merge special_includes_camp
commit
3a31cebd1d
File diff suppressed because one or more lines are too long
@ -0,0 +1,6 @@
|
||||
config_db.php
|
||||
config_jabber.php
|
||||
config_modem.php
|
||||
config.php
|
||||
config_IAX.php
|
||||
config_MessegeServer.php
|
@ -1,6 +1,9 @@
|
||||
<?php
|
||||
include("funktion_db.php");
|
||||
|
||||
$con = mysql_connect("localhost", "root", "changeme") or die ("connection failed");
|
||||
$sel = mysql_select_db("tabel") or die (mysql_error());
|
||||
|
||||
// MySQL-Connection Settings
|
||||
$config['host'] = "localhost";
|
||||
$config['user'] = "root";
|
||||
$config['pw'] = "";
|
||||
$config['db'] = "engelsystem";
|
||||
?>
|
||||
|
@ -1,11 +1,10 @@
|
||||
<?PHP
|
||||
<?php
|
||||
// ist ein modem angeschlossen
|
||||
$ModemEnable = false;
|
||||
|
||||
//ist ein modem angeschlossen
|
||||
$ModemEnable = false;
|
||||
// COM port
|
||||
$ModemDev ="/dev/ttyS0";
|
||||
|
||||
// COM port
|
||||
$ModemDev="/dev/ttyS0";
|
||||
|
||||
// vorwahl, bei tnovis telefonanlage für das programmieren von weckrufen
|
||||
$WackupNumber="**3";
|
||||
// vorwahl, bei tnovis telefonanlage fuer das programmieren von weckrufen
|
||||
$WakeupNumber="**3";
|
||||
?>
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,102 +0,0 @@
|
||||
<?php
|
||||
|
||||
if( !isset($_SESSION['UID']))
|
||||
$_SESSION['UID'] = -1;
|
||||
|
||||
// CVS import Data
|
||||
$SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['UID'];
|
||||
$Erg_CVS = mysql_query($SQL_CVS, $con);
|
||||
$_SESSION['CVS'] = mysql_fetch_array($Erg_CVS);
|
||||
|
||||
|
||||
// Group import Data, if nesseary
|
||||
if( isset( $_SESSION['CVS'][ "GroupID" ]))
|
||||
{
|
||||
$SQL_GRP = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['CVS'][ "GroupID" ];
|
||||
$Erg_GRP = mysql_query($SQL_GRP, $con);
|
||||
$_SESSION['CVS_Group'] = mysql_fetch_array($Erg_GRP);
|
||||
|
||||
foreach( $_SESSION['CVS'] as $k => $v)
|
||||
{
|
||||
if($v=="G") // Right == Group
|
||||
$_SESSION['CVS'][$k] = $_SESSION['CVS_Group'][$k];
|
||||
}
|
||||
}
|
||||
|
||||
//pagename ermitteln
|
||||
$Page["Name"] = substr( $_SERVER['PHP_SELF'], strlen($ENGEL_ROOT) );
|
||||
|
||||
//recht für diese seite auslesen
|
||||
if( isset( $_SESSION['CVS'][ $Page["Name"] ]))
|
||||
$Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ];
|
||||
else
|
||||
{
|
||||
echo "SYSTEM ERROR: now right for ". $Page["Name"]. "exist";
|
||||
die;
|
||||
}
|
||||
|
||||
if( $DEBUG )
|
||||
{
|
||||
// foreach( $_SESSION as $k => $v)
|
||||
// echo "$k = $v<br>\n";
|
||||
echo "<pre>\$_SESSION:\n";
|
||||
print_r($_SESSION);
|
||||
echo "</pre>";
|
||||
|
||||
if( strlen($Page["CVS"]) == 0 )
|
||||
echo "<h1><u> CVS ERROR, on page '". $Page["Name"]. "'</u></h1>";
|
||||
else
|
||||
echo "CVS: ". $Page["Name"]. " => '". $Page["CVS"]. "'<br>";
|
||||
|
||||
}
|
||||
|
||||
function funktion_isLinkAllowed( $PageName)
|
||||
{
|
||||
global $_SESSION;
|
||||
|
||||
// separate page parameter
|
||||
$ParameterPos = strpos( $PageName, ".php?");
|
||||
if( $ParameterPos === FALSE)
|
||||
{
|
||||
$pName = $PageName;
|
||||
}
|
||||
else
|
||||
{
|
||||
$pName = substr( $PageName, 0, $ParameterPos + 4);
|
||||
}
|
||||
|
||||
// check rights
|
||||
if( (isset( $_SESSION['CVS'][ $pName ]) === TRUE) &&
|
||||
($_SESSION['CVS'][ $pName ] == "Y") )
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
function funktion_isLinkAllowed_addLink_OrLinkText( $PageName, $LinkText)
|
||||
{
|
||||
global $url, $ENGEL_ROOT;
|
||||
|
||||
if( funktion_isLinkAllowed( $PageName) === TRUE)
|
||||
{
|
||||
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
|
||||
}
|
||||
|
||||
return $LinkText;
|
||||
}
|
||||
|
||||
function funktion_isLinkAllowed_addLink_OrEmpty( $PageName, $LinkText)
|
||||
{
|
||||
global $url, $ENGEL_ROOT;
|
||||
|
||||
if( funktion_isLinkAllowed( $PageName) === TRUE)
|
||||
{
|
||||
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
|
||||
}
|
||||
|
||||
return "";
|
||||
}
|
||||
|
||||
?>
|
@ -1,8 +0,0 @@
|
||||
<?
|
||||
// Set the ip and port we will listen on
|
||||
define( SERVER_ADDRESS, "127.0.0.1" );
|
||||
define( SERVER_PORT, 9000 );
|
||||
|
||||
define( DEBUG, TRUE);
|
||||
|
||||
?>
|
@ -1,11 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
//ist ein modem angeschlossen
|
||||
$ModemEnable = false;
|
||||
|
||||
// COM port
|
||||
$ModemDev="/dev/ttyS0";
|
||||
|
||||
// vorwahl, bei tnovis telefonanlage für das programmieren von weckrufen
|
||||
$WackupNumber="**3";
|
||||
?>
|
@ -1,18 +0,0 @@
|
||||
<?php
|
||||
|
||||
|
||||
function PassCrypt($passwort) {
|
||||
include "config.php";
|
||||
|
||||
switch ($crypt_system) {
|
||||
case "crypt":
|
||||
return "{crypt}".crypt($passwort, "77");
|
||||
case "md5":
|
||||
return md5($passwort);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
?>
|
@ -1,57 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
?>
|
||||
|
||||
|
||||
|
||||
<!-- anfang des footers //-->
|
||||
|
||||
|
||||
|
||||
|
||||
<br>
|
||||
<p align="center">
|
||||
<?PHP If (IsSet($_SESSION['oldurl']))
|
||||
echo "<a href=\"". $_SESSION["oldurl"]. "\">".Get_Text("back")."</a> ";
|
||||
?>
|
||||
<a href="#top"><?PHP echo Get_Text("top"); ?></a>
|
||||
</p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
|
||||
|
||||
|
||||
|
||||
<!-- anfang des menue parts //-->
|
||||
<?PHP
|
||||
if( $_SESSION['Menu'] =="R") include("menu.php");
|
||||
?>
|
||||
</td>
|
||||
|
||||
|
||||
|
||||
<!-- ende des menue parts //-->
|
||||
|
||||
|
||||
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2">
|
||||
<h5 align="center"> © copyleft - <a href="mailto:erzengel@lists.ccc.de">Kontakt</a>
|
||||
<?PHP
|
||||
include( "funktion_counter.php");
|
||||
include( "funktion_flag.php");
|
||||
?></h5>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<!-- </div> -->
|
||||
<?php mysql_close($con); ?>
|
||||
</div>
|
||||
|
||||
|
||||
</BODY>
|
||||
</HTML>
|
@ -1,18 +1,14 @@
|
||||
<?php
|
||||
|
||||
|
||||
function SendData($Data)
|
||||
{
|
||||
include("config_MessegeServer.php");
|
||||
// Create a UDP socket
|
||||
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
|
||||
//send packed
|
||||
socket_sendto($sock, $Data, 9999, 0x4, SERVER_ADDRESS, SERVER_PORT);
|
||||
}
|
||||
|
||||
function SendMessageJabber($Adresse, $Nachricht)
|
||||
{
|
||||
SendData( "#message $Adresse $Nachricht");
|
||||
}
|
||||
|
||||
?>
|
||||
<?php
|
||||
function SendData($Data) {
|
||||
include "config_MessegeServer.php";
|
||||
// Create a UDP socket
|
||||
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
|
||||
|
||||
//send packed
|
||||
socket_sendto($sock, $Data, 9999, 0x4, SERVER_ADDRESS, SERVER_PORT);
|
||||
}
|
||||
|
||||
function SendMessageJabber($Adresse, $Nachricht) {
|
||||
SendData( "#message $Adresse $Nachricht");
|
||||
}
|
||||
?>
|
||||
|
@ -1,59 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
// Functionen gibt es nicht auf ellen rechern
|
||||
if( !function_exists("bcdiv"))
|
||||
{
|
||||
function bcdiv( $param1, $param2)
|
||||
{
|
||||
return floor( $param1 / $param2);
|
||||
}
|
||||
}
|
||||
|
||||
if( !function_exists("bcmod"))
|
||||
{
|
||||
function bcmod( $param1, $param2)
|
||||
{
|
||||
return $param1 - ( $param2 * bcdiv( $param1, $param2));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
echo "<h4 class=\"menu\">Engel online</h4>";
|
||||
|
||||
$SQL = "SELECT UID, Nick, lastLogIn ".
|
||||
"FROM User ".
|
||||
"WHERE (`lastLogIn` > '". gmdate("YmdHis", time()-(60*60)). "' AND NOT (UID=". $_SESSION['UID']. ")) ".
|
||||
"ORDER BY lastLogIn DESC;";
|
||||
|
||||
$Erg = mysql_query( $SQL, $con);
|
||||
|
||||
|
||||
$Tist = (gmdate("d", time()) * 60 * 60 * 24) + // Tag
|
||||
(gmdate("H", time()) * 60 * 60) + // Stunde
|
||||
(gmdate("i", time()) * 60) + // Minute
|
||||
(gmdate("s", time()) ); // Sekunde
|
||||
|
||||
for( $i=0; $i<mysql_num_rows($Erg); $i++)
|
||||
{
|
||||
echo "\t\t\t<li>";
|
||||
if( $_SESSION['UID']>0 )
|
||||
echo DisplayAvatar( mysql_result( $Erg, $i, "UID"));
|
||||
// Schow Admin Page
|
||||
echo funktion_isLinkAllowed_addLink_OrLinkText(
|
||||
"admin/userChangeNormal.php?enterUID=". mysql_result( $Erg, $i, "UID"). "&Type=Normal",
|
||||
mysql_result( $Erg, $i, "Nick"));
|
||||
|
||||
$Tlog = (substr( mysql_result( $Erg, $i, "lastLogIn"), 8, 2) * 60 * 60 * 24) + // Tag
|
||||
(substr( mysql_result( $Erg, $i, "lastLogIn"), 11, 2) * 60 * 60) + // Stunde
|
||||
(substr( mysql_result( $Erg, $i, "lastLogIn"), 14, 2) * 60) + // Minute
|
||||
(substr( mysql_result( $Erg, $i, "lastLogIn"), 17, 2) ); // Sekunde
|
||||
|
||||
$Tlog = $Tist-$Tlog;
|
||||
echo " ". bcdiv( $Tlog, 60). ":";
|
||||
if( strlen(bcmod( $Tlog, 60))==1)
|
||||
echo "0";
|
||||
echo bcmod( $Tlog, 60);
|
||||
echo "</li>\n";
|
||||
}
|
||||
|
||||
?>
|
@ -1,24 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
$SQL = "SELECT `Anz` FROM `Counter` WHERE `URL`=\"". $Page["Name"]. "\"";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
echo mysql_error($con);
|
||||
|
||||
if(mysql_num_rows($Erg)==0)
|
||||
{
|
||||
// echo "Counter: 1";
|
||||
$SQL = "INSERT INTO `Counter` ( `URL` , `Anz` ) ".
|
||||
"VALUES ('". $Page["Name"]. "', '1');";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
}
|
||||
elseif(mysql_num_rows($Erg)==1)
|
||||
{
|
||||
// echo "Counter: ". (mysql_result($Erg, 0, 0)+1);
|
||||
$SQL = "UPDATE `Counter` SET `Anz` = '". (mysql_result($Erg, 0, 0) +1). "' ".
|
||||
"WHERE `URL` = '". $Page["Name"]. "' LIMIT 1 ;";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
}
|
||||
|
||||
|
||||
?>
|
@ -1,144 +1,131 @@
|
||||
<?PHP
|
||||
|
||||
function UID2DECT($UID)
|
||||
{
|
||||
global $con;
|
||||
$SQL = "SELECT DECT FROM `User` WHERE UID='$UID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
if( mysql_num_rows( $Erg) == 1)
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
function RID2Room($RID)
|
||||
{
|
||||
global $con;
|
||||
$SQL = "SELECT Name FROM `Room` WHERE RID='$RID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
if( mysql_num_rows( $Erg) == 1)
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
function TID2Engeltype($TID)
|
||||
{
|
||||
global $con;
|
||||
$SQL = "SELECT Name FROM `EngelType` WHERE TID='$TID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
if( mysql_num_rows( $Erg) == 1)
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
function DialNumberIAX( $DECTnumber, $Time, $RID, $TID)
|
||||
{
|
||||
global $IAXenable, $IAXcontent, $IAXserver, $AnrufDelay, $DebugDECT, $Tempdir, $AsteriskOutputDir;
|
||||
|
||||
//Parameter verarbeiten
|
||||
$TimeH = substr( $Time, 11, 2);
|
||||
$TimeM = substr( $Time, 14, 2);
|
||||
$TimeM = substr( $Time, 14, 2) + $AnrufDelay;
|
||||
if( $TimeM < 0 )
|
||||
{
|
||||
$TimeM += 60;
|
||||
$TimeH -= 1;
|
||||
}
|
||||
if( $TimeH < 0 )
|
||||
$TimeH += 24;
|
||||
|
||||
if( strlen( $TimeH) == 1)
|
||||
$TimeH = "0".$TimeH;
|
||||
|
||||
if( $IAXenable)
|
||||
{ $Message="die-nee shisht beh-kinned , in where-neegin me-nooten . . . your shift beginns in a few minutes";
|
||||
if (isset($SetHttpIAX))
|
||||
{
|
||||
$post_data = array();
|
||||
$post_data['code'] = "89o8eu9cg4";
|
||||
$post_data['callerid'] = "1023";
|
||||
$post_data['nr'] = "$DECTnumber";
|
||||
//$post_data['message'] = "Deine schicht beginnt in ein paar minuten . . . your shift beginns in a few minutes ";
|
||||
$post_data['message'] = "die-nee shisht beh-kinned , in where-neegin me-nooten . . . your shift beginns in a few minutes ";
|
||||
$url = "https://23c3.eventphone.de/~bef/call.php";
|
||||
|
||||
$o="";
|
||||
foreach ($post_data as $k=>$v)
|
||||
{
|
||||
$o.= "$k=".urlencode(utf8_encode($v))."&";
|
||||
}
|
||||
$post_data=substr($o,0,-1);
|
||||
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_POST, 1);
|
||||
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
|
||||
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
|
||||
$result = curl_exec($ch);
|
||||
echo curl_error($ch);
|
||||
curl_close($ch);
|
||||
}
|
||||
else
|
||||
{
|
||||
// IAX file Schareiebn
|
||||
$CallFile = $Tempdir. "/call_". date("Ymd_His"). "_$DECTnumber";
|
||||
|
||||
if($DebugDECT) echo "IAX create file for dialing Number $DECTnumber\n";
|
||||
$file = fopen( $CallFile, 'w' );
|
||||
if( $file != FALSE)
|
||||
{
|
||||
fputs( $file, "Channel: SIP/$DECTnumber@$IAXserver\n"); //Ziel nummer
|
||||
fputs( $file, "Callerid: Engelserver\n");
|
||||
// fputs( $file, "Callerid: $IAXcontent\n");
|
||||
// fputs( $file, "Context: $DECTnumber@$IAXserver\n");
|
||||
fputs( $file, "Extension: s\n");
|
||||
fputs( $file, "MaxRetries: 1\n");
|
||||
fputs( $file, "RetryTime: 10\n");
|
||||
fputs( $file, "SetVar: msg=$Message\n");
|
||||
// fputs( $file, "SetVar: TimeH=$TimeH\n");
|
||||
// fputs( $file, "SetVar: TimeM=$TimeM\n");
|
||||
// fputs( $file, "SetVar: DECTnumber=$DECTnumber\n");
|
||||
// fputs( $file, "SetVar: Room=". RID2Room( $RID). "\n");
|
||||
// fputs( $file, "SetVar: Engeltype=". TID2Engeltype( $TID). "\n");
|
||||
fclose($file);
|
||||
system( "chmod 777 ". $CallFile);
|
||||
system( "mv ". $CallFile. " ". $AsteriskOutputDir);
|
||||
|
||||
}
|
||||
else
|
||||
echo "error: $CallFile not created";
|
||||
}
|
||||
}
|
||||
else
|
||||
if($DebugDECT) echo "IAX is disable\n";
|
||||
}
|
||||
|
||||
function DialNumberModem( $DECTnumber, $Time)
|
||||
{
|
||||
global $AnrufDelay;
|
||||
|
||||
//Parameter verarbeiten
|
||||
$TimeH = substr( $Time, 11, 2);
|
||||
$TimeM = substr( $Time, 14, 2);
|
||||
$TimeM = substr( $Time, 14, 2) + $AnrufDelay;
|
||||
if( $TimeM < 0 )
|
||||
{
|
||||
$TimeM += 60;
|
||||
$TimeH -= 1;
|
||||
}
|
||||
if( $TimeH < 0 )
|
||||
$TimeH += 24;
|
||||
|
||||
if( strlen( $TimeH) == 1)
|
||||
$TimeH = "0".$TimeH;
|
||||
|
||||
SetWackeup( $DECTnumber, $TimeH, $TimeM);
|
||||
}
|
||||
|
||||
return 0;
|
||||
<?php
|
||||
function UID2DECT($UID) {
|
||||
global $con;
|
||||
$SQL = "SELECT DECT FROM `User` WHERE UID='$UID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
?>
|
||||
if(mysql_num_rows( $Erg) == 1)
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
function RID2Room($RID) {
|
||||
global $con;
|
||||
$SQL = "SELECT Name FROM `Room` WHERE RID='$RID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if(mysql_num_rows( $Erg) == 1)
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
function TID2Engeltype($TID) {
|
||||
global $con;
|
||||
$SQL = "SELECT Name FROM `EngelType` WHERE TID='$TID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if(mysql_num_rows( $Erg) == 1)
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
function DialNumberIAX( $DECTnumber, $Time, $RID, $TID) {
|
||||
global $IAXenable, $IAXcontent, $IAXserver, $AnrufDelay, $DebugDECT, $Tempdir, $AsteriskOutputDir;
|
||||
|
||||
// Parameter verarbeiten
|
||||
$TimeH = substr( $Time, 11, 2);
|
||||
$TimeM = substr( $Time, 14, 2);
|
||||
$TimeM = substr( $Time, 14, 2) + $AnrufDelay;
|
||||
|
||||
if($TimeM < 0) {
|
||||
$TimeM += 60;
|
||||
$TimeH -= 1;
|
||||
}
|
||||
|
||||
if($TimeH < 0)
|
||||
$TimeH += 24;
|
||||
|
||||
if(strlen( $TimeH) == 1)
|
||||
$TimeH = "0" . $TimeH;
|
||||
|
||||
if($IAXenable) {
|
||||
$Message = "die-nee shisht beh-kinned, in where-neegin me-nooten . . . your shift beginns in a few minutes";
|
||||
|
||||
if(isset($SetHttpIAX)) {
|
||||
$post_data = array();
|
||||
$post_data['code'] = "89o8eu9cg4";
|
||||
$post_data['callerid'] = "1023";
|
||||
$post_data['nr'] = "$DECTnumber";
|
||||
//$post_data['message'] = "Deine schicht beginnt in ein paar minuten . . . your shift beginns in a few minutes ";
|
||||
$post_data['message'] = "die-nee shisht beh-kinned , in where-neegin me-nooten . . . your shift beginns in a few minutes ";
|
||||
$url = "https://23c3.eventphone.de/~bef/call.php";
|
||||
|
||||
$o = "";
|
||||
foreach ($post_data as $k => $v) {
|
||||
$o.= "$k=" . urlencode(utf8_encode($v)) . "&";
|
||||
}
|
||||
|
||||
$post_data = substr($o, 0, -1);
|
||||
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_POST, 1);
|
||||
curl_setopt($ch, CURLOPT_HEADER, 0);
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
|
||||
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
||||
$result = curl_exec($ch);
|
||||
echo curl_error($ch);
|
||||
curl_close($ch);
|
||||
} else {
|
||||
// IAX file Schareiebn
|
||||
$CallFile = $Tempdir. "/call_". date("Ymd_His"). "_$DECTnumber";
|
||||
|
||||
if($DebugDECT)
|
||||
echo "IAX create file for dialing Number $DECTnumber\n";
|
||||
|
||||
$file = fopen( $CallFile, 'w');
|
||||
|
||||
if($file != false) {
|
||||
fputs($file, "Channel: SIP/$DECTnumber@$IAXserver\n");
|
||||
fputs($file, "Callerid: Engelserver\n");
|
||||
fputs($file, "Extension: s\n");
|
||||
fputs($file, "MaxRetries: 1\n");
|
||||
fputs($file, "RetryTime: 10\n");
|
||||
fputs($file, "SetVar: msg=$Message\n");
|
||||
fclose($file);
|
||||
system("chmod 777 " . $CallFile);
|
||||
system("mv " . $CallFile . " " . $AsteriskOutputDir);
|
||||
} else
|
||||
echo "error: $CallFile not created";
|
||||
}
|
||||
} else
|
||||
if($DebugDECT)
|
||||
echo "IAX is disable\n";
|
||||
}
|
||||
|
||||
function DialNumberModem($DECTnumber, $Time) {
|
||||
global $AnrufDelay;
|
||||
|
||||
// Parameter verarbeiten
|
||||
$TimeH = substr($Time, 11, 2);
|
||||
$TimeM = substr($Time, 14, 2);
|
||||
$TimeM = substr($Time, 14, 2) + $AnrufDelay;
|
||||
|
||||
if($TimeM < 0) {
|
||||
$TimeM += 60;
|
||||
$TimeH -= 1;
|
||||
}
|
||||
|
||||
if($TimeH < 0)
|
||||
$TimeH += 24;
|
||||
|
||||
if(strlen( $TimeH) == 1)
|
||||
$TimeH = "0" . $TimeH;
|
||||
|
||||
SetWackeup($DECTnumber, $TimeH, $TimeM);
|
||||
}
|
||||
?>
|
||||
|
@ -1,149 +1,145 @@
|
||||
<?PHP
|
||||
|
||||
if( !function_exists("db_query"))
|
||||
{
|
||||
function Ausgabe_Daten($SQL)
|
||||
{
|
||||
global $con;
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
echo mysql_error($con);
|
||||
|
||||
$Zeilen = mysql_num_rows($Erg);
|
||||
$Anzahl_Felder = mysql_num_fields($Erg);
|
||||
|
||||
$Diff = "<table border=1>";
|
||||
$Diff .= "<tr>";
|
||||
for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
|
||||
$Diff .= "<th>". mysql_field_name($Erg, $m). "</th>";
|
||||
$Diff .= "</tr>";
|
||||
|
||||
for ($n = 0 ; $n < $Zeilen ; $n++)
|
||||
{
|
||||
$Diff .= "<tr>";
|
||||
for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
|
||||
$Diff .= "<td>".mysql_result($Erg, $n, $m). "</td>";
|
||||
$Diff .= "</tr>";
|
||||
}
|
||||
$Diff .= "</table>";
|
||||
return $Diff;
|
||||
}
|
||||
|
||||
function db_querry_getDatenAssocArray($SQL)
|
||||
{
|
||||
global $con;
|
||||
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
echo mysql_error($con);
|
||||
|
||||
$Daten = array();
|
||||
for( $i=0; $i<mysql_num_rows($Erg); $i++)
|
||||
$Daten[$i] = mysql_fetch_assoc($Erg);
|
||||
|
||||
return $Daten;
|
||||
}
|
||||
|
||||
function db_querry_diffDaten($Daten1, $Daten2)
|
||||
{
|
||||
$Gefunden=False;
|
||||
|
||||
$Diff = "\n<table border=1>\n";
|
||||
$Diff .= "<tr>\n\t<th>Feldname</th>\n\t<th>old Value</th>\n\t<th>new Value</th>\n";
|
||||
$Diff .= "</tr>\n";
|
||||
foreach($Daten1 as $DataKey => $Data1)
|
||||
{
|
||||
if( isset( $Daten2[$DataKey]))
|
||||
{
|
||||
$Data2 = $Daten2[$DataKey];
|
||||
foreach($Data1 as $key => $value)
|
||||
if( $value != $Data2[$key])
|
||||
{
|
||||
$Gefunden=TRUE;
|
||||
$Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td>".$Data2[$key]."</rd>\n</tr>";
|
||||
}
|
||||
}
|
||||
else
|
||||
foreach($Data1 as $key => $value)
|
||||
{
|
||||
$Gefunden=TRUE;
|
||||
$Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td></rd>\n</tr>";
|
||||
}
|
||||
}
|
||||
$Diff .= "</table>\n";
|
||||
|
||||
if( $Gefunden)
|
||||
return $Diff;
|
||||
else
|
||||
return "\nno changes Fount\n";
|
||||
}
|
||||
|
||||
function db_query( $SQL, $comment)
|
||||
{
|
||||
global $con, $Page;
|
||||
$Diff = "";
|
||||
|
||||
//commed anlyse udn daten sicherung
|
||||
if( strpos( "#$SQL", "UPDATE") > 0)
|
||||
{
|
||||
//Tabellen name ermitteln
|
||||
$Table_Start = strpos( $SQL, "`");
|
||||
$Table_End = strpos( $SQL, "`", $Table_Start+1);
|
||||
$Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
|
||||
|
||||
//SecureTest
|
||||
if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>");
|
||||
|
||||
//WHERE ermitteln
|
||||
$Where_Start = strpos( $SQL, "WHERE");
|
||||
$Where = substr( $SQL, $Where_Start);
|
||||
if( $Where_Start == 0) $Where = ";";
|
||||
|
||||
if( strlen( $Where) < 2)
|
||||
{
|
||||
$Diff = "can't show, too mutch data (no filter was set)";
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
else
|
||||
{
|
||||
$Daten1 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
$Daten2 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
|
||||
$Diff = db_querry_diffDaten($Daten1, $Daten2);
|
||||
}
|
||||
}
|
||||
elseif( strpos( "#$SQL", "DELETE") > 0)
|
||||
{
|
||||
$TableWhere = substr( $SQL, 6);
|
||||
$Diff .= Ausgabe_Daten( "SELECT * $TableWhere");
|
||||
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
elseif( strpos( "#$SQL", "INSERT") > 0)
|
||||
{
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
else
|
||||
{
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
|
||||
$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES);
|
||||
if( strlen($Diff) > 0)
|
||||
$SQLCommand .= "<br><br>Diff:<br>$Diff";
|
||||
|
||||
$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
|
||||
//LOG commands in DB
|
||||
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
|
||||
" VALUES ( '". $_SESSION['UID']. "', ".
|
||||
"'". mysql_escape_string( $SQLCommand). "', ".
|
||||
"'". mysql_escape_string( $Commend). "' );";
|
||||
$erg = mysql_query($SQL_SEC, $con);
|
||||
echo mysql_error($con);
|
||||
return $querry_erg;
|
||||
}//function db_query(
|
||||
<?php
|
||||
if( !function_exists("db_query")) {
|
||||
function Ausgabe_Daten($SQL) {
|
||||
global $con;
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
echo mysql_error($con);
|
||||
|
||||
$Zeilen = mysql_num_rows($Erg);
|
||||
$Anzahl_Felder = mysql_num_fields($Erg);
|
||||
|
||||
$Diff = "<table border=1>";
|
||||
$Diff .= "<tr>";
|
||||
|
||||
for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
|
||||
$Diff .= "<th>". mysql_field_name($Erg, $m). "</th>";
|
||||
|
||||
$Diff .= "</tr>";
|
||||
|
||||
for ($n = 0 ; $n < $Zeilen ; $n++) {
|
||||
$Diff .= "<tr>";
|
||||
|
||||
for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
|
||||
$Diff .= "<td>".mysql_result($Erg, $n, $m). "</td>";
|
||||
|
||||
$Diff .= "</tr>";
|
||||
}
|
||||
|
||||
$Diff .= "</table>";
|
||||
return $Diff;
|
||||
}
|
||||
|
||||
function db_querry_getDatenAssocArray($SQL) {
|
||||
global $con;
|
||||
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
echo mysql_error($con);
|
||||
|
||||
$Daten = array();
|
||||
|
||||
for( $i=0; $i<mysql_num_rows($Erg); $i++)
|
||||
$Daten[$i] = mysql_fetch_assoc($Erg);
|
||||
|
||||
return $Daten;
|
||||
}
|
||||
|
||||
function db_querry_diffDaten($Daten1, $Daten2) {
|
||||
$Gefunden = false;
|
||||
|
||||
$Diff = "\n<table border=1>\n";
|
||||
$Diff .= "<tr>\n<th>Feldname</th>\n<th>old Value</th>\n<th>new Value</th>\n";
|
||||
$Diff .= "</tr>\n";
|
||||
|
||||
foreach($Daten1 as $DataKey => $Data1) {
|
||||
if(isset( $Daten2[$DataKey])) {
|
||||
$Data2 = $Daten2[$DataKey];
|
||||
|
||||
foreach($Data1 as $key => $value)
|
||||
if( $value != $Data2[$key]) {
|
||||
$Gefunden = true;
|
||||
$Diff .= "<tr>\n<td>$key</td>\n<td>$value</td>\n<td>" . $Data2[$key] . "</rd>\n</tr>";
|
||||
}
|
||||
} else
|
||||
foreach($Data1 as $key => $value) {
|
||||
$Gefunden = true;
|
||||
$Diff .= "<tr>\n<td>$key</td>\n<td>$value</td>\n<td></rd>\n</tr>";
|
||||
}
|
||||
}
|
||||
|
||||
$Diff .= "</table>\n";
|
||||
|
||||
if($Gefunden)
|
||||
return $Diff;
|
||||
else
|
||||
return "\nno changes Fount\n";
|
||||
}
|
||||
|
||||
function db_query( $SQL, $comment) {
|
||||
global $con, $Page;
|
||||
$Diff = "";
|
||||
|
||||
// commed anlyse udn daten sicherung
|
||||
if(strpos("#$SQL", "UPDATE") > 0) {
|
||||
// Tabellen name ermitteln
|
||||
$Table_Start = strpos( $SQL, "`");
|
||||
$Table_End = strpos( $SQL, "`", $Table_Start+1);
|
||||
$Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
|
||||
|
||||
//SecureTest
|
||||
if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>");
|
||||
|
||||
//WHERE ermitteln
|
||||
$Where_Start = strpos( $SQL, "WHERE");
|
||||
$Where = substr( $SQL, $Where_Start);
|
||||
if( $Where_Start == 0) $Where = ";";
|
||||
|
||||
if( strlen( $Where) < 2)
|
||||
{
|
||||
$Diff = "can't show, too mutch data (no filter was set)";
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
else
|
||||
{
|
||||
$Daten1 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
$Daten2 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
|
||||
$Diff = db_querry_diffDaten($Daten1, $Daten2);
|
||||
}
|
||||
}
|
||||
elseif( strpos( "#$SQL", "DELETE") > 0)
|
||||
{
|
||||
$TableWhere = substr( $SQL, 6);
|
||||
$Diff .= Ausgabe_Daten( "SELECT * $TableWhere");
|
||||
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
elseif( strpos( "#$SQL", "INSERT") > 0)
|
||||
{
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
else
|
||||
{
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
|
||||
$SQLCommand = "SQL:<br />". htmlentities( $SQL, ENT_QUOTES);
|
||||
if( strlen($Diff) > 0)
|
||||
$SQLCommand .= "<br /><br />Diff:<br />$Diff";
|
||||
|
||||
$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
|
||||
//LOG commands in DB
|
||||
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
|
||||
" VALUES ( '". $_SESSION['UID']. "', ".
|
||||
"'". mysql_escape_string( $SQLCommand). "', ".
|
||||
"'". mysql_escape_string( $Commend). "' );";
|
||||
$erg = mysql_query($SQL_SEC, $con);
|
||||
echo mysql_error($con);
|
||||
return $querry_erg;
|
||||
}//function db_query(
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -1,67 +1,62 @@
|
||||
<?PHP
|
||||
<?php
|
||||
|
||||
function funktion_db_list($Table_Name)
|
||||
{
|
||||
|
||||
// Gibt eine Tabelle generisch als HTML aus
|
||||
function funktion_db_list($Table_Name) {
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT * FROM `".$Table_Name."`";
|
||||
$html = "";
|
||||
|
||||
$SQL = "SELECT * FROM `" . $Table_Name . "`";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
// anzahl zeilen
|
||||
$Zeilen = mysql_num_rows($Erg);
|
||||
$Zeilen = mysql_num_rows($Erg);
|
||||
|
||||
$Anzahl_Felder = mysql_num_fields($Erg);
|
||||
|
||||
echo "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">";
|
||||
echo "<caption>DB: $Table_Name</caption>";
|
||||
$html .= "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">";
|
||||
$html .= "<caption>DB: $Table_Name</caption>";
|
||||
|
||||
echo "<tr class=\"contenttopic\">";
|
||||
for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
|
||||
{
|
||||
echo "<th>". mysql_field_name($Erg, $m). "</th>";
|
||||
$html .= "<tr class=\"contenttopic\">";
|
||||
for ($m = 0; $m < $Anzahl_Felder; $m++) {
|
||||
$html .= "<th>" . mysql_field_name($Erg, $m) . "</th>";
|
||||
}
|
||||
echo "</tr>";
|
||||
$html .= "</tr>";
|
||||
|
||||
for ($n = 0 ; $n < $Zeilen ; $n++)
|
||||
{
|
||||
echo "<tr class=\"content\">";
|
||||
for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
|
||||
{
|
||||
echo "<td>".mysql_result($Erg, $n, $m). "</td>";
|
||||
for ($n = 0; $n < $Zeilen; $n++) {
|
||||
$html .= "<tr class=\"content\">";
|
||||
for ($m = 0; $m < $Anzahl_Felder; $m++) {
|
||||
$html .= "<td>" . mysql_result($Erg, $n, $m) . "</td>";
|
||||
}
|
||||
echo "</tr>";
|
||||
$html .= "</tr>";
|
||||
}
|
||||
echo "</table>";
|
||||
$html .= "</table>";
|
||||
return $html;
|
||||
}
|
||||
|
||||
function funktion_db_element_list_2row( $TopicName, $SQL)
|
||||
{
|
||||
global $con;
|
||||
function funktion_db_element_list_2row($TopicName, $SQL) {
|
||||
$html = "";
|
||||
$html .= "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||
$html .= "<caption>$TopicName</caption>";
|
||||
# $html .= "<tr class=\"contenttopic\"> <td><h1>$TopicName</h1></td> </tr>\n";
|
||||
|
||||
echo "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||
echo "<caption>$TopicName</caption>";
|
||||
# echo "\t<tr class=\"contenttopic\"> <td><h1>$TopicName</h1></td> </tr>\n";
|
||||
$Erg = sql_query($SQL);
|
||||
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
echo mysql_error($con);
|
||||
|
||||
echo "<tr class=\"contenttopic\">";
|
||||
for ($m = 0 ; $m < mysql_num_fields($Erg) ; $m++)
|
||||
{
|
||||
echo "<th>". mysql_field_name($Erg, $m). "</th>";
|
||||
$html .= "<tr class=\"contenttopic\">";
|
||||
for ($m = 0; $m < mysql_num_fields($Erg); $m++) {
|
||||
$html .= "<th>" . mysql_field_name($Erg, $m) . "</th>";
|
||||
}
|
||||
echo "</tr>";
|
||||
$html .= "</tr>";
|
||||
|
||||
for ($n = 0 ; $n < mysql_num_rows($Erg) ; $n++)
|
||||
{
|
||||
echo "<tr class=\"content\">";
|
||||
for ($m = 0 ; $m < mysql_num_fields($Erg) ; $m++)
|
||||
{
|
||||
echo "<td>".mysql_result($Erg, $n, $m). "</td>";
|
||||
for ($n = 0; $n < mysql_num_rows($Erg); $n++) {
|
||||
$html .= "<tr class=\"content\">";
|
||||
for ($m = 0; $m < mysql_num_fields($Erg); $m++) {
|
||||
$html .= "<td>" . mysql_result($Erg, $n, $m) . "</td>";
|
||||
}
|
||||
echo "</tr>";
|
||||
$html .= "</tr>";
|
||||
}
|
||||
echo "</table>\n";
|
||||
$html .= "</table>\n";
|
||||
return $html;
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -1,12 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
function noAnswer() {
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT UID FROM Questions WHERE `AID`='0'";
|
||||
$Res=mysql_query($SQL, $con);
|
||||
|
||||
return mysql_num_rows($Res);
|
||||
}
|
||||
|
||||
?>
|
@ -1,12 +0,0 @@
|
||||
<?PHP
|
||||
echo "<br>";
|
||||
|
||||
if( strpos( $_SERVER["REQUEST_URI"], "?") >0)
|
||||
$URL = $_SERVER["REQUEST_URI"]. "&SetLanguage=";
|
||||
else
|
||||
$URL = $_SERVER["REQUEST_URI"]. "?SetLanguage=";
|
||||
|
||||
echo "<a href=\"". $URL. "DE\"><img src=\"". $url. $ENGEL_ROOT. "pic/flag/de.gif\" alt=\"DE\"></a> ";
|
||||
echo "<a href=\"". $URL. "EN\"><img src=\"". $url. $ENGEL_ROOT. "pic/flag/en.gif\" alt=\"EN\"></a> ";
|
||||
|
||||
?>
|
@ -1,35 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
|
||||
function Get_Text ($TextID, $NoError=FALSE)
|
||||
{
|
||||
GLOBAL $con, $error_messages, $DEBUG;
|
||||
|
||||
if( !isset($_SESSION['Sprache']))
|
||||
$_SESSION['Sprache'] = "EN";
|
||||
if( $_SESSION['Sprache']=="")
|
||||
$_SESSION['Sprache']="EN";
|
||||
if( isset($_GET["SetLanguage"]))
|
||||
$_SESSION['Sprache']= $_GET["SetLanguage"];
|
||||
|
||||
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='".$_SESSION['Sprache']."'";
|
||||
@$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if( mysql_num_rows( $Erg) == 1)
|
||||
return (@mysql_result($Erg, 0, "Text"));
|
||||
elseif( $NoError && !$DEBUG)
|
||||
return "";
|
||||
else
|
||||
{
|
||||
array_push($error_messages, "Get_Text, '$TextID' found ". mysql_num_rows( $Erg). "x in Sprache Database Table for Language (".$_SESSION['Sprache'].")\n");
|
||||
return "Error Data, '$TextID' found ". mysql_num_rows( $Erg). "x";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function Print_Text ($TextID, $NoError=FALSE)
|
||||
{
|
||||
echo Get_Text ($TextID, $NoError);
|
||||
}
|
||||
|
||||
?>
|
@ -1,44 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
function ShowMenu( $MenuName)
|
||||
{
|
||||
global $MenueTableStart, $MenueTableEnd, $_SESSION, $DEBUG, $url, $ENGEL_ROOT;
|
||||
$Gefunden=FALSE;
|
||||
|
||||
//Überschift
|
||||
$Text = "<h4 class=\"menu\">". Get_Text("$MenuName/"). "</h4>";
|
||||
|
||||
//einträge
|
||||
foreach( $_SESSION['CVS'] as $Key => $Entry )
|
||||
if( strpos( $Key, ".php") > 0)
|
||||
if( (strpos( "00$Key", "0$MenuName") > 0) ||
|
||||
((strlen($MenuName)==0) && (strpos( "0$Key", "/") == 0) ) )
|
||||
{
|
||||
$TempName = Get_Text($Key, TRUE);
|
||||
if(( TRUE||$DEBUG) && (strlen($TempName)==0) )
|
||||
$TempName = "not found: \"$Key\"";
|
||||
|
||||
if( $Entry == "Y")
|
||||
{
|
||||
//zum absichtlkichen ausblenden von einträgen
|
||||
if( strlen($TempName)>1)
|
||||
{
|
||||
//sonderfälle:
|
||||
if( $Key=="admin/faq.php")
|
||||
$TempName .= " (". noAnswer(). ")";
|
||||
//ausgabe
|
||||
$Text .= "\t\t\t<li><a href=\"". $url. $ENGEL_ROOT. $Key. "\">$TempName</a></li>\n";
|
||||
$Gefunden = TRUE;
|
||||
}
|
||||
}
|
||||
elseif( $DEBUG )
|
||||
{
|
||||
$Gefunden = TRUE;
|
||||
$Text .= "\t\t\t<li>$TempName ($Key)</li>\n";
|
||||
}
|
||||
}
|
||||
if( $Gefunden)
|
||||
echo $MenueTableStart.$Text.$MenueTableEnd;
|
||||
}//function ShowMenue
|
||||
|
||||
?>
|
@ -1,35 +1,34 @@
|
||||
<?PHP
|
||||
include "config_modem.php";
|
||||
<?php
|
||||
include "config_modem.php";
|
||||
|
||||
function DialNumber( $Number )
|
||||
{
|
||||
global $Dev, $ModemEnable;
|
||||
function DialNumber($Number) {
|
||||
global $Dev, $ModemEnable;
|
||||
|
||||
if($ModemEnable) {
|
||||
echo "Dial number: '<u>$Number</u>' was called<br />\n";
|
||||
|
||||
if( $ModemEnable)
|
||||
{
|
||||
echo "Dial number: '<u>$Number</u>' was called<br>\n";
|
||||
$fp = fopen( $ModemDev, "w");
|
||||
sleep(1);
|
||||
fwrite( $fp, "+++");
|
||||
sleep(1);
|
||||
fwrite( $fp, "ATZ\n");
|
||||
sleep(1);
|
||||
fwrite( $fp, "ATX1\n");
|
||||
sleep(1);
|
||||
fwrite( $fp, "ATD $Number \n");
|
||||
sleep(8);
|
||||
fclose($fp);
|
||||
sleep(1);
|
||||
}
|
||||
else
|
||||
echo "Modem is Disable, number: '<u>$Number</u>' was not called<br>\n";
|
||||
$fp = fopen( $ModemDev, "w");
|
||||
sleep(1);
|
||||
fwrite( $fp, "+++");
|
||||
sleep(1);
|
||||
fwrite( $fp, "ATZ\n");
|
||||
sleep(1);
|
||||
fwrite( $fp, "ATX1\n");
|
||||
sleep(1);
|
||||
fwrite( $fp, "ATD $Number \n");
|
||||
sleep(8);
|
||||
fclose($fp);
|
||||
sleep(1);
|
||||
}
|
||||
else
|
||||
echo "Modem is Disable, number: '<u>$Number</u>' was not called<br />\n";
|
||||
}
|
||||
|
||||
|
||||
function SetWackeup( $Number, $TimeH, $TimeM)
|
||||
{
|
||||
global $WackupNumber;
|
||||
DialNumber( "$WackupNumber$TimeH$TimeM$Number");
|
||||
global $WakeupNumber;
|
||||
DialNumber( "$WakeupNumber$TimeH$TimeM$Number");
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -1,389 +0,0 @@
|
||||
<?php
|
||||
|
||||
|
||||
/*#######################################################
|
||||
# gibt die engelschischten aus #
|
||||
#######################################################*/
|
||||
function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||
{
|
||||
// gibt, nach übergabe der der SchichtID (SID) und der RaumBeschreibung,
|
||||
// die eingetragenden und und offenden Schichteintäge zurück
|
||||
global $EngelType, $EngelTypeID, $TID2Name, $con, $DEBUG, $gmdateOffset;
|
||||
|
||||
$Spalten = "";
|
||||
|
||||
if( !isset($_GET["Icon"]))
|
||||
$_GET["Icon"]=1;
|
||||
|
||||
///////////////////////////////////////////////////////////////////
|
||||
// Schow Admin Page
|
||||
///////////////////////////////////////////////////////////////////
|
||||
$Spalten.=funktion_isLinkAllowed_addLink_OrEmpty(
|
||||
"admin/schichtplan.php?action=change&SID=$SID",
|
||||
"edit<br>\n\t\t");
|
||||
|
||||
///////////////////////////////////////////////////////////////////
|
||||
// Ausgabe des Schischtnamens
|
||||
///////////////////////////////////////////////////////////////////
|
||||
$SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
if( mysql_result($Erg, 0, 0) != "")
|
||||
$Spalten.="<a href=\"". mysql_result($Erg, 0, 0). "\" target=\"_black\"><u>$Man:</u></a><br>";
|
||||
else
|
||||
$Spalten.="<u>".$Man.":</u><br>";
|
||||
|
||||
|
||||
///////////////////////////////////////////////////////////////////
|
||||
// SQL abfrage für die benötigten schichten
|
||||
///////////////////////////////////////////////////////////////////
|
||||
$SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '$SID') ORDER BY `TID`, `UID` DESC ;";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
$Anzahl = mysql_num_rows($Erg);
|
||||
$Feld=0;
|
||||
$Temp_TID_old=-1;
|
||||
for( $i = 0; $i < $Anzahl; $i++ )
|
||||
{
|
||||
if( isset($Temp[$Feld]["TID"]))
|
||||
$Temp_TID_old = $Temp[$Feld]["TID"];
|
||||
if( isset($Temp[$Feld]["UID"]))
|
||||
$Temp_UID_old = $Temp[$Feld]["UID"];
|
||||
|
||||
$Temp_TID = mysql_result($Erg, $i, "TID");
|
||||
|
||||
// wenn sich der Type ändert wird zumnästen feld geweckselt
|
||||
if( $Temp_TID_old != $Temp_TID )
|
||||
$Feld++;
|
||||
|
||||
$Temp[$Feld]["TID"] = $Temp_TID;
|
||||
$Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID");
|
||||
|
||||
// sonderfall ersten durchlauf
|
||||
if( $i == 0 )
|
||||
{
|
||||
$Temp_TID_old = $Temp[$Feld]["TID"];
|
||||
$Temp_UID_old = $Temp[$Feld]["UID"];
|
||||
}
|
||||
|
||||
// ist es eine zu vergeben schicht?
|
||||
if( $Temp[$Feld]["UID"] == 0 )
|
||||
{
|
||||
if( isset($Temp[$Feld]["free"]))
|
||||
$Temp[$Feld]["free"]++;
|
||||
else
|
||||
$Temp[$Feld]["free"]=1;
|
||||
}
|
||||
else
|
||||
$Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"];
|
||||
} // FOR
|
||||
|
||||
|
||||
///////////////////////////////////////////////////////////////////
|
||||
// Aus gabe der Schicht
|
||||
///////////////////////////////////////////////////////////////////
|
||||
if( isset($Temp))
|
||||
if( count($Temp) )
|
||||
foreach( $Temp as $TempEntry => $TempValue )
|
||||
{
|
||||
if( !isset($TempValue["free"]))
|
||||
$TempValue["free"] = 0;
|
||||
|
||||
// ausgabe EngelType
|
||||
$Spalten.= $EngelTypeID[ $TempValue["TID"] ]. " ";
|
||||
|
||||
// ausgabe Eingetragener Engel
|
||||
if( isset($TempValue["Engel"]))
|
||||
if( count($TempValue["Engel"]) > 0 )
|
||||
{
|
||||
if( count($TempValue["Engel"]) == 1 )
|
||||
$Spalten.= Get_Text("inc_schicht_ist"). ":<br>\n\t\t";
|
||||
else
|
||||
$Spalten.= Get_Text("inc_schicht_sind"). ":<br>\n\t\t";
|
||||
|
||||
foreach( $TempValue["Engel"] as $TempEngelEntry=> $TempEngelID )
|
||||
{
|
||||
if( funktion_isLinkAllowed( "admin/user.php") === TRUE)
|
||||
{
|
||||
// add color, wenn Engel "Gekommen"
|
||||
$TempText=
|
||||
((UIDgekommen( $TempEngelID ) == "1")
|
||||
? "<span style=\"color: blue;\">"
|
||||
: "<span style=\"color: red;\">").
|
||||
UID2Nick( $TempEngelID). "</span>";
|
||||
}
|
||||
else
|
||||
{
|
||||
$TempText = UID2Nick( $TempEngelID );
|
||||
}
|
||||
|
||||
// add link to user
|
||||
$TempText= funktion_isLinkAllowed_addLink_OrLinkText(
|
||||
"admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal",
|
||||
$TempText);
|
||||
|
||||
$Spalten.= " ". $TempText.
|
||||
( ($_GET["Icon"]==1) ? DisplayAvatar( $TempEngelID): "").
|
||||
"<br>\n\t\t";
|
||||
|
||||
|
||||
}
|
||||
$Spalten = substr( $Spalten, 0, strlen($Spalten)-7 );
|
||||
}
|
||||
|
||||
// ausgabe benötigter Engel
|
||||
////////////////////////////
|
||||
//in vergangenheit
|
||||
$SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='$SID' AND `DateE` >= '".
|
||||
gmdate("Y-m-d H:i:s", time()+ $gmdateOffset). "')";
|
||||
$Ergtime = mysql_query($SQLtime, $con);
|
||||
if( mysql_num_rows( $Ergtime) > 0)
|
||||
{
|
||||
//wenn keien rechte definiert sind
|
||||
if( !isset($_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ]))
|
||||
$_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ] = "Y";
|
||||
|
||||
if( $_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ] == "Y")
|
||||
if( $TempValue["free"] > 0 )
|
||||
{
|
||||
$Spalten.= "<br>\n\t\t <a href=\"./schichtplan_add.php?SID=$SID&TID=".
|
||||
$TempValue["TID"]."\">";
|
||||
$Spalten.= $TempValue["free"];
|
||||
if( $TempValue["free"] != 1 )
|
||||
$Spalten.= Get_Text("inc_schicht_weitere").
|
||||
" ".Get_Text("inc_schicht_Engel").
|
||||
Get_Text("inc_schicht_wird");
|
||||
else
|
||||
$Spalten.= Get_Text("inc_schicht_weiterer").
|
||||
" ".Get_Text("inc_schicht_Engel").
|
||||
Get_Text("inc_schicht_werden");
|
||||
$Spalten.= Get_Text("inc_schicht_noch_gesucht");
|
||||
$Spalten.= "</a>";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if( isset($TempValue["free"]))
|
||||
if( $TempValue["free"] > 0 )
|
||||
$Spalten.= "<br>\n\t\t <h3><a>Fehlen noch: ".
|
||||
$TempValue["free"]. "</a></h3>";
|
||||
}
|
||||
$Spalten.= "<br>\n\t\t";
|
||||
|
||||
} // FOREACH
|
||||
return $Spalten;
|
||||
} // function Ausgabe_Feld_Inhalt
|
||||
|
||||
|
||||
|
||||
/*#######################################################
|
||||
# gibt die engelschischten Druckergerecht aus #
|
||||
#######################################################*/
|
||||
function Ausgabe_Feld_Inhalt_Druck($RID, $Man )
|
||||
{
|
||||
// gibt, nach übergabe der der SchichtID (SID) und der RaumBeschreibung,
|
||||
// die eingetragenden und und offenden Schichteintäge zurück
|
||||
|
||||
|
||||
} // function Ausgabe_Feld_Inhalt
|
||||
|
||||
|
||||
|
||||
|
||||
/*#######################################################
|
||||
# Ausgabe der Raum Spalten #
|
||||
#######################################################*/
|
||||
function CreateRoomShifts( $raum )
|
||||
{
|
||||
global $Spalten, $ausdatum, $con, $DEBUG, $GlobalZeileProStunde, $error_messages;
|
||||
|
||||
/////////////////////////////////////////////////////////////
|
||||
// beginnt die erste schicht vor dem heutigen tag und geht darüber hinaus
|
||||
/////////////////////////////////////////////////////////////
|
||||
$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` ".
|
||||
"WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 23:59:59') AND ".
|
||||
"(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;";
|
||||
$ErgSonder = mysql_query($SQLSonder, $con);
|
||||
if( (mysql_num_rows( $ErgSonder) > 1) )
|
||||
{
|
||||
if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE )
|
||||
{
|
||||
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
|
||||
for( $i=0; $i<mysql_num_rows( $ErgSonder); $i++)
|
||||
{
|
||||
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
|
||||
mysql_result($ErgSonder, $i, "SID"). "\">".
|
||||
mysql_result($ErgSonder, $i, "DateS").
|
||||
" '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-24)".
|
||||
"</a><br>\n\t\t";
|
||||
}
|
||||
}
|
||||
}
|
||||
elseif( (mysql_num_rows( $ErgSonder) == 1) )
|
||||
{
|
||||
$Spalten[0].= "\t\t<td valign=\"top\" rowspan=\"". (24 * $GlobalZeileProStunde). "\">\n".
|
||||
"\t\t\t<h3>↑↑↑</h3>".
|
||||
Ausgabe_Feld_Inhalt( mysql_result($ErgSonder, 0, "SID"),
|
||||
mysql_result($ErgSonder, 0, "Man") ).
|
||||
"\t\t\t<h3>↓↓↓</h3>".
|
||||
"\n\t\t</td>\n";
|
||||
return;
|
||||
}
|
||||
|
||||
$ZeitZeiger = 0;
|
||||
|
||||
/////////////////////////////////////////////////////////////
|
||||
// beginnt die erste schicht vor dem heutigen tag?
|
||||
/////////////////////////////////////////////////////////////
|
||||
$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` ".
|
||||
"WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 00:00:00') AND ".
|
||||
"(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;";
|
||||
$ErgSonder = mysql_query($SQLSonder, $con);
|
||||
if( (mysql_num_rows( $ErgSonder) > 1) )
|
||||
{
|
||||
if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE )
|
||||
{
|
||||
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
|
||||
for( $i=0; $i<mysql_num_rows( $ErgSonder); $i++)
|
||||
{
|
||||
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
|
||||
mysql_result($ErgSonder, $i, "SID"). "\">".
|
||||
mysql_result($ErgSonder, $i, "DateS").
|
||||
" '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-xx)".
|
||||
"</a><br>\n\t\t";
|
||||
}
|
||||
}
|
||||
}
|
||||
elseif( (mysql_num_rows( $ErgSonder) == 1) )
|
||||
{
|
||||
$ZeitZeiger = substr( mysql_result($ErgSonder, 0, "DateE"), 11, 2 )+
|
||||
(substr( mysql_result($ErgSonder, 0, "DateE"), 14, 2 ) / 60);
|
||||
$Spalten[0].= "\t\t<td valign=\"top\" rowspan=\"". ($ZeitZeiger * $GlobalZeileProStunde). "\">\n".
|
||||
"\t\t\t<h3>↑↑↑</h3>".
|
||||
Ausgabe_Feld_Inhalt( mysql_result($ErgSonder, 0, "SID"),
|
||||
mysql_result($ErgSonder, 0, "Man") ).
|
||||
"\n\t\t</td>\n";
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////////////
|
||||
// gibt die schichten für den tag aus
|
||||
/////////////////////////////////////////////////////////////
|
||||
$SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` ".
|
||||
"WHERE ((`RID` = '$raum') and ".
|
||||
"(`DateS` >= '$ausdatum $ZeitZeiger:00:00') and ".
|
||||
"(`DateS` like '$ausdatum%')) ORDER BY `DateS`;";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
for( $i = 0; $i < mysql_num_rows($Erg); ++$i )
|
||||
{
|
||||
$ZeitPos = substr( mysql_result($Erg, $i, "DateS"), 11, 2 )+
|
||||
(substr( mysql_result($Erg, $i, "DateS"), 14, 2 ) / 60);
|
||||
$len = mysql_result($Erg, $i, "Len");
|
||||
|
||||
if( $len <= 0)
|
||||
array_push( $error_messages, "Error in shift denition SID=". mysql_result($Erg, $i, "SID"). " Len=$len");
|
||||
|
||||
if( $ZeitZeiger < $ZeitPos )
|
||||
{
|
||||
$Spalten[$ZeitZeiger * $GlobalZeileProStunde].=
|
||||
"\t\t<td valign=\"top\" rowspan=\"". ( ($ZeitPos - $ZeitZeiger ) * $GlobalZeileProStunde ). "\"> </td>\n";
|
||||
|
||||
$ZeitZeiger += $ZeitPos - $ZeitZeiger;
|
||||
}
|
||||
if($ZeitZeiger == $ZeitPos )
|
||||
{
|
||||
//sonderfall wenn die schicht über dei 24 stunden hinaus geht
|
||||
// (eintrag abkürzen, pfeiel ausgeben)
|
||||
$Spalten[$ZeitZeiger * $GlobalZeileProStunde].=
|
||||
"\t\t<td valign=\"top\" rowspan=\"".
|
||||
( ( ($len+$ZeitZeiger)? $len : 24-$len+$ZeitZeiger) * $GlobalZeileProStunde).
|
||||
"\">\n".
|
||||
"\t\t\t".
|
||||
Ausgabe_Feld_Inhalt( mysql_result($Erg, $i, "SID"),
|
||||
mysql_result($Erg, $i, "Man") ).
|
||||
(( ($ZeitZeiger+$len) > 24)? "\t\t\t<h3>↓↓↓</h3>" : "").
|
||||
"\n\t\t</td>\n";
|
||||
$ZeitZeiger += $len;
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
|
||||
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
|
||||
mysql_result($Erg, $i, "SID"). "\">".
|
||||
mysql_result($Erg, $i, "DateS").
|
||||
" '". mysql_result($Erg, $i, "Man"). "' ".
|
||||
" (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)</a><br><br>";
|
||||
}
|
||||
}
|
||||
if( $ZeitZeiger < 24 )
|
||||
$Spalten[($ZeitZeiger * $GlobalZeileProStunde)].=
|
||||
"\t\t<td valign=\"top\" rowspan=\"".
|
||||
((24 - $ZeitZeiger) * $GlobalZeileProStunde ).
|
||||
"\"> </td>\n";
|
||||
} // function CreateRoomShifts
|
||||
|
||||
|
||||
/*#######################################################
|
||||
# Ausgabe der freien schichten #
|
||||
#######################################################*/
|
||||
function showEmptyShifts( )
|
||||
{
|
||||
global $con, $DEBUG, $RoomID, $gmdateOffset;
|
||||
|
||||
echo "<table border=\"1\">\n";
|
||||
echo "<tr>\n";
|
||||
echo "\t<th>". Get_Text("inc_schicht_date"). "</th>\n";
|
||||
echo "\t<th>". Get_Text("inc_schicht_time"). "</th>\n";
|
||||
echo "\t<th>". Get_Text("inc_schicht_room"). "</th>\n";
|
||||
echo "\t<th>". Get_Text("inc_schicht_commend"). "</th>\n";
|
||||
echo "</tr>\n";
|
||||
|
||||
$sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` ".
|
||||
"WHERE (`Shifts`.`DateS`>='". gmdate("Y-m-d H:i:s", time()+$gmdateOffset). "') ".
|
||||
"ORDER BY `DateS`, `RID`;";
|
||||
$Erg = mysql_query($sql, $con);
|
||||
|
||||
$angezeigt = 0;
|
||||
for ($i=0; ($i<mysql_num_rows($Erg)) && ($angezeigt< 15); $i++)
|
||||
if( isset($RoomID[mysql_result( $Erg, $i, "RID")]))
|
||||
if( $RoomID[mysql_result( $Erg, $i, "RID")]!="" )
|
||||
{
|
||||
$Sql2 = "SELECT `UID` FROM `ShiftEntry` ".
|
||||
"WHERE `SID`=". mysql_result( $Erg, $i, "SID"). " AND ".
|
||||
"`UID`='0';";
|
||||
$Erg2 = mysql_query($Sql2, $con);
|
||||
|
||||
if( mysql_num_rows($Erg2)>0)
|
||||
{
|
||||
$angezeigt++;
|
||||
echo "<tr>\n";
|
||||
echo "\t<td>". substr(mysql_result( $Erg, $i, "DateS"), 0, 10). "</td>\n";
|
||||
echo "\t<td>". substr(mysql_result( $Erg, $i, "DateS"), 11). "</td>\n";
|
||||
echo "\t<td>". $RoomID[mysql_result( $Erg, $i, "RID")]. "</td>\n";
|
||||
echo "\t<td>".
|
||||
ausgabe_Feld_Inhalt( mysql_result( $Erg, $i, "SID"), mysql_result( $Erg, $i, "Man")).
|
||||
"</td>\n";
|
||||
echo "</tr>\n";
|
||||
}
|
||||
}
|
||||
|
||||
echo "</table>\n";
|
||||
|
||||
} //function showEmptyShifts
|
||||
|
||||
|
||||
/*#######################################################
|
||||
# Gibt die anzahl der Schichten im Raum zurück #
|
||||
#######################################################*/
|
||||
function SummRoomShifts( $raum )
|
||||
{
|
||||
global $ausdatum, $con, $DEBUG, $GlobalZeileProStunde;
|
||||
|
||||
$SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` ".
|
||||
"WHERE ((`RID` = '$raum') AND (`DateE` >= '$ausdatum 00:00:00') AND ".
|
||||
"(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;";
|
||||
|
||||
$ErgSonder = mysql_query($SQLSonder, $con);
|
||||
|
||||
return mysql_num_rows($ErgSonder);
|
||||
}
|
||||
|
||||
?>
|
@ -1,87 +0,0 @@
|
||||
<?PHP
|
||||
|
||||
if( !function_exists("DatumUm1TagErhoehen"))
|
||||
{
|
||||
function DatumUm1TagErhoehen( $Datum)
|
||||
{
|
||||
$Jahr = substr( $Datum, 0, 4);
|
||||
$Monat = substr( $Datum, 5, 2);
|
||||
$Tag = substr( $Datum, 8, 2);
|
||||
|
||||
$Tag++;
|
||||
|
||||
switch( $Monat)
|
||||
{
|
||||
case 1: $Mmax=31; break;
|
||||
case 2: $Mmax=28; break;
|
||||
case 3: $Mmax=31; break;
|
||||
case 4: $Mmax=30; break;
|
||||
case 5: $Mmax=31; break;
|
||||
case 6: $Mmax=30; break;
|
||||
case 7: $Mmax=31; break;
|
||||
case 8: $Mmax=31; break;
|
||||
case 9: $Mmax=30; break;
|
||||
case 10: $Mmax=31; break;
|
||||
case 11: $Mmax=30; break;
|
||||
case 12: $Mmax=31; break;
|
||||
}
|
||||
|
||||
if( $Tag > $Mmax)
|
||||
{
|
||||
$Tag = 1;
|
||||
$Monat++;
|
||||
}
|
||||
|
||||
if( $Monat > 12 )
|
||||
{
|
||||
$Monat = 1;
|
||||
$Jahr++;
|
||||
}
|
||||
|
||||
$Tag = strlen( $Tag ) == 1 ? "0".$Tag : $Tag;
|
||||
$Monat = strlen( $Monat ) == 1 ? "0".$Monat : $Monat;
|
||||
|
||||
return ("$Jahr-$Monat-$Tag");
|
||||
} //function DatumUm1Tagerhoehen(
|
||||
}
|
||||
|
||||
//suchen den ersten eintrags
|
||||
$SQL = "SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
$Pos=0;
|
||||
|
||||
if( mysql_num_rows($Erg)>0)
|
||||
{
|
||||
do
|
||||
{
|
||||
//Startdatum einlesen und link ausgeben
|
||||
$DateS = substr(mysql_result($Erg, 0 , 0), 0,10);
|
||||
$VeranstaltungsTage[$Pos++] = $DateS;
|
||||
|
||||
//auslesen den endes und eventuelle weitere tage ausgeben
|
||||
$SQL2 = "SELECT MAX(`DateE`) FROM `Shifts` ".
|
||||
"WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))";
|
||||
$Erg2 = mysql_query($SQL2, $con);
|
||||
$DateE = substr(mysql_result($Erg2, 0 , 0), 0,10);
|
||||
|
||||
if( strlen($DateE) == 0)
|
||||
$DateE = $DateS;
|
||||
else
|
||||
while( $DateS != $DateE)
|
||||
{
|
||||
$DateS = DatumUm1TagErhoehen( $DateS);
|
||||
$VeranstaltungsTage[$Pos++] = $DateS;
|
||||
}
|
||||
|
||||
//suchen den nästen eintrag
|
||||
$SQL = "SELECT `DateS` FROM `Shifts` ".
|
||||
"WHERE (`DateS` > '$DateE 23:59:59' ) ".
|
||||
"ORDER BY `DateS` ".
|
||||
"LIMIT 1";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
} while( mysql_fetch_row($Erg) > 0);
|
||||
}
|
||||
$VeranstaltungsTageMax = $Pos-1;
|
||||
|
||||
?>
|
@ -1,132 +0,0 @@
|
||||
<?php
|
||||
|
||||
function UID2Nick($UID)
|
||||
{
|
||||
global $con;
|
||||
|
||||
if( $UID>0) {
|
||||
$SQL = "SELECT Nick FROM `User` WHERE UID='$UID'";
|
||||
} else {
|
||||
$SQL = "SELECT Name FROM `UserGroups` WHERE UID='$UID'";
|
||||
}
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
//echo $UID."#";
|
||||
if( mysql_num_rows($Erg)) {
|
||||
if( $UID>0 ) {
|
||||
return mysql_result($Erg, 0);
|
||||
} else {
|
||||
return "Group-".mysql_result($Erg, 0);
|
||||
}
|
||||
} else {
|
||||
if( $UID == -1)
|
||||
return "logout User";
|
||||
else
|
||||
return "UserID $UID not found";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function TID2Type($TID)
|
||||
{
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT Name FROM `EngelType` WHERE TID='$TID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if( mysql_num_rows($Erg))
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
function ReplaceSmilies($eckig)
|
||||
{
|
||||
global $url, $ENGEL_ROOT;
|
||||
|
||||
$neueckig = $eckig;
|
||||
$neueckig = str_replace(";o))", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_redface.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":-))", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_redface.gif\">",$neueckig);
|
||||
$neueckig = str_replace(";o)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_wind.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_smile.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":-)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_smile.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_sad.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":-(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_sad.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":o(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_sad.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":o)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_lol.gif\">",$neueckig);
|
||||
$neueckig = str_replace(";o(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_cry.gif\">",$neueckig);
|
||||
$neueckig = str_replace(";(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_cry.gif\">",$neueckig);
|
||||
$neueckig = str_replace(";-(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_cry.gif\">",$neueckig);
|
||||
$neueckig = str_replace("8)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_rolleyes.gif\">",$neueckig);
|
||||
$neueckig = str_replace("8o)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_rolleyes.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":P", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_evil.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":-P", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_evil.gif\">",$neueckig);
|
||||
$neueckig = str_replace(":oP", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_evil.gif\">",$neueckig);
|
||||
$neueckig = str_replace(";P", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_mad.gif\">",$neueckig);
|
||||
$neueckig = str_replace(";oP", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_mad.gif\">",$neueckig);
|
||||
$neueckig = str_replace("?)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_question.gif\">",$neueckig);
|
||||
return $neueckig;
|
||||
}
|
||||
|
||||
|
||||
function GetPicturShow($UID)
|
||||
{
|
||||
global $con;
|
||||
|
||||
$SQL= "SELECT `show` FROM `UserPicture` WHERE `UID`='$UID'";
|
||||
$res = mysql_query( $SQL, $con);
|
||||
if( mysql_num_rows($res) == 1)
|
||||
return mysql_result( $res, 0, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
/* Parameter:
|
||||
<UserID>
|
||||
[<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
|
||||
function displayPictur($UID, $height="30")
|
||||
{
|
||||
global $url, $ENGEL_ROOT;
|
||||
if( $height > 0)
|
||||
return( "<img src=\"". $url. $ENGEL_ROOT. "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\">");
|
||||
else
|
||||
return( "<img src=\"". $url. $ENGEL_ROOT. "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">");
|
||||
}
|
||||
|
||||
|
||||
/* Parameter:
|
||||
<UserID>
|
||||
[<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
|
||||
function displayavatar( $UID, $height="30")
|
||||
{
|
||||
global $con, $url, $ENGEL_ROOT;
|
||||
|
||||
if( GetPicturShow($UID) == 'Y')
|
||||
return " ". displayPictur( $UID, $height);
|
||||
|
||||
// show avator
|
||||
$asql = "select * from User where UID = $UID";
|
||||
$aerg = mysql_query ($asql, $con);
|
||||
if( mysql_num_rows($aerg) )
|
||||
if( mysql_result($aerg, 0, "Avatar") > 0)
|
||||
return (" <img src=\"". $url. $ENGEL_ROOT. "pic/avatar/avatar". mysql_result($aerg, 0, "Avatar"). ".gif\">");
|
||||
|
||||
}
|
||||
|
||||
function UIDgekommen($UID)
|
||||
{
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='$UID'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
//echo $UID."#";
|
||||
if( mysql_num_rows($Erg))
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "0";
|
||||
}
|
||||
|
||||
?>
|
@ -1,162 +1,152 @@
|
||||
<?PHP
|
||||
|
||||
|
||||
class element
|
||||
{
|
||||
<?php
|
||||
class element {
|
||||
var $name = '';
|
||||
var $attributes = array();
|
||||
var $attributes = array ();
|
||||
var $data = '';
|
||||
var $depth = 0;
|
||||
var $sub = array();
|
||||
var $sub = array ();
|
||||
}
|
||||
|
||||
$XMLDEBUG = 0;
|
||||
$depth = 0;
|
||||
$XMLmain = new element;
|
||||
$XMLpos = array( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
|
||||
$XMLpos = array (
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0
|
||||
);
|
||||
//$XMLpos = array( 0, 0, 0, 0, 0, 0);
|
||||
|
||||
function convertValues( $Data)
|
||||
{
|
||||
|
||||
function convertValues($Data) {
|
||||
global $XMLDEBUG;
|
||||
if( $XMLDEBUG)
|
||||
{
|
||||
|
||||
if ($XMLDEBUG) {
|
||||
$Data = htmlspecialchars($Data);
|
||||
$Data = mysql_escape_string($Data);
|
||||
$Data = htmlentities($Data);
|
||||
}
|
||||
|
||||
$Data = utf8_decode($Data);
|
||||
return $Data;
|
||||
}
|
||||
|
||||
|
||||
function dataXMLmain( $Data, &$Objekt, $Tiefe )
|
||||
{
|
||||
function dataXMLmain($Data, & $Objekt, $Tiefe) {
|
||||
global $XMLmain, $XMLpos, $depth, $XMLDEBUG;
|
||||
|
||||
if( $XMLDEBUG)
|
||||
echo "?$Tiefe$depth";
|
||||
if( ($depth-1)==$Tiefe)
|
||||
{
|
||||
// $Objekt->sub[ $XMLpos[$Tiefe] ]->data .= convertValues($Data);
|
||||
$Objekt->sub[ $XMLpos[$Tiefe] ]->data .= htmlentities( convertValues($Data), ENT_QUOTES);
|
||||
|
||||
if( $XMLDEBUG)
|
||||
echo "???". $Objekt->sub[ $XMLpos[$Tiefe] ]->name. "|$Data|$Tiefe???<br>";
|
||||
}
|
||||
else
|
||||
dataXMLmain( $Data, $Objekt->sub[ $XMLpos[$Tiefe] ], $Tiefe+1);
|
||||
|
||||
if ($XMLDEBUG)
|
||||
echo "?$Tiefe$depth";
|
||||
|
||||
if (($depth -1) == $Tiefe) {
|
||||
$Objekt->sub[$XMLpos[$Tiefe]]->data .= htmlentities(convertValues($Data), ENT_QUOTES);
|
||||
|
||||
if ($XMLDEBUG)
|
||||
echo "???" . $Objekt->sub[$XMLpos[$Tiefe]]->name . "|$Data|$Tiefe???<br />";
|
||||
} else
|
||||
dataXMLmain($Data, $Objekt->sub[$XMLpos[$Tiefe]], $Tiefe +1);
|
||||
}
|
||||
|
||||
function startXMLmain( $Data, &$Objekt, $Tiefe )
|
||||
{
|
||||
function startXMLmain($Data, & $Objekt, $Tiefe) {
|
||||
global $XMLpos, $depth, $XMLDEBUG;
|
||||
|
||||
if( $XMLDEBUG)
|
||||
if($Tiefe==1)
|
||||
{ print_r(array_values ($XMLpos)); echo "--".$Data->name;
|
||||
echo " #$Tiefe/$depth#";
|
||||
}
|
||||
|
||||
if( $depth==$Tiefe)
|
||||
{
|
||||
$Objekt->sub[ $XMLpos[$Tiefe] ] = $Data;
|
||||
if( $XMLDEBUG)
|
||||
echo "|". $XMLpos[$Tiefe]."|". $Objekt->sub[ $XMLpos[$Tiefe] ]->name. " ". $Data->name." save|". "#-#<br>";
|
||||
}
|
||||
else
|
||||
startXMLmain( $Data, $Objekt->sub[ $XMLpos[$Tiefe] ], $Tiefe+1);
|
||||
if ($XMLDEBUG)
|
||||
if ($Tiefe == 1) {
|
||||
print_r(array_values($XMLpos));
|
||||
echo "--" . $Data->name;
|
||||
echo " #$Tiefe/$depth#";
|
||||
}
|
||||
|
||||
if ($depth == $Tiefe) {
|
||||
$Objekt->sub[$XMLpos[$Tiefe]] = $Data;
|
||||
if ($XMLDEBUG)
|
||||
echo "|" . $XMLpos[$Tiefe] . "|" . $Objekt->sub[$XMLpos[$Tiefe]]->name . " " . $Data->name . " save|" . "#-#<br />";
|
||||
} else
|
||||
startXMLmain($Data, $Objekt->sub[$XMLpos[$Tiefe]], $Tiefe +1);
|
||||
}
|
||||
|
||||
function start_element_handler($parser, $name, $attribs)
|
||||
{
|
||||
function start_element_handler($parser, $name, $attribs) {
|
||||
global $depth, $XMLmain, $XMLpos;
|
||||
|
||||
$Data = new element;
|
||||
$Data->name = $name;
|
||||
while(list($key, $value) = each($attribs))
|
||||
while (list ($key, $value) = each($attribs))
|
||||
$Data->attributes[$key] = convertValues($value);
|
||||
$Data->depth = $depth;
|
||||
$XMLpos[$depth]++;
|
||||
$XMLpos[$depth]++;
|
||||
|
||||
if( $depth==0)
|
||||
$XMLmain= $Data;
|
||||
if ($depth == 0)
|
||||
$XMLmain = $Data;
|
||||
else
|
||||
startXMLmain( $Data, $XMLmain, 1);
|
||||
startXMLmain($Data, $XMLmain, 1);
|
||||
|
||||
$depth++;
|
||||
}
|
||||
|
||||
function end_element_handler($parser, $name)
|
||||
{
|
||||
function end_element_handler($parser, $name) {
|
||||
global $depth, $XMLpos;
|
||||
$XMLpos[$depth]=0;
|
||||
$XMLpos[$depth] = 0;
|
||||
$depth--;
|
||||
}
|
||||
|
||||
function character_data_handler($parser, $data)
|
||||
{
|
||||
function character_data_handler($parser, $data) {
|
||||
global $XMLmain;
|
||||
if( strlen(trim($data)) )
|
||||
dataXMLmain( $data, $XMLmain, 1);
|
||||
if (strlen(trim($data)))
|
||||
dataXMLmain($data, $XMLmain, 1);
|
||||
}
|
||||
|
||||
/*#######################################################################################*/
|
||||
function readXMLfile( $file )
|
||||
{
|
||||
function readXMLfile($file) {
|
||||
global $XMLDEBUG;
|
||||
|
||||
|
||||
//$xml_parser = xml_parser_create_ns();
|
||||
$xml_parser = xml_parser_create("UTF-8");
|
||||
xml_set_element_handler($xml_parser, "start_element_handler", "end_element_handler");
|
||||
xml_set_character_data_handler($xml_parser, "character_data_handler");
|
||||
|
||||
if (file_exists($file))
|
||||
{
|
||||
if (!($fp = fopen($file, "r")))
|
||||
{
|
||||
echo(" <h1>could not open XML file \"$file\"</h1>");
|
||||
|
||||
if (file_exists($file)) {
|
||||
if (!($fp = fopen($file, "r"))) {
|
||||
echo (" <h1>could not open XML file \"$file\"</h1>");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
echo(" <h1>XML file \"$file\" not exist</h1>");
|
||||
} else {
|
||||
echo (" <h1>XML file \"$file\" not exist</h1>");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if( $XMLDEBUG) echo "<pre>";
|
||||
while ($data = fread($fp, 4096))
|
||||
{
|
||||
if (!xml_parse($xml_parser, $data, feof($fp)))
|
||||
{
|
||||
die(sprintf("XML error: %s at line %d",
|
||||
xml_error_string(xml_get_error_code($xml_parser)),
|
||||
xml_get_current_line_number($xml_parser)));
|
||||
if ($XMLDEBUG)
|
||||
echo "<pre>";
|
||||
while ($data = fread($fp, 4096)) {
|
||||
if (!xml_parse($xml_parser, $data, feof($fp))) {
|
||||
die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
|
||||
}
|
||||
}
|
||||
if( $XMLDEBUG) echo "</pre>";
|
||||
if ($XMLDEBUG)
|
||||
echo "</pre>";
|
||||
xml_parser_free($xml_parser);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*#######################################################################################*/
|
||||
function getXMLsubPease( $Sourse, $Name )
|
||||
{
|
||||
foreach($Sourse->sub as $key => $value) {
|
||||
function getXMLsubPease($Sourse, $Name) {
|
||||
foreach ($Sourse->sub as $key => $value) {
|
||||
if ($value->name == $Name) {
|
||||
return $value;
|
||||
return $value;
|
||||
}
|
||||
}
|
||||
|
||||
echo "<h1>Fehler: getXMLsubPease( $Sourse, $Name ) not found</h1>";
|
||||
// die;
|
||||
// die;
|
||||
}
|
||||
|
||||
/*#######################################################################################*/
|
||||
function getXMLsubData( $Sourse, $Name )
|
||||
{
|
||||
$XML = getXMLsubPease( $Sourse, $Name);
|
||||
function getXMLsubData($Sourse, $Name) {
|
||||
$XML = getXMLsubPease($Sourse, $Name);
|
||||
return $XML->data;
|
||||
}
|
||||
?>
|
||||
|
@ -1,69 +1,61 @@
|
||||
<?PHP
|
||||
|
||||
|
||||
/*##############################################################################################
|
||||
R o o m
|
||||
##############################################################################################*/
|
||||
echo "\n\n<br>\n<h1>Rooms:</h1>\n";
|
||||
|
||||
function saveRoomData()
|
||||
{
|
||||
global $con;
|
||||
if( isset($_GET["NameXML"]))
|
||||
{
|
||||
$SQL= "INSERT INTO `Room` ( `Name`, `FromPentabarf` ) ".
|
||||
"VALUES ('". mysql_escape_string($_GET["NameXML"]). "', 'Y');";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
if( $Erg )
|
||||
echo "Aenderung, an Raum ". $_GET["NameXML"]. ", war erfogreich<br>";
|
||||
else
|
||||
echo "Aenderung, an Raum ". $_GET["NameXML"]. ", war <u>nicht</u> erfogreich.(".
|
||||
mysql_error($con). ")<br>[$SQL]<br>";
|
||||
}
|
||||
else
|
||||
echo "Fehler in den Parametern!<br>";
|
||||
} /*function saveRoomData*/
|
||||
|
||||
if( isset($_GET["RoomUpdate"]))
|
||||
saveRoomData();
|
||||
|
||||
//INIT Status counter
|
||||
$DS_KO = 0;
|
||||
|
||||
//Ausgabe
|
||||
echo "<table border=\"0\">\n";
|
||||
echo "<tr><th>Name</th><th>state</th></tr>\n";
|
||||
if( $EnableSchudle)
|
||||
foreach($XMLmain->sub as $EventKey => $Event)
|
||||
{
|
||||
if( $Event->name == "VEVENT")
|
||||
{
|
||||
$NameXML = getXMLsubData( $Event, "LOCATION");
|
||||
if( !isset( $RoomName[$NameXML]))
|
||||
{
|
||||
$RoomName[$NameXML] = "";
|
||||
|
||||
if( isset($_GET["UpdateALL"]))
|
||||
{
|
||||
$_GET["NameXML"] = $NameXML;
|
||||
saveRoomData();
|
||||
CreateRoomArrays();
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "<form action=\"dbUpdateFromXLS.php\">\n";
|
||||
echo "\t<tr>\n";
|
||||
echo "\t<td><input name=\"NameXML\" type=\"text\" value=\"$NameXML\" readonly></td>\n";
|
||||
echo "\t<td><input type=\"submit\" name=\"RoomUpdate\" value=\"update\"></td>\n";
|
||||
$DS_KO++;
|
||||
echo "\t</tr>\n";
|
||||
echo "</form>\n";
|
||||
echo "<br>";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "<tr><td colspan=\"6\">status: $DS_KO nicht vorhanden.</td></tr>\n";
|
||||
echo "</table>\n";
|
||||
|
||||
?>
|
||||
<?php
|
||||
echo "<h1>Rooms:</h1>\n";
|
||||
|
||||
function saveRoomData() {
|
||||
global $con;
|
||||
|
||||
if(isset($_GET["NameXML"])) {
|
||||
$SQL = "INSERT INTO `Room` ( `Name`, `FromPentabarf` ) ".
|
||||
"VALUES ('". mysql_escape_string($_GET["NameXML"]). "', 'Y');";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if($Erg)
|
||||
echo "Aenderung, an Raum ". $_GET["NameXML"]. ", war erfogreich<br />";
|
||||
else
|
||||
echo "Aenderung, an Raum ". $_GET["NameXML"]. ", war <u>nicht</u> erfogreich.(".
|
||||
|
||||
mysql_error($con). ")<br />[$SQL]<br />";
|
||||
} else
|
||||
echo "Fehler in den Parametern!<br />";
|
||||
}
|
||||
|
||||
if(isset($_GET["RoomUpdate"]))
|
||||
saveRoomData();
|
||||
|
||||
// INIT Status counter
|
||||
$DS_KO = 0;
|
||||
|
||||
// Ausgabe
|
||||
echo "<table border=\"0\">\n";
|
||||
echo "<tr><th>Name</th><th>state</th></tr>\n";
|
||||
|
||||
if($EnableSchudle) {
|
||||
foreach($XMLmain->sub as $EventKey => $Event) {
|
||||
if( $Event->name == "VEVENT") {
|
||||
$NameXML = getXMLsubData( $Event, "LOCATION");
|
||||
|
||||
if( !isset( $RoomName[$NameXML])) {
|
||||
$RoomName[$NameXML] = "";
|
||||
|
||||
if(isset($_GET["UpdateALL"])) {
|
||||
$_GET["NameXML"] = $NameXML;
|
||||
saveRoomData();
|
||||
CreateRoomArrays();
|
||||
} else {
|
||||
echo "<form action=\"dbUpdateFromXLS.php\">\n";
|
||||
echo "<tr>\n";
|
||||
echo "<td><input name=\"NameXML\" type=\"text\" value=\"$NameXML\" readonly></td>\n";
|
||||
echo "<td><input type=\"submit\" name=\"RoomUpdate\" value=\"update\"></td>\n";
|
||||
$DS_KO++;
|
||||
echo "</tr>\n";
|
||||
echo "</form>\n";
|
||||
echo "<br />";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
echo "<tr><td colspan=\"6\">status: $DS_KO nicht vorhanden.</td></tr>\n";
|
||||
echo "</table>\n";
|
||||
?>
|
||||
|
@ -1,26 +0,0 @@
|
||||
<?php
|
||||
|
||||
/* Schichtverplanung im Adminbereich */
|
||||
function Dsubstr($DateString,$re) {
|
||||
if ($re==1)
|
||||
return substr($DateString, 0, 2);
|
||||
elseif ($re==2)
|
||||
return substr($DateString, 3, 2);
|
||||
else
|
||||
return substr($DateString, 6, 4);
|
||||
}
|
||||
|
||||
/* Schichtverplanung im Engelbereich */
|
||||
|
||||
function engeldate($edate,$m) {
|
||||
if ($m==t)
|
||||
return substr($edate, 8, 2);
|
||||
elseif ($m==m)
|
||||
return substr($edate, 5, 2);
|
||||
elseif ($m==u)
|
||||
return substr($edate, 11, 5);
|
||||
else
|
||||
return substr($edate, 0, 4);
|
||||
}
|
||||
|
||||
?>
|
@ -1,50 +0,0 @@
|
||||
<?PHP
|
||||
ini_set( "session.gc_maxlifetime", "65535");
|
||||
|
||||
include ("config.php");
|
||||
include ("error_handler.php");
|
||||
include ("config_db.php");
|
||||
include ("funktion_lang.php");
|
||||
include ("funktion_faq.php"); //für noAnswer() im menu
|
||||
include ("funktion_menu.php");
|
||||
include ("funktion_user.php");
|
||||
|
||||
|
||||
if( isset($SystemDisableMessage) && ( strlen($SystemDisableMessage)>0) )
|
||||
{
|
||||
echo "<HTML>\n".
|
||||
"<BODY>\n". $SystemDisableMessage. "\n<BODY>\n".
|
||||
"</HTML>";
|
||||
die();
|
||||
}
|
||||
|
||||
if( !isset($_SESSION))
|
||||
{
|
||||
session_start();
|
||||
}
|
||||
include ("secure.php");
|
||||
|
||||
if( !isset($_SESSION['IP']))
|
||||
{
|
||||
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
|
||||
}
|
||||
|
||||
if (IsSet($_SESSION['UID']) and ($_SESSION['IP'] <> $_SERVER['REMOTE_ADDR']))
|
||||
{
|
||||
session_destroy ();
|
||||
header("Location: $url". $ENGEL_ROOT );
|
||||
}
|
||||
|
||||
include ("UserCVS.php");
|
||||
|
||||
|
||||
//UPdate LASTlogin
|
||||
if( isset($_SESSION['UID']))
|
||||
{
|
||||
$SQLlastLogIn = "UPDATE `User` SET ".
|
||||
"`lastLogIn` = '". gmdate("Y-m-j H:i:s", time()). "'".
|
||||
" WHERE `UID` = '". $_SESSION['UID']. "' LIMIT 1;";
|
||||
mysql_query ($SQLlastLogIn, $con);
|
||||
}
|
||||
|
||||
?>
|
@ -1,18 +0,0 @@
|
||||
<?PHP
|
||||
include ("config.php");
|
||||
|
||||
echo "<form action=\"". $url. $ENGEL_ROOT. "nonpublic/index.php\" method=\"post\">";
|
||||
echo "<table>\n".
|
||||
"\t<tr>".
|
||||
"\t\t<td align=\"right\">". Get_Text("index_lang_nick"). "</td>".
|
||||
"\t\t<td><input type=\"text\" name=\"user\" size=\"23\"></td>".
|
||||
"\t</tr>".
|
||||
"\t<tr>".
|
||||
"\t\t<td align=\"right\">". Get_Text("index_lang_pass"). "</td>".
|
||||
"\t\t<td><input type=\"password\" name=\"password\" size=\"23\"></td>".
|
||||
"\t</tr>".
|
||||
"</table>".
|
||||
"<br><input type=\"submit\" value=\"". Get_Text("index_lang_send"). "\">";
|
||||
echo "</form>";
|
||||
|
||||
|
@ -1,63 +0,0 @@
|
||||
|
||||
<!-- anfang des menue parts //-->
|
||||
<td width="160" valign="top">
|
||||
<?PHP
|
||||
$MenueTableStart="
|
||||
<table align=\"center\" class=\"border\" cellpadding=\"3\" cellspacing=\"1\">
|
||||
<tr>
|
||||
<td width=\"160\" class=\"menu\">
|
||||
";
|
||||
$MenueTableEnd="
|
||||
<br>
|
||||
</td>
|
||||
</tr>
|
||||
</table><br>
|
||||
";
|
||||
|
||||
ShowMenu("");
|
||||
ShowMenu("nonpublic");
|
||||
ShowMenu("admin");
|
||||
|
||||
if( !isset($submenus))
|
||||
$submenus = 0;
|
||||
|
||||
if ($submenus >= 1 ) {
|
||||
$inc_name=$_SERVER['PHP_SELF'];
|
||||
$filenamepos=strrpos($inc_name, '/');
|
||||
$filenamepos+=1;
|
||||
$filename = substr ($inc_name, $filenamepos );
|
||||
$filepost = substr ($filename, 0, -4);
|
||||
$filepre = substr ($filename, -4 );
|
||||
$verzeichnis = substr ($inc_name, 0 , $filenamepos);
|
||||
|
||||
for ($index_nummer=1; $index_nummer <= $submenus; $index_nummer++) {
|
||||
?>
|
||||
<table align="center" class="border" cellpadding="3" cellspacing="1">
|
||||
<tr>
|
||||
<td width="160" class="menu">
|
||||
<?php include ("./".$filepost.".".$index_nummer.$filepre); ?>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<br>
|
||||
<?PHP
|
||||
}
|
||||
}
|
||||
|
||||
if( isset($_SESSION['UID']))
|
||||
{
|
||||
?>
|
||||
<table align="center" class="border" cellpadding="3" cellspacing="1">
|
||||
<tr>
|
||||
<td width="160" class="menu">
|
||||
<?php include("funktion_activeUser.php"); ?>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<?PHP
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
|
||||
<!-- ende des menue parts //-->
|
@ -0,0 +1,96 @@
|
||||
<?php
|
||||
|
||||
function admin_angel_types() {
|
||||
$html = "";
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
|
||||
$table = "";
|
||||
$angel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `Name`");
|
||||
|
||||
foreach ($angel_types as $angel_type)
|
||||
$table .= sprintf(
|
||||
'<tr><td>%s</td><td>%s</td><td>'
|
||||
. '<a href="%s&action=edit&id=%s">Edit</a></td></tr>',
|
||||
$angel_type['Name'], $angel_type['Man'],
|
||||
page_link_to("admin_angel_types"),
|
||||
$angel_type['TID']
|
||||
);
|
||||
|
||||
$html .= template_render('../templates/admin_angel_types.html', array (
|
||||
'link' => page_link_to("admin_angel_types"),
|
||||
'table' => $table
|
||||
));
|
||||
|
||||
} else {
|
||||
|
||||
switch ($_REQUEST['action']) {
|
||||
|
||||
case 'create' :
|
||||
$name = strip_request_item("name");
|
||||
$man = strip_request_item("man");
|
||||
|
||||
sql_query("INSERT INTO `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "'");
|
||||
|
||||
header("Location: " . page_link_to("admin_angel_types"));
|
||||
break;
|
||||
|
||||
case 'edit' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing AngelType ID.");
|
||||
|
||||
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($angel_type) > 0) {
|
||||
list ($angel_type) = $angel_type;
|
||||
|
||||
$html .= template_render(
|
||||
'../templates/admin_angel_types_edit_form.html', array (
|
||||
'link' => page_link_to("admin_angel_types"),
|
||||
'id' => $id,
|
||||
'name' => $angel_type['Name'],
|
||||
'man' => $angel_type['Man']
|
||||
));
|
||||
} else
|
||||
return error("No Angel Type found.");
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing AngelType ID.");
|
||||
|
||||
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($angel_type) > 0) {
|
||||
list ($angel_type) = $angel_type;
|
||||
|
||||
$name = strip_request_item("name");
|
||||
$man = strip_request_item("man");
|
||||
|
||||
sql_query("UPDATE `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "' WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_angel_types"));
|
||||
} else
|
||||
return error("No Angel Type found.");
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing AngelType ID.");
|
||||
|
||||
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($angel_type) > 0) {
|
||||
sql_query("DELETE FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||
sql_query("DELETE FROM `RoomAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_angel_types"));
|
||||
} else
|
||||
return error("No Angel Type found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,105 @@
|
||||
<?php
|
||||
function admin_faq() {
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
$faqs_html = "";
|
||||
$faqs = sql_select("SELECT * FROM `FAQ`");
|
||||
foreach ($faqs as $faq) {
|
||||
$faqs_html .= sprintf(
|
||||
'<tr><td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||
. '<td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||
. '<td><a href="%s&action=edit&id=%s">Edit</a></td></tr>',
|
||||
$faq['Frage_de'], $faq['Antwort_de'],
|
||||
$faq['Frage_en'], $faq['Antwort_en'],
|
||||
page_link_to('admin_faq'), $faq['FID']
|
||||
);
|
||||
}
|
||||
return template_render('../templates/admin_faq.html', array (
|
||||
'link' => page_link_to("admin_faq"),
|
||||
'faqs' => $faqs_html
|
||||
));
|
||||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'create' :
|
||||
$frage = strip_request_item_nl('frage');
|
||||
$antwort = strip_request_item_nl('antwort');
|
||||
$question = strip_request_item_nl('question');
|
||||
$answer = strip_request_item_nl('answer');
|
||||
|
||||
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||
. "', `Frage_en`='" . sql_escape($question)
|
||||
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||
. "', `Antwort_en`='" . sql_escape($answer)
|
||||
. "'"
|
||||
);
|
||||
|
||||
header("Location: " . page_link_to("admin_faq"));
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing FAQ ID.");
|
||||
|
||||
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($faq) > 0) {
|
||||
list ($faq) = $faq;
|
||||
|
||||
$frage = strip_request_item_nl('frage');
|
||||
$antwort = strip_request_item_nl('antwort');
|
||||
$question = strip_request_item_nl('question');
|
||||
$answer = strip_request_item_nl('answer');
|
||||
|
||||
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||
. "', `Frage_en`='" . sql_escape($question)
|
||||
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||
. "', `Antwort_en`='" . sql_escape($answer)
|
||||
. "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"
|
||||
);
|
||||
|
||||
header("Location: " . page_link_to("admin_faq"));
|
||||
} else
|
||||
return error("No FAQ found.");
|
||||
break;
|
||||
|
||||
case 'edit' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing FAQ ID.");
|
||||
|
||||
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($faq) > 0) {
|
||||
list ($faq) = $faq;
|
||||
|
||||
return template_render('../templates/admin_faq_edit_form.html', array (
|
||||
'link' => page_link_to("admin_faq"),
|
||||
'id' => $id,
|
||||
'frage' => $faq['Frage_de'],
|
||||
'antwort' => $faq['Antwort_de'],
|
||||
'question' => $faq['Frage_en'],
|
||||
'answer' => $faq['Antwort_en']
|
||||
));
|
||||
} else
|
||||
return error("No FAQ found.");
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing FAQ ID.");
|
||||
|
||||
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($faq) > 0) {
|
||||
list ($faq) = $faq;
|
||||
|
||||
sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_faq"));
|
||||
} else
|
||||
return error("No FAQ found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
@ -0,0 +1,91 @@
|
||||
<?php
|
||||
function admin_groups() {
|
||||
global $user;
|
||||
|
||||
$html = "";
|
||||
$groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
|
||||
if (!isset ($_REQUEST["action"])) {
|
||||
$groups_html = "";
|
||||
foreach ($groups as $group) {
|
||||
$groups_html .= sprintf(
|
||||
'<tr><td>%s</td>',
|
||||
$group['Name']
|
||||
);
|
||||
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
|
||||
$privileges_html = array ();
|
||||
|
||||
foreach ($privileges as $priv)
|
||||
$privileges_html[] = $priv['name'];
|
||||
|
||||
$groups_html .= sprintf(
|
||||
'<td>%s</td>'
|
||||
. '<td><a href="%s&action=edit&id=%s">Ändern</a></td>',
|
||||
join(', ', $privileges_html),
|
||||
page_link_to("admin_groups"),
|
||||
$group['UID']
|
||||
);
|
||||
}
|
||||
|
||||
return template_render('../templates/admin_groups.html', array (
|
||||
'nick' => $user['Nick'],
|
||||
'groups' => $groups_html
|
||||
));
|
||||
} else {
|
||||
switch ($_REQUEST["action"]) {
|
||||
case 'edit' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Groups ID.");
|
||||
|
||||
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($room) > 0) {
|
||||
list ($room) = $room;
|
||||
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
|
||||
$privileges_html = "";
|
||||
foreach ($privileges as $priv)
|
||||
$privileges_html .= sprintf(
|
||||
'<tr><td><input type="checkbox" '
|
||||
. 'name="privileges[]" value="%s" %s />'
|
||||
. '</td> <td>%s</td> <td>%s</td></tr>',
|
||||
$priv['id'],
|
||||
($priv['group_id'] != ""
|
||||
? 'checked="checked"'
|
||||
: ''),
|
||||
$priv['name'],
|
||||
$priv['desc']
|
||||
);
|
||||
|
||||
$html .= template_render('../templates/admin_groups_edit_form.html', array (
|
||||
'link' => page_link_to("admin_groups"),
|
||||
'id' => $id,
|
||||
'privileges' => $privileges_html
|
||||
));
|
||||
} else
|
||||
return error("No Group found.");
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Groups ID.");
|
||||
|
||||
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (!is_array($_REQUEST['privileges']))
|
||||
$_REQUEST['privileges'] = array ();
|
||||
if (count($room) > 0) {
|
||||
list ($room) = $room;
|
||||
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
|
||||
foreach ($_REQUEST['privileges'] as $priv)
|
||||
if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0)
|
||||
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
|
||||
header("Location: " . page_link_to("admin_groups"));
|
||||
} else
|
||||
return error("No Group found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,253 @@
|
||||
<?php
|
||||
function admin_import() {
|
||||
global $Room, $RoomID, $RoomName;
|
||||
global $PentabarfGetWith, $PentabarfXMLpath, $PentabarfXMLhost;
|
||||
|
||||
require_once ("includes/funktion_xml.php");
|
||||
///////////
|
||||
// DEBUG //
|
||||
///////////
|
||||
$ShowDataStrukture = 0;
|
||||
$EnableRoomFunctions = 1;
|
||||
$EnableRooms = 1;
|
||||
$EnableSchudleFunctions = 1;
|
||||
$EnableSchudle = 1;
|
||||
$EnableSchudleDB = 1;
|
||||
|
||||
CreateRoomArrays();
|
||||
|
||||
$html = "";
|
||||
|
||||
/*##############################################################################################
|
||||
F I L E
|
||||
##############################################################################################*/
|
||||
$html .= "\n\n<br />\n<h1>XML File:</h1>\n";
|
||||
if (isset ($_POST["PentabarfUser"]) && isset ($_POST["password"]) && isset ($_POST["PentabarfURL"])) {
|
||||
$html .= "Update XCAL-File from Pentabarf..";
|
||||
if ($PentabarfGetWith == "fsockopen") {
|
||||
|
||||
//backup error messeges and delate
|
||||
$Backuperror_messages = $error_messages;
|
||||
$fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 30);
|
||||
// $error_messages = $Backuperror_messages;
|
||||
|
||||
if (!$fp) {
|
||||
$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!" .
|
||||
"[$errstr ($errno)]</h2>";
|
||||
} else {
|
||||
if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
|
||||
$head = 'GET /' . $PentabarfXMLpath . $_POST["PentabarfURL"] . ' HTTP/1.1' . "\r\n" .
|
||||
'Host: ' . $PentabarfXMLhost . "\r\n" .
|
||||
'User-Agent: Engelsystem' . "\r\n" .
|
||||
'Authorization: Basic ' .
|
||||
base64_encode($_POST["PentabarfUser"] . ':' . $_POST["password"]) . "\r\n" .
|
||||
"\r\n";
|
||||
fputs($fp, $head);
|
||||
$Zeilen = -1;
|
||||
while (!feof($fp)) {
|
||||
$Temp = fgets($fp, 1024);
|
||||
|
||||
// ende des headers
|
||||
if ($Temp == "f20\r\n") {
|
||||
$Zeilen = 0;
|
||||
$Temp = "";
|
||||
}
|
||||
|
||||
//file ende?
|
||||
if ($Temp == "0\r\n")
|
||||
break;
|
||||
|
||||
if (($Zeilen > -1) && ($Temp != "ffb\r\n")) {
|
||||
//steuerzeichen ausfiltern
|
||||
if (strpos("#$Temp", "\r\n") > 0)
|
||||
$Temp = substr($Temp, 0, strlen($Temp) - 2);
|
||||
if (strpos("#$Temp", "1005") > 0)
|
||||
$Temp = "";
|
||||
if (strpos("#$Temp", "783") > 0)
|
||||
$Temp = "";
|
||||
//schreiben in file
|
||||
fputs($fileOut, $Temp);
|
||||
$Zeilen++;
|
||||
}
|
||||
}
|
||||
fclose($fileOut);
|
||||
|
||||
$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
|
||||
} else
|
||||
$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
|
||||
fclose($fp);
|
||||
}
|
||||
}
|
||||
elseif ($PentabarfGetWith == "fopen") {
|
||||
//user uns password in url einbauen
|
||||
$FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" .
|
||||
$PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"];
|
||||
|
||||
if (($fileIn = fopen($FileNameIn, "r")) != FALSE) {
|
||||
if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
|
||||
$Zeilen = 0;
|
||||
while (!feof($fileIn)) {
|
||||
$Zeilen++;
|
||||
fputs($fileOut, fgets($fileIn));
|
||||
}
|
||||
fclose($fileOut);
|
||||
$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
|
||||
} else
|
||||
$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
|
||||
fclose($fileIn);
|
||||
} else
|
||||
$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!</h2>";
|
||||
}
|
||||
elseif ($PentabarfGetWith == "wget") {
|
||||
$Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " .
|
||||
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] .
|
||||
" --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" .
|
||||
" --no-check-certificate";
|
||||
$html .= system($Command, $Status);
|
||||
if ($Status == 0)
|
||||
$html .= "OK.<br />";
|
||||
else
|
||||
$html .= "fail ($Status)($Command).<br />";
|
||||
}
|
||||
elseif ($PentabarfGetWith == "lynx") {
|
||||
$Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " .
|
||||
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML";
|
||||
$html .= system($Command, $Status);
|
||||
if ($Status == 0)
|
||||
$html .= "OK.<br />";
|
||||
else
|
||||
$html .= "fail ($Status)($Command).<br />";
|
||||
}
|
||||
elseif ($PentabarfGetWith == "fopen") {
|
||||
//user uns password in url einbauen
|
||||
$FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" .
|
||||
$PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"];
|
||||
|
||||
if (($fileIn = fopen($FileNameIn, "r")) != FALSE) {
|
||||
if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
|
||||
$Zeilen = 0;
|
||||
while (!feof($fileIn)) {
|
||||
$Zeilen++;
|
||||
fputs($fileOut, fgets($fileIn));
|
||||
}
|
||||
fclose($fileOut);
|
||||
$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
|
||||
} else
|
||||
$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
|
||||
fclose($fileIn);
|
||||
} else
|
||||
$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!</h2>";
|
||||
}
|
||||
elseif ($PentabarfGetWith == "wget") {
|
||||
$Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " .
|
||||
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] .
|
||||
" --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" .
|
||||
" --no-check-certificate";
|
||||
$html .= system($Command, $Status);
|
||||
if ($Status == 0)
|
||||
$html .= "OK.<br />";
|
||||
else
|
||||
$html .= "fail ($Status)($Command).<br />";
|
||||
}
|
||||
elseif ($PentabarfGetWith == "lynx") {
|
||||
$Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " .
|
||||
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML";
|
||||
$html .= system($Command, $Status);
|
||||
if ($Status == 0)
|
||||
$html .= "OK.<br />";
|
||||
else
|
||||
$html .= "fail ($Status)($Command).<br />";
|
||||
} else
|
||||
$html .= "<h1>The PentabarfGetWith='$PentabarfGetWith' not supported</h1>";
|
||||
} else {
|
||||
$html .= "<form action=\"dbUpdateFromXLS.php\" method=\"post\">\n";
|
||||
$html .= "<table border=\"0\">\n";
|
||||
$html .= "\t<tr><td>XCAL-File: https://$PentabarfXMLhost/$PentabarfXMLpath</td>" .
|
||||
"<td><input name=\"PentabarfURL\" type=\"text\" size=\"4\" maxlength=\"5\" " .
|
||||
"value=\"$PentabarfXMLEventID\"></td></tr>\n";
|
||||
$html .= "\t<tr><td>Username:</td>" .
|
||||
"<td><input name=\"PentabarfUser\" type=\"text\" size=\"30\" maxlength=\"30\"></td></tr>\n";
|
||||
$html .= "\t<tr><td>Password:</td>" .
|
||||
"<td><input name=\"password\" type=\"password\" size=\"30\" maxlength=\"30\"></td></tr>\n";
|
||||
$html .= "\t<tr><td></td><td><input type=\"submit\" name=\"FileUpload\" value=\"upload\"></td></tr>\n";
|
||||
$html .= "</table>\n";
|
||||
$html .= "</form>\n";
|
||||
}
|
||||
|
||||
//readXMLfile("xml.php.xml");
|
||||
if (readXMLfile("../import/27C3_sample.xcs.xml") == 0) {
|
||||
$XMLmain = getXMLsubPease($XMLmain, "VCALENDAR");
|
||||
|
||||
if ($ShowDataStrukture) {
|
||||
$html .= "<pre><br />";
|
||||
$html .= $XMLmain->name;
|
||||
$html .= "<br />";
|
||||
print_r(array_values($XMLmain->sub));
|
||||
$html .= "</pre>";
|
||||
}
|
||||
|
||||
/*
|
||||
$html .= "<br />";
|
||||
$Feld=7;
|
||||
$html .= "$Feld#". $XMLmain->sub[$Feld]->name. "<br />";
|
||||
$html .= "$Feld#". $XMLmain->sub[$Feld]->sub;
|
||||
//print_r(array_values ($XMLmain->sub[$Feld]->sub));
|
||||
while(list($key, $value) = each($XMLmain->sub[$Feld]->sub))
|
||||
$html .= "?ID".$value->sub[1]->data. "=". $value->sub[2]->data. "\n";
|
||||
$html .= "</pre>";
|
||||
*/
|
||||
|
||||
/*##############################################################################################
|
||||
V e r s i o n
|
||||
##############################################################################################*/
|
||||
|
||||
$html .= "<hr>\n";
|
||||
$XMLrelease = getXMLsubPease($XMLmain, "X-WR-CALDESC");
|
||||
$html .= "release: " . $XMLrelease->data . "<br />\n";
|
||||
//$XMLreleaseDate = getXMLsubPease( $XMLmain, "RELEASE-DATE");
|
||||
//$html .= "release date: ". $XMLreleaseDate->data. "<br />\n";
|
||||
$html .= "<hr>\n";
|
||||
|
||||
/*##############################################################################################
|
||||
V e r s i o n
|
||||
##############################################################################################*/
|
||||
if ($EnableRoomFunctions)
|
||||
include ("includes/funktion_xml_room.php");
|
||||
|
||||
if ($EnableSchudleFunctions)
|
||||
include ("includes/funktion_xml_schudle.php");
|
||||
|
||||
/*##############################################################################################
|
||||
U P D A T E A L L
|
||||
##############################################################################################*/
|
||||
$html .= "\n\n<br />\n<h1>Update ALL:</h1>\n";
|
||||
|
||||
$html .= "<form action=\"dbUpdateFromXLS.php\">\n";
|
||||
$html .= "\t<input type=\"submit\" name=\"UpdateALL\" value=\"now\">\n";
|
||||
$html .= "</form>\n";
|
||||
|
||||
} //if XMLopenOOK
|
||||
return $html;
|
||||
}
|
||||
|
||||
/*##############################################################################################
|
||||
erstellt Arrays der Reume
|
||||
##############################################################################################*/
|
||||
function CreateRoomArrays() {
|
||||
global $Room, $RoomID, $RoomName, $con;
|
||||
|
||||
$sql = "SELECT `RID`, `Name` FROM `Room` " .
|
||||
"WHERE `Show`='Y'" .
|
||||
"ORDER BY `Number`, `Name`;";
|
||||
$Erg = mysql_query($sql, $con);
|
||||
$rowcount = mysql_num_rows($Erg);
|
||||
|
||||
for ($i = 0; $i < $rowcount; $i++) {
|
||||
$Room[$i]["RID"] = mysql_result($Erg, $i, "RID");
|
||||
$Room[$i]["Name"] = mysql_result($Erg, $i, "Name");
|
||||
$RoomID[mysql_result($Erg, $i, "RID")] = mysql_result($Erg, $i, "Name");
|
||||
$RoomName[mysql_result($Erg, $i, "Name")] = mysql_result($Erg, $i, "RID");
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
@ -0,0 +1,110 @@
|
||||
<?php
|
||||
function admin_language() {
|
||||
global $user;
|
||||
|
||||
$html = "";
|
||||
if (!isset ($_POST["TextID"])) {
|
||||
$html .= Get_Text("Hello") . $user['Nick'] . ", <br />\n";
|
||||
$html .= Get_Text("pub_sprache_text1") . "<br /><br />\n";
|
||||
|
||||
$html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>";
|
||||
// ausgabe Tabellenueberschift
|
||||
$SQL_Sprachen = "SELECT `Sprache` FROM `Sprache` GROUP BY `Sprache`;";
|
||||
$erg_Sprachen = sql_query($SQL_Sprachen);
|
||||
|
||||
for ($i = 0; $i < mysql_num_rows($erg_Sprachen); $i++)
|
||||
$Sprachen[mysql_result($erg_Sprachen, $i, "Sprache")] = $i;
|
||||
|
||||
$html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>";
|
||||
$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>";
|
||||
foreach ($Sprachen as $Name => $Value)
|
||||
$html .= "<td class=\"contenttopic\"><b>" .
|
||||
Get_Text("pub_sprache_Sprache") . " " . $Name .
|
||||
"</b></td>";
|
||||
$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>";
|
||||
$html .= "\t\t</tr>";
|
||||
|
||||
if (isset ($_GET["ShowEntry"])) {
|
||||
// ausgabe eintraege
|
||||
$SQL = "SELECT * FROM `Sprache` ORDER BY `TextID`;";
|
||||
$erg = sql_query($SQL);
|
||||
|
||||
$TextID_Old = mysql_result($erg, 0, "TextID");
|
||||
for ($i = 0; $i < mysql_num_rows($erg); $i++) {
|
||||
$TextID_New = mysql_result($erg, $i, "TextID");
|
||||
if ($TextID_Old != $TextID_New) {
|
||||
$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
|
||||
$html .= "<tr class=\"content\">\n";
|
||||
$html .= "\t\t<td>$TextID_Old " .
|
||||
"<input name=\"TextID\" type=\"hidden\" value=\"$TextID_Old\"> </td>\n";
|
||||
|
||||
foreach ($Sprachen as $Name => $Value) {
|
||||
$Value = html_entity_decode($Value, ENT_QUOTES);
|
||||
$html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n";
|
||||
$Sprachen[$Name] = "";
|
||||
}
|
||||
|
||||
$html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
|
||||
$html .= "</tr>";
|
||||
$html .= "</form>\n";
|
||||
$TextID_Old = $TextID_New;
|
||||
}
|
||||
$Sprachen[mysql_result($erg, $i, "Sprache")] = mysql_result($erg, $i, "Text");
|
||||
} /*FOR*/
|
||||
}
|
||||
|
||||
//fuer neu eintraege
|
||||
$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
|
||||
$html .= "<tr class=\"content\">\n";
|
||||
$html .= "\t\t<td><input name=\"TextID\" type=\"text\" size=\"40\" value=\"new\"> </td>\n";
|
||||
|
||||
foreach ($Sprachen as $Name => $Value)
|
||||
$html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Name Text</textarea></td>\n";
|
||||
|
||||
$html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
|
||||
$html .= "</tr>";
|
||||
$html .= "</form>\n";
|
||||
|
||||
$html .= "</table>\n";
|
||||
} /*if( !isset( $TextID ) )*/
|
||||
else {
|
||||
$html .= "edit: " . $_POST["TextID"] . "<br /><br />";
|
||||
foreach ($_POST as $k => $v) {
|
||||
if ($k != "TextID") {
|
||||
$sql_test = "SELECT * FROM `Sprache` " .
|
||||
"WHERE `TextID`='" . sql_escape($_POST["TextID"])
|
||||
. "' AND `Sprache`='"
|
||||
. sql_escape($k) . "'";
|
||||
|
||||
$erg_test = sql_query($sql_test);
|
||||
|
||||
if (mysql_num_rows($erg_test) == 0) {
|
||||
$sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " .
|
||||
"VALUES ('" . sql_escape($_POST["TextID"]) . "', '"
|
||||
. sql_escape($k) . "', '"
|
||||
. sql_escape($v) . "')";
|
||||
|
||||
$html .= $sql_save . "<br />";
|
||||
$Erg = sql_query($sql_save);
|
||||
$html .= success("$k Save: OK<br />\n");
|
||||
} else
|
||||
if (mysql_result($erg_test, 0, "Text") != $v) {
|
||||
$sql_save = "UPDATE `Sprache` SET `Text`='"
|
||||
. sql_escape($v) . "' " .
|
||||
"WHERE `TextID`='"
|
||||
. sql_escape($_POST["TextID"])
|
||||
. "' AND `Sprache`='" . sql_escape($k) . "' ";
|
||||
|
||||
$html .= $sql_save . "<br />";
|
||||
$Erg = sql_query($sql_save);
|
||||
$html .= success(" $k Update: OK<br />\n");
|
||||
} else
|
||||
$html .= "\t $k no changes<br />\n";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
?>
|
||||
|
@ -0,0 +1,76 @@
|
||||
<?php
|
||||
function admin_log() {
|
||||
require_once ("includes/funktion_db_list.php");
|
||||
|
||||
$html = "";
|
||||
$SQL = "SELECT * FROM `ChangeLog` ORDER BY `Time` DESC LIMIT 0,10000";
|
||||
$Erg = sql_query($SQL);
|
||||
|
||||
if (mysql_num_rows($Erg) > 0) {
|
||||
$html .= "<table border=1>\n";
|
||||
$html .= "<tr>\n\t<th>Time</th>\n\t<th>User</th>\n\t<th>Commend</th>\n\t<th>SQL Command</th>\n</tr>\n";
|
||||
for ($n = 0; $n < mysql_num_rows($Erg); $n++) {
|
||||
$html .= "<tr>\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Time") . "</td>\n";
|
||||
$html .= "\t<td>" . UID2Nick(mysql_result($Erg, $n, "UID")) . displayavatar(mysql_result($Erg, $n, "UID")) . "</td>\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Commend") . "</td>\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "SQLCommad") . "</td>\n";
|
||||
$html .= "</tr>\n";
|
||||
}
|
||||
$html .= "</table>\n";
|
||||
} else {
|
||||
$html .= "Log is empty...";
|
||||
}
|
||||
$html .= "<hr />";
|
||||
|
||||
$html .= "<h1>Web Counter</h1>";
|
||||
$html .= funktion_db_list("Counter");
|
||||
|
||||
/*
|
||||
$html .= "<h1>Raeume</h1> <br />";
|
||||
funktion_db_list("Raeume");
|
||||
|
||||
$html .= "<h1>Schichtbelegung</h1> <br />";
|
||||
funktion_db_list("Schichtbelegung");
|
||||
|
||||
$html .= "<h1>Schichtplan</h1> <br />Hier findest du alle bisher eingetragenen Schichten:";
|
||||
funktion_db_list("Schichtplan");
|
||||
|
||||
$html .= "<h1>User</h1> <br />";
|
||||
funktion_db_list("User");
|
||||
|
||||
$html .= "<h1>News</h1> <br />";
|
||||
funktion_db_list("News");
|
||||
|
||||
$html .= "<h1>FAQ</h1> <br />";
|
||||
funktion_db_list("FAQ");
|
||||
|
||||
$html .= "Deaktiviert";
|
||||
*/
|
||||
|
||||
$html .= "<hr>\n";
|
||||
$html .= funktion_db_element_list_2row("Tshirt-Size aller engel", "SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`");
|
||||
$html .= "<br />\n";
|
||||
$html .= funktion_db_element_list_2row("Tshirt ausgegeben", "SELECT `Size`, COUNT(`Size`) FROM `User` WHERE `Tshirt`='1' GROUP BY `Size`");
|
||||
$html .= "<br />\n";
|
||||
$html .= funktion_db_element_list_2row("Tshirt nicht ausgegeben (Gekommen=1)", "SELECT COUNT(`Size`), `Size` FROM `User` WHERE `Gekommen`='1' and `Tshirt`='0' GROUP BY `Size`");
|
||||
|
||||
$html .= "<hr>\n";
|
||||
$html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`");
|
||||
$html .= "<br />\n";
|
||||
$html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`");
|
||||
|
||||
$html .= "<hr>\n";
|
||||
$html .= funktion_db_element_list_2row("Gesamte Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID)");
|
||||
$html .= "<br />\n";
|
||||
$html .= funktion_db_element_list_2row("Geleisteter Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0)");
|
||||
|
||||
$html .= "<hr>\n";
|
||||
$html .= funktion_db_element_list_2row("Gesamte Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (Shifts.RID!=7)");
|
||||
$html .= "<br />\n";
|
||||
$html .= funktion_db_element_list_2row("Geleisteter Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0) AND (Shifts.RID!=7)");
|
||||
|
||||
return $html;
|
||||
}
|
||||
?>
|
||||
|
@ -0,0 +1,87 @@
|
||||
<?php
|
||||
function admin_news() {
|
||||
global $user;
|
||||
|
||||
if (!isset ($_GET["action"])) {
|
||||
header("Location: " . page_link_to("news"));
|
||||
} else {
|
||||
$html = "";
|
||||
switch ($_GET["action"]) {
|
||||
case 'edit' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing News ID.");
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($news) > 0) {
|
||||
list ($news) = $news;
|
||||
|
||||
$html .= '<a href="' . page_link_to("news") . '">« Back</a>';
|
||||
|
||||
$html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
|
||||
|
||||
$html .= "<table>\n";
|
||||
$html .= " <tr><td>Datum</td><td>" .
|
||||
date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n";
|
||||
$html .= " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" .
|
||||
$news["Betreff"] . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
|
||||
$news["Text"] . "</textarea></td></tr>\n";
|
||||
$html .= " <tr><td>Engel</td><td>" .
|
||||
UID2Nick($news["UID"]) . "</td></tr>\n";
|
||||
$html .= " <tr><td>Treffen</td><td>" . html_select_key('eTreffen', array (
|
||||
'1' => "Ja",
|
||||
'0' => "Nein"
|
||||
), $news['Treffen']) . "</td></tr>\n";
|
||||
$html .= "</table>";
|
||||
|
||||
$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
|
||||
$html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n";
|
||||
$html .= "</form>";
|
||||
|
||||
$html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n";
|
||||
$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
|
||||
$html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
|
||||
$html .= "</form>";
|
||||
} else
|
||||
return error("No News found.");
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing News ID.");
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($news) > 0) {
|
||||
list ($news) = $news;
|
||||
|
||||
sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
|
||||
"', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
|
||||
header("Location: " . page_link_to("news"));
|
||||
} else
|
||||
return error("No News found.");
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing News ID.");
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($news) > 0) {
|
||||
list ($news) = $news;
|
||||
|
||||
sql_query("DELETE FROM `news` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("news"));
|
||||
} else
|
||||
return error("No News found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,85 @@
|
||||
<?php
|
||||
function admin_new_questions() {
|
||||
global $user, $privileges;
|
||||
|
||||
if (in_array("admin_questions", $privileges)) {
|
||||
$new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID`=0");
|
||||
|
||||
if ($new_messages > 0)
|
||||
return '<p class="notice"><a href="' . page_link_to("admin_questions") . '">There are unanswered questions!</a></p><hr />';
|
||||
}
|
||||
|
||||
return "";
|
||||
}
|
||||
|
||||
function admin_questions() {
|
||||
global $user;
|
||||
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
$open_questions = "";
|
||||
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0");
|
||||
foreach ($questions as $question)
|
||||
$open_questions .= template_render(
|
||||
'../templates/admin_question_unanswered.html', array (
|
||||
'question_nick' => UID2Nick($question['UID']),
|
||||
'question_id' => $question['QID'],
|
||||
'link' => page_link_to("admin_questions"),
|
||||
'question' => str_replace("\n", '<br />', $question['Question'])
|
||||
));
|
||||
|
||||
$answered_questions = "";
|
||||
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0");
|
||||
|
||||
foreach ($questions as $question)
|
||||
$answered_questions .= template_render(
|
||||
'../templates/admin_question_answered.html', array (
|
||||
'question_id' => $question['QID'],
|
||||
'question_nick' => UID2Nick($question['UID']),
|
||||
'question' => str_replace("\n", "<br />", $question['Question']),
|
||||
'answer_nick' => UID2Nick($question['AID']),
|
||||
'answer' => str_replace("\n", "<br />", $question['Answer']),
|
||||
'link' => page_link_to("admin_questions"),
|
||||
));
|
||||
|
||||
return template_render('../templates/admin_questions.html', array (
|
||||
'link' => page_link_to("admin_questions"),
|
||||
'open_questions' => $open_questions,
|
||||
'answered_questions' => $answered_questions
|
||||
));
|
||||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'answer' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Question ID.");
|
||||
|
||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($question) > 0 && $question[0]['AID'] == "0") {
|
||||
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
|
||||
|
||||
if ($answer != "") {
|
||||
sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_questions"));
|
||||
} else
|
||||
return error("Please enter an answer!");
|
||||
} else
|
||||
return error("No question found.");
|
||||
break;
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Question ID.");
|
||||
|
||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($question) > 0) {
|
||||
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_questions"));
|
||||
} else
|
||||
return error("No question found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
@ -0,0 +1,143 @@
|
||||
<?php
|
||||
function admin_rooms() {
|
||||
global $user;
|
||||
|
||||
$html = "";
|
||||
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Number`, `Name`");
|
||||
if (!isset ($_REQUEST["action"])) {
|
||||
$html .= "Hallo " . $user['Nick'] .
|
||||
",<br />\nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " .
|
||||
"oder vorhandene abzuändern:<br /><br />\n";
|
||||
|
||||
// Räume auflisten
|
||||
if (count($rooms) > 0) {
|
||||
$html .= '<table><thead><tr>';
|
||||
|
||||
$html .= "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||
$html .= "<tr class=\"contenttopic\">\n";
|
||||
|
||||
// Tabellenüberschriften generieren
|
||||
foreach ($rooms[0] as $attr => $tmp)
|
||||
if ($attr != 'RID')
|
||||
$html .= '<th>' . $attr . '</th>';
|
||||
$html .= '<th> </th>';
|
||||
$html .= '</tr></thead><tbody>';
|
||||
|
||||
foreach ($rooms as $i => $room) {
|
||||
$html .= '<tr>';
|
||||
foreach ($room as $attr => $value)
|
||||
if ($attr != 'RID')
|
||||
$html .= '<td>' . $value . '</td>';
|
||||
$html .= '<td><a href="' . page_link_to("admin_rooms") . '&action=change&RID=' . $room['RID'] . '">Edit</a></td>';
|
||||
$html .= '</tr>';
|
||||
}
|
||||
|
||||
$html .= '</tbody></table>';
|
||||
}
|
||||
$html .= "<hr /><a href=\"" . page_link_to("admin_rooms") . "&action=new\">Neuen Raum/Ort eintragen</a><br />\n";
|
||||
} else {
|
||||
switch ($_REQUEST["action"]) {
|
||||
|
||||
case 'new' :
|
||||
$html .= template_render('../templates/admin_rooms_new_form.html', array (
|
||||
'link' => page_link_to("admin_rooms")
|
||||
));
|
||||
break;
|
||||
|
||||
case 'newsave' :
|
||||
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
|
||||
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
|
||||
$from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf']));
|
||||
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
|
||||
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
|
||||
sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "'");
|
||||
header("Location: " . page_link_to("admin_rooms"));
|
||||
break;
|
||||
|
||||
case 'change' :
|
||||
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||
$rid = $_REQUEST['RID'];
|
||||
else
|
||||
return error("Incomplete call, missing Room ID.");
|
||||
|
||||
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
if (count($room) > 0) {
|
||||
list ($room) = $room;
|
||||
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
|
||||
|
||||
$angel_types = "";
|
||||
foreach ($room_angel_types as $room_angel_type) {
|
||||
if ($room_angel_type['count'] == "")
|
||||
$room_angel_type['count'] = "0";
|
||||
$angel_types .= '<tr><td>' . $room_angel_type['Name'] . '</td><td><input type="text" name="angel_type_' . $room_angel_type['TID'] . '" value="' . $room_angel_type['count'] . '" /></td></tr>';
|
||||
}
|
||||
|
||||
$html .= template_render('../templates/admin_rooms_edit_form.html', array (
|
||||
'link' => page_link_to("admin_rooms"),
|
||||
'room_id' => $rid,
|
||||
'name' => $room['Name'],
|
||||
'man' => $room['Man'],
|
||||
'number' => $room['Number'],
|
||||
'from_pentabarf_options' => html_options('FromPentabarf', array (
|
||||
'Y' => 'Yes',
|
||||
'N' => 'No'
|
||||
), $room['FromPentabarf']),
|
||||
'show_options' => html_options('Show', array (
|
||||
'Y' => 'Yes',
|
||||
'N' => 'No'
|
||||
), $room['show']),
|
||||
'angel_types' => $angel_types
|
||||
));
|
||||
} else
|
||||
return error("No Room found.");
|
||||
break;
|
||||
|
||||
case 'changesave' :
|
||||
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||
$rid = $_REQUEST['RID'];
|
||||
else
|
||||
return error("Incomplete call, missing Room ID.");
|
||||
|
||||
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
if (count($room) > 0) {
|
||||
list ($room) = $room;
|
||||
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
|
||||
|
||||
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
|
||||
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
|
||||
$from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf']));
|
||||
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
|
||||
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
|
||||
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid));
|
||||
foreach ($room_angel_types as $room_angel_type) {
|
||||
if (isset ($_REQUEST['angel_type_' . $room_angel_type['TID']]) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['TID']]))
|
||||
$count = $_REQUEST['angel_type_' . $room_angel_type['TID']];
|
||||
else
|
||||
$count = "0";
|
||||
sql_query("INSERT INTO `RoomAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count));
|
||||
}
|
||||
header("Location: " . page_link_to("admin_rooms"));
|
||||
} else
|
||||
return error("No Room found.");
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||
$rid = $_REQUEST['RID'];
|
||||
else
|
||||
return error("Incomplete call, missing Room ID.");
|
||||
|
||||
if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) {
|
||||
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_rooms"));
|
||||
} else
|
||||
return error("No Room found.");
|
||||
break;
|
||||
|
||||
}
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,324 @@
|
||||
<?php
|
||||
function admin_user() {
|
||||
global $user;
|
||||
|
||||
include ("includes/funktion_db_list.php");
|
||||
|
||||
$html = "";
|
||||
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
|
||||
$id = $_REQUEST['id'];
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
$html .= "Hallo,<br />" .
|
||||
"hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " .
|
||||
"wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " .
|
||||
"dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " .
|
||||
"Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " .
|
||||
"bereits sein T-Shirt erhalten hat.<br /><br />\n";
|
||||
|
||||
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
|
||||
$html .= "<table border=\"0\">\n";
|
||||
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
|
||||
|
||||
$SQL = "SELECT * FROM `User` WHERE `UID`='" . $id . "'";
|
||||
$Erg = sql_query($SQL);
|
||||
|
||||
$html .= "<tr><td>\n";
|
||||
$html .= "<table>\n";
|
||||
$html .= " <tr><td>Nick</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" .
|
||||
mysql_result($Erg, 0, "Nick") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>lastLogIn</td><td>" .
|
||||
date("Y-m-d H:i", mysql_result($Erg, 0, "lastLogIn")) . "</td></tr>\n";
|
||||
$html .= " <tr><td>Name</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eName\" value=\"" .
|
||||
mysql_result($Erg, 0, "Name") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>Vorname</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" .
|
||||
mysql_result($Erg, 0, "Vorname") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>Alter</td><td>" .
|
||||
"<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" .
|
||||
mysql_result($Erg, 0, "Alter") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>Telefon</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" .
|
||||
mysql_result($Erg, 0, "Telefon") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>Handy</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" .
|
||||
mysql_result($Erg, 0, "Handy") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>DECT</td><td>" .
|
||||
"<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" .
|
||||
mysql_result($Erg, 0, "DECT") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>email</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" .
|
||||
mysql_result($Erg, 0, "email") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>ICQ</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"" .
|
||||
mysql_result($Erg, 0, "ICQ") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>jabber</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" .
|
||||
mysql_result($Erg, 0, "jabber") . "\"></td></tr>\n";
|
||||
$html .= " <tr><td>Size</td><td>" .
|
||||
html_select_key('size', array (
|
||||
'S' => "S",
|
||||
'M' => "M",
|
||||
'L' => "L",
|
||||
'XL' => "XL",
|
||||
'2XL' => "2XL",
|
||||
'3XL' => "3XL",
|
||||
'4XL' => "4XL",
|
||||
'5XL' => "5XL",
|
||||
'S-G' => "S Girl",
|
||||
'M-G' => "M Girl",
|
||||
'L-G' => "L Girl",
|
||||
'XL-G' => "XL Girl"
|
||||
), mysql_result($Erg, 0, "Size")) . "</td></tr>\n";
|
||||
|
||||
$options = array (
|
||||
'1' => "Yes",
|
||||
'0' => "No"
|
||||
);
|
||||
|
||||
// Gekommen?
|
||||
$html .= " <tr><td>Gekommen</td><td>\n";
|
||||
$html .= html_options('eGekommen', $options, mysql_result($Erg, 0, "Gekommen")) . "</td></tr>\n";
|
||||
|
||||
// Aktiv?
|
||||
$html .= " <tr><td>Aktiv</td><td>\n";
|
||||
$html .= html_options('eAktiv', $options, mysql_result($Erg, 0, "Aktiv")) . "</td></tr>\n";
|
||||
|
||||
// T-Shirt bekommen?
|
||||
$html .= " <tr><td>T-Shirt</td><td>\n";
|
||||
$html .= html_options('eTshirt', $options, mysql_result($Erg, 0, "Tshirt")) . "</td></tr>\n";
|
||||
|
||||
$html .= " <tr><td>Hometown</td><td>" .
|
||||
"<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" .
|
||||
mysql_result($Erg, 0, "Hometown") . "\"></td></tr>\n";
|
||||
|
||||
$html .= "</table>\n</td><td valign=\"top\">" . displayavatar($id, false) . "</td></tr>";
|
||||
|
||||
$html .= "</td></tr>\n";
|
||||
$html .= "</table>\n<br />\n";
|
||||
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
|
||||
$html .= "</form>";
|
||||
|
||||
$html .= "<hr />";
|
||||
|
||||
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
|
||||
$html .= "<table>\n";
|
||||
$html .= " <tr><td>Passwort</td><td>" .
|
||||
"<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
|
||||
$html .= " <tr><td>Wiederholung</td><td>" .
|
||||
"<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
|
||||
|
||||
$html .= "</table>";
|
||||
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
|
||||
$html .= "</form>";
|
||||
|
||||
$html .= "<hr />";
|
||||
|
||||
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
|
||||
$html .= '<table>';
|
||||
|
||||
list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`");
|
||||
list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`");
|
||||
|
||||
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
|
||||
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`");
|
||||
foreach ($groups as $group)
|
||||
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
|
||||
|
||||
$html .= '</table>';
|
||||
|
||||
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
|
||||
$html .= "</form>";
|
||||
|
||||
$html .= "<hr />";
|
||||
}
|
||||
|
||||
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=delete&id=" . $id . "\" method=\"post\">\n";
|
||||
$html .= "<input type=\"submit\" value=\"Löschen\">\n";
|
||||
$html .= "</form>";
|
||||
|
||||
$html .= "<hr />";
|
||||
$html .= funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_REQUEST['id']);
|
||||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'save_groups' :
|
||||
if ($id != $user['UID']) {
|
||||
list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`");
|
||||
list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`");
|
||||
|
||||
if ($my_highest_group <= $his_highest_group) {
|
||||
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`");
|
||||
$grouplist = array ();
|
||||
foreach ($groups as $group)
|
||||
$grouplist[] = $group['UID'];
|
||||
|
||||
if (!is_array($_REQUEST['groups']))
|
||||
$_REQUEST['groups'] = array ();
|
||||
|
||||
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
|
||||
foreach ($_REQUEST['groups'] as $group)
|
||||
if (in_array($group, $grouplist))
|
||||
sql_query("INSERT INTO `UserGroups` SET `uid`=" .
|
||||
sql_escape($id) . ", `group_id`=" . sql_escape($group));
|
||||
$html .= success("Benutzergruppen gespeichert.");
|
||||
} else {
|
||||
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.");
|
||||
}
|
||||
} else {
|
||||
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.");
|
||||
}
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if ($user['UID'] != $id) {
|
||||
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
|
||||
sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
|
||||
$html .= success("Benutzer gelöscht!");
|
||||
} else {
|
||||
$html .= error("Du kannst Dich nicht selber löschen!");
|
||||
}
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
$SQL = "UPDATE `User` SET ";
|
||||
$SQL .= " `Nick` = '" . $_POST["eNick"] . "', `Name` = '" . $_POST["eName"] . "', " .
|
||||
"`Vorname` = '" . $_POST["eVorname"] . "', " .
|
||||
"`Telefon` = '" . $_POST["eTelefon"] . "', " .
|
||||
"`Handy` = '" . $_POST["eHandy"] . "', " .
|
||||
"`Alter` = '" . $_POST["eAlter"] . "', " .
|
||||
"`DECT` = '" . $_POST["eDECT"] . "', " .
|
||||
"`email` = '" . $_POST["eemail"] . "', " .
|
||||
"`ICQ` = '" . $_POST["eICQ"] . "', " .
|
||||
"`jabber` = '" . $_POST["ejabber"] . "', " .
|
||||
"`Size` = '" . $_POST["eSize"] . "', " .
|
||||
"`Gekommen`= '" . $_POST["eGekommen"] . "', " .
|
||||
"`Aktiv`= '" . $_POST["eAktiv"] . "', " .
|
||||
"`Tshirt` = '" . $_POST["eTshirt"] . "', " .
|
||||
"`Hometown` = '" . $_POST["Hometown"] . "' " .
|
||||
"WHERE `UID` = '" . $id .
|
||||
"' LIMIT 1;";
|
||||
sql_query($SQL);
|
||||
$html .= success("Änderung wurde gespeichert...\n");
|
||||
break;
|
||||
|
||||
case 'change_pw' :
|
||||
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
|
||||
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$html .= success("Passwort neu gesetzt.");
|
||||
} else {
|
||||
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!");
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// Userliste, keine UID uebergeben...
|
||||
|
||||
$html .= "<a href=\"" . page_link_to("register") . "\">Neuen Engel eintragen »</a><br /><br />\n";
|
||||
|
||||
if (!isset ($_GET["OrderBy"]))
|
||||
$_GET["OrderBy"] = "Nick";
|
||||
$SQL = "SELECT * FROM `User` ORDER BY `" . sql_escape($_GET["OrderBy"]) . "` ASC";
|
||||
$Erg = sql_query($SQL);
|
||||
|
||||
// anzahl zeilen
|
||||
$Zeilen = mysql_num_rows($Erg);
|
||||
|
||||
$html .= "Anzahl Engel: $Zeilen<br /><br />\n";
|
||||
$html .= '
|
||||
<table width="100%" class="border" cellpadding="2" cellspacing="1"> <thead>
|
||||
<tr class="contenttopic">
|
||||
<th>
|
||||
<a href="' . page_link_to("admin_user") . '&OrderBy=Nick">Nick</a>
|
||||
</th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Vorname">Vorname</a> <a href="' . page_link_to("admin_user") . '&OrderBy=Name">Name</a></th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Alter">Alter</a></th>
|
||||
<th>
|
||||
<a href="' . page_link_to("admin_user") . '&OrderBy=email">E-Mail</a>
|
||||
</th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Size">Größe</a></th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Gekommen">Gekommen</a></th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Aktiv">Aktiv</a></th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Tshirt">T-Shirt</a></th>
|
||||
<th><a href="' . page_link_to("admin_user") . '&OrderBy=CreateDate">Registriert</a></th>
|
||||
<th>Änd.</th>
|
||||
</tr></thead>';
|
||||
$Gekommen = 0;
|
||||
$Active = 0;
|
||||
$Tshirt = 0;
|
||||
|
||||
for ($n = 0; $n < $Zeilen; $n++) {
|
||||
$title = "";
|
||||
$user_groups = sql_select("SELECT * FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape(mysql_result($Erg, $n, "UID")) . " ORDER BY `Groups`.`Name`");
|
||||
$groups = array ();
|
||||
foreach ($user_groups as $user_group) {
|
||||
$groups[] = $user_group['Name'];
|
||||
}
|
||||
$title .= 'Groups: ' . join(", ", $groups) . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "Telefon")) > 0)
|
||||
$title .= "Tel: " . mysql_result($Erg, $n, "Telefon") . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "Handy")) > 0)
|
||||
$title .= "Handy: " . mysql_result($Erg, $n, "Handy") . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "DECT")) > 0)
|
||||
$title .= "DECT: <a href=\"./dect.php?custum=" . mysql_result($Erg, $n, "DECT") . "\">" .
|
||||
mysql_result($Erg, $n, "DECT") . "</a><br />";
|
||||
if (strlen(mysql_result($Erg, $n, "Hometown")) > 0)
|
||||
$title .= "Hometown: " . mysql_result($Erg, $n, "Hometown") . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "lastLogIn")) > 0)
|
||||
$title .= "Last login: " . date("Y-m-d H:i", mysql_result($Erg, $n, "lastLogIn")) . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "Art")) > 0)
|
||||
$title .= "Type: " . mysql_result($Erg, $n, "Art") . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "ICQ")) > 0)
|
||||
$title .= "ICQ: " . mysql_result($Erg, $n, "ICQ") . "<br />";
|
||||
if (strlen(mysql_result($Erg, $n, "jabber")) > 0)
|
||||
$title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "<br />";
|
||||
|
||||
$html .= "<tr class=\"content\">\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Nick") . "</td>\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "</td>\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Alter") . "</td>\n";
|
||||
$html .= "\t<td>";
|
||||
if (strlen(mysql_result($Erg, $n, "email")) > 0)
|
||||
$html .= "<a href=\"mailto:" . mysql_result($Erg, $n, "email") . "\">" .
|
||||
mysql_result($Erg, $n, "email") . "</a>";
|
||||
$html .= '<div class="hidden">' . $title . '</div>';
|
||||
$html .= "</td>\n";
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Size") . "</td>\n";
|
||||
$Gekommen += mysql_result($Erg, $n, "Gekommen");
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Gekommen") . "</td>\n";
|
||||
$Active += mysql_result($Erg, $n, "Aktiv");
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Aktiv") . "</td>\n";
|
||||
$Tshirt += mysql_result($Erg, $n, "Tshirt");
|
||||
$html .= "\t<td>" . mysql_result($Erg, $n, "Tshirt") . "</td>\n";
|
||||
$html .= "<td>" . mysql_result($Erg, $n, "CreateDate") . "</td>";
|
||||
$html .= "\t<td>" . '<a href="' . page_link_to("admin_user") . '&id=' . mysql_result($Erg, $n, "UID") . '">Edit</a>' .
|
||||
"</td>\n";
|
||||
$html .= "</tr>\n";
|
||||
}
|
||||
$html .= "<tr>" .
|
||||
"<td></td><td></td><td></td><td></td><td></td>" .
|
||||
"<td>$Gekommen</td><td>$Active</td><td>$Tshirt</td><td></td><td></td></tr>\n";
|
||||
$html .= "\t</table>\n";
|
||||
// Ende Userliste
|
||||
|
||||
$html .= "<hr /><h2>Statistics</h2>";
|
||||
$html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`");
|
||||
|
||||
$html .= "<br />\n";
|
||||
|
||||
$html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`");
|
||||
|
||||
$html .= "<br />\n";
|
||||
|
||||
$html .= funktion_db_element_list_2row("Used Groups", "SELECT Groups.Name AS 'GroupName', COUNT(Groups.Name) AS Count FROM `UserGroups` " .
|
||||
"LEFT JOIN `Groups` ON Groups.UID = UserGroups.group_id " .
|
||||
"WHERE (UserGroups.group_id!='NULL') " .
|
||||
"GROUP BY `GroupName` " .
|
||||
"");
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,5 @@
|
||||
<?php
|
||||
function guest_credits() {
|
||||
return template_render('../templates/guest_credits.html', array ());
|
||||
}
|
||||
?>
|
@ -0,0 +1,24 @@
|
||||
<?php
|
||||
function guest_faq() {
|
||||
$html = "";
|
||||
$faqs = sql_select("SELECT * FROM `FAQ`");
|
||||
foreach ($faqs as $faq) {
|
||||
$html .= "<dl>";
|
||||
if ($_SESSION['Sprache'] == "DE") {
|
||||
$html .= sprintf(
|
||||
'<dt>%s</dt> <dd>%s</dd>',
|
||||
$faq['Frage_de'],
|
||||
$faq['Antwort_de']
|
||||
);
|
||||
} else {
|
||||
$html .= sprintf(
|
||||
'<dt>%s</dt> <dd>%s</dd>',
|
||||
$faq['Frage_en'],
|
||||
$faq['Antwort_en']
|
||||
);
|
||||
}
|
||||
$html .= "</dl>";
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,269 @@
|
||||
<?php
|
||||
|
||||
|
||||
// Engel registrieren
|
||||
function guest_register() {
|
||||
$html = "";
|
||||
$success = "none";
|
||||
|
||||
if (isset ($_POST["send"])) {
|
||||
$eNick = trim($_POST["Nick"]);
|
||||
|
||||
if ($_POST["Alter"] == "")
|
||||
$_POST["Alter"] = 23;
|
||||
|
||||
// user vorhanden?
|
||||
$Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'");
|
||||
|
||||
if (strlen($_POST["Nick"]) < 2)
|
||||
$error = Get_Text("makeuser_error_nick1")
|
||||
. $_POST["Nick"] . Get_Text("makeuser_error_nick2");
|
||||
|
||||
elseif (count($Ergans) > 0)
|
||||
$error = Get_Text("makeuser_error_nick1")
|
||||
. $_POST["Nick"] . Get_Text("makeuser_error_nick3");
|
||||
|
||||
elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false)
|
||||
$error = Get_Text("makeuser_error_mail");
|
||||
|
||||
elseif (!is_numeric($_POST["Alter"]))
|
||||
$error = Get_Text("makeuser_error_Alter");
|
||||
|
||||
elseif ($_POST["Passwort"] != $_POST["Passwort2"])
|
||||
$error = Get_Text("makeuser_error_password1");
|
||||
|
||||
elseif (strlen($_POST["Passwort"]) < 6)
|
||||
$error = Get_Text("makeuser_error_password2");
|
||||
|
||||
else {
|
||||
$_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
|
||||
unset ($_POST["Passwort2"]);
|
||||
|
||||
$Erg = sql_query("INSERT INTO `User` (" .
|
||||
"`Nick` , " . "`Name` , " .
|
||||
"`Vorname`, " . "`Alter` , " .
|
||||
"`Telefon`, " . "`DECT`, " .
|
||||
"`Handy`, " . "`email`, " .
|
||||
"`ICQ`, " . "`jabber`, " .
|
||||
"`Size`, " . "`Passwort`, " .
|
||||
"`Art` , " . "`kommentar`, " .
|
||||
"`Hometown`," . "`CreateDate`, `Sprache` ) " .
|
||||
"VALUES ( '"
|
||||
. sql_escape($_POST["Nick"]) . "', " . "'"
|
||||
. sql_escape($_POST["Name"]) . "', " . "'"
|
||||
. sql_escape($_POST["Vorname"]) . "', " . "'"
|
||||
. sql_escape($_POST["Alter"]) . "', " . "'"
|
||||
. sql_escape($_POST["Telefon"]) . "', " . "'"
|
||||
. sql_escape($_POST["DECT"]) . "', " . "'"
|
||||
. sql_escape($_POST["Handy"]) . "', " . "'"
|
||||
. sql_escape($_POST["email"]) . "', " . "'"
|
||||
. sql_escape($_POST["ICQ"]) . "', " . "'"
|
||||
. sql_escape($_POST["jabber"]) . "', " . "'"
|
||||
. sql_escape($_POST["Size"]) . "', " . "'"
|
||||
. sql_escape($_POST["Passwort"]) . "', " . "'"
|
||||
. sql_escape($_POST["Art"]) . "', " . "'"
|
||||
. sql_escape($_POST["kommentar"]) . "', " . "'"
|
||||
. sql_escape($_POST["Hometown"]) . "',"
|
||||
. "NOW(), '"
|
||||
. sql_escape($_SESSION["Sprache"])
|
||||
. "')"
|
||||
);
|
||||
|
||||
if ($Erg != 1) {
|
||||
$html .= Get_Text("makeuser_error_write1") . "<br />\n";
|
||||
$error = sql_error();
|
||||
} else {
|
||||
$html .= "<p class=\"success\">" . Get_Text("makeuser_writeOK") . "\n";
|
||||
|
||||
$Erg3 = mysql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape(sql_id()) . ", `group_id`=-2");
|
||||
|
||||
if ($Erg3 != 1) {
|
||||
$html .= "<h1>" . Get_Text("makeuser_error_write2") . "<br />\n";
|
||||
$error = sql_error();
|
||||
} else {
|
||||
$html .= Get_Text("makeuser_writeOK2") . "<br />\n";
|
||||
$html .= "<h1>" . Get_Text("makeuser_writeOK3") . "</h1>\n";
|
||||
}
|
||||
|
||||
$html .= Get_Text("makeuser_writeOK4") . "</p><p></p>\n<br /><br />\n";
|
||||
$success = "any";
|
||||
|
||||
if (isset ($SubscribeMailinglist)) {
|
||||
if ($_POST["subscribe-mailinglist"] == "") {
|
||||
$headers = "From: " . $_POST["email"] . "\r\n" .
|
||||
"X-Mailer: PHP/" . phpversion();
|
||||
mail($SubscribeMailinglist, "subject", "message", $headers);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (isset ($error))
|
||||
$html .= error($error);
|
||||
} else {
|
||||
// init vars
|
||||
$_POST["Nick"] = "";
|
||||
$_POST["Name"] = "";
|
||||
$_POST["Vorname"] = "";
|
||||
$_POST["Alter"] = "";
|
||||
$_POST["Telefon"] = "";
|
||||
$_POST["DECT"] = "";
|
||||
$_POST["Handy"] = "";
|
||||
$_POST["email"] = "";
|
||||
$_POST["subscribe-mailinglist"] = "";
|
||||
$_POST["ICQ"] = "";
|
||||
$_POST["jabber"] = "";
|
||||
$_POST["Size"] = "L";
|
||||
$_POST["Art"] = "";
|
||||
$_POST["kommentar"] = "";
|
||||
$_POST["Hometown"] = "";
|
||||
}
|
||||
|
||||
if ($success == "none") {
|
||||
$html .= "<h1>" . Get_Text("makeuser_text0") . "</h1>\n";
|
||||
$html .= "<h2>" . Get_Text("makeuser_text1") . "</h2>\n";
|
||||
$html .= "<form action=\"\" method=\"post\">\n";
|
||||
$html .= "<table>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Nickname") . "*</td><td><input type=\"text\" size=\"40\" name=\"Nick\" value=\"" . $_POST["Nick"] . "\" /></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Nachname") . "</td><td><input type=\"text\" size=\"40\" name=\"Name\" value=\"" . $_POST["Name"] . "\" /></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Vorname") . "</td><td><input type=\"text\" size=\"40\" name=\"Vorname\" value=\"" . $_POST["Vorname"] . "\" /></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Alter") . "</td><td><input type=\"text\" size=\"40\" name=\"Alter\" value=\"" . $_POST["Alter"] . "\"></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Telefon") . "</td><td><input type=\"text\" size=\"40\" name=\"Telefon\" value=\"" . $_POST["Telefon"] . "\"></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_DECT") . "</td><td><input type=\"text\" size=\"40\" name=\"DECT\" value=\"" . $_POST["DECT"] . "\"></td><td>\n";
|
||||
$html .= "<!--a href=\"https://21c3.ccc.de/wiki/index.php/POC\"><img src=\"./pic/external.png\" alt=\"external: \">DECT</a--></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Handy") . "</td><td><input type=\"text\" size=\"40\" name=\"Handy\" value=\"" . $_POST["Handy"] . "\"></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_E-Mail") . "*</td><td><input type=\"text\" size=\"40\" name=\"email\" value=\"" . $_POST["email"] . "\"></td></tr>\n";
|
||||
|
||||
if (isset ($SubscribeMailinglist))
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_subscribe-mailinglist") . "</td><td><input type=\"checkbox\" name=\"subscribe-mailinglist\" value=\"" . $_POST["subscribe-mailinglist"] . "\">($SubscribeMailinglist)</td></tr>\n";
|
||||
|
||||
$html .= "<tr><td>ICQ</td><td><input type=\"text\" size=\"40\" name=\"ICQ\" value=\"" . $_POST["ICQ"] . "\"></td></tr>\n";
|
||||
$html .= "<tr><td>jabber</td><td><input type=\"text\" size=\"40\" name=\"jabber\" value=\"" . $_POST["jabber"] . "\"></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_T-Shirt") . " Grösse*</td><td align=\"left\">\n";
|
||||
$html .= "<select name=\"Size\">\n";
|
||||
$html .= "<option value=\"S\"";
|
||||
if ($_POST["Size"] == "S")
|
||||
$html .= " selected";
|
||||
$html .= ">S</option>\n";
|
||||
$html .= "<option value=\"M\"";
|
||||
if ($_POST["Size"] == "M")
|
||||
$html .= " selected";
|
||||
$html .= ">M</option>\n";
|
||||
$html .= "<option value=\"L\"";
|
||||
if ($_POST["Size"] == "L")
|
||||
$html .= " selected";
|
||||
$html .= ">L</option>\n";
|
||||
$html .= "<option value=\"XL\"";
|
||||
if ($_POST["Size"] == "XL")
|
||||
$html .= " selected";
|
||||
$html .= ">XL</option>\n";
|
||||
$html .= "<option value=\"2XL\"";
|
||||
if ($_POST["Size"] == "2XL")
|
||||
$html .= " selected";
|
||||
$html .= ">2XL</option>\n";
|
||||
$html .= "<option value=\"3XL\"";
|
||||
if ($_POST["Size"] == "3XL")
|
||||
$html .= " selected";
|
||||
$html .= ">3XL</option>\n";
|
||||
$html .= "<option value=\"4XL\"";
|
||||
if ($_POST["Size"] == "4XL")
|
||||
$html .= " selected";
|
||||
$html .= ">4XL</option>\n";
|
||||
$html .= "<option value=\"5XL\"";
|
||||
if ($_POST["Size"] == "5XL")
|
||||
$html .= " selected";
|
||||
$html .= ">5XL</option>\n";
|
||||
$html .= "<option value=\"S-G\"";
|
||||
if ($_POST["Size"] == "S-G")
|
||||
$html .= " selected";
|
||||
$html .= ">S Girl</option>\n";
|
||||
$html .= "<option value=\"M-G\"";
|
||||
if ($_POST["Size"] == "M-G")
|
||||
$html .= " selected";
|
||||
$html .= ">M Girl</option>\n";
|
||||
$html .= "<option value=\"L-G\"";
|
||||
if ($_POST["Size"] == "L-G")
|
||||
$html .= " selected";
|
||||
$html .= ">L Girl</option>\n";
|
||||
$html .= "<option value=\"XL-G\"";
|
||||
if ($_POST["Size"] == "XL-G")
|
||||
$html .= " selected";
|
||||
$html .= ">XL Girl</option>\n";
|
||||
$html .= "</select>\n";
|
||||
$html .= "</td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Engelart") . "</td><td align=\"left\">\n";
|
||||
$html .= "<select name=\"Art\">\n";
|
||||
|
||||
$engel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `NAME`");
|
||||
foreach ($engel_types as $engel_type) {
|
||||
$Name = $engel_type['Name'] . Get_Text("inc_schicht_engel");
|
||||
$html .= "<option value=\"" . $Name . "\"";
|
||||
|
||||
if ($_POST["Art"] == $Name)
|
||||
$html .= " selected";
|
||||
|
||||
$html .= ">$Name</option>\n";
|
||||
}
|
||||
|
||||
$html .= "</select>\n";
|
||||
$html .= "</td>\n";
|
||||
$html .= "</tr>\n";
|
||||
$html .= "<tr>\n";
|
||||
$html .= "<td>" . Get_Text("makeuser_text2") . "</td>\n";
|
||||
$html .= "<td><textarea rows=\"5\" cols=\"40\" name=\"kommentar\">" . $_POST["kommentar"] . "</textarea></td>\n";
|
||||
$html .= "</tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Hometown") . "</td><td><input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $_POST["Hometown"] . "\"></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Passwort") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort\"/></td></tr>\n";
|
||||
$html .= "<tr><td>" . Get_Text("makeuser_Passwort2") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort2\"/></td></tr>\n";
|
||||
$html .= "<tr><td> </td><td><input type=\"submit\" name=\"send\" value=\"" . Get_Text("makeuser_Anmelden") . "\"/></td></tr>\n";
|
||||
$html .= "</table>\n";
|
||||
$html .= "</form>\n";
|
||||
$html .= Get_Text("makeuser_text3");
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
|
||||
function guest_logout() {
|
||||
unset ($_SESSION['uid']);
|
||||
header("Location: " . page_link_to("start"));
|
||||
}
|
||||
|
||||
function guest_login() {
|
||||
global $user;
|
||||
unset ($_SESSION['uid']);
|
||||
|
||||
$html = "";
|
||||
if (isset ($_REQUEST['login_submit'])) {
|
||||
$login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST["user"]) . "'");
|
||||
|
||||
if (count($login_user) == 1) { // Check, ob User angemeldet wird...
|
||||
$login_user = $login_user[0];
|
||||
if ($login_user["Passwort"] == PassCrypt($_REQUEST["password"])) { // Passwort ok...
|
||||
$_SESSION['uid'] = $login_user['UID'];
|
||||
$_SESSION['Sprache'] = $login_user['Sprache'];
|
||||
header("Location: " . page_link_to("news"));
|
||||
} else { // Passwort nicht ok...
|
||||
$ErrorText = "pub_index_pass_no_ok";
|
||||
} // Ende Passwort-Check
|
||||
} else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
|
||||
if ($user_anz == 0)
|
||||
$ErrorText = "pub_index_User_unset";
|
||||
else
|
||||
$ErrorText = "pub_index_User_more_as_one";
|
||||
} // Ende Check, ob User angemeldet wurde}
|
||||
}
|
||||
if (isset ($ErrorText))
|
||||
$html .= error(Get_Text($ErrorText));
|
||||
$html .= guest_login_form();
|
||||
return $html;
|
||||
}
|
||||
|
||||
function guest_login_form() {
|
||||
return template_render("../templates/guest_login_form.html", array (
|
||||
'link' => page_link_to("login"),
|
||||
'nick' => Get_Text("index_lang_nick"),
|
||||
'pass' => Get_Text("index_lang_pass"),
|
||||
'send' => Get_Text("index_lang_send")
|
||||
));
|
||||
}
|
||||
?>
|
@ -0,0 +1,13 @@
|
||||
<?php
|
||||
function guest_start() {
|
||||
require_once ('includes/pages/guest_login.php');
|
||||
$html = "<p>" . Get_Text("index_text1") . "</p>\n";
|
||||
$html .= "<p>" . Get_Text("index_text2") . "</p>\n";
|
||||
$html .= "<p>" . Get_Text("index_text3") . "</p>\n";
|
||||
|
||||
$html .= guest_login_form();
|
||||
|
||||
$html .= "<h6>" . Get_Text("index_text4") . "</h6>";
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,239 @@
|
||||
<?php
|
||||
function user_unread_messages() {
|
||||
global $user, $privileges;
|
||||
|
||||
if (in_array("user_messages", $privileges)) {
|
||||
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
|
||||
|
||||
if ($new_messages > 0)
|
||||
return sprintf(
|
||||
'<p class="notice"><a href="%s">%s %s %s</a></p><hr />',
|
||||
page_link_to("user_messages"),
|
||||
Get_Text("pub_messages_new1"),
|
||||
$new_messages,
|
||||
Get_Text("pub_messages_new2")
|
||||
);
|
||||
}
|
||||
|
||||
return "";
|
||||
}
|
||||
|
||||
function user_messages() {
|
||||
global $user;
|
||||
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`="
|
||||
. sql_escape($user['UID']) . " ORDER BY `Nick`");
|
||||
|
||||
$to_select_data = array (
|
||||
"" => "Select receiver..."
|
||||
);
|
||||
|
||||
foreach ($users as $u)
|
||||
$to_select_data[$u['UID']] = $u['Nick'];
|
||||
|
||||
$to_select = html_select_key('to', $to_select_data, '');
|
||||
|
||||
$messages_html = "";
|
||||
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`="
|
||||
. sql_escape($user['UID'])
|
||||
. " OR `RUID`=" . sql_escape($user['UID'])
|
||||
. " ORDER BY `isRead`,`Datum` DESC"
|
||||
);
|
||||
foreach ($messages as $message) {
|
||||
|
||||
$messages_html .= sprintf(
|
||||
'<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td>'
|
||||
.'<td>%s</td>',
|
||||
($message['isRead'] == 'N' ? ' class="new_message"' : ''),
|
||||
($message['isRead'] == 'N' ? '•' : ''),
|
||||
date("Y-m-d H:i", $message['Datum']),
|
||||
UID2Nick($message['SUID']),
|
||||
UID2Nick($message['RUID']),
|
||||
str_replace("\n", '<br />', $message['Text'])
|
||||
);
|
||||
|
||||
$messages_html .= '<td>';
|
||||
if ($message['RUID'] == $user['UID']) {
|
||||
if ($message['isRead'] == 'N')
|
||||
$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>';
|
||||
} else {
|
||||
$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>';
|
||||
}
|
||||
$messages_html .= '</td></tr>';
|
||||
}
|
||||
|
||||
return template_render('../templates/user_messages.html', array (
|
||||
'link' => page_link_to("user_messages"),
|
||||
'greeting' => Get_Text("Hello") . $user['Nick'] . ", <br />\n"
|
||||
. Get_Text("pub_messages_text1") . "<br /><br />\n",
|
||||
'messages' => $messages_html,
|
||||
'new_label' => Get_Text("pub_messages_Neu"),
|
||||
'date_label' => Get_Text("pub_messages_Datum"),
|
||||
'from_label' => Get_Text("pub_messages_Von"),
|
||||
'to_label' => Get_Text("pub_messages_An"),
|
||||
'text_label' => Get_Text("pub_messages_Text"),
|
||||
'date' => date("Y-m-d H:i"),
|
||||
'from' => $user['Nick'],
|
||||
'to_select' => $to_select,
|
||||
'submit_label' => Get_Text("save")
|
||||
));
|
||||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case "read" :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Message ID.");
|
||||
|
||||
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
|
||||
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_messages"));
|
||||
} else
|
||||
return error("No Message found.");
|
||||
break;
|
||||
|
||||
case "delete" :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Message ID.");
|
||||
|
||||
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
|
||||
sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_messages"));
|
||||
} else
|
||||
return error("No Message found.");
|
||||
break;
|
||||
|
||||
case "send" :
|
||||
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
||||
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
|
||||
if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
|
||||
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
|
||||
header("Location: " . page_link_to("user_messages"));
|
||||
} else {
|
||||
return error(Get_Text("pub_messages_Send_Error"));
|
||||
}
|
||||
break;
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
if (!isset ($_GET["action"]))
|
||||
$_GET["action"] = "start";
|
||||
|
||||
switch ($_GET["action"]) {
|
||||
case "start" :
|
||||
echo Get_Text("Hello") . $_SESSION['Nick'] . ", <br />\n";
|
||||
echo Get_Text("pub_messages_text1") . "<br /><br />\n";
|
||||
|
||||
//show exist Messages
|
||||
$SQL = "SELECT * FROM `Messages` WHERE `SUID`='" . $_SESSION["UID"] . "' OR `RUID`='" . $_SESSION["UID"] . "'";
|
||||
$erg = mysql_query($SQL, $con);
|
||||
|
||||
echo "<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||
echo "<tr>\n";
|
||||
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Datum") . "</b></td>\n";
|
||||
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Von") . "</b></td>\n";
|
||||
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_An") . "</b></td>\n";
|
||||
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Text") . "</b></td>\n";
|
||||
echo "<td class=\"contenttopic\"></td>\n";
|
||||
echo "</tr>\n";
|
||||
|
||||
for ($i = 0; $i < mysql_num_rows($erg); $i++) {
|
||||
echo "<tr class=\"content\">\n";
|
||||
echo "<td>" . mysql_result($erg, $i, "Datum") . "</td>\n";
|
||||
echo "<td>" . UID2Nick(mysql_result($erg, $i, "SUID")) . "</td>\n";
|
||||
echo "<td>" . UID2Nick(mysql_result($erg, $i, "RUID")) . "</td>\n";
|
||||
echo "<td>" . mysql_result($erg, $i, "Text") . "</td>\n";
|
||||
echo "<td>";
|
||||
|
||||
if (mysql_result($erg, $i, "RUID") == $_SESSION["UID"]) {
|
||||
echo "<a href=\"?action=DelMsg&Datum=" . mysql_result($erg, $i, "Datum") . "\">" . Get_Text("pub_messages_DelMsg") . "</a>";
|
||||
|
||||
if (mysql_result($erg, $i, "isRead") == "N")
|
||||
echo "<a href=\"?action=MarkRead&Datum=" . mysql_result($erg, $i, "Datum") . "\">" . Get_Text("pub_messages_MarkRead") . "</a>";
|
||||
} else {
|
||||
if (mysql_result($erg, $i, "isRead") == "N")
|
||||
echo Get_Text("pub_messages_NotRead");
|
||||
}
|
||||
|
||||
echo "</td>\n";
|
||||
echo "</tr>\n";
|
||||
}
|
||||
|
||||
// send Messeges
|
||||
echo "<form action=\"" . $_SERVER['SCRIPT_NAME'] . "?action=SendMsg\" method=\"POST\">";
|
||||
echo "<tr class=\"content\">\n";
|
||||
echo "<td></td>\n";
|
||||
echo "<td></td>\n";
|
||||
|
||||
// Listet alle Nicks auf
|
||||
echo "<td><select name=\"RUID\">\n";
|
||||
|
||||
$usql = "SELECT * FROM `User` WHERE (`UID`!='" . $_SESSION["UID"] . "') ORDER BY `Nick`";
|
||||
$uErg = mysql_query($usql, $con);
|
||||
$urowcount = mysql_num_rows($uErg);
|
||||
|
||||
for ($k = 0; $k < $urowcount; $k++) {
|
||||
echo "<option value=\"" . mysql_result($uErg, $k, "UID") . "\">" . mysql_result($uErg, $k, "Nick") . "</option>\n";
|
||||
}
|
||||
|
||||
echo "</select></td>\n";
|
||||
echo "<td><textarea name=\"Text\" cols=\"30\" rows=\"10\"></textarea></td>\n";
|
||||
echo "<td><input type=\"submit\" value=\"" . Get_Text("save") . "\"></td>\n";
|
||||
echo "</tr>\n";
|
||||
echo "</form>";
|
||||
|
||||
echo "</table>\n";
|
||||
break;
|
||||
|
||||
case "SendMsg" :
|
||||
echo Get_Text("pub_messages_Send1") . "...<br />\n";
|
||||
|
||||
$SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (" .
|
||||
"'" . gmdate("Y-m-j H:i:s", time()) . "', " .
|
||||
"'" . $_SESSION["UID"] . "', " .
|
||||
"'" . $_POST["RUID"] . "', " .
|
||||
"'" . $_POST["Text"] . "');";
|
||||
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if ($Erg == 1)
|
||||
echo Get_Text("pub_messages_Send_OK") . "\n";
|
||||
else
|
||||
echo Get_Text("pub_messages_Send_Error") . "...\n(" . mysql_error($con) . ")";
|
||||
break;
|
||||
|
||||
case "MarkRead" :
|
||||
$SQL = "UPDATE `Messages` SET `isRead` = 'Y' " .
|
||||
"WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID`='" . $_SESSION["UID"] . "' " .
|
||||
"LIMIT 1 ;";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if ($Erg == 1)
|
||||
echo Get_Text("pub_messages_MarkRead_OK") . "\n";
|
||||
else
|
||||
echo Get_Text("pub_messages_MarkRead_KO") . "...\n(" . mysql_error($con) . ")";
|
||||
break;
|
||||
|
||||
case "DelMsg" :
|
||||
$SQL = "DELETE FROM `Messages` " .
|
||||
"WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID` ='" . $_SESSION["UID"] . "' " .
|
||||
"LIMIT 1;";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if ($Erg == 1)
|
||||
echo Get_Text("pub_messages_DelMsg_OK") . "\n";
|
||||
else
|
||||
echo Get_Text("pub_messages_DelMsg_KO") . "...\n(" . mysql_error($con) . ")";
|
||||
break;
|
||||
|
||||
default :
|
||||
echo Get_Text("pub_messages_NoCommand");
|
||||
}
|
||||
}
|
||||
?>
|
@ -0,0 +1,168 @@
|
||||
<?php
|
||||
function user_meetings() {
|
||||
global $DISPLAY_NEWS, $privileges, $user;
|
||||
|
||||
$html = "";
|
||||
|
||||
if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
|
||||
$page = $_REQUEST['page'];
|
||||
else
|
||||
$page = 0;
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS);
|
||||
foreach ($news as $entry)
|
||||
$html .= display_news($entry);
|
||||
|
||||
$html .= "<div class=\"pagination\">\n\n";
|
||||
$dis_rows = ceil(sql_num_query("SELECT * FROM `News` WHERE `Treffen`=1") / $DISPLAY_NEWS);
|
||||
|
||||
$html .= Get_Text(5);
|
||||
|
||||
for ($i = 0; $i < $dis_rows; $i++) {
|
||||
if ($i == $_REQUEST['page'])
|
||||
$html .= ($i +1) . " ";
|
||||
else
|
||||
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a> ';
|
||||
}
|
||||
$html .= '</div>';
|
||||
return $html;
|
||||
}
|
||||
|
||||
function display_news($news) {
|
||||
global $privileges, $p;
|
||||
|
||||
$html .= "";
|
||||
$html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">';
|
||||
$html .= '<details>';
|
||||
$html .= date("Y-m-d H:i", $news['Datum']) . ', ';
|
||||
$html .= UID2Nick($news['UID']);
|
||||
if ($p != "news_comments")
|
||||
$html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »</a>';
|
||||
$html .= '</details>';
|
||||
$html .= '<h3>' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
|
||||
$html .= '<p>' . ReplaceSmilies(nl2br($news['Text'])) . '</p>';
|
||||
if (in_array("admin_news", $privileges))
|
||||
$html .= "<details><a href=\"" . page_link_to("admin_news") . "&action=edit&id=" . $news['ID'] . "\">Edit</a></details>\n";
|
||||
|
||||
$html .= '</article>';
|
||||
return $html;
|
||||
}
|
||||
|
||||
function user_news_comments() {
|
||||
global $user;
|
||||
|
||||
$html = "";
|
||||
if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) {
|
||||
$nid = $_REQUEST["nid"];
|
||||
list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1");
|
||||
if (isset ($_REQUEST["text"])) {
|
||||
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
||||
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
|
||||
$html .= success("Eintrag wurde gespeichert");
|
||||
}
|
||||
|
||||
$html .= '<a href="' . page_link_to("news") . '">« Back</a>';
|
||||
$html .= display_news($news);
|
||||
|
||||
$html .= '<h2>Kommentare</h2>';
|
||||
|
||||
$comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'");
|
||||
foreach ($comments as $comment) {
|
||||
$html .= '<article class="news_comment">';
|
||||
$html .= DisplayAvatar($comment['UID']);
|
||||
$html .= '<details>';
|
||||
$html .= $comment['Datum'] . ', ';
|
||||
$html .= UID2Nick($comment['UID']);
|
||||
$html .= '</details>';
|
||||
$html .= '<p>' . nl2br($comment['Text']) . '</p>';
|
||||
$html .= '</article>';
|
||||
}
|
||||
|
||||
$html .= "</table>";
|
||||
$html .= '
|
||||
<br />
|
||||
<hr>
|
||||
<h2>Neuer Kommentar:</h2>
|
||||
<a name="Neu"> </a>
|
||||
|
||||
<form action="' . page_link_to("news_comments") . '" method="post">
|
||||
<input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '">
|
||||
<table>
|
||||
<tr>
|
||||
<td align="right" valign="top">Text:</td>
|
||||
<td><textarea name="text" cols="50" rows="10"></textarea></td>
|
||||
</tr>
|
||||
</table>
|
||||
<br />
|
||||
<input type="submit" value="sichern...">
|
||||
</form>';
|
||||
} else {
|
||||
$html .= "Fehlerhafter Aufruf!";
|
||||
}
|
||||
|
||||
return $html;
|
||||
}
|
||||
|
||||
function user_news() {
|
||||
global $DISPLAY_NEWS, $privileges, $user;
|
||||
|
||||
$html = "";
|
||||
|
||||
if (isset ($_POST["text"]) && isset ($_POST["betreff"])) {
|
||||
if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges))
|
||||
$_POST["treffen"] = 0;
|
||||
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
|
||||
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
|
||||
"', '" . sql_escape($_POST["treffen"]) . "');");
|
||||
$html .= success(Get_Text(4));
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
|
||||
$page = $_REQUEST['page'];
|
||||
else
|
||||
$page = 0;
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS);
|
||||
foreach ($news as $entry)
|
||||
$html .= display_news($entry);
|
||||
|
||||
$html .= "<div class=\"pagination\">\n\n";
|
||||
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
|
||||
|
||||
$html .= Get_Text(5);
|
||||
|
||||
for ($i = 0; $i < $dis_rows; $i++) {
|
||||
if ($i == $_REQUEST['page'])
|
||||
$html .= ($i +1) . " ";
|
||||
else
|
||||
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a> ';
|
||||
}
|
||||
$html .= '</div>
|
||||
<br /><hr />
|
||||
<h2>' . Get_Text(6) . '</h2>
|
||||
<a name="Neu"> </a>
|
||||
|
||||
<form action="" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td align="right">' . Get_Text(7) . '</td>
|
||||
<td><input type="text" name="betreff" size="60"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="right">' . Get_Text(8) . '</td>
|
||||
<td><textarea name="text" cols="50" rows="10"></textarea></td>
|
||||
</tr>';
|
||||
if (in_array('admin_news', $privileges)) {
|
||||
$html .= ' <tr>
|
||||
<td align="right">' . Get_Text(9) . '</td>
|
||||
<td><input type="checkbox" name="treffen" size="1" value="1"></td>
|
||||
</tr>';
|
||||
|
||||
}
|
||||
$html .= '</table>
|
||||
<br />
|
||||
<input type="submit" value="' . Get_Text("save") . '">
|
||||
</form>';
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,50 @@
|
||||
<?php
|
||||
function user_questions() {
|
||||
global $user;
|
||||
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
$open_questions = "";
|
||||
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0 AND `UID`=" . sql_escape($user['UID']));
|
||||
foreach ($questions as $question)
|
||||
$open_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td><td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Delete</a></td><tr>';
|
||||
|
||||
$answered_questions = "";
|
||||
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0 AND `UID`=" . sql_escape($user['UID']));
|
||||
foreach ($questions as $question) {
|
||||
$answered_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td>';
|
||||
$answered_questions .= '<td>' . UID2Nick($question['AID']) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>';
|
||||
$answered_questions .= '<td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Delete</a></td><tr>';
|
||||
}
|
||||
|
||||
return template_render('../templates/user_questions.html', array (
|
||||
'link' => page_link_to("user_questions"),
|
||||
'open_questions' => $open_questions,
|
||||
'answered_questions' => $answered_questions
|
||||
));
|
||||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'ask' :
|
||||
$question = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question'])));
|
||||
if ($question != "") {
|
||||
sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'");
|
||||
header("Location: " . page_link_to("user_questions"));
|
||||
} else
|
||||
return error("Please enter a question!");
|
||||
break;
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Question ID.");
|
||||
|
||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
|
||||
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_questions"));
|
||||
} else
|
||||
return error("No question found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
@ -0,0 +1,252 @@
|
||||
<?php
|
||||
function user_settings() {
|
||||
global $user;
|
||||
|
||||
if (!isset ($_REQUEST['action'])) {
|
||||
$tshirt_html = template_render('../templates/user_settings_tshirt.html', array (
|
||||
'label_size' => Get_Text("makeuser_T-Shirt"),
|
||||
'size_select' => ($user['Tshirt'] == 0) ? html_select_key('size', array (
|
||||
'S' => "S",
|
||||
'M' => "M",
|
||||
'L' => "L",
|
||||
'XL' => "XL",
|
||||
'2XL' => "2XL",
|
||||
'3XL' => "3XL",
|
||||
'4XL' => "4XL",
|
||||
'5XL' => "5XL",
|
||||
'S-G' => "S Girl",
|
||||
'M-G' => "M Girl",
|
||||
'L-G' => "L Girl",
|
||||
'XL-G' => "XL Girl"
|
||||
), $user['Size']) : $user['Size']
|
||||
));
|
||||
|
||||
return template_render('../templates/user_settings.html', array (
|
||||
'link' => page_link_to("user_settings"),
|
||||
'greeting' => Get_Text("Hallo") . $user['Nick'] . ",<br />" . Get_Text(13),
|
||||
'text_user_data' => Get_Text("pub_einstellungen_Text_UserData"),
|
||||
'label_nick' => Get_Text("pub_einstellungen_Nick"),
|
||||
'label_name' => Get_Text("pub_einstellungen_Name"),
|
||||
'label_prename' => Get_Text("pub_einstellungen_Vorname"),
|
||||
'label_age' => Get_Text("pub_einstellungen_Alter"),
|
||||
'label_tel' => Get_Text("pub_einstellungen_Telefon"),
|
||||
'label_mobile' => Get_Text("pub_einstellungen_Handy"),
|
||||
'label_dect' => Get_Text("pub_einstellungen_DECT"),
|
||||
'label_mail' => Get_Text("pub_einstellungen_Email"),
|
||||
'label_hometown' => Get_Text("pub_einstellungen_Hometown"),
|
||||
'nick' => $user['Nick'],
|
||||
'name' => $user['Name'],
|
||||
'prename' => $user['Vorname'],
|
||||
'age' => $user['Alter'],
|
||||
'tel' => $user['Telefon'],
|
||||
'mobile' => $user['Handy'],
|
||||
'dect' => $user['DECT'],
|
||||
'mail' => $user['email'],
|
||||
'icq' => $user['ICQ'],
|
||||
'jabber' => $user['jabber'],
|
||||
'hometown' => $user['Hometown'],
|
||||
'label_save' => Get_Text("save"),
|
||||
'tshirts' => $tshirt_html,
|
||||
'text_password' => Get_Text(14),
|
||||
'current_pw_label' => Get_Text(15),
|
||||
'new_pw_label' => Get_Text(16),
|
||||
'new_pw2_label' => Get_Text(17),
|
||||
'text_theme' => Get_Text(18),
|
||||
'theme_label' => Get_Text(19),
|
||||
'theme_select' => html_select_key('theme', array (
|
||||
"1" => "Standard-Style",
|
||||
"2" => "ot/Gelber Style",
|
||||
"3" => "Club-Mate Style",
|
||||
"5" => "Debian Style",
|
||||
"6" => "c-base Style",
|
||||
"7" => "Blau/Gelber Style",
|
||||
"8" => "Pastel Style",
|
||||
"4" => "Test Style",
|
||||
"9" => "Test Style 21c3",
|
||||
"10" => "msquare (cccamp2011)"
|
||||
), $user['color']),
|
||||
'text_language' => Get_Text(20),
|
||||
'language_label' => Get_Text(21),
|
||||
'language_select' => html_select_key('language', array (
|
||||
'DE' => "Deutsch",
|
||||
'EN' => "English"
|
||||
), $user['Sprache'])
|
||||
));
|
||||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'sprache' :
|
||||
if (isset ($_REQUEST['language']) && preg_match("/^DE|EN$/", $_REQUEST['language']))
|
||||
$language = $_REQUEST['language'];
|
||||
else
|
||||
$language = "EN";
|
||||
sql_query("UPDATE `User` SET " . "`Sprache`='" . sql_escape($language) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||
$_SESSION['Sprache'] = $language;
|
||||
header("Location: " . page_link_to("user_settings"));
|
||||
break;
|
||||
|
||||
case 'colour' :
|
||||
$theme = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['theme']));
|
||||
sql_query("UPDATE `User` SET " . "`color`='" . sql_escape($theme) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_settings"));
|
||||
break;
|
||||
|
||||
case 'set' :
|
||||
$html = "";
|
||||
if ($_REQUEST["new_pw"] == $_REQUEST["new_pw2"]) {
|
||||
if (PassCrypt($_REQUEST["current_pw"]) == $user['Passwort']) {
|
||||
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_settings"));
|
||||
} else {
|
||||
$html .= error(Get_Text(30));
|
||||
}
|
||||
} else {
|
||||
$html .= error(Get_Text(31));
|
||||
}
|
||||
return $html;
|
||||
break;
|
||||
|
||||
case "setUserData" :
|
||||
$nick = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['nick']));
|
||||
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name']));
|
||||
$prename = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['prename']));
|
||||
$age = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['age']));
|
||||
$tel = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['tel']));
|
||||
$mobile = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mobile']));
|
||||
$dect = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['dect']));
|
||||
$mail = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mail']));
|
||||
$icq = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['icq']));
|
||||
$jabber = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['jabber']));
|
||||
$hometown = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['hometown']));
|
||||
$size = ($user['TShirt'] == 0) ? preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['size'])) : $user['Size'];
|
||||
|
||||
sql_query("UPDATE `User` SET " .
|
||||
"`Nick`='" . sql_escape($nick) . "', " .
|
||||
"`Name`='" . sql_escape($name) . "', " .
|
||||
"`Vorname`='" . sql_escape($prename) . "', " .
|
||||
"`Alter`='" . sql_escape($age) . "', " .
|
||||
"`Telefon`='" . sql_escape($tel) . "', " .
|
||||
"`Handy`='" . sql_escape($mobile) . "', " .
|
||||
"`DECT`='" . sql_escape($dect) . "', " .
|
||||
"`email`='" . sql_escape($mail) . "', " .
|
||||
"`ICQ`='" . sql_escape($icq) . "', " .
|
||||
"`jabber`='" . sql_escape($jabber) . "', " .
|
||||
"`Hometown`='" . sql_escape($hometown) . "', " .
|
||||
"`Size`='" . sql_escape($size) . "' " .
|
||||
"WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_settings"));
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// AVATARE
|
||||
/*
|
||||
if (get_cfg_var("file_uploads")) {
|
||||
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
||||
echo Get_Text('pub_einstellungen_PictureUpload') . "<br />";
|
||||
echo "<form action=\"./einstellungen.php\" method=\"post\" enctype=\"multipart/form-data\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"sendPicture\">\n";
|
||||
echo "<input name=\"file\" type=\"file\" size=\"50\" maxlength=\"" . get_cfg_var("post_max_size") . "\">\n";
|
||||
echo "(max " . get_cfg_var("post_max_size") . "Byte)<br />\n";
|
||||
echo "<input type=\"submit\" value=\"" . Get_Text("upload"), "\">\n";
|
||||
echo "</form>\n";
|
||||
}
|
||||
|
||||
switch (GetPicturShow($_SESSION['UID'])) {
|
||||
case 'Y' :
|
||||
echo Get_Text('pub_einstellungen_PictureShow') . "<br />";
|
||||
echo displayPictur($_SESSION['UID'], 0);
|
||||
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
|
||||
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
|
||||
echo "</form>\n";
|
||||
break;
|
||||
case 'N' :
|
||||
echo Get_Text('pub_einstellungen_PictureNoShow') . "<br />";
|
||||
echo displayPictur($_SESSION['UID'], 0);
|
||||
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
|
||||
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
|
||||
echo "</form>\n";
|
||||
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
||||
case '' :
|
||||
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
||||
echo Get_Text(22) . "<br />";
|
||||
echo "\n<form action=\"./einstellungen.php\" method=\"post\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"avatar\">\n";
|
||||
echo "<table>\n";
|
||||
echo "<tr>\n<td>" . Get_Text(23) . "<br /></td>\n</tr>\n";
|
||||
echo "<tr>\n";
|
||||
echo "<td>\n";
|
||||
echo "<select name=\"eAvatar\" onChange=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\" onKeyup=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\">\n";
|
||||
|
||||
for ($i = 1; file_exists("../pic/avatar/avatar" . $i . ".gif"); $i++)
|
||||
echo "<option value=\"" . $i . "\"" . ($_SESSION['Avatar'] == $i ? " selected" : "") . ">avatar" . $i . "</option>\n";
|
||||
|
||||
echo "</select> \n";
|
||||
echo "<img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . $_SESSION['Avatar'] . ".gif\" name=\"avatar\" border=\"0\" align=\"top\">\n";
|
||||
echo "</td>\n</tr>\n";
|
||||
echo "</table>\n";
|
||||
echo "<input type=\"submit\" value=\"" . Get_Text("save") . "\">\n";
|
||||
echo "</form>\n";
|
||||
break;
|
||||
} //CASE
|
||||
|
||||
} else {
|
||||
switch ($_POST["action"]) {
|
||||
|
||||
case 'avatar' :
|
||||
$chsql = "UPDATE `User` SET `Avatar`='" . $_POST["eAvatar"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
||||
$Erg = mysql_query($chsql, $con);
|
||||
$_SESSION['Avatar'] = $_POST["eAvatar"];
|
||||
if ($Erg == 1)
|
||||
Print_Text(34);
|
||||
else
|
||||
Print_Text(29);
|
||||
break;
|
||||
|
||||
case 'setUserData' :
|
||||
|
||||
break;
|
||||
|
||||
case 'sendPicture' :
|
||||
if ($_FILES["file"]["size"] > 0) {
|
||||
if (($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif")) {
|
||||
$data = addslashes(fread(fopen($_FILES["file"]["tmp_name"], "r"), filesize($_FILES["file"]["tmp_name"])));
|
||||
|
||||
if (GetPicturShow($_SESSION['UID']) == "")
|
||||
$SQL = "INSERT INTO `UserPicture` " .
|
||||
"( `UID`,`Bild`, `ContentType`, `show`) " .
|
||||
"VALUES ('" . $_SESSION['UID'] . "', '$data', '" . $_FILES["file"]["type"] . "', 'N')";
|
||||
else
|
||||
$SQL = "UPDATE `UserPicture` SET " .
|
||||
"`Bild`='$data', " .
|
||||
"`ContentType`='" . $_FILES["file"]["type"] . "', " .
|
||||
"`show`='N' " .
|
||||
"WHERE `UID`='" . $_SESSION['UID'] . "'";
|
||||
|
||||
$res = mysql_query($SQL, $con);
|
||||
if ($res)
|
||||
Print_Text("pub_einstellungen_send_OK");
|
||||
else
|
||||
Print_Text("pub_einstellungen_send_KO");
|
||||
|
||||
echo "<h6>('" . $_FILES["file"]["name"] . "', MIME-Type: " . $_FILES["file"]["type"] . ", " . $_FILES["file"]["size"] . " Byte)</h6>";
|
||||
} else
|
||||
Print_Text("pub_einstellungen_send_KO");
|
||||
} else
|
||||
Print_Text("pub_einstellungen_send_KO");
|
||||
break;
|
||||
|
||||
case 'delPicture' :
|
||||
$chsql = "DELETE FROM `UserPicture` WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
||||
$Erg = mysql_query($chsql, $con);
|
||||
if ($Erg == 1)
|
||||
Print_Text("pub_einstellungen_del_OK");
|
||||
else
|
||||
Print_Text("pub_einstellungen_del_KO");
|
||||
Break;
|
||||
}
|
||||
}
|
||||
*/
|
||||
}
|
||||
?>
|
@ -0,0 +1,86 @@
|
||||
<?php
|
||||
function user_wakeup() {
|
||||
global $user;
|
||||
|
||||
$html = "";
|
||||
|
||||
if (isset ($_REQUEST['action'])) {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'create' :
|
||||
$date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']);
|
||||
if ($date != null) {
|
||||
$date = $date->getTimestamp();
|
||||
$bemerkung = strip_request_item_nl('Bemerkung');
|
||||
$ort = strip_request_item('Ort');
|
||||
$SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) "
|
||||
. "VALUES ('" . sql_escape($user['UID']) . "', '"
|
||||
. sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'"
|
||||
. sql_escape($bemerkung) . "')";
|
||||
sql_query($SQL);
|
||||
$html .= success(Get_Text(4));
|
||||
} else
|
||||
$html .= error("Broken date!");
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing wake-up ID.");
|
||||
|
||||
$wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) {
|
||||
sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$html .= success("Wake-up call deleted.");
|
||||
} else
|
||||
return error("No wake-up found.");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$html .= "<p>" . Get_Text("Hello") . $user['Nick'] . ",<br />"
|
||||
. Get_Text("pub_wake_beschreibung") . "</p>\n\n";
|
||||
$html .= Get_Text("pub_wake_beschreibung2");
|
||||
$html .= '
|
||||
<table border="0" width="100%" class="border" cellpadding="2" cellspacing="1">
|
||||
<tr class="contenttopic">
|
||||
<th>' . Get_Text("pub_wake_Datum") . '</th>
|
||||
<th>' . Get_Text("pub_waeckliste_Nick") . '</th>
|
||||
<th>' . Get_Text("pub_wake_Ort") . '</th>
|
||||
<th>' . Get_Text("pub_wake_Bemerkung") . '</th>
|
||||
<th></th>
|
||||
</tr>
|
||||
';
|
||||
|
||||
$sql = "SELECT * FROM `Wecken` ORDER BY `Date` ASC";
|
||||
$Erg = sql_query($sql);
|
||||
$count = mysql_num_rows($Erg);
|
||||
|
||||
for ($i = 0; $i < $count; $i++) {
|
||||
$row = mysql_fetch_row($Erg);
|
||||
$html .= '<tr class="content">';
|
||||
$html .= '<td>' . date("Y-m-d H:i", mysql_result($Erg, $i, "Date")) . ' </td>';
|
||||
$html .= '<td>' . UID2Nick(mysql_result($Erg, $i, "UID")) . ' </td>';
|
||||
$html .= '<td>' . mysql_result($Erg, $i, "Ort") . ' </td>';
|
||||
$html .= '<td>' . mysql_result($Erg, $i, "Bemerkung") . ' </td>';
|
||||
if (mysql_result($Erg, $i, "UID") == $user['UID'])
|
||||
$html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . mysql_result($Erg, $i, "ID") . "\">" . Get_Text("pub_wake_del") . '</a></td>';
|
||||
else
|
||||
$html .= '<td></td>';
|
||||
$html .= '</tr>';
|
||||
}
|
||||
|
||||
$html .= '</table><hr />' . Get_Text("pub_wake_Text2");
|
||||
|
||||
$html .= template_render('../templates/user_wakeup.html', array (
|
||||
'wakeup_link' => page_link_to("user_wakeup"),
|
||||
'date_text' => Get_Text("pub_wake_Datum"),
|
||||
'date_value' => date("Y-m-d H:i"),
|
||||
'place_text' => Get_Text("pub_wake_Ort"),
|
||||
'comment_text' => Get_Text("pub_wake_Bemerkung"),
|
||||
'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent",
|
||||
'submit_text' => Get_Text("pub_wake_bouton")
|
||||
));
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -1,41 +0,0 @@
|
||||
<?php
|
||||
//soll dein funktion entahlten die alle übergebenen parameter überprüft
|
||||
//'`'"
|
||||
|
||||
if( $DEBUG)
|
||||
echo "secure.php START<br>\n";
|
||||
|
||||
foreach ($_GET as $k => $v)
|
||||
{
|
||||
// $v = htmlspecialchars($v, ENT_QUOTES);
|
||||
// $v = mysql_escape_string($v);
|
||||
$v = htmlentities($v, ENT_QUOTES);
|
||||
if (preg_match('/([\'"`\'])/', $v, $match))
|
||||
{
|
||||
print "sorry get has illegal char '$match[1]'";
|
||||
exit;
|
||||
}
|
||||
$_GET[$k] = $v;
|
||||
|
||||
if( $DEBUG)
|
||||
echo "GET $k=\"$v\"<br>";
|
||||
}
|
||||
|
||||
foreach ($_POST as $k => $v)
|
||||
{
|
||||
// $v = htmlspecialchars($v, ENT_QUOTES);
|
||||
// $v = mysql_escape_string($v);
|
||||
$v = htmlentities($v, ENT_QUOTES);
|
||||
if (preg_match('/([\'"`\'])/', $v, $match)) {
|
||||
print "sorry post has illegal char '$match[1]'";
|
||||
exit;
|
||||
}
|
||||
$_POST[$k] = $v;
|
||||
|
||||
if( $DEBUG)
|
||||
echo "POST $k=\"$v\"<br>";
|
||||
}
|
||||
if( $DEBUG)
|
||||
echo "secure.php END<br>\n";
|
||||
|
||||
?>
|
@ -0,0 +1,95 @@
|
||||
<?php
|
||||
|
||||
|
||||
// Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
|
||||
function load_auth() {
|
||||
global $user, $privileges;
|
||||
|
||||
if (!isset ($_SESSION['IP']))
|
||||
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
|
||||
|
||||
if ($_SESSION['IP'] != $_SERVER['REMOTE_ADDR']) {
|
||||
session_destroy();
|
||||
header("Location: " . link_to_page($start));
|
||||
}
|
||||
|
||||
$user = null;
|
||||
if (isset ($_SESSION['uid'])) {
|
||||
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");
|
||||
if (count($user) > 0) {
|
||||
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
|
||||
list ($user) = $user;
|
||||
sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
|
||||
} else
|
||||
unset ($_SESSION['uid']);
|
||||
}
|
||||
|
||||
$privileges = isset ($user) ? privileges_for_user($user['UID']) : privileges_for_group(-1);
|
||||
}
|
||||
|
||||
function PassCrypt($passwort) {
|
||||
global $crypt_system;
|
||||
|
||||
switch ($crypt_system) {
|
||||
case "crypt" :
|
||||
return "{crypt}" . crypt($passwort, "77");
|
||||
case "md5" :
|
||||
return md5($passwort);
|
||||
}
|
||||
}
|
||||
|
||||
// JSON Authorisierungs-Schnittstelle
|
||||
function json_auth_service() {
|
||||
global $CurrentExternAuthPass;
|
||||
|
||||
header("Content-Type: application/json");
|
||||
|
||||
$User = $_REQUEST['user'];
|
||||
$Pass = $_REQUEST['pw'];
|
||||
$SourceOuth = $_REQUEST['so'];
|
||||
|
||||
if (isset ($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) {
|
||||
$sql = "SELECT * FROM `User` WHERE `Nick`='" . sql_escape($User) . "'";
|
||||
$Erg = sql_query($sql);
|
||||
|
||||
if (mysql_num_rows($Erg) == 1) {
|
||||
if (mysql_result($Erg, 0, "Passwort") == PassCrypt($Pass)) {
|
||||
$UID = mysql_result($Erg, 0, "UID");
|
||||
|
||||
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";");
|
||||
foreach ($user_privs as $user_priv)
|
||||
$privileges[] = $user_priv['name'];
|
||||
|
||||
$msg = array (
|
||||
'status' => 'success',
|
||||
'rights' => $privileges
|
||||
);
|
||||
echo json_encode($msg);
|
||||
die();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode(array (
|
||||
'status' => 'failed',
|
||||
'error' => "JSON Service GET syntax: https://engelsystem.de/?auth&user=<user>&pw=<password>&so=<key>, POST is possible too"
|
||||
));
|
||||
die();
|
||||
}
|
||||
|
||||
function privileges_for_user($user_id) {
|
||||
$privileges = array ();
|
||||
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user_id) . ";");
|
||||
foreach ($user_privs as $user_priv)
|
||||
$privileges[] = $user_priv['name'];
|
||||
return $privileges;
|
||||
}
|
||||
|
||||
function privileges_for_group($group_id) {
|
||||
$privileges = array ();
|
||||
$groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group_id));
|
||||
foreach ($groups_privs as $guest_priv)
|
||||
$privileges[] = $guest_priv['name'];
|
||||
return $privileges;
|
||||
}
|
||||
?>
|
@ -0,0 +1,10 @@
|
||||
<?php
|
||||
function counter() {
|
||||
global $p;
|
||||
|
||||
if (sql_num_query("SELECT `Anz` FROM `Counter` WHERE `URL`='" . sql_escape($p) . "'") == 0)
|
||||
sql_query("INSERT INTO `Counter` ( `URL` , `Anz` ) VALUES ('" . sql_escape($p) . "', '1');");
|
||||
else
|
||||
sql_query("UPDATE `Counter` SET `Anz` = `Anz` + 1 WHERE `URL` = '" . sql_escape($p) . "' LIMIT 1 ;");
|
||||
}
|
||||
?>
|
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
function Get_Text($TextID, $NoError = false) {
|
||||
global $con, $error_messages, $debug;
|
||||
|
||||
if (!isset ($_SESSION['Sprache']))
|
||||
$_SESSION['Sprache'] = "EN";
|
||||
if ($_SESSION['Sprache'] == "")
|
||||
$_SESSION['Sprache'] = "EN";
|
||||
if (isset ($_GET["SetLanguage"]))
|
||||
$_SESSION['Sprache'] = $_GET["SetLanguage"];
|
||||
|
||||
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='" . $_SESSION['Sprache'] . "'";
|
||||
@ $Erg = mysql_query($SQL, $con);
|
||||
|
||||
if (mysql_num_rows($Erg) == 1)
|
||||
return (@ mysql_result($Erg, 0, "Text"));
|
||||
elseif ($NoError && !$debug) return "";
|
||||
else {
|
||||
return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x";
|
||||
}
|
||||
}
|
||||
|
||||
function Print_Text($TextID, $NoError = false) {
|
||||
echo Get_Text($TextID, $NoError);
|
||||
}
|
||||
?>
|
@ -0,0 +1,121 @@
|
||||
<?php
|
||||
function page_link_to($page) {
|
||||
return '?p=' . $page;
|
||||
}
|
||||
|
||||
function make_navigation() {
|
||||
global $p;
|
||||
global $privileges;
|
||||
$menu_items = $privileges;
|
||||
$menu_items[] = "faq";
|
||||
$menu = "";
|
||||
|
||||
// Standard Navigation
|
||||
$menu .= make_navigation_for(Get_Text('/'), array (
|
||||
"start",
|
||||
"login",
|
||||
"logout",
|
||||
"register",
|
||||
"faq"
|
||||
));
|
||||
|
||||
// Engel Navigation
|
||||
$menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array (
|
||||
"news",
|
||||
"user_meetings",
|
||||
"user_myshifts",
|
||||
"user_shifts",
|
||||
"user_messages",
|
||||
"user_questions",
|
||||
"user_wakeup",
|
||||
"user_settings"
|
||||
));
|
||||
|
||||
// Admin Navigation
|
||||
$menu .= make_navigation_for(Get_Text('admin/'), array (
|
||||
"admin_user",
|
||||
"admin_usershifts",
|
||||
"admin_questions",
|
||||
"admin_angel_types",
|
||||
"admin_shifts",
|
||||
"admin_rooms",
|
||||
"admin_groups",
|
||||
"admin_faq",
|
||||
"admin_language",
|
||||
"admin_import",
|
||||
"admin_log"
|
||||
));
|
||||
return $menu;
|
||||
}
|
||||
|
||||
function make_navigation_for($name, $pages) {
|
||||
global $privileges, $p;
|
||||
|
||||
$specials = array (
|
||||
"faq"
|
||||
);
|
||||
|
||||
$menu = "";
|
||||
foreach ($pages as $page)
|
||||
if (in_array($page, $privileges) || in_array($page, $specials))
|
||||
$menu .= '<li' . ($page == $p ? ' class="selected"' : '') . '><a href="' . page_link_to($page) . '">' . Get_Text($page) . '</a></li>';
|
||||
|
||||
if ($menu != "")
|
||||
$menu = '<nav class="container"><h4>' . $name . '</h4><ul class="content">' . $menu . '</ul></nav>';
|
||||
return $menu;
|
||||
}
|
||||
|
||||
function make_menu() {
|
||||
return make_navigation() . make_onlineusers() . make_langselect();
|
||||
}
|
||||
|
||||
function make_onlineusers() {
|
||||
global $privileges, $user;
|
||||
$html = '<nav class="container"><h4>Engel online</h4>';
|
||||
|
||||
$query = "SELECT UID, Nick, lastLogIn " . "FROM User " . "WHERE (`lastLogIn` > '" . (time() - 60 * 60) . "') " . "ORDER BY lastLogIn DESC";
|
||||
$users = sql_select($query);
|
||||
|
||||
if (count($users) > 0) {
|
||||
$html .= "<ul class=\"content\">";
|
||||
|
||||
foreach ($users as $online_user) {
|
||||
if (isset ($user) && $online_user['UID'] == $user['UID'])
|
||||
continue;
|
||||
|
||||
$html .= "<li>";
|
||||
|
||||
//if (isset ($user))
|
||||
//$html .= DisplayAvatar($online_user['UID']);
|
||||
|
||||
// Show Admin Page
|
||||
if (in_array("admin_user_edit", $privileges)) {
|
||||
$html .= '<a href="admin/userChangeNormal.php?enterUID=' . $online_user['UID'] . '&Type=Normal">' . $online_user['Nick'] . '</a>';
|
||||
} else {
|
||||
$html .= $online_user['Nick'];
|
||||
}
|
||||
$last_action = time() - $online_user['lastLogIn'];
|
||||
|
||||
$html .= " " . date("i:s", $last_action);
|
||||
$html .= "</li>\n";
|
||||
}
|
||||
|
||||
$html .= "</ul>";
|
||||
} else {
|
||||
$html .= '<p class="content">Nobody...</p>';
|
||||
}
|
||||
$html .= '</nav>';
|
||||
return $html;
|
||||
}
|
||||
|
||||
function make_langselect() {
|
||||
if (strpos($_SERVER["REQUEST_URI"], "?") > 0)
|
||||
$URL = $_SERVER["REQUEST_URI"] . "&SetLanguage=";
|
||||
else
|
||||
$URL = $_SERVER["REQUEST_URI"] . "?SetLanguage=";
|
||||
|
||||
$html = '<p class="content"><a class="sprache" href="' . $URL . 'DE"><img src="pic/flag/de.png" alt="DE" title="Deutsch"></a>';
|
||||
$html .= '<a class="sprache" href="' . $URL . 'EN"><img src="pic/flag/en.png" alt="EN" title="English"></a></p>';
|
||||
return '<nav class="container"><h4>' . Get_Text("Sprache") . '</h4>' . $html . '</nav>';
|
||||
}
|
||||
?>
|
@ -0,0 +1,61 @@
|
||||
<?php
|
||||
function sql_connect($host, $user, $pw, $db) {
|
||||
global $con;
|
||||
global $host;
|
||||
|
||||
@ $con = mysql_connect($host, $user, $pw);
|
||||
|
||||
if ($con == null)
|
||||
die("no mysql-connection");
|
||||
|
||||
if (!mysql_select_db($db, $con))
|
||||
die("mysql db-selection failed");
|
||||
|
||||
mysql_query("SET CHARACTER SET utf8;", $con);
|
||||
mysql_query("SET NAMES 'utf8'", $con);
|
||||
}
|
||||
|
||||
// Do select query
|
||||
function sql_select($query) {
|
||||
global $con;
|
||||
$start = microtime(true);
|
||||
if ($result = mysql_query($query, $con)) {
|
||||
$data = array ();
|
||||
while ($line = mysql_fetch_assoc($result)) {
|
||||
array_push($data, $line);
|
||||
}
|
||||
return $data;
|
||||
} else {
|
||||
die('MySQL-query error: ' . $query . ", " . mysql_error($con));
|
||||
}
|
||||
}
|
||||
|
||||
// Execute a query
|
||||
function sql_query($query) {
|
||||
global $con;
|
||||
$start = microtime(true);
|
||||
if ($result = mysql_query($query, $con)) {
|
||||
return $result;
|
||||
} else {
|
||||
die('MySQL-query error: ' . $query . ", " . mysql_error($con));
|
||||
}
|
||||
}
|
||||
|
||||
function sql_id() {
|
||||
global $con;
|
||||
return mysql_insert_id($con);
|
||||
}
|
||||
|
||||
function sql_escape($query) {
|
||||
return mysql_real_escape_string($query);
|
||||
}
|
||||
|
||||
function sql_num_query($query) {
|
||||
return mysql_num_rows(sql_query($query));
|
||||
}
|
||||
|
||||
function sql_error() {
|
||||
global $con;
|
||||
return mysql_error($con);
|
||||
}
|
||||
?>
|
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
function strip_request_item($name) {
|
||||
return preg_replace(
|
||||
"/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui",
|
||||
'',
|
||||
strip_tags($_REQUEST[$name])
|
||||
);
|
||||
}
|
||||
|
||||
function strip_request_item_nl($name) {
|
||||
return preg_replace(
|
||||
"/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
|
||||
'',
|
||||
strip_tags($_REQUEST[$name])
|
||||
);
|
||||
}
|
||||
|
||||
function error($msg) {
|
||||
return '<p class="error">' . $msg . '</p>';
|
||||
}
|
||||
|
||||
function success($msg) {
|
||||
return '<p class="success">' . $msg . '</p>';
|
||||
}
|
||||
?>
|
@ -0,0 +1,36 @@
|
||||
<?php
|
||||
|
||||
|
||||
// Load and render template
|
||||
function template_render($file, $data) {
|
||||
if (file_exists($file)) {
|
||||
$template = file_get_contents($file);
|
||||
if (is_array($data))
|
||||
foreach ($data as $name => $content) {
|
||||
$template = str_replace("%" . $name . "%", $content, $template);
|
||||
}
|
||||
return $template;
|
||||
} else {
|
||||
die('Cannot find template file «' . $file . '».');
|
||||
}
|
||||
}
|
||||
|
||||
function html_options($name, $options, $selected = "") {
|
||||
$html = "";
|
||||
foreach ($options as $value => $label)
|
||||
$html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label;
|
||||
|
||||
return $html;
|
||||
}
|
||||
|
||||
function html_select_key($name, $rows, $selected) {
|
||||
$html = '<select name="' . $name . '">';
|
||||
foreach ($rows as $key => $row)
|
||||
if (($key == $selected) || ($row == $selected))
|
||||
$html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
|
||||
else
|
||||
$html .= '<option value="' . $key . '">' . $row . '</option>';
|
||||
$html .= '</select>';
|
||||
return $html;
|
||||
}
|
||||
?>
|
@ -0,0 +1,106 @@
|
||||
<?php
|
||||
function UID2Nick($UID) {
|
||||
if ($UID > 0)
|
||||
$SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
|
||||
else
|
||||
$SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
|
||||
|
||||
$Erg = sql_select($SQL);
|
||||
|
||||
if (count($Erg) > 0) {
|
||||
if ($UID > 0)
|
||||
return $Erg[0]['Nick'];
|
||||
else
|
||||
return "Group-" . $Erg[0]['Name'];
|
||||
} else {
|
||||
if ($UID == -1)
|
||||
return "Guest";
|
||||
else
|
||||
return "UserID $UID not found";
|
||||
}
|
||||
}
|
||||
|
||||
function TID2Type($TID) {
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if (mysql_num_rows($Erg))
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
function ReplaceSmilies($neueckig) {
|
||||
global $url, $ENGEL_ROOT;
|
||||
|
||||
$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
|
||||
$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
|
||||
$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
|
||||
$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
|
||||
$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
|
||||
$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
|
||||
$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
|
||||
$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
|
||||
$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
|
||||
$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
|
||||
$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
|
||||
|
||||
return $neueckig;
|
||||
}
|
||||
|
||||
function GetPicturShow($UID) {
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
|
||||
$res = mysql_query($SQL, $con);
|
||||
|
||||
if (mysql_num_rows($res) == 1)
|
||||
return mysql_result($res, 0, 0);
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
function displayPictur($UID, $height = "30") {
|
||||
global $url, $ENGEL_ROOT;
|
||||
|
||||
if ($height > 0)
|
||||
return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
|
||||
else
|
||||
return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
|
||||
}
|
||||
|
||||
function displayavatar($UID, $height = "30") {
|
||||
global $con, $url, $ENGEL_ROOT;
|
||||
|
||||
if (GetPicturShow($UID) == 'Y')
|
||||
return " " . displayPictur($UID, $height);
|
||||
|
||||
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
|
||||
if (count($user) > 0)
|
||||
if ($user[0]['Avatar'] > 0)
|
||||
return '<div class="avatar">' . (" <img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
|
||||
}
|
||||
|
||||
function UIDgekommen($UID) {
|
||||
global $con;
|
||||
|
||||
$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if (mysql_num_rows($Erg))
|
||||
return mysql_result($Erg, 0);
|
||||
else
|
||||
return "0";
|
||||
}
|
||||
?>
|
@ -1,113 +1,75 @@
|
||||
<?php
|
||||
|
||||
/****************************************************************************************************/
|
||||
// INCLUDE
|
||||
/****************************************************************************************************/
|
||||
require_once('../includes/config_jabber.php');
|
||||
require_once("../includes/funktion_jabber.php");
|
||||
include("../includes/config_MessegeServer.php");
|
||||
|
||||
// Set time limit to indefinite execution
|
||||
set_time_limit( 0 );
|
||||
|
||||
/****************************************************************************************************/
|
||||
// show MODE
|
||||
/****************************************************************************************************/
|
||||
if( DEBUG)
|
||||
echo "DEBUG mode is enable\n\tjabber is disable\n\n";
|
||||
|
||||
/****************************************************************************************************/
|
||||
// INIT jabber
|
||||
/****************************************************************************************************/
|
||||
if( !DEBUG)
|
||||
{
|
||||
echo "INIT jabber\n";
|
||||
$jabber = new Jabber($server, $port, $username, $password, $resource);
|
||||
if ( !($jabber->Connect() && $jabber->SendAuth()))
|
||||
die("Couldn't connect to Jabber Server.");
|
||||
}
|
||||
|
||||
|
||||
/****************************************************************************************************/
|
||||
// INIT socked
|
||||
/****************************************************************************************************/
|
||||
echo "INIT socked\n";
|
||||
//http://de3.php.net/manual/de/function.socket-listen.php
|
||||
// Create a UDP socket
|
||||
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP) or die('Could not create socked ('.socket_strerror(socket_last_error()). ')');
|
||||
// Bind the socket to an address/port
|
||||
socket_bind($sock, SERVER_ADDRESS, SERVER_PORT) or die('Could not bind to address ('.socket_strerror(socket_last_error()). ')');
|
||||
// Setzt Nonbock Mode
|
||||
socket_set_nonblock($sock);
|
||||
|
||||
|
||||
/****************************************************************************************************/
|
||||
// Loop continuos
|
||||
/****************************************************************************************************/
|
||||
$RUNNING = TRUE;
|
||||
while( $RUNNING )
|
||||
{
|
||||
if( @socket_recvfrom($sock, $data, 65535, 0, $ip, $port))
|
||||
{
|
||||
//daten empfangen
|
||||
$data = substr($data,0, strlen($data)-1); //ENTER entfernen
|
||||
echo "\n". gmdate("Y-m-d H:i:s", time()). "\tresive from $ip:$port ". strlen($data). " byte data ($data)\n";
|
||||
PackedAnalyser( $data);
|
||||
}
|
||||
|
||||
usleep(100000); // 100ms delay keeps the doctor away
|
||||
} // end while
|
||||
|
||||
//disconnect jabber
|
||||
if( !DEBUG)
|
||||
$jabber->Disconnect();
|
||||
|
||||
// Close the master sockets
|
||||
socket_close($sock);
|
||||
|
||||
/****************************************************************************************************/
|
||||
/****************************************** MAIN END ************************************************/
|
||||
/****************************************************************************************************/
|
||||
|
||||
|
||||
/****************************************************************************************************/
|
||||
//***** function PackedAnalyser
|
||||
/****************************************************************************************************/
|
||||
function PackedAnalyser( $data )
|
||||
{
|
||||
GLOBAL $jabber, $RUNNING;
|
||||
// init array
|
||||
$matches = array();
|
||||
|
||||
//#message
|
||||
if( preg_match( "/^#(message) ([^ ]+) (.+)/i", $data, $matches ) )
|
||||
{
|
||||
if( $matches[2]=="" || $matches[3]=="")
|
||||
{
|
||||
// Wrong syntax
|
||||
echo "\t\t\t\t#messaage parameter fail\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
// Whisper
|
||||
if( !DEBUG)
|
||||
$jabber->SendMessage($value, "normal", NULL, array("body" => $message, "subject" => "Error in Pentabarf"), NULL);
|
||||
else
|
||||
echo "\t\t\t\tmessage to:\"". $matches[2]. "\" Text: \"". $matches[3]. "\"\n";
|
||||
}
|
||||
}
|
||||
elseif( preg_match( "/^#quit/i", $data, $matches ) )
|
||||
{
|
||||
if( DEBUG)
|
||||
{
|
||||
echo "\t\t\t\tSystem Shutdown\n\n";
|
||||
$RUNNING = FALSE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "\t\t\t\tcommand not found\n\n";
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
<?php
|
||||
require_once "../includes/config_jabber.php";
|
||||
require_once "../includes/funktion_jabber.php";
|
||||
include "../includes/config_MessegeServer.php";
|
||||
|
||||
// Set time limit to indefinite execution
|
||||
set_time_limit(0);
|
||||
|
||||
if(DEBUG)
|
||||
echo "DEBUG mode is enable\n\tjabber is disable\n\n";
|
||||
|
||||
if(!DEBUG) {
|
||||
echo "INIT jabber\n";
|
||||
$jabber = new Jabber($server, $port, $username, $password, $resource);
|
||||
|
||||
if(!($jabber->Connect() && $jabber->SendAuth()))
|
||||
die("Couldn't connect to Jabber Server.");
|
||||
}
|
||||
|
||||
echo "INIT socked\n";
|
||||
|
||||
// Create a UDP socket
|
||||
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP) or die('Could not create socked (' . socket_strerror(socket_last_error()) . ')');
|
||||
|
||||
// Bind the socket to an address/port
|
||||
socket_bind($sock, SERVER_ADDRESS, SERVER_PORT) or die('Could not bind to address (' . socket_strerror(socket_last_error()) . ')');
|
||||
|
||||
// Setzt Nonbock Mode
|
||||
socket_set_nonblock($sock);
|
||||
|
||||
$RUNNING = true;
|
||||
|
||||
while($RUNNING) {
|
||||
if(@socket_recvfrom($sock, $data, 65535, 0, $ip, $port)) {
|
||||
// daten empfangen
|
||||
$data = substr($data, 0, strlen($data)-1); //ENTER entfernen
|
||||
echo "\n". gmdate("Y-m-d H:i:s", time()). "\tresive from $ip:$port ". strlen($data). " byte data ($data)\n";
|
||||
PackedAnalyser( $data);
|
||||
}
|
||||
|
||||
usleep(100000); // 100ms delay keeps the doctor away
|
||||
} // end while
|
||||
|
||||
// disconnect jabber
|
||||
if(!DEBUG)
|
||||
$jabber->Disconnect();
|
||||
|
||||
// Close the master sockets
|
||||
socket_close($sock);
|
||||
|
||||
function PackedAnalyser($data) {
|
||||
global $jabber, $RUNNING;
|
||||
// init array
|
||||
$matches = array();
|
||||
|
||||
//#message
|
||||
if(preg_match("/^#(message) ([^ ]+) (.+)/i", $data, $matches)) {
|
||||
if($matches[2]=="" || $matches[3]=="")
|
||||
echo "\t\t\t\t#messaage parameter fail\n";
|
||||
else {
|
||||
// Whisper
|
||||
if(!DEBUG)
|
||||
$jabber->SendMessage($value, "normal", NULL, array("body" => $message, "subject" => "Error in Pentabarf"), NULL);
|
||||
else
|
||||
echo "\t\t\t\tmessage to:\"". $matches[2]. "\" Text: \"". $matches[3]. "\"\n";
|
||||
}
|
||||
} elseif(preg_match("/^#quit/i", $data, $matches)) {
|
||||
if(DEBUG) {
|
||||
echo "\t\t\t\tSystem Shutdown\n\n";
|
||||
$RUNNING = false;
|
||||
}
|
||||
} else
|
||||
echo "\t\t\t\tcommand not found\n\n";
|
||||
}
|
||||
?>
|
||||
|
@ -0,0 +1,41 @@
|
||||
Angel types:
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
Name
|
||||
</th>
|
||||
<th>
|
||||
Man
|
||||
</th>
|
||||
<th>
|
||||
Action
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%table%
|
||||
</tbody>
|
||||
</table>
|
||||
<hr />
|
||||
<h2>Create new Angel type:</h2>
|
||||
<form action="%link%&action=create" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Name
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="name" value="" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Man
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="man" value="" />
|
||||
</td>
|
||||
</tr>
|
||||
</table><input type="submit" name="submit" value="Create" />
|
||||
</form>
|
@ -0,0 +1,24 @@
|
||||
Edit angel type:
|
||||
<form action="%link%&action=save" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Name
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="name" value="%name%" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Man
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="man" value="%man%" />
|
||||
</td>
|
||||
</tr>
|
||||
</table><input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Save" />
|
||||
</form>
|
||||
<form action="%link%&action=delete" method="post">
|
||||
<input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Delete" />
|
||||
</form>
|
@ -0,0 +1,56 @@
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
Deutsch
|
||||
</th>
|
||||
<th>
|
||||
English
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%faqs%
|
||||
</tbody>
|
||||
</table>
|
||||
<hr/>Create new FAQ:
|
||||
<form action="%link%&action=create" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Frage
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="frage"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Antwort
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="antwort"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Question
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="question"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Answer
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="answer"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="submit" name="submit" value="Create" />
|
||||
</form>
|
@ -0,0 +1,41 @@
|
||||
Edit FAQ:
|
||||
<form action="%link%&action=save" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Frage
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="frage">%frage%</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Antwort
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="antwort">%antwort%</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Question
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="question">%question%</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Answer
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="answer">%answer%</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Save" />
|
||||
</form><hr/>
|
||||
<form action="%link%&action=delete" method="post">
|
||||
Delete FAQ: <input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Delete" />
|
||||
</form>
|
@ -0,0 +1,21 @@
|
||||
Hallo %nick%,
|
||||
<br/>
|
||||
hier hast du die Möglichkeit Gruppenrechte zu ändern:
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
Name
|
||||
</th>
|
||||
<th>
|
||||
Rechte
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%groups%
|
||||
</tbody>
|
||||
</table>
|
@ -0,0 +1,21 @@
|
||||
<form action="%link%&action=save" method="post">
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
<th>
|
||||
Name
|
||||
</th>
|
||||
<th>
|
||||
Description
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%privileges%
|
||||
</tbody>
|
||||
</table>
|
||||
<input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Save" />
|
||||
</form>
|
@ -0,0 +1,9 @@
|
||||
<tr>
|
||||
<td> %question_nick% </td>
|
||||
<td> %question% </td>
|
||||
<td> %answer_nick% </td>
|
||||
<td> %answer% </td>
|
||||
<td>
|
||||
<a href="%link%&action=delete&id=%question_id%">Delete</a>
|
||||
</td>
|
||||
</tr>
|
@ -0,0 +1,14 @@
|
||||
<tr>
|
||||
<td> %question_nick% </td>
|
||||
<td> %question% </td>
|
||||
<td>
|
||||
<form action="%link%&action=answer" method="post">
|
||||
<textarea name="answer"></textarea>
|
||||
<input type="hidden" name="id" value="%question_id%" />
|
||||
<input type="submit" name="submit" value="Send" />
|
||||
</form>
|
||||
</td>
|
||||
<td>
|
||||
<a href="%link%&action=delete&id=%question_id%">Delete</a>
|
||||
</td>
|
||||
</tr>
|
@ -0,0 +1,47 @@
|
||||
Not yet answered questions:
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
From
|
||||
</th>
|
||||
<th>
|
||||
Question
|
||||
</th>
|
||||
<th>
|
||||
Answer
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%open_questions%
|
||||
</tbody>
|
||||
</table>
|
||||
<hr/> Answered questions:
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
From
|
||||
</th>
|
||||
<th>
|
||||
Question
|
||||
</th>
|
||||
<th>
|
||||
From
|
||||
</th>
|
||||
<th>
|
||||
Answer
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%answered_questions%
|
||||
</tbody>
|
||||
</table>
|
@ -0,0 +1,59 @@
|
||||
Raum und dafür benötigte Engel bearbeiten:
|
||||
<br/>
|
||||
<form action="%link%&action=changesave" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Name
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="Name" value="%name%" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Man
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="Man" value="%man%" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
From Pentabarf
|
||||
</td>
|
||||
<td>
|
||||
%from_pentabarf_options%
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Show
|
||||
</td>
|
||||
<td>
|
||||
%show_options%
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Number
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="Number" value="%number%" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>
|
||||
Angle Type
|
||||
</th>
|
||||
<th>
|
||||
Needed for this room
|
||||
</th>
|
||||
</tr>
|
||||
%angel_types%
|
||||
</table>
|
||||
<input type="hidden" name="RID" value="%room_id%" /><input type="submit" value="Save" />
|
||||
</form>
|
||||
<form action="%link%&action=delete" method="post">
|
||||
<input type="hidden" name="RID" value="%room_id%" /><input type="submit" value="Delete" />
|
||||
</form>
|
@ -0,0 +1,46 @@
|
||||
Neuen Raum einrichten:
|
||||
<br/>
|
||||
<form action="%link%&action=newsave" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Name
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="Name" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Man
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="Man" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
From Pentabarf
|
||||
</td>
|
||||
<td>
|
||||
<input type="radio" name="FromPentabarf" value="Y" /> Yes <input type="radio" name="FromPentabarf" value="N" />No
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Show
|
||||
</td>
|
||||
<td>
|
||||
<input type="radio" name="Show" value="Y" /> Yes<input type="radio" name="Show" value="N" /> No
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Number
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="Number" value="" />
|
||||
</td>
|
||||
</tr>
|
||||
</table><input type="submit" value="Create" />
|
||||
</form>
|
@ -0,0 +1,12 @@
|
||||
<h2>The angelsystem has been (re)done by:</h2>
|
||||
<ul>
|
||||
<li>
|
||||
?
|
||||
</li>
|
||||
<li>
|
||||
helios
|
||||
</li>
|
||||
<li>
|
||||
msquare
|
||||
</li>
|
||||
</ul>
|
@ -0,0 +1,22 @@
|
||||
<form action="%link%" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td align="right">
|
||||
%nick%
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="user" size="23" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="right">
|
||||
%pass%
|
||||
</td>
|
||||
<td>
|
||||
<input type="password" name="password" size="23">
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br/>
|
||||
<input type="submit" name="login_submit" value="%send%">
|
||||
</form>
|
@ -0,0 +1,42 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>%title% - Engelsystem</title>
|
||||
<meta charset="UTF-8" />
|
||||
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
|
||||
<meta name="content-style-type" content="text/css" />
|
||||
<meta name="keywords" content="Engel, Himmelsverwaltung" />
|
||||
<meta http-equiv="Content-Style-Type" content="text/css" />
|
||||
<meta http-equiv="expires" content="0" />
|
||||
<meta name="robots" content="index" />
|
||||
<meta name="revisit-after" content="1 days" />
|
||||
<script type="text/javascript" src="css/grossbild.js">
|
||||
</script>
|
||||
<link rel="stylesheet" type="text/css" href="css/base.css" />
|
||||
<link rel="stylesheet" type="text/css" href="css/style%theme%.css" />
|
||||
</head>
|
||||
<body class="background">
|
||||
<header>
|
||||
<a href="?" id="logo"></a>
|
||||
</header>
|
||||
<div id="body">
|
||||
<div id="menu">
|
||||
%menu%
|
||||
</div>
|
||||
<div id="content" class="container">
|
||||
<h1>%title%</h1>
|
||||
<article class="content">
|
||||
%content%
|
||||
</article>
|
||||
</div>
|
||||
</div>
|
||||
<footer>
|
||||
<p>
|
||||
© copyleft | <a href="mailto:erzengel@lists.ccc.de">Contact</a>
|
||||
| <a href="?p=credits">Credits</a>
|
||||
<br/>
|
||||
This is hell. Temporarily.
|
||||
</p>
|
||||
</footer>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,50 @@
|
||||
%greeting%
|
||||
<form action="%link%&action=send" method="post">
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
%new_label%
|
||||
</th>
|
||||
<th>
|
||||
%date_label%
|
||||
</th>
|
||||
<th>
|
||||
%from_label%
|
||||
</th>
|
||||
<th>
|
||||
%to_label%
|
||||
</th>
|
||||
<th>
|
||||
%text_label%
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%messages%
|
||||
<tr>
|
||||
<td>
|
||||
|
||||
</td>
|
||||
<td>
|
||||
%date%
|
||||
</td>
|
||||
<td>
|
||||
%from%
|
||||
</td>
|
||||
<td>
|
||||
%to_select%
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="text"></textarea>
|
||||
</td>
|
||||
<td>
|
||||
<input type="submit" name="submit" value="%submit_label%" />
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</form>
|
@ -0,0 +1,52 @@
|
||||
Not yet answered questions:
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
Question
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%open_questions%
|
||||
</tbody>
|
||||
</table>
|
||||
<hr/> Answered questions:
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>
|
||||
Question
|
||||
</th>
|
||||
<th>
|
||||
From
|
||||
</th>
|
||||
<th>
|
||||
Answer
|
||||
</th>
|
||||
<th>
|
||||
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
%answered_questions%
|
||||
</tbody>
|
||||
</table>
|
||||
<hr/>Ask an arch angel:
|
||||
<form action="%link%&action=ask" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
Question:
|
||||
</td>
|
||||
<td>
|
||||
<textarea name="question"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="submit" name="submit" value="Ask" />
|
||||
</form>
|
@ -0,0 +1,106 @@
|
||||
%greeting%
|
||||
|
||||
<hr width="100%">
|
||||
%text_user_data%
|
||||
<form action="%link%&action=setUserData" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>%label_nick%</td>
|
||||
<td><input type="text" name="nick" size="23" value="%nick%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_name%</td>
|
||||
<td><input type="text" name="name" size="23" value="%name%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_prename%</td>
|
||||
<td><input type="text" name="prename" size="23" value="%prename%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_age%</td>
|
||||
<td><input type="text" name="age" size="3" value="%age%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_tel%</td>
|
||||
<td><input type="text" name="tel" size="40" value="%tel%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_mobile%</td>
|
||||
<td><input type="text" name="mobile" size="40" value="%mobile%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_dect%</td>
|
||||
<td><input type="text" name="dect" size="4" value="%dect%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_mail%</td>
|
||||
<td><input type="text" name="mail" size="40" value="%mail%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>ICQ</td>
|
||||
<td><input type="text" name="icq" size="40" value="%icq%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>jabber</td>
|
||||
<td><input type="text" name="jabber" size="40" value="%jabber%"></td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>%label_hometown%</td>
|
||||
<td><input type="text" name="hometown" size="40" value="%hometown%"></td>
|
||||
</tr>
|
||||
%tshirts%
|
||||
</table>
|
||||
<input type="submit" value="%label_save%">
|
||||
</form>
|
||||
|
||||
<hr />
|
||||
|
||||
%text_password%
|
||||
<form action="%link%&action=set" method="post">
|
||||
<table>
|
||||
<tr><td>%current_pw_label%</td><td><input type="password" name="current_pw" size="20"></td></tr>
|
||||
<tr><td>%new_pw_label%</td><td><input type="password" name="new_pw" size="20"></td></tr>
|
||||
<tr><td>%new_pw2_label%</td><td><input type="password" name="new_pw2" size="20"></td></tr>
|
||||
</table>
|
||||
<input type="submit" value="%label_save%">
|
||||
</form>
|
||||
|
||||
<hr />
|
||||
|
||||
%text_theme%
|
||||
<form action="%link%&action=colour" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>%theme_label%</td>
|
||||
<td>
|
||||
%theme_select%
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="submit" value="%label_save%">
|
||||
</form>
|
||||
|
||||
<hr />
|
||||
|
||||
%text_language%
|
||||
<form action="%link%&action=sprache" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>%language_label%</td>
|
||||
<td>
|
||||
%language_select%
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="submit" value="%label_save%">
|
||||
</form>
|
@ -0,0 +1,4 @@
|
||||
<tr>
|
||||
<td>%label_size%</td>
|
||||
<td>%size_select%</td>
|
||||
</tr>
|
@ -0,0 +1,18 @@
|
||||
<form action="%wakeup_link%&action=create" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td align="right"> %date_text%: </td>
|
||||
<td><input type="text" name="Date" value="%date_value%"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="right"> %place_text% </td>
|
||||
<td><input type="text" name="Ort" value=""></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="right"> %comment_text% </td>
|
||||
<td><textarea name="Bemerkung" rows="5" cols="40">
|
||||
%comment_value%</textarea></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="submit" name="submit" value="%submit_text%" />
|
||||
</form>
|
@ -1,58 +1,56 @@
|
||||
<?PHP
|
||||
<?php
|
||||
// Momentan keine Avatar-Funktionen
|
||||
die();
|
||||
|
||||
include ("../includes/config.php");
|
||||
include ("../includes/error_handler.php");
|
||||
include ("../includes/config_db.php");
|
||||
if( !isset($_SESSION)) session_start();
|
||||
include ("../includes/secure.php");
|
||||
require_once ('bootstrap.php');
|
||||
|
||||
include "config/config.php";
|
||||
include "includes/error_handler.php";
|
||||
include "config/config_db.php";
|
||||
|
||||
if (!isset ($_SESSION))
|
||||
session_start();
|
||||
|
||||
include "includes/secure.php";
|
||||
|
||||
// Parameter check
|
||||
if( !isset($_GET["UID"]) )
|
||||
$_GET["UID"]= "-1";
|
||||
|
||||
$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='". $_GET["UID"]. "'";
|
||||
$res = mysql_query( $SQL, $con);
|
||||
|
||||
if( mysql_num_rows($res) == 1)
|
||||
{
|
||||
//genügend rechte
|
||||
if( !isset($_SESSION['UID']) || $_SESSION['UID'] == -1)
|
||||
{
|
||||
header( "HTTP/1.0 403 Forbidden");
|
||||
die( "403 Forbidden");
|
||||
if (!isset ($_GET["UID"]))
|
||||
$_GET["UID"] = "-1";
|
||||
|
||||
$SQL = "SELECT * FROM `UserPicture` WHERE `UID`='" . $_GET["UID"] . "'";
|
||||
$res = mysql_query($SQL, $con);
|
||||
|
||||
if (mysql_num_rows($res) == 1) {
|
||||
// genuegend rechte
|
||||
if (!isset ($_SESSION['UID']) || $_SESSION['UID'] == -1) {
|
||||
header("HTTP/1.0 403 Forbidden");
|
||||
die("403 Forbidden");
|
||||
}
|
||||
|
||||
|
||||
// ist das bild sichtbar?
|
||||
if( (mysql_result($res, 0, "show")=="N") AND
|
||||
($_SESSION['UID']!=$_GET["UID"]) AND
|
||||
($_SESSION['CVS'][ "admin/UserPicture.php" ] == "N"))
|
||||
{
|
||||
$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='-1'";
|
||||
$res = mysql_query( $SQL, $con);
|
||||
if( mysql_num_rows($res) != 1)
|
||||
{
|
||||
header( 'HTTP/1.0 404 Not Found');
|
||||
die( "404 Not Found");
|
||||
if ((mysql_result($res, 0, "show") == "N") AND ($_SESSION['UID'] != $_GET["UID"]) AND ($_SESSION['CVS']["admin/UserPicture.php"] == "N")) {
|
||||
$SQL = "SELECT * FROM `UserPicture` WHERE `UID`='-1'";
|
||||
$res = mysql_query($SQL, $con);
|
||||
|
||||
if (mysql_num_rows($res) != 1) {
|
||||
header("HTTP/1.0 404 Not Found");
|
||||
die("404 Not Found");
|
||||
}
|
||||
}
|
||||
|
||||
/// bild aus db auslesen
|
||||
// bild aus db auslesen
|
||||
$bild = mysql_result($res, 0, "Bild");
|
||||
|
||||
|
||||
// ausgabe bild
|
||||
header( "Accept-Ranges: bytes");
|
||||
header( "Content-Length: ". strlen($bild));
|
||||
header( "Content-type: ". mysql_result($res, 0, "ContentType"));
|
||||
header( "Cache-control: public");
|
||||
header( "Cache-request-directive: min-fresh = 120");
|
||||
header( "Cache-request-directive: max-age = 360");
|
||||
header("Accept-Ranges: bytes");
|
||||
header("Content-Length: " . strlen($bild));
|
||||
header("Content-type: " . mysql_result($res, 0, "ContentType"));
|
||||
header("Cache-control: public");
|
||||
header("Cache-request-directive: min-fresh = 120");
|
||||
header("Cache-request-directive: max-age = 360");
|
||||
echo $bild;
|
||||
} else {
|
||||
header("HTTP/1.0 404 Not Found");
|
||||
die("404 Not Found");
|
||||
}
|
||||
else
|
||||
{
|
||||
header( 'HTTP/1.0 404 Not Found');
|
||||
die( "404 Not Found");
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -1,191 +0,0 @@
|
||||
<?php
|
||||
$title = "Räume";
|
||||
$header = "Verwaltung der Räume";
|
||||
include ("../../includes/header.php");
|
||||
include("../../includes/funktion_db.php");
|
||||
|
||||
function runSQL( $SQL)
|
||||
{
|
||||
global $con;
|
||||
// hier muesste das SQL ausgefuehrt werden...
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
if ($Erg)
|
||||
{
|
||||
echo "Änderung wurde gesichert...<br>";
|
||||
echo "[$SQL]<br>";
|
||||
return 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "Fehler beim speichern... bitte noch ein mal probieren :)";
|
||||
echo "<br><br>".mysql_error( $con ). "<br>";
|
||||
echo "[$SQL]<br>";
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
function runSQL_log( $SQL, $commed)
|
||||
{
|
||||
global $con;
|
||||
// hier muesste das SQL ausgefuehrt werden...
|
||||
$Erg = db_query($SQL, $commed);
|
||||
if ($Erg)
|
||||
{
|
||||
echo "Änderung wurde gesichert...<br>";
|
||||
echo "[$SQL]<br>";
|
||||
return 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "Fehler beim speichern... bitte noch ein mal probieren :)";
|
||||
echo "<br><br>".mysql_error( $con ). "<br>";
|
||||
echo "[$SQL]<br>";
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
$Sql = "SELECT * FROM `EngelType` ORDER BY `NAME`";
|
||||
$Erg = mysql_query($Sql, $con);
|
||||
|
||||
if( !IsSet($_GET["action"]) )
|
||||
{
|
||||
echo "Hallo ".$_SESSION['Nick'].
|
||||
",<br>\nhier hast du die Möglichkeit, neue Engeltypen für die Schichtpläne einzutragen ".
|
||||
"oder vorhandene abzuändern:<br><br>\n";
|
||||
|
||||
echo "<a href=\"./EngelType.php?action=new\">- Neuen EngelType eintragen</a><br>\n";
|
||||
|
||||
echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||
echo "<tr class=\"contenttopic\">\n";
|
||||
|
||||
for( $i = 1; $i < mysql_num_fields($Erg); $i++ )
|
||||
{
|
||||
echo "\t<td>". mysql_field_name($Erg, $i). "</td>";
|
||||
}
|
||||
echo "\t<td>Ändern</td>";
|
||||
echo "</tr>";
|
||||
|
||||
for( $t = 0; $t < mysql_num_rows($Erg); $t++ )
|
||||
{
|
||||
echo "\t<tr class=\"content\">\n";
|
||||
for ($j = 1; $j < mysql_num_fields($Erg); $j++)
|
||||
{
|
||||
echo "\t\t<td>".mysql_result($Erg, $t, $j)."</td>\n";
|
||||
}
|
||||
echo "\t\t<td><a href=\"./EngelType.php?action=change&TID=".mysql_result($Erg, $t, "TID")."\">###</a></td>\n";
|
||||
echo "\t</tr>\n";
|
||||
} // ende Auflistung Raeume
|
||||
echo "</table>";
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
switch ($_GET["action"]) {
|
||||
|
||||
case 'new':
|
||||
echo "Neuen EngelType einrichten: <br>";
|
||||
echo "<form action=\"./EngelType.php\" method=\"GET\">\n";
|
||||
echo "<table>\n";
|
||||
|
||||
for( $Uj = 1; $Uj < mysql_num_fields($Erg); $Uj++ )
|
||||
{
|
||||
echo "<td>".mysql_field_name($Erg, $Uj)."</td>".
|
||||
"<td><input type=\"text\" size=\"40\" name=\"".mysql_field_name($Erg, $Uj)."\"></td></tr>\n";
|
||||
}
|
||||
echo "</table>\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"newsave\">\n";
|
||||
echo "<input type=\"submit\" value=\"sichern...\">\n";
|
||||
echo "</form>";
|
||||
break;
|
||||
|
||||
case 'newsave':
|
||||
$vars = $_GET;
|
||||
$count = count($vars) - 1;
|
||||
$vars = array_splice($vars, 0, $count);
|
||||
$Keys="";
|
||||
$Values="";
|
||||
foreach($vars as $key => $value){
|
||||
$Keys .= ", `$key`";
|
||||
$Values .= ", '$value'";
|
||||
}
|
||||
|
||||
if( runSQL_log( "INSERT INTO `EngelType` (". substr($Keys, 2). ") VALUES (". substr($Values, 2). ")",
|
||||
"save new EngelType") )
|
||||
{
|
||||
SetHeaderGo2Back();
|
||||
|
||||
$SQL2 = "SELECT * FROM `EngelType` WHERE `Name`='". $_GET["Name"]. "'";
|
||||
$ERG = mysql_query($SQL2, $con);
|
||||
|
||||
if( mysql_num_rows($ERG) == 1)
|
||||
runSQL_log( "ALTER TABLE `Room` ADD `DEFAULT_EID_". mysql_result( $ERG, 0, 0).
|
||||
"` INT DEFAULT '0' NOT NULL;",
|
||||
"add new EngelType in Romm Table");
|
||||
}
|
||||
break;
|
||||
|
||||
case 'change':
|
||||
if (! IsSet($_GET["TID"]))
|
||||
echo "Fehlerhafter Aufruf!";
|
||||
else
|
||||
{
|
||||
echo "Raum abändern:\n";
|
||||
echo "Hier kannst du eintragen, den EngelType ändern.";
|
||||
echo "<form action=\"./EngelType.php\" method=\"GET\">\n";
|
||||
echo "<table>\n";
|
||||
|
||||
$SQL2 = "SELECT * FROM `EngelType` WHERE `TID`='". $_GET["TID"]. "'";
|
||||
$ERG = mysql_query($SQL2, $con);
|
||||
|
||||
for ($Uj = 1; $Uj < mysql_num_fields($ERG); $Uj++)
|
||||
echo "<tr><td>". mysql_field_name($ERG, $Uj). "</td>".
|
||||
"<td><input type=\"text\" size=\"40\" name=\"e". mysql_field_name($ERG, $Uj). "\" ".
|
||||
"value=\"". mysql_result($ERG, 0, $Uj). "\"></td></tr>\n";
|
||||
|
||||
echo "</table>\n";
|
||||
echo "<input type=\"hidden\" name=\"eTID\" value=\"". $_GET["TID"]. "\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"changesave\">\n";
|
||||
echo "<input type=\"submit\" value=\"sichern...\">\n";
|
||||
echo "</form>";
|
||||
echo "<form action=\"./EngelType.php\" method=\"GET\">\n";
|
||||
echo "<input type=\"hidden\" name=\"TID\" value=\"". $_GET["TID"]. "\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"delete\">\n";
|
||||
echo "<input type=\"submit\" value=\"Löschen...\">";
|
||||
echo "</form>";
|
||||
}
|
||||
break;
|
||||
|
||||
case 'changesave':
|
||||
$vars = $_GET;
|
||||
$count = count($vars) - 2;
|
||||
$vars = array_splice($vars, 0, $count);
|
||||
$keys="";
|
||||
$sql="";
|
||||
foreach($vars as $key => $value)
|
||||
{
|
||||
$keys = substr( $key, 1);
|
||||
$sql .= ", `". $keys. "`='". $value. "'";
|
||||
}
|
||||
runSQL_log( "UPDATE `EngelType` SET ". substr($sql, 2). " WHERE `TID`='". $_GET["eTID"]. "'",
|
||||
"Save Change EngelType");
|
||||
SetHeaderGo2Back();
|
||||
break;
|
||||
|
||||
case 'delete':
|
||||
if (IsSet($_GET["TID"]))
|
||||
{
|
||||
if( runSQL_log( "DELETE FROM `EngelType` WHERE `TID`='". $_GET["TID"]. "'", "delete EngelType"))
|
||||
runSQL_log( "ALTER TABLE `Room` DROP `DEFAULT_EID_". $_GET["TID"]. "`;",
|
||||
"delete EngelType in Room Table");
|
||||
}
|
||||
else
|
||||
echo "Fehlerhafter Aufruf";
|
||||
SetHeaderGo2Back();
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
include ("../../includes/footer.php");
|
||||
?>
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue