From 0d351f47915679f98cbd93cd5d8f4d32d91a834a Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 16:56:45 +0200 Subject: admin rooms --- includes/pages/admin_rooms.php | 148 +++++++++++++++++++++++++++++++++++++++++ includes/pages/user_news.php | 54 +++++++-------- 2 files changed, 175 insertions(+), 27 deletions(-) create mode 100644 includes/pages/admin_rooms.php (limited to 'includes/pages') diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php new file mode 100644 index 00000000..6695d6a9 --- /dev/null +++ b/includes/pages/admin_rooms.php @@ -0,0 +1,148 @@ +\nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " . + "oder vorhandene abzuändern:

\n"; + + $html .= "Neuen Raum/Ort eintragen
\n"; + + // Räume auflisten + if (count($rooms) > 0) { + $html .= ''; + + $html .= "
\n"; + $html .= "\n"; + + // Tabellenüberschriften generieren + foreach ($rooms[0] as $attr => $tmp) + if ($attr == 'RID') + $html .= ''; + else + $html .= ''; + $html .= ''; + $html .= ''; + + foreach ($rooms as $i => $room) { + $html .= ''; + foreach ($room as $attr => $value) + if ($attr == 'RID') + $html .= ''; + else + $html .= ''; + $html .= ''; + $html .= ''; + } + + $html .= '
Anzahl: ' . count($rooms) . '' . $attr . ' 
' . ($i +1) . '' . $value . 'Edit
'; + } + } else { + switch ($_REQUEST["action"]) { + + case 'new' : + $html .= template_render('../templates/admin_rooms_new_form.html', array ( + 'link' => page_link_to("admin_rooms") + )); + break; + + case 'newsave' : + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); + $from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf'])); + $show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show'])); + $number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number'])); + sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "'"); + header("Location: " . page_link_to("admin_rooms")); + break; + + case 'change' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + + $angel_types = ""; + foreach ($room_angel_types as $room_angel_type) { + if ($room_angel_type['count'] == "") + $room_angel_type['count'] = "0"; + $angel_types .= '' . $room_angel_type['Name'] . ''; + } + + $html .= template_render('../templates/admin_rooms_edit_form.html', array ( + 'link' => page_link_to("admin_rooms"), + 'room_id' => $rid, + 'name' => $room['Name'], + 'man' => $room['Man'], + 'number' => $room['Number'], + 'from_pentabarf_options' => html_options('FromPentabarf', array ( + 'Y' => 'Yes', + 'N' => 'No' + ), $room['FromPentabarf']), + 'show_options' => html_options('Show', array ( + 'Y' => 'Yes', + 'N' => 'No' + ), $room['show']), + 'angel_types' => $angel_types + )); + } else + return error("No Room found."); + break; + + case 'changesave' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); + $from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf'])); + $show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show'])); + $number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number'])); + sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid)); + foreach ($room_angel_types as $room_angel_type) { + if (isset ($_REQUEST['angel_type_' . $room_angel_type['TID']]) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['TID']])) + $count = $_REQUEST['angel_type_' . $room_angel_type['TID']]; + else + $count = "0"; + sql_query("INSERT INTO `RoomAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count)); + } + header("Location: " . page_link_to("admin_rooms")); + } else + return error("No Room found."); + break; + + case 'delete' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) { + sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1"); + header("Location: " . page_link_to("admin_rooms")); + } else + return error("No Room found."); + break; + + } + } + return $html; +} +?> diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 7012bb99..4295edb8 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -64,43 +64,43 @@ function user_news_output() { for ($i = 1; $i <= $dis_rows; $i++) { if (!((($i * $DISPLAY_NEWS) - $_GET["news_begin"]) == $DISPLAY_NEWS)) { - $html .= "$i  "; + $html .= '' . $i . '  '; } else { $html .= "$i  "; } } $html .= ' -

-

' . Get_Text(6) . '

-   - -
- - - - - - - - - - - '; +

+

' . Get_Text(6) . '

+   + + + + +
' . Get_Text(7) . '
' . Get_Text(8) . '
+ + + + + + + + '; if (in_array('news_add_meeting', $privileges)) { $html .= ' - - - '; + + + '; } $html .= '
' . Get_Text(7) . '
' . Get_Text(8) . '
' . Get_Text(9) . '
' . Get_Text(9) . '
-
- -
'; +
+ + '; return $html; } ?> \ No newline at end of file -- cgit v1.2.3-70-g09d2