diff --git a/README.md b/README.md index fdd20df7..30c52039 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Please visit https://engelsystem.de for a feature list. ## Installation ### Requirements: - * PHP >= 5.6.4, PHP >= 7.0.0 recommended + * PHP >= 7.0.0 * MySQL-Server >= 5.5.x * Webserver, i.e. lighttpd, nginx, or Apache diff --git a/composer.json b/composer.json index d2e0108b..45dce626 100644 --- a/composer.json +++ b/composer.json @@ -14,12 +14,13 @@ } ], "require": { - "php": ">=5.6.4", + "php": ">=7.0.0", "erusev/parsedown": "1.6.*", - "twbs/bootstrap": "^3.3" + "twbs/bootstrap": "^3.3", + "symfony/http-foundation": "^3.3" }, "require-dev": { - "phpunit/phpunit": "^6.2" + "phpunit/phpunit": "^6.3" }, "autoload": { "psr-4": { diff --git a/config/config.default.php b/config/config.default.php index ffa030db..419b02d1 100644 --- a/config/config.default.php +++ b/config/config.default.php @@ -4,7 +4,7 @@ return [ // MySQL-Connection Settings - 'database' => [ + 'database' => [ 'host' => 'localhost', 'user' => 'root', 'pw' => '', @@ -12,28 +12,28 @@ return [ ], // For accessing stats - 'api_key' => '', + 'api_key' => '', // Enable maintenance mode (show a static page) - 'maintenance' => false, + 'maintenance' => false, // Set to development to enable debugging messages - 'environment' => 'production', + 'environment' => 'production', // URL to the angel faq and job description - 'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers', + 'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers', // Contact email address, linked on every page - 'contact_email' => 'mailto:ticket@c3heaven.de', + 'contact_email' => 'mailto:ticket@c3heaven.de', // From address of all emails - 'no_reply_email' => 'noreply@engelsystem.de', + 'no_reply_email' => 'noreply@engelsystem.de', // Default theme, 1=style1.css - 'theme' => 1, + 'theme' => 1, // Available themes - 'available_themes' => [ + 'available_themes' => [ '4' => 'Engelsystem 33c3 (2016)', '3' => 'Engelsystem 32c3 (2015)', '2' => 'Engelsystem cccamp15', @@ -42,10 +42,13 @@ return [ ], // Number of News shown on one site - 'display_news' => 6, + 'display_news' => 6, + + // Only arrived angels can sign up for shifts + 'signup_requires_arrival' => false, // Anzahl Stunden bis zum Austragen eigener Schichten - 'last_unsubscribe' => 3, + 'last_unsubscribe' => 3, // Setzt den zu verwendenden Crypto-Algorithmus (entsprechend der Dokumentation von crypt()). // Falls ein Benutzerpasswort in einem anderen Format gespeichert ist, @@ -55,7 +58,7 @@ return [ // Blowfish '$2y$13' // SHA-256 '$5$rounds=5000' // SHA-512 '$6$rounds=5000' - 'crypt_alg' => '$6$rounds=5000', // SHA-512 + 'crypt_alg' => '$6$rounds=5000', 'min_password_length' => 8, diff --git a/db/update.sql b/db/update.sql index dd203a86..5d93e230 100644 --- a/db/update.sql +++ b/db/update.sql @@ -8,19 +8,23 @@ ALTER TABLE `User` ADD COLUMN `email_by_human_allowed` BOOLEAN NOT NULL; -- No Self Sign Up for some Angel Types ALTER TABLE AngelTypes ADD no_self_signup TINYINT(1) NOT NULL; -ALTER TABLE `AngelTypes` - ADD `contact_user_id` INT NULL, - ADD `contact_name` VARCHAR(250) NULL, - ADD `contact_dect` VARCHAR(5) NULL, - ADD `contact_email` VARCHAR(250) NULL, +ALTER TABLE `AngelTypes` + ADD `contact_user_id` INT NULL, + ADD `contact_name` VARCHAR(250) NULL, + ADD `contact_dect` VARCHAR(5) NULL, + ADD `contact_email` VARCHAR(250) NULL, ADD INDEX (`contact_user_id`); -ALTER TABLE `AngelTypes` +ALTER TABLE `AngelTypes` ADD FOREIGN KEY (`contact_user_id`) REFERENCES `User`(`UID`) ON DELETE SET NULL ON UPDATE CASCADE; - INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (NULL, 'shiftentry_edit_angeltype_supporter', 'If user with this privilege is angeltype supporter, he can put users in shifts for their angeltype'); - -- DB Performance ALTER TABLE `Shifts` ADD INDEX(`start`); -ALTER TABLE `NeededAngelTypes` ADD INDEX(`count`); \ No newline at end of file +ALTER TABLE `NeededAngelTypes` ADD INDEX(`count`); + +-- Security +UPDATE `Groups` SET UID = UID * 10; +INSERT INTO `Groups` (Name, UID) VALUES ('News Admin', -65); +INSERT INTO `Privileges` (id, name, `desc`) VALUES (42, 'admin_news_html', 'Use HTML in news'); +INSERT INTO `GroupPrivileges` (group_id, privilege_id) VALUES (-65, 14), (-65, 42); diff --git a/includes/autoload.php b/includes/autoload.php new file mode 100644 index 00000000..f51f89e4 --- /dev/null +++ b/includes/autoload.php @@ -0,0 +1,9 @@ + 'view', 'angeltype_id' => $angeltype_id]); } /** @@ -127,7 +127,7 @@ function angeltype_edit_controller() if (!$supporter_mode) { if ($request->has('name')) { - $result = AngelType_validate_name($request->input('name'), $angeltype); + $result = AngelType_validate_name($request->postData('name'), $angeltype); $angeltype['name'] = $result->getValue(); if (!$result->isValid()) { $valid = false; @@ -211,17 +211,21 @@ function angeltypes_list_controller() foreach ($angeltypes as &$angeltype) { $actions = [ - button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('view'), 'btn-xs') + button( + page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]), + _('view'), + 'btn-xs' + ) ]; if (in_array('admin_angel_types', $privileges)) { $actions[] = button( - page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], + page_link_to('angeltypes', ['action' => 'edit', 'angeltype_id' => $angeltype['id']]), _('edit'), 'btn-xs' ); $actions[] = button( - page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], + page_link_to('angeltypes', ['action' => 'delete', 'angeltype_id' => $angeltype['id']]), _('delete'), 'btn-xs' ); @@ -230,13 +234,15 @@ function angeltypes_list_controller() $angeltype['membership'] = AngelType_render_membership($angeltype); if ($angeltype['user_angeltype_id'] != null) { $actions[] = button( - page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], + page_link_to('user_angeltypes', + ['action' => 'delete', 'user_angeltype_id' => $angeltype['user_angeltype_id']] + ), _('leave'), 'btn-xs' ); } else { $actions[] = button( - page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], + page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]), _('join'), 'btn-xs' ); @@ -245,7 +251,11 @@ function angeltypes_list_controller() $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : ''; $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share'); - $angeltype['name'] = '' . $angeltype['name'] . ''; + $angeltype['name'] = '' + . $angeltype['name'] + . ''; $angeltype['actions'] = table_buttons($actions); } diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php index 6d0864ae..d6da9709 100644 --- a/includes/controller/rooms_controller.php +++ b/includes/controller/rooms_controller.php @@ -1,4 +1,5 @@ 'view', 'room_id' => $room['RID']]); } /** @@ -97,7 +98,7 @@ function room_link($room) */ function room_edit_link($room) { - return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID']; + return page_link_to('admin_rooms', ['show' => 'edit', 'id' => $room['RID']]); } /** diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index 72189869..150db2e9 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -13,7 +13,7 @@ function shift_entry_add_controller() $request = request(); $shift_id = 0; - if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) { + if ($request->has('shift_id') && preg_match('/^\d+$/', $request->input('shift_id'))) { $shift_id = $request->input('shift_id'); } else { redirect(page_link_to('user_shifts')); @@ -27,13 +27,13 @@ function shift_entry_add_controller() } $shift = Shift($shift_id); - $shift['Name'] = $room_array[$shift['RID']]; if ($shift == null) { redirect(page_link_to('user_shifts')); } + $shift['Name'] = $room_array[$shift['RID']]; $type_id = 0; - if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) { + if ($request->has('type_id') && preg_match('/^\d+$/', $request->input('type_id'))) { $type_id = $request->input('type_id'); } else { redirect(page_link_to('user_shifts')); @@ -64,7 +64,7 @@ function shift_entry_add_controller() if ( $request->has('user_id') - && preg_match('/^\d*$/', $request->input('user_id')) + && preg_match('/^\d+$/', $request->input('user_id')) && ( in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges) diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index 96f12baa..70011821 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -1,4 +1,5 @@ 'view']; if (isset($shift['SID'])) { - $link .= '&shift_id=' . $shift['SID']; + $parameters['shift_id'] = $shift['SID']; } + + $link = page_link_to('shifts', $parameters); + return $link; } @@ -20,7 +24,7 @@ function shift_link($shift) */ function shift_delete_link($shift) { - return page_link_to('user_shifts') . '&delete_shift=' . $shift['SID']; + return page_link_to('user_shifts', ['delete_shift' => $shift['SID']]); } /** @@ -29,7 +33,7 @@ function shift_delete_link($shift) */ function shift_edit_link($shift) { - return page_link_to('user_shifts') . '&edit_shift=' . $shift['SID']; + return page_link_to('user_shifts', ['edit_shift' => $shift['SID']]); } /** @@ -61,7 +65,7 @@ function shift_edit_controller() $angeltypes = select_array(AngelTypes(), 'id', 'name'); $shifttypes = select_array(ShiftTypes(), 'id', 'name'); - $needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'id', 'count'); + $needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'angel_type_id', 'count'); foreach (array_keys($angeltypes) as $angeltype_id) { if (!isset($needed_angel_types[$angeltype_id])) { $needed_angel_types[$angeltype_id] = 0; @@ -116,15 +120,20 @@ function shift_edit_controller() $msg .= error(_('The ending time has to be after the starting time.'), true); } - foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) { - if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) { - $needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id)); - } else { - $valid = false; - $msg .= error(sprintf( - _('Please check your input for needed angels of type %s.'), - $needed_angeltype_name - ), true); + foreach ($needed_angel_types as $needed_angeltype_id => $count) { + $needed_angel_types[$needed_angeltype_id] = 0; + + $queryKey = 'type_' . $needed_angeltype_id; + if ($request->has($queryKey)) { + if (test_request_int($queryKey)) { + $needed_angel_types[$needed_angeltype_id] = trim($request->input($queryKey)); + } else { + $valid = false; + $msg .= error(sprintf( + _('Please check your input for needed angels of type %s.'), + $angeltypes[$needed_angeltype_id] + ), true); + } } } @@ -195,7 +204,7 @@ function shift_delete_controller() } // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg) - if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) { + if (!$request->has('delete_shift') || !preg_match('/^\d+$/', $request->input('delete_shift'))) { redirect(page_link_to('user_shifts')); } $shift_id = $request->input('delete_shift'); @@ -225,7 +234,9 @@ function shift_delete_controller() date('Y-m-d H:i', $shift['start']), date('H:i', $shift['end']) ), true), - '' . _('delete') . '' + '' . _('delete') . '' ]); } @@ -308,8 +319,6 @@ function shifts_controller() /** * Redirects the user to his next shift. - * - * @return false */ function shift_next_controller() { diff --git a/includes/controller/shifttypes_controller.php b/includes/controller/shifttypes_controller.php index 9cf292ee..4e7cd92c 100644 --- a/includes/controller/shifttypes_controller.php +++ b/includes/controller/shifttypes_controller.php @@ -6,7 +6,7 @@ */ function shifttype_link($shifttype) { - return page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id']; + return page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype['id']]); } /** @@ -100,7 +100,7 @@ function shifttype_edit_controller() engelsystem_log('Created shifttype ' . $name); success(_('Created shifttype.')); } - redirect(page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype_id); + redirect(page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype_id])); } } diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php index f212716d..fa4f5777 100644 --- a/includes/controller/user_angeltypes_controller.php +++ b/includes/controller/user_angeltypes_controller.php @@ -17,8 +17,7 @@ function user_angeltypes_unconfirmed_hint() $unconfirmed_links = []; foreach ($unconfirmed_user_angeltypes as $user_angeltype) { $unconfirmed_links[] = '' . $user_angeltype['name'] . ' (+' . $user_angeltype['count'] . ')' . ''; @@ -61,7 +60,7 @@ function user_angeltypes_delete_all_controller() engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype))); success(sprintf(_('Denied all users for angeltype %s.'), AngelType_name_render($angeltype))); - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -107,7 +106,7 @@ function user_angeltypes_confirm_all_controller() engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype))); success(sprintf(_('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype))); - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -167,7 +166,7 @@ function user_angeltype_confirm_controller() User_Nick_render($user_source), AngelType_name_render($angeltype) )); - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -221,7 +220,7 @@ function user_angeltype_delete_controller() engelsystem_log($success_message); success($success_message); - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -287,7 +286,7 @@ function user_angeltype_update_controller() engelsystem_log($success_message); success($success_message); - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -341,7 +340,7 @@ function user_angeltype_add_controller() AngelType_name_render($angeltype) )); - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } } @@ -383,7 +382,7 @@ function user_angeltype_join_controller($angeltype) )); } - redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); + redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ diff --git a/includes/controller/user_driver_licenses_controller.php b/includes/controller/user_driver_licenses_controller.php index fef278dd..3db31eff 100644 --- a/includes/controller/user_driver_licenses_controller.php +++ b/includes/controller/user_driver_licenses_controller.php @@ -63,7 +63,7 @@ function user_driver_license_edit_link($user = null) if ($user == null) { return page_link_to('user_driver_licenses'); } - return page_link_to('user_driver_licenses') . '&user_id=' . $user['UID']; + return page_link_to('user_driver_licenses', ['user_id' => $user['UID']]); } /** diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 832d93f0..e8cb1b27 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -47,7 +47,7 @@ function user_delete_controller() $request = request(); if ($request->has('user_id')) { - $user_source = User($request->get('user_id')); + $user_source = User($request->query->get('user_id')); } else { $user_source = $user; } @@ -68,7 +68,7 @@ function user_delete_controller() if ( !( $request->has('password') - && verify_password($request->post('password'), $user['Passwort'], $user['UID']) + && verify_password($request->postData('password'), $user['Passwort'], $user['UID']) ) ) { $valid = false; @@ -106,7 +106,7 @@ function users_link() */ function user_edit_link($user) { - return page_link_to('admin_user') . '&user_id=' . $user['UID']; + return page_link_to('admin_user', ['user_id' => $user['UID']]); } /** @@ -115,7 +115,7 @@ function user_edit_link($user) */ function user_delete_link($user) { - return page_link_to('users') . '&action=delete&user_id=' . $user['UID']; + return page_link_to('users', ['action' => 'delete', 'user_id' => $user['UID']]); } /** @@ -124,7 +124,7 @@ function user_delete_link($user) */ function user_link($user) { - return page_link_to('users') . '&action=view&user_id=' . $user['UID']; + return page_link_to('users', ['action' => 'view', 'user_id' => $user['UID']]); } /** @@ -297,9 +297,9 @@ function user_password_recovery_set_new_controller() if ( $request->has('password') - && strlen($request->post('password')) >= config('min_password_length') + && strlen($request->postData('password')) >= config('min_password_length') ) { - if ($request->post('password') != $request->post('password2')) { + if ($request->postData('password') != $request->postData('password2')) { $valid = false; error(_('Your passwords don\'t match.')); } @@ -309,7 +309,7 @@ function user_password_recovery_set_new_controller() } if ($valid) { - set_password($user_source['UID'], $request->post('password')); + set_password($user_source['UID'], $request->postData('password')); success(_('Password saved.')); redirect(page_link_to('login')); } @@ -353,7 +353,7 @@ function user_password_recovery_start_controller() _('Password recovery'), sprintf( _('Please visit %s to recover your password.'), - page_link_to_absolute('user_password_recovery') . '&token=' . $token + page_link_to('user_password_recovery', ['token' => $token]) ) ); success(_('We sent an email containing your password recovery link.')); diff --git a/includes/engelsystem_provider.php b/includes/engelsystem_provider.php index ff682871..aed331d4 100644 --- a/includes/engelsystem_provider.php +++ b/includes/engelsystem_provider.php @@ -6,16 +6,13 @@ use Engelsystem\Exceptions\Handler as ExceptionHandler; use Engelsystem\Http\Request; use Engelsystem\Renderer\HtmlEngine; use Engelsystem\Renderer\Renderer; +use Symfony\Component\HttpFoundation\Session\Session; /** * This file includes all needed functions, connects to the db etc. */ -if (!is_readable(__DIR__ . '/../vendor/autoload.php')) { - die('Please run composer.phar install'); -} -require __DIR__ . '/../vendor/autoload.php'; - +require_once __DIR__ . '/autoload.php'; /** * Load configuration @@ -36,9 +33,10 @@ date_default_timezone_set($config->get('timezone')); /** * Initialize Request + * + * @var Request $request */ -$request = new Request(); -$request->create(); +$request = Request::createFromGlobals(); $request::setInstance($request); /** @@ -86,88 +84,95 @@ Db::getPdo()->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); /** * Include legacy code */ -require_once realpath(__DIR__ . '/../includes/sys_auth.php'); -require_once realpath(__DIR__ . '/../includes/sys_form.php'); -require_once realpath(__DIR__ . '/../includes/sys_log.php'); -require_once realpath(__DIR__ . '/../includes/sys_menu.php'); -require_once realpath(__DIR__ . '/../includes/sys_page.php'); -require_once realpath(__DIR__ . '/../includes/sys_template.php'); - -require_once realpath(__DIR__ . '/../includes/model/AngelType_model.php'); -require_once realpath(__DIR__ . '/../includes/model/EventConfig_model.php'); -require_once realpath(__DIR__ . '/../includes/model/LogEntries_model.php'); -require_once realpath(__DIR__ . '/../includes/model/Message_model.php'); -require_once realpath(__DIR__ . '/../includes/model/NeededAngelTypes_model.php'); -require_once realpath(__DIR__ . '/../includes/model/Room_model.php'); -require_once realpath(__DIR__ . '/../includes/model/ShiftEntry_model.php'); -require_once realpath(__DIR__ . '/../includes/model/Shifts_model.php'); -require_once realpath(__DIR__ . '/../includes/model/ShiftsFilter.php'); -require_once realpath(__DIR__ . '/../includes/model/ShiftSignupState.php'); -require_once realpath(__DIR__ . '/../includes/model/ShiftTypes_model.php'); -require_once realpath(__DIR__ . '/../includes/model/UserAngelTypes_model.php'); -require_once realpath(__DIR__ . '/../includes/model/UserDriverLicenses_model.php'); -require_once realpath(__DIR__ . '/../includes/model/UserGroups_model.php'); -require_once realpath(__DIR__ . '/../includes/model/User_model.php'); -require_once realpath(__DIR__ . '/../includes/model/ValidationResult.php'); - -require_once realpath(__DIR__ . '/../includes/view/AngelTypes_view.php'); -require_once realpath(__DIR__ . '/../includes/view/EventConfig_view.php'); -require_once realpath(__DIR__ . '/../includes/view/Questions_view.php'); -require_once realpath(__DIR__ . '/../includes/view/Rooms_view.php'); -require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarLane.php'); -require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarRenderer.php'); -require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarShiftRenderer.php'); -require_once realpath(__DIR__ . '/../includes/view/ShiftsFilterRenderer.php'); -require_once realpath(__DIR__ . '/../includes/view/Shifts_view.php'); -require_once realpath(__DIR__ . '/../includes/view/ShiftEntry_view.php'); -require_once realpath(__DIR__ . '/../includes/view/ShiftTypes_view.php'); -require_once realpath(__DIR__ . '/../includes/view/UserAngelTypes_view.php'); -require_once realpath(__DIR__ . '/../includes/view/UserDriverLicenses_view.php'); -require_once realpath(__DIR__ . '/../includes/view/UserHintsRenderer.php'); -require_once realpath(__DIR__ . '/../includes/view/User_view.php'); - -require_once realpath(__DIR__ . '/../includes/controller/angeltypes_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/event_config_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/rooms_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/shift_entries_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/shifttypes_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/users_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/user_angeltypes_controller.php'); -require_once realpath(__DIR__ . '/../includes/controller/user_driver_licenses_controller.php'); - -require_once realpath(__DIR__ . '/../includes/helper/graph_helper.php'); -require_once realpath(__DIR__ . '/../includes/helper/internationalization_helper.php'); -require_once realpath(__DIR__ . '/../includes/helper/message_helper.php'); -require_once realpath(__DIR__ . '/../includes/helper/error_helper.php'); -require_once realpath(__DIR__ . '/../includes/helper/email_helper.php'); - -require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php'); -require_once realpath(__DIR__ . '/../includes/mailer/users_mailer.php'); - -require_once realpath(__DIR__ . '/../includes/pages/admin_active.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_arrive.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_free.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_groups.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_import.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_log.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_questions.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_rooms.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_shifts.php'); -require_once realpath(__DIR__ . '/../includes/pages/admin_user.php'); -require_once realpath(__DIR__ . '/../includes/pages/guest_login.php'); -require_once realpath(__DIR__ . '/../includes/pages/user_messages.php'); -require_once realpath(__DIR__ . '/../includes/pages/user_myshifts.php'); -require_once realpath(__DIR__ . '/../includes/pages/user_news.php'); -require_once realpath(__DIR__ . '/../includes/pages/user_questions.php'); -require_once realpath(__DIR__ . '/../includes/pages/user_settings.php'); -require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php'); +$includeFiles = [ + __DIR__ . '/../includes/sys_auth.php', + __DIR__ . '/../includes/sys_form.php', + __DIR__ . '/../includes/sys_log.php', + __DIR__ . '/../includes/sys_menu.php', + __DIR__ . '/../includes/sys_page.php', + __DIR__ . '/../includes/sys_template.php', + + __DIR__ . '/../includes/model/AngelType_model.php', + __DIR__ . '/../includes/model/EventConfig_model.php', + __DIR__ . '/../includes/model/LogEntries_model.php', + __DIR__ . '/../includes/model/Message_model.php', + __DIR__ . '/../includes/model/NeededAngelTypes_model.php', + __DIR__ . '/../includes/model/Room_model.php', + __DIR__ . '/../includes/model/ShiftEntry_model.php', + __DIR__ . '/../includes/model/Shifts_model.php', + __DIR__ . '/../includes/model/ShiftsFilter.php', + __DIR__ . '/../includes/model/ShiftSignupState.php', + __DIR__ . '/../includes/model/ShiftTypes_model.php', + __DIR__ . '/../includes/model/UserAngelTypes_model.php', + __DIR__ . '/../includes/model/UserDriverLicenses_model.php', + __DIR__ . '/../includes/model/UserGroups_model.php', + __DIR__ . '/../includes/model/User_model.php', + __DIR__ . '/../includes/model/ValidationResult.php', + + __DIR__ . '/../includes/view/AngelTypes_view.php', + __DIR__ . '/../includes/view/EventConfig_view.php', + __DIR__ . '/../includes/view/Questions_view.php', + __DIR__ . '/../includes/view/Rooms_view.php', + __DIR__ . '/../includes/view/ShiftCalendarLane.php', + __DIR__ . '/../includes/view/ShiftCalendarRenderer.php', + __DIR__ . '/../includes/view/ShiftCalendarShiftRenderer.php', + __DIR__ . '/../includes/view/ShiftsFilterRenderer.php', + __DIR__ . '/../includes/view/Shifts_view.php', + __DIR__ . '/../includes/view/ShiftEntry_view.php', + __DIR__ . '/../includes/view/ShiftTypes_view.php', + __DIR__ . '/../includes/view/UserAngelTypes_view.php', + __DIR__ . '/../includes/view/UserDriverLicenses_view.php', + __DIR__ . '/../includes/view/UserHintsRenderer.php', + __DIR__ . '/../includes/view/User_view.php', + + __DIR__ . '/../includes/controller/angeltypes_controller.php', + __DIR__ . '/../includes/controller/event_config_controller.php', + __DIR__ . '/../includes/controller/rooms_controller.php', + __DIR__ . '/../includes/controller/shift_entries_controller.php', + __DIR__ . '/../includes/controller/shifts_controller.php', + __DIR__ . '/../includes/controller/shifttypes_controller.php', + __DIR__ . '/../includes/controller/users_controller.php', + __DIR__ . '/../includes/controller/user_angeltypes_controller.php', + __DIR__ . '/../includes/controller/user_driver_licenses_controller.php', + + __DIR__ . '/../includes/helper/graph_helper.php', + __DIR__ . '/../includes/helper/internationalization_helper.php', + __DIR__ . '/../includes/helper/message_helper.php', + __DIR__ . '/../includes/helper/error_helper.php', + __DIR__ . '/../includes/helper/email_helper.php', + + __DIR__ . '/../includes/mailer/shifts_mailer.php', + __DIR__ . '/../includes/mailer/users_mailer.php', + + __DIR__ . '/../includes/pages/admin_active.php', + __DIR__ . '/../includes/pages/admin_arrive.php', + __DIR__ . '/../includes/pages/admin_free.php', + __DIR__ . '/../includes/pages/admin_groups.php', + __DIR__ . '/../includes/pages/admin_import.php', + __DIR__ . '/../includes/pages/admin_log.php', + __DIR__ . '/../includes/pages/admin_questions.php', + __DIR__ . '/../includes/pages/admin_rooms.php', + __DIR__ . '/../includes/pages/admin_shifts.php', + __DIR__ . '/../includes/pages/admin_user.php', + __DIR__ . '/../includes/pages/guest_login.php', + __DIR__ . '/../includes/pages/user_messages.php', + __DIR__ . '/../includes/pages/user_myshifts.php', + __DIR__ . '/../includes/pages/user_news.php', + __DIR__ . '/../includes/pages/user_questions.php', + __DIR__ . '/../includes/pages/user_settings.php', + __DIR__ . '/../includes/pages/user_shifts.php', +]; +foreach ($includeFiles as $file) { + require_once realpath($file); +} /** * Init application */ -session_start(); +$session = new Session(); +$session->start(); +$request->setSession($session); gettext_init(); diff --git a/includes/helper/internationalization_helper.php b/includes/helper/internationalization_helper.php index d2dbcdbd..131941e9 100644 --- a/includes/helper/internationalization_helper.php +++ b/includes/helper/internationalization_helper.php @@ -1,5 +1,7 @@ get('locale'); } /** @@ -27,11 +29,12 @@ function gettext_init() { $locales = config('locales'); $request = request(); + $session = session(); if ($request->has('set_locale') && isset($locales[$request->input('set_locale')])) { - $_SESSION['locale'] = $request->input('set_locale'); - } elseif (!isset($_SESSION['locale'])) { - $_SESSION['locale'] = config('default_locale'); + $session->set('locale', $request->input('set_locale')); + } elseif (!$session->has('locale')) { + $session->set('locale', config('default_locale')); } gettext_locale(); @@ -48,7 +51,7 @@ function gettext_init() function gettext_locale($locale = null) { if ($locale == null) { - $locale = $_SESSION['locale']; + $locale = session()->get('locale'); } putenv('LC_ALL=' . $locale); @@ -62,14 +65,20 @@ function gettext_locale($locale = null) */ function make_langselect() { - $url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') > 0 ? '&' : '?') . 'set_locale='; + $request = Request::getInstance(); $items = []; foreach (config('locales') as $locale => $name) { + $url = url($request->getPathInfo(), ['set_locale' => $locale]); + $items[] = toolbar_item_link( - htmlspecialchars($url) . $locale, + htmlspecialchars($url), '', - ' ' . $name + sprintf( + ' %2$s', + url('pic/flag/' . $locale . '.png'), + $name + ) ); } return $items; diff --git a/includes/helper/message_helper.php b/includes/helper/message_helper.php index 1f429c27..4fa0efe3 100644 --- a/includes/helper/message_helper.php +++ b/includes/helper/message_helper.php @@ -7,12 +7,12 @@ */ function msg() { - if (!isset($_SESSION['msg'])) { - return ''; - } - $msg = $_SESSION['msg']; - $_SESSION['msg'] = ''; - return $msg; + $session = session(); + + $message = $session->get('msg', ''); + $session->set('msg', ''); + + return $message; } /** @@ -57,21 +57,23 @@ function success($msg, $immediately = false) * @param string $class * @param string $msg * @param bool $immediately - * @return string|null + * @return string */ function alert($class, $msg, $immediately = false) { + $session = session(); + + if (empty($msg)) { + return ''; + } + if ($immediately) { - if ($msg == '') { - return ''; - } return '