diff options
Diffstat (limited to 'includes')
30 files changed, 645 insertions, 591 deletions
diff --git a/includes/controller/api.php b/includes/controller/api.php deleted file mode 100644 index 9ecd3a2f..00000000 --- a/includes/controller/api.php +++ /dev/null @@ -1,355 +0,0 @@ -<?php - -/************************************************************************************************ - * API Documentation - ************************************************************************************************ - -General: --------- -All API calls output JSON-encoded data. Client parameters should be passed encoded using JSON in HTTP POST data. -Every API Request must be contained the Api Key (using JSON parameter 'key') and the Command (using JSON parameter 'cmd'). - - -Testing API calls (using curl): -------------------------------- -$ curl -d '{"cmd":"getVersion"}' '<Address>/?p=api' -$ curl -d '{"cmd":"getApiKey","user":"admin","pw":"admin"}' '<Address>/?p=api' -$ curl -d '{"key":"<key>","cmd":"getRoom"}' '<Address>/?p=api' -$ curl -d '{"key":"<key>","cmd":"sendmessage","uid":"23","text":"test message"}' '<Address>/?p=api' - -Methods without key: --------------------- -getVersion - Description: - Returns API version. - Parameters: - nothing - Return Example: - {"status":"success","version": "1"} - -getApiKey - Description: - Returns API Key version. - Parameters: - user (string) - pw (string) - Return Example: - {"status":"success","Key":"1234567890123456789012"} - -Methods with Key: ------------------ -getRoom - Description: - Returns a list of all Rooms (no id set) or details of a single Room (requested id) - Parameters: - id (integer) - Room ID - Return Example: - [{"RID":"1"},{"RID":"23"},{"RID":"42"}] - {"RID":"1","Name":"Room Name","Man":null,"FromPentabarf":"","show":"Y","Number":"0"} - -getAngelType - Description: - Returns a list of all Angel Types (no id set) or details of a single Angel Type (requested id) - Parameters: - id (integer) - Type ID - Return Example: - [{"id":"8"},{"id":"9"}] - {"id":"9","name":"Angeltypes 2","restricted":"0"} - -getUser - Description: - Returns a list of all Users (no id set) or details of a single User (requested id) - Parameters: - id (integer) - User ID - Return Example: - [{"UID":"1"},{"UID":"23"},{"UID":"42"}] - {"UID":"1","Nick":"admin","Name":"Gates","Vorname":"Bill","Telefon":"","DECT":"","Handy":"","email":"","jabber":"","Avatar":"115"} - -getShift - Description: - Returns a list of all Shifte (no id set, filter is optional) or details of a single Shift (requested id) - Parameters: - id (integer) - Shift ID - filterRoom (Array of integer) - Array of Room IDs (optional, for list request) - filterTask (Array of integer) - Array if Task (optional, for list request) - filterOccupancy (integer) - Occupancy state: (optional, for list request) - 1 occupied - 2 free - 3 occupied and free - Return Example: - [{"SID":"1"},{"SID":"2"},{"SID":"3"}] - {"SID":"10","start":"1388264400","end":"1388271600","RID":"1","name":"Shift 1","URL":null,"PSID":null,\ - "ShiftEntry":[{"TID":"8","UID":"4","freeloaded":"0"}], - "NeedAngels":[{"TID":"8","count":"1","restricted":"0","taken":1},{"TID":"9","count":"2","restricted":"0","taken":0}]} - -getMessage - Description: - Returns a list of all Messages (no id set) or details of a single Message (requested id) - Parameters: - id (integer) - Message ID - Return Example: - [{"id":"1"},{"id":"2"},{"id":"3"}] - {"id":"3","Datum":"1388247583","SUID":"23","RUID":"42","isRead":"N","Text":"message text"} - -sendMessage - Description: - send a Message to an other angel - Parameters: - uid (integer) - User ID of the reciever - text (string) - Message Text - Return Example: - {"status":"success"} - -************************************************************************************************/ - -/** - * General API Controller - */ -function api_controller() { - global $user, $DataJson; - - header("Content-Type: application/json; charset=utf-8"); - - // decode JSON request - $input = file_get_contents("php://input"); - $input = json_decode($input, true); - $_REQUEST = $input; - - // get command - $cmd = ''; - if (isset($_REQUEST['cmd'])) - $cmd = strtolower($_REQUEST['cmd']); - - // decode commands, without key - switch ($cmd) { - case 'getversion': - getVersion(); - die(json_encode($DataJson)); - break; - case 'getapikey': - getApiKey(); - die(json_encode($DataJson)); - break; - } - - // get API KEY - if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) - $key = $_REQUEST['key']; - else - die(json_encode(array( - 'status' => 'failed', - 'error' => 'Missing parameter "key".' - ))); - - // check API key - $user = User_by_api_key($key); - if ($user === false) - die(json_encode(array( - 'status' => 'failed', - 'error' => 'Unable to find user' - ))); - if ($user == null) - die(json_encode(array( - 'status' => 'failed', - 'error' => 'Key invalid.' - ))); - - // decode command - switch ($cmd) { - case 'getroom': - getRoom(); - break; - case 'getangeltype': - getAngelType(); - break; - case 'getuser': - // TODO Dataleak! Only coordinators are allowed to see so much user informations. - //getUser(); - break; - case 'getshift': - getShift(); - break; - case 'getmessage': - // TODO Dataleak! - //getMessage(); - break; - case 'sendmessage': - sendMessage(); - break; - default: - $DataJson = array( - 'status' => 'failed', - 'error' => 'Unknown Command "' . $cmd . '"' - ); - } - - // check - if ($DataJson === false) { - $DataJson = array( - 'status' => 'failed', - 'error' => 'DataJson === false' - ); - } elseif ($DataJson == null) { - $DataJson = array( - 'status' => 'failed', - 'error' => 'DataJson == null' - ); - } - - echo json_encode($DataJson); - die(); -} - -/** - * Get Version of API - */ -function getVersion() { - global $DataJson; - - $DataJson = array( - 'status' => 'success', - 'Version' => 1 - ); -} - -/** - * Get API Key - */ -function getApiKey() { - global $DataJson; - - if (! isset($_REQUEST['user'])) { - $DataJson = array( - 'status' => 'failed', - 'error' => 'Missing parameter "user".' - ); - } elseif (! isset($_REQUEST['pw'])) { - $DataJson = array( - 'status' => 'failed', - 'error' => 'Missing parameter "pw".' - ); - } else { - $Erg = sql_select("SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'"); - - if (count($Erg) == 1) { - $Erg = $Erg[0]; - if (verify_password($_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) { - $key = $Erg["api_key"]; - $DataJson = array( - 'status' => 'success', - 'Key' => $key - ); - } else { - $DataJson = array( - 'status' => 'failed', - 'error' => 'PW wrong' - ); - } - } else { - $DataJson = array( - 'status' => 'failed', - 'error' => 'User not found.' - ); - } - } - - sleep(1); -} - -/** - * Get Room - */ -function getRoom() { - global $DataJson; - - if (isset($_REQUEST['id'])) { - $DataJson = Room($_REQUEST['id']); - } else { - $DataJson = Room_ids(); - } -} - -/** - * Get AngelType - */ -function getAngelType() { - global $DataJson; - - if (isset($_REQUEST['id'])) { - $DataJson = AngelType($_REQUEST['id']); - } else { - $DataJson = AngelType_ids(); - } -} - -/** - * Get User - */ -function getUser() { - global $DataJson; - - if (isset($_REQUEST['id'])) { - $DataJson = mUser_Limit($_REQUEST['id']); - } else { - $DataJson = User_ids(); - } -} - -/** - * Get Shift - */ -function getShift() { - global $DataJson; - - if (isset($_REQUEST['id'])) { - $DataJson = Shift($_REQUEST['id']); - } else { - $DataJson = Shifts_filtered(); - } -} - -/** - * @TODO: Why are ALL messages of ALL users returned? Data leak. It is not checked if this is my message! - * Get Message - */ -function getMessage() { - global $DataJson; - - if (isset($_REQUEST['id'])) { - $DataJson = Message($_REQUEST['id']); - } else { - $DataJson = Message_ids(); - } -} - -/** - * Send Message - */ -function sendMessage() { - global $DataJson; - - if (! isset($_REQUEST['uid'])) { - $DataJson = array( - 'status' => 'failed', - 'error' => 'Missing parameter "uid".' - ); - } elseif (! isset($_REQUEST['text'])) { - $DataJson = array( - 'status' => 'failed', - 'error' => 'Missing parameter "text".' - ); - } else { - if (Message_send($_REQUEST['uid'], $_REQUEST['text']) === true) { - $DataJson = array( - 'status' => 'success' - ); - } else { - $DataJson = array( - 'status' => 'failed', - 'error' => 'Transmitting was terminated with an Error.' - ); - } - } -} - -?> diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php index 66abc589..f76f10ae 100644 --- a/includes/controller/user_angeltypes_controller.php +++ b/includes/controller/user_angeltypes_controller.php @@ -14,7 +14,7 @@ function user_angeltypes_unconfirmed_hint() { $unconfirmed_links = []; foreach ($unconfirmed_user_angeltypes as $user_angeltype) - $unconfirmed_links[] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $user_angeltype['angeltype_id'] . '">' . $user_angeltype['name'] . '</a>'; + $unconfirmed_links[] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $user_angeltype['angeltype_id'] . '">' . $user_angeltype['name'] . ' (+' . $user_angeltype['count'] . ')' . '</a>'; return info(sprintf(ngettext("There is %d unconfirmed angeltype.", "There are %d unconfirmed angeltypes.", count($unconfirmed_user_angeltypes)), count($unconfirmed_user_angeltypes)) . " " . _('Angel types which need approvals:') . ' ' . join(', ', $unconfirmed_links), true); } diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 7810ce77..067fc4aa 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -22,8 +22,8 @@ function users_controller() { return user_edit_controller(); case 'delete': return user_delete_controller(); - case 'got_voucher': - return user_got_voucher_controller(); + case 'edit_vouchers': + return user_edit_vouchers_controller(); } } @@ -35,7 +35,7 @@ function user_link($user) { return page_link_to('users') . '&action=view&user_id=' . $user['UID']; } -function user_got_voucher_controller() { +function user_edit_vouchers_controller() { global $privileges, $user; if (isset($_REQUEST['user_id'])) { @@ -43,24 +43,37 @@ function user_got_voucher_controller() { } else $user_source = $user; - $admin_user_privilege = in_array('admin_user', $privileges); - if (! in_array('admin_user', $privileges)) redirect(page_link_to('')); - if (! isset($_REQUEST['got_voucher'])) - redirect(page_link_to('')); - - $user_source['got_voucher'] = $_REQUEST['got_voucher'] == 'true'; - - $result = User_update($user_source); - if ($result === false) - engelsystem_error('Unable to update user.'); - - success($user_source['got_voucher'] ? _('User got vouchers.') : _('User didnt got vouchers.')); - engelsystem_log(User_Nick_render($user_source) . ($user_source['got_voucher'] ? ' got vouchers' : ' didnt got vouchers')); + if (isset($_REQUEST['submit'])) { + $ok = true; + + if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) + $vouchers = trim($_REQUEST['vouchers']); + else { + $ok = false; + error(_("Please enter a valid number of vouchers.")); + } + + if ($ok) { + $user_source['got_voucher'] = $vouchers; + + $result = User_update($user_source); + if ($result === false) + engelsystem_error('Unable to update user.'); + + success(_("Saved the number of vouchers.")); + engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf("Got %s vouchers", $user_source['got_voucher'])); + + redirect(user_link($user_source)); + } + } - redirect(user_link($user_source)); + return array( + sprintf(_("%s's vouchers"), $user_source['Nick']), + User_edit_vouchers_view($user_source) + ); } function user_controller() { diff --git a/includes/engelsystem_provider.php b/includes/engelsystem_provider.php new file mode 100644 index 00000000..2dc425a2 --- /dev/null +++ b/includes/engelsystem_provider.php @@ -0,0 +1,90 @@ +<?php +/** + * This file includes all needed functions, connects to the db etc. + */ +require_once realpath(__DIR__ . '/../includes/mysqli_provider.php'); + +require_once realpath(__DIR__ . '/../includes/sys_auth.php'); +require_once realpath(__DIR__ . '/../includes/sys_log.php'); +require_once realpath(__DIR__ . '/../includes/sys_menu.php'); +require_once realpath(__DIR__ . '/../includes/sys_page.php'); +require_once realpath(__DIR__ . '/../includes/sys_template.php'); + +require_once realpath(__DIR__ . '/../includes/model/AngelType_model.php'); +require_once realpath(__DIR__ . '/../includes/model/LogEntries_model.php'); +require_once realpath(__DIR__ . '/../includes/model/Message_model.php'); +require_once realpath(__DIR__ . '/../includes/model/NeededAngelTypes_model.php'); +require_once realpath(__DIR__ . '/../includes/model/Room_model.php'); +require_once realpath(__DIR__ . '/../includes/model/ShiftEntry_model.php'); +require_once realpath(__DIR__ . '/../includes/model/Shifts_model.php'); +require_once realpath(__DIR__ . '/../includes/model/ShiftTypes_model.php'); +require_once realpath(__DIR__ . '/../includes/model/UserAngelTypes_model.php'); +require_once realpath(__DIR__ . '/../includes/model/UserGroups_model.php'); +require_once realpath(__DIR__ . '/../includes/model/User_model.php'); + +require_once realpath(__DIR__ . '/../includes/view/AngelTypes_view.php'); +require_once realpath(__DIR__ . '/../includes/view/Questions_view.php'); +require_once realpath(__DIR__ . '/../includes/view/Rooms_view.php'); +require_once realpath(__DIR__ . '/../includes/view/Shifts_view.php'); +require_once realpath(__DIR__ . '/../includes/view/ShiftEntry_view.php'); +require_once realpath(__DIR__ . '/../includes/view/ShiftTypes_view.php'); +require_once realpath(__DIR__ . '/../includes/view/UserAngelTypes_view.php'); +require_once realpath(__DIR__ . '/../includes/view/User_view.php'); + +require_once realpath(__DIR__ . '/../includes/controller/angeltypes_controller.php'); +require_once realpath(__DIR__ . '/../includes/controller/rooms_controller.php'); +require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); +require_once realpath(__DIR__ . '/../includes/controller/shifttypes_controller.php'); +require_once realpath(__DIR__ . '/../includes/controller/users_controller.php'); +require_once realpath(__DIR__ . '/../includes/controller/user_angeltypes_controller.php'); + +require_once realpath(__DIR__ . '/../includes/helper/graph_helper.php'); +require_once realpath(__DIR__ . '/../includes/helper/internationalization_helper.php'); +require_once realpath(__DIR__ . '/../includes/helper/message_helper.php'); +require_once realpath(__DIR__ . '/../includes/helper/error_helper.php'); +require_once realpath(__DIR__ . '/../includes/helper/email_helper.php'); +require_once realpath(__DIR__ . '/../includes/helper/session_helper.php'); + +require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php'); + +require_once realpath(__DIR__ . '/../config/config.default.php'); +if (file_exists(realpath(__DIR__ . '/../config/config.php'))) + require_once realpath(__DIR__ . '/../config/config.php'); + +if ($maintenance_mode) { + echo file_get_contents(__DIR__ . '/../public/maintenance.html'); + die(); +} + +require_once realpath(__DIR__ . '/../includes/pages/admin_active.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_arrive.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_free.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_groups.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_import.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_log.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_questions.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_rooms.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_shifts.php'); +require_once realpath(__DIR__ . '/../includes/pages/admin_user.php'); +require_once realpath(__DIR__ . '/../includes/pages/guest_login.php'); +require_once realpath(__DIR__ . '/../includes/pages/user_messages.php'); +require_once realpath(__DIR__ . '/../includes/pages/user_myshifts.php'); +require_once realpath(__DIR__ . '/../includes/pages/user_news.php'); +require_once realpath(__DIR__ . '/../includes/pages/user_questions.php'); +require_once realpath(__DIR__ . '/../includes/pages/user_settings.php'); +require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php'); + +require_once realpath(__DIR__ . '/../vendor/parsedown/Parsedown.php'); + +if (! defined('PHPUNIT_TESTSUITE')) { + session_lifetime(24 * 60, preg_replace("/[^a-z0-9-]/", '', md5(__DIR__))); +} +session_start(); + +gettext_init(); + +sql_connect($config['host'], $config['user'], $config['pw'], $config['db']); + +load_auth(); + +?>
\ No newline at end of file diff --git a/includes/helper/graph_helper.php b/includes/helper/graph_helper.php new file mode 100644 index 00000000..17473634 --- /dev/null +++ b/includes/helper/graph_helper.php @@ -0,0 +1,39 @@ +<?php + +/** + * Renders a bargraph + * @param string $key keyname of the x-axis + * @param array $row_names keynames for the data rows + * @param unknown $colors colors for the data rows + * @param unknown $data the data + */ +function bargraph($id, $key, $row_names, $colors, $data) { + $labels = []; + foreach ($data as $dataset) + $labels[] = $dataset[$key]; + + $datasets = []; + foreach ($row_names as $row_key => $name) { + $values = []; + foreach ($data as $dataset) + $values[] = $dataset[$row_key]; + $datasets[] = [ + 'label' => $name, + 'fillColor' => $colors[$row_key], + 'data' => $values + ]; + } + + return '<canvas id="' . $id . '" style="width: 100%; height: 300px;"></canvas> + <script type="text/javascript"> + $(function(){ + var ctx = $("#' . $id . '").get(0).getContext("2d"); + var chart = new Chart(ctx).Bar(' . json_encode([ + 'labels' => $labels, + 'datasets' => $datasets + ]) . '); + }); + </script>'; +} + +?>
\ No newline at end of file diff --git a/includes/helper/internationalization_helper.php b/includes/helper/internationalization_helper.php index 836bbc6a..a8fdd0f0 100644 --- a/includes/helper/internationalization_helper.php +++ b/includes/helper/internationalization_helper.php @@ -7,6 +7,20 @@ $locales = array( $default_locale = 'en_US.UTF-8'; /** + * Return currently active locale + */ +function locale() { + return $_SESSION['locale']; +} + +/** + * Returns two letter language code from currently active locale + */ +function locale_short() { + return substr(locale(), 0, 2); +} + +/** * Initializes gettext for internationalization and updates the sessions locale to use for translation. */ function gettext_init() { diff --git a/includes/helper/session_helper.php b/includes/helper/session_helper.php index 4063ff69..443701ee 100644 --- a/includes/helper/session_helper.php +++ b/includes/helper/session_helper.php @@ -9,7 +9,7 @@ */ function session_lifetime($lifetime, $application_name) { // Set session save path and name - $session_save_path = rtrim(session_save_path(), '/') . '/' . $application_name; + $session_save_path = '/tmp/' . $application_name; if (! file_exists($session_save_path)) mkdir($session_save_path); if (file_exists($session_save_path)) @@ -22,7 +22,7 @@ function session_lifetime($lifetime, $application_name) { ini_set('session.gc_divisor', 100); // Cookie settings (lifetime) - ini_set('session.cookie_secure', ! (preg_match("/^localhost/", $_SERVER["HTTP_HOST"]) || isset($_GET['debug']))); + ini_set('session.cookie_secure', ! (isset($_SERVER['HTTP_HOST']) && preg_match("/^localhost/", $_SERVER["HTTP_HOST"]) || isset($_GET['debug']))); ini_set('session.use_only_cookies', true); ini_set('session.cookie_lifetime', $lifetime * 60); } diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php index d13c3692..8b7f65a0 100644 --- a/includes/model/LogEntries_model.php +++ b/includes/model/LogEntries_model.php @@ -12,7 +12,7 @@ function LogEntry_create($nick, $message) { } /** - * Returns log entries of the last 24 hours with maximum count of 1000. + * Returns log entries with maximum count of 10000. */ function LogEntries() { return sql_select("SELECT * FROM `LogEntries` ORDER BY `timestamp` DESC LIMIT 10000"); @@ -25,4 +25,11 @@ function LogEntries_filter($keyword) { return sql_select("SELECT * FROM `LogEntries` WHERE `nick` LIKE '%" . sql_escape($keyword) . "%' OR `message` LIKE '%" . sql_escape($keyword) . "%' ORDER BY `timestamp` DESC"); } +/** + * Delete all log entries. + */ +function LogEntries_clear_all() { + return sql_query("TRUNCATE `LogEntries`"); +} + ?> diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php index 523436c6..2868916e 100644 --- a/includes/model/Room_model.php +++ b/includes/model/Room_model.php @@ -1,15 +1,33 @@ <?php /** - * Returns room id array + * Delete a room + * @param int $room_id */ -function Room_ids() { - $room_source = sql_select("SELECT `RID` FROM `Room` WHERE `show` = 'Y'"); - if ($room_source === false) +function Room_delete($room_id) { + return sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($room_id)); +} + +/** + * Create a new room + * + * @param string $name + * Name of the room + * @param boolean $from_frab + * Is this a frab imported room? + * @param boolean $public + * Is the room visible for angels? + */ +function Room_create($name, $from_frab, $public) { + $result = sql_query(" + INSERT INTO `Room` SET + `Name`='" . sql_escape($name) . "', + `FromPentabarf`='" . sql_escape($from_frab ? 'Y' : 'N') . "', + `show`='" . sql_escape($public ? 'Y' : 'N') . "', + `Number`=0"); + if ($result === false) return false; - if (count($room_source) > 0) - return $room_source; - return null; + return sql_id(); } /** @@ -18,7 +36,7 @@ function Room_ids() { * @param $id RID */ function Room($id) { - $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($id) . "' AND `show` = 'Y' LIMIT 1"); + $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($id) . "' AND `show` = 'Y'"); if ($room_source === false) return false; diff --git a/includes/model/ShiftTypes_model.php b/includes/model/ShiftTypes_model.php index 907ad076..7f057da8 100644 --- a/includes/model/ShiftTypes_model.php +++ b/includes/model/ShiftTypes_model.php @@ -35,7 +35,7 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) { function ShiftType_create($name, $angeltype_id, $description) { $result = sql_query("INSERT INTO `ShiftTypes` SET `name`='" . sql_escape($name) . "', - `angeltype_id`='" . sql_null($angeltype_id) . "', + `angeltype_id`=" . sql_null($angeltype_id) . ", `description`='" . sql_escape($description) . "'"); if ($result === false) return false; diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index c12d3e01..d32de0cb 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -101,6 +101,7 @@ function Shift_delete($shift_id) { * Update a shift. */ function Shift_update($shift) { + global $user; $shift['name'] = ShiftType($shift['shifttype_id'])['name']; mail_shift_change(Shift($shift['SID']), $shift); @@ -111,7 +112,9 @@ function Shift_update($shift) { `RID`='" . sql_escape($shift['RID']) . "', `title`=" . sql_null($shift['title']) . ", `URL`=" . sql_null($shift['URL']) . ", - `PSID`=" . sql_null($shift['PSID']) . " + `PSID`=" . sql_null($shift['PSID']) . ", + `edited_by_user_id`='" . sql_escape($user['UID']) . "', + `edited_at_timestamp`=" . time() . " WHERE `SID`='" . sql_escape($shift['SID']) . "'"); } @@ -134,6 +137,7 @@ function Shift_update_by_psid($shift) { * @return new shift id or false */ function Shift_create($shift) { + global $user; $result = sql_query("INSERT INTO `Shifts` SET `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "', `start`='" . sql_escape($shift['start']) . "', @@ -141,7 +145,9 @@ function Shift_create($shift) { `RID`='" . sql_escape($shift['RID']) . "', `title`=" . sql_null($shift['title']) . ", `URL`=" . sql_null($shift['URL']) . ", - `PSID`=" . sql_null($shift['PSID'])); + `PSID`=" . sql_null($shift['PSID']) . ", + `created_by_user_id`='" . sql_escape($user['UID']) . "', + `created_at_timestamp`=" . time()); if ($result === false) return false; return sql_id(); diff --git a/includes/model/UserAngelTypes_model.php b/includes/model/UserAngelTypes_model.php index 19686480..b2ebd9fe 100644 --- a/includes/model/UserAngelTypes_model.php +++ b/includes/model/UserAngelTypes_model.php @@ -19,13 +19,19 @@ function User_angeltypes($user) { */ function User_unconfirmed_AngelTypes($user) { return sql_select(" - SELECT `UnconfirmedMembers`.*, `AngelTypes`.`name` FROM `UserAngelTypes` + SELECT + `UserAngelTypes`.*, + `AngelTypes`.`name`, + count(`UnconfirmedMembers`.`user_id`) as `count` + FROM `UserAngelTypes` JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` JOIN `UserAngelTypes` as `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id` WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "' - AND `UserAngelTypes`.`coordinator`=TRUE - AND `AngelTypes`.`restricted`=TRUE - AND `UnconfirmedMembers`.`confirm_user_id` IS NULL"); + AND `UserAngelTypes`.`coordinator`=TRUE + AND `AngelTypes`.`restricted`=TRUE + AND `UnconfirmedMembers`.`confirm_user_id` IS NULL + GROUP BY `UserAngelTypes`.`angeltype_id` + ORDER BY `AngelTypes`.`name`"); } /** diff --git a/includes/model/User_model.php b/includes/model/User_model.php index c6f8e3bf..bd3ec31f 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -29,8 +29,10 @@ function User_update($user) { `color`='" . sql_escape($user['color']) . "', `Sprache`='" . sql_escape($user['Sprache']) . "', `Hometown`='" . sql_escape($user['Hometown']) . "', - `got_voucher`=" . sql_bool($user['got_voucher']) . " - WHERE `UID`='" . sql_escape($user['UID']). "'"); + `got_voucher`='" . sql_escape($user['got_voucher']) . "', + `arrival_date`='" . sql_escape($user['arrival_date']) . "', + `planned_arrival_date`='" . sql_escape($user['planned_arrival_date']) . "' + WHERE `UID`='" . sql_escape($user['UID']) . "'"); } /** @@ -45,7 +47,7 @@ function User_active_count() { } function User_got_voucher_count() { - return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `got_voucher` = TRUE"); + return sql_select_single_cell("SELECT SUM(`got_voucher`) FROM `User`"); } function User_arrived_count() { @@ -165,7 +167,7 @@ function User($id) { * @param $id UID */ function mUser_Limit($id) { - $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber`, `Avatar` FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber` FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); if ($user_source === false) return false; if (count($user_source) > 0) diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index 9046ca2d..e3fa0996 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -1,22 +1,27 @@ <?php + function admin_active_title() { return _("Active angels"); } function admin_active() { global $tshirt_sizes, $shift_sum_formula; - + $msg = ""; $search = ""; $forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1"); $count = $forced_count; $limit = ""; $set_active = ""; + if (isset($_REQUEST['search'])) $search = strip_request_item('search'); + + $show_all_shifts = isset($_REQUEST['show_all_shifts']); + if (isset($_REQUEST['set_active'])) { $ok = true; - + if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) { $count = strip_request_item('count'); if ($count < $forced_count) { @@ -27,7 +32,7 @@ function admin_active() { $ok = false; $msg .= error(_("Please enter a number of angels to be marked as active."), true); } - + if ($ok) $limit = " LIMIT " . $count; if (isset($_REQUEST['ack'])) { @@ -45,15 +50,16 @@ function admin_active() { sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'"); $user_nicks[] = User_Nick_render($usr); } + sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE"); engelsystem_log("These angels are active now: " . join(", ", $user_nicks)); - + $limit = ""; $msg = success(_("Marked angels."), true); } else { $set_active = '<a href="' . page_link_to('admin_active') . '&serach=' . $search . '">« ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&search=' . $search . '&count=' . $count . '&set_active&ack">' . _("apply") . '</a>'; } } - + if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) { $id = $_REQUEST['active']; $user_source = User($id); @@ -91,15 +97,16 @@ function admin_active() { } else $msg = error(_("Angel not found."), true); } - + $users = sql_select(" SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` - WHERE `User`.`Gekommen` = 1 + WHERE `User`.`Gekommen` = 1 + " . ($show_all_shifts ? "" : "AND (`Shifts`.`end` < " . time() . " OR `Shifts`.`end` IS NULL)") . " GROUP BY `User`.`UID` ORDER BY `force_active` DESC, `shift_length` DESC" . $limit); - + $matched_users = array(); if ($search == "") $tokens = array(); @@ -123,41 +130,47 @@ function admin_active() { $usr['active'] = glyph_bool($usr['Aktiv'] == 1); $usr['force_active'] = glyph_bool($usr['force_active'] == 1); $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1); - + $actions = array(); if ($usr['Aktiv'] == 0) - $actions[] = '<a href="' . page_link_to('admin_active') . '&active=' . $usr['UID'] . '&search=' . $search . '">' . _("set active") . '</a>'; + $actions[] = '<a href="' . page_link_to('admin_active') . '&active=' . $usr['UID'] . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' . _("set active") . '</a>'; if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) { - $actions[] = '<a href="' . page_link_to('admin_active') . '&not_active=' . $usr['UID'] . '&search=' . $search . '">' . _("remove active") . '</a>'; - $actions[] = '<a href="' . page_link_to('admin_active') . '&tshirt=' . $usr['UID'] . '&search=' . $search . '">' . _("got t-shirt") . '</a>'; + $actions[] = '<a href="' . page_link_to('admin_active') . '&not_active=' . $usr['UID'] . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' . _("remove active") . '</a>'; + $actions[] = '<a href="' . page_link_to('admin_active') . '&tshirt=' . $usr['UID'] . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' . _("got t-shirt") . '</a>'; } if ($usr['Tshirt'] == 1) - $actions[] = '<a href="' . page_link_to('admin_active') . '&not_tshirt=' . $usr['UID'] . '&search=' . $search . '">' . _("remove t-shirt") . '</a>'; - + $actions[] = '<a href="' . page_link_to('admin_active') . '&not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' . _("remove t-shirt") . '</a>'; + $usr['actions'] = join(' ', $actions); - + $matched_users[] = $usr; } - - $shirt_statistics = sql_select(" - SELECT `Size`, count(`Size`) AS `count` - FROM `User` - WHERE `Tshirt`=1 - GROUP BY `Size` - ORDER BY `count` DESC"); - $shirt_statistics[] = array( - 'Size' => '<b>' . _("Sum") . '</b>', - 'count' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' - ); - + + $shirt_statistics = []; + foreach ($tshirt_sizes as $size => $_) { + if ($size != '') { + $shirt_statistics[] = [ + 'size' => $size, + 'needed' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Gekommen`=1"), + 'given' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Tshirt`=1") + ]; + } + } + $shirt_statistics[] = [ + 'size' => '<b>' . _("Sum") . '</b>', + 'needed' => '<b>' . User_arrived_count() . '</b>', + 'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' + ]; + return page_with_title(admin_active_title(), array( form(array( form_text('search', _("Search angel:"), $search), - form_submit('submit', _("Search")) - )), + form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts), + form_submit('submit', _("Search")) + ), page_link_to('admin_active')), $set_active == "" ? form(array( form_text('count', _("How much angels should be active?"), $count), - form_submit('set_active', _("Preview")) + form_submit('set_active', _("Preview")) )) : $set_active, msg(), table(array( @@ -168,13 +181,14 @@ function admin_active() { 'active' => _("Active?"), 'force_active' => _("Forced"), 'tshirt' => _("T-shirt?"), - 'actions' => "" + 'actions' => "" ), $matched_users), - '<h2>' . _("Given shirts") . '</h2>', + '<h2>' . _("Shirt statistics") . '</h2>', table(array( - 'Size' => _("Size"), - 'count' => _("Count") - ), $shirt_statistics) + 'size' => _("Size"), + 'needed' => _("Needed shirts"), + 'given' => _("Given shirts") + ), $shirt_statistics) )); } ?> diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index f51ef7ac..c7fcab63 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -1,4 +1,5 @@ <?php + function admin_arrive_title() { return _("Arrived angels"); } @@ -13,7 +14,7 @@ function admin_arrive() { $id = $_REQUEST['reset']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set to not arrived: " . User_Nick_render($user_source)); $msg = success(_("Reset done. Angel has not arrived."), true); } else @@ -22,7 +23,7 @@ function admin_arrive() { $id = $_REQUEST['arrived']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set has arrived: " . User_Nick_render($user_source)); $msg = success(_("Angel has been marked as arrived."), true); } else @@ -30,10 +31,13 @@ function admin_arrive() { } $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`"); + $arrival_count_at_day = []; + $planned_arrival_count_at_day = []; + $planned_departure_count_at_day = []; $table = ""; - $users_matched = array(); + $users_matched = []; if ($search == "") - $tokens = array(); + $tokens = []; else $tokens = explode(" ", $search); foreach ($users as $usr) { @@ -48,18 +52,78 @@ function admin_arrive() { if (! $match) continue; } - $table .= '<tr>'; - $table .= '<td>' . User_Nick_render($usr) . '</td>'; + $usr['nick'] = User_Nick_render($usr); + if ($usr['planned_departure_date'] != null) + $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']); + else + $usr['rendered_planned_departure_date'] = '-'; + $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); + $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>'; - if ($usr['Gekommen'] == 1) - $table .= '<td>yes</td><td><a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">reset</a></td>'; - else - $table .= '<td></td><td><a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">arrived</a></td>'; - $table .= '</tr>'; + + if ($usr['arrival_date'] > 0) { + $day = date('Y-m-d', $usr['arrival_date']); + if (! isset($arrival_count_at_day[$day])) + $arrival_count_at_day[$day] = 0; + $arrival_count_at_day[$day] ++; + } + + if ($usr['planned_arrival_date'] != null) { + $day = date('Y-m-d', $usr['planned_arrival_date']); + if (! isset($planned_arrival_count_at_day[$day])) + $planned_arrival_count_at_day[$day] = 0; + $planned_arrival_count_at_day[$day] ++; + } + + if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) { + $day = date('Y-m-d', $usr['planned_departure_date']); + if (! isset($planned_departure_count_at_day[$day])) + $planned_departure_count_at_day[$day] = 0; + $planned_departure_count_at_day[$day] ++; + } + $users_matched[] = $usr; } + + ksort($arrival_count_at_day); + ksort($planned_arrival_count_at_day); + ksort($planned_departure_count_at_day); + + $arrival_at_day = []; + $arrival_sum = 0; + foreach ($arrival_count_at_day as $day => $count) { + $arrival_sum += $count; + $arrival_at_day[$day] = [ + 'day' => $day, + 'count' => $count, + 'sum' => $arrival_sum + ]; + } + + $planned_arrival_sum_at_day = []; + $planned_arrival_sum = 0; + foreach ($planned_arrival_count_at_day as $day => $count) { + $planned_arrival_sum += $count; + $planned_arrival_at_day[$day] = [ + 'day' => $day, + 'count' => $count, + 'sum' => $planned_arrival_sum + ]; + } + + $planned_departure_at_day = []; + $planned_departure_sum = 0; + foreach ($planned_departure_count_at_day as $day => $count) { + $planned_departure_sum += $count; + $planned_departure_at_day[$day] = [ + 'day' => $day, + 'count' => $count, + 'sum' => $planned_departure_sum + ]; + } + return page_with_title(admin_arrive_title(), array( msg(), form(array( @@ -68,9 +132,59 @@ function admin_arrive() { )), table(array( 'nick' => _("Nickname"), + 'rendered_planned_arrival_date' => _("Planned arrival"), 'arrived' => _("Arrived?"), + 'rendered_arrival_date' => _("Arrival date"), + 'rendered_planned_departure_date' => _("Planned departure"), 'actions' => "" - ), $users_matched) + ), $users_matched), + div('row', [ + div('col-md-4', [ + heading(_("Planned arrival statistics"), 2), + bargraph('planned_arrives', 'day', [ + 'count' => _("arrived"), + 'sum' => _("arrived sum") + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $planned_arrival_at_day), + table([ + 'day' => _("Date"), + 'count' => _("Count"), + 'sum' => _("Sum") + ], $planned_arrival_at_day) + ]), + div('col-md-4', [ + heading(_("Arrival statistics"), 2), + bargraph('arrives', 'day', [ + 'count' => _("arrived"), + 'sum' => _("arrived sum") + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $arrival_at_day), + table([ + 'day' => _("Date"), + 'count' => _("Count"), + 'sum' => _("Sum") + ], $arrival_at_day) + ]), + div('col-md-4', [ + heading(_("Planned departure statistics"), 2), + bargraph('planned_departures', 'day', [ + 'count' => _("arrived"), + 'sum' => _("arrived sum") + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $planned_departure_at_day), + table([ + 'day' => _("Date"), + 'count' => _("Count"), + 'sum' => _("Sum") + ], $planned_departure_at_day) + ]) + ]) )); } ?> diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index 786ea08b..63104026 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -162,7 +162,9 @@ function admin_import() { list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); foreach ($rooms_new as $room) { - sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($room) . "', `FromPentabarf`='Y', `Show`='Y'"); + $result = Room_create($room, true, true); + if ($result === false) + engelsystem_error('Unable to create room.'); $rooms_import[trim($room)] = sql_id(); } foreach ($rooms_deleted as $room) diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 777ff6be..2d5e5ae4 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -1,11 +1,12 @@ <?php + function admin_rooms_title() { return _("Rooms"); } function admin_rooms() { global $user; - + $rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $rooms = array(); foreach ($rooms_source as $room) @@ -15,17 +16,17 @@ function admin_rooms() { 'public' => $room['show'] == 'Y' ? '✓' : '', 'actions' => buttons(array( button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), - button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') - )) + button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') + )) ); - + if (isset($_REQUEST['show'])) { $msg = ""; $name = ""; $from_pentabarf = ""; $public = 'Y'; $number = ""; - + $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angeltypes = array(); $angeltypes_count = array(); @@ -33,7 +34,7 @@ function admin_rooms() { $angeltypes[$angeltype['id']] = $angeltype['name']; $angeltypes_count[$angeltype['id']] = 0; } - + if (test_request_int('id')) { $room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'"); if (count($room) > 0) { @@ -47,33 +48,33 @@ function admin_rooms() { } else redirect(page_link_to('admin_rooms')); } - + if ($_REQUEST['show'] == 'edit') { if (isset($_REQUEST['submit'])) { $ok = true; - + if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) $name = strip_request_item('name'); else { $ok = false; $msg .= error(_("Please enter a name."), true); } - + if (isset($_REQUEST['from_pentabarf'])) $from_pentabarf = 'Y'; else $from_pentabarf = ''; - + if (isset($_REQUEST['public'])) $public = 'Y'; else $public = ''; - + if (isset($_REQUEST['number'])) $number = strip_request_item('number'); else $ok = false; - + foreach ($angeltypes as $angeltype_id => $angeltype) { if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; @@ -82,27 +83,30 @@ function admin_rooms() { $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true); } } - + if ($ok) { if (isset($id)) { sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } else { - sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "'"); - $id = sql_id(); + $id = Room_create($name, $from_pentabarf, $public, $number); + if ($id === false) + engelsystem_error("Unable to create room."); engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } - + sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); $needed_angeltype_info = array(); foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { - $angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "' LIMIT 1"); - if (count($angeltype_source) > 0) { + $angeltype = AngelType($angeltype_id); + if ($angeltype === false) + engelsystem_error("Unable to load angeltype."); + if ($angeltype != null) { sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'"); - $needed_angeltype_info[] = $angeltypes_source[0]['name'] . ": " . $angeltype_count; + $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; } } - + engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info)); success(_("Room saved.")); redirect(page_link_to("admin_rooms")); @@ -110,66 +114,68 @@ function admin_rooms() { } $angeltypes_count_form = array(); foreach ($angeltypes as $angeltype_id => $angeltype) - $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]))); - + $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array( + form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) + )); + return page_with_title(admin_rooms_title(), array( buttons(array( - button(page_link_to('admin_rooms'), _("back"), 'back') + button(page_link_to('admin_rooms'), _("back"), 'back') )), $msg, form(array( - div('row', array( - div('col-md-6', array( - form_text('name', _("Name"), $name), - form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), - form_checkbox('public', _("Public"), $public), - form_text('number', _("Room number"), $number) - )), - div('col-md-6', array( - div('row', array( - div('col-md-12', array( - form_info(_("Needed angels:")), + div('row', array( + div('col-md-6', array( + form_text('name', _("Name"), $name), + form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), + form_checkbox('public', _("Public"), $public), + form_text('number', _("Room number"), $number) )), - join($angeltypes_count_form) - )) - )) - )), - form_submit('submit', _("Save")) - )) + div('col-md-6', array( + div('row', array( + div('col-md-12', array( + form_info(_("Needed angels:")) + )), + join($angeltypes_count_form) + )) + )) + )), + form_submit('submit', _("Save")) + )) )); } elseif ($_REQUEST['show'] == 'delete') { if (isset($_REQUEST['ack'])) { sql_query("DELETE FROM `Room` WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "' LIMIT 1"); - + engelsystem_log("Room deleted: " . $name); success(sprintf(_("Room %s deleted."), $name)); redirect(page_link_to('admin_rooms')); } - + return page_with_title(admin_rooms_title(), array( buttons(array( - button(page_link_to('admin_rooms'), _("back"), 'back') + button(page_link_to('admin_rooms'), _("back"), 'back') )), sprintf(_("Do you want to delete room %s?"), $name), buttons(array( - button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete') - )) + button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete') + )) )); } } - + return page_with_title(admin_rooms_title(), array( buttons(array( - button(page_link_to('admin_rooms') . '&show=edit', _("add")) + button(page_link_to('admin_rooms') . '&show=edit', _("add")) )), msg(), table(array( 'name' => _("Name"), 'from_pentabarf' => _("Frab import"), 'public' => _("Public"), - 'actions' => "" - ), $rooms) + 'actions' => "" + ), $rooms) )); } ?> diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index 5ff46fc9..346e9046 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -10,7 +10,7 @@ function admin_shifts() { $rid = 0; $start = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d") . " 00:00")->getTimestamp(); - $end = $start + 24 * 60 * 60; + $end = $start; $mode = 'single'; $angelmode = 'manually'; $length = ''; @@ -293,7 +293,7 @@ function admin_shifts() { $room_select = html_select_key('rid', 'rid', $room_array, $_REQUEST['rid']); $angel_types = ""; foreach ($types as $type) - $angel_types .= form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]); + $angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>'; return page_with_title(admin_shifts_title(), array( msg(), @@ -316,7 +316,7 @@ function admin_shifts() { form_info(_("Needed angels"), ''), form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'), form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'), - $angel_types, + '<div class="row">'.$angel_types.'</div>', '</div>', '</div>', form_submit('preview', _("Preview")) diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 18ed6210..ee244925 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -71,7 +71,7 @@ function admin_user() { $html .= " <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n"; - $html .= "</table>\n</td><td valign=\"top\">" . User_Avatar_render($user_source) . "</td></tr>"; + $html .= "</table>\n</td><td valign=\"top\"></td></tr>"; $html .= "</td></tr>\n"; $html .= "</table>\n<br />\n"; @@ -93,11 +93,11 @@ function admin_user() { $html .= "<hr />"; - $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `uid` LIMIT 1"); + $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1"); if (count($my_highest_group) > 0) $my_highest_group = $my_highest_group[0]['group_id']; - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `uid` LIMIT 1"); + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1"); if (count($his_highest_group) > 0) $his_highest_group = $his_highest_group[0]['group_id']; diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 8f128d9e..677b057b 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -32,6 +32,7 @@ function guest_register() { $tshirt_size = ''; $password_hash = ""; $selected_angel_types = array(); + $planned_arrival_date = null; $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angel_types = array(); @@ -96,6 +97,13 @@ function guest_register() { $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), MIN_PASSWORD_LENGTH), true); } + if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) { + $planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp(); + } else { + $ok = false; + $msg .= error(_("Please enter your planned date of arrival."), true); + } + $selected_angel_types = array(); foreach ($angel_types as $angel_type_id => $angel_type_name) if (isset($_REQUEST['angel_types_' . $angel_type_id])) @@ -131,14 +139,16 @@ function guest_register() { `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . "', `email`='" . sql_escape($mail) . "', - `email_shiftinfo`='" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . "', + `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . "', `Passwort`='" . sql_escape($password_hash) . "', `kommentar`='" . sql_escape($comment) . "', `Hometown`='" . sql_escape($hometown) . "', `CreateDate`=NOW(), - `Sprache`='" . sql_escape($_SESSION["locale"]) . "'"); + `Sprache`='" . sql_escape($_SESSION["locale"]) . "', + `arrival_date`=NULL, + `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'"); // Assign user-group and set password $user_id = sql_id(); @@ -170,11 +180,18 @@ function guest_register() { form_text('nick', _("Nick") . ' ' . entry_required(), $nick) )), div('col-sm-8', array( - form_text('mail', _("E-Mail") . ' ' . entry_required(), $mail), + form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo) )) )), - $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '', + div('row', array( + div('col-sm-6', array( + form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()) + )), + div('col-sm-6', array( + $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '' + )) + )), div('row', array( div('col-sm-6', array( form_password('password', _("Password") . ' ' . entry_required()) @@ -269,6 +286,7 @@ function guest_login() { if ($ok) { $_SESSION['uid'] = $login_user['UID']; $_SESSION['locale'] = $login_user['Sprache']; + redirect(page_link_to('news')); } } diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index 4a6a1838..ee3cf1be 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -79,7 +79,7 @@ function user_myshifts() { } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { $id = $_REQUEST['cancel']; $shift = sql_select(" - SELECT `Shifts`.`start` + SELECT * FROM `Shifts` INNER JOIN `ShiftEntry` USING (`SID`) WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'"); @@ -89,6 +89,11 @@ function user_myshifts() { $result = ShiftEntry_delete($id); if ($result === false) engelsystem_error('Unable to delete shift entry.'); + $room = Room($shift['RID']); + $angeltype = AngelType($shift['TID']); + $shifttype = ShiftType($shift['shifttype_id']); + + engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " as " . $angeltype['name']); success(_("You have been signed off from the shift.")); } else error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.")); diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index 20ed3468..466d3c3e 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -24,6 +24,8 @@ function user_settings() { $password_hash = ""; $selected_theme = $user['color']; $selected_language = $user['Sprache']; + $planned_arrival_date = $user['planned_arrival_date']; + $planned_departure_date = $user['planned_departure_date']; if (isset($_REQUEST['submit'])) { $ok = true; @@ -54,6 +56,23 @@ function user_settings() { elseif ($enable_tshirt_size) { $ok = false; } + + if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) { + $planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp(); + } else { + $ok = false; + $msg .= error(_("Please enter your planned date of arrival."), true); + } + + if (isset($_REQUEST['planned_departure_date']) && $_REQUEST['planned_departure_date'] != '') { + if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))) { + $planned_departure_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))->getTimestamp(); + } else { + $ok = false; + $msg .= error(_("Please enter your planned date of departure."), true); + } + } else + $planned_departure_date = null; // Trivia if (isset($_REQUEST['lastname'])) @@ -82,10 +101,12 @@ function user_settings() { `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . "', `email`='" . sql_escape($mail) . "', - `email_shiftinfo`='" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . "', + `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . "', - `Hometown`='" . sql_escape($hometown) . "' + `Hometown`='" . sql_escape($hometown) . "', + `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "', + `planned_departure_date`=" . sql_null($planned_departure_date) . " WHERE `UID`='" . sql_escape($user['UID']) . "'"); success(_("Settings saved.")); @@ -144,9 +165,11 @@ function user_settings() { form(array( form_info('', _("Here you can change your user details.")), form_info(entry_required() . ' = ' . _("Entry required!")), - form_text('nick', _("Nick") . ' ' . entry_required(), $nick, true), + form_text('nick', _("Nick"), $nick, true), form_text('lastname', _("Last name"), $lastname), form_text('prename', _("First name"), $prename), + form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()), + form_date('planned_departure_date', _("Planned date of departure"), $planned_departure_date, time()), form_text('age', _("Age"), $age), form_text('tel', _("Phone"), $tel), form_text('dect', _("DECT"), $dect), diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index c32fb220..8c01eef8 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -371,9 +371,13 @@ function view_user_shifts() { $_SESSION['user_shifts'] = array(); if (! isset($_SESSION['user_shifts']['filled'])) { - $_SESSION['user_shifts']['filled'] = array( + // User shift admins see free and occupied shifts by default + $_SESSION['user_shifts']['filled'] = in_array('user_shifts_admin', $privileges) ? [ + 0, + 1 + ] : [ 0 - ); + ]; } foreach (array( @@ -727,6 +731,7 @@ function view_user_shifts() { foreach ($angeltypes as &$angeltype) { $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`"); $entry_list = array(); + $entry_nicks = []; $freeloader = 0; foreach ($entries as $entry) { if (in_array('user_shifts_admin', $privileges)) @@ -740,8 +745,11 @@ function view_user_shifts() { $freeloader ++; } $entry_list[] = $member; + $entry_nicks[] = $entry['Nick']; } $angeltype['taken'] = count($entries) - $freeloader; + $angeltype['angels'] = $entry_nicks; + // do we need more angles of this type? if ($angeltype['count'] - count($entries) + $freeloader > 0) { $inner_text = sprintf(ngettext("%d helper needed", "%d helpers needed", $angeltype['count'] - count($entries) + $freeloader), $angeltype['count'] - count($entries) + $freeloader); @@ -810,7 +818,7 @@ function view_user_shifts() { 'start_time' => $_SESSION['user_shifts']['start_time'], 'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $_SESSION['user_shifts']['end_day']), 'end_time' => $_SESSION['user_shifts']['end_time'], - 'type_select' => make_select($types, $_SESSION['user_shifts']['types'], "types", _("Tasks") . '<sup>1</sup>'), + 'type_select' => make_select($types, $_SESSION['user_shifts']['types'], "types", _("Angeltypes") . '<sup>1</sup>'), 'filled_select' => make_select($filled, $_SESSION['user_shifts']['filled'], "filled", _("Occupancy")), 'task_notice' => '<sup>1</sup>' . _("The tasks shown here are influenced by the preferences you defined in your settings!") . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" . _("Description of the jobs.") . "</a>", 'new_style_checkbox' => '<label><input type="checkbox" name="new_style" value="1" ' . ($_SESSION['user_shifts']['new_style'] ? ' checked' : '') . '> ' . _("Use new style if possible") . '</label>', diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 3e5cd109..d4f35fa6 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -53,44 +53,6 @@ function verify_password($password, $salt, $uid = false) { return $correct; } -// JSON Authorisierungs-Schnittstelle -function json_auth_service() { - global $api_key; - - header("Content-Type: application/json"); - - $User = $_REQUEST['user']; - $Pass = $_REQUEST['pw']; - $SourceOuth = $_REQUEST['so']; - - if (isset($api_key) && $SourceOuth == $api_key) { - $sql = "SELECT `UID`, `Passwort` FROM `User` WHERE `Nick`='" . sql_escape($User) . "'"; - $Erg = sql_select($sql); - - if (count($Erg) == 1) { - $Erg = $Erg[0]; - if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) { - $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($UID) . "'"); - foreach ($user_privs as $user_priv) - $privileges[] = $user_priv['name']; - - $msg = array ( - 'status' => 'success', - 'rights' => $privileges - ); - echo json_encode($msg); - die(); - } - } - } - - echo json_encode(array ( - 'status' => 'failed', - 'error' => "JSON Service GET syntax: https://engelsystem.de/?auth&user=<user>&pw=<password>&so=<key>, POST is possible too" - )); - die(); -} - function privileges_for_user($user_id) { $privileges = array (); $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'"); diff --git a/includes/sys_counter.php b/includes/sys_counter.php deleted file mode 100644 index 40110165..00000000 --- a/includes/sys_counter.php +++ /dev/null @@ -1,11 +0,0 @@ -<?php - -function counter() { - global $p; - - if (sql_num_query("SELECT `Anz` FROM `Counter` WHERE `URL`='" . sql_escape($p) . "'") == 0) - sql_query("INSERT INTO `Counter` ( `URL` , `Anz` ) VALUES ('" . sql_escape($p) . "', '1');"); - else - sql_query("UPDATE `Counter` SET `Anz` = `Anz` + 1 WHERE `URL` = '" . sql_escape($p) . "' LIMIT 1 ;"); -} -?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 16577cbc..c7ecfb88 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -45,6 +45,9 @@ function header_toolbar() { if ($unconfirmed_hint != '') $hints[] = $unconfirmed_hint; + if (! isset($user['planned_departure_date']) || $user['planned_departure_date'] == null) + $hints[] = info(_("Please enter your planned date of departure on your settings page to give us a feeling for teardown capacities."), true); + if (User_is_freeloader($user)) { $hints[] = error(sprintf(_("You freeloaded at least %s shifts. Shift signup is locked. Please go to heavens desk to be unlocked again."), $max_freeloadable_shifts), true); $hint_class = 'danger'; diff --git a/includes/sys_template.php b/includes/sys_template.php index d3f7a24e..6beaa57a 100644 --- a/includes/sys_template.php +++ b/includes/sys_template.php @@ -6,7 +6,7 @@ $themes = array( "0" => "Engelsystem light", "1" => "Engelsystem dark", - "2" => "Engelsystem 31c3" + "2" => "Engelsystem cccamp15" ); /** @@ -85,9 +85,18 @@ function toolbar_dropdown($glyphicon, $label, $submenu, $class = '') { function toolbar_popover($glyphicon, $label, $content, $class = '') { $id = md5(microtime() . $glyphicon . $label); return '<li class="dropdown messages ' . $class . '"> - <a id="' . $id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a> + <a id="' . $id . '" href="#">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') + . $label . ' <span class="caret"></span></a> <script type="text/javascript"> - $(document).ready(function(){$("#' . $id . '").popover({trigger: "click focus", html: true, content: "' . addslashes(join('', $content)) . '", placement: "bottom", container: "#navbar-collapse-1"})}); + $(function(){ + $("#' . $id . '").popover({ + trigger: "focus", + html: true, + content: "' . addslashes(join('', $content)) . '", + placement: "bottom", + container: "#navbar-collapse-1" + }) + }); </script></li>'; } @@ -123,6 +132,40 @@ function form_spinner($name, $label, $value) { } /** + * Render a bootstrap datepicker + * + * @param string $name + * Name of the parameter + * @param string $label + * Label + * @param int $value + * Unix Timestamp + * @param int $min_date + * Earliest possible date + * @return HTML + */ +function form_date($name, $label, $value, $start_date = '') { + $id = $name . '-date'; + $value = is_numeric($value) ? date('Y-m-d', $value) : ''; + $start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : ''; + return form_element($label, ' + <div class="input-group date" id="' . $id . '"> + <input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span> + </div> + <script type="text/javascript"> + $(function(){ + $("#' . $id . '").datepicker({ + language: "' . locale_short() . '", + todayBtn: "linked", + format: "yyyy-mm-dd", + startDate: "' . $start_date . '" + }); + }); + </script> + ', $id); +} + +/** * Rendert eine Liste von Checkboxen für ein Formular * * @param @@ -226,6 +269,14 @@ function form_text($name, $label, $value, $disabled = false) { } /** + * Rendert ein Formular-Emailfeld + */ +function form_email($name, $label, $value, $disabled = false) { + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name); +} + +/** * Rendert ein Formular-Dateifeld */ function form_file($name, $label) { diff --git a/includes/view/AngelTypes_view.php b/includes/view/AngelTypes_view.php index 697c750f..ce38a096 100644 --- a/includes/view/AngelTypes_view.php +++ b/includes/view/AngelTypes_view.php @@ -103,23 +103,25 @@ function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angel foreach ($members as $member) { $member['Nick'] = User_Nick_render($member); if ($angeltype['restricted'] && $member['confirm_user_id'] == null) { - $member['actions'] = join(" ", array( - '<a href="' . page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'] . '" class="ok">' . _("confirm") . '</a>', - '<a href="' . page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'] . '" class="cancel">' . _("deny") . '</a>' - )); + $member['actions'] = table_buttons([ + button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'], _("confirm"), 'btn-xs'), + button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("deny"), 'btn-xs') + ]); $members_unconfirmed[] = $member; } elseif ($member['coordinator']) { if ($admin_angeltypes) - $member['actions'] = '<a href="' . page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&coordinator=0" class="cancel">' . _("Remove coordinator rights") . '</a>'; + $member['actions'] = table_buttons([ + button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&coordinator=0', _("Remove coordinator rights"), 'btn-xs') + ]); else $member['actions'] = ''; $coordinators[] = $member; } else { if ($admin_user_angeltypes) - $member['actions'] = join(" ", array( - $admin_angeltypes ? '<a href="' . page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&coordinator=1" class="add">' . _("Add coordinator rights") . '</a>' : '', - '<a href="' . page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'] . '" class="cancel">' . _("remove") . '</a>' - )); + $member['actions'] = table_buttons([ + $admin_angeltypes ? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&coordinator=1', _("Add coordinator rights"), 'btn-xs') : '', + button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("remove"), 'btn-xs') + ]); $members_confirmed[] = $member; } } diff --git a/includes/view/Shifts_view.php b/includes/view/Shifts_view.php index e6f400db..b0628a3b 100644 --- a/includes/view/Shifts_view.php +++ b/includes/view/Shifts_view.php @@ -1,5 +1,14 @@ <?php +function Shift_editor_info_render($shift) { + $info = []; + if ($shift['created_by_user_id'] != null) + $info[] = sprintf(glyph('plus') . _("created at %s by %s"), date('Y-m-d H:i', $shift['created_at_timestamp']), User_Nick_render(User($shift['created_by_user_id']))); + if ($shift['edited_by_user_id'] != null) + $info[] = sprintf(glyph('pencil') . _("edited at %s by %s"), date('Y-m-d H:i', $shift['edited_at_timestamp']), User_Nick_render(User($shift['edited_by_user_id']))); + return join('<br />', $info); +} + function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null, $user_shifts = null) { global $user; @@ -46,7 +55,7 @@ function Shift_view($shift, $shifttype, $room, $shift_admin, $angeltypes_source, $entry = '<strike>' . $entry . '</strike>'; if ($user_shift_admin) { $entry .= ' <div class="btn-group">'; - $entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift['SID'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs'); + $entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs'); $entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs'); $entry .= '</div>'; } @@ -60,6 +69,7 @@ function Shift_view($shift, $shifttype, $room, $shift_admin, $angeltypes_source, } return page_with_title($shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>', [ + msg(), Shift_collides($shift, $user_shifts) ? info(_('This shift collides with one of your shifts.'), true) : '', $signed_up ? info(_('You are signed up for this shift.'), true) : '', @@ -104,7 +114,8 @@ function Shift_view($shift, $shifttype, $room, $shift_admin, $angeltypes_source, '<h2>' . _('Description') . '</h2>', $parsedown->parse($shifttype['description']) ]) - ]) + ]), + $shift_admin ? Shift_editor_info_render($shift) : '' ]); } diff --git a/includes/view/User_view.php b/includes/view/User_view.php index 94c1c9be..3ab5f816 100644 --- a/includes/view/User_view.php +++ b/includes/view/User_view.php @@ -19,11 +19,27 @@ $tshirt_sizes = array( 'XL-G' => "XL Girl" ); +/** + * View for editing the number of given vouchers + */ +function User_edit_vouchers_view($user) { + return page_with_title(sprintf(_("%s's vouchers"), User_Nick_render($user)), [ + msg(), + buttons([ + button(user_link($user), glyph('chevron-left') . _("back")) + ]), + form([ + form_spinner('vouchers', _("Number of vouchers"), $user['got_voucher']), + form_submit('submit', _("Save")) + ], page_link_to('users') . '&action=edit_vouchers&user_id=' . $user['UID']) + ]); +} + function Users_view($users, $order_by, $arrived_count, $active_count, $force_active_count, $freeloads_count, $tshirts_count, $voucher_count) { foreach ($users as &$user) { $user['Nick'] = User_Nick_render($user); $user['Gekommen'] = glyph_bool($user['Gekommen']); - $user['got_voucher'] = glyph_bool($user['got_voucher']); + $user['got_voucher'] = $user['got_voucher']; $user['Aktiv'] = glyph_bool($user['Aktiv']); $user['force_active'] = glyph_bool($user['force_active']); $user['Tshirt'] = glyph_bool($user['Tshirt']); @@ -143,15 +159,15 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel $myshift['actions'] = table_buttons($myshift['actions']); if ($shift['freeloaded']) - $timesum += - 2 * ($shift['end'] - $shift['start']); + $timesum += (- 2 * ($shift['end'] - $shift['start'])); else - $timesum += $shift['end'] - $shift['start']; + $timesum += ($shift['end'] - $shift['start']); $myshifts_table[] = $myshift; } if (count($myshifts_table) > 0) $myshifts_table[] = array( 'date' => '<b>' . _("Sum:") . '</b>', - 'time' => "<b>" . round($timesum / (60 * 60), 1) . " h</b>", + 'time' => "<b>" . round($timesum / 3600, 1) . " h</b>", 'room' => "", 'shift_info' => "", 'comment' => "", @@ -171,8 +187,8 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel '<h4>' . _("User state") . '</h4>', ($admin_user_privilege && $freeloader) ? '<span class="text-danger"><span class="glyphicon glyphicon-exclamation-sign"></span> ' . _("Freeloader") . '</span><br />' : '', $user_source['Gekommen'] ? User_shift_state_render($user_source) . '<br />' : '', - ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . _("Arrived") . '</span>' : '<span class="text-danger">' . _("Not arrived") . '</span>'), - $admin_user_privilege ? ($user_source['got_voucher'] ? '<br /><span class="text-success">' . glyph('cutlery') . _("Got vouchers") . '</span>' : '<br /><span class="text-danger">' . _("Got no vouchers") . '</span>') : '', + $admin_user_privilege || $its_me ? ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . sprintf(_("Arrived at %s"), date('Y-m-d', $user_source['arrival_date'])) . '</span>' : '<span class="text-danger">' . sprintf(_("Not arrived (Planned: %s)"), date('Y-m-d', $user_source['planned_arrival_date'])) . '</span>') : ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . _("Arrived") . '</span>' : '<span class="text-danger">' . _("Not arrived") . '</span>'), + $admin_user_privilege ? ($user_source['got_voucher'] > 0 ? '<br /><span class="text-success">' . glyph('cutlery') . sprintf(ngettext("Got %s voucher", "Got %s vouchers", $user_source['got_voucher']), $user_source['got_voucher']) . '</span><br />' : '<br /><span class="text-danger">' . _("Got no vouchers") . '</span><br />') : '', ($user_source['Gekommen'] && $admin_user_privilege && $user_source['Aktiv']) ? ' <span class="text-success">' . _("Active") . '</span>' : '', ($user_source['Gekommen'] && $admin_user_privilege && $user_source['Tshirt']) ? ' <span class="text-success">' . _("T-Shirt") . '</span>' : '' )), @@ -190,8 +206,7 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel buttons(array( $admin_user_privilege ? button(page_link_to('admin_user') . '&id=' . $user_source['UID'], glyph("edit") . _("edit")) : '', ($admin_user_privilege && ! $user_source['Gekommen']) ? button(page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'], _("arrived")) : '', - ($admin_user_privilege && ! $user_source['got_voucher']) ? button(page_link_to('users') . '&action=got_voucher&user_id=' . $user_source['UID'] . '&got_voucher=true', _('Got vouchers')) : '', - ($admin_user_privilege && $user_source['got_voucher']) ? button(page_link_to('users') . '&action=got_voucher&user_id=' . $user_source['UID'] . '&got_voucher=', _('Remove vouchers')) : '', + $admin_user_privilege ? button(page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'], glyph('cutlery') . _('Edit vouchers')) : '', $its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _("Settings")) : '', $its_me ? button(page_link_to('ical') . '&key=' . $user_source['api_key'], glyph('calendar') . _("iCal Export")) : '', $its_me ? button(page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'], glyph('export') . _("JSON Export")) : '', @@ -208,6 +223,7 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel 'comment' => _("Comment"), 'actions' => _("Action") ), $myshifts_table) : '', + $its_me ? info(glyph('info-sign') . _("Your night shifts between 2 and 8 am count twice."), true) : '', $its_me && count($shifts) == 0 ? error(sprintf(_("Go to the <a href=\"%s\">shifts table</a> to sign yourself up for some shifts."), page_link_to('user_shifts')), true) : '' )); } @@ -252,7 +268,7 @@ function User_angeltypes_render($user_angeltypes) { $class = 'text-warning'; else $class = 'text-success'; - $output[] = '<span class="' . $class . '">' . ($angeltype['coordinator'] ? '<span class="glyphicon glyphicon-certificate"></span> ' : '') . $angeltype['name'] . '</span>'; + $output[] = '<span class="' . $class . '">' . ($angeltype['coordinator'] ? glyph('education') : '') . $angeltype['name'] . '</span>'; } return join('<br />', $output); } @@ -266,16 +282,6 @@ function User_groups_render($user_groups) { } /** - * Render a users avatar. - * - * @param User $user - * @return string - */ -function User_Avatar_render($user) { - return '<div class="avatar"> <img src="pic/avatar/avatar' . $user['Avatar'] . '.gif"></div>'; -} - -/** * Render a user nickname. * * @param User $user_source |