From 0dabaa505e4463498665a1eb6ab95979578beab3 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Wed, 26 Dec 2012 14:02:27 +0100
Subject: #28 begin log

---
 db/update.d/20_LogEntriesTable.php       |  19 ++
 includes/model/LogEntries_model.php      |  15 +
 includes/model/User_model.php            |  14 +
 includes/pages/admin_active.php          | 232 ++++++++------
 includes/pages/admin_angel_types.php     |   8 +-
 includes/pages/admin_arrive.php          | 100 +++---
 includes/pages/admin_groups.php          | 166 +++++-----
 includes/pages/admin_import.php          | 522 ++++++++++++++++---------------
 includes/pages/admin_news.php            | 144 ++++-----
 includes/pages/admin_questions.php       | 138 ++++----
 includes/pages/admin_rooms.php           |  19 +-
 includes/pages/admin_shifts.php          |   9 +-
 includes/pages/admin_user_angeltypes.php |  20 +-
 includes/sys_log.php                     |  19 ++
 public/index.php                         |   1 +
 15 files changed, 785 insertions(+), 641 deletions(-)
 create mode 100644 db/update.d/20_LogEntriesTable.php
 create mode 100644 includes/model/LogEntries_model.php
 create mode 100644 includes/model/User_model.php
 create mode 100644 includes/sys_log.php

diff --git a/db/update.d/20_LogEntriesTable.php b/db/update.d/20_LogEntriesTable.php
new file mode 100644
index 00000000..5ea82efc
--- /dev/null
+++ b/db/update.d/20_LogEntriesTable.php
@@ -0,0 +1,19 @@
+<?php
+
+if(sql_num_query("SHOW TABLES LIKE 'LogEntries'") == 0) {
+  sql_query("CREATE TABLE `LogEntries` (
+      `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+      `timestamp` INT NOT NULL ,
+      `nick` VARCHAR( 23 ) NOT NULL ,
+      `message` TEXT NOT NULL ,
+      INDEX ( `timestamp` )
+  ) ENGINE = InnoDB;");
+  $applied = true;
+}
+
+if(sql_num_query("SHOW TABLES LIKE 'ChangeLog'") == 0) {
+  sql_query("DROP TABLE `ChangeLog`");
+  $applied = true;
+}
+
+?>
\ No newline at end of file
diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
new file mode 100644
index 00000000..d8615f0e
--- /dev/null
+++ b/includes/model/LogEntries_model.php
@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * Creates a log entry.
+ * @param $nick Username
+ * @param $message Log Message
+ */
+function LogEntry_create($nick, $message) {
+  $timestamp = date();
+
+  sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
+}
+
+
+?>
\ No newline at end of file
diff --git a/includes/model/User_model.php b/includes/model/User_model.php
new file mode 100644
index 00000000..c2d2282e
--- /dev/null
+++ b/includes/model/User_model.php
@@ -0,0 +1,14 @@
+<?php
+
+/**
+ * Returns user by id.
+ * @param $id UID
+ */
+function User($id) {
+  $user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+  if(count($user_source) > 0)
+    return $user_source[0];
+  return null;
+}
+
+?>
\ No newline at end of file
diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php
index 55384345..0dabe568 100644
--- a/includes/pages/admin_active.php
+++ b/includes/pages/admin_active.php
@@ -1,120 +1,144 @@
 <?php
 function admin_active() {
-	global $tshirt_sizes;
-	
-	$msg = "";
-	$search = "";
-	$count = 0;
-	$limit = "";
-	$set_active = "";
-	if (isset ($_REQUEST['search']))
-		$search = strip_request_item('search');
+  global $tshirt_sizes;
 
-	if (isset ($_REQUEST['set_active'])) {
-		$ok = true;
+  $msg = "";
+  $search = "";
+  $count = 0;
+  $limit = "";
+  $set_active = "";
+  if (isset ($_REQUEST['search']))
+    $search = strip_request_item('search');
 
-		if (isset ($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count']))
-			$count = strip_request_item('count');
-		else {
-			$ok = false;
-			$msg .= error("Please enter a number of angels to be marked as active.", true);
-		}
+  if (isset ($_REQUEST['set_active'])) {
+    $ok = true;
 
-		if ($ok)
-			$limit = " LIMIT " . $count;
-		if (isset ($_REQUEST['ack'])) {
-			sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
-			$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
-			foreach ($users as $usr)
-				sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
+    if (isset ($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count']))
+      $count = strip_request_item('count');
+    else {
+      $ok = false;
+      $msg .= error("Please enter a number of angels to be marked as active.", true);
+    }
 
-			$limit = "";
-			$msg = success("Marked angels.", true);
-		} else {
-			$set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; back</a> | <a href="' . page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">apply</a>';
-		}
-	}
+    if ($ok)
+      $limit = " LIMIT " . $count;
+    if (isset ($_REQUEST['ack'])) {
+      sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
+      $users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
+      $user_nicks = array();
+      foreach ($users as $usr) {
+        sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
+        $user_nicks[] = $usr['Nick'];
+      }
+      engelsystem_log("These angels are active now: " . join(", ", $user_nicks));
 
-	if (isset ($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
-		$id = $_REQUEST['active'];
-		sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-		$msg = success("Angel has been marked as active.", true);
-	}
-	elseif (isset ($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
-		$id = $_REQUEST['not_active'];
-		sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-		$msg = success("Angel has been marked as not active.", true);
-	}
-	elseif (isset ($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
-		$id = $_REQUEST['tshirt'];
-		sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-		$msg = success("Angel has got a t-shirt.", true);
-	}
-	elseif (isset ($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
-		$id = $_REQUEST['not_tshirt'];
-		sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-		$msg = success("Angel has got no t-shirt.", true);
-	}
+      $limit = "";
+      $msg = success("Marked angels.", true);
+    } else {
+      $set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; back</a> | <a href="' . page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">apply</a>';
+    }
+  }
 
-	$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
+  if (isset ($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
+    $id = $_REQUEST['active'];
+    $user_source = User($id);
+    if($user_source != null) {
+      sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      engelsystem_log("User " . $user_source['Nick'] . " is active now.");
+      $msg = success("Angel has been marked as active.", true);
+    }
+    else $msg = error("Angel not found.", true);
+  }
+  elseif (isset ($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
+    $id = $_REQUEST['not_active'];
+    $user_source = User($id);
+    if($user_source != null) {
+      sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      engelsystem_log("User " . $user_source['Nick'] . " is NOT active now.");
+      $msg = success("Angel has been marked as not active.", true);
+    }
+    else $msg = error("Angel not found.", true);
+  }
+  elseif (isset ($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
+    $id = $_REQUEST['tshirt'];
+    $user_source = User($id);
+    if($user_source != null) {
+      sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      engelsystem_log("User " . $user_source['Nick'] . " has tshirt now.");
+      $msg = success("Angel has got a t-shirt.", true);
+    }
+    else $msg = error("Angel not found.", true);
+  }
+  elseif (isset ($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
+    $id = $_REQUEST['not_tshirt'];
+    $user_source = User($id);
+    if($user_source != null) {
+      sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      engelsystem_log("User " . $user_source['Nick'] . " NO tshirt.");
+      $msg = success("Angel has got no t-shirt.", true);
+    }
+    else $msg = error("Angel not found.", true);
+  }
 
-	$table = "";
-	if ($search == "")
-		$tokens = array ();
-	else
-		$tokens = explode(" ", $search);
-	foreach ($users as $usr) {
-		if (count($tokens) > 0) {
-			$match = false;
-			$index = join("", $usr);
-			foreach ($tokens as $t)
-				if (strstr($index, trim($t))) {
-					$match = true;
-					break;
-				}
-			if (!$match)
-				continue;
-		}
-		$table .= '<tr>';
-		$table .= '<td>' . $usr['Nick'] . '</td>';
-		$table .= '<td>' . $tshirt_sizes[$usr['Size']] . '</td>';
-		$table .= '<td>' . $usr['shift_count'] . '</td>';
+  $users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
 
-		if ($usr['shift_count'] == 0)
-			$table .= '<td>-</td>';
-		else
-			$table .= '<td>' . round($usr['shift_length'] / 60) . ' min (' . round($usr['shift_length'] / 3600) . ' h)</td>';
+  $table = "";
+  if ($search == "")
+    $tokens = array ();
+  else
+    $tokens = explode(" ", $search);
+  foreach ($users as $usr) {
+    if (count($tokens) > 0) {
+      $match = false;
+      $index = join("", $usr);
+      foreach ($tokens as $t)
+        if (strstr($index, trim($t))) {
+        $match = true;
+        break;
+      }
+      if (!$match)
+        continue;
+    }
+    $table .= '<tr>';
+    $table .= '<td>' . $usr['Nick'] . '</td>';
+    $table .= '<td>' . $tshirt_sizes[$usr['Size']] . '</td>';
+    $table .= '<td>' . $usr['shift_count'] . '</td>';
 
-		if ($usr['Aktiv'] == 1)
-			$table .= '<td>yes</td>';
-		else
-			$table .= '<td></td>';
-		if ($usr['Tshirt'] == 1)
-			$table .= '<td>yes</td>';
-		else
-			$table .= '<td></td>';
+    if ($usr['shift_count'] == 0)
+      $table .= '<td>-</td>';
+    else
+      $table .= '<td>' . round($usr['shift_length'] / 60) . ' min (' . round($usr['shift_length'] / 3600) . ' h)</td>';
 
-		$actions = array ();
-		if ($usr['Aktiv'] == 0)
-			$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . '&amp;search=' . $search . '">set active</a>';
-		if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
-			$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . '&amp;search=' . $search . '">remove active</a>';
-			$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . '&amp;search=' . $search . '">got t-shirt</a>';
-		}
-		if ($usr['Tshirt'] == 1)
-			$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . '&amp;search=' . $search . '">remove t-shirt</a>';
+    if ($usr['Aktiv'] == 1)
+      $table .= '<td>yes</td>';
+    else
+      $table .= '<td></td>';
+    if ($usr['Tshirt'] == 1)
+      $table .= '<td>yes</td>';
+    else
+      $table .= '<td></td>';
 
-		$table .= '<td>' . join(' | ', $actions) . '</td>';
+    $actions = array ();
+    if ($usr['Aktiv'] == 0)
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . '&amp;search=' . $search . '">set active</a>';
+    if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . '&amp;search=' . $search . '">remove active</a>';
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . '&amp;search=' . $search . '">got t-shirt</a>';
+    }
+    if ($usr['Tshirt'] == 1)
+      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . '&amp;search=' . $search . '">remove t-shirt</a>';
 
-		$table .= '</tr>';
-	}
-	return template_render('../templates/admin_active.html', array (
-		'search' => $search,
-		'count' => $count,
-		'set_active' => $set_active,
-		'table' => $table,
-		'msg' => $msg,
-		'link' => page_link_to('admin_active')
-	));
+    $table .= '<td>' . join(' | ', $actions) . '</td>';
+
+    $table .= '</tr>';
+  }
+  return template_render('../templates/admin_active.html', array (
+    'search' => $search,
+    'count' => $count,
+    'set_active' => $set_active,
+    'table' => $table,
+    'msg' => $msg,
+    'link' => page_link_to('admin_active')
+  ));
 }
 ?>
\ No newline at end of file
diff --git a/includes/pages/admin_angel_types.php b/includes/pages/admin_angel_types.php
index 90289d61..d5841d1c 100644
--- a/includes/pages/admin_angel_types.php
+++ b/includes/pages/admin_angel_types.php
@@ -47,10 +47,13 @@ function admin_angel_types() {
           $restricted = 0;
 
         if ($ok) {
-          if (isset ($id))
+          if (isset ($id)) {
             sql_query("UPDATE `AngelTypes` SET `name`='" . sql_escape($name) . "', `restricted`=" . sql_escape($restricted) . " WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-          else
+            engelsystem_log("Updated angeltype: " . $name . ", restricted: " . $restricted);
+          } else {
             sql_query("INSERT INTO `AngelTypes` SET `name`='" . sql_escape($name) . "', `restricted`=" . sql_escape($restricted));
+            engelsystem_log("Created angeltype: " . $name . ", restricted: " . $restricted);
+          }
 
           success("Angel type saved.");
           redirect(page_link_to('admin_angel_types'));
@@ -76,6 +79,7 @@ function admin_angel_types() {
         sql_query("DELETE FROM `ShiftEntry` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
         sql_query("DELETE FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
         sql_query("DELETE FROM `UserAngelTypes` WHERE `angeltype_id`=" . sql_escape($id) . " LIMIT 1");
+        engelsystem_log("Deleted angel type: " . $name);
         success(sprintf("Angel type %s deleted.", $name));
         redirect(page_link_to('admin_angel_types'));
       }
diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php
index 2acad0b3..70a43394 100644
--- a/includes/pages/admin_arrive.php
+++ b/includes/pages/admin_arrive.php
@@ -1,52 +1,60 @@
 <?php
 function admin_arrive() {
-	$msg = "";
-	$search = "";
-	if (isset ($_REQUEST['search']))
-		$search = strip_request_item('search');
+  $msg = "";
+  $search = "";
+  if (isset ($_REQUEST['search']))
+    $search = strip_request_item('search');
 
-	if (isset ($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
-		$id = $_REQUEST['reset'];
-		sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-		$msg = success("Reset done. Angel has not arrived.", true);
-	}
-	elseif (isset ($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
-		$id = $_REQUEST['arrived'];
-		sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-		$msg = success("Angel has been marked as arrived.", true);
-	}
+  if (isset ($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
+    $id = $_REQUEST['reset'];
+    $user_source = User($id);
+    if($user_source != null) {
+      sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      engelsystem_log("User set to not arrived: " . $user_source['Nick']);
+      $msg = success("Reset done. Angel has not arrived.", true);
+    } else $msg = error("Angel not found.", true);
+  }
+  elseif (isset ($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
+    $id = $_REQUEST['arrived'];
+    $user_source = User($id);
+    if($user_source != null) {
+      sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+      engelsystem_log("User set has arrived: " . $user_source['Nick']);
+      $msg = success("Angel has been marked as arrived.", true);
+    } else $msg = error("Angel not found.", true);
+  }
 
-	$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
-	$table = "";
-	if ($search == "")
-		$tokens = array ();
-	else
-		$tokens = explode(" ", $search);
-	foreach ($users as $usr) {
-		if (count($tokens) > 0) {
-			$match = false;
-			$index = join("", $usr);
-			foreach ($tokens as $t)
-				if (strstr($index, trim($t))) {
-					$match = true;
-					break;
-				}
-			if (!$match)
-				continue;
-		}
-		$table .= '<tr>';
-		$table .= '<td>' . $usr['Nick'] . '</td>';
-		if ($usr['Gekommen'] == 1)
-			$table .= '<td>yes</td><td><a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">reset</a></td>';
-		else
-			$table .= '<td></td><td><a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">arrived</a></td>';
-		$table .= '</tr>';
-	}
-	return template_render('../templates/admin_arrive.html', array (
-		'search' => $search,
-		'table' => $table,
-		'msg' => $msg,
-		'link' => page_link_to('admin_arrive')
-	));
+  $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
+  $table = "";
+  if ($search == "")
+    $tokens = array ();
+  else
+    $tokens = explode(" ", $search);
+  foreach ($users as $usr) {
+    if (count($tokens) > 0) {
+      $match = false;
+      $index = join("", $usr);
+      foreach ($tokens as $t)
+        if (strstr($index, trim($t))) {
+        $match = true;
+        break;
+      }
+      if (!$match)
+        continue;
+    }
+    $table .= '<tr>';
+    $table .= '<td>' . $usr['Nick'] . '</td>';
+    if ($usr['Gekommen'] == 1)
+      $table .= '<td>yes</td><td><a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">reset</a></td>';
+    else
+      $table .= '<td></td><td><a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">arrived</a></td>';
+    $table .= '</tr>';
+  }
+  return template_render('../templates/admin_arrive.html', array (
+    'search' => $search,
+    'table' => $table,
+    'msg' => $msg,
+    'link' => page_link_to('admin_arrive')
+  ));
 }
 ?>
\ No newline at end of file
diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php
index 2fc789fa..df472359 100644
--- a/includes/pages/admin_groups.php
+++ b/includes/pages/admin_groups.php
@@ -1,91 +1,99 @@
 <?php
 function admin_groups() {
-	global $user;
+  global $user;
 
-	$html = "";
-	$groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
-	if (!isset ($_REQUEST["action"])) {
-		$groups_html = "";
-		foreach ($groups as $group) {
-			$groups_html .= sprintf(
-				'<tr><td>%s</td>',
-				$group['Name']
-			);
-			$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
-			$privileges_html = array ();
+  $html = "";
+  $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
+  if (!isset ($_REQUEST["action"])) {
+    $groups_html = "";
+    foreach ($groups as $group) {
+      $groups_html .= sprintf(
+          '<tr><td>%s</td>',
+          $group['Name']
+      );
+      $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
+      $privileges_html = array ();
 
-			foreach ($privileges as $priv)
-				$privileges_html[] = $priv['name'];
+      foreach ($privileges as $priv)
+        $privileges_html[] = $priv['name'];
 
-			$groups_html .= sprintf(
-				'<td>%s</td>'
-				. '<td><a href="%s&action=edit&id=%s">Ändern</a></td>',
-				join(', ', $privileges_html),
-				page_link_to("admin_groups"),
-				$group['UID']
-			);
-		}
+      $groups_html .= sprintf(
+          '<td>%s</td>'
+          . '<td><a href="%s&action=edit&id=%s">Ändern</a></td>',
+          join(', ', $privileges_html),
+          page_link_to("admin_groups"),
+          $group['UID']
+      );
+    }
 
-		return template_render('../templates/admin_groups.html', array (
-			'nick' => $user['Nick'],
-			'groups' => $groups_html
-		));
-	} else {
-		switch ($_REQUEST["action"]) {
-			case 'edit' :
-				if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing Groups ID.", true);
+    return template_render('../templates/admin_groups.html', array (
+      'nick' => $user['Nick'],
+      'groups' => $groups_html
+    ));
+  } else {
+    switch ($_REQUEST["action"]) {
+      case 'edit' :
+        if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing Groups ID.", true);
 
-				$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($room) > 0) {
-					list ($room) = $room;
-					$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
-					$privileges_html = "";
-					foreach ($privileges as $priv)
-						$privileges_html .= sprintf(
-							'<tr><td><input type="checkbox" '
-							. 'name="privileges[]" value="%s" %s />'
-							. '</td> <td>%s</td> <td>%s</td></tr>',
-							$priv['id'],
-							($priv['group_id'] != ""
-							? 'checked="checked"'
-							: ''),
-							$priv['name'],
-							$priv['desc']
-						);
+        $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($room) > 0) {
+          list ($room) = $room;
+          $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
+          $privileges_html = "";
+          foreach ($privileges as $priv)
+            $privileges_html .= sprintf(
+                '<tr><td><input type="checkbox" '
+                . 'name="privileges[]" value="%s" %s />'
+                . '</td> <td>%s</td> <td>%s</td></tr>',
+                $priv['id'],
+                ($priv['group_id'] != ""
+                    ? 'checked="checked"'
+                    : ''),
+                $priv['name'],
+                $priv['desc']
+            );
 
-					$html .= template_render('../templates/admin_groups_edit_form.html', array (
-						'link' => page_link_to("admin_groups"),
-						'id' => $id,
-						'privileges' => $privileges_html
-					));
-				} else
-					return error("No Group found.", true);
-				break;
+          $html .= template_render('../templates/admin_groups_edit_form.html', array (
+            'link' => page_link_to("admin_groups"),
+            'id' => $id,
+            'privileges' => $privileges_html
+          ));
+        } else
+          return error("No Group found.", true);
+        break;
 
-			case 'save' :
-				if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing Groups ID.", true);
+      case 'save' :
+        if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing Groups ID.", true);
 
-				$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
-				if (!is_array($_REQUEST['privileges']))
-					$_REQUEST['privileges'] = array ();
-				if (count($room) > 0) {
-					list ($room) = $room;
-					sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
-					foreach ($_REQUEST['privileges'] as $priv)
-						if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0)
-							sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
-					header("Location: " . page_link_to("admin_groups"));
-				} else
-					return error("No Group found.", true);
-				break;
-		}
-	}
-	return $html;
+        $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+        if (!is_array($_REQUEST['privileges']))
+          $_REQUEST['privileges'] = array ();
+        if (count($room) > 0) {
+          list ($room) = $room;
+          sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
+          $privilege_names = array();
+          foreach ($_REQUEST['privileges'] as $priv) {
+            if (preg_match("/^[0-9]{1,}$/", $priv)) {
+              $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv) . " LIMIT 1");
+              if(count($group_privileges_source) > 0) {
+                sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
+                $privilege_names[] = $group_privileges_source[0]['name'];
+              }
+            }
+          }
+          engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names));
+          header("Location: " . page_link_to("admin_groups"));
+        } else
+          return error("No Group found.", true);
+        break;
+    }
+  }
+  return $html;
 }
 ?>
diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php
index 5ac62d2d..9a31d5cd 100644
--- a/includes/pages/admin_import.php
+++ b/includes/pages/admin_import.php
@@ -1,279 +1,281 @@
 <?php
 function admin_import() {
-	global $PentabarfXMLhost, $PentabarfXMLpath;
-	global $rooms_import;
-	global $user;
-	$html = "";
-
-	$step = "input";
-	if (isset ($_REQUEST['step']))
-		$step = $_REQUEST['step'];
-
-	$html .= '<p>';
-	$html .= $step == "input" ? '<b>1. Input</b>' : '1. Input';
-	$html .= ' &raquo; ';
-	$html .= $step == "check" ? '<b>2. Validate</b>' : '2. Validate';
-	$html .= ' &raquo; ';
-	$html .= $step == "import" ? '<b>3. Import</b>' : '3. Import';
-	$html .= '</p>';
-
-	$import_file = '../import/import_' . $user['UID'] . '.xml';
-
-	switch ($step) {
-		case "input" :
-			$ok = false;
-			if ($test_handle = fopen('../import/tmp', 'w')) {
-				fclose($test_handle);
-				unlink('../import/tmp');
-			} else {
-				$msg = error("Webserver has no write-permission on import directory.", true);
-			}
-
-			if (isset ($_REQUEST['submit'])) {
-				$ok = true;
-				if (isset ($_REQUEST['user']) && $_REQUEST['user'] != "" && isset ($_REQUEST['password']) && $_REQUEST['password'] != "") {
-					$fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 5);
-
-					if (!$fp) {
-						$ok = false;
-						$msg = error("File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_REQUEST["url"] . "' not readable!" . "[$errstr ($errno)]", true);
-					} else {
-						$fileOut = fopen($import_file, "w");
-						$head = 'GET /' . $PentabarfXMLpath . $_REQUEST["url"] . ' HTTP/1.1' . "\r\n" .
-							'Host: ' . $PentabarfXMLhost . "\r\n" .
-							'User-Agent: Engelsystem' . "\r\n" .
-							'Authorization: Basic ' .
-							base64_encode($_REQUEST["user"] . ':' . $_REQUEST["password"]) . "\r\n" . 
-							"\r\n";
-						fputs($fp, $head);
-						$Zeilen = -1;
-						echo "<pre>";
-						while (!feof($fp)) {
-							$Temp = fgets($fp, 1024);
-
-							// show header
-							if ($Zeilen == -1) {
-								echo $Temp;
-							}
-
-							// ende des headers
-							if ($Temp == "\r\n") {
-								echo "</pre>\n";
-								$Zeilen = 0;
-								$Temp = "";
-							}
-
-							//file ende?
-							if ($Temp == "0\r\n")
-								break;
-
-							if (($Zeilen > -1) && ($Temp != "ffb\r\n")) {
-								//steuerzeichen ausfiltern
-								if (strpos("#$Temp", "\r\n") > 0)
-									$Temp = substr($Temp, 0, strlen($Temp) - 2);
-								if (strpos("#$Temp", "1005") > 0)
-									$Temp = "";
-								if (strpos("#$Temp", "783") > 0)
-									$Temp = "";
-								//schreiben in file
-								fputs($fileOut, $Temp);
-								$Zeilen++;
-							}
-						}
-						fclose($fileOut);
-						fclose($fp);
-						$msg .= success("Es wurden $Zeilen Zeilen eingelesen.", true);
-					}
-				}
-				elseif (isset ($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
-					if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
-						libxml_use_internal_errors(true);
-						if (simplexml_load_file($import_file) === false) {
-							$ok = false;
-							$msg = error("No valid xml/xcal file provided.", true);
-							unlink($import_file);
-						}
-					} else {
-						$ok = false;
-						$msg = error("File upload went wrong.", true);
-					}
-				} else {
-					$ok = false;
-					$msg = error("Please provide some data.", true);
-				}
-			}
-
-			if ($ok)
-				header("Location: " . page_link_to('admin_import') . "&step=check");
-			else
-				$html .= template_render('../templates/admin_import_input.html', array (
-					'link' => page_link_to('admin_import'),
-					'msg' => $msg,
-					'url' => "https://$PentabarfXMLhost/$PentabarfXMLpath"
-				));
-			break;
-
-		case "check" :
-			if (!file_exists($import_file))
-				header("Location: " . page_link_to('admin_import'));
-
-			list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
-			list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
-
-			$html .= template_render('../templates/admin_import_check.html', array (
-				'link' => page_link_to('admin_import'),
-				'rooms_new' => count($rooms_new) == 0 ? "<tr><td>None</td></tr>" : table_body($rooms_new),
-				'rooms_deleted' => count($rooms_deleted) == 0 ? "<tr><td>None</td></tr>" : table_body($rooms_deleted),
-				'events_new' => count($events_new) == 0 ? "<tr><td>None</td><td></td><td></td><td></td><td></td></tr>" : table_body(shifts_printable($events_new)),
-				'events_updated' => count($events_updated) == 0 ? "<tr><td>None</td><td></td><td></td><td></td><td></td></tr>" : table_body(shifts_printable($events_updated)),
-				'events_deleted' => count($events_deleted) == 0 ? "<tr><td>None</td><td></td><td></td><td></td><td></td></tr>" : table_body(shifts_printable($events_deleted))
-			));
-			break;
-
-		case "import" :
-			if (!file_exists($import_file))
-				header("Location: " . page_link_to('admin_import'));
-
-			list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
-			foreach ($rooms_new as $room) {
-				sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($room) . "', `FromPentabarf`='Y', `Show`='Y'");
-				$rooms_import[trim($room)] = sql_id();
-			}
-			foreach ($rooms_deleted as $room)
-				sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
-
-			list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
-			foreach ($events_new as $event)
-				sql_query("INSERT INTO `Shifts` SET `name`='" .
-				sql_escape($event['name']) . "', `start`=" . sql_escape($event['start']) . ", `end`=" . sql_escape($event['end']) . ", `RID`=" . sql_escape($event['RID']) . ", `PSID`=" . sql_escape($event['PSID']) . ", `URL`='" . sql_escape($event['URL']) . "'");
-
-			foreach ($events_updated as $event)
-				sql_query("UPDATE `Shifts` SET `name`='" .
-				sql_escape($event['name']) . "', `start`=" . sql_escape($event['start']) . ", `end`=" . sql_escape($event['end']) . ", `RID`=" . sql_escape($event['RID']) . ", `PSID`=" . sql_escape($event['PSID']) . ", `URL`='" . sql_escape($event['URL']) . "' WHERE `PSID`=" . sql_escape($event['PSID']) . " LIMIT 1");
-
-			foreach ($events_deleted as $event)
-				sql_query("DELETE FROM `Shifts` WHERE `PSID`=" .
-				sql_escape($event['PSID']) . " LIMIT 1");
-
-			unlink($import_file);
-
-			$html .= template_render('../templates/admin_import_import.html', array ());
-			break;
-	}
-
-	return $html;
+  global $PentabarfXMLhost, $PentabarfXMLpath;
+  global $rooms_import;
+  global $user;
+  $html = "";
+
+  $step = "input";
+  if (isset ($_REQUEST['step']))
+    $step = $_REQUEST['step'];
+
+  $html .= '<p>';
+  $html .= $step == "input" ? '<b>1. Input</b>' : '1. Input';
+  $html .= ' &raquo; ';
+  $html .= $step == "check" ? '<b>2. Validate</b>' : '2. Validate';
+  $html .= ' &raquo; ';
+  $html .= $step == "import" ? '<b>3. Import</b>' : '3. Import';
+  $html .= '</p>';
+
+  $import_file = '../import/import_' . $user['UID'] . '.xml';
+
+  switch ($step) {
+    case "input" :
+      $ok = false;
+      if ($test_handle = fopen('../import/tmp', 'w')) {
+        fclose($test_handle);
+        unlink('../import/tmp');
+      } else {
+        $msg = error("Webserver has no write-permission on import directory.", true);
+      }
+
+      if (isset ($_REQUEST['submit'])) {
+        $ok = true;
+        if (isset ($_REQUEST['user']) && $_REQUEST['user'] != "" && isset ($_REQUEST['password']) && $_REQUEST['password'] != "") {
+          $fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 5);
+
+          if (!$fp) {
+            $ok = false;
+            $msg = error("File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_REQUEST["url"] . "' not readable!" . "[$errstr ($errno)]", true);
+          } else {
+            $fileOut = fopen($import_file, "w");
+            $head = 'GET /' . $PentabarfXMLpath . $_REQUEST["url"] . ' HTTP/1.1' . "\r\n" .
+                'Host: ' . $PentabarfXMLhost . "\r\n" .
+                'User-Agent: Engelsystem' . "\r\n" .
+                'Authorization: Basic ' .
+                base64_encode($_REQUEST["user"] . ':' . $_REQUEST["password"]) . "\r\n" .
+                "\r\n";
+            fputs($fp, $head);
+            $Zeilen = -1;
+            echo "<pre>";
+            while (!feof($fp)) {
+              $Temp = fgets($fp, 1024);
+
+              // show header
+              if ($Zeilen == -1) {
+                echo $Temp;
+              }
+
+              // ende des headers
+              if ($Temp == "\r\n") {
+                echo "</pre>\n";
+                $Zeilen = 0;
+                $Temp = "";
+              }
+
+              //file ende?
+              if ($Temp == "0\r\n")
+                break;
+
+              if (($Zeilen > -1) && ($Temp != "ffb\r\n")) {
+                //steuerzeichen ausfiltern
+                if (strpos("#$Temp", "\r\n") > 0)
+                  $Temp = substr($Temp, 0, strlen($Temp) - 2);
+                if (strpos("#$Temp", "1005") > 0)
+                  $Temp = "";
+                if (strpos("#$Temp", "783") > 0)
+                  $Temp = "";
+                //schreiben in file
+                fputs($fileOut, $Temp);
+                $Zeilen++;
+              }
+            }
+            fclose($fileOut);
+            fclose($fp);
+            $msg .= success("Es wurden $Zeilen Zeilen eingelesen.", true);
+          }
+        }
+        elseif (isset ($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
+          if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
+            libxml_use_internal_errors(true);
+            if (simplexml_load_file($import_file) === false) {
+              $ok = false;
+              $msg = error("No valid xml/xcal file provided.", true);
+              unlink($import_file);
+            }
+          } else {
+            $ok = false;
+            $msg = error("File upload went wrong.", true);
+          }
+        } else {
+          $ok = false;
+          $msg = error("Please provide some data.", true);
+        }
+      }
+
+      if ($ok)
+        header("Location: " . page_link_to('admin_import') . "&step=check");
+      else
+        $html .= template_render('../templates/admin_import_input.html', array (
+          'link' => page_link_to('admin_import'),
+          'msg' => $msg,
+          'url' => "https://$PentabarfXMLhost/$PentabarfXMLpath"
+        ));
+      break;
+
+    case "check" :
+      if (!file_exists($import_file))
+        header("Location: " . page_link_to('admin_import'));
+
+      list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
+      list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
+
+      $html .= template_render('../templates/admin_import_check.html', array (
+        'link' => page_link_to('admin_import'),
+        'rooms_new' => count($rooms_new) == 0 ? "<tr><td>None</td></tr>" : table_body($rooms_new),
+        'rooms_deleted' => count($rooms_deleted) == 0 ? "<tr><td>None</td></tr>" : table_body($rooms_deleted),
+        'events_new' => count($events_new) == 0 ? "<tr><td>None</td><td></td><td></td><td></td><td></td></tr>" : table_body(shifts_printable($events_new)),
+        'events_updated' => count($events_updated) == 0 ? "<tr><td>None</td><td></td><td></td><td></td><td></td></tr>" : table_body(shifts_printable($events_updated)),
+        'events_deleted' => count($events_deleted) == 0 ? "<tr><td>None</td><td></td><td></td><td></td><td></td></tr>" : table_body(shifts_printable($events_deleted))
+      ));
+      break;
+
+    case "import" :
+      if (!file_exists($import_file))
+        header("Location: " . page_link_to('admin_import'));
+
+      list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
+      foreach ($rooms_new as $room) {
+        sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($room) . "', `FromPentabarf`='Y', `Show`='Y'");
+        $rooms_import[trim($room)] = sql_id();
+      }
+      foreach ($rooms_deleted as $room)
+        sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
+
+      list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
+      foreach ($events_new as $event)
+        sql_query("INSERT INTO `Shifts` SET `name`='" .
+            sql_escape($event['name']) . "', `start`=" . sql_escape($event['start']) . ", `end`=" . sql_escape($event['end']) . ", `RID`=" . sql_escape($event['RID']) . ", `PSID`=" . sql_escape($event['PSID']) . ", `URL`='" . sql_escape($event['URL']) . "'");
+
+      foreach ($events_updated as $event)
+        sql_query("UPDATE `Shifts` SET `name`='" .
+            sql_escape($event['name']) . "', `start`=" . sql_escape($event['start']) . ", `end`=" . sql_escape($event['end']) . ", `RID`=" . sql_escape($event['RID']) . ", `PSID`=" . sql_escape($event['PSID']) . ", `URL`='" . sql_escape($event['URL']) . "' WHERE `PSID`=" . sql_escape($event['PSID']) . " LIMIT 1");
+
+      foreach ($events_deleted as $event)
+        sql_query("DELETE FROM `Shifts` WHERE `PSID`=" .
+            sql_escape($event['PSID']) . " LIMIT 1");
+
+      engelsystem_log("Pentabarf import done");
+
+      unlink($import_file);
+
+      $html .= template_render('../templates/admin_import_import.html', array ());
+      break;
+  }
+
+  return $html;
 }
 
 function prepare_rooms($file) {
-	global $rooms_import;
-	$data = read_xml($file);
-
-	// Load rooms from db for compare with input
-	$rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'");
-	$rooms_db = array ();
-	$rooms_import = array ();
-	foreach ($rooms as $room) {
-		$rooms_db[] = $room['Name'];
-		$rooms_import[$room['Name']] = $room['RID'];
-	}
-
-	$events = $data->vcalendar->vevent;
-	$rooms_pb = array ();
-	foreach ($events as $event) {
-		$rooms_pb[] = $event->location;
-		if (!isset ($rooms_import[trim($event->location)]))
-			$rooms_import[trim($event->location)] = trim($event->location);
-	}
-	$rooms_pb = array_unique($rooms_pb);
-
-	$rooms_new = array_diff($rooms_pb, $rooms_db);
-	$rooms_deleted = array_diff($rooms_db, $rooms_pb);
-
-	return array (
-		$rooms_new,
-		$rooms_deleted
-	);
+  global $rooms_import;
+  $data = read_xml($file);
+
+  // Load rooms from db for compare with input
+  $rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'");
+  $rooms_db = array ();
+  $rooms_import = array ();
+  foreach ($rooms as $room) {
+    $rooms_db[] = $room['Name'];
+    $rooms_import[$room['Name']] = $room['RID'];
+  }
+
+  $events = $data->vcalendar->vevent;
+  $rooms_pb = array ();
+  foreach ($events as $event) {
+    $rooms_pb[] = $event->location;
+    if (!isset ($rooms_import[trim($event->location)]))
+      $rooms_import[trim($event->location)] = trim($event->location);
+  }
+  $rooms_pb = array_unique($rooms_pb);
+
+  $rooms_new = array_diff($rooms_pb, $rooms_db);
+  $rooms_deleted = array_diff($rooms_db, $rooms_pb);
+
+  return array (
+    $rooms_new,
+    $rooms_deleted
+  );
 }
 
 function prepare_events($file) {
-	global $rooms_import;
-	$data = read_xml($file);
-
-	$rooms = sql_select("SELECT * FROM `Room`");
-	$rooms_db = array ();
-	foreach ($rooms as $room)
-		$rooms_db[$room['Name']] = $room['RID'];
-
-	$events = $data->vcalendar->vevent;
-	$shifts_pb = array ();
-	foreach ($events as $event) {
-		$event_pb = $event->children("http://pentabarf.org");
-		$event_id = trim($event_pb-> {
-			'event-id' });
-		$shifts_pb[$event_id] = array (
-			'start' => DateTime :: createFromFormat("Ymd\THis", $event->dtstart)->getTimestamp(),
-			'end' => DateTime :: createFromFormat("Ymd\THis", $event->dtend)->getTimestamp(),
-			'RID' => $rooms_import[trim($event->location)],
-			'name' => trim($event->summary),
-			'URL' => trim($event->url),
-			'PSID' => $event_id
-		);
-	}
-
-	$shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`");
-	$shifts_db = array ();
-	foreach ($shifts as $shift)
-		$shifts_db[$shift['PSID']] = $shift;
-
-	$shifts_new = array ();
-	$shifts_updated = array ();
-	foreach ($shifts_pb as $shift)
-		if (!isset ($shifts_db[$shift['PSID']]))
-			$shifts_new[] = $shift;
-		else {
-			$tmp = $shifts_db[$shift['PSID']];
-			if ($shift['name'] != $tmp['name'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL'])
-				$shifts_updated[] = $shift;
-		}
-
-	$shifts_deleted = array ();
-	foreach ($shifts_db as $shift)
-		if (!isset ($shifts_pb[$shift['PSID']]))
-			$shifts_deleted[] = $shift;
-
-	return array (
-		$shifts_new,
-		$shifts_updated,
-		$shifts_deleted
-	);
+  global $rooms_import;
+  $data = read_xml($file);
+
+  $rooms = sql_select("SELECT * FROM `Room`");
+  $rooms_db = array ();
+  foreach ($rooms as $room)
+    $rooms_db[$room['Name']] = $room['RID'];
+
+  $events = $data->vcalendar->vevent;
+  $shifts_pb = array ();
+  foreach ($events as $event) {
+    $event_pb = $event->children("http://pentabarf.org");
+    $event_id = trim($event_pb-> {
+      'event-id' });
+      $shifts_pb[$event_id] = array (
+        'start' => DateTime :: createFromFormat("Ymd\THis", $event->dtstart)->getTimestamp(),
+        'end' => DateTime :: createFromFormat("Ymd\THis", $event->dtend)->getTimestamp(),
+        'RID' => $rooms_import[trim($event->location)],
+        'name' => trim($event->summary),
+        'URL' => trim($event->url),
+        'PSID' => $event_id
+      );
+  }
+
+  $shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`");
+  $shifts_db = array ();
+  foreach ($shifts as $shift)
+    $shifts_db[$shift['PSID']] = $shift;
+
+  $shifts_new = array ();
+  $shifts_updated = array ();
+  foreach ($shifts_pb as $shift)
+    if (!isset ($shifts_db[$shift['PSID']]))
+    $shifts_new[] = $shift;
+  else {
+    $tmp = $shifts_db[$shift['PSID']];
+    if ($shift['name'] != $tmp['name'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL'])
+      $shifts_updated[] = $shift;
+  }
+
+  $shifts_deleted = array ();
+  foreach ($shifts_db as $shift)
+    if (!isset ($shifts_pb[$shift['PSID']]))
+    $shifts_deleted[] = $shift;
+
+  return array (
+    $shifts_new,
+    $shifts_updated,
+    $shifts_deleted
+  );
 }
 
 function read_xml($file) {
-	global $xml_import;
-	if (!isset ($xml_import))
-		$xml_import = simplexml_load_file($file);
-	return $xml_import;
+  global $xml_import;
+  if (!isset ($xml_import))
+    $xml_import = simplexml_load_file($file);
+  return $xml_import;
 }
 
 function shifts_printable($shifts) {
-	global $rooms_import;
-	$rooms = array_flip($rooms_import);
-
-	uasort($shifts, 'shift_sort');
-
-	$shifts_printable = array ();
-	foreach ($shifts as $shift)
-		$shifts_printable[] = array (
-			'day' => date("l, Y-m-d", $shift['start']),
-			'start' => date("H:i", $shift['start']),
-			'name' => shorten($shift['name']),
-			'end' => date("H:i", $shift['end']),
-			'room' => $rooms[$shift['RID']]
-		);
-	return $shifts_printable;
+  global $rooms_import;
+  $rooms = array_flip($rooms_import);
+
+  uasort($shifts, 'shift_sort');
+
+  $shifts_printable = array ();
+  foreach ($shifts as $shift)
+    $shifts_printable[] = array (
+      'day' => date("l, Y-m-d", $shift['start']),
+      'start' => date("H:i", $shift['start']),
+      'name' => shorten($shift['name']),
+      'end' => date("H:i", $shift['end']),
+      'room' => $rooms[$shift['RID']]
+    );
+  return $shifts_printable;
 }
 
 function shift_sort($a, $b) {
-	return ($a['start'] < $b['start']) ? -1 : 1;
+  return ($a['start'] < $b['start']) ? -1 : 1;
 }
 ?>
diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php
index ca1f81fc..f6c06001 100644
--- a/includes/pages/admin_news.php
+++ b/includes/pages/admin_news.php
@@ -1,87 +1,89 @@
 <?php
 function admin_news() {
-	global $user;
-	
-	if (!isset ($_GET["action"])) {
-		header("Location: " . page_link_to("news"));
-	} else {
-		$html = "";
-		switch ($_GET["action"]) {
-			case 'edit' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing News ID.", true);
+  global $user;
 
-				$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($news) > 0) {
-					list ($news) = $news;
+  if (!isset ($_GET["action"])) {
+    header("Location: " . page_link_to("news"));
+  } else {
+    $html = "";
+    switch ($_GET["action"]) {
+      case 'edit' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing News ID.", true);
 
-					$html .= '<a href="' . page_link_to("news") . '">&laquo Back</a>';
+        $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($news) > 0) {
+          list ($news) = $news;
 
-					$html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
+          $html .= '<a href="' . page_link_to("news") . '">&laquo Back</a>';
 
-					$html .= "<table>\n";
-					$html .= "  <tr><td>Datum</td><td>" .
-					date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n";
-					$html .= "  <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" .
-					$news["Betreff"] . "\"></td></tr>\n";
-					$html .= "  <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
-					$news["Text"] . "</textarea></td></tr>\n";
-					$html .= "  <tr><td>Engel</td><td>" .
-					UID2Nick($news["UID"]) . "</td></tr>\n";
-					$html .= "  <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array (
-						'1' => "Ja",
-						'0' => "Nein"
-					), $news['Treffen']) . "</td></tr>\n";
-					$html .= "</table>";
+          $html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
 
-					$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
-					$html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n";
-					$html .= "</form>";
+          $html .= "<table>\n";
+          $html .= "  <tr><td>Datum</td><td>" .
+              date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n";
+          $html .= "  <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" .
+              $news["Betreff"] . "\"></td></tr>\n";
+          $html .= "  <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
+              $news["Text"] . "</textarea></td></tr>\n";
+          $html .= "  <tr><td>Engel</td><td>" .
+              UID2Nick($news["UID"]) . "</td></tr>\n";
+          $html .= "  <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array (
+            '1' => "Ja",
+            '0' => "Nein"
+          ), $news['Treffen']) . "</td></tr>\n";
+          $html .= "</table>";
 
-					$html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n";
-					$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
-					$html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
-					$html .= "</form>";
-				} else
-					return error("No News found.", true);
-				break;
+          $html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
+          $html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n";
+          $html .= "</form>";
 
-			case 'save' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing News ID.", true);
+          $html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n";
+          $html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
+          $html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
+          $html .= "</form>";
+        } else
+          return error("No News found.", true);
+        break;
 
-				$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($news) > 0) {
-					list ($news) = $news;
+      case 'save' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing News ID.", true);
 
-					sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
-					"', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
-					header("Location: " . page_link_to("news"));
-				} else
-					return error("No News found.", true);
-				break;
+        $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($news) > 0) {
+          list ($news) = $news;
 
-			case 'delete' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing News ID.", true);
+          sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
+              "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
+          engelsystem_log("News updated: " . $_POST["eBetreff"]);
+          header("Location: " . page_link_to("news"));
+        } else
+          return error("No News found.", true);
+        break;
 
-				$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($news) > 0) {
-					list ($news) = $news;
+      case 'delete' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing News ID.", true);
 
-					sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-					header("Location: " . page_link_to("news"));
-				} else
-					return error("No News found.", true);
-				break;
-		}
-	}
-	return $html;
+        $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($news) > 0) {
+          list ($news) = $news;
+
+          sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+          engelsystem_log("News deleted: " . $news['Betreff']);
+          header("Location: " . page_link_to("news"));
+        } else
+          return error("No News found.", true);
+        break;
+    }
+  }
+  return $html;
 }
 ?>
\ No newline at end of file
diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php
index df5e9196..a85c8c0f 100644
--- a/includes/pages/admin_questions.php
+++ b/includes/pages/admin_questions.php
@@ -1,85 +1,87 @@
 <?php
 function admin_new_questions() {
-	global $user, $privileges;
+  global $user, $privileges;
 
-	if (in_array("admin_questions", $privileges)) {
-		$new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID`=0");
+  if (in_array("admin_questions", $privileges)) {
+    $new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID`=0");
 
-		if ($new_messages > 0)
-			return '<p class="info"><a href="' . page_link_to("admin_questions") . '">Es gibt unbeantwortete Fragen!</a></p><hr />';
-	}
+    if ($new_messages > 0)
+      return '<p class="info"><a href="' . page_link_to("admin_questions") . '">Es gibt unbeantwortete Fragen!</a></p><hr />';
+  }
 
-	return "";
+  return "";
 }
 
 function admin_questions() {
-	global $user;
+  global $user;
 
-	if (!isset ($_REQUEST['action'])) {
-		$open_questions = "";
-		$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0");
-		foreach ($questions as $question)
-			$open_questions .= template_render(
-				'../templates/admin_question_unanswered.html', array (
-				'question_nick' => UID2Nick($question['UID']),
-				'question_id'   => $question['QID'],
-				'link'          => page_link_to("admin_questions"),
-				'question'      => str_replace("\n", '<br />', $question['Question'])
-			));
+  if (!isset ($_REQUEST['action'])) {
+    $open_questions = "";
+    $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0");
+    foreach ($questions as $question)
+      $open_questions .= template_render(
+          '../templates/admin_question_unanswered.html', array (
+            'question_nick' => UID2Nick($question['UID']),
+            'question_id'   => $question['QID'],
+            'link'          => page_link_to("admin_questions"),
+            'question'      => str_replace("\n", '<br />', $question['Question'])
+          ));
 
-		$answered_questions = "";
-		$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0");
+    $answered_questions = "";
+    $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0");
 
-		foreach ($questions as $question)
-			$answered_questions .= template_render(
-				'../templates/admin_question_answered.html', array (
-				'question_id'   => $question['QID'],
-				'question_nick' => UID2Nick($question['UID']),
-				'question'      => str_replace("\n", "<br />", $question['Question']),
-				'answer_nick'   => UID2Nick($question['AID']),
-				'answer'        => str_replace("\n", "<br />", $question['Answer']),
-				'link'          => page_link_to("admin_questions"),
-			));
+    foreach ($questions as $question)
+      $answered_questions .= template_render(
+          '../templates/admin_question_answered.html', array (
+            'question_id'   => $question['QID'],
+            'question_nick' => UID2Nick($question['UID']),
+            'question'      => str_replace("\n", "<br />", $question['Question']),
+            'answer_nick'   => UID2Nick($question['AID']),
+            'answer'        => str_replace("\n", "<br />", $question['Answer']),
+            'link'          => page_link_to("admin_questions"),
+          ));
 
-		return template_render('../templates/admin_questions.html', array (
-			'link' => page_link_to("admin_questions"),
-			'open_questions' => $open_questions,
-			'answered_questions' => $answered_questions
-		));
-	} else {
-		switch ($_REQUEST['action']) {
-			case 'answer' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing Question ID.", true);
+    return template_render('../templates/admin_questions.html', array (
+      'link' => page_link_to("admin_questions"),
+      'open_questions' => $open_questions,
+      'answered_questions' => $answered_questions
+    ));
+  } else {
+    switch ($_REQUEST['action']) {
+      case 'answer' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing Question ID.", true);
 
-				$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($question) > 0 && $question[0]['AID'] == "0") {
-					$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
+        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($question) > 0 && $question[0]['AID'] == "0") {
+          $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
 
-					if ($answer != "") {
-						sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
-						header("Location: " . page_link_to("admin_questions"));
-					} else
-						return error("Gib eine Antwort ein!", true);
-				} else
-					return error("No question found.", true);
-				break;
-			case 'delete' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing Question ID.", true);
+          if ($answer != "") {
+            sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+            engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
+            header("Location: " . page_link_to("admin_questions"));
+          } else
+            return error("Gib eine Antwort ein!", true);
+        } else
+          return error("No question found.", true);
+        break;
+      case 'delete' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing Question ID.", true);
 
-				$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($question) > 0) {
-					sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
-					header("Location: " . page_link_to("admin_questions"));
-				} else
-					return error("No question found.", true);
-				break;
-		}
-	}
+        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($question) > 0) {
+          sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
+          engelsystem_log("Question deleted: " . $question[0]['Question']);
+          header("Location: " . page_link_to("admin_questions"));
+        } else
+          return error("No question found.", true);
+        break;
+    }
+  }
 }
 ?>
diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php
index 160316c6..b92ea6a8 100644
--- a/includes/pages/admin_rooms.php
+++ b/includes/pages/admin_rooms.php
@@ -77,17 +77,26 @@ function admin_rooms() {
         }
 
         if ($ok) {
-          if(isset($id))
+          if(isset($id)) {
             sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
-          else {
+            engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
+          } else {
             sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "'");
             $id = sql_id();
+            engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
           }
 
           sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
-          foreach ($angeltypes_count as $angeltype_id => $angeltype_count)
-            sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($id) . ", `angel_type_id`=" . sql_escape($angeltype_id) . ", `count`=" . sql_escape($angeltype_count));
+          $needed_angeltype_info = array();
+          foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
+            $angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($angeltype_id) . " LIMIT 1");
+            if(count($angeltype_source) > 0) {
+              sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($id) . ", `angel_type_id`=" . sql_escape($angeltype_id) . ", `count`=" . sql_escape($angeltype_count));
+              $needed_angeltype_info[] = $angeltypes_source[0]['name'] . ": " . $angeltype_count;
+            }
+          }
 
+          engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info));
           success("Room saved.");
           redirect(page_link_to("admin_rooms"));
         }
@@ -116,6 +125,8 @@ function admin_rooms() {
       if (isset ($_REQUEST['ack'])) {
         sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
         sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id) . " LIMIT 1");
+
+        engelsystem_log("Room deleted: " . $name);
         success(sprintf("Room %s deleted.", $name));
         redirect(page_link_to('admin_rooms'));
       }
diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php
index 303c580c..f35fa312 100644
--- a/includes/pages/admin_shifts.php
+++ b/includes/pages/admin_shifts.php
@@ -233,11 +233,18 @@ function admin_shifts() {
     foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
       sql_query("INSERT INTO `Shifts` SET `start`=" . sql_escape($shift['start']) . ",  `end`=" . sql_escape($shift['end']) . ", `RID`=" . sql_escape($shift['RID']) . ", `name`='" . sql_escape($shift['name']) . "'");
       $shift_id = sql_id();
+      engelsystem_log("Shift created: " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
+      $needed_angel_types_info = array();
       foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
-        sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
+        $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1");
+        if(count($angel_type_source) > 0) {
+          sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
+          $needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count;
+        }
       }
     }
 
+    engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info));
     $msg = success("Schichten angelegt.", true);
   } else {
     unset ($_SESSION['admin_shifts_shifts']);
diff --git a/includes/pages/admin_user_angeltypes.php b/includes/pages/admin_user_angeltypes.php
index b22178e0..38c4d9c8 100644
--- a/includes/pages/admin_user_angeltypes.php
+++ b/includes/pages/admin_user_angeltypes.php
@@ -8,16 +8,24 @@ function admin_user_angeltypes() {
   global $privileges;
 
   if (isset ($_REQUEST['confirm']) && test_request_int('confirm') && sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " AND `confirm_user_id` IS NULL") > 0) {
-    sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id`=" . sql_escape($_SESSION['uid']) . " WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " LIMIT 1");
-
-    success("Confirmed.");
+    $user_angel_type_source = sql_select("SELECT `UserAngelTypes`.*, `User`.`Nick`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `User` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `AngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " LIMIT 1");
+    if(count($user_angel_type_source) > 0) {
+      sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id`=" . sql_escape($_SESSION['uid']) . " WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " LIMIT 1");
+      engelsystem_log("Confirmed " . $user_angel_type_source[0]['Nick'] . " as " . $user_angel_type_source[0]['name']);
+      success("Confirmed.");
+    }
+    else error("Entry not found.");
     redirect(page_link_to('admin_user_angeltypes'));
   }
 
   if (isset ($_REQUEST['discard']) && test_request_int('discard') && sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " AND `confirm_user_id` IS NULL") > 0) {
-    sql_query("DELETE FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " LIMIT 1");
-
-    success("Discarded.");
+    $user_angel_type_source = sql_select("SELECT `UserAngelTypes`.*, `User`.`Nick`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `User` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `AngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " LIMIT 1");
+    if(count($user_angel_type_source) > 0) {
+      sql_query("DELETE FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " LIMIT 1");
+      engelsystem_log("Discarded " . $user_angel_type_source[0]['Nick'] . " as " . $user_angel_type_source[0]['name']);
+      success("Discarded.");
+    }
+    else error("Entry not found.");
     redirect(page_link_to('admin_user_angeltypes'));
   }
 
diff --git a/includes/sys_log.php b/includes/sys_log.php
new file mode 100644
index 00000000..65c0aa41
--- /dev/null
+++ b/includes/sys_log.php
@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * Write a log entry. This should be used to log user's activity.
+ * @param $message
+ */
+function engelsystem_log($message) {
+  global $user;
+
+  if(isset($user)) {
+    $nick = $user['Nick'];
+  } else {
+    $nick = "Guest";
+  }
+
+  LogEntry_create($nick, $message);
+}
+
+?>
\ No newline at end of file
diff --git a/public/index.php b/public/index.php
index 45555a2b..1773b54b 100644
--- a/public/index.php
+++ b/public/index.php
@@ -3,6 +3,7 @@ require_once ('bootstrap.php');
 require_once ('includes/sys_auth.php');
 require_once ('includes/sys_counter.php');
 require_once ('includes/sys_lang.php');
+require_once ('includes/sys_log.php');
 require_once ('includes/sys_menu.php');
 require_once ('includes/sys_mysql.php');
 require_once ('includes/sys_page.php');
-- 
cgit v1.2.3-54-g00ecf


From 51c6547610066912c0b0a3e6309cfb6b149aa0c2 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 26 Dec 2012 16:58:09 +0100
Subject: advanced form in user administration for confirming angeltypes

---
 includes/pages/admin_user.php | 46 ++++++++++++++++++++++++++++---------------
 includes/sys_mysql.php        | 19 ++++++++++++++++++
 includes/sys_template.php     | 28 ++++++++++++++++++++++++++
 3 files changed, 77 insertions(+), 16 deletions(-)

diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 5a986eca..a2ab7b07 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -92,28 +92,38 @@ function admin_user() {
       // UserAngelType subform
       list ($user_source) = sql_select($SQL);
 
-      $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
-      $selected_angel_types = array ();
-      foreach ($selected_angel_types_source as $selected_angel_type)
-        $selected_angel_types[] = $selected_angel_type['angeltype_id'];
+      $selected_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
+      $accepted_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `confirm_user_id` IS NOT NULL");
+      $nonrestricted_angel_types = sql_select_single_col("SELECT `id` FROM `AngelTypes` WHERE `restricted` = 0");
 
-      $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
-      $angel_types = array ();
+      $angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
+      $angel_types = array();
       foreach ($angel_types_source as $angel_type)
-        $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
+        $angel_types[$angel_type['id']] = $angel_type['name'];
 
       if (isset ($_REQUEST['submit_user_angeltypes'])) {
-        $selected_angel_types = array ();
-        foreach ($angel_types as $angel_type_id => $angel_type_name) {
-          if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
-            $selected_angel_types[] = $angel_type_id;
-        }
+        $selected_angel_types = array_intersect($_REQUEST['selected_angel_types'], array_keys($angel_types));
+        $accepted_angel_types = array_diff(array_intersect($_REQUEST['accepted_angel_types'], array_keys($angel_types)), $nonrestricted_angel_types);
+        if (in_array("admin_user_angeltypes", $privileges))
+          $selected_angel_types = array_merge($selected_angel_types, $accepted_angel_types);
 
         // Assign angel-types
-        foreach ($angel_types_source as $angel_type) {
-          if (!in_array($angel_type['id'], $selected_angel_types))
-            sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
+        sql_start_transaction();
+        sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
+        if (!empty($selected_angel_types)) {
+          $SQL = "INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ";
+          foreach ($selected_angel_types as $selected_angel_type_id)
+            $SQL .= "(${user_source['UID']}, ${selected_angel_type_id}),";
+          // remove superfluous comma
+          $SQL = substr($SQL, 0, -1);
+          sql_query($SQL);
+        }
+        if (in_array("admin_user_angeltypes", $privileges)) {
+          sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = NULL WHERE `user_id` = " . sql_escape($user_source['UID']));
+          if (!empty($accepted_angel_types))
+            sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = '" . sql_escape($user['UID']) . "' WHERE `user_id` = '" . sql_escape($user_source['UID']) . "' AND `angeltype_id` IN (" . implode(',', $accepted_angel_types) . ")");
         }
+        sql_stop_transaction();
 
         foreach ($selected_angel_types as $selected_angel_type_id) {
           if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) {
@@ -131,7 +141,11 @@ function admin_user() {
 
       $html .= form(array (
         msg(),
-        form_checkboxes('angel_types', "Angeltypes", $angel_types, $selected_angel_types),
+        form_multi_checkboxes(array('selected_angel_types' => 'gewünscht', 'accepted_angel_types' => 'akzeptiert'),
+          "Angeltypes",
+          $angel_types,
+          array('selected_angel_types' => $selected_angel_types, 'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types)),
+          array('accepted_angel_types' => $nonrestricted_angel_types)),
         form_submit('submit_user_angeltypes', Get_Text("Save"))
       ));
 
diff --git a/includes/sys_mysql.php b/includes/sys_mysql.php
index e418ddb8..81747ec2 100644
--- a/includes/sys_mysql.php
+++ b/includes/sys_mysql.php
@@ -31,6 +31,12 @@ function sql_select($query) {
 	}
 }
 
+function sql_select_single_col($query) {
+	$result = sql_select($query);
+	return array_map('array_pop', $result);
+
+}
+
 // Execute a query
 function sql_query($query) {
 	global $con;
@@ -59,4 +65,17 @@ function sql_error() {
 	global $con;
 	return mysql_error($con);
 }
+
+$sql_transaction_counter = 0;
+function sql_start_transaction() {
+	global $sql_transaction_counter;
+	if ($sql_transaction_counter++ == 0)
+		sql_query("START TRANSACTION");
+}
+
+function sql_stop_transaction() {
+	global $sql_transaction_counter;
+	if ($sql_transaction_counter-- == 1)
+		sql_query("COMMIT");
+}
 ?>
diff --git a/includes/sys_template.php b/includes/sys_template.php
index 4e701879..a988ff23 100644
--- a/includes/sys_template.php
+++ b/includes/sys_template.php
@@ -36,6 +36,34 @@ function form_checkboxes($name, $label, $items, $selected) {
 	return form_element($label, $html);
 }
 
+/**
+ * Rendert eine Tabelle von Checkboxen für ein Formular
+ * @param names Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
+ * @param label Die Beschriftung der gesamten Tabelle
+ * @param items Array mit den Beschriftungen der Zeilen
+ * @param selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo markierten Checkboxen ist
+ * @param disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
+ */
+function form_multi_checkboxes($names, $label, $items, $selected, $disabled = array()) {
+	$html = "<table><thead><tr>";
+	foreach ($names as $title)
+		$html .= "<th>$title</th>";
+	$html .= "</tr></thead><tbody>";
+	foreach ($items as $key => $item) {
+		$html .= "<tr>";
+		foreach ($names as $name => $title) {
+			$id = $name . '_' . $key;
+			$sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
+			if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false)
+				$sel .= ' disabled="disabled"';
+			$html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
+		}
+		$html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>';
+	}
+	$html .= "</tbody></table>";
+	return form_element($label, $html);
+}
+
 /**
  * Rendert eine Checkbox
  */
-- 
cgit v1.2.3-54-g00ecf


From 3cc2896376c4ef5b8d01320259010ba4e4576a3a Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 26 Dec 2012 17:27:27 +0100
Subject: multiply night shifts by 2 (confable with raw mysql)

---
 includes/pages/admin_active.php |  8 ++++----
 install/default-conf/config.php | 15 +++++++++++----
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php
index 0dabe568..241d0904 100644
--- a/includes/pages/admin_active.php
+++ b/includes/pages/admin_active.php
@@ -1,6 +1,6 @@
 <?php
 function admin_active() {
-  global $tshirt_sizes;
+  global $tshirt_sizes, $shift_sum_formula;
 
   $msg = "";
   $search = "";
@@ -24,7 +24,7 @@ function admin_active() {
       $limit = " LIMIT " . $count;
     if (isset ($_REQUEST['ack'])) {
       sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
-      $users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
+      $users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
       $user_nicks = array();
       foreach ($users as $usr) {
         sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
@@ -80,7 +80,7 @@ function admin_active() {
     else $msg = error("Angel not found.", true);
   }
 
-  $users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
+  $users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
 
   $table = "";
   if ($search == "")
@@ -141,4 +141,4 @@ function admin_active() {
     'link' => page_link_to('admin_active')
   ));
 }
-?>
\ No newline at end of file
+?>
diff --git a/install/default-conf/config.php b/install/default-conf/config.php
index d27d809a..543d1dce 100644
--- a/install/default-conf/config.php
+++ b/install/default-conf/config.php
@@ -37,10 +37,6 @@ $gmdateOffset=3600;
 // für Developen 1, sonst = 0
 $debug = 0;
 
-// SSL Cert-KEY
-$show_SSLCERT = "MD5:<br>MD5SED<br>\n".
-    "SHA1:<br>SHA1SED";
-
 //globale const. fuer schischtplan
 $GlobalZeileProStunde = 4;
 
@@ -61,4 +57,15 @@ $PentabarfXMLEventID = "31";
 /// Passord for external Authorization, function only active if the var is defined
 //$CurrentExternAuthPass = 23;
 
+// multiply "night shifts" (start or end between 2 and 6 exclusive) by 2
+$shift_sum_formula = "SUM(
+  (1+(
+    (HOUR(FROM_UNIXTIME(`Shifts`.`end`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) < 6)
+    OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`start`)) < 6)
+    OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) <= 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) >= 6)
+  ))*(`Shifts`.`end` - `Shifts`.`start`)
+)";
+
+// weigh every shift the same
+//$shift_sum_formula = "SUM(`end` - `start`)";
 ?>
-- 
cgit v1.2.3-54-g00ecf


From fe6fab67be17cd271eb77294f33667a81c7ea156 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 26 Dec 2012 18:14:23 +0100
Subject: filter free angels by angeltype

---
 includes/pages/admin_free.php | 20 ++++++++++++++++++--
 templates/admin_free.html     |  2 +-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php
index d5e3bd36..d6f4b7a0 100644
--- a/includes/pages/admin_free.php
+++ b/includes/pages/admin_free.php
@@ -6,7 +6,22 @@ function admin_free() {
 	if (isset ($_REQUEST['search']))
 		$search = strip_request_item('search');
 
-	$users = sql_select("SELECT `User`.* FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < " . sql_escape(time()) . " AND `Shifts`.`end` > " . sql_escape(time()) . ") WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL GROUP BY `User`.`UID` ORDER BY `Nick`");
+	$angeltypesearch = "";
+	if (empty ($_REQUEST['angeltype']))
+		$_REQUEST['angeltype'] = '';
+	else {
+		$angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`";
+		if (isset ($_REQUEST['confirmed_only']))
+			$angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`";
+		$angeltypesearch .= ") ";
+	}
+
+	$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
+	$angel_types = array('' => 'alle Typen');
+	foreach ($angel_types_source as $angel_type)
+	  $angel_types[$angel_type['id']] = $angel_type['name'];
+
+	$users = sql_select("SELECT `User`.* FROM `User` ${angeltypesearch} LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < " . sql_escape(time()) . " AND `Shifts`.`end` > " . sql_escape(time()) . ") WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL GROUP BY `User`.`UID` ORDER BY `Nick`");
 
 	$table = "";
 	if ($search == "")
@@ -41,8 +56,9 @@ function admin_free() {
 	}
 	return template_render('../templates/admin_free.html', array (
 		'search' => $search,
+		'angeltypes' => html_select_key('angeltype', 'angeltype', $angel_types, $_REQUEST['angeltype']),
 		'table' => $table,
 		'link' => page_link_to('admin_free')
 	));
 }
-?>
\ No newline at end of file
+?>
diff --git a/templates/admin_free.html b/templates/admin_free.html
index 522de12b..35ac1afa 100644
--- a/templates/admin_free.html
+++ b/templates/admin_free.html
@@ -1,6 +1,6 @@
 <form action="%link%" method="post">
     <p>
-        Search Angel: <input type="text" name="search" value="%search%" /><input type="submit" name="submit" value="Search" />
+        Search Angel: <input type="text" name="search" value="%search%" placeholder="Name" /> %angeltypes% <input type="submit" name="submit" value="Search" />
     </p>
 </form>
 <table>
-- 
cgit v1.2.3-54-g00ecf


From e0e44fc8c3df2839e14c7914a6e665aea98435c9 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 26 Dec 2012 20:39:54 +0100
Subject: added Atom feed for news and meetings

---
 db/update.d/21_Atom.php      |  4 ++++
 includes/pages/user_atom.php | 39 +++++++++++++++++++++++++++++++++++++++
 public/index.php             |  5 +++++
 templates/layout.html        |  1 +
 4 files changed, 49 insertions(+)
 create mode 100644 db/update.d/21_Atom.php
 create mode 100644 includes/pages/user_atom.php

diff --git a/db/update.d/21_Atom.php b/db/update.d/21_Atom.php
new file mode 100644
index 00000000..f592e0e6
--- /dev/null
+++ b/db/update.d/21_Atom.php
@@ -0,0 +1,4 @@
+<?php
+mysql_query("INSERT IGNORE INTO `Privileges` (`name`, `desc`) VALUES ('atom', ' Atom news export')");
+$applied = mysql_affected_rows() > 0;
+?>
diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php
new file mode 100644
index 00000000..fd28510f
--- /dev/null
+++ b/includes/pages/user_atom.php
@@ -0,0 +1,39 @@
+<?php
+
+// publically available page to feed the news to feedreaders
+function user_atom() {
+  global $ical_shifts, $user, $DISPLAY_NEWS;
+
+  if (isset ($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key']))
+    $key = $_REQUEST['key'];
+  else
+    die("Missing key.");
+
+  $user = sql_select("SELECT * FROM `User` WHERE `ical_key`='" . sql_escape($key) . "' LIMIT 1");
+  if (count($user) == 0)
+    die("Key invalid.");
+
+  $user = $user[0];
+  $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings'])? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS));
+
+  header('Content-Type: application/atom+xml; charset=utf-8');
+  $html = '<?xml version="1.0" encoding="utf-8"?>
+<feed xmlns="http://www.w3.org/2005/Atom">
+  <title>Engelsystem</title>
+  <id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id>
+  <updated>' . date('Y-m-d\TH:i:sP', $news[0]['Datum']) . "</updated>\n";
+  foreach ($news as $news_entry) {
+    $html .= "  <entry>
+    <title>" . htmlspecialchars($news_entry['Betreff']) . "</title>
+    <link href=\"" . page_link_to_absolute("news_comments&amp;nid=") . "${news_entry['ID']}\"/>
+    <id>" . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-${news_entry['ID']}</id>
+    <updated>" . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . "</updated>
+    <summary type=\"html\">" . htmlspecialchars($news_entry['Text']) . "</summary>
+  </entry>\n";
+  }
+  $html .= "</feed>";
+  header("Content-Length: " . strlen($html));
+  echo $html;
+  die();
+}
+?>
diff --git a/public/index.php b/public/index.php
index 1773b54b..bd7e552d 100644
--- a/public/index.php
+++ b/public/index.php
@@ -40,6 +40,10 @@ if ($p == "ical") {
 	require_once ('includes/pages/user_ical.php');
 	user_ical();
 }
+elseif ($p == "atom") {
+	require_once ('includes/pages/user_atom.php');
+	user_atom();
+}
 // Recht dafür vorhanden?
 elseif (in_array($p, $privileges)) {
 	if ($p == "news") {
@@ -185,6 +189,7 @@ if (isset ($user) && $p != "admin_user_angeltypes")
 echo template_render('../templates/layout.html', array (
 	'theme' => isset ($user) ? $user['color'] : $default_theme,
 	'title' => $title,
+	'atom_link' => ($p == 'news' || $p == 'user_meetings')? '<link href="' . page_link_to('atom') . (($p == 'user_meetings')? '&amp;meetings=1' : '') . '&amp;key=' . $user['ical_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '',
 	'menu' => make_menu(),
 	'content' => $content
 ));
diff --git a/templates/layout.html b/templates/layout.html
index 695b6c9c..f6d19c6f 100644
--- a/templates/layout.html
+++ b/templates/layout.html
@@ -14,6 +14,7 @@
         <script type="text/javascript" src="css/forms.js"></script>
         <link rel="stylesheet" type="text/css" href="css/base.css" />
         <link rel="stylesheet" type="text/css" href="css/style%theme%.css" />
+        %atom_link%
     </head>
     <body class="background">
         <header>
-- 
cgit v1.2.3-54-g00ecf


From 346209fbc2a4d439f7cc5f65ac8c0bc286cfa013 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 26 Dec 2012 20:41:11 +0100
Subject: ignore more files

---
 .gitignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index e30374fe..463fa802 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,5 @@ includes_old
 www-ssl_old
 .project
 .buildpath
+.*.swp
+_vimrc_local.vim
-- 
cgit v1.2.3-54-g00ecf


From 0c9dccacfb733feb2a86324e0ec524c8f3b20697 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 26 Dec 2012 23:15:08 +0100
Subject: allow angels to sign up for shifts whose types are not selected as
 preferred in settings and auto-prefer these types

---
 includes/pages/user_shifts.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index d627e3a2..073c0d36 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -191,7 +191,7 @@ function user_shifts() {
     if (in_array('user_shifts_admin', $privileges))
       $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1");
     else
-      $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND `UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND (`AngelTypes`.`restricted` = 0 OR NOT `UserAngelTypes`.`confirm_user_id` IS NULL) LIMIT 1");
+      $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
 
     if (count($type) == 0)
       header("Location: " . page_link_to('user_shifts'));
@@ -214,13 +214,13 @@ function user_shifts() {
         $user_id = $user['UID'];
 
       // TODO: Kollisionserkennung, andere Schichten zur gleichen Uhrzeit darf der Engel auch nicht belegt haben...
-      $entries = sql_select("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']));
-      foreach ($entries as $entry)
-        if ($entry['UID'] == $user_id)
+      if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'"))
         return error("This angel does already have an entry for this shift.", true);
 
       $comment = strip_request_item_nl('comment');
       sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id));
+      if (sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `AngelTypes`.`restricted` = 0 AND `user_id` = '" . sql_escape($user_id) . "' AND `angeltype_id` = '" . sql_escape($selected_type_id) . "'") == 0)
+        sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')");
 
       success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>');
       redirect(page_link_to('user_shifts'));
-- 
cgit v1.2.3-54-g00ecf


From 7c42769ab897f7fe7903d34523a8a6a5ff6a868b Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Wed, 26 Dec 2012 19:53:27 +0100
Subject: #28 finnished logging

---
 includes/pages/admin_user.php    |  23 ++-
 includes/pages/guest_login.php   |   7 +-
 includes/pages/user_myshifts.php | 172 +++++++++--------
 includes/pages/user_news.php     |   2 +
 includes/pages/user_settings.php | 400 ++++++++++++++++++++-------------------
 includes/pages/user_shifts.php   |  26 ++-
 includes/sys_user.php            | 175 ++++++++---------
 templates/user_questions.html    |   2 +-
 8 files changed, 423 insertions(+), 384 deletions(-)

diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index a2ab7b07..a23abc0c 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -135,6 +135,7 @@ function admin_user() {
           }
         }
 
+        engelsystem_log("Set angeltypes of " . $user_source['Nick'] . " to: " . join(", ", $user_angel_type_info));
         success("Angeltypes saved.");
         redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
       }
@@ -202,19 +203,26 @@ function admin_user() {
             $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`");
 
             if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
-              $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
+              $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
+              $groups = array();
               $grouplist = array ();
-              foreach ($groups as $group)
+              foreach ($groups_source as $group) {
+                $groups[$group['UID']] = $group;
                 $grouplist[] = $group['UID'];
+              }
 
               if (!is_array($_REQUEST['groups']))
                 $_REQUEST['groups'] = array ();
 
               sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
-              foreach ($_REQUEST['groups'] as $group)
-                if (in_array($group, $grouplist))
-                sql_query("INSERT INTO `UserGroups` SET `uid`=" .
-                    sql_escape($id) . ", `group_id`=" . sql_escape($group));
+              $user_groups_info = array();
+              foreach ($_REQUEST['groups'] as $group) {
+                if (in_array($group, $grouplist)) {
+                  sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group));
+                  $user_groups_info[] = $groups[$group]['Name'];
+                }
+              }
+              engelsystem_log("Set groups of " . $user_source['Nick'] . " to: " . join(", ", $user_groups_info));
               $html .= success("Benutzergruppen gespeichert.", true);
             } else {
               $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
@@ -229,6 +237,7 @@ function admin_user() {
             sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
             sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
             sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
+            engelsystem_log("Deleted user " . $user_source['Nick']);
             $html .= success("Benutzer gelöscht!", true);
           } else {
             $html .= error("Du kannst Dich nicht selber löschen!", true);
@@ -254,12 +263,14 @@ function admin_user() {
               "WHERE `UID` = '" . sql_escape($id) .
               "' LIMIT 1;";
           sql_query($SQL);
+          engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
           $html .= success("Änderung wurde gespeichert...\n", true);
           break;
 
         case 'change_pw' :
           if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
             set_password($id, $_REQUEST['new_pw']);
+            engelsystem_log("Set new password for " . $user_source['Nick']);
             $html .= success("Passwort neu gesetzt.", true);
           } else {
             $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index db479388..073e2625 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -116,9 +116,12 @@ function guest_register() {
       set_password($user_id, $_REQUEST['password']);
 
       // Assign angel-types
-      foreach ($selected_angel_types as $selected_angel_type_id)
+      $user_angel_types_info = array();
+      foreach ($selected_angel_types as $selected_angel_type_id) {
         sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-
+        $user_angel_types_info[] = $angel_types[$selected_angel_type_id]['name'];
+      }
+      engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info));
       success(Get_Text("makeuser_writeOK4"));
       //if (!isset ($_SESSION['uid']))
       redirect(page_link_to('login'));
diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php
index 2d1981fa..d8f94b81 100644
--- a/includes/pages/user_myshifts.php
+++ b/includes/pages/user_myshifts.php
@@ -3,100 +3,98 @@
 
 // Zeigt die Schichten an, die ein Benutzer belegt
 function user_myshifts() {
-	global $LETZTES_AUSTRAGEN;
-	global $user, $privileges;
-	$msg = "";
+  global $LETZTES_AUSTRAGEN;
+  global $user, $privileges;
+  $msg = "";
 
-	if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
-		$id = $_REQUEST['id'];
-	} else {
-		$id = $user['UID'];
-	}
+  if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
+    $id = $_REQUEST['id'];
+  } else {
+    $id = $user['UID'];
+  }
 
-	list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+  list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
 
-	if ($id != $user['UID'])
-		$msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true);
+  if ($id != $user['UID'])
+    $msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true);
 
-	if (isset ($_REQUEST['reset'])) {
-		if ($_REQUEST['reset'] == "ack") {
-			user_reset_ical_key($user);
-			success("Key geändert.");
-			redirect(page_link_to('user_myshifts'));
-		}
-		return template_render('../templates/user_myshifts_reset.html', array ());
-	}
-	elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
-		$id = $_REQUEST['edit'];
-		$shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
-		if (count($shift) > 0) {
-			$shift = $shift[0];
+  if (isset ($_REQUEST['reset'])) {
+    if ($_REQUEST['reset'] == "ack") {
+      user_reset_ical_key($user);
+      success("Key geändert.");
+      redirect(page_link_to('user_myshifts'));
+    }
+    return template_render('../templates/user_myshifts_reset.html', array ());
+  }
+  elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
+    $id = $_REQUEST['edit'];
+    $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
+    if (count($shift) > 0) {
+      $shift = $shift[0];
 
-			if (isset ($_REQUEST['submit'])) {
-				$comment = strip_request_item_nl('comment');
-				sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+      if (isset ($_REQUEST['submit'])) {
+        $comment = strip_request_item_nl('comment');
+        $user_source = User($shift['UID']);
+        sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+        engelsystem_log("Updated " . $user_source['Nick'] . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment);
+        success("Schicht gespeichert.");
+        redirect(page_link_to('user_myshifts'));
+      }
 
-				success("Schicht gespeichert.");
-				redirect(page_link_to('user_myshifts'));
-			}
+      return template_render('../templates/user_shifts_add.html', array (
+        'angel' => $shifts_user['Nick'],
+        'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
+        'location' => $shift['Name'],
+        'title' => $shift['name'],
+        'type' => $shift['angel_type'],
+        'comment' => $shift['Comment']
+      ));
+    } else
+      redirect(page_link_to('user_myshifts'));
+  }
+  elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
+    $id = $_REQUEST['cancel'];
+    $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
+    if (count($shift) > 0) {
+      $shift = $shift[0];
+      if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
+        sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+        $msg .= success(Get_Text("pub_myshifts_signed_off"), true);
+      } else
+        $msg .= error(Get_Text("pub_myshifts_too_late"), true);
+    } else
+      redirect(page_link_to('user_myshifts'));
+  }
+  $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
 
-			return template_render('../templates/user_shifts_add.html', array (
-				'angel' => $shifts_user['Nick'],
-				'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
-				'location' => $shift['Name'],
-				'title' => $shift['name'],
-				'type' => $shift['angel_type'],
-				'comment' => $shift['Comment']
-			));
-		} else
-			redirect(page_link_to('user_myshifts'));
-	}
-	elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
-		$id = $_REQUEST['cancel'];
-		$shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
-		if (count($shift) > 0) {
-			$shift = $shift[0];
-			if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
-				sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-				$msg .= success(Get_Text("pub_myshifts_signed_off"), true);
-			} else
-				$msg .= error(Get_Text("pub_myshifts_too_late"), true);
-		} else
-			redirect(page_link_to('user_myshifts'));
-	}
-	$shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
+  $html = "";
+  foreach ($shifts as $shift) {
+    if (time() > $shift['end'])
+      $html .= '<tr class="done">';
+    else
+      $html .= '<tr>';
+    $html .= '<td>' . date("Y-m-d", $shift['start']) . '</td>';
+    $html .= '<td>' . date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '</td>';
+    $html .= '<td>' . $shift['Name'] . '</td>';
+    $html .= '<td>' . $shift['name'] . '</td>';
+    $html .= '<td>' . $shift['Comment'] . '</td>';
+    $html .= '<td>';
+    $html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">' . Get_Text('edit') . '</a>';
+    if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 3600)
+      $html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">' . Get_Text('sign_off') . '</a>';
+    $html .= '</td>';
+    $html .= '</tr>';
+  }
+  if ($html == "")
+    $html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
 
-	$html = "";
-	foreach ($shifts as $shift) {
-		if (time() > $shift['end'])
-			$html .= '<tr class="done">';
-		else
-			$html .= '<tr>';
-		$html .= '<td>' . date("Y-m-d", $shift['start']) . '</td>';
-		$html .= '<td>' . date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '</td>';
-		$html .= '<td>' . $shift['Name'] . '</td>';
-		$html .= '<td>' . $shift['name'] . '</td>';
-		$html .= '<td>' . $shift['Comment'] . '</td>';
-		$html .= '<td>';
-		$html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">' . Get_Text('edit') . '</a>';
-		if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 3600)
-			$html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">' . Get_Text('sign_off') . '</a>';
-		$html .= '</td>';
-		$html .= '</tr>';
-	}
-	if ($html == "")
-		$html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
-
-	if ($shifts_user['ical_key'] == "")
-		user_reset_ical_key($shifts_user);
-
-	return msg().template_render('../templates/user_myshifts.html', array (
-		'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
-		'shifts' => $html,
-		'msg' => $msg,
-		'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
-			page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
-			page_link_to('user_myshifts') . '&reset'),
-));
+  return msg().template_render('../templates/user_myshifts.html', array (
+    'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
+    'shifts' => $html,
+    'msg' => $msg,
+    'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
+        page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
+        page_link_to('user_myshifts') . '&reset'),
+  ));
 }
 ?>
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php
index fcf2437c..95cc345e 100644
--- a/includes/pages/user_news.php
+++ b/includes/pages/user_news.php
@@ -58,6 +58,7 @@ function user_news_comments() {
     if (isset ($_REQUEST["text"])) {
       $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
       sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
+      engelsystem_log("Created news_comment: " . $text);
       $html .= success("Eintrag wurde gespeichert", true);
     }
 
@@ -114,6 +115,7 @@ function user_news() {
     sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
         "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
         "', '" . sql_escape($_POST["treffen"]) . "');");
+    engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
     $html .= success(Get_Text(4), true);
   }
 
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php
index 14dcf96f..70033d18 100644
--- a/includes/pages/user_settings.php
+++ b/includes/pages/user_settings.php
@@ -1,201 +1,207 @@
 <?php
 function user_settings() {
-	global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
-	global $user;
-
-	$msg = "";
-	$nick = $user['Nick'];
-	$lastname = $user['Name'];
-	$prename = $user['Vorname'];
-	$age = $user['Alter'];
-	$tel = $user['Telefon'];
-	$dect = $user['DECT'];
-	$mobile = $user['Handy'];
-	$mail = $user['email'];
-	$icq = $user['ICQ'];
-	$jabber = $user['jabber'];
-	$hometown = $user['Hometown'];
-	$tshirt_size = $user['Size'];
-	$password_hash = "";
-	$selected_theme = $user['color'];
-	$selected_language = $user['Sprache'];
-
-	$selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
-	$selected_angel_types = array ();
-	foreach ($selected_angel_types_source as $selected_angel_type)
-		$selected_angel_types[] = $selected_angel_type['angeltype_id'];
-
-	$angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
-	$angel_types = array ();
-	foreach ($angel_types_source as $angel_type)
-		$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
-
-	if (isset ($_REQUEST['submit'])) {
-		$ok = true;
-
-		if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
-			$nick = strip_request_item('nick');
-			if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
-				$ok = false;
-				$msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
-			}
-		} else {
-			$ok = false;
-			$msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
-		}
-
-		if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
-			$mail = strip_request_item('mail');
-			if (!check_email($mail)) {
-				$ok = false;
-				$msg .= error(Get_Text("makeuser_error_mail"), true);
-			}
-		} else {
-			$ok = false;
-			$msg .= error("Please enter your e-mail.", true);
-		}
-
-		if (isset ($_REQUEST['icq']))
-			$icq = strip_request_item('icq');
-		if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
-			$jabber = strip_request_item('jabber');
-			if (!check_email($jabber)) {
-				$ok = false;
-				$msg .= error("Please check your jabber.", true);
-			}
-		}
-
-		if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
-			$tshirt_size = $_REQUEST['tshirt_size'];
-		else {
-			$ok = false;
-		}
-
-		$selected_angel_types = array ();
-		foreach ($angel_types as $angel_type_id => $angel_type_name)
-			if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
-				$selected_angel_types[] = $angel_type_id;
-
-		// Trivia
-		if (isset ($_REQUEST['lastname']))
-			$lastname = strip_request_item('lastname');
-		if (isset ($_REQUEST['prename']))
-			$prename = strip_request_item('prename');
-		if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
-			$age = strip_request_item('age');
-		if (isset ($_REQUEST['tel']))
-			$tel = strip_request_item('tel');
-		if (isset ($_REQUEST['dect']))
-			$dect = strip_request_item('dect');
-		if (isset ($_REQUEST['mobile']))
-			$mobile = strip_request_item('mobile');
-		if (isset ($_REQUEST['hometown']))
-			$hometown = strip_request_item('hometown');
-
-		if ($ok) {
-			sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
-			"', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
-			"', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
-			"', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
-			// Assign angel-types
-			foreach ($angel_types_source as $angel_type)
-				if (!in_array($angel_type['id'], $selected_angel_types))
-					sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
-
-			foreach ($selected_angel_types as $selected_angel_type_id)
-				if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
-					sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-
-			success("Settings saved.");
-			redirect(page_link_to('user_settings'));
-		}
-	}
-	elseif (isset ($_REQUEST['submit_password'])) {
-		$ok = true;
-
-		if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
-			$msg .= error(Get_Text(30), true);
-		elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
-			$msg .= error(Get_Text("makeuser_error_password2"));
-		elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
-			$msg .= error(Get_Text("makeuser_error_password1"), true);
-		elseif(set_password($user['UID'], $_REQUEST['new_password']))
-			success("Password saved.");
-		else
-			error("Failed setting password.");
-		redirect(page_link_to('user_settings'));
-	}
-	elseif (isset ($_REQUEST['submit_theme'])) {
-		$ok = true;
-
-		if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
-			$selected_theme = $_REQUEST['theme'];
-		else
-			$ok = false;
-
-		if ($ok) {
-			sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
-			success("Theme changed.");
-			redirect(page_link_to('user_settings'));
-		}
-	}
-	elseif (isset ($_REQUEST['submit_language'])) {
-		$ok = true;
-
-		if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
-			$selected_language = $_REQUEST['language'];
-		else
-			$ok = false;
-
-		if ($ok) {
-			sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
-			$_SESSION['Sprache'] = $selected_language;
-
-			success("Language changed.");
-			redirect(page_link_to('user_settings'));
-		}
-	}
-
-	return page(array (
-		sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
-		$msg,
-		msg(),
-		form(array (
-			form_info("", Get_Text("pub_einstellungen_Text_UserData")),
-			form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
-			form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
-			form_text('prename', Get_Text("makeuser_Vorname"), $prename),
-			form_text('age', Get_Text("makeuser_Alter"), $age),
-			form_text('tel', Get_Text("makeuser_Telefon"), $tel),
-			form_text('dect', Get_Text("makeuser_DECT"), $dect),
-			form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
-			form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
-			form_text('icq', "ICQ", $icq),
-			form_text('jabber', "Jabber", $jabber),
-			form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
-			$enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
-			form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
-			form_submit('submit', Get_Text("save"))
-		)),
-		form(array (
-			form_info("", Get_Text(14)),
-			form_password('password', Get_Text(15)),
-			form_password('new_password', Get_Text(16)),
-			form_password('new_password2', Get_Text(17)),
-			form_submit('submit_password', Get_Text("save"))
-		)),
-		form(array (
-			form_info("", Get_Text(18)),
-			form_select('theme', Get_Text(19), $themes, $selected_theme),
-			form_submit('submit_theme', Get_Text("save"))
-		)),
-		form(array (
-			form_info("", Get_Text(20)),
-			form_select('language', Get_Text(21), $languages, $selected_language),
-			form_submit('submit_language', Get_Text("save"))
-		))
-	));
+  global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
+  global $user;
+
+  $msg = "";
+  $nick = $user['Nick'];
+  $lastname = $user['Name'];
+  $prename = $user['Vorname'];
+  $age = $user['Alter'];
+  $tel = $user['Telefon'];
+  $dect = $user['DECT'];
+  $mobile = $user['Handy'];
+  $mail = $user['email'];
+  $icq = $user['ICQ'];
+  $jabber = $user['jabber'];
+  $hometown = $user['Hometown'];
+  $tshirt_size = $user['Size'];
+  $password_hash = "";
+  $selected_theme = $user['color'];
+  $selected_language = $user['Sprache'];
+
+  $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
+  $selected_angel_types = array ();
+  foreach ($selected_angel_types_source as $selected_angel_type)
+    $selected_angel_types[] = $selected_angel_type['angeltype_id'];
+
+  $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
+  $angel_types = array ();
+  foreach ($angel_types_source as $angel_type)
+    $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
+
+  if (isset ($_REQUEST['submit'])) {
+    $ok = true;
+
+    if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
+      $nick = strip_request_item('nick');
+      if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
+        $ok = false;
+        $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
+      }
+    } else {
+      $ok = false;
+      $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
+    }
+
+    if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
+      $mail = strip_request_item('mail');
+      if (!check_email($mail)) {
+        $ok = false;
+        $msg .= error(Get_Text("makeuser_error_mail"), true);
+      }
+    } else {
+      $ok = false;
+      $msg .= error("Please enter your e-mail.", true);
+    }
+
+    if (isset ($_REQUEST['icq']))
+      $icq = strip_request_item('icq');
+    if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
+      $jabber = strip_request_item('jabber');
+      if (!check_email($jabber)) {
+        $ok = false;
+        $msg .= error("Please check your jabber.", true);
+      }
+    }
+
+    if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
+      $tshirt_size = $_REQUEST['tshirt_size'];
+    else {
+      $ok = false;
+    }
+
+    $selected_angel_types = array ();
+    foreach ($angel_types as $angel_type_id => $angel_type_name)
+      if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
+      $selected_angel_types[] = $angel_type_id;
+
+    // Trivia
+    if (isset ($_REQUEST['lastname']))
+      $lastname = strip_request_item('lastname');
+    if (isset ($_REQUEST['prename']))
+      $prename = strip_request_item('prename');
+    if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
+      $age = strip_request_item('age');
+    if (isset ($_REQUEST['tel']))
+      $tel = strip_request_item('tel');
+    if (isset ($_REQUEST['dect']))
+      $dect = strip_request_item('dect');
+    if (isset ($_REQUEST['mobile']))
+      $mobile = strip_request_item('mobile');
+    if (isset ($_REQUEST['hometown']))
+      $hometown = strip_request_item('hometown');
+
+    if ($ok) {
+      sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
+          "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
+          "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
+          "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
+
+      // Assign angel-types
+      $user_angel_type_info = array();
+      foreach ($angel_types_source as $angel_type) {
+        if (!in_array($angel_type['id'], $selected_angel_types))
+          sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
+        else
+          $user_angel_type_info[] = $angel_type['name'];
+      }
+
+      foreach ($selected_angel_types as $selected_angel_type_id) {
+        if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
+          sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
+      }
+
+      engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));
+      success("Settings saved.");
+      redirect(page_link_to('user_settings'));
+    }
+  }
+  elseif (isset ($_REQUEST['submit_password'])) {
+    $ok = true;
+
+    if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
+      $msg .= error(Get_Text(30), true);
+    elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
+    $msg .= error(Get_Text("makeuser_error_password2"));
+    elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
+    $msg .= error(Get_Text("makeuser_error_password1"), true);
+    elseif(set_password($user['UID'], $_REQUEST['new_password']))
+    success("Password saved.");
+    else
+      error("Failed setting password.");
+    redirect(page_link_to('user_settings'));
+  }
+  elseif (isset ($_REQUEST['submit_theme'])) {
+    $ok = true;
+
+    if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
+      $selected_theme = $_REQUEST['theme'];
+    else
+      $ok = false;
+
+    if ($ok) {
+      sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
+
+      success("Theme changed.");
+      redirect(page_link_to('user_settings'));
+    }
+  }
+  elseif (isset ($_REQUEST['submit_language'])) {
+    $ok = true;
+
+    if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
+      $selected_language = $_REQUEST['language'];
+    else
+      $ok = false;
+
+    if ($ok) {
+      sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
+      $_SESSION['Sprache'] = $selected_language;
+
+      success("Language changed.");
+      redirect(page_link_to('user_settings'));
+    }
+  }
+
+  return page(array (
+    sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
+    $msg,
+    msg(),
+    form(array (
+      form_info("", Get_Text("pub_einstellungen_Text_UserData")),
+      form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
+      form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
+      form_text('prename', Get_Text("makeuser_Vorname"), $prename),
+      form_text('age', Get_Text("makeuser_Alter"), $age),
+      form_text('tel', Get_Text("makeuser_Telefon"), $tel),
+      form_text('dect', Get_Text("makeuser_DECT"), $dect),
+      form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
+      form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
+      form_text('icq', "ICQ", $icq),
+      form_text('jabber', "Jabber", $jabber),
+      form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
+      $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
+      form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
+      form_submit('submit', Get_Text("save"))
+    )),
+    form(array (
+      form_info("", Get_Text(14)),
+      form_password('password', Get_Text(15)),
+      form_password('new_password', Get_Text(16)),
+      form_password('new_password2', Get_Text(17)),
+      form_submit('submit_password', Get_Text("save"))
+    )),
+    form(array (
+      form_info("", Get_Text(18)),
+      form_select('theme', Get_Text(19), $themes, $selected_theme),
+      form_submit('submit_theme', Get_Text("save"))
+    )),
+    form(array (
+      form_info("", Get_Text(20)),
+      form_select('language', Get_Text(21), $languages, $selected_language),
+      form_submit('submit_language', Get_Text("save"))
+    ))
+  ));
 }
 ?>
diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index d627e3a2..3fb8e91f 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -9,8 +9,15 @@ function user_shifts() {
     else
       redirect(page_link_to('user_shifts'));
 
-    sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
-    success("Der Schicht-Eintrag wurde gelöscht.");
+    $shift_entry_source = sql_select("SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id) . " LIMIT 1");
+    if(count($shift_entry_source)  > 0) {
+      $shift_entry_source = $shift_entry_source[0];
+      sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
+
+      engelsystem_log("Deleted " . $shift_entry_source['Nick'] . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("y-m-d H:i", $shift_entry_source['start']) . " to " . date("y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
+      success("Der Schicht-Eintrag wurde gelöscht.");
+    }
+    else error("Entry not found.");
     redirect(page_link_to('user_shifts'));
   }
   // Schicht bearbeiten
@@ -43,9 +50,12 @@ function user_shifts() {
 
     // Engeltypen laden
     $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
+    $angel_types = array();
     $needed_angel_types = array ();
-    foreach ($types as $type)
+    foreach ($types as $type) {
+      $angel_types[$type['id']] = $type;
       $needed_angel_types[$type['id']] = 0;
+    }
 
     // Benötigte Engeltypen vom Raum
     $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`");
@@ -110,8 +120,13 @@ function user_shifts() {
       if ($ok) {
         sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
         sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
-        foreach ($needed_angel_types as $type_id => $count)
+        $needed_angel_types_info = array();
+        foreach ($needed_angel_types as $type_id => $count) {
           sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
+          $needed_angel_types_info[] = $angel_types[$type_id];
+        }
+
+        engelsystem_log("Updated shift " . $name . " from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
         success("Schicht gespeichert.");
         redirect(page_link_to('user_shifts'));
       }
@@ -155,6 +170,7 @@ function user_shifts() {
       sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
       sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
 
+      engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
       success("Die Schicht wurde gelöscht.");
       redirect(page_link_to('user_shifts'));
     }
@@ -222,6 +238,8 @@ function user_shifts() {
       $comment = strip_request_item_nl('comment');
       sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id));
 
+      $user_source = User($user_id);
+      engelsystem_log("User " . $user_source['Nick'] . " signed up for shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
       success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>');
       redirect(page_link_to('user_shifts'));
     }
diff --git a/includes/sys_user.php b/includes/sys_user.php
index 20d9eca0..88002706 100644
--- a/includes/sys_user.php
+++ b/includes/sys_user.php
@@ -6,125 +6,126 @@
  */
 $tshirt_sizes = array (
   '' => "Please select...",
-	'S' => "S",
-	'M' => "M",
-	'L' => "L",
-	'XL' => "XL",
-	'2XL' => "2XL",
-	'3XL' => "3XL",
-	'4XL' => "4XL",
-	'5XL' => "5XL",
-	'S-G' => "S Girl",
-	'M-G' => "M Girl",
-	'L-G' => "L Girl",
-	'XL-G' => "XL Girl"
+  'S' => "S",
+  'M' => "M",
+  'L' => "L",
+  'XL' => "XL",
+  '2XL' => "2XL",
+  '3XL' => "3XL",
+  '4XL' => "4XL",
+  '5XL' => "5XL",
+  'S-G' => "S Girl",
+  'M-G' => "M Girl",
+  'L-G' => "L Girl",
+  'XL-G' => "XL Girl"
 );
 
 function user_reset_ical_key($user) {
-	$user['ical_key'] = md5($user['Nick'] . time() . rand());
-	sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
+  $user['ical_key'] = md5($user['Nick'] . time() . rand());
+  sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
+  engelsystem_log("iCal key resetted.");
 }
 
 function UID2Nick($UID) {
-	if ($UID > 0)
-		$SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
-	else
-		$SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
-
-	$Erg = sql_select($SQL);
-
-	if (count($Erg) > 0) {
-		if ($UID > 0)
-			return $Erg[0]['Nick'];
-		else
-			return "Group-" . $Erg[0]['Name'];
-	} else {
-		if ($UID == -1)
-			return "Guest";
-		else
-			return "UserID $UID not found";
-	}
+  if ($UID > 0)
+    $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
+  else
+    $SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
+
+  $Erg = sql_select($SQL);
+
+  if (count($Erg) > 0) {
+    if ($UID > 0)
+      return $Erg[0]['Nick'];
+    else
+      return "Group-" . $Erg[0]['Name'];
+  } else {
+    if ($UID == -1)
+      return "Guest";
+    else
+      return "UserID $UID not found";
+  }
 }
 
 function TID2Type($TID) {
-	global $con;
+  global $con;
 
-	$SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
-	$Erg = mysql_query($SQL, $con);
+  $SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
+  $Erg = mysql_query($SQL, $con);
 
-	if (mysql_num_rows($Erg))
-		return mysql_result($Erg, 0);
-	else
-		return "";
+  if (mysql_num_rows($Erg))
+    return mysql_result($Erg, 0);
+  else
+    return "";
 }
 
 function ReplaceSmilies($neueckig) {
-	$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
-	$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
-	$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
-	$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
-	$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
-	$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-	$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-	$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-	$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
-	$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-	$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-	$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-	$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
-	$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
-	$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-	$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-	$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-	$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
-	$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
-	$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
-
-	return $neueckig;
+  $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
+  $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
+  $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
+  $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
+  $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
+  $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+  $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+  $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+  $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
+  $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+  $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+  $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+  $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
+  $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
+  $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+  $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+  $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+  $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
+  $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
+  $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
+
+  return $neueckig;
 }
 
 function GetPictureShow($UID) {
-	global $con;
+  global $con;
 
-	$SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
-	$res = mysql_query($SQL, $con);
+  $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
+  $res = mysql_query($SQL, $con);
 
-	if (mysql_num_rows($res) == 1)
-		return mysql_result($res, 0, 0);
-	else
-		return "";
+  if (mysql_num_rows($res) == 1)
+    return mysql_result($res, 0, 0);
+  else
+    return "";
 }
 
 function displayPicture($UID, $height = "30") {
-	global $url, $ENGEL_ROOT;
+  global $url, $ENGEL_ROOT;
 
-	if ($height > 0)
-		return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
-	else
-		return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
+  if ($height > 0)
+    return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
+  else
+    return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
 }
 
 function displayavatar($UID, $height = "30") {
-	global $con, $url, $ENGEL_ROOT;
+  global $con, $url, $ENGEL_ROOT;
 
-	if (GetPictureShow($UID) == 'Y')
-		return "&nbsp;" . displayPicture($UID, $height);
+  if (GetPictureShow($UID) == 'Y')
+    return "&nbsp;" . displayPicture($UID, $height);
 
-	$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
-	if (count($user) > 0)
-		if ($user[0]['Avatar'] > 0)
-			return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
+  $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
+  if (count($user) > 0)
+    if ($user[0]['Avatar'] > 0)
+    return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
 }
 
 function UIDgekommen($UID) {
-	global $con;
+  global $con;
 
-	$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
-	$Erg = mysql_query($SQL, $con);
+  $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
+  $Erg = mysql_query($SQL, $con);
 
-	if (mysql_num_rows($Erg))
-		return mysql_result($Erg, 0);
-	else
-		return "0";
+  if (mysql_num_rows($Erg))
+    return mysql_result($Erg, 0);
+  else
+    return "0";
 }
 ?>
diff --git a/templates/user_questions.html b/templates/user_questions.html
index 4cbe0338..0167ba6d 100644
--- a/templates/user_questions.html
+++ b/templates/user_questions.html
@@ -43,7 +43,7 @@
 </table>
 <hr/>
 <p>
-    Frage einen Orga:
+    Frage einen Erzengel:
 </p>
 <form action="%link%&action=ask" method="post">
     <table>
-- 
cgit v1.2.3-54-g00ecf


From 74098af09d11d0af1292b17e6df0483a303b6cce Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Wed, 26 Dec 2012 20:36:31 +0100
Subject: #28 finnished logging

---
 includes/model/LogEntries_model.php |  7 ++-
 includes/pages/admin_log.php        | 86 +++++++------------------------------
 public/index.php                    |  3 ++
 3 files changed, 24 insertions(+), 72 deletions(-)

diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
index d8615f0e..5659c0ee 100644
--- a/includes/model/LogEntries_model.php
+++ b/includes/model/LogEntries_model.php
@@ -6,10 +6,15 @@
  * @param $message Log Message
  */
 function LogEntry_create($nick, $message) {
-  $timestamp = date();
+  $timestamp = time();
 
   sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
 }
 
+function LogEntries() {
+  $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " LIMIT 1000");
+  return $log_entries_source;
+}
+
 
 ?>
\ No newline at end of file
diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php
index 4a29a496..ce30a246 100644
--- a/includes/pages/admin_log.php
+++ b/includes/pages/admin_log.php
@@ -1,76 +1,20 @@
 <?php
 function admin_log() {
-	require_once ("includes/funktion_db_list.php");
-
-	$html = "";
-	$SQL = "SELECT * FROM `ChangeLog` ORDER BY `Time` DESC LIMIT 0,10000";
-	$Erg = sql_query($SQL);
-
-	if (mysql_num_rows($Erg) > 0) {
-		$html .= "<table border=1>\n";
-		$html .= "<tr>\n\t<th>Time</th>\n\t<th>User</th>\n\t<th>Commend</th>\n\t<th>SQL Command</th>\n</tr>\n";
-		for ($n = 0; $n < mysql_num_rows($Erg); $n++) {
-			$html .= "<tr>\n";
-			$html .= "\t<td>" . mysql_result($Erg, $n, "Time") . "</td>\n";
-			$html .= "\t<td>" . UID2Nick(mysql_result($Erg, $n, "UID")) . displayavatar(mysql_result($Erg, $n, "UID")) . "</td>\n";
-			$html .= "\t<td>" . mysql_result($Erg, $n, "Commend") . "</td>\n";
-			$html .= "\t<td>" . mysql_result($Erg, $n, "SQLCommad") . "</td>\n";
-			$html .= "</tr>\n";
-		}
-		$html .= "</table>\n";
-	} else {
-		$html .= "Log is empty...";
-	}
-	$html .= "<hr />";
-
-	$html .= "<h1>Web Counter</h1>";
-	$html .= funktion_db_list("Counter");
-
-	/*
-	$html .= "<h1>Raeume</h1> <br />";
-	funktion_db_list("Raeume");
-	
-	$html .= "<h1>Schichtbelegung</h1> <br />";
-	funktion_db_list("Schichtbelegung");
-	
-	$html .= "<h1>Schichtplan</h1> <br />Hier findest du alle bisher eingetragenen Schichten:";
-	funktion_db_list("Schichtplan");
-	
-	$html .= "<h1>User</h1> <br />";
-	funktion_db_list("User");
-	
-	$html .= "<h1>News</h1> <br />";
-	funktion_db_list("News");
-	
-	$html .= "<h1>FAQ</h1> <br />";
-	funktion_db_list("FAQ");
-	
-	$html .= "Deaktiviert";
-	*/
-
-	$html .= "<hr>\n";
-	$html .= funktion_db_element_list_2row("Tshirt-Size aller engel", "SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`");
-	$html .= "<br />\n";
-	$html .= funktion_db_element_list_2row("Tshirt ausgegeben", "SELECT `Size`, COUNT(`Size`) FROM `User` WHERE `Tshirt`='1' GROUP BY `Size`");
-	$html .= "<br />\n";
-	$html .= funktion_db_element_list_2row("Tshirt nicht  ausgegeben (Gekommen=1)", "SELECT COUNT(`Size`), `Size` FROM `User` WHERE `Gekommen`='1' and `Tshirt`='0' GROUP BY `Size`");
-
-	$html .= "<hr>\n";
-	$html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`");
-	$html .= "<br />\n";
-	$html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`");
-
-	$html .= "<hr>\n";
-	$html .= funktion_db_element_list_2row("Gesamte Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID)");
-	$html .= "<br />\n";
-	$html .= funktion_db_element_list_2row("Geleistete Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0)");
-
-	$html .= "<hr>\n";
-	$html .= funktion_db_element_list_2row("Gesamte Arbeit (Ohne Raum Aufbau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (Shifts.RID!=7)");
-	$html .= "<br />\n";
-	$html .= funktion_db_element_list_2row("Geleistete Arbeit (Ohne Raum Aufbau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0) AND (Shifts.RID!=7)");
-
-	return $html;
+  $log_entries_source = LogEntries();
+  $log_entries = array();
+  foreach($log_entries_source as $log_entry) {
+    $log_entry['date'] = date("H:i", $log_entry['timestamp']);
+    $log_entries[] = $log_entry;
+  }
+
+  return page(array(
+    msg(),
+    table(array(
+      'date' => "Time",
+      'nick' => "Angel",
+      'message' => "Log Entry"
+    ), $log_entries)
+  ));
 }
 ?>
 
diff --git a/public/index.php b/public/index.php
index bd7e552d..a7efbd86 100644
--- a/public/index.php
+++ b/public/index.php
@@ -11,6 +11,9 @@ require_once ('includes/sys_shift.php');
 require_once ('includes/sys_template.php');
 require_once ('includes/sys_user.php');
 
+require_once ('includes/model/LogEntries_model.php');
+require_once ('includes/model/User_model.php');
+
 require_once ('config/config.php');
 require_once ('config/config_db.php');
 
-- 
cgit v1.2.3-54-g00ecf


From 12fb781946ee73e6fdabe11dee236597270f5e00 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Thu, 27 Dec 2012 02:07:49 +0100
Subject: #28 finnished logging

---
 includes/pages/admin_user.php | 25 +++++++++----------------
 1 file changed, 9 insertions(+), 16 deletions(-)

diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index a23abc0c..8d900c1b 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -110,10 +110,13 @@ function admin_user() {
         // Assign angel-types
         sql_start_transaction();
         sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
+        $user_angel_type_info = array();
         if (!empty($selected_angel_types)) {
           $SQL = "INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ";
-          foreach ($selected_angel_types as $selected_angel_type_id)
-            $SQL .= "(${user_source['UID']}, ${selected_angel_type_id}),";
+          foreach ($selected_angel_types as $selected_angel_type_id) {
+            $SQL .= "(" . $user_source['UID'] . ", " . $selected_angel_type_id . "),";
+            $user_angel_type_info[] = $angel_types[$selected_angel_type_id] . (in_array($selected_angel_type_id, $accepted_angel_types) ? ' (confirmed)' : '');
+          }
           // remove superfluous comma
           $SQL = substr($SQL, 0, -1);
           sql_query($SQL);
@@ -125,16 +128,6 @@ function admin_user() {
         }
         sql_stop_transaction();
 
-        foreach ($selected_angel_types as $selected_angel_type_id) {
-          if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) {
-            if (in_array("admin_user_angeltypes", $privileges)) {
-              sql_query("INSERT INTO `UserAngelTypes` SET `confirm_user_id`=" . sql_escape($user['UID']) . ", `user_id`=" . sql_escape($user_source['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-            } else {
-              sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_source['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-            }
-          }
-        }
-
         engelsystem_log("Set angeltypes of " . $user_source['Nick'] . " to: " . join(", ", $user_angel_type_info));
         success("Angeltypes saved.");
         redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
@@ -143,10 +136,10 @@ function admin_user() {
       $html .= form(array (
         msg(),
         form_multi_checkboxes(array('selected_angel_types' => 'gewünscht', 'accepted_angel_types' => 'akzeptiert'),
-          "Angeltypes",
-          $angel_types,
-          array('selected_angel_types' => $selected_angel_types, 'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types)),
-          array('accepted_angel_types' => $nonrestricted_angel_types)),
+            "Angeltypes",
+            $angel_types,
+            array('selected_angel_types' => $selected_angel_types, 'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types)),
+            array('accepted_angel_types' => $nonrestricted_angel_types)),
         form_submit('submit_user_angeltypes', Get_Text("Save"))
       ));
 
-- 
cgit v1.2.3-54-g00ecf


From 29a6f020e6a1a8e900239b9855f553e62a00dc26 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Thu, 27 Dec 2012 02:18:02 +0100
Subject: #28 finnished logging, fixes, inverted log order

---
 includes/model/LogEntries_model.php      | 2 +-
 includes/pages/admin_user_angeltypes.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
index 5659c0ee..95ecf6cd 100644
--- a/includes/model/LogEntries_model.php
+++ b/includes/model/LogEntries_model.php
@@ -12,7 +12,7 @@ function LogEntry_create($nick, $message) {
 }
 
 function LogEntries() {
-  $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " LIMIT 1000");
+  $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000");
   return $log_entries_source;
 }
 
diff --git a/includes/pages/admin_user_angeltypes.php b/includes/pages/admin_user_angeltypes.php
index 38c4d9c8..ba9a825b 100644
--- a/includes/pages/admin_user_angeltypes.php
+++ b/includes/pages/admin_user_angeltypes.php
@@ -8,7 +8,7 @@ function admin_user_angeltypes() {
   global $privileges;
 
   if (isset ($_REQUEST['confirm']) && test_request_int('confirm') && sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " AND `confirm_user_id` IS NULL") > 0) {
-    $user_angel_type_source = sql_select("SELECT `UserAngelTypes`.*, `User`.`Nick`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `User` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `AngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " LIMIT 1");
+    $user_angel_type_source = sql_select("SELECT `UserAngelTypes`.*, `User`.`Nick`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `User` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `AngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` WHERE `UserAngelTypes`.`id`=" . sql_escape($_REQUEST['confirm']) . " LIMIT 1");
     if(count($user_angel_type_source) > 0) {
       sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id`=" . sql_escape($_SESSION['uid']) . " WHERE `id`=" . sql_escape($_REQUEST['confirm']) . " LIMIT 1");
       engelsystem_log("Confirmed " . $user_angel_type_source[0]['Nick'] . " as " . $user_angel_type_source[0]['name']);
@@ -19,7 +19,7 @@ function admin_user_angeltypes() {
   }
 
   if (isset ($_REQUEST['discard']) && test_request_int('discard') && sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " AND `confirm_user_id` IS NULL") > 0) {
-    $user_angel_type_source = sql_select("SELECT `UserAngelTypes`.*, `User`.`Nick`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `User` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `AngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " LIMIT 1");
+    $user_angel_type_source = sql_select("SELECT `UserAngelTypes`.*, `User`.`Nick`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `User` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `AngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` WHERE `UserAngelTypes`.`id`=" . sql_escape($_REQUEST['discard']) . " LIMIT 1");
     if(count($user_angel_type_source) > 0) {
       sql_query("DELETE FROM `UserAngelTypes` WHERE `id`=" . sql_escape($_REQUEST['discard']) . " LIMIT 1");
       engelsystem_log("Discarded " . $user_angel_type_source[0]['Nick'] . " as " . $user_angel_type_source[0]['name']);
-- 
cgit v1.2.3-54-g00ecf


From 26ffee4a96f08aa58a348d11674f6fd29c1498b0 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Thu, 27 Dec 2012 02:18:56 +0100
Subject: #28 logging doku

---
 includes/model/LogEntries_model.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
index 95ecf6cd..f8a552f2 100644
--- a/includes/model/LogEntries_model.php
+++ b/includes/model/LogEntries_model.php
@@ -11,6 +11,9 @@ function LogEntry_create($nick, $message) {
   sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
 }
 
+/**
+ * Returns log entries of the last 24 hours with maximum count of 1000.
+ */
 function LogEntries() {
   $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000");
   return $log_entries_source;
-- 
cgit v1.2.3-54-g00ecf


From 670cd715c559c521fe8f315fa34c00ac4f5defcb Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Thu, 27 Dec 2012 02:44:21 +0100
Subject: #28 logging doku

---
 includes/pages/user_shifts.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index c239ca71..bd7f7831 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -123,10 +123,10 @@ function user_shifts() {
         $needed_angel_types_info = array();
         foreach ($needed_angel_types as $type_id => $count) {
           sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
-          $needed_angel_types_info[] = $angel_types[$type_id];
+          $needed_angel_types_info[] = $angel_types[$type_id]['name'] . ": " . $count;
         }
 
-        engelsystem_log("Updated shift " . $name . " from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
+        engelsystem_log("Updated shift '" . $name . "' from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
         success("Schicht gespeichert.");
         redirect(page_link_to('user_shifts'));
       }
-- 
cgit v1.2.3-54-g00ecf


From 0f0f847af4c9ffe8138c802086bda7eb15f9baef Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Thu, 27 Dec 2012 02:54:57 +0100
Subject: minor fixes for logging and user editing and searching

---
 includes/pages/admin_free.php | 1 +
 includes/pages/admin_user.php | 8 +++++---
 templates/admin_free.html     | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php
index d6f4b7a0..88a96965 100644
--- a/includes/pages/admin_free.php
+++ b/includes/pages/admin_free.php
@@ -57,6 +57,7 @@ function admin_free() {
 	return template_render('../templates/admin_free.html', array (
 		'search' => $search,
 		'angeltypes' => html_select_key('angeltype', 'angeltype', $angel_types, $_REQUEST['angeltype']),
+		'confirmed_only' => isset($_REQUEST['confirmed_only'])? 'checked' : '',
 		'table' => $table,
 		'link' => page_link_to('admin_free')
 	));
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 8d900c1b..f4902e1c 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -103,9 +103,10 @@ function admin_user() {
 
       if (isset ($_REQUEST['submit_user_angeltypes'])) {
         $selected_angel_types = array_intersect($_REQUEST['selected_angel_types'], array_keys($angel_types));
-        $accepted_angel_types = array_diff(array_intersect($_REQUEST['accepted_angel_types'], array_keys($angel_types)), $nonrestricted_angel_types);
+        $accepted_angel_types = array_unique(array_diff(array_intersect($_REQUEST['accepted_angel_types'], array_keys($angel_types)), $nonrestricted_angel_types));
         if (in_array("admin_user_angeltypes", $privileges))
-          $selected_angel_types = array_merge($selected_angel_types, $accepted_angel_types);
+          $selected_angel_types = array_merge((array) $selected_angel_types, $accepted_angel_types);
+        $selected_angel_types = array_unique($selected_angel_types);
 
         // Assign angel-types
         sql_start_transaction();
@@ -227,10 +228,11 @@ function admin_user() {
 
         case 'delete' :
           if ($user['UID'] != $id) {
+            $nickname = sql_select("SELECT `Nick` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
             sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
             sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
             sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
-            engelsystem_log("Deleted user " . $user_source['Nick']);
+            engelsystem_log("Deleted user " . $nickname[0]['Nick']);
             $html .= success("Benutzer gelöscht!", true);
           } else {
             $html .= error("Du kannst Dich nicht selber löschen!", true);
diff --git a/templates/admin_free.html b/templates/admin_free.html
index 35ac1afa..ef1dccf0 100644
--- a/templates/admin_free.html
+++ b/templates/admin_free.html
@@ -1,6 +1,6 @@
 <form action="%link%" method="post">
     <p>
-        Search Angel: <input type="text" name="search" value="%search%" placeholder="Name" /> %angeltypes% <input type="submit" name="submit" value="Search" />
+        Search Angel: <input type="text" name="search" value="%search%" placeholder="Name"> %angeltypes% <label><input type="checkbox" name="confirmed_only" %confirmed_only% value="1"> Nur zugelassene</label> <input type="submit" name="submit" value="Search">
     </p>
 </form>
 <table>
-- 
cgit v1.2.3-54-g00ecf