diff options
Diffstat (limited to 'includes/pages')
| -rw-r--r-- | includes/pages/admin_active.php | 52 | ||||
| -rw-r--r-- | includes/pages/admin_arrive.php | 14 | ||||
| -rw-r--r-- | includes/pages/admin_free.php | 2 | ||||
| -rw-r--r-- | includes/pages/admin_groups.php | 13 | ||||
| -rw-r--r-- | includes/pages/admin_import.php | 22 | ||||
| -rw-r--r-- | includes/pages/admin_news.php | 37 | ||||
| -rw-r--r-- | includes/pages/admin_questions.php | 6 | ||||
| -rw-r--r-- | includes/pages/admin_rooms.php | 21 | ||||
| -rw-r--r-- | includes/pages/admin_shifts.php | 27 | ||||
| -rw-r--r-- | includes/pages/admin_user.php | 74 | ||||
| -rw-r--r-- | includes/pages/guest_login.php | 42 | ||||
| -rw-r--r-- | includes/pages/user_atom.php | 19 | ||||
| -rw-r--r-- | includes/pages/user_messages.php | 6 | ||||
| -rw-r--r-- | includes/pages/user_myshifts.php | 12 | ||||
| -rw-r--r-- | includes/pages/user_news.php | 40 | ||||
| -rw-r--r-- | includes/pages/user_questions.php | 6 | ||||
| -rw-r--r-- | includes/pages/user_settings.php | 13 | ||||
| -rw-r--r-- | includes/pages/user_shifts.php | 25 |
18 files changed, 262 insertions, 169 deletions
diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index be1217ff..d67af681 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -82,9 +82,13 @@ function admin_active() $limit = ''; $msg = success(_('Marked angels.'), true); } else { - $set_active = '<a href="' . page_link_to('admin_active') . '&serach=' . $search . '">« ' - . _('back') . '</a> | <a href="' - . page_link_to('admin_active') . '&search=' . $search . '&count=' . $count . '&set_active&ack">' + $set_active = '<a href="' . page_link_to('admin_active', ['search' => $search]) . '">« ' + . _('back') + . '</a> | <a href="' + . page_link_to( + 'admin_active', + ['search' => $search, 'count' => $count, 'set_active' => 1, 'ack' => 1] + ) . '">' . _('apply') . '</a>'; } @@ -176,28 +180,46 @@ function admin_active() $actions = []; if ($usr['Aktiv'] == 0) { - $actions[] = '<a href="' - . page_link_to('admin_active') . '&active=' . $usr['UID'] - . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' + $parameters = [ + 'active' => $usr['UID'], + 'search' => $search, + ]; + if ($show_all_shifts) { + $parameters['show_all_shifts'] = 1; + } + $actions[] = '<a href="' . page_link_to('admin_active', $parameters) . '">' . _('set active') . '</a>'; } if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) { - $actions[] = '<a href="' - . page_link_to('admin_active') . '&not_active=' . $usr['UID'] - . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' + $parametersRemove = [ + 'not_active' => $usr['UID'], + 'search' => $search, + ]; + $parametersShirt = [ + 'tshirt' => $usr['UID'], + 'search' => $search, + ]; + if ($show_all_shifts) { + $parametersRemove['show_all_shifts'] = 1; + $parametersShirt['show_all_shifts'] = 1; + } + $actions[] = '<a href="' . page_link_to('admin_active', $parametersRemove) . '">' . _('remove active') . '</a>'; - $actions[] = '<a href="' - . page_link_to('admin_active') . '&tshirt=' . $usr['UID'] - . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' + $actions[] = '<a href="' . page_link_to('admin_active', $parametersShirt) . '">' . _('got t-shirt') . '</a>'; } if ($usr['Tshirt'] == 1) { - $actions[] = '<a href="' - . page_link_to('admin_active') . '&not_tshirt=' . $usr['UID'] - . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' + $parameters = [ + 'not_tshirt' => $usr['UID'], + 'search' => $search, + ]; + if ($show_all_shifts) { + $parameters['show_all_shifts'] = 1; + } + $actions[] = '<a href="' . page_link_to('admin_active', $parameters) . '">' . _('remove t-shirt') . '</a>'; } diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index ebeccb8c..48e2c91f 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -23,7 +23,7 @@ function admin_arrive() $search = strip_request_item('search'); } - if ($request->has('reset') && preg_match('/^\d*$/', $request->input('reset'))) { + if ($request->has('reset') && preg_match('/^\d+$/', $request->input('reset'))) { $user_id = $request->input('reset'); $user_source = User($user_id); if ($user_source != null) { @@ -39,7 +39,7 @@ function admin_arrive() } else { $msg = error(_('Angel not found.'), true); } - } elseif ($request->has('arrived') && preg_match('/^\d*$/', $request->input('arrived'))) { + } elseif ($request->has('arrived') && preg_match('/^\d+$/', $request->input('arrived'))) { $user_id = $request->input('arrived'); $user_source = User($user_id); if ($user_source != null) { @@ -92,8 +92,14 @@ function admin_arrive() $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-'; $usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : ''; $usr['actions'] = $usr['Gekommen'] == 1 - ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _('reset') . '</a>' - : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _('arrived') . '</a>'; + ? '<a href="' . page_link_to( + 'admin_arrive', + ['reset' => $usr['UID'], 'search' => $search] + ) . '">' . _('reset') . '</a>' + : '<a href="' . page_link_to( + 'admin_arrive', + ['arrived' => $usr['UID'], 'search' => $search] + ) . '">' . _('arrived') . '</a>'; if ($usr['arrival_date'] > 0) { $day = date('Y-m-d', $usr['arrival_date']); diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php index ebf227a4..a3c0d17f 100644 --- a/includes/pages/admin_free.php +++ b/includes/pages/admin_free.php @@ -94,7 +94,7 @@ function admin_free() 'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'), 'actions' => in_array('admin_user', $privileges) - ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _('edit'), 'btn-xs') + ? button(page_link_to('admin_user', ['id' => $usr['UID']]), _('edit'), 'btn-xs') : '' ]; } diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index ea0d4dbc..e0260320 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -38,7 +38,8 @@ function admin_groups() 'name' => $group['Name'], 'privileges' => join(', ', $privileges_html), 'actions' => button( - page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], + page_link_to('admin_groups', + ['action' => 'edit', 'id' => $group['UID']]), _('edit'), 'btn-xs' ) @@ -80,7 +81,8 @@ function admin_groups() 'privileges[]', $privilege['desc'] . ' (' . $privilege['name'] . ')', $privilege['group_id'] != '', - $privilege['id'] + $privilege['id'], + 'privilege-' . $privilege['name'] ); $privileges_html .= sprintf( '<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>', @@ -93,7 +95,10 @@ function admin_groups() $privileges_form[] = form_submit('submit', _('Save')); $html .= page_with_title(_('Edit group'), [ - form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) + form( + $privileges_form, + page_link_to('admin_groups', ['action' => 'save', 'id' => $group_id]) + ) ]); } else { return error('No Group found.', true); @@ -108,7 +113,7 @@ function admin_groups() } $group = DB::selectOne('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]); - $privileges = $request->get('privileges'); + $privileges = $request->postData('privileges'); if (!is_array($privileges)) { $privileges = []; } diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index bda5ba93..e97f95e1 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -98,10 +98,12 @@ function admin_import() if ($valid) { redirect( - page_link_to('admin_import') - . '&step=check&shifttype_id=' . $shifttype_id - . '&add_minutes_end=' . $add_minutes_end - . '&add_minutes_start=' . $add_minutes_start + page_link_to('admin_import', [ + 'step' => 'check', + 'shifttype_id' => $shifttype_id, + 'add_minutes_end' => $add_minutes_end, + 'add_minutes_start' => $add_minutes_start, + ]) ); } else { $html .= div('well well-sm text-center', [ @@ -207,10 +209,12 @@ function admin_import() ], shifts_printable($events_deleted, $shifttypes)), form_submit('submit', _('Import')) ], - page_link_to('admin_import') - . '&step=import&shifttype_id=' . $shifttype_id - . '&add_minutes_end=' . $add_minutes_end - . '&add_minutes_start=' . $add_minutes_start + page_link_to('admin_import', [ + 'step' => 'import', + 'shifttype_id' => $shifttype_id, + 'add_minutes_end' => $add_minutes_end, + 'add_minutes_start' => $add_minutes_start, + ]) ); break; @@ -248,7 +252,7 @@ function admin_import() list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); foreach ($rooms_new as $room) { $result = Room_create($room, true, true); - + $rooms_import[trim($room)] = $result; } foreach ($rooms_deleted as $room) { diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 4eafd3e2..eb3a250e 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -7,7 +7,7 @@ use Engelsystem\Database\DB; */ function admin_news() { - global $user; + global $user, $privileges; $request = request(); if (!$request->has('action')) { @@ -30,21 +30,31 @@ function admin_news() case 'edit': $user_source = User($news['UID']); - $html .= form([ - form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])), - form_info(_('Author'), User_Nick_render($user_source)), - form_text('eBetreff', _('Subject'), $news['Betreff']), - form_textarea('eText', _('Message'), $news['Text']), - form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1), - form_submit('submit', _('Save')) - ], page_link_to('admin_news&action=save&id=' . $news_id)); + $html .= form( + [ + form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])), + form_info(_('Author'), User_Nick_render($user_source)), + form_text('eBetreff', _('Subject'), $news['Betreff']), + form_textarea('eText', _('Message'), $news['Text']), + form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1), + form_submit('submit', _('Save')) + ], + page_link_to('admin_news', ['action' => 'save', 'id' => $news_id]) + ); - $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">' + $html .= '<a class="btn btn-danger" href="' + . page_link_to('admin_news', ['action' => 'delete', 'id' => $news_id]) + . '">' . '<span class="glyphicon glyphicon-trash"></span> ' . _('Delete') . '</a>'; break; case 'save': + $text = $request->postData('eText'); + if (!in_array('admin_news_html', $privileges)) { + $text = strip_tags($text); + } + DB::update(' UPDATE `News` SET `Datum`=?, @@ -56,14 +66,15 @@ function admin_news() ', [ time(), - $request->post('eBetreff'), - $request->post('eText'), + strip_tags($request->postData('eBetreff')), + $text, $user['UID'], $request->has('eTreffen') ? 1 : 0, $news_id ] ); - engelsystem_log('News updated: ' . $request->post('eBetreff')); + + engelsystem_log('News updated: ' . $request->postData('eBetreff')); success(_('News entry updated.')); redirect(page_link_to('news')); break; diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 2b61b055..5f2e3a2b 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -52,9 +52,9 @@ function admin_questions() 'answer' => form([ form_textarea('answer', '', ''), form_submit('submit', _('Save')) - ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), + ], page_link_to('admin_questions', ['action' => 'answer', 'id' => $question['QID']])), 'actions' => button( - page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'], + page_link_to('admin_questions', ['action' => 'delete', 'id' => $question['QID']]), _('delete'), 'btn-xs' ) @@ -72,7 +72,7 @@ function admin_questions() 'answered_by' => User_Nick_render($answer_user_source), 'answer' => str_replace("\n", '<br />', $question['Answer']), 'actions' => button( - page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'], + page_link_to('admin_questions', ['action' => 'delete', 'id' => $question['QID']]), _('delete'), 'btn-xs' ) diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 6f3584d5..9e153bf1 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -25,8 +25,8 @@ function admin_rooms() 'from_pentabarf' => glyph_bool($room['FromPentabarf'] == 'Y'), 'public' => glyph_bool($room['show'] == 'Y'), 'actions' => table_buttons([ - button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _('edit'), 'btn-xs'), - button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _('delete'), 'btn-xs') + button(page_link_to('admin_rooms', ['show' => 'edit', 'id' => $room['RID']]), _('edit'), 'btn-xs'), + button(page_link_to('admin_rooms', ['show' => 'delete', 'id' => $room['RID']]), _('delete'), 'btn-xs') ]) ]; } @@ -107,11 +107,14 @@ function admin_rooms() } foreach ($angeltypes as $angeltype_id => $angeltype) { - if ( - $request->has('angeltype_count_' . $angeltype_id) - && preg_match('/^\d{1,4}$/', $request->input('angeltype_count_' . $angeltype_id)) - ) { - $angeltypes_count[$angeltype_id] = $request->input('angeltype_count_' . $angeltype_id); + $angeltypes_count[$angeltype_id] = 0; + $queryKey = 'angeltype_count_' . $angeltype_id; + if (!$request->has($queryKey)) { + continue; + } + + if (preg_match('/^\d{1,4}$/', $request->input($queryKey))) { + $angeltypes_count[$angeltype_id] = $request->input($queryKey); } else { $valid = false; $msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true); @@ -220,7 +223,7 @@ function admin_rooms() sprintf(_('Do you want to delete room %s?'), $name), buttons([ button( - page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', + page_link_to('admin_rooms', ['show' => 'delete', 'id' => $room_id, 'ack' => 1]), _('Delete'), 'delete btn-danger' ) @@ -231,7 +234,7 @@ function admin_rooms() return page_with_title(admin_rooms_title(), [ buttons([ - button(page_link_to('admin_rooms') . '&show=edit', _('add')) + button(page_link_to('admin_rooms', ['show' => 'edit']), _('add')) ]), msg(), table([ diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index b5079ed1..c77bd46d 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -19,6 +19,7 @@ function admin_shifts() { $valid = true; $request = request(); + $session = session(); $start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00'); $end = $start; $mode = 'single'; @@ -132,16 +133,14 @@ function admin_shifts() } elseif ($request->input('angelmode') == 'manually') { $angelmode = 'manually'; foreach ($types as $type) { - if ( - $request->has('type_' . $type['id']) - && preg_match('/^\d+$/', trim($request->input('type_' . $type['id']))) - ) { - $needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id'])); + if (preg_match('/^\d+$/', trim($request->input('type_' . $type['id'], 0)))) { + $needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id'], 0)); } else { $valid = false; error(sprintf(_('Please check the needed angels for team %s.'), $type['name'])); } } + if (array_sum($needed_angel_types) == 0) { $valid = false; error(_('There are 0 angels needed. Please enter the amounts of needed angels.')); @@ -272,8 +271,8 @@ function admin_shifts() } // Fürs Anlegen zwischenspeichern: - $_SESSION['admin_shifts_shifts'] = $shifts; - $_SESSION['admin_shifts_types'] = $needed_angel_types; + $session->set('admin_shifts_shifts', $shifts); + $session->set('admin_shifts_types', $needed_angel_types); $hidden_types = ''; foreach ($needed_angel_types as $type_id => $count) { @@ -303,16 +302,14 @@ function admin_shifts() } } elseif ($request->has('submit')) { if ( - !$request->has('admin_shifts_shifts') - || !isset($_SESSION['admin_shifts_types']) - || !is_array($_SESSION['admin_shifts_shifts']) - || !is_array($_SESSION['admin_shifts_types']) + !is_array($session->get('admin_shifts_shifts')) + || !is_array($session->get('admin_shifts_types')) ) { redirect(page_link_to('admin_shifts')); } $needed_angel_types_info = []; - foreach ($_SESSION['admin_shifts_shifts'] as $shift) { + foreach ($session->get('admin_shifts_shifts', []) as $shift) { $shift['URL'] = null; $shift['PSID'] = null; $shift_id = Shift_create($shift); @@ -324,7 +321,7 @@ function admin_shifts() . ' to ' . date('Y-m-d H:i', $shift['end']) ); - foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { + foreach ($session->get('admin_shifts_types', []) as $type_id => $count) { $angel_type_source = DB::selectOne(' SELECT * FROM `AngelTypes` @@ -350,8 +347,8 @@ function admin_shifts() success('Schichten angelegt.'); redirect(page_link_to('admin_shifts')); } else { - unset($_SESSION['admin_shifts_shifts']); - unset($_SESSION['admin_shifts_types']); + $session->remove('admin_shifts_shifts'); + $session->remove('admin_shifts_types'); } $rid = null; diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 6bdc8d71..0620155b 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -46,25 +46,27 @@ function admin_user() . 'Wenn T-Shirt ein \'Ja\' enthält, bedeutet dies, dass der Engel ' . 'bereits sein T-Shirt erhalten hat.<br /><br />' . "\n"; - $html .= '<form action="' . page_link_to('admin_user') . '&action=save&id=' . $user_id . '" method="post">' . "\n"; + $html .= '<form action="' + . page_link_to('admin_user', ['action' => 'save', 'id' => $user_id]) + . '" method="post">' . "\n"; $html .= '<table border="0">' . "\n"; $html .= '<input type="hidden" name="Type" value="Normal">' . "\n"; $html .= '<tr><td>' . "\n"; $html .= '<table>' . "\n"; - $html .= ' <tr><td>Nick</td><td>' . '<input type="text" size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Nick</td><td>' . '<input size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Last login</td><td><p class="help-block">' . date('Y-m-d H:i', $user_source['lastLogIn']) . '</p></td></tr>' . "\n"; - $html .= ' <tr><td>Name</td><td>' . '<input type="text" size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n"; - $html .= ' <tr><td>Vorname</td><td>' . '<input type="text" size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n"; - $html .= ' <tr><td>Alter</td><td>' . '<input type="text" size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n"; - $html .= ' <tr><td>Telefon</td><td>' . '<input type="text" size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n"; - $html .= ' <tr><td>Handy</td><td>' . '<input type="text" size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n"; - $html .= ' <tr><td>DECT</td><td>' . '<input type="text" size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Name</td><td>' . '<input size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Vorname</td><td>' . '<input size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Alter</td><td>' . '<input size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Telefon</td><td>' . '<input size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Handy</td><td>' . '<input size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>DECT</td><td>' . '<input size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n"; if ($user_source['email_by_human_allowed']) { - $html .= " <tr><td>email</td><td>" . '<input type="text" size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n"; + $html .= " <tr><td>email</td><td>" . '<input size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n"; } - $html .= " <tr><td>jabber</td><td>" . '<input type="text" size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n"; + $html .= " <tr><td>jabber</td><td>" . '<input size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Size</td><td>' . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . '</td></tr>' . "\n"; @@ -91,7 +93,7 @@ function admin_user() $html .= ' <tr><td>T-Shirt</td><td>' . "\n"; $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . '</td></tr>' . "\n"; - $html .= ' <tr><td>Hometown</td><td>' . '<input type="text" size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n"; + $html .= ' <tr><td>Hometown</td><td>' . '<input size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n"; $html .= '</table>' . "\n" . '</td><td valign="top"></td></tr>'; @@ -105,7 +107,8 @@ function admin_user() $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.')); $html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:<form action="' - . page_link_to('admin_user') . '&action=change_pw&id=' . $user_id . '" method="post">' . "\n"; + . page_link_to('admin_user', ['action' => 'change_pw', 'id' => $user_id]) + . '" method="post">' . "\n"; $html .= '<table>' . "\n"; $html .= ' <tr><td>Passwort</td><td>' . '<input type="password" size="40" name="new_pw" value="" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Wiederholung</td><td>' . '<input type="password" size="40" name="new_pw2" value="" class="form-control"></td></tr>' . "\n"; @@ -134,7 +137,8 @@ function admin_user() if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) { $html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:<form action="' - . page_link_to('admin_user') . '&action=save_groups&id=' . $user_id . '" method="post">' . "\n"; + . page_link_to('admin_user', ['action' => 'save_groups', 'id' => $user_id]) + . '" method="post">' . "\n"; $html .= '<table>'; $groups = DB::select(' @@ -175,11 +179,11 @@ function admin_user() switch ($request->input('action')) { case 'save_groups': if ($user_id != $user['UID']) { - $my_highest_group = DB::select( + $my_highest_group = DB::selectOne( 'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`', [$user['UID']] ); - $his_highest_group = DB::select( + $his_highest_group = DB::selectOne( 'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`', [$user_id] ); @@ -257,7 +261,7 @@ function admin_user() `Handy` = ?, `Alter` =?, `DECT` = ?, - ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->post('eemail')) . ',' : '') . ' + ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->postData('eemail')) . ',' : '') . ' `jabber` = ?, `Size` = ?, `Gekommen`= ?, @@ -268,34 +272,34 @@ function admin_user() WHERE `UID` = ? LIMIT 1'; DB::update($sql, [ - $request->post('eNick'), - $request->post('eName'), - $request->post('eVorname'), - $request->post('eTelefon'), - $request->post('eHandy'), - $request->post('eAlter'), - $request->post('eDECT'), - $request->post('ejabber'), - $request->post('eSize'), - $request->post('eGekommen'), - $request->post('eAktiv'), + User_validate_Nick($request->postData('eNick')), + $request->postData('eName'), + $request->postData('eVorname'), + $request->postData('eTelefon'), + $request->postData('eHandy'), + $request->postData('eAlter'), + $request->postData('eDECT'), + $request->postData('ejabber'), + $request->postData('eSize'), + $request->postData('eGekommen'), + $request->postData('eAktiv'), $force_active, - $request->post('eTshirt'), - $request->post('Hometown'), + $request->postData('eTshirt'), + $request->postData('Hometown'), $user_id, ]); engelsystem_log( - 'Updated user: ' . $request->post('eNick') . ', ' . $request->post('eSize') - . ', arrived: ' . $request->post('eVorname') - . ', active: ' . $request->post('eAktiv') - . ', tshirt: ' . $request->post('eTshirt') + 'Updated user: ' . $request->postData('eNick') . ', ' . $request->postData('eSize') + . ', arrived: ' . $request->postData('eVorname') + . ', active: ' . $request->postData('eAktiv') + . ', tshirt: ' . $request->postData('eTshirt') ); $html .= success('Änderung wurde gespeichert...' . "\n", true); break; case 'change_pw': - if ($request->post('new_pw') != '' && $request->post('new_pw') == $request->post('new_pw2')) { - set_password($user_id, $request->post('new_pw')); + if ($request->postData('new_pw') != '' && $request->postData('new_pw') == $request->postData('new_pw2')) { + set_password($user_id, $request->postData('new_pw')); $user_source = User($user_id); engelsystem_log('Set new password for ' . User_Nick_render($user_source)); $html .= success('Passwort neu gesetzt.', true); diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index f8c52767..9179c6c4 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -39,6 +39,7 @@ function guest_register() $min_password_length = config('min_password_length'); $event_config = EventConfig(); $request = request(); + $session = session(); $msg = ''; $nick = ''; @@ -127,8 +128,8 @@ function guest_register() } } - if ($request->has('password') && strlen($request->post('password')) >= $min_password_length) { - if ($request->post('password') != $request->post('password2')) { + if ($request->has('password') && strlen($request->postData('password')) >= $min_password_length) { + if ($request->postData('password') != $request->postData('password2')) { $valid = false; $msg .= error(_('Your passwords don\'t match.'), true); } @@ -226,15 +227,15 @@ function guest_register() $password_hash, $comment, $hometown, - $_SESSION['locale'], + $session->get('locale'), $planned_arrival_date, ] ); // Assign user-group and set password $user_id = DB::getPdo()->lastInsertId(); - DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]); - set_password($user_id, $request->post('password')); + DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -20)', [$user_id]); + set_password($user_id, $request->postData('password')); // Assign angel-types $user_angel_types_info = []; @@ -328,7 +329,7 @@ function guest_register() 'angel_types', _('What do you want to do?') . sprintf( ' (<a href="%s">%s</a>)', - page_link_to('angeltypes') . '&action=about', + page_link_to('angeltypes', ['action' => 'about']), _('Description of job types') ), $angel_types, @@ -377,32 +378,43 @@ function guest_register() ]); } +/** + * @return string + */ function entry_required() { return '<span class="text-info glyphicon glyphicon-warning-sign"></span>'; } +/** + * @return bool + */ function guest_logout() { - session_destroy(); + session()->invalidate(); redirect(page_link_to('start')); return true; } +/** + * @return string + */ function guest_login() { $nick = ''; $request = request(); - unset($_SESSION['uid']); + $session = session(); $valid = true; + $session->remove('uid'); + if ($request->has('submit')) { if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) { $nick = User_validate_Nick($request->input('nick')); $login_user = DB::selectOne('SELECT * FROM `User` WHERE `Nick`=?', [$nick]); if (!empty($login_user)) { if ($request->has('password')) { - if (!verify_password($request->post('password'), $login_user['Passwort'], $login_user['UID'])) { + if (!verify_password($request->postData('password'), $login_user['Passwort'], $login_user['UID'])) { $valid = false; error(_('Your password is incorrect. Please try it again.')); } @@ -420,8 +432,8 @@ function guest_login() } if ($valid && !empty($login_user)) { - $_SESSION['uid'] = $login_user['UID']; - $_SESSION['locale'] = $login_user['Sprache']; + $session->set('uid', $login_user['UID']); + $session->set('locale', $login_user['Sprache']); redirect(page_link_to('news')); } @@ -466,7 +478,10 @@ function guest_login() heading(_('What can I do?'), 2), '<p>' . _('Please read about the jobs you can do to help us.') . '</p>', buttons([ - button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' »') + button( + page_link_to('angeltypes', ['action' => 'about']), + _('Teams/Job description') . ' »' + ) ]) ]) ]) @@ -474,6 +489,9 @@ function guest_login() ]); } +/** + * @return string + */ function get_register_hint() { global $privileges; diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index a1e2580a..2991bdbf 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -1,6 +1,7 @@ <?php use Engelsystem\Database\DB; +use Engelsystem\Http\Request; /** * Publically available page to feed the news to feed readers @@ -44,14 +45,15 @@ function user_atom() */ function make_atom_entries_from_news($news_entries) { + $request = Request::getInstance(); $html = '<?xml version="1.0" encoding="utf-8"?> <feed xmlns="http://www.w3.org/2005/Atom"> <title>Engelsystem</title> - <id>' . $_SERVER['HTTP_HOST'] + <id>' . $request->getHttpHost() . htmlspecialchars(preg_replace( '#[&?]key=[a-f\d]{32}#', '', - $_SERVER['REQUEST_URI'] + $request->getRequestUri() )) . '</id> <updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . '</updated>' . "\n"; @@ -64,11 +66,12 @@ function make_atom_entries_from_news($news_entries) function make_atom_entry_from_news($news_entry) { - return ' <entry> + return ' + <entry> <title>' . htmlspecialchars($news_entry['Betreff']) . '</title> - <link href="' . page_link_to_absolute('news_comments&nid=') . $news_entry['ID'] . '"/> - <id>' . preg_replace('#^https?://#', '', page_link_to_absolute('news')) . '-' . $news_entry['ID'] . '</id> - <updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated> - <summary type="html">' . htmlspecialchars($news_entry['Text']) . '</summary> - </entry>' . "\n"; + <link href="' . page_link_to('news_comments', ['nid' => $news_entry['ID']]) . '"/> + <id>' . preg_replace('#^https?://#', '', page_link_to('news_comments', ['nid' => $news_entry['ID']])) . '</id> + <updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated> + <summary>' . htmlspecialchars($news_entry['Text']) . '</summary> + </entry>' . "\n"; } diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index 2dea6207..06ae7e75 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -92,14 +92,14 @@ function user_messages() if ($message['RUID'] == $user['UID']) { if ($message['isRead'] == 'N') { $messages_table_entry['actions'] = button( - page_link_to('user_messages') . '&action=read&id=' . $message['id'], + page_link_to('user_messages', ['action' => 'read', 'id' => $message['id']]), _('mark as read'), 'btn-xs' ); } } else { $messages_table_entry['actions'] = button( - page_link_to('user_messages') . '&action=delete&id=' . $message['id'], + page_link_to('user_messages', ['action' => 'delete', 'id' => $message['id']]), _('delete message'), 'btn-xs' ); @@ -119,7 +119,7 @@ function user_messages() 'text' => _('Message'), 'actions' => '' ], $messages_table) - ], page_link_to('user_messages') . '&action=send') + ], page_link_to('user_messages', ['action' => 'send'])) ]); } else { switch ($request->input('action')) { diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index 81f8f505..836bd566 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -37,16 +37,16 @@ function user_myshifts() if ($request->input('reset') == 'ack') { User_reset_api_key($user); success(_('Key changed.')); - redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']])); } return page_with_title(_('Reset API key'), [ error( _('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'), true ), - button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger') + button(page_link_to('user_myshifts', ['reset' => 'ack']), _('Continue'), 'btn-danger') ]); - } elseif ($request->has('edit') && preg_match('/^\d*$/', $request->input('edit'))) { + } elseif ($request->has('edit') && preg_match('/^\d+$/', $request->input('edit'))) { $user_id = $request->input('edit'); $shift = DB::selectOne(' SELECT @@ -106,7 +106,7 @@ function user_myshifts() . '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO') ); success(_('Shift saved.')); - redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']])); } } @@ -124,7 +124,7 @@ function user_myshifts() } else { redirect(page_link_to('user_myshifts')); } - } elseif ($request->has('cancel') && preg_match('/^\d*$/', $request->input('cancel'))) { + } elseif ($request->has('cancel') && preg_match('/^\d+$/', $request->input('cancel'))) { $user_id = $request->input('cancel'); $shift = DB::selectOne(' SELECT * @@ -164,6 +164,6 @@ function user_myshifts() } } - redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']])); return ''; } diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 3cf11a6b..b51b0a4c 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -35,8 +35,8 @@ function user_meetings() $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg(); $request = request(); - if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) { - $page = $request->input('page'); + if (preg_match('/^\d{1,}$/', $request->input('page', 0))) { + $page = $request->input('page', 0); } else { $page = 0; } @@ -57,14 +57,14 @@ function user_meetings() $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news); $html .= '<div class="text-center">' . '<ul class="pagination">'; for ($i = 0; $i < $dis_rows; $i++) { - if ($request->has('page') && $i == $request->input('page')) { + if ($request->has('page') && $i == $request->input('page', 0)) { $html .= '<li class="active">'; } elseif (!$request->has('page') && $i == 0) { $html .= '<li class="active">'; } else { $html .= '<li>'; } - $html .= '<a href="' . page_link_to('user_meetings') . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; + $html .= '<a href="' . page_link_to('user_meetings', ['page' => $i]) . '">' . ($i + 1) . '</a></li>'; } $html .= '</ul></div></div>'; @@ -89,7 +89,7 @@ function display_news($news) $html .= '<div class="panel-footer text-muted">'; if (in_array('admin_news', $privileges)) { $html .= '<div class="pull-right">' - . button_glyph(page_link_to('admin_news') . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') + . button_glyph(page_link_to('admin_news', ['action' => 'edit', 'id' => $news['ID']]), 'edit', 'btn-xs') . '</div>'; } $html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . ' '; @@ -98,7 +98,7 @@ function display_news($news) $html .= User_Nick_render($user_source); if ($page != 'news_comments') { - $html .= ' <a href="' . page_link_to('news_comments') . '&nid=' . $news['ID'] . '">' + $html .= ' <a href="' . page_link_to('news_comments', ['nid' => $news['ID']]) . '">' . '<span class="glyphicon glyphicon-comment"></span> ' . _('Comments') . ' »</a> ' . '<span class="badge">' @@ -154,7 +154,7 @@ function user_news_comments() $user_source = User($comment['UID']); $html .= '<div class="panel panel-default">'; - $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>'; + $html .= '<div class="panel-body">' . nl2br(htmlspecialchars($comment['Text'])) . '</div>'; $html .= '<div class="panel-footer text-muted">'; $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . ' '; $html .= User_Nick_render($user_source); @@ -166,7 +166,7 @@ function user_news_comments() $html .= form([ form_textarea('text', _('Message'), ''), form_submit('submit', _('Save')) - ], page_link_to('news_comments') . '&nid=' . $news['ID']); + ], page_link_to('news_comments', ['nid' => $news['ID']])); } else { $html .= _('Invalid request.'); } @@ -185,30 +185,36 @@ function user_news() $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg(); - $isMeeting = $request->post('treffen'); + $isMeeting = $request->postData('treffen'); if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) { - if (!$request->has('treffen') || !in_array('admin_news', $privileges)) { + if (!$request->has('treffen')) { $isMeeting = 0; } + + $text = $request->postData('text'); + if (!in_array('admin_news_html', $privileges)) { + $text = strip_tags($text); + } + DB::insert(' INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES (?, ?, ?, ?, ?) ', [ time(), - $request->post('betreff'), - $request->post('text'), + strip_tags($request->postData('betreff')), + $text, $user['UID'], $isMeeting, ] ); - engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $isMeeting); + engelsystem_log('Created news: ' . $request->postData('betreff') . ', treffen: ' . $isMeeting); success(_('Entry saved.')); redirect(page_link_to('news')); } - if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) { - $page = $request->input('page'); + if (preg_match('/^\d{1,}$/', $request->input('page', 0))) { + $page = $request->input('page', 0); } else { $page = 0; } @@ -229,14 +235,14 @@ function user_news() $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news); $html .= '<div class="text-center">' . '<ul class="pagination">'; for ($i = 0; $i < $dis_rows; $i++) { - if ($request->has('page') && $i == $request->input('page')) { + if ($request->has('page') && $i == $request->input('page', 0)) { $html .= '<li class="active">'; } elseif (!$request->has('page') && $i == 0) { $html .= '<li class="active">'; } else { $html .= '<li>'; } - $html .= '<a href="' . page_link_to('news') . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; + $html .= '<a href="' . page_link_to('news', ['page' => $i]) . '">' . ($i + 1) . '</a></li>'; } $html .= '</ul></div>'; diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index e4f35577..41fbe64d 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -33,7 +33,11 @@ function user_questions() $question['answer_user'] = User_Nick_render($answer_user_source); } - return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask'); + return Questions_view( + $open_questions, + $answered_questions, + page_link_to('user_questions', ['action' => 'ask']) + ); } else { switch ($request->input('action')) { case 'ask': diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index 7edee7b5..0ba8bbcb 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -84,7 +84,7 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) if ($valid) { User_update($user_source); - + success(_('Settings saved.')); redirect(page_link_to('user_settings')); } @@ -102,15 +102,15 @@ function user_settings_password($user_source) $request = request(); if ( !$request->has('password') - || !verify_password($request->post('password'), $user_source['Passwort'], $user_source['UID']) + || !verify_password($request->postData('password'), $user_source['Passwort'], $user_source['UID']) ) { error(_('-> not OK. Please try again.')); - } elseif (strlen($request->post('new_password')) < config('min_password_length')) { + } elseif (strlen($request->postData('new_password')) < config('min_password_length')) { error(_('Your password is to short (please use at least 6 characters).')); - } elseif ($request->post('new_password') != $request->post('new_password2')) { + } elseif ($request->postData('new_password') != $request->postData('new_password2')) { error(_('Your passwords don\'t match.')); } else { - set_password($user_source['UID'], $request->post('new_password')); + set_password($user_source['UID'], $request->postData('new_password')); success(_('Password saved.')); } redirect(page_link_to('user_settings')); @@ -164,6 +164,7 @@ function user_settings_locale($user_source, $locales) { $valid = true; $request = request(); + $session = session(); if ($request->has('language') && isset($locales[$request->input('language')])) { $user_source['Sprache'] = $request->input('language'); @@ -182,7 +183,7 @@ function user_settings_locale($user_source, $locales) $user_source['UID'], ] ); - $_SESSION['locale'] = $user_source['Sprache']; + $session->set('locale', $user_source['Sprache']); success('Language changed.'); redirect(page_link_to('user_settings')); diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 813cb9b3..2bd7688f 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -167,20 +167,23 @@ function view_user_shifts() { global $user, $privileges, $ical_shifts; + $session = session(); $ical_shifts = []; $days = load_days(); $rooms = load_rooms(); $types = load_types(); - if (!isset($_SESSION['ShiftsFilter'])) { + if (!$session->has('ShiftsFilter')) { $room_ids = [ $rooms[0]['id'] ]; $type_ids = array_map('get_ids_from_array', $types); - $_SESSION['ShiftsFilter'] = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids); + $shiftsFilter = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids); + $session->set('ShiftsFilter', $shiftsFilter); } - update_ShiftsFilter($_SESSION['ShiftsFilter'], in_array('user_shifts_admin', $privileges), $days); - $shiftsFilter = $_SESSION['ShiftsFilter']; + + $shiftsFilter = $session->get('ShiftsFilter'); + update_ShiftsFilter($shiftsFilter, in_array('user_shifts_admin', $privileges), $days); $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter); @@ -203,6 +206,11 @@ function view_user_shifts() $end_day = date('Y-m-d', $shiftsFilter->getEndTime()); $end_time = date('H:i', $shiftsFilter->getEndTime()); + $assignNotice = ''; + if (config('signup_requires_arrival') && !$user['Gekommen']) { + $assignNotice = info(render_user_arrived_hint(), true); + } + return page([ div('col-md-12', [ msg(), @@ -223,15 +231,16 @@ function view_user_shifts() 'task_notice' => '<sup>1</sup>' . _('The tasks shown here are influenced by the angeltypes you joined already!') - . ' <a href="' . page_link_to('angeltypes') . '&action=about' . '">' + . ' <a href="' . page_link_to('angeltypes', ['action' => 'about']) . '">' . _('Description of the jobs.') . '</a>', + 'assign_notice' => $assignNotice, 'shifts_table' => msg() . $shiftCalendarRenderer->render(), 'ical_text' => '<h2>' . _('iCal export') . '</h2><p>' . sprintf( _('Export of shown shifts. <a href="%s">iCal format</a> or <a href="%s">JSON format</a> available (please keep secret, otherwise <a href="%s">reset the api key</a>).'), - page_link_to_absolute('ical') . '&key=' . $user['api_key'], - page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], - page_link_to('user_myshifts') . '&reset' + page_link_to('ical', ['key' => $user['api_key']]), + page_link_to('shifts_json_export', ['key' => $user['api_key']]), + page_link_to('user_myshifts', ['reset' => 1]) ) . '</p>', 'filter' => _('Filter') ]) |