From 0d351f47915679f98cbd93cd5d8f4d32d91a834a Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 16:56:45 +0200 Subject: admin rooms --- includes/pages/admin_rooms.php | 148 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 148 insertions(+) create mode 100644 includes/pages/admin_rooms.php (limited to 'includes/pages/admin_rooms.php') diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php new file mode 100644 index 00000000..6695d6a9 --- /dev/null +++ b/includes/pages/admin_rooms.php @@ -0,0 +1,148 @@ +\nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " . + "oder vorhandene abzuändern:

\n"; + + $html .= "Neuen Raum/Ort eintragen
\n"; + + // Räume auflisten + if (count($rooms) > 0) { + $html .= ''; + + $html .= "
\n"; + $html .= "\n"; + + // Tabellenüberschriften generieren + foreach ($rooms[0] as $attr => $tmp) + if ($attr == 'RID') + $html .= ''; + else + $html .= ''; + $html .= ''; + $html .= ''; + + foreach ($rooms as $i => $room) { + $html .= ''; + foreach ($room as $attr => $value) + if ($attr == 'RID') + $html .= ''; + else + $html .= ''; + $html .= ''; + $html .= ''; + } + + $html .= '
Anzahl: ' . count($rooms) . '' . $attr . ' 
' . ($i +1) . '' . $value . 'Edit
'; + } + } else { + switch ($_REQUEST["action"]) { + + case 'new' : + $html .= template_render('../templates/admin_rooms_new_form.html', array ( + 'link' => page_link_to("admin_rooms") + )); + break; + + case 'newsave' : + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); + $from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf'])); + $show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show'])); + $number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number'])); + sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "'"); + header("Location: " . page_link_to("admin_rooms")); + break; + + case 'change' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + + $angel_types = ""; + foreach ($room_angel_types as $room_angel_type) { + if ($room_angel_type['count'] == "") + $room_angel_type['count'] = "0"; + $angel_types .= '' . $room_angel_type['Name'] . ''; + } + + $html .= template_render('../templates/admin_rooms_edit_form.html', array ( + 'link' => page_link_to("admin_rooms"), + 'room_id' => $rid, + 'name' => $room['Name'], + 'man' => $room['Man'], + 'number' => $room['Number'], + 'from_pentabarf_options' => html_options('FromPentabarf', array ( + 'Y' => 'Yes', + 'N' => 'No' + ), $room['FromPentabarf']), + 'show_options' => html_options('Show', array ( + 'Y' => 'Yes', + 'N' => 'No' + ), $room['show']), + 'angel_types' => $angel_types + )); + } else + return error("No Room found."); + break; + + case 'changesave' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); + $from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf'])); + $show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show'])); + $number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number'])); + sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid)); + foreach ($room_angel_types as $room_angel_type) { + if (isset ($_REQUEST['angel_type_' . $room_angel_type['TID']]) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['TID']])) + $count = $_REQUEST['angel_type_' . $room_angel_type['TID']]; + else + $count = "0"; + sql_query("INSERT INTO `RoomAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count)); + } + header("Location: " . page_link_to("admin_rooms")); + } else + return error("No Room found."); + break; + + case 'delete' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) { + sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1"); + header("Location: " . page_link_to("admin_rooms")); + } else + return error("No Room found."); + break; + + } + } + return $html; +} +?> -- cgit v1.2.3-54-g00ecf From 9325d7a78adac2aeee96324fa23528f8110d198f Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 05:21:11 +0200 Subject: news refined --- includes/pages/admin_rooms.php | 11 ++--- includes/pages/user_news.php | 2 +- txt/TODO | 6 +-- www-ssl/nonpublic/news_comments.php | 86 ------------------------------------- 4 files changed, 7 insertions(+), 98 deletions(-) delete mode 100644 www-ssl/nonpublic/news_comments.php (limited to 'includes/pages/admin_rooms.php') diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 6695d6a9..be54b8ea 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -9,8 +9,6 @@ function admin_rooms() { ",
\nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " . "oder vorhandene abzuändern:

\n"; - $html .= "Neuen Raum/Ort eintragen
\n"; - // Räume auflisten if (count($rooms) > 0) { $html .= ''; @@ -20,9 +18,7 @@ function admin_rooms() { // Tabellenüberschriften generieren foreach ($rooms[0] as $attr => $tmp) - if ($attr == 'RID') - $html .= ''; - else + if ($attr != 'RID') $html .= ''; $html .= ''; $html .= ''; @@ -30,9 +26,7 @@ function admin_rooms() { foreach ($rooms as $i => $room) { $html .= ''; foreach ($room as $attr => $value) - if ($attr == 'RID') - $html .= ''; - else + if ($attr != 'RID') $html .= ''; $html .= ''; $html .= ''; @@ -40,6 +34,7 @@ function admin_rooms() { $html .= '
Anzahl: ' . count($rooms) . '' . $attr . ' 
' . ($i +1) . '' . $value . 'Edit
'; } + $html .= "
Neuen Raum/Ort eintragen
\n"; } else { switch ($_REQUEST["action"]) { diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 34c346dd..7b4f9482 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -35,7 +35,7 @@ function user_news_comments() { $html .= '« Back'; $html .= display_news($news); - $html .= '

Comments

'; + $html .= '

Kommentare

'; $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'"); foreach ($comments as $comment) { diff --git a/txt/TODO b/txt/TODO index fb1b3098..42684e23 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,5 +1,4 @@ jetzt: - * news kommentieren * news administrieren * user administrieren * schichtimport @@ -14,12 +13,13 @@ später: * MD5-Passwörter mit Salt speichern * Passwort-Mindestanforderungen stellen * User-Avatare (code liegt auskommentiert in user_settings.php) - * user_messages schön machen + * user_messages schön machen (dialogbasiert) * Formulare weg von Tabellen * Privilegien korrigieren (an die vom CVS anpassen) - * Beim Raum-Management die benötigten Engel anzeigen + * (Beim Raum-Management die benötigten Engel anzeigen) * Löschen nur mit Rückfrage * FAQ ordentlich mehrsprachig machen + * Fertig übersetzen/Sprachwirrwarr beseitigen * schichten ueber monatsgrenzen einbaue im moment werden die tage nur hochgezaehlt und die monatzgrenzen werden ignoriert diff --git a/www-ssl/nonpublic/news_comments.php b/www-ssl/nonpublic/news_comments.php deleted file mode 100644 index db95ec8c..00000000 --- a/www-ssl/nonpublic/news_comments.php +++ /dev/null @@ -1,86 +0,0 @@ -
"; - SetHeaderGo2Back(); - } - } - - $SQL = "SELECT * FROM `news_comments` WHERE `Refid`='" . $_GET["nid"] . "' ORDER BY 'ID'"; - $Erg = mysql_query($SQL, $con); - echo mysql_error($con); - - // anzahl zeilen - $news_rows = mysql_num_rows($Erg); -?> - - - - - - - - - - -"; - echo "\t\t"; - echo "\t\t"; - echo ""; - echo "\t"; - echo "\t\t"; - echo ""; - } - - echo "
DatumNick
Kommentar
"; - echo mysql_result($Erg, $n, "Datum"); - echo "\t\t"; - echo UID2Nick(mysql_result($Erg, $n, "UID")); - // avatar anzeigen? - echo DisplayAvatar(mysql_result($Erg, $n, "UID")); - echo "\t\t
"; - echo nl2br(mysql_result($Erg, $n, "Text")) . "\n"; - echo "\t\t
"; -?> - -
-
-

Neuer Kommentar:

-  - -
-"> - - - - - -
Text:
-
- -
- - -- cgit v1.2.3-54-g00ecf