diff options
Diffstat (limited to 'includes/controller/users_controller.php')
-rw-r--r-- | includes/controller/users_controller.php | 63 |
1 files changed, 56 insertions, 7 deletions
diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 3a23835c..067fc4aa 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -22,10 +22,20 @@ function users_controller() { return user_edit_controller(); case 'delete': return user_delete_controller(); + case 'edit_vouchers': + return user_edit_vouchers_controller(); } } -function user_controller() { +function users_link() { + return page_link_to('users'); +} + +function user_link($user) { + return page_link_to('users') . '&action=view&user_id=' . $user['UID']; +} + +function user_edit_vouchers_controller() { global $privileges, $user; if (isset($_REQUEST['user_id'])) { @@ -33,19 +43,58 @@ function user_controller() { } else $user_source = $user; - $admin_user_privilege = in_array('admin_user', $privileges); + if (! in_array('admin_user', $privileges)) + redirect(page_link_to('')); + + if (isset($_REQUEST['submit'])) { + $ok = true; + + if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) + $vouchers = trim($_REQUEST['vouchers']); + else { + $ok = false; + error(_("Please enter a valid number of vouchers.")); + } + + if ($ok) { + $user_source['got_voucher'] = $vouchers; + + $result = User_update($user_source); + if ($result === false) + engelsystem_error('Unable to update user.'); + + success(_("Saved the number of vouchers.")); + engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf("Got %s vouchers", $user_source['got_voucher'])); + + redirect(user_link($user_source)); + } + } + + return array( + sprintf(_("%s's vouchers"), $user_source['Nick']), + User_edit_vouchers_view($user_source) + ); +} + +function user_controller() { + global $privileges, $user; + + if (isset($_REQUEST['user_id'])) { + $user_source = User($_REQUEST['user_id']); + } else + $user_source = $user; $shifts = Shifts_by_user($user_source); foreach ($shifts as &$shift) { // TODO: Move queries to model - $shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`=" . sql_escape($shift['SID']) . " ORDER BY `AngelTypes`.`name`"); + $shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "' ORDER BY `AngelTypes`.`name`"); foreach ($shift['needed_angeltypes'] as &$needed_angeltype) { $needed_angeltype['users'] = sql_select(" SELECT `ShiftEntry`.`freeloaded`, `User`.* FROM `ShiftEntry` JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID` - WHERE `ShiftEntry`.`SID`=" . sql_escape($shift['SID']) . " - AND `ShiftEntry`.`TID`=" . sql_escape($needed_angeltype['id'])); + WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "' + AND `ShiftEntry`.`TID`='" . sql_escape($needed_angeltype['id']) . "'"); } } @@ -54,7 +103,7 @@ function user_controller() { return array( $user_source['Nick'], - User_view($user_source, $admin_user_privilege, User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID']) + User_view($user_source, in_array('admin_user', $privileges), User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID']) ); } @@ -80,7 +129,7 @@ function users_list_controller() { return array( _('All users'), - Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count()) + Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count(), User_got_voucher_count()) ); } |