diff options
Diffstat (limited to 'includes/pages')
-rw-r--r-- | includes/pages/admin_angel_types.php | 183 | ||||
-rw-r--r-- | includes/pages/admin_rooms.php | 4 | ||||
-rw-r--r-- | includes/pages/admin_shifts.php | 2 | ||||
-rw-r--r-- | includes/pages/guest_login.php | 2 | ||||
-rw-r--r-- | includes/pages/user_myshifts.php | 2 | ||||
-rw-r--r-- | includes/pages/user_shifts.php | 8 |
6 files changed, 105 insertions, 96 deletions
diff --git a/includes/pages/admin_angel_types.php b/includes/pages/admin_angel_types.php index 0a7a721c..f9c39ebf 100644 --- a/includes/pages/admin_angel_types.php +++ b/includes/pages/admin_angel_types.php @@ -1,96 +1,105 @@ <?php - function admin_angel_types() { - $html = ""; - if (!isset ($_REQUEST['action'])) { - - $table = ""; - $angel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `Name`"); - - foreach ($angel_types as $angel_type) - $table .= sprintf( - '<tr><td>%s</td><td>%s</td><td>' - . '<a href="%s&action=edit&id=%s">Edit</a></td></tr>', - $angel_type['Name'], $angel_type['Man'], - page_link_to("admin_angel_types"), - $angel_type['TID'] - ); - - $html .= template_render('../templates/admin_angel_types.html', array ( - 'link' => page_link_to("admin_angel_types"), - 'table' => $table - )); - - } else { - - switch ($_REQUEST['action']) { - - case 'create' : - $name = strip_request_item("name"); - $man = strip_request_item("man"); - - sql_query("INSERT INTO `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "'"); - - header("Location: " . page_link_to("admin_angel_types")); - break; - - case 'edit' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing AngelType ID."); - - $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); - if (count($angel_type) > 0) { - list ($angel_type) = $angel_type; - - $html .= template_render( - '../templates/admin_angel_types_edit_form.html', array ( - 'link' => page_link_to("admin_angel_types"), - 'id' => $id, - 'name' => $angel_type['Name'], - 'man' => $angel_type['Man'] - )); - } else - return error("No Angel Type found."); - break; - - case 'save' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing AngelType ID."); - - $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); - if (count($angel_type) > 0) { - list ($angel_type) = $angel_type; - - $name = strip_request_item("name"); - $man = strip_request_item("man"); - - sql_query("UPDATE `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "' WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("admin_angel_types")); - } else - return error("No Angel Type found."); - break; + $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); + $angel_types = array (); + foreach ($angel_types_source as $angel_type) { + $angel_types[] = array ( + 'id' => $angel_type['id'], + 'name' => $angel_type['name'], + 'restricted' => $angel_type['restricted'] == 1 ? '✓' : '', + 'actions' => '<a class="action edit" href="' . page_link_to('admin_angel_types') . '&show=edit&id=' . $angel_type['id'] . '">edit</a> <a class="action delete" href="' . page_link_to('admin_angel_types') . '&show=delete&id=' . $angel_type['id'] . '">delete</a>' + ); + } - case 'delete' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing AngelType ID."); + if (isset ($_REQUEST['show'])) { + if (test_request_int('id')) { + $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($_REQUEST['id'])); + if (count($angel_type) > 0) { + $id = $_REQUEST['id']; + $name = $angel_type[0]['name']; + $restricted = $angel_type[0]['restricted']; + } else + redirect(page_link_to('admin_angel_types')); + } - $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); - if (count($angel_type) > 0) { - sql_query("DELETE FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); - sql_query("DELETE FROM `NeededAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("admin_angel_types")); - } else - return error("No Angel Type found."); - break; + if ($_REQUEST['show'] == 'edit') { + $msg = ""; + $name = ""; + $restricted = 0; + + if (isset ($_REQUEST['submit'])) { + $ok = true; + + if (isset ($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { + $name = strip_request_item('name'); + if (sql_num_query("SELECT * FROM `AngelTypes` WHERE NOT `id`=" . sql_escape(isset ($id) ? $id : 0) . " AND `name`='" . sql_escape(strip_request_item('name')) . "' LIMIT 1") > 0) { + $ok = false; + $msg .= error("This angel type name is already given.", true); + } + } else { + $ok = false; + $msg .= error("Please enter a name.", true); + } + + if (isset ($_REQUEST['restricted'])) + $restricted = 1; + + if ($ok) { + if (isset ($id)) + sql_query("UPDATE `AngelTypes` SET `name`='" . sql_escape($name) . "', `restricted`=" . sql_escape($restricted) . " WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + else + sql_query("INSERT INTO `AngelTypes` SET `name`='" . sql_escape($name) . "', `restricted`=" . sql_escape($restricted)); + + success("Angel type saved."); + redirect(page_link_to('admin_angel_types')); + } + } + + return page(array ( + buttons(array ( + button(page_link_to('admin_angel_types'), "Back", 'back') + )), + $msg, + form(array ( + form_text('name', 'Name', $name), + form_checkbox('restricted', 'Restricted', $restricted), + form_info("", "Restricted angel types can only be used by an angel if enabled by an archangel (double opt-in)."), + form_submit('submit', 'Save') + )) + )); } + elseif ($_REQUEST['show'] == 'delete') { + if (isset ($_REQUEST['ack'])) { + sql_query("DELETE FROM `NeededAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `ShiftEntry` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + success(sprintf("Angel type %s deleted.", $name)); + redirect(page_link_to('admin_angel_types')); + } + + return page(array ( + buttons(array ( + button(page_link_to('admin_angel_types'), "Back", 'back') + )), + sprintf("Do you want to delete angel type %s?", $name), + buttons(array ( + button(page_link_to('admin_angel_types') . '&show=delete&id=' . $id . '&ack', "Delete", 'delete') + )) + )); + } else + redirect(page_link_to('admin_angel_types')); } - return $html; + return page(array ( + buttons(array ( + button(page_link_to('admin_angel_types') . '&show=edit', "Add", 'add') + )), + msg(), + table(array ( + 'name' => "Name", + 'restricted' => "Restricted", + 'actions' => "" + ), $angel_types) + )); } ?> diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index c4e8ba46..e04e3697 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -63,7 +63,7 @@ function admin_rooms() { $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); if (count($room) > 0) { list ($room) = $room; - $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`TID` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`name`"); $angel_types = ""; foreach ($room_angel_types as $room_angel_type) { @@ -101,7 +101,7 @@ function admin_rooms() { $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); if (count($room) > 0) { list ($room) = $room; - $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`TID` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`name`"); $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index 94c6f38a..ebc503f1 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -21,7 +21,7 @@ function admin_shifts() { $room_array[$room['RID']] = $room['Name']; // Engeltypen laden - $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `Name`"); + $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $needed_angel_types = array (); foreach ($types as $type) $needed_angel_types[$type['TID']] = 0; diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 51afd9c5..47c1c0a7 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -168,7 +168,7 @@ function guest_register() { $html .= "<tr><td>" . Get_Text("makeuser_Engelart") . "</td><td align=\"left\">\n"; $html .= "<select name=\"Art\">\n"; - $engel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `NAME`"); + $engel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); foreach ($engel_types as $engel_type) { $Name = $engel_type['Name'] . Get_Text("inc_schicht_engel"); $html .= "<option value=\"" . $Name . "\""; diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index dd53d134..48c3b176 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -27,7 +27,7 @@ function user_myshifts() { } elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { $id = $_REQUEST['edit']; - $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`Name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`TID`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); + $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); if (count($shift) > 0) { $shift = $shift[0]; diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 668fe8b7..10a96278 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -36,7 +36,7 @@ function user_shifts() { $room_array[$room['RID']] = $room['Name']; // Engeltypen laden - $types = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `shift_id`=" . sql_escape($shift_id) . " ORDER BY `AngelTypes`.`Name`"); + $types = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) WHERE `shift_id`=" . sql_escape($shift_id) . " ORDER BY `AngelTypes`.`name`"); $needed_angel_types = array (); foreach ($types as $type) $needed_angel_types[$type['TID']] = $type['count']; @@ -162,7 +162,7 @@ function user_shifts() { else header("Location: " . page_link_to('user_shifts')); - $type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($type_id) . " LIMIT 1"); + $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1"); if (count($type) == 0) header("Location: " . page_link_to('user_shifts')); $type = $type[0]; @@ -240,9 +240,9 @@ function user_shifts() { $shift_row .= ' <a href="?p=user_shifts&edit_shift=' . $shift['SID'] . '">[edit]</a> <a href="?p=user_shifts&delete_shift=' . $shift['SID'] . '">[x]</a>'; $shift_row .= '<br />'; $show_shift = false; - $angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `shift_id`=" . sql_escape($shift['SID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`"); + $angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) WHERE `shift_id`=" . sql_escape($shift['SID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`name`"); if (count($angeltypes) == 0) - $angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`"); + $angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`name`"); if (count($angeltypes) > 0) { $my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0; |