From 6cfc2d6da0213aca24b1c97647c7bd5009971d4d Mon Sep 17 00:00:00 2001 From: Angelo Cuccato Date: Tue, 19 Jan 2010 23:48:43 +0100 Subject: split user setting in different files --- DB/Sprache.sql | 12 +- DB/UserCVS.sql | 233 ++++++++----------------------------- DB/update_20100112_2300.sql | 3 + www-ssl/admin/group.php | 40 +++++++ www-ssl/admin/pic | 1 - www-ssl/admin/user.php | 17 +-- www-ssl/admin/user2.php | 162 -------------------------- www-ssl/admin/userChangeNormal.php | 143 +++++++++++++++++++++++ www-ssl/admin/userChangeSecure.php | 99 ++++++++++++++++ www-ssl/admin/userSaveNormal.php | 162 ++++++++++++++++++++++++++ www-ssl/admin/userSaveSecure.php | 162 ++++++++++++++++++++++++++ 11 files changed, 671 insertions(+), 363 deletions(-) create mode 100755 www-ssl/admin/group.php delete mode 120000 www-ssl/admin/pic delete mode 100755 www-ssl/admin/user2.php create mode 100755 www-ssl/admin/userChangeNormal.php create mode 100755 www-ssl/admin/userChangeSecure.php create mode 100755 www-ssl/admin/userSaveNormal.php create mode 100755 www-ssl/admin/userSaveSecure.php diff --git a/DB/Sprache.sql b/DB/Sprache.sql index 8b3c3107..ccbcdf85 100755 --- a/DB/Sprache.sql +++ b/DB/Sprache.sql @@ -574,8 +574,14 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/shiftadd.php' INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/shiftadd.php', 'EN', ' '); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/schichtplan_druck.php', 'DE', ' '); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/schichtplan_druck.php', 'EN', ' '); -INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user2.php', 'DE', ' '); -INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user2.php', 'EN', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeNormal.php', 'DE', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeNormal.php', 'EN', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeSecure.php', 'DE', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeSecure.php', 'EN', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveNormal.php', 'DE', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveNormal.php', 'EN', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveSecure.php', 'DE', ' '); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveSecure.php', 'EN', ' '); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dbUpdateFromXLS.php', 'DE', 'UpdateDB'); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dbUpdateFromXLS.php', 'EN', 'UpdateDB'); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect.php', 'DE', 'Dect'); @@ -584,6 +590,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect_call.php INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect_call.php', 'EN', ' '); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user.php', 'DE', 'Engelliste'); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user.php', 'EN', 'Engel-list'); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'DE', 'Benutzer Gruppen'); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'EN', 'User Group'); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userDefaultSetting.php', 'DE', 'Engel Voreinstellungen'); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userDefaultSetting.php', 'EN', 'Engel Default Setting'); INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/UserPicture.php', 'DE', 'Benutzerbilder'); diff --git a/DB/UserCVS.sql b/DB/UserCVS.sql index d0b7a4c6..487bd965 100644 --- a/DB/UserCVS.sql +++ b/DB/UserCVS.sql @@ -18,51 +18,56 @@ DROP TABLE IF EXISTS `UserCVS`; CREATE TABLE `UserCVS` ( `UID` int(11) NOT NULL default '0', - `index.php` char(1) NOT NULL default 'N', - `logout.php` char(1) NOT NULL default 'Y', - `faq.php` char(1) NOT NULL default 'Y', - `lageplan.php` char(1) NOT NULL default 'N', - `makeuser.php` char(1) NOT NULL default 'N', - `nonpublic/index.php` char(1) NOT NULL default 'Y', - `nonpublic/news.php` char(1) NOT NULL default 'Y', - `nonpublic/newsAddMeting` char(1) NOT NULL default 'N', - `nonpublic/news_comments.php` char(1) NOT NULL default 'Y', - `nonpublic/myschichtplan.php` char(1) NOT NULL default 'Y', - `nonpublic/myschichtplan_ical.php` char(1) NOT NULL default 'Y', - `nonpublic/engelbesprechung.php` char(1) NOT NULL default 'Y', - `nonpublic/schichtplan.php` char(1) NOT NULL default 'Y', - `nonpublic/schichtplan_add.php` char(1) NOT NULL default 'Y', - `nonpublic/wecken.php` char(1) NOT NULL default 'N', - `nonpublic/waeckliste.php` char(1) NOT NULL default 'N', - `nonpublic/messages.php` char(1) NOT NULL default 'Y', - `nonpublic/faq.php` char(1) NOT NULL default 'Y', - `nonpublic/einstellungen.php` char(1) NOT NULL default 'Y', - `Change T_Shirt Size` char(1) NOT NULL default 'Y', - `admin/index.php` char(1) NOT NULL default 'N', - `admin/room.php` char(1) NOT NULL default 'N', - `admin/EngelType.php` char(1) NOT NULL default 'N', - `admin/schichtplan.php` char(1) NOT NULL default 'N', - `admin/shiftadd.php` char(1) NOT NULL default 'N', - `admin/schichtplan_druck.php` char(1) NOT NULL default 'N', - `admin/user.php` char(1) NOT NULL default 'N', - `admin/user2.php` char(1) NOT NULL default 'N', - `admin/userDefaultSetting.php` char(1) NOT NULL default 'N', - `admin/UserPicture.php` char(1) NOT NULL default 'N', - `admin/userArrived.php` char(1) NOT NULL default 'N', - `admin/aktiv.php` char(1) NOT NULL default 'N', - `admin/tshirt.php` char(1) NOT NULL default 'N', - `admin/news.php` char(1) NOT NULL default 'N', - `admin/faq.php` char(1) NOT NULL default 'N', - `admin/free.php` char(1) NOT NULL default 'N', - `admin/sprache.php` char(1) NOT NULL default 'N', - `admin/dect.php` char(1) NOT NULL default 'N', - `admin/dect_call.php` char(1) NOT NULL default 'N', - `admin/dbUpdateFromXLS.php` char(1) NOT NULL default 'N', - `admin/Recentchanges.php` char(1) NOT NULL default 'N', - `admin/debug.php` char(1) NOT NULL default 'N', - `Herald` char(1) NOT NULL default 'N', - `Info` char(1) NOT NULL default 'N', - `Conference` char(1) NOT NULL default 'N', + `GroupID` int(11) default NULL, + `index.php` char(1) NOT NULL default 'G', + `logout.php` char(1) NOT NULL default 'G', + `faq.php` char(1) NOT NULL default 'G', + `lageplan.php` char(1) NOT NULL default 'G', + `makeuser.php` char(1) NOT NULL default 'G', + `nonpublic/index.php` char(1) NOT NULL default 'G', + `nonpublic/news.php` char(1) NOT NULL default 'G', + `nonpublic/newsAddMeting` char(1) NOT NULL default 'G', + `nonpublic/news_comments.php` char(1) NOT NULL default 'G', + `nonpublic/myschichtplan.php` char(1) NOT NULL default 'G', + `nonpublic/myschichtplan_ical.php` char(1) NOT NULL default 'G', + `nonpublic/engelbesprechung.php` char(1) NOT NULL default 'G', + `nonpublic/schichtplan.php` char(1) NOT NULL default 'G', + `nonpublic/schichtplan_add.php` char(1) NOT NULL default 'G', + `nonpublic/wecken.php` char(1) NOT NULL default 'G', + `nonpublic/waeckliste.php` char(1) NOT NULL default 'G', + `nonpublic/messages.php` char(1) NOT NULL default 'G', + `nonpublic/faq.php` char(1) NOT NULL default 'G', + `nonpublic/einstellungen.php` char(1) NOT NULL default 'G', + `Change T_Shirt Size` char(1) NOT NULL default 'G', + `admin/index.php` char(1) NOT NULL default 'G', + `admin/room.php` char(1) NOT NULL default 'G', + `admin/EngelType.php` char(1) NOT NULL default 'G', + `admin/schichtplan.php` char(1) NOT NULL default 'G', + `admin/shiftadd.php` char(1) NOT NULL default 'G', + `admin/schichtplan_druck.php` char(1) NOT NULL default 'G', + `admin/user.php` char(1) NOT NULL default 'G', + `admin/userChangeNormal.php` char(1) NOT NULL default 'G', + `admin/userChangeSecure.php` char(1) NOT NULL default 'G', + `admin/userSaveNormal.php` char(1) NOT NULL default 'G', + `admin/userSaveSecure.php` char(1) NOT NULL default 'G', + `admin/group.php` char(1) NOT NULL default 'G', + `admin/userDefaultSetting.php` char(1) NOT NULL default 'G', + `admin/UserPicture.php` char(1) NOT NULL default 'G', + `admin/userArrived.php` char(1) NOT NULL default 'G', + `admin/aktiv.php` char(1) NOT NULL default 'G', + `admin/tshirt.php` char(1) NOT NULL default 'G', + `admin/news.php` char(1) NOT NULL default 'G', + `admin/faq.php` char(1) NOT NULL default 'G', + `admin/free.php` char(1) NOT NULL default 'G', + `admin/sprache.php` char(1) NOT NULL default 'G', + `admin/dect.php` char(1) NOT NULL default 'G', + `admin/dect_call.php` char(1) NOT NULL default 'G', + `admin/dbUpdateFromXLS.php` char(1) NOT NULL default 'G', + `admin/Recentchanges.php` char(1) NOT NULL default 'G', + `admin/debug.php` char(1) NOT NULL default 'G', + `Herald` char(1) NOT NULL default 'G', + `Info` char(1) NOT NULL default 'G', + `Conference` char(1) NOT NULL default 'G', PRIMARY KEY (`UID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; @@ -70,141 +75,3 @@ CREATE TABLE `UserCVS` ( -- Daten f?r Tabelle `UserCVS` -- -INSERT INTO `UserCVS` (`UID`, - `index.php`, - `logout.php`, - `faq.php`, - `lageplan.php`, - `makeuser.php`, - `nonpublic/index.php`, - `nonpublic/news.php`, - `nonpublic/newsAddMeting`, - `nonpublic/news_comments.php`, - `nonpublic/myschichtplan.php`, - `nonpublic/myschichtplan_ical.php`, - `nonpublic/engelbesprechung.php`, - `nonpublic/schichtplan.php`, - `nonpublic/schichtplan_add.php`, - `nonpublic/wecken.php`, - `nonpublic/waeckliste.php`, - `nonpublic/messages.php`, - `nonpublic/faq.php`, - `nonpublic/einstellungen.php`, - `Change T_Shirt Size`, - `admin/index.php`, - `admin/room.php`, - `admin/EngelType.php`, - `admin/schichtplan.php`, - `admin/shiftadd.php`, - `admin/schichtplan_druck.php`, - `admin/user.php`, - `admin/user2.php`, - `admin/userDefaultSetting.php`, - `admin/UserPicture.php`, - `admin/aktiv.php`, - `admin/tshirt.php`, - `admin/news.php`, - `admin/faq.php`, - `admin/free.php`, - `admin/sprache.php`, - `admin/dect.php`, - `admin/dect_call.php`, - `admin/dbUpdateFromXLS.php`, - `admin/Recentchanges.php`, - `admin/debug.php`, - `Herald`, - `Info`, - `Conference`) VALUES - -(-1, - 'Y', - 'N', - 'Y', - 'N', - 'Y', - 'Y', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N', - 'N'), --- 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 -(1, - 'N', - 'Y', - 'N', - 'N', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'N', - 'N', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'Y', - 'N'); - diff --git a/DB/update_20100112_2300.sql b/DB/update_20100112_2300.sql index ab944226..a7c2f5f5 100644 --- a/DB/update_20100112_2300.sql +++ b/DB/update_20100112_2300.sql @@ -1,2 +1,5 @@ ALTER TABLE `UserCVS` ADD `GroupID` INT NULL AFTER `UID` ; +ALTER TABLE `UserCVS` ADD `admin\group.php` CHAR( 1 ) NOT NULL DEFAULT 'N' AFTER `admin/userDefaultSetting.php` ; +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'DE', 'Benutzer Gruppen'); +INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'EN', 'User Group'); diff --git a/www-ssl/admin/group.php b/www-ssl/admin/group.php new file mode 100755 index 00000000..6377593d --- /dev/null +++ b/www-ssl/admin/group.php @@ -0,0 +1,40 @@ +\n"; + echo "\n"; + echo "\tGroupname\n"; + echo "\t-\n"; + echo "\n"; + + for ($n = 0 ; $n < $Zeilen ; $n++) { + echo "\n"; + echo "\t".mysql_result($Erg, $n, "Name")."\n"; + + echo "change\n"; + echo "\n"; + } + echo "\t\n"; + // Ende Userliste +} + +include ("../../includes/footer.php"); +?> + + diff --git a/www-ssl/admin/pic b/www-ssl/admin/pic deleted file mode 120000 index a21de85f..00000000 --- a/www-ssl/admin/pic +++ /dev/null @@ -1 +0,0 @@ -../pic \ No newline at end of file diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php index 5b6077aa..748c09fa 100755 --- a/www-ssl/admin/user.php +++ b/www-ssl/admin/user.php @@ -90,24 +90,11 @@ if (!IsSet($_GET["enterUID"])) echo "\t".mysql_result($Erg, $n, "Aktiv")."\n"; $Tshirt += mysql_result($Erg, $n, "Tshirt"); echo "\t".mysql_result($Erg, $n, "Tshirt")."\n"; - echo "\tÄnd.\n"; echo "\t"; - //check userCVS=OK - $SQL2 = "SELECT `UID` FROM `UserCVS` WHERE (`UID`='". mysql_result($Erg, $n, "UID"). "')"; - $Erg2 = mysql_query($SQL2, $con); - echo mysql_error($con); - if( mysql_num_rows($Erg2)==0) - { - $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('". mysql_result($Erg, $n, "UID"). "');"; - $Erg3 = db_query($SQL3, "admin/user.php auto CVS create"); - if( $Erg3 ) - echo "was create
\n"; - else - echo mysql_error($con); - } - echo "Secure\n"; echo "\n"; } diff --git a/www-ssl/admin/user2.php b/www-ssl/admin/user2.php deleted file mode 100755 index 229a4cdc..00000000 --- a/www-ssl/admin/user2.php +++ /dev/null @@ -1,162 +0,0 @@ -"; - - switch ($_GET["action"]) - { - case "change": - if (IsSet($_POST["enterUID"])) - { - if ($_POST["Type"] == "Normal") - { - $SQL = "UPDATE `User` SET "; - $SQL.= " `Nick` = '". $_POST["eNick"]. "', `Name` = '". $_POST["eName"]. "', ". - "`Vorname` = '". $_POST["eVorname"]. "', ". - "`Telefon` = '". $_POST["eTelefon"]. "', ". - "`Handy` = '". $_POST["eHandy"]. "', ". - "`DECT` = '". $_POST["eDECT"]. "', ". - "`email` = '". $_POST["eemail"]. "', ". - "`ICQ` = '". $_POST["eICQ"]. "', ". - "`jabber` = '". $_POST["ejabber"]. "', ". - "`Size` = '". $_POST["eSize"]. "', ". - "`Gekommen`= '". $_POST["eGekommen"]. "', ". - "`Aktiv`= '". $_POST["eAktiv"]. "', ". - "`Tshirt` = '". $_POST["eTshirt"]. "', ". - "`Hometown` = '". $_POST["Hometown"]. "', ". - "`Menu` = '". $_POST["eMenu"]. "' ". - "WHERE `UID` = '". $_POST["enterUID"]. - "' LIMIT 1;"; - echo "User-"; - $Erg = db_query($SQL, "change user details"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(". mysql_error($con). ")"; - } - } - elseif ($_POST["Type"] == "Secure") - { - $SQL2 = "UPDATE `UserCVS` SET "; - $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "'"; - $Erg_CVS = mysql_query($SQL_CVS, $con); - $CVS_Data = mysql_fetch_array($Erg_CVS); - $CVS_Data_i = 1; - foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) - { - if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") { - if( $CVS_Data_Name == "GroupID") - { - if( $_POST["enterUID"] > 0 ) - $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", "; - } else { - $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', "; - } - } - $CVS_Data_i++; - } - $SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 ); - $SQL2.= " WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; - echo "
Secure-"; - $Erg = db_query($SQL2, "change user CVS"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(". mysql_error($con). ")"; - } - } - else - echo "

Fehler: Unbekanter Type (". $_POST["Type"]. ") übergeben\n

\n"; - } - else - echo "

Fehler: UserID (enterUID) wurde nicht per POST übergeben

\n"; - break; - - case "delete": - if (IsSet($_POST["enterUID"])) - { - echo "delate User..."; - $SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; - $Erg = db_query($SQL, "User delete"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(". mysql_error($con). ")"; - } - - echo "
\ndelate UserCVS..."; - $SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; - $Erg = db_query($SQL2, "User CVS delete"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(". mysql_error($con). ")"; - } - - echo "
\ndelate UserEntry..."; - $SQL3="UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL ". - "WHERE `UID`='". $_POST["enterUID"]. "';"; - $Erg = db_query($SQL3, "delate UserEntry"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(". mysql_error($con). ")"; - } - } - break; - - - case "newpw": - echo "Bitte neues Kennwort für "; - // Get Nick - $USQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["eUID"]. "'"; - $Erg = mysql_query($USQL, $con); - echo mysql_result($Erg, 0, "Nick"); - echo " eingeben:
"; - echo "
\n"; - echo ""; - echo ""; - echo ""; - echo "\n"; - echo "
"; - break; - - case "newpwsave": - if ($_POST["ePasswort"] == $_POST["ePasswort2"]) - { // beide Passwoerter passen... - $_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]); - $SQL = "UPDATE `User` SET `Passwort`='". $_POST["ePasswort"]. "' ". - "WHERE `UID`='". $_POST["eUID"]. "'"; - $Erg = db_query($SQL, "User new passwort"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(". mysql_error($con). ")"; - } - } - else - echo "Das Passwort wurde nicht übereinstimmend eingegeben!"; - break; - } // end switch - -// ende - Action ist gesetzt -} -else -{ - // kein Action gesetzt -> abbruch - echo "Unzulässiger Aufruf.
Bitte neu editieren..."; -} - -include ("../../includes/footer.php"); -?> - diff --git a/www-ssl/admin/userChangeNormal.php b/www-ssl/admin/userChangeNormal.php new file mode 100755 index 00000000..7bcca841 --- /dev/null +++ b/www-ssl/admin/userChangeNormal.php @@ -0,0 +1,143 @@ + Aendern... + + echo "Hallo,
". + "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' ". + "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ". + "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ". + "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel ". + "bereits sein T-Shirt erhalten hat.

\n"; + + echo "
\n"; + echo "\n"; + echo "\n"; + + $SQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["enterUID"]. "'"; + $Erg = mysql_query($SQL, $con); + + if (mysql_num_rows($Erg) != 1) + echo ""; + else + { + echo ""; + } + + echo "\n"; + echo "
Sorry, der Engel (UID=". $_GET["enterUID"]. + ") wurde in der Liste nicht gefunden.
\n"; + echo "\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + + // Gekommen? + echo " \n"; + + // Aktiv? + echo " \n"; + + // T-Shirt bekommen? + echo " \n"; + + // Menu links/rechts + echo " \n"; + + echo " \n"; + + echo "
Nick". + "
lastLogIn". + "
Name". + "
Vorname". + "
Alter". + "
Telefon". + "
Handy". + "
DECT". + "
email". + "
ICQ". + "
jabber". + "
Size". + "
Passwort". + "neues Kennwort setzen
Gekommen\n"; + echo " No \n"; + echo " Yes \n"; + echo "
Aktiv\n"; + echo " No \n"; + echo " Yes \n"; + echo "
T-Shirt\n"; + echo " No \n"; + echo " Yes \n"; + echo "
Menu\n"; + echo " L \n"; + echo " R \n"; + echo "
Hometown". + "
\n		". displayavatar($_GET["enterUID"], FALSE). "
\n
\n"; + echo "\n"; + echo "\n"; + echo "
"; + + echo "
\n"; + echo "\n"; + echo "\n"; + echo "
"; +} + +include ("../../includes/footer.php"); +?> + + diff --git a/www-ssl/admin/userChangeSecure.php b/www-ssl/admin/userChangeSecure.php new file mode 100755 index 00000000..e7de1b5c --- /dev/null +++ b/www-ssl/admin/userChangeSecure.php @@ -0,0 +1,99 @@ + Aendern... + + echo "Hallo,
". + "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' ". + "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ". + "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ". + "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel ". + "bereits sein T-Shirt erhalten hat.

\n"; + + echo "
\n"; + echo "\n"; + echo "\n"; + + // CVS-Rechte + echo " \n"; + + $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'"; + $Erg_CVS = mysql_query($SQL_CVS, $con); + + if( mysql_num_rows($Erg_CVS) != 1) + echo "Sorry, der Engel (UID=". $_GET["enterUID"]. ") wurde in der Liste nicht gefunden."; + else + { + $CVS_Data = mysql_fetch_array($Erg_CVS); + $CVS_Data_i = 1; + foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) + { + $CVS_Data_i++; + //nur jeder zweiter sonst wird für jeden text noch die position (Zahl) ausgegeben + if( $CVS_Data_i%2 && $CVS_Data_Name!="UID") + { + if($CVS_Data_Name=="GroupID") { + if( $_GET["enterUID"] > 0 ) + { + echo "\n". + ""; + } + } else { + echo "\n"; + } + } + } //IF + } //Foreach + echo "\n"; + } // IF TYPE + + // Ende Formular + echo "\n"; + echo "

Rights of \"". UID2Nick($_GET["enterUID"]). "\":
Group
$CVS_Data_Name"; + echo "allow \n"; + echo "denied \n"; + if( $_GET["enterUID"] > 0 ) + { + echo "group-setting \n"; + echo "
\n
\n"; + echo "\n"; + echo "\n"; + echo "
"; + + echo "
\n"; + echo "\n"; + echo "\n"; + echo "
"; +} + +include ("../../includes/footer.php"); +?> + + diff --git a/www-ssl/admin/userSaveNormal.php b/www-ssl/admin/userSaveNormal.php new file mode 100755 index 00000000..229a4cdc --- /dev/null +++ b/www-ssl/admin/userSaveNormal.php @@ -0,0 +1,162 @@ +"; + + switch ($_GET["action"]) + { + case "change": + if (IsSet($_POST["enterUID"])) + { + if ($_POST["Type"] == "Normal") + { + $SQL = "UPDATE `User` SET "; + $SQL.= " `Nick` = '". $_POST["eNick"]. "', `Name` = '". $_POST["eName"]. "', ". + "`Vorname` = '". $_POST["eVorname"]. "', ". + "`Telefon` = '". $_POST["eTelefon"]. "', ". + "`Handy` = '". $_POST["eHandy"]. "', ". + "`DECT` = '". $_POST["eDECT"]. "', ". + "`email` = '". $_POST["eemail"]. "', ". + "`ICQ` = '". $_POST["eICQ"]. "', ". + "`jabber` = '". $_POST["ejabber"]. "', ". + "`Size` = '". $_POST["eSize"]. "', ". + "`Gekommen`= '". $_POST["eGekommen"]. "', ". + "`Aktiv`= '". $_POST["eAktiv"]. "', ". + "`Tshirt` = '". $_POST["eTshirt"]. "', ". + "`Hometown` = '". $_POST["Hometown"]. "', ". + "`Menu` = '". $_POST["eMenu"]. "' ". + "WHERE `UID` = '". $_POST["enterUID"]. + "' LIMIT 1;"; + echo "User-"; + $Erg = db_query($SQL, "change user details"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + elseif ($_POST["Type"] == "Secure") + { + $SQL2 = "UPDATE `UserCVS` SET "; + $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "'"; + $Erg_CVS = mysql_query($SQL_CVS, $con); + $CVS_Data = mysql_fetch_array($Erg_CVS); + $CVS_Data_i = 1; + foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) + { + if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") { + if( $CVS_Data_Name == "GroupID") + { + if( $_POST["enterUID"] > 0 ) + $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", "; + } else { + $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', "; + } + } + $CVS_Data_i++; + } + $SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 ); + $SQL2.= " WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + echo "
Secure-"; + $Erg = db_query($SQL2, "change user CVS"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + else + echo "

Fehler: Unbekanter Type (". $_POST["Type"]. ") übergeben\n

\n"; + } + else + echo "

Fehler: UserID (enterUID) wurde nicht per POST übergeben

\n"; + break; + + case "delete": + if (IsSet($_POST["enterUID"])) + { + echo "delate User..."; + $SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + $Erg = db_query($SQL, "User delete"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + + echo "
\ndelate UserCVS..."; + $SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + $Erg = db_query($SQL2, "User CVS delete"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + + echo "
\ndelate UserEntry..."; + $SQL3="UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL ". + "WHERE `UID`='". $_POST["enterUID"]. "';"; + $Erg = db_query($SQL3, "delate UserEntry"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + break; + + + case "newpw": + echo "Bitte neues Kennwort für "; + // Get Nick + $USQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["eUID"]. "'"; + $Erg = mysql_query($USQL, $con); + echo mysql_result($Erg, 0, "Nick"); + echo " eingeben:
"; + echo "
\n"; + echo ""; + echo ""; + echo ""; + echo "\n"; + echo "
"; + break; + + case "newpwsave": + if ($_POST["ePasswort"] == $_POST["ePasswort2"]) + { // beide Passwoerter passen... + $_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]); + $SQL = "UPDATE `User` SET `Passwort`='". $_POST["ePasswort"]. "' ". + "WHERE `UID`='". $_POST["eUID"]. "'"; + $Erg = db_query($SQL, "User new passwort"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + else + echo "Das Passwort wurde nicht übereinstimmend eingegeben!"; + break; + } // end switch + +// ende - Action ist gesetzt +} +else +{ + // kein Action gesetzt -> abbruch + echo "Unzulässiger Aufruf.
Bitte neu editieren..."; +} + +include ("../../includes/footer.php"); +?> + diff --git a/www-ssl/admin/userSaveSecure.php b/www-ssl/admin/userSaveSecure.php new file mode 100755 index 00000000..229a4cdc --- /dev/null +++ b/www-ssl/admin/userSaveSecure.php @@ -0,0 +1,162 @@ +"; + + switch ($_GET["action"]) + { + case "change": + if (IsSet($_POST["enterUID"])) + { + if ($_POST["Type"] == "Normal") + { + $SQL = "UPDATE `User` SET "; + $SQL.= " `Nick` = '". $_POST["eNick"]. "', `Name` = '". $_POST["eName"]. "', ". + "`Vorname` = '". $_POST["eVorname"]. "', ". + "`Telefon` = '". $_POST["eTelefon"]. "', ". + "`Handy` = '". $_POST["eHandy"]. "', ". + "`DECT` = '". $_POST["eDECT"]. "', ". + "`email` = '". $_POST["eemail"]. "', ". + "`ICQ` = '". $_POST["eICQ"]. "', ". + "`jabber` = '". $_POST["ejabber"]. "', ". + "`Size` = '". $_POST["eSize"]. "', ". + "`Gekommen`= '". $_POST["eGekommen"]. "', ". + "`Aktiv`= '". $_POST["eAktiv"]. "', ". + "`Tshirt` = '". $_POST["eTshirt"]. "', ". + "`Hometown` = '". $_POST["Hometown"]. "', ". + "`Menu` = '". $_POST["eMenu"]. "' ". + "WHERE `UID` = '". $_POST["enterUID"]. + "' LIMIT 1;"; + echo "User-"; + $Erg = db_query($SQL, "change user details"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + elseif ($_POST["Type"] == "Secure") + { + $SQL2 = "UPDATE `UserCVS` SET "; + $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "'"; + $Erg_CVS = mysql_query($SQL_CVS, $con); + $CVS_Data = mysql_fetch_array($Erg_CVS); + $CVS_Data_i = 1; + foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) + { + if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") { + if( $CVS_Data_Name == "GroupID") + { + if( $_POST["enterUID"] > 0 ) + $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", "; + } else { + $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', "; + } + } + $CVS_Data_i++; + } + $SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 ); + $SQL2.= " WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + echo "
Secure-"; + $Erg = db_query($SQL2, "change user CVS"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + else + echo "

Fehler: Unbekanter Type (". $_POST["Type"]. ") übergeben\n

\n"; + } + else + echo "

Fehler: UserID (enterUID) wurde nicht per POST übergeben

\n"; + break; + + case "delete": + if (IsSet($_POST["enterUID"])) + { + echo "delate User..."; + $SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + $Erg = db_query($SQL, "User delete"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + + echo "
\ndelate UserCVS..."; + $SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + $Erg = db_query($SQL2, "User CVS delete"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + + echo "
\ndelate UserEntry..."; + $SQL3="UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL ". + "WHERE `UID`='". $_POST["enterUID"]. "';"; + $Erg = db_query($SQL3, "delate UserEntry"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + break; + + + case "newpw": + echo "Bitte neues Kennwort für "; + // Get Nick + $USQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["eUID"]. "'"; + $Erg = mysql_query($USQL, $con); + echo mysql_result($Erg, 0, "Nick"); + echo " eingeben:
"; + echo "
\n"; + echo ""; + echo ""; + echo ""; + echo "\n"; + echo "
"; + break; + + case "newpwsave": + if ($_POST["ePasswort"] == $_POST["ePasswort2"]) + { // beide Passwoerter passen... + $_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]); + $SQL = "UPDATE `User` SET `Passwort`='". $_POST["ePasswort"]. "' ". + "WHERE `UID`='". $_POST["eUID"]. "'"; + $Erg = db_query($SQL, "User new passwort"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + else + echo "Das Passwort wurde nicht übereinstimmend eingegeben!"; + break; + } // end switch + +// ende - Action ist gesetzt +} +else +{ + // kein Action gesetzt -> abbruch + echo "Unzulässiger Aufruf.
Bitte neu editieren..."; +} + +include ("../../includes/footer.php"); +?> + -- cgit v1.2.3-54-g00ecf