From a3be0289286c43d8656052217457d9162261ba90 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 00:48:29 +0200 Subject: rewrite --- includes/pages/guest_credits.php | 5 + includes/pages/guest_faq.php | 21 ++++ includes/pages/guest_login.php | 250 +++++++++++++++++++++++++++++++++++++++ includes/pages/guest_start.php | 13 ++ 4 files changed, 289 insertions(+) create mode 100644 includes/pages/guest_credits.php create mode 100644 includes/pages/guest_faq.php create mode 100644 includes/pages/guest_login.php create mode 100644 includes/pages/guest_start.php (limited to 'includes/pages') diff --git a/includes/pages/guest_credits.php b/includes/pages/guest_credits.php new file mode 100644 index 00000000..89f68fde --- /dev/null +++ b/includes/pages/guest_credits.php @@ -0,0 +1,5 @@ + \ No newline at end of file diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php new file mode 100644 index 00000000..6b5eeeeb --- /dev/null +++ b/includes/pages/guest_faq.php @@ -0,0 +1,21 @@ +', $faq['Frage']); + list ($antwort_de, $antwort_en) = explode('
', $faq['Antwort']); + $html .= "
"; + if ($_SESSION['Sprache'] == "DE") { + $html .= "
" . $frage_de . "
"; + $html .= "
" . $antwort_de . "
"; + } else { + $html .= "
" . $frage_en . "
"; + $html .= "
" . $antwort_en . "
"; + } + $html .= "
"; + } + return $html; +} +?> diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php new file mode 100644 index 00000000..76a473df --- /dev/null +++ b/includes/pages/guest_login.php @@ -0,0 +1,250 @@ + 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3"); + elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail"); + elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter"); + elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1"); + elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2"); + else { + $_POST["Passwort"] = PassCrypt($_POST["Passwort"]); + unset ($_POST["Passwort2"]); + + $Erg = sql_query("INSERT INTO `User` (" . + "`Nick` , " . "`Name` , " . + "`Vorname`, " . "`Alter` , " . + "`Telefon`, " . "`DECT`, " . + "`Handy`, " . "`email`, " . + "`ICQ`, " . "`jabber`, " . + "`Size`, " . "`Passwort`, " . + "`Art` , " . "`kommentar`, " . + "`Hometown`," . "`CreateDate` ) " . + "VALUES ( " . + "'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " . + "'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " . + "'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " . + "'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " . + "'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " . + "'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " . + "'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " . + "'" . $_POST["Hometown"] . "'," . "NOW())"); + + if ($Erg != 1) { + $html .= Get_Text("makeuser_error_write1") . "
\n"; + $error = sql_error(); + } else { + $html .= "

" . Get_Text("makeuser_writeOK") . "\n"; + + $SQL2 = "SELECT `UID` FROM `User` WHERE `Nick`='" . $_POST["Nick"] . "';"; + $Erg2 = mysql_query($SQL2, $con); + $Data = mysql_fetch_array($Erg2); + + $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('" . $Data["UID"] . "');"; + $Erg3 = mysql_query($SQL3, $con); + + if ($Erg3 != 1) { + $html .= "

" . Get_Text("makeuser_error_write2") . "
\n"; + $error = mysql_error($con); + } else { + $html .= Get_Text("makeuser_writeOK2") . "
\n"; + $html .= "

" . Get_Text("makeuser_writeOK3") . "

\n"; + } + + $html .= Get_Text("makeuser_writeOK4") . "

\n

\n"; + $success = "any"; + + if (isset ($SubscribeMailinglist)) { + if ($_POST["subscribe-mailinglist"] == "") { + $headers = "From: " . $_POST["email"] . "\r\n" . + "X-Mailer: PHP/" . phpversion(); + mail($SubscribeMailinglist, "subject", "message", $headers); + } + } + } + } + + if (isset ($error)) + $html .= error($error); + } else { + // init vars + $_POST["Nick"] = ""; + $_POST["Name"] = ""; + $_POST["Vorname"] = ""; + $_POST["Alter"] = ""; + $_POST["Telefon"] = ""; + $_POST["DECT"] = ""; + $_POST["Handy"] = ""; + $_POST["email"] = ""; + $_POST["subscribe-mailinglist"] = ""; + $_POST["ICQ"] = ""; + $_POST["jabber"] = ""; + $_POST["Size"] = "L"; + $_POST["Art"] = ""; + $_POST["kommentar"] = ""; + $_POST["Hometown"] = ""; + } + + if ($success == "none") { + $html .= "

" . Get_Text("makeuser_text0") . "

\n"; + $html .= "

" . Get_Text("makeuser_text1") . "

\n"; + $html .= "
\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + + if (isset ($SubscribeMailinglist)) + $html .= "\n"; + + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "\n"; + $html .= "
" . Get_Text("makeuser_Nickname") . "*
" . Get_Text("makeuser_Nachname") . "
" . Get_Text("makeuser_Vorname") . "
" . Get_Text("makeuser_Alter") . "
" . Get_Text("makeuser_Telefon") . "
" . Get_Text("makeuser_DECT") . "\n"; + $html .= "
" . Get_Text("makeuser_Handy") . "
" . Get_Text("makeuser_E-Mail") . "*
" . Get_Text("makeuser_subscribe-mailinglist") . "($SubscribeMailinglist)
ICQ
jabber
" . Get_Text("makeuser_T-Shirt") . " Grösse*\n"; + $html .= "\n"; + $html .= "
" . Get_Text("makeuser_Hometown") . "
" . Get_Text("makeuser_Passwort") . "*
" . Get_Text("makeuser_Passwort2") . "*
 
\n"; + $html .= "
\n"; + $html .= Get_Text("makeuser_text3"); + } + return $html; +} + +function guest_logout() { + unset ($_SESSION['uid']); + header("Location: " . page_link_to("start")); +} + +function guest_login() { + global $user; + unset ($_SESSION['uid']); + + $html = ""; + if (isset ($_REQUEST['login_submit'])) { + $login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST["user"]) . "'"); + + if (count($login_user) == 1) { // Check, ob User angemeldet wird... + $login_user = $login_user[0]; + if ($login_user["Passwort"] == PassCrypt($_REQUEST["password"])) { // Passwort ok... + $_SESSION['uid'] = $login_user['UID']; + $_SESSION['Sprache'] = $login_user['Sprache']; + header("Location: " . page_link_to("news")); + } else { // Passwort nicht ok... + $ErrorText = "pub_index_pass_no_ok"; + } // Ende Passwort-Check + } else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung + if ($user_anz == 0) + $ErrorText = "pub_index_User_unset"; + else + $ErrorText = "pub_index_User_more_as_one"; + } // Ende Check, ob User angemeldet wurde} + } + if (isset ($ErrorText)) + $html .= error(Get_Text($ErrorText)); + $html .= guest_login_form(); + return $html; +} + +function guest_login_form() { + return template_render("../templates/guest_login_form.html", array ( + 'link' => page_link_to("login"), + 'nick' => Get_Text("index_lang_nick"), + 'pass' => Get_Text("index_lang_pass"), + 'send' => Get_Text("index_lang_send") + )); +} +?> \ No newline at end of file diff --git a/includes/pages/guest_start.php b/includes/pages/guest_start.php new file mode 100644 index 00000000..286511f2 --- /dev/null +++ b/includes/pages/guest_start.php @@ -0,0 +1,13 @@ +" . Get_Text("index_text1") . "

\n"; + $html .= "

" . Get_Text("index_text2") . "

\n"; + $html .= "

" . Get_Text("index_text3") . "

\n"; + + $html .= guest_login_form(); + + $html .= "
" . Get_Text("index_text4") . "
"; + return $html; +} +?> \ No newline at end of file -- cgit v1.2.3-54-g00ecf From c90fdf75a26e6abf2434068d4aa3cfcb190eb600 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 01:02:15 +0200 Subject: rewrite --- includes/pages/guest_login.php | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 76a473df..7fe081fc 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -34,7 +34,7 @@ function guest_register() { "`ICQ`, " . "`jabber`, " . "`Size`, " . "`Passwort`, " . "`Art` , " . "`kommentar`, " . - "`Hometown`," . "`CreateDate` ) " . + "`Hometown`," . "`CreateDate`, `Sprache` ) " . "VALUES ( " . "'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " . "'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " . @@ -43,7 +43,7 @@ function guest_register() { "'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " . "'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " . "'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " . - "'" . $_POST["Hometown"] . "'," . "NOW())"); + "'" . $_POST["Hometown"] . "'," . "NOW(), '" . $_SESSION['Sprache'] . "')"); if ($Erg != 1) { $html .= Get_Text("makeuser_error_write1") . "
\n"; @@ -51,16 +51,11 @@ function guest_register() { } else { $html .= "

" . Get_Text("makeuser_writeOK") . "\n"; - $SQL2 = "SELECT `UID` FROM `User` WHERE `Nick`='" . $_POST["Nick"] . "';"; - $Erg2 = mysql_query($SQL2, $con); - $Data = mysql_fetch_array($Erg2); - - $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('" . $Data["UID"] . "');"; - $Erg3 = mysql_query($SQL3, $con); + $Erg3 = mysql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape(sql_id()) . ", `group_id`=-2"); if ($Erg3 != 1) { $html .= "

" . Get_Text("makeuser_error_write2") . "
\n"; - $error = mysql_error($con); + $error = sql_error(); } else { $html .= Get_Text("makeuser_writeOK2") . "
\n"; $html .= "

" . Get_Text("makeuser_writeOK3") . "

\n"; -- cgit v1.2.3-54-g00ecf From 06497b3a5387f30ea140562cc71e371b2ec1e131 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 01:18:08 +0200 Subject: cleanup --- includes/footer.php | 18 ---- includes/funktion_activeUser.php | 34 ------- includes/funktion_faq.php | 10 -- includes/funktion_flag.php | 9 -- includes/header_start.php | 40 -------- includes/login_eingabefeld.php | 17 ---- includes/pages/guest_faq.php | 9 ++ includes/secure.php | 25 ----- includes/sys_auth.php | 8 ++ www-ssl/css/style.css.old | 53 ---------- www-ssl/css/style.css.old2 | 69 ------------- www-ssl/css/style1.css.old | 79 --------------- www-ssl/faq.php | 31 ------ www-ssl/logout.php | 15 --- www-ssl/makeuser.php | 214 --------------------------------------- 15 files changed, 17 insertions(+), 614 deletions(-) delete mode 100644 includes/footer.php delete mode 100644 includes/funktion_activeUser.php delete mode 100644 includes/funktion_faq.php delete mode 100644 includes/funktion_flag.php delete mode 100644 includes/header_start.php delete mode 100644 includes/login_eingabefeld.php delete mode 100644 includes/secure.php delete mode 100644 www-ssl/css/style.css.old delete mode 100644 www-ssl/css/style.css.old2 delete mode 100644 www-ssl/css/style1.css.old delete mode 100644 www-ssl/faq.php delete mode 100644 www-ssl/logout.php delete mode 100644 www-ssl/makeuser.php (limited to 'includes/pages') diff --git a/includes/footer.php b/includes/footer.php deleted file mode 100644 index fdf00581..00000000 --- a/includes/footer.php +++ /dev/null @@ -1,18 +0,0 @@ - - - - - - - - - - diff --git a/includes/funktion_activeUser.php b/includes/funktion_activeUser.php deleted file mode 100644 index 631ec2d1..00000000 --- a/includes/funktion_activeUser.php +++ /dev/null @@ -1,34 +0,0 @@ -Engel online"; - -$SQL = "SELECT UID, Nick, lastLogIn " . -"FROM User " . -"WHERE (`lastLogIn` > '" . (time() - 60 * 60) . "' AND NOT (UID=" . $_SESSION['UID'] . ")) " . -"ORDER BY lastLogIn DESC;"; - -$Erg = mysql_query($SQL, $con); - -echo "
    "; - -for ($i = 0; $i < mysql_num_rows($Erg); $i++) { - echo "
  • "; - - if ($_SESSION['UID'] > 0) - echo DisplayAvatar(mysql_result($Erg, $i, "UID")); - - // Show Admin Page - echo funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=" . mysql_result($Erg, $i, "UID") . "&Type=Normal", mysql_result($Erg, $i, "Nick")); - - $timestamp = mktime($hour, $minute, $second, $month, $day, $year); - - $Tlog = time() - mysql_result($Erg, $i, "lastLogIn"); - - echo " " . date("i:s", $Tlog); - echo "
    • \n"; -} - -echo "
"; -?> diff --git a/includes/funktion_faq.php b/includes/funktion_faq.php deleted file mode 100644 index e9f09e7c..00000000 --- a/includes/funktion_faq.php +++ /dev/null @@ -1,10 +0,0 @@ - diff --git a/includes/funktion_flag.php b/includes/funktion_flag.php deleted file mode 100644 index 6b4e2f06..00000000 --- a/includes/funktion_flag.php +++ /dev/null @@ -1,9 +0,0 @@ - 0) - $URL = $_SERVER["REQUEST_URI"] . "&SetLanguage="; -else - $URL = $_SERVER["REQUEST_URI"] . "?SetLanguage="; - -echo '

DE'; -echo 'EN

'; -?> diff --git a/includes/header_start.php b/includes/header_start.php deleted file mode 100644 index 4795cee3..00000000 --- a/includes/header_start.php +++ /dev/null @@ -1,40 +0,0 @@ - 0)) { - echo "" . $SystemDisableMessage . ""; - echo "" . $SystemDisableMessage . "\n"; - die(); -} - -if (!isset ($_SESSION)) - session_start(); - -include "secure.php"; - -if (!isset ($_SESSION['IP'])) - $_SESSION['IP'] = $_SERVER['REMOTE_ADDR']; - -if (isset ($_SESSION['UID']) && ($_SESSION['IP'] <> $_SERVER['REMOTE_ADDR'])) { - session_destroy(); - header("Location: " . $url . $ENGEL_ROOT); -} - -include "UserCVS.php"; - -// update LASTlogin -if (isset ($_SESSION['UID'])) { - $SQLlastLogIn = "UPDATE `User` SET " . - "`lastLogIn` = '" . time() . "'" . - " WHERE `UID` = '" . $_SESSION['UID'] . "' LIMIT 1;"; - mysql_query($SQLlastLogIn, $con); -} -?> diff --git a/includes/login_eingabefeld.php b/includes/login_eingabefeld.php deleted file mode 100644 index 9e10271d..00000000 --- a/includes/login_eingabefeld.php +++ /dev/null @@ -1,17 +0,0 @@ - - -
- - - - - - - - - -
-
"> -
diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php index 6b5eeeeb..48e75d16 100644 --- a/includes/pages/guest_faq.php +++ b/includes/pages/guest_faq.php @@ -18,4 +18,13 @@ function guest_faq() { } return $html; } + +function noAnswer() { + global $con; + + $SQL = "SELECT UID FROM Questions WHERE `AID`='0'"; + $Res = mysql_query($SQL, $con); + + return mysql_num_rows($Res); +} ?> diff --git a/includes/secure.php b/includes/secure.php deleted file mode 100644 index 1d1a9e46..00000000 --- a/includes/secure.php +++ /dev/null @@ -1,25 +0,0 @@ -\n"; - - foreach ($_GET as $k => $v) { - $v = htmlentities($v, ENT_QUOTES); - preg_replace('/([\'"`\'])/', '', $v); - $_GET[$k] = $v; - - if($debug) - echo "GET $k=\"$v\"
"; - } - - foreach ($_POST as $k => $v) { - $v = htmlentities($v, ENT_QUOTES); - preg_replace('/([\'"`\'])/', '', $v); - $_POST[$k] = $v; - - if($debug) - echo "POST $k=\"$v\"
"; - } - - if($debug) - echo "secure.php END
\n"; -?> diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 1c15122e..68e336b0 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -5,6 +5,14 @@ function load_auth() { global $user; + if (!isset ($_SESSION['IP'])) + $_SESSION['IP'] = $_SERVER['REMOTE_ADDR']; + + if ($_SESSION['IP'] != $_SERVER['REMOTE_ADDR']) { + session_destroy(); + header("Location: " . link_to_page($start)); + } + $user = null; if (isset ($_SESSION['uid'])) { $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1"); diff --git a/www-ssl/css/style.css.old b/www-ssl/css/style.css.old deleted file mode 100644 index 254fb1b7..00000000 --- a/www-ssl/css/style.css.old +++ /dev/null @@ -1,53 +0,0 @@ -H1 { - font-family : Helvetica,Arial,Verdana; - font-size : 25pt; -} -H4 { - font-family : Arial,Verdana; -} -A { - font-family : Arial; - font-size : small; - text-decoration : none; - color : #0000a0; -} -A:Visited { - font-family : Arial; - font-size : small; - color : #0000a0; - text-decoration : none; -} - A:Active { - text-decoration : none; - font-family : Arial; - font-size : small; -} -A:Hover { - font-family : Arial; - font-size : small; - color : #0000a0; - text-decoration : underline; - font-weight : bold; -} -B { - font-weight : bold; - font-family : Arial; - font-size : small; -} - -TD { - font-size : small; - font-family : Arial; - padding-left : 1cm; -} - -BODY { - font-size : small; - font-family : Arial; - background-color : #f3b115; - color : navy; -} -a.title { - color:#ffa000; -} - diff --git a/www-ssl/css/style.css.old2 b/www-ssl/css/style.css.old2 deleted file mode 100644 index 9f7c0c90..00000000 --- a/www-ssl/css/style.css.old2 +++ /dev/null @@ -1,69 +0,0 @@ -H1 { - font-family : Helvetica,Arial,Verdana; - font-size : 25pt; -} - -H4 { - font-family : Arial,Verdana; -} - -A { - font-family : Arial; - font-size : small; - text-decoration : none; - color : #778899; -} - -A:Visited { - font-family : Arial; - font-size : small; - color : #778899; - text-decoration : none; -} - -A:Active { - text-decoration : none; - font-family : Arial; - font-size : small; -} - -A:Hover { - font-family : Arial; - font-size : small; - color : #778899; - text-decoration : underline; - font-weight : bold; -} - -B { - font-weight : bold; - font-family : Arial; - font-size : small; -} - -TD { - font-size : small; - font-family : Arial; -} - -BODY { - font-size : small; - font-family : Arial; - background-color : #f3b115; - color : navy; -} - - -a.title { -color:#ffa000; -} - - -p.question { - font-weight: bold; -} - -p.answer { - margin-left: 30px; - margin-right: 30px; -} diff --git a/www-ssl/css/style1.css.old b/www-ssl/css/style1.css.old deleted file mode 100644 index 4a597f35..00000000 --- a/www-ssl/css/style1.css.old +++ /dev/null @@ -1,79 +0,0 @@ - -body { - font-family: Arial; - background-color: #3e9fef; - color: #000000; - font-size: small -} - -a { - text-decoration: none; - color: #304930 -} - -td { - font-size: small -} - -a:active, a:hover { - font-weight: bold -} - -li { - font-size: small -} - -.content { - background-color: #bdd9ef; - color: #000000 -} - -.contenttopic { - font-weight: bold; - font-size: small; - color: #fe961e; - background-color: #157cc1 -} - -.border { - background-color: #050509 -} - -.menu { - background-color: #bdd9ef; - color: #000022; - font-size: small -} -h4.menu { - font-weight: bold; - font-size: small; - color: #3e9fef -} - -.linkbox { - background-color: #ffffff -} - -.linkboxtitle { - font-weight: bold; - background-color: #000000; - color: #bdd9ef -} - -.question { - font-weight: bold; - font-size: 9pt -} - -.engeltreffen { - font-weight: bold; - font-size: 9pt; - color: #ff0000; -} - -.answer { - font-size: 9pt; -} -.comment { - font-size : 6pt; -} diff --git a/www-ssl/faq.php b/www-ssl/faq.php deleted file mode 100644 index 8a7b3ede..00000000 --- a/www-ssl/faq.php +++ /dev/null @@ -1,31 +0,0 @@ -', mysql_result($Erg, $n, "Frage")); - list ($antwort_de, $antwort_en) = split('
', mysql_result($Erg, $n, "Antwort")); - echo "
"; - if ($_SESSION['Sprache'] == "DE") { - echo "
" . $frage_de . "
"; - echo "
" . $antwort_de . "
"; - } else { - echo "
" . $frage_en . "
"; - echo "
" . $antwort_en . "
"; - } - echo "
"; - } -} - -include "includes/footer.php"; -?> diff --git a/www-ssl/logout.php b/www-ssl/logout.php deleted file mode 100644 index 12b284f9..00000000 --- a/www-ssl/logout.php +++ /dev/null @@ -1,15 +0,0 @@ - diff --git a/www-ssl/makeuser.php b/www-ssl/makeuser.php deleted file mode 100644 index a67f4bd5..00000000 --- a/www-ssl/makeuser.php +++ /dev/null @@ -1,214 +0,0 @@ - 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3"); - elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail"); - elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter"); - elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1"); - elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2"); - else { - $_POST["Passwort"] = PassCrypt($_POST["Passwort"]); - unset ($_POST["Passwort2"]); - - $SQL = "INSERT INTO `User` (" . - "`Nick` , " . "`Name` , " . - "`Vorname`, " . "`Alter` , " . - "`Telefon`, " . "`DECT`, " . - "`Handy`, " . "`email`, " . - "`ICQ`, " . "`jabber`, " . - "`Size`, " . "`Passwort`, " . - "`Art` , " . "`kommentar`, " . - "`Hometown`," . "`CreateDate` ) " . - "VALUES ( " . - "'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " . - "'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " . - "'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " . - "'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " . - "'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " . - "'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " . - "'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " . - "'" . $_POST["Hometown"] . "'," . "NOW());"; - $Erg = mysql_query($SQL, $con); - - if ($Erg != 1) { - echo Get_Text("makeuser_error_write1") . "
\n"; - $error = mysql_error($con); - } else { - echo "

" . Get_Text("makeuser_writeOK") . "\n"; - - $SQL2 = "SELECT `UID` FROM `User` WHERE `Nick`='" . $_POST["Nick"] . "';"; - $Erg2 = mysql_query($SQL2, $con); - $Data = mysql_fetch_array($Erg2); - - $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('" . $Data["UID"] . "');"; - $Erg3 = mysql_query($SQL3, $con); - - if ($Erg3 != 1) { - echo "

" . Get_Text("makeuser_error_write2") . "
\n"; - $error = mysql_error($con); - } else { - echo Get_Text("makeuser_writeOK2") . "
\n"; - echo "

" . Get_Text("makeuser_writeOK3") . "

\n"; - } - - echo Get_Text("makeuser_writeOK4") . "

\n

\n"; - $success = "any"; - - if (isset ($SubscribeMailinglist)) { - if ($_POST["subscribe-mailinglist"] == "") { - $headers = "From: " . $_POST["email"] . "\r\n" . - "X-Mailer: PHP/" . phpversion(); - mail($SubscribeMailinglist, "subject", "message", $headers); - } - } - } - } - - if (isset ($error)) - echo "

\n" . $error . "\n

\n\n"; -} else { - // init vars - $_POST["Nick"] = ""; - $_POST["Name"] = ""; - $_POST["Vorname"] = ""; - $_POST["Alter"] = ""; - $_POST["Telefon"] = ""; - $_POST["DECT"] = ""; - $_POST["Handy"] = ""; - $_POST["email"] = ""; - $_POST["subscribe-mailinglist"] = ""; - $_POST["ICQ"] = ""; - $_POST["jabber"] = ""; - $_POST["Size"] = "L"; - $_POST["Art"] = ""; - $_POST["kommentar"] = ""; - $_POST["Hometown"] = ""; -} - -if ($success == "none") { - echo "

" . Get_Text("makeuser_text0") . "

\n"; - echo "

" . Get_Text("makeuser_text1") . "

\n"; - echo "
\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - - if (isset ($SubscribeMailinglist)) - echo "\n"; - - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "
" . Get_Text("makeuser_Nickname") . "*
" . Get_Text("makeuser_Nachname") . "
" . Get_Text("makeuser_Vorname") . "
" . Get_Text("makeuser_Alter") . "
" . Get_Text("makeuser_Telefon") . "
" . Get_Text("makeuser_DECT") . "\n"; - echo "
" . Get_Text("makeuser_Handy") . "
" . Get_Text("makeuser_E-Mail") . "*
" . Get_Text("makeuser_subscribe-mailinglist") . "($SubscribeMailinglist)
ICQ
jabber
" . Get_Text("makeuser_T-Shirt") . " Grösse*\n"; - echo "\n"; - echo "
" . Get_Text("makeuser_Engelart") . "\n"; - echo "\n"; - echo "
" . Get_Text("makeuser_text2") . "
" . Get_Text("makeuser_Hometown") . "
" . Get_Text("makeuser_Passwort") . "*
" . Get_Text("makeuser_Passwort2") . "*
 
\n"; - echo "
\n"; - Print_Text("makeuser_text3"); -} - -include "includes/footer.php"; -?> -- cgit v1.2.3-54-g00ecf From 5a935f413dd6dff69df736b437073d343aa8a6ec Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 01:45:46 +0200 Subject: news --- includes/pages/user_news.php | 106 +++++++++++++++++++++++++++++++++++++++++ includes/sys_user.php | 109 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 215 insertions(+) create mode 100644 includes/pages/user_news.php create mode 100644 includes/sys_user.php (limited to 'includes/pages') diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php new file mode 100644 index 00000000..7012bb99 --- /dev/null +++ b/includes/pages/user_news.php @@ -0,0 +1,106 @@ +" . Get_Text(3) . "" . user_news_output(); +} + +function user_news_output() { + global $DISPLAY_NEWS, $privileges; + + if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && IsSet ($_POST["date"])) { + if (!isset ($_POST["treffen"])) + $_POST["treffen"] = 0; + $SQL = "INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . + "VALUES ('" . sql_escape($_POST["date"]) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($_SESSION['uid']) . + "', '" . sql_escape($_POST["treffen"]) . "');"; + $Erg = sql_query($SQL); + if ($Erg == 1) + $html .= Get_Text(4); + } + + if (!IsSet ($_GET["news_begin"])) + $_GET["news_begin"] = 0; + + if (!IsSet ($_GET["DISPLAY_NEWS"])) + $_GET["DISPLAY_NEWS"] = 5; + + $SQL = "SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . intval($_GET["news_begin"]) . ", " . intval($_GET["DISPLAY_NEWS"]); + $Erg = sql_query($SQL); + + // anzahl zeilen + $news_rows = mysql_num_rows($Erg); + + for ($n = 0; $n < $news_rows; $n++) { + + if (mysql_result($Erg, $n, "Treffen") == 0) + $html .= "

"; + else + $html .= "

"; + + $html .= "" . ReplaceSmilies(mysql_result($Erg, $n, "Betreff")) . "\n"; + + // Schow Admin Page + if ($_SESSION['CVS']["admin/news.php"] == "Y") + $html .= " [edit]
\n\t\t"; + + $html .= "
   " . mysql_result($Erg, $n, "Datum") . ", "; + $html .= UID2Nick(mysql_result($Erg, $n, "UID")) . ""; + // avatar anzeigen? + $html .= DisplayAvatar(mysql_result($Erg, $n, "UID")); + $html .= "

\n"; + $html .= "

" . ReplaceSmilies(nl2br(mysql_result($Erg, $n, "Text"))) . "

\n"; + $RefID = mysql_result($Erg, $n, "ID"); + $countSQL = "SELECT COUNT(*) FROM `news_comments` WHERE `Refid`='$RefID'"; + $countErg = sql_query($countSQL); + $countcom = mysql_result($countErg, 0, "COUNT(*)"); + $html .= "

$countcom comments

\n\n"; + } + + $html .= "
\n\n"; + $rowerg = sql_query("SELECT * FROM `News`"); + $rows = mysql_num_rows($rowerg); + $dis_rows = round(($rows / $DISPLAY_NEWS) + 0.5); + + $html .= Get_Text(5); + + for ($i = 1; $i <= $dis_rows; $i++) { + if (!((($i * $DISPLAY_NEWS) - $_GET["news_begin"]) == $DISPLAY_NEWS)) { + $html .= "$i  "; + } else { + $html .= "$i  "; + } + } + $html .= '
+
+

' . Get_Text(6) . '

+   + +
+ + + + + + + + + + + '; + if (in_array('news_add_meeting', $privileges)) { + $html .= ' + + + '; + + } + $html .= '
' . Get_Text(7) . '
' . Get_Text(8) . '
' . Get_Text(9) . '
+
+ +
'; + return $html; +} +?> \ No newline at end of file diff --git a/includes/sys_user.php b/includes/sys_user.php new file mode 100644 index 00000000..6274003d --- /dev/null +++ b/includes/sys_user.php @@ -0,0 +1,109 @@ + 0) + $SQL = "SELECT Nick FROM `User` WHERE UID='$UID'"; + else + $SQL = "SELECT Name FROM `Groups` WHERE UID='$UID'"; + + $Erg = sql_select($SQL); + + if (count($Erg) > 0) { + if ($UID > 0) + return $Erg[0]['Nick']; + else + return "Group-" . $Erg[0]['Name']; + } else { + if ($UID == -1) + return "Guest"; + else + return "UserID $UID not found"; + } +} + +function TID2Type($TID) { + global $con; + + $SQL = "SELECT Name FROM `EngelType` WHERE TID='$TID'"; + $Erg = mysql_query($SQL, $con); + + if (mysql_num_rows($Erg)) + return mysql_result($Erg, 0); + else + return ""; +} + +function ReplaceSmilies($neueckig) { + global $url, $ENGEL_ROOT; + + $neueckig = str_replace(";o))", "", $neueckig); + $neueckig = str_replace(":-))", "", $neueckig); + $neueckig = str_replace(";o)", "", $neueckig); + $neueckig = str_replace(":)", "", $neueckig); + $neueckig = str_replace(":-)", "", $neueckig); + $neueckig = str_replace(":(", "", $neueckig); + $neueckig = str_replace(":-(", "", $neueckig); + $neueckig = str_replace(":o(", "", $neueckig); + $neueckig = str_replace(":o)", "", $neueckig); + $neueckig = str_replace(";o(", "", $neueckig); + $neueckig = str_replace(";(", "", $neueckig); + $neueckig = str_replace(";-(", "", $neueckig); + $neueckig = str_replace("8)", "", $neueckig); + $neueckig = str_replace("8o)", "", $neueckig); + $neueckig = str_replace(":P", "", $neueckig); + $neueckig = str_replace(":-P", "", $neueckig); + $neueckig = str_replace(":oP", "", $neueckig); + $neueckig = str_replace(";P", "", $neueckig); + $neueckig = str_replace(";oP", "", $neueckig); + $neueckig = str_replace("?)", "", $neueckig); + + return $neueckig; +} + +function GetPicturShow($UID) { + global $con; + + $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='$UID'"; + $res = mysql_query($SQL, $con); + + if (mysql_num_rows($res) == 1) + return mysql_result($res, 0, 0); + else + return ""; +} + +function displayPictur($UID, $height = "30") { + global $url, $ENGEL_ROOT; + + if ($height > 0) + return ("\"picture"); + else + return ("\"picture"); +} + +function displayavatar($UID, $height = "30") { + global $con, $url, $ENGEL_ROOT; + + if (GetPicturShow($UID) == 'Y') + return " " . displayPictur($UID, $height); + + // show avator + $asql = "select * from User where UID = $UID"; + $aerg = mysql_query($asql, $con); + + if (mysql_num_rows($aerg)) + if (mysql_result($aerg, 0, "Avatar") > 0) + return (" "); +} + +function UIDgekommen($UID) { + global $con; + + $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='$UID'"; + $Erg = mysql_query($SQL, $con); + + if (mysql_num_rows($Erg)) + return mysql_result($Erg, 0); + else + return "0"; +} +?> -- cgit v1.2.3-54-g00ecf From 0d351f47915679f98cbd93cd5d8f4d32d91a834a Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 16:56:45 +0200 Subject: admin rooms --- includes/funktion_schichtplan.php | 389 ----------------------------- includes/funktion_schichtplan_Tage.php | 101 -------- includes/funktion_schichtplan_aray.php | 38 --- includes/pages/admin_rooms.php | 148 +++++++++++ includes/pages/user_news.php | 54 ++-- includes/sys_shift.php | 442 +++++++++++++++++++++++++++++++++ includes/sys_template.php | 8 + templates/admin_rooms_edit_form.html | 59 +++++ templates/admin_rooms_new_form.html | 46 ++++ www-ssl/css/base.css | 16 ++ www-ssl/index.php | 5 + 11 files changed, 751 insertions(+), 555 deletions(-) delete mode 100644 includes/funktion_schichtplan.php delete mode 100644 includes/funktion_schichtplan_Tage.php delete mode 100644 includes/funktion_schichtplan_aray.php create mode 100644 includes/pages/admin_rooms.php create mode 100644 includes/sys_shift.php create mode 100644 templates/admin_rooms_edit_form.html create mode 100644 templates/admin_rooms_new_form.html (limited to 'includes/pages') diff --git a/includes/funktion_schichtplan.php b/includes/funktion_schichtplan.php deleted file mode 100644 index 6d6c3553..00000000 --- a/includes/funktion_schichtplan.php +++ /dev/null @@ -1,389 +0,0 @@ -\n"); - - /////////////////////////////////////////////////////////////////// - // Ausgabe des Schischtnamens - /////////////////////////////////////////////////////////////////// - $SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');"; - $Erg = mysql_query($SQL, $con); - if( mysql_result($Erg, 0, 0) != "") - $Spalten.="$Man:
"; - else - $Spalten.="".$Man.":
"; - - - /////////////////////////////////////////////////////////////////// - // SQL abfrage für die benötigten schichten - /////////////////////////////////////////////////////////////////// - $SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '$SID') ORDER BY `TID`, `UID` DESC ;"; - $Erg = mysql_query($SQL, $con); - - $Anzahl = mysql_num_rows($Erg); - $Feld=0; - $Temp_TID_old=-1; - for( $i = 0; $i < $Anzahl; $i++ ) - { - if( isset($Temp[$Feld]["TID"])) - $Temp_TID_old = $Temp[$Feld]["TID"]; - if( isset($Temp[$Feld]["UID"])) - $Temp_UID_old = $Temp[$Feld]["UID"]; - - $Temp_TID = mysql_result($Erg, $i, "TID"); - - // wenn sich der Type ändert wird zumnästen feld geweckselt - if( $Temp_TID_old != $Temp_TID ) - $Feld++; - - $Temp[$Feld]["TID"] = $Temp_TID; - $Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID"); - - // sonderfall ersten durchlauf - if( $i == 0 ) - { - $Temp_TID_old = $Temp[$Feld]["TID"]; - $Temp_UID_old = $Temp[$Feld]["UID"]; - } - - // ist es eine zu vergeben schicht? - if( $Temp[$Feld]["UID"] == 0 ) - { - if( isset($Temp[$Feld]["free"])) - $Temp[$Feld]["free"]++; - else - $Temp[$Feld]["free"]=1; - } - else - $Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"]; - } // FOR - - - /////////////////////////////////////////////////////////////////// - // Aus gabe der Schicht - /////////////////////////////////////////////////////////////////// - if( isset($Temp)) - if( count($Temp) ) - foreach( $Temp as $TempEntry => $TempValue ) - { - if( !isset($TempValue["free"])) - $TempValue["free"] = 0; - - // ausgabe EngelType - $Spalten.= $EngelTypeID[ $TempValue["TID"] ]. " "; - - // ausgabe Eingetragener Engel - if( isset($TempValue["Engel"])) - if( count($TempValue["Engel"]) > 0 ) - { - if( count($TempValue["Engel"]) == 1 ) - $Spalten.= Get_Text("inc_schicht_ist"). ":
\n"; - else - $Spalten.= Get_Text("inc_schicht_sind"). ":
\n"; - - foreach( $TempValue["Engel"] as $TempEngelEntry=> $TempEngelID ) - { - if( funktion_isLinkAllowed( "admin/user.php") === TRUE) - { - // add color, wenn Engel "Gekommen" - $TempText= - ((UIDgekommen( $TempEngelID ) == "1") - ? "" - : ""). - UID2Nick( $TempEngelID). ""; - } - else - { - $TempText = UID2Nick( $TempEngelID ); - } - - // add link to user - $TempText= funktion_isLinkAllowed_addLink_OrLinkText( - "admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal", - $TempText); - - $Spalten.= "  ". $TempText. - ( ($_GET["Icon"]==1) ? DisplayAvatar( $TempEngelID): ""). - "
\n"; - - - } - $Spalten = substr( $Spalten, 0, strlen($Spalten)-7 ); - } - - // ausgabe benötigter Engel - //////////////////////////// - //in vergangenheit - $SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='$SID' AND `DateE` >= '". - gmdate("Y-m-d H:i:s", time()+ $gmdateOffset). "')"; - $Ergtime = mysql_query($SQLtime, $con); - if( mysql_num_rows( $Ergtime) > 0) - { - //wenn keien rechte definiert sind - if( !isset($_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ])) - $_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ] = "Y"; - - if( $_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ] == "Y") - if( $TempValue["free"] > 0 ) - { - $Spalten.= "
\n  "; - $Spalten.= $TempValue["free"]; - if( $TempValue["free"] != 1 ) - $Spalten.= Get_Text("inc_schicht_weitere"). - " ".Get_Text("inc_schicht_Engel"). - Get_Text("inc_schicht_wird"); - else - $Spalten.= Get_Text("inc_schicht_weiterer"). - " ".Get_Text("inc_schicht_Engel"). - Get_Text("inc_schicht_werden"); - $Spalten.= Get_Text("inc_schicht_noch_gesucht"); - $Spalten.= ""; - } - } - else - { - if( isset($TempValue["free"])) - if( $TempValue["free"] > 0 ) - $Spalten.= "
\n  

Fehlen noch: ". - $TempValue["free"]. "

"; - } - $Spalten.= "
\n"; - - } // FOREACH - return $Spalten; -} // function Ausgabe_Feld_Inhalt - - - -/*####################################################### -# gibt die engelschischten Druckergerecht aus # -#######################################################*/ -function Ausgabe_Feld_Inhalt_Druck($RID, $Man ) -{ -// gibt, nach übergabe der der SchichtID (SID) und der RaumBeschreibung, -// die eingetragenden und und offenden Schichteintäge zurück - - -} // function Ausgabe_Feld_Inhalt - - - - -/*####################################################### -# Ausgabe der Raum Spalten # -#######################################################*/ -function CreateRoomShifts( $raum ) -{ - global $Spalten, $ausdatum, $con, $debug, $GlobalZeileProStunde, $error_messages; - - ///////////////////////////////////////////////////////////// - // beginnt die erste schicht vor dem heutigen tag und geht darüber hinaus - ///////////////////////////////////////////////////////////// - $SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` ". - "WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 23:59:59') AND ". - "(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;"; - $ErgSonder = mysql_query($SQLSonder, $con); - if( (mysql_num_rows( $ErgSonder) > 1) ) - { - if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE ) - { - echo "

". Get_Text("pub_schichtplan_colision"). "

"; - for( $i=0; $i". - mysql_result($ErgSonder, $i, "DateS"). - " '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-24)". - "
\n"; - } - } - } - elseif( (mysql_num_rows( $ErgSonder) == 1) ) - { - $Spalten[0].= "\n". - "

↑↑↑

". - Ausgabe_Feld_Inhalt( mysql_result($ErgSonder, 0, "SID"), - mysql_result($ErgSonder, 0, "Man") ). - "

↓↓↓

". - "\n\n"; - return; - } - - $ZeitZeiger = 0; - - ///////////////////////////////////////////////////////////// - // beginnt die erste schicht vor dem heutigen tag? - ///////////////////////////////////////////////////////////// - $SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` ". - "WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 00:00:00') AND ". - "(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;"; - $ErgSonder = mysql_query($SQLSonder, $con); - if( (mysql_num_rows( $ErgSonder) > 1) ) - { - if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE ) - { - echo "

". Get_Text("pub_schichtplan_colision"). "

"; - for( $i=0; $i". - mysql_result($ErgSonder, $i, "DateS"). - " '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-xx)". - "
\n"; - } - } - } - elseif( (mysql_num_rows( $ErgSonder) == 1) ) - { - $ZeitZeiger = substr( mysql_result($ErgSonder, 0, "DateE"), 11, 2 )+ - (substr( mysql_result($ErgSonder, 0, "DateE"), 14, 2 ) / 60); - $Spalten[0].= "\n". - "

↑↑↑

". - Ausgabe_Feld_Inhalt( mysql_result($ErgSonder, 0, "SID"), - mysql_result($ErgSonder, 0, "Man") ). - "\n\n"; - } - - ///////////////////////////////////////////////////////////// - // gibt die schichten für den tag aus - ///////////////////////////////////////////////////////////// - $SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` ". - "WHERE ((`RID` = '$raum') and ". - "(`DateS` >= '$ausdatum $ZeitZeiger:00:00') and ". - "(`DateS` like '$ausdatum%')) ORDER BY `DateS`;"; - $Erg = mysql_query($SQL, $con); - for( $i = 0; $i < mysql_num_rows($Erg); ++$i ) - { - $ZeitPos = substr( mysql_result($Erg, $i, "DateS"), 11, 2 )+ - (substr( mysql_result($Erg, $i, "DateS"), 14, 2 ) / 60); - $len = mysql_result($Erg, $i, "Len"); - - if( $len <= 0) - array_push( $error_messages, "Error in shift denition SID=". mysql_result($Erg, $i, "SID"). " Len=$len"); - - if( $ZeitZeiger < $ZeitPos ) - { - $Spalten[$ZeitZeiger * $GlobalZeileProStunde].= - " \n"; - - $ZeitZeiger += $ZeitPos - $ZeitZeiger; - } - if($ZeitZeiger == $ZeitPos ) - { - //sonderfall wenn die schicht über dei 24 stunden hinaus geht - // (eintrag abkürzen, pfeiel ausgeben) - $Spalten[$ZeitZeiger * $GlobalZeileProStunde].= - "\n". - "". - Ausgabe_Feld_Inhalt( mysql_result($Erg, $i, "SID"), - mysql_result($Erg, $i, "Man") ). - (( ($ZeitZeiger+$len) > 24)? "

↓↓↓

" : ""). - "\n\n"; - $ZeitZeiger += $len; - } - else - { - echo "

". Get_Text("pub_schichtplan_colision"). "

"; - echo "". - mysql_result($Erg, $i, "DateS"). - " '". mysql_result($Erg, $i, "Man"). "' ". - " (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)

"; - } - } - if( $ZeitZeiger < 24 ) - $Spalten[($ZeitZeiger * $GlobalZeileProStunde)].= - " \n"; -} // function CreateRoomShifts - - -/*####################################################### -# Ausgabe der freien schichten # -#######################################################*/ -function showEmptyShifts( ) -{ - global $con, $debug, $RoomID, $gmdateOffset; - - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - - $sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` ". - "WHERE (`Shifts`.`DateS`>='". gmdate("Y-m-d H:i:s", time()+$gmdateOffset). "') ". - "ORDER BY `DateS`, `RID`;"; - $Erg = mysql_query($sql, $con); - - $angezeigt = 0; - for ($i=0; ($i0) - { - $angezeigt++; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - } - } - - echo "
". Get_Text("inc_schicht_date"). "". Get_Text("inc_schicht_time"). "". Get_Text("inc_schicht_room"). "". Get_Text("inc_schicht_commend"). "
". substr(mysql_result( $Erg, $i, "DateS"), 0, 10). "". substr(mysql_result( $Erg, $i, "DateS"), 11). "". $RoomID[mysql_result( $Erg, $i, "RID")]. "". - ausgabe_Feld_Inhalt( mysql_result( $Erg, $i, "SID"), mysql_result( $Erg, $i, "Man")). - "
\n"; - -} //function showEmptyShifts - - -/*####################################################### -# Gibt die anzahl der Schichten im Raum zurück # -#######################################################*/ -function SummRoomShifts( $raum ) -{ - global $ausdatum, $con, $debug, $GlobalZeileProStunde; - - $SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` ". - "WHERE ((`RID` = '$raum') AND (`DateE` >= '$ausdatum 00:00:00') AND ". - "(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;"; - - $ErgSonder = mysql_query($SQLSonder, $con); - - return mysql_num_rows($ErgSonder); -} - -?> diff --git a/includes/funktion_schichtplan_Tage.php b/includes/funktion_schichtplan_Tage.php deleted file mode 100644 index 2c21a992..00000000 --- a/includes/funktion_schichtplan_Tage.php +++ /dev/null @@ -1,101 +0,0 @@ - $Mmax) { - $Tag = 1; - $Monat++; - } - - if($Monat > 12) { - $Monat = 1; - $Jahr++; - } - - $Tag = strlen( $Tag ) == 1 ? "0".$Tag : $Tag; - $Monat = strlen( $Monat ) == 1 ? "0".$Monat : $Monat; - - return ("$Jahr-$Monat-$Tag"); - } - } - - // suchen den ersten eintrags - $SQL = "SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1"; - $Erg = mysql_query($SQL, $con); - - $Pos = 0; - - if(mysql_num_rows($Erg) > 0) { - do { - // Startdatum einlesen und link ausgeben - $DateS = substr(mysql_result($Erg, 0 , 0), 0,10); - $VeranstaltungsTage[$Pos++] = $DateS; - - // auslesen den endes und eventuelle weitere tage ausgeben - $SQL2 = "SELECT MAX(`DateE`) FROM `Shifts` WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))"; - $Erg2 = mysql_query($SQL2, $con); - $DateE = substr(mysql_result($Erg2, 0 , 0), 0,10); - - if(strlen($DateE) == 0) - $DateE = $DateS; - else - while( $DateS != $DateE) { - $DateS = DatumUm1TagErhoehen( $DateS); - $VeranstaltungsTage[$Pos++] = $DateS; - } - - // suchen den naesten eintrag - $SQL = "SELECT `DateS` FROM `Shifts` ". - "WHERE (`DateS` > '$DateE 23:59:59' ) ". - "ORDER BY `DateS` ". - "LIMIT 1"; - $Erg = mysql_query($SQL, $con); - } while( mysql_fetch_row($Erg) > 0); - } - - $VeranstaltungsTageMax = $Pos - 1; -?> diff --git a/includes/funktion_schichtplan_aray.php b/includes/funktion_schichtplan_aray.php deleted file mode 100644 index f9b04bd6..00000000 --- a/includes/funktion_schichtplan_aray.php +++ /dev/null @@ -1,38 +0,0 @@ - diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php new file mode 100644 index 00000000..6695d6a9 --- /dev/null +++ b/includes/pages/admin_rooms.php @@ -0,0 +1,148 @@ +\nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " . + "oder vorhandene abzuändern:

\n"; + + $html .= "Neuen Raum/Ort eintragen
\n"; + + // Räume auflisten + if (count($rooms) > 0) { + $html .= ''; + + $html .= "
\n"; + $html .= "\n"; + + // Tabellenüberschriften generieren + foreach ($rooms[0] as $attr => $tmp) + if ($attr == 'RID') + $html .= ''; + else + $html .= ''; + $html .= ''; + $html .= ''; + + foreach ($rooms as $i => $room) { + $html .= ''; + foreach ($room as $attr => $value) + if ($attr == 'RID') + $html .= ''; + else + $html .= ''; + $html .= ''; + $html .= ''; + } + + $html .= '
Anzahl: ' . count($rooms) . '' . $attr . ' 
' . ($i +1) . '' . $value . 'Edit
'; + } + } else { + switch ($_REQUEST["action"]) { + + case 'new' : + $html .= template_render('../templates/admin_rooms_new_form.html', array ( + 'link' => page_link_to("admin_rooms") + )); + break; + + case 'newsave' : + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); + $from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf'])); + $show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show'])); + $number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number'])); + sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "'"); + header("Location: " . page_link_to("admin_rooms")); + break; + + case 'change' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + + $angel_types = ""; + foreach ($room_angel_types as $room_angel_type) { + if ($room_angel_type['count'] == "") + $room_angel_type['count'] = "0"; + $angel_types .= '' . $room_angel_type['Name'] . ''; + } + + $html .= template_render('../templates/admin_rooms_edit_form.html', array ( + 'link' => page_link_to("admin_rooms"), + 'room_id' => $rid, + 'name' => $room['Name'], + 'man' => $room['Man'], + 'number' => $room['Number'], + 'from_pentabarf_options' => html_options('FromPentabarf', array ( + 'Y' => 'Yes', + 'N' => 'No' + ), $room['FromPentabarf']), + 'show_options' => html_options('Show', array ( + 'Y' => 'Yes', + 'N' => 'No' + ), $room['show']), + 'angel_types' => $angel_types + )); + } else + return error("No Room found."); + break; + + case 'changesave' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`"); + + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man'])); + $from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf'])); + $show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show'])); + $number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number'])); + sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid)); + foreach ($room_angel_types as $room_angel_type) { + if (isset ($_REQUEST['angel_type_' . $room_angel_type['TID']]) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['TID']])) + $count = $_REQUEST['angel_type_' . $room_angel_type['TID']]; + else + $count = "0"; + sql_query("INSERT INTO `RoomAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count)); + } + header("Location: " . page_link_to("admin_rooms")); + } else + return error("No Room found."); + break; + + case 'delete' : + if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID'])) + $rid = $_REQUEST['RID']; + else + return error("Incomplete call, missing Room ID."); + + if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) { + sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1"); + header("Location: " . page_link_to("admin_rooms")); + } else + return error("No Room found."); + break; + + } + } + return $html; +} +?> diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 7012bb99..4295edb8 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -64,43 +64,43 @@ function user_news_output() { for ($i = 1; $i <= $dis_rows; $i++) { if (!((($i * $DISPLAY_NEWS) - $_GET["news_begin"]) == $DISPLAY_NEWS)) { - $html .= "$i  "; + $html .= '' . $i . '  '; } else { $html .= "$i  "; } } $html .= ' -
-

' . Get_Text(6) . '

-   - -
- - - - - - - - - - - '; +
+

' . Get_Text(6) . '

+   + + + + +
' . Get_Text(7) . '
' . Get_Text(8) . '
+ + + + + + + + '; if (in_array('news_add_meeting', $privileges)) { $html .= ' - - - '; + + + '; } $html .= '
' . Get_Text(7) . '
' . Get_Text(8) . '
' . Get_Text(9) . '
' . Get_Text(9) . '
-
- -
'; +
+ + '; return $html; } ?> \ No newline at end of file diff --git a/includes/sys_shift.php b/includes/sys_shift.php new file mode 100644 index 00000000..ff75465c --- /dev/null +++ b/includes/sys_shift.php @@ -0,0 +1,442 @@ + $r) { + $Room[$i] = array ( + 'RID' => $r['RID'], + 'Name' => $r['Name'] + ); + $RoomID[$r['RID']] = $r['Name']; + } + + // erstellt ein Array der Engeltypen + $engel_types = sql_select("SELECT `TID`, `Name` FROM `EngelType` ORDER BY `Name`"); + foreach ($engel_types as $engel_type) { + $EngelType[$i] = array ( + 'TID' => $engel_type['TID'], + 'Name' => $engel_type['Name'] . Get_Text("inc_schicht_engel") + ); + $EngelTypeID[$engel_type['TID']] = $engel_type['Name'] . Get_Text("inc_schicht_engel"); + $TID2Name[$engel_type['TID']] = $engel_type['Name']; + } + + // Erste Schicht suchen + $Pos = 0; + $first_shift = sql_select("SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1"); + if (count($first_shift) > 0) { + do { + // Startdatum einlesen und link ausgeben + $DateS = substr($first_shift[0]['DateS'], 0, 10); + $VeranstaltungsTage[$Pos++] = $DateS; + + // auslesen den endes und eventuelle weitere tage ausgeben + $last_shift = sql_select("SELECT MAX(`DateE`) FROM `Shifts` WHERE ( (`DateS` like '" . sql_escape($DateS) . "%') AND NOT (`DateE` like '%00:00:00'))"); + $DateE = substr($last_shift[0]['DateE'], 0, 10); + + if (strlen($DateE) == 0) + $DateE = $DateS; + else + while ($DateS != $DateE) { + $DateS = DatumUm1TagErhoehen($DateS); + $VeranstaltungsTage[$Pos++] = $DateS; + } + + // suchen den nächsten eintrag + $first_shift = sql_select("SELECT `DateS` FROM `Shifts` " . "WHERE (`DateS` > '" . sql_escape($DateE) . " 23:59:59' ) " . "ORDER BY `DateS` " . "LIMIT 1"); + } while (count($first_shift) > 0); + } + + $VeranstaltungsTageMax = $Pos -1; +} + +/*####################################################### +# gibt die engelschischten aus # +#######################################################*/ +function ausgabe_Feld_Inhalt($SID, $Man) { + // gibt, nach �bergabe der der SchichtID (SID) und der RaumBeschreibung, + // die eingetragenden und und offenden Schichteint�ge zur�ck + global $EngelType, $EngelTypeID, $TID2Name, $con, $debug, $gmdateOffset; + + $Spalten = ""; + + if (!isset ($_GET["Icon"])) + $_GET["Icon"] = 1; + + /////////////////////////////////////////////////////////////////// + // Schow Admin Page + /////////////////////////////////////////////////////////////////// + $Spalten .= funktion_isLinkAllowed_addLink_OrEmpty("admin/schichtplan.php?action=change&SID=$SID", "edit
\n"); + + /////////////////////////////////////////////////////////////////// + // Ausgabe des Schischtnamens + /////////////////////////////////////////////////////////////////// + $SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');"; + $Erg = mysql_query($SQL, $con); + if (mysql_result($Erg, 0, 0) != "") + $Spalten .= "$Man:
"; + else + $Spalten .= "" . + $Man . ":
"; + + /////////////////////////////////////////////////////////////////// + // SQL abfrage f�r die ben�tigten schichten + /////////////////////////////////////////////////////////////////// + $SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '$SID') ORDER BY `TID`, `UID` DESC ;"; + $Erg = mysql_query($SQL, $con); + + $Anzahl = mysql_num_rows($Erg); + $Feld = 0; + $Temp_TID_old = -1; + for ($i = 0; $i < $Anzahl; $i++) { + if (isset ($Temp[$Feld]["TID"])) + $Temp_TID_old = $Temp[$Feld]["TID"]; + if (isset ($Temp[$Feld]["UID"])) + $Temp_UID_old = $Temp[$Feld]["UID"]; + + $Temp_TID = mysql_result($Erg, $i, "TID"); + + // wenn sich der Type �ndert wird zumn�sten feld geweckselt + if ($Temp_TID_old != $Temp_TID) + $Feld++; + + $Temp[$Feld]["TID"] = $Temp_TID; + $Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID"); + + // sonderfall ersten durchlauf + if ($i == 0) { + $Temp_TID_old = $Temp[$Feld]["TID"]; + $Temp_UID_old = $Temp[$Feld]["UID"]; + } + + // ist es eine zu vergeben schicht? + if ($Temp[$Feld]["UID"] == 0) { + if (isset ($Temp[$Feld]["free"])) + $Temp[$Feld]["free"]++; + else + $Temp[$Feld]["free"] = 1; + } else + $Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"]; + } // FOR + + /////////////////////////////////////////////////////////////////// + // Aus gabe der Schicht + /////////////////////////////////////////////////////////////////// + if (isset ($Temp)) + if (count($Temp)) + foreach ($Temp as $TempEntry => $TempValue) { + if (!isset ($TempValue["free"])) + $TempValue["free"] = 0; + + // ausgabe EngelType + $Spalten .= $EngelTypeID[$TempValue["TID"]] . " "; + + // ausgabe Eingetragener Engel + if (isset ($TempValue["Engel"])) + if (count($TempValue["Engel"]) > 0) { + if (count($TempValue["Engel"]) == 1) + $Spalten .= Get_Text("inc_schicht_ist") . ":
\n"; + else + $Spalten .= Get_Text("inc_schicht_sind") . ":
\n"; + + foreach ($TempValue["Engel"] as $TempEngelEntry => $TempEngelID) { + if (funktion_isLinkAllowed("admin/user.php") === TRUE) { + // add color, wenn Engel "Gekommen" + $TempText = ((UIDgekommen($TempEngelID) == "1") ? "" : "") . + UID2Nick($TempEngelID) . ""; + } else { + $TempText = UID2Nick($TempEngelID); + } + + // add link to user + $TempText = funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal", $TempText); + + $Spalten .= "  " . $TempText . + (($_GET["Icon"] == 1) ? DisplayAvatar($TempEngelID) : "") . + "
\n"; + + } + $Spalten = substr($Spalten, 0, strlen($Spalten) - 7); + } + + // ausgabe ben�tigter Engel + //////////////////////////// + //in vergangenheit + $SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='$SID' AND `DateE` >= '" . + gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "')"; + $Ergtime = mysql_query($SQLtime, $con); + if (mysql_num_rows($Ergtime) > 0) { + //wenn keien rechte definiert sind + if (!isset ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]])) + $_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] = "Y"; + + if ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] == "Y") + if ($TempValue["free"] > 0) { + $Spalten .= "
\n  "; + $Spalten .= $TempValue["free"]; + if ($TempValue["free"] != 1) + $Spalten .= Get_Text("inc_schicht_weitere") . + " " . Get_Text("inc_schicht_Engel") . + Get_Text("inc_schicht_wird"); + else + $Spalten .= Get_Text("inc_schicht_weiterer") . + " " . Get_Text("inc_schicht_Engel") . + Get_Text("inc_schicht_werden"); + $Spalten .= Get_Text("inc_schicht_noch_gesucht"); + $Spalten .= ""; + } + } else { + if (isset ($TempValue["free"])) + if ($TempValue["free"] > 0) + $Spalten .= "
\n  

Fehlen noch: " . + $TempValue["free"] . "

"; + } + $Spalten .= "
\n"; + + } // FOREACH + return $Spalten; +} // function Ausgabe_Feld_Inhalt + +/*####################################################### +# gibt die engelschischten Druckergerecht aus # +#######################################################*/ +function Ausgabe_Feld_Inhalt_Druck($RID, $Man) { + // gibt, nach �bergabe der der SchichtID (SID) und der RaumBeschreibung, + // die eingetragenden und und offenden Schichteint�ge zur�ck + +} // function Ausgabe_Feld_Inhalt + +/*####################################################### +# Ausgabe der Raum Spalten # +#######################################################*/ +function CreateRoomShifts($raum) { + global $Spalten, $ausdatum, $con, $debug, $GlobalZeileProStunde, $error_messages; + + ///////////////////////////////////////////////////////////// + // beginnt die erste schicht vor dem heutigen tag und geht dar�ber hinaus + ///////////////////////////////////////////////////////////// + $SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " . + "WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 23:59:59') AND " . + "(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;"; + $ErgSonder = mysql_query($SQLSonder, $con); + if ((mysql_num_rows($ErgSonder) > 1)) { + if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) { + echo "

" . Get_Text("pub_schichtplan_colision") . "

"; + for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) { + echo "" . + mysql_result($ErgSonder, $i, "DateS") . + " '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-24)" . + "
\n"; + } + } + } + elseif ((mysql_num_rows($ErgSonder) == 1)) { + $Spalten[0] .= "\n" . + "

↑↑↑

" . + Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) . + "

↓↓↓

" . + "\n\n"; + return; + } + + $ZeitZeiger = 0; + + ///////////////////////////////////////////////////////////// + // beginnt die erste schicht vor dem heutigen tag? + ///////////////////////////////////////////////////////////// + $SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " . + "WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 00:00:00') AND " . + "(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;"; + $ErgSonder = mysql_query($SQLSonder, $con); + if ((mysql_num_rows($ErgSonder) > 1)) { + if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) { + echo "

" . Get_Text("pub_schichtplan_colision") . "

"; + for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) { + echo "" . + mysql_result($ErgSonder, $i, "DateS") . + " '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-xx)" . + "
\n"; + } + } + } + elseif ((mysql_num_rows($ErgSonder) == 1)) { + $ZeitZeiger = substr(mysql_result($ErgSonder, 0, "DateE"), 11, 2) + (substr(mysql_result($ErgSonder, 0, "DateE"), 14, 2) / 60); + $Spalten[0] .= "\n" . + "

↑↑↑

" . + Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) . + "\n\n"; + } + + ///////////////////////////////////////////////////////////// + // gibt die schichten f�r den tag aus + ///////////////////////////////////////////////////////////// + $SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " . + "WHERE ((`RID` = '$raum') and " . + "(`DateS` >= '$ausdatum $ZeitZeiger:00:00') and " . + "(`DateS` like '$ausdatum%')) ORDER BY `DateS`;"; + $Erg = mysql_query($SQL, $con); + for ($i = 0; $i < mysql_num_rows($Erg); ++ $i) { + $ZeitPos = substr(mysql_result($Erg, $i, "DateS"), 11, 2) + (substr(mysql_result($Erg, $i, "DateS"), 14, 2) / 60); + $len = mysql_result($Erg, $i, "Len"); + + if ($len <= 0) + array_push($error_messages, "Error in shift denition SID=" . mysql_result($Erg, $i, "SID") . " Len=$len"); + + if ($ZeitZeiger < $ZeitPos) { + $Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= " \n"; + + $ZeitZeiger += $ZeitPos - $ZeitZeiger; + } + if ($ZeitZeiger == $ZeitPos) { + //sonderfall wenn die schicht �ber dei 24 stunden hinaus geht + // (eintrag abk�rzen, pfeiel ausgeben) + $Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "\n" . + "" . + Ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) . + ((($ZeitZeiger + $len) > 24) ? "

↓↓↓

" : "") . + "\n\n"; + $ZeitZeiger += $len; + } else { + echo "

" . Get_Text("pub_schichtplan_colision") . "

"; + echo "" . + mysql_result($Erg, $i, "DateS") . + " '" . mysql_result($Erg, $i, "Man") . "' " . + " (" . mysql_result($Erg, $i, "SID") . " R$raum) (xx-xx)

"; + } + } + if ($ZeitZeiger < 24) + $Spalten[($ZeitZeiger * $GlobalZeileProStunde)] .= " \n"; +} // function CreateRoomShifts + +/*####################################################### +# Ausgabe der freien schichten # +#######################################################*/ +function showEmptyShifts() { + global $con, $debug, $RoomID, $gmdateOffset; + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + $sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` " . + "WHERE (`Shifts`.`DateS`>='" . gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "') " . + "ORDER BY `DateS`, `RID`;"; + $Erg = mysql_query($sql, $con); + + $angezeigt = 0; + for ($i = 0;($i < mysql_num_rows($Erg)) && ($angezeigt < 15); $i++) + if (isset ($RoomID[mysql_result($Erg, $i, "RID")])) + if ($RoomID[mysql_result($Erg, $i, "RID")] != "") { + $Sql2 = "SELECT `UID` FROM `ShiftEntry` " . + "WHERE `SID`=" . mysql_result($Erg, $i, "SID") . " AND " . + "`UID`='0';"; + $Erg2 = mysql_query($Sql2, $con); + + if (mysql_num_rows($Erg2) > 0) { + $angezeigt++; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + } + } + + echo "
" . Get_Text("inc_schicht_date") . "" . Get_Text("inc_schicht_time") . "" . Get_Text("inc_schicht_room") . "" . Get_Text("inc_schicht_commend") . "
" . substr(mysql_result($Erg, $i, "DateS"), 0, 10) . "" . substr(mysql_result($Erg, $i, "DateS"), 11) . "" . $RoomID[mysql_result($Erg, $i, "RID")] . "" . + ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) . + "
\n"; + +} //function showEmptyShifts + +/*####################################################### +# Gibt die anzahl der Schichten im Raum zur�ck # +#######################################################*/ +function SummRoomShifts($raum) { + global $ausdatum, $con, $debug, $GlobalZeileProStunde; + + $SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " . + "WHERE ((`RID` = '$raum') AND (`DateE` >= '$ausdatum 00:00:00') AND " . + "(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;"; + + $ErgSonder = mysql_query($SQLSonder, $con); + + return mysql_num_rows($ErgSonder); +} + +function DatumUm1TagErhoehen($Datum) { + $Jahr = substr($Datum, 0, 4); + $Monat = substr($Datum, 5, 2); + $Tag = substr($Datum, 8, 2); + + $Tag++; + + switch ($Monat) { + case 1 : + $Mmax = 31; + break; + case 2 : + $Mmax = 28; + break; + case 3 : + $Mmax = 31; + break; + case 4 : + $Mmax = 30; + break; + case 5 : + $Mmax = 31; + break; + case 6 : + $Mmax = 30; + break; + case 7 : + $Mmax = 31; + break; + case 8 : + $Mmax = 31; + break; + case 9 : + $Mmax = 30; + break; + case 10 : + $Mmax = 31; + break; + case 11 : + $Mmax = 30; + break; + case 12 : + $Mmax = 31; + break; + } + + if ($Tag > $Mmax) { + $Tag = 1; + $Monat++; + } + + if ($Monat > 12) { + $Monat = 1; + $Jahr++; + } + + $Tag = strlen($Tag) == 1 ? "0" . $Tag : $Tag; + $Monat = strlen($Monat) == 1 ? "0" . $Monat : $Monat; + + return ("$Jahr-$Monat-$Tag"); +} +?> diff --git a/includes/sys_template.php b/includes/sys_template.php index ab613c07..2c7f4f22 100644 --- a/includes/sys_template.php +++ b/includes/sys_template.php @@ -14,4 +14,12 @@ function template_render($file, $data) { die('Cannot find template file «' . $file . '».'); } } + +function html_options($name, $options, $selected = "") { + $html = ""; + foreach ($options as $value => $label) + $html .= ' ' . $label; + + return $html; +} ?> \ No newline at end of file diff --git a/templates/admin_rooms_edit_form.html b/templates/admin_rooms_edit_form.html new file mode 100644 index 00000000..cd1506fa --- /dev/null +++ b/templates/admin_rooms_edit_form.html @@ -0,0 +1,59 @@ +Raum und dafür benötigte Engel bearbeiten: +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + %angel_types% +
+ Name + + +
+ Man + + +
+ From Pentabarf + + %from_pentabarf_options% +
+ Show + + %show_options% +
+ Number + + +
+ Angle Type + + Needed for this room +
+ +
+
+ +
\ No newline at end of file diff --git a/templates/admin_rooms_new_form.html b/templates/admin_rooms_new_form.html new file mode 100644 index 00000000..68ea9485 --- /dev/null +++ b/templates/admin_rooms_new_form.html @@ -0,0 +1,46 @@ +Neuen Raum einrichten: +
+
+ + + + + + + + + + + + + + + + + + + + + +
+ Name + + +
+ Man + + +
+ From Pentabarf + + Yes No +
+ Show + + Yes No +
+ Number + + +
+
\ No newline at end of file diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index 808fb512..8b46e703 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -93,6 +93,22 @@ a.sprache img { margin-right: 5px; } +table { + border-collapse: collapse; +} + +tr:hover > td { + background: #f0f0f0; +} + +th { + background: #f0f0f0; +} + +td, th { + border: 1px solid #888; +} + .background { background: #f0f0f0; } diff --git a/www-ssl/index.php b/www-ssl/index.php index 98c7e439..184702c8 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -6,6 +6,7 @@ require_once ('includes/sys_lang.php'); require_once ('includes/sys_menu.php'); require_once ('includes/sys_mysql.php'); require_once ('includes/sys_page.php'); +require_once ('includes/sys_shift.php'); require_once ('includes/sys_template.php'); require_once ('includes/sys_user.php'); @@ -43,6 +44,10 @@ if (in_array($p, $privileges)) { elseif ($p == "logout") { require_once ('includes/pages/guest_login.php'); $content = guest_logout(); + } + elseif ($p == "admin_rooms") { + require_once ('includes/pages/admin_rooms.php'); + $content = admin_rooms(); } else { require_once ('includes/pages/guest_start.php'); $content = guest_start(); -- cgit v1.2.3-54-g00ecf From de66e87c6f0c81d73a27d62a38c162a7aba905ad Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 17:09:19 +0200 Subject: fix register --- includes/pages/guest_login.php | 2 +- includes/sys_menu.php | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 7fe081fc..bbf36b6d 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -170,7 +170,7 @@ function guest_register() { $html .= "" . Get_Text("makeuser_Engelart") . "\n"; $html .= "\n"; + } + echo "\n"; + echo "\n"; + echo "\n"; + echo ""; + break; + + case 'newsave' : + $vars = $_GET; + $count = count($vars) - 1; + $vars = array_splice($vars, 0, $count); + $Keys = ""; + $Values = ""; + foreach ($vars as $key => $value) { + $Keys .= ", `$key`"; + $Values .= ", '$value'"; + } + + if (runSQL_log("INSERT INTO `EngelType` (" . substr($Keys, 2) . ") VALUES (" . substr($Values, 2) . ")", "save new EngelType")) { + SetHeaderGo2Back(); + + $SQL2 = "SELECT * FROM `EngelType` WHERE `Name`='" . $_GET["Name"] . "'"; + $ERG = mysql_query($SQL2, $con); + + if (mysql_num_rows($ERG) == 1) + runSQL_log("ALTER TABLE `Room` ADD `DEFAULT_EID_" . mysql_result($ERG, 0, 0) . + "` INT DEFAULT '0' NOT NULL;", "add new EngelType in Romm Table"); + } + break; + + case 'change' : + if (!IsSet ($_GET["TID"])) + echo "Fehlerhafter Aufruf!"; + else { + echo "Raum abändern:\n"; + echo "Hier kannst du eintragen, den EngelType ändern."; + echo "
\n"; + echo "\n"; + + $SQL2 = "SELECT * FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'"; + $ERG = mysql_query($SQL2, $con); + + for ($Uj = 1; $Uj < mysql_num_fields($ERG); $Uj++) + echo "" . + "\n"; + + echo "
" . mysql_field_name($ERG, $Uj) . "
\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
"; + echo "
\n"; + echo "\n"; + echo "\n"; + echo ""; + echo "
"; + } + break; + + case 'changesave' : + $vars = $_GET; + $count = count($vars) - 2; + $vars = array_splice($vars, 0, $count); + $keys = ""; + $sql = ""; + foreach ($vars as $key => $value) { + $keys = substr($key, 1); + $sql .= ", `" . $keys . "`='" . $value . "'"; + } + runSQL_log("UPDATE `EngelType` SET " . substr($sql, 2) . " WHERE `TID`='" . $_GET["eTID"] . "'", "Save Change EngelType"); + SetHeaderGo2Back(); + break; + + case 'delete' : + if (IsSet ($_GET["TID"])) { + if (runSQL_log("DELETE FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'", "delete EngelType")) + runSQL_log("ALTER TABLE `Room` DROP `DEFAULT_EID_" . $_GET["TID"] . "`;", "delete EngelType in Room Table"); + } else + echo "Fehlerhafter Aufruf"; + SetHeaderGo2Back(); + break; + } + } + + include ("includes/footer.php"); +} +?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 924d8e64..3b8847de 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -26,6 +26,7 @@ function make_navigation() { // Admin Navigation $menu .= make_navigation_for(Get_Text('admin/'), array ( + "admin_angel_types", "admin_rooms" )); return $menu; diff --git a/templates/admin_angel_types.html b/templates/admin_angel_types.html new file mode 100644 index 00000000..4ad8e9f1 --- /dev/null +++ b/templates/admin_angel_types.html @@ -0,0 +1,41 @@ +Angel types: + + + + + + + + + + %table% + +
+ Name + + Man + + Action +
+
+

Create new Angel type:

+
+ + + + + + + + + +
+ Name + + +
+ Man + + +
+
\ No newline at end of file diff --git a/www-ssl/index.php b/www-ssl/index.php index 184702c8..e8c900a5 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -45,6 +45,10 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/guest_login.php'); $content = guest_logout(); } + elseif ($p == "admin_angel_types") { + require_once ('includes/pages/admin_angel_types.php'); + $content = admin_angel_types(); + } elseif ($p == "admin_rooms") { require_once ('includes/pages/admin_rooms.php'); $content = admin_rooms(); -- cgit v1.2.3-54-g00ecf From 1c38d62127e45a9703b834144aa02e8d24b6a62a Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 17:48:27 +0200 Subject: admin angel types done --- DB/db_rewrite.sql | 168 +++++++++++++++-------------- includes/pages/admin_angel_types.php | 76 ++++++++++++- templates/admin_angel_types_edit_form.html | 24 +++++ www-ssl/css/base.css | 4 + 4 files changed, 186 insertions(+), 86 deletions(-) create mode 100644 templates/admin_angel_types_edit_form.html (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 888bddbf..64fe75e8 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 15:01 +-- Erstellungszeit: 02. Juni 2011 um 15:48 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -25,15 +25,15 @@ CREATE TABLE IF NOT EXISTS `AngelTypes` ( `Man` text, PRIMARY KEY (`TID`), UNIQUE KEY `Name` (`Name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ; -- -- Daten für Tabelle `AngelTypes` -- INSERT INTO `AngelTypes` (`TID`, `Name`, `Man`) VALUES -(1, 'Video', NULL), -(2, 'Audio', NULL); +(1, 'Sex', ''), +(4, 'Audio', ''); -- -------------------------------------------------------- @@ -75,9 +75,10 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('logout', 2), ('start', 8), ('faq', 4), -('credits', 1), +('credits', 2), ('register', 1), -('admin_rooms', 64); +('admin_rooms', 64), +('admin_angel_types', 58); -- -------------------------------------------------------- @@ -121,7 +122,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=7 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -133,7 +134,8 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (3, -2, 3), (4, -2, 4), (5, -1, 5), -(6, -4, 6); +(6, -4, 6), +(7, -4, 7); -- -------------------------------------------------------- @@ -239,7 +241,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=7 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; -- -- Daten für Tabelle `Privileges` @@ -251,7 +253,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (3, 'news', 'Anzeigen der News-Seite'), (4, 'logout', 'User darf sich ausloggen'), (5, 'register', 'Einen neuen Engel registerieren'), -(6, 'admin_rooms', 'Räume administrieren'); +(6, 'admin_rooms', 'Räume administrieren'), +(7, 'admin_angel_types', 'Engel Typen administrieren'); -- -------------------------------------------------------- @@ -314,7 +317,6 @@ CREATE TABLE IF NOT EXISTS `RoomAngelTypes` ( -- INSERT INTO `RoomAngelTypes` (`id`, `room_id`, `angel_type_id`, `count`) VALUES -(1, 1, 2, 2), (2, 1, 1, 3); -- -------------------------------------------------------- @@ -494,7 +496,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schicht_Anzeige_2', 'DE', ' im Raum: '), ('pub_schicht_Anzeige_3', 'DE', 'Anzeige des Schichtplans für den '), ('inc_schicht_engel', 'DE', 'Engel'), -('inc_schicht_engel', 'EN', 'Drone'), +('inc_schicht_engel', 'EN', 'Angel'), ('inc_schicht_ist', 'DE', 'ist'), ('inc_schicht_sind', 'DE', 'sind'), ('inc_schicht_weitere', 'DE', ' weitere'), @@ -838,8 +840,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_sprache_ShowEntry', 'EN', 'show entrys'), ('admin_rooms', 'DE', 'Räume'), ('admin_rooms', 'EN', 'Rooms'), -('pub_menu_Engeltypen', 'DE', 'Engeltypen'), -('pub_menu_Engeltypen', 'EN', 'Dronetypes'), +('admin_angel_types', 'DE', 'Engeltypen'), +('admin_angel_types', 'EN', 'Angel types'), ('pub_menu_SchichtplanEdit', 'DE', 'Schichtplan'), ('pub_menu_SchichtplanEdit', 'EN', 'Shiftplan'), ('pub_menu_UpdateDB', 'DE', 'UpdateDB'), @@ -987,30 +989,30 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES CREATE TABLE IF NOT EXISTS `User` ( `UID` int(11) NOT NULL AUTO_INCREMENT, - `Nick` varchar(23) CHARACTER SET utf8 NOT NULL DEFAULT '', - `Name` varchar(23) CHARACTER SET utf8 DEFAULT NULL, - `Vorname` varchar(23) CHARACTER SET utf8 DEFAULT NULL, + `Nick` varchar(23) NOT NULL DEFAULT '', + `Name` varchar(23) DEFAULT NULL, + `Vorname` varchar(23) DEFAULT NULL, `Alter` int(4) DEFAULT NULL, - `Telefon` varchar(40) CHARACTER SET utf8 DEFAULT NULL, - `DECT` varchar(4) CHARACTER SET utf8 DEFAULT NULL, - `Handy` varchar(40) CHARACTER SET utf8 DEFAULT NULL, - `email` varchar(123) CHARACTER SET utf8 DEFAULT NULL, - `ICQ` varchar(30) CHARACTER SET utf8 DEFAULT NULL, - `jabber` varchar(200) CHARACTER SET utf8 DEFAULT NULL, - `Size` varchar(4) CHARACTER SET utf8 DEFAULT NULL, - `Passwort` varchar(40) CHARACTER SET utf8 DEFAULT NULL, + `Telefon` varchar(40) DEFAULT NULL, + `DECT` varchar(4) DEFAULT NULL, + `Handy` varchar(40) DEFAULT NULL, + `email` varchar(123) DEFAULT NULL, + `ICQ` varchar(30) DEFAULT NULL, + `jabber` varchar(200) DEFAULT NULL, + `Size` varchar(4) DEFAULT NULL, + `Passwort` varchar(40) DEFAULT NULL, `Gekommen` tinyint(4) NOT NULL DEFAULT '0', `Aktiv` tinyint(4) NOT NULL DEFAULT '0', `Tshirt` tinyint(4) DEFAULT '0', `color` tinyint(4) DEFAULT '6', - `Sprache` char(2) CHARACTER SET utf8 DEFAULT 'EN', + `Sprache` char(2) DEFAULT 'EN', `Avatar` int(11) DEFAULT '0', - `Menu` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'L', + `Menu` char(1) NOT NULL DEFAULT 'L', `lastLogIn` int(11) NOT NULL, `CreateDate` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', - `Art` varchar(30) CHARACTER SET utf8 DEFAULT NULL, - `kommentar` text CHARACTER SET utf8, - `Hometown` varchar(255) CHARACTER SET utf8 NOT NULL DEFAULT '', + `Art` varchar(30) DEFAULT NULL, + `kommentar` text, + `Hometown` varchar(255) NOT NULL DEFAULT '', PRIMARY KEY (`UID`,`Nick`), UNIQUE KEY `Nick` (`Nick`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=148 ; @@ -1020,7 +1022,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', NULL, NULL, '', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307026626, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', NULL, NULL, '', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307029663, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1306971362, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- @@ -1032,58 +1034,58 @@ INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT` CREATE TABLE IF NOT EXISTS `UserCVS` ( `UID` int(11) NOT NULL DEFAULT '0', `GroupID` int(11) DEFAULT '-2', - `index.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `logout.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `faq.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `lageplan.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `makeuser.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/index.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/news.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/newsAddMeting` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/news_comments.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/myschichtplan.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/myschichtplan_ical.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/schichtplan_beamer.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/engelbesprechung.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/schichtplan.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/schichtplan_add.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/wecken.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/waeckliste.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/messages.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/faq.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `nonpublic/einstellungen.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `Change T_Shirt Size` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/index.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/room.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/EngelType.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/schichtplan.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/shiftadd.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/schichtplan_druck.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/user.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/userChangeNormal.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/userSaveNormal.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/userChangeSecure.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/userSaveSecure.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/group.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/userDefaultSetting.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/UserPicture.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/userArrived.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/aktiv.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/tshirt.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/news.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/faq.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/free.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/sprache.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/dect.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/dect_call.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/dbUpdateFromXLS.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/Recentchanges.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `admin/debug.php` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `Herald` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `Info` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `Conference` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `Kasse` char(1) CHARACTER SET utf8 NOT NULL DEFAULT 'G', - `credits.php` char(1) CHARACTER SET utf8 NOT NULL, + `index.php` char(1) NOT NULL DEFAULT 'G', + `logout.php` char(1) NOT NULL DEFAULT 'G', + `faq.php` char(1) NOT NULL DEFAULT 'G', + `lageplan.php` char(1) NOT NULL DEFAULT 'G', + `makeuser.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/index.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/news.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/newsAddMeting` char(1) NOT NULL DEFAULT 'G', + `nonpublic/news_comments.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/myschichtplan.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/myschichtplan_ical.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/schichtplan_beamer.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/engelbesprechung.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/schichtplan.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/schichtplan_add.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/wecken.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/waeckliste.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/messages.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/faq.php` char(1) NOT NULL DEFAULT 'G', + `nonpublic/einstellungen.php` char(1) NOT NULL DEFAULT 'G', + `Change T_Shirt Size` char(1) NOT NULL DEFAULT 'G', + `admin/index.php` char(1) NOT NULL DEFAULT 'G', + `admin/room.php` char(1) NOT NULL DEFAULT 'G', + `admin/EngelType.php` char(1) NOT NULL DEFAULT 'G', + `admin/schichtplan.php` char(1) NOT NULL DEFAULT 'G', + `admin/shiftadd.php` char(1) NOT NULL DEFAULT 'G', + `admin/schichtplan_druck.php` char(1) NOT NULL DEFAULT 'G', + `admin/user.php` char(1) NOT NULL DEFAULT 'G', + `admin/userChangeNormal.php` char(1) NOT NULL DEFAULT 'G', + `admin/userSaveNormal.php` char(1) NOT NULL DEFAULT 'G', + `admin/userChangeSecure.php` char(1) NOT NULL DEFAULT 'G', + `admin/userSaveSecure.php` char(1) NOT NULL DEFAULT 'G', + `admin/group.php` char(1) NOT NULL DEFAULT 'G', + `admin/userDefaultSetting.php` char(1) NOT NULL DEFAULT 'G', + `admin/UserPicture.php` char(1) NOT NULL DEFAULT 'G', + `admin/userArrived.php` char(1) NOT NULL DEFAULT 'G', + `admin/aktiv.php` char(1) NOT NULL DEFAULT 'G', + `admin/tshirt.php` char(1) NOT NULL DEFAULT 'G', + `admin/news.php` char(1) NOT NULL DEFAULT 'G', + `admin/faq.php` char(1) NOT NULL DEFAULT 'G', + `admin/free.php` char(1) NOT NULL DEFAULT 'G', + `admin/sprache.php` char(1) NOT NULL DEFAULT 'G', + `admin/dect.php` char(1) NOT NULL DEFAULT 'G', + `admin/dect_call.php` char(1) NOT NULL DEFAULT 'G', + `admin/dbUpdateFromXLS.php` char(1) NOT NULL DEFAULT 'G', + `admin/Recentchanges.php` char(1) NOT NULL DEFAULT 'G', + `admin/debug.php` char(1) NOT NULL DEFAULT 'G', + `Herald` char(1) NOT NULL DEFAULT 'G', + `Info` char(1) NOT NULL DEFAULT 'G', + `Conference` char(1) NOT NULL DEFAULT 'G', + `Kasse` char(1) NOT NULL DEFAULT 'G', + `credits.php` char(1) NOT NULL, PRIMARY KEY (`UID`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; diff --git a/includes/pages/admin_angel_types.php b/includes/pages/admin_angel_types.php index e5952d10..7ca4fe2b 100644 --- a/includes/pages/admin_angel_types.php +++ b/includes/pages/admin_angel_types.php @@ -1,10 +1,80 @@ ' . $angel_type['Name'] . '' . $angel_type['Man'] . 'Edit'; + + $html .= template_render('../templates/admin_angel_types.html', array ( + 'link' => page_link_to("admin_angel_types"), + 'table' => $table + )); + } else { + switch ($_REQUEST['action']) { + case 'create' : + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['man'])); + sql_query("INSERT INTO `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "'"); + header("Location: " . page_link_to("admin_angel_types")); + break; + + case 'edit' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing AngelType ID."); + + $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); + if (count($angel_type) > 0) { + list ($angel_type) = $angel_type; + + $html .= template_render('../templates/admin_angel_types_edit_form.html', array ( + 'link' => page_link_to("admin_angel_types"), + 'id' => $id, + 'name' => $angel_type['Name'], + 'man' => $angel_type['Man'] + )); + } else + return error("No Angel Type found."); + break; + + case 'save' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing AngelType ID."); + + $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); + if (count($angel_type) > 0) { + list ($angel_type) = $angel_type; + + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name'])); + $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['man'])); + sql_query("UPDATE `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "' WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("admin_angel_types")); + } else + return error("No Angel Type found."); + break; + + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing AngelType ID."); + + $angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); + if (count($angel_type) > 0) { + sql_query("DELETE FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `RoomAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("admin_angel_types")); + } else + return error("No Angel Type found."); + break; + } } return $html; diff --git a/templates/admin_angel_types_edit_form.html b/templates/admin_angel_types_edit_form.html new file mode 100644 index 00000000..16ffebca --- /dev/null +++ b/templates/admin_angel_types_edit_form.html @@ -0,0 +1,24 @@ +Edit angel type: +
+ + + + + + + + + +
+ Name + + +
+ Man + + +
+
+
+ +
\ No newline at end of file diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index 8b46e703..3a1a545f 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -69,6 +69,10 @@ h1, h4 { padding: 0 4px; } +hr { + margin: 10px 0; +} + ul { padding: 5px 0 5px 20px; } -- cgit v1.2.3-54-g00ecf From 5c00fea42ebb9a4f624dc300352bb14736e9605c Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 17:49:15 +0200 Subject: admin angel types done --- includes/pages/admin_angel_types.php | 2 - www-ssl/admin/EngelType.php | 167 ----------------------------------- 2 files changed, 169 deletions(-) delete mode 100644 www-ssl/admin/EngelType.php (limited to 'includes/pages') diff --git a/includes/pages/admin_angel_types.php b/includes/pages/admin_angel_types.php index 7ca4fe2b..ba2e5325 100644 --- a/includes/pages/admin_angel_types.php +++ b/includes/pages/admin_angel_types.php @@ -1,7 +1,5 @@ "; - echo "[$SQL]
"; - return 1; - } else { - echo "Fehler beim speichern... bitte noch ein mal probieren :)"; - echo "

" . mysql_error($con) . "
"; - echo "[$SQL]
"; - return 0; - } -} - -function runSQL_log($SQL, $commed) { - global $con; - // hier muesste das SQL ausgefuehrt werden... - $Erg = db_query($SQL, $commed); - if ($Erg) { - echo "Änderung wurde gesichert...
"; - echo "[$SQL]
"; - return 1; - } else { - echo "Fehler beim speichern... bitte noch ein mal probieren :)"; - echo "

" . mysql_error($con) . "
"; - echo "[$SQL]
"; - return 0; - } -} - -$Sql = "SELECT * FROM `EngelType` ORDER BY `NAME`"; -$Erg = mysql_query($Sql, $con); - -if (!IsSet ($_GET["action"])) { - echo "Hallo " . $_SESSION['Nick'] . - ",
\nhier hast du die Möglichkeit, neue Engeltypen für die Schichtpläne einzutragen " . - "oder vorhandene abzuändern:

\n"; - - echo "- Neuen EngelType eintragen
\n"; - - echo "\n"; - echo "\n"; - - for ($i = 1; $i < mysql_num_fields($Erg); $i++) { - echo "\t"; - } - echo "\t"; - echo ""; - - for ($t = 0; $t < mysql_num_rows($Erg); $t++) { - echo "\t\n"; - for ($j = 1; $j < mysql_num_fields($Erg); $j++) { - echo "\t\t\n"; - } - echo "\t\t\n"; - echo "\t\n"; - } // ende Auflistung Raeume - echo "
" . mysql_field_name($Erg, $i) . "Ändern
" . mysql_result($Erg, $t, $j) . "###
"; -} else { - - switch ($_GET["action"]) { - - case 'new' : - echo "Neuen EngelType einrichten:
"; - echo "
\n"; - echo "\n"; - - for ($Uj = 1; $Uj < mysql_num_fields($Erg); $Uj++) { - echo "" . - "\n"; - } - echo "
" . mysql_field_name($Erg, $Uj) . "
\n"; - echo "\n"; - echo "\n"; - echo "
"; - break; - - case 'newsave' : - $vars = $_GET; - $count = count($vars) - 1; - $vars = array_splice($vars, 0, $count); - $Keys = ""; - $Values = ""; - foreach ($vars as $key => $value) { - $Keys .= ", `$key`"; - $Values .= ", '$value'"; - } - - if (runSQL_log("INSERT INTO `EngelType` (" . substr($Keys, 2) . ") VALUES (" . substr($Values, 2) . ")", "save new EngelType")) { - SetHeaderGo2Back(); - - $SQL2 = "SELECT * FROM `EngelType` WHERE `Name`='" . $_GET["Name"] . "'"; - $ERG = mysql_query($SQL2, $con); - - if (mysql_num_rows($ERG) == 1) - runSQL_log("ALTER TABLE `Room` ADD `DEFAULT_EID_" . mysql_result($ERG, 0, 0) . - "` INT DEFAULT '0' NOT NULL;", "add new EngelType in Romm Table"); - } - break; - - case 'change' : - if (!IsSet ($_GET["TID"])) - echo "Fehlerhafter Aufruf!"; - else { - echo "Raum abändern:\n"; - echo "Hier kannst du eintragen, den EngelType ändern."; - echo "
\n"; - echo "\n"; - - $SQL2 = "SELECT * FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'"; - $ERG = mysql_query($SQL2, $con); - - for ($Uj = 1; $Uj < mysql_num_fields($ERG); $Uj++) - echo "" . - "\n"; - - echo "
" . mysql_field_name($ERG, $Uj) . "
\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "
"; - echo "
\n"; - echo "\n"; - echo "\n"; - echo ""; - echo "
"; - } - break; - - case 'changesave' : - $vars = $_GET; - $count = count($vars) - 2; - $vars = array_splice($vars, 0, $count); - $keys = ""; - $sql = ""; - foreach ($vars as $key => $value) { - $keys = substr($key, 1); - $sql .= ", `" . $keys . "`='" . $value . "'"; - } - runSQL_log("UPDATE `EngelType` SET " . substr($sql, 2) . " WHERE `TID`='" . $_GET["eTID"] . "'", "Save Change EngelType"); - SetHeaderGo2Back(); - break; - - case 'delete' : - if (IsSet ($_GET["TID"])) { - if (runSQL_log("DELETE FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'", "delete EngelType")) - runSQL_log("ALTER TABLE `Room` DROP `DEFAULT_EID_" . $_GET["TID"] . "`;", "delete EngelType in Room Table"); - } else - echo "Fehlerhafter Aufruf"; - SetHeaderGo2Back(); - break; - } -} - -include ("includes/footer.php"); -?> -- cgit v1.2.3-54-g00ecf From 72d8f6bb134355ccdbaeae71be444b649bfaf193 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 18:06:28 +0200 Subject: fix news --- includes/pages/user_news.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'includes/pages') diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 4295edb8..56c5bb68 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -5,6 +5,8 @@ function user_news() { function user_news_output() { global $DISPLAY_NEWS, $privileges; + + $html = ""; if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && IsSet ($_POST["date"])) { if (!isset ($_POST["treffen"])) -- cgit v1.2.3-54-g00ecf From d381f57951463a366b5264986a147ef5798ba205 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 20:18:01 +0200 Subject: user settings --- DB/db_rewrite.sql | 40 +++--- includes/pages/user_settings.php | 252 ++++++++++++++++++++++++++++++++++++ includes/sys_menu.php | 3 +- includes/sys_template.php | 11 ++ templates/user_settings.html | 106 +++++++++++++++ templates/user_settings_tshirt.html | 4 + txt/TODO | 5 + www-ssl/css/base.css | 4 - www-ssl/css/style10.css | 4 + www-ssl/index.php | 4 + www/404.php | 3 - www/index.php | 3 - 12 files changed, 410 insertions(+), 29 deletions(-) create mode 100644 includes/pages/user_settings.php create mode 100644 templates/user_settings.html create mode 100644 templates/user_settings_tshirt.html delete mode 100644 www/404.php delete mode 100644 www/index.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 64fe75e8..71b968e7 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 15:48 +-- Erstellungszeit: 02. Juni 2011 um 18:17 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -25,7 +25,7 @@ CREATE TABLE IF NOT EXISTS `AngelTypes` ( `Man` text, PRIMARY KEY (`TID`), UNIQUE KEY `Name` (`Name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=6 ; -- -- Daten für Tabelle `AngelTypes` @@ -33,7 +33,8 @@ CREATE TABLE IF NOT EXISTS `AngelTypes` ( INSERT INTO `AngelTypes` (`TID`, `Name`, `Man`) VALUES (1, 'Sex', ''), -(4, 'Audio', ''); +(4, 'Audio', ''), +(5, 'Massage', ''); -- -------------------------------------------------------- @@ -70,15 +71,16 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 39), -('login', 5), -('logout', 2), -('start', 8), +('news', 44), +('login', 12), +('logout', 5), +('start', 13), ('faq', 4), -('credits', 2), -('register', 1), -('admin_rooms', 64), -('admin_angel_types', 58); +('credits', 3), +('register', 3), +('admin_rooms', 70), +('admin_angel_types', 68), +('user_settings', 109); -- -------------------------------------------------------- @@ -122,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -135,7 +137,8 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (4, -2, 4), (5, -1, 5), (6, -4, 6), -(7, -4, 7); +(7, -4, 7), +(8, -2, 8); -- -------------------------------------------------------- @@ -241,7 +244,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ; -- -- Daten für Tabelle `Privileges` @@ -254,7 +257,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (4, 'logout', 'User darf sich ausloggen'), (5, 'register', 'Einen neuen Engel registerieren'), (6, 'admin_rooms', 'Räume administrieren'), -(7, 'admin_angel_types', 'Engel Typen administrieren'); +(7, 'admin_angel_types', 'Engel Typen administrieren'), +(8, 'user_settings', 'User profile settings'); -- -------------------------------------------------------- @@ -606,7 +610,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_menu_Wecken', 'DE', 'Wecken'), ('pub_menu_mySchichtplan', 'DE', 'Mein Schichtplan'), ('pub_menu_questionEngel', 'DE', 'Anfragen an die Dispatcher'), -('pub_menu_Einstellungen', 'DE', 'Einstellungen'), +('user_settings', 'DE', 'Einstellungen'), ('pub_menu_Engelbesprechung', 'EN', 'Drone meeting'), ('logout', 'DE', 'Abmelden'), ('pub_menu_Schichtplan', 'EN', 'Available Shifts'), @@ -615,7 +619,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_menu_mySchichtplan', 'EN', 'My Shifts'), ('pub_menu_questionEngel', 'EN', 'Questions for the Dispatcher'), ('logout', 'EN', 'Logout'), -('pub_menu_Einstellungen', 'EN', 'Options'), +('user_settings', 'EN', 'Settings'), ('menu_Name', 'DE', 'Garage'), ('menu_Name', 'EN', 'Garage'), ('menu_MakeUser', 'DE', 'Benutzer anlegen'), @@ -1022,7 +1026,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', NULL, NULL, '', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307029663, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307038600, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1306971362, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php new file mode 100644 index 00000000..97c8626f --- /dev/null +++ b/includes/pages/user_settings.php @@ -0,0 +1,252 @@ + Get_Text("makeuser_T-Shirt"), + 'size_select' => ($user['Tshirt'] == 0) ? html_select_key('size', array ( + 'S' => "S", + 'M' => "M", + 'L' => "L", + 'XL' => "XL", + '2XL' => "2XL", + '3XL' => "3XL", + '4XL' => "4XL", + '5XL' => "5XL", + 'S-G' => "S Girl", + 'M-G' => "M Girl", + 'L-G' => "L Girl", + 'XL-G' => "XL Girl" + ), $user['Size']) : $user['Size'] + )); + + return template_render('../templates/user_settings.html', array ( + 'link' => page_link_to("user_settings"), + 'greeting' => Get_Text("Hallo") . $user['Nick'] . ",
" . Get_Text(13), + 'text_user_data' => Get_Text("pub_einstellungen_Text_UserData"), + 'label_nick' => Get_Text("pub_einstellungen_Nick"), + 'label_name' => Get_Text("pub_einstellungen_Name"), + 'label_prename' => Get_Text("pub_einstellungen_Vorname"), + 'label_age' => Get_Text("pub_einstellungen_Alter"), + 'label_tel' => Get_Text("pub_einstellungen_Telefon"), + 'label_mobile' => Get_Text("pub_einstellungen_Handy"), + 'label_dect' => Get_Text("pub_einstellungen_DECT"), + 'label_mail' => Get_Text("pub_einstellungen_Email"), + 'label_hometown' => Get_Text("pub_einstellungen_Hometown"), + 'nick' => $user['Nick'], + 'name' => $user['Name'], + 'prename' => $user['Vorname'], + 'age' => $user['Alter'], + 'tel' => $user['Telefon'], + 'mobile' => $user['Handy'], + 'dect' => $user['DECT'], + 'mail' => $user['email'], + 'icq' => $user['ICQ'], + 'jabber' => $user['jabber'], + 'hometown' => $user['Hometown'], + 'label_save' => Get_Text("save"), + 'tshirts' => $tshirt_html, + 'text_password' => Get_Text(14), + 'current_pw_label' => Get_Text(15), + 'new_pw_label' => Get_Text(16), + 'new_pw2_label' => Get_Text(17), + 'text_theme' => Get_Text(18), + 'theme_label' => Get_Text(19), + 'theme_select' => html_select_key('theme', array ( + "1" => "Standard-Style", + "2" => "ot/Gelber Style", + "3" => "Club-Mate Style", + "5" => "Debian Style", + "6" => "c-base Style", + "7" => "Blau/Gelber Style", + "8" => "Pastel Style", + "4" => "Test Style", + "9" => "Test Style 21c3", + "10" => "msquare (cccamp2011)" + ), $user['color']), + 'text_language' => Get_Text(20), + 'language_label' => Get_Text(21), + 'language_select' => html_select_key('language', array ( + 'DE' => "Deutsch", + 'EN' => "English" + ), $user['Sprache']) + )); + } else { + switch ($_REQUEST['action']) { + case 'sprache' : + if (isset ($_REQUEST['language']) && preg_match("/^DE|EN$/", $_REQUEST['language'])) + $language = $_REQUEST['language']; + else + $language = "EN"; + sql_query("UPDATE `User` SET " . "`Sprache`='" . sql_escape($language) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); + $_SESSION['Sprache'] = $language; + header("Location: " . page_link_to("user_settings")); + break; + + case 'colour' : + $theme = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['theme'])); + sql_query("UPDATE `User` SET " . "`color`='" . sql_escape($theme) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); + header("Location: " . page_link_to("user_settings")); + break; + + case 'set' : + $html = ""; + if ($_REQUEST["new_pw"] == $_REQUEST["new_pw2"]) { + if (PassCrypt($_REQUEST["current_pw"]) == $user['Passwort']) { + sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); + header("Location: " . page_link_to("user_settings")); + } else { + $html .= error(Get_Text(30)); + } + } else { + $html .= error(Get_Text(31)); + } + return $html; + break; + + case "setUserData" : + $nick = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['nick'])); + $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name'])); + $prename = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['prename'])); + $age = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['age'])); + $tel = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['tel'])); + $mobile = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mobile'])); + $dect = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['dect'])); + $mail = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mail'])); + $icq = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['icq'])); + $jabber = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['jabber'])); + $hometown = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['hometown'])); + $size = ($user['TShirt'] == 0) ? preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['size'])) : $user['Size']; + + sql_query("UPDATE `User` SET " . + "`Nick`='" . sql_escape($nick) . "', " . + "`Name`='" . sql_escape($name) . "', " . + "`Vorname`='" . sql_escape($prename) . "', " . + "`Alter`='" . sql_escape($age) . "', " . + "`Telefon`='" . sql_escape($tel) . "', " . + "`Handy`='" . sql_escape($mobile) . "', " . + "`DECT`='" . sql_escape($dect) . "', " . + "`email`='" . sql_escape($mail) . "', " . + "`ICQ`='" . sql_escape($icq) . "', " . + "`jabber`='" . sql_escape($jabber) . "', " . + "`Hometown`='" . sql_escape($hometown) . "', " . + "`Size`='" . sql_escape($size) . "' " . + "WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); + header("Location: " . page_link_to("user_settings")); + break; + } + } + + // AVATARE + /* + if (get_cfg_var("file_uploads")) { + echo "
\n
\n
\n\n"; + echo Get_Text('pub_einstellungen_PictureUpload') . "
"; + echo "
\n"; + echo "\n"; + echo "\n"; + echo "(max " . get_cfg_var("post_max_size") . "Byte)
\n"; + echo "\n"; + echo "
\n"; + } + + switch (GetPicturShow($_SESSION['UID'])) { + case 'Y' : + echo Get_Text('pub_einstellungen_PictureShow') . "
"; + echo displayPictur($_SESSION['UID'], 0); + echo "
\n"; + echo "\n"; + echo "\n"; + echo "
\n"; + break; + case 'N' : + echo Get_Text('pub_einstellungen_PictureNoShow') . "
"; + echo displayPictur($_SESSION['UID'], 0); + echo "
\n"; + echo "\n"; + echo "\n"; + echo "
\n"; + echo "
\n
\n
\n\n"; + case '' : + echo "
\n
\n
\n\n"; + echo Get_Text(22) . "
"; + echo "\n
\n"; + echo "\n"; + echo "\n"; + echo "\n\n\n"; + echo "\n"; + echo "\n\n"; + echo "
" . Get_Text(23) . "
\n"; + echo "  \n"; + echo "\n"; + echo "
\n"; + echo "\n"; + echo "
\n"; + break; + } //CASE + + } else { + switch ($_POST["action"]) { + + case 'avatar' : + $chsql = "UPDATE `User` SET `Avatar`='" . $_POST["eAvatar"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; + $Erg = mysql_query($chsql, $con); + $_SESSION['Avatar'] = $_POST["eAvatar"]; + if ($Erg == 1) + Print_Text(34); + else + Print_Text(29); + break; + + case 'setUserData' : + + break; + + case 'sendPicture' : + if ($_FILES["file"]["size"] > 0) { + if (($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif")) { + $data = addslashes(fread(fopen($_FILES["file"]["tmp_name"], "r"), filesize($_FILES["file"]["tmp_name"]))); + + if (GetPicturShow($_SESSION['UID']) == "") + $SQL = "INSERT INTO `UserPicture` " . + "( `UID`,`Bild`, `ContentType`, `show`) " . + "VALUES ('" . $_SESSION['UID'] . "', '$data', '" . $_FILES["file"]["type"] . "', 'N')"; + else + $SQL = "UPDATE `UserPicture` SET " . + "`Bild`='$data', " . + "`ContentType`='" . $_FILES["file"]["type"] . "', " . + "`show`='N' " . + "WHERE `UID`='" . $_SESSION['UID'] . "'"; + + $res = mysql_query($SQL, $con); + if ($res) + Print_Text("pub_einstellungen_send_OK"); + else + Print_Text("pub_einstellungen_send_KO"); + + echo "
('" . $_FILES["file"]["name"] . "', MIME-Type: " . $_FILES["file"]["type"] . ", " . $_FILES["file"]["size"] . " Byte)
"; + } else + Print_Text("pub_einstellungen_send_KO"); + } else + Print_Text("pub_einstellungen_send_KO"); + break; + + case 'delPicture' : + $chsql = "DELETE FROM `UserPicture` WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; + $Erg = mysql_query($chsql, $con); + if ($Erg == 1) + Print_Text("pub_einstellungen_del_OK"); + else + Print_Text("pub_einstellungen_del_KO"); + Break; + } + } + */ +} +?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 3b8847de..da9d5666 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -21,7 +21,8 @@ function make_navigation() { // Engel Navigation $menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array ( - "news" + "news", + "user_settings" )); // Admin Navigation diff --git a/includes/sys_template.php b/includes/sys_template.php index 2c7f4f22..893d2d7e 100644 --- a/includes/sys_template.php +++ b/includes/sys_template.php @@ -22,4 +22,15 @@ function html_options($name, $options, $selected = "") { return $html; } + +function html_select_key($name, $rows, $selected) { + $html = ''; + return $html; +} ?> \ No newline at end of file diff --git a/templates/user_settings.html b/templates/user_settings.html new file mode 100644 index 00000000..08790d33 --- /dev/null +++ b/templates/user_settings.html @@ -0,0 +1,106 @@ +%greeting% + +
+%text_user_data% +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +%tshirts% +
%label_nick%
%label_name%
%label_prename%
%label_age%
%label_tel%
%label_mobile%
%label_dect%
%label_mail%
ICQ
jabber
%label_hometown%
+ +
+ +
+ +%text_password% +
+ + + + +
%current_pw_label%
%new_pw_label%
%new_pw2_label%
+ +
+ +
+ +%text_theme% +
+ + + + + +
%theme_label% + %theme_select% +
+ +
+ +
+ +%text_language% +
+ + + + + +
%language_label% + %language_select% +
+ +
diff --git a/templates/user_settings_tshirt.html b/templates/user_settings_tshirt.html new file mode 100644 index 00000000..e147acae --- /dev/null +++ b/templates/user_settings_tshirt.html @@ -0,0 +1,4 @@ + + %label_size% + %size_select% + \ No newline at end of file diff --git a/txt/TODO b/txt/TODO index 21ea5ecc..c6d32b39 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,3 +1,8 @@ + * MD5-Passwörter mit Salt speichern + * Passwort-Mindestanforderungen stellen + * Avatare + + * schichten ueber monatsgrenzen einbaue im moment werden die tage nur hochgezaehlt und die monatzgrenzen werden ignoriert * verify use of dect_clear.php and jabberserver.php diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index 3a1a545f..5731fec0 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -101,10 +101,6 @@ table { border-collapse: collapse; } -tr:hover > td { - background: #f0f0f0; -} - th { background: #f0f0f0; } diff --git a/www-ssl/css/style10.css b/www-ssl/css/style10.css index 311097c7..fdaf9398 100644 --- a/www-ssl/css/style10.css +++ b/www-ssl/css/style10.css @@ -5,3 +5,7 @@ margin: 10px auto; width: 523px; } + +tr:hover > td { + background: #f0f0f0; +} \ No newline at end of file diff --git a/www-ssl/index.php b/www-ssl/index.php index e8c900a5..6b2e267b 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -33,6 +33,10 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/user_news.php'); $content = user_news(); } + elseif ($p == "user_settings") { + require_once ('includes/pages/user_settings.php'); + $content = user_settings(); + } elseif ($p == "login") { require_once ('includes/pages/guest_login.php'); $content = guest_login(); diff --git a/www/404.php b/www/404.php deleted file mode 100644 index dc19cd26..00000000 --- a/www/404.php +++ /dev/null @@ -1,3 +0,0 @@ - diff --git a/www/index.php b/www/index.php deleted file mode 100644 index 9105555e..00000000 --- a/www/index.php +++ /dev/null @@ -1,3 +0,0 @@ - -- cgit v1.2.3-54-g00ecf From c0b15dfe0dce7c4603cc7ec7c19b5a6cf226dc95 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 21:38:19 +0200 Subject: user messages --- DB/db_rewrite.sql | 64 +++--- includes/pages/user_messages.php | 216 +++++++++++++++++++++ includes/sys_menu.php | 1 + templates/user_messages.html | 50 +++++ txt/TODO | 5 +- www-ssl/css/base.css | 11 ++ www-ssl/css/style6.css | 2 +- www-ssl/index.php | 11 +- www-ssl/nonpublic/einstellungen.php | 376 ------------------------------------ www-ssl/nonpublic/index.php | 77 -------- 10 files changed, 331 insertions(+), 482 deletions(-) create mode 100644 includes/pages/user_messages.php create mode 100644 templates/user_messages.html delete mode 100644 www-ssl/nonpublic/einstellungen.php delete mode 100644 www-ssl/nonpublic/index.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 71b968e7..d4811235 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 18:17 +-- Erstellungszeit: 02. Juni 2011 um 19:37 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,16 +71,17 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 44), -('login', 12), -('logout', 5), -('start', 13), +('news', 73), +('login', 18), +('logout', 11), +('start', 23), ('faq', 4), ('credits', 3), ('register', 3), ('admin_rooms', 70), -('admin_angel_types', 68), -('user_settings', 109); +('admin_angel_types', 69), +('user_settings', 111), +('user_messages', 102); -- -------------------------------------------------------- @@ -124,7 +125,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -138,7 +139,8 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (5, -1, 5), (6, -4, 6), (7, -4, 7), -(8, -2, 8); +(8, -2, 8), +(9, -2, 9); -- -------------------------------------------------------- @@ -170,18 +172,28 @@ INSERT INTO `Groups` (`Name`, `UID`) VALUES -- CREATE TABLE IF NOT EXISTS `Messages` ( - `Datum` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `id` int(11) NOT NULL AUTO_INCREMENT, + `Datum` int(11) NOT NULL, `SUID` int(11) NOT NULL DEFAULT '0', `RUID` int(11) NOT NULL DEFAULT '0', `isRead` char(1) NOT NULL DEFAULT 'N', `Text` text NOT NULL, - PRIMARY KEY (`Datum`,`SUID`,`RUID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Fuers interen Communikationssystem'; + PRIMARY KEY (`id`), + KEY `Datum` (`Datum`), + KEY `SUID` (`SUID`), + KEY `RUID` (`RUID`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Fuers interen Communikationssystem' AUTO_INCREMENT=8 ; -- -- Daten für Tabelle `Messages` -- +INSERT INTO `Messages` (`id`, `Datum`, `SUID`, `RUID`, `isRead`, `Text`) VALUES +(2, 1307042342, 1, 147, 'Y', 'asdfasdfasdfasdf'), +(4, 1307042622, 1, 147, 'Y', 'asdfasdfasdf'), +(5, 1307042643, 1, 147, 'Y', 'foobar'), +(6, 1307042663, 1, 147, 'Y', 'foobar'), +(7, 1307042692, 147, 1, 'Y', 'foobar'); -- -------------------------------------------------------- @@ -197,19 +209,16 @@ CREATE TABLE IF NOT EXISTS `News` ( `UID` int(11) NOT NULL DEFAULT '0', `Treffen` tinyint(4) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ; -- -- Daten für Tabelle `News` -- INSERT INTO `News` (`ID`, `Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES -(3, '2011-06-02 01:32:31', '', '', 0, 0), -(4, '2011-06-02 01:36:27', 'Darf ich News erstellen?', 'Darf ich.', 0, 0), -(5, '2011-06-02 01:36:35', 'Darf ich News erstellen?', 'asdfasdfasdf', 1, 0), -(6, '2011-06-02 01:38:59', '"''>', '"''>\r\n', 1, 0), -(7, '2011-06-02 01:38:59', '"''>', '"''>\r\n', 1, 0), -(8, '2011-06-02 01:38:59', '"''>', '"''>\r\n', 1, 0); +(1, '2011-06-02 21:35:27', '', '', 1, 0), +(2, '2011-06-02 21:36:57', '', '', 1, 0), +(3, '2011-06-02 21:36:57', '', '', 1, 0); -- -------------------------------------------------------- @@ -244,7 +253,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ; -- -- Daten für Tabelle `Privileges` @@ -258,7 +267,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (5, 'register', 'Einen neuen Engel registerieren'), (6, 'admin_rooms', 'Räume administrieren'), (7, 'admin_angel_types', 'Engel Typen administrieren'), -(8, 'user_settings', 'User profile settings'); +(8, 'user_settings', 'User profile settings'), +(9, 'user_messages', 'Writing and reading messages from user to user'); -- -------------------------------------------------------- @@ -800,8 +810,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_einstellungen_Hometown', 'EN', 'hometown'), ('makeuser_error_Alter', 'DE', 'Fehler: Dein Alter muss eine Zahl oder leer sein'), ('makeuser_error_Alter', 'EN', 'error: your age must be a number or empty'), -('pub_menu_messages', 'DE', 'Nachrichten'), -('pub_menu_messages', 'EN', 'messages'), +('user_messages', 'DE', 'Nachrichten'), +('user_messages', 'EN', 'Messages'), ('pub_messages_Datum', 'DE', 'Datum'), ('pub_messages_Datum', 'EN', 'date'), ('pub_messages_Von', 'DE', 'Gesendet'), @@ -983,7 +993,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('login', 'DE', 'Login'), ('login', 'EN', 'Login'), ('credits', 'DE', 'Credits'), -('credits', 'EN', 'Credits'); +('credits', 'EN', 'Credits'), +('pub_messages_Neu', 'DE', 'Neu'), +('pub_messages_Neu', 'EN', 'New'); -- -------------------------------------------------------- @@ -1026,8 +1038,8 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307038600, '0000-00-00 00:00:00', '', '', ''), -(147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1306971362, '2011-06-02 00:55:09', '', '', ''); +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307043433, '0000-00-00 00:00:00', '', '', ''), +(147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php new file mode 100644 index 00000000..e3e9a469 --- /dev/null +++ b/includes/pages/user_messages.php @@ -0,0 +1,216 @@ + 0) + return '

' . Get_Text("pub_messages_new1") . " " . $new_messages . " " . Get_Text("pub_messages_new2") . '

'; + + return ""; +} + +function user_messages() { + global $user; + + if (!isset ($_REQUEST['action'])) { + $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`"); + $to_select_data = array ( + "" => "Select receiver..." + ); + foreach ($users as $u) + $to_select_data[$u['UID']] = $u['Nick']; + $to_select = html_select_key('to', $to_select_data, ''); + + $messages_html = ""; + $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC"); + foreach ($messages as $message) { + $messages_html .= ''; + $messages_html .= '' . ($message['isRead'] == 'N' ? '•' : '') . ''; + $messages_html .= '' . date("Y-m-d H:i", $message['Datum']) . ''; + $messages_html .= '' . UID2Nick($message['SUID']) . ''; + $messages_html .= '' . UID2Nick($message['RUID']) . ''; + $messages_html .= '' . str_replace("\n", '
', $message['Text']) . ''; + $messages_html .= ''; + if ($message['RUID'] == $user['UID']) { + if ($message['isRead'] == 'N') + $messages_html .= '' . Get_Text("pub_messages_MarkRead") . ''; + } else { + $messages_html .= '' . Get_Text("pub_messages_DelMsg") . ''; + } + $messages_html .= ''; + } + + return template_render('../templates/user_messages.html', array ( + 'link' => page_link_to("user_messages"), + 'greeting' => Get_Text("Hello") . $user['Nick'] . ",
\n" . Get_Text("pub_messages_text1") . "

\n", + 'messages' => $messages_html, + 'new_label' => Get_Text("pub_messages_Neu"), + 'date_label' => Get_Text("pub_messages_Datum"), + 'from_label' => Get_Text("pub_messages_Von"), + 'to_label' => Get_Text("pub_messages_An"), + 'text_label' => Get_Text("pub_messages_Text"), + 'date' => date("Y-m-d H:i"), + 'from' => $user['Nick'], + 'to_select' => $to_select, + 'submit_label' => Get_Text("save") + )); + } else { + switch ($_REQUEST['action']) { + case "read" : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Message ID."); + + $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { + sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("user_messages")); + } else + return error("No Message found."); + break; + + case "delete" : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Message ID."); + + $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { + sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("user_messages")); + } else + return error("No Message found."); + break; + + case "send" : + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); + $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to'])); + if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { + sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); + header("Location: " . page_link_to("user_messages")); + } else { + return error(Get_Text("pub_messages_Send_Error")); + } + break; + } + return ""; + } + + if (!isset ($_GET["action"])) + $_GET["action"] = "start"; + + switch ($_GET["action"]) { + case "start" : + echo Get_Text("Hello") . $_SESSION['Nick'] . ",
\n"; + echo Get_Text("pub_messages_text1") . "

\n"; + + //show exist Messages + $SQL = "SELECT * FROM `Messages` WHERE `SUID`='" . $_SESSION["UID"] . "' OR `RUID`='" . $_SESSION["UID"] . "'"; + $erg = mysql_query($SQL, $con); + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + for ($i = 0; $i < mysql_num_rows($erg); $i++) { + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + } + + // send Messeges + echo ""; + echo "\n"; + echo "\n"; + echo "\n"; + + // Listet alle Nicks auf + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo ""; + + echo "
" . Get_Text("pub_messages_Datum") . "" . Get_Text("pub_messages_Von") . "" . Get_Text("pub_messages_An") . "" . Get_Text("pub_messages_Text") . "
" . mysql_result($erg, $i, "Datum") . "" . UID2Nick(mysql_result($erg, $i, "SUID")) . "" . UID2Nick(mysql_result($erg, $i, "RUID")) . "" . mysql_result($erg, $i, "Text") . ""; + + if (mysql_result($erg, $i, "RUID") == $_SESSION["UID"]) { + echo "" . Get_Text("pub_messages_DelMsg") . ""; + + if (mysql_result($erg, $i, "isRead") == "N") + echo "" . Get_Text("pub_messages_MarkRead") . ""; + } else { + if (mysql_result($erg, $i, "isRead") == "N") + echo Get_Text("pub_messages_NotRead"); + } + + echo "
\n"; + break; + + case "SendMsg" : + echo Get_Text("pub_messages_Send1") . "...
\n"; + + $SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (" . + "'" . gmdate("Y-m-j H:i:s", time()) . "', " . + "'" . $_SESSION["UID"] . "', " . + "'" . $_POST["RUID"] . "', " . + "'" . $_POST["Text"] . "');"; + + $Erg = mysql_query($SQL, $con); + + if ($Erg == 1) + echo Get_Text("pub_messages_Send_OK") . "\n"; + else + echo Get_Text("pub_messages_Send_Error") . "...\n(" . mysql_error($con) . ")"; + break; + + case "MarkRead" : + $SQL = "UPDATE `Messages` SET `isRead` = 'Y' " . + "WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID`='" . $_SESSION["UID"] . "' " . + "LIMIT 1 ;"; + $Erg = mysql_query($SQL, $con); + + if ($Erg == 1) + echo Get_Text("pub_messages_MarkRead_OK") . "\n"; + else + echo Get_Text("pub_messages_MarkRead_KO") . "...\n(" . mysql_error($con) . ")"; + break; + + case "DelMsg" : + $SQL = "DELETE FROM `Messages` " . + "WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID` ='" . $_SESSION["UID"] . "' " . + "LIMIT 1;"; + $Erg = mysql_query($SQL, $con); + + if ($Erg == 1) + echo Get_Text("pub_messages_DelMsg_OK") . "\n"; + else + echo Get_Text("pub_messages_DelMsg_KO") . "...\n(" . mysql_error($con) . ")"; + break; + + default : + echo Get_Text("pub_messages_NoCommand"); + } +} +?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index da9d5666..822d558f 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -22,6 +22,7 @@ function make_navigation() { // Engel Navigation $menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array ( "news", + "user_messages", "user_settings" )); diff --git a/templates/user_messages.html b/templates/user_messages.html new file mode 100644 index 00000000..b7bb26fb --- /dev/null +++ b/templates/user_messages.html @@ -0,0 +1,50 @@ +%greeting% +
+ + + + + + + + + + + + + %messages% + + + + + + + + + +
+ %new_label% + + %date_label% + + %from_label% + + %to_label% + + %text_label% + +   +
+   + + %date% + + %from% + + %to_select% + + + + +
+
\ No newline at end of file diff --git a/txt/TODO b/txt/TODO index c6d32b39..fbaf4377 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,6 +1,9 @@ * MD5-Passwörter mit Salt speichern * Passwort-Mindestanforderungen stellen - * Avatare + * User-Avatare + * user_messages schön machen + * Formulare weg von Tabellen + * user_news lässt sich nicht bedienen (POST ohne redirects...) * schichten ueber monatsgrenzen einbaue im moment werden die tage nur diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index 5731fec0..bfe050a5 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -128,3 +128,14 @@ td, th { .success { color: #090; } + +.notice { + background: #f0f0f0; + border: 2px solid #888; + margin: 10px; + padding: 10px; +} + +.new_message { + font-weight: bold; +} diff --git a/www-ssl/css/style6.css b/www-ssl/css/style6.css index 2272f598..8dc008e7 100644 --- a/www-ssl/css/style6.css +++ b/www-ssl/css/style6.css @@ -71,6 +71,6 @@ h4.menu { font-size : 6pt; } -h4, h1 { +h4, h1, th { background: #333E47; } diff --git a/www-ssl/index.php b/www-ssl/index.php index 6b2e267b..48aea75c 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -13,6 +13,8 @@ require_once ('includes/sys_user.php'); require_once ('config/config.php'); require_once ('config/config_db.php'); +require_once ('includes/pages/user_messages.php'); + session_start(); sql_connect($config['host'], $config['user'], $config['pw'], $config['db']); @@ -20,7 +22,7 @@ sql_connect($config['host'], $config['user'], $config['pw'], $config['db']); load_auth(); // Gewünschte Seite/Funktion -$p = "start"; +$p = isset ($user) ? "news" : "start"; if (isset ($_REQUEST['p'])) $p = $_REQUEST['p']; @@ -33,6 +35,9 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/user_news.php'); $content = user_news(); } + elseif ($p == "user_messages") { + $content = user_messages(); + } elseif ($p == "user_settings") { require_once ('includes/pages/user_settings.php'); $content = user_settings(); @@ -79,6 +84,10 @@ elseif ($p == "faq") { } } +// Hinweis für ungelesene Nachrichten +if (isset ($user) && $p != "user_messages") + $content = user_unread_messages() . $content; + echo template_render('../templates/layout.html', array ( 'theme' => isset ($user) ? $user['color'] : $default_theme, 'title' => $title, diff --git a/www-ssl/nonpublic/einstellungen.php b/www-ssl/nonpublic/einstellungen.php deleted file mode 100644 index 713425bb..00000000 --- a/www-ssl/nonpublic/einstellungen.php +++ /dev/null @@ -1,376 +0,0 @@ -\n\n"; - Print_Text(13); -?> -
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
">
ICQ
jabber
- "> -
-
- -
- -
- - - - - -
- "> -
-
- -
-
- -
- - - - - - - - - - -
- -
Menu>L - >R -
- "> -
-
-
-
- -
- - - - - -
- -
- "> -
- -\n
\n
\n\n"; - echo Get_Text('pub_einstellungen_PictureUpload') . "
"; - echo "
\n"; - echo "\n"; - echo "\n"; - echo "(max " . get_cfg_var("post_max_size") . "Byte)
\n"; - echo "\n"; - echo "
\n"; - } - - switch (GetPicturShow($_SESSION['UID'])) { - case 'Y' : - echo Get_Text('pub_einstellungen_PictureShow') . "
"; - echo displayPictur($_SESSION['UID'], 0); - echo "
\n"; - echo "\n"; - echo "\n"; - echo "
\n"; - break; - case 'N' : - echo Get_Text('pub_einstellungen_PictureNoShow') . "
"; - echo displayPictur($_SESSION['UID'], 0); - echo "
\n"; - echo "\n"; - echo "\n"; - echo "
\n"; - echo "
\n
\n
\n\n"; - case '' : - echo "
\n
\n
\n\n"; - echo Get_Text(22) . "
"; - echo "\n
\n"; - echo "\n"; - echo "\n"; - echo "\n\n\n"; - echo "\n"; - echo "\n\n"; - echo "
" . Get_Text(23) . "
\n"; - echo "  \n"; - echo "\n"; - echo "
\n"; - echo "\n"; - echo "
\n"; - break; - } //CASE - -} else { - switch ($_POST["action"]) { - case 'set' : - if ($_POST["new1"] == $_POST["new2"]) { - Print_Text(25); - $sql = "SELECT * FROM `User` WHERE `UID`='" . $_SESSION['UID'] . "'"; - $Erg = mysql_query($sql, $con); - - if (PassCrypt($_POST["old"]) == mysql_result($Erg, 0, "Passwort")) { - Print_Text(26); - Print_Text(27); - $usql = "UPDATE `User` SET `Passwort`='" . PassCrypt($_POST["new1"]) . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; - $Erg = mysql_query($usql, $con); - - if ($Erg == 1) { - Print_Text(28); - } else { - Print_Text(29); - } - } else { - Print_Text(30); - } - } else { - Print_Text(31); - } - break; - - case 'colour' : - - $chsql = "UPDATE `User` SET " . - "`color`= '" . $_POST["colourid"] . "', " . - "`Menu`= '" . $_POST["eMenu"] . "' " . - "WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; - $Erg = mysql_query($chsql, $con); - echo mysql_error($con); - $_SESSION['color'] = $_POST["colourid"]; - $_SESSION['Menu'] = $_POST["eMenu"]; - if ($Erg == 1) { - Print_Text(32); - } else { - Print_Text(29); - } - break; - - case 'sprache' : - - $chsql = "UPDATE `User` SET `Sprache` = '" . $_POST["language"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; - $Erg = mysql_query($chsql, $con); - $_SESSION['Sprache'] = $_POST["language"]; - if ($Erg == 1) { - Print_Text(33); - } else { - Print_Text(29); - } - break; - - case 'avatar' : - $chsql = "UPDATE `User` SET `Avatar`='" . $_POST["eAvatar"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; - $Erg = mysql_query($chsql, $con); - $_SESSION['Avatar'] = $_POST["eAvatar"]; - if ($Erg == 1) - Print_Text(34); - else - Print_Text(29); - break; - - case 'setUserData' : - if ($_SESSION['CVS']["Change T_Shirt Size"] == "Y") { - $chsql = "UPDATE `User` SET " . - "`Nick`='" . $_POST["eNick"] . "', `Name`='" . $_POST["eName"] . "', " . - "`Vorname`='" . $_POST["eVorname"] . "', `Alter`='" . $_POST["eAlter"] . "', " . - "`Telefon`='" . $_POST["eTelefon"] . "', `Handy`='" . $_POST["eHandy"] . "', " . - "`DECT`='" . $_POST["eDECT"] . "', `email`='" . $_POST["eemail"] . "', " . - "`ICQ`='" . $_POST["eICQ"] . "', `jabber`='" . $_POST["ejabber"] . "', " . - "`Hometown`='" . $_POST["Hometown"] . "', `Size`='" . $_POST["Sizeid"] . "' " . - "WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1;"; - } else { - $chsql = "UPDATE `User` SET " . - "`Nick`='" . $_POST["eNick"] . "', `Name`='" . $_POST["eName"] . "', " . - "`Vorname`='" . $_POST["eVorname"] . "', `Alter`='" . $_POST["eAlter"] . "', " . - "`Telefon`='" . $_POST["eTelefon"] . "', `Handy`='" . $_POST["eHandy"] . "', " . - "`DECT`='" . $_POST["eDECT"] . "', `email`='" . $_POST["eemail"] . "', " . - "`ICQ`='" . $_POST["eICQ"] . "', `jabber`='" . $_POST["ejabber"] . "', " . - "`Hometown`='" . $_POST["Hometown"] . "' " . - "WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1;"; - } - $Erg = mysql_query($chsql, $con); - - if ($Erg == 1) { - $_SESSION['Nick'] = $_POST["eNick"]; - $_SESSION['Name'] = $_POST["eName"]; - $_SESSION['Vorname'] = $_POST["eVorname"]; - $_SESSION['Alter'] = $_POST["eAlter"]; - $_SESSION['Telefon'] = $_POST["eTelefon"]; - $_SESSION['Handy'] = $_POST["eHandy"]; - $_SESSION['DECT'] = $_POST["eDECT"]; - $_SESSION['email'] = $_POST["eemail"]; - $_SESSION['ICQ'] = $_POST["eICQ"]; - $_SESSION['jabber'] = $_POST["ejabber"]; - $_SESSION['Hometown'] = $_POST["Hometown"]; - if ($_SESSION['CVS']["Change T_Shirt Size"] == "Y") { - $_SESSION['Size'] = $_POST["Sizeid"]; - } else - if ($_SESSION['Size'] != $_POST["Sizeid"]) { - array_push($error_messages, "einstellungen.php, change t-shirt size not allowed\n"); - } - - Print_Text("pub_einstellungen_UserDateSaved"); - } else { - Print_Text(29); - echo mysql_error($con); - } - break; - - case 'sendPicture' : - if ($_FILES["file"]["size"] > 0) { - if (($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif")) { - $data = addslashes(fread(fopen($_FILES["file"]["tmp_name"], "r"), filesize($_FILES["file"]["tmp_name"]))); - - if (GetPicturShow($_SESSION['UID']) == "") - $SQL = "INSERT INTO `UserPicture` " . - "( `UID`,`Bild`, `ContentType`, `show`) " . - "VALUES ('" . $_SESSION['UID'] . "', '$data', '" . $_FILES["file"]["type"] . "', 'N')"; - else - $SQL = "UPDATE `UserPicture` SET " . - "`Bild`='$data', " . - "`ContentType`='" . $_FILES["file"]["type"] . "', " . - "`show`='N' " . - "WHERE `UID`='" . $_SESSION['UID'] . "'"; - - $res = mysql_query($SQL, $con); - if ($res) - Print_Text("pub_einstellungen_send_OK"); - else - Print_Text("pub_einstellungen_send_KO"); - - echo "
('" . $_FILES["file"]["name"] . "', MIME-Type: " . $_FILES["file"]["type"] . ", " . $_FILES["file"]["size"] . " Byte)
"; - } else - Print_Text("pub_einstellungen_send_KO"); - } else - Print_Text("pub_einstellungen_send_KO"); - break; - - case 'delPicture' : - $chsql = "DELETE FROM `UserPicture` WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1"; - $Erg = mysql_query($chsql, $con); - if ($Erg == 1) - Print_Text("pub_einstellungen_del_OK"); - else - Print_Text("pub_einstellungen_del_KO"); - Break; - } -} -include ("includes/footer.php"); -?> diff --git a/www-ssl/nonpublic/index.php b/www-ssl/nonpublic/index.php deleted file mode 100644 index b53f8088..00000000 --- a/www-ssl/nonpublic/index.php +++ /dev/null @@ -1,77 +0,0 @@ - 1 --> keine Anmeldung - if ($user_anz == 0) - $ErrorText = "pub_index_User_unset"; - else - $ErrorText = "pub_index_User_more_as_one"; - } // Ende Check, ob User angemeldet wurde -} -include ("includes/header.php"); -if (isset ($ErrorText)) - echo "

" . Get_Text($ErrorText) . "


\n"; -include ("includes/login_eingabefeld.php"); -include ("includes/footer.php"); -?> - - -- cgit v1.2.3-54-g00ecf From 3afd05636e46aedb53e1c1d954d23d6563b5e104 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 22:40:08 +0200 Subject: admin groups --- DB/db_rewrite.sql | 28 ++++---- includes/funktion_menu.php | 40 ----------- includes/pages/admin_groups.php | 73 ++++++++++++++++++++ includes/sys_menu.php | 3 +- templates/admin_groups.html | 21 ++++++ templates/admin_groups_edit_form.html | 21 ++++++ txt/TODO | 2 + www-ssl/admin/group.php | 49 -------------- www-ssl/index.php | 4 ++ www-ssl/nonpublic/messages.php | 124 ---------------------------------- 10 files changed, 139 insertions(+), 226 deletions(-) delete mode 100644 includes/funktion_menu.php create mode 100644 includes/pages/admin_groups.php create mode 100644 templates/admin_groups.html create mode 100644 templates/admin_groups_edit_form.html delete mode 100644 www-ssl/admin/group.php delete mode 100644 www-ssl/nonpublic/messages.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index d4811235..5041ce9b 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 19:37 +-- Erstellungszeit: 02. Juni 2011 um 20:39 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -80,8 +80,9 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('register', 3), ('admin_rooms', 70), ('admin_angel_types', 69), -('user_settings', 111), -('user_messages', 102); +('user_settings', 115), +('user_messages', 102), +('admin_groups', 86); -- -------------------------------------------------------- @@ -125,22 +126,22 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=28 ; -- -- Daten für Tabelle `GroupPrivileges` -- INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES -(1, -1, 1), -(2, -1, 2), +(24, -1, 5), (3, -2, 3), (4, -2, 4), -(5, -1, 5), +(23, -1, 2), (6, -4, 6), (7, -4, 7), (8, -2, 8), -(9, -2, 9); +(9, -2, 9), +(12, -5, 10); -- -------------------------------------------------------- @@ -253,7 +254,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=11 ; -- -- Daten für Tabelle `Privileges` @@ -268,7 +269,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (6, 'admin_rooms', 'Räume administrieren'), (7, 'admin_angel_types', 'Engel Typen administrieren'), (8, 'user_settings', 'User profile settings'), -(9, 'user_messages', 'Writing and reading messages from user to user'); +(9, 'user_messages', 'Writing and reading messages from user to user'), +(10, 'admin_groups', 'Manage usergroups and their rights'); -- -------------------------------------------------------- @@ -995,7 +997,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('credits', 'DE', 'Credits'), ('credits', 'EN', 'Credits'), ('pub_messages_Neu', 'DE', 'Neu'), -('pub_messages_Neu', 'EN', 'New'); +('pub_messages_Neu', 'EN', 'New'), +('admin_groups', 'DE', 'Gruppenrechte'), +('admin_groups', 'EN', 'Grouprights'); -- -------------------------------------------------------- @@ -1038,7 +1042,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307043433, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307046926, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/funktion_menu.php b/includes/funktion_menu.php deleted file mode 100644 index 0a324758..00000000 --- a/includes/funktion_menu.php +++ /dev/null @@ -1,40 +0,0 @@ - $Entry) - if (strpos($Key, ".php") > 0) - if ((strpos("00$Key", "0$MenuName") > 0) || ((strlen($MenuName) == 0) && (strpos("0$Key", "/") == 0))) { - $TempName = Get_Text($Key, true); - - if ((true || $debug) && ($TempName == "")) - $TempName = "not found: \"$Key\""; - - if ($Entry == "Y") { - //zum absichtlkichen ausblenden von einträgen - if (strlen($TempName) > 1) { - //sonderfälle: - - if ($Key == "admin/faq.php") - $TempName .= " (" . noAnswer() . ")"; - elseif ($Key == "credits.php") continue; - //ausgabe - $Text .= "
  • $TempName
    • \n"; - $Gefunden = true; - } - } - elseif ($debug) { - $Gefunden = true; - $Text .= "
  • $TempName ($Key)
    • \n"; - } - } - if ($Gefunden) - echo ''; -} //function ShowMenue -?> diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php new file mode 100644 index 00000000..5d9d8180 --- /dev/null +++ b/includes/pages/admin_groups.php @@ -0,0 +1,73 @@ +'; + $groups_html .= '' . $group['Name'] . ''; + $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID'])); + $privileges_html = array (); + foreach ($privileges as $priv) + $privileges_html[] = $priv['name']; + $groups_html .= '' . join(", ", $privileges_html) . ''; + $groups_html .= 'Ändern'; + $groups_html .= ''; + } + + return template_render('../templates/admin_groups.html', array ( + 'nick' => $user['Nick'], + 'groups' => $groups_html + )); + } else { + switch ($_REQUEST["action"]) { + case 'edit' : + if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Groups ID."); + + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`"); + $privileges_html = ""; + foreach ($privileges as $priv) + $privileges_html .= '' . $priv['name'] . '' . $priv['desc'] . ''; + + $html .= template_render('../templates/admin_groups_edit_form.html', array ( + 'link' => page_link_to("admin_groups"), + 'id' => $id, + 'privileges' => $privileges_html + )); + } else + return error("No Group found."); + break; + + case 'save' : + if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Groups ID."); + + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if (!is_array($_REQUEST['privileges'])) + $_REQUEST['privileges'] = array (); + if (count($room) > 0) { + list ($room) = $room; + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id)); + foreach ($_REQUEST['privileges'] as $priv) + if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0) + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv)); + header("Location: " . page_link_to("admin_groups")); + } else + return error("No Group found."); + break; + } + } + return $html; +} +?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 822d558f..739cb9d1 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -29,7 +29,8 @@ function make_navigation() { // Admin Navigation $menu .= make_navigation_for(Get_Text('admin/'), array ( "admin_angel_types", - "admin_rooms" + "admin_rooms", + "admin_groups" )); return $menu; } diff --git a/templates/admin_groups.html b/templates/admin_groups.html new file mode 100644 index 00000000..c5b4ac57 --- /dev/null +++ b/templates/admin_groups.html @@ -0,0 +1,21 @@ +Hallo %nick%, +
    +hier hast du die Möglichkeit Gruppenrechte zu ändern: + + + + + + + + + + %groups% + +
    + Name + + Rechte + +   +
    diff --git a/templates/admin_groups_edit_form.html b/templates/admin_groups_edit_form.html new file mode 100644 index 00000000..5729df64 --- /dev/null +++ b/templates/admin_groups_edit_form.html @@ -0,0 +1,21 @@ +
    + + + + + + + + + + %privileges% + +
    +   + + Name + + Description +
    + +
    \ No newline at end of file diff --git a/txt/TODO b/txt/TODO index fbaf4377..1ebf5e52 100644 --- a/txt/TODO +++ b/txt/TODO @@ -4,6 +4,8 @@ * user_messages schön machen * Formulare weg von Tabellen * user_news lässt sich nicht bedienen (POST ohne redirects...) + * Privilegien korrigieren (an die vom CVS anpassen) + * Beim Raum-Management die benötigten Engel anzeigen * schichten ueber monatsgrenzen einbaue im moment werden die tage nur diff --git a/www-ssl/admin/group.php b/www-ssl/admin/group.php deleted file mode 100644 index b8a52ec2..00000000 --- a/www-ssl/admin/group.php +++ /dev/null @@ -1,49 +0,0 @@ -\n"; - echo "\n"; - echo "\tGroupname\n"; - echo "\tLink\n"; - echo "\n"; - - for ($n = 0; $n < $Zeilen; $n++) { - echo "\n"; - echo "\t" . mysql_result($Erg, $n, "Name") . "\n"; - - echo "change\n"; - echo "\n"; - } - - // new form - echo "\n"; - echo "\t
    \n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t
    \n"; - echo "\n"; - - echo "\t\n"; - // Ende Userliste -} - -include ("includes/footer.php"); -?> - - diff --git a/www-ssl/index.php b/www-ssl/index.php index 48aea75c..6bfbcc32 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -61,6 +61,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_rooms") { require_once ('includes/pages/admin_rooms.php'); $content = admin_rooms(); + } + elseif ($p == "admin_groups") { + require_once ('includes/pages/admin_groups.php'); + $content = admin_groups(); } else { require_once ('includes/pages/guest_start.php'); $content = guest_start(); diff --git a/www-ssl/nonpublic/messages.php b/www-ssl/nonpublic/messages.php deleted file mode 100644 index 4868136d..00000000 --- a/www-ssl/nonpublic/messages.php +++ /dev/null @@ -1,124 +0,0 @@ -\n"; - echo Get_Text("pub_messages_text1") . "

    \n"; - - //show exist Messages - $SQL = "SELECT * FROM `Messages` WHERE `SUID`='" . $_SESSION["UID"] . "' OR `RUID`='" . $_SESSION["UID"] . "'"; - $erg = mysql_query($SQL, $con); - - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - - for ($i = 0; $i < mysql_num_rows($erg); $i++) { - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - } - - // send Messeges - echo ""; - echo "\n"; - echo "\n"; - echo "\n"; - - // Listet alle Nicks auf - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo ""; - - echo "
    " . Get_Text("pub_messages_Datum") . "" . Get_Text("pub_messages_Von") . "" . Get_Text("pub_messages_An") . "" . Get_Text("pub_messages_Text") . "
    " . mysql_result($erg, $i, "Datum") . "" . UID2Nick(mysql_result($erg, $i, "SUID")) . "" . UID2Nick(mysql_result($erg, $i, "RUID")) . "" . mysql_result($erg, $i, "Text") . ""; - - if (mysql_result($erg, $i, "RUID") == $_SESSION["UID"]) { - echo "" . Get_Text("pub_messages_DelMsg") . ""; - - if (mysql_result($erg, $i, "isRead") == "N") - echo "" . Get_Text("pub_messages_MarkRead") . ""; - } else { - if (mysql_result($erg, $i, "isRead") == "N") - echo Get_Text("pub_messages_NotRead"); - } - - echo "
    \n"; - break; - - case "SendMsg" : - echo Get_Text("pub_messages_Send1") . "...
    \n"; - - $SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (" . - "'" . gmdate("Y-m-j H:i:s", time()) . "', " . - "'" . $_SESSION["UID"] . "', " . - "'" . $_POST["RUID"] . "', " . - "'" . $_POST["Text"] . "');"; - - $Erg = mysql_query($SQL, $con); - - if ($Erg == 1) - echo Get_Text("pub_messages_Send_OK") . "\n"; - else - echo Get_Text("pub_messages_Send_Error") . "...\n(" . mysql_error($con) . ")"; - break; - - case "MarkRead" : - $SQL = "UPDATE `Messages` SET `isRead` = 'Y' " . - "WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID`='" . $_SESSION["UID"] . "' " . - "LIMIT 1 ;"; - $Erg = mysql_query($SQL, $con); - - if ($Erg == 1) - echo Get_Text("pub_messages_MarkRead_OK") . "\n"; - else - echo Get_Text("pub_messages_MarkRead_KO") . "...\n(" . mysql_error($con) . ")"; - break; - - case "DelMsg" : - $SQL = "DELETE FROM `Messages` " . - "WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID` ='" . $_SESSION["UID"] . "' " . - "LIMIT 1;"; - $Erg = mysql_query($SQL, $con); - - if ($Erg == 1) - echo Get_Text("pub_messages_DelMsg_OK") . "\n"; - else - echo Get_Text("pub_messages_DelMsg_KO") . "...\n(" . mysql_error($con) . ")"; - break; - - default : - echo Get_Text("pub_messages_NoCommand"); -} - -include "includes/footer.php"; -?> -- cgit v1.2.3-54-g00ecf From cb1736d180ce91cb8b66acfe6cf7cede3a04d097 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Thu, 2 Jun 2011 23:41:50 +0200 Subject: include/pages/admin_angel_types: Cleanup; add strip_request_item function --- includes/pages/admin_angel_types.php | 162 ++++++----------------------------- includes/sys_page.php | 11 ++- 2 files changed, 36 insertions(+), 137 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/admin_angel_types.php b/includes/pages/admin_angel_types.php index ba2e5325..c5283899 100644 --- a/includes/pages/admin_angel_types.php +++ b/includes/pages/admin_angel_types.php @@ -1,22 +1,36 @@ ' . $angel_type['Name'] . '' . $angel_type['Man'] . 'Edit'; + $table .= sprintf( + '%s%s' + . 'Edit', + $angel_type['Name'], $angel_type['Man'], + page_link_to("admin_angel_types"), + $angel_type['TID'] + ); $html .= template_render('../templates/admin_angel_types.html', array ( 'link' => page_link_to("admin_angel_types"), 'table' => $table )); + } else { + switch ($_REQUEST['action']) { + case 'create' : - $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name'])); - $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['man'])); + $name = strip_request_item("name"); + $man = strip_request_item("man"); + sql_query("INSERT INTO `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "'"); + header("Location: " . page_link_to("admin_angel_types")); break; @@ -30,11 +44,12 @@ function admin_angel_types() { if (count($angel_type) > 0) { list ($angel_type) = $angel_type; - $html .= template_render('../templates/admin_angel_types_edit_form.html', array ( - 'link' => page_link_to("admin_angel_types"), - 'id' => $id, - 'name' => $angel_type['Name'], - 'man' => $angel_type['Man'] + $html .= template_render( + '../templates/admin_angel_types_edit_form.html', array ( + 'link' => page_link_to("admin_angel_types"), + 'id' => $id, + 'name' => $angel_type['Name'], + 'man' => $angel_type['Man'] )); } else return error("No Angel Type found."); @@ -50,8 +65,9 @@ function admin_angel_types() { if (count($angel_type) > 0) { list ($angel_type) = $angel_type; - $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name'])); - $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['man'])); + $name = strip_request_item("name"); + $man = strip_request_item("man"); + sql_query("UPDATE `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "' WHERE `TID`=" . sql_escape($id) . " LIMIT 1"); header("Location: " . page_link_to("admin_angel_types")); } else @@ -76,131 +92,5 @@ function admin_angel_types() { } return $html; - $Sql = "SELECT * FROM `EngelType` ORDER BY `NAME`"; - $Erg = mysql_query($Sql, $con); - - if (!IsSet ($_GET["action"])) { - echo "Hallo " . $_SESSION['Nick'] . - ",
    \nhier hast du die Möglichkeit, neue Engeltypen für die Schichtpläne einzutragen " . - "oder vorhandene abzuändern:

    \n"; - - echo "- Neuen EngelType eintragen
    \n"; - - echo "\n"; - echo "\n"; - - for ($i = 1; $i < mysql_num_fields($Erg); $i++) { - echo "\t"; - } - echo "\t"; - echo ""; - - for ($t = 0; $t < mysql_num_rows($Erg); $t++) { - echo "\t\n"; - for ($j = 1; $j < mysql_num_fields($Erg); $j++) { - echo "\t\t\n"; - } - echo "\t\t\n"; - echo "\t\n"; - } // ende Auflistung Raeume - echo "
    " . mysql_field_name($Erg, $i) . "Ändern
    " . mysql_result($Erg, $t, $j) . "###
    "; - } else { - - switch ($_GET["action"]) { - - case 'new' : - echo "Neuen EngelType einrichten:
    "; - echo "
    \n"; - echo "\n"; - - for ($Uj = 1; $Uj < mysql_num_fields($Erg); $Uj++) { - echo "" . - "\n"; - } - echo "
    " . mysql_field_name($Erg, $Uj) . "
    \n"; - echo "\n"; - echo "\n"; - echo "
    "; - break; - - case 'newsave' : - $vars = $_GET; - $count = count($vars) - 1; - $vars = array_splice($vars, 0, $count); - $Keys = ""; - $Values = ""; - foreach ($vars as $key => $value) { - $Keys .= ", `$key`"; - $Values .= ", '$value'"; - } - - if (runSQL_log("INSERT INTO `EngelType` (" . substr($Keys, 2) . ") VALUES (" . substr($Values, 2) . ")", "save new EngelType")) { - SetHeaderGo2Back(); - - $SQL2 = "SELECT * FROM `EngelType` WHERE `Name`='" . $_GET["Name"] . "'"; - $ERG = mysql_query($SQL2, $con); - - if (mysql_num_rows($ERG) == 1) - runSQL_log("ALTER TABLE `Room` ADD `DEFAULT_EID_" . mysql_result($ERG, 0, 0) . - "` INT DEFAULT '0' NOT NULL;", "add new EngelType in Romm Table"); - } - break; - - case 'change' : - if (!IsSet ($_GET["TID"])) - echo "Fehlerhafter Aufruf!"; - else { - echo "Raum abändern:\n"; - echo "Hier kannst du eintragen, den EngelType ändern."; - echo "
    \n"; - echo "\n"; - - $SQL2 = "SELECT * FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'"; - $ERG = mysql_query($SQL2, $con); - - for ($Uj = 1; $Uj < mysql_num_fields($ERG); $Uj++) - echo "" . - "\n"; - - echo "
    " . mysql_field_name($ERG, $Uj) . "
    \n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "
    "; - echo "
    \n"; - echo "\n"; - echo "\n"; - echo ""; - echo "
    "; - } - break; - - case 'changesave' : - $vars = $_GET; - $count = count($vars) - 2; - $vars = array_splice($vars, 0, $count); - $keys = ""; - $sql = ""; - foreach ($vars as $key => $value) { - $keys = substr($key, 1); - $sql .= ", `" . $keys . "`='" . $value . "'"; - } - runSQL_log("UPDATE `EngelType` SET " . substr($sql, 2) . " WHERE `TID`='" . $_GET["eTID"] . "'", "Save Change EngelType"); - SetHeaderGo2Back(); - break; - - case 'delete' : - if (IsSet ($_GET["TID"])) { - if (runSQL_log("DELETE FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'", "delete EngelType")) - runSQL_log("ALTER TABLE `Room` DROP `DEFAULT_EID_" . $_GET["TID"] . "`;", "delete EngelType in Room Table"); - } else - echo "Fehlerhafter Aufruf"; - SetHeaderGo2Back(); - break; - } - } - - include ("includes/footer.php"); } ?> diff --git a/includes/sys_page.php b/includes/sys_page.php index ab8b05e2..2af5f729 100644 --- a/includes/sys_page.php +++ b/includes/sys_page.php @@ -1,4 +1,13 @@ ' . $msg . '

    '; } @@ -6,4 +15,4 @@ function error($msg) { function success($msg) { return '

    ' . $msg . '

    '; } -?> \ No newline at end of file +?> -- cgit v1.2.3-54-g00ecf From 0d6499f7f1aadabc345f6896fa3ad26f7a299150 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Thu, 2 Jun 2011 23:45:54 +0200 Subject: user questions --- DB/db_rewrite.sql | 45 ++++++++++++++++++--------------- includes/pages/user_questions.php | 41 ++++++++++++++++++++++++++++++ includes/sys_menu.php | 1 + templates/user_questions.html | 52 +++++++++++++++++++++++++++++++++++++++ txt/TODO | 4 +-- www-ssl/admin/dect_call.php | 8 ------ www-ssl/index.php | 4 +++ 7 files changed, 125 insertions(+), 30 deletions(-) create mode 100644 includes/pages/user_questions.php create mode 100644 templates/user_questions.html delete mode 100644 www-ssl/admin/dect_call.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 5041ce9b..6a259c61 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 20:39 +-- Erstellungszeit: 02. Juni 2011 um 21:45 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,18 +71,19 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 73), -('login', 18), -('logout', 11), -('start', 23), +('news', 78), +('login', 20), +('logout', 12), +('start', 24), ('faq', 4), ('credits', 3), ('register', 3), ('admin_rooms', 70), ('admin_angel_types', 69), -('user_settings', 115), -('user_messages', 102), -('admin_groups', 86); +('user_settings', 116), +('user_messages', 107), +('admin_groups', 94), +('user_questions', 30); -- -------------------------------------------------------- @@ -126,21 +127,22 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=28 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=33 ; -- -- Daten für Tabelle `GroupPrivileges` -- INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES +(32, -2, 8), (24, -1, 5), -(3, -2, 3), -(4, -2, 4), +(31, -2, 11), +(30, -2, 9), (23, -1, 2), (6, -4, 6), (7, -4, 7), -(8, -2, 8), -(9, -2, 9), +(29, -2, 3), +(28, -2, 4), (12, -5, 10); -- -------------------------------------------------------- @@ -192,8 +194,6 @@ CREATE TABLE IF NOT EXISTS `Messages` ( INSERT INTO `Messages` (`id`, `Datum`, `SUID`, `RUID`, `isRead`, `Text`) VALUES (2, 1307042342, 1, 147, 'Y', 'asdfasdfasdfasdf'), (4, 1307042622, 1, 147, 'Y', 'asdfasdfasdf'), -(5, 1307042643, 1, 147, 'Y', 'foobar'), -(6, 1307042663, 1, 147, 'Y', 'foobar'), (7, 1307042692, 147, 1, 'Y', 'foobar'); -- -------------------------------------------------------- @@ -254,7 +254,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=11 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=12 ; -- -- Daten für Tabelle `Privileges` @@ -270,7 +270,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (7, 'admin_angel_types', 'Engel Typen administrieren'), (8, 'user_settings', 'User profile settings'), (9, 'user_messages', 'Writing and reading messages from user to user'), -(10, 'admin_groups', 'Manage usergroups and their rights'); +(10, 'admin_groups', 'Manage usergroups and their rights'), +(11, 'user_questions', 'Let users ask questions'); -- -------------------------------------------------------- @@ -285,12 +286,14 @@ CREATE TABLE IF NOT EXISTS `Questions` ( `AID` int(11) NOT NULL DEFAULT '0', `Answer` text NOT NULL, PRIMARY KEY (`QID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Fragen und Antworten' AUTO_INCREMENT=21 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Fragen und Antworten' AUTO_INCREMENT=4 ; -- -- Daten für Tabelle `Questions` -- +INSERT INTO `Questions` (`QID`, `UID`, `Question`, `AID`, `Answer`) VALUES +(3, 1, 'Ficken?', 0, ''); -- -------------------------------------------------------- @@ -999,7 +1002,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_messages_Neu', 'DE', 'Neu'), ('pub_messages_Neu', 'EN', 'New'), ('admin_groups', 'DE', 'Gruppenrechte'), -('admin_groups', 'EN', 'Grouprights'); +('admin_groups', 'EN', 'Grouprights'), +('user_questions', 'DE', 'Erzengel fragen'), +('user_questions', 'EN', 'Ask arch angel'); -- -------------------------------------------------------- @@ -1042,7 +1047,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307046926, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307051093, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php new file mode 100644 index 00000000..8201c6d6 --- /dev/null +++ b/includes/pages/user_questions.php @@ -0,0 +1,41 @@ +' . $question['Question'] . 'Delete'; + + return template_render('../templates/user_questions.html', array ( + 'link' => page_link_to("user_questions"), + 'open_questions' => $open_questions + )); + } else { + switch ($_REQUEST['action']) { + case 'ask' : + $question = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question']))); + if ($question != "") { + sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'"); + header("Location: " . page_link_to("user_questions")); + } else + return error("Please enter a Question!"); + break; + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Question ID."); + + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { + sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("user_questions")); + } else + return error("No Question found."); + break; + } + } +} +?> \ No newline at end of file diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 739cb9d1..6cddf66a 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -23,6 +23,7 @@ function make_navigation() { $menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array ( "news", "user_messages", + "user_questions", "user_settings" )); diff --git a/templates/user_questions.html b/templates/user_questions.html new file mode 100644 index 00000000..96b1e980 --- /dev/null +++ b/templates/user_questions.html @@ -0,0 +1,52 @@ +Not yet answered questions: + + + + + + + + + %open_questions% + +
    + Question + +   +
    +
    Answered questions: + + + + + + + + + + + %answered_questions% + +
    + Question + + From + + Answer + +   +
    +
    +
    + + + + + +
    + Question: + + +
    + +
    \ No newline at end of file diff --git a/txt/TODO b/txt/TODO index 1ebf5e52..14188a6f 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,12 +1,12 @@ * MD5-Passwörter mit Salt speichern * Passwort-Mindestanforderungen stellen - * User-Avatare + * User-Avatare (code liegt auskommentiert in user_settings.php) * user_messages schön machen * Formulare weg von Tabellen * user_news lässt sich nicht bedienen (POST ohne redirects...) * Privilegien korrigieren (an die vom CVS anpassen) * Beim Raum-Management die benötigten Engel anzeigen - + * Löschen nur mit Rückfrage * schichten ueber monatsgrenzen einbaue im moment werden die tage nur hochgezaehlt und die monatzgrenzen werden ignoriert diff --git a/www-ssl/admin/dect_call.php b/www-ssl/admin/dect_call.php deleted file mode 100644 index 0799c2be..00000000 --- a/www-ssl/admin/dect_call.php +++ /dev/null @@ -1,8 +0,0 @@ - - diff --git a/www-ssl/index.php b/www-ssl/index.php index 6bfbcc32..831225e6 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -38,6 +38,10 @@ if (in_array($p, $privileges)) { elseif ($p == "user_messages") { $content = user_messages(); } + elseif ($p == "user_questions") { + require_once ('includes/pages/user_questions.php'); + $content = user_questions(); + } elseif ($p == "user_settings") { require_once ('includes/pages/user_settings.php'); $content = user_settings(); -- cgit v1.2.3-54-g00ecf From 32b3ce5f900cf0d378f77a6675b989ee0e641f13 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 00:22:11 +0200 Subject: admin questions --- DB/db_rewrite.sql | 43 +++++++++++---------- includes/pages/admin_questions.php | 76 ++++++++++++++++++++++++++++++++++++++ includes/pages/user_messages.php | 10 +++-- includes/pages/user_questions.php | 17 +++++++-- includes/sys_menu.php | 7 +++- templates/admin_questions.html | 47 +++++++++++++++++++++++ templates/user_questions.html | 2 +- www-ssl/index.php | 8 ++++ 8 files changed, 181 insertions(+), 29 deletions(-) create mode 100644 includes/pages/admin_questions.php create mode 100644 templates/admin_questions.html (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 6a259c61..5d6b4e2c 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 21:45 +-- Erstellungszeit: 02. Juni 2011 um 22:21 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,19 +71,20 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 78), -('login', 20), -('logout', 12), -('start', 24), -('faq', 4), +('news', 80), +('login', 24), +('logout', 13), +('start', 25), +('faq', 6), ('credits', 3), ('register', 3), ('admin_rooms', 70), ('admin_angel_types', 69), ('user_settings', 116), -('user_messages', 107), -('admin_groups', 94), -('user_questions', 30); +('user_messages', 108), +('admin_groups', 99), +('user_questions', 53), +('admin_questions', 41); -- -------------------------------------------------------- @@ -127,7 +128,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=33 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=36 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -139,11 +140,12 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (31, -2, 11), (30, -2, 9), (23, -1, 2), -(6, -4, 6), -(7, -4, 7), +(34, -4, 12), +(33, -4, 7), (29, -2, 3), (28, -2, 4), -(12, -5, 10); +(12, -5, 10), +(35, -4, 6); -- -------------------------------------------------------- @@ -254,7 +256,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=12 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=13 ; -- -- Daten für Tabelle `Privileges` @@ -271,7 +273,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (8, 'user_settings', 'User profile settings'), (9, 'user_messages', 'Writing and reading messages from user to user'), (10, 'admin_groups', 'Manage usergroups and their rights'), -(11, 'user_questions', 'Let users ask questions'); +(11, 'user_questions', 'Let users ask questions'), +(12, 'admin_questions', 'Answer user''s questions'); -- -------------------------------------------------------- @@ -286,14 +289,14 @@ CREATE TABLE IF NOT EXISTS `Questions` ( `AID` int(11) NOT NULL DEFAULT '0', `Answer` text NOT NULL, PRIMARY KEY (`QID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Fragen und Antworten' AUTO_INCREMENT=4 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Fragen und Antworten' AUTO_INCREMENT=5 ; -- -- Daten für Tabelle `Questions` -- INSERT INTO `Questions` (`QID`, `UID`, `Question`, `AID`, `Answer`) VALUES -(3, 1, 'Ficken?', 0, ''); +(4, 1, 'Hallo?\nEy?', 1, 'Jo,\nJo!'); -- -------------------------------------------------------- @@ -1004,7 +1007,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin_groups', 'DE', 'Gruppenrechte'), ('admin_groups', 'EN', 'Grouprights'), ('user_questions', 'DE', 'Erzengel fragen'), -('user_questions', 'EN', 'Ask arch angel'); +('user_questions', 'EN', 'Ask arch angel'), +('admin_questions', 'DE', 'Fragen beantworten'), +('admin_questions', 'EN', 'Answer questions'); -- -------------------------------------------------------- @@ -1047,7 +1052,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307051093, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307053257, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php new file mode 100644 index 00000000..5355dd86 --- /dev/null +++ b/includes/pages/admin_questions.php @@ -0,0 +1,76 @@ + 0) + return '

    There are unanswered questions!

    '; + } + + return ""; +} + +function admin_questions() { + global $user; + + if (!isset ($_REQUEST['action'])) { + $open_questions = ""; + $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0"); + foreach ($questions as $question) { + $open_questions .= '' . UID2Nick($question['UID']) . '' . str_replace("\n", '
    ', $question['Question']) . ''; + $open_questions .= '

    '; + $open_questions .= 'Delete'; + } + + $answered_questions = ""; + $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0"); + foreach ($questions as $question) { + $answered_questions .= '' . UID2Nick($question['UID']) . '' . str_replace("\n", '
    ', $question['Question']) . ''; + $answered_questions .= '' . UID2Nick($question['AID']) . '' . str_replace("\n", '
    ', $question['Answer']) . ''; + $answered_questions .= 'Delete'; + } + + return template_render('../templates/admin_questions.html', array ( + 'link' => page_link_to("admin_questions"), + 'open_questions' => $open_questions, + 'answered_questions' => $answered_questions + )); + } else { + switch ($_REQUEST['action']) { + case 'answer' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Question ID."); + + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + if (count($question) > 0 && $question[0]['AID'] == "0") { + $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']))); + + if ($answer != "") { + sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("admin_questions")); + } else + return error("Please enter an answer!"); + } else + return error("No question found."); + break; + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Question ID."); + + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + if (count($question) > 0) { + sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("admin_questions")); + } else + return error("No question found."); + break; + } + } +} +?> \ No newline at end of file diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index e3e9a469..30871d9d 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -1,11 +1,13 @@ 0) - return '

    ' . Get_Text("pub_messages_new1") . " " . $new_messages . " " . Get_Text("pub_messages_new2") . '

    '; + if ($new_messages > 0) + return '

    ' . Get_Text("pub_messages_new1") . " " . $new_messages . " " . Get_Text("pub_messages_new2") . '

    '; + } return ""; } diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index 8201c6d6..4e9daa5a 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -6,11 +6,20 @@ function user_questions() { $open_questions = ""; $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0 AND `UID`=" . sql_escape($user['UID'])); foreach ($questions as $question) - $open_questions .= '' . $question['Question'] . 'Delete'; + $open_questions .= '' . str_replace("\n", '
    ', $question['Question']) . 'Delete'; + + $answered_questions = ""; + $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0 AND `UID`=" . sql_escape($user['UID'])); + foreach ($questions as $question) { + $answered_questions .= '' . str_replace("\n", '
    ', $question['Question']) . ''; + $answered_questions .= '' . UID2Nick($question['AID']) . '' . str_replace("\n", '
    ', $question['Answer']) . ''; + $answered_questions .= 'Delete'; + } return template_render('../templates/user_questions.html', array ( 'link' => page_link_to("user_questions"), - 'open_questions' => $open_questions + 'open_questions' => $open_questions, + 'answered_questions' => $answered_questions )); } else { switch ($_REQUEST['action']) { @@ -20,7 +29,7 @@ function user_questions() { sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'"); header("Location: " . page_link_to("user_questions")); } else - return error("Please enter a Question!"); + return error("Please enter a question!"); break; case 'delete' : if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) @@ -33,7 +42,7 @@ function user_questions() { sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); header("Location: " . page_link_to("user_questions")); } else - return error("No Question found."); + return error("No question found."); break; } } diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 6cddf66a..c3dfa041 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -29,6 +29,7 @@ function make_navigation() { // Admin Navigation $menu .= make_navigation_for(Get_Text('admin/'), array ( + "admin_questions", "admin_angel_types", "admin_rooms", "admin_groups" @@ -39,9 +40,13 @@ function make_navigation() { function make_navigation_for($name, $pages) { global $privileges, $p; + $specials = array ( + "faq" + ); + $menu = ""; foreach ($pages as $page) - if (in_array($page, $privileges)) + if (in_array($page, $privileges) || in_array($page, $specials)) $menu .= '' . Get_Text($page) . ''; if ($menu != "") diff --git a/templates/admin_questions.html b/templates/admin_questions.html new file mode 100644 index 00000000..ad8d6572 --- /dev/null +++ b/templates/admin_questions.html @@ -0,0 +1,47 @@ +Not yet answered questions: + + + + + + + + + + + %open_questions% + +
    + From + + Question + + Answer + +   +
    +
    Answered questions: + + + + + + + + + + + + %answered_questions% + +
    + Question + + From + + Answer + + From + +   +
    diff --git a/templates/user_questions.html b/templates/user_questions.html index 96b1e980..f5fb46ae 100644 --- a/templates/user_questions.html +++ b/templates/user_questions.html @@ -36,7 +36,7 @@ Not yet answered questions: %answered_questions% -
    +
    Ask an arch angel:
    diff --git a/www-ssl/index.php b/www-ssl/index.php index 831225e6..d722de32 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -13,6 +13,7 @@ require_once ('includes/sys_user.php'); require_once ('config/config.php'); require_once ('config/config_db.php'); +require_once ('includes/pages/admin_questions.php'); require_once ('includes/pages/user_messages.php'); session_start(); @@ -58,6 +59,9 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/guest_login.php'); $content = guest_logout(); } + elseif ($p == "admin_questions") { + $content = admin_questions(); + } elseif ($p == "admin_angel_types") { require_once ('includes/pages/admin_angel_types.php'); $content = admin_angel_types(); @@ -96,6 +100,10 @@ elseif ($p == "faq") { if (isset ($user) && $p != "user_messages") $content = user_unread_messages() . $content; +// Erzengel Hinweis für unbeantwortete Fragen +if (isset ($user) && $p != "admin_questions") + $content = admin_new_questions() . $content; + echo template_render('../templates/layout.html', array ( 'theme' => isset ($user) ? $user['color'] : $default_theme, 'title' => $title, -- cgit v1.2.3-54-g00ecf From 626b9a81f303a07fab5be1302496d8823d1fede4 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 01:03:39 +0200 Subject: admin faq --- DB/db_rewrite.sql | 65 +++++---- includes/pages/admin_faq.php | 85 ++++++++++++ includes/pages/guest_faq.php | 32 ++--- includes/sys_menu.php | 3 +- templates/admin_faq.html | 56 ++++++++ templates/admin_faq_edit_form.html | 41 ++++++ txt/TODO | 1 + www-ssl/admin/faq.1.php | 6 - www-ssl/admin/faq.php | 271 ------------------------------------- www-ssl/css/base.css | 5 + www-ssl/index.php | 4 + www-ssl/nonpublic/faq.php | 73 ---------- 12 files changed, 240 insertions(+), 402 deletions(-) create mode 100644 includes/pages/admin_faq.php create mode 100644 templates/admin_faq.html create mode 100644 templates/admin_faq_edit_form.html delete mode 100644 www-ssl/admin/faq.1.php delete mode 100644 www-ssl/admin/faq.php delete mode 100644 www-ssl/nonpublic/faq.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 5d6b4e2c..fa31c6f8 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 22:21 +-- Erstellungszeit: 02. Juni 2011 um 23:02 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -75,16 +75,17 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('login', 24), ('logout', 13), ('start', 25), -('faq', 6), +('faq', 16), ('credits', 3), ('register', 3), ('admin_rooms', 70), ('admin_angel_types', 69), ('user_settings', 116), -('user_messages', 108), -('admin_groups', 99), -('user_questions', 53), -('admin_questions', 41); +('user_messages', 111), +('admin_groups', 104), +('user_questions', 54), +('admin_questions', 41), +('admin_faq', 53); -- -------------------------------------------------------- @@ -94,27 +95,29 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES CREATE TABLE IF NOT EXISTS `FAQ` ( `FID` bigint(20) NOT NULL AUTO_INCREMENT, - `Frage` text NOT NULL, - `Antwort` text NOT NULL, + `Frage_de` text NOT NULL, + `Antwort_de` text NOT NULL, + `Frage_en` text NOT NULL, + `Antwort_en` text NOT NULL, PRIMARY KEY (`FID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=24 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=26 ; -- -- Daten für Tabelle `FAQ` -- -INSERT INTO `FAQ` (`FID`, `Frage`, `Antwort`) VALUES -(1, 'Komme ich als Engel billiger/kostenlos auf den Congress?
    \r\nDo I get in cheaper / for free to the congress as an angel ?', 'Nein, jeder Engel muss normal Eintritt bezahlen.
    \r\nNo, every angel has to pay full price.'), -(2, 'Was bekomme ich für meine Mitarbeit?
    \r\nWhat can i expect in return for my help? \r\n', 'Jeder Engel der arbeitet bekommt ein kostenloses T-Shirt nach der Veranstalltung
    \r\nEvery working angel gets a free shirt after the event. '), -(3, 'Wie lange muss ich als Engel arbeiten?
    \r\nHow long do I have to work as an angel ?', 'Diese Frage ist schwer zu beantworten. Es hängt z.B. davon ab, was man macht (z.B. Workshop-Engel) und wieviele Engel wir zusammen bekommen.
    \r\nThis is difficult to answer. It depends on what you decide to do (e.g. workshop angel) and how many people will attend. '), -(6, 'Ich bin erst XX Jahre alt. Kann ich überhaupt helfen?
    \r\nI''m only XX years old. Can I help anyway?', 'Wir können jede helfende Hand gebrauchen. Wenn du alt genug bist, um zum Congress zu kommen, bist du auch alt genug zu helfen.
    \r\nWe need every help we can get. If your old enough to come to the congress, your old enough to help.'), -(8, 'Wer sind eigentlich die Erzengel?
    \r\nWho are the Arch-Angels?\r\n', 'Erzengel sind dieses Jahr: BugBlue, TabascoEye, Jeedi, Daizy, volty
    \r\nThe ArchAngels for this year are: BugBlue, TabascoEye, Jeedi, Daizy, volty\r\n'), -(9, 'Gibt es dieses Jahr wieder einen IRC-Channel für Engel?
    \r\nWill there be an IRC-channel for angels again?', 'Ja, im IRC-Net existiert #chaos-angel. Einfach mal reinschaun!
    \r\nYes, in the IRC-net there''s #chaos-angel. Just have a look!'), -(10, 'Wie gehe ich mit den Besuchern um?
    \r\nHow do I treat visitors?', 'Man soll gegenüber den Besuchern immer höflich und freundlich sein, auch wenn diese gestresst sind. Wenn man das Gefühl hat, dass man mit der Situation nicht mehr klarkommt, sollte man sich jemanden zur Unterstützung holen, bevor man selbst auch gestresst wird :-)
    \r\nYou should always be polite and friendly, especially if they are stressed. When you feel you can''t handle it on your own, get someone to help you out before you get so stressed yourself that you get impolite.'), -(11, 'Wann sind die Engelbesprechungen?
    \r\nWhen are the angels briefings?', 'Das wird vor Ort noch festgelegt und steht im Himmelnewssystem.
    \r\nThe information on the Angel Briefings will be in the news section of this system.'), -(12, 'Was muss ich noch bedenken?
    \r\nAnything else I should know?', 'Man sollte nicht total übermüdet oder ausgehungert, wenn n man einen Einsatz hat. Eine gewisse Fitness ist hilfreich.
    \r\nYou should not be exhausted or starving when you arrive for a shift. A reasonable amount of fitness for work would be very helpful.'), -(13, 'Ich habe eine Frage, auf die ich in der FAQ keine Antwort gefunden habe. Wohin soll ich mich wenden?
    \r\nI have a guestion not answered here. Who can I ask?', 'Bei weitere Fragen kannst du die Anfragen an die Erzengel Formular benutzen.
    \r\nIf you have further questions, you can use the Questions for the ArchAngels form.'), -(20, 'Wer muss alles Eintritt zahlen?
    \r\nWho has to pay the full entrance price?', 'Jeder. Zumindest, solange er/sie älter als 12 Jahre ist...
    \r\nEveryone who is at older than 12 years old.'); +INSERT INTO `FAQ` (`FID`, `Frage_de`, `Antwort_de`, `Frage_en`, `Antwort_en`) VALUES +(1, 'Komme ich als Engel billiger/kostenlos auf den Congress?', 'Nein, jeder Engel muss normal Eintritt bezahlen.', 'Do I get in cheaper / for free to the congress as an angel ?', 'No, every angel has to pay full price.'), +(2, 'Was bekomme ich für meine Mitarbeit?', 'Jeder Engel der arbeitet bekommt ein kostenloses T-Shirt nach der Veranstalltung', 'What can i expect in return for my help?', 'Every working angel gets a free shirt after the event.'), +(3, 'Wie lange muss ich als Engel arbeiten?', 'Diese Frage ist schwer zu beantworten. Es hängt z.B. davon ab, was man macht (z.B. Workshop-Engel) und wieviele Engel wir zusammen bekommen.', 'How long do I have to work as an angel ?', 'This is difficult to answer. It depends on what you decide to do (e.g. workshop angel) and how many people will attend.'), +(6, 'Ich bin erst XX Jahre alt. Kann ich überhaupt helfen?', 'Wir können jede helfende Hand gebrauchen. Wenn du alt genug bist, um zum Congress zu kommen, bist du auch alt genug zu helfen.', 'I''m only XX years old. Can I help anyway?', 'We need every help we can get. If your old enough to come to the congress, your old enough to help.'), +(8, 'Wer sind eigentlich die Erzengel?', 'Erzengel sind dieses Jahr: BugBlue, TabascoEye, Jeedi, Daizy, volty', 'Who are the Arch-Angels?', 'The ArchAngels for this year are: BugBlue, TabascoEye, Jeedi, Daizy, volty'), +(9, 'Gibt es dieses Jahr wieder einen IRC-Channel für Engel?', 'Ja, im IRC-Net existiert #chaos-angel. Einfach mal reinschaun!', 'Will there be an IRC-channel for angels again?', 'Yes, in the IRC-net there''s #chaos-angel. Just have a look!'), +(10, 'Wie gehe ich mit den Besuchern um?', 'Man soll gegenüber den Besuchern immer höflich und freundlich sein, auch wenn diese gestresst sind. Wenn man das Gefühl hat, dass man mit der Situation nicht mehr klarkommt, sollte man sich jemanden zur Unterstützung holen, bevor man selbst auch gestresst wird :-)', 'How do I treat visitors?', 'You should always be polite and friendly, especially if they are stressed. When you feel you can''t handle it on your own, get someone to help you out before you get so stressed yourself that you get impolite.'), +(11, 'Wann sind die Engelbesprechungen?', 'Das wird vor Ort noch festgelegt und steht im Himmelnewssystem.', 'When are the angels briefings?', 'The information on the Angel Briefings will be in the news section of this system.'), +(12, 'Was muss ich noch bedenken?', 'Man sollte nicht total übermüdet oder ausgehungert, wenn n man einen Einsatz hat. Eine gewisse Fitness ist hilfreich.', 'Anything else I should know?', 'You should not be exhausted or starving when you arrive for a shift. A reasonable amount of fitness for work would be very helpful.'), +(13, 'Ich habe eine Frage, auf die ich in der FAQ keine Antwort gefunden habe. Wohin soll ich mich wenden?', 'Bei weitere Fragen kannst du die Anfragen an die Erzengel Formular benutzen.', 'I have a guestion not answered here. Who can I ask?', 'If you have further questions, you can use the Questions for the ArchAngels form.'), +(20, 'Wer muss alles Eintritt zahlen?', 'Jeder. Zumindest, solange er/sie älter als 12 Jahre ist...', 'Who has to pay the full entrance price?', 'Everyone who is at older than 12 years old.'); -- -------------------------------------------------------- @@ -128,7 +131,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=36 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=40 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -140,12 +143,13 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (31, -2, 11), (30, -2, 9), (23, -1, 2), -(34, -4, 12), -(33, -4, 7), +(36, -4, 7), +(37, -4, 13), (29, -2, 3), (28, -2, 4), (12, -5, 10), -(35, -4, 6); +(38, -4, 12), +(39, -4, 6); -- -------------------------------------------------------- @@ -256,7 +260,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=13 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=14 ; -- -- Daten für Tabelle `Privileges` @@ -274,7 +278,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (9, 'user_messages', 'Writing and reading messages from user to user'), (10, 'admin_groups', 'Manage usergroups and their rights'), (11, 'user_questions', 'Let users ask questions'), -(12, 'admin_questions', 'Answer user''s questions'); +(12, 'admin_questions', 'Answer user''s questions'), +(13, 'admin_faq', 'Edit FAQs'); -- -------------------------------------------------------- @@ -1009,7 +1014,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('user_questions', 'DE', 'Erzengel fragen'), ('user_questions', 'EN', 'Ask arch angel'), ('admin_questions', 'DE', 'Fragen beantworten'), -('admin_questions', 'EN', 'Answer questions'); +('admin_questions', 'EN', 'Answer questions'), +('admin_faq', 'DE', 'FAQs bearbeiten'), +('admin_faq', 'EN', 'Edit FAQs'); -- -------------------------------------------------------- @@ -1052,7 +1059,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307053257, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307055685, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/admin_faq.php b/includes/pages/admin_faq.php new file mode 100644 index 00000000..5b9a338f --- /dev/null +++ b/includes/pages/admin_faq.php @@ -0,0 +1,85 @@ +    '; + $faqs_html .= ''; + } + return template_render('../templates/admin_faq.html', array ( + 'link' => page_link_to("admin_faq"), + 'faqs' => $faqs_html + )); + } else { + switch ($_REQUEST['action']) { + case 'create' : + $frage = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['frage'])); + $antwort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['antwort'])); + $question = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question'])); + $answer = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])); + sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'"); + header("Location: " . page_link_to("admin_faq")); + break; + + case 'save' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing FAQ ID."); + + $faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); + if (count($faq) > 0) { + list ($faq) = $faq; + + $frage = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['frage'])); + $antwort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['antwort'])); + $question = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question'])); + $answer = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])); + sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("admin_faq")); + } else + return error("No FAQ found."); + break; + + case 'edit' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing FAQ ID."); + + $faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); + if (count($faq) > 0) { + list ($faq) = $faq; + + return template_render('../templates/admin_faq_edit_form.html', array ( + 'link' => page_link_to("admin_faq"), + 'id' => $id, + 'frage' => $faq['Frage_de'], + 'antwort' => $faq['Antwort_de'], + 'question' => $faq['Frage_en'], + 'answer' => $faq['Antwort_en'] + )); + } else + return error("No FAQ found."); + break; + + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing FAQ ID."); + + $faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); + if (count($faq) > 0) { + list ($faq) = $faq; + + sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("admin_faq")); + } else + return error("No FAQ found."); + break; + } + } +} +?> \ No newline at end of file diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php index 48e75d16..c4bcd0bb 100644 --- a/includes/pages/guest_faq.php +++ b/includes/pages/guest_faq.php @@ -2,29 +2,17 @@ function guest_faq() { $html = ""; $faqs = sql_select("SELECT * FROM `FAQ`"); - foreach ($faqs as $faq) - if ($faq['Antwort'] != "") { - list ($frage_de, $frage_en) = explode('
    ', $faq['Frage']); - list ($antwort_de, $antwort_en) = explode('
    ', $faq['Antwort']); - $html .= "
    "; - if ($_SESSION['Sprache'] == "DE") { - $html .= "
    " . $frage_de . "
    "; - $html .= "
    " . $antwort_de . "
    "; - } else { - $html .= "
    " . $frage_en . "
    "; - $html .= "
    " . $antwort_en . "
    "; - } - $html .= "
    "; + foreach ($faqs as $faq) { + $html .= "
    "; + if ($_SESSION['Sprache'] == "DE") { + $html .= "
    " . $faq['Frage_de'] . "
    "; + $html .= "
    " . $faq['Antwort_de'] . "
    "; + } else { + $html .= "
    " . $faq['Frage_en'] . "
    "; + $html .= "
    " . $faq['Antwort_en'] . "
    "; } + $html .= "
    "; + } return $html; } - -function noAnswer() { - global $con; - - $SQL = "SELECT UID FROM Questions WHERE `AID`='0'"; - $Res = mysql_query($SQL, $con); - - return mysql_num_rows($Res); -} ?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index c3dfa041..ca34ee6c 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -32,7 +32,8 @@ function make_navigation() { "admin_questions", "admin_angel_types", "admin_rooms", - "admin_groups" + "admin_groups", + "admin_faq" )); return $menu; } diff --git a/templates/admin_faq.html b/templates/admin_faq.html new file mode 100644 index 00000000..5dacf522 --- /dev/null +++ b/templates/admin_faq.html @@ -0,0 +1,56 @@ +
    ' . $faq['Frage_de'] . '
    ' . $faq['Antwort_de'] . '
    ' . $faq['Frage_en'] . '
    ' . $faq['Antwort_en'] . '
    		Edit
    + + + + + + + + + %faqs% + +
    + Deutsch + + English + +   +
    +
    Create new FAQ: + + + + + + + + + + + + + + + + + + +
    + Frage + + +
    + Antwort + + +
    + Question + + +
    + Answer + + +
    + +
    \ No newline at end of file diff --git a/templates/admin_faq_edit_form.html b/templates/admin_faq_edit_form.html new file mode 100644 index 00000000..1ef791aa --- /dev/null +++ b/templates/admin_faq_edit_form.html @@ -0,0 +1,41 @@ +Edit FAQ: +
    + + + + + + + + + + + + + + + + + +
    + Frage + + +
    + Antwort + + +
    + Question + + +
    + Answer + + +
    + +
    +
    + Delete FAQ: +
    \ No newline at end of file diff --git a/txt/TODO b/txt/TODO index 14188a6f..5609482b 100644 --- a/txt/TODO +++ b/txt/TODO @@ -7,6 +7,7 @@ * Privilegien korrigieren (an die vom CVS anpassen) * Beim Raum-Management die benötigten Engel anzeigen * Löschen nur mit Rückfrage + * FAQ ordentlich mehrsprachig machen * schichten ueber monatsgrenzen einbaue im moment werden die tage nur hochgezaehlt und die monatzgrenzen werden ignoriert diff --git a/www-ssl/admin/faq.1.php b/www-ssl/admin/faq.1.php deleted file mode 100644 index 04dda6aa..00000000 --- a/www-ssl/admin/faq.1.php +++ /dev/null @@ -1,6 +0,0 @@ -

    Anfragen und FAQ

    - -
  • Alle Anfragen
    • -
  • Offene Anfragen ()
    • -
  • FAQ-Liste editiern
    • - diff --git a/www-ssl/admin/faq.php b/www-ssl/admin/faq.php deleted file mode 100644 index 779d8822..00000000 --- a/www-ssl/admin/faq.php +++ /dev/null @@ -1,271 +0,0 @@ - - Alle Anfragen:
    - - - - - - - - - - -\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - } else { - echo "Nein\n"; - echo "\n"; - echo "\n"; - } - echo ""; - echo "\n"; - } - echo "
    FrageAnfragenderBeantwortet?AntwortAntwort vonchange
    " . mysql_result($Erg, $n, "Question") . "" . UID2Nick(mysql_result($Erg, $n, "UID")) . ""; - if (mysql_result($Erg, $n, "AID") > 0) { - echo "Ja" . mysql_result($Erg, $n, "Answer") . "" . UID2Nick(mysql_result($Erg, $n, "AID")) . "  xxx
    \n"; - break; - - case "open" : - $SQL = "SELECT * FROM `Questions` WHERE `AID`='0' ORDER BY `QID` DESC"; - $quest_bearb = 1; // Fragenliste anzeigen - echo "\t\tOffene Anfragen:
    \n"; - break; - - case "edit" : - if (!IsSet ($_GET["QID"])) - echo "\t\tFehlerhafter Aufruf...
    Bitte die Bearbeitung nochmals beginnen :)\n"; - else { - $SQL = "SELECT * FROM `Questions` WHERE `QID`='" . $_GET["QID"] . "'"; - $Erg = mysql_query($SQL, $con); - echo "\t\t
    \n"; - echo "\t\tAnfrage von " . UID2NICK(mysql_result($Erg, 0, "UID")) . ":
    \n"; - echo "\t\t\n"; - echo "

    Antwort der Erzengel:
    \n"; - if (mysql_result($Erg, 0, "Answer") == "") - echo "\t\t
    \n"; - else - echo "\t\t\n
    \n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t
    \n"; - if (mysql_result($Erg, 0, "AID") <> "0") { - echo "\tDu kannst diese Anfrage so wie sie ist, als Engel-FAQ eintrag übernehmen.
    \n"; - echo "Als FAQ-Eintrag sichern...\n"; - } - } // Abfrage der QID - break; - - case "save" : - if (!IsSet ($_GET["QID"])) - echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten..."; - else { - $SQL = "UPDATE `Questions` SET `Question`='" . $_GET["Question"] . - "', `AID`='" . $_SESSION['UID'] . "' , `Answer`='" . $_GET["Answer"] . "' " . - "WHERE `QID`='" . $_GET["QID"] . "' LIMIT 1"; - $Erg = db_query($SQL, "save Question"); - if ($Erg == 1) { - echo "\tDer Eintrag wurde geändert
    \n"; - SetHeaderGo2Back(); - } else - echo "\tEin Fehler ist aufgetreten. Sorry, du kannst es aber ja nochmal probieren :)\n"; - } - break; - - case "transfer" : - if (!IsSet ($_GET["QID"])) - echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten...\n"; - else { - $SQL1 = "SELECT * FROM `Questions` WHERE `QID`='" . $_GET["QID"] . "'"; - $Erg = mysql_query($SQL1, $con); - $SQL2 = "INSERT INTO `FAQ` Values ('', '" . - mysql_result($Erg, 0, "Question") . "', '" . mysql_result($Erg, 0, "Answer") . "')"; - $Erg = db_query($SQL2, "trasfert to request to the FAQ"); - if ($Erg == 1) - echo "\tDer Eintrag wurde übertragen.
    \n"; - else - echo "\tEin Fehler ist aufgetreten. Sorry, du kannst es aber ja nochmal probieren :)\n"; - } - - break; - - // *--------------------------------------------------------------------------- - // * FAQ - Bearbeitung - // *--------------------------------------------------------------------------- - // * je nach �bergabeoption ($quest) koennen FAQ's erfasst werden, - // * geaendert oder geloscht werden... - // *--------------------------------------------------------------------------- - case "faq" : - $quest_bearb = 0; // keine Fragenliste anzeigen, FAQ editieren... - echo "\tFAQ-Liste:
    "; - echo "Neuen Eintrag"; - - $SQL = "SELECT * FROM `FAQ`"; - $Erg = mysql_query($SQL, $con); - - // anzahl zeilen - $Zeilen = mysql_num_rows($Erg); - - for ($n = 0; $n < $Zeilen; $n++) - if (mysql_result($Erg, $n, "Antwort") != "") { - echo "\t

    " . mysql_result($Erg, $n, "Frage") . "

    \n"; - echo "\t

    " . mysql_result($Erg, $n, "Antwort") . "

    \n"; - echo "\tBearbeiten\n
    ---
    \n"; - } - break; - - case "faqedit" : - if (!IsSet ($_GET["FAQID"])) - echo "\tFehlerhafter Aufruf...
    Bitte die Bearbeitung nochmals beginnen :)\n"; - else { - $SQL = "SELECT * FROM `FAQ` WHERE `FID`='" . $_GET["FAQID"] . "'"; - $Erg = mysql_query($SQL, $con); - - // anzahl zeilen - $Zeilen = mysql_num_rows($Erg); -?> -
    - Frage:
    - -

    - Antwort:
    -
    - "> - - -
    -
    - "> - - -
    -\n"; - else - echo "\tEin Fehler ist aufgetreten. Ist der Eintag bereits gelöscht gewesen?\n"; - } - break; - - case "faqsave"; - if (!IsSet ($_GET["FAQID"])) - echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten...\n"; - else { - $SQL = "UPDATE `FAQ` SET `Frage`='" . $_GET["Frage"] . "', `Antwort`='" . $_GET["Antwort"] . - "' WHERE `FID`='" . $_GET["FAQID"] . "' LIMIT 1"; - $Erg = db_query($SQL, $con); - if ($Erg == 1) - echo "\tDer Eintrag wurde geändert
    \n"; - else - echo "\tEin Fehler ist aufgetreten. Sorry, du kannst es aber ja nochmal probieren :)\n"; - } - break; - - case "faqnew" : -?> -
    - Frage:
    -

    - Antwort:
    -
    - - -
    -\n"; - else - echo "\tEin Fehler ist aufgetreten. Sorry, du kannst es aber ja nochmal probieren :)\n"; - break; - - } //switch ($_GET["quest"]) - - // Hilfsroutine f�r die Anfragen: - // Fragenliste anzeigen??? - if ($quest_bearb == 1) { - $Erg = mysql_query($SQL, $con); - // anzahl zeilen - $Zeilen = mysql_num_rows($Erg); - - if ($Zeilen == 0) - echo "\tkeine vorhanden...\n"; - else - for ($n = 0; $n < $Zeilen; $n++) { - echo "\t

    " . nl2br(mysql_result($Erg, $n, "Question")) . "\n


    \n"; - echo "\tBearbeiten\n"; - echo "
    ---
    \n"; - } - - } - -} //if (IsSet($_GET["quest"])) -else { - echo "Bitte wähle aus, ob du:\n"; - echo "\n"; -} - -include ("includes/footer.php"); -?> diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index bfe050a5..44e1959c 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -109,6 +109,11 @@ td, th { border: 1px solid #888; } +textarea { + height: 200px; + width: 300px; +} + .background { background: #f0f0f0; } diff --git a/www-ssl/index.php b/www-ssl/index.php index d722de32..8ad025aa 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -73,6 +73,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_groups") { require_once ('includes/pages/admin_groups.php'); $content = admin_groups(); + } + elseif ($p == "admin_faq") { + require_once ('includes/pages/admin_faq.php'); + $content = admin_faq(); } else { require_once ('includes/pages/guest_start.php'); $content = guest_start(); diff --git a/www-ssl/nonpublic/faq.php b/www-ssl/nonpublic/faq.php deleted file mode 100644 index fcc17158..00000000 --- a/www-ssl/nonpublic/faq.php +++ /dev/null @@ -1,73 +0,0 @@ - -

    -
    - -

    - "> -
    -" . Get_Text(37) . "

    \n" . nl2br($_POST["frage"]) . "

    \n" . Get_Text(38) . "
    \n"; - - $SQL = "INSERT INTO `Questions` VALUES ('', '" . $_SESSION['UID'] . "', '" . $_POST["frage"] . "', '', '')"; - $Erg = mysql_query($SQL, $con); - -} -// Bisherige Anfragen: -echo "
    \n" . Get_Text(39) . "
    \n"; -echo "
    \n"; -echo "
    " . Get_Text(40) . "
    \n"; - -$SQL = "SELECT * FROM `Questions` WHERE `UID` = " . $_SESSION['UID'] . " AND `AID`='0' ORDER BY 'QID' DESC"; -$Erg = mysql_query($SQL, $con); - -// anzahl zeilen -$Zeilen = mysql_num_rows($Erg); - -if ($Zeilen == 0) { - Print_Text(41); - -} else { - for ($n = 0; $n < $Zeilen; $n++) { - echo "

    " . nl2br(mysql_result($Erg, $n, "Question")) . "
    \n"; - // Es gibt ja noch keine Antwort: - // echo "

    ".nl2br(mysql_result($Erg, $n, "Answer"))."

    \n"; - echo "\n
    ---
    "; - } -} - -echo "
    \n"; -echo "
    " . Get_Text(42) . "
    \n"; -$SQL = "SELECT * FROM `Questions` WHERE `UID`='" . $_SESSION['UID'] . "' and `AID`<>'0' ORDER BY 'QID' DESC"; -$Erg = mysql_query($SQL, $con); - -// anzahl zeilen -$Zeilen = mysql_num_rows($Erg); - -if ($Zeilen == 0) { - Print_Text(41); -} else { - for ($n = 0; $n < $Zeilen; $n++) { - echo "

    " . nl2br(mysql_result($Erg, $n, "Question")) . "
    \n"; - echo "

    " . nl2br(mysql_result($Erg, $n, "Answer")) . - "@" . UID2Nick(mysql_result($Erg, $n, "AID")) . "\n"; - echo "\n
    ---
    "; - } -} - -include ("includes/footer.php"); -?> -- cgit v1.2.3-54-g00ecf From 91f6e7bbaf7c9ed8820fea59e041c8fa17bcea91 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 05:12:50 +0200 Subject: news refined --- DB/db_rewrite.sql | 76 ++++++++++------- includes/pages/user_news.php | 197 +++++++++++++++++++++++++------------------ includes/sys_user.php | 6 +- txt/TODO | 2 +- www-ssl/css/base.css | 73 ++++++++++++---- www-ssl/index.php | 4 + 6 files changed, 224 insertions(+), 134 deletions(-) (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index fa31c6f8..b85f04c9 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 23:02 +-- Erstellungszeit: 03. Juni 2011 um 03:12 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,21 +71,23 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 80), -('login', 24), +('news', 164), +('login', 26), ('logout', 13), -('start', 25), -('faq', 16), +('start', 26), +('faq', 18), ('credits', 3), ('register', 3), -('admin_rooms', 70), -('admin_angel_types', 69), -('user_settings', 116), -('user_messages', 111), -('admin_groups', 104), -('user_questions', 54), -('admin_questions', 41), -('admin_faq', 53); +('admin_rooms', 75), +('admin_angel_types', 70), +('user_settings', 125), +('user_messages', 112), +('admin_groups', 114), +('user_questions', 55), +('admin_questions', 42), +('admin_faq', 55), +('admin_news', 2), +('news_comments', 144); -- -------------------------------------------------------- @@ -131,25 +133,27 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=40 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=51 ; -- -- Daten für Tabelle `GroupPrivileges` -- INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES -(32, -2, 8), +(42, -2, 15), (24, -1, 5), -(31, -2, 11), -(30, -2, 9), +(40, -2, 4), +(41, -2, 3), (23, -1, 2), -(36, -4, 7), -(37, -4, 13), -(29, -2, 3), -(28, -2, 4), +(48, -4, 14), +(46, -4, 7), +(44, -2, 11), +(43, -2, 9), (12, -5, 10), -(38, -4, 12), -(39, -4, 6); +(47, -4, 13), +(49, -4, 12), +(45, -2, 8), +(50, -4, 6); -- -------------------------------------------------------- @@ -210,7 +214,7 @@ INSERT INTO `Messages` (`id`, `Datum`, `SUID`, `RUID`, `isRead`, `Text`) VALUES CREATE TABLE IF NOT EXISTS `News` ( `ID` int(11) NOT NULL AUTO_INCREMENT, - `Datum` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `Datum` int(11) NOT NULL, `Betreff` varchar(150) NOT NULL DEFAULT '', `Text` text NOT NULL, `UID` int(11) NOT NULL DEFAULT '0', @@ -223,9 +227,9 @@ CREATE TABLE IF NOT EXISTS `News` ( -- INSERT INTO `News` (`ID`, `Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES -(1, '2011-06-02 21:35:27', '', '', 1, 0), -(2, '2011-06-02 21:36:57', '', '', 1, 0), -(3, '2011-06-02 21:36:57', '', '', 1, 0); +(1, 1307070566, 'asdf', 'asdf', 1, 0), +(2, 1307070579, 'Achtung, Treffen!', 'Uiuiuiui.', 1, 0), +(3, 1307070686, 'Achtung, Treffen!', 'Jojojo!', 1, 1); -- -------------------------------------------------------- @@ -241,12 +245,16 @@ CREATE TABLE IF NOT EXISTS `news_comments` ( `UID` int(11) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`), KEY `Refid` (`Refid`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ; -- -- Daten für Tabelle `news_comments` -- +INSERT INTO `news_comments` (`ID`, `Refid`, `Datum`, `Text`, `UID`) VALUES +(1, 10, '2011-06-03 04:12:28', 'FOobar :)', 1), +(2, 10, '2011-06-03 04:13:03', 'FOobar :)', 1), +(3, 10, '2011-06-03 04:13:06', 'FOobar :)', 1); -- -------------------------------------------------------- @@ -260,7 +268,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=14 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=16 ; -- -- Daten für Tabelle `Privileges` @@ -279,7 +287,9 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (10, 'admin_groups', 'Manage usergroups and their rights'), (11, 'user_questions', 'Let users ask questions'), (12, 'admin_questions', 'Answer user''s questions'), -(13, 'admin_faq', 'Edit FAQs'); +(13, 'admin_faq', 'Edit FAQs'), +(14, 'admin_news', 'Administrate the news section'), +(15, 'news_comments', 'User can comment news'); -- -------------------------------------------------------- @@ -1016,7 +1026,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin_questions', 'DE', 'Fragen beantworten'), ('admin_questions', 'EN', 'Answer questions'), ('admin_faq', 'DE', 'FAQs bearbeiten'), -('admin_faq', 'EN', 'Edit FAQs'); +('admin_faq', 'EN', 'Edit FAQs'), +('news_comments', 'DE', 'News Kommentare'), +('news_comments', 'EN', 'News comments'); -- -------------------------------------------------------- @@ -1059,7 +1071,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307055685, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307070695, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 56c5bb68..34c346dd 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -1,108 +1,139 @@ " . Get_Text(3) . "" . user_news_output(); +function display_news($news) { + global $privileges, $p; + + $html .= ""; + $html .= '

    '; + $html .= '
    '; + $html .= date("Y-m-d H:i",$news['Datum']) . ', '; + $html .= UID2Nick($news['UID']); + if ($p != "news_comments") + $html .= ', Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »'; + $html .= '
    '; + $html .= '

    '.($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '

    '; + $html .= '

    ' . ReplaceSmilies(nl2br($news['Text'])) . '

    '; + if (in_array("admin_news", $privileges)) + $html .= "
    Edit
    \n"; + + $html .= '
    '; + return $html; } -function user_news_output() { - global $DISPLAY_NEWS, $privileges; - +function user_news_comments() { + global $user; + $html = ""; + if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) { + $nid = $_REQUEST["nid"]; + list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1"); + if (isset ($_REQUEST["text"])) { + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); + sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); + $html .= success("Eintrag wurde gespeichert"); + } - if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && IsSet ($_POST["date"])) { - if (!isset ($_POST["treffen"])) - $_POST["treffen"] = 0; - $SQL = "INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . - "VALUES ('" . sql_escape($_POST["date"]) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($_SESSION['uid']) . - "', '" . sql_escape($_POST["treffen"]) . "');"; - $Erg = sql_query($SQL); - if ($Erg == 1) - $html .= Get_Text(4); - } + $html .= '« Back'; + $html .= display_news($news); - if (!IsSet ($_GET["news_begin"])) - $_GET["news_begin"] = 0; + $html .= '

    Comments

    '; + + $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'"); + foreach ($comments as $comment) { + $html .= '
    '; + $html .= DisplayAvatar($comment['UID']); + $html .= '
    '; + $html .= $comment['Datum'] . ', '; + $html .= UID2Nick($comment['UID']); + $html .= '
    '; + $html .= '

    ' . nl2br($comment['Text']) . '

    '; + $html .= '
    '; + } - if (!IsSet ($_GET["DISPLAY_NEWS"])) - $_GET["DISPLAY_NEWS"] = 5; + $html .= ""; + $html .= ' +
    +
    +

    Neuer Kommentar:

    +   + +
    + + + + + + +
    Text:
    +
    + +
    '; + } else { + $html .= "Fehlerhafter Aufruf!"; + } - $SQL = "SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . intval($_GET["news_begin"]) . ", " . intval($_GET["DISPLAY_NEWS"]); - $Erg = sql_query($SQL); + return $html; +} - // anzahl zeilen - $news_rows = mysql_num_rows($Erg); +function user_news() { + global $DISPLAY_NEWS, $privileges, $user; - for ($n = 0; $n < $news_rows; $n++) { + $html = ""; - if (mysql_result($Erg, $n, "Treffen") == 0) - $html .= "

    "; - else - $html .= "

    "; - - $html .= "" . ReplaceSmilies(mysql_result($Erg, $n, "Betreff")) . "\n"; - - // Schow Admin Page - if ($_SESSION['CVS']["admin/news.php"] == "Y") - $html .= " [edit]
    \n\t\t"; - - $html .= "
       " . mysql_result($Erg, $n, "Datum") . ", "; - $html .= UID2Nick(mysql_result($Erg, $n, "UID")) . ""; - // avatar anzeigen? - $html .= DisplayAvatar(mysql_result($Erg, $n, "UID")); - $html .= "

    \n"; - $html .= "

    " . ReplaceSmilies(nl2br(mysql_result($Erg, $n, "Text"))) . "

    \n"; - $RefID = mysql_result($Erg, $n, "ID"); - $countSQL = "SELECT COUNT(*) FROM `news_comments` WHERE `Refid`='$RefID'"; - $countErg = sql_query($countSQL); - $countcom = mysql_result($countErg, 0, "COUNT(*)"); - $html .= "

    $countcom comments

    \n\n"; + if (isset ($_POST["text"]) && isset ($_POST["betreff"])) { + if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges)) + $_POST["treffen"] = 0; + sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . + "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . + "', '" . sql_escape($_POST["treffen"]) . "');"); + $html .= success(Get_Text(4)); } - $html .= "
    \n\n"; - $rowerg = sql_query("SELECT * FROM `News`"); - $rows = mysql_num_rows($rowerg); - $dis_rows = round(($rows / $DISPLAY_NEWS) + 0.5); + if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) + $page = $_REQUEST['page']; + else + $page = 0; + + $news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS); + foreach ($news as $entry) + $html .= display_news($entry); + + $html .= "
    \n\n"; + $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $html .= Get_Text(5); - for ($i = 1; $i <= $dis_rows; $i++) { - if (!((($i * $DISPLAY_NEWS) - $_GET["news_begin"]) == $DISPLAY_NEWS)) { - $html .= '' . $i . '  '; - } else { - $html .= "$i  "; - } + for ($i = 0; $i < $dis_rows; $i++) { + if ($i == $_REQUEST['page']) + $html .= ($i +1) . "  "; + else + $html .= '' . ($i +1) . '  '; } $html .= '
    -
    -

    ' . Get_Text(6) . '

    -   - -
    - - - - - - - - - - - '; - if (in_array('news_add_meeting', $privileges)) { +
    +

    ' . Get_Text(6) . '

    +   + + +
    ' . Get_Text(7) . '
    ' . Get_Text(8) . '
    + + + + + + + + '; + if (in_array('admin_news', $privileges)) { $html .= ' - - - '; + + + '; } $html .= '
    ' . Get_Text(7) . '
    ' . Get_Text(8) . '
    ' . Get_Text(9) . '
    ' . Get_Text(9) . '
    -
    - -
    '; +
    + + '; return $html; } ?> \ No newline at end of file diff --git a/includes/sys_user.php b/includes/sys_user.php index 6274003d..5dcf3f1f 100644 --- a/includes/sys_user.php +++ b/includes/sys_user.php @@ -75,9 +75,9 @@ function displayPictur($UID, $height = "30") { global $url, $ENGEL_ROOT; if ($height > 0) - return ("\"picture"); + return ("
    \"picture
    "); else - return ("\"picture"); + return ("
    \"picture
    "); } function displayavatar($UID, $height = "30") { @@ -92,7 +92,7 @@ function displayavatar($UID, $height = "30") { if (mysql_num_rows($aerg)) if (mysql_result($aerg, 0, "Avatar") > 0) - return (" "); + return'
    '. (" ").'
    '; } function UIDgekommen($UID) { diff --git a/txt/TODO b/txt/TODO index cebcb0de..fb1b3098 100644 --- a/txt/TODO +++ b/txt/TODO @@ -10,12 +10,12 @@ jetzt: * weckservice? später: + * Zurück-/Backlinks setzen * MD5-Passwörter mit Salt speichern * Passwort-Mindestanforderungen stellen * User-Avatare (code liegt auskommentiert in user_settings.php) * user_messages schön machen * Formulare weg von Tabellen - * user_news lässt sich nicht bedienen (POST ohne redirects...) * Privilegien korrigieren (an die vom CVS anpassen) * Beim Raum-Management die benötigten Engel anzeigen * Löschen nur mit Rückfrage diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index 44e1959c..0a137099 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -15,6 +15,12 @@ header { width: 100%; } +article, details { + clear: none; + display: block; + float: none; +} + footer { clear: both; display: block; @@ -64,13 +70,13 @@ dd { margin-left: 20px; } -h1, h4 { +h1, h2, h3, h4 { font-size: 16px; padding: 0 4px; } hr { - margin: 10px 0; + margin: 10px 0; } ul { @@ -81,7 +87,7 @@ nav { margin: 0 10px 10px 0; } -#content article { +#content > article { padding: 10px; } @@ -98,20 +104,28 @@ a.sprache img { } table { - border-collapse: collapse; + border-collapse: collapse; } th { - background: #f0f0f0; + background: #f0f0f0; } td, th { - border: 1px solid #888; + border: 1px solid #888; } textarea { - height: 200px; - width: 300px; + height: 200px; + width: 300px; +} + +.clear { + clear: both; +} + +.pagination { + text-align: center; } .background { @@ -127,20 +141,49 @@ textarea { } .error { - color: #f00; + color: #f00; } .success { - color: #090; + color: #090; } .notice { - background: #f0f0f0; - border: 2px solid #888; - margin: 10px; - padding: 10px; + background: #f0f0f0; + border: 2px solid #888; + margin: 10px; + padding: 10px; } .new_message { - font-weight: bold; + font-weight: bold; +} + +.news_comment, .news { + border: 1px solid #888; + margin: 10px 0; +} + +.news_comment details, .news details { + background: #f0f0f0; + padding: 4px; +} + +.news_comment p, .news p, h3 { + padding: 4px; +} + +.news_comment p, .news_comment details { + margin-left: 72px; +} + +.avatar { + float: left; + margin: 4px; + max-width: 64px; +} + +.news.meeting { + border: 1px solid #000; + box-shadow: 1px 1px 5px #888; } diff --git a/www-ssl/index.php b/www-ssl/index.php index 8ad025aa..9524459a 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -36,6 +36,10 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/user_news.php'); $content = user_news(); } + elseif ($p == "news_comments") { + require_once ('includes/pages/user_news.php'); + $content = user_news_comments(); + } elseif ($p == "user_messages") { $content = user_messages(); } -- cgit v1.2.3-54-g00ecf From 9325d7a78adac2aeee96324fa23528f8110d198f Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 05:21:11 +0200 Subject: news refined --- includes/pages/admin_rooms.php | 11 ++--- includes/pages/user_news.php | 2 +- txt/TODO | 6 +-- www-ssl/nonpublic/news_comments.php | 86 ------------------------------------- 4 files changed, 7 insertions(+), 98 deletions(-) delete mode 100644 www-ssl/nonpublic/news_comments.php (limited to 'includes/pages') diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 6695d6a9..be54b8ea 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -9,8 +9,6 @@ function admin_rooms() { ",
    \nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " . "oder vorhandene abzuändern:

    \n"; - $html .= "Neuen Raum/Ort eintragen
    \n"; - // Räume auflisten if (count($rooms) > 0) { $html .= ''; @@ -20,9 +18,7 @@ function admin_rooms() { // Tabellenüberschriften generieren foreach ($rooms[0] as $attr => $tmp) - if ($attr == 'RID') - $html .= ''; - else + if ($attr != 'RID') $html .= ''; $html .= ''; $html .= ''; @@ -30,9 +26,7 @@ function admin_rooms() { foreach ($rooms as $i => $room) { $html .= ''; foreach ($room as $attr => $value) - if ($attr == 'RID') - $html .= ''; - else + if ($attr != 'RID') $html .= ''; $html .= ''; $html .= ''; @@ -40,6 +34,7 @@ function admin_rooms() { $html .= '
    Anzahl: ' . count($rooms) . '' . $attr . ' 
    ' . ($i +1) . '' . $value . 'Edit
    '; } + $html .= "
    Neuen Raum/Ort eintragen
    \n"; } else { switch ($_REQUEST["action"]) { diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 34c346dd..7b4f9482 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -35,7 +35,7 @@ function user_news_comments() { $html .= '« Back'; $html .= display_news($news); - $html .= '

    Comments

    '; + $html .= '

    Kommentare

    '; $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'"); foreach ($comments as $comment) { diff --git a/txt/TODO b/txt/TODO index fb1b3098..42684e23 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,5 +1,4 @@ jetzt: - * news kommentieren * news administrieren * user administrieren * schichtimport @@ -14,12 +13,13 @@ später: * MD5-Passwörter mit Salt speichern * Passwort-Mindestanforderungen stellen * User-Avatare (code liegt auskommentiert in user_settings.php) - * user_messages schön machen + * user_messages schön machen (dialogbasiert) * Formulare weg von Tabellen * Privilegien korrigieren (an die vom CVS anpassen) - * Beim Raum-Management die benötigten Engel anzeigen + * (Beim Raum-Management die benötigten Engel anzeigen) * Löschen nur mit Rückfrage * FAQ ordentlich mehrsprachig machen + * Fertig übersetzen/Sprachwirrwarr beseitigen * schichten ueber monatsgrenzen einbaue im moment werden die tage nur hochgezaehlt und die monatzgrenzen werden ignoriert diff --git a/www-ssl/nonpublic/news_comments.php b/www-ssl/nonpublic/news_comments.php deleted file mode 100644 index db95ec8c..00000000 --- a/www-ssl/nonpublic/news_comments.php +++ /dev/null @@ -1,86 +0,0 @@ -
    "; - SetHeaderGo2Back(); - } - } - - $SQL = "SELECT * FROM `news_comments` WHERE `Refid`='" . $_GET["nid"] . "' ORDER BY 'ID'"; - $Erg = mysql_query($SQL, $con); - echo mysql_error($con); - - // anzahl zeilen - $news_rows = mysql_num_rows($Erg); -?> - - - - - - - - - - -"; - echo "\t\t"; - echo "\t\t"; - echo ""; - echo "\t"; - echo "\t\t"; - echo ""; - } - - echo "
    DatumNick
    Kommentar
    "; - echo mysql_result($Erg, $n, "Datum"); - echo "\t\t"; - echo UID2Nick(mysql_result($Erg, $n, "UID")); - // avatar anzeigen? - echo DisplayAvatar(mysql_result($Erg, $n, "UID")); - echo "\t\t
    "; - echo nl2br(mysql_result($Erg, $n, "Text")) . "\n"; - echo "\t\t
    "; -?> - -
    -
    -

    Neuer Kommentar:

    -  - -
    -"> - - - - - -
    Text:
    -
    - -
    - - -- cgit v1.2.3-54-g00ecf From 9941d2a7a799ad45b8e54c528c2161f880ab159e Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 05:49:56 +0200 Subject: admin news --- DB/db_rewrite.sql | 39 +++++++++---------- includes/pages/admin_news.php | 87 +++++++++++++++++++++++++++++++++++++++++++ txt/TODO | 2 +- www-ssl/admin/index.php | 21 ----------- www-ssl/index.php | 4 ++ 5 files changed, 112 insertions(+), 41 deletions(-) create mode 100644 includes/pages/admin_news.php delete mode 100644 www-ssl/admin/index.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index b85f04c9..f5ba1c6d 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 03:12 +-- Erstellungszeit: 03. Juni 2011 um 03:49 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,23 +71,23 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 164), +('news', 187), ('login', 26), ('logout', 13), ('start', 26), -('faq', 18), +('faq', 19), ('credits', 3), ('register', 3), -('admin_rooms', 75), -('admin_angel_types', 70), -('user_settings', 125), -('user_messages', 112), -('admin_groups', 114), +('admin_rooms', 89), +('admin_angel_types', 71), +('user_settings', 126), +('user_messages', 113), +('admin_groups', 117), ('user_questions', 55), ('admin_questions', 42), ('admin_faq', 55), -('admin_news', 2), -('news_comments', 144); +('admin_news', 32), +('news_comments', 151); -- -------------------------------------------------------- @@ -226,10 +226,6 @@ CREATE TABLE IF NOT EXISTS `News` ( -- Daten für Tabelle `News` -- -INSERT INTO `News` (`ID`, `Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES -(1, 1307070566, 'asdf', 'asdf', 1, 0), -(2, 1307070579, 'Achtung, Treffen!', 'Uiuiuiui.', 1, 0), -(3, 1307070686, 'Achtung, Treffen!', 'Jojojo!', 1, 1); -- -------------------------------------------------------- @@ -245,7 +241,7 @@ CREATE TABLE IF NOT EXISTS `news_comments` ( `UID` int(11) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`), KEY `Refid` (`Refid`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ; -- -- Daten für Tabelle `news_comments` @@ -254,7 +250,8 @@ CREATE TABLE IF NOT EXISTS `news_comments` ( INSERT INTO `news_comments` (`ID`, `Refid`, `Datum`, `Text`, `UID`) VALUES (1, 10, '2011-06-03 04:12:28', 'FOobar :)', 1), (2, 10, '2011-06-03 04:13:03', 'FOobar :)', 1), -(3, 10, '2011-06-03 04:13:06', 'FOobar :)', 1); +(3, 10, '2011-06-03 04:13:06', 'FOobar :)', 1), +(4, 3, '2011-06-03 05:20:05', 'Fünününü!', 1); -- -------------------------------------------------------- @@ -327,12 +324,14 @@ CREATE TABLE IF NOT EXISTS `Room` ( `show` char(1) NOT NULL DEFAULT 'Y', `Number` int(11) DEFAULT NULL, PRIMARY KEY (`RID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ; -- -- Daten für Tabelle `Room` -- +INSERT INTO `Room` (`RID`, `Name`, `Man`, `FromPentabarf`, `show`, `Number`) VALUES +(2, 'Mein Zimmer', 'msquare', 'N', 'Y', 1337); -- -------------------------------------------------------- @@ -1028,7 +1027,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin_faq', 'DE', 'FAQs bearbeiten'), ('admin_faq', 'EN', 'Edit FAQs'), ('news_comments', 'DE', 'News Kommentare'), -('news_comments', 'EN', 'News comments'); +('news_comments', 'EN', 'News comments'), +('admin_news', 'DE', 'News verwalten'), +('admin_news', 'EN', 'Manage news'); -- -------------------------------------------------------- @@ -1071,7 +1072,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307070695, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307072950, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php new file mode 100644 index 00000000..2c6e1f45 --- /dev/null +++ b/includes/pages/admin_news.php @@ -0,0 +1,87 @@ + 0) { + list ($news) = $news; + + $html .= '« Back'; + + $html .= "
    \n"; + + $html .= "\n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= "
    Datum" . + date("Y-m-d H:i", $news['Datum']) . "
    Betreff
    Text
    Engel" . + UID2Nick($news["UID"]) . "
    Treffen" . html_select_key('eTreffen', array ( + '1' => "Ja", + '0' => "Nein" + ), $news['Treffen']) . "
    "; + + $html .= "\n"; + $html .= "\n"; + $html .= "
    "; + + $html .= "
    \n"; + $html .= "\n"; + $html .= "\n"; + $html .= "
    "; + } else + return error("No News found."); + break; + + case 'save' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing News ID."); + + $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + if (count($news) > 0) { + list ($news) = $news; + + sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . + "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1"); + header("Location: " . page_link_to("news")); + } else + return error("No News found."); + break; + + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing News ID."); + + $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + if (count($news) > 0) { + list ($news) = $news; + + sql_query("DELETE FROM `news` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to("news")); + } else + return error("No News found."); + break; + } + } + return $html; +} +?> \ No newline at end of file diff --git a/txt/TODO b/txt/TODO index 42684e23..02dd8626 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,5 +1,4 @@ jetzt: - * news administrieren * user administrieren * schichtimport * schichtadministration @@ -20,6 +19,7 @@ später: * Löschen nur mit Rückfrage * FAQ ordentlich mehrsprachig machen * Fertig übersetzen/Sprachwirrwarr beseitigen + * Übersetzung * schichten ueber monatsgrenzen einbaue im moment werden die tage nur hochgezaehlt und die monatzgrenzen werden ignoriert diff --git a/www-ssl/admin/index.php b/www-ssl/admin/index.php deleted file mode 100644 index 4e761078..00000000 --- a/www-ssl/admin/index.php +++ /dev/null @@ -1,21 +0,0 @@ -\n"; -?> - -du bist jetzt im Erzengel-Bereich. Hier kannst du die Engel-Verwaltung vornehmen.

    - -Bitte melde dich hier nach getaner Arbeit immer ab, damit kein anderer hier Änderungen vornehmen kann. - - - diff --git a/www-ssl/index.php b/www-ssl/index.php index 9524459a..c62b03e0 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -66,6 +66,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_questions") { $content = admin_questions(); } + elseif ($p == "admin_news") { + require_once ('includes/pages/admin_news.php'); + $content = admin_news(); + } elseif ($p == "admin_angel_types") { require_once ('includes/pages/admin_angel_types.php'); $content = admin_angel_types(); -- cgit v1.2.3-54-g00ecf From 35fe4b3ed65718e9d09951b8879cc7cc69f7c1ef Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 06:40:29 +0200 Subject: admin user --- DB/db_rewrite.sql | 36 ++++++++------ includes/funktion_db_list.php | 27 +++++----- includes/pages/admin_user.php | 111 ++++++++++++++++++++++++++++++++++++++++++ includes/sys_menu.php | 1 + www-ssl/css/base.css | 16 ++++++ www-ssl/index.php | 4 ++ 6 files changed, 165 insertions(+), 30 deletions(-) create mode 100644 includes/pages/admin_user.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index f5ba1c6d..f713c813 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 03:49 +-- Erstellungszeit: 03. Juni 2011 um 04:40 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,23 +71,24 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 187), +('news', 190), ('login', 26), ('logout', 13), ('start', 26), ('faq', 19), ('credits', 3), -('register', 3), +('register', 8), ('admin_rooms', 89), ('admin_angel_types', 71), ('user_settings', 126), ('user_messages', 113), -('admin_groups', 117), +('admin_groups', 125), ('user_questions', 55), ('admin_questions', 42), ('admin_faq', 55), ('admin_news', 32), -('news_comments', 151); +('news_comments', 151), +('admin_user', 55); -- -------------------------------------------------------- @@ -133,7 +134,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=51 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=64 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -145,15 +146,17 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (40, -2, 4), (41, -2, 3), (23, -1, 2), -(48, -4, 14), -(46, -4, 7), +(62, -4, 16), +(61, -4, 6), (44, -2, 11), (43, -2, 9), (12, -5, 10), -(47, -4, 13), -(49, -4, 12), +(60, -4, 12), +(59, -4, 14), (45, -2, 8), -(50, -4, 6); +(58, -4, 13), +(57, -4, 7), +(63, -4, 5); -- -------------------------------------------------------- @@ -265,7 +268,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=16 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=17 ; -- -- Daten für Tabelle `Privileges` @@ -286,7 +289,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (12, 'admin_questions', 'Answer user''s questions'), (13, 'admin_faq', 'Edit FAQs'), (14, 'admin_news', 'Administrate the news section'), -(15, 'news_comments', 'User can comment news'); +(15, 'news_comments', 'User can comment news'), +(16, 'admin_user', 'Administrate the angels'); -- -------------------------------------------------------- @@ -984,8 +988,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect.php', 'EN', 'Dect'), ('admin/dect_call.php', 'DE', ' '), ('admin/dect_call.php', 'EN', ' '), -('admin/user.php', 'DE', 'Engelliste'), -('admin/user.php', 'EN', 'Drone-list'), +('admin_user', 'DE', 'Engelliste'), +('admin_user', 'EN', 'Manage angels'), ('admin/userDefaultSetting.php', 'DE', 'Engel Voreinstellungen'), ('admin/userDefaultSetting.php', 'EN', 'Drone Default Setting'), ('admin/UserPicture.php', 'DE', 'Benutzerbilder'), @@ -1072,7 +1076,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307072950, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307075960, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/funktion_db_list.php b/includes/funktion_db_list.php index 44e3d865..3e2878da 100644 --- a/includes/funktion_db_list.php +++ b/includes/funktion_db_list.php @@ -34,32 +34,31 @@ function funktion_db_element_list_2row( $TopicName, $SQL) { - global $con; + $html = ""; + $html .= "\n"; + $html .= ""; +# $html .= "\n"; - echo "
    $TopicName

    $TopicName
    \n"; - echo ""; -# echo "\n"; - - $Erg = mysql_query($SQL, $con); - echo mysql_error($con); + $Erg = sql_query($SQL); - echo ""; + $html .= ""; for ($m = 0 ; $m < mysql_num_fields($Erg) ; $m++) { - echo ""; + $html .= ""; } - echo ""; + $html .= ""; for ($n = 0 ; $n < mysql_num_rows($Erg) ; $n++) { - echo ""; + $html .= ""; for ($m = 0 ; $m < mysql_num_fields($Erg) ; $m++) { - echo ""; + $html .= ""; } - echo ""; + $html .= ""; } - echo "
    $TopicName

    $TopicName
    ". mysql_field_name($Erg, $m). "". mysql_field_name($Erg, $m). "
    ".mysql_result($Erg, $n, $m). "".mysql_result($Erg, $n, $m). "
    \n"; + $html .= "\n"; + return $html; } ?> diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php new file mode 100644 index 00000000..b64c9678 --- /dev/null +++ b/includes/pages/admin_user.php @@ -0,0 +1,111 @@ +Neuen Engel eintragen »

    \n"; + + if (!isset ($_GET["OrderBy"])) + $_GET["OrderBy"] = "Nick"; + $SQL = "SELECT * FROM `User` ORDER BY `" . $_GET["OrderBy"] . "` ASC"; + $Erg = sql_query($SQL); + + // anzahl zeilen + $Zeilen = mysql_num_rows($Erg); + + $html .= "Anzahl Engel: $Zeilen

    \n"; + $html .= ' + + + + + + + + + + + + + '; + $Gekommen = 0; + $Active = 0; + $Tshirt = 0; + + for ($n = 0; $n < $Zeilen; $n++) { + $title = ""; + $user_groups = sql_select("SELECT * FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape(mysql_result($Erg, $n, "UID")) . " ORDER BY `Groups`.`Name`"); + $groups = array (); + foreach ($user_groups as $user_group) { + $groups[] = $user_group['Name']; + } + $title .= 'Groups: ' . join(", ", $groups) . "
    "; + if (strlen(mysql_result($Erg, $n, "Telefon")) > 0) + $title .= "Tel: " . mysql_result($Erg, $n, "Telefon") . "
    "; + if (strlen(mysql_result($Erg, $n, "Handy")) > 0) + $title .= "Handy: " . mysql_result($Erg, $n, "Handy") . "
    "; + if (strlen(mysql_result($Erg, $n, "DECT")) > 0) + $title .= "DECT: " . + mysql_result($Erg, $n, "DECT") . "
    "; + if (strlen(mysql_result($Erg, $n, "Hometown")) > 0) + $title .= "Hometown: " . mysql_result($Erg, $n, "Hometown") . "
    "; + if (strlen(mysql_result($Erg, $n, "lastLogIn")) > 0) + $title .= "Last login: " . date("Y-m-d H:i", mysql_result($Erg, $n, "lastLogIn")) . "
    "; + if (strlen(mysql_result($Erg, $n, "Art")) > 0) + $title .= "Type: " . mysql_result($Erg, $n, "Art") . "
    "; + if (strlen(mysql_result($Erg, $n, "ICQ")) > 0) + $title .= "ICQ: " . mysql_result($Erg, $n, "ICQ") . "
    "; + if (strlen(mysql_result($Erg, $n, "jabber")) > 0) + $title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "
    "; + + $html .= "\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $Gekommen += mysql_result($Erg, $n, "Gekommen"); + $html .= "\t\n"; + $Active += mysql_result($Erg, $n, "Aktiv"); + $html .= "\t\n"; + $Tshirt += mysql_result($Erg, $n, "Tshirt"); + $html .= "\t\n"; + $html .= ""; + $html .= "\t\n"; + $html .= "\n"; + } + $html .= "" . + "" . + "\n"; + $html .= "\t
    + Nick + Vorname NameAlter + E-Mail + GrößeGekommenAktivT-ShirtRegistrierÄnd.
    " . mysql_result($Erg, $n, "Nick") . "" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "" . mysql_result($Erg, $n, "Alter") . ""; + if (strlen(mysql_result($Erg, $n, "email")) > 0) + $html .= "" . + mysql_result($Erg, $n, "email") . ""; + $html .= ''; + $html .= "" . mysql_result($Erg, $n, "Size") . "" . mysql_result($Erg, $n, "Gekommen") . "" . mysql_result($Erg, $n, "Aktiv") . "" . mysql_result($Erg, $n, "Tshirt") . "" . mysql_result($Erg, $n, "CreateDate") . "" . 'Edit' . + "
    $Gekommen$Active$Tshirt
    \n"; + // Ende Userliste + + $html .= "

    Statistics

    "; + $html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`"); + + $html .= "
    \n"; + + $html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`"); + + $html .= "
    \n"; + + $html .= funktion_db_element_list_2row("Used Groups", "SELECT Groups.Name AS 'GroupName', COUNT(Groups.Name) AS Count FROM `UserGroups` " . + "LEFT JOIN `Groups` ON Groups.UID = UserGroups.group_id " . + "WHERE (UserGroups.group_id!='NULL') " . + "GROUP BY `GroupName` " . + ""); + return $html; +} +?> \ No newline at end of file diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 2a05fdb4..6a10c32b 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -31,6 +31,7 @@ function make_navigation() { // Admin Navigation $menu .= make_navigation_for(Get_Text('admin/'), array ( + "admin_user", "admin_usershifts", "admin_questions", "admin_angel_types", diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css index 0a137099..236eba81 100644 --- a/www-ssl/css/base.css +++ b/www-ssl/css/base.css @@ -120,6 +120,22 @@ textarea { width: 300px; } +.hidden { + background: #fff; + border: 1px solid #888; + display: none; + font-size: 12px; + padding: 4px; +} + +td .hidden { + position: absolute; +} + +tr:hover .hidden { + display: block; +} + .clear { clear: both; } diff --git a/www-ssl/index.php b/www-ssl/index.php index c62b03e0..f6c6aaa2 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -66,6 +66,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_questions") { $content = admin_questions(); } + elseif ($p == "admin_user") { + require_once ('includes/pages/admin_user.php'); + $content = admin_user(); + } elseif ($p == "admin_news") { require_once ('includes/pages/admin_news.php'); $content = admin_news(); -- cgit v1.2.3-54-g00ecf From 11e274a6fedc639223285557766b13b405c03be8 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 06:47:35 +0200 Subject: user meetings --- DB/db_rewrite.sql | 43 ++++++----- includes/pages/user_news.php | 71 ++++++++++++------ includes/sys_menu.php | 1 + www-ssl/admin/user.php | 133 --------------------------------- www-ssl/index.php | 4 + www-ssl/nonpublic/engelbesprechung.php | 29 ------- 6 files changed, 80 insertions(+), 201 deletions(-) delete mode 100644 www-ssl/admin/user.php delete mode 100644 www-ssl/nonpublic/engelbesprechung.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index f713c813..20a23f1e 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 04:40 +-- Erstellungszeit: 03. Juni 2011 um 04:47 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,7 +71,7 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 190), +('news', 192), ('login', 26), ('logout', 13), ('start', 26), @@ -82,13 +82,14 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('admin_angel_types', 71), ('user_settings', 126), ('user_messages', 113), -('admin_groups', 125), +('admin_groups', 129), ('user_questions', 55), ('admin_questions', 42), ('admin_faq', 55), -('admin_news', 32), +('admin_news', 33), ('news_comments', 151), -('admin_user', 55); +('admin_user', 59), +('user_meetings', 5); -- -------------------------------------------------------- @@ -134,29 +135,30 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=64 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=71 ; -- -- Daten für Tabelle `GroupPrivileges` -- INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES -(42, -2, 15), +(69, -2, 11), (24, -1, 5), -(40, -2, 4), -(41, -2, 3), +(68, -2, 9), +(67, -2, 17), (23, -1, 2), (62, -4, 16), (61, -4, 6), -(44, -2, 11), -(43, -2, 9), +(66, -2, 15), +(65, -2, 3), (12, -5, 10), (60, -4, 12), (59, -4, 14), -(45, -2, 8), +(64, -2, 4), (58, -4, 13), (57, -4, 7), -(63, -4, 5); +(63, -4, 5), +(70, -2, 8); -- -------------------------------------------------------- @@ -223,12 +225,14 @@ CREATE TABLE IF NOT EXISTS `News` ( `UID` int(11) NOT NULL DEFAULT '0', `Treffen` tinyint(4) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ; -- -- Daten für Tabelle `News` -- +INSERT INTO `News` (`ID`, `Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES +(4, 1307076340, 'Achtung, Treffen!', '', 1, 1); -- -------------------------------------------------------- @@ -268,7 +272,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=17 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=18 ; -- -- Daten für Tabelle `Privileges` @@ -290,7 +294,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (13, 'admin_faq', 'Edit FAQs'), (14, 'admin_news', 'Administrate the news section'), (15, 'news_comments', 'User can comment news'), -(16, 'admin_user', 'Administrate the angels'); +(16, 'admin_user', 'Administrate the angels'), +(17, 'user_meetings', 'Lists meetings (news)'); -- -------------------------------------------------------- @@ -1033,7 +1038,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('news_comments', 'DE', 'News Kommentare'), ('news_comments', 'EN', 'News comments'), ('admin_news', 'DE', 'News verwalten'), -('admin_news', 'EN', 'Manage news'); +('admin_news', 'EN', 'Manage news'), +('user_meetings', 'DE', 'Treffen'), +('user_meetings', 'EN', 'Meetings'); -- -------------------------------------------------------- @@ -1076,7 +1083,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307075960, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307076377, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 7b4f9482..818c2da2 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -1,16 +1,45 @@ \n\n"; + $dis_rows = ceil(sql_num_query("SELECT * FROM `News` WHERE `Treffen`=1") / $DISPLAY_NEWS); + + $html .= Get_Text(5); + + for ($i = 0; $i < $dis_rows; $i++) { + if ($i == $_REQUEST['page']) + $html .= ($i +1) . "  "; + else + $html .= '' . ($i +1) . '  '; + } + $html .= '
    '; + return $html; +} + function display_news($news) { global $privileges, $p; $html .= ""; $html .= '
    '; $html .= '
    '; - $html .= date("Y-m-d H:i",$news['Datum']) . ', '; + $html .= date("Y-m-d H:i", $news['Datum']) . ', '; $html .= UID2Nick($news['UID']); if ($p != "news_comments") $html .= ', Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »'; $html .= '
    '; - $html .= '

    '.($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '

    '; + $html .= '

    ' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '

    '; $html .= '

    ' . ReplaceSmilies(nl2br($news['Text'])) . '

    '; if (in_array("admin_news", $privileges)) $html .= "
    Edit
    \n"; @@ -51,22 +80,22 @@ function user_news_comments() { $html .= ""; $html .= ' -
    -
    -

    Neuer Kommentar:

    -   - -
    - - - - - - -
    Text:
    -
    - -
    '; +
    +
    +

    Neuer Kommentar:

    +   + +
    + + + + + + +
    Text:
    +
    + +
    '; } else { $html .= "Fehlerhafter Aufruf!"; } @@ -125,9 +154,9 @@ function user_news() { '; if (in_array('admin_news', $privileges)) { $html .= ' - ' . Get_Text(9) . ' - - '; + ' . Get_Text(9) . ' + + '; } $html .= ' diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 6a10c32b..d5543f97 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -22,6 +22,7 @@ function make_navigation() { // Engel Navigation $menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array ( "news", + "user_meetings", "user_myshifts", "user_shifts", "user_messages", diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php deleted file mode 100644 index 0b31c97c..00000000 --- a/www-ssl/admin/user.php +++ /dev/null @@ -1,133 +0,0 @@ -Neuen Engel eintragen

    \n"; - - if (!isset ($_GET["OrderBy"])) - $_GET["OrderBy"] = "Nick"; - $SQL = "SELECT User.*, UserGroups.Name AS 'Group' FROM `User` " . - "LEFT JOIN `UserCVS` ON User.UID = UserCVS.UID " . - "LEFT JOIN `UserGroups` ON UserGroups.UID = UserCVS.GroupID " . - "ORDER BY `" . $_GET["OrderBy"] . "` ASC"; - $Erg = mysql_query($SQL, $con); - echo mysql_error($con); - - // anzahl zeilen - $Zeilen = mysql_num_rows($Erg); - - echo "Anzahl Engel: $Zeilen

    \n"; -?> - - - - - - - - - - - - - - - - \n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\t\n"; - $Gekommen += mysql_result($Erg, $n, "Gekommen"); - echo "\t\n"; - $Active += mysql_result($Erg, $n, "Aktiv"); - echo "\t\n"; - $Tshirt += mysql_result($Erg, $n, "Tshirt"); - echo "\t\n"; - echo "\t\n"; - echo "\t\n"; - echo "\n"; - } - echo "" . - "" . - "\n"; - echo "\t
    - ?OrderBy=Nick">Nick | - ?OrderBy=CreateDate">CreateDate - ?OrderBy=Name">Name?OrderBy=Vorname">Vorname?OrderBy=Alter">Alter - ?OrderBy=email">@ | - ?OrderBy=DECT">DECT | - ?OrderBy=Hometown">Hometown | - ?OrderBy=lastLogIn">lastLogIn | - ?OrderBy=Art">Type | - ?OrderBy=ICQ">ICQ | - ?OrderBy=jabber">jabber | - ?OrderBy=Group">Group - ?OrderBy=Size">Größe?OrderBy=Gekommen">G?OrderBy=Aktiv">A?OrderBy=Tshirt">TÄnd.Secure
    " . mysql_result($Erg, $n, "Nick") . "
    (Create: " . mysql_result($Erg, $n, "CreateDate") . ")    		" . mysql_result($Erg, $n, "Name") . "" . mysql_result($Erg, $n, "Vorname") . "" . mysql_result($Erg, $n, "Alter") . ""; - if (strlen(mysql_result($Erg, $n, "Telefon")) > 0) - echo "\n\t\tTel: " . mysql_result($Erg, $n, "Telefon") . "
    "; - if (strlen(mysql_result($Erg, $n, "Handy")) > 0) - echo "\n\t\tHandy: " . mysql_result($Erg, $n, "Handy") . "
    "; - if (strlen(mysql_result($Erg, $n, "DECT")) > 0) - echo "\n\t\tDECT: " . - mysql_result($Erg, $n, "DECT") . "
    "; - if (strlen(mysql_result($Erg, $n, "email")) > 0) - echo "\n\t\temail: " . - mysql_result($Erg, $n, "email") . "
    "; - if (strlen(mysql_result($Erg, $n, "Hometown")) > 0) - echo "\n\t\tHometown: " . mysql_result($Erg, $n, "Hometown") . "
    "; - if (strlen(mysql_result($Erg, $n, "lastLogIn")) > 0) - echo "\n\t\tlastLogIn: " . mysql_result($Erg, $n, "lastLogIn") . "
    "; - if (strlen(mysql_result($Erg, $n, "Art")) > 0) - echo "\n\t\tType: " . mysql_result($Erg, $n, "Art") . "
    "; - if (strlen(mysql_result($Erg, $n, "ICQ")) > 0) - echo "\n\t\tICQ: " . mysql_result($Erg, $n, "ICQ") . "
    "; - if (strlen(mysql_result($Erg, $n, "jabber")) > 0) - echo "\n\t\tjabber: " . mysql_result($Erg, $n, "jabber") . "
    "; - echo "\n\t\tGroup: " . mysql_result($Erg, $n, "Group") . "
    "; - echo "    		" . mysql_result($Erg, $n, "Size") . "" . mysql_result($Erg, $n, "Gekommen") . "" . mysql_result($Erg, $n, "Aktiv") . "" . mysql_result($Erg, $n, "Tshirt") . "" . funktion_isLinkAllowed_addLink_OrEmpty("admin/userChangeNormal.php?enterUID=" . - mysql_result($Erg, $n, "UID") . "&Type=Normal", "Änd.") . - "" . funktion_isLinkAllowed_addLink_OrEmpty("admin/userChangeSecure.php?enterUID=" . - mysql_result($Erg, $n, "UID") . "&Type=Secure", "Secure") . - "
    $Gekommen$Active$Tshirt
    \n"; - // Ende Userliste - - echo "

    Statistics

    "; - funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`"); - - echo "
    \n"; - - funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`"); - - echo "
    \n"; - - funktion_db_element_list_2row("Used Groups", "SELECT UserGroups.Name AS 'GroupName', COUNT(UserGroups.Name) AS Count FROM `UserCVS` " . - "LEFT JOIN `UserGroups` ON UserGroups.UID = UserCVS.GroupID " . - "WHERE (UserCVS.GroupID!='NULL') " . - "GROUP BY `GroupName` " . - ""); -} else { - echo "error"; -} - -include ("includes/footer.php"); -?> - - diff --git a/www-ssl/index.php b/www-ssl/index.php index f6c6aaa2..ded6c110 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -40,6 +40,10 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/user_news.php'); $content = user_news_comments(); } + elseif ($p == "user_meetings") { + require_once ('includes/pages/user_news.php'); + $content = user_meetings(); + } elseif ($p == "user_messages") { $content = user_messages(); } diff --git a/www-ssl/nonpublic/engelbesprechung.php b/www-ssl/nonpublic/engelbesprechung.php deleted file mode 100644 index 7ff684d4..00000000 --- a/www-ssl/nonpublic/engelbesprechung.php +++ /dev/null @@ -1,29 +0,0 @@ -" . mysql_result($Erg, $n, "Betreff") . ""; - - // Show Admin Page - if ($_SESSION['CVS']["admin/news.php"] == "Y") - echo " [edit]"; - - echo "
       " . mysql_result($Erg, $n, "Datum") . ", "; - echo UID2Nick(mysql_result($Erg, $n, "UID")) . "

    \n"; - echo "

    " . nl2br(mysql_result($Erg, $n, "Text")) . "

    \n"; - } -} - -include ("includes/footer.php"); -?> -- cgit v1.2.3-54-g00ecf From 6b155db36c30718ccbe25200d640c177d5d78589 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 07:44:50 +0200 Subject: user management --- DB/db_rewrite.sql | 14 +- includes/pages/admin_user.php | 363 +++++++++++++++++++++++++---------- includes/sys_template.php | 2 +- includes/sys_user.php | 11 +- txt/TODO | 1 - www-ssl/admin/userChangeNormal.php | 133 ------------- www-ssl/admin/userDefaultSetting.php | 138 ------------- www-ssl/admin/userSaveNormal.php | 119 ------------ 8 files changed, 277 insertions(+), 504 deletions(-) delete mode 100644 www-ssl/admin/userChangeNormal.php delete mode 100644 www-ssl/admin/userDefaultSetting.php delete mode 100644 www-ssl/admin/userSaveNormal.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 20a23f1e..18a75dee 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 04:47 +-- Erstellungszeit: 03. Juni 2011 um 05:44 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -80,15 +80,15 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('register', 8), ('admin_rooms', 89), ('admin_angel_types', 71), -('user_settings', 126), +('user_settings', 131), ('user_messages', 113), ('admin_groups', 129), ('user_questions', 55), -('admin_questions', 42), +('admin_questions', 43), ('admin_faq', 55), ('admin_news', 33), ('news_comments', 151), -('admin_user', 59), +('admin_user', 157), ('user_meetings', 5); -- -------------------------------------------------------- @@ -1083,8 +1083,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307076377, '0000-00-00 00:00:00', '', '', ''), -(147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); +(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 0, 0, 10, 'DE', 115, 'L', 1307079838, '0000-00-00 00:00:00', '', '', ''); -- -------------------------------------------------------- @@ -1184,8 +1183,7 @@ INSERT INTO `UserGroups` (`id`, `uid`, `group_id`) VALUES (1, 1, -2), (2, 1, -3), (3, 1, -5), -(4, 1, -4), -(5, 147, -2); +(4, 1, -4); -- -------------------------------------------------------- diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index b64c9678..497f5fdb 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -1,111 +1,280 @@ Neuen Engel eintragen »

    \n"; - - if (!isset ($_GET["OrderBy"])) - $_GET["OrderBy"] = "Nick"; - $SQL = "SELECT * FROM `User` ORDER BY `" . $_GET["OrderBy"] . "` ASC"; - $Erg = sql_query($SQL); - - // anzahl zeilen - $Zeilen = mysql_num_rows($Erg); - - $html .= "Anzahl Engel: $Zeilen

    \n"; - $html .= ' - - - - - - - - - - - - - '; - $Gekommen = 0; - $Active = 0; - $Tshirt = 0; - - for ($n = 0; $n < $Zeilen; $n++) { - $title = ""; - $user_groups = sql_select("SELECT * FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape(mysql_result($Erg, $n, "UID")) . " ORDER BY `Groups`.`Name`"); - $groups = array (); - foreach ($user_groups as $user_group) { - $groups[] = $user_group['Name']; + + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) { + $id = $_REQUEST['id']; + if (!isset ($_REQUEST['action'])) { + $html .= "Hallo,
    " . + "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . + "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . + "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . + "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . + "bereits sein T-Shirt erhalten hat.

    \n"; + + $html .= "\n"; + $html .= "
    - Nick - Vorname NameAlter - E-Mail - GrößeGekommenAktivT-ShirtRegistrierÄnd.
    \n"; + $html .= "\n"; + + $SQL = "SELECT * FROM `User` WHERE `UID`='" . $id . "'"; + $Erg = sql_query($SQL); + + $html .= ""; + + $html .= "\n"; + $html .= "
    \n"; + $html .= "\n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + $html .= " \n"; + + $options = array ( + '1' => "Yes", + '0' => "No" + ); + + // Gekommen? + $html .= " \n"; + + // Aktiv? + $html .= " \n"; + + // T-Shirt bekommen? + $html .= " \n"; + + $html .= " \n"; + + $html .= "
    Nick" . + "
    lastLogIn" . + date("Y-m-d H:i", mysql_result($Erg, 0, "lastLogIn")) . "
    Name" . + "
    Vorname" . + "
    Alter" . + "
    Telefon" . + "
    Handy" . + "
    DECT" . + "
    email" . + "
    ICQ" . + "
    jabber" . + "
    Size" . + html_select_key('size', array ( + 'S' => "S", + 'M' => "M", + 'L' => "L", + 'XL' => "XL", + '2XL' => "2XL", + '3XL' => "3XL", + '4XL' => "4XL", + '5XL' => "5XL", + 'S-G' => "S Girl", + 'M-G' => "M Girl", + 'L-G' => "L Girl", + 'XL-G' => "XL Girl" + ), mysql_result($Erg, 0, "Size")) . "
    Gekommen\n"; + $html .= html_options('eGekommen', $options, mysql_result($Erg, 0, "Gekommen")) . "
    Aktiv\n"; + $html .= html_options('eAktiv', $options, mysql_result($Erg, 0, "Aktiv")) . "
    T-Shirt\n"; + $html .= html_options('eTshirt', $options, mysql_result($Erg, 0, "Tshirt")) . "
    Hometown" . + "
    \n    		" . displayavatar($id, false) . "
    \n
    \n"; + $html .= "\n"; + $html .= "\n"; + $html .= ""; + + $html .= "
    "; + + $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:
    \n"; + $html .= "\n"; + $html .= " \n"; + $html .= " \n"; + + $html .= "
    Passwort" . + "
    Wiederholung" . + "
    "; + $html .= "\n"; + $html .= "\n"; + $html .= "
    "; + + $html .= "
    "; + + $html .= "
    \n"; + $html .= "\n"; + $html .= "\n"; + $html .= "
    "; + + $html .= "
    "; + $html .= funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_REQUEST['id']); + } else { + switch ($_REQUEST['action']) { + case 'delete' : + if ($user['UID'] != $id) { + sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); + sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id)); + $html .= success("Benutzer gelöscht!"); + } else { + $html .= error("Du kannst Dich nicht selber löschen!"); + } + break; + + case 'save' : + $SQL = "UPDATE `User` SET "; + $SQL .= " `Nick` = '" . $_POST["eNick"] . "', `Name` = '" . $_POST["eName"] . "', " . + "`Vorname` = '" . $_POST["eVorname"] . "', " . + "`Telefon` = '" . $_POST["eTelefon"] . "', " . + "`Handy` = '" . $_POST["eHandy"] . "', " . + "`Alter` = '" . $_POST["eAlter"] . "', " . + "`DECT` = '" . $_POST["eDECT"] . "', " . + "`email` = '" . $_POST["eemail"] . "', " . + "`ICQ` = '" . $_POST["eICQ"] . "', " . + "`jabber` = '" . $_POST["ejabber"] . "', " . + "`Size` = '" . $_POST["eSize"] . "', " . + "`Gekommen`= '" . $_POST["eGekommen"] . "', " . + "`Aktiv`= '" . $_POST["eAktiv"] . "', " . + "`Tshirt` = '" . $_POST["eTshirt"] . "', " . + "`Hometown` = '" . $_POST["Hometown"] . "' " . + "WHERE `UID` = '" . $id . + "' LIMIT 1;"; + sql_query($SQL); + $html .= success("Änderung wurde gespeichert...\n"); + break; + + case 'change_pw' : + if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { + sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + $html .= success("Passwort neu gesetzt."); + } else { + $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!"); + } + break; + } } - $title .= 'Groups: ' . join(", ", $groups) . "
    "; - if (strlen(mysql_result($Erg, $n, "Telefon")) > 0) - $title .= "Tel: " . mysql_result($Erg, $n, "Telefon") . "
    "; - if (strlen(mysql_result($Erg, $n, "Handy")) > 0) - $title .= "Handy: " . mysql_result($Erg, $n, "Handy") . "
    "; - if (strlen(mysql_result($Erg, $n, "DECT")) > 0) - $title .= "DECT: " . - mysql_result($Erg, $n, "DECT") . "
    "; - if (strlen(mysql_result($Erg, $n, "Hometown")) > 0) - $title .= "Hometown: " . mysql_result($Erg, $n, "Hometown") . "
    "; - if (strlen(mysql_result($Erg, $n, "lastLogIn")) > 0) - $title .= "Last login: " . date("Y-m-d H:i", mysql_result($Erg, $n, "lastLogIn")) . "
    "; - if (strlen(mysql_result($Erg, $n, "Art")) > 0) - $title .= "Type: " . mysql_result($Erg, $n, "Art") . "
    "; - if (strlen(mysql_result($Erg, $n, "ICQ")) > 0) - $title .= "ICQ: " . mysql_result($Erg, $n, "ICQ") . "
    "; - if (strlen(mysql_result($Erg, $n, "jabber")) > 0) - $title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "
    "; - - $html .= "\n"; - $html .= "\t" . mysql_result($Erg, $n, "Nick") . "\n"; - $html .= "\t" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "\n"; - $html .= "\t" . mysql_result($Erg, $n, "Alter") . "\n"; - $html .= "\t"; - if (strlen(mysql_result($Erg, $n, "email")) > 0) - $html .= "" . - mysql_result($Erg, $n, "email") . ""; - $html .= ''; - $html .= "\n"; - $html .= "\t" . mysql_result($Erg, $n, "Size") . "\n"; - $Gekommen += mysql_result($Erg, $n, "Gekommen"); - $html .= "\t" . mysql_result($Erg, $n, "Gekommen") . "\n"; - $Active += mysql_result($Erg, $n, "Aktiv"); - $html .= "\t" . mysql_result($Erg, $n, "Aktiv") . "\n"; - $Tshirt += mysql_result($Erg, $n, "Tshirt"); - $html .= "\t" . mysql_result($Erg, $n, "Tshirt") . "\n"; - $html .= "" . mysql_result($Erg, $n, "CreateDate") . ""; - $html .= "\t" . 'Edit' . - "\n"; - $html .= "\n"; - } - $html .= "" . - "" . - "$Gekommen$Active$Tshirt\n"; - $html .= "\t\n"; - // Ende Userliste + } else { + // Userliste, keine UID uebergeben... + + $html .= "Neuen Engel eintragen »

    \n"; - $html .= "

    Statistics

    "; - $html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`"); + if (!isset ($_GET["OrderBy"])) + $_GET["OrderBy"] = "Nick"; + $SQL = "SELECT * FROM `User` ORDER BY `" . sql_escape($_GET["OrderBy"]) . "` ASC"; + $Erg = sql_query($SQL); - $html .= "
    \n"; + // anzahl zeilen + $Zeilen = mysql_num_rows($Erg); - $html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`"); + $html .= "Anzahl Engel: $Zeilen

    \n"; + $html .= ' + + + + + + + + + + + + + '; + $Gekommen = 0; + $Active = 0; + $Tshirt = 0; - $html .= "
    \n"; + for ($n = 0; $n < $Zeilen; $n++) { + $title = ""; + $user_groups = sql_select("SELECT * FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape(mysql_result($Erg, $n, "UID")) . " ORDER BY `Groups`.`Name`"); + $groups = array (); + foreach ($user_groups as $user_group) { + $groups[] = $user_group['Name']; + } + $title .= 'Groups: ' . join(", ", $groups) . "
    "; + if (strlen(mysql_result($Erg, $n, "Telefon")) > 0) + $title .= "Tel: " . mysql_result($Erg, $n, "Telefon") . "
    "; + if (strlen(mysql_result($Erg, $n, "Handy")) > 0) + $title .= "Handy: " . mysql_result($Erg, $n, "Handy") . "
    "; + if (strlen(mysql_result($Erg, $n, "DECT")) > 0) + $title .= "DECT: " . + mysql_result($Erg, $n, "DECT") . "
    "; + if (strlen(mysql_result($Erg, $n, "Hometown")) > 0) + $title .= "Hometown: " . mysql_result($Erg, $n, "Hometown") . "
    "; + if (strlen(mysql_result($Erg, $n, "lastLogIn")) > 0) + $title .= "Last login: " . date("Y-m-d H:i", mysql_result($Erg, $n, "lastLogIn")) . "
    "; + if (strlen(mysql_result($Erg, $n, "Art")) > 0) + $title .= "Type: " . mysql_result($Erg, $n, "Art") . "
    "; + if (strlen(mysql_result($Erg, $n, "ICQ")) > 0) + $title .= "ICQ: " . mysql_result($Erg, $n, "ICQ") . "
    "; + if (strlen(mysql_result($Erg, $n, "jabber")) > 0) + $title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "
    "; - $html .= funktion_db_element_list_2row("Used Groups", "SELECT Groups.Name AS 'GroupName', COUNT(Groups.Name) AS Count FROM `UserGroups` " . - "LEFT JOIN `Groups` ON Groups.UID = UserGroups.group_id " . - "WHERE (UserGroups.group_id!='NULL') " . - "GROUP BY `GroupName` " . - ""); + $html .= "\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $Gekommen += mysql_result($Erg, $n, "Gekommen"); + $html .= "\t\n"; + $Active += mysql_result($Erg, $n, "Aktiv"); + $html .= "\t\n"; + $Tshirt += mysql_result($Erg, $n, "Tshirt"); + $html .= "\t\n"; + $html .= ""; + $html .= "\t\n"; + $html .= "\n"; + } + $html .= "" . + "" . + "\n"; + $html .= "\t
    + Nick + Vorname NameAlter + E-Mail + GrößeGekommenAktivT-ShirtRegistrierÄnd.
    " . mysql_result($Erg, $n, "Nick") . "" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "" . mysql_result($Erg, $n, "Alter") . ""; + if (strlen(mysql_result($Erg, $n, "email")) > 0) + $html .= "" . + mysql_result($Erg, $n, "email") . ""; + $html .= ''; + $html .= "" . mysql_result($Erg, $n, "Size") . "" . mysql_result($Erg, $n, "Gekommen") . "" . mysql_result($Erg, $n, "Aktiv") . "" . mysql_result($Erg, $n, "Tshirt") . "" . mysql_result($Erg, $n, "CreateDate") . "" . 'Edit' . + "
    $Gekommen$Active$Tshirt
    \n"; + // Ende Userliste + + $html .= "

    Statistics

    "; + $html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`"); + + $html .= "
    \n"; + + $html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`"); + + $html .= "
    \n"; + + $html .= funktion_db_element_list_2row("Used Groups", "SELECT Groups.Name AS 'GroupName', COUNT(Groups.Name) AS Count FROM `UserGroups` " . + "LEFT JOIN `Groups` ON Groups.UID = UserGroups.group_id " . + "WHERE (UserGroups.group_id!='NULL') " . + "GROUP BY `GroupName` " . + ""); + } return $html; } ?> \ No newline at end of file diff --git a/includes/sys_template.php b/includes/sys_template.php index 893d2d7e..7524b0cb 100644 --- a/includes/sys_template.php +++ b/includes/sys_template.php @@ -18,7 +18,7 @@ function template_render($file, $data) { function html_options($name, $options, $selected = "") { $html = ""; foreach ($options as $value => $label) - $html .= ' ' . $label; + $html .= ' ' . $label; return $html; } diff --git a/includes/sys_user.php b/includes/sys_user.php index 5dcf3f1f..4f55da38 100644 --- a/includes/sys_user.php +++ b/includes/sys_user.php @@ -86,13 +86,10 @@ function displayavatar($UID, $height = "30") { if (GetPicturShow($UID) == 'Y') return " " . displayPictur($UID, $height); - // show avator - $asql = "select * from User where UID = $UID"; - $aerg = mysql_query($asql, $con); - - if (mysql_num_rows($aerg)) - if (mysql_result($aerg, 0, "Avatar") > 0) - return'
    '. (" ").'
    '; + $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1"); + if (count($user) > 0) + if ($user[0]['Avatar'] > 0) + return '
    ' . (" ") . '
    '; } function UIDgekommen($UID) { diff --git a/txt/TODO b/txt/TODO index 02dd8626..9d29b09c 100644 --- a/txt/TODO +++ b/txt/TODO @@ -4,7 +4,6 @@ jetzt: * schichtadministration * meine schichten * schichten - * meetings * weckservice? später: diff --git a/www-ssl/admin/userChangeNormal.php b/www-ssl/admin/userChangeNormal.php deleted file mode 100644 index 36eb4b6d..00000000 --- a/www-ssl/admin/userChangeNormal.php +++ /dev/null @@ -1,133 +0,0 @@ - Aendern... - - echo "Hallo,
    " . - "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . - "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . - "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . - "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . - "bereits sein T-Shirt erhalten hat.

    \n"; - - echo "
    \n"; - echo "\n"; - echo "\n"; - - $SQL = "SELECT * FROM `User` WHERE `UID`='" . $_GET["enterUID"] . "'"; - $Erg = mysql_query($SQL, $con); - - if (mysql_num_rows($Erg) != 1) - echo ""; - else { - echo ""; - } - - echo "\n"; - echo "
    Sorry, der Engel (UID=" . $_GET["enterUID"] . - ") wurde in der Liste nicht gefunden.
    \n"; - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - - // Gekommen? - echo " \n"; - - // Aktiv? - echo " \n"; - - // T-Shirt bekommen? - echo " \n"; - - echo " \n"; - - echo "
    Nick" . - "
    lastLogIn" . - "
    Name" . - "
    Vorname" . - "
    Alter" . - "
    Telefon" . - "
    Handy" . - "
    DECT" . - "
    email" . - "
    ICQ" . - "
    jabber" . - "
    Size" . - "
    Passwort" . - "neues Kennwort setzen
    Gekommen\n"; - echo " No \n"; - echo " Yes \n"; - echo "
    Aktiv\n"; - echo " No \n"; - echo " Yes \n"; - echo "
    T-Shirt\n"; - echo " No \n"; - echo " Yes \n"; - echo "
    Hometown" . - "
    \n    		" . displayavatar($_GET["enterUID"], FALSE) . "
    \n
    \n"; - echo "\n"; - echo "\n"; - echo "
    "; - - echo "
    \n"; - echo "\n"; - echo "\n"; - echo "
    "; - - echo "
    "; - funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_GET["enterUID"]); -} - -include ("includes/footer.php"); -?> - - diff --git a/www-ssl/admin/userDefaultSetting.php b/www-ssl/admin/userDefaultSetting.php deleted file mode 100644 index e7a69925..00000000 --- a/www-ssl/admin/userDefaultSetting.php +++ /dev/null @@ -1,138 +0,0 @@ -\nhier hast du die Möglichkeit, die Defaulteinstellungen für neue User einzustellen:

    \n"; - -echo "\n"; -echo "\t\n"; -echo "\t\t\n\t\t\n\t\t\n"; -echo "\t\n"; - -if (isset ($_GET["Field"]) && isset ($_GET["Default"]) && isset ($_GET["Send"])) { - switch ($_GET["Send"]) { - case "New" : - $SQL = "ALTER TABLE `UserCVS` ADD `" . $_GET["Field"] . "` " . - "CHAR( 1 ) DEFAULT '" . $_GET["Default"] . "' NOT NULL"; - $Erg = db_query($SQL, "New user default setting"); - if ($Erg == 1) - echo "

    Create " . $_GET["Field"] . " = " . $_GET["Default"] . " succesfull

    \n"; - else - echo "

    Create " . $_GET["Field"] . " = " . $_GET["Default"] . " error...

    \n" . - "[" . mysql_error() . "]

    "; - break; - case "Del" : - echo "\t\n"; - echo "\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\n"; - echo "\t\n"; - break; - case "Del sure" : - $SQL = "ALTER TABLE `UserCVS` DROP `" . $_GET["Field"] . "` "; - $Erg = db_query($SQL, "del user default setting"); - if ($Erg == 1) - echo "

    Delete " . $_GET["Field"] . " succesfull

    \n"; - else - echo "

    Delete " . $_GET["Field"] . " error...

    \n" . - "[" . mysql_error() . "]

    "; - break; - case "SetForAllUser" : - $SQL = "UPDATE `UserCVS` SET `" . $_GET["Field"] . "`='" . $_GET["Default"] . "' WHERE UID>0"; - $Erg = db_query($SQL, "Set new user default setting for all user"); - if ($Erg == 1) - echo "

    UPDATE " . $_GET["Field"] . " = " . $_GET["Default"] . " for all Users succesfull

    \n"; - else - echo "

    UPDATE " . $_GET["Field"] . " = " . $_GET["Default"] . " for all Users error...

    \n" . - "[" . mysql_error() . "]

    "; - case "Save" : - $SQL = "ALTER TABLE `UserCVS` CHANGE `" . $_GET["Field"] . "` " . - "`" . $_GET["Field"] . "` CHAR( 1 ) NOT NULL DEFAULT '" . $_GET["Default"] . "'"; - $Erg = db_query($SQL, "Save user default setting"); - if ($Erg == 1) - echo "

    Write " . $_GET["Field"] . " = " . $_GET["Default"] . " succesfull

    \n"; - else - echo "

    Write " . $_GET["Field"] . " = " . $_GET["Default"] . " error...

    \n" . - "[" . mysql_error() . "]

    "; - break; - } //SWITCH -} //IF( - -$erg = mysql_query("SHOW COLUMNS FROM `UserCVS`"); -echo mysql_error(); -echo "\t\n"; -echo "\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\n"; -echo "\t\n"; - -for ($i = 2; $i < mysql_num_rows($erg); $i++) { - echo "\t\n"; - echo "\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\t\n"; - echo "\t\t\n"; - echo "\t\n"; -} - -echo "\t\n"; -echo "\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\t\n"; -echo "\t\t\n"; -echo "\t\n"; - -echo "
    PageShow
    Group\n"; -echo "\t\t\t
    " . mysql_result($erg, $i, "Field") . "\n"; - - echo "\t\t\t\tallow\n"; - - echo "\t\t\t\tdenied\n"; - - echo "\t\t\t\tgroup-setting\n"; - - echo "\t\t\t\n"; - echo "\t\t\t \n"; - echo "\t\t\t
    \n"; -echo "\t\t\t\tallow\n"; -echo "\t\t\t\tdenied\n"; -echo "\t\t\t\tgroup-setting\n"; -echo "\t\t\t
    \n"; - -include ("includes/footer.php"); -?> - diff --git a/www-ssl/admin/userSaveNormal.php b/www-ssl/admin/userSaveNormal.php deleted file mode 100644 index deaf96d9..00000000 --- a/www-ssl/admin/userSaveNormal.php +++ /dev/null @@ -1,119 +0,0 @@ -"; - - switch ($_GET["action"]) { - case "change" : - if (IsSet ($_POST["enterUID"])) { - if ($_POST["Type"] == "Normal") { - $SQL = "UPDATE `User` SET "; - $SQL .= " `Nick` = '" . $_POST["eNick"] . "', `Name` = '" . $_POST["eName"] . "', " . - "`Vorname` = '" . $_POST["eVorname"] . "', " . - "`Telefon` = '" . $_POST["eTelefon"] . "', " . - "`Handy` = '" . $_POST["eHandy"] . "', " . - "`DECT` = '" . $_POST["eDECT"] . "', " . - "`email` = '" . $_POST["eemail"] . "', " . - "`ICQ` = '" . $_POST["eICQ"] . "', " . - "`jabber` = '" . $_POST["ejabber"] . "', " . - "`Size` = '" . $_POST["eSize"] . "', " . - "`Gekommen`= '" . $_POST["eGekommen"] . "', " . - "`Aktiv`= '" . $_POST["eAktiv"] . "', " . - "`Tshirt` = '" . $_POST["eTshirt"] . "', " . - "`Hometown` = '" . $_POST["Hometown"] . "' " . - "WHERE `UID` = '" . $_POST["enterUID"] . - "' LIMIT 1;"; - echo "User-"; - $Erg = db_query($SQL, "change user details"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(" . mysql_error($con) . ")"; - } - } else - echo "

    Fehler: Unbekanter Type (" . $_POST["Type"] . ") �bergeben\n

    \n"; - } else - echo "

    Fehler: UserID (enterUID) wurde nicht per POST �bergeben

    \n"; - break; - - case "delete" : - if (IsSet ($_POST["enterUID"])) { - echo "delate User..."; - $SQL = "DELETE FROM `User` WHERE `UID`='" . $_POST["enterUID"] . "' LIMIT 1;"; - $Erg = db_query($SQL, "User delete"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(" . mysql_error($con) . ")"; - } - - echo "
    \ndelate UserCVS..."; - $SQL2 = "DELETE FROM `UserCVS` WHERE `UID`='" . $_POST["enterUID"] . "' LIMIT 1;"; - $Erg = db_query($SQL2, "User CVS delete"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(" . mysql_error($con) . ")"; - } - - echo "
    \ndelate UserEntry..."; - $SQL3 = "UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL " . - "WHERE `UID`='" . $_POST["enterUID"] . "';"; - $Erg = db_query($SQL3, "delate UserEntry"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(" . mysql_error($con) . ")"; - } - } - break; - - case "newpw" : - echo "Bitte neues Kennwort für "; - // Get Nick - $USQL = "SELECT * FROM `User` WHERE `UID`='" . $_GET["eUID"] . "'"; - $Erg = mysql_query($USQL, $con); - echo mysql_result($Erg, 0, "Nick"); - echo " eingeben:
    "; - echo "
    \n"; - echo ""; - echo ""; - echo ""; - echo "\n"; - echo "
    "; - break; - - case "newpwsave" : - if ($_POST["ePasswort"] == $_POST["ePasswort2"]) { // beide Passwoerter passen... - $_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]); - $SQL = "UPDATE `User` SET `Passwort`='" . $_POST["ePasswort"] . "' " . - "WHERE `UID`='" . $_POST["eUID"] . "'"; - $Erg = db_query($SQL, "User new passwort"); - if ($Erg == 1) { - echo "Änderung wurde gesichert...\n"; - } else { - echo "Fehler beim speichern...\n(" . mysql_error($con) . ")"; - } - } else - echo "Das Passwort wurde nicht übereinstimmend eingegeben!"; - break; - } // end switch - - // ende - Action ist gesetzt -} else { - // kein Action gesetzt -> abbruch - echo "Unzulässiger Aufruf.
    Bitte neu editieren..."; -} - -include ("includes/footer.php"); -?> - -- cgit v1.2.3-54-g00ecf From bad34a0b263a60f024102df21a5613f9b0e72cc9 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 08:12:53 +0200 Subject: user management --- DB/db_rewrite.sql | 32 +++++++++-------- includes/pages/admin_user.php | 84 ++++++++++++++++++++++++++++++++----------- 2 files changed, 82 insertions(+), 34 deletions(-) (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 18a75dee..19a82c05 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 05:44 +-- Erstellungszeit: 03. Juni 2011 um 06:12 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,24 +71,24 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 192), -('login', 26), -('logout', 13), -('start', 26), +('news', 193), +('login', 28), +('logout', 14), +('start', 27), ('faq', 19), ('credits', 3), -('register', 8), +('register', 10), ('admin_rooms', 89), ('admin_angel_types', 71), -('user_settings', 131), +('user_settings', 134), ('user_messages', 113), -('admin_groups', 129), +('admin_groups', 130), ('user_questions', 55), ('admin_questions', 43), ('admin_faq', 55), ('admin_news', 33), ('news_comments', 151), -('admin_user', 157), +('admin_user', 196), ('user_meetings', 5); -- -------------------------------------------------------- @@ -1065,7 +1065,7 @@ CREATE TABLE IF NOT EXISTS `User` ( `Gekommen` tinyint(4) NOT NULL DEFAULT '0', `Aktiv` tinyint(4) NOT NULL DEFAULT '0', `Tshirt` tinyint(4) DEFAULT '0', - `color` tinyint(4) DEFAULT '6', + `color` tinyint(4) DEFAULT '10', `Sprache` char(2) DEFAULT 'EN', `Avatar` int(11) DEFAULT '0', `Menu` char(1) NOT NULL DEFAULT 'L', @@ -1076,14 +1076,15 @@ CREATE TABLE IF NOT EXISTS `User` ( `Hometown` varchar(255) NOT NULL DEFAULT '', PRIMARY KEY (`UID`,`Nick`), UNIQUE KEY `Nick` (`Nick`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=148 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=149 ; -- -- Daten für Tabelle `User` -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 0, 0, 10, 'DE', 115, 'L', 1307079838, '0000-00-00 00:00:00', '', '', ''); +(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307081238, '0000-00-00 00:00:00', '', '', ''), +(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307081543, '2011-06-03 07:55:24', 'AudioEngel', '', ''); -- -------------------------------------------------------- @@ -1173,7 +1174,7 @@ CREATE TABLE IF NOT EXISTS `UserGroups` ( `group_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `uid` (`uid`,`group_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=6 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=11 ; -- -- Daten für Tabelle `UserGroups` @@ -1183,7 +1184,10 @@ INSERT INTO `UserGroups` (`id`, `uid`, `group_id`) VALUES (1, 1, -2), (2, 1, -3), (3, 1, -5), -(4, 1, -4); +(4, 1, -4), +(8, 148, -2), +(9, 148, -3), +(10, 148, -4); -- -------------------------------------------------------- diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 497f5fdb..630ca772 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -98,7 +98,6 @@ function admin_user() { $html .= "\n"; $html .= "\n
    \n"; - $html .= "\n"; $html .= "\n"; $html .= ""; @@ -112,14 +111,31 @@ function admin_user() { "\n"; $html .= ""; - $html .= "\n"; $html .= "\n"; $html .= ""; $html .= "
    "; + $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:
    \n"; + $html .= ''; + + list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`"); + list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`"); + + if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`"); + foreach ($groups as $group) + $html .= ''; + + $html .= '
    ' . $group['Name'] . '
    '; + + $html .= "\n"; + $html .= "
    "; + + $html .= "
    "; + } + $html .= "
    \n"; - $html .= "\n"; $html .= "\n"; $html .= "
    "; @@ -127,6 +143,34 @@ function admin_user() { $html .= funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_REQUEST['id']); } else { switch ($_REQUEST['action']) { + case 'save_groups' : + if ($id != $user['UID']) { + list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`"); + list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`"); + + if ($my_highest_group <= $his_highest_group) { + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`"); + $grouplist = array (); + foreach ($groups as $group) + $grouplist[] = $group['UID']; + + if (!is_array($_REQUEST['groups'])) + $_REQUEST['groups'] = array (); + + sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); + foreach ($_REQUEST['groups'] as $group) + if (in_array($group, $grouplist)) + sql_query("INSERT INTO `UserGroups` SET `uid`=" . + sql_escape($id) . ", `group_id`=" . sql_escape($group)); + $html .= success("Benutzergruppen gespeichert."); + } else { + $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten."); + } + } else { + $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten."); + } + break; + case 'delete' : if ($user['UID'] != $id) { sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); @@ -185,23 +229,23 @@ function admin_user() { $html .= "Anzahl Engel: $Zeilen

    \n"; $html .= ' - - - - - - - - - - - - - '; +
    - Nick - Vorname NameAlter - E-Mail - GrößeGekommenAktivT-ShirtRegistrierÄnd.
    + + + + + + + + + + + + '; $Gekommen = 0; $Active = 0; $Tshirt = 0; -- cgit v1.2.3-54-g00ecf From 5113776a42d0bc7ff8ed2db8619045d3ffb164a9 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 11:09:25 +0200 Subject: include/pages/admin_faq cleanup --- includes/pages/admin_faq.php | 46 +++++++++++++++++++++++++++++++------------- includes/sys_page.php | 8 ++++++++ 2 files changed, 41 insertions(+), 13 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/admin_faq.php b/includes/pages/admin_faq.php index 5b9a338f..b8ba1a64 100644 --- a/includes/pages/admin_faq.php +++ b/includes/pages/admin_faq.php @@ -4,8 +4,14 @@ function admin_faq() { $faqs_html = ""; $faqs = sql_select("SELECT * FROM `FAQ`"); foreach ($faqs as $faq) { - $faqs_html .= ''; - $faqs_html .= ''; + $faqs_html .= sprintf( + '' + . '' + . '', + $faq['Frage_de'], $faq['Antwort_de'], + $faq['Frage_en'], $faq['Antwort_en'], + page_link_to('admin_faq'), $faq['FID'] + ); } return template_render('../templates/admin_faq.html', array ( 'link' => page_link_to("admin_faq"), @@ -14,11 +20,18 @@ function admin_faq() { } else { switch ($_REQUEST['action']) { case 'create' : - $frage = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['frage'])); - $antwort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['antwort'])); - $question = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question'])); - $answer = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])); - sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'"); + $frage = strip_request_item_nl('frage'); + $antwort = strip_request_item_nl('antwort'); + $question = strip_request_item_nl('question'); + $answer = strip_request_item_nl('answer'); + + sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) + . "', `Frage_en`='" . sql_escape($question) + . "', `Antwort_de`='" . sql_escape($antwort) + . "', `Antwort_en`='" . sql_escape($answer) + . "'" + ); + header("Location: " . page_link_to("admin_faq")); break; @@ -32,11 +45,18 @@ function admin_faq() { if (count($faq) > 0) { list ($faq) = $faq; - $frage = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['frage'])); - $antwort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['antwort'])); - $question = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question'])); - $answer = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])); - sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); + $frage = strip_request_item_nl('frage'); + $antwort = strip_request_item_nl('antwort'); + $question = strip_request_item_nl('question'); + $answer = strip_request_item_nl('answer'); + + sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) + . "', `Frage_en`='" . sql_escape($question) + . "', `Antwort_de`='" . sql_escape($antwort) + . "', `Antwort_en`='" . sql_escape($answer) + . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1" + ); + header("Location: " . page_link_to("admin_faq")); } else return error("No FAQ found."); @@ -82,4 +102,4 @@ function admin_faq() { } } } -?> \ No newline at end of file +?> diff --git a/includes/sys_page.php b/includes/sys_page.php index 2af5f729..e499cd57 100644 --- a/includes/sys_page.php +++ b/includes/sys_page.php @@ -8,6 +8,14 @@ function strip_request_item($name) { ); } +function strip_request_item_nl($name) { + return preg_replace( + "/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", + '', + strip_tags($_REQUEST[$name]) + ); +} + function error($msg) { return '

    ' . $msg . '

    '; } -- cgit v1.2.3-54-g00ecf From 93dd7113b13b06de1701b216b77bb73e76421fb5 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 11:17:09 +0200 Subject: admin_groups minor cleanup --- includes/pages/admin_groups.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 5d9d8180..842640d8 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -7,15 +7,23 @@ function admin_groups() { if (!isset ($_REQUEST["action"])) { $groups_html = ""; foreach ($groups as $group) { - $groups_html .= ''; - $groups_html .= ''; + $groups_html .= sprintf( + '', + $group['Name'] + ); $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID'])); $privileges_html = array (); + foreach ($privileges as $priv) $privileges_html[] = $priv['name']; - $groups_html .= ''; - $groups_html .= ''; - $groups_html .= ''; + + $groups_html .= sprintf( + '' + . '', + join(', ', $privileges_html), + page_link_to("admin_groups"), + $group['UID'] + ); } return template_render('../templates/admin_groups.html', array ( -- cgit v1.2.3-54-g00ecf From 70de7e5a1dd96c47c48eb45498004d219bec1283 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 11:34:54 +0200 Subject: guest_login: Cleanup, fix sql injection --- includes/pages/guest_faq.php | 14 ++++++++--- includes/pages/guest_login.php | 56 ++++++++++++++++++++++++++++++------------ 2 files changed, 50 insertions(+), 20 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php index c4bcd0bb..2799cbaf 100644 --- a/includes/pages/guest_faq.php +++ b/includes/pages/guest_faq.php @@ -5,11 +5,17 @@ function guest_faq() { foreach ($faqs as $faq) { $html .= "
    "; if ($_SESSION['Sprache'] == "DE") { - $html .= "
    " . $faq['Frage_de'] . "
    "; - $html .= "
    " . $faq['Antwort_de'] . "
    "; + $html .= sprintf( + '
    %s
    %s
    ', + $faq['frage_de'], + $faq['antwort_de'] + ); } else { - $html .= "
    " . $faq['Frage_en'] . "
    "; - $html .= "
    " . $faq['Antwort_en'] . "
    "; + $html .= sprintf( + '
    %s
    %s
    ', + $faq['frage_en'], + $faq['antwort_en'] + ); } $html .= "
    "; } diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index bbf36b6d..db20a207 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -16,12 +16,25 @@ function guest_register() { $Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'"); if (strlen($_POST["Nick"]) < 2) - $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick2"); - elseif (count($Ergans) > 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3"); - elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail"); - elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter"); - elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1"); - elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2"); + $error = Get_Text("makeuser_error_nick1") + . $_POST["Nick"] . Get_Text("makeuser_error_nick2"); + + elseif (count($Ergans) > 0) + $error = Get_Text("makeuser_error_nick1") + . $_POST["Nick"] . Get_Text("makeuser_error_nick3"); + + elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) + $error = Get_Text("makeuser_error_mail"); + + elseif (!is_numeric($_POST["Alter"])) + $error = Get_Text("makeuser_error_Alter"); + + elseif ($_POST["Passwort"] != $_POST["Passwort2"]) + $error = Get_Text("makeuser_error_password1"); + + elseif (strlen($_POST["Passwort"]) < 6) + $error = Get_Text("makeuser_error_password2"); + else { $_POST["Passwort"] = PassCrypt($_POST["Passwort"]); unset ($_POST["Passwort2"]); @@ -35,15 +48,26 @@ function guest_register() { "`Size`, " . "`Passwort`, " . "`Art` , " . "`kommentar`, " . "`Hometown`," . "`CreateDate`, `Sprache` ) " . - "VALUES ( " . - "'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " . - "'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " . - "'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " . - "'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " . - "'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " . - "'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " . - "'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " . - "'" . $_POST["Hometown"] . "'," . "NOW(), '" . $_SESSION['Sprache'] . "')"); + "VALUES ( '" + . sql_escape($_POST["Nick"]) . "', " . "'" + . sql_escape($_POST["Name"]) . "', " . "'" + . sql_escape($_POST["Vorname"]) . "', " . "'" + . sql_escape($_POST["Alter"]) . "', " . "'" + . sql_escape($_POST["Telefon"]) . "', " . "'" + . sql_escape($_POST["DECT"]) . "', " . "'" + . sql_escape($_POST["Handy"]) . "', " . "'" + . sql_escape($_POST["email"]) . "', " . "'" + . sql_escape($_POST["ICQ"]) . "', " . "'" + . sql_escape($_POST["jabber"]) . "', " . "'" + . sql_escape($_POST["Size"]) . "', " . "'" + . sql_escape($_POST["Passwort"]) . "', " . "'" + . sql_escape($_POST["Art"]) . "', " . "'" + . sql_escape($_POST["kommentar"]) . "', " . "'" + . sql_escape($_POST["Hometown"]) . "'," + . "NOW(), '" + . sql_escape($_SESSION["Sprache"]) + . "')" + ); if ($Erg != 1) { $html .= Get_Text("makeuser_error_write1") . "
    \n"; @@ -242,4 +266,4 @@ function guest_login_form() { 'send' => Get_Text("index_lang_send") )); } -?> \ No newline at end of file +?> -- cgit v1.2.3-54-g00ecf From 75a7755041c4e4b9c5c31bccabc917e188982e80 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 11:46:46 +0200 Subject: user_messages: Initial (unfinished) cleanup --- includes/pages/user_messages.php | 41 ++++++++++++++++++++++++++++++---------- 1 file changed, 31 insertions(+), 10 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index 30871d9d..a13b28f0 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -6,7 +6,13 @@ function user_unread_messages() { $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID'])); if ($new_messages > 0) - return '

    ' . Get_Text("pub_messages_new1") . " " . $new_messages . " " . Get_Text("pub_messages_new2") . '

    '; + return sprintf( + '

    %s %s %s

    ', + page_link_to("user_messages"), + Get_Text("pub_messages_new1"), + $new_messages, + Get_Text("pub_messages_new2") + ); } return ""; @@ -16,23 +22,37 @@ function user_messages() { global $user; if (!isset ($_REQUEST['action'])) { - $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`"); + $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" + . sql_escape($user['UID']) . " ORDER BY `Nick`"); + $to_select_data = array ( "" => "Select receiver..." ); + foreach ($users as $u) $to_select_data[$u['UID']] = $u['Nick']; + $to_select = html_select_key('to', $to_select_data, ''); $messages_html = ""; - $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC"); + $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" + . sql_escape($user['UID']) + . " OR `RUID`=" . sql_escape($user['UID']) + . " ORDER BY `isRead`,`Datum` DESC" + ); foreach ($messages as $message) { - $messages_html .= ''; - $messages_html .= '    '; - $messages_html .= ''; - $messages_html .= ''; - $messages_html .= ''; - $messages_html .= ''; + + $messages_html .= sprintf( + '' + .'', + ($message['isRead'] == 'N' ? ' class="new_message"' : ''), + ($message['isRead'] == 'N' ? '•' : ''), + date("Y-m-d H:i", $message['Datum']), + UID2Nick($message['SUID']), + UID2Nick($message['RUID']), + str_replace("\n", '
    ', $message['Text']) + ); + $messages_html .= ' - + '; $Gekommen = 0; diff --git a/includes/sys_menu.php b/includes/sys_menu.php index d5543f97..744d28d5 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -39,7 +39,8 @@ function make_navigation() { "admin_shifts", "admin_rooms", "admin_groups", - "admin_faq" + "admin_faq", + "admin_language" )); return $menu; } diff --git a/txt/TODO b/txt/TODO index d78d3198..62bbe106 100644 --- a/txt/TODO +++ b/txt/TODO @@ -1,8 +1,13 @@ jetzt: + * aktiv + * gekommen + * tshirt * schichtimport * schichtadministration * meine schichten * schichten + * Services? + * DECT-kram? * weckservice? später: diff --git a/www-ssl/index.php b/www-ssl/index.php index ded6c110..fe8c4795 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -93,6 +93,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_faq") { require_once ('includes/pages/admin_faq.php'); $content = admin_faq(); + } + elseif ($p == "admin_language") { + require_once ('includes/pages/admin_language.php'); + $content = admin_language(); } else { require_once ('includes/pages/guest_start.php'); $content = guest_start(); -- cgit v1.2.3-54-g00ecf From 7e91f4821aee41589dd744a9540f15b76d729bab Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 14:44:01 +0200 Subject: recentchanges -> admin log --- DB/db_rewrite.sql | 23 ++++++++++++++--------- includes/pages/admin_log.php | 25 +++++++++++++++++++++++++ includes/sys_menu.php | 3 ++- www-ssl/admin/Recentchanges.php | 29 ----------------------------- www-ssl/index.php | 4 ++++ 5 files changed, 45 insertions(+), 39 deletions(-) create mode 100644 includes/pages/admin_log.php delete mode 100644 www-ssl/admin/Recentchanges.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 8758c191..525d6e7b 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 12:37 +-- Erstellungszeit: 03. Juni 2011 um 12:43 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -82,7 +82,7 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('admin_angel_types', 71), ('user_settings', 134), ('user_messages', 113), -('admin_groups', 135), +('admin_groups', 141), ('user_questions', 55), ('admin_questions', 43), ('admin_faq', 55), @@ -90,7 +90,8 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('news_comments', 151), ('admin_user', 206), ('user_meetings', 5), -('admin_language', 22); +('admin_language', 25), +('admin_log', 5); -- -------------------------------------------------------- @@ -136,7 +137,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=73 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=74 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -160,7 +161,8 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (57, -4, 7), (63, -4, 5), (70, -2, 8), -(72, -5, 18); +(72, -5, 18), +(73, -3, 19); -- -------------------------------------------------------- @@ -274,7 +276,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=19 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=20 ; -- -- Daten für Tabelle `Privileges` @@ -298,7 +300,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (15, 'news_comments', 'User can comment news'), (16, 'admin_user', 'Administrate the angels'), (17, 'user_meetings', 'Lists meetings (news)'), -(18, 'admin_language', 'Translate the system'); +(18, 'admin_language', 'Translate the system'), +(19, 'admin_log', 'Display recent changes'); -- -------------------------------------------------------- @@ -1045,7 +1048,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('user_meetings', 'DE', 'Treffen'), ('user_meetings', 'EN', 'Meetings'), ('admin_language', 'DE', 'Übersetzung'), -('admin_language', 'EN', 'Translation'); +('admin_language', 'EN', 'Translation'), +('admin_log', 'EN', 'Log'), +('admin_log', 'DE', 'Log'); -- -------------------------------------------------------- @@ -1088,7 +1093,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307104634, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307105002, '0000-00-00 00:00:00', '', '', ''), (148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307082872, '2011-06-03 07:55:24', 'AudioEngel', '', ''); -- -------------------------------------------------------- diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php new file mode 100644 index 00000000..5f112f03 --- /dev/null +++ b/includes/pages/admin_log.php @@ -0,0 +1,25 @@ + 0) { + $html .= "
    + Nick + Vorname NameAlter + E-Mail + GrößeGekommenAktivT-ShirtRegistrierÄnd.
    ' . $faq['Frage_de'] . '
    ' . $faq['Antwort_de'] . '
    ' . $faq['Frage_en'] . '
    ' . $faq['Antwort_en'] . '
    		Edit
    %s
    %s
    %s
    %s
    		Edit
    ' . $group['Name'] . '
    %s' . join(", ", $privileges_html) . 'Ändern
    %sÄndern' . ($message['isRead'] == 'N' ? '•' : '') . '' . date("Y-m-d H:i", $message['Datum']) . '' . UID2Nick($message['SUID']) . '' . UID2Nick($message['RUID']) . '' . str_replace("\n", '
    ', $message['Text']) . '
    %s %s %s %s%s'; if ($message['RUID'] == $user['UID']) { if ($message['isRead'] == 'N') @@ -45,7 +65,8 @@ function user_messages() { return template_render('../templates/user_messages.html', array ( 'link' => page_link_to("user_messages"), - 'greeting' => Get_Text("Hello") . $user['Nick'] . ",
    \n" . Get_Text("pub_messages_text1") . "

    \n", + 'greeting' => Get_Text("Hello") . $user['Nick'] . ",
    \n" + . Get_Text("pub_messages_text1") . "

    \n", 'messages' => $messages_html, 'new_label' => Get_Text("pub_messages_Neu"), 'date_label' => Get_Text("pub_messages_Datum"), -- cgit v1.2.3-54-g00ecf From e7a25448f2e922cdcb38f3745cf88fa744a3f20b Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 14:38:12 +0200 Subject: admin language / translation --- DB/db_rewrite.sql | 47 +++++++++--------- includes/pages/admin_language.php | 100 ++++++++++++++++++++++++++++++++++++++ includes/pages/admin_user.php | 2 +- includes/sys_menu.php | 3 +- txt/TODO | 5 ++ www-ssl/index.php | 4 ++ 6 files changed, 137 insertions(+), 24 deletions(-) create mode 100644 includes/pages/admin_language.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 19a82c05..8758c191 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 06:12 +-- Erstellungszeit: 03. Juni 2011 um 12:37 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,25 +71,26 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 193), -('login', 28), -('logout', 14), -('start', 27), +('news', 198), +('login', 34), +('logout', 15), +('start', 28), ('faq', 19), -('credits', 3), +('credits', 7), ('register', 10), -('admin_rooms', 89), +('admin_rooms', 90), ('admin_angel_types', 71), ('user_settings', 134), ('user_messages', 113), -('admin_groups', 130), +('admin_groups', 135), ('user_questions', 55), ('admin_questions', 43), ('admin_faq', 55), ('admin_news', 33), ('news_comments', 151), -('admin_user', 196), -('user_meetings', 5); +('admin_user', 206), +('user_meetings', 5), +('admin_language', 22); -- -------------------------------------------------------- @@ -135,7 +136,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=71 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=73 ; -- -- Daten für Tabelle `GroupPrivileges` @@ -151,14 +152,15 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (61, -4, 6), (66, -2, 15), (65, -2, 3), -(12, -5, 10), +(71, -5, 10), (60, -4, 12), (59, -4, 14), (64, -2, 4), (58, -4, 13), (57, -4, 7), (63, -4, 5), -(70, -2, 8); +(70, -2, 8), +(72, -5, 18); -- -------------------------------------------------------- @@ -272,7 +274,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=18 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=19 ; -- -- Daten für Tabelle `Privileges` @@ -295,7 +297,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (14, 'admin_news', 'Administrate the news section'), (15, 'news_comments', 'User can comment news'), (16, 'admin_user', 'Administrate the angels'), -(17, 'user_meetings', 'Lists meetings (news)'); +(17, 'user_meetings', 'Lists meetings (news)'), +(18, 'admin_language', 'Translate the system'); -- -------------------------------------------------------- @@ -1040,7 +1043,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin_news', 'DE', 'News verwalten'), ('admin_news', 'EN', 'Manage news'), ('user_meetings', 'DE', 'Treffen'), -('user_meetings', 'EN', 'Meetings'); +('user_meetings', 'EN', 'Meetings'), +('admin_language', 'DE', 'Übersetzung'), +('admin_language', 'EN', 'Translation'); -- -------------------------------------------------------- @@ -1083,8 +1088,8 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307081238, '0000-00-00 00:00:00', '', '', ''), -(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307081543, '2011-06-03 07:55:24', 'AudioEngel', '', ''); +(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307104634, '0000-00-00 00:00:00', '', '', ''), +(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307082872, '2011-06-03 07:55:24', 'AudioEngel', '', ''); -- -------------------------------------------------------- @@ -1174,7 +1179,7 @@ CREATE TABLE IF NOT EXISTS `UserGroups` ( `group_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `uid` (`uid`,`group_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=11 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=12 ; -- -- Daten für Tabelle `UserGroups` @@ -1185,9 +1190,7 @@ INSERT INTO `UserGroups` (`id`, `uid`, `group_id`) VALUES (2, 1, -3), (3, 1, -5), (4, 1, -4), -(8, 148, -2), -(9, 148, -3), -(10, 148, -4); +(11, 148, -2); -- -------------------------------------------------------- diff --git a/includes/pages/admin_language.php b/includes/pages/admin_language.php new file mode 100644 index 00000000..a866528e --- /dev/null +++ b/includes/pages/admin_language.php @@ -0,0 +1,100 @@ +\n"; + $html .= Get_Text("pub_sprache_text1") . "

    \n"; + + $html .= "" . Get_Text("pub_sprache_ShowEntry") . ""; + // ausgabe Tabellenueberschift + $SQL_Sprachen = "SELECT `Sprache` FROM `Sprache` GROUP BY `Sprache`;"; + $erg_Sprachen = sql_query($SQL_Sprachen); + + for ($i = 0; $i < mysql_num_rows($erg_Sprachen); $i++) + $Sprachen[mysql_result($erg_Sprachen, $i, "Sprache")] = $i; + + $html .= "\t\n\t\t"; + $html .= "\t\t"; + foreach ($Sprachen as $Name => $Value) + $html .= ""; + $html .= "\t\t"; + $html .= "\t\t"; + + if (isset ($_GET["ShowEntry"])) { + // ausgabe eintraege + $SQL = "SELECT * FROM `Sprache` ORDER BY `TextID`;"; + $erg = sql_query($SQL); + + $TextID_Old = mysql_result($erg, 0, "TextID"); + for ($i = 0; $i < mysql_num_rows($erg); $i++) { + $TextID_New = mysql_result($erg, $i, "TextID"); + if ($TextID_Old != $TextID_New) { + $html .= ""; + $html .= "\n"; + $html .= "\t\t\n"; + + foreach ($Sprachen as $Name => $Value) { + $Value = html_entity_decode($Value, ENT_QUOTES); + $html .= "\t\t\n"; + $Sprachen[$Name] = ""; + } + + $html .= "\t\t\n"; + $html .= ""; + $html .= "\n"; + $TextID_Old = $TextID_New; + } + $Sprachen[mysql_result($erg, $i, "Sprache")] = mysql_result($erg, $i, "Text"); + } /*FOR*/ + } + + //fuer neu eintraege + $html .= ""; + $html .= "\n"; + $html .= "\t\t\n"; + + foreach ($Sprachen as $Name => $Value) + $html .= "\t\t\n"; + + $html .= "\t\t\n"; + $html .= ""; + $html .= "\n"; + + $html .= "
    " . Get_Text("pub_sprache_TextID") . "" . + Get_Text("pub_sprache_Sprache") . " " . $Name . + "" . Get_Text("pub_sprache_Edit") . "
    $TextID_Old " . + "
    \n"; + } /*if( !isset( $TextID ) )*/ + else { + $html .= "edit: " . $_POST["TextID"] . "

    "; + foreach ($_POST as $k => $v) { + if ($k != "TextID") { + $sql_test = "SELECT * FROM `Sprache` " . + "WHERE `TextID`='" . $_POST["TextID"] . "' AND `Sprache`='$k'"; + $erg_test = sql_query($sql_test); + + if (mysql_num_rows($erg_test) == 0) { + $sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " . + "VALUES ('" . $_POST["TextID"] . "', '$k', '$v')"; + $html .= $sql_save . "
    "; + $Erg = sql_query($sql_save); + $html .= success("$k Save: OK
    \n"); + } else + if (mysql_result($erg_test, 0, "Text") != $v) { + $sql_save = "UPDATE `Sprache` SET `Text`='$v' " . + "WHERE `TextID`='" . $_POST["TextID"] . "' AND `Sprache`='$k' "; + $html .= $sql_save . "
    "; + $Erg = sql_query($sql_save); + $html .= success(" $k Update: OK
    \n"); + } else + $html .= "\t $k no changes
    \n"; + } + } + + } + return $html; +} +?> + diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 630ca772..0399dda8 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -243,7 +243,7 @@ function admin_user() {     		Gekommen Aktiv T-ShirtRegistrierRegistriert Änd.
    \n"; + $html .= "\n\t\n\t\n\t\n\t\n\n"; + for ($n = 0; $n < mysql_num_rows($Erg); $n++) { + $html .= "\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\t\n"; + $html .= "\n"; + } + $html .= "
    TimeUserCommendSQL Command
    " . mysql_result($Erg, $n, "Time") . "" . UID2Nick(mysql_result($Erg, $n, "UID")) . displayavatar(mysql_result($Erg, $n, "UID")) . "" . mysql_result($Erg, $n, "Commend") . "" . mysql_result($Erg, $n, "SQLCommad") . "
    \n"; + } else { + $html .= "Log is empty..."; + } + return $html; +} +?> + diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 744d28d5..e81bed8d 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -40,7 +40,8 @@ function make_navigation() { "admin_rooms", "admin_groups", "admin_faq", - "admin_language" + "admin_language", + "admin_log" )); return $menu; } diff --git a/www-ssl/admin/Recentchanges.php b/www-ssl/admin/Recentchanges.php deleted file mode 100644 index 26324406..00000000 --- a/www-ssl/admin/Recentchanges.php +++ /dev/null @@ -1,29 +0,0 @@ -\n"; -echo "\n\tTime\n\tUser\n\tCommend\n\tSQL Commad\n\n"; - -for ($n = 0; $n < mysql_num_rows($Erg); $n++) { - echo "\n"; - echo "\t" . mysql_result($Erg, $n, "Time") . "\n"; - echo "\t" . UID2Nick(mysql_result($Erg, $n, "UID")) . displayavatar(mysql_result($Erg, $n, "UID")) . "\n"; - echo "\t" . mysql_result($Erg, $n, "Commend") . "\n"; - echo "\t" . mysql_result($Erg, $n, "SQLCommad") . "\n"; - echo "\n"; -} - -echo "\n"; - -include ("includes/footer.php"); -?> - diff --git a/www-ssl/index.php b/www-ssl/index.php index fe8c4795..7c65abb2 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -97,6 +97,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_language") { require_once ('includes/pages/admin_language.php'); $content = admin_language(); + } + elseif ($p == "admin_log") { + require_once ('includes/pages/admin_log.php'); + $content = admin_log(); } else { require_once ('includes/pages/guest_start.php'); $content = guest_start(); -- cgit v1.2.3-54-g00ecf From ded7bcb0b49e101c0414034fe1ff168a043b6a75 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 14:48:05 +0200 Subject: debug -> admin log --- includes/funktion_db_list.php | 100 +++++++++++++++++++++--------------------- includes/pages/admin_log.php | 51 +++++++++++++++++++++ www-ssl/admin/debug.php | 58 ------------------------ 3 files changed, 100 insertions(+), 109 deletions(-) delete mode 100644 www-ssl/admin/debug.php (limited to 'includes/pages') diff --git a/includes/funktion_db_list.php b/includes/funktion_db_list.php index 3e2878da..35bb7255 100644 --- a/includes/funktion_db_list.php +++ b/includes/funktion_db_list.php @@ -1,64 +1,62 @@ "; - echo "DB: $Table_Name"; + $SQL = "SELECT * FROM `" . $Table_Name . "`"; + $Erg = mysql_query($SQL, $con); - echo ""; - for ($m = 0 ; $m < $Anzahl_Felder ; $m++) - { - echo "". mysql_field_name($Erg, $m). ""; - } - echo ""; + // anzahl zeilen + $Zeilen = mysql_num_rows($Erg); - for ($n = 0 ; $n < $Zeilen ; $n++) - { - echo ""; - for ($m = 0 ; $m < $Anzahl_Felder ; $m++) - { - echo "".mysql_result($Erg, $n, $m). ""; - } - echo ""; - } - echo ""; -} + $Anzahl_Felder = mysql_num_fields($Erg); -function funktion_db_element_list_2row( $TopicName, $SQL) -{ - $html = ""; - $html .= "\n"; - $html .= ""; -# $html .= "\n"; + $html .= "
    $TopicName

    $TopicName
    "; + $html .= ""; - $Erg = sql_query($SQL); - - $html .= ""; - for ($m = 0 ; $m < mysql_num_fields($Erg) ; $m++) - { - $html .= ""; - } - $html .= ""; + $html .= ""; + for ($m = 0; $m < $Anzahl_Felder; $m++) { + $html .= ""; + } + $html .= ""; - for ($n = 0 ; $n < mysql_num_rows($Erg) ; $n++) - { - $html .= ""; - for ($m = 0 ; $m < mysql_num_fields($Erg) ; $m++) - { - $html .= ""; - } - $html .= ""; - } - $html .= "
    DB: $Table_Name
    ". mysql_field_name($Erg, $m). "
    " . mysql_field_name($Erg, $m) . "
    ".mysql_result($Erg, $n, $m). "
    \n"; - return $html; + for ($n = 0; $n < $Zeilen; $n++) { + $html .= ""; + for ($m = 0; $m < $Anzahl_Felder; $m++) { + $html .= "" . mysql_result($Erg, $n, $m) . ""; + } + $html .= ""; + } + $html .= ""; + return $html; } +function funktion_db_element_list_2row($TopicName, $SQL) { + $html = ""; + $html .= "\n"; + $html .= ""; + # $html .= "\n"; + + $Erg = sql_query($SQL); + + $html .= ""; + for ($m = 0; $m < mysql_num_fields($Erg); $m++) { + $html .= ""; + } + $html .= ""; + + for ($n = 0; $n < mysql_num_rows($Erg); $n++) { + $html .= ""; + for ($m = 0; $m < mysql_num_fields($Erg); $m++) { + $html .= ""; + } + $html .= ""; + } + $html .= "
    $TopicName

    $TopicName
    " . mysql_field_name($Erg, $m) . "
    " . mysql_result($Erg, $n, $m) . "
    \n"; + return $html; +} ?> diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php index 5f112f03..2798b2cf 100644 --- a/includes/pages/admin_log.php +++ b/includes/pages/admin_log.php @@ -1,5 +1,7 @@ "; + + $html .= "

    Web Counter

    "; + $html .= funktion_db_list("Counter"); + + /* + $html .= "

    Raeume


    "; + funktion_db_list("Raeume"); + + $html .= "

    Schichtbelegung


    "; + funktion_db_list("Schichtbelegung"); + + $html .= "

    Schichtplan


    Hier findest du alle bisher eingetragenen Schichten:"; + funktion_db_list("Schichtplan"); + + $html .= "

    User


    "; + funktion_db_list("User"); + + $html .= "

    News


    "; + funktion_db_list("News"); + + $html .= "

    FAQ


    "; + funktion_db_list("FAQ"); + + $html .= "Deaktiviert"; + */ + + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Tshirt-Size aller engel", "SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`"); + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Tshirt ausgegeben", "SELECT `Size`, COUNT(`Size`) FROM `User` WHERE `Tshirt`='1' GROUP BY `Size`"); + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Tshirt nicht ausgegeben (Gekommen=1)", "SELECT COUNT(`Size`), `Size` FROM `User` WHERE `Gekommen`='1' and `Tshirt`='0' GROUP BY `Size`"); + + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`"); + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`"); + + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Gesamte Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID)"); + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Geleisteter Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0)"); + + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Gesamte Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (Shifts.RID!=7)"); + $html .= "
    \n"; + $html .= funktion_db_element_list_2row("Geleisteter Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0) AND (Shifts.RID!=7)"); + return $html; } ?> diff --git a/www-ssl/admin/debug.php b/www-ssl/admin/debug.php deleted file mode 100644 index ec1b2c9f..00000000 --- a/www-ssl/admin/debug.php +++ /dev/null @@ -1,58 +0,0 @@ -Web Counter"; -funktion_db_list("Counter"); - -/* -echo "

    Raeume


    "; -funktion_db_list("Raeume"); - -echo "

    Schichtbelegung


    "; -funktion_db_list("Schichtbelegung"); - -echo "

    Schichtplan


    Hier findest du alle bisher eingetragenen Schichten:"; -funktion_db_list("Schichtplan"); - -echo "

    User


    "; -funktion_db_list("User"); - -echo "

    News


    "; -funktion_db_list("News"); - -echo "

    FAQ


    "; -funktion_db_list("FAQ"); - -echo "Deaktiviert"; -*/ - -echo "
    \n"; -funktion_db_element_list_2row("Tshirt-Size aller engel", "SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`"); -echo "
    \n"; -funktion_db_element_list_2row("Tshirt ausgegeben", "SELECT `Size`, COUNT(`Size`) FROM `User` WHERE `Tshirt`='1' GROUP BY `Size`"); -echo "
    \n"; -funktion_db_element_list_2row("Tshirt nicht ausgegeben (Gekommen=1)", "SELECT COUNT(`Size`), `Size` FROM `User` WHERE `Gekommen`='1' and `Tshirt`='0' GROUP BY `Size`"); - -echo "
    \n"; -funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`"); -echo "
    \n"; -funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`"); - -echo "
    \n"; -funktion_db_element_list_2row("Gesamte Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID)"); -echo "
    \n"; -funktion_db_element_list_2row("Geleisteter Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0)"); - -echo "
    \n"; -funktion_db_element_list_2row("Gesamte Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (Shifts.RID!=7)"); -echo "
    \n"; -funktion_db_element_list_2row("Geleisteter Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0) AND (Shifts.RID!=7)"); - -include ("includes/footer.php"); -?> - -- cgit v1.2.3-54-g00ecf From f6ad58750d8597329526413a0bff3c0b85dfdd28 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 15:08:05 +0200 Subject: fixed faq --- includes/pages/guest_faq.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php index 2799cbaf..e639731b 100644 --- a/includes/pages/guest_faq.php +++ b/includes/pages/guest_faq.php @@ -7,14 +7,14 @@ function guest_faq() { if ($_SESSION['Sprache'] == "DE") { $html .= sprintf( '
    %s
    %s
    ', - $faq['frage_de'], - $faq['antwort_de'] + $faq['Frage_de'], + $faq['Antwort_de'] ); } else { $html .= sprintf( '
    %s
    %s
    ', - $faq['frage_en'], - $faq['antwort_en'] + $faq['Frage_en'], + $faq['Antwort_en'] ); } $html .= ""; -- cgit v1.2.3-54-g00ecf From 7a6f4b2750465da6f59b13aefa575d734f5471f3 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 16:22:33 +0200 Subject: wake-up calls --- DB/db_rewrite.sql | 73 +++++++++++++++++-------------- includes/pages/user_wakeup.php | 92 ++++++++++++++++++++++++++++++++++++++++ includes/sys_menu.php | 1 + www-ssl/index.php | 4 ++ www-ssl/nonpublic/waeckliste.php | 46 -------------------- www-ssl/nonpublic/wecken.php | 86 ------------------------------------- 6 files changed, 138 insertions(+), 164 deletions(-) create mode 100644 includes/pages/user_wakeup.php delete mode 100644 www-ssl/nonpublic/waeckliste.php delete mode 100644 www-ssl/nonpublic/wecken.php (limited to 'includes/pages') diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 525d6e7b..e4bb6689 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 12:43 +-- Erstellungszeit: 03. Juni 2011 um 14:20 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,27 +71,28 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 198), -('login', 34), -('logout', 15), -('start', 28), -('faq', 19), +('news', 206), +('login', 42), +('logout', 19), +('start', 32), +('faq', 27), ('credits', 7), -('register', 10), +('register', 12), ('admin_rooms', 90), ('admin_angel_types', 71), -('user_settings', 134), +('user_settings', 137), ('user_messages', 113), -('admin_groups', 141), +('admin_groups', 149), ('user_questions', 55), ('admin_questions', 43), -('admin_faq', 55), +('admin_faq', 56), ('admin_news', 33), ('news_comments', 151), ('admin_user', 206), ('user_meetings', 5), -('admin_language', 25), -('admin_log', 5); +('admin_language', 29), +('admin_log', 19), +('user_wakeup', 61); -- -------------------------------------------------------- @@ -137,32 +138,34 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=74 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=85 ; -- -- Daten für Tabelle `GroupPrivileges` -- INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES -(69, -2, 11), +(83, -2, 8), (24, -1, 5), -(68, -2, 9), -(67, -2, 17), +(82, -2, 11), +(81, -2, 9), (23, -1, 2), (62, -4, 16), (61, -4, 6), -(66, -2, 15), -(65, -2, 3), -(71, -5, 10), +(80, -2, 17), +(79, -2, 15), +(75, -5, 18), (60, -4, 12), (59, -4, 14), -(64, -2, 4), +(78, -2, 3), (58, -4, 13), (57, -4, 7), (63, -4, 5), -(70, -2, 8), -(72, -5, 18), -(73, -3, 19); +(77, -2, 4), +(74, -5, 10), +(73, -3, 19), +(76, -5, 20), +(84, -2, 20); -- -------------------------------------------------------- @@ -276,7 +279,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=20 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=21 ; -- -- Daten für Tabelle `Privileges` @@ -301,7 +304,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (16, 'admin_user', 'Administrate the angels'), (17, 'user_meetings', 'Lists meetings (news)'), (18, 'admin_language', 'Translate the system'), -(19, 'admin_log', 'Display recent changes'); +(19, 'admin_log', 'Display recent changes'), +(20, 'user_wakeup', 'User wakeup-service organization'); -- -------------------------------------------------------- @@ -557,7 +561,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('inc_schicht_noch_gesucht', 'DE', ' noch gesucht'), ('inc_schicht_und', 'DE', ' und '), ('pub_wake_beschreibung', 'DE', 'hier kannst du dich zum Wecken eintragen. Dazu sage einfach wann und wo und der Engel vom Dienst wird dich wecken.'), -('pub_wake_beschreibung2', 'DE', 'Deine bisherigen eingetragenen Zeiten:'), +('pub_wake_beschreibung2', 'DE', 'Alle eingetragenen Weckwünsche, die nächsten zuerst.'), ('pub_wake_Datum', 'DE', 'Datum'), ('pub_wake_Ort', 'DE', 'Ort'), ('pub_wake_Bemerkung', 'DE', 'Bermerkung'), @@ -601,7 +605,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('inc_schicht_wird', 'EN', ' is '), ('inc_schicht_noch_gesucht', 'EN', ' still needed '), ('inc_schicht_und', 'EN', ' and '), -('pub_wake_beschreibung2', 'EN', 'The wake-up calls you have ordered:\r\n'), +('pub_wake_beschreibung2', 'EN', 'All ordered wake-up calls, next first.'), ('pub_wake_Datum', 'EN', 'Date'), ('pub_wake_Ort', 'EN', 'Place'), ('pub_wake_change', 'EN', 'delete'), @@ -1050,7 +1054,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin_language', 'DE', 'Übersetzung'), ('admin_language', 'EN', 'Translation'), ('admin_log', 'EN', 'Log'), -('admin_log', 'DE', 'Log'); +('admin_log', 'DE', 'Log'), +('user_wakeup', 'DE', 'Weckservice'), +('user_wakeup', 'EN', 'Wakeup service'); -- -------------------------------------------------------- @@ -1093,8 +1099,8 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307105002, '0000-00-00 00:00:00', '', '', ''), -(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307082872, '2011-06-03 07:55:24', 'AudioEngel', '', ''); +(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '21232f297a57a5a743894a0e4a801fc3', 1, 1, 0, 10, 'DE', 115, 'L', 1307110821, '0000-00-00 00:00:00', '', '', ''), +(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307110798, '2011-06-03 07:55:24', 'AudioEngel', '', ''); -- -------------------------------------------------------- @@ -1227,13 +1233,16 @@ INSERT INTO `UserPicture` (`UID`, `Bild`, `ContentType`, `show`) VALUES CREATE TABLE IF NOT EXISTS `Wecken` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `UID` int(11) NOT NULL DEFAULT '0', - `Date` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `Date` int(11) NOT NULL, `Ort` text NOT NULL, `Bemerkung` text NOT NULL, PRIMARY KEY (`ID`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; -- -- Daten für Tabelle `Wecken` -- +INSERT INTO `Wecken` (`ID`, `UID`, `Date`, `Ort`, `Bemerkung`) VALUES +(4, 1, 1307109840, 'Tent 23', 'knock knock leo, follow the white rabbit to the blue tent'), +(5, 1, 1307109840, 'Tent 23', 'knock knock leo, follow the white rabbit to the blue tent'); diff --git a/includes/pages/user_wakeup.php b/includes/pages/user_wakeup.php new file mode 100644 index 00000000..b6955669 --- /dev/null +++ b/includes/pages/user_wakeup.php @@ -0,0 +1,92 @@ +getTimestamp(); + $bemerkung = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['Bemerkung'])); + $ort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Ort'])); + $SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) " . + "VALUES ('" . $user['UID'] . "', '" . $date . "', '" . $ort . "', " . + "'" . $bemerkung . "')"; + sql_query($SQL); + $html .= success(Get_Text(4)); + } else + $html .= error("Broken date!"); + break; + + case 'delete' : + if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing wake-up ID."); + + $wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) { + sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + $html .= success("Wake-up call deleted."); + } else + return error("No wake-up found."); + break; + } + } + + $html .= "

    " . Get_Text("Hello") . $user['Nick'] . ",
    " . Get_Text("pub_wake_beschreibung") . "

    \n\n"; + $html .= Get_Text("pub_wake_beschreibung2"); + $html .= ' + + + + + + + + +'; + + $sql = "SELECT * FROM `Wecken` ORDER BY `Date` ASC"; + $Erg = sql_query($sql); + $count = mysql_num_rows($Erg); + + for ($i = 0; $i < $count; $i++) { + $row = mysql_fetch_row($Erg); + $html .= ''; + $html .= ''; + $html .= ''; + $html .= ''; + $html .= ''; + if (mysql_result($Erg, $i, "UID") == $user['UID']) + $html .= ''; + else + $html .= ''; + $html .= ''; + } + + $html .= '
    ' . Get_Text("pub_wake_Datum") . '' . Get_Text("pub_waeckliste_Nick") . '' . Get_Text("pub_wake_Ort") . '' . Get_Text("pub_wake_Bemerkung") . '
    ' . date("Y-m-d H:i", mysql_result($Erg, $i, "Date")) . ' ' . UID2Nick(mysql_result($Erg, $i, "UID")) . ' ' . mysql_result($Erg, $i, "Ort") . ' ' . mysql_result($Erg, $i, "Bemerkung") . ' " . Get_Text("pub_wake_del") . '
    ' . Get_Text("pub_wake_Text2") . ' +
    + + + + + + + + + + + + + +
    ' . Get_Text("pub_wake_Datum") . ':
    ' . Get_Text("pub_wake_Ort") . '
    ' . Get_Text("pub_wake_Bemerkung") . '
    + +
    '; + + return $html; +} +?> \ No newline at end of file diff --git a/includes/sys_menu.php b/includes/sys_menu.php index e81bed8d..b651a002 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -27,6 +27,7 @@ function make_navigation() { "user_shifts", "user_messages", "user_questions", + "user_wakeup", "user_settings" )); diff --git a/www-ssl/index.php b/www-ssl/index.php index 214ec54a..71c13d15 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -55,6 +55,10 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/user_questions.php'); $content = user_questions(); } + elseif ($p == "user_wakeup") { + require_once ('includes/pages/user_wakeup.php'); + $content = user_wakeup(); + } elseif ($p == "user_settings") { require_once ('includes/pages/user_settings.php'); $content = user_settings(); diff --git a/www-ssl/nonpublic/waeckliste.php b/www-ssl/nonpublic/waeckliste.php deleted file mode 100644 index d98dd455..00000000 --- a/www-ssl/nonpublic/waeckliste.php +++ /dev/null @@ -1,46 +0,0 @@ - - -

    \n" . Get_Text("pub_waeckliste_Text1"); ?>

    - - - - - - - - - - - - - - - - -
    - - diff --git a/www-ssl/nonpublic/wecken.php b/www-ssl/nonpublic/wecken.php deleted file mode 100644 index 0d44b48d..00000000 --- a/www-ssl/nonpublic/wecken.php +++ /dev/null @@ -1,86 +0,0 @@ -" . Get_Text("Hello") . $_SESSION['Nick'] . ",
    " . Get_Text("pub_wake_beschreibung") . "

    \n\n"; -echo Get_Text("pub_wake_beschreibung2"); -?> - - - - - - - - - - - - - - - - - -
    " . Get_Text("pub_wake_del"); ?>
    -

    - -

    - -
    - - - - - - - - - - - - - -
    :
    -" /> -
    - -- cgit v1.2.3-54-g00ecf From 586272ccec099913814c0171d7616ad737421ac7 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 16:52:57 +0200 Subject: begin pentabarf import --- includes/funktion_xml.php | 244 +++++++++++++++++++------------------- includes/pages/admin_import.php | 253 ++++++++++++++++++++++++++++++++++++++++ includes/sys_menu.php | 1 + www-ssl/index.php | 4 + 4 files changed, 380 insertions(+), 122 deletions(-) create mode 100644 includes/pages/admin_import.php (limited to 'includes/pages') diff --git a/includes/funktion_xml.php b/includes/funktion_xml.php index 60eb26fa..87fd72d0 100644 --- a/includes/funktion_xml.php +++ b/includes/funktion_xml.php @@ -1,154 +1,154 @@ sub[ $XMLpos[$Tiefe] ]->data .= htmlentities( convertValues($Data), ENT_QUOTES); - - if($XMLDEBUG) - echo "???". $Objekt->sub[ $XMLpos[$Tiefe] ]->name. "|$Data|$Tiefe???
    "; - } else - dataXMLmain( $Data, $Objekt->sub[ $XMLpos[$Tiefe] ], $Tiefe+1); +function dataXMLmain($Data, & $Objekt, $Tiefe) { + global $XMLmain, $XMLpos, $depth, $XMLDEBUG; + + if ($XMLDEBUG) + echo "?$Tiefe$depth"; + + if (($depth -1) == $Tiefe) { + $Objekt->sub[$XMLpos[$Tiefe]]->data .= htmlentities(convertValues($Data), ENT_QUOTES); + + if ($XMLDEBUG) + echo "???" . $Objekt->sub[$XMLpos[$Tiefe]]->name . "|$Data|$Tiefe???
    "; + } else + dataXMLmain($Data, $Objekt->sub[$XMLpos[$Tiefe]], $Tiefe +1); } -function startXMLmain( $Data, &$Objekt, $Tiefe ) { - global $XMLpos, $depth, $XMLDEBUG; - - if( $XMLDEBUG) - if($Tiefe==1) - { print_r(array_values ($XMLpos)); echo "--".$Data->name; - echo " #$Tiefe/$depth#"; - } - - if( $depth==$Tiefe) - { - $Objekt->sub[ $XMLpos[$Tiefe] ] = $Data; - if( $XMLDEBUG) - echo "|". $XMLpos[$Tiefe]."|". $Objekt->sub[ $XMLpos[$Tiefe] ]->name. " ". $Data->name." save|". "#-#
    "; - } - else - startXMLmain( $Data, $Objekt->sub[ $XMLpos[$Tiefe] ], $Tiefe+1); +function startXMLmain($Data, & $Objekt, $Tiefe) { + global $XMLpos, $depth, $XMLDEBUG; + + if ($XMLDEBUG) + if ($Tiefe == 1) { + print_r(array_values($XMLpos)); + echo "--" . $Data->name; + echo " #$Tiefe/$depth#"; + } + + if ($depth == $Tiefe) { + $Objekt->sub[$XMLpos[$Tiefe]] = $Data; + if ($XMLDEBUG) + echo "|" . $XMLpos[$Tiefe] . "|" . $Objekt->sub[$XMLpos[$Tiefe]]->name . " " . $Data->name . " save|" . "#-#
    "; + } else + startXMLmain($Data, $Objekt->sub[$XMLpos[$Tiefe]], $Tiefe +1); } -function start_element_handler($parser, $name, $attribs) -{ - global $depth, $XMLmain, $XMLpos; +function start_element_handler($parser, $name, $attribs) { + global $depth, $XMLmain, $XMLpos; - $Data = new element; - $Data->name = $name; - while(list($key, $value) = each($attribs)) - $Data->attributes[$key] = convertValues($value); - $Data->depth = $depth; - $XMLpos[$depth]++; + $Data = new element; + $Data->name = $name; + while (list ($key, $value) = each($attribs)) + $Data->attributes[$key] = convertValues($value); + $Data->depth = $depth; + $XMLpos[$depth]++; - if( $depth==0) - $XMLmain= $Data; - else - startXMLmain( $Data, $XMLmain, 1); + if ($depth == 0) + $XMLmain = $Data; + else + startXMLmain($Data, $XMLmain, 1); - $depth++; + $depth++; } -function end_element_handler($parser, $name) -{ - global $depth, $XMLpos; - $XMLpos[$depth]=0; - $depth--; +function end_element_handler($parser, $name) { + global $depth, $XMLpos; + $XMLpos[$depth] = 0; + $depth--; } -function character_data_handler($parser, $data) -{ - global $XMLmain; - if( strlen(trim($data)) ) - dataXMLmain( $data, $XMLmain, 1); +function character_data_handler($parser, $data) { + global $XMLmain; + if (strlen(trim($data))) + dataXMLmain($data, $XMLmain, 1); } /*#######################################################################################*/ -function readXMLfile( $file ) -{ - global $XMLDEBUG; - - //$xml_parser = xml_parser_create_ns(); - $xml_parser = xml_parser_create("UTF-8"); - xml_set_element_handler($xml_parser, "start_element_handler", "end_element_handler"); - xml_set_character_data_handler($xml_parser, "character_data_handler"); - - if (file_exists($file)) - { - if (!($fp = fopen($file, "r"))) - { - echo("

    could not open XML file \"$file\"

    "); - return -1; - } - } - else - { - echo("

    XML file \"$file\" not exist

    "); - return -1; - } - - if( $XMLDEBUG) echo "
    ";
-  while ($data = fread($fp, 4096)) 
-  {
-    if (!xml_parse($xml_parser, $data, feof($fp))) 
-    {
-      die(sprintf("XML error: %s at line %d",
-            xml_error_string(xml_get_error_code($xml_parser)),
-            xml_get_current_line_number($xml_parser)));
-    }
-  }
-  if( $XMLDEBUG)  echo "
    "; - xml_parser_free($xml_parser); - return 0; +function readXMLfile($file) { + global $XMLDEBUG; + + //$xml_parser = xml_parser_create_ns(); + $xml_parser = xml_parser_create("UTF-8"); + xml_set_element_handler($xml_parser, "start_element_handler", "end_element_handler"); + xml_set_character_data_handler($xml_parser, "character_data_handler"); + + if (file_exists($file)) { + if (!($fp = fopen($file, "r"))) { + echo ("

    could not open XML file \"$file\"

    "); + return -1; + } + } else { + echo ("

    XML file \"$file\" not exist

    "); + return -1; + } + + if ($XMLDEBUG) + echo "
    ";
+	while ($data = fread($fp, 4096)) {
+		if (!xml_parse($xml_parser, $data, feof($fp))) {
+			die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
+		}
+	}
+	if ($XMLDEBUG)
+		echo "
    "; + xml_parser_free($xml_parser); + return 0; } /*#######################################################################################*/ -function getXMLsubPease( $Sourse, $Name ) -{ - foreach($Sourse->sub as $key => $value) { - if ($value->name == $Name) { - return $value; - } - } - - echo "

    Fehler: getXMLsubPease( $Sourse, $Name ) not found

    "; -// die; +function getXMLsubPease($Sourse, $Name) { + foreach ($Sourse->sub as $key => $value) { + if ($value->name == $Name) { + return $value; + } + } + + echo "

    Fehler: getXMLsubPease( $Sourse, $Name ) not found

    "; + // die; } /*#######################################################################################*/ -function getXMLsubData( $Sourse, $Name ) -{ - $XML = getXMLsubPease( $Sourse, $Name); - return $XML->data; +function getXMLsubData($Sourse, $Name) { + $XML = getXMLsubPease($Sourse, $Name); + return $XML->data; } ?> diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php new file mode 100644 index 00000000..9b8af2e2 --- /dev/null +++ b/includes/pages/admin_import.php @@ -0,0 +1,253 @@ +\n

    XML File:

    \n"; + if (isset ($_POST["PentabarfUser"]) && isset ($_POST["password"]) && isset ($_POST["PentabarfURL"])) { + $html .= "Update XCAL-File from Pentabarf.."; + if ($PentabarfGetWith == "fsockopen") { + + //backup error messeges and delate + $Backuperror_messages = $error_messages; + $fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 30); + // $error_messages = $Backuperror_messages; + + if (!$fp) { + $html .= "

    fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!" . + "[$errstr ($errno)]

    "; + } else { + if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) { + $head = 'GET /' . $PentabarfXMLpath . $_POST["PentabarfURL"] . ' HTTP/1.1' . "\r\n" . + 'Host: ' . $PentabarfXMLhost . "\r\n" . + 'User-Agent: Engelsystem' . "\r\n" . + 'Authorization: Basic ' . + base64_encode($_POST["PentabarfUser"] . ':' . $_POST["password"]) . "\r\n" . + "\r\n"; + fputs($fp, $head); + $Zeilen = -1; + while (!feof($fp)) { + $Temp = fgets($fp, 1024); + + // ende des headers + if ($Temp == "f20\r\n") { + $Zeilen = 0; + $Temp = ""; + } + + //file ende? + if ($Temp == "0\r\n") + break; + + if (($Zeilen > -1) && ($Temp != "ffb\r\n")) { + //steuerzeichen ausfiltern + if (strpos("#$Temp", "\r\n") > 0) + $Temp = substr($Temp, 0, strlen($Temp) - 2); + if (strpos("#$Temp", "1005") > 0) + $Temp = ""; + if (strpos("#$Temp", "783") > 0) + $Temp = ""; + //schreiben in file + fputs($fileOut, $Temp); + $Zeilen++; + } + } + fclose($fileOut); + + $html .= "
    Es wurden $Zeilen Zeilen eingelesen
    "; + } else + $html .= "

    fail: File '$Tempdir/engelXML' not writeable!

    "; + fclose($fp); + } + } + elseif ($PentabarfGetWith == "fopen") { + //user uns password in url einbauen + $FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" . + $PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"]; + + if (($fileIn = fopen($FileNameIn, "r")) != FALSE) { + if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) { + $Zeilen = 0; + while (!feof($fileIn)) { + $Zeilen++; + fputs($fileOut, fgets($fileIn)); + } + fclose($fileOut); + $html .= "
    Es wurden $Zeilen Zeilen eingelesen
    "; + } else + $html .= "

    fail: File '$Tempdir/engelXML' not writeable!

    "; + fclose($fileIn); + } else + $html .= "

    fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!

    "; + } + elseif ($PentabarfGetWith == "wget") { + $Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " . + "https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . + " --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" . + " --no-check-certificate"; + $html .= system($Command, $Status); + if ($Status == 0) + $html .= "OK.
    "; + else + $html .= "fail ($Status)($Command).
    "; + } + elseif ($PentabarfGetWith == "lynx") { + $Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " . + "https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML"; + $html .= system($Command, $Status); + if ($Status == 0) + $html .= "OK.
    "; + else + $html .= "fail ($Status)($Command).
    "; + } + elseif ($PentabarfGetWith == "fopen") { + //user uns password in url einbauen + $FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" . + $PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"]; + + if (($fileIn = fopen($FileNameIn, "r")) != FALSE) { + if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) { + $Zeilen = 0; + while (!feof($fileIn)) { + $Zeilen++; + fputs($fileOut, fgets($fileIn)); + } + fclose($fileOut); + $html .= "
    Es wurden $Zeilen Zeilen eingelesen
    "; + } else + $html .= "

    fail: File '$Tempdir/engelXML' not writeable!

    "; + fclose($fileIn); + } else + $html .= "

    fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!

    "; + } + elseif ($PentabarfGetWith == "wget") { + $Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " . + "https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . + " --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" . + " --no-check-certificate"; + $html .= system($Command, $Status); + if ($Status == 0) + $html .= "OK.
    "; + else + $html .= "fail ($Status)($Command).
    "; + } + elseif ($PentabarfGetWith == "lynx") { + $Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " . + "https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML"; + $html .= system($Command, $Status); + if ($Status == 0) + $html .= "OK.
    "; + else + $html .= "fail ($Status)($Command).
    "; + } else + $html .= "

    The PentabarfGetWith='$PentabarfGetWith' not supported

    "; + } else { + $html .= "
    \n"; + $html .= "\n"; + $html .= "\t" . + "\n"; + $html .= "\t" . + "\n"; + $html .= "\t" . + "\n"; + $html .= "\t\n"; + $html .= "
    XCAL-File: https://$PentabarfXMLhost/$PentabarfXMLpath
    Username:
    Password:
    \n"; + $html .= "
    \n"; + } + + //readXMLfile("xml.php.xml"); + if (readXMLfile("$Tempdir/engelXML") == 0) { + $XMLmain = getXMLsubPease($XMLmain, "VCALENDAR"); + + if ($ShowDataStrukture) { + $html .= "

    ";
+			$html .= $XMLmain->name;
+			$html .= "
    ";
+			print_r(array_values($XMLmain->sub));
+			$html .= "
    "; + } + + /* + $html .= "
    "; + $Feld=7; + $html .= "$Feld#". $XMLmain->sub[$Feld]->name. "
    "; + $html .= "$Feld#". $XMLmain->sub[$Feld]->sub; + //print_r(array_values ($XMLmain->sub[$Feld]->sub)); + while(list($key, $value) = each($XMLmain->sub[$Feld]->sub)) + $html .= "?ID".$value->sub[1]->data. "=". $value->sub[2]->data. "\n"; + $html .= ""; + */ + + /*############################################################################################## + V e r s i o n + ##############################################################################################*/ + + $html .= "
    \n"; + $XMLrelease = getXMLsubPease($XMLmain, "X-WR-CALDESC"); + $html .= "release: " . $XMLrelease->data . "
    \n"; + //$XMLreleaseDate = getXMLsubPease( $XMLmain, "RELEASE-DATE"); + //$html .= "release date: ". $XMLreleaseDate->data. "
    \n"; + $html .= "
    \n"; + + /*############################################################################################## + V e r s i o n + ##############################################################################################*/ + if ($EnableRoomFunctions) + include ("includes/funktion_xml_room.php"); + + if ($EnableSchudleFunctions) + include ("includes/funktion_xml_schudle.php"); + + /*############################################################################################## + U P D A T E A L L + ##############################################################################################*/ + $html .= "\n\n
    \n

    Update ALL:

    \n"; + + $html .= "
    \n"; + $html .= "\t\n"; + $html .= "
    \n"; + + } //if XMLopenOOK + return $html; +} + +/*############################################################################################## + erstellt Arrays der Reume + ##############################################################################################*/ +function CreateRoomArrays() { + global $Room, $RoomID, $RoomName, $con; + + $sql = "SELECT `RID`, `Name` FROM `Room` " . + "WHERE `Show`='Y'" . + "ORDER BY `Number`, `Name`;"; + $Erg = mysql_query($sql, $con); + $rowcount = mysql_num_rows($Erg); + + for ($i = 0; $i < $rowcount; $i++) { + $Room[$i]["RID"] = mysql_result($Erg, $i, "RID"); + $Room[$i]["Name"] = mysql_result($Erg, $i, "Name"); + $RoomID[mysql_result($Erg, $i, "RID")] = mysql_result($Erg, $i, "Name"); + $RoomName[mysql_result($Erg, $i, "Name")] = mysql_result($Erg, $i, "RID"); + } +} +?> + diff --git a/includes/sys_menu.php b/includes/sys_menu.php index b651a002..dfe33216 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -42,6 +42,7 @@ function make_navigation() { "admin_groups", "admin_faq", "admin_language", + "admin_import", "admin_log" )); return $menu; diff --git a/www-ssl/index.php b/www-ssl/index.php index 71c13d15..e1a4496f 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -106,6 +106,10 @@ if (in_array($p, $privileges)) { require_once ('includes/pages/admin_language.php'); $content = admin_language(); } + elseif ($p == "admin_import") { + require_once ('includes/pages/admin_import.php'); + $content = admin_import(); + } elseif ($p == "admin_log") { require_once ('includes/pages/admin_log.php'); $content = admin_log(); -- cgit v1.2.3-54-g00ecf From c7657ca7ff7ccfceb62e6e460a2bc041a282ff75 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 17:24:52 +0200 Subject: user_wakeup: Cleanup, use template --- includes/pages/user_wakeup.php | 44 ++++++++++++++++++------------------------ templates/user_wakeup.html | 19 ++++++++++++++++++ 2 files changed, 38 insertions(+), 25 deletions(-) create mode 100644 templates/user_wakeup.html (limited to 'includes/pages') diff --git a/includes/pages/user_wakeup.php b/includes/pages/user_wakeup.php index b6955669..fe2ecc7a 100644 --- a/includes/pages/user_wakeup.php +++ b/includes/pages/user_wakeup.php @@ -10,11 +10,12 @@ function user_wakeup() { $date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']); if ($date != null) { $date = $date->getTimestamp(); - $bemerkung = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['Bemerkung'])); - $ort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Ort'])); - $SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) " . - "VALUES ('" . $user['UID'] . "', '" . $date . "', '" . $ort . "', " . - "'" . $bemerkung . "')"; + $bemerkung = strip_request_item_nl('Bemerkung'); + $ort = strip_request_item('Ort'); + $SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) " + . "VALUES ('" . sql_escape($user['UID']) . "', '" + . sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'" + . sql_escape($bemerkung) . "')"; sql_query($SQL); $html .= success(Get_Text(4)); } else @@ -37,7 +38,8 @@ function user_wakeup() { } } - $html .= "

    " . Get_Text("Hello") . $user['Nick'] . ",
    " . Get_Text("pub_wake_beschreibung") . "

    \n\n"; + $html .= "

    " . Get_Text("Hello") . $user['Nick'] . ",
    " + . Get_Text("pub_wake_beschreibung") . "

    \n\n"; $html .= Get_Text("pub_wake_beschreibung2"); $html .= ' @@ -68,25 +70,17 @@ function user_wakeup() { $html .= ''; } - $html .= '
    ' . Get_Text("pub_wake_Text2") . ' -
    - - - - - - - - - - - - - -
    ' . Get_Text("pub_wake_Datum") . ':
    ' . Get_Text("pub_wake_Ort") . '
    ' . Get_Text("pub_wake_Bemerkung") . '
    - -
    '; + $html .= '
    ' . Get_Text("pub_wake_Text2"); + $html .= template_render('../templates/user_wakeup.html', array ( + 'wakeup_link' => page_link_to("user_wakeup"), + 'date_text' => Get_Text("pub_wake_Datum"), + 'date_value' => date("Y-m-d H:i"), + 'place_text' => Get_Text("pub_wake_Ort"), + 'comment_text' => Get_Text("pub_wake_Ort"), + 'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent", + 'submit_text' => Get_Text("pub_wake_button") + )); return $html; } -?> \ No newline at end of file +?> diff --git a/templates/user_wakeup.html b/templates/user_wakeup.html new file mode 100644 index 00000000..8384fe85 --- /dev/null +++ b/templates/user_wakeup.html @@ -0,0 +1,19 @@ +
    + + + + + + + + + + + + + +
    %date_text%:
    %place_text%
    %comment_text%
    + +
    -- cgit v1.2.3-54-g00ecf From 3a041d4ef3060a9a8bdca282d1a5d8431eea01c2 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 17:26:48 +0200 Subject: user_wakeup: Whoops. Fixes. --- includes/pages/user_wakeup.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/user_wakeup.php b/includes/pages/user_wakeup.php index fe2ecc7a..2c6940e7 100644 --- a/includes/pages/user_wakeup.php +++ b/includes/pages/user_wakeup.php @@ -77,9 +77,9 @@ function user_wakeup() { 'date_text' => Get_Text("pub_wake_Datum"), 'date_value' => date("Y-m-d H:i"), 'place_text' => Get_Text("pub_wake_Ort"), - 'comment_text' => Get_Text("pub_wake_Ort"), + 'comment_text' => Get_Text("pub_wake_Bemerkung"), 'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent", - 'submit_text' => Get_Text("pub_wake_button") + 'submit_text' => Get_Text("pub_wake_bouton") )); return $html; } -- cgit v1.2.3-54-g00ecf From 5d9335fe183a0486c593975c45c2abe6875ab719 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 3 Jun 2011 20:24:36 +0200 Subject: admin_questions: More templates + sql fixes --- includes/pages/admin_groups.php | 12 +++++++++++- includes/pages/admin_language.php | 18 ++++++++++++++---- includes/pages/admin_questions.php | 31 ++++++++++++++++++++----------- templates/admin_question_answered.html | 9 +++++++++ templates/admin_question_unanswered.html | 14 ++++++++++++++ templates/admin_questions.html | 6 +++--- 6 files changed, 71 insertions(+), 19 deletions(-) create mode 100644 templates/admin_question_answered.html create mode 100644 templates/admin_question_unanswered.html (limited to 'includes/pages') diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 842640d8..770f09b4 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -44,7 +44,17 @@ function admin_groups() { $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`"); $privileges_html = ""; foreach ($privileges as $priv) - $privileges_html .= '' . $priv['name'] . '' . $priv['desc'] . ''; + $privileges_html .= sprintf( + '' + . ' %s %s', + $priv['id'], + ($priv['group_id'] != "" + ? 'checked="checked"' + : ''), + $priv['name'], + $priv['desc'] + ); $html .= template_render('../templates/admin_groups_edit_form.html', array ( 'link' => page_link_to("admin_groups"), diff --git a/includes/pages/admin_language.php b/includes/pages/admin_language.php index a866528e..749cd643 100644 --- a/includes/pages/admin_language.php +++ b/includes/pages/admin_language.php @@ -72,19 +72,29 @@ function admin_language() { foreach ($_POST as $k => $v) { if ($k != "TextID") { $sql_test = "SELECT * FROM `Sprache` " . - "WHERE `TextID`='" . $_POST["TextID"] . "' AND `Sprache`='$k'"; + "WHERE `TextID`='" . sql_escape($_POST["TextID"]) + . "' AND `Sprache`='" + . sql_escape($k) . "'"; + $erg_test = sql_query($sql_test); if (mysql_num_rows($erg_test) == 0) { $sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " . - "VALUES ('" . $_POST["TextID"] . "', '$k', '$v')"; + "VALUES ('" . sql_escape($_POST["TextID"]) . "', '" + . sql_escape($k) . "', '" + . sql_escape($v) . "')"; + $html .= $sql_save . "
    "; $Erg = sql_query($sql_save); $html .= success("$k Save: OK
    \n"); } else if (mysql_result($erg_test, 0, "Text") != $v) { - $sql_save = "UPDATE `Sprache` SET `Text`='$v' " . - "WHERE `TextID`='" . $_POST["TextID"] . "' AND `Sprache`='$k' "; + $sql_save = "UPDATE `Sprache` SET `Text`='" + . sql_escape($v) . "' " . + "WHERE `TextID`='" + . sql_escape($_POST["TextID"]) + . "' AND `Sprache`='" . sql_escape($k) . "' "; + $html .= $sql_save . "
    "; $Erg = sql_query($sql_save); $html .= success(" $k Update: OK
    \n"); diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 5355dd86..0e4469d5 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -18,19 +18,28 @@ function admin_questions() { if (!isset ($_REQUEST['action'])) { $open_questions = ""; $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0"); - foreach ($questions as $question) { - $open_questions .= '' . UID2Nick($question['UID']) . '' . str_replace("\n", '
    ', $question['Question']) . ''; - $open_questions .= '

    '; - $open_questions .= 'Delete'; - } + foreach ($questions as $question) + $open_questions .= template_render( + '../templates/admin_question_unanswered.html', array ( + 'question_nick' => UID2Nick($question['UID']), + 'question_id' => $question['QID'], + 'link' => page_link_to("admin_questions"), + 'question' => str_replace("\n", '
    ', $question['Question']) + )); $answered_questions = ""; $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0"); - foreach ($questions as $question) { - $answered_questions .= '' . UID2Nick($question['UID']) . '' . str_replace("\n", '
    ', $question['Question']) . ''; - $answered_questions .= '' . UID2Nick($question['AID']) . '' . str_replace("\n", '
    ', $question['Answer']) . ''; - $answered_questions .= 'Delete'; - } + + foreach ($questions as $question) + $answered_questions .= template_render( + '../templates/admin_question_answered.html', array ( + 'question_id' => $question['QID'], + 'question_nick' => UID2Nick($question['UID']), + 'question' => str_replace("\n", "
    ", $question['Question']), + 'answer_nick' => UID2Nick($question['AID']), + 'answer' => str_replace("\n", "
    ", $question['Answer']), + 'link' => page_link_to("admin_questions"), + )); return template_render('../templates/admin_questions.html', array ( 'link' => page_link_to("admin_questions"), @@ -73,4 +82,4 @@ function admin_questions() { } } } -?> \ No newline at end of file +?> diff --git a/templates/admin_question_answered.html b/templates/admin_question_answered.html new file mode 100644 index 00000000..e4f07932 --- /dev/null +++ b/templates/admin_question_answered.html @@ -0,0 +1,9 @@ + + %question_nick% + %question% + %answer_nick% + %answer% + + Delete + + diff --git a/templates/admin_question_unanswered.html b/templates/admin_question_unanswered.html new file mode 100644 index 00000000..fc3db78a --- /dev/null +++ b/templates/admin_question_unanswered.html @@ -0,0 +1,14 @@ + + %question_nick% + %question% + +
    + + + +
    + + + Delete + + diff --git a/templates/admin_questions.html b/templates/admin_questions.html index ad8d6572..171f10b5 100644 --- a/templates/admin_questions.html +++ b/templates/admin_questions.html @@ -24,6 +24,9 @@ Not yet answered questions: + @@ -33,9 +36,6 @@ Not yet answered questions: - -- cgit v1.2.3-54-g00ecf From 80a1a65aefcd2f33951dc60c72d29df1ad19b187 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Sat, 11 Jun 2011 17:01:41 +0200 Subject: tmp commit --- includes/funktion_xml.php | 2 -- includes/funktionen.php | 23 ----------------------- includes/pages/admin_import.php | 2 +- 3 files changed, 1 insertion(+), 26 deletions(-) delete mode 100644 includes/funktionen.php (limited to 'includes/pages') diff --git a/includes/funktion_xml.php b/includes/funktion_xml.php index 87fd72d0..4ab3bfd5 100644 --- a/includes/funktion_xml.php +++ b/includes/funktion_xml.php @@ -141,8 +141,6 @@ function getXMLsubPease($Sourse, $Name) { return $value; } } - - echo "

    Fehler: getXMLsubPease( $Sourse, $Name ) not found

    "; // die; } diff --git a/includes/funktionen.php b/includes/funktionen.php deleted file mode 100644 index fb63b708..00000000 --- a/includes/funktionen.php +++ /dev/null @@ -1,23 +0,0 @@ - diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index 9b8af2e2..6523050c 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -175,7 +175,7 @@ function admin_import() { } //readXMLfile("xml.php.xml"); - if (readXMLfile("$Tempdir/engelXML") == 0) { + if (readXMLfile("../import/27C3_sample.xcs.xml") == 0) { $XMLmain = getXMLsubPease($XMLmain, "VCALENDAR"); if ($ShowDataStrukture) { -- cgit v1.2.3-54-g00ecf
    + From + Question Answer - From -