1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
<?php
$title = "Himmel";
$header = "Schichtpläne";
include "../../../camp2011/includes/header.php";
include "../../../camp2011/includes/funktion_schichtplan.php";
include "../../../camp2011/includes/funktion_schichtplan_aray.php";
include "../../../camp2011/includes/funktionen.php";
if(isset($_POST["newtext"]) && isset($_POST["SID"]) && isset($_POST["TID"])) {
SetHeaderGo2Back();
// datum der einzutragenden Schicht heraussuhen...
$ShiftSQL = "SELECT `DateS`, `DateE` FROM `Shifts` WHERE `SID`='" . $_POST["SID"] . ".'";
$ShiftErg = mysql_query ($ShiftSQL, $con);
$beginSchicht = mysql_result($ShiftErg, 0, "DateS");
$endSchicht = mysql_result($ShiftErg, 0, "DateE");
// wenn keien rechte definiert sind
if(!isset($_SESSION['CVS'][$TID2Name[$_POST["TID"]]]))
$_SESSION['CVS'][$TID2Name[$_POST["TID"]]] = "Y";
if($_SESSION['CVS'][$TID2Name[$_POST["TID"]]] == "Y") {
// Ueberpruefung, ob der Engel bereits fuer eine Schicht zu dieser Zeit eingetragen ist
$SSQL = "SELECT * FROM `Shifts`".
" INNER JOIN `ShiftEntry` ON `ShiftEntry`.`SID` = `Shifts`.`SID`".
" WHERE ((".
" ((`Shifts`.`DateS` >= '$beginSchicht') and ".
" (`Shifts`.`DateS` < '$endSchicht'))".
" OR ".
" ((`Shifts`.`DateE` > '$beginSchicht') and ".
" (`Shifts`.`DateE` <= '$endSchicht')) ".
") and ".
"(`ShiftEntry`.`UID` = '". $_SESSION['UID']. "'));";
$bErg = mysql_query($SSQL, $con);
if(mysql_num_rows($bErg) != 0)
echo Get_Text("pub_schichtplan_add_AllreadyinShift");
else {
// ermitteln der noch gesuchten
$SQL3 = "SELECT * FROM `ShiftEntry`".
" WHERE ((`SID` = '". $_POST["SID"]. "') AND (`TID` = '". $_POST["TID"]. "') AND (`UID` = '0'));";
$Erg3 = mysql_query($SQL3, $con);
if(mysql_num_rows($Erg3) <= 0)
echo Get_Text("pub_schichtplan_add_ToManyYousers");
else {
//write shift
$SQL = "UPDATE `ShiftEntry` SET ".
"`UID` = '". $_SESSION['UID']. "', ".
"`Comment` = '". $_POST["newtext"]. "' ".
"WHERE ( (`SID` = '". $_POST["SID"]. "') and ".
"(`TID` = '". $_POST["TID"]. "') and ".
"(`UID` = '0')) LIMIT 1;";
$Erg = mysql_query($SQL, $con);
if($Erg != 1)
echo Get_Text("pub_schichtplan_add_Error");
else
echo Get_Text("pub_schichtplan_add_WriteOK");
}
}
} else {
echo "<h1>:-(</h1>";
array_push($error_messages, "Hack atteck\n");
}
} elseif (isset($_GET["SID"]) && isset($_GET["TID"])) {
//wenn keine Rechte definiert sind
if( !isset($_SESSION['CVS'][ $TID2Name[$_GET["TID"]] ]))
$_SESSION['CVS'][ $TID2Name[$_GET["TID"]] ] = "Y";
if( $_SESSION['CVS'][ $TID2Name[$_GET["TID"]] ] == "Y") {
echo Get_Text("pub_schichtplan_add_Text1"). "<br /><br />\n\n".
"<form action=\"./schichtplan_add.php\" method=\"post\">\n".
"<table border=\"0\">\n";
$SQL = "SELECT * FROM `Shifts` WHERE ";
$SQL .="(`SID` = '". $_GET["SID"]. "')";
$Erg = mysql_query($SQL, $con);
echo "<tr><td>". Get_Text("pub_schichtplan_add_Date"). ":</td> <td>".
mysql_result($Erg, 0, "DateS"). "</td></tr>\n";
echo "<tr><td>". Get_Text("pub_schichtplan_add_Place"). ":</td> <td>".
$RoomID[ mysql_result($Erg, 0, "RID") ]. "</td></tr>\n";
echo "<tr><td>". Get_Text("pub_schichtplan_add_Job"). ":</td> <td>".
$EngelTypeID[$_GET["TID"]]. "</td></tr>\n";
echo "<tr><td>". Get_Text("pub_schichtplan_add_Len"). ":</td> <td>".
mysql_result($Erg, 0, "Len"). "h</td></tr>\n";
echo "<tr><td>". Get_Text("pub_schichtplan_add_TextFor"). ":</td> <td>".
mysql_result($Erg, 0, "Man"). "</td></tr>\n";
echo "<tr><td valign='top'>". Get_Text("pub_schichtplan_add_Comment"). ":</td>\n <td>".
"<textarea name='newtext' cols='50' rows='10'></textarea> </td></tr>\n";
echo "<tr><td> </td>\n".
"<td><input type=\"submit\" value=\"". Get_Text("pub_schichtplan_add_submit"). "\"> </td></tr>\n".
"</table>\n".
"<input type=\"hidden\" name=\"SID\" value=\"". $_GET["SID"]. "\">\n".
"<input type=\"hidden\" name=\"TID\" value=\"". $_GET["TID"]. "\">\n".
"</form>";
} else {
echo "<h1>:-(</h1>";
array_push($error_messages, "Hack atteck\n");
}
}
include "../../../camp2011/includes/footer.php";
?>
|