diff options
Diffstat (limited to 'includes/model/Shifts_model.php')
| -rw-r--r-- | includes/model/Shifts_model.php | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index 37c772bf..d32de0cb 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -43,11 +43,23 @@ function Shift_signup_allowed($shift, $angeltype, $user_angeltype = null, $user_ $signed_up = true; break; } + + $needed_angeltypes = NeededAngelTypes_by_shift($shift['SID']); + if ($needed_angeltypes === false) + engelsystem_error('Unable to load needed angel types.'); // is the shift still running or alternatively is the user shift admin? $user_may_join_shift = true; - // you cannot join if user alread joined a parallel or this shift + // you canot join if shift is full + foreach ($needed_angeltypes as $needed_angeltype) + if ($needed_angeltype['angel_type_id'] == $angeltype['id']) { + if ($needed_angeltype['taken'] >= $needed_angeltype['count']) + $user_may_join_shift = false; + break; + } + + // you cannot join if user alread joined a parallel or this shift $user_may_join_shift &= ! $collides; // you cannot join if you already singed up for this shift @@ -73,7 +85,7 @@ function Shift_signup_allowed($shift, $angeltype, $user_angeltype = null, $user_ * Delete a shift by its external id. */ function Shift_delete_by_psid($shift_psid) { - return sql_query("DELETE FROM `Shifts` WHERE `PSID`=" . sql_escape($shift_psid)); + return sql_query("DELETE FROM `Shifts` WHERE `PSID`='" . sql_escape($shift_psid) . "'"); } /** @@ -82,25 +94,28 @@ function Shift_delete_by_psid($shift_psid) { function Shift_delete($shift_id) { mail_shift_delete(Shift($shift_id)); - return sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id)); + return sql_query("DELETE FROM `Shifts` WHERE `SID`='" . sql_escape($shift_id) . "'"); } /** * Update a shift. */ function Shift_update($shift) { + global $user; $shift['name'] = ShiftType($shift['shifttype_id'])['name']; mail_shift_change(Shift($shift['SID']), $shift); return sql_query("UPDATE `Shifts` SET - `shifttype_id`=" . sql_escape($shift['shifttype_id']) . ", - `start`=" . sql_escape($shift['start']) . ", - `end`=" . sql_escape($shift['end']) . ", - `RID`=" . sql_escape($shift['RID']) . ", + `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "', + `start`='" . sql_escape($shift['start']) . "', + `end`='" . sql_escape($shift['end']) . "', + `RID`='" . sql_escape($shift['RID']) . "', `title`=" . sql_null($shift['title']) . ", `URL`=" . sql_null($shift['URL']) . ", - `PSID`=" . sql_null($shift['PSID']) . " - WHERE `SID`=" . sql_escape($shift['SID'])); + `PSID`=" . sql_null($shift['PSID']) . ", + `edited_by_user_id`='" . sql_escape($user['UID']) . "', + `edited_at_timestamp`=" . time() . " + WHERE `SID`='" . sql_escape($shift['SID']) . "'"); } /** @@ -122,14 +137,17 @@ function Shift_update_by_psid($shift) { * @return new shift id or false */ function Shift_create($shift) { + global $user; $result = sql_query("INSERT INTO `Shifts` SET - `shifttype_id`=" . sql_escape($shift['shifttype_id']) . ", - `start`=" . sql_escape($shift['start']) . ", - `end`=" . sql_escape($shift['end']) . ", - `RID`=" . sql_escape($shift['RID']) . ", + `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "', + `start`='" . sql_escape($shift['start']) . "', + `end`='" . sql_escape($shift['end']) . "', + `RID`='" . sql_escape($shift['RID']) . "', `title`=" . sql_null($shift['title']) . ", `URL`=" . sql_null($shift['URL']) . ", - `PSID`=" . sql_null($shift['PSID'])); + `PSID`=" . sql_null($shift['PSID']) . ", + `created_by_user_id`='" . sql_escape($user['UID']) . "', + `created_at_timestamp`=" . time()); if ($result === false) return false; return sql_id(); @@ -145,7 +163,7 @@ function Shifts_by_user($user) { JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `UID`=" . sql_escape($user['UID']) . " + WHERE `UID`='" . sql_escape($user['UID']) . "' ORDER BY `start` "); } @@ -161,7 +179,7 @@ function Shifts_filtered() { // filterRoom (Array of integer) - Array of Room IDs (optional, for list request) if (isset($_REQUEST['filterRoom']) && is_array($_REQUEST['filterRoom'])) { foreach ($_REQUEST['filterRoom'] as $key => $value) { - $filter .= ", `RID`=" . sql_escape($value) . " "; + $filter .= ", `RID`='" . sql_escape($value) . "' "; } } @@ -206,8 +224,8 @@ function Shift($id) { SELECT `Shifts`.*, `ShiftTypes`.`name` FROM `Shifts` JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) - WHERE `SID`=" . sql_escape($id)); - $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id)); + WHERE `SID`='" . sql_escape($id) . "'"); + $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($id) . "'"); if ($shifts_source === false) return false; |