From bfb0cacd541cc20129a3c0ac77130370741dca18 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Wed, 18 Sep 2013 01:38:36 +0200
Subject: mysql to mysqli and a lot of cleanup and mvc

---
 includes/helper/error_helper.php    |  11 +
 includes/helper/message_helper.php  |  59 +++++
 includes/model/LogEntries_model.php |   7 +-
 includes/model/Sprache_model.php    |  18 ++
 includes/model/User_model.php       |   7 +-
 includes/mysql_provider.php         | 176 ++++++++++++++
 includes/pages/admin_language.php   | 205 ++++++++--------
 includes/pages/admin_news.php       |   6 +-
 includes/pages/admin_questions.php  |  24 +-
 includes/pages/admin_user.php       |  38 +--
 includes/pages/user_messages.php    | 207 ++++++++--------
 includes/pages/user_news.php        |  15 +-
 includes/pages/user_questions.php   |   7 +-
 includes/pages/user_wakeup.php      | 145 ++++++------
 includes/sys_auth.php               |   5 +-
 includes/sys_lang.php               |  38 ---
 includes/sys_mysql.php              |  84 -------
 includes/sys_page.php               |  55 -----
 includes/sys_shift.php              | 454 ------------------------------------
 includes/sys_template.php           | 252 +++++++++++---------
 includes/sys_user.php               | 133 -----------
 includes/view/Shifts_view.php       |  11 +
 includes/view/Sprache_view.php      |  36 +++
 includes/view/User_view.php         |  45 ++++
 24 files changed, 847 insertions(+), 1191 deletions(-)
 create mode 100644 includes/helper/error_helper.php
 create mode 100644 includes/helper/message_helper.php
 create mode 100644 includes/model/Sprache_model.php
 create mode 100644 includes/mysql_provider.php
 delete mode 100644 includes/sys_lang.php
 delete mode 100644 includes/sys_mysql.php
 delete mode 100644 includes/sys_shift.php
 delete mode 100644 includes/sys_user.php
 create mode 100644 includes/view/Shifts_view.php
 create mode 100644 includes/view/Sprache_view.php
 create mode 100644 includes/view/User_view.php

(limited to 'includes')

diff --git a/includes/helper/error_helper.php b/includes/helper/error_helper.php
new file mode 100644
index 00000000..d26485d6
--- /dev/null
+++ b/includes/helper/error_helper.php
@@ -0,0 +1,11 @@
+<?php
+
+/**
+ * Displays a fatal message and stops execution.
+ * @param string $message
+ */
+function engelsystem_error($message) {
+  die($message);
+}
+
+?>
\ No newline at end of file
diff --git a/includes/helper/message_helper.php b/includes/helper/message_helper.php
new file mode 100644
index 00000000..c582c5b1
--- /dev/null
+++ b/includes/helper/message_helper.php
@@ -0,0 +1,59 @@
+<?php
+
+/**
+ * Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
+ */
+function msg() {
+  if (!isset ($_SESSION['msg']))
+    return "";
+  $msg = $_SESSION['msg'];
+  $_SESSION['msg'] = "";
+  return $msg;
+}
+
+/**
+ * Rendert eine Information
+ */
+function info($msg, $immediatly = false) {
+  if ($immediatly) {
+    if ($msg == "")
+      return "";
+    return '<p class="info">' . $msg . '</p>';
+  } else {
+    if (!isset ($_SESSION['msg']))
+      $_SESSION['msg'] = "";
+    $_SESSION['msg'] .= info($msg, true);
+  }
+}
+
+/**
+ * Rendert eine Fehlermeldung
+ */
+function error($msg, $immediatly = false) {
+  if ($immediatly) {
+    if ($msg == "")
+      return "";
+    return '<p class="error">' . $msg . '</p>';
+  } else {
+    if (!isset ($_SESSION['msg']))
+      $_SESSION['msg'] = "";
+    $_SESSION['msg'] .= error($msg, true);
+  }
+}
+
+/**
+ * Rendert eine Erfolgsmeldung
+ */
+function success($msg, $immediatly = false) {
+  if ($immediatly) {
+    if ($msg == "")
+      return "";
+    return '<p class="success">' . $msg . '</p>';
+  } else {
+    if (!isset ($_SESSION['msg']))
+      $_SESSION['msg'] = "";
+    $_SESSION['msg'] .= success($msg, true);
+  }
+}
+
+?>
\ No newline at end of file
diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
index f8a552f2..1fa97356 100644
--- a/includes/model/LogEntries_model.php
+++ b/includes/model/LogEntries_model.php
@@ -6,17 +6,14 @@
  * @param $message Log Message
  */
 function LogEntry_create($nick, $message) {
-  $timestamp = time();
-
-  sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
+  return sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape(time()) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
 }
 
 /**
  * Returns log entries of the last 24 hours with maximum count of 1000.
  */
 function LogEntries() {
-  $log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000");
-  return $log_entries_source;
+  return sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000");
 }
 
 
diff --git a/includes/model/Sprache_model.php b/includes/model/Sprache_model.php
new file mode 100644
index 00000000..55683411
--- /dev/null
+++ b/includes/model/Sprache_model.php
@@ -0,0 +1,18 @@
+<?php
+
+/**
+ * Load a string by key.
+ * @param string $textid
+ * @param string $sprache
+ */
+function Sprache($textid, $sprache) {
+  $sprache_source = sql_select("SELECT * FROM `Sprache` WHERE `TextID`='" . sql_escape($textid) . "' AND `Sprache`='" . sql_escape($sprache) . "' LIMIT 1");
+  if($sprache_source === false)
+    return false;
+  if(count($sprache_source) == 1)
+    return $sprache_source[0];
+  return null;
+}
+
+
+?>
\ No newline at end of file
diff --git a/includes/model/User_model.php b/includes/model/User_model.php
index 4e833aef..7eb31e8e 100644
--- a/includes/model/User_model.php
+++ b/includes/model/User_model.php
@@ -1,11 +1,12 @@
 <?php
-
 /**
  * Returns user by id.
  * @param $id UID
  */
 function User($id) {
   $user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+  if($user_source === false)
+    return false;
   if(count($user_source) > 0)
     return $user_source[0];
   return null;
@@ -31,7 +32,9 @@ function User_by_api_key($api_key) {
  */
 function User_reset_api_key(&$user) {
   $user['api_key'] = md5($user['Nick'] . time() . rand());
-  sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
+  $result = sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
+  if($result === false)
+    return false;
   engelsystem_log("API key resetted.");
 }
 
diff --git a/includes/mysql_provider.php b/includes/mysql_provider.php
new file mode 100644
index 00000000..d9e78fb4
--- /dev/null
+++ b/includes/mysql_provider.php
@@ -0,0 +1,176 @@
+<?php
+
+/**
+ * Close connection.
+ */
+function sql_close() {
+  global $sql_connection;
+
+  return $sql_connection->close();
+}
+
+/**
+ * Start new transaction.
+ */
+function sql_transaction_start() {
+  global $sql_nested_transaction_level;
+
+  if($sql_nested_transaction_level++ == 0)
+    return sql_query("BEGIN");
+  else
+    return true;
+}
+
+/**
+ * Commit transaction.
+ */
+function sql_transaction_commit() {
+  global $sql_nested_transaction_level;
+
+  if(--$sql_nested_transaction_level == 0)
+    return sql_query("COMMIT");
+  else
+    return true;
+}
+
+/**
+ * Stop transaction, revert database.
+ */
+function sql_transaction_rollback() {
+  global $sql_nested_transaction_level;
+
+  if(--$sql_nested_transaction_level == 0)
+    return sql_query("ROLLBACK");
+  else
+    return true;
+}
+
+/**
+ * Logs an sql error.
+ * @param string $message
+ * @return false
+ */
+function sql_error($message) {
+  sql_close();
+
+  $message = trim($message) . "\n";
+  $message .= debug_string_backtrace() . "\n";
+
+  error_log('mysql_provider error: ' . $message);
+
+  return false;
+}
+
+/**
+ * Connect to mysql server.
+ * @param string $host Host
+ * @param string $user Username
+ * @param string $pass Password
+ * @param string $db DB to select
+ * @return mysqli The connection handler
+ */
+function sql_connect($host, $user, $pass, $db) {
+  global $sql_connection;
+
+  $sql_connection = new mysqli($host, $user, $pass, $db);
+  if ($sql_connection->connect_errno)
+    return sql_error("Unable to connect to MySQL: " . $sql_connection->connect_error);
+
+  $result = $sql_connection->query("SET CHARACTER SET utf8;");
+  if (! $result)
+    return sql_error("Unable to set utf8 character set (" . $sql_connection->errno . ") " . $sql_connection->error);
+
+  $result = $sql_connection->set_charset('utf8');
+  if (! $result)
+    return sql_error("Unable to set utf8 names (" . $sql_connection->errno . ") " . $sql_connection->error);
+
+  return $sql_connection;
+}
+
+/**
+ * Change the selected db in current mysql-connection.
+ * @param $db_name
+ * @return bool true on success, false on error
+ */
+function sql_select_db($db_name) {
+  global $sql_connection;
+  if (!$sql_connection->select_db($db_name))
+    return sql_error("No database selected.");
+  return true;
+}
+
+/**
+ * MySQL SELECT query
+ * @param string $query
+ * @return Result array or false on error
+ */
+function sql_select($query) {
+  global $sql_connection;
+
+  $result = $sql_connection->query($query);
+  if ($result) {
+    $data = array();
+    while ($line = $result->fetch_assoc())
+      array_push($data, $line);
+    return $data;
+  } else
+    return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
+}
+
+/**
+ * MySQL execute a query
+ * @param string $query
+ * @return mysqli_result|boolean Result resource or false on error
+ */
+function sql_query($query) {
+  global $sql_connection;
+
+  $result = $sql_connection->query($query);
+  if ($result) {
+    return $result;
+  } else
+    usr_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
+}
+
+/**
+ * Returns last inserted id.
+ *
+ * @return int
+ */
+function sql_id() {
+  global $sql_connection;
+  return $sql_connection->insert_id;
+}
+
+/**
+ * Escape a string for a sql query.
+ *
+ * @param string $query
+ * @return string
+ */
+function sql_escape($query) {
+  global $sql_connection;
+  return $sql_connection->real_escape_string($query);
+}
+
+/**
+ * Count query result lines.
+ *
+ * @param string $query
+ * @return int Count of result lines
+ */
+function sql_num_query($query) {
+  global $sql_connection;
+  return sql_query($query)->num_rows;
+}
+
+function sql_select_single_col($query) {
+	$result = sql_select($query);
+	return array_map('array_shift', $result);
+}
+
+function sql_select_single_cell($query) {
+	return array_shift(array_shift(sql_select($query)));
+}
+
+?>
diff --git a/includes/pages/admin_language.php b/includes/pages/admin_language.php
index be89fc70..00afe622 100644
--- a/includes/pages/admin_language.php
+++ b/includes/pages/admin_language.php
@@ -1,110 +1,105 @@
 <?php
 function admin_language() {
-	global $user;
-
-	$html = "";
-	if (!isset ($_POST["TextID"])) {
-		$html .= Get_Text("Hello") . User_Nick_render($user) . ", <br />\n";
-		$html .= Get_Text("pub_sprache_text1") . "<br /><br />\n";
-
-		$html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>";
-		// ausgabe Tabellenueberschift
-		$SQL_Sprachen = "SELECT `Sprache` FROM `Sprache` GROUP BY `Sprache`;";
-		$erg_Sprachen = sql_query($SQL_Sprachen);
-
-		for ($i = 0; $i < mysql_num_rows($erg_Sprachen); $i++)
-			$Sprachen[mysql_result($erg_Sprachen, $i, "Sprache")] = $i;
-
-		$html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>";
-		$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>";
-		foreach ($Sprachen as $Name => $Value)
-			$html .= "<td class=\"contenttopic\"><b>" .
-			Get_Text("pub_sprache_Sprache") . " " . $Name .
-			"</b></td>";
-		$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>";
-		$html .= "\t\t</tr>";
-
-		if (isset ($_GET["ShowEntry"])) {
-			// ausgabe eintraege
-			$SQL = "SELECT * FROM `Sprache` ORDER BY `TextID`;";
-			$erg = sql_query($SQL);
-
-			$TextID_Old = mysql_result($erg, 0, "TextID");
-			for ($i = 0; $i < mysql_num_rows($erg); $i++) {
-				$TextID_New = mysql_result($erg, $i, "TextID");
-				if ($TextID_Old != $TextID_New) {
-					$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
-					$html .= "<tr class=\"content\">\n";
-					$html .= "\t\t<td>$TextID_Old " .
-					"<input name=\"TextID\" type=\"hidden\" value=\"$TextID_Old\"> </td>\n";
-
-					foreach ($Sprachen as $Name => $Value) {
-						$Value = html_entity_decode($Value, ENT_QUOTES);
-						$html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n";
-						$Sprachen[$Name] = "";
-					}
-
-					$html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
-					$html .= "</tr>";
-					$html .= "</form>\n";
-					$TextID_Old = $TextID_New;
-				}
-				$Sprachen[mysql_result($erg, $i, "Sprache")] = mysql_result($erg, $i, "Text");
-			} /*FOR*/
-		}
-
-		//fuer neu eintraege
-		$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
-		$html .= "<tr class=\"content\">\n";
-		$html .= "\t\t<td><input name=\"TextID\" type=\"text\" size=\"40\" value=\"new\"> </td>\n";
-
-		foreach ($Sprachen as $Name => $Value)
-			$html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Name Text</textarea></td>\n";
-
-		$html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
-		$html .= "</tr>";
-		$html .= "</form>\n";
-
-		$html .= "</table>\n";
-	} /*if( !isset( $TextID )  )*/
-	else {
-		$html .= "edit: " . $_POST["TextID"] . "<br /><br />";
-		foreach ($_POST as $k => $v) {
-			if ($k != "TextID") {
-				$sql_test = "SELECT * FROM `Sprache` " .
-				"WHERE `TextID`='" . sql_escape($_POST["TextID"])
-				. "' AND `Sprache`='"
-				. sql_escape($k) . "'";
-
-				$erg_test = sql_query($sql_test);
-
-				if (mysql_num_rows($erg_test) == 0) {
-					$sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " .
-					"VALUES ('" . sql_escape($_POST["TextID"]) . "', '"
-					. sql_escape($k) . "', '"
-					. sql_escape($v) . "')";
-
-					$html .= $sql_save . "<br />";
-					$Erg = sql_query($sql_save);
-					$html .= success("$k Save: OK<br />\n", true);
-				} else
-					if (mysql_result($erg_test, 0, "Text") != $v) {
-						$sql_save = "UPDATE `Sprache` SET `Text`='"
-						. sql_escape($v) . "' " .
-						"WHERE `TextID`='"
-						. sql_escape($_POST["TextID"])
-						. "' AND `Sprache`='" . sql_escape($k) . "' ";
-
-						$html .= $sql_save . "<br />";
-						$Erg = sql_query($sql_save);
-						$html .= success(" $k Update: OK<br />\n", true);
-					} else
-						$html .= "\t $k no changes<br />\n";
-			}
-		}
-
-	}
-	return $html;
+  global $user;
+  global $languages;
+
+  $html = "";
+  if (!isset ($_POST["TextID"])) {
+    $html .= Get_Text("Hello") . User_Nick_render($user) . ", <br />\n";
+    $html .= Get_Text("pub_sprache_text1") . "<br /><br />\n";
+
+    $html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>";
+    // ausgabe Tabellenueberschift
+    $html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>";
+    $html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>";
+    foreach($languages as $language => $language_name) {
+      $html .= "<td class=\"contenttopic\"><b>" .
+          Get_Text("pub_sprache_Sprache") . " " . $language .
+          "</b></td>";
+      $Sprachen[$language] = $language_name;
+    }
+    $html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>";
+    $html .= "\t\t</tr>";
+
+    if (isset ($_GET["ShowEntry"])) {
+      // ausgabe eintraege
+      $sprache_source = sql_select("SELECT * FROM `Sprache` ORDER BY `TextID`, `Sprache`");
+
+      $TextID_Old = $sprache_source[0]['TextID'];
+      foreach($sprache_source as $sprache_entry) {
+        $TextID_New = $sprache_entry['TextID'];
+        if ($TextID_Old != $TextID_New) {
+          $html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
+          $html .= "<tr class=\"content\">\n";
+          $html .= "\t\t<td>$TextID_Old " .
+          "<input name=\"TextID\" type=\"hidden\" value=\"$TextID_Old\"> </td>\n";
+
+          foreach ($Sprachen as $Name => $Value) {
+            $Value = html_entity_decode($Value, ENT_QUOTES);
+            $html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n";
+            $Sprachen[$Name] = "";
+          }
+
+          $html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
+          $html .= "</tr>";
+          $html .= "</form>\n";
+          $TextID_Old = $TextID_New;
+        }
+        $Sprachen[$sprache_entry['Sprache']] = $sprache_entry['Text'];
+      } /*FOR*/
+    }
+
+    //fuer neu eintraege
+    $html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
+    $html .= "<tr class=\"content\">\n";
+    $html .= "\t\t<td><input name=\"TextID\" type=\"text\" size=\"40\" value=\"new\"> </td>\n";
+
+    foreach ($Sprachen as $Name => $Value)
+      $html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Name Text</textarea></td>\n";
+
+    $html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
+    $html .= "</tr>";
+    $html .= "</form>\n";
+
+    $html .= "</table>\n";
+  } /*if( !isset( $TextID )  )*/
+  else {
+    $html .= "edit: " . $_POST["TextID"] . "<br /><br />";
+    foreach ($_POST as $k => $v) {
+      if ($k != "TextID") {
+        $sql_test = "SELECT * FROM `Sprache` " .
+            "WHERE `TextID`='" . sql_escape($_POST["TextID"])
+            . "' AND `Sprache`='"
+            . sql_escape($k) . "'";
+
+        $erg_test = sql_select("SELECT * FROM `Sprache` WHERE `TextID`='" . sql_escape($_POST["TextID"]) . "' AND `Sprache`='" . sql_escape($k) . "'");
+        if (count($erg_test) == 0) {
+          $sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " .
+              "VALUES ('" . sql_escape($_POST["TextID"]) . "', '"
+              . sql_escape($k) . "', '"
+              . sql_escape($v) . "')";
+
+          $html .= $sql_save . "<br />";
+          $Erg = sql_query($sql_save);
+          $html .= success("$k Save: OK<br />\n", true);
+        } else
+          if ($erg_test[0]['Text'] != $v) {
+          $sql_save = "UPDATE `Sprache` SET `Text`='"
+          . sql_escape($v) . "' " .
+          "WHERE `TextID`='"
+          . sql_escape($_POST["TextID"])
+          . "' AND `Sprache`='" . sql_escape($k) . "' ";
+
+          $html .= $sql_save . "<br />";
+          $Erg = sql_query($sql_save);
+          $html .= success(" $k Update: OK<br />\n", true);
+        } else
+          $html .= "\t $k no changes<br />\n";
+      }
+    }
+
+  }
+  return $html;
 }
 ?>
 
diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php
index 661aa511..25807151 100644
--- a/includes/pages/admin_news.php
+++ b/includes/pages/admin_news.php
@@ -17,6 +17,10 @@ function admin_news() {
         if (count($news) > 0) {
           list ($news) = $news;
 
+          $user_source = User($news['UID']);
+          if($user_source === false)
+            engelsystem_error("Unable to load user.");
+
           $html .= '<a href="' . page_link_to("news") . '">&laquo Back</a>';
 
           $html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
@@ -29,7 +33,7 @@ function admin_news() {
           $html .= "  <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
               $news["Text"] . "</textarea></td></tr>\n";
           $html .= "  <tr><td>Engel</td><td>" .
-              UID2Nick($news["UID"]) . "</td></tr>\n";
+              User_Nick_render($user_source) . "</td></tr>\n";
           $html .= "  <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array (
             '1' => "Ja",
             '0' => "Nein"
diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php
index 1e410f07..516d52c9 100644
--- a/includes/pages/admin_questions.php
+++ b/includes/pages/admin_questions.php
@@ -18,28 +18,42 @@ function admin_questions() {
   if (!isset ($_REQUEST['action'])) {
     $open_questions = "";
     $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0");
-    foreach ($questions as $question)
+    foreach ($questions as $question) {
+      $user_source = User($question['UID']);
+      if($user_source === false)
+        engelsystem_error("Unable to load user.");
+
       $open_questions .= template_render(
           '../templates/admin_question_unanswered.html', array (
-            'question_nick' => UID2Nick($question['UID']),
+            'question_nick' => User_Nick_render($user_source),
             'question_id'   => $question['QID'],
             'link'          => page_link_to("admin_questions"),
             'question'      => str_replace("\n", '<br />', $question['Question'])
           ));
+    }
 
     $answered_questions = "";
     $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0");
 
-    foreach ($questions as $question)
+    foreach ($questions as $question) {
+      $user_source = User($question['UID']);
+      if($user_source === false)
+        engelsystem_error("Unable to load user.");
+
+      $answer_user_source = User($question['AID']);
+      if($answer_user_source === false)
+        engelsystem_error("Unable to load user.");
+
       $answered_questions .= template_render(
           '../templates/admin_question_answered.html', array (
             'question_id'   => $question['QID'],
-            'question_nick' => UID2Nick($question['UID']),
+            'question_nick' => User_Nick_render($user_source),
             'question'      => str_replace("\n", "<br />", $question['Question']),
-            'answer_nick'   => UID2Nick($question['AID']),
+            'answer_nick'   => User_Nick_render($answer_user_source),
             'answer'        => str_replace("\n", "<br />", $question['Answer']),
             'link'          => page_link_to("admin_questions"),
           ));
+    }
 
     return template_render('../templates/admin_questions.html', array (
       'link' => page_link_to("admin_questions"),
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 0c9f9bbe..58b2947e 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -26,38 +26,38 @@ function admin_user() {
       $html .= "<table>\n";
       $html .= "  <tr><td>Nick</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" .
-          mysql_result($Erg, 0, "Nick") . "\"></td></tr>\n";
+          $user_source['Nick'] . "\"></td></tr>\n";
       $html .= "  <tr><td>lastLogIn</td><td>" .
-          date("Y-m-d H:i", mysql_result($Erg, 0, "lastLogIn")) . "</td></tr>\n";
+          date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
       $html .= "  <tr><td>Name</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eName\" value=\"" .
-          mysql_result($Erg, 0, "Name") . "\"></td></tr>\n";
+          $user_source['Name'] . "\"></td></tr>\n";
       $html .= "  <tr><td>Vorname</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" .
-          mysql_result($Erg, 0, "Vorname") . "\"></td></tr>\n";
+          $user_source['Vorname'] . "\"></td></tr>\n";
       $html .= "  <tr><td>Alter</td><td>" .
           "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" .
-          mysql_result($Erg, 0, "Alter") . "\"></td></tr>\n";
+          $user_source['Alter'] . "\"></td></tr>\n";
       $html .= "  <tr><td>Telefon</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" .
-          mysql_result($Erg, 0, "Telefon") . "\"></td></tr>\n";
+          $user_source['Telefon'] . "\"></td></tr>\n";
       $html .= "  <tr><td>Handy</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" .
-          mysql_result($Erg, 0, "Handy") . "\"></td></tr>\n";
+          $user_source['Handy'] . "\"></td></tr>\n";
       $html .= "  <tr><td>DECT</td><td>" .
           "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" .
-          mysql_result($Erg, 0, "DECT") . "\"></td></tr>\n";
+          $user_source['DECT'] . "\"></td></tr>\n";
       $html .= "  <tr><td>email</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" .
-          mysql_result($Erg, 0, "email") . "\"></td></tr>\n";
+          $user_source['email'] . "\"></td></tr>\n";
       $html .= "  <tr><td>ICQ</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"" .
-          mysql_result($Erg, 0, "ICQ") . "\"></td></tr>\n";
+          $user_source['ICQ'] . "\"></td></tr>\n";
       $html .= "  <tr><td>jabber</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" .
-          mysql_result($Erg, 0, "jabber") . "\"></td></tr>\n";
+          $user_source['jabber'] . "\"></td></tr>\n";
       $html .= "  <tr><td>Size</td><td>" .
-          html_select_key('size', 'eSize', $tshirt_sizes, mysql_result($Erg, 0, "Size")) . "</td></tr>\n";
+          html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
 
       $options = array (
         '1' => "Yes",
@@ -66,21 +66,21 @@ function admin_user() {
 
       // Gekommen?
       $html .= "  <tr><td>Gekommen</td><td>\n";
-      $html .= html_options('eGekommen', $options, mysql_result($Erg, 0, "Gekommen")) . "</td></tr>\n";
+      $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
 
       // Aktiv?
       $html .= "  <tr><td>Aktiv</td><td>\n";
-      $html .= html_options('eAktiv', $options, mysql_result($Erg, 0, "Aktiv")) . "</td></tr>\n";
+      $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
 
       // T-Shirt bekommen?
       $html .= "  <tr><td>T-Shirt</td><td>\n";
-      $html .= html_options('eTshirt', $options, mysql_result($Erg, 0, "Tshirt")) . "</td></tr>\n";
+      $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
 
       $html .= "  <tr><td>Hometown</td><td>" .
           "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" .
-          mysql_result($Erg, 0, "Hometown") . "\"></td></tr>\n";
+          $user_source['Hometown'] . "\"></td></tr>\n";
 
-      $html .= "</table>\n</td><td valign=\"top\">" . displayavatar($id, false) . "</td></tr>";
+      $html .= "</table>\n</td><td valign=\"top\">" . User_Avatar_render($user_source) . "</td></tr>";
 
       $html .= "</td></tr>\n";
       $html .= "</table>\n<br />\n";
@@ -113,7 +113,7 @@ function admin_user() {
         $selected_angel_types = array_unique($selected_angel_types);
 
         // Assign angel-types
-        sql_start_transaction();
+        sql_transaction_start();
         sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
         $user_angel_type_info = array();
         if (!empty($selected_angel_types)) {
@@ -131,7 +131,7 @@ function admin_user() {
           if (!empty($accepted_angel_types))
             sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = '" . sql_escape($user['UID']) . "' WHERE `user_id` = '" . sql_escape($user_source['UID']) . "' AND `angeltype_id` IN (" . implode(',', $accepted_angel_types) . ")");
         }
-        sql_stop_transaction();
+        sql_transaction_commit();
 
         engelsystem_log("Set angeltypes of " . User_Nick_render($user_source) . " to: " . join(", ", $user_angel_type_info));
         success("Angeltypes saved.");
diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php
index ed736cc7..fccc6f1d 100644
--- a/includes/pages/user_messages.php
+++ b/includes/pages/user_messages.php
@@ -1,107 +1,120 @@
 <?php
 function user_unread_messages() {
-	global $user, $privileges;
+  global $user, $privileges;
 
-	if (in_array("user_messages", $privileges)) {
-		$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
+  if (in_array("user_messages", $privileges)) {
+    $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
 
-		if ($new_messages > 0)
-			return sprintf('<p class="info"><a href="%s">%s %s %s</a></p><hr />', page_link_to("user_messages"), Get_Text("pub_messages_new1"), $new_messages, Get_Text("pub_messages_new2"));
-	}
+    if ($new_messages > 0)
+      return sprintf('<p class="info"><a href="%s">%s %s %s</a></p><hr />', page_link_to("user_messages"), Get_Text("pub_messages_new1"), $new_messages, Get_Text("pub_messages_new2"));
+  }
 
-	return "";
+  return "";
 }
 
 function user_messages() {
-	global $user;
-
-	if (!isset ($_REQUEST['action'])) {
-		$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
-
-		$to_select_data = array (
-			"" => "Select recipient..."
-		);
-
-		foreach ($users as $u)
-			$to_select_data[$u['UID']] = $u['Nick'];
-
-		$to_select = html_select_key('to', 'to', $to_select_data, '');
-
-		$messages_html = "";
-		$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
-		foreach ($messages as $message) {
-
-			$messages_html .= sprintf('<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td>' .
-			'<td>%s</td>', ($message['isRead'] == 'N' ? ' class="new_message"' : ''), ($message['isRead'] == 'N' ? '•' : ''), date("Y-m-d H:i", $message['Datum']), UID2Nick($message['SUID']), UID2Nick($message['RUID']), str_replace("\n", '<br />', $message['Text']));
-
-			$messages_html .= '<td>';
-			if ($message['RUID'] == $user['UID']) {
-				if ($message['isRead'] == 'N')
-					$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>';
-			} else {
-				$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>';
-			}
-			$messages_html .= '</td></tr>';
-		}
-
-		return template_render('../templates/user_messages.html', array (
-			'link' => page_link_to("user_messages"),
-			'greeting' => Get_Text("Hello") . User_Nick_render($user) . ", <br />\n" . Get_Text("pub_messages_text1") . "<br /><br />\n",
-			'messages' => $messages_html,
-			'new_label' => Get_Text("pub_messages_Neu"),
-			'date_label' => Get_Text("pub_messages_Datum"),
-			'from_label' => Get_Text("pub_messages_Von"),
-			'to_label' => Get_Text("pub_messages_An"),
-			'text_label' => Get_Text("pub_messages_Text"),
-			'date' => date("Y-m-d H:i"),
-			'from' => User_Nick_render($user),
-			'to_select' => $to_select,
-			'submit_label' => Get_Text("save")
-		));
-	} else {
-		switch ($_REQUEST['action']) {
-			case "read" :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing Message ID.", true);
-
-				$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-				if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
-					sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-					redirect(page_link_to("user_messages"));
-				} else
-					return error("No Message found.", true);
-				break;
-
-			case "delete" :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing Message ID.", true);
-
-				$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-				if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
-					sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-					redirect(page_link_to("user_messages"));
-				} else
-					return error("No Message found.", true);
-				break;
-
-			case "send" :
-				$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
-				$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
-				if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
-					sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
-					redirect(page_link_to("user_messages"));
-				} else {
-					return error(Get_Text("pub_messages_Send_Error"), true);
-				}
-				break;
-
-			default :
-				return error("Wrong action.", true);
-		}
-	}
+  global $user;
+
+  if (!isset ($_REQUEST['action'])) {
+    $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
+
+    $to_select_data = array (
+      "" => "Select recipient..."
+    );
+
+    foreach ($users as $u)
+      $to_select_data[$u['UID']] = $u['Nick'];
+
+    $to_select = html_select_key('to', 'to', $to_select_data, '');
+
+    $messages_html = "";
+    $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
+    foreach ($messages as $message) {
+      $sender_user_source = User($message['SUID']);
+      if($sender_user_source === false)
+        engelsystem_error("Unable to load user.");
+      $receiver_user_source = User($message['RUID']);
+      if($receiver_user_source === false)
+        engelsystem_error("Unable to load user.");
+
+      $messages_html .= sprintf(
+          '<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td><td>%s</td>',
+          ($message['isRead'] == 'N' ? ' class="new_message"' : ''),
+          ($message['isRead'] == 'N' ? '•' : ''),
+          date("Y-m-d H:i", $message['Datum']),
+          User_Nick_render($sender_user_source),
+          User_Nick_render($receiver_user_source),
+          str_replace("\n", '<br />', $message['Text'])
+      );
+
+      $messages_html .= '<td>';
+      if ($message['RUID'] == $user['UID']) {
+        if ($message['isRead'] == 'N')
+          $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>';
+      } else {
+        $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>';
+      }
+      $messages_html .= '</td></tr>';
+    }
+
+    return template_render('../templates/user_messages.html', array (
+      'link' => page_link_to("user_messages"),
+      'greeting' => Get_Text("Hello") . User_Nick_render($user) . ", <br />\n" . Get_Text("pub_messages_text1") . "<br /><br />\n",
+      'messages' => $messages_html,
+      'new_label' => Get_Text("pub_messages_Neu"),
+      'date_label' => Get_Text("pub_messages_Datum"),
+      'from_label' => Get_Text("pub_messages_Von"),
+      'to_label' => Get_Text("pub_messages_An"),
+      'text_label' => Get_Text("pub_messages_Text"),
+      'date' => date("Y-m-d H:i"),
+      'from' => User_Nick_render($user),
+      'to_select' => $to_select,
+      'submit_label' => Get_Text("save")
+    ));
+  } else {
+    switch ($_REQUEST['action']) {
+      case "read" :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing Message ID.", true);
+
+        $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+        if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
+          sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+          redirect(page_link_to("user_messages"));
+        } else
+          return error("No Message found.", true);
+        break;
+
+      case "delete" :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing Message ID.", true);
+
+        $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+        if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
+          sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+          redirect(page_link_to("user_messages"));
+        } else
+          return error("No Message found.", true);
+        break;
+
+      case "send" :
+        $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
+        $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
+        if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
+          sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
+          redirect(page_link_to("user_messages"));
+        } else {
+          return error(Get_Text("pub_messages_Send_Error"), true);
+        }
+        break;
+
+      default :
+        return error("Wrong action.", true);
+    }
+  }
 }
 ?>
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php
index a8d819d0..481cf738 100644
--- a/includes/pages/user_news.php
+++ b/includes/pages/user_news.php
@@ -35,7 +35,12 @@ function display_news($news) {
   $html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">';
   $html .= '<details>';
   $html .= date("Y-m-d H:i", $news['Datum']) . ', ';
-  $html .= UID2Nick($news['UID']);
+
+  $user_source = User($news['UID']);
+  if($user_source === false)
+    engelsystem_error("Unable to load user.");
+
+  $html .= User_Nick_render($user_source);
   if ($p != "news_comments")
     $html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') &raquo;</a>';
   $html .= '</details>';
@@ -69,11 +74,15 @@ function user_news_comments() {
 
     $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
     foreach ($comments as $comment) {
+      $user_source = User($comment['UID']);
+      if($user_source === false)
+        engelsystem_error("Unable to load user.");
+
       $html .= '<article class="news_comment">';
-      $html .= DisplayAvatar($comment['UID']);
+      $html .= User_Avatar_render($user_source);
       $html .= '<details>';
       $html .= $comment['Datum'] . ', ';
-      $html .= UID2Nick($comment['UID']);
+      $html .= User_Nick_render($user_source);
       $html .= '</details>';
       $html .= '<p>' . nl2br($comment['Text']) . '</p>';
       $html .= '</article>';
diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php
index 5d55f647..97035546 100644
--- a/includes/pages/user_questions.php
+++ b/includes/pages/user_questions.php
@@ -12,7 +12,12 @@ function user_questions() {
     $questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0 AND `UID`=" . sql_escape($user['UID']));
     foreach ($questions as $question) {
       $answered_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td>';
-      $answered_questions .= '<td>' . UID2Nick($question['AID']) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>';
+
+      $answer_user_source = User($question['AID']);
+      if($answer_user_source === false)
+        engelsystem_error("Unable to load user.");
+
+      $answered_questions .= '<td>' . User_Nick_render($answer_user_source) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>';
       $answered_questions .= '<td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Löschen</a></td><tr>';
     }
 
diff --git a/includes/pages/user_wakeup.php b/includes/pages/user_wakeup.php
index c897d43e..63aff97c 100644
--- a/includes/pages/user_wakeup.php
+++ b/includes/pages/user_wakeup.php
@@ -1,86 +1,87 @@
 <?php
 function user_wakeup() {
-	global $user;
+  global $user;
 
-	$html = "";
+  $html = "";
 
-	if (isset ($_REQUEST['action'])) {
-		switch ($_REQUEST['action']) {
-			case 'create' :
-				$date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']);
-				if ($date != null) {
-					$date = $date->getTimestamp();
-					$bemerkung = strip_request_item_nl('Bemerkung');
-					$ort = strip_request_item('Ort');
-					$SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) "
-					. "VALUES ('" . sql_escape($user['UID']) . "', '"
-					. sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'"
-					. sql_escape($bemerkung) . "')";
-					sql_query($SQL);
-					$html .= success(Get_Text(4), true);
-				} else
-					$html .= error("Broken date!", true);
-				break;
+  if (isset ($_REQUEST['action'])) {
+    switch ($_REQUEST['action']) {
+      case 'create' :
+        $date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']);
+        if ($date != null) {
+          $date = $date->getTimestamp();
+          $bemerkung = strip_request_item_nl('Bemerkung');
+          $ort = strip_request_item('Ort');
+          $SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) "
+          . "VALUES ('" . sql_escape($user['UID']) . "', '"
+          . sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'"
+          . sql_escape($bemerkung) . "')";
+          sql_query($SQL);
+          $html .= success(Get_Text(4), true);
+        } else
+          $html .= error("Broken date!", true);
+        break;
 
-			case 'delete' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing wake-up ID.", true);
+      case 'delete' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing wake-up ID.", true);
 
-				$wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) {
-					sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-					$html .= success("Wake-up call deleted.", true);
-				} else
-					return error("No wake-up found.", true);
-				break;
-		}
-	}
+        $wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) {
+          sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+          $html .= success("Wake-up call deleted.", true);
+        } else
+          return error("No wake-up found.", true);
+        break;
+    }
+  }
 
-	$html .= "<p>" . Get_Text("Hello") . User_Nick_render($user) . ",<br />"
-		. Get_Text("pub_wake_beschreibung") . "</p>\n\n";
-	$html .= Get_Text("pub_wake_beschreibung2");
-	$html .= '
-<table border="0" width="100%" class="border" cellpadding="2" cellspacing="1">
+  $html .= "<p>" . Get_Text("Hello") . User_Nick_render($user) . ",<br />"
+  . Get_Text("pub_wake_beschreibung") . "</p>\n\n";
+  $html .= Get_Text("pub_wake_beschreibung2");
+  $html .= '
+  <table border="0" width="100%" class="border" cellpadding="2" cellspacing="1">
   <tr class="contenttopic">
-    <th>' . Get_Text("pub_wake_Datum") . '</th>
-    <th>' . Get_Text("pub_waeckliste_Nick") . '</th>
-    <th>' . Get_Text("pub_wake_Ort") . '</th>
-    <th>' . Get_Text("pub_wake_Bemerkung") . '</th>
-    <th></th>
-        </tr>
-';
+  <th>' . Get_Text("pub_wake_Datum") . '</th>
+  <th>' . Get_Text("pub_waeckliste_Nick") . '</th>
+  <th>' . Get_Text("pub_wake_Ort") . '</th>
+  <th>' . Get_Text("pub_wake_Bemerkung") . '</th>
+  <th></th>
+  </tr>
+  ';
 
-	$sql = "SELECT * FROM `Wecken` ORDER BY `Date` ASC";
-	$Erg = sql_query($sql);
-	$count = mysql_num_rows($Erg);
+  $wecken_source = sql_select("SELECT * FROM `Wecken` ORDER BY `Date` ASC");
+  foreach($wecken_source as $wecken) {
+    $html .= '<tr class="content">';
+    $html .= '<td>' . date("Y-m-d H:i", $wecken['Date']) . ' </td>';
 
-	for ($i = 0; $i < $count; $i++) {
-		$row = mysql_fetch_row($Erg);
-		$html .= '<tr class="content">';
-		$html .= '<td>' . date("Y-m-d H:i", mysql_result($Erg, $i, "Date")) . ' </td>';
-		$html .= '<td>' . UID2Nick(mysql_result($Erg, $i, "UID")) . ' </td>';
-		$html .= '<td>' . mysql_result($Erg, $i, "Ort") . ' </td>';
-		$html .= '<td>' . mysql_result($Erg, $i, "Bemerkung") . ' </td>';
-		if (mysql_result($Erg, $i, "UID") == $user['UID'])
-			$html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . mysql_result($Erg, $i, "ID") . "\">" . Get_Text("pub_wake_del") . '</a></td>';
-		else
-			$html .= '<td></td>';
-		$html .= '</tr>';
-	}
+    $user_source = User($wecken['UID']);
+    if($user_source === false)
+      engelsystem_error("Unable to load user.");
 
-	$html .= '</table><hr />' . Get_Text("pub_wake_Text2");
+    $html .= '<td>' . User_Nick_render($user_source) . ' </td>';
+    $html .= '<td>' . $wecken['Ort'] . ' </td>';
+    $html .= '<td>' . $wecken['Bemerkung'] . ' </td>';
+    if ($wecken['UID'] == $user['UID'])
+      $html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . $wecken['ID'] . "\">" . Get_Text("pub_wake_del") . '</a></td>';
+    else
+      $html .= '<td></td>';
+    $html .= '</tr>';
+  }
 
-	$html .= template_render('../templates/user_wakeup.html', array (
-		'wakeup_link'   => page_link_to("user_wakeup"),
-		'date_text'     => Get_Text("pub_wake_Datum"),
-		'date_value'    => date("Y-m-d H:i"),
-		'place_text'    => Get_Text("pub_wake_Ort"),
-		'comment_text'  => Get_Text("pub_wake_Bemerkung"),
-		'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent",
-		'submit_text'   => Get_Text("pub_wake_bouton")
-	));
-	return $html;
+  $html .= '</table><hr />' . Get_Text("pub_wake_Text2");
+
+  $html .= template_render('../templates/user_wakeup.html', array (
+    'wakeup_link'   => page_link_to("user_wakeup"),
+    'date_text'     => Get_Text("pub_wake_Datum"),
+    'date_value'    => date("Y-m-d H:i"),
+    'place_text'    => Get_Text("pub_wake_Ort"),
+    'comment_text'  => Get_Text("pub_wake_Bemerkung"),
+    'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent",
+    'submit_text'   => Get_Text("pub_wake_bouton")
+  ));
+  return $html;
 }
 ?>
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
index 4ca56632..a2fd98d8 100644
--- a/includes/sys_auth.php
+++ b/includes/sys_auth.php
@@ -31,8 +31,7 @@ function generate_salt($length = 16) {
 
 // set the password of a user
 function set_password($uid, $password) {
-	$res = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1");
-	return $res && (mysql_affected_rows() > 0);
+	return sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1");
 }
 
 // verify a password given a precomputed salt.
@@ -72,8 +71,6 @@ function json_auth_service() {
 		if (count($Erg) == 1) {
 			$Erg = $Erg[0];
 			if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) {
-				$UID = mysql_result($Erg, 0, "UID");
-
 				$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";");
 				foreach ($user_privs as $user_priv)
 					$privileges[] = $user_priv['name'];
diff --git a/includes/sys_lang.php b/includes/sys_lang.php
deleted file mode 100644
index 3a043614..00000000
--- a/includes/sys_lang.php
+++ /dev/null
@@ -1,38 +0,0 @@
-<?php
-
-
-/**
- * Liste verfügbarer Sprachen
- */
-$languages = array (
-	'DE' => "Deutsch",
-	'EN' => "English"
-);
-
-function Get_Text($TextID, $NoError = false) {
-	global $con, $error_messages, $debug;
-
-	if (!isset ($_SESSION['Sprache']))
-		$_SESSION['Sprache'] = "EN";
-	if ($_SESSION['Sprache'] == "")
-		$_SESSION['Sprache'] = "EN";
-	if (isset ($_GET["SetLanguage"]))
-		$_SESSION['Sprache'] = $_GET["SetLanguage"];
-
-	$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='" . $_SESSION['Sprache'] . "'";
-	@ $Erg = mysql_query($SQL, $con);
-
-	if (mysql_num_rows($Erg) == 1)
-		return mysql_result($Erg, 0, "Text");
-	elseif ($NoError && !$debug)
-		return "";
-	elseif ($debug)
-		return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x";
-	else
-		return $TextID;
-}
-
-function Print_Text($TextID, $NoError = false) {
-	echo Get_Text($TextID, $NoError);
-}
-?>
diff --git a/includes/sys_mysql.php b/includes/sys_mysql.php
deleted file mode 100644
index 1315a4f6..00000000
--- a/includes/sys_mysql.php
+++ /dev/null
@@ -1,84 +0,0 @@
-<?php
-function sql_connect($host, $user, $pw, $db) {
-	global $con;
-	global $host;
-
-	@ $con = mysql_connect($host, $user, $pw);
-
-	if ($con == null)
-		die("no mysql-connection");
-
-	if (!mysql_select_db($db, $con))
-		die("mysql db-selection failed");
-
-	mysql_query("SET CHARACTER SET utf8;", $con);
-	mysql_query("SET NAMES 'utf8'", $con);
-}
-
-// Do select query
-function sql_select($query) {
-	global $con;
-	$start = microtime(true);
-	if ($result = mysql_query($query, $con)) {
-		$data = array ();
-		while ($line = mysql_fetch_assoc($result)) {
-			array_push($data, $line);
-		}
-		return $data;
-	} else {
-		print_r(debug_backtrace());
-		die('MySQL-query error: ' . $query . ", " . mysql_error($con));
-	}
-}
-
-function sql_select_single_col($query) {
-	$result = sql_select($query);
-	return array_map('array_shift', $result);
-}
-
-function sql_select_single_cell($query) {
-	return array_shift(array_shift(sql_select($query)));
-}
-
-// Execute a query
-function sql_query($query) {
-	global $con;
-	$start = microtime(true);
-	if ($result = mysql_query($query, $con)) {
-		return $result;
-	} else {
-		die('MySQL-query error: ' . $query . ", " . mysql_error($con));
-	}
-}
-
-function sql_id() {
-	global $con;
-	return mysql_insert_id($con);
-}
-
-function sql_escape($query) {
-	return mysql_real_escape_string($query);
-}
-
-function sql_num_query($query) {
-	return mysql_num_rows(sql_query($query));
-}
-
-function sql_error() {
-	global $con;
-	return mysql_error($con);
-}
-
-$sql_transaction_counter = 0;
-function sql_start_transaction() {
-	global $sql_transaction_counter;
-	if ($sql_transaction_counter++ == 0)
-		sql_query("START TRANSACTION");
-}
-
-function sql_stop_transaction() {
-	global $sql_transaction_counter;
-	if ($sql_transaction_counter-- == 1)
-		sql_query("COMMIT");
-}
-?>
diff --git a/includes/sys_page.php b/includes/sys_page.php
index 06e41274..a49e76cb 100644
--- a/includes/sys_page.php
+++ b/includes/sys_page.php
@@ -46,59 +46,4 @@ function check_email($email) {
 	return (bool) preg_match("#^([a-zA-Z0-9_+\-])+(\.([a-zA-Z0-9_+\-])+)*@((\[(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5]))\]))|((([\p{L}0-9])+(([\-])+([\p{L}0-9])+)*\.)+([\p{L}])+(([\-])+([\p{L}0-9])+)*))$#u", $email);
 }
 
-/**
- * Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
- */
-function msg() {
-	if (!isset ($_SESSION['msg']))
-		return "";
-	$msg = $_SESSION['msg'];
-	$_SESSION['msg'] = "";
-	return $msg;
-}
-
-/**
- * Rendert eine Information
- */
-function info($msg, $immediatly = false) {
-	if ($immediatly) {
-		if ($msg == "")
-			return "";
-		return '<p class="info">' . $msg . '</p>';
-	} else {
-		if (!isset ($_SESSION['msg']))
-			$_SESSION['msg'] = "";
-		$_SESSION['msg'] .= info($msg, true);
-	}
-}
-
-/**
- * Rendert eine Fehlermeldung
- */
-function error($msg, $immediatly = false) {
-	if ($immediatly) {
-		if ($msg == "")
-			return "";
-		return '<p class="error">' . $msg . '</p>';
-	} else {
-		if (!isset ($_SESSION['msg']))
-			$_SESSION['msg'] = "";
-		$_SESSION['msg'] .= error($msg, true);
-	}
-}
-
-/**
- * Rendert eine Erfolgsmeldung
- */
-function success($msg, $immediatly = false) {
-	if ($immediatly) {
-		if ($msg == "")
-			return "";
-		return '<p class="success">' . $msg . '</p>';
-	} else {
-		if (!isset ($_SESSION['msg']))
-			$_SESSION['msg'] = "";
-		$_SESSION['msg'] .= success($msg, true);
-	}
-}
 ?>
diff --git a/includes/sys_shift.php b/includes/sys_shift.php
deleted file mode 100644
index 728e7a83..00000000
--- a/includes/sys_shift.php
+++ /dev/null
@@ -1,454 +0,0 @@
-<?php
-
-
-/**
- * Shiftlänge ausrechnen, kommt im Format 12:23h zurück
- */
-function shift_length($shift) {
-	$length = round(($shift['end'] - $shift['start']) / (60 * 60), 0) . ":";
-	$length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h";
-	return $length;
-}
-
-function load_shift_basics() {
-	global $VeranstaltungsTageMax, $Room, $RoomID, $EngelType, $EngelTypeID, $TID2Name, $Veranstaltungstage;
-
-	// erstellt ein Array der Räume
-	$rooms = sql_select("SELECT `RID`, `Name` FROM `Room` WHERE `Show`='Y' ORDER BY `Number`, `Name`");
-	foreach ($rooms as $i => $r) {
-		$Room[$i] = array (
-			'RID' => $r['RID'],
-			'Name' => $r['Name']
-		);
-		$RoomID[$r['RID']] = $r['Name'];
-	}
-
-	// erstellt ein Array der Engeltypen
-	$engel_types = sql_select("SELECT * FROM `EngelType` ORDER BY `name`");
-	foreach ($engel_types as $engel_type) {
-		$EngelType[$i] = array (
-			'id' => $engel_type['id'],
-			'name' => $engel_type['name'] . Get_Text("inc_schicht_engel")
-		);
-		$EngelTypeID[$engel_type['id']] = $engel_type['name'] . Get_Text("inc_schicht_engel");
-		$TID2Name[$engel_type['id']] = $engel_type['name'];
-	}
-
-	// Erste Schicht suchen
-	$Pos = 0;
-	$first_shift = sql_select("SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1");
-	if (count($first_shift) > 0) {
-		do {
-			// Startdatum einlesen und link ausgeben
-			$DateS = substr($first_shift[0]['DateS'], 0, 10);
-			$VeranstaltungsTage[$Pos++] = $DateS;
-
-			// auslesen den endes und eventuelle weitere tage ausgeben
-			$last_shift = sql_select("SELECT MAX(`DateE`) FROM `Shifts` WHERE ( (`DateS` like '" . sql_escape($DateS) . "%') AND NOT (`DateE` like '%00:00:00'))");
-			$DateE = substr($last_shift[0]['DateE'], 0, 10);
-
-			if (strlen($DateE) == 0)
-				$DateE = $DateS;
-			else
-				while ($DateS != $DateE) {
-					$DateS = DatumUm1TagErhoehen($DateS);
-					$VeranstaltungsTage[$Pos++] = $DateS;
-				}
-
-			// suchen den nächsten eintrag
-			$first_shift = sql_select("SELECT `DateS` FROM `Shifts` " . "WHERE (`DateS` > '" . sql_escape($DateE) . " 23:59:59' ) " . "ORDER BY `DateS` " . "LIMIT 1");
-		} while (count($first_shift) > 0);
-	}
-
-	$VeranstaltungsTageMax = $Pos -1;
-}
-
-/*#######################################################
-#  gibt die engelschischten aus      #
-#######################################################*/
-function ausgabe_Feld_Inhalt($SID, $Man) {
-	// gibt, nach �bergabe der der SchichtID (SID) und der RaumBeschreibung,
-	// die eingetragenden und und offenden Schichteint�ge zur�ck
-	global $EngelType, $EngelTypeID, $TID2Name, $con, $debug, $gmdateOffset;
-
-	$Spalten = "";
-
-	if (!isset ($_GET["Icon"]))
-		$_GET["Icon"] = 1;
-
-	///////////////////////////////////////////////////////////////////
-	// Schow Admin Page
-	///////////////////////////////////////////////////////////////////
-	$Spalten .= funktion_isLinkAllowed_addLink_OrEmpty("admin/schichtplan.php?action=change&SID=$SID", "edit<br />\n");
-
-	///////////////////////////////////////////////////////////////////
-	// Ausgabe des Schichtnamens
-	///////////////////////////////////////////////////////////////////
-	$SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');";
-	$Erg = mysql_query($SQL, $con);
-	if (mysql_result($Erg, 0, 0) != "")
-		$Spalten .= "<a href=\"" . mysql_result($Erg, 0, 0) . "\" target=\"_black\"><u>$Man:</u></a><br />";
-	else
-		$Spalten .= "<u>" .
-		$Man . ":</u><br />";
-
-	///////////////////////////////////////////////////////////////////
-	// SQL abfrage f�r die ben�tigten schichten
-	///////////////////////////////////////////////////////////////////
-	$SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '" . sql_escape($SID) . "') ORDER BY `TID`, `UID` DESC ;";
-	$Erg = mysql_query($SQL, $con);
-
-	$Anzahl = mysql_num_rows($Erg);
-	$Feld = 0;
-	$Temp_TID_old = -1;
-	for ($i = 0; $i < $Anzahl; $i++) {
-		if (isset ($Temp[$Feld]["TID"]))
-			$Temp_TID_old = $Temp[$Feld]["TID"];
-		if (isset ($Temp[$Feld]["UID"]))
-			$Temp_UID_old = $Temp[$Feld]["UID"];
-
-		$Temp_TID = mysql_result($Erg, $i, "TID");
-
-		// wenn sich der Type �ndert wird zumn�sten feld geweckselt
-		if ($Temp_TID_old != $Temp_TID)
-			$Feld++;
-
-		$Temp[$Feld]["TID"] = $Temp_TID;
-		$Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID");
-
-		// sonderfall ersten durchlauf
-		if ($i == 0) {
-			$Temp_TID_old = $Temp[$Feld]["TID"];
-			$Temp_UID_old = $Temp[$Feld]["UID"];
-		}
-
-		// ist es eine zu vergeben schicht?
-		if ($Temp[$Feld]["UID"] == 0) {
-			if (isset ($Temp[$Feld]["free"]))
-				$Temp[$Feld]["free"]++;
-			else
-				$Temp[$Feld]["free"] = 1;
-		} else
-			$Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"];
-	} // FOR
-
-	///////////////////////////////////////////////////////////////////
-	// Aus gabe der Schicht
-	///////////////////////////////////////////////////////////////////
-	if (isset ($Temp))
-		if (count($Temp))
-			foreach ($Temp as $TempEntry => $TempValue) {
-				if (!isset ($TempValue["free"]))
-					$TempValue["free"] = 0;
-
-				// ausgabe EngelType
-				$Spalten .= $EngelTypeID[$TempValue["TID"]] . " ";
-
-				// ausgabe Eingetragener Engel
-				if (isset ($TempValue["Engel"]))
-					if (count($TempValue["Engel"]) > 0) {
-						if (count($TempValue["Engel"]) == 1)
-							$Spalten .= Get_Text("inc_schicht_ist") . ":<br />\n";
-						else
-							$Spalten .= Get_Text("inc_schicht_sind") . ":<br />\n";
-
-						foreach ($TempValue["Engel"] as $TempEngelEntry => $TempEngelID) {
-							if (funktion_isLinkAllowed("admin/user.php") === TRUE) {
-								// add color, wenn Engel "Gekommen"
-								$TempText = ((UIDgekommen($TempEngelID) == "1") ? "<span style=\"color: blue;\">" : "<span style=\"color: red;\">") .
-								UID2Nick($TempEngelID) . "</span>";
-							} else {
-								$TempText = UID2Nick($TempEngelID);
-							}
-
-							// add link to user
-							$TempText = funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal", $TempText);
-
-							$Spalten .= "&nbsp;&nbsp;" . $TempText .
-							 (($_GET["Icon"] == 1) ? DisplayAvatar($TempEngelID) : "") .
-							"<br />\n";
-
-						}
-						$Spalten = substr($Spalten, 0, strlen($Spalten) - 7);
-					}
-
-				// ausgabe ben�tigter Engel
-				////////////////////////////
-				//in vergangenheit
-				$SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='" . sql_escape($SID) . "' AND `DateE` >= '" .
-				gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "')";
-				$Ergtime = mysql_query($SQLtime, $con);
-				if (mysql_num_rows($Ergtime) > 0) {
-					//wenn keien rechte definiert sind 
-					if (!isset ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]]))
-						$_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] = "Y";
-
-					if ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] == "Y")
-						if ($TempValue["free"] > 0) {
-							$Spalten .= "<br />\n&nbsp;&nbsp;<a href=\"./schichtplan_add.php?SID=$SID&TID=" .
-							$TempValue["TID"] . "\">";
-							$Spalten .= $TempValue["free"];
-							if ($TempValue["free"] != 1)
-								$Spalten .= Get_Text("inc_schicht_weitere") .
-								" " . Get_Text("inc_schicht_Engel") .
-								Get_Text("inc_schicht_wird");
-							else
-								$Spalten .= Get_Text("inc_schicht_weiterer") .
-								" " . Get_Text("inc_schicht_Engel") .
-								Get_Text("inc_schicht_werden");
-							$Spalten .= Get_Text("inc_schicht_noch_gesucht");
-							$Spalten .= "</a>";
-						}
-				} else {
-					if (isset ($TempValue["free"]))
-						if ($TempValue["free"] > 0)
-							$Spalten .= "<br />\n&nbsp;&nbsp;<h3><a>Fehlen noch: " .
-							$TempValue["free"] . "</a></h3>";
-				}
-				$Spalten .= "<br />\n";
-
-			} // FOREACH
-	return $Spalten;
-} // function Ausgabe_Feld_Inhalt
-
-/*#######################################################
-#  gibt die engelschischten Druckergerecht aus  #
-#######################################################*/
-function Ausgabe_Feld_Inhalt_Druck($RID, $Man) {
-	// gibt, nach �bergabe der der SchichtID (SID) und der RaumBeschreibung,
-	// die eingetragenden und und offenden Schichteint�ge zur�ck
-
-} // function Ausgabe_Feld_Inhalt
-
-/*#######################################################
-#  Ausgabe der Raum Spalten      #
-#######################################################*/
-function CreateRoomShifts($raum) {
-	global $Spalten, $ausdatum, $con, $debug, $GlobalZeileProStunde, $error_messages;
-
-	/////////////////////////////////////////////////////////////
-	// beginnt die erste schicht vor dem heutigen tag und geht dar�ber hinaus
-	/////////////////////////////////////////////////////////////
-	$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " .
-	"WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` > '$ausdatum 23:59:59') AND " .
-	"(`DateS` < '" . sql_escape($ausdatum) . " 00:00:00') ) ORDER BY `DateS`;";
-	$ErgSonder = mysql_query($SQLSonder, $con);
-	if ((mysql_num_rows($ErgSonder) > 1)) {
-		if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) {
-			echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> ";
-			for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) {
-				echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" .
-				mysql_result($ErgSonder, $i, "SID") . "\">" .
-				mysql_result($ErgSonder, $i, "DateS") .
-				" '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-24)" .
-				"</a><br />\n";
-			}
-		}
-	}
-	elseif ((mysql_num_rows($ErgSonder) == 1)) {
-		$Spalten[0] .= "<td valign=\"top\" rowspan=\"" . (24 * $GlobalZeileProStunde) . "\">\n" .
-		"<h3>&uarr;&uarr;&uarr;</h3>" .
-		Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) .
-		"<h3>&darr;&darr;&darr;</h3>" .
-		"\n</td>\n";
-		return;
-	}
-
-	$ZeitZeiger = 0;
-
-	/////////////////////////////////////////////////////////////
-	// beginnt die erste schicht vor dem heutigen tag?
-	/////////////////////////////////////////////////////////////
-	$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " .
-	"WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` > '" . sql_escape($ausdatum) . " 00:00:00') AND " .
-	"(`DateS` < '" . sql_escape($ausdatum) . " 00:00:00') ) ORDER BY `DateS`;";
-
-	$ErgSonder = mysql_query($SQLSonder, $con);
-	if ((mysql_num_rows($ErgSonder) > 1)) {
-		if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) {
-			echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> ";
-			for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) {
-				echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" .
-				mysql_result($ErgSonder, $i, "SID") . "\">" .
-				mysql_result($ErgSonder, $i, "DateS") .
-				" '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-xx)" .
-				"</a><br />\n";
-			}
-		}
-	}
-	elseif ((mysql_num_rows($ErgSonder) == 1)) {
-		$ZeitZeiger = substr(mysql_result($ErgSonder, 0, "DateE"), 11, 2) + (substr(mysql_result($ErgSonder, 0, "DateE"), 14, 2) / 60);
-		$Spalten[0] .= "<td valign=\"top\" rowspan=\"" . ($ZeitZeiger * $GlobalZeileProStunde) . "\">\n" .
-		"<h3>&uarr;&uarr;&uarr;</h3>" .
-		Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) .
-		"\n</td>\n";
-	}
-
-	/////////////////////////////////////////////////////////////
-	// gibt die schichten f�r den tag aus
-	/////////////////////////////////////////////////////////////
-	$SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " .
-	"WHERE ((`RID` = '" . sql_escape($raum) . "') and " .
-	"(`DateS` >= '" . sql_escape($ausdatum) . ' ' . sql_escape($ZeitZeiger) . ":00:00') and " .
-	"(`DateS` like '" . sql_escape($ausdatum) . "%')) ORDER BY `DateS`;";
-	$Erg = mysql_query($SQL, $con);
-	for ($i = 0; $i < mysql_num_rows($Erg); ++ $i) {
-		$ZeitPos = substr(mysql_result($Erg, $i, "DateS"), 11, 2) + (substr(mysql_result($Erg, $i, "DateS"), 14, 2) / 60);
-		$len = mysql_result($Erg, $i, "Len");
-
-		if ($len <= 0)
-			array_push($error_messages, "Error in shift denition SID=" . mysql_result($Erg, $i, "SID") . " Len=$len");
-
-		if ($ZeitZeiger < $ZeitPos) {
-			$Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "<td valign=\"top\" rowspan=\"" . (($ZeitPos - $ZeitZeiger) * $GlobalZeileProStunde) . "\">&nbsp;</td>\n";
-
-			$ZeitZeiger += $ZeitPos - $ZeitZeiger;
-		}
-		if ($ZeitZeiger == $ZeitPos) {
-			//sonderfall wenn die schicht �ber dei 24 stunden hinaus geht
-			// (eintrag abk�rzen, pfeiel ausgeben)
-			$Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "<td valign=\"top\" rowspan=\"" .
-			 ((($len + $ZeitZeiger) ? $len : 24 - $len + $ZeitZeiger) * $GlobalZeileProStunde) .
-			"\">\n" .
-			"" .
-			Ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) .
-			 ((($ZeitZeiger + $len) > 24) ? "<h3>&darr;&darr;&darr;</h3>" : "") .
-			"\n</td>\n";
-			$ZeitZeiger += $len;
-		} else {
-			echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> ";
-			echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" .
-			mysql_result($Erg, $i, "SID") . "\">" .
-			mysql_result($Erg, $i, "DateS") .
-			" '" . mysql_result($Erg, $i, "Man") . "' " .
-			" (" . mysql_result($Erg, $i, "SID") . " R$raum) (xx-xx)</a><br /><br />";
-		}
-	}
-	if ($ZeitZeiger < 24)
-		$Spalten[($ZeitZeiger * $GlobalZeileProStunde)] .= "<td valign=\"top\" rowspan=\"" .
-		 ((24 - $ZeitZeiger) * $GlobalZeileProStunde) .
-		"\">&nbsp;</td>\n";
-} // function CreateRoomShifts
-
-/*#######################################################
-#  Ausgabe der freien schichten      #
-#######################################################*/
-function showEmptyShifts() {
-	global $con, $debug, $RoomID, $gmdateOffset;
-
-	echo "<table border=\"1\">\n";
-	echo "<tr>\n";
-	echo "<th>" . Get_Text("inc_schicht_date") . "</th>\n";
-	echo "<th>" . Get_Text("inc_schicht_time") . "</th>\n";
-	echo "<th>" . Get_Text("inc_schicht_room") . "</th>\n";
-	echo "<th>" . Get_Text("inc_schicht_commend") . "</th>\n";
-	echo "</tr>\n";
-
-	$sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` " .
-	"WHERE (`Shifts`.`DateS`>='" . gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "') " .
-	"ORDER BY `DateS`, `RID`;";
-	$Erg = mysql_query($sql, $con);
-
-	$angezeigt = 0;
-	for ($i = 0;($i < mysql_num_rows($Erg)) && ($angezeigt < 15); $i++)
-		if (isset ($RoomID[mysql_result($Erg, $i, "RID")]))
-			if ($RoomID[mysql_result($Erg, $i, "RID")] != "") {
-				$Sql2 = "SELECT `UID` FROM `ShiftEntry` " .
-				"WHERE `SID`=" . mysql_result($Erg, $i, "SID") . " AND " .
-				"`UID`='0';";
-				$Erg2 = mysql_query($Sql2, $con);
-
-				if (mysql_num_rows($Erg2) > 0) {
-					$angezeigt++;
-					echo "<tr>\n";
-					echo "<td>" . substr(mysql_result($Erg, $i, "DateS"), 0, 10) . "</td>\n";
-					echo "<td>" . substr(mysql_result($Erg, $i, "DateS"), 11) . "</td>\n";
-					echo "<td>" . $RoomID[mysql_result($Erg, $i, "RID")] . "</td>\n";
-					echo "<td>" .
-					ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) .
-					"</td>\n";
-					echo "</tr>\n";
-				}
-			}
-
-	echo "</table>\n";
-
-} //function showEmptyShifts
-
-/*#######################################################
-#  Gibt die anzahl der Schichten im Raum zur�ck  #
-#######################################################*/
-function SummRoomShifts($raum) {
-	global $ausdatum, $con, $debug, $GlobalZeileProStunde;
-
-	$SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " .
-	"WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` >= '$ausdatum 00:00:00') AND " .
-	"(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;";
-
-	$ErgSonder = mysql_query($SQLSonder, $con);
-
-	return mysql_num_rows($ErgSonder);
-}
-
-function DatumUm1TagErhoehen($Datum) {
-	$Jahr = substr($Datum, 0, 4);
-	$Monat = substr($Datum, 5, 2);
-	$Tag = substr($Datum, 8, 2);
-
-	$Tag++;
-
-	switch ($Monat) {
-		case 1 :
-			$Mmax = 31;
-			break;
-		case 2 :
-			$Mmax = 28;
-			break;
-		case 3 :
-			$Mmax = 31;
-			break;
-		case 4 :
-			$Mmax = 30;
-			break;
-		case 5 :
-			$Mmax = 31;
-			break;
-		case 6 :
-			$Mmax = 30;
-			break;
-		case 7 :
-			$Mmax = 31;
-			break;
-		case 8 :
-			$Mmax = 31;
-			break;
-		case 9 :
-			$Mmax = 30;
-			break;
-		case 10 :
-			$Mmax = 31;
-			break;
-		case 11 :
-			$Mmax = 30;
-			break;
-		case 12 :
-			$Mmax = 31;
-			break;
-	}
-
-	if ($Tag > $Mmax) {
-		$Tag = 1;
-		$Monat++;
-	}
-
-	if ($Monat > 12) {
-		$Monat = 1;
-		$Jahr++;
-	}
-
-	$Tag = strlen($Tag) == 1 ? "0" . $Tag : $Tag;
-	$Monat = strlen($Monat) == 1 ? "0" . $Monat : $Monat;
-
-	return ("$Jahr-$Monat-$Tag");
-}
-?>
diff --git a/includes/sys_template.php b/includes/sys_template.php
index a120bb2d..e15af7f8 100644
--- a/includes/sys_template.php
+++ b/includes/sys_template.php
@@ -5,17 +5,17 @@
  * Liste der verfügbaren Themes
  */
 $themes = array (
-	"1" => "Standard-Style",
-	"2" => "ot/Gelber Style",
-	"3" => "Club-Mate Style",
-	"5" => "Debian Style",
-	"6" => "c-base Style",
-	"7" => "Blau/Gelber Style",
-	"8" => "Pastel Style",
-	"4" => "Test Style",
-	"9" => "Test Style 21c3",
-	"10" => "Engelsystem 2.0",
-	"11" => "msquare (29c3)"
+  "1" => "Standard-Style",
+  "2" => "ot/Gelber Style",
+  "3" => "Club-Mate Style",
+  "5" => "Debian Style",
+  "6" => "c-base Style",
+  "7" => "Blau/Gelber Style",
+  "8" => "Pastel Style",
+  "4" => "Test Style",
+  "9" => "Test Style 21c3",
+  "10" => "Engelsystem 2.0",
+  "11" => "msquare (29c3)"
 );
 
 /**
@@ -26,14 +26,14 @@ $themes = array (
  * @param selected Array mit den Keys, die ausgewählt sind
  */
 function form_checkboxes($name, $label, $items, $selected) {
-	$html = "<ul>";
-	foreach ($items as $key => $item) {
-		$id = $name . '_' . $key;
-		$sel = array_search($key, $selected) !== false ? ' checked="checked"' : "";
-		$html .= '<li><input type="checkbox" id="' . $id . '" name="' . $id . '" value="checked"' . $sel . ' /><label for="' . $id . '">' . $item . '</label></li>';
-	}
-	$html .= "</ul>";
-	return form_element($label, $html);
+  $html = "<ul>";
+  foreach ($items as $key => $item) {
+    $id = $name . '_' . $key;
+    $sel = array_search($key, $selected) !== false ? ' checked="checked"' : "";
+    $html .= '<li><input type="checkbox" id="' . $id . '" name="' . $id . '" value="checked"' . $sel . ' /><label for="' . $id . '">' . $item . '</label></li>';
+  }
+  $html .= "</ul>";
+  return form_element($label, $html);
 }
 
 /**
@@ -45,197 +45,223 @@ function form_checkboxes($name, $label, $items, $selected) {
  * @param disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
  */
 function form_multi_checkboxes($names, $label, $items, $selected, $disabled = array()) {
-	$html = "<table><thead><tr>";
-	foreach ($names as $title)
-		$html .= "<th>$title</th>";
-	$html .= "</tr></thead><tbody>";
-	foreach ($items as $key => $item) {
-		$html .= "<tr>";
-		foreach ($names as $name => $title) {
-			$id = $name . '_' . $key;
-			$sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
-			if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false)
-				$sel .= ' disabled="disabled"';
-			$html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
-		}
-		$html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>';
-	}
-	$html .= "</tbody></table>";
-	return form_element($label, $html);
+  $html = "<table><thead><tr>";
+  foreach ($names as $title)
+    $html .= "<th>$title</th>";
+  $html .= "</tr></thead><tbody>";
+  foreach ($items as $key => $item) {
+    $html .= "<tr>";
+    foreach ($names as $name => $title) {
+      $id = $name . '_' . $key;
+      $sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
+      if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false)
+        $sel .= ' disabled="disabled"';
+      $html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
+    }
+    $html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>';
+  }
+  $html .= "</tbody></table>";
+  return form_element($label, $html);
 }
 
 /**
  * Rendert eine Checkbox
  */
 function form_checkbox($name, $label, $selected, $value = 'checked') {
-	return form_element("", '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /><label for="' . $name . '">' . $label . '</label>');
+  return form_element("", '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /><label for="' . $name . '">' . $label . '</label>');
 }
 
 /**
  * Rendert einen Infotext in das Formular
  */
 function form_info($label, $text) {
-	return form_element($label, $text, "");
+  return form_element($label, $text, "");
 }
 
 /**
  * Rendert den Absenden-Button eines Formulars
  */
 function form_submit($name, $label) {
-	return form_element('<input class="button save ' . $name . '" type="submit" name="' . $name . '" value="' . $label . '" />', "");
+  return form_element('<input class="button save ' . $name . '" type="submit" name="' . $name . '" value="' . $label . '" />', "");
 }
 
 /**
  * Rendert ein Formular-Textfeld
  */
 function form_text($name, $label, $value, $disabled = false) {
-	$disabled = $disabled ? ' disabled="disabled"' : '';
-	return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . $value . '" ' . $disabled . '/>', 'form_' . $name);
+  $disabled = $disabled ? ' disabled="disabled"' : '';
+  return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . $value . '" ' . $disabled . '/>', 'form_' . $name);
 }
 
 /**
  * Rendert ein Formular-Passwortfeld
  */
 function form_password($name, $label, $disabled = false) {
-	$disabled = $disabled ? ' disabled="disabled"' : '';
-	return form_element($label, '<input id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name);
+  $disabled = $disabled ? ' disabled="disabled"' : '';
+  return form_element($label, '<input id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name);
 }
 
 /**
  * Rendert ein Formular-Textfeld
  */
 function form_textarea($name, $label, $value, $disabled = false) {
-	$disabled = $disabled ? ' disabled="disabled"' : '';
-	return form_element($label, '<textarea id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name);
+  $disabled = $disabled ? ' disabled="disabled"' : '';
+  return form_element($label, '<textarea id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name);
 }
 
 /**
  * Rendert ein Formular-Auswahlfeld
  */
 function form_select($name, $label, $values, $selected) {
-	return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name);
+  return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name);
 }
 
 /**
  * Rendert ein Formular-Element
  */
 function form_element($label, $input, $for = "") {
-	return '<div class="form_element">' . '<label for="' . $for . '" class="form_label">' . $label . '</label><div class="form_input">' . $input . '</div></div>';
+  return '<div class="form_element">' . '<label for="' . $for . '" class="form_label">' . $label . '</label><div class="form_input">' . $input . '</div></div>';
 }
 
 /**
  * Rendert ein Formular
  */
 function form($elements, $action = "") {
-	return '<form action="' . $action . '" enctype="multipart/form-data" method="post"><div class="form">' . join($elements) . '</div></form>';
+  return '<form action="' . $action . '" enctype="multipart/form-data" method="post"><div class="form">' . join($elements) . '</div></form>';
 }
 
 /**
  * Generiert HTML Code für eine "Seite". Fügt dazu die übergebenen Elemente zusammen.
  */
 function page($elements) {
-	return join($elements);
+  return join($elements);
 }
 
 /**
  * Rendert eine Datentabelle
  */
 function table($columns, $rows, $data = true) {
-	if (count($rows) == 0)
-		return info("No data available.", true);
-	$html = "";
-	$html .= '<table' . ($data ? ' class="data"' : '') . '>';
-	$html .= '<thead><tr>';
-	foreach ($columns as $key => $column)
-		$html .= '<th class="' . $key . '">' . $column . '</th>';
-	$html .= '</tr></thead>';
-	$html .= '<tbody>';
-	foreach ($rows as $row) {
-		$html .= '<tr>';
-		foreach ($columns as $key => $column)
-			if (isset ($row[$key]))
-				$html .= '<td class="' . $key . '">' . $row[$key] . '</td>';
-			else
-				$html .= '<td class="' . $key . '">&nbsp;</td>';
-		$html .= '</tr>';
-	}
-	$html .= '</tbody>';
-	$html .= '</table>';
-	return $html;
+  if (count($rows) == 0)
+    return info("No data available.", true);
+  $html = "";
+  $html .= '<table' . ($data ? ' class="data"' : '') . '>';
+  $html .= '<thead><tr>';
+  foreach ($columns as $key => $column)
+    $html .= '<th class="' . $key . '">' . $column . '</th>';
+  $html .= '</tr></thead>';
+  $html .= '<tbody>';
+  foreach ($rows as $row) {
+    $html .= '<tr>';
+    foreach ($columns as $key => $column)
+      if (isset ($row[$key]))
+      $html .= '<td class="' . $key . '">' . $row[$key] . '</td>';
+    else
+      $html .= '<td class="' . $key . '">&nbsp;</td>';
+    $html .= '</tr>';
+  }
+  $html .= '</tbody>';
+  $html .= '</table>';
+  return $html;
 }
 
 /**
  * Rendert einen Knopf
  */
 function button($href, $label, $class = "") {
-	return '<a href="' . $href . '" class="button ' . $class . '">' . $label . '</a>';
+  return '<a href="' . $href . '" class="button ' . $class . '">' . $label . '</a>';
 }
 
 /**
  * Rendert eine Toolbar mit Knöpfen
  */
 function buttons($buttons = array ()) {
-	return '<div class="toolbar">' . join(' ', $buttons) . '</div>';
+  return '<div class="toolbar">' . join(' ', $buttons) . '</div>';
 }
 
 // Load and render template
 function template_render($file, $data) {
-	if (file_exists($file)) {
-		$template = file_get_contents($file);
-		if (is_array($data))
-			foreach ($data as $name => $content) {
-				$template = str_replace("%" . $name . "%", $content, $template);
-			}
-		return $template;
-	} else {
-		die('Cannot find template file &laquo;' . $file . '&raquo;.');
-	}
+  if (file_exists($file)) {
+    $template = file_get_contents($file);
+    if (is_array($data))
+      foreach ($data as $name => $content) {
+      $template = str_replace("%" . $name . "%", $content, $template);
+    }
+    return $template;
+  } else {
+    die('Cannot find template file &laquo;' . $file . '&raquo;.');
+  }
 }
 
 function shorten($str) {
-	if (strlen($str) < 50)
-		return $str;
-	return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, 47) . '...</span>';
+  if (strlen($str) < 50)
+    return $str;
+  return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, 47) . '...</span>';
 }
 
 function table_body($array) {
-	$html = "";
-	foreach ($array as $line) {
-		$html .= "<tr>";
-		if (is_array($line)) {
-			foreach ($line as $td)
-				$html .= "<td>" . $td . "</td>";
-		} else {
-			$html .= "<td>" . $line . "</td>";
-		}
-		$html .= "</tr>";
-	}
-	return $html;
+  $html = "";
+  foreach ($array as $line) {
+    $html .= "<tr>";
+    if (is_array($line)) {
+      foreach ($line as $td)
+        $html .= "<td>" . $td . "</td>";
+    } else {
+      $html .= "<td>" . $line . "</td>";
+    }
+    $html .= "</tr>";
+  }
+  return $html;
 }
 
 function html_options($name, $options, $selected = "") {
-	$html = "";
-	foreach ($options as $value => $label)
-		$html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label;
+  $html = "";
+  foreach ($options as $value => $label)
+    $html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label;
 
-	return $html;
+  return $html;
 }
 
 function html_select_key($id, $name, $rows, $selected) {
-	$html = '<select id="' . $id . '" name="' . $name . '">';
-	foreach ($rows as $key => $row) {
-		if (($key == $selected) || ($row == $selected)) {
-			$html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
-		} else {
-			$html .= '<option value="' . $key . '">' . $row . '</option>';
-		}
-	}
-	$html .= '</select>';
-	return $html;
+  $html = '<select id="' . $id . '" name="' . $name . '">';
+  foreach ($rows as $key => $row) {
+    if (($key == $selected) || ($row == $selected)) {
+      $html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
+    } else {
+      $html .= '<option value="' . $key . '">' . $row . '</option>';
+    }
+  }
+  $html .= '</select>';
+  return $html;
 }
 
 function img_button($link, $icon, $text, $extra_text = '') {
-	$translation = empty($text)? '' : Get_Text($text);
-	return '<a href="' . htmlspecialchars($link) . '"><img src="pic/icons/' . htmlspecialchars($icon) . '.png" alt="' . $translation . '" ' . (empty($translation)? '' : 'title="' . $translation . '"') . '>' . (empty($extra_text)? '' : ' ' . $extra_text) . '</a>';
+  $translation = empty($text)? '' : Get_Text($text);
+  return '<a href="' . htmlspecialchars($link) . '"><img src="pic/icons/' . htmlspecialchars($icon) . '.png" alt="' . $translation . '" ' . (empty($translation)? '' : 'title="' . $translation . '"') . '>' . (empty($extra_text)? '' : ' ' . $extra_text) . '</a>';
+}
+
+
+function ReplaceSmilies($neueckig) {
+  $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
+  $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
+  $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
+  $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
+  $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
+  $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+  $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+  $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
+  $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
+  $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+  $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+  $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
+  $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
+  $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
+  $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+  $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+  $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
+  $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
+  $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
+  $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
+
+  return $neueckig;
 }
 ?>
diff --git a/includes/sys_user.php b/includes/sys_user.php
deleted file mode 100644
index 53976f5a..00000000
--- a/includes/sys_user.php
+++ /dev/null
@@ -1,133 +0,0 @@
-<?php
-
-function User_Nick_render($user_source) {
-  global $user, $privileges;
-  if($user['UID'] == $user_source['UID'] || in_array('user_shifts_admin', $privileges))
-    return '<a href="' . page_link_to('user_myshifts') . '&amp;id=' . $user_source['UID'] . '">' . htmlspecialchars($user_source['Nick']) . '</a>';
-  else
-    return htmlspecialchars($user_source['Nick']);
-}
-
-
-/**
- * Available T-Shirt sizes
- */
-$tshirt_sizes = array (
-  '' => "Please select...",
-  'S' => "S",
-  'M' => "M",
-  'L' => "L",
-  'XL' => "XL",
-  '2XL' => "2XL",
-  '3XL' => "3XL",
-  '4XL' => "4XL",
-  '5XL' => "5XL",
-  'S-G' => "S Girl",
-  'M-G' => "M Girl",
-  'L-G' => "L Girl",
-  'XL-G' => "XL Girl"
-);
-
-function UID2Nick($UID) {
-  if ($UID > 0)
-    $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
-  else
-    $SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
-
-  $Erg = sql_select($SQL);
-
-  if (count($Erg) > 0) {
-    if ($UID > 0)
-      return $Erg[0]['Nick'];
-    else
-      return "Group-" . $Erg[0]['Name'];
-  } else {
-    if ($UID == -1)
-      return "Guest";
-    else
-      return "UserID $UID not found";
-  }
-}
-
-function TID2Type($TID) {
-  global $con;
-
-  $SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
-  $Erg = mysql_query($SQL, $con);
-
-  if (mysql_num_rows($Erg))
-    return mysql_result($Erg, 0);
-  else
-    return "";
-}
-
-function ReplaceSmilies($neueckig) {
-  $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
-  $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
-  $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
-  $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
-  $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
-  $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-  $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-  $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-  $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
-  $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-  $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-  $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-  $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
-  $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
-  $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-  $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-  $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-  $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
-  $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
-  $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
-
-  return $neueckig;
-}
-
-function GetPictureShow($UID) {
-  global $con;
-
-  $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
-  $res = mysql_query($SQL, $con);
-
-  if (mysql_num_rows($res) == 1)
-    return mysql_result($res, 0, 0);
-  else
-    return "";
-}
-
-function displayPicture($UID, $height = "30") {
-  global $url, $ENGEL_ROOT;
-
-  if ($height > 0)
-    return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
-  else
-    return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
-}
-
-function displayavatar($UID, $height = "30") {
-  global $con, $url, $ENGEL_ROOT;
-
-  if (GetPictureShow($UID) == 'Y')
-    return "&nbsp;" . displayPicture($UID, $height);
-
-  $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
-  if (count($user) > 0)
-    if ($user[0]['Avatar'] > 0)
-    return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
-}
-
-function UIDgekommen($UID) {
-  global $con;
-
-  $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
-  $Erg = mysql_query($SQL, $con);
-
-  if (mysql_num_rows($Erg))
-    return mysql_result($Erg, 0);
-  else
-    return "0";
-}
-?>
diff --git a/includes/view/Shifts_view.php b/includes/view/Shifts_view.php
new file mode 100644
index 00000000..824f519a
--- /dev/null
+++ b/includes/view/Shifts_view.php
@@ -0,0 +1,11 @@
+<?php
+/**
+ * Calc shift length in format 12:23h.
+ * @param Shift $shift
+ */
+function shift_length($shift) {
+  $length = round(($shift['end'] - $shift['start']) / (60 * 60), 0) . ":";
+  $length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h";
+  return $length;
+}
+?>
\ No newline at end of file
diff --git a/includes/view/Sprache_view.php b/includes/view/Sprache_view.php
new file mode 100644
index 00000000..88c7435c
--- /dev/null
+++ b/includes/view/Sprache_view.php
@@ -0,0 +1,36 @@
+<?php
+/**
+ * Names of available languages.
+ */
+$languages = array (
+  'DE' => "Deutsch",
+  'EN' => "English"
+);
+
+/**
+ * Display acutual translation of given text id.
+ * @param string $TextID
+ * @param bool $NoError
+ * @return string
+ */
+function Get_Text($TextID, $NoError = false) {
+  global $debug;
+
+  if (!isset ($_SESSION['Sprache']))
+    $_SESSION['Sprache'] = "EN";
+  if ($_SESSION['Sprache'] == "")
+    $_SESSION['Sprache'] = "EN";
+  if (isset ($_GET["SetLanguage"]))
+    $_SESSION['Sprache'] = $_GET["SetLanguage"];
+
+  $sprache_source = Sprache($TextID, $_SESSION['Sprache']);
+  if($sprache_source === false)
+    engelsystem_error("Unable to load text key.");
+  if($sprache_source == null) {
+    if($NoError && !$debug)
+      return "";
+    return $TextID;
+  }
+  return $sprache_source['Text'];
+}
+?>
\ No newline at end of file
diff --git a/includes/view/User_view.php b/includes/view/User_view.php
new file mode 100644
index 00000000..eb69b8c4
--- /dev/null
+++ b/includes/view/User_view.php
@@ -0,0 +1,45 @@
+<?php
+
+/**
+ * Available T-Shirt sizes
+ */
+$tshirt_sizes = array (
+  '' => "Please select...",
+  'S' => "S",
+  'M' => "M",
+  'L' => "L",
+  'XL' => "XL",
+  '2XL' => "2XL",
+  '3XL' => "3XL",
+  '4XL' => "4XL",
+  '5XL' => "5XL",
+  'S-G' => "S Girl",
+  'M-G' => "M Girl",
+  'L-G' => "L Girl",
+  'XL-G' => "XL Girl"
+);
+
+/**
+ * Render a users avatar.
+ * @param User $user
+ * @return string
+ */
+function User_Avatar_render($user) {
+  return '<div class="avatar">&nbsp;<img src="pic/avatar/avatar' . $user['Avatar'] . '.gif"></div>';
+}
+
+/**
+ * Render a user nickname.
+ * @param User $user_source
+ * @return string
+ */
+function User_Nick_render($user_source) {
+  global $user, $privileges;
+  if($user['UID'] == $user_source['UID'] || in_array('user_shifts_admin', $privileges))
+    return '<a href="' . page_link_to('user_myshifts') . '&amp;id=' . $user_source['UID'] . '">' . htmlspecialchars($user_source['Nick']) . '</a>';
+  else
+    return htmlspecialchars($user_source['Nick']);
+}
+
+
+?>
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2