summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--includes/model/LogEntries_model.php7
-rw-r--r--includes/pages/admin_log.php86
-rw-r--r--includes/pages/admin_user.php48
-rw-r--r--includes/pages/guest_login.php7
-rw-r--r--includes/pages/user_myshifts.php172
-rw-r--r--includes/pages/user_news.php2
-rw-r--r--includes/pages/user_settings.php400
-rw-r--r--includes/pages/user_shifts.php26
-rw-r--r--includes/sys_user.php175
-rw-r--r--public/index.php3
-rw-r--r--templates/user_questions.html2
11 files changed, 456 insertions, 472 deletions
diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
index d8615f0e..5659c0ee 100644
--- a/includes/model/LogEntries_model.php
+++ b/includes/model/LogEntries_model.php
@@ -6,10 +6,15 @@
* @param $message Log Message
*/
function LogEntry_create($nick, $message) {
- $timestamp = date();
+ $timestamp = time();
sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
}
+function LogEntries() {
+ $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " LIMIT 1000");
+ return $log_entries_source;
+}
+
?> \ No newline at end of file
diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php
index 4a29a496..ce30a246 100644
--- a/includes/pages/admin_log.php
+++ b/includes/pages/admin_log.php
@@ -1,76 +1,20 @@
<?php
function admin_log() {
- require_once ("includes/funktion_db_list.php");
-
- $html = "";
- $SQL = "SELECT * FROM `ChangeLog` ORDER BY `Time` DESC LIMIT 0,10000";
- $Erg = sql_query($SQL);
-
- if (mysql_num_rows($Erg) > 0) {
- $html .= "<table border=1>\n";
- $html .= "<tr>\n\t<th>Time</th>\n\t<th>User</th>\n\t<th>Commend</th>\n\t<th>SQL Command</th>\n</tr>\n";
- for ($n = 0; $n < mysql_num_rows($Erg); $n++) {
- $html .= "<tr>\n";
- $html .= "\t<td>" . mysql_result($Erg, $n, "Time") . "</td>\n";
- $html .= "\t<td>" . UID2Nick(mysql_result($Erg, $n, "UID")) . displayavatar(mysql_result($Erg, $n, "UID")) . "</td>\n";
- $html .= "\t<td>" . mysql_result($Erg, $n, "Commend") . "</td>\n";
- $html .= "\t<td>" . mysql_result($Erg, $n, "SQLCommad") . "</td>\n";
- $html .= "</tr>\n";
- }
- $html .= "</table>\n";
- } else {
- $html .= "Log is empty...";
- }
- $html .= "<hr />";
-
- $html .= "<h1>Web Counter</h1>";
- $html .= funktion_db_list("Counter");
-
- /*
- $html .= "<h1>Raeume</h1> <br />";
- funktion_db_list("Raeume");
-
- $html .= "<h1>Schichtbelegung</h1> <br />";
- funktion_db_list("Schichtbelegung");
-
- $html .= "<h1>Schichtplan</h1> <br />Hier findest du alle bisher eingetragenen Schichten:";
- funktion_db_list("Schichtplan");
-
- $html .= "<h1>User</h1> <br />";
- funktion_db_list("User");
-
- $html .= "<h1>News</h1> <br />";
- funktion_db_list("News");
-
- $html .= "<h1>FAQ</h1> <br />";
- funktion_db_list("FAQ");
-
- $html .= "Deaktiviert";
- */
-
- $html .= "<hr>\n";
- $html .= funktion_db_element_list_2row("Tshirt-Size aller engel", "SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`");
- $html .= "<br />\n";
- $html .= funktion_db_element_list_2row("Tshirt ausgegeben", "SELECT `Size`, COUNT(`Size`) FROM `User` WHERE `Tshirt`='1' GROUP BY `Size`");
- $html .= "<br />\n";
- $html .= funktion_db_element_list_2row("Tshirt nicht ausgegeben (Gekommen=1)", "SELECT COUNT(`Size`), `Size` FROM `User` WHERE `Gekommen`='1' and `Tshirt`='0' GROUP BY `Size`");
-
- $html .= "<hr>\n";
- $html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`");
- $html .= "<br />\n";
- $html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`");
-
- $html .= "<hr>\n";
- $html .= funktion_db_element_list_2row("Gesamte Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID)");
- $html .= "<br />\n";
- $html .= funktion_db_element_list_2row("Geleistete Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0)");
-
- $html .= "<hr>\n";
- $html .= funktion_db_element_list_2row("Gesamte Arbeit (Ohne Raum Aufbau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (Shifts.RID!=7)");
- $html .= "<br />\n";
- $html .= funktion_db_element_list_2row("Geleistete Arbeit (Ohne Raum Aufbau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0) AND (Shifts.RID!=7)");
-
- return $html;
+ $log_entries_source = LogEntries();
+ $log_entries = array();
+ foreach($log_entries_source as $log_entry) {
+ $log_entry['date'] = date("H:i", $log_entry['timestamp']);
+ $log_entries[] = $log_entry;
+ }
+
+ return page(array(
+ msg(),
+ table(array(
+ 'date' => "Time",
+ 'nick' => "Angel",
+ 'message' => "Log Entry"
+ ), $log_entries)
+ ));
}
?>
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index a2ab7b07..8d900c1b 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -110,10 +110,13 @@ function admin_user() {
// Assign angel-types
sql_start_transaction();
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
+ $user_angel_type_info = array();
if (!empty($selected_angel_types)) {
$SQL = "INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ";
- foreach ($selected_angel_types as $selected_angel_type_id)
- $SQL .= "(${user_source['UID']}, ${selected_angel_type_id}),";
+ foreach ($selected_angel_types as $selected_angel_type_id) {
+ $SQL .= "(" . $user_source['UID'] . ", " . $selected_angel_type_id . "),";
+ $user_angel_type_info[] = $angel_types[$selected_angel_type_id] . (in_array($selected_angel_type_id, $accepted_angel_types) ? ' (confirmed)' : '');
+ }
// remove superfluous comma
$SQL = substr($SQL, 0, -1);
sql_query($SQL);
@@ -125,16 +128,7 @@ function admin_user() {
}
sql_stop_transaction();
- foreach ($selected_angel_types as $selected_angel_type_id) {
- if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) {
- if (in_array("admin_user_angeltypes", $privileges)) {
- sql_query("INSERT INTO `UserAngelTypes` SET `confirm_user_id`=" . sql_escape($user['UID']) . ", `user_id`=" . sql_escape($user_source['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
- } else {
- sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_source['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
- }
- }
- }
-
+ engelsystem_log("Set angeltypes of " . $user_source['Nick'] . " to: " . join(", ", $user_angel_type_info));
success("Angeltypes saved.");
redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
}
@@ -142,10 +136,10 @@ function admin_user() {
$html .= form(array (
msg(),
form_multi_checkboxes(array('selected_angel_types' => 'gewünscht', 'accepted_angel_types' => 'akzeptiert'),
- "Angeltypes",
- $angel_types,
- array('selected_angel_types' => $selected_angel_types, 'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types)),
- array('accepted_angel_types' => $nonrestricted_angel_types)),
+ "Angeltypes",
+ $angel_types,
+ array('selected_angel_types' => $selected_angel_types, 'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types)),
+ array('accepted_angel_types' => $nonrestricted_angel_types)),
form_submit('submit_user_angeltypes', Get_Text("Save"))
));
@@ -202,19 +196,26 @@ function admin_user() {
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
- $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
+ $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
+ $groups = array();
$grouplist = array ();
- foreach ($groups as $group)
+ foreach ($groups_source as $group) {
+ $groups[$group['UID']] = $group;
$grouplist[] = $group['UID'];
+ }
if (!is_array($_REQUEST['groups']))
$_REQUEST['groups'] = array ();
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
- foreach ($_REQUEST['groups'] as $group)
- if (in_array($group, $grouplist))
- sql_query("INSERT INTO `UserGroups` SET `uid`=" .
- sql_escape($id) . ", `group_id`=" . sql_escape($group));
+ $user_groups_info = array();
+ foreach ($_REQUEST['groups'] as $group) {
+ if (in_array($group, $grouplist)) {
+ sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group));
+ $user_groups_info[] = $groups[$group]['Name'];
+ }
+ }
+ engelsystem_log("Set groups of " . $user_source['Nick'] . " to: " . join(", ", $user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true);
} else {
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
@@ -229,6 +230,7 @@ function admin_user() {
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
+ engelsystem_log("Deleted user " . $user_source['Nick']);
$html .= success("Benutzer gelöscht!", true);
} else {
$html .= error("Du kannst Dich nicht selber löschen!", true);
@@ -254,12 +256,14 @@ function admin_user() {
"WHERE `UID` = '" . sql_escape($id) .
"' LIMIT 1;";
sql_query($SQL);
+ engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
$html .= success("Änderung wurde gespeichert...\n", true);
break;
case 'change_pw' :
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($id, $_REQUEST['new_pw']);
+ engelsystem_log("Set new password for " . $user_source['Nick']);
$html .= success("Passwort neu gesetzt.", true);
} else {
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index db479388..073e2625 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -116,9 +116,12 @@ function guest_register() {
set_password($user_id, $_REQUEST['password']);
// Assign angel-types
- foreach ($selected_angel_types as $selected_angel_type_id)
+ $user_angel_types_info = array();
+ foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-
+ $user_angel_types_info[] = $angel_types[$selected_angel_type_id]['name'];
+ }
+ engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info));
success(Get_Text("makeuser_writeOK4"));
//if (!isset ($_SESSION['uid']))
redirect(page_link_to('login'));
diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php
index 2d1981fa..d8f94b81 100644
--- a/includes/pages/user_myshifts.php
+++ b/includes/pages/user_myshifts.php
@@ -3,100 +3,98 @@
// Zeigt die Schichten an, die ein Benutzer belegt
function user_myshifts() {
- global $LETZTES_AUSTRAGEN;
- global $user, $privileges;
- $msg = "";
+ global $LETZTES_AUSTRAGEN;
+ global $user, $privileges;
+ $msg = "";
- if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
- $id = $_REQUEST['id'];
- } else {
- $id = $user['UID'];
- }
+ if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
+ $id = $_REQUEST['id'];
+ } else {
+ $id = $user['UID'];
+ }
- list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+ list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
- if ($id != $user['UID'])
- $msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true);
+ if ($id != $user['UID'])
+ $msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true);
- if (isset ($_REQUEST['reset'])) {
- if ($_REQUEST['reset'] == "ack") {
- user_reset_ical_key($user);
- success("Key geändert.");
- redirect(page_link_to('user_myshifts'));
- }
- return template_render('../templates/user_myshifts_reset.html', array ());
- }
- elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
- $id = $_REQUEST['edit'];
- $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
- if (count($shift) > 0) {
- $shift = $shift[0];
+ if (isset ($_REQUEST['reset'])) {
+ if ($_REQUEST['reset'] == "ack") {
+ user_reset_ical_key($user);
+ success("Key geändert.");
+ redirect(page_link_to('user_myshifts'));
+ }
+ return template_render('../templates/user_myshifts_reset.html', array ());
+ }
+ elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
+ $id = $_REQUEST['edit'];
+ $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
+ if (count($shift) > 0) {
+ $shift = $shift[0];
- if (isset ($_REQUEST['submit'])) {
- $comment = strip_request_item_nl('comment');
- sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+ if (isset ($_REQUEST['submit'])) {
+ $comment = strip_request_item_nl('comment');
+ $user_source = User($shift['UID']);
+ sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+ engelsystem_log("Updated " . $user_source['Nick'] . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment);
+ success("Schicht gespeichert.");
+ redirect(page_link_to('user_myshifts'));
+ }
- success("Schicht gespeichert.");
- redirect(page_link_to('user_myshifts'));
- }
+ return template_render('../templates/user_shifts_add.html', array (
+ 'angel' => $shifts_user['Nick'],
+ 'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
+ 'location' => $shift['Name'],
+ 'title' => $shift['name'],
+ 'type' => $shift['angel_type'],
+ 'comment' => $shift['Comment']
+ ));
+ } else
+ redirect(page_link_to('user_myshifts'));
+ }
+ elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
+ $id = $_REQUEST['cancel'];
+ $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
+ if (count($shift) > 0) {
+ $shift = $shift[0];
+ if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
+ sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+ $msg .= success(Get_Text("pub_myshifts_signed_off"), true);
+ } else
+ $msg .= error(Get_Text("pub_myshifts_too_late"), true);
+ } else
+ redirect(page_link_to('user_myshifts'));
+ }
+ $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
- return template_render('../templates/user_shifts_add.html', array (
- 'angel' => $shifts_user['Nick'],
- 'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
- 'location' => $shift['Name'],
- 'title' => $shift['name'],
- 'type' => $shift['angel_type'],
- 'comment' => $shift['Comment']
- ));
- } else
- redirect(page_link_to('user_myshifts'));
- }
- elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
- $id = $_REQUEST['cancel'];
- $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
- if (count($shift) > 0) {
- $shift = $shift[0];
- if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
- sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
- $msg .= success(Get_Text("pub_myshifts_signed_off"), true);
- } else
- $msg .= error(Get_Text("pub_myshifts_too_late"), true);
- } else
- redirect(page_link_to('user_myshifts'));
- }
- $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
+ $html = "";
+ foreach ($shifts as $shift) {
+ if (time() > $shift['end'])
+ $html .= '<tr class="done">';
+ else
+ $html .= '<tr>';
+ $html .= '<td>' . date("Y-m-d", $shift['start']) . '</td>';
+ $html .= '<td>' . date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '</td>';
+ $html .= '<td>' . $shift['Name'] . '</td>';
+ $html .= '<td>' . $shift['name'] . '</td>';
+ $html .= '<td>' . $shift['Comment'] . '</td>';
+ $html .= '<td>';
+ $html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">' . Get_Text('edit') . '</a>';
+ if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 3600)
+ $html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">' . Get_Text('sign_off') . '</a>';
+ $html .= '</td>';
+ $html .= '</tr>';
+ }
+ if ($html == "")
+ $html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
- $html = "";
- foreach ($shifts as $shift) {
- if (time() > $shift['end'])
- $html .= '<tr class="done">';
- else
- $html .= '<tr>';
- $html .= '<td>' . date("Y-m-d", $shift['start']) . '</td>';
- $html .= '<td>' . date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '</td>';
- $html .= '<td>' . $shift['Name'] . '</td>';
- $html .= '<td>' . $shift['name'] . '</td>';
- $html .= '<td>' . $shift['Comment'] . '</td>';
- $html .= '<td>';
- $html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">' . Get_Text('edit') . '</a>';
- if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 3600)
- $html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">' . Get_Text('sign_off') . '</a>';
- $html .= '</td>';
- $html .= '</tr>';
- }
- if ($html == "")
- $html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
-
- if ($shifts_user['ical_key'] == "")
- user_reset_ical_key($shifts_user);
-
- return msg().template_render('../templates/user_myshifts.html', array (
- 'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
- 'shifts' => $html,
- 'msg' => $msg,
- 'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
- page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
- page_link_to('user_myshifts') . '&reset'),
-));
+ return msg().template_render('../templates/user_myshifts.html', array (
+ 'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
+ 'shifts' => $html,
+ 'msg' => $msg,
+ 'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
+ page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
+ page_link_to('user_myshifts') . '&reset'),
+ ));
}
?>
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php
index fcf2437c..95cc345e 100644
--- a/includes/pages/user_news.php
+++ b/includes/pages/user_news.php
@@ -58,6 +58,7 @@ function user_news_comments() {
if (isset ($_REQUEST["text"])) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
+ engelsystem_log("Created news_comment: " . $text);
$html .= success("Eintrag wurde gespeichert", true);
}
@@ -114,6 +115,7 @@ function user_news() {
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
"', '" . sql_escape($_POST["treffen"]) . "');");
+ engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
$html .= success(Get_Text(4), true);
}
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php
index 14dcf96f..70033d18 100644
--- a/includes/pages/user_settings.php
+++ b/includes/pages/user_settings.php
@@ -1,201 +1,207 @@
<?php
function user_settings() {
- global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
- global $user;
-
- $msg = "";
- $nick = $user['Nick'];
- $lastname = $user['Name'];
- $prename = $user['Vorname'];
- $age = $user['Alter'];
- $tel = $user['Telefon'];
- $dect = $user['DECT'];
- $mobile = $user['Handy'];
- $mail = $user['email'];
- $icq = $user['ICQ'];
- $jabber = $user['jabber'];
- $hometown = $user['Hometown'];
- $tshirt_size = $user['Size'];
- $password_hash = "";
- $selected_theme = $user['color'];
- $selected_language = $user['Sprache'];
-
- $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
- $selected_angel_types = array ();
- foreach ($selected_angel_types_source as $selected_angel_type)
- $selected_angel_types[] = $selected_angel_type['angeltype_id'];
-
- $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
- $angel_types = array ();
- foreach ($angel_types_source as $angel_type)
- $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
-
- if (isset ($_REQUEST['submit'])) {
- $ok = true;
-
- if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
- $nick = strip_request_item('nick');
- if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
- $ok = false;
- $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
- }
- } else {
- $ok = false;
- $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
- }
-
- if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
- $mail = strip_request_item('mail');
- if (!check_email($mail)) {
- $ok = false;
- $msg .= error(Get_Text("makeuser_error_mail"), true);
- }
- } else {
- $ok = false;
- $msg .= error("Please enter your e-mail.", true);
- }
-
- if (isset ($_REQUEST['icq']))
- $icq = strip_request_item('icq');
- if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
- $jabber = strip_request_item('jabber');
- if (!check_email($jabber)) {
- $ok = false;
- $msg .= error("Please check your jabber.", true);
- }
- }
-
- if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
- $tshirt_size = $_REQUEST['tshirt_size'];
- else {
- $ok = false;
- }
-
- $selected_angel_types = array ();
- foreach ($angel_types as $angel_type_id => $angel_type_name)
- if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
- $selected_angel_types[] = $angel_type_id;
-
- // Trivia
- if (isset ($_REQUEST['lastname']))
- $lastname = strip_request_item('lastname');
- if (isset ($_REQUEST['prename']))
- $prename = strip_request_item('prename');
- if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
- $age = strip_request_item('age');
- if (isset ($_REQUEST['tel']))
- $tel = strip_request_item('tel');
- if (isset ($_REQUEST['dect']))
- $dect = strip_request_item('dect');
- if (isset ($_REQUEST['mobile']))
- $mobile = strip_request_item('mobile');
- if (isset ($_REQUEST['hometown']))
- $hometown = strip_request_item('hometown');
-
- if ($ok) {
- sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
- "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
- "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
- "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
- // Assign angel-types
- foreach ($angel_types_source as $angel_type)
- if (!in_array($angel_type['id'], $selected_angel_types))
- sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
-
- foreach ($selected_angel_types as $selected_angel_type_id)
- if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
- sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-
- success("Settings saved.");
- redirect(page_link_to('user_settings'));
- }
- }
- elseif (isset ($_REQUEST['submit_password'])) {
- $ok = true;
-
- if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
- $msg .= error(Get_Text(30), true);
- elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
- $msg .= error(Get_Text("makeuser_error_password2"));
- elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
- $msg .= error(Get_Text("makeuser_error_password1"), true);
- elseif(set_password($user['UID'], $_REQUEST['new_password']))
- success("Password saved.");
- else
- error("Failed setting password.");
- redirect(page_link_to('user_settings'));
- }
- elseif (isset ($_REQUEST['submit_theme'])) {
- $ok = true;
-
- if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
- $selected_theme = $_REQUEST['theme'];
- else
- $ok = false;
-
- if ($ok) {
- sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
- success("Theme changed.");
- redirect(page_link_to('user_settings'));
- }
- }
- elseif (isset ($_REQUEST['submit_language'])) {
- $ok = true;
-
- if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
- $selected_language = $_REQUEST['language'];
- else
- $ok = false;
-
- if ($ok) {
- sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
- $_SESSION['Sprache'] = $selected_language;
-
- success("Language changed.");
- redirect(page_link_to('user_settings'));
- }
- }
-
- return page(array (
- sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
- $msg,
- msg(),
- form(array (
- form_info("", Get_Text("pub_einstellungen_Text_UserData")),
- form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
- form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
- form_text('prename', Get_Text("makeuser_Vorname"), $prename),
- form_text('age', Get_Text("makeuser_Alter"), $age),
- form_text('tel', Get_Text("makeuser_Telefon"), $tel),
- form_text('dect', Get_Text("makeuser_DECT"), $dect),
- form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
- form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
- form_text('icq', "ICQ", $icq),
- form_text('jabber', "Jabber", $jabber),
- form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
- $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
- form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
- form_submit('submit', Get_Text("save"))
- )),
- form(array (
- form_info("", Get_Text(14)),
- form_password('password', Get_Text(15)),
- form_password('new_password', Get_Text(16)),
- form_password('new_password2', Get_Text(17)),
- form_submit('submit_password', Get_Text("save"))
- )),
- form(array (
- form_info("", Get_Text(18)),
- form_select('theme', Get_Text(19), $themes, $selected_theme),
- form_submit('submit_theme', Get_Text("save"))
- )),
- form(array (
- form_info("", Get_Text(20)),
- form_select('language', Get_Text(21), $languages, $selected_language),
- form_submit('submit_language', Get_Text("save"))
- ))
- ));
+ global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
+ global $user;
+
+ $msg = "";
+ $nick = $user['Nick'];
+ $lastname = $user['Name'];
+ $prename = $user['Vorname'];
+ $age = $user['Alter'];
+ $tel = $user['Telefon'];
+ $dect = $user['DECT'];
+ $mobile = $user['Handy'];
+ $mail = $user['email'];
+ $icq = $user['ICQ'];
+ $jabber = $user['jabber'];
+ $hometown = $user['Hometown'];
+ $tshirt_size = $user['Size'];
+ $password_hash = "";
+ $selected_theme = $user['color'];
+ $selected_language = $user['Sprache'];
+
+ $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
+ $selected_angel_types = array ();
+ foreach ($selected_angel_types_source as $selected_angel_type)
+ $selected_angel_types[] = $selected_angel_type['angeltype_id'];
+
+ $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
+ $angel_types = array ();
+ foreach ($angel_types_source as $angel_type)
+ $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
+
+ if (isset ($_REQUEST['submit'])) {
+ $ok = true;
+
+ if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
+ $nick = strip_request_item('nick');
+ if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
+ $ok = false;
+ $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
+ }
+ } else {
+ $ok = false;
+ $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
+ }
+
+ if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
+ $mail = strip_request_item('mail');
+ if (!check_email($mail)) {
+ $ok = false;
+ $msg .= error(Get_Text("makeuser_error_mail"), true);
+ }
+ } else {
+ $ok = false;
+ $msg .= error("Please enter your e-mail.", true);
+ }
+
+ if (isset ($_REQUEST['icq']))
+ $icq = strip_request_item('icq');
+ if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
+ $jabber = strip_request_item('jabber');
+ if (!check_email($jabber)) {
+ $ok = false;
+ $msg .= error("Please check your jabber.", true);
+ }
+ }
+
+ if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
+ $tshirt_size = $_REQUEST['tshirt_size'];
+ else {
+ $ok = false;
+ }
+
+ $selected_angel_types = array ();
+ foreach ($angel_types as $angel_type_id => $angel_type_name)
+ if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
+ $selected_angel_types[] = $angel_type_id;
+
+ // Trivia
+ if (isset ($_REQUEST['lastname']))
+ $lastname = strip_request_item('lastname');
+ if (isset ($_REQUEST['prename']))
+ $prename = strip_request_item('prename');
+ if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
+ $age = strip_request_item('age');
+ if (isset ($_REQUEST['tel']))
+ $tel = strip_request_item('tel');
+ if (isset ($_REQUEST['dect']))
+ $dect = strip_request_item('dect');
+ if (isset ($_REQUEST['mobile']))
+ $mobile = strip_request_item('mobile');
+ if (isset ($_REQUEST['hometown']))
+ $hometown = strip_request_item('hometown');
+
+ if ($ok) {
+ sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
+ "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
+ "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
+ "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
+
+ // Assign angel-types
+ $user_angel_type_info = array();
+ foreach ($angel_types_source as $angel_type) {
+ if (!in_array($angel_type['id'], $selected_angel_types))
+ sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
+ else
+ $user_angel_type_info[] = $angel_type['name'];
+ }
+
+ foreach ($selected_angel_types as $selected_angel_type_id) {
+ if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
+ sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
+ }
+
+ engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));
+ success("Settings saved.");
+ redirect(page_link_to('user_settings'));
+ }
+ }
+ elseif (isset ($_REQUEST['submit_password'])) {
+ $ok = true;
+
+ if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
+ $msg .= error(Get_Text(30), true);
+ elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
+ $msg .= error(Get_Text("makeuser_error_password2"));
+ elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
+ $msg .= error(Get_Text("makeuser_error_password1"), true);
+ elseif(set_password($user['UID'], $_REQUEST['new_password']))
+ success("Password saved.");
+ else
+ error("Failed setting password.");
+ redirect(page_link_to('user_settings'));
+ }
+ elseif (isset ($_REQUEST['submit_theme'])) {
+ $ok = true;
+
+ if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
+ $selected_theme = $_REQUEST['theme'];
+ else
+ $ok = false;
+
+ if ($ok) {
+ sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
+
+ success("Theme changed.");
+ redirect(page_link_to('user_settings'));
+ }
+ }
+ elseif (isset ($_REQUEST['submit_language'])) {
+ $ok = true;
+
+ if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
+ $selected_language = $_REQUEST['language'];
+ else
+ $ok = false;
+
+ if ($ok) {
+ sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
+ $_SESSION['Sprache'] = $selected_language;
+
+ success("Language changed.");
+ redirect(page_link_to('user_settings'));
+ }
+ }
+
+ return page(array (
+ sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
+ $msg,
+ msg(),
+ form(array (
+ form_info("", Get_Text("pub_einstellungen_Text_UserData")),
+ form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
+ form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
+ form_text('prename', Get_Text("makeuser_Vorname"), $prename),
+ form_text('age', Get_Text("makeuser_Alter"), $age),
+ form_text('tel', Get_Text("makeuser_Telefon"), $tel),
+ form_text('dect', Get_Text("makeuser_DECT"), $dect),
+ form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
+ form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
+ form_text('icq', "ICQ", $icq),
+ form_text('jabber', "Jabber", $jabber),
+ form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
+ $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
+ form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
+ form_submit('submit', Get_Text("save"))
+ )),
+ form(array (
+ form_info("", Get_Text(14)),
+ form_password('password', Get_Text(15)),
+ form_password('new_password', Get_Text(16)),
+ form_password('new_password2', Get_Text(17)),
+ form_submit('submit_password', Get_Text("save"))
+ )),
+ form(array (
+ form_info("", Get_Text(18)),
+ form_select('theme', Get_Text(19), $themes, $selected_theme),
+ form_submit('submit_theme', Get_Text("save"))
+ )),
+ form(array (
+ form_info("", Get_Text(20)),
+ form_select('language', Get_Text(21), $languages, $selected_language),
+ form_submit('submit_language', Get_Text("save"))
+ ))
+ ));
}
?>
diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index 073c0d36..c239ca71 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -9,8 +9,15 @@ function user_shifts() {
else
redirect(page_link_to('user_shifts'));
- sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
- success("Der Schicht-Eintrag wurde gelöscht.");
+ $shift_entry_source = sql_select("SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id) . " LIMIT 1");
+ if(count($shift_entry_source) > 0) {
+ $shift_entry_source = $shift_entry_source[0];
+ sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
+
+ engelsystem_log("Deleted " . $shift_entry_source['Nick'] . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("y-m-d H:i", $shift_entry_source['start']) . " to " . date("y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
+ success("Der Schicht-Eintrag wurde gelöscht.");
+ }
+ else error("Entry not found.");
redirect(page_link_to('user_shifts'));
}
// Schicht bearbeiten
@@ -43,9 +50,12 @@ function user_shifts() {
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
+ $angel_types = array();
$needed_angel_types = array ();
- foreach ($types as $type)
+ foreach ($types as $type) {
+ $angel_types[$type['id']] = $type;
$needed_angel_types[$type['id']] = 0;
+ }
// Benötigte Engeltypen vom Raum
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`");
@@ -110,8 +120,13 @@ function user_shifts() {
if ($ok) {
sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
- foreach ($needed_angel_types as $type_id => $count)
+ $needed_angel_types_info = array();
+ foreach ($needed_angel_types as $type_id => $count) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
+ $needed_angel_types_info[] = $angel_types[$type_id];
+ }
+
+ engelsystem_log("Updated shift " . $name . " from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
success("Schicht gespeichert.");
redirect(page_link_to('user_shifts'));
}
@@ -155,6 +170,7 @@ function user_shifts() {
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
+ engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success("Die Schicht wurde gelöscht.");
redirect(page_link_to('user_shifts'));
}
@@ -222,6 +238,8 @@ function user_shifts() {
if (sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `AngelTypes`.`restricted` = 0 AND `user_id` = '" . sql_escape($user_id) . "' AND `angeltype_id` = '" . sql_escape($selected_type_id) . "'") == 0)
sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')");
+ $user_source = User($user_id);
+ engelsystem_log("User " . $user_source['Nick'] . " signed up for shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>');
redirect(page_link_to('user_shifts'));
}
diff --git a/includes/sys_user.php b/includes/sys_user.php
index 20d9eca0..88002706 100644
--- a/includes/sys_user.php
+++ b/includes/sys_user.php
@@ -6,125 +6,126 @@
*/
$tshirt_sizes = array (
'' => "Please select...",
- 'S' => "S",
- 'M' => "M",
- 'L' => "L",
- 'XL' => "XL",
- '2XL' => "2XL",
- '3XL' => "3XL",
- '4XL' => "4XL",
- '5XL' => "5XL",
- 'S-G' => "S Girl",
- 'M-G' => "M Girl",
- 'L-G' => "L Girl",
- 'XL-G' => "XL Girl"
+ 'S' => "S",
+ 'M' => "M",
+ 'L' => "L",
+ 'XL' => "XL",
+ '2XL' => "2XL",
+ '3XL' => "3XL",
+ '4XL' => "4XL",
+ '5XL' => "5XL",
+ 'S-G' => "S Girl",
+ 'M-G' => "M Girl",
+ 'L-G' => "L Girl",
+ 'XL-G' => "XL Girl"
);
function user_reset_ical_key($user) {
- $user['ical_key'] = md5($user['Nick'] . time() . rand());
- sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
+ $user['ical_key'] = md5($user['Nick'] . time() . rand());
+ sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
+ engelsystem_log("iCal key resetted.");
}
function UID2Nick($UID) {
- if ($UID > 0)
- $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
- else
- $SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
-
- $Erg = sql_select($SQL);
-
- if (count($Erg) > 0) {
- if ($UID > 0)
- return $Erg[0]['Nick'];
- else
- return "Group-" . $Erg[0]['Name'];
- } else {
- if ($UID == -1)
- return "Guest";
- else
- return "UserID $UID not found";
- }
+ if ($UID > 0)
+ $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
+ else
+ $SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
+
+ $Erg = sql_select($SQL);
+
+ if (count($Erg) > 0) {
+ if ($UID > 0)
+ return $Erg[0]['Nick'];
+ else
+ return "Group-" . $Erg[0]['Name'];
+ } else {
+ if ($UID == -1)
+ return "Guest";
+ else
+ return "UserID $UID not found";
+ }
}
function TID2Type($TID) {
- global $con;
+ global $con;
- $SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
- $Erg = mysql_query($SQL, $con);
+ $SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
+ $Erg = mysql_query($SQL, $con);
- if (mysql_num_rows($Erg))
- return mysql_result($Erg, 0);
- else
- return "";
+ if (mysql_num_rows($Erg))
+ return mysql_result($Erg, 0);
+ else
+ return "";
}
function ReplaceSmilies($neueckig) {
- $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
- $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
- $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
- $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
- $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
- $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
- $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
- $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
- $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
- $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
- $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
- $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
- $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
- $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
- $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
- $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
- $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
- $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
- $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
- $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
-
- return $neueckig;
+ $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
+ $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
+ $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
+ $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
+ $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
+ $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+ $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+ $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+ $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
+ $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+ $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+ $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+ $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
+ $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
+ $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+ $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+ $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+ $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
+ $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
+ $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
+
+ return $neueckig;
}
function GetPictureShow($UID) {
- global $con;
+ global $con;
- $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
- $res = mysql_query($SQL, $con);
+ $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
+ $res = mysql_query($SQL, $con);
- if (mysql_num_rows($res) == 1)
- return mysql_result($res, 0, 0);
- else
- return "";
+ if (mysql_num_rows($res) == 1)
+ return mysql_result($res, 0, 0);
+ else
+ return "";
}
function displayPicture($UID, $height = "30") {
- global $url, $ENGEL_ROOT;
+ global $url, $ENGEL_ROOT;
- if ($height > 0)
- return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
- else
- return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
+ if ($height > 0)
+ return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
+ else
+ return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
}
function displayavatar($UID, $height = "30") {
- global $con, $url, $ENGEL_ROOT;
+ global $con, $url, $ENGEL_ROOT;
- if (GetPictureShow($UID) == 'Y')
- return "&nbsp;" . displayPicture($UID, $height);
+ if (GetPictureShow($UID) == 'Y')
+ return "&nbsp;" . displayPicture($UID, $height);
- $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
- if (count($user) > 0)
- if ($user[0]['Avatar'] > 0)
- return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
+ $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
+ if (count($user) > 0)
+ if ($user[0]['Avatar'] > 0)
+ return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
}
function UIDgekommen($UID) {
- global $con;
+ global $con;
- $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
- $Erg = mysql_query($SQL, $con);
+ $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
+ $Erg = mysql_query($SQL, $con);
- if (mysql_num_rows($Erg))
- return mysql_result($Erg, 0);
- else
- return "0";
+ if (mysql_num_rows($Erg))
+ return mysql_result($Erg, 0);
+ else
+ return "0";
}
?>
diff --git a/public/index.php b/public/index.php
index bd7e552d..a7efbd86 100644
--- a/public/index.php
+++ b/public/index.php
@@ -11,6 +11,9 @@ require_once ('includes/sys_shift.php');
require_once ('includes/sys_template.php');
require_once ('includes/sys_user.php');
+require_once ('includes/model/LogEntries_model.php');
+require_once ('includes/model/User_model.php');
+
require_once ('config/config.php');
require_once ('config/config_db.php');
diff --git a/templates/user_questions.html b/templates/user_questions.html
index 4cbe0338..0167ba6d 100644
--- a/templates/user_questions.html
+++ b/templates/user_questions.html
@@ -43,7 +43,7 @@
</table>
<hr/>
<p>
- Frage einen Orga:
+ Frage einen Erzengel:
</p>
<form action="%link%&action=ask" method="post">
<table>