18 files changed, 619 insertions, 561 deletions

diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php
index 08c436fc..e3fa0996 100644
--- a/includes/pages/admin_active.php
+++ b/includes/pages/admin_active.php
@@ -1,22 +1,27 @@
 <?php
+
 function admin_active_title() {
   return _("Active angels");
 }
 
 function admin_active() {
   global $tshirt_sizes, $shift_sum_formula;
-
+  
   $msg = "";
   $search = "";
   $forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1");
   $count = $forced_count;
   $limit = "";
   $set_active = "";
+  
   if (isset($_REQUEST['search']))
     $search = strip_request_item('search');
+  
+  $show_all_shifts = isset($_REQUEST['show_all_shifts']);
+  
   if (isset($_REQUEST['set_active'])) {
     $ok = true;
-
+    
     if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) {
       $count = strip_request_item('count');
       if ($count < $forced_count) {
@@ -27,7 +32,7 @@ function admin_active() {
       $ok = false;
       $msg .= error(_("Please enter a number of angels to be marked as active."), true);
     }
-
+    
     if ($ok)
       $limit = " LIMIT " . $count;
     if (isset($_REQUEST['ack'])) {
@@ -42,23 +47,24 @@ function admin_active() {
           ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
       $user_nicks = array();
       foreach ($users as $usr) {
-        sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
+        sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'");
         $user_nicks[] = User_Nick_render($usr);
       }
+      sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE");
       engelsystem_log("These angels are active now: " . join(", ", $user_nicks));
-
+      
       $limit = "";
       $msg = success(_("Marked angels."), true);
     } else {
       $set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">' . _("apply") . '</a>';
     }
   }
-
+  
   if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
     $id = $_REQUEST['active'];
     $user_source = User($id);
     if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
       engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
       $msg = success(_("Angel has been marked as active."), true);
     } else
@@ -67,7 +73,7 @@ function admin_active() {
     $id = $_REQUEST['not_active'];
     $user_source = User($id);
     if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
       engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
       $msg = success(_("Angel has been marked as not active."), true);
     } else
@@ -76,7 +82,7 @@ function admin_active() {
     $id = $_REQUEST['tshirt'];
     $user_source = User($id);
     if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
       engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
       $msg = success(_("Angel has got a t-shirt."), true);
     } else
@@ -85,21 +91,22 @@ function admin_active() {
     $id = $_REQUEST['not_tshirt'];
     $user_source = User($id);
     if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
       engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
       $msg = success(_("Angel has got no t-shirt."), true);
     } else
       $msg = error(_("Angel not found."), true);
   }
-
+  
   $users = sql_select("
       SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` 
       FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` 
       LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` 
-      WHERE `User`.`Gekommen` = 1 
+      WHERE `User`.`Gekommen` = 1
+      " . ($show_all_shifts ? "" : "AND (`Shifts`.`end` < " . time() . " OR `Shifts`.`end` IS NULL)") . "
       GROUP BY `User`.`UID` 
       ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
-
+  
   $matched_users = array();
   if ($search == "")
     $tokens = array();
@@ -123,41 +130,47 @@ function admin_active() {
     $usr['active'] = glyph_bool($usr['Aktiv'] == 1);
     $usr['force_active'] = glyph_bool($usr['force_active'] == 1);
     $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1);
-
+    
     $actions = array();
     if ($usr['Aktiv'] == 0)
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . '&amp;search=' . $search . '">' . _("set active") . '</a>';
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("set active") . '</a>';
     if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . '&amp;search=' . $search . '">' . _("remove active") . '</a>';
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>';
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove active") . '</a>';
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>';
     }
     if ($usr['Tshirt'] == 1)
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>';
-
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>';
+    
     $usr['actions'] = join(' ', $actions);
-
+    
     $matched_users[] = $usr;
   }
-
-  $shirt_statistics = sql_select("
-      SELECT `Size`, count(`Size`) AS `count`
-      FROM `User`
-      WHERE `Tshirt`=1
-      GROUP BY `Size`
-      ORDER BY `count` DESC");
-  $shirt_statistics[] = array(
-      'Size' => '<b>' . _("Sum") . '</b>',
-      'count' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>'
-  );
-
+  
+  $shirt_statistics = [];
+  foreach ($tshirt_sizes as $size => $_) {
+    if ($size != '') {
+      $shirt_statistics[] = [
+          'size' => $size,
+          'needed' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Gekommen`=1"),
+          'given' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Tshirt`=1") 
+      ];
+    }
+  }
+  $shirt_statistics[] = [
+      'size' => '<b>' . _("Sum") . '</b>',
+      'needed' => '<b>' . User_arrived_count() . '</b>',
+      'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' 
+  ];
+  
   return page_with_title(admin_active_title(), array(
       form(array(
           form_text('search', _("Search angel:"), $search),
-          form_submit('submit', _("Search"))
-      )),
+          form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts),
+          form_submit('submit', _("Search")) 
+      ), page_link_to('admin_active')),
       $set_active == "" ? form(array(
           form_text('count', _("How much angels should be active?"), $count),
-          form_submit('set_active', _("Preview"))
+          form_submit('set_active', _("Preview")) 
       )) : $set_active,
       msg(),
       table(array(
@@ -168,13 +181,14 @@ function admin_active() {
           'active' => _("Active?"),
           'force_active' => _("Forced"),
           'tshirt' => _("T-shirt?"),
-          'actions' => ""
+          'actions' => "" 
       ), $matched_users),
-      '<h2>' . _("Given shirts") . '</h2>',
+      '<h2>' . _("Shirt statistics") . '</h2>',
       table(array(
-          'Size' => _("Size"),
-          'count' => _("Count")
-      ), $shirt_statistics)
+          'size' => _("Size"),
+          'needed' => _("Needed shirts"),
+          'given' => _("Given shirts") 
+      ), $shirt_statistics) 
   ));
 }
 ?>
diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php
index bec1ae56..64cf785d 100644
--- a/includes/pages/admin_arrive.php
+++ b/includes/pages/admin_arrive.php
@@ -1,4 +1,5 @@
 <?php
+
 function admin_arrive_title() {
   return _("Arrived angels");
 }
@@ -13,7 +14,7 @@ function admin_arrive() {
     $id = $_REQUEST['reset'];
     $user_source = User($id);
     if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
       engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
       $msg = success(_("Reset done. Angel has not arrived."), true);
     } else
@@ -22,7 +23,7 @@ function admin_arrive() {
     $id = $_REQUEST['arrived'];
     $user_source = User($id);
     if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
       engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
       $msg = success(_("Angel has been marked as arrived."), true);
     } else
@@ -30,10 +31,12 @@ function admin_arrive() {
   }
   
   $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
+  $arrival_count_at_day = [];
+  $departure_count_at_day = [];
   $table = "";
-  $users_matched = array();
+  $users_matched = [];
   if ($search == "")
-    $tokens = array();
+    $tokens = [];
   else
     $tokens = explode(" ", $search);
   foreach ($users as $usr) {
@@ -48,18 +51,53 @@ function admin_arrive() {
       if (! $match)
         continue;
     }
-    $table .= '<tr>';
-    $table .= '<td>' . User_Nick_render($usr) . '</td>';
+    
     $usr['nick'] = User_Nick_render($usr);
+    if ($usr['planned_departure_date'] != null)
+      $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']);
+    else
+      $usr['rendered_planned_departure_date'] = '-';
+    $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
+    $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
     $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
     $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>';
-    if ($usr['Gekommen'] == 1)
-      $table .= '<td>yes</td><td><a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">reset</a></td>';
-    else
-      $table .= '<td></td><td><a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">arrived</a></td>';
-    $table .= '</tr>';
+    
+    $day = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : date('Y-m-d', $usr['planned_arrival_date']);
+    if (! isset($arrival_count_at_day[$day]))
+      $arrival_count_at_day[$day] = 0;
+    if (! isset($departure_count_at_day[$day]))
+      $departure_count_at_day[$day] = 0;
+    $arrival_count_at_day[$day] ++;
+    
+    if ($usr['planned_departure_date'] != null) {
+      $day = date('Y-m-d', $usr['planned_departure_date']);
+      if (! isset($arrival_count_at_day[$day]))
+        $arrival_count_at_day[$day] = 0;
+      if (! isset($departure_count_at_day[$day]))
+        $departure_count_at_day[$day] = 0;
+      $departure_count_at_day[$day] ++;
+    }
+    
     $users_matched[] = $usr;
   }
+
+  ksort($arrival_count_at_day);
+  ksort($departure_count_at_day);
+  
+  $arrival_count = [];
+  $arrival_sums = [];
+  $arrival_sum = 0;
+  foreach ($arrival_count_at_day as $day => $count) {
+    $arrival_sum += $count - $departure_count_at_day[$day];
+    $arrival_sums[$day] = $arrival_sum;
+    $arrival_count[] = [
+        'day' => $day,
+        'count' => $count,
+        'sum' => $arrival_sum,
+        'departure' => isset($departure_count_at_day[$day]) ? $departure_count_at_day[$day] : 0 
+    ];
+  }
+  
   return page_with_title(admin_arrive_title(), array(
       msg(),
       form(array(
@@ -68,9 +106,45 @@ function admin_arrive() {
       )),
       table(array(
           'nick' => _("Nickname"),
+          'rendered_planned_arrival_date' => _("Planned arrival"),
           'arrived' => _("Arrived?"),
+          'rendered_arrival_date' => _("Arrival date"),
+          'rendered_planned_departure_date' => _("Planned departure"),
           'actions' => "" 
-      ), $users_matched) 
+      ), $users_matched),
+      heading(_("Arrival statistics"), 2),
+      '<canvas id="daily_arrives" style="width: 100%; height: 300px;"></canvas>
+      <script type="text/javascript">
+      $(function(){
+        var ctx = $("#daily_arrives").get(0).getContext("2d");
+        var chart = new Chart(ctx).Bar(' . json_encode(array(
+          'labels' => array_keys($arrival_count_at_day),
+          'datasets' => array(
+              array(
+                  'label' => _("arrived"),
+                  'fillColor' => "#090",
+                  'data' => array_values($arrival_count_at_day) 
+              ),
+              array(
+                  'label' => _("arrived sum"),
+                  'fillColor' => "#888",
+                  'data' => array_values($arrival_sums) 
+              ),
+              array(
+                  'label' => _("planned departure"),
+                  'fillColor' => "#900",
+                  'data' => array_values($departure_count_at_day) 
+              ) 
+          ) 
+      )) . ');
+      });
+      </script>',
+      table(array(
+          'day' => _("Date"),
+          'count' => _("arrived"),
+          'sum' => _("arrived sum"),
+          'departure' => _("planned departure") 
+      ), $arrival_count) 
   ));
 }
 ?>
diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php
index b56da4d1..227769dc 100644
--- a/includes/pages/admin_free.php
+++ b/includes/pages/admin_free.php
@@ -32,7 +32,7 @@ function admin_free() {
       FROM `User` 
       ${angeltypesearch} 
       LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` 
-      LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < " . sql_escape(time()) . " AND `Shifts`.`end` > " . sql_escape(time()) . ") 
+      LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "') 
       WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL 
       GROUP BY `User`.`UID` 
       ORDER BY `Nick`");
diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php
index 3133cf8b..f43c63e9 100644
--- a/includes/pages/admin_groups.php
+++ b/includes/pages/admin_groups.php
@@ -11,7 +11,7 @@ function admin_groups() {
   if (! isset($_REQUEST["action"])) {
     $groups_table = array();
     foreach ($groups as $group) {
-      $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
+      $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
       $privileges_html = array();
       
       foreach ($privileges as $priv)
@@ -39,10 +39,10 @@ function admin_groups() {
         else
           return error("Incomplete call, missing Groups ID.", true);
         
-        $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+        $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
         if (count($room) > 0) {
           list($room) = $room;
-          $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
+          $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`");
           $privileges_html = "";
           $privileges_form = array();
           foreach ($privileges as $priv) {
@@ -64,18 +64,18 @@ function admin_groups() {
         else
           return error("Incomplete call, missing Groups ID.", true);
         
-        $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+        $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
         if (! is_array($_REQUEST['privileges']))
           $_REQUEST['privileges'] = array();
         if (count($room) > 0) {
           list($room) = $room;
-          sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
+          sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'");
           $privilege_names = array();
           foreach ($_REQUEST['privileges'] as $priv) {
             if (preg_match("/^[0-9]{1,}$/", $priv)) {
-              $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv) . " LIMIT 1");
+              $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
               if (count($group_privileges_source) > 0) {
-                sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
+                sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($id) . "', `privilege_id`='" . sql_escape($priv) . "'");
                 $privilege_names[] = $group_privileges_source[0]['name'];
               }
             }
diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php
index 786ea08b..63104026 100644
--- a/includes/pages/admin_import.php
+++ b/includes/pages/admin_import.php
@@ -162,7 +162,9 @@ function admin_import() {
       
       list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
       foreach ($rooms_new as $room) {
-        sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($room) . "', `FromPentabarf`='Y', `Show`='Y'");
+        $result = Room_create($room, true, true);
+        if ($result === false)
+          engelsystem_error('Unable to create room.');
         $rooms_import[trim($room)] = sql_id();
       }
       foreach ($rooms_deleted as $room)
diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php
index 0653a045..1c435a14 100644
--- a/includes/pages/admin_news.php
+++ b/includes/pages/admin_news.php
@@ -11,7 +11,7 @@ function admin_news() {
     else
       return error("Incomplete call, missing News ID.", true);
     
-    $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+    $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
     if (count($news) > 0) {
       switch ($_REQUEST["action"]) {
         default:
@@ -38,7 +38,13 @@ function admin_news() {
         case 'save':
           list($news) = $news;
           
-          sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+          sql_query("UPDATE `News` SET 
+              `Datum`='" . sql_escape(time()) . "', 
+              `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', 
+              `Text`='" . sql_escape($_POST["eText"]) . "', 
+              `UID`='" . sql_escape($user['UID']) . "', 
+              `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' 
+              WHERE `ID`='" . sql_escape($id) . "'");
           engelsystem_log("News updated: " . $_POST["eBetreff"]);
           success(_("News entry updated."));
           redirect(page_link_to("news"));
@@ -47,7 +53,7 @@ function admin_news() {
         case 'delete':
           list($news) = $news;
           
-          sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+          sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
           engelsystem_log("News deleted: " . $news['Betreff']);
           success(_("News entry deleted."));
           redirect(page_link_to("news"));
diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php
index 6d141251..e2fef880 100644
--- a/includes/pages/admin_questions.php
+++ b/includes/pages/admin_questions.php
@@ -82,12 +82,12 @@ function admin_questions() {
         else
           return error("Incomplete call, missing Question ID.", true);
 
-        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
         if (count($question) > 0 && $question[0]['AID'] == null) {
           $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
 
           if ($answer != "") {
-            sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+            sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
             engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
             redirect(page_link_to("admin_questions"));
           } else
@@ -101,9 +101,9 @@ function admin_questions() {
         else
           return error("Incomplete call, missing Question ID.", true);
 
-        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
         if (count($question) > 0) {
-          sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+          sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
           engelsystem_log("Question deleted: " . $question[0]['Question']);
           redirect(page_link_to("admin_questions"));
         } else
diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php
index 1c10321e..2d5e5ae4 100644
--- a/includes/pages/admin_rooms.php
+++ b/includes/pages/admin_rooms.php
@@ -1,11 +1,12 @@
 <?php
+
 function admin_rooms_title() {
   return _("Rooms");
 }
 
 function admin_rooms() {
   global $user;
-
+  
   $rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
   $rooms = array();
   foreach ($rooms_source as $room)
@@ -15,17 +16,17 @@ function admin_rooms() {
         'public' => $room['show'] == 'Y' ? '&#10003;' : '',
         'actions' => buttons(array(
             button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'),
-            button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs')
-        ))
+            button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') 
+        )) 
     );
-
+  
   if (isset($_REQUEST['show'])) {
     $msg = "";
     $name = "";
     $from_pentabarf = "";
     $public = 'Y';
     $number = "";
-
+    
     $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
     $angeltypes = array();
     $angeltypes_count = array();
@@ -33,47 +34,47 @@ function admin_rooms() {
       $angeltypes[$angeltype['id']] = $angeltype['name'];
       $angeltypes_count[$angeltype['id']] = 0;
     }
-
+    
     if (test_request_int('id')) {
-      $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($_REQUEST['id']));
+      $room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'");
       if (count($room) > 0) {
         $id = $_REQUEST['id'];
         $name = $room[0]['Name'];
         $from_pentabarf = $room[0]['FromPentabarf'];
         $public = $room[0]['show'];
-        $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
+        $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
         foreach ($needed_angeltypes as $needed_angeltype)
           $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
       } else
         redirect(page_link_to('admin_rooms'));
     }
-
+    
     if ($_REQUEST['show'] == 'edit') {
       if (isset($_REQUEST['submit'])) {
         $ok = true;
-
+        
         if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0)
           $name = strip_request_item('name');
         else {
           $ok = false;
           $msg .= error(_("Please enter a name."), true);
         }
-
+        
         if (isset($_REQUEST['from_pentabarf']))
           $from_pentabarf = 'Y';
         else
           $from_pentabarf = '';
-
+        
         if (isset($_REQUEST['public']))
           $public = 'Y';
         else
           $public = '';
-
+        
         if (isset($_REQUEST['number']))
           $number = strip_request_item('number');
         else
           $ok = false;
-
+        
         foreach ($angeltypes as $angeltype_id => $angeltype) {
           if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id]))
             $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
@@ -82,27 +83,30 @@ function admin_rooms() {
             $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
           }
         }
-
+        
         if ($ok) {
           if (isset($id)) {
-            sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
+            sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
             engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
           } else {
-            sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "'");
-            $id = sql_id();
+            $id = Room_create($name, $from_pentabarf, $public, $number);
+            if ($id === false)
+              engelsystem_error("Unable to create room.");
             engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
           }
-
-          sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
+          
+          sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
           $needed_angeltype_info = array();
           foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
-            $angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($angeltype_id) . " LIMIT 1");
-            if (count($angeltype_source) > 0) {
-              sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($id) . ", `angel_type_id`=" . sql_escape($angeltype_id) . ", `count`=" . sql_escape($angeltype_count));
-              $needed_angeltype_info[] = $angeltypes_source[0]['name'] . ": " . $angeltype_count;
+            $angeltype = AngelType($angeltype_id);
+            if ($angeltype === false)
+              engelsystem_error("Unable to load angeltype.");
+            if ($angeltype != null) {
+              sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
+              $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
             }
           }
-
+          
           engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info));
           success(_("Room saved."));
           redirect(page_link_to("admin_rooms"));
@@ -110,66 +114,68 @@ function admin_rooms() {
       }
       $angeltypes_count_form = array();
       foreach ($angeltypes as $angeltype_id => $angeltype)
-        $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id])));
-
+        $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(
+            form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) 
+        ));
+      
       return page_with_title(admin_rooms_title(), array(
           buttons(array(
-              button(page_link_to('admin_rooms'), _("back"), 'back')
+              button(page_link_to('admin_rooms'), _("back"), 'back') 
           )),
           $msg,
           form(array(
-          div('row', array(
-              div('col-md-6', array(
-                  form_text('name', _("Name"), $name),
-                  form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf),
-                  form_checkbox('public', _("Public"), $public),
-                  form_text('number', _("Room number"), $number)
-              )),
-              div('col-md-6', array(
-                div('row', array(
-                  div('col-md-12', array(
-                    form_info(_("Needed angels:")),
+              div('row', array(
+                  div('col-md-6', array(
+                      form_text('name', _("Name"), $name),
+                      form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf),
+                      form_checkbox('public', _("Public"), $public),
+                      form_text('number', _("Room number"), $number) 
                   )),
-                  join($angeltypes_count_form)
-                ))
-              ))
-          )),
-          form_submit('submit', _("Save"))
-          ))
+                  div('col-md-6', array(
+                      div('row', array(
+                          div('col-md-12', array(
+                              form_info(_("Needed angels:")) 
+                          )),
+                          join($angeltypes_count_form) 
+                      )) 
+                  )) 
+              )),
+              form_submit('submit', _("Save")) 
+          )) 
       ));
     } elseif ($_REQUEST['show'] == 'delete') {
       if (isset($_REQUEST['ack'])) {
-        sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
-        sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id) . " LIMIT 1");
-
+        sql_query("DELETE FROM `Room` WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
+        sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "' LIMIT 1");
+        
         engelsystem_log("Room deleted: " . $name);
         success(sprintf(_("Room %s deleted."), $name));
         redirect(page_link_to('admin_rooms'));
       }
-
+      
       return page_with_title(admin_rooms_title(), array(
           buttons(array(
-              button(page_link_to('admin_rooms'), _("back"), 'back')
+              button(page_link_to('admin_rooms'), _("back"), 'back') 
           )),
           sprintf(_("Do you want to delete room %s?"), $name),
           buttons(array(
-              button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete')
-          ))
+              button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete') 
+          )) 
       ));
     }
   }
-
+  
   return page_with_title(admin_rooms_title(), array(
       buttons(array(
-          button(page_link_to('admin_rooms') . '&show=edit', _("add"))
+          button(page_link_to('admin_rooms') . '&show=edit', _("add")) 
       )),
       msg(),
       table(array(
           'name' => _("Name"),
           'from_pentabarf' => _("Frab import"),
           'public' => _("Public"),
-          'actions' => ""
-      ), $rooms)
+          'actions' => "" 
+      ), $rooms) 
   ));
 }
 ?>
diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php
index 733144b3..346e9046 100644
--- a/includes/pages/admin_shifts.php
+++ b/includes/pages/admin_shifts.php
@@ -10,7 +10,7 @@ function admin_shifts() {
   
   $rid = 0;
   $start = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d") . " 00:00")->getTimestamp();
-  $end = $start + 24 * 60 * 60;
+  $end = $start;
   $mode = 'single';
   $angelmode = 'manually';
   $length = '';
@@ -143,7 +143,7 @@ function admin_shifts() {
     if ($ok) {
       if ($angelmode == 'location') {
         $needed_angel_types = array();
-        $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid));
+        $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
         foreach ($needed_angel_types_location as $type)
           $needed_angel_types[$type['angel_type_id']] = $type['count'];
       }
@@ -206,7 +206,7 @@ function admin_shifts() {
               'start' => $shift_start,
               'end' => $shift_end,
               'RID' => $rid,
-              'name' => $title,
+              'title' => $title,
               'shifttype_id' => $shifttype_id 
           );
           
@@ -269,12 +269,12 @@ function admin_shifts() {
       if ($shift_id === false)
         engelsystem_error('Unable to create shift.');
       
-      engelsystem_log("Shift created: " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
+      engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
       $needed_angel_types_info = array();
       foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
-        $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1");
+        $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
         if (count($angel_type_source) > 0) {
-          sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
+          sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
           $needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count;
         }
       }
@@ -293,7 +293,7 @@ function admin_shifts() {
   $room_select = html_select_key('rid', 'rid', $room_array, $_REQUEST['rid']);
   $angel_types = "";
   foreach ($types as $type)
-    $angel_types .= form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]);
+    $angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>';
   
   return page_with_title(admin_shifts_title(), array(
       msg(),
@@ -316,7 +316,7 @@ function admin_shifts() {
           form_info(_("Needed angels"), ''),
           form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
           form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
-          $angel_types,
+          '<div class="row">'.$angel_types.'</div>',
           '</div>',
           '</div>',
           form_submit('preview', _("Preview")) 
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 4e10ca1e..ee244925 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -9,224 +9,174 @@ function admin_user() {
   
   $html = '';
   
-  if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
-    $id = $_REQUEST['id'];
-    if (! isset($_REQUEST['action'])) {
-      $html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
-      
-      $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
-      $html .= "<table border=\"0\">\n";
-      $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
-      
-      $SQL = "SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "'";
-      $Erg = sql_query($SQL);
-      list($user_source) = sql_select($SQL);
-      
-      $html .= "<tr><td>\n";
-      $html .= "<table>\n";
-      $html .= "  <tr><td>Nick</td><td>" . "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" . $user_source['Nick'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>lastLogIn</td><td>" . date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
-      $html .= "  <tr><td>Name</td><td>" . "<input type=\"text\" size=\"40\" name=\"eName\" value=\"" . $user_source['Name'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>Vorname</td><td>" . "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" . $user_source['Vorname'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>Alter</td><td>" . "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" . $user_source['Alter'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>Telefon</td><td>" . "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" . $user_source['Telefon'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
-      $html .= "<tr><td>".form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $user_source['email_shiftinfo']) . "</td></tr>\n";
-      $html .= "  <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
-      $html .= "  <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
-      
-      $options = array(
-          '1' => "Yes",
-          '0' => "No" 
-      );
-      
-      // Gekommen?
-      $html .= "  <tr><td>Gekommen</td><td>\n";
-      $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
-      
-      // Aktiv?
-      $html .= "  <tr><td>Aktiv</td><td>\n";
-      $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
-      
-      // Aktiv erzwingen
-      if (in_array('admin_active', $privileges)) {
-        $html .= "  <tr><td>" . _("Force active") . "</td><td>\n";
-        $html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n";
-      }
-      
-      // T-Shirt bekommen?
-      $html .= "  <tr><td>T-Shirt</td><td>\n";
-      $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
-      
-      $html .= "  <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n";
-      
-      $html .= "</table>\n</td><td valign=\"top\">" . User_Avatar_render($user_source) . "</td></tr>";
-      
-      $html .= "</td></tr>\n";
-      $html .= "</table>\n<br />\n";
-      $html .= "<input type=\"submit\" value=\"Speichern\">\n";
-      $html .= "</form>";
-      
-      $html .= "<hr />";
-      
-      // UserAngelType subform
-      list($user_source) = sql_select($SQL);
-      
-      $selected_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
-      $accepted_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `confirm_user_id` IS NOT NULL");
-      $nonrestricted_angel_types = sql_select_single_col("SELECT `id` FROM `AngelTypes` WHERE `restricted` = 0");
-      
-      $angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
-      $angel_types = array();
-      foreach ($angel_types_source as $angel_type)
-        $angel_types[$angel_type['id']] = $angel_type['name'];
-      
-      if (isset($_REQUEST['submit_user_angeltypes'])) {
-        $selected_angel_types = isset($_REQUEST['selected_angel_types']) && is_array($_REQUEST['selected_angel_types']) ? array_intersect($_REQUEST['selected_angel_types'], array_keys($angel_types)) : array();
-        $accepted_angel_types = isset($_REQUEST['accepted_angel_types']) && is_array($_REQUEST['accepted_angel_types']) ? array_unique(array_diff(array_intersect($_REQUEST['accepted_angel_types'], array_keys($angel_types)), $nonrestricted_angel_types)) : array();
-        if (in_array("admin_user_angeltypes", $privileges))
-          $selected_angel_types = array_merge((array) $selected_angel_types, $accepted_angel_types);
-        $selected_angel_types = array_unique($selected_angel_types);
-        
-        // Assign angel-types
-        sql_transaction_start();
-        sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
-        $user_angel_type_info = array();
-        if (! empty($selected_angel_types)) {
-          $SQL = "INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ";
-          foreach ($selected_angel_types as $selected_angel_type_id) {
-            $SQL .= "(" . $user_source['UID'] . ", " . $selected_angel_type_id . "),";
-            $user_angel_type_info[] = $angel_types[$selected_angel_type_id] . (in_array($selected_angel_type_id, $accepted_angel_types) ? ' (confirmed)' : '');
-          }
-          // remove superfluous comma
-          $SQL = substr($SQL, 0, - 1);
-          sql_query($SQL);
-        }
-        if (in_array("admin_user_angeltypes", $privileges)) {
-          sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = NULL WHERE `user_id` = " . sql_escape($user_source['UID']));
-          if (! empty($accepted_angel_types))
-            sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = '" . sql_escape($user['UID']) . "' WHERE `user_id` = '" . sql_escape($user_source['UID']) . "' AND `angeltype_id` IN (" . implode(',', $accepted_angel_types) . ")");
-        }
-        sql_transaction_commit();
-        
-        engelsystem_log("Set angeltypes of " . User_Nick_render($user_source) . " to: " . join(", ", $user_angel_type_info));
-        success("Angeltypes saved.");
-        redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
-      }
-      
-      $html .= form(array(
-          msg(),
-          form_multi_checkboxes(array(
-              'selected_angel_types' => 'gewünscht',
-              'accepted_angel_types' => 'akzeptiert' 
-          ), "Angeltypes", $angel_types, array(
-              'selected_angel_types' => $selected_angel_types,
-              'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types) 
-          ), array(
-              'accepted_angel_types' => $nonrestricted_angel_types 
-          )),
-          form_submit('submit_user_angeltypes', _("Save")) 
-      ));
-      
-      $html .= "<hr />";
-      
-      $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
-      $html .= "<table>\n";
-      $html .= "  <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
-      $html .= "  <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
-      
-      $html .= "</table>";
-      $html .= "<input type=\"submit\" value=\"Speichern\">\n";
-      $html .= "</form>";
-      
-      $html .= "<hr />";
-      
+  if (! isset($_REQUEST['id']))
+    redirect(users_link());
+  
+  $id = $_REQUEST['id'];
+  if (! isset($_REQUEST['action'])) {
+    $user_source = User($id);
+    if ($user_source === false)
+      engelsystem_error('Unable to load user.');
+    if ($user_source == null) {
+      error(_('This user does not exist.'));
+      redirect(users_link());
+    }
+    
+    $html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
+    
+    $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
+    $html .= "<table border=\"0\">\n";
+    $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
+    
+    $SQL = "SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "'";
+    list($user_source) = sql_select($SQL);
+    
+    $html .= "<tr><td>\n";
+    $html .= "<table>\n";
+    $html .= "  <tr><td>Nick</td><td>" . "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" . $user_source['Nick'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>lastLogIn</td><td>" . date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
+    $html .= "  <tr><td>Name</td><td>" . "<input type=\"text\" size=\"40\" name=\"eName\" value=\"" . $user_source['Name'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>Vorname</td><td>" . "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" . $user_source['Vorname'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>Alter</td><td>" . "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" . $user_source['Alter'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>Telefon</td><td>" . "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" . $user_source['Telefon'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
+    $html .= "<tr><td>" . form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $user_source['email_shiftinfo']) . "</td></tr>\n";
+    $html .= "  <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
+    $html .= "  <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
+    
+    $options = array(
+        '1' => "Yes",
+        '0' => "No" 
+    );
+    
+    // Gekommen?
+    $html .= "  <tr><td>Gekommen</td><td>\n";
+    $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
+    
+    // Aktiv?
+    $html .= "  <tr><td>Aktiv</td><td>\n";
+    $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
+    
+    // Aktiv erzwingen
+    if (in_array('admin_active', $privileges)) {
+      $html .= "  <tr><td>" . _("Force active") . "</td><td>\n";
+      $html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n";
+    }
+    
+    // T-Shirt bekommen?
+    $html .= "  <tr><td>T-Shirt</td><td>\n";
+    $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
+    
+    $html .= "  <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n";
+    
+    $html .= "</table>\n</td><td valign=\"top\"></td></tr>";
+    
+    $html .= "</td></tr>\n";
+    $html .= "</table>\n<br />\n";
+    $html .= "<input type=\"submit\" value=\"Speichern\">\n";
+    $html .= "</form>";
+    
+    $html .= "<hr />";
+    
+    $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
+    
+    $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
+    $html .= "<table>\n";
+    $html .= "  <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
+    $html .= "  <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
+    
+    $html .= "</table>";
+    $html .= "<input type=\"submit\" value=\"Speichern\">\n";
+    $html .= "</form>";
+    
+    $html .= "<hr />";
+    
+    $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
+    if (count($my_highest_group) > 0)
+      $my_highest_group = $my_highest_group[0]['group_id'];
+    
+    $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1");
+    if (count($his_highest_group) > 0)
+      $his_highest_group = $his_highest_group[0]['group_id'];
+    
+    if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
       $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
       $html .= '<table>';
       
-      $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1");
-      if (count($my_highest_group) > 0)
-        $my_highest_group = $my_highest_group[0]['group_id'];
-      
-      $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid` LIMIT 1");
-      if (count($his_highest_group) > 0)
-        $his_highest_group = $his_highest_group[0]['group_id'];
+      $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
+      foreach ($groups as $group)
+        $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
       
-      if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
-        $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`");
-        foreach ($groups as $group)
-          $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
-        
-        $html .= '</table>';
-        
-        $html .= "<input type=\"submit\" value=\"Speichern\">\n";
-        $html .= "</form>";
-        
-        $html .= "<hr />";
-      }
+      $html .= '</table>';
       
-      $html .= "<form action=\"" . page_link_to("admin_user") . "&action=delete&id=" . $id . "\" method=\"post\">\n";
-      $html .= "<input type=\"submit\" value=\"Löschen\">\n";
+      $html .= "<input type=\"submit\" value=\"Speichern\">\n";
       $html .= "</form>";
       
       $html .= "<hr />";
-    } else {
-      switch ($_REQUEST['action']) {
-        case 'save_groups':
-          if ($id != $user['UID']) {
-            $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `group_id`");
-            $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`");
+    }
+    
+    $html .= "<form action=\"" . page_link_to("admin_user") . "&action=delete&id=" . $id . "\" method=\"post\">\n";
+    $html .= "<input type=\"submit\" value=\"Löschen\">\n";
+    $html .= "</form>";
+    
+    $html .= "<hr />";
+  } else {
+    switch ($_REQUEST['action']) {
+      case 'save_groups':
+        if ($id != $user['UID']) {
+          $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
+          $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`");
+          
+          if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
+            $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
+            $groups = array();
+            $grouplist = array();
+            foreach ($groups_source as $group) {
+              $groups[$group['UID']] = $group;
+              $grouplist[] = $group['UID'];
+            }
             
-            if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
-              $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
-              $groups = array();
-              $grouplist = array();
-              foreach ($groups_source as $group) {
-                $groups[$group['UID']] = $group;
-                $grouplist[] = $group['UID'];
-              }
-              
-              if (! is_array($_REQUEST['groups']))
-                $_REQUEST['groups'] = array();
-              
-              sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
-              $user_groups_info = array();
-              foreach ($_REQUEST['groups'] as $group) {
-                if (in_array($group, $grouplist)) {
-                  sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group));
-                  $user_groups_info[] = $groups[$group]['Name'];
-                }
+            if (! is_array($_REQUEST['groups']))
+              $_REQUEST['groups'] = array();
+            
+            sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
+            $user_groups_info = array();
+            foreach ($_REQUEST['groups'] as $group) {
+              if (in_array($group, $grouplist)) {
+                sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
+                $user_groups_info[] = $groups[$group]['Name'];
               }
-              $user_source = User($id);
-              engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
-              $html .= success("Benutzergruppen gespeichert.", true);
-            } else {
-              $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
             }
+            $user_source = User($id);
+            engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
+            $html .= success("Benutzergruppen gespeichert.", true);
           } else {
-            $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
-          }
-          break;
-        
-        case 'delete':
-          if ($user['UID'] != $id) {
-            $user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
-            sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-            sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
-            engelsystem_log("Deleted user " . User_Nick_render($user_source));
-            $html .= success("Benutzer gelöscht!", true);
-          } else {
-            $html .= error("Du kannst Dich nicht selber löschen!", true);
+            $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
           }
-          break;
-        
-        case 'save':
-          $force_active = $user['force_active'];
-          if (in_array('admin_active', $privileges))
-            $force_active = $_REQUEST['force_active'];
-          $SQL = "UPDATE `User` SET 
+        } else {
+          $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
+        }
+        break;
+      
+      case 'delete':
+        if ($user['UID'] != $id) {
+          $user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
+          sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
+          sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
+          engelsystem_log("Deleted user " . User_Nick_render($user_source));
+          $html .= success("Benutzer gelöscht!", true);
+        } else {
+          $html .= error("Du kannst Dich nicht selber löschen!", true);
+        }
+        break;
+      
+      case 'save':
+        $force_active = $user['force_active'];
+        if (in_array('admin_active', $privileges))
+          $force_active = $_REQUEST['force_active'];
+        $SQL = "UPDATE `User` SET 
               `Nick` = '" . sql_escape($_POST["eNick"]) . "', 
               `Name` = '" . sql_escape($_POST["eName"]) . "', 
               `Vorname` = '" . sql_escape($_POST["eVorname"]) . "', 
@@ -235,7 +185,7 @@ function admin_user() {
               `Alter` = '" . sql_escape($_POST["eAlter"]) . "', 
               `DECT` = '" . sql_escape($_POST["eDECT"]) . "', 
               `email` = '" . sql_escape($_POST["eemail"]) . "', 
-              `email_shiftinfo` = " . sql_escape(isset($_REQUEST['email_shiftinfo']) ? 'TRUE' : 'FALSE') . ", 
+              `email_shiftinfo` = " . sql_bool(isset($_REQUEST['email_shiftinfo'])) . ", 
               `jabber` = '" . sql_escape($_POST["ejabber"]) . "', 
               `Size` = '" . sql_escape($_POST["eSize"]) . "', 
               `Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "', 
@@ -244,27 +194,23 @@ function admin_user() {
               `Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "', 
               `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' 
               WHERE `UID` = '" . sql_escape($id) . "' 
-              LIMIT 1;";
-          sql_query($SQL);
-          engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
-          $html .= success("Änderung wurde gespeichert...\n", true);
-          break;
-        
-        case 'change_pw':
-          if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
-            set_password($id, $_REQUEST['new_pw']);
-            $user_source = User($id);
-            engelsystem_log("Set new password for " . User_Nick_render($user_source));
-            $html .= success("Passwort neu gesetzt.", true);
-          } else {
-            $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
-          }
-          break;
-      }
+              LIMIT 1";
+        sql_query($SQL);
+        engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
+        $html .= success("Änderung wurde gespeichert...\n", true);
+        break;
+      
+      case 'change_pw':
+        if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
+          set_password($id, $_REQUEST['new_pw']);
+          $user_source = User($id);
+          engelsystem_log("Set new password for " . User_Nick_render($user_source));
+          $html .= success("Passwort neu gesetzt.", true);
+        } else {
+          $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
+        }
+        break;
     }
-  } else {
-    msg();
-    redirect(page_link_to('users'));
   }
   
   return page_with_title(_('Edit user'), array(
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index fc375092..677b057b 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -32,6 +32,7 @@ function guest_register() {
   $tshirt_size = '';
   $password_hash = "";
   $selected_angel_types = array();
+  $planned_arrival_date = null;
   
   $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
   $angel_types = array();
@@ -96,6 +97,13 @@ function guest_register() {
       $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), MIN_PASSWORD_LENGTH), true);
     }
     
+    if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) {
+      $planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp();
+    } else {
+      $ok = false;
+      $msg .= error(_("Please enter your planned date of arrival."), true);
+    }
+    
     $selected_angel_types = array();
     foreach ($angel_types as $angel_type_id => $angel_type_name)
       if (isset($_REQUEST['angel_types_' . $angel_type_id]))
@@ -122,7 +130,7 @@ function guest_register() {
     if ($ok) {
       sql_query("
           INSERT INTO `User` SET 
-          `color`=" . sql_escape($default_theme) . ", 
+          `color`='" . sql_escape($default_theme) . "', 
           `Nick`='" . sql_escape($nick) . "', 
           `Vorname`='" . sql_escape($prename) . "', 
           `Name`='" . sql_escape($lastname) . "', 
@@ -131,24 +139,26 @@ function guest_register() {
           `DECT`='" . sql_escape($dect) . "', 
           `Handy`='" . sql_escape($mobile) . "', 
           `email`='" . sql_escape($mail) . "', 
-          `email_shiftinfo`=" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . ", 
+          `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", 
           `jabber`='" . sql_escape($jabber) . "',
           `Size`='" . sql_escape($tshirt_size) . "', 
           `Passwort`='" . sql_escape($password_hash) . "', 
           `kommentar`='" . sql_escape($comment) . "', 
           `Hometown`='" . sql_escape($hometown) . "', 
           `CreateDate`=NOW(), 
-          `Sprache`='" . sql_escape($_SESSION["locale"]) . "'");
+          `Sprache`='" . sql_escape($_SESSION["locale"]) . "',
+          `arrival_date`=NULL,
+          `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'");
       
       // Assign user-group and set password
       $user_id = sql_id();
-      sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($user_id) . ", `group_id`=-2");
+      sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2");
       set_password($user_id, $_REQUEST['password']);
       
       // Assign angel-types
       $user_angel_types_info = array();
       foreach ($selected_angel_types as $selected_angel_type_id) {
-        sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
+        sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'");
         $user_angel_types_info[] = $angel_types[$selected_angel_type_id];
       }
       engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info));
@@ -170,11 +180,18 @@ function guest_register() {
                           form_text('nick', _("Nick") . ' ' . entry_required(), $nick) 
                       )),
                       div('col-sm-8', array(
-                          form_text('mail', _("E-Mail") . ' ' . entry_required(), $mail),
+                          form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail),
                           form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo) 
                       )) 
                   )),
-                  $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '',
+                  div('row', array(
+                      div('col-sm-6', array(
+                          form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()) 
+                      )),
+                      div('col-sm-6', array(
+                          $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '' 
+                      )) 
+                  )),
                   div('row', array(
                       div('col-sm-6', array(
                           form_password('password', _("Password") . ' ' . entry_required()) 
@@ -269,6 +286,7 @@ function guest_login() {
     if ($ok) {
       $_SESSION['uid'] = $login_user['UID'];
       $_SESSION['locale'] = $login_user['Sprache'];
+      
       redirect(page_link_to('news'));
     }
   }
diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php
index ba832842..bd954a87 100644
--- a/includes/pages/user_ical.php
+++ b/includes/pages/user_ical.php
@@ -28,7 +28,7 @@ function user_ical() {
         INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) 
         JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
         INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) 
-        WHERE `UID`=" . sql_escape($user['UID']) . " 
+        WHERE `UID`='" . sql_escape($user['UID']) . "' 
         ORDER BY `start`");
   }
 
diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php
index fe1b85ff..1785d5b6 100644
--- a/includes/pages/user_messages.php
+++ b/includes/pages/user_messages.php
@@ -7,7 +7,7 @@ function user_unread_messages() {
   global $user;
 
   if (isset($user)) {
-    $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
+    $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
     if ($new_messages > 0)
       return ' <span class="badge danger">' . $new_messages . '</span>';
   }
@@ -18,7 +18,7 @@ function user_messages() {
   global $user;
 
   if (! isset($_REQUEST['action'])) {
-    $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
+    $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
 
     $to_select_data = array(
         "" => _("Select recipient...")
@@ -29,7 +29,7 @@ function user_messages() {
 
     $to_select = html_select_key('to', 'to', $to_select_data, '');
 
-    $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
+    $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");
     foreach ($messages as $message) {
       $sender_user_source = User($message['SUID']);
       if ($sender_user_source === false)
@@ -84,9 +84,9 @@ function user_messages() {
         else
           return error(_("Incomplete call, missing Message ID."), true);
 
-        $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+        $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
         if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
-          sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+          sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
           redirect(page_link_to("user_messages"));
         } else
           return error(_("No Message found."), true);
@@ -98,9 +98,9 @@ function user_messages() {
         else
           return error(_("Incomplete call, missing Message ID."), true);
 
-        $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+        $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
         if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
-          sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+          sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
           redirect(page_link_to("user_messages"));
         } else
           return error(_("No Message found."), true);
diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php
index e557054d..ee3cf1be 100644
--- a/includes/pages/user_myshifts.php
+++ b/includes/pages/user_myshifts.php
@@ -9,15 +9,15 @@ function user_myshifts() {
   global $LETZTES_AUSTRAGEN;
   global $user, $privileges;
   $msg = "";
-
-  if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
+  
+  if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
     $id = $_REQUEST['id'];
   } else {
     $id = $user['UID'];
   }
-
-  list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-
+  
+  list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
+  
   if (isset($_REQUEST['reset'])) {
     if ($_REQUEST['reset'] == "ack") {
       User_reset_api_key($user);
@@ -26,7 +26,7 @@ function user_myshifts() {
     }
     return page_with_title(_("Reset API key"), array(
         error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true),
-        button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
+        button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') 
     ));
   } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
     $id = $_REQUEST['edit'];
@@ -44,11 +44,11 @@ function user_myshifts() {
         JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
         JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
         JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
-        WHERE `ShiftEntry`.`id`=" . sql_escape($id) . "
-        AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
+        WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "'
+        AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
     if (count($shift) > 0) {
       $shift = $shift[0];
-
+      
       if (isset($_REQUEST['submit'])) {
         $freeloaded = $shift['freeloaded'];
         $freeload_comment = $shift['freeload_comment'];
@@ -56,46 +56,51 @@ function user_myshifts() {
           $freeloaded = isset($_REQUEST['freeloaded']);
           $freeload_comment = strip_request_item_nl('freeload_comment');
         }
-
+        
         $comment = strip_request_item_nl('comment');
         $user_source = User($shift['UID']);
         $result = ShiftEntry_update(array(
             'id' => $id,
             'Comment' => $comment,
             'freeloaded' => $freeloaded,
-            'freeload_comment' => $freeload_comment
+            'freeload_comment' => $freeload_comment 
         ));
         if ($result === false)
           engelsystem_error('Unable to update shift entr.');
-
+        
         engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
         success(_("Shift saved."));
         redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
       }
-
+      
       return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges));
     } else
       redirect(page_link_to('user_myshifts'));
   } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
     $id = $_REQUEST['cancel'];
     $shift = sql_select("
-        SELECT `Shifts`.`start` 
+        SELECT *
         FROM `Shifts` 
         INNER JOIN `ShiftEntry` USING (`SID`) 
-        WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']));
+        WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
     if (count($shift) > 0) {
       $shift = $shift[0];
       if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
         $result = ShiftEntry_delete($id);
         if ($result === false)
           engelsystem_error('Unable to delete shift entry.');
+        $room = Room($shift['RID']);
+        $angeltype = AngelType($shift['TID']);
+        $shifttype = ShiftType($shift['shifttype_id']);
+        
+        engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
         success(_("You have been signed off from the shift."));
       } else
         error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
     } else
-      redirect(page_link_to('user_myshifts'));
+      redirect(user_link($shifts_user));
   }
-
+  
   redirect(page_link_to('users') . '&action=view');
 }
 ?>
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php
index 8a4c0aa8..7c104095 100644
--- a/includes/pages/user_news.php
+++ b/includes/pages/user_news.php
@@ -21,7 +21,7 @@ function user_meetings() {
   else
     $page = 0;
 
-  $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `ID` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
+  $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
   foreach ($news as $entry)
     $html .= display_news($entry);
 
@@ -73,9 +73,9 @@ function user_news_comments() {
   global $user;
 
   $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
-  if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) {
+  if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
     $nid = $_REQUEST["nid"];
-    list($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($nid) . " LIMIT 1");
+    list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
     if (isset($_REQUEST["text"])) {
       $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
       sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
@@ -132,7 +132,7 @@ function user_news() {
   else
     $page = 0;
 
-  $news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
+  $news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
   foreach ($news as $entry)
     $html .= display_news($entry);
 
diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php
index be7f9930..0a2786d1 100644
--- a/includes/pages/user_questions.php
+++ b/includes/pages/user_questions.php
@@ -7,9 +7,9 @@ function user_questions() {
   global $user;
   
   if (! isset($_REQUEST['action'])) {
-    $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=" . sql_escape($user['UID']));
+    $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
     
-    $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=" . sql_escape($user['UID']));
+    $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
     foreach ($answered_questions as &$question) {
       $answer_user_source = User($question['AID']);
       if ($answer_user_source === false)
@@ -23,7 +23,7 @@ function user_questions() {
       case 'ask':
         $question = strip_request_item_nl('question');
         if ($question != "") {
-          $result = sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'");
+          $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
           if ($result === false)
             engelsystem_error(_("Unable to save question."));
           success(_("You question was saved."));
@@ -39,9 +39,9 @@ function user_questions() {
         else
           return error(_("Incomplete call, missing Question ID."), true);
         
-        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
         if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
-          sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+          sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
           redirect(page_link_to("user_questions"));
         } else
           return page_with_title(questions_title(), array(
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php
index 47744474..466d3c3e 100644
--- a/includes/pages/user_settings.php
+++ b/includes/pages/user_settings.php
@@ -7,7 +7,7 @@ function settings_title() {
 function user_settings() {
   global $enable_tshirt_size, $tshirt_sizes, $themes, $locales;
   global $user;
-
+  
   $msg = "";
   $nick = $user['Nick'];
   $lastname = $user['Name'];
@@ -24,34 +24,12 @@ function user_settings() {
   $password_hash = "";
   $selected_theme = $user['color'];
   $selected_language = $user['Sprache'];
-
-  $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
-  $selected_angel_types_source_ids = array();
-  $selected_angel_types = array();
-  foreach ($selected_angel_types_source as $selected_angel_type) {
-    $selected_angel_types[] = $selected_angel_type['angeltype_id'];
-    $selected_angel_types_source_ids[] = $selected_angel_type['angeltype_id'];
-  }
-
-  $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
-  $angel_types = array();
-  foreach ($angel_types_source as $angel_type)
-    $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
-
+  $planned_arrival_date = $user['planned_arrival_date'];
+  $planned_departure_date = $user['planned_departure_date'];
+  
   if (isset($_REQUEST['submit'])) {
     $ok = true;
-
-    if (isset($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
-      $nick = strip_request_item('nick');
-      if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
-        $ok = false;
-        $msg .= error(sprintf(_("Your nick &quot;%s&quot; already exists."), $nick), true);
-      }
-    } else {
-      $ok = false;
-      $msg .= error(sprintf(_("Your nick &quot;%s&quot; is too short (min. 2 characters)."), strip_request_item('nick')), true);
-    }
-
+    
     if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
       $mail = strip_request_item('mail');
       if (! check_email($mail)) {
@@ -62,9 +40,9 @@ function user_settings() {
       $ok = false;
       $msg .= error(_("Please enter your e-mail."), true);
     }
-
+    
     $email_shiftinfo = isset($_REQUEST['email_shiftinfo']);
-
+    
     if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
       $jabber = strip_request_item('jabber');
       if (! check_email($jabber)) {
@@ -72,18 +50,30 @@ function user_settings() {
         $msg .= error(_("Please check your jabber account information."), true);
       }
     }
-
+    
     if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]))
       $tshirt_size = $_REQUEST['tshirt_size'];
     elseif ($enable_tshirt_size) {
       $ok = false;
     }
-
-    $selected_angel_types = array();
-    foreach ($angel_types as $angel_type_id => $angel_type_name)
-      if (isset($_REQUEST['angel_types_' . $angel_type_id]))
-        $selected_angel_types[] = $angel_type_id;
-
+    
+    if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) {
+      $planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp();
+    } else {
+      $ok = false;
+      $msg .= error(_("Please enter your planned date of arrival."), true);
+    }
+    
+    if (isset($_REQUEST['planned_departure_date']) && $_REQUEST['planned_departure_date'] != '') {
+      if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))) {
+        $planned_departure_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))->getTimestamp();
+      } else {
+        $ok = false;
+        $msg .= error(_("Please enter your planned date of departure."), true);
+      }
+    } else
+      $planned_departure_date = null;
+      
       // Trivia
     if (isset($_REQUEST['lastname']))
       $lastname = strip_request_item('lastname');
@@ -99,7 +89,7 @@ function user_settings() {
       $mobile = strip_request_item('mobile');
     if (isset($_REQUEST['hometown']))
       $hometown = strip_request_item('hometown');
-
+    
     if ($ok) {
       sql_query("
           UPDATE `User` SET
@@ -111,48 +101,20 @@ function user_settings() {
           `DECT`='" . sql_escape($dect) . "',
           `Handy`='" . sql_escape($mobile) . "',
           `email`='" . sql_escape($mail) . "',
-          `email_shiftinfo`=" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . ",
+          `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ",
           `jabber`='" . sql_escape($jabber) . "',
           `Size`='" . sql_escape($tshirt_size) . "',
-          `Hometown`='" . sql_escape($hometown) . "'
-          WHERE `UID`=" . sql_escape($user['UID']));
-
-      // Assign angel-types
-
-      $deleted_angel_type_names = array();
-      $added_angel_type_names = array();
-
-      foreach($selected_angel_types_source as $source_angel_type) {
-        if (!in_array($source_angel_type["angeltype_id"], $selected_angel_types)) {
-          $deleted_angel_type_names[] =  $angel_types[$source_angel_type["angeltype_id"]];
-          sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`='" . sql_escape($user['UID']) . "' AND `angeltype_id` = ". sql_escape($source_angel_type["angeltype_id"]));
-        }
-      }
-
-      foreach($selected_angel_types as $selected_angel_type) {
-        if (!in_array($selected_angel_type, $selected_angel_types_source_ids)) {
-          $added_angel_type_names[] = $angel_types[$selected_angel_type];
-          sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type));
-        }
-      }
-
-      if(count($deleted_angel_type_names) > 0 || count($added_angel_type_names) > 0) {
-        $log_message = "User changed his own Angel Types. ";
-        if(count($deleted_angel_type_names) > 0) {
-          $log_message .= "Removed: " . implode(", ", $deleted_angel_type_names) . " ";
-        }
-        if(count($added_angel_type_names) > 0) {
-          $log_message .= "Added: " . implode(", ", $added_angel_type_names);
-        }
-        engelsystem_log($log_message);
-      }
-
+          `Hometown`='" . sql_escape($hometown) . "',
+          `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "',
+          `planned_departure_date`=" . sql_null($planned_departure_date) . "
+          WHERE `UID`='" . sql_escape($user['UID']) . "'");
+      
       success(_("Settings saved."));
       redirect(page_link_to('user_settings'));
     }
   } elseif (isset($_REQUEST['submit_password'])) {
     $ok = true;
-
+    
     if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
       $msg .= error(_("-> not OK. Please try again."), true);
     elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
@@ -166,58 +128,60 @@ function user_settings() {
     redirect(page_link_to('user_settings'));
   } elseif (isset($_REQUEST['submit_theme'])) {
     $ok = true;
-
+    
     if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']]))
       $selected_theme = $_REQUEST['theme'];
     else
       $ok = false;
-
+    
     if ($ok) {
-      sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
+      sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
+      
       success(_("Theme changed."));
       redirect(page_link_to('user_settings'));
     }
   } elseif (isset($_REQUEST['submit_language'])) {
     $ok = true;
-
+    
     if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']]))
       $selected_language = $_REQUEST['language'];
     else
       $ok = false;
-
+    
     if ($ok) {
-      sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
+      sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
       $_SESSION['locale'] = $selected_language;
-
+      
       success("Language changed.");
       redirect(page_link_to('user_settings'));
     }
   }
-
+  
   return page_with_title(settings_title(), array(
-      sprintf(_("Hello %s, here you can change your personal settings i.e. password, color settings etc."), User_Nick_render($user)),
       $msg,
       msg(),
       div('row', array(
           div('col-md-6', array(
               form(array(
-                  form_info(_("Here you can change your user details.")),
-                  form_text('nick', _("Nick") . "*", $nick),
+                  form_info('', _("Here you can change your user details.")),
+                  form_info(entry_required() . ' = ' . _("Entry required!")),
+                  form_text('nick', _("Nick"), $nick, true),
                   form_text('lastname', _("Last name"), $lastname),
                   form_text('prename', _("First name"), $prename),
+                  form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()),
+                  form_date('planned_departure_date', _("Planned date of departure"), $planned_departure_date, time()),
                   form_text('age', _("Age"), $age),
                   form_text('tel', _("Phone"), $tel),
                   form_text('dect', _("DECT"), $dect),
                   form_text('mobile', _("Mobile"), $mobile),
-                  form_text('mail', _("E-Mail") . "*", $mail),
+                  form_text('mail', _("E-Mail") . ' ' . entry_required(), $mail),
                   form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo),
                   form_text('jabber', _("Jabber"), $jabber),
                   form_text('hometown', _("Hometown"), $hometown),
                   $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '',
-                  form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types),
-                  form_submit('submit', _("Save"))
-              ))
+                  form_info('', _('Please visit the angeltypes page to manage your angeltypes.')),
+                  form_submit('submit', _("Save")) 
+              )) 
           )),
           div('col-md-6', array(
               form(array(
@@ -225,20 +189,20 @@ function user_settings() {
                   form_password('password', _("Old password:")),
                   form_password('new_password', _("New password:")),
                   form_password('new_password2', _("Password confirmation:")),
-                  form_submit('submit_password', _("Save"))
+                  form_submit('submit_password', _("Save")) 
               )),
               form(array(
                   form_info(_("Here you can choose your color settings:")),
                   form_select('theme', _("Color settings:"), $themes, $selected_theme),
-                  form_submit('submit_theme', _("Save"))
+                  form_submit('submit_theme', _("Save")) 
               )),
               form(array(
                   form_info(_("Here you can choose your language:")),
                   form_select('language', _("Language:"), $locales, $selected_language),
-                  form_submit('submit_language', _("Save"))
-              ))
-          ))
-      ))
+                  form_submit('submit_language', _("Save")) 
+              )) 
+          )) 
+      )) 
   ));
 }
 ?>
diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index 603ca993..8c01eef8 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -31,7 +31,7 @@ function user_shifts() {
         JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) 
         JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
         JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) 
-        WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id));
+        WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'");
     if (count($shift_entry_source) > 0) {
       $shift_entry_source = $shift_entry_source[0];
       
@@ -58,7 +58,7 @@ function user_shifts() {
         SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.* FROM `Shifts` 
         JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) 
         JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
-        WHERE `SID`=" . sql_escape($shift_id));
+        WHERE `SID`='" . sql_escape($shift_id) . "'");
     if (count($shift) == 0)
       redirect(page_link_to('user_shifts'));
     $shift = $shift[0];
@@ -72,28 +72,34 @@ function user_shifts() {
       $needed_angel_types[$type['id']] = 0;
     }
     
-    // Benötigte Engeltypen vom Raum
-    $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`");
+    $shifttypes_source = ShiftTypes();
+    $shifttypes = [];
+    foreach ($shifttypes_source as $shifttype)
+      $shifttypes[$shifttype['id']] = $shifttype['name'];
+      
+      // Benötigte Engeltypen vom Raum
+    $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`='" . sql_escape($shift['RID']) . "') ORDER BY `AngelTypes`.`name`");
     foreach ($needed_angel_types_source as $type) {
       if ($type['count'] != "")
         $needed_angel_types[$type['id']] = $type['count'];
     }
     
     // Benötigte Engeltypen von der Schicht
-    $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`=" . sql_escape($shift_id) . ") ORDER BY `AngelTypes`.`name`");
+    $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`='" . sql_escape($shift_id) . "') ORDER BY `AngelTypes`.`name`");
     foreach ($needed_angel_types_source as $type) {
       if ($type['count'] != "")
         $needed_angel_types[$type['id']] = $type['count'];
     }
     
-    $name = $shift['name'];
+    $shifttype_id = $shift['shifttype_id'];
+    $title = $shift['title'];
     $rid = $shift['RID'];
     $start = $shift['start'];
     $end = $shift['end'];
     
     if (isset($_REQUEST['submit'])) {
       // Name/Bezeichnung der Schicht, darf leer sein
-      $name = strip_request_item('name');
+      $title = strip_request_item('title');
       
       // Auswahl der sichtbaren Locations für die Schichten
       if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']]))
@@ -104,6 +110,13 @@ function user_shifts() {
         $msg .= error(_("Please select a room."), true);
       }
       
+      if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']]))
+        $shifttype_id = $_REQUEST['shifttype_id'];
+      else {
+        $ok = false;
+        $msg .= error(_('Please select a shifttype.'), true);
+      }
+      
       if (isset($_REQUEST['start']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
         $start = $tmp->getTimestamp();
       else {
@@ -133,23 +146,28 @@ function user_shifts() {
       }
       
       if ($ok) {
-        $shift['name'] = $name;
+        $shift['shifttype_id'] = $shifttype_id;
+        $shift['title'] = $title;
         $shift['RID'] = $rid;
         $shift['start'] = $start;
         $shift['end'] = $end;
+        
         $result = Shift_update($shift);
         if ($result === false)
           engelsystem_error('Unable to update shift.');
-        sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
+        sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'");
         $needed_angel_types_info = array();
         foreach ($needed_angel_types as $type_id => $count) {
-          sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
+          sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
           $needed_angel_types_info[] = $angel_types[$type_id]['name'] . ": " . $count;
         }
         
         engelsystem_log("Updated shift '" . $name . "' from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
         success(_("Shift updated."));
-        redirect(shift_link($shift_id));
+        
+        redirect(shift_link([
+            'SID' => $shift_id 
+        ]));
       }
     }
     
@@ -163,7 +181,8 @@ function user_shifts() {
         msg(),
         '<noscript>' . info(_("This page is much more comfortable with javascript."), true) . '</noscript>',
         form(array(
-            form_text('name', _("Name/Description:"), $name),
+            form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
+            form_text('title', _("Title"), $title),
             form_select('rid', _("Room:"), $room_array, $rid),
             form_text('start', _("Start:"), date("Y-m-d H:i", $start)),
             form_text('end', _("End:"), date("Y-m-d H:i", $end)),
@@ -218,32 +237,21 @@ function user_shifts() {
       $type_id = $_REQUEST['type_id'];
     else
       redirect(page_link_to('user_shifts'));
-      
-      // Schicht läuft schon, Eintragen für Engel nicht mehr möglich
-    if (! in_array('user_shifts_admin', $privileges) && time() > $shift['start']) {
-      error(_("This shift is running now or ended already. Please contact a dispatcher to join the shift."));
-      redirect(shift_link($shift));
-    }
-    
-    // Another shift the user is signed up for collides with this one
-    if (! in_array('user_shifts_admin', $privileges) && sql_num_query("
-        SELECT `Shifts`.`SID` 
-        FROM `Shifts` 
-        INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = " . sql_escape($user['UID']) . ") 
-        WHERE `start` < '" . sql_escape($shift['end']) . "' AND `end` > '" . sql_escape($shift['start']) . "'") > 0) {
-      error(_("You already subscribed to shift in the same timeslot. Please contact a dispatcher to join the shift."));
-      redirect(shift_link($shift));
-    }
     
     if (in_array('user_shifts_admin', $privileges))
-      $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1");
+      $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
     else
-      $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
+      $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
     
     if (count($type) == 0)
       redirect(page_link_to('user_shifts'));
     $type = $type[0];
     
+    if (! Shift_signup_allowed($shift, $type)) {
+      error(_('You are not allowed to sign up for this shift. Maybe shift is full or already running.'));
+      redirect(shift_link($shift));
+    }
+    
     if (isset($_REQUEST['submit'])) {
       $selected_type_id = $type_id;
       if (in_array('user_shifts_admin', $privileges)) {
@@ -252,10 +260,10 @@ function user_shifts() {
         else
           $user_id = $user['UID'];
         
-        if (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1") == 0)
+        if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0)
           redirect(page_link_to('user_shifts'));
         
-        if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($_REQUEST['angeltype_id']) . " LIMIT 1") > 0)
+        if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0)
           $selected_type_id = $_REQUEST['angeltype_id'];
       } else
         $user_id = $user['UID'];
@@ -340,7 +348,7 @@ function view_user_shifts() {
   if (in_array('user_shifts_admin', $privileges))
     $types = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `AngelTypes`.`name`");
   else
-    $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ") ORDER BY `AngelTypes`.`name`");
+    $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`");
   if (empty($types))
     $types = sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0");
   $filled = array(
@@ -363,9 +371,13 @@ function view_user_shifts() {
     $_SESSION['user_shifts'] = array();
   
   if (! isset($_SESSION['user_shifts']['filled'])) {
-    $_SESSION['user_shifts']['filled'] = array(
+    // User shift admins see free and occupied shifts by default
+    $_SESSION['user_shifts']['filled'] = in_array('user_shifts_admin', $privileges) ? [
+        0,
+        1 
+    ] : [
         0 
-    );
+    ];
   }
   
   foreach (array(
@@ -441,10 +453,10 @@ function view_user_shifts() {
   if (count($_SESSION['user_shifts']['filled']) == 1) {
     if ($_SESSION['user_shifts']['filled'][0] == 0)
       $SQL .= "
-      AND (nat.`count` > entries.`count` OR entries.`count` IS NULL OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = " . sql_escape($user['UID']) . " AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
+      AND (nat.`count` > entries.`count` OR entries.`count` IS NULL OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = '" . sql_escape($user['UID']) . "' AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
     elseif ($_SESSION['user_shifts']['filled'][0] == 1)
       $SQL .= "
-    AND (nat.`count` <= entries.`count`  OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = " . sql_escape($user['UID']) . " AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
+    AND (nat.`count` <= entries.`count`  OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = '" . sql_escape($user['UID']) . "' AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
   }
   $SQL .= "
   ORDER BY `start`";
@@ -506,7 +518,10 @@ function view_user_shifts() {
       if ($colspan == 0)
         $colspan = 1;
       $todo[$rid] = array_fill(0, $maxshow, $colspan);
-      $shifts_table .= "<th" . (($colspan > 1) ? ' colspan="' . $colspan . '"' : '') . ">${room['name']}</th>\n";
+      $shifts_table .= "<th" . (($colspan > 1) ? ' colspan="' . $colspan . '"' : '') . ">" . Room_name_render([
+          'RID' => $room['id'],
+          'Name' => $room['name'] 
+      ]) . "</th>\n";
     }
     unset($block, $blocks, $firstblock, $colspan, $key, $room);
     
@@ -543,7 +558,17 @@ function view_user_shifts() {
                 
                 // qqqqqq
               $is_free = false;
-              $shifts_row = '<a href="' . shift_link($shift) . '">' . date('d.m. H:i', $shift['start']);
+              $shifts_row = '';
+              if (in_array('admin_shifts', $privileges))
+                $shifts_row .= '<div class="pull-right">' . table_buttons(array(
+                    button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'),
+                    button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs') 
+                )) . '</div>';
+              $shifts_row .= Room_name_render([
+                  'RID' => $room['id'],
+                  'Name' => $room['name'] 
+              ]) . '<br />';
+              $shifts_row .= '<a href="' . shift_link($shift) . '">' . date('d.m. H:i', $shift['start']);
               $shifts_row .= " &ndash; ";
               $shifts_row .= date('H:i', $shift['end']);
               $shifts_row .= "<br /><b>";
@@ -553,23 +578,19 @@ function view_user_shifts() {
                 $shifts_row .= $shift['title'];
                 $shifts_row .= "<br />";
               }
-              if (in_array('admin_shifts', $privileges))
-                $shifts_row .= ' ' . table_buttons(array(
-                    button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'),
-                    button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs') 
-                ));
+              $shifts_row .= '</a>';
               $shifts_row .= '<br />';
               $query = "SELECT `NeededAngelTypes`.`count`, `AngelTypes`.`id`, `AngelTypes`.`restricted`, `UserAngelTypes`.`confirm_user_id`, `AngelTypes`.`name`, `UserAngelTypes`.`user_id`
             FROM `NeededAngelTypes`
             JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`)
-            LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ")
+            LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "')
             WHERE
             `count` > 0
             AND ";
               if ($shift['has_special_needs'])
-                $query .= "`shift_id` = " . sql_escape($shift['SID']);
+                $query .= "`shift_id` = '" . sql_escape($shift['SID']) . "'";
               else
-                $query .= "`room_id` = " . sql_escape($shift['RID']);
+                $query .= "`room_id` = '" . sql_escape($shift['RID']) . "'";
               if (! empty($_SESSION['user_shifts']['types']))
                 $query .= " AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") ";
               $query .= " ORDER BY `AngelTypes`.`name`";
@@ -577,17 +598,14 @@ function view_user_shifts() {
               
               if (count($angeltypes) > 0) {
                 foreach ($angeltypes as $angeltype) {
-                  $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['id']) . " ORDER BY `Nick`");
+                  $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`");
                   $entry_list = array();
                   $freeloader = 0;
                   foreach ($entries as $entry) {
-                    if ($entry['Gekommen'] == 1)
-                      $style = "font-weight:bold;";
-                    else
-                      $style = "font-weight:normal;";
+                    $style = '';
                     if ($entry['freeloaded']) {
                       $freeloader ++;
-                      $style .= " text-decoration: line-through;";
+                      $style = " text-decoration: line-through;";
                     }
                     if (in_array('user_shifts_admin', $privileges))
                       $entry_list[] = "<span style=\"$style\">" . User_Nick_render($entry) . ' ' . table_buttons(array(
@@ -617,29 +635,30 @@ function view_user_shifts() {
                     // User shift admins may join anybody in every shift
                     $user_may_join_shift |= in_array('user_shifts_admin', $privileges);
                     if ($user_may_join_shift)
-                      $entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . $inner_text . '&nbsp;&raquo;</a>';
+                      $entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . $inner_text . '</a> ' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'], _('Sign up'), 'btn-xs');
                     else {
                       if (time() > $shift['start'])
-                        $entry_list[] = $inner_text . ' (vorbei)';
+                        $entry_list[] = $inner_text . ' (' . _('ended') . ')';
                       elseif ($angeltype['restricted'] == 1 && isset($angeltype['user_id']) && ! isset($angeltype['confirm_user_id']))
                         $entry_list[] = $inner_text . glyph('lock');
+                      elseif ($angeltype['restricted'] == 1)
+                        $entry_list[] = $inner_text;
                       elseif ($collides)
                         $entry_list[] = $inner_text;
                       else
-                        $entry_list[] = $inner_text . ' <a href="' . page_link_to('user_settings') . '#angel_types_anchor">(Werde ' . $angeltype['name'] . ')</a>';
+                        $entry_list[] = $inner_text . '<br />' . button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']), 'btn-xs');
                     }
                     
                     unset($inner_text);
                     $is_free = true;
                   }
                   
-                  $shifts_row .= '<b>' . $angeltype['name'] . ':</b> ';
+                  $shifts_row .= '<strong>' . AngelType_name_render($angeltype) . ':</strong> ';
                   $shifts_row .= join(", ", $entry_list);
                   $shifts_row .= '<br />';
                 }
-                if (in_array('user_shifts_admin', $privileges)) {
-                  $shifts_row .= '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . _("Add more angels") . '&nbsp;&raquo;</a>';
-                }
+                if (in_array('user_shifts_admin', $privileges))
+                  $shifts_row .= ' ' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'], _("Add more angels"), 'btn-xs');
               }
               if ($shift['own'] && ! in_array('user_shifts_admin', $privileges))
                 $class = 'own';
@@ -695,23 +714,24 @@ function view_user_shifts() {
       $query = "SELECT `NeededAngelTypes`.`count`, `AngelTypes`.`id`, `AngelTypes`.`restricted`, `UserAngelTypes`.`confirm_user_id`, `AngelTypes`.`name`, `UserAngelTypes`.`user_id`
     FROM `NeededAngelTypes`
     JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`)
-    LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ")
+    LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "')
     WHERE ";
       if ($shift_has_special_needs)
-        $query .= "`shift_id` = " . sql_escape($shift['SID']);
+        $query .= "`shift_id` = '" . sql_escape($shift['SID']) . "'";
       else
-        $query .= "`room_id` = " . sql_escape($shift['RID']);
+        $query .= "`room_id` = '" . sql_escape($shift['RID']) . "'";
       $query .= "               AND `count` > 0 ";
       if (! empty($_SESSION['user_shifts']['types']))
         $query .= "AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") ";
       $query .= "ORDER BY `AngelTypes`.`name`";
       $angeltypes = sql_select($query);
       if (count($angeltypes) > 0) {
-        $my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0;
+        $my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0;
         
         foreach ($angeltypes as &$angeltype) {
-          $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['id']) . " ORDER BY `Nick`");
+          $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`");
           $entry_list = array();
+          $entry_nicks = [];
           $freeloader = 0;
           foreach ($entries as $entry) {
             if (in_array('user_shifts_admin', $privileges))
@@ -725,8 +745,11 @@ function view_user_shifts() {
               $freeloader ++;
             }
             $entry_list[] = $member;
+            $entry_nicks[] = $entry['Nick'];
           }
           $angeltype['taken'] = count($entries) - $freeloader;
+          $angeltype['angels'] = $entry_nicks;
+          
           // do we need more angles of this type?
           if ($angeltype['count'] - count($entries) + $freeloader > 0) {
             $inner_text = sprintf(ngettext("%d helper needed", "%d helpers needed", $angeltype['count'] - count($entries) + $freeloader), $angeltype['count'] - count($entries) + $freeloader);
@@ -756,7 +779,7 @@ function view_user_shifts() {
               } elseif ($angeltype['restricted'] == 1 && isset($angeltype['user_id']) && ! isset($angeltype['confirm_user_id'])) {
                 $entry_list[] = $inner_text . glyph("lock");
               } else {
-                $entry_list[] = $inner_text . ' <a href="' . page_link_to('user_settings') . '#angel_types_anchor">(Werde ' . $angeltype['name'] . ')</a>';
+                $entry_list[] = $inner_text . ' <a href="' . page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '">' . sprintf(_('Become %s'), $angeltype['name']) . '</a>';
               }
             }
             
@@ -769,7 +792,7 @@ function view_user_shifts() {
           $shift_row['entries'] .= '<br />';
         }
         if (in_array('user_shifts_admin', $privileges)) {
-          $shift_row['entries'] .= '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">Weitere Helfer eintragen &raquo;</a>';
+          $shift_row['entries'] .= '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . _('Add more angels') . ' &raquo;</a>';
         }
         $shifts_table[] = $shift_row;
         $shift['angeltypes'] = $angeltypes;
@@ -795,7 +818,7 @@ function view_user_shifts() {
           'start_time' => $_SESSION['user_shifts']['start_time'],
           'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $_SESSION['user_shifts']['end_day']),
           'end_time' => $_SESSION['user_shifts']['end_time'],
-          'type_select' => make_select($types, $_SESSION['user_shifts']['types'], "types", _("Tasks") . '<sup>1</sup>'),
+          'type_select' => make_select($types, $_SESSION['user_shifts']['types'], "types", _("Angeltypes") . '<sup>1</sup>'),
           'filled_select' => make_select($filled, $_SESSION['user_shifts']['filled'], "filled", _("Occupancy")),
           'task_notice' => '<sup>1</sup>' . _("The tasks shown here are influenced by the preferences you defined in your settings!") . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" . _("Description of the jobs.") . "</a>",
           'new_style_checkbox' => '<label><input type="checkbox" name="new_style" value="1" ' . ($_SESSION['user_shifts']['new_style'] ? ' checked' : '') . '> ' . _("Use new style if possible") . '</label>',