") { + } elseif ($page == "users") { list($title, $content) = users_controller(); - } elseif ($p == "user_angeltypes") { + } elseif ($page == "user_angeltypes") { list($title, $content) = user_angeltypes_controller(); - } elseif ($p == "user_driver_licenses") { + } elseif ($page == "user_driver_licenses") { list($title, $content) = user_driver_licenses_controller(); - } elseif ($p == "shifttypes") { + } elseif ($page == "shifttypes") { list($title, $content) = shifttypes_controller(); - } elseif ($p == "admin_event_config") { + } elseif ($page == "admin_event_config") { list($title, $content) = event_config_edit_controller(); - } elseif ($p == "news") { + } elseif ($page == "news") { $title = news_title(); $content = user_news(); - } elseif ($p == "news_comments") { + } elseif ($page == "news_comments") { require_once realpath(__DIR__ . '/../includes/pages/user_news.php'); $title = user_news_comments_title(); $content = user_news_comments(); - } elseif ($p == "user_meetings") { + } elseif ($page == "user_meetings") { $title = meetings_title(); $content = user_meetings(); - } elseif ($p == "user_myshifts") { + } elseif ($page == "user_myshifts") { $title = myshifts_title(); $content = user_myshifts(); - } elseif ($p == "user_shifts") { + } elseif ($page == "user_shifts") { $title = shifts_title(); $content = user_shifts(); - } elseif ($p == "user_messages") { + } elseif ($page == "user_messages") { $title = messages_title(); $content = user_messages(); - } elseif ($p == "user_questions") { + } elseif ($page == "user_questions") { $title = questions_title(); $content = user_questions(); - } elseif ($p == "user_settings") { + } elseif ($page == "user_settings") { $title = settings_title(); $content = user_settings(); - } elseif ($p == "login") { + } elseif ($page == "login") { $title = login_title(); $content = guest_login(); - } elseif ($p == "register") { + } elseif ($page == "register") { $title = register_title(); $content = guest_register(); - } elseif ($p == "logout") { + } elseif ($page == "logout") { $title = logout_title(); $content = guest_logout(); - } elseif ($p == "admin_questions") { + } elseif ($page == "admin_questions") { $title = admin_questions_title(); $content = admin_questions(); - } elseif ($p == "admin_user") { + } elseif ($page == "admin_user") { $title = admin_user_title(); $content = admin_user(); - } elseif ($p == "admin_arrive") { + } elseif ($page == "admin_arrive") { $title = admin_arrive_title(); $content = admin_arrive(); - } elseif ($p == "admin_active") { + } elseif ($page == "admin_active") { $title = admin_active_title(); $content = admin_active(); - } elseif ($p == "admin_free") { + } elseif ($page == "admin_free") { $title = admin_free_title(); $content = admin_free(); - } elseif ($p == "admin_news") { + } elseif ($page == "admin_news") { require_once realpath(__DIR__ . '/../includes/pages/admin_news.php'); $content = admin_news(); - } elseif ($p == "admin_rooms") { + } elseif ($page == "admin_rooms") { $title = admin_rooms_title(); $content = admin_rooms(); - } elseif ($p == "admin_groups") { + } elseif ($page == "admin_groups") { $title = admin_groups_title(); $content = admin_groups(); - } elseif ($p == "admin_language") { + } elseif ($page == "admin_language") { require_once realpath(__DIR__ . '/../includes/pages/admin_language.php'); $content = admin_language(); - } elseif ($p == "admin_import") { + } elseif ($page == "admin_import") { $title = admin_import_title(); $content = admin_import(); - } elseif ($p == "admin_shifts") { + } elseif ($page == "admin_shifts") { $title = admin_shifts_title(); $content = admin_shifts(); - } elseif ($p == "admin_log") { + } elseif ($page == "admin_log") { $title = admin_log_title(); $content = admin_log(); - } elseif ($p == "credits") { + } elseif ($page == "credits") { require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php'); $title = credits_title(); $content = guest_credits(); @@ -165,7 +165,7 @@ if ($event_config === false) { echo template_render('../templates/layout.html', [ 'theme' => isset($user) ? $user['color'] : $default_theme, 'title' => $title, - 'atom_link' => ($p == 'news' || $p == 'user_meetings') ? '<link href="' . page_link_to('atom') . (($p == 'user_meetings') ? '&meetings=1' : '') . '&key=' . $user['api_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '', + 'atom_link' => ($page == 'news' || $page == 'user_meetings') ? '<link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&meetings=1' : '') . '&key=' . $user['api_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '', 'menu' => make_menu(), 'content' => msg() . $content, 'header_toolbar' => header_toolbar(), |