summaryrefslogtreecommitdiff
path: root/www-ssl/nonpublic/schichtplan_add.php
blob: 621cd97ef2d528bafe4bfca1f502dd48d87ae78b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
  $title = "Himmel";
  $header = "Schichtpl&auml;ne";
  include "../../../camp2011/includes/header.php";
  include "../../../camp2011/includes/funktion_schichtplan.php";
  include "../../../camp2011/includes/funktion_schichtplan_aray.php";
  include "../../../camp2011/includes/funktionen.php";

  if(isset($_POST["newtext"]) && isset($_POST["SID"]) && isset($_POST["TID"])) {
    SetHeaderGo2Back();
 
    // datum der einzutragenden Schicht heraussuhen...
    $ShiftSQL = "SELECT `DateS`, `DateE` FROM `Shifts` WHERE `SID`='" . $_POST["SID"] . ".'";
    $ShiftErg = mysql_query ($ShiftSQL, $con);
    $beginSchicht = mysql_result($ShiftErg, 0, "DateS");
    $endSchicht   = mysql_result($ShiftErg, 0, "DateE");

    // wenn keien rechte definiert sind
    if(!isset($_SESSION['CVS'][$TID2Name[$_POST["TID"]]]))
      $_SESSION['CVS'][$TID2Name[$_POST["TID"]]] = "Y";

    if($_SESSION['CVS'][$TID2Name[$_POST["TID"]]] == "Y") {
      // Ueberpruefung, ob der Engel bereits fuer eine Schicht zu dieser Zeit eingetragen ist
      $SSQL = "SELECT * FROM `Shifts`".
              " INNER JOIN `ShiftEntry` ON `ShiftEntry`.`SID` = `Shifts`.`SID`".
              " WHERE ((".
              " ((`Shifts`.`DateS` >= '$beginSchicht') and ".
              "  (`Shifts`.`DateS` < '$endSchicht'))".
              " OR ".
              " ((`Shifts`.`DateE` > '$beginSchicht') and ".
              "  (`Shifts`.`DateE` <= '$endSchicht')) ".
              ") and ".
              "(`ShiftEntry`.`UID` = '". $_SESSION['UID']. "'));";
      $bErg = mysql_query($SSQL, $con);

      if(mysql_num_rows($bErg) != 0)
        echo Get_Text("pub_schichtplan_add_AllreadyinShift");
      else {
        // ermitteln der noch gesuchten
        $SQL3 = "SELECT * FROM `ShiftEntry`".
                " WHERE ((`SID` = '". $_POST["SID"]. "') AND (`TID` = '". $_POST["TID"]. "') AND (`UID` = '0'));";
        $Erg3 = mysql_query($SQL3, $con);

        if(mysql_num_rows($Erg3) <= 0)
          echo Get_Text("pub_schichtplan_add_ToManyYousers");
        else {
          //write shift
          $SQL = "UPDATE `ShiftEntry` SET ".
                 "`UID` = '". $_SESSION['UID']. "', ".
                 "`Comment` = '". $_POST["newtext"]. "' ".
                 "WHERE ( (`SID` = '". $_POST["SID"]. "') and ".
                 "(`TID` = '". $_POST["TID"]. "') and ".
                 "(`UID` = '0')) LIMIT 1;";
          $Erg = mysql_query($SQL, $con);

          if($Erg != 1)
            echo Get_Text("pub_schichtplan_add_Error");
          else
            echo Get_Text("pub_schichtplan_add_WriteOK");
        }
      }
    } else {
      echo "<h1>:-(</h1>";
      array_push($error_messages, "Hack atteck\n");
    }
  } elseif (isset($_GET["SID"]) && isset($_GET["TID"])) {
    //wenn keine Rechte definiert sind
    if( !isset($_SESSION['CVS'][ $TID2Name[$_GET["TID"]] ]))
      $_SESSION['CVS'][ $TID2Name[$_GET["TID"]] ] = "Y";

    if( $_SESSION['CVS'][ $TID2Name[$_GET["TID"]] ] == "Y") {
      echo Get_Text("pub_schichtplan_add_Text1"). "<br /><br />\n\n".
        "<form action=\"./schichtplan_add.php\" method=\"post\">\n".
        "<table border=\"0\">\n";

      $SQL = "SELECT * FROM `Shifts` WHERE ";
      $SQL .="(`SID` = '". $_GET["SID"]. "')";
      $Erg = mysql_query($SQL, $con);

      echo "<tr><td>". Get_Text("pub_schichtplan_add_Date"). ":</td> <td>".
        mysql_result($Erg, 0, "DateS"). "</td></tr>\n";

      echo "<tr><td>". Get_Text("pub_schichtplan_add_Place"). ":</td> <td>".
        $RoomID[ mysql_result($Erg, 0, "RID") ]. "</td></tr>\n";

      echo "<tr><td>". Get_Text("pub_schichtplan_add_Job"). ":</td> <td>".
        $EngelTypeID[$_GET["TID"]]. "</td></tr>\n";

      echo "<tr><td>". Get_Text("pub_schichtplan_add_Len"). ":</td> <td>".
        mysql_result($Erg, 0, "Len"). "h</td></tr>\n";

      echo "<tr><td>". Get_Text("pub_schichtplan_add_TextFor"). ":</td> <td>".
        mysql_result($Erg, 0, "Man"). "</td></tr>\n";

      echo "<tr><td valign='top'>". Get_Text("pub_schichtplan_add_Comment"). ":</td>\n <td>".
        "<textarea name='newtext' cols='50' rows='10'></textarea> </td></tr>\n";

      echo "<tr><td>&nbsp;</td>\n".
        "<td><input type=\"submit\" value=\"". Get_Text("pub_schichtplan_add_submit"). "\"> </td></tr>\n".
        "</table>\n".
        "<input type=\"hidden\" name=\"SID\" value=\"". $_GET["SID"]. "\">\n".
        "<input type=\"hidden\" name=\"TID\" value=\"". $_GET["TID"]. "\">\n".
        "</form>";
    } else {
      echo "<h1>:-(</h1>";
      array_push($error_messages, "Hack atteck\n");
    }
  }

  include "../../../camp2011/includes/footer.php";
?>