summaryrefslogtreecommitdiff
path: root/www-ssl_old/nonpublic/schichtplan_add.php
blob: 1bbcdc4b64a43fb4f083768d4219420c7f894521 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
require_once ('../bootstrap.php');

$title = "Himmel";
$header = "Schichtpl&auml;ne";
include "includes/header.php";
include "includes/funktion_schichtplan.php";
include "includes/funktion_schichtplan_aray.php";
include "includes/funktionen.php";

if (isset ($_POST["newtext"]) && isset ($_POST["SID"]) && isset ($_POST["TID"])) {
	SetHeaderGo2Back();

	// datum der einzutragenden Schicht heraussuhen...
	$ShiftSQL = "SELECT `DateS`, `DateE` FROM `Shifts` WHERE `SID`='" . $_POST["SID"] . ".'";
	$ShiftErg = mysql_query($ShiftSQL, $con);
	$beginSchicht = mysql_result($ShiftErg, 0, "DateS");
	$endSchicht = mysql_result($ShiftErg, 0, "DateE");

	// wenn keien rechte definiert sind
	if (!isset ($_SESSION['CVS'][$TID2Name[$_POST["TID"]]]))
		$_SESSION['CVS'][$TID2Name[$_POST["TID"]]] = "Y";

	if ($_SESSION['CVS'][$TID2Name[$_POST["TID"]]] == "Y") {
		// Ueberpruefung, ob der Engel bereits fuer eine Schicht zu dieser Zeit eingetragen ist
		$SSQL = "SELECT * FROM `Shifts`" .
		" INNER JOIN `ShiftEntry` ON `ShiftEntry`.`SID` = `Shifts`.`SID`" .
		" WHERE ((" .
		" ((`Shifts`.`DateS` >= '$beginSchicht') and " .
		"  (`Shifts`.`DateS` < '$endSchicht'))" .
		" OR " .
		" ((`Shifts`.`DateE` > '$beginSchicht') and " .
		"  (`Shifts`.`DateE` <= '$endSchicht')) " .
		") and " .
		"(`ShiftEntry`.`UID` = '" . $_SESSION['UID'] . "'));";
		$bErg = mysql_query($SSQL, $con);

		if (mysql_num_rows($bErg) != 0)
			echo Get_Text("pub_schichtplan_add_AllreadyinShift");
		else {
			// ermitteln der noch gesuchten
			$SQL3 = "SELECT * FROM `ShiftEntry`" .
			" WHERE ((`SID` = '" . $_POST["SID"] . "') AND (`TID` = '" . $_POST["TID"] . "') AND (`UID` = '0'));";
			$Erg3 = mysql_query($SQL3, $con);

			if (mysql_num_rows($Erg3) <= 0)
				echo Get_Text("pub_schichtplan_add_ToManyYousers");
			else {
				//write shift
				$SQL = "UPDATE `ShiftEntry` SET " .
				"`UID` = '" . $_SESSION['UID'] . "', " .
				"`Comment` = '" . $_POST["newtext"] . "' " .
				"WHERE ( (`SID` = '" . $_POST["SID"] . "') and " .
				"(`TID` = '" . $_POST["TID"] . "') and " .
				"(`UID` = '0')) LIMIT 1;";
				$Erg = mysql_query($SQL, $con);

				if ($Erg != 1)
					echo Get_Text("pub_schichtplan_add_Error");
				else
					echo Get_Text("pub_schichtplan_add_WriteOK");
			}
		}
	} else {
		echo "<h1>:-(</h1>";
		array_push($error_messages, "Hack atteck\n");
	}
}
elseif (isset ($_GET["SID"]) && isset ($_GET["TID"])) {
	//wenn keine Rechte definiert sind
	if (!isset ($_SESSION['CVS'][$TID2Name[$_GET["TID"]]]))
		$_SESSION['CVS'][$TID2Name[$_GET["TID"]]] = "Y";

	if ($_SESSION['CVS'][$TID2Name[$_GET["TID"]]] == "Y") {
		echo Get_Text("pub_schichtplan_add_Text1") . "<br /><br />\n\n" .
		"<form action=\"./schichtplan_add.php\" method=\"post\">\n" .
		"<table border=\"0\">\n";

		$SQL = "SELECT * FROM `Shifts` WHERE ";
		$SQL .= "(`SID` = '" . $_GET["SID"] . "')";
		$Erg = mysql_query($SQL, $con);

		echo "<tr><td>" . Get_Text("pub_schichtplan_add_Date") . ":</td> <td>" .
		mysql_result($Erg, 0, "DateS") . "</td></tr>\n";

		echo "<tr><td>" . Get_Text("pub_schichtplan_add_Place") . ":</td> <td>" .
		$RoomID[mysql_result($Erg, 0, "RID")] . "</td></tr>\n";

		echo "<tr><td>" . Get_Text("pub_schichtplan_add_Job") . ":</td> <td>" .
		$EngelTypeID[$_GET["TID"]] . "</td></tr>\n";

		echo "<tr><td>" . Get_Text("pub_schichtplan_add_Len") . ":</td> <td>" .
		mysql_result($Erg, 0, "Len") . "h</td></tr>\n";

		echo "<tr><td>" . Get_Text("pub_schichtplan_add_TextFor") . ":</td> <td>" .
		mysql_result($Erg, 0, "Man") . "</td></tr>\n";

		echo "<tr><td valign='top'>" . Get_Text("pub_schichtplan_add_Comment") . ":</td>\n <td>" .
		"<textarea name='newtext' cols='50' rows='10'></textarea> </td></tr>\n";

		echo "<tr><td>&nbsp;</td>\n" .
		"<td><input type=\"submit\" value=\"" . Get_Text("pub_schichtplan_add_submit") . "\"> </td></tr>\n" .
		"</table>\n" .
		"<input type=\"hidden\" name=\"SID\" value=\"" . $_GET["SID"] . "\">\n" .
		"<input type=\"hidden\" name=\"TID\" value=\"" . $_GET["TID"] . "\">\n" .
		"</form>";
	} else {
		echo "<h1>:-(</h1>";
		array_push($error_messages, "Hack atteck\n");
	}
}

include "includes/footer.php";
?>