summaryrefslogtreecommitdiff
path: root/includes/pages/user_myshifts.php
blob: 333f9517f16fc621e03f5462b8244af39f3be3f4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php
function myshifts_title() {
  return _("My shifts");
}

// Zeigt die Schichten an, die ein Benutzer belegt
function user_myshifts() {
  global $LETZTES_AUSTRAGEN;
  global $user, $privileges;
  $msg = "";
  
  if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
    $id = $_REQUEST['id'];
  } else {
    $id = $user['UID'];
  }
  
  list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
  
  if (isset($_REQUEST['reset'])) {
    if ($_REQUEST['reset'] == "ack") {
      User_reset_api_key($user);
      success(_("Key changed."));
      redirect(page_link_to('user_myshifts'));
    }
    return template_render('../templates/user_myshifts_reset.html', array());
  } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
    $id = $_REQUEST['edit'];
    $shift = sql_select("SELECT 
        `ShiftEntry`.`freeloaded`, 
        `ShiftEntry`.`freeload_comment`, 
        `ShiftEntry`.`Comment`, 
        `ShiftEntry`.`UID`, 
        `Shifts`.*, 
        `Room`.`Name`, 
        `AngelTypes`.`name` as `angel_type` 
        FROM `ShiftEntry` 
        JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) 
        JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) 
        JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) 
        WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " 
        AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
    if (count($shift) > 0) {
      $shift = $shift[0];
      
      if (isset($_REQUEST['submit'])) {
        $freeloaded = $shift['freeloaded'];
        $freeload_comment = $shift['freeload_comment'];
        if (in_array("user_shifts_admin", $privileges)) {
          $freeloaded = isset($_REQUEST['freeloaded']);
          $freeload_comment = strip_request_item_nl('freeload_comment');
        }
        
        $comment = strip_request_item_nl('comment');
        $user_source = User($shift['UID']);
        sql_query("UPDATE `ShiftEntry` SET 
            `Comment`='" . sql_escape($comment) . "',
            `freeloaded`=" . sql_escape($freeloaded ? 1 : 0) . ",
            `freeload_comment`='" . sql_escape($freeload_comment) . "'
            WHERE `id`=" . sql_escape($id) . " 
            LIMIT 1");
        engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment);
        success(_("Shift saved."));
        redirect(page_link_to('user_myshifts'));
      }
      
      return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges));
    } else
      redirect(page_link_to('user_myshifts'));
  } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
    $id = $_REQUEST['cancel'];
    $shift = sql_select("SELECT `Shifts`.`start` FROM `Shifts` INNER JOIN `ShiftEntry` USING (`SID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
    if (count($shift) > 0) {
      $shift = $shift[0];
      if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
        sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
        $msg .= success(_("You have been signed off from the shift."), true);
      } else
        $msg .= error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."), true);
    } else
      redirect(page_link_to('user_myshifts'));
  }
  
  msg();
  redirect(page_link_to('users') . '&action=view');
}
?>