summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xDB/Sprache.sql12
-rw-r--r--DB/UserCVS.sql233
-rw-r--r--DB/update_20100112_2300.sql3
-rwxr-xr-xwww-ssl/admin/group.php40
l---------www-ssl/admin/pic1
-rwxr-xr-xwww-ssl/admin/user.php17
-rwxr-xr-xwww-ssl/admin/userChangeNormal.php143
-rwxr-xr-xwww-ssl/admin/userChangeSecure.php99
-rwxr-xr-xwww-ssl/admin/userSaveNormal.php (renamed from www-ssl/admin/user2.php)0
-rwxr-xr-xwww-ssl/admin/userSaveSecure.php162
10 files changed, 509 insertions, 201 deletions
diff --git a/DB/Sprache.sql b/DB/Sprache.sql
index 8b3c3107..ccbcdf85 100755
--- a/DB/Sprache.sql
+++ b/DB/Sprache.sql
@@ -574,8 +574,14 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/shiftadd.php'
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/shiftadd.php', 'EN', ' ');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/schichtplan_druck.php', 'DE', ' ');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/schichtplan_druck.php', 'EN', ' ');
-INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user2.php', 'DE', ' ');
-INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user2.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeNormal.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeNormal.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeSecure.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeSecure.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveNormal.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveNormal.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveSecure.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveSecure.php', 'EN', ' ');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dbUpdateFromXLS.php', 'DE', 'UpdateDB');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dbUpdateFromXLS.php', 'EN', 'UpdateDB');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect.php', 'DE', 'Dect');
@@ -584,6 +590,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect_call.php
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect_call.php', 'EN', ' ');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user.php', 'DE', 'Engelliste');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user.php', 'EN', 'Engel-list');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'DE', 'Benutzer Gruppen');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'EN', 'User Group');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userDefaultSetting.php', 'DE', 'Engel Voreinstellungen');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userDefaultSetting.php', 'EN', 'Engel Default Setting');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/UserPicture.php', 'DE', 'Benutzerbilder');
diff --git a/DB/UserCVS.sql b/DB/UserCVS.sql
index d0b7a4c6..487bd965 100644
--- a/DB/UserCVS.sql
+++ b/DB/UserCVS.sql
@@ -18,51 +18,56 @@
DROP TABLE IF EXISTS `UserCVS`;
CREATE TABLE `UserCVS` (
`UID` int(11) NOT NULL default '0',
- `index.php` char(1) NOT NULL default 'N',
- `logout.php` char(1) NOT NULL default 'Y',
- `faq.php` char(1) NOT NULL default 'Y',
- `lageplan.php` char(1) NOT NULL default 'N',
- `makeuser.php` char(1) NOT NULL default 'N',
- `nonpublic/index.php` char(1) NOT NULL default 'Y',
- `nonpublic/news.php` char(1) NOT NULL default 'Y',
- `nonpublic/newsAddMeting` char(1) NOT NULL default 'N',
- `nonpublic/news_comments.php` char(1) NOT NULL default 'Y',
- `nonpublic/myschichtplan.php` char(1) NOT NULL default 'Y',
- `nonpublic/myschichtplan_ical.php` char(1) NOT NULL default 'Y',
- `nonpublic/engelbesprechung.php` char(1) NOT NULL default 'Y',
- `nonpublic/schichtplan.php` char(1) NOT NULL default 'Y',
- `nonpublic/schichtplan_add.php` char(1) NOT NULL default 'Y',
- `nonpublic/wecken.php` char(1) NOT NULL default 'N',
- `nonpublic/waeckliste.php` char(1) NOT NULL default 'N',
- `nonpublic/messages.php` char(1) NOT NULL default 'Y',
- `nonpublic/faq.php` char(1) NOT NULL default 'Y',
- `nonpublic/einstellungen.php` char(1) NOT NULL default 'Y',
- `Change T_Shirt Size` char(1) NOT NULL default 'Y',
- `admin/index.php` char(1) NOT NULL default 'N',
- `admin/room.php` char(1) NOT NULL default 'N',
- `admin/EngelType.php` char(1) NOT NULL default 'N',
- `admin/schichtplan.php` char(1) NOT NULL default 'N',
- `admin/shiftadd.php` char(1) NOT NULL default 'N',
- `admin/schichtplan_druck.php` char(1) NOT NULL default 'N',
- `admin/user.php` char(1) NOT NULL default 'N',
- `admin/user2.php` char(1) NOT NULL default 'N',
- `admin/userDefaultSetting.php` char(1) NOT NULL default 'N',
- `admin/UserPicture.php` char(1) NOT NULL default 'N',
- `admin/userArrived.php` char(1) NOT NULL default 'N',
- `admin/aktiv.php` char(1) NOT NULL default 'N',
- `admin/tshirt.php` char(1) NOT NULL default 'N',
- `admin/news.php` char(1) NOT NULL default 'N',
- `admin/faq.php` char(1) NOT NULL default 'N',
- `admin/free.php` char(1) NOT NULL default 'N',
- `admin/sprache.php` char(1) NOT NULL default 'N',
- `admin/dect.php` char(1) NOT NULL default 'N',
- `admin/dect_call.php` char(1) NOT NULL default 'N',
- `admin/dbUpdateFromXLS.php` char(1) NOT NULL default 'N',
- `admin/Recentchanges.php` char(1) NOT NULL default 'N',
- `admin/debug.php` char(1) NOT NULL default 'N',
- `Herald` char(1) NOT NULL default 'N',
- `Info` char(1) NOT NULL default 'N',
- `Conference` char(1) NOT NULL default 'N',
+ `GroupID` int(11) default NULL,
+ `index.php` char(1) NOT NULL default 'G',
+ `logout.php` char(1) NOT NULL default 'G',
+ `faq.php` char(1) NOT NULL default 'G',
+ `lageplan.php` char(1) NOT NULL default 'G',
+ `makeuser.php` char(1) NOT NULL default 'G',
+ `nonpublic/index.php` char(1) NOT NULL default 'G',
+ `nonpublic/news.php` char(1) NOT NULL default 'G',
+ `nonpublic/newsAddMeting` char(1) NOT NULL default 'G',
+ `nonpublic/news_comments.php` char(1) NOT NULL default 'G',
+ `nonpublic/myschichtplan.php` char(1) NOT NULL default 'G',
+ `nonpublic/myschichtplan_ical.php` char(1) NOT NULL default 'G',
+ `nonpublic/engelbesprechung.php` char(1) NOT NULL default 'G',
+ `nonpublic/schichtplan.php` char(1) NOT NULL default 'G',
+ `nonpublic/schichtplan_add.php` char(1) NOT NULL default 'G',
+ `nonpublic/wecken.php` char(1) NOT NULL default 'G',
+ `nonpublic/waeckliste.php` char(1) NOT NULL default 'G',
+ `nonpublic/messages.php` char(1) NOT NULL default 'G',
+ `nonpublic/faq.php` char(1) NOT NULL default 'G',
+ `nonpublic/einstellungen.php` char(1) NOT NULL default 'G',
+ `Change T_Shirt Size` char(1) NOT NULL default 'G',
+ `admin/index.php` char(1) NOT NULL default 'G',
+ `admin/room.php` char(1) NOT NULL default 'G',
+ `admin/EngelType.php` char(1) NOT NULL default 'G',
+ `admin/schichtplan.php` char(1) NOT NULL default 'G',
+ `admin/shiftadd.php` char(1) NOT NULL default 'G',
+ `admin/schichtplan_druck.php` char(1) NOT NULL default 'G',
+ `admin/user.php` char(1) NOT NULL default 'G',
+ `admin/userChangeNormal.php` char(1) NOT NULL default 'G',
+ `admin/userChangeSecure.php` char(1) NOT NULL default 'G',
+ `admin/userSaveNormal.php` char(1) NOT NULL default 'G',
+ `admin/userSaveSecure.php` char(1) NOT NULL default 'G',
+ `admin/group.php` char(1) NOT NULL default 'G',
+ `admin/userDefaultSetting.php` char(1) NOT NULL default 'G',
+ `admin/UserPicture.php` char(1) NOT NULL default 'G',
+ `admin/userArrived.php` char(1) NOT NULL default 'G',
+ `admin/aktiv.php` char(1) NOT NULL default 'G',
+ `admin/tshirt.php` char(1) NOT NULL default 'G',
+ `admin/news.php` char(1) NOT NULL default 'G',
+ `admin/faq.php` char(1) NOT NULL default 'G',
+ `admin/free.php` char(1) NOT NULL default 'G',
+ `admin/sprache.php` char(1) NOT NULL default 'G',
+ `admin/dect.php` char(1) NOT NULL default 'G',
+ `admin/dect_call.php` char(1) NOT NULL default 'G',
+ `admin/dbUpdateFromXLS.php` char(1) NOT NULL default 'G',
+ `admin/Recentchanges.php` char(1) NOT NULL default 'G',
+ `admin/debug.php` char(1) NOT NULL default 'G',
+ `Herald` char(1) NOT NULL default 'G',
+ `Info` char(1) NOT NULL default 'G',
+ `Conference` char(1) NOT NULL default 'G',
PRIMARY KEY (`UID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -70,141 +75,3 @@ CREATE TABLE `UserCVS` (
-- Daten f?r Tabelle `UserCVS`
--
-INSERT INTO `UserCVS` (`UID`,
- `index.php`,
- `logout.php`,
- `faq.php`,
- `lageplan.php`,
- `makeuser.php`,
- `nonpublic/index.php`,
- `nonpublic/news.php`,
- `nonpublic/newsAddMeting`,
- `nonpublic/news_comments.php`,
- `nonpublic/myschichtplan.php`,
- `nonpublic/myschichtplan_ical.php`,
- `nonpublic/engelbesprechung.php`,
- `nonpublic/schichtplan.php`,
- `nonpublic/schichtplan_add.php`,
- `nonpublic/wecken.php`,
- `nonpublic/waeckliste.php`,
- `nonpublic/messages.php`,
- `nonpublic/faq.php`,
- `nonpublic/einstellungen.php`,
- `Change T_Shirt Size`,
- `admin/index.php`,
- `admin/room.php`,
- `admin/EngelType.php`,
- `admin/schichtplan.php`,
- `admin/shiftadd.php`,
- `admin/schichtplan_druck.php`,
- `admin/user.php`,
- `admin/user2.php`,
- `admin/userDefaultSetting.php`,
- `admin/UserPicture.php`,
- `admin/aktiv.php`,
- `admin/tshirt.php`,
- `admin/news.php`,
- `admin/faq.php`,
- `admin/free.php`,
- `admin/sprache.php`,
- `admin/dect.php`,
- `admin/dect_call.php`,
- `admin/dbUpdateFromXLS.php`,
- `admin/Recentchanges.php`,
- `admin/debug.php`,
- `Herald`,
- `Info`,
- `Conference`) VALUES
-
-(-1,
- 'Y',
- 'N',
- 'Y',
- 'N',
- 'Y',
- 'Y',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N'),
--- 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
-(1,
- 'N',
- 'Y',
- 'N',
- 'N',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'N',
- 'N',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'N');
-
diff --git a/DB/update_20100112_2300.sql b/DB/update_20100112_2300.sql
index ab944226..a7c2f5f5 100644
--- a/DB/update_20100112_2300.sql
+++ b/DB/update_20100112_2300.sql
@@ -1,2 +1,5 @@
ALTER TABLE `UserCVS` ADD `GroupID` INT NULL AFTER `UID` ;
+ALTER TABLE `UserCVS` ADD `admin\group.php` CHAR( 1 ) NOT NULL DEFAULT 'N' AFTER `admin/userDefaultSetting.php` ;
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'DE', 'Benutzer Gruppen');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'EN', 'User Group');
diff --git a/www-ssl/admin/group.php b/www-ssl/admin/group.php
new file mode 100755
index 00000000..6377593d
--- /dev/null
+++ b/www-ssl/admin/group.php
@@ -0,0 +1,40 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Editieren der Engelliste";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+
+if (!IsSet($_GET["enterGID"]))
+{
+ // Userliste, keine UID uebergeben...
+
+ $SQL = "SELECT * FROM `UserGroups` ORDER BY `Name` ASC";
+ $Erg = mysql_query($SQL, $con);
+ echo mysql_error($con);
+
+ // anzahl zeilen
+ $Zeilen = mysql_num_rows($Erg);
+
+ echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
+ echo "<tr class=\"contenttopic\">\n";
+ echo "\t<td>Groupname</td>\n";
+ echo "\t<td>-</td>\n";
+ echo "</tr>\n";
+
+ for ($n = 0 ; $n < $Zeilen ; $n++) {
+ echo "<tr class=\"content\">\n";
+ echo "\t<td>".mysql_result($Erg, $n, "Name")."</td>\n";
+
+ echo "<td><a href=\"./userChangeSecure.php?enterUID=".
+ mysql_result($Erg, $n, "UID")."&Type=Secure\">change</a></td>\n";
+ echo "</tr>\n";
+ }
+ echo "\t</table>\n";
+ // Ende Userliste
+}
+
+include ("../../includes/footer.php");
+?>
+
+
diff --git a/www-ssl/admin/pic b/www-ssl/admin/pic
deleted file mode 120000
index a21de85f..00000000
--- a/www-ssl/admin/pic
+++ /dev/null
@@ -1 +0,0 @@
-../pic \ No newline at end of file
diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php
index 5b6077aa..748c09fa 100755
--- a/www-ssl/admin/user.php
+++ b/www-ssl/admin/user.php
@@ -90,24 +90,11 @@ if (!IsSet($_GET["enterUID"]))
echo "\t<td>".mysql_result($Erg, $n, "Aktiv")."</td>\n";
$Tshirt += mysql_result($Erg, $n, "Tshirt");
echo "\t<td>".mysql_result($Erg, $n, "Tshirt")."</td>\n";
- echo "\t<td><a href=\"./user.php?enterUID=".
+ echo "\t<td><a href=\"./userChangeNormal.php?enterUID=".
mysql_result($Erg, $n, "UID")."&Type=Normal\">&Auml;nd.</a></td>\n";
echo "\t<td>";
- //check userCVS=OK
- $SQL2 = "SELECT `UID` FROM `UserCVS` WHERE (`UID`='". mysql_result($Erg, $n, "UID"). "')";
- $Erg2 = mysql_query($SQL2, $con);
- echo mysql_error($con);
- if( mysql_num_rows($Erg2)==0)
- {
- $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('". mysql_result($Erg, $n, "UID"). "');";
- $Erg3 = db_query($SQL3, "admin/user.php auto CVS create");
- if( $Erg3 )
- echo "was create<br>\n";
- else
- echo mysql_error($con);
- }
- echo "<a href=\"./user.php?enterUID=".
+ echo "<a href=\"./userChangeSecure.php?enterUID=".
mysql_result($Erg, $n, "UID")."&Type=Secure\">Secure</a></td>\n";
echo "</tr>\n";
}
diff --git a/www-ssl/admin/userChangeNormal.php b/www-ssl/admin/userChangeNormal.php
new file mode 100755
index 00000000..7bcca841
--- /dev/null
+++ b/www-ssl/admin/userChangeNormal.php
@@ -0,0 +1,143 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Editieren der Engelliste";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+
+if (IsSet($_GET["enterUID"]))
+{
+ // UserID wurde mit uebergeben --> Aendern...
+
+ echo "Hallo,<br>".
+ "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' ".
+ "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ".
+ "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ".
+ "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
+ "bereits sein T-Shirt erhalten hat.<br><br>\n";
+
+ echo "<form action=\"./userSaveNormal.php?action=change\" method=\"POST\">\n";
+ echo "<table border=\"0\">\n";
+ echo "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
+
+ $SQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["enterUID"]. "'";
+ $Erg = mysql_query($SQL, $con);
+
+ if (mysql_num_rows($Erg) != 1)
+ echo "<tr><td>Sorry, der Engel (UID=". $_GET["enterUID"].
+ ") wurde in der Liste nicht gefunden.</td></tr>";
+ else
+ {
+ echo "<tr><td>\n";
+ echo "<table>\n";
+ echo " <tr><td>Nick</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"".
+ mysql_result($Erg, 0, "Nick")."\"></td></tr>\n";
+ echo " <tr><td>lastLogIn</td><td>".
+ "<input type=\"text\" size=\"20\" name=\"elastLogIn\" value=\"".
+ mysql_result($Erg, 0, "lastLogIn"). "\" disabled></td></tr>\n";
+ echo " <tr><td>Name</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eName\" value=\"".
+ mysql_result($Erg, 0, "Name")."\"></td></tr>\n";
+ echo " <tr><td>Vorname</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"".
+ mysql_result($Erg, 0, "Vorname")."\"></td></tr>\n";
+ echo " <tr><td>Alter</td><td>".
+ "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"".
+ mysql_result($Erg, 0, "Alter")."\"></td></tr>\n";
+ echo " <tr><td>Telefon</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"".
+ mysql_result($Erg, 0, "Telefon")."\"></td></tr>\n";
+ echo " <tr><td>Handy</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"".
+ mysql_result($Erg, 0, "Handy")."\"></td></tr>\n";
+ echo " <tr><td>DECT</td><td>".
+ "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"".
+ mysql_result($Erg, 0, "DECT")."\"></td></tr>\n";
+ echo " <tr><td>email</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"".
+ mysql_result($Erg, 0, "email")."\"></td></tr>\n";
+ echo " <tr><td>ICQ</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"".
+ mysql_result($Erg, 0, "ICQ")."\"></td></tr>\n";
+ echo " <tr><td>jabber</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"".
+ mysql_result($Erg, 0, "jabber")."\"></td></tr>\n";
+ echo " <tr><td>Size</td><td>".
+ "<input type=\"text\" size=\"5\" name=\"eSize\" value=\"".
+ mysql_result($Erg, 0, "Size")."\"></td></tr>\n";
+ echo " <tr><td>Passwort</td><td>".
+ "<a href=\"./user2.php?action=newpw&eUID="
+ .mysql_result($Erg, 0, "UID")."\">neues Kennwort setzen</a></td></tr>\n";
+
+ // Gekommen?
+ echo " <tr><td>Gekommen</td><td>\n";
+ echo " <input type=\"radio\" name=\"eGekommen\" value=\"0\"";
+ if (mysql_result($Erg, 0, "Gekommen")=='0')
+ echo " checked";
+ echo ">No \n";
+ echo " <input type=\"radio\" name=\"eGekommen\" value=\"1\"";
+ if (mysql_result($Erg, 0, "Gekommen")=='1')
+ echo " checked";
+ echo ">Yes \n";
+ echo "</td></tr>\n";
+
+ // Aktiv?
+ echo " <tr><td>Aktiv</td><td>\n";
+ echo " <input type=\"radio\" name=\"eAktiv\" value=\"0\"";
+ if (mysql_result($Erg, 0, "Aktiv")=='0')
+ echo " checked";
+ echo ">No \n";
+ echo " <input type=\"radio\" name=\"eAktiv\" value=\"1\"";
+ if (mysql_result($Erg, 0, "Aktiv")=='1')
+ echo " checked";
+ echo ">Yes \n";
+ echo "</td></tr>\n";
+
+ // T-Shirt bekommen?
+ echo " <tr><td>T-Shirt</td><td>\n";
+ echo " <input type=\"radio\" name=\"eTshirt\" value=\"0\"";
+ if (mysql_result($Erg, 0, "Tshirt")=='0')
+ echo " checked";
+ echo ">No \n";
+ echo " <input type=\"radio\" name=\"eTshirt\" value=\"1\"";
+ if (mysql_result($Erg, 0, "Tshirt")=='1')
+ echo " checked";
+ echo ">Yes \n";
+ echo "</td></tr>\n";
+
+ // Menu links/rechts
+ echo " <tr><td>Menu</td><td>\n";
+ echo " <input type=\"radio\" name=\"eMenu\" value=\"L\"";
+ if (mysql_result($Erg, 0, "Menu")=='L')
+ echo " checked";
+ echo ">L \n";
+ echo " <input type=\"radio\" name=\"eMenu\" value=\"R\"";
+ if (mysql_result($Erg, 0, "Menu")=='R')
+ echo " checked";
+ echo ">R \n";
+ echo "</td></tr>\n";
+
+ echo " <tr><td>Hometown</td><td>".
+ "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"".
+ mysql_result($Erg, 0, "Hometown")."\"></td></tr>\n";
+
+ echo "</table>\n</td><td valign=\"top\">". displayavatar($_GET["enterUID"], FALSE). "</td></tr>";
+ }
+
+ echo "</td></tr>\n";
+ echo "</table>\n<br>\n";
+ echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+ echo "<input type=\"submit\" value=\"sichern...\">\n";
+ echo "</form>";
+
+ echo "<form action=\"./userSaveNormal.php?action=delete\" method=\"POST\">\n";
+ echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+ echo "<input type=\"submit\" value=\"l&ouml;schen...\">\n";
+ echo "</form>";
+}
+
+include ("../../includes/footer.php");
+?>
+
+
diff --git a/www-ssl/admin/userChangeSecure.php b/www-ssl/admin/userChangeSecure.php
new file mode 100755
index 00000000..e7de1b5c
--- /dev/null
+++ b/www-ssl/admin/userChangeSecure.php
@@ -0,0 +1,99 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Editieren der Engelliste";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+
+if (IsSet($_GET["enterUID"]))
+{
+ // UserID wurde mit uebergeben --> Aendern...
+
+ echo "Hallo,<br>".
+ "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' ".
+ "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ".
+ "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ".
+ "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
+ "bereits sein T-Shirt erhalten hat.<br><br>\n";
+
+ echo "<form action=\"./userChangeSecure.php?action=change\" method=\"POST\">\n";
+ echo "<table border=\"0\">\n";
+ echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n";
+
+ // CVS-Rechte
+ echo " <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n";
+
+ $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'";
+ $Erg_CVS = mysql_query($SQL_CVS, $con);
+
+ if( mysql_num_rows($Erg_CVS) != 1)
+ echo "Sorry, der Engel (UID=". $_GET["enterUID"]. ") wurde in der Liste nicht gefunden.";
+ else
+ {
+ $CVS_Data = mysql_fetch_array($Erg_CVS);
+ $CVS_Data_i = 1;
+ foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value)
+ {
+ $CVS_Data_i++;
+ //nur jeder zweiter sonst wird für jeden text noch die position (Zahl) ausgegeben
+ if( $CVS_Data_i%2 && $CVS_Data_Name!="UID")
+ {
+ if($CVS_Data_Name=="GroupID") {
+ if( $_GET["enterUID"] > 0 )
+ {
+ echo "<tr><td><b>Group</b></td>\n".
+ "<td><select name=\"GroupID\">";
+
+ $SQL_Group = "SELECT * FROM `UserGroups`";
+ $Erg_Group = mysql_query($SQL_Group, $con);
+ for ($n = 0 ; $n < mysql_num_rows($Erg_Group) ; $n++)
+ {
+ $UID = mysql_result($Erg_Group, $n, "UID");
+ echo "\t<option value=\"$UID\"";
+ if( $CVS_Data_Value == $UID)
+ echo " selected";
+ echo ">". mysql_result($Erg_Group, $n, "Name"). "</option>\n";
+ }
+ echo "</select></td></tr>";
+ }
+ } else {
+ echo "<tr><td>$CVS_Data_Name</td>\n<td>";
+ echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"Y\" ";
+ if( $CVS_Data_Value == "Y" )
+ echo " checked";
+ echo ">allow \n";
+ echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"N\" ";
+ if( $CVS_Data_Value == "N" )
+ echo " checked";
+ echo ">denied \n";
+ if( $_GET["enterUID"] > 0 )
+ {
+ echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"G\" ";
+ if( $CVS_Data_Value == "G" )
+ echo " checked";
+ echo ">group-setting \n";
+ echo "</td></tr>";
+ }
+ }
+ } //IF
+ } //Foreach
+ echo "</td></tr>\n";
+ } // IF TYPE
+
+ // Ende Formular
+ echo "</td></tr>\n";
+ echo "</table>\n<br>\n";
+ echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+ echo "<input type=\"submit\" value=\"sichern...\">\n";
+ echo "</form>";
+
+ echo "<form action=\"./userSaveSecure.php?action=delete\" method=\"POST\">\n";
+ echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+ echo "<input type=\"submit\" value=\"l&ouml;schen...\">\n";
+ echo "</form>";
+}
+
+include ("../../includes/footer.php");
+?>
+
+
diff --git a/www-ssl/admin/user2.php b/www-ssl/admin/userSaveNormal.php
index 229a4cdc..229a4cdc 100755
--- a/www-ssl/admin/user2.php
+++ b/www-ssl/admin/userSaveNormal.php
diff --git a/www-ssl/admin/userSaveSecure.php b/www-ssl/admin/userSaveSecure.php
new file mode 100755
index 00000000..229a4cdc
--- /dev/null
+++ b/www-ssl/admin/userSaveSecure.php
@@ -0,0 +1,162 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Index";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+include ("../../includes/crypt.php");
+include ("../../includes/funktion_db.php");
+
+if (IsSet($_GET["action"]))
+{
+
+ SetHeaderGo2Back();
+ echo "Gesendeter Befehl: ". $_GET["action"]. "<br>";
+
+ switch ($_GET["action"])
+ {
+ case "change":
+ if (IsSet($_POST["enterUID"]))
+ {
+ if ($_POST["Type"] == "Normal")
+ {
+ $SQL = "UPDATE `User` SET ";
+ $SQL.= " `Nick` = '". $_POST["eNick"]. "', `Name` = '". $_POST["eName"]. "', ".
+ "`Vorname` = '". $_POST["eVorname"]. "', ".
+ "`Telefon` = '". $_POST["eTelefon"]. "', ".
+ "`Handy` = '". $_POST["eHandy"]. "', ".
+ "`DECT` = '". $_POST["eDECT"]. "', ".
+ "`email` = '". $_POST["eemail"]. "', ".
+ "`ICQ` = '". $_POST["eICQ"]. "', ".
+ "`jabber` = '". $_POST["ejabber"]. "', ".
+ "`Size` = '". $_POST["eSize"]. "', ".
+ "`Gekommen`= '". $_POST["eGekommen"]. "', ".
+ "`Aktiv`= '". $_POST["eAktiv"]. "', ".
+ "`Tshirt` = '". $_POST["eTshirt"]. "', ".
+ "`Hometown` = '". $_POST["Hometown"]. "', ".
+ "`Menu` = '". $_POST["eMenu"]. "' ".
+ "WHERE `UID` = '". $_POST["enterUID"].
+ "' LIMIT 1;";
+ echo "User-";
+ $Erg = db_query($SQL, "change user details");
+ if ($Erg == 1) {
+ echo "&Auml;nderung wurde gesichert...\n";
+ } else {
+ echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+ }
+ }
+ elseif ($_POST["Type"] == "Secure")
+ {
+ $SQL2 = "UPDATE `UserCVS` SET ";
+ $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "'";
+ $Erg_CVS = mysql_query($SQL_CVS, $con);
+ $CVS_Data = mysql_fetch_array($Erg_CVS);
+ $CVS_Data_i = 1;
+ foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value)
+ {
+ if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") {
+ if( $CVS_Data_Name == "GroupID")
+ {
+ if( $_POST["enterUID"] > 0 )
+ $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", ";
+ } else {
+ $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', ";
+ }
+ }
+ $CVS_Data_i++;
+ }
+ $SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 );
+ $SQL2.= " WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+ echo "<br>Secure-";
+ $Erg = db_query($SQL2, "change user CVS");
+ if ($Erg == 1) {
+ echo "&Auml;nderung wurde gesichert...\n";
+ } else {
+ echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+ }
+ }
+ else
+ echo "<h1>Fehler: Unbekanter Type (". $_POST["Type"]. ") übergeben\n</h1>\n";
+ }
+ else
+ echo "<h1>Fehler: UserID (enterUID) wurde nicht per POST übergeben</h1>\n";
+ break;
+
+ case "delete":
+ if (IsSet($_POST["enterUID"]))
+ {
+ echo "delate User...";
+ $SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+ $Erg = db_query($SQL, "User delete");
+ if ($Erg == 1) {
+ echo "&Auml;nderung wurde gesichert...\n";
+ } else {
+ echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+ }
+
+ echo "<br>\ndelate UserCVS...";
+ $SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+ $Erg = db_query($SQL2, "User CVS delete");
+ if ($Erg == 1) {
+ echo "&Auml;nderung wurde gesichert...\n";
+ } else {
+ echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+ }
+
+ echo "<br>\ndelate UserEntry...";
+ $SQL3="UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL ".
+ "WHERE `UID`='". $_POST["enterUID"]. "';";
+ $Erg = db_query($SQL3, "delate UserEntry");
+ if ($Erg == 1) {
+ echo "&Auml;nderung wurde gesichert...\n";
+ } else {
+ echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+ }
+ }
+ break;
+
+
+ case "newpw":
+ echo "Bitte neues Kennwort f&uuml;r <b>";
+ // Get Nick
+ $USQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["eUID"]. "'";
+ $Erg = mysql_query($USQL, $con);
+ echo mysql_result($Erg, 0, "Nick");
+ echo "</b> eingeben:<br>";
+ echo "<form action=\"./user2.php?action=newpwsave\" method=\"POST\">\n";
+ echo "<input type=\"Password\" name=\"ePasswort\">";
+ echo "<input type=\"Password\" name=\"ePasswort2\">";
+ echo "<input type=\"hidden\" name=\"eUID\" value=\"". $_GET["eUID"]. "\">";
+ echo "<input type=\"submit\" value=\"sichern...\">\n";
+ echo "</form>";
+ break;
+
+ case "newpwsave":
+ if ($_POST["ePasswort"] == $_POST["ePasswort2"])
+ { // beide Passwoerter passen...
+ $_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]);
+ $SQL = "UPDATE `User` SET `Passwort`='". $_POST["ePasswort"]. "' ".
+ "WHERE `UID`='". $_POST["eUID"]. "'";
+ $Erg = db_query($SQL, "User new passwort");
+ if ($Erg == 1) {
+ echo "&Auml;nderung wurde gesichert...\n";
+ } else {
+ echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+ }
+ }
+ else
+ echo "Das Passwort wurde nicht &uuml;bereinstimmend eingegeben!";
+ break;
+ } // end switch
+
+// ende - Action ist gesetzt
+}
+else
+{
+ // kein Action gesetzt -> abbruch
+ echo "Unzul&auml;ssiger Aufruf.<br>Bitte neu editieren...";
+}
+
+include ("../../includes/footer.php");
+?>
+