engelsystem/includes/controller/users_controller.php

<?php

use Engelsystem\Database\DB;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilter;

/**
 * Route user actions.
 *
 * @return array
 */
function users_controller()
{
    global $user;

    if (!isset($user)) {
        redirect(page_link_to(''));
    }

    if (!isset($_REQUEST['action'])) {
        $_REQUEST['action'] = 'list';
    }

    switch ($_REQUEST['action']) {
        case 'view':
            return user_controller();
        case 'delete':
            return user_delete_controller();
        case 'edit_vouchers':
            return user_edit_vouchers_controller();
        case 'list':
        default:
            return users_list_controller();
    }
}

/**
 * Delete a user, requires to enter own password for reasons.
 *
 * @return array
 */
function user_delete_controller()
{
    global $privileges, $user;

    if (isset($_REQUEST['user_id'])) {
        $user_source = User($_REQUEST['user_id']);
    } else {
        $user_source = $user;
    }

    if (!in_array('admin_user', $privileges)) {
        redirect(page_link_to(''));
    }

    // You cannot delete yourself
    if ($user['UID'] == $user_source['UID']) {
        error(_('You cannot delete yourself.'));
        redirect(user_link($user));
    }

    if (isset($_REQUEST['submit'])) {
        $valid = true;

        if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],
                $user['UID']))
        ) {
            $valid = false;
            error(_('Your password is incorrect.  Please try it again.'));
        }

        if ($valid) {
            $result = User_delete($user_source['UID']);
            if ($result === false) {
                engelsystem_error('Unable to delete user.');
            }

            mail_user_delete($user_source);
            success(_('User deleted.'));
            engelsystem_log(sprintf('Deleted %s', User_Nick_render($user_source)));

            redirect(users_link());
        }
    }

    return [
        sprintf(_('Delete %s'), $user_source['Nick']),
        User_delete_view($user_source)
    ];
}

/**
 * @return string
 */
function users_link()
{
    return page_link_to('users');
}

/**
 * @param array $user
 * @return string
 */
function user_edit_link($user)
{
    return page_link_to('admin_user') . '&user_id=' . $user['UID'];
}

/**
 * @param array $user
 * @return string
 */
function user_delete_link($user)
{
    return page_link_to('users') . '&action=delete&user_id=' . $user['UID'];
}

/**
 * @param array $user
 * @return string
 */
function user_link($user)
{
    return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
}

/**
 * @return array
 */
function user_edit_vouchers_controller()
{
    global $privileges, $user;

    if (isset($_REQUEST['user_id'])) {
        $user_source = User($_REQUEST['user_id']);
    } else {
        $user_source = $user;
    }

    if (!in_array('admin_user', $privileges)) {
        redirect(page_link_to(''));
    }

    if (isset($_REQUEST['submit'])) {
        $valid = true;

        $vouchers = '';
        if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {
            $vouchers = trim($_REQUEST['vouchers']);
        } else {
            $valid = false;
            error(_('Please enter a valid number of vouchers.'));
        }

        if ($valid) {
            $user_source['got_voucher'] = $vouchers;

            $result = User_update($user_source);
            if ($result === false) {
                engelsystem_error('Unable to update user.');
            }

            success(_('Saved the number of vouchers.'));
            engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf('Got %s vouchers',
                    $user_source['got_voucher']));

            redirect(user_link($user_source));
        }
    }

    return [
        sprintf(_('%s\'s vouchers'), $user_source['Nick']),
        User_edit_vouchers_view($user_source)
    ];
}

/**
 * @return array
 */
function user_controller()
{
    global $privileges, $user;

    $user_source = $user;
    if (isset($_REQUEST['user_id'])) {
        $user_source = User($_REQUEST['user_id']);
        if ($user_source == null) {
            error(_('User not found.'));
            redirect('?');
        }
    }

    $shifts = Shifts_by_user($user_source, in_array('user_shifts_admin', $privileges));
    foreach ($shifts as &$shift) {
        // TODO: Move queries to model
        $shift['needed_angeltypes'] = DB::select('
            SELECT DISTINCT `AngelTypes`.*
            FROM `ShiftEntry`
            JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
            WHERE `ShiftEntry`.`SID` = ?
            ORDER BY `AngelTypes`.`name`
            ',
            [$shift['SID']]
        );
        foreach ($shift['needed_angeltypes'] as &$needed_angeltype) {
            $needed_angeltype['users'] = DB::select('
                  SELECT `ShiftEntry`.`freeloaded`, `User`.*
                  FROM `ShiftEntry`
                  JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
                  WHERE `ShiftEntry`.`SID` = ?
                  AND `ShiftEntry`.`TID` = ?
                ',
                [$shift['SID'], $needed_angeltype['id']]
            );
        }
    }

    if ($user_source['api_key'] == '') {
        User_reset_api_key($user_source, false);
    }

    return [
        $user_source['Nick'],
        User_view(
            $user_source,
            in_array('admin_user', $privileges),
            User_is_freeloader($user_source),
            User_angeltypes($user_source),
            User_groups($user_source),
            $shifts,
            $user['UID'] == $user_source['UID']
        )
    ];
}

/**
 * List all users.
 *
 * @return array
 */
function users_list_controller()
{
    global $privileges;

    if (!in_array('admin_user', $privileges)) {
        redirect(page_link_to(''));
    }

    $order_by = 'Nick';
    if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) {
        $order_by = $_REQUEST['OrderBy'];
    }

    $users = Users($order_by);
    if ($users === false) {
        engelsystem_error('Unable to load users.');
    }

    foreach ($users as &$user) {
        $user['freeloads'] = count(ShiftEntries_freeloaded_by_user($user));
    }

    return [
        _('All users'),
        Users_view(
            $users,
            $order_by,
            User_arrived_count(),
            User_active_count(),
            User_force_active_count(),
            ShiftEntries_freeleaded_count(),
            User_tshirts_count(),
            User_got_voucher_count()
        )
    ];
}

/**
 * Second step of password recovery: set a new password using the token link from email
 *
 * @return string
 */
function user_password_recovery_set_new_controller()
{
    $user_source = User_by_password_recovery_token($_REQUEST['token']);
    if ($user_source == null) {
        error(_('Token is not correct.'));
        redirect(page_link_to('login'));
    }

    if (isset($_REQUEST['submit'])) {
        $valid = true;

        if (
            isset($_REQUEST['password'])
            && strlen($_REQUEST['password']) >= config('min_password_length')
        ) {
            if ($_REQUEST['password'] != $_REQUEST['password2']) {
                $valid = false;
                error(_('Your passwords don\'t match.'));
            }
        } else {
            $valid = false;
            error(_('Your password is to short (please use at least 6 characters).'));
        }

        if ($valid) {
            set_password($user_source['UID'], $_REQUEST['password']);
            success(_('Password saved.'));
            redirect(page_link_to('login'));
        }
    }

    return User_password_set_view();
}

/**
 * First step of password recovery: display a form that asks for your email and send email with recovery link
 *
 * @return string
 */
function user_password_recovery_start_controller()
{
    if (isset($_REQUEST['submit'])) {
        $valid = true;

        if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) {
            $email = strip_request_item('email');
            if (check_email($email)) {
                $user_source = User_by_email($email);
                if ($user_source == null) {
                    $valid = false;
                    error(_('E-mail address is not correct.'));
                }
            } else {
                $valid = false;
                error(_('E-mail address is not correct.'));
            }
        } else {
            $valid = false;
            error(_('Please enter your e-mail.'));
        }

        if ($valid) {
            $token = User_generate_password_recovery_token($user_source);
            engelsystem_email_to_user(
                $user_source,
                _('Password recovery'),
                sprintf(
                    _('Please visit %s to recover your password.'),
                    page_link_to_absolute('user_password_recovery') . '&token=' . $token
                )
            );
            success(_('We sent an email containing your password recovery link.'));
            redirect(page_link_to('login'));
        }
    }

    return User_password_recovery_view();
}

/**
 * User password recovery in 2 steps.
 * (By email)
 *
 * @return string
 */
function user_password_recovery_controller()
{
    if (isset($_REQUEST['token'])) {
        return user_password_recovery_set_new_controller();
    }

    return user_password_recovery_start_controller();
}

/**
 * Menu title for password recovery.
 *
 * @return string
 */
function user_password_recovery_title()
{
    return _('Password recovery');
}

/**
 * Loads a user from param user_id.
 *
 * return array
 */
function load_user()
{
    if (!isset($_REQUEST['user_id'])) {
        redirect(page_link_to());
    }

    $user = User($_REQUEST['user_id']);

    if ($user == null) {
        error(_('User doesn\'t exist.'));
        redirect(page_link_to());
    }

    return $user;
}

/**
 * @param ShiftsFilter $shiftsFilter
 * @return ShiftCalendarRenderer
 */
function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter)
{
    $shifts = Shifts_by_ShiftsFilter($shiftsFilter);
    $needed_angeltypes_source = NeededAngeltypes_by_ShiftsFilter($shiftsFilter);
    $shift_entries_source = ShiftEntries_by_ShiftsFilter($shiftsFilter);

    $needed_angeltypes = [];
    $shift_entries = [];
    foreach ($shifts as $shift) {
        $needed_angeltypes[$shift['SID']] = [];
        $shift_entries[$shift['SID']] = [];
    }
    foreach ($shift_entries_source as $shift_entry) {
        if (isset($shift_entries[$shift_entry['SID']])) {
            $shift_entries[$shift_entry['SID']][] = $shift_entry;
        }
    }
    foreach ($needed_angeltypes_source as $needed_angeltype) {
        if (isset($needed_angeltypes[$needed_angeltype['SID']])) {
            $needed_angeltypes[$needed_angeltype['SID']][] = $needed_angeltype;
        }
    }
    unset($needed_angeltypes_source);
    unset($shift_entries_source);

    if (
        in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled())
        && in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())
    ) {
        return new ShiftCalendarRenderer($shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
    }

    $filtered_shifts = [];
    foreach ($shifts as $shift) {
        $needed_angels_count = 0;
        $taken = 0;
        foreach ($needed_angeltypes[$shift['SID']] as $needed_angeltype) {
            $taken = 0;
            foreach ($shift_entries[$shift['SID']] as $shift_entry) {
                if ($needed_angeltype['angel_type_id'] == $shift_entry['TID'] && $shift_entry['freeloaded'] == 0) {
                    $taken++;
                }
            }

            $needed_angels_count += max(0, $needed_angeltype['count'] - $taken);
        }
        if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && $taken < $needed_angels_count) {
            $filtered_shifts[] = $shift;
        }
        if (in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled()) && $taken >= $needed_angels_count) {
            $filtered_shifts[] = $shift;
        }
    }

    return new ShiftCalendarRenderer($filtered_shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
}
user password recovery 11 years ago			`<?php`
Changed from mysqli to PDO, some refactorings, faster sql queries 8 years ago
			`use Engelsystem\Database\DB;`
move data sorting to begin 8 years ago			`use Engelsystem\ShiftCalendarRenderer;`
Formatting 8 years ago			`use Engelsystem\ShiftsFilter;`
user password recovery 11 years ago
			`/**`
add basic bootstrap theme 10 years ago			`* Route user actions.`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return array`
add basic bootstrap theme 10 years ago			`*/`
PSR-2 formatting 8 years ago			`function users_controller()`
			`{`
			`global $user;`
Formatting 8 years ago
			`if (!isset($user)) {`
PSR-2 formatting 8 years ago			`redirect(page_link_to(''));`
			`}`
Formatting 8 years ago
			`if (!isset($_REQUEST['action'])) {`
PSR-2 formatting 8 years ago			`$_REQUEST['action'] = 'list';`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`switch ($_REQUEST['action']) {`
Formatting 8 years ago			`case 'view':`
			`return user_controller();`
			`case 'delete':`
			`return user_delete_controller();`
			`case 'edit_vouchers':`
			`return user_edit_vouchers_controller();`
PPHDoc, formatting, fixes, cleanup 8 years ago			`case 'list':`
			`default:`
			`return users_list_controller();`
Formatting 8 years ago			`}`
add basic bootstrap theme 10 years ago			`}`

add a more secure way to delete users containing a password request 9 years ago			`/**`
			`* Delete a user, requires to enter own password for reasons.`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return array`
add a more secure way to delete users containing a password request 9 years ago			`*/`
PSR-2 formatting 8 years ago			`function user_delete_controller()`
			`{`
			`global $privileges, $user;`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if (isset($_REQUEST['user_id'])) {`
			`$user_source = User($_REQUEST['user_id']);`
			`} else {`
			`$user_source = $user;`
			`}`
Formatting 8 years ago
			`if (!in_array('admin_user', $privileges)) {`
PSR-2 formatting 8 years ago			`redirect(page_link_to(''));`
			`}`
Formatting 8 years ago
			`// You cannot delete yourself`
			`if ($user['UID'] == $user_source['UID']) {`
Replaced " with ' 8 years ago			`error(_('You cannot delete yourself.'));`
Formatting 8 years ago			`redirect(user_link($user));`
			`}`

PSR-2 formatting 8 years ago			`if (isset($_REQUEST['submit'])) {`
			`$valid = true;`
Formatting 8 years ago
			`if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],`
			`$user['UID']))`
			`) {`
PSR-2 formatting 8 years ago			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('Your password is incorrect. Please try it again.'));`
PSR-2 formatting 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if ($valid) {`
			`$result = User_delete($user_source['UID']);`
			`if ($result === false) {`
			`engelsystem_error('Unable to delete user.');`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`mail_user_delete($user_source);`
Replaced " with ' 8 years ago			`success(_('User deleted.'));`
			`engelsystem_log(sprintf('Deleted %s', User_Nick_render($user_source)));`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`redirect(users_link());`
			`}`
add a more secure way to delete users containing a password request 9 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return [`
Replaced " with ' 8 years ago			`sprintf(_('Delete %s'), $user_source['Nick']),`
Formatting 8 years ago			`User_delete_view($user_source)`
			`];`
add a more secure way to delete users containing a password request 9 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 8 years ago			`function users_link()`
			`{`
			`return page_link_to('users');`
begin cleanup of user edit 10 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @param array $user`
			`* @return string`
			`*/`
PSR-2 formatting 8 years ago			`function user_edit_link($user)`
			`{`
			`return page_link_to('admin_user') . '&user_id=' . $user['UID'];`
add a more secure way to delete users containing a password request 9 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @param array $user`
			`* @return string`
			`*/`
PSR-2 formatting 8 years ago			`function user_delete_link($user)`
			`{`
			`return page_link_to('users') . '&action=delete&user_id=' . $user['UID'];`
add a more secure way to delete users containing a password request 9 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @param array $user`
			`* @return string`
			`*/`
PSR-2 formatting 8 years ago			`function user_link($user)`
			`{`
			`return page_link_to('users') . '&action=view&user_id=' . $user['UID'];`
user voucher feature 10 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @return array`
			`*/`
PSR-2 formatting 8 years ago			`function user_edit_vouchers_controller()`
			`{`
			`global $privileges, $user;`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if (isset($_REQUEST['user_id'])) {`
			`$user_source = User($_REQUEST['user_id']);`
			`} else {`
			`$user_source = $user;`
			`}`
Formatting 8 years ago
			`if (!in_array('admin_user', $privileges)) {`
PSR-2 formatting 8 years ago			`redirect(page_link_to(''));`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if (isset($_REQUEST['submit'])) {`
			`$valid = true;`
Formatting 8 years ago
PPHDoc, formatting, fixes, cleanup 8 years ago			`$vouchers = '';`
PSR-2 formatting 8 years ago			`if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {`
			`$vouchers = trim($_REQUEST['vouchers']);`
			`} else {`
			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('Please enter a valid number of vouchers.'));`
PSR-2 formatting 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if ($valid) {`
			`$user_source['got_voucher'] = $vouchers;`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$result = User_update($user_source);`
			`if ($result === false) {`
			`engelsystem_error('Unable to update user.');`
			`}`
Formatting 8 years ago
Replaced " with ' 8 years ago			`success(_('Saved the number of vouchers.'));`
			`engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf('Got %s vouchers',`
Formatting 8 years ago			`$user_source['got_voucher']));`

PSR-2 formatting 8 years ago			`redirect(user_link($user_source));`
			`}`
make multiple vouchers possible 9 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return [`
Replaced " with ' 8 years ago			`sprintf(_('%s\'s vouchers'), $user_source['Nick']),`
Formatting 8 years ago			`User_edit_vouchers_view($user_source)`
			`];`
user voucher feature 10 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @return array`
			`*/`
PSR-2 formatting 8 years ago			`function user_controller()`
			`{`
			`global $privileges, $user;`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$user_source = $user;`
			`if (isset($_REQUEST['user_id'])) {`
			`$user_source = User($_REQUEST['user_id']);`
			`if ($user_source == null) {`
Replaced " with ' 8 years ago			`error(_('User not found.'));`
PSR-2 formatting 8 years ago			`redirect('?');`
			`}`
fix user result check on user controller 9 years ago			`}`
Formatting 8 years ago
Replaced " with ' 8 years ago			`$shifts = Shifts_by_user($user_source, in_array('user_shifts_admin', $privileges));`
PSR-2 formatting 8 years ago			`foreach ($shifts as &$shift) {`
			`// TODO: Move queries to model`
Changed from mysqli to PDO, some refactorings, faster sql queries 8 years ago			`$shift['needed_angeltypes'] = DB::select('`
PPHDoc, formatting, fixes, cleanup 8 years ago			SELECT DISTINCT `AngelTypes`.*
			FROM `ShiftEntry`
			JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
Changed from mysqli to PDO, some refactorings, faster sql queries 8 years ago			WHERE `ShiftEntry`.`SID` = ?
PPHDoc, formatting, fixes, cleanup 8 years ago			ORDER BY `AngelTypes`.`name`
Changed from mysqli to PDO, some refactorings, faster sql queries 8 years ago			`',`
			`[$shift['SID']]`
			`);`
PSR-2 formatting 8 years ago			`foreach ($shift['needed_angeltypes'] as &$needed_angeltype) {`
Changed from mysqli to PDO, some refactorings, faster sql queries 8 years ago			`$needed_angeltype['users'] = DB::select('`
			SELECT `ShiftEntry`.`freeloaded`, `User`.*
			FROM `ShiftEntry`
			JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
			WHERE `ShiftEntry`.`SID` = ?
			AND `ShiftEntry`.`TID` = ?
			`',`
			`[$shift['SID'], $needed_angeltype['id']]`
			`);`
PSR-2 formatting 8 years ago			`}`
add user view, better bootstrap 10 years ago			`}`
Formatting 8 years ago
Replaced " with ' 8 years ago			`if ($user_source['api_key'] == '') {`
PSR-2 formatting 8 years ago			`User_reset_api_key($user_source, false);`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return [`
Formatting 8 years ago			`$user_source['Nick'],`
			`User_view(`
			`$user_source,`
			`in_array('admin_user', $privileges),`
			`User_is_freeloader($user_source),`
			`User_angeltypes($user_source),`
			`User_groups($user_source),`
			`$shifts,`
			`$user['UID'] == $user_source['UID']`
			`)`
			`];`
add basic bootstrap theme 10 years ago			`}`

clear up mvc for user list 10 years ago			`/**`
			`* List all users.`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return array`
clear up mvc for user list 10 years ago			`*/`
PSR-2 formatting 8 years ago			`function users_list_controller()`
			`{`
			`global $privileges;`
Formatting 8 years ago
			`if (!in_array('admin_user', $privileges)) {`
PSR-2 formatting 8 years ago			`redirect(page_link_to(''));`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$order_by = 'Nick';`
			`if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) {`
			`$order_by = $_REQUEST['OrderBy'];`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$users = Users($order_by);`
			`if ($users === false) {`
			`engelsystem_error('Unable to load users.');`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`foreach ($users as &$user) {`
			`$user['freeloads'] = count(ShiftEntries_freeloaded_by_user($user));`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return [`
Formatting 8 years ago			`_('All users'),`
			`Users_view(`
			`$users,`
			`$order_by,`
			`User_arrived_count(),`
			`User_active_count(),`
			`User_force_active_count(),`
			`ShiftEntries_freeleaded_count(),`
			`User_tshirts_count(),`
			`User_got_voucher_count()`
			`)`
			`];`
add basic bootstrap theme 10 years ago			`}`

			`/**`
reduce complexity of password recovery controller 8 years ago			`* Second step of password recovery: set a new password using the token link from email`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return string`
user password recovery 11 years ago			`*/`
PSR-2 formatting 8 years ago			`function user_password_recovery_set_new_controller()`
			`{`
			`$user_source = User_by_password_recovery_token($_REQUEST['token']);`
			`if ($user_source == null) {`
Replaced " with ' 8 years ago			`error(_('Token is not correct.'));`
PSR-2 formatting 8 years ago			`redirect(page_link_to('login'));`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if (isset($_REQUEST['submit'])) {`
			`$valid = true;`
Fixed "Constant already defined" notice Added more ugly global variables 8 years ago
Refactoring: Config cleanup / moved to class 8 years ago			`if (`
			`isset($_REQUEST['password'])`
			`&& strlen($_REQUEST['password']) >= config('min_password_length')`
			`) {`
PSR-2 formatting 8 years ago			`if ($_REQUEST['password'] != $_REQUEST['password2']) {`
			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('Your passwords don\'t match.'));`
PSR-2 formatting 8 years ago			`}`
			`} else {`
			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('Your password is to short (please use at least 6 characters).'));`
PSR-2 formatting 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if ($valid) {`
			`set_password($user_source['UID'], $_REQUEST['password']);`
Replaced " with ' 8 years ago			`success(_('Password saved.'));`
PSR-2 formatting 8 years ago			`redirect(page_link_to('login'));`
			`}`
reduce complexity of password recovery controller 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return User_password_set_view();`
reduce complexity of password recovery controller 8 years ago			`}`

			`/**`
			`* First step of password recovery: display a form that asks for your email and send email with recovery link`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return string`
reduce complexity of password recovery controller 8 years ago			`*/`
PSR-2 formatting 8 years ago			`function user_password_recovery_start_controller()`
			`{`
			`if (isset($_REQUEST['submit'])) {`
			`$valid = true;`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) {`
			`$email = strip_request_item('email');`
			`if (check_email($email)) {`
			`$user_source = User_by_email($email);`
			`if ($user_source == null) {`
			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('E-mail address is not correct.'));`
PSR-2 formatting 8 years ago			`}`
			`} else {`
			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('E-mail address is not correct.'));`
PSR-2 formatting 8 years ago			`}`
			`} else {`
			`$valid = false;`
Replaced " with ' 8 years ago			`error(_('Please enter your e-mail.'));`
user password recovery 11 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if ($valid) {`
			`$token = User_generate_password_recovery_token($user_source);`
Formatting 8 years ago			`engelsystem_email_to_user(`
			`$user_source,`
Replaced " with ' 8 years ago			`_('Password recovery'),`
Formatting 8 years ago			`sprintf(`
Replaced " with ' 8 years ago			`_('Please visit %s to recover your password.'),`
Formatting 8 years ago			`page_link_to_absolute('user_password_recovery') . '&token=' . $token`
			`)`
			`);`
Replaced " with ' 8 years ago			`success(_('We sent an email containing your password recovery link.'));`
PSR-2 formatting 8 years ago			`redirect(page_link_to('login'));`
			`}`
reduce complexity of password recovery controller 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return User_password_recovery_view();`
reduce complexity of password recovery controller 8 years ago			`}`

			`/**`
			`* User password recovery in 2 steps.`
			`* (By email)`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return string`
reduce complexity of password recovery controller 8 years ago			`*/`
PSR-2 formatting 8 years ago			`function user_password_recovery_controller()`
			`{`
			`if (isset($_REQUEST['token'])) {`
			`return user_password_recovery_set_new_controller();`
			`}`
PPHDoc, formatting, fixes, cleanup 8 years ago
			`return user_password_recovery_start_controller();`
user password recovery 11 years ago			`}`

controller comments 11 years ago			`/**`
			`* Menu title for password recovery.`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* @return string`
controller comments 11 years ago			`*/`
PSR-2 formatting 8 years ago			`function user_password_recovery_title()`
			`{`
Replaced " with ' 8 years ago			`return _('Password recovery');`
user password recovery 11 years ago			`}`

simplify user_angeltype_add_controller 8 years ago			`/**`
			`* Loads a user from param user_id.`
PPHDoc, formatting, fixes, cleanup 8 years ago			`*`
			`* return array`
simplify user_angeltype_add_controller 8 years ago			`*/`
PSR-2 formatting 8 years ago			`function load_user()`
			`{`
Formatting 8 years ago			`if (!isset($_REQUEST['user_id'])) {`
PSR-2 formatting 8 years ago			`redirect(page_link_to());`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$user = User($_REQUEST['user_id']);`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`if ($user == null) {`
Replaced " with ' 8 years ago			`error(_('User doesn\'t exist.'));`
PSR-2 formatting 8 years ago			`redirect(page_link_to());`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return $user;`
simplify user_angeltype_add_controller 8 years ago			`}`

PPHDoc, formatting, fixes, cleanup 8 years ago			`/**`
			`* @param ShiftsFilter $shiftsFilter`
			`* @return ShiftCalendarRenderer`
			`*/`
PSR-2 formatting 8 years ago			`function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter)`
			`{`
			`$shifts = Shifts_by_ShiftsFilter($shiftsFilter);`
			`$needed_angeltypes_source = NeededAngeltypes_by_ShiftsFilter($shiftsFilter);`
			`$shift_entries_source = ShiftEntries_by_ShiftsFilter($shiftsFilter);`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$needed_angeltypes = [];`
			`$shift_entries = [];`
			`foreach ($shifts as $shift) {`
			`$needed_angeltypes[$shift['SID']] = [];`
			`$shift_entries[$shift['SID']] = [];`
bring back filtering by occupancy 8 years ago			`}`
PSR-2 formatting 8 years ago			`foreach ($shift_entries_source as $shift_entry) {`
			`if (isset($shift_entries[$shift_entry['SID']])) {`
			`$shift_entries[$shift_entry['SID']][] = $shift_entry;`
			`}`
bring back filtering by occupancy 8 years ago			`}`
PSR-2 formatting 8 years ago			`foreach ($needed_angeltypes_source as $needed_angeltype) {`
			`if (isset($needed_angeltypes[$needed_angeltype['SID']])) {`
			`$needed_angeltypes[$needed_angeltype['SID']][] = $needed_angeltype;`
bring back filtering by occupancy 8 years ago			`}`
bring back filtering by occupancy 8 years ago			`}`
PSR-2 formatting 8 years ago			`unset($needed_angeltypes_source);`
			`unset($shift_entries_source);`
Formatting 8 years ago
			`if (`
			`in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled())`
			`&& in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())`
			`) {`
PSR-2 formatting 8 years ago			`return new ShiftCalendarRenderer($shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);`
bring back filtering by occupancy 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$filtered_shifts = [];`
			`foreach ($shifts as $shift) {`
			`$needed_angels_count = 0;`
PPHDoc, formatting, fixes, cleanup 8 years ago			`$taken = 0;`
PSR-2 formatting 8 years ago			`foreach ($needed_angeltypes[$shift['SID']] as $needed_angeltype) {`
			`$taken = 0;`
			`foreach ($shift_entries[$shift['SID']] as $shift_entry) {`
			`if ($needed_angeltype['angel_type_id'] == $shift_entry['TID'] && $shift_entry['freeloaded'] == 0) {`
Formatting 8 years ago			`$taken++;`
PSR-2 formatting 8 years ago			`}`
			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`$needed_angels_count += max(0, $needed_angeltype['count'] - $taken);`
			`}`
			`if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && $taken < $needed_angels_count) {`
			`$filtered_shifts[] = $shift;`
			`}`
			`if (in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled()) && $taken >= $needed_angels_count) {`
			`$filtered_shifts[] = $shift;`
			`}`
bring back filtering by occupancy 8 years ago			`}`
Formatting 8 years ago
PSR-2 formatting 8 years ago			`return new ShiftCalendarRenderer($filtered_shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);`
move data sorting to begin 8 years ago			`}`