From 8ed077bcece00bd056a878c86a9cf2c672d4306e Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Fri, 26 Dec 2014 01:49:59 +0100
Subject: user voucher feature

---
 db/install.sql                           |  6 ----
 db/update.sql                            |  9 +++--
 includes/controller/users_controller.php | 38 ++++++++++++++++++--
 includes/model/User_model.php            | 61 ++++++++++++++++++++++++--------
 includes/view/User_view.php              |  7 +++-
 5 files changed, 94 insertions(+), 27 deletions(-)

diff --git a/db/install.sql b/db/install.sql
index 5c612d54..2ce71d9e 100644
--- a/db/install.sql
+++ b/db/install.sql
@@ -11,12 +11,6 @@ SET FOREIGN_KEY_CHECKS=0;
 SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
 SET time_zone = "+00:00";
 
---
--- Datenbank: `engelsystem`
---
-CREATE DATABASE IF NOT EXISTS `engelsystem` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE `engelsystem`;
-
 -- --------------------------------------------------------
 
 --
diff --git a/db/update.sql b/db/update.sql
index 681d2a7c..db7d75ed 100644
--- a/db/update.sql
+++ b/db/update.sql
@@ -1,3 +1,6 @@
+/* introduce got-voucher flag */
+ALTER TABLE `User` ADD `got_voucher` BOOLEAN NOT NULL;
+
 /* introduce shift types */
 CREATE TABLE IF NOT EXISTS `ShiftTypes` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
@@ -7,8 +10,8 @@ CREATE TABLE IF NOT EXISTS `ShiftTypes` (
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;
 ALTER TABLE `ShiftTypes` ADD INDEX ( `angeltype_id` );
-ALTER TABLE `ShiftTypes` ADD FOREIGN KEY ( `angeltype_id` ) REFERENCES `engelsystem`.`AngelTypes` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
-INSERT INTO `engelsystem`.`Privileges` (`id`, `name`, `desc`) VALUES (NULL , 'shifttypes', 'Administrate shift types');
+ALTER TABLE `ShiftTypes` ADD FOREIGN KEY ( `angeltype_id` ) REFERENCES `AngelTypes` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
+INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (NULL , 'shifttypes', 'Administrate shift types');
 INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`=(SELECT `id` FROM `Privileges` WHERE `name`='shifttypes');
 
 ALTER TABLE `Shifts` ADD `shifttype_id` INT NOT NULL AFTER `SID`, ADD INDEX ( `shifttype_id` );
@@ -16,7 +19,7 @@ UPDATE `Shifts` SET `name`='' WHERE `name` IS NULL;
 INSERT INTO `ShiftTypes` SELECT DISTINCT NULL , `name` , NULL , '' FROM `Shifts`;
 UPDATE `Shifts` SET `shifttype_id`=(SELECT `id` FROM `ShiftTypes` WHERE `ShiftTypes`.`name`=`Shifts`.`name`);
 ALTER TABLE `Shifts` ADD `title` TEXT NULL AFTER `SID`;
-ALTER TABLE `Shifts` ADD FOREIGN KEY ( `shifttype_id` ) REFERENCES `engelsystem`.`ShiftTypes` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
+ALTER TABLE `Shifts` ADD FOREIGN KEY ( `shifttype_id` ) REFERENCES `ShiftTypes` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
 ALTER TABLE `Shifts` DROP `name`;
 
 /* cleanup */
diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php
index 3a23835c..a282c1c7 100644
--- a/includes/controller/users_controller.php
+++ b/includes/controller/users_controller.php
@@ -22,10 +22,16 @@ function users_controller() {
       return user_edit_controller();
     case 'delete':
       return user_delete_controller();
+    case 'got_voucher':
+      return user_got_voucher_controller();
   }
 }
 
-function user_controller() {
+function user_link($user) {
+  return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
+}
+
+function user_got_voucher_controller() {
   global $privileges, $user;
   
   if (isset($_REQUEST['user_id'])) {
@@ -35,6 +41,32 @@ function user_controller() {
   
   $admin_user_privilege = in_array('admin_user', $privileges);
   
+  if (! in_array('admin_user', $privileges))
+    redirect(page_link_to(''));
+  
+  if (! isset($_REQUEST['got_voucher']))
+    redirect(page_link_to(''));
+  
+  $user_source['got_voucher'] = $_REQUEST['got_voucher'] == 'true';
+  
+  $result = User_update($user_source);
+  if ($result === false)
+    engelsystem_error('Unable to update user.');
+  
+  success($user_source['got_voucher'] ? _('User got vouchers.') : _('User didnt got vouchers.'));
+  engelsystem_log(User_Nick_render($user_source) . ($user_source['got_voucher'] ? ' got vouchers' : ' didnt got vouchers'));
+  
+  redirect(user_link($user_source));
+}
+
+function user_controller() {
+  global $privileges, $user;
+  
+  if (isset($_REQUEST['user_id'])) {
+    $user_source = User($_REQUEST['user_id']);
+  } else
+    $user_source = $user;
+  
   $shifts = Shifts_by_user($user_source);
   foreach ($shifts as &$shift) {
     // TODO: Move queries to model
@@ -54,7 +86,7 @@ function user_controller() {
   
   return array(
       $user_source['Nick'],
-      User_view($user_source, $admin_user_privilege, User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID']) 
+      User_view($user_source, in_array('admin_user', $privileges), User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID']) 
   );
 }
 
@@ -80,7 +112,7 @@ function users_list_controller() {
   
   return array(
       _('All users'),
-      Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count()) 
+      Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count(), User_got_voucher_count()) 
   );
 }
 
diff --git a/includes/model/User_model.php b/includes/model/User_model.php
index a6c12f9d..bbab14e5 100644
--- a/includes/model/User_model.php
+++ b/includes/model/User_model.php
@@ -4,6 +4,35 @@
  * User model
  */
 
+/**
+ * Update user.
+ * 
+ * @param User $user          
+ */
+function User_update($user) {
+  return sql_query("UPDATE `User` SET
+      `Nick`='" . sql_escape($user['Nick']) . "',
+      `Name`='" . sql_escape($user['Name']) . "',
+      `Vorname`='" . sql_escape($user['Vorname']) . "',
+      `Alter`=" . sql_escape($user['Alter']) . ",
+      `Telefon`='" . sql_escape($user['Telefon']) . "',
+      `DECT`='" . sql_escape($user['DECT']) . "',
+      `Handy`='" . sql_escape($user['Handy']) . "',
+      `email`='" . sql_escape($user['email']) . "',
+      `email_shiftinfo`=" . sql_escape($user['email_shiftinfo'] ? 'TRUE' : 'FALSE') . ",
+      `jabber`='" . sql_escape($user['jabber']) . "',
+      `Size`='" . sql_escape($user['Size']) . "',
+      `Gekommen`=" . sql_escape($user['Gekommen']) . ",
+      `Aktiv`=" . sql_escape($user['Aktiv']) . ",
+      `force_active`=" . sql_escape($user['force_active'] ? 'TRUE' : 'FALSE') . ",
+      `Tshirt`=" . sql_escape($user['Tshirt']) . ",
+      `color`=" . sql_escape($user['color']) . ",
+      `Sprache`='" . sql_escape($user['Sprache']) . "',
+      `Hometown`='" . sql_escape($user['Hometown']) . "',
+      `got_voucher`=" . sql_escape($user['got_voucher'] ? 'TRUE' : 'FALSE') . "
+      WHERE `UID`=" . sql_escape($user['UID']));
+}
+
 /**
  * Counts all forced active users.
  */
@@ -15,6 +44,10 @@ function User_active_count() {
   return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Aktiv` = 1");
 }
 
+function User_got_voucher_count() {
+  return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `got_voucher` = TRUE");
+}
+
 function User_arrived_count() {
   return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Gekommen` = 1");
 }
@@ -39,14 +72,14 @@ function User_sortable_columns() {
       'Aktiv',
       'force_active',
       'Tshirt',
-      'lastLogIn'
+      'lastLogIn' 
   );
 }
 
 /**
  * Get all users, ordered by Nick by default or by given param.
  *
- * @param string $order_by
+ * @param string $order_by          
  */
 function Users($order_by = 'Nick') {
   return sql_select("SELECT * FROM `User` ORDER BY `" . sql_escape($order_by) . "` ASC");
@@ -55,18 +88,18 @@ function Users($order_by = 'Nick') {
 /**
  * Returns true if user is freeloader
  *
- * @param User $user
+ * @param User $user          
  */
 function User_is_freeloader($user) {
   global $max_freeloadable_shifts, $user;
-
+  
   return count(ShiftEntries_freeloaded_by_user($user)) >= $max_freeloadable_shifts;
 }
 
 /**
  * Returns all users that are not member of given angeltype.
  *
- * @param Angeltype $angeltype
+ * @param Angeltype $angeltype          
  */
 function Users_by_angeltype_inverted($angeltype) {
   return sql_select("
@@ -80,7 +113,7 @@ function Users_by_angeltype_inverted($angeltype) {
 /**
  * Returns all members of given angeltype.
  *
- * @param Angeltype $angeltype
+ * @param Angeltype $angeltype          
  */
 function Users_by_angeltype($angeltype) {
   return sql_select("
@@ -105,7 +138,7 @@ function User_ids() {
 /**
  * Strip unwanted characters from a users nick.
  *
- * @param string $nick
+ * @param string $nick          
  */
 function User_validate_Nick($nick) {
   return preg_replace("/([^a-z0-9üöäß. _+*-]{1,})/ui", '', $nick);
@@ -114,7 +147,7 @@ function User_validate_Nick($nick) {
 /**
  * Returns user by id.
  *
- * @param $id UID
+ * @param $id UID          
  */
 function User($id) {
   $user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
@@ -129,7 +162,7 @@ function User($id) {
  * TODO: Merge into normal user function
  * Returns user by id (limit informations.
  *
- * @param $id UID
+ * @param $id UID          
  */
 function mUser_Limit($id) {
   $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber`, `Avatar` FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
@@ -159,7 +192,7 @@ function User_by_api_key($api_key) {
 /**
  * Returns User by email.
  *
- * @param string $email
+ * @param string $email          
  * @return Matching user, null or false on error
  */
 function User_by_email($email) {
@@ -174,7 +207,7 @@ function User_by_email($email) {
 /**
  * Returns User by password token.
  *
- * @param string $token
+ * @param string $token          
  * @return Matching user, null or false on error
  */
 function User_by_password_recovery_token($token) {
@@ -189,7 +222,7 @@ function User_by_password_recovery_token($token) {
 /**
  * Generates a new api key for given user.
  *
- * @param User $user
+ * @param User $user          
  */
 function User_reset_api_key(&$user, $log = true) {
   $user['api_key'] = md5($user['Nick'] . time() . rand());
@@ -197,13 +230,13 @@ function User_reset_api_key(&$user, $log = true) {
   if ($result === false)
     return false;
   if ($log)
-    engelsystem_log(sprintf("API key resetted (%s).",User_Nick_render($user)));
+    engelsystem_log(sprintf("API key resetted (%s).", User_Nick_render($user)));
 }
 
 /**
  * Generates a new password recovery token for given user.
  *
- * @param User $user
+ * @param User $user          
  */
 function User_generate_password_recovery_token(&$user) {
   $user['password_recovery_token'] = md5($user['Nick'] . time() . rand());
diff --git a/includes/view/User_view.php b/includes/view/User_view.php
index a7d77b19..52e7a2dc 100644
--- a/includes/view/User_view.php
+++ b/includes/view/User_view.php
@@ -19,10 +19,11 @@ $tshirt_sizes = array(
     'XL-G' => "XL Girl" 
 );
 
-function Users_view($users, $order_by, $arrived_count, $active_count, $force_active_count, $freeloads_count, $tshirts_count) {
+function Users_view($users, $order_by, $arrived_count, $active_count, $force_active_count, $freeloads_count, $tshirts_count, $voucher_count) {
   foreach ($users as &$user) {
     $user['Nick'] = User_Nick_render($user);
     $user['Gekommen'] = glyph_bool($user['Gekommen']);
+    $user['got_voucher'] = glyph_bool($user['got_voucher']);
     $user['Aktiv'] = glyph_bool($user['Aktiv']);
     $user['force_active'] = glyph_bool($user['force_active']);
     $user['Tshirt'] = glyph_bool($user['Tshirt']);
@@ -34,6 +35,7 @@ function Users_view($users, $order_by, $arrived_count, $active_count, $force_act
   $users[] = array(
       'Nick' => '<strong>' . _('Sum') . '</strong>',
       'Gekommen' => $arrived_count,
+      'got_voucher' => $voucher_count,
       'Aktiv' => $active_count,
       'force_active' => $force_active_count,
       'freeloads' => $freeloads_count,
@@ -52,6 +54,7 @@ function Users_view($users, $order_by, $arrived_count, $active_count, $force_act
           'Name' => Users_table_header_link('Name', _('Name'), $order_by),
           'DECT' => Users_table_header_link('DECT', _('DECT'), $order_by),
           'Gekommen' => Users_table_header_link('Gekommen', _('Arrived'), $order_by),
+          'got_voucher' => Users_table_header_link('got_voucher', _('Voucher'), $order_by),
           'freeloads' => _('Freeloads'),
           'Aktiv' => Users_table_header_link('Aktiv', _('Active'), $order_by),
           'force_active' => Users_table_header_link('force_active', _('Forced'), $order_by),
@@ -189,6 +192,8 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
               buttons(array(
                   $admin_user_privilege ? button(page_link_to('admin_user') . '&id=' . $user_source['UID'], glyph("edit") . _("edit")) : '',
                   ($admin_user_privilege && ! $user_source['Gekommen']) ? button(page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'], _("arrived")) : '',
+                  ($admin_user_privilege && ! $user_source['got_voucher']) ? button(page_link_to('users') . '&action=got_voucher&user_id=' . $user_source['UID'] . '&got_voucher=true', _('Got vouchers')) : '',
+                  ($admin_user_privilege && $user_source['got_voucher']) ? button(page_link_to('users') . '&action=got_voucher&user_id=' . $user_source['UID'] . '&got_voucher=', _('Remove vouchers')) : '',
                   $its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _("Settings")) : '',
                   $its_me ? button(page_link_to('ical') . '&key=' . $user_source['api_key'], glyph('calendar') . _("iCal Export")) : '',
                   $its_me ? button(page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'], glyph('export') . _("JSON Export")) : '',
-- 
cgit v1.2.3-54-g00ecf