From 05410ba89afa6ed6dd669528e25c578480e3a67f Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Tue, 19 Jul 2011 19:12:36 +0200
Subject: #6 my shifts | cancel my shifts

---
 includes/pages/user_shifts.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'includes/pages/user_shifts.php')

diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index 597b652a..64fcbac5 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -44,15 +44,14 @@ function user_shifts() {
 			} else
 				$user_id = $user['UID'];
 
-
 			// TODO: Kollisionserkennung, andere Schichten zur gleichen Uhrzeit darf der Engel auch nicht belegt haben...
 			$entries = sql_select("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']));
 			foreach ($entries as $entry)
 				if ($entry['UID'] == $user_id)
 					return error("This angel does already have an entry for this shift.");
 
-			$comment = strip_request_item_nl($_REQUEST['comment']);
-			sql_query("INSERT INTO `ShiftEntry` SET `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($type_id) . ", `SID`=" . sql_escape($shift_id));
+			$comment = strip_request_item_nl('comment');
+			sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($type_id) . ", `SID`=" . sql_escape($shift_id));
 			return success("Now it's your shift. Thank you!") . '<a href="' . page_link_to('user_myshifts') . '">View my shifts &raquo;</a>';
 		}
 
@@ -96,7 +95,7 @@ function user_shifts() {
 		$shifts_table = "";
 		$row_count = 0;
 		foreach ($shifts as $shift) {
-			$shift_row = '<tr><td>' . date(($id == 0 ? "Y-m-d " : "") . "H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) .($id == 0 ? "<br />".$shift['Name'] : ""). '</td><td>' . $shift['name'] . '<br />';
+			$shift_row = '<tr><td>' . date(($id == 0 ? "Y-m-d " : "") . "H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . ($id == 0 ? "<br />" . $shift['Name'] : "") . '</td><td>' . $shift['name'] . '<br />';
 			$show_shift = false;
 			$angeltypes = sql_select("SELECT * FROM `RoomAngelTypes` JOIN `AngelTypes` ON (`RoomAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");
 
-- 
cgit v1.2.3-54-g00ecf