merge special_includes_camp
commit
3a31cebd1d
File diff suppressed because one or more lines are too long
@ -0,0 +1,6 @@
|
|||||||
|
config_db.php
|
||||||
|
config_jabber.php
|
||||||
|
config_modem.php
|
||||||
|
config.php
|
||||||
|
config_IAX.php
|
||||||
|
config_MessegeServer.php
|
@ -1,6 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
include("funktion_db.php");
|
|
||||||
|
|
||||||
$con = mysql_connect("localhost", "root", "changeme") or die ("connection failed");
|
|
||||||
$sel = mysql_select_db("tabel") or die (mysql_error());
|
// MySQL-Connection Settings
|
||||||
|
$config['host'] = "localhost";
|
||||||
|
$config['user'] = "root";
|
||||||
|
$config['pw'] = "";
|
||||||
|
$config['db'] = "engelsystem";
|
||||||
?>
|
?>
|
||||||
|
@ -1,11 +1,10 @@
|
|||||||
<?PHP
|
<?php
|
||||||
|
|
||||||
// ist ein modem angeschlossen
|
// ist ein modem angeschlossen
|
||||||
$ModemEnable = false;
|
$ModemEnable = false;
|
||||||
|
|
||||||
// COM port
|
// COM port
|
||||||
$ModemDev ="/dev/ttyS0";
|
$ModemDev ="/dev/ttyS0";
|
||||||
|
|
||||||
// vorwahl, bei tnovis telefonanlage für das programmieren von weckrufen
|
// vorwahl, bei tnovis telefonanlage fuer das programmieren von weckrufen
|
||||||
$WackupNumber="**3";
|
$WakeupNumber="**3";
|
||||||
?>
|
?>
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -1,102 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
if( !isset($_SESSION['UID']))
|
|
||||||
$_SESSION['UID'] = -1;
|
|
||||||
|
|
||||||
// CVS import Data
|
|
||||||
$SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['UID'];
|
|
||||||
$Erg_CVS = mysql_query($SQL_CVS, $con);
|
|
||||||
$_SESSION['CVS'] = mysql_fetch_array($Erg_CVS);
|
|
||||||
|
|
||||||
|
|
||||||
// Group import Data, if nesseary
|
|
||||||
if( isset( $_SESSION['CVS'][ "GroupID" ]))
|
|
||||||
{
|
|
||||||
$SQL_GRP = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['CVS'][ "GroupID" ];
|
|
||||||
$Erg_GRP = mysql_query($SQL_GRP, $con);
|
|
||||||
$_SESSION['CVS_Group'] = mysql_fetch_array($Erg_GRP);
|
|
||||||
|
|
||||||
foreach( $_SESSION['CVS'] as $k => $v)
|
|
||||||
{
|
|
||||||
if($v=="G") // Right == Group
|
|
||||||
$_SESSION['CVS'][$k] = $_SESSION['CVS_Group'][$k];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
//pagename ermitteln
|
|
||||||
$Page["Name"] = substr( $_SERVER['PHP_SELF'], strlen($ENGEL_ROOT) );
|
|
||||||
|
|
||||||
//recht für diese seite auslesen
|
|
||||||
if( isset( $_SESSION['CVS'][ $Page["Name"] ]))
|
|
||||||
$Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ];
|
|
||||||
else
|
|
||||||
{
|
|
||||||
echo "SYSTEM ERROR: now right for ". $Page["Name"]. "exist";
|
|
||||||
die;
|
|
||||||
}
|
|
||||||
|
|
||||||
if( $DEBUG )
|
|
||||||
{
|
|
||||||
// foreach( $_SESSION as $k => $v)
|
|
||||||
// echo "$k = $v<br>\n";
|
|
||||||
echo "<pre>\$_SESSION:\n";
|
|
||||||
print_r($_SESSION);
|
|
||||||
echo "</pre>";
|
|
||||||
|
|
||||||
if( strlen($Page["CVS"]) == 0 )
|
|
||||||
echo "<h1><u> CVS ERROR, on page '". $Page["Name"]. "'</u></h1>";
|
|
||||||
else
|
|
||||||
echo "CVS: ". $Page["Name"]. " => '". $Page["CVS"]. "'<br>";
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
function funktion_isLinkAllowed( $PageName)
|
|
||||||
{
|
|
||||||
global $_SESSION;
|
|
||||||
|
|
||||||
// separate page parameter
|
|
||||||
$ParameterPos = strpos( $PageName, ".php?");
|
|
||||||
if( $ParameterPos === FALSE)
|
|
||||||
{
|
|
||||||
$pName = $PageName;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$pName = substr( $PageName, 0, $ParameterPos + 4);
|
|
||||||
}
|
|
||||||
|
|
||||||
// check rights
|
|
||||||
if( (isset( $_SESSION['CVS'][ $pName ]) === TRUE) &&
|
|
||||||
($_SESSION['CVS'][ $pName ] == "Y") )
|
|
||||||
{
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
function funktion_isLinkAllowed_addLink_OrLinkText( $PageName, $LinkText)
|
|
||||||
{
|
|
||||||
global $url, $ENGEL_ROOT;
|
|
||||||
|
|
||||||
if( funktion_isLinkAllowed( $PageName) === TRUE)
|
|
||||||
{
|
|
||||||
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
|
|
||||||
}
|
|
||||||
|
|
||||||
return $LinkText;
|
|
||||||
}
|
|
||||||
|
|
||||||
function funktion_isLinkAllowed_addLink_OrEmpty( $PageName, $LinkText)
|
|
||||||
{
|
|
||||||
global $url, $ENGEL_ROOT;
|
|
||||||
|
|
||||||
if( funktion_isLinkAllowed( $PageName) === TRUE)
|
|
||||||
{
|
|
||||||
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
|
|
||||||
}
|
|
||||||
|
|
||||||
return "";
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,8 +0,0 @@
|
|||||||
<?
|
|
||||||
// Set the ip and port we will listen on
|
|
||||||
define( SERVER_ADDRESS, "127.0.0.1" );
|
|
||||||
define( SERVER_PORT, 9000 );
|
|
||||||
|
|
||||||
define( DEBUG, TRUE);
|
|
||||||
|
|
||||||
?>
|
|
@ -1,11 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
//ist ein modem angeschlossen
|
|
||||||
$ModemEnable = false;
|
|
||||||
|
|
||||||
// COM port
|
|
||||||
$ModemDev="/dev/ttyS0";
|
|
||||||
|
|
||||||
// vorwahl, bei tnovis telefonanlage für das programmieren von weckrufen
|
|
||||||
$WackupNumber="**3";
|
|
||||||
?>
|
|
@ -1,18 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
function PassCrypt($passwort) {
|
|
||||||
include "config.php";
|
|
||||||
|
|
||||||
switch ($crypt_system) {
|
|
||||||
case "crypt":
|
|
||||||
return "{crypt}".crypt($passwort, "77");
|
|
||||||
case "md5":
|
|
||||||
return md5($passwort);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
?>
|
|
@ -1,57 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!-- anfang des footers //-->
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<br>
|
|
||||||
<p align="center">
|
|
||||||
<?PHP If (IsSet($_SESSION['oldurl']))
|
|
||||||
echo "<a href=\"". $_SESSION["oldurl"]. "\">".Get_Text("back")."</a> ";
|
|
||||||
?>
|
|
||||||
<a href="#top"><?PHP echo Get_Text("top"); ?></a>
|
|
||||||
</p>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table>
|
|
||||||
</td>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!-- anfang des menue parts //-->
|
|
||||||
<?PHP
|
|
||||||
if( $_SESSION['Menu'] =="R") include("menu.php");
|
|
||||||
?>
|
|
||||||
</td>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!-- ende des menue parts //-->
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</tr>
|
|
||||||
<tr>
|
|
||||||
<td colspan="2">
|
|
||||||
<h5 align="center"> © copyleft - <a href="mailto:erzengel@lists.ccc.de">Kontakt</a>
|
|
||||||
<?PHP
|
|
||||||
include( "funktion_counter.php");
|
|
||||||
include( "funktion_flag.php");
|
|
||||||
?></h5>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table>
|
|
||||||
|
|
||||||
<!-- </div> -->
|
|
||||||
<?php mysql_close($con); ?>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
|
|
||||||
</BODY>
|
|
||||||
</HTML>
|
|
@ -1,18 +1,14 @@
|
|||||||
<?php
|
<?php
|
||||||
|
function SendData($Data) {
|
||||||
|
include "config_MessegeServer.php";
|
||||||
function SendData($Data)
|
|
||||||
{
|
|
||||||
include("config_MessegeServer.php");
|
|
||||||
// Create a UDP socket
|
// Create a UDP socket
|
||||||
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
|
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
|
||||||
|
|
||||||
//send packed
|
//send packed
|
||||||
socket_sendto($sock, $Data, 9999, 0x4, SERVER_ADDRESS, SERVER_PORT);
|
socket_sendto($sock, $Data, 9999, 0x4, SERVER_ADDRESS, SERVER_PORT);
|
||||||
}
|
}
|
||||||
|
|
||||||
function SendMessageJabber($Adresse, $Nachricht)
|
function SendMessageJabber($Adresse, $Nachricht) {
|
||||||
{
|
|
||||||
SendData( "#message $Adresse $Nachricht");
|
SendData( "#message $Adresse $Nachricht");
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
@ -1,59 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
// Functionen gibt es nicht auf ellen rechern
|
|
||||||
if( !function_exists("bcdiv"))
|
|
||||||
{
|
|
||||||
function bcdiv( $param1, $param2)
|
|
||||||
{
|
|
||||||
return floor( $param1 / $param2);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if( !function_exists("bcmod"))
|
|
||||||
{
|
|
||||||
function bcmod( $param1, $param2)
|
|
||||||
{
|
|
||||||
return $param1 - ( $param2 * bcdiv( $param1, $param2));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
echo "<h4 class=\"menu\">Engel online</h4>";
|
|
||||||
|
|
||||||
$SQL = "SELECT UID, Nick, lastLogIn ".
|
|
||||||
"FROM User ".
|
|
||||||
"WHERE (`lastLogIn` > '". gmdate("YmdHis", time()-(60*60)). "' AND NOT (UID=". $_SESSION['UID']. ")) ".
|
|
||||||
"ORDER BY lastLogIn DESC;";
|
|
||||||
|
|
||||||
$Erg = mysql_query( $SQL, $con);
|
|
||||||
|
|
||||||
|
|
||||||
$Tist = (gmdate("d", time()) * 60 * 60 * 24) + // Tag
|
|
||||||
(gmdate("H", time()) * 60 * 60) + // Stunde
|
|
||||||
(gmdate("i", time()) * 60) + // Minute
|
|
||||||
(gmdate("s", time()) ); // Sekunde
|
|
||||||
|
|
||||||
for( $i=0; $i<mysql_num_rows($Erg); $i++)
|
|
||||||
{
|
|
||||||
echo "\t\t\t<li>";
|
|
||||||
if( $_SESSION['UID']>0 )
|
|
||||||
echo DisplayAvatar( mysql_result( $Erg, $i, "UID"));
|
|
||||||
// Schow Admin Page
|
|
||||||
echo funktion_isLinkAllowed_addLink_OrLinkText(
|
|
||||||
"admin/userChangeNormal.php?enterUID=". mysql_result( $Erg, $i, "UID"). "&Type=Normal",
|
|
||||||
mysql_result( $Erg, $i, "Nick"));
|
|
||||||
|
|
||||||
$Tlog = (substr( mysql_result( $Erg, $i, "lastLogIn"), 8, 2) * 60 * 60 * 24) + // Tag
|
|
||||||
(substr( mysql_result( $Erg, $i, "lastLogIn"), 11, 2) * 60 * 60) + // Stunde
|
|
||||||
(substr( mysql_result( $Erg, $i, "lastLogIn"), 14, 2) * 60) + // Minute
|
|
||||||
(substr( mysql_result( $Erg, $i, "lastLogIn"), 17, 2) ); // Sekunde
|
|
||||||
|
|
||||||
$Tlog = $Tist-$Tlog;
|
|
||||||
echo " ". bcdiv( $Tlog, 60). ":";
|
|
||||||
if( strlen(bcmod( $Tlog, 60))==1)
|
|
||||||
echo "0";
|
|
||||||
echo bcmod( $Tlog, 60);
|
|
||||||
echo "</li>\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,24 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
$SQL = "SELECT `Anz` FROM `Counter` WHERE `URL`=\"". $Page["Name"]. "\"";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
echo mysql_error($con);
|
|
||||||
|
|
||||||
if(mysql_num_rows($Erg)==0)
|
|
||||||
{
|
|
||||||
// echo "Counter: 1";
|
|
||||||
$SQL = "INSERT INTO `Counter` ( `URL` , `Anz` ) ".
|
|
||||||
"VALUES ('". $Page["Name"]. "', '1');";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
}
|
|
||||||
elseif(mysql_num_rows($Erg)==1)
|
|
||||||
{
|
|
||||||
// echo "Counter: ". (mysql_result($Erg, 0, 0)+1);
|
|
||||||
$SQL = "UPDATE `Counter` SET `Anz` = '". (mysql_result($Erg, 0, 0) +1). "' ".
|
|
||||||
"WHERE `URL` = '". $Page["Name"]. "' LIMIT 1 ;";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
?>
|
|
@ -1,12 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
function noAnswer() {
|
|
||||||
global $con;
|
|
||||||
|
|
||||||
$SQL = "SELECT UID FROM Questions WHERE `AID`='0'";
|
|
||||||
$Res=mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
return mysql_num_rows($Res);
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,12 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
echo "<br>";
|
|
||||||
|
|
||||||
if( strpos( $_SERVER["REQUEST_URI"], "?") >0)
|
|
||||||
$URL = $_SERVER["REQUEST_URI"]. "&SetLanguage=";
|
|
||||||
else
|
|
||||||
$URL = $_SERVER["REQUEST_URI"]. "?SetLanguage=";
|
|
||||||
|
|
||||||
echo "<a href=\"". $URL. "DE\"><img src=\"". $url. $ENGEL_ROOT. "pic/flag/de.gif\" alt=\"DE\"></a> ";
|
|
||||||
echo "<a href=\"". $URL. "EN\"><img src=\"". $url. $ENGEL_ROOT. "pic/flag/en.gif\" alt=\"EN\"></a> ";
|
|
||||||
|
|
||||||
?>
|
|
@ -1,35 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
|
|
||||||
function Get_Text ($TextID, $NoError=FALSE)
|
|
||||||
{
|
|
||||||
GLOBAL $con, $error_messages, $DEBUG;
|
|
||||||
|
|
||||||
if( !isset($_SESSION['Sprache']))
|
|
||||||
$_SESSION['Sprache'] = "EN";
|
|
||||||
if( $_SESSION['Sprache']=="")
|
|
||||||
$_SESSION['Sprache']="EN";
|
|
||||||
if( isset($_GET["SetLanguage"]))
|
|
||||||
$_SESSION['Sprache']= $_GET["SetLanguage"];
|
|
||||||
|
|
||||||
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='".$_SESSION['Sprache']."'";
|
|
||||||
@$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
if( mysql_num_rows( $Erg) == 1)
|
|
||||||
return (@mysql_result($Erg, 0, "Text"));
|
|
||||||
elseif( $NoError && !$DEBUG)
|
|
||||||
return "";
|
|
||||||
else
|
|
||||||
{
|
|
||||||
array_push($error_messages, "Get_Text, '$TextID' found ". mysql_num_rows( $Erg). "x in Sprache Database Table for Language (".$_SESSION['Sprache'].")\n");
|
|
||||||
return "Error Data, '$TextID' found ". mysql_num_rows( $Erg). "x";
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
function Print_Text ($TextID, $NoError=FALSE)
|
|
||||||
{
|
|
||||||
echo Get_Text ($TextID, $NoError);
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,44 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
function ShowMenu( $MenuName)
|
|
||||||
{
|
|
||||||
global $MenueTableStart, $MenueTableEnd, $_SESSION, $DEBUG, $url, $ENGEL_ROOT;
|
|
||||||
$Gefunden=FALSE;
|
|
||||||
|
|
||||||
//Überschift
|
|
||||||
$Text = "<h4 class=\"menu\">". Get_Text("$MenuName/"). "</h4>";
|
|
||||||
|
|
||||||
//einträge
|
|
||||||
foreach( $_SESSION['CVS'] as $Key => $Entry )
|
|
||||||
if( strpos( $Key, ".php") > 0)
|
|
||||||
if( (strpos( "00$Key", "0$MenuName") > 0) ||
|
|
||||||
((strlen($MenuName)==0) && (strpos( "0$Key", "/") == 0) ) )
|
|
||||||
{
|
|
||||||
$TempName = Get_Text($Key, TRUE);
|
|
||||||
if(( TRUE||$DEBUG) && (strlen($TempName)==0) )
|
|
||||||
$TempName = "not found: \"$Key\"";
|
|
||||||
|
|
||||||
if( $Entry == "Y")
|
|
||||||
{
|
|
||||||
//zum absichtlkichen ausblenden von einträgen
|
|
||||||
if( strlen($TempName)>1)
|
|
||||||
{
|
|
||||||
//sonderfälle:
|
|
||||||
if( $Key=="admin/faq.php")
|
|
||||||
$TempName .= " (". noAnswer(). ")";
|
|
||||||
//ausgabe
|
|
||||||
$Text .= "\t\t\t<li><a href=\"". $url. $ENGEL_ROOT. $Key. "\">$TempName</a></li>\n";
|
|
||||||
$Gefunden = TRUE;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
elseif( $DEBUG )
|
|
||||||
{
|
|
||||||
$Gefunden = TRUE;
|
|
||||||
$Text .= "\t\t\t<li>$TempName ($Key)</li>\n";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if( $Gefunden)
|
|
||||||
echo $MenueTableStart.$Text.$MenueTableEnd;
|
|
||||||
}//function ShowMenue
|
|
||||||
|
|
||||||
?>
|
|
@ -1,389 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
/*#######################################################
|
|
||||||
# gibt die engelschischten aus #
|
|
||||||
#######################################################*/
|
|
||||||
function ausgabe_Feld_Inhalt( $SID, $Man )
|
|
||||||
{
|
|
||||||
// gibt, nach übergabe der der SchichtID (SID) und der RaumBeschreibung,
|
|
||||||
// die eingetragenden und und offenden Schichteintäge zurück
|
|
||||||
global $EngelType, $EngelTypeID, $TID2Name, $con, $DEBUG, $gmdateOffset;
|
|
||||||
|
|
||||||
$Spalten = "";
|
|
||||||
|
|
||||||
if( !isset($_GET["Icon"]))
|
|
||||||
$_GET["Icon"]=1;
|
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
// Schow Admin Page
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
$Spalten.=funktion_isLinkAllowed_addLink_OrEmpty(
|
|
||||||
"admin/schichtplan.php?action=change&SID=$SID",
|
|
||||||
"edit<br>\n\t\t");
|
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
// Ausgabe des Schischtnamens
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
$SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
if( mysql_result($Erg, 0, 0) != "")
|
|
||||||
$Spalten.="<a href=\"". mysql_result($Erg, 0, 0). "\" target=\"_black\"><u>$Man:</u></a><br>";
|
|
||||||
else
|
|
||||||
$Spalten.="<u>".$Man.":</u><br>";
|
|
||||||
|
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
// SQL abfrage für die benötigten schichten
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
$SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '$SID') ORDER BY `TID`, `UID` DESC ;";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
$Anzahl = mysql_num_rows($Erg);
|
|
||||||
$Feld=0;
|
|
||||||
$Temp_TID_old=-1;
|
|
||||||
for( $i = 0; $i < $Anzahl; $i++ )
|
|
||||||
{
|
|
||||||
if( isset($Temp[$Feld]["TID"]))
|
|
||||||
$Temp_TID_old = $Temp[$Feld]["TID"];
|
|
||||||
if( isset($Temp[$Feld]["UID"]))
|
|
||||||
$Temp_UID_old = $Temp[$Feld]["UID"];
|
|
||||||
|
|
||||||
$Temp_TID = mysql_result($Erg, $i, "TID");
|
|
||||||
|
|
||||||
// wenn sich der Type ändert wird zumnästen feld geweckselt
|
|
||||||
if( $Temp_TID_old != $Temp_TID )
|
|
||||||
$Feld++;
|
|
||||||
|
|
||||||
$Temp[$Feld]["TID"] = $Temp_TID;
|
|
||||||
$Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID");
|
|
||||||
|
|
||||||
// sonderfall ersten durchlauf
|
|
||||||
if( $i == 0 )
|
|
||||||
{
|
|
||||||
$Temp_TID_old = $Temp[$Feld]["TID"];
|
|
||||||
$Temp_UID_old = $Temp[$Feld]["UID"];
|
|
||||||
}
|
|
||||||
|
|
||||||
// ist es eine zu vergeben schicht?
|
|
||||||
if( $Temp[$Feld]["UID"] == 0 )
|
|
||||||
{
|
|
||||||
if( isset($Temp[$Feld]["free"]))
|
|
||||||
$Temp[$Feld]["free"]++;
|
|
||||||
else
|
|
||||||
$Temp[$Feld]["free"]=1;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
$Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"];
|
|
||||||
} // FOR
|
|
||||||
|
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
// Aus gabe der Schicht
|
|
||||||
///////////////////////////////////////////////////////////////////
|
|
||||||
if( isset($Temp))
|
|
||||||
if( count($Temp) )
|
|
||||||
foreach( $Temp as $TempEntry => $TempValue )
|
|
||||||
{
|
|
||||||
if( !isset($TempValue["free"]))
|
|
||||||
$TempValue["free"] = 0;
|
|
||||||
|
|
||||||
// ausgabe EngelType
|
|
||||||
$Spalten.= $EngelTypeID[ $TempValue["TID"] ]. " ";
|
|
||||||
|
|
||||||
// ausgabe Eingetragener Engel
|
|
||||||
if( isset($TempValue["Engel"]))
|
|
||||||
if( count($TempValue["Engel"]) > 0 )
|
|
||||||
{
|
|
||||||
if( count($TempValue["Engel"]) == 1 )
|
|
||||||
$Spalten.= Get_Text("inc_schicht_ist"). ":<br>\n\t\t";
|
|
||||||
else
|
|
||||||
$Spalten.= Get_Text("inc_schicht_sind"). ":<br>\n\t\t";
|
|
||||||
|
|
||||||
foreach( $TempValue["Engel"] as $TempEngelEntry=> $TempEngelID )
|
|
||||||
{
|
|
||||||
if( funktion_isLinkAllowed( "admin/user.php") === TRUE)
|
|
||||||
{
|
|
||||||
// add color, wenn Engel "Gekommen"
|
|
||||||
$TempText=
|
|
||||||
((UIDgekommen( $TempEngelID ) == "1")
|
|
||||||
? "<span style=\"color: blue;\">"
|
|
||||||
: "<span style=\"color: red;\">").
|
|
||||||
UID2Nick( $TempEngelID). "</span>";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$TempText = UID2Nick( $TempEngelID );
|
|
||||||
}
|
|
||||||
|
|
||||||
// add link to user
|
|
||||||
$TempText= funktion_isLinkAllowed_addLink_OrLinkText(
|
|
||||||
"admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal",
|
|
||||||
$TempText);
|
|
||||||
|
|
||||||
$Spalten.= " ". $TempText.
|
|
||||||
( ($_GET["Icon"]==1) ? DisplayAvatar( $TempEngelID): "").
|
|
||||||
"<br>\n\t\t";
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
$Spalten = substr( $Spalten, 0, strlen($Spalten)-7 );
|
|
||||||
}
|
|
||||||
|
|
||||||
// ausgabe benötigter Engel
|
|
||||||
////////////////////////////
|
|
||||||
//in vergangenheit
|
|
||||||
$SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='$SID' AND `DateE` >= '".
|
|
||||||
gmdate("Y-m-d H:i:s", time()+ $gmdateOffset). "')";
|
|
||||||
$Ergtime = mysql_query($SQLtime, $con);
|
|
||||||
if( mysql_num_rows( $Ergtime) > 0)
|
|
||||||
{
|
|
||||||
//wenn keien rechte definiert sind
|
|
||||||
if( !isset($_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ]))
|
|
||||||
$_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ] = "Y";
|
|
||||||
|
|
||||||
if( $_SESSION['CVS'][ $TID2Name[$TempValue["TID"]] ] == "Y")
|
|
||||||
if( $TempValue["free"] > 0 )
|
|
||||||
{
|
|
||||||
$Spalten.= "<br>\n\t\t <a href=\"./schichtplan_add.php?SID=$SID&TID=".
|
|
||||||
$TempValue["TID"]."\">";
|
|
||||||
$Spalten.= $TempValue["free"];
|
|
||||||
if( $TempValue["free"] != 1 )
|
|
||||||
$Spalten.= Get_Text("inc_schicht_weitere").
|
|
||||||
" ".Get_Text("inc_schicht_Engel").
|
|
||||||
Get_Text("inc_schicht_wird");
|
|
||||||
else
|
|
||||||
$Spalten.= Get_Text("inc_schicht_weiterer").
|
|
||||||
" ".Get_Text("inc_schicht_Engel").
|
|
||||||
Get_Text("inc_schicht_werden");
|
|
||||||
$Spalten.= Get_Text("inc_schicht_noch_gesucht");
|
|
||||||
$Spalten.= "</a>";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if( isset($TempValue["free"]))
|
|
||||||
if( $TempValue["free"] > 0 )
|
|
||||||
$Spalten.= "<br>\n\t\t <h3><a>Fehlen noch: ".
|
|
||||||
$TempValue["free"]. "</a></h3>";
|
|
||||||
}
|
|
||||||
$Spalten.= "<br>\n\t\t";
|
|
||||||
|
|
||||||
} // FOREACH
|
|
||||||
return $Spalten;
|
|
||||||
} // function Ausgabe_Feld_Inhalt
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*#######################################################
|
|
||||||
# gibt die engelschischten Druckergerecht aus #
|
|
||||||
#######################################################*/
|
|
||||||
function Ausgabe_Feld_Inhalt_Druck($RID, $Man )
|
|
||||||
{
|
|
||||||
// gibt, nach übergabe der der SchichtID (SID) und der RaumBeschreibung,
|
|
||||||
// die eingetragenden und und offenden Schichteintäge zurück
|
|
||||||
|
|
||||||
|
|
||||||
} // function Ausgabe_Feld_Inhalt
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*#######################################################
|
|
||||||
# Ausgabe der Raum Spalten #
|
|
||||||
#######################################################*/
|
|
||||||
function CreateRoomShifts( $raum )
|
|
||||||
{
|
|
||||||
global $Spalten, $ausdatum, $con, $DEBUG, $GlobalZeileProStunde, $error_messages;
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////
|
|
||||||
// beginnt die erste schicht vor dem heutigen tag und geht darüber hinaus
|
|
||||||
/////////////////////////////////////////////////////////////
|
|
||||||
$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` ".
|
|
||||||
"WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 23:59:59') AND ".
|
|
||||||
"(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;";
|
|
||||||
$ErgSonder = mysql_query($SQLSonder, $con);
|
|
||||||
if( (mysql_num_rows( $ErgSonder) > 1) )
|
|
||||||
{
|
|
||||||
if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE )
|
|
||||||
{
|
|
||||||
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
|
|
||||||
for( $i=0; $i<mysql_num_rows( $ErgSonder); $i++)
|
|
||||||
{
|
|
||||||
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
|
|
||||||
mysql_result($ErgSonder, $i, "SID"). "\">".
|
|
||||||
mysql_result($ErgSonder, $i, "DateS").
|
|
||||||
" '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-24)".
|
|
||||||
"</a><br>\n\t\t";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
elseif( (mysql_num_rows( $ErgSonder) == 1) )
|
|
||||||
{
|
|
||||||
$Spalten[0].= "\t\t<td valign=\"top\" rowspan=\"". (24 * $GlobalZeileProStunde). "\">\n".
|
|
||||||
"\t\t\t<h3>↑↑↑</h3>".
|
|
||||||
Ausgabe_Feld_Inhalt( mysql_result($ErgSonder, 0, "SID"),
|
|
||||||
mysql_result($ErgSonder, 0, "Man") ).
|
|
||||||
"\t\t\t<h3>↓↓↓</h3>".
|
|
||||||
"\n\t\t</td>\n";
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$ZeitZeiger = 0;
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////
|
|
||||||
// beginnt die erste schicht vor dem heutigen tag?
|
|
||||||
/////////////////////////////////////////////////////////////
|
|
||||||
$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` ".
|
|
||||||
"WHERE ((`RID` = '$raum') AND (`DateE` > '$ausdatum 00:00:00') AND ".
|
|
||||||
"(`DateS` < '$ausdatum 00:00:00') ) ORDER BY `DateS`;";
|
|
||||||
$ErgSonder = mysql_query($SQLSonder, $con);
|
|
||||||
if( (mysql_num_rows( $ErgSonder) > 1) )
|
|
||||||
{
|
|
||||||
if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE )
|
|
||||||
{
|
|
||||||
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
|
|
||||||
for( $i=0; $i<mysql_num_rows( $ErgSonder); $i++)
|
|
||||||
{
|
|
||||||
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
|
|
||||||
mysql_result($ErgSonder, $i, "SID"). "\">".
|
|
||||||
mysql_result($ErgSonder, $i, "DateS").
|
|
||||||
" '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-xx)".
|
|
||||||
"</a><br>\n\t\t";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
elseif( (mysql_num_rows( $ErgSonder) == 1) )
|
|
||||||
{
|
|
||||||
$ZeitZeiger = substr( mysql_result($ErgSonder, 0, "DateE"), 11, 2 )+
|
|
||||||
(substr( mysql_result($ErgSonder, 0, "DateE"), 14, 2 ) / 60);
|
|
||||||
$Spalten[0].= "\t\t<td valign=\"top\" rowspan=\"". ($ZeitZeiger * $GlobalZeileProStunde). "\">\n".
|
|
||||||
"\t\t\t<h3>↑↑↑</h3>".
|
|
||||||
Ausgabe_Feld_Inhalt( mysql_result($ErgSonder, 0, "SID"),
|
|
||||||
mysql_result($ErgSonder, 0, "Man") ).
|
|
||||||
"\n\t\t</td>\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
/////////////////////////////////////////////////////////////
|
|
||||||
// gibt die schichten für den tag aus
|
|
||||||
/////////////////////////////////////////////////////////////
|
|
||||||
$SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` ".
|
|
||||||
"WHERE ((`RID` = '$raum') and ".
|
|
||||||
"(`DateS` >= '$ausdatum $ZeitZeiger:00:00') and ".
|
|
||||||
"(`DateS` like '$ausdatum%')) ORDER BY `DateS`;";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
for( $i = 0; $i < mysql_num_rows($Erg); ++$i )
|
|
||||||
{
|
|
||||||
$ZeitPos = substr( mysql_result($Erg, $i, "DateS"), 11, 2 )+
|
|
||||||
(substr( mysql_result($Erg, $i, "DateS"), 14, 2 ) / 60);
|
|
||||||
$len = mysql_result($Erg, $i, "Len");
|
|
||||||
|
|
||||||
if( $len <= 0)
|
|
||||||
array_push( $error_messages, "Error in shift denition SID=". mysql_result($Erg, $i, "SID"). " Len=$len");
|
|
||||||
|
|
||||||
if( $ZeitZeiger < $ZeitPos )
|
|
||||||
{
|
|
||||||
$Spalten[$ZeitZeiger * $GlobalZeileProStunde].=
|
|
||||||
"\t\t<td valign=\"top\" rowspan=\"". ( ($ZeitPos - $ZeitZeiger ) * $GlobalZeileProStunde ). "\"> </td>\n";
|
|
||||||
|
|
||||||
$ZeitZeiger += $ZeitPos - $ZeitZeiger;
|
|
||||||
}
|
|
||||||
if($ZeitZeiger == $ZeitPos )
|
|
||||||
{
|
|
||||||
//sonderfall wenn die schicht über dei 24 stunden hinaus geht
|
|
||||||
// (eintrag abkürzen, pfeiel ausgeben)
|
|
||||||
$Spalten[$ZeitZeiger * $GlobalZeileProStunde].=
|
|
||||||
"\t\t<td valign=\"top\" rowspan=\"".
|
|
||||||
( ( ($len+$ZeitZeiger)? $len : 24-$len+$ZeitZeiger) * $GlobalZeileProStunde).
|
|
||||||
"\">\n".
|
|
||||||
"\t\t\t".
|
|
||||||
Ausgabe_Feld_Inhalt( mysql_result($Erg, $i, "SID"),
|
|
||||||
mysql_result($Erg, $i, "Man") ).
|
|
||||||
(( ($ZeitZeiger+$len) > 24)? "\t\t\t<h3>↓↓↓</h3>" : "").
|
|
||||||
"\n\t\t</td>\n";
|
|
||||||
$ZeitZeiger += $len;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
|
|
||||||
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
|
|
||||||
mysql_result($Erg, $i, "SID"). "\">".
|
|
||||||
mysql_result($Erg, $i, "DateS").
|
|
||||||
" '". mysql_result($Erg, $i, "Man"). "' ".
|
|
||||||
" (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)</a><br><br>";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if( $ZeitZeiger < 24 )
|
|
||||||
$Spalten[($ZeitZeiger * $GlobalZeileProStunde)].=
|
|
||||||
"\t\t<td valign=\"top\" rowspan=\"".
|
|
||||||
((24 - $ZeitZeiger) * $GlobalZeileProStunde ).
|
|
||||||
"\"> </td>\n";
|
|
||||||
} // function CreateRoomShifts
|
|
||||||
|
|
||||||
|
|
||||||
/*#######################################################
|
|
||||||
# Ausgabe der freien schichten #
|
|
||||||
#######################################################*/
|
|
||||||
function showEmptyShifts( )
|
|
||||||
{
|
|
||||||
global $con, $DEBUG, $RoomID, $gmdateOffset;
|
|
||||||
|
|
||||||
echo "<table border=\"1\">\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "\t<th>". Get_Text("inc_schicht_date"). "</th>\n";
|
|
||||||
echo "\t<th>". Get_Text("inc_schicht_time"). "</th>\n";
|
|
||||||
echo "\t<th>". Get_Text("inc_schicht_room"). "</th>\n";
|
|
||||||
echo "\t<th>". Get_Text("inc_schicht_commend"). "</th>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
|
|
||||||
$sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` ".
|
|
||||||
"WHERE (`Shifts`.`DateS`>='". gmdate("Y-m-d H:i:s", time()+$gmdateOffset). "') ".
|
|
||||||
"ORDER BY `DateS`, `RID`;";
|
|
||||||
$Erg = mysql_query($sql, $con);
|
|
||||||
|
|
||||||
$angezeigt = 0;
|
|
||||||
for ($i=0; ($i<mysql_num_rows($Erg)) && ($angezeigt< 15); $i++)
|
|
||||||
if( isset($RoomID[mysql_result( $Erg, $i, "RID")]))
|
|
||||||
if( $RoomID[mysql_result( $Erg, $i, "RID")]!="" )
|
|
||||||
{
|
|
||||||
$Sql2 = "SELECT `UID` FROM `ShiftEntry` ".
|
|
||||||
"WHERE `SID`=". mysql_result( $Erg, $i, "SID"). " AND ".
|
|
||||||
"`UID`='0';";
|
|
||||||
$Erg2 = mysql_query($Sql2, $con);
|
|
||||||
|
|
||||||
if( mysql_num_rows($Erg2)>0)
|
|
||||||
{
|
|
||||||
$angezeigt++;
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "\t<td>". substr(mysql_result( $Erg, $i, "DateS"), 0, 10). "</td>\n";
|
|
||||||
echo "\t<td>". substr(mysql_result( $Erg, $i, "DateS"), 11). "</td>\n";
|
|
||||||
echo "\t<td>". $RoomID[mysql_result( $Erg, $i, "RID")]. "</td>\n";
|
|
||||||
echo "\t<td>".
|
|
||||||
ausgabe_Feld_Inhalt( mysql_result( $Erg, $i, "SID"), mysql_result( $Erg, $i, "Man")).
|
|
||||||
"</td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
echo "</table>\n";
|
|
||||||
|
|
||||||
} //function showEmptyShifts
|
|
||||||
|
|
||||||
|
|
||||||
/*#######################################################
|
|
||||||
# Gibt die anzahl der Schichten im Raum zurück #
|
|
||||||
#######################################################*/
|
|
||||||
function SummRoomShifts( $raum )
|
|
||||||
{
|
|
||||||
global $ausdatum, $con, $DEBUG, $GlobalZeileProStunde;
|
|
||||||
|
|
||||||
$SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` ".
|
|
||||||
"WHERE ((`RID` = '$raum') AND (`DateE` >= '$ausdatum 00:00:00') AND ".
|
|
||||||
"(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;";
|
|
||||||
|
|
||||||
$ErgSonder = mysql_query($SQLSonder, $con);
|
|
||||||
|
|
||||||
return mysql_num_rows($ErgSonder);
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,87 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
|
|
||||||
if( !function_exists("DatumUm1TagErhoehen"))
|
|
||||||
{
|
|
||||||
function DatumUm1TagErhoehen( $Datum)
|
|
||||||
{
|
|
||||||
$Jahr = substr( $Datum, 0, 4);
|
|
||||||
$Monat = substr( $Datum, 5, 2);
|
|
||||||
$Tag = substr( $Datum, 8, 2);
|
|
||||||
|
|
||||||
$Tag++;
|
|
||||||
|
|
||||||
switch( $Monat)
|
|
||||||
{
|
|
||||||
case 1: $Mmax=31; break;
|
|
||||||
case 2: $Mmax=28; break;
|
|
||||||
case 3: $Mmax=31; break;
|
|
||||||
case 4: $Mmax=30; break;
|
|
||||||
case 5: $Mmax=31; break;
|
|
||||||
case 6: $Mmax=30; break;
|
|
||||||
case 7: $Mmax=31; break;
|
|
||||||
case 8: $Mmax=31; break;
|
|
||||||
case 9: $Mmax=30; break;
|
|
||||||
case 10: $Mmax=31; break;
|
|
||||||
case 11: $Mmax=30; break;
|
|
||||||
case 12: $Mmax=31; break;
|
|
||||||
}
|
|
||||||
|
|
||||||
if( $Tag > $Mmax)
|
|
||||||
{
|
|
||||||
$Tag = 1;
|
|
||||||
$Monat++;
|
|
||||||
}
|
|
||||||
|
|
||||||
if( $Monat > 12 )
|
|
||||||
{
|
|
||||||
$Monat = 1;
|
|
||||||
$Jahr++;
|
|
||||||
}
|
|
||||||
|
|
||||||
$Tag = strlen( $Tag ) == 1 ? "0".$Tag : $Tag;
|
|
||||||
$Monat = strlen( $Monat ) == 1 ? "0".$Monat : $Monat;
|
|
||||||
|
|
||||||
return ("$Jahr-$Monat-$Tag");
|
|
||||||
} //function DatumUm1Tagerhoehen(
|
|
||||||
}
|
|
||||||
|
|
||||||
//suchen den ersten eintrags
|
|
||||||
$SQL = "SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
$Pos=0;
|
|
||||||
|
|
||||||
if( mysql_num_rows($Erg)>0)
|
|
||||||
{
|
|
||||||
do
|
|
||||||
{
|
|
||||||
//Startdatum einlesen und link ausgeben
|
|
||||||
$DateS = substr(mysql_result($Erg, 0 , 0), 0,10);
|
|
||||||
$VeranstaltungsTage[$Pos++] = $DateS;
|
|
||||||
|
|
||||||
//auslesen den endes und eventuelle weitere tage ausgeben
|
|
||||||
$SQL2 = "SELECT MAX(`DateE`) FROM `Shifts` ".
|
|
||||||
"WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))";
|
|
||||||
$Erg2 = mysql_query($SQL2, $con);
|
|
||||||
$DateE = substr(mysql_result($Erg2, 0 , 0), 0,10);
|
|
||||||
|
|
||||||
if( strlen($DateE) == 0)
|
|
||||||
$DateE = $DateS;
|
|
||||||
else
|
|
||||||
while( $DateS != $DateE)
|
|
||||||
{
|
|
||||||
$DateS = DatumUm1TagErhoehen( $DateS);
|
|
||||||
$VeranstaltungsTage[$Pos++] = $DateS;
|
|
||||||
}
|
|
||||||
|
|
||||||
//suchen den nästen eintrag
|
|
||||||
$SQL = "SELECT `DateS` FROM `Shifts` ".
|
|
||||||
"WHERE (`DateS` > '$DateE 23:59:59' ) ".
|
|
||||||
"ORDER BY `DateS` ".
|
|
||||||
"LIMIT 1";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
} while( mysql_fetch_row($Erg) > 0);
|
|
||||||
}
|
|
||||||
$VeranstaltungsTageMax = $Pos-1;
|
|
||||||
|
|
||||||
?>
|
|
@ -1,132 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
function UID2Nick($UID)
|
|
||||||
{
|
|
||||||
global $con;
|
|
||||||
|
|
||||||
if( $UID>0) {
|
|
||||||
$SQL = "SELECT Nick FROM `User` WHERE UID='$UID'";
|
|
||||||
} else {
|
|
||||||
$SQL = "SELECT Name FROM `UserGroups` WHERE UID='$UID'";
|
|
||||||
}
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
//echo $UID."#";
|
|
||||||
if( mysql_num_rows($Erg)) {
|
|
||||||
if( $UID>0 ) {
|
|
||||||
return mysql_result($Erg, 0);
|
|
||||||
} else {
|
|
||||||
return "Group-".mysql_result($Erg, 0);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if( $UID == -1)
|
|
||||||
return "logout User";
|
|
||||||
else
|
|
||||||
return "UserID $UID not found";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
function TID2Type($TID)
|
|
||||||
{
|
|
||||||
global $con;
|
|
||||||
|
|
||||||
$SQL = "SELECT Name FROM `EngelType` WHERE TID='$TID'";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
if( mysql_num_rows($Erg))
|
|
||||||
return mysql_result($Erg, 0);
|
|
||||||
else
|
|
||||||
return "";
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
function ReplaceSmilies($eckig)
|
|
||||||
{
|
|
||||||
global $url, $ENGEL_ROOT;
|
|
||||||
|
|
||||||
$neueckig = $eckig;
|
|
||||||
$neueckig = str_replace(";o))", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_redface.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":-))", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_redface.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(";o)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_wind.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_smile.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":-)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_smile.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_sad.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":-(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_sad.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":o(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_sad.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":o)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_lol.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(";o(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_cry.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(";(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_cry.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(";-(", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_cry.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace("8)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_rolleyes.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace("8o)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_rolleyes.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":P", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_evil.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":-P", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_evil.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(":oP", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_evil.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(";P", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_mad.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace(";oP", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_mad.gif\">",$neueckig);
|
|
||||||
$neueckig = str_replace("?)", "<img src=\"". $url. $ENGEL_ROOT. "pic/smiles/icon_question.gif\">",$neueckig);
|
|
||||||
return $neueckig;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
function GetPicturShow($UID)
|
|
||||||
{
|
|
||||||
global $con;
|
|
||||||
|
|
||||||
$SQL= "SELECT `show` FROM `UserPicture` WHERE `UID`='$UID'";
|
|
||||||
$res = mysql_query( $SQL, $con);
|
|
||||||
if( mysql_num_rows($res) == 1)
|
|
||||||
return mysql_result( $res, 0, 0);
|
|
||||||
else
|
|
||||||
return "";
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/* Parameter:
|
|
||||||
<UserID>
|
|
||||||
[<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
|
|
||||||
function displayPictur($UID, $height="30")
|
|
||||||
{
|
|
||||||
global $url, $ENGEL_ROOT;
|
|
||||||
if( $height > 0)
|
|
||||||
return( "<img src=\"". $url. $ENGEL_ROOT. "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\">");
|
|
||||||
else
|
|
||||||
return( "<img src=\"". $url. $ENGEL_ROOT. "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">");
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/* Parameter:
|
|
||||||
<UserID>
|
|
||||||
[<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
|
|
||||||
function displayavatar( $UID, $height="30")
|
|
||||||
{
|
|
||||||
global $con, $url, $ENGEL_ROOT;
|
|
||||||
|
|
||||||
if( GetPicturShow($UID) == 'Y')
|
|
||||||
return " ". displayPictur( $UID, $height);
|
|
||||||
|
|
||||||
// show avator
|
|
||||||
$asql = "select * from User where UID = $UID";
|
|
||||||
$aerg = mysql_query ($asql, $con);
|
|
||||||
if( mysql_num_rows($aerg) )
|
|
||||||
if( mysql_result($aerg, 0, "Avatar") > 0)
|
|
||||||
return (" <img src=\"". $url. $ENGEL_ROOT. "pic/avatar/avatar". mysql_result($aerg, 0, "Avatar"). ".gif\">");
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
function UIDgekommen($UID)
|
|
||||||
{
|
|
||||||
global $con;
|
|
||||||
|
|
||||||
$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='$UID'";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
|
|
||||||
//echo $UID."#";
|
|
||||||
if( mysql_num_rows($Erg))
|
|
||||||
return mysql_result($Erg, 0);
|
|
||||||
else
|
|
||||||
return "0";
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,26 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
/* Schichtverplanung im Adminbereich */
|
|
||||||
function Dsubstr($DateString,$re) {
|
|
||||||
if ($re==1)
|
|
||||||
return substr($DateString, 0, 2);
|
|
||||||
elseif ($re==2)
|
|
||||||
return substr($DateString, 3, 2);
|
|
||||||
else
|
|
||||||
return substr($DateString, 6, 4);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Schichtverplanung im Engelbereich */
|
|
||||||
|
|
||||||
function engeldate($edate,$m) {
|
|
||||||
if ($m==t)
|
|
||||||
return substr($edate, 8, 2);
|
|
||||||
elseif ($m==m)
|
|
||||||
return substr($edate, 5, 2);
|
|
||||||
elseif ($m==u)
|
|
||||||
return substr($edate, 11, 5);
|
|
||||||
else
|
|
||||||
return substr($edate, 0, 4);
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,50 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
ini_set( "session.gc_maxlifetime", "65535");
|
|
||||||
|
|
||||||
include ("config.php");
|
|
||||||
include ("error_handler.php");
|
|
||||||
include ("config_db.php");
|
|
||||||
include ("funktion_lang.php");
|
|
||||||
include ("funktion_faq.php"); //für noAnswer() im menu
|
|
||||||
include ("funktion_menu.php");
|
|
||||||
include ("funktion_user.php");
|
|
||||||
|
|
||||||
|
|
||||||
if( isset($SystemDisableMessage) && ( strlen($SystemDisableMessage)>0) )
|
|
||||||
{
|
|
||||||
echo "<HTML>\n".
|
|
||||||
"<BODY>\n". $SystemDisableMessage. "\n<BODY>\n".
|
|
||||||
"</HTML>";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
|
|
||||||
if( !isset($_SESSION))
|
|
||||||
{
|
|
||||||
session_start();
|
|
||||||
}
|
|
||||||
include ("secure.php");
|
|
||||||
|
|
||||||
if( !isset($_SESSION['IP']))
|
|
||||||
{
|
|
||||||
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
|
|
||||||
}
|
|
||||||
|
|
||||||
if (IsSet($_SESSION['UID']) and ($_SESSION['IP'] <> $_SERVER['REMOTE_ADDR']))
|
|
||||||
{
|
|
||||||
session_destroy ();
|
|
||||||
header("Location: $url". $ENGEL_ROOT );
|
|
||||||
}
|
|
||||||
|
|
||||||
include ("UserCVS.php");
|
|
||||||
|
|
||||||
|
|
||||||
//UPdate LASTlogin
|
|
||||||
if( isset($_SESSION['UID']))
|
|
||||||
{
|
|
||||||
$SQLlastLogIn = "UPDATE `User` SET ".
|
|
||||||
"`lastLogIn` = '". gmdate("Y-m-j H:i:s", time()). "'".
|
|
||||||
" WHERE `UID` = '". $_SESSION['UID']. "' LIMIT 1;";
|
|
||||||
mysql_query ($SQLlastLogIn, $con);
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
|
@ -1,18 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
include ("config.php");
|
|
||||||
|
|
||||||
echo "<form action=\"". $url. $ENGEL_ROOT. "nonpublic/index.php\" method=\"post\">";
|
|
||||||
echo "<table>\n".
|
|
||||||
"\t<tr>".
|
|
||||||
"\t\t<td align=\"right\">". Get_Text("index_lang_nick"). "</td>".
|
|
||||||
"\t\t<td><input type=\"text\" name=\"user\" size=\"23\"></td>".
|
|
||||||
"\t</tr>".
|
|
||||||
"\t<tr>".
|
|
||||||
"\t\t<td align=\"right\">". Get_Text("index_lang_pass"). "</td>".
|
|
||||||
"\t\t<td><input type=\"password\" name=\"password\" size=\"23\"></td>".
|
|
||||||
"\t</tr>".
|
|
||||||
"</table>".
|
|
||||||
"<br><input type=\"submit\" value=\"". Get_Text("index_lang_send"). "\">";
|
|
||||||
echo "</form>";
|
|
||||||
|
|
||||||
|
|
@ -1,63 +0,0 @@
|
|||||||
|
|
||||||
<!-- anfang des menue parts //-->
|
|
||||||
<td width="160" valign="top">
|
|
||||||
<?PHP
|
|
||||||
$MenueTableStart="
|
|
||||||
<table align=\"center\" class=\"border\" cellpadding=\"3\" cellspacing=\"1\">
|
|
||||||
<tr>
|
|
||||||
<td width=\"160\" class=\"menu\">
|
|
||||||
";
|
|
||||||
$MenueTableEnd="
|
|
||||||
<br>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table><br>
|
|
||||||
";
|
|
||||||
|
|
||||||
ShowMenu("");
|
|
||||||
ShowMenu("nonpublic");
|
|
||||||
ShowMenu("admin");
|
|
||||||
|
|
||||||
if( !isset($submenus))
|
|
||||||
$submenus = 0;
|
|
||||||
|
|
||||||
if ($submenus >= 1 ) {
|
|
||||||
$inc_name=$_SERVER['PHP_SELF'];
|
|
||||||
$filenamepos=strrpos($inc_name, '/');
|
|
||||||
$filenamepos+=1;
|
|
||||||
$filename = substr ($inc_name, $filenamepos );
|
|
||||||
$filepost = substr ($filename, 0, -4);
|
|
||||||
$filepre = substr ($filename, -4 );
|
|
||||||
$verzeichnis = substr ($inc_name, 0 , $filenamepos);
|
|
||||||
|
|
||||||
for ($index_nummer=1; $index_nummer <= $submenus; $index_nummer++) {
|
|
||||||
?>
|
|
||||||
<table align="center" class="border" cellpadding="3" cellspacing="1">
|
|
||||||
<tr>
|
|
||||||
<td width="160" class="menu">
|
|
||||||
<?php include ("./".$filepost.".".$index_nummer.$filepre); ?>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table>
|
|
||||||
|
|
||||||
<br>
|
|
||||||
<?PHP
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if( isset($_SESSION['UID']))
|
|
||||||
{
|
|
||||||
?>
|
|
||||||
<table align="center" class="border" cellpadding="3" cellspacing="1">
|
|
||||||
<tr>
|
|
||||||
<td width="160" class="menu">
|
|
||||||
<?php include("funktion_activeUser.php"); ?>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table>
|
|
||||||
<?PHP
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
</td>
|
|
||||||
|
|
||||||
<!-- ende des menue parts //-->
|
|
@ -0,0 +1,96 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
function admin_angel_types() {
|
||||||
|
$html = "";
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
|
||||||
|
$table = "";
|
||||||
|
$angel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `Name`");
|
||||||
|
|
||||||
|
foreach ($angel_types as $angel_type)
|
||||||
|
$table .= sprintf(
|
||||||
|
'<tr><td>%s</td><td>%s</td><td>'
|
||||||
|
. '<a href="%s&action=edit&id=%s">Edit</a></td></tr>',
|
||||||
|
$angel_type['Name'], $angel_type['Man'],
|
||||||
|
page_link_to("admin_angel_types"),
|
||||||
|
$angel_type['TID']
|
||||||
|
);
|
||||||
|
|
||||||
|
$html .= template_render('../templates/admin_angel_types.html', array (
|
||||||
|
'link' => page_link_to("admin_angel_types"),
|
||||||
|
'table' => $table
|
||||||
|
));
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
|
||||||
|
case 'create' :
|
||||||
|
$name = strip_request_item("name");
|
||||||
|
$man = strip_request_item("man");
|
||||||
|
|
||||||
|
sql_query("INSERT INTO `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "'");
|
||||||
|
|
||||||
|
header("Location: " . page_link_to("admin_angel_types"));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'edit' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing AngelType ID.");
|
||||||
|
|
||||||
|
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($angel_type) > 0) {
|
||||||
|
list ($angel_type) = $angel_type;
|
||||||
|
|
||||||
|
$html .= template_render(
|
||||||
|
'../templates/admin_angel_types_edit_form.html', array (
|
||||||
|
'link' => page_link_to("admin_angel_types"),
|
||||||
|
'id' => $id,
|
||||||
|
'name' => $angel_type['Name'],
|
||||||
|
'man' => $angel_type['Man']
|
||||||
|
));
|
||||||
|
} else
|
||||||
|
return error("No Angel Type found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'save' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing AngelType ID.");
|
||||||
|
|
||||||
|
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($angel_type) > 0) {
|
||||||
|
list ($angel_type) = $angel_type;
|
||||||
|
|
||||||
|
$name = strip_request_item("name");
|
||||||
|
$man = strip_request_item("man");
|
||||||
|
|
||||||
|
sql_query("UPDATE `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "' WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("admin_angel_types"));
|
||||||
|
} else
|
||||||
|
return error("No Angel Type found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing AngelType ID.");
|
||||||
|
|
||||||
|
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($angel_type) > 0) {
|
||||||
|
sql_query("DELETE FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
sql_query("DELETE FROM `RoomAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("admin_angel_types"));
|
||||||
|
} else
|
||||||
|
return error("No Angel Type found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,105 @@
|
|||||||
|
<?php
|
||||||
|
function admin_faq() {
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$faqs_html = "";
|
||||||
|
$faqs = sql_select("SELECT * FROM `FAQ`");
|
||||||
|
foreach ($faqs as $faq) {
|
||||||
|
$faqs_html .= sprintf(
|
||||||
|
'<tr><td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||||
|
. '<td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||||
|
. '<td><a href="%s&action=edit&id=%s">Edit</a></td></tr>',
|
||||||
|
$faq['Frage_de'], $faq['Antwort_de'],
|
||||||
|
$faq['Frage_en'], $faq['Antwort_en'],
|
||||||
|
page_link_to('admin_faq'), $faq['FID']
|
||||||
|
);
|
||||||
|
}
|
||||||
|
return template_render('../templates/admin_faq.html', array (
|
||||||
|
'link' => page_link_to("admin_faq"),
|
||||||
|
'faqs' => $faqs_html
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case 'create' :
|
||||||
|
$frage = strip_request_item_nl('frage');
|
||||||
|
$antwort = strip_request_item_nl('antwort');
|
||||||
|
$question = strip_request_item_nl('question');
|
||||||
|
$answer = strip_request_item_nl('answer');
|
||||||
|
|
||||||
|
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||||
|
. "', `Frage_en`='" . sql_escape($question)
|
||||||
|
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||||
|
. "', `Antwort_en`='" . sql_escape($answer)
|
||||||
|
. "'"
|
||||||
|
);
|
||||||
|
|
||||||
|
header("Location: " . page_link_to("admin_faq"));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'save' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing FAQ ID.");
|
||||||
|
|
||||||
|
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($faq) > 0) {
|
||||||
|
list ($faq) = $faq;
|
||||||
|
|
||||||
|
$frage = strip_request_item_nl('frage');
|
||||||
|
$antwort = strip_request_item_nl('antwort');
|
||||||
|
$question = strip_request_item_nl('question');
|
||||||
|
$answer = strip_request_item_nl('answer');
|
||||||
|
|
||||||
|
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||||
|
. "', `Frage_en`='" . sql_escape($question)
|
||||||
|
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||||
|
. "', `Antwort_en`='" . sql_escape($answer)
|
||||||
|
. "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"
|
||||||
|
);
|
||||||
|
|
||||||
|
header("Location: " . page_link_to("admin_faq"));
|
||||||
|
} else
|
||||||
|
return error("No FAQ found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'edit' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing FAQ ID.");
|
||||||
|
|
||||||
|
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($faq) > 0) {
|
||||||
|
list ($faq) = $faq;
|
||||||
|
|
||||||
|
return template_render('../templates/admin_faq_edit_form.html', array (
|
||||||
|
'link' => page_link_to("admin_faq"),
|
||||||
|
'id' => $id,
|
||||||
|
'frage' => $faq['Frage_de'],
|
||||||
|
'antwort' => $faq['Antwort_de'],
|
||||||
|
'question' => $faq['Frage_en'],
|
||||||
|
'answer' => $faq['Antwort_en']
|
||||||
|
));
|
||||||
|
} else
|
||||||
|
return error("No FAQ found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing FAQ ID.");
|
||||||
|
|
||||||
|
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($faq) > 0) {
|
||||||
|
list ($faq) = $faq;
|
||||||
|
|
||||||
|
sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("admin_faq"));
|
||||||
|
} else
|
||||||
|
return error("No FAQ found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,91 @@
|
|||||||
|
<?php
|
||||||
|
function admin_groups() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
$groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
|
||||||
|
if (!isset ($_REQUEST["action"])) {
|
||||||
|
$groups_html = "";
|
||||||
|
foreach ($groups as $group) {
|
||||||
|
$groups_html .= sprintf(
|
||||||
|
'<tr><td>%s</td>',
|
||||||
|
$group['Name']
|
||||||
|
);
|
||||||
|
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
|
||||||
|
$privileges_html = array ();
|
||||||
|
|
||||||
|
foreach ($privileges as $priv)
|
||||||
|
$privileges_html[] = $priv['name'];
|
||||||
|
|
||||||
|
$groups_html .= sprintf(
|
||||||
|
'<td>%s</td>'
|
||||||
|
. '<td><a href="%s&action=edit&id=%s">Ändern</a></td>',
|
||||||
|
join(', ', $privileges_html),
|
||||||
|
page_link_to("admin_groups"),
|
||||||
|
$group['UID']
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
return template_render('../templates/admin_groups.html', array (
|
||||||
|
'nick' => $user['Nick'],
|
||||||
|
'groups' => $groups_html
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST["action"]) {
|
||||||
|
case 'edit' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Groups ID.");
|
||||||
|
|
||||||
|
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($room) > 0) {
|
||||||
|
list ($room) = $room;
|
||||||
|
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
|
||||||
|
$privileges_html = "";
|
||||||
|
foreach ($privileges as $priv)
|
||||||
|
$privileges_html .= sprintf(
|
||||||
|
'<tr><td><input type="checkbox" '
|
||||||
|
. 'name="privileges[]" value="%s" %s />'
|
||||||
|
. '</td> <td>%s</td> <td>%s</td></tr>',
|
||||||
|
$priv['id'],
|
||||||
|
($priv['group_id'] != ""
|
||||||
|
? 'checked="checked"'
|
||||||
|
: ''),
|
||||||
|
$priv['name'],
|
||||||
|
$priv['desc']
|
||||||
|
);
|
||||||
|
|
||||||
|
$html .= template_render('../templates/admin_groups_edit_form.html', array (
|
||||||
|
'link' => page_link_to("admin_groups"),
|
||||||
|
'id' => $id,
|
||||||
|
'privileges' => $privileges_html
|
||||||
|
));
|
||||||
|
} else
|
||||||
|
return error("No Group found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'save' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Groups ID.");
|
||||||
|
|
||||||
|
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (!is_array($_REQUEST['privileges']))
|
||||||
|
$_REQUEST['privileges'] = array ();
|
||||||
|
if (count($room) > 0) {
|
||||||
|
list ($room) = $room;
|
||||||
|
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
|
||||||
|
foreach ($_REQUEST['privileges'] as $priv)
|
||||||
|
if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0)
|
||||||
|
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
|
||||||
|
header("Location: " . page_link_to("admin_groups"));
|
||||||
|
} else
|
||||||
|
return error("No Group found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,253 @@
|
|||||||
|
<?php
|
||||||
|
function admin_import() {
|
||||||
|
global $Room, $RoomID, $RoomName;
|
||||||
|
global $PentabarfGetWith, $PentabarfXMLpath, $PentabarfXMLhost;
|
||||||
|
|
||||||
|
require_once ("includes/funktion_xml.php");
|
||||||
|
///////////
|
||||||
|
// DEBUG //
|
||||||
|
///////////
|
||||||
|
$ShowDataStrukture = 0;
|
||||||
|
$EnableRoomFunctions = 1;
|
||||||
|
$EnableRooms = 1;
|
||||||
|
$EnableSchudleFunctions = 1;
|
||||||
|
$EnableSchudle = 1;
|
||||||
|
$EnableSchudleDB = 1;
|
||||||
|
|
||||||
|
CreateRoomArrays();
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
|
||||||
|
/*##############################################################################################
|
||||||
|
F I L E
|
||||||
|
##############################################################################################*/
|
||||||
|
$html .= "\n\n<br />\n<h1>XML File:</h1>\n";
|
||||||
|
if (isset ($_POST["PentabarfUser"]) && isset ($_POST["password"]) && isset ($_POST["PentabarfURL"])) {
|
||||||
|
$html .= "Update XCAL-File from Pentabarf..";
|
||||||
|
if ($PentabarfGetWith == "fsockopen") {
|
||||||
|
|
||||||
|
//backup error messeges and delate
|
||||||
|
$Backuperror_messages = $error_messages;
|
||||||
|
$fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 30);
|
||||||
|
// $error_messages = $Backuperror_messages;
|
||||||
|
|
||||||
|
if (!$fp) {
|
||||||
|
$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!" .
|
||||||
|
"[$errstr ($errno)]</h2>";
|
||||||
|
} else {
|
||||||
|
if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
|
||||||
|
$head = 'GET /' . $PentabarfXMLpath . $_POST["PentabarfURL"] . ' HTTP/1.1' . "\r\n" .
|
||||||
|
'Host: ' . $PentabarfXMLhost . "\r\n" .
|
||||||
|
'User-Agent: Engelsystem' . "\r\n" .
|
||||||
|
'Authorization: Basic ' .
|
||||||
|
base64_encode($_POST["PentabarfUser"] . ':' . $_POST["password"]) . "\r\n" .
|
||||||
|
"\r\n";
|
||||||
|
fputs($fp, $head);
|
||||||
|
$Zeilen = -1;
|
||||||
|
while (!feof($fp)) {
|
||||||
|
$Temp = fgets($fp, 1024);
|
||||||
|
|
||||||
|
// ende des headers
|
||||||
|
if ($Temp == "f20\r\n") {
|
||||||
|
$Zeilen = 0;
|
||||||
|
$Temp = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
//file ende?
|
||||||
|
if ($Temp == "0\r\n")
|
||||||
|
break;
|
||||||
|
|
||||||
|
if (($Zeilen > -1) && ($Temp != "ffb\r\n")) {
|
||||||
|
//steuerzeichen ausfiltern
|
||||||
|
if (strpos("#$Temp", "\r\n") > 0)
|
||||||
|
$Temp = substr($Temp, 0, strlen($Temp) - 2);
|
||||||
|
if (strpos("#$Temp", "1005") > 0)
|
||||||
|
$Temp = "";
|
||||||
|
if (strpos("#$Temp", "783") > 0)
|
||||||
|
$Temp = "";
|
||||||
|
//schreiben in file
|
||||||
|
fputs($fileOut, $Temp);
|
||||||
|
$Zeilen++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
fclose($fileOut);
|
||||||
|
|
||||||
|
$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
|
||||||
|
} else
|
||||||
|
$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
|
||||||
|
fclose($fp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
elseif ($PentabarfGetWith == "fopen") {
|
||||||
|
//user uns password in url einbauen
|
||||||
|
$FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" .
|
||||||
|
$PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"];
|
||||||
|
|
||||||
|
if (($fileIn = fopen($FileNameIn, "r")) != FALSE) {
|
||||||
|
if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
|
||||||
|
$Zeilen = 0;
|
||||||
|
while (!feof($fileIn)) {
|
||||||
|
$Zeilen++;
|
||||||
|
fputs($fileOut, fgets($fileIn));
|
||||||
|
}
|
||||||
|
fclose($fileOut);
|
||||||
|
$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
|
||||||
|
} else
|
||||||
|
$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
|
||||||
|
fclose($fileIn);
|
||||||
|
} else
|
||||||
|
$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!</h2>";
|
||||||
|
}
|
||||||
|
elseif ($PentabarfGetWith == "wget") {
|
||||||
|
$Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " .
|
||||||
|
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] .
|
||||||
|
" --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" .
|
||||||
|
" --no-check-certificate";
|
||||||
|
$html .= system($Command, $Status);
|
||||||
|
if ($Status == 0)
|
||||||
|
$html .= "OK.<br />";
|
||||||
|
else
|
||||||
|
$html .= "fail ($Status)($Command).<br />";
|
||||||
|
}
|
||||||
|
elseif ($PentabarfGetWith == "lynx") {
|
||||||
|
$Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " .
|
||||||
|
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML";
|
||||||
|
$html .= system($Command, $Status);
|
||||||
|
if ($Status == 0)
|
||||||
|
$html .= "OK.<br />";
|
||||||
|
else
|
||||||
|
$html .= "fail ($Status)($Command).<br />";
|
||||||
|
}
|
||||||
|
elseif ($PentabarfGetWith == "fopen") {
|
||||||
|
//user uns password in url einbauen
|
||||||
|
$FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" .
|
||||||
|
$PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"];
|
||||||
|
|
||||||
|
if (($fileIn = fopen($FileNameIn, "r")) != FALSE) {
|
||||||
|
if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
|
||||||
|
$Zeilen = 0;
|
||||||
|
while (!feof($fileIn)) {
|
||||||
|
$Zeilen++;
|
||||||
|
fputs($fileOut, fgets($fileIn));
|
||||||
|
}
|
||||||
|
fclose($fileOut);
|
||||||
|
$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
|
||||||
|
} else
|
||||||
|
$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
|
||||||
|
fclose($fileIn);
|
||||||
|
} else
|
||||||
|
$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!</h2>";
|
||||||
|
}
|
||||||
|
elseif ($PentabarfGetWith == "wget") {
|
||||||
|
$Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " .
|
||||||
|
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] .
|
||||||
|
" --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" .
|
||||||
|
" --no-check-certificate";
|
||||||
|
$html .= system($Command, $Status);
|
||||||
|
if ($Status == 0)
|
||||||
|
$html .= "OK.<br />";
|
||||||
|
else
|
||||||
|
$html .= "fail ($Status)($Command).<br />";
|
||||||
|
}
|
||||||
|
elseif ($PentabarfGetWith == "lynx") {
|
||||||
|
$Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " .
|
||||||
|
"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML";
|
||||||
|
$html .= system($Command, $Status);
|
||||||
|
if ($Status == 0)
|
||||||
|
$html .= "OK.<br />";
|
||||||
|
else
|
||||||
|
$html .= "fail ($Status)($Command).<br />";
|
||||||
|
} else
|
||||||
|
$html .= "<h1>The PentabarfGetWith='$PentabarfGetWith' not supported</h1>";
|
||||||
|
} else {
|
||||||
|
$html .= "<form action=\"dbUpdateFromXLS.php\" method=\"post\">\n";
|
||||||
|
$html .= "<table border=\"0\">\n";
|
||||||
|
$html .= "\t<tr><td>XCAL-File: https://$PentabarfXMLhost/$PentabarfXMLpath</td>" .
|
||||||
|
"<td><input name=\"PentabarfURL\" type=\"text\" size=\"4\" maxlength=\"5\" " .
|
||||||
|
"value=\"$PentabarfXMLEventID\"></td></tr>\n";
|
||||||
|
$html .= "\t<tr><td>Username:</td>" .
|
||||||
|
"<td><input name=\"PentabarfUser\" type=\"text\" size=\"30\" maxlength=\"30\"></td></tr>\n";
|
||||||
|
$html .= "\t<tr><td>Password:</td>" .
|
||||||
|
"<td><input name=\"password\" type=\"password\" size=\"30\" maxlength=\"30\"></td></tr>\n";
|
||||||
|
$html .= "\t<tr><td></td><td><input type=\"submit\" name=\"FileUpload\" value=\"upload\"></td></tr>\n";
|
||||||
|
$html .= "</table>\n";
|
||||||
|
$html .= "</form>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
//readXMLfile("xml.php.xml");
|
||||||
|
if (readXMLfile("../import/27C3_sample.xcs.xml") == 0) {
|
||||||
|
$XMLmain = getXMLsubPease($XMLmain, "VCALENDAR");
|
||||||
|
|
||||||
|
if ($ShowDataStrukture) {
|
||||||
|
$html .= "<pre><br />";
|
||||||
|
$html .= $XMLmain->name;
|
||||||
|
$html .= "<br />";
|
||||||
|
print_r(array_values($XMLmain->sub));
|
||||||
|
$html .= "</pre>";
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
$html .= "<br />";
|
||||||
|
$Feld=7;
|
||||||
|
$html .= "$Feld#". $XMLmain->sub[$Feld]->name. "<br />";
|
||||||
|
$html .= "$Feld#". $XMLmain->sub[$Feld]->sub;
|
||||||
|
//print_r(array_values ($XMLmain->sub[$Feld]->sub));
|
||||||
|
while(list($key, $value) = each($XMLmain->sub[$Feld]->sub))
|
||||||
|
$html .= "?ID".$value->sub[1]->data. "=". $value->sub[2]->data. "\n";
|
||||||
|
$html .= "</pre>";
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*##############################################################################################
|
||||||
|
V e r s i o n
|
||||||
|
##############################################################################################*/
|
||||||
|
|
||||||
|
$html .= "<hr>\n";
|
||||||
|
$XMLrelease = getXMLsubPease($XMLmain, "X-WR-CALDESC");
|
||||||
|
$html .= "release: " . $XMLrelease->data . "<br />\n";
|
||||||
|
//$XMLreleaseDate = getXMLsubPease( $XMLmain, "RELEASE-DATE");
|
||||||
|
//$html .= "release date: ". $XMLreleaseDate->data. "<br />\n";
|
||||||
|
$html .= "<hr>\n";
|
||||||
|
|
||||||
|
/*##############################################################################################
|
||||||
|
V e r s i o n
|
||||||
|
##############################################################################################*/
|
||||||
|
if ($EnableRoomFunctions)
|
||||||
|
include ("includes/funktion_xml_room.php");
|
||||||
|
|
||||||
|
if ($EnableSchudleFunctions)
|
||||||
|
include ("includes/funktion_xml_schudle.php");
|
||||||
|
|
||||||
|
/*##############################################################################################
|
||||||
|
U P D A T E A L L
|
||||||
|
##############################################################################################*/
|
||||||
|
$html .= "\n\n<br />\n<h1>Update ALL:</h1>\n";
|
||||||
|
|
||||||
|
$html .= "<form action=\"dbUpdateFromXLS.php\">\n";
|
||||||
|
$html .= "\t<input type=\"submit\" name=\"UpdateALL\" value=\"now\">\n";
|
||||||
|
$html .= "</form>\n";
|
||||||
|
|
||||||
|
} //if XMLopenOOK
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*##############################################################################################
|
||||||
|
erstellt Arrays der Reume
|
||||||
|
##############################################################################################*/
|
||||||
|
function CreateRoomArrays() {
|
||||||
|
global $Room, $RoomID, $RoomName, $con;
|
||||||
|
|
||||||
|
$sql = "SELECT `RID`, `Name` FROM `Room` " .
|
||||||
|
"WHERE `Show`='Y'" .
|
||||||
|
"ORDER BY `Number`, `Name`;";
|
||||||
|
$Erg = mysql_query($sql, $con);
|
||||||
|
$rowcount = mysql_num_rows($Erg);
|
||||||
|
|
||||||
|
for ($i = 0; $i < $rowcount; $i++) {
|
||||||
|
$Room[$i]["RID"] = mysql_result($Erg, $i, "RID");
|
||||||
|
$Room[$i]["Name"] = mysql_result($Erg, $i, "Name");
|
||||||
|
$RoomID[mysql_result($Erg, $i, "RID")] = mysql_result($Erg, $i, "Name");
|
||||||
|
$RoomName[mysql_result($Erg, $i, "Name")] = mysql_result($Erg, $i, "RID");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
|
@ -0,0 +1,110 @@
|
|||||||
|
<?php
|
||||||
|
function admin_language() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
if (!isset ($_POST["TextID"])) {
|
||||||
|
$html .= Get_Text("Hello") . $user['Nick'] . ", <br />\n";
|
||||||
|
$html .= Get_Text("pub_sprache_text1") . "<br /><br />\n";
|
||||||
|
|
||||||
|
$html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>";
|
||||||
|
// ausgabe Tabellenueberschift
|
||||||
|
$SQL_Sprachen = "SELECT `Sprache` FROM `Sprache` GROUP BY `Sprache`;";
|
||||||
|
$erg_Sprachen = sql_query($SQL_Sprachen);
|
||||||
|
|
||||||
|
for ($i = 0; $i < mysql_num_rows($erg_Sprachen); $i++)
|
||||||
|
$Sprachen[mysql_result($erg_Sprachen, $i, "Sprache")] = $i;
|
||||||
|
|
||||||
|
$html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>";
|
||||||
|
$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>";
|
||||||
|
foreach ($Sprachen as $Name => $Value)
|
||||||
|
$html .= "<td class=\"contenttopic\"><b>" .
|
||||||
|
Get_Text("pub_sprache_Sprache") . " " . $Name .
|
||||||
|
"</b></td>";
|
||||||
|
$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>";
|
||||||
|
$html .= "\t\t</tr>";
|
||||||
|
|
||||||
|
if (isset ($_GET["ShowEntry"])) {
|
||||||
|
// ausgabe eintraege
|
||||||
|
$SQL = "SELECT * FROM `Sprache` ORDER BY `TextID`;";
|
||||||
|
$erg = sql_query($SQL);
|
||||||
|
|
||||||
|
$TextID_Old = mysql_result($erg, 0, "TextID");
|
||||||
|
for ($i = 0; $i < mysql_num_rows($erg); $i++) {
|
||||||
|
$TextID_New = mysql_result($erg, $i, "TextID");
|
||||||
|
if ($TextID_Old != $TextID_New) {
|
||||||
|
$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
|
||||||
|
$html .= "<tr class=\"content\">\n";
|
||||||
|
$html .= "\t\t<td>$TextID_Old " .
|
||||||
|
"<input name=\"TextID\" type=\"hidden\" value=\"$TextID_Old\"> </td>\n";
|
||||||
|
|
||||||
|
foreach ($Sprachen as $Name => $Value) {
|
||||||
|
$Value = html_entity_decode($Value, ENT_QUOTES);
|
||||||
|
$html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n";
|
||||||
|
$Sprachen[$Name] = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
|
||||||
|
$html .= "</tr>";
|
||||||
|
$html .= "</form>\n";
|
||||||
|
$TextID_Old = $TextID_New;
|
||||||
|
}
|
||||||
|
$Sprachen[mysql_result($erg, $i, "Sprache")] = mysql_result($erg, $i, "Text");
|
||||||
|
} /*FOR*/
|
||||||
|
}
|
||||||
|
|
||||||
|
//fuer neu eintraege
|
||||||
|
$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
|
||||||
|
$html .= "<tr class=\"content\">\n";
|
||||||
|
$html .= "\t\t<td><input name=\"TextID\" type=\"text\" size=\"40\" value=\"new\"> </td>\n";
|
||||||
|
|
||||||
|
foreach ($Sprachen as $Name => $Value)
|
||||||
|
$html .= "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Name Text</textarea></td>\n";
|
||||||
|
|
||||||
|
$html .= "\t\t<td><input type=\"submit\" value=\"Save\"></td>\n";
|
||||||
|
$html .= "</tr>";
|
||||||
|
$html .= "</form>\n";
|
||||||
|
|
||||||
|
$html .= "</table>\n";
|
||||||
|
} /*if( !isset( $TextID ) )*/
|
||||||
|
else {
|
||||||
|
$html .= "edit: " . $_POST["TextID"] . "<br /><br />";
|
||||||
|
foreach ($_POST as $k => $v) {
|
||||||
|
if ($k != "TextID") {
|
||||||
|
$sql_test = "SELECT * FROM `Sprache` " .
|
||||||
|
"WHERE `TextID`='" . sql_escape($_POST["TextID"])
|
||||||
|
. "' AND `Sprache`='"
|
||||||
|
. sql_escape($k) . "'";
|
||||||
|
|
||||||
|
$erg_test = sql_query($sql_test);
|
||||||
|
|
||||||
|
if (mysql_num_rows($erg_test) == 0) {
|
||||||
|
$sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " .
|
||||||
|
"VALUES ('" . sql_escape($_POST["TextID"]) . "', '"
|
||||||
|
. sql_escape($k) . "', '"
|
||||||
|
. sql_escape($v) . "')";
|
||||||
|
|
||||||
|
$html .= $sql_save . "<br />";
|
||||||
|
$Erg = sql_query($sql_save);
|
||||||
|
$html .= success("$k Save: OK<br />\n");
|
||||||
|
} else
|
||||||
|
if (mysql_result($erg_test, 0, "Text") != $v) {
|
||||||
|
$sql_save = "UPDATE `Sprache` SET `Text`='"
|
||||||
|
. sql_escape($v) . "' " .
|
||||||
|
"WHERE `TextID`='"
|
||||||
|
. sql_escape($_POST["TextID"])
|
||||||
|
. "' AND `Sprache`='" . sql_escape($k) . "' ";
|
||||||
|
|
||||||
|
$html .= $sql_save . "<br />";
|
||||||
|
$Erg = sql_query($sql_save);
|
||||||
|
$html .= success(" $k Update: OK<br />\n");
|
||||||
|
} else
|
||||||
|
$html .= "\t $k no changes<br />\n";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
|
@ -0,0 +1,76 @@
|
|||||||
|
<?php
|
||||||
|
function admin_log() {
|
||||||
|
require_once ("includes/funktion_db_list.php");
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
$SQL = "SELECT * FROM `ChangeLog` ORDER BY `Time` DESC LIMIT 0,10000";
|
||||||
|
$Erg = sql_query($SQL);
|
||||||
|
|
||||||
|
if (mysql_num_rows($Erg) > 0) {
|
||||||
|
$html .= "<table border=1>\n";
|
||||||
|
$html .= "<tr>\n\t<th>Time</th>\n\t<th>User</th>\n\t<th>Commend</th>\n\t<th>SQL Command</th>\n</tr>\n";
|
||||||
|
for ($n = 0; $n < mysql_num_rows($Erg); $n++) {
|
||||||
|
$html .= "<tr>\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Time") . "</td>\n";
|
||||||
|
$html .= "\t<td>" . UID2Nick(mysql_result($Erg, $n, "UID")) . displayavatar(mysql_result($Erg, $n, "UID")) . "</td>\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Commend") . "</td>\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "SQLCommad") . "</td>\n";
|
||||||
|
$html .= "</tr>\n";
|
||||||
|
}
|
||||||
|
$html .= "</table>\n";
|
||||||
|
} else {
|
||||||
|
$html .= "Log is empty...";
|
||||||
|
}
|
||||||
|
$html .= "<hr />";
|
||||||
|
|
||||||
|
$html .= "<h1>Web Counter</h1>";
|
||||||
|
$html .= funktion_db_list("Counter");
|
||||||
|
|
||||||
|
/*
|
||||||
|
$html .= "<h1>Raeume</h1> <br />";
|
||||||
|
funktion_db_list("Raeume");
|
||||||
|
|
||||||
|
$html .= "<h1>Schichtbelegung</h1> <br />";
|
||||||
|
funktion_db_list("Schichtbelegung");
|
||||||
|
|
||||||
|
$html .= "<h1>Schichtplan</h1> <br />Hier findest du alle bisher eingetragenen Schichten:";
|
||||||
|
funktion_db_list("Schichtplan");
|
||||||
|
|
||||||
|
$html .= "<h1>User</h1> <br />";
|
||||||
|
funktion_db_list("User");
|
||||||
|
|
||||||
|
$html .= "<h1>News</h1> <br />";
|
||||||
|
funktion_db_list("News");
|
||||||
|
|
||||||
|
$html .= "<h1>FAQ</h1> <br />";
|
||||||
|
funktion_db_list("FAQ");
|
||||||
|
|
||||||
|
$html .= "Deaktiviert";
|
||||||
|
*/
|
||||||
|
|
||||||
|
$html .= "<hr>\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Tshirt-Size aller engel", "SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`");
|
||||||
|
$html .= "<br />\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Tshirt ausgegeben", "SELECT `Size`, COUNT(`Size`) FROM `User` WHERE `Tshirt`='1' GROUP BY `Size`");
|
||||||
|
$html .= "<br />\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Tshirt nicht ausgegeben (Gekommen=1)", "SELECT COUNT(`Size`), `Size` FROM `User` WHERE `Gekommen`='1' and `Tshirt`='0' GROUP BY `Size`");
|
||||||
|
|
||||||
|
$html .= "<hr>\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`");
|
||||||
|
$html .= "<br />\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`");
|
||||||
|
|
||||||
|
$html .= "<hr>\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Gesamte Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID)");
|
||||||
|
$html .= "<br />\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Geleisteter Arbeit", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0)");
|
||||||
|
|
||||||
|
$html .= "<hr>\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Gesamte Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (Shifts.RID!=7)");
|
||||||
|
$html .= "<br />\n";
|
||||||
|
$html .= funktion_db_element_list_2row("Geleisteter Arbeit (Ohne Raum aufabau (RID=7)", "SELECT COUNT(*) AS `Count [x]`, SUM(Shifts.Len) as `Sum [h]` from Shifts LEFT JOIN ShiftEntry USING(SID) WHERE (ShiftEntry.UID!=0) AND (Shifts.RID!=7)");
|
||||||
|
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
|
@ -0,0 +1,87 @@
|
|||||||
|
<?php
|
||||||
|
function admin_news() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
if (!isset ($_GET["action"])) {
|
||||||
|
header("Location: " . page_link_to("news"));
|
||||||
|
} else {
|
||||||
|
$html = "";
|
||||||
|
switch ($_GET["action"]) {
|
||||||
|
case 'edit' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing News ID.");
|
||||||
|
|
||||||
|
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($news) > 0) {
|
||||||
|
list ($news) = $news;
|
||||||
|
|
||||||
|
$html .= '<a href="' . page_link_to("news") . '">« Back</a>';
|
||||||
|
|
||||||
|
$html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
|
||||||
|
|
||||||
|
$html .= "<table>\n";
|
||||||
|
$html .= " <tr><td>Datum</td><td>" .
|
||||||
|
date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n";
|
||||||
|
$html .= " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" .
|
||||||
|
$news["Betreff"] . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
|
||||||
|
$news["Text"] . "</textarea></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Engel</td><td>" .
|
||||||
|
UID2Nick($news["UID"]) . "</td></tr>\n";
|
||||||
|
$html .= " <tr><td>Treffen</td><td>" . html_select_key('eTreffen', array (
|
||||||
|
'1' => "Ja",
|
||||||
|
'0' => "Nein"
|
||||||
|
), $news['Treffen']) . "</td></tr>\n";
|
||||||
|
$html .= "</table>";
|
||||||
|
|
||||||
|
$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
|
||||||
|
$html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n";
|
||||||
|
$html .= "</form>";
|
||||||
|
|
||||||
|
$html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n";
|
||||||
|
$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
|
||||||
|
$html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
|
||||||
|
$html .= "</form>";
|
||||||
|
} else
|
||||||
|
return error("No News found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'save' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing News ID.");
|
||||||
|
|
||||||
|
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($news) > 0) {
|
||||||
|
list ($news) = $news;
|
||||||
|
|
||||||
|
sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
|
||||||
|
"', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("news"));
|
||||||
|
} else
|
||||||
|
return error("No News found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing News ID.");
|
||||||
|
|
||||||
|
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($news) > 0) {
|
||||||
|
list ($news) = $news;
|
||||||
|
|
||||||
|
sql_query("DELETE FROM `news` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("news"));
|
||||||
|
} else
|
||||||
|
return error("No News found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,85 @@
|
|||||||
|
<?php
|
||||||
|
function admin_new_questions() {
|
||||||
|
global $user, $privileges;
|
||||||
|
|
||||||
|
if (in_array("admin_questions", $privileges)) {
|
||||||
|
$new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID`=0");
|
||||||
|
|
||||||
|
if ($new_messages > 0)
|
||||||
|
return '<p class="notice"><a href="' . page_link_to("admin_questions") . '">There are unanswered questions!</a></p><hr />';
|
||||||
|
}
|
||||||
|
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
function admin_questions() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$open_questions = "";
|
||||||
|
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0");
|
||||||
|
foreach ($questions as $question)
|
||||||
|
$open_questions .= template_render(
|
||||||
|
'../templates/admin_question_unanswered.html', array (
|
||||||
|
'question_nick' => UID2Nick($question['UID']),
|
||||||
|
'question_id' => $question['QID'],
|
||||||
|
'link' => page_link_to("admin_questions"),
|
||||||
|
'question' => str_replace("\n", '<br />', $question['Question'])
|
||||||
|
));
|
||||||
|
|
||||||
|
$answered_questions = "";
|
||||||
|
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0");
|
||||||
|
|
||||||
|
foreach ($questions as $question)
|
||||||
|
$answered_questions .= template_render(
|
||||||
|
'../templates/admin_question_answered.html', array (
|
||||||
|
'question_id' => $question['QID'],
|
||||||
|
'question_nick' => UID2Nick($question['UID']),
|
||||||
|
'question' => str_replace("\n", "<br />", $question['Question']),
|
||||||
|
'answer_nick' => UID2Nick($question['AID']),
|
||||||
|
'answer' => str_replace("\n", "<br />", $question['Answer']),
|
||||||
|
'link' => page_link_to("admin_questions"),
|
||||||
|
));
|
||||||
|
|
||||||
|
return template_render('../templates/admin_questions.html', array (
|
||||||
|
'link' => page_link_to("admin_questions"),
|
||||||
|
'open_questions' => $open_questions,
|
||||||
|
'answered_questions' => $answered_questions
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case 'answer' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Question ID.");
|
||||||
|
|
||||||
|
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($question) > 0 && $question[0]['AID'] == "0") {
|
||||||
|
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
|
||||||
|
|
||||||
|
if ($answer != "") {
|
||||||
|
sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("admin_questions"));
|
||||||
|
} else
|
||||||
|
return error("Please enter an answer!");
|
||||||
|
} else
|
||||||
|
return error("No question found.");
|
||||||
|
break;
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Question ID.");
|
||||||
|
|
||||||
|
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($question) > 0) {
|
||||||
|
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("admin_questions"));
|
||||||
|
} else
|
||||||
|
return error("No question found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,143 @@
|
|||||||
|
<?php
|
||||||
|
function admin_rooms() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Number`, `Name`");
|
||||||
|
if (!isset ($_REQUEST["action"])) {
|
||||||
|
$html .= "Hallo " . $user['Nick'] .
|
||||||
|
",<br />\nhier hast du die Möglichkeit, neue Räume für die Schichtpläne einzutragen " .
|
||||||
|
"oder vorhandene abzuändern:<br /><br />\n";
|
||||||
|
|
||||||
|
// Räume auflisten
|
||||||
|
if (count($rooms) > 0) {
|
||||||
|
$html .= '<table><thead><tr>';
|
||||||
|
|
||||||
|
$html .= "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||||
|
$html .= "<tr class=\"contenttopic\">\n";
|
||||||
|
|
||||||
|
// Tabellenüberschriften generieren
|
||||||
|
foreach ($rooms[0] as $attr => $tmp)
|
||||||
|
if ($attr != 'RID')
|
||||||
|
$html .= '<th>' . $attr . '</th>';
|
||||||
|
$html .= '<th> </th>';
|
||||||
|
$html .= '</tr></thead><tbody>';
|
||||||
|
|
||||||
|
foreach ($rooms as $i => $room) {
|
||||||
|
$html .= '<tr>';
|
||||||
|
foreach ($room as $attr => $value)
|
||||||
|
if ($attr != 'RID')
|
||||||
|
$html .= '<td>' . $value . '</td>';
|
||||||
|
$html .= '<td><a href="' . page_link_to("admin_rooms") . '&action=change&RID=' . $room['RID'] . '">Edit</a></td>';
|
||||||
|
$html .= '</tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= '</tbody></table>';
|
||||||
|
}
|
||||||
|
$html .= "<hr /><a href=\"" . page_link_to("admin_rooms") . "&action=new\">Neuen Raum/Ort eintragen</a><br />\n";
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST["action"]) {
|
||||||
|
|
||||||
|
case 'new' :
|
||||||
|
$html .= template_render('../templates/admin_rooms_new_form.html', array (
|
||||||
|
'link' => page_link_to("admin_rooms")
|
||||||
|
));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'newsave' :
|
||||||
|
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
|
||||||
|
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
|
||||||
|
$from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf']));
|
||||||
|
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
|
||||||
|
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
|
||||||
|
sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "'");
|
||||||
|
header("Location: " . page_link_to("admin_rooms"));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'change' :
|
||||||
|
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||||
|
$rid = $_REQUEST['RID'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Room ID.");
|
||||||
|
|
||||||
|
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||||
|
if (count($room) > 0) {
|
||||||
|
list ($room) = $room;
|
||||||
|
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
|
||||||
|
|
||||||
|
$angel_types = "";
|
||||||
|
foreach ($room_angel_types as $room_angel_type) {
|
||||||
|
if ($room_angel_type['count'] == "")
|
||||||
|
$room_angel_type['count'] = "0";
|
||||||
|
$angel_types .= '<tr><td>' . $room_angel_type['Name'] . '</td><td><input type="text" name="angel_type_' . $room_angel_type['TID'] . '" value="' . $room_angel_type['count'] . '" /></td></tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= template_render('../templates/admin_rooms_edit_form.html', array (
|
||||||
|
'link' => page_link_to("admin_rooms"),
|
||||||
|
'room_id' => $rid,
|
||||||
|
'name' => $room['Name'],
|
||||||
|
'man' => $room['Man'],
|
||||||
|
'number' => $room['Number'],
|
||||||
|
'from_pentabarf_options' => html_options('FromPentabarf', array (
|
||||||
|
'Y' => 'Yes',
|
||||||
|
'N' => 'No'
|
||||||
|
), $room['FromPentabarf']),
|
||||||
|
'show_options' => html_options('Show', array (
|
||||||
|
'Y' => 'Yes',
|
||||||
|
'N' => 'No'
|
||||||
|
), $room['show']),
|
||||||
|
'angel_types' => $angel_types
|
||||||
|
));
|
||||||
|
} else
|
||||||
|
return error("No Room found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'changesave' :
|
||||||
|
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||||
|
$rid = $_REQUEST['RID'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Room ID.");
|
||||||
|
|
||||||
|
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||||
|
if (count($room) > 0) {
|
||||||
|
list ($room) = $room;
|
||||||
|
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
|
||||||
|
|
||||||
|
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
|
||||||
|
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
|
||||||
|
$from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf']));
|
||||||
|
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
|
||||||
|
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
|
||||||
|
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||||
|
sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid));
|
||||||
|
foreach ($room_angel_types as $room_angel_type) {
|
||||||
|
if (isset ($_REQUEST['angel_type_' . $room_angel_type['TID']]) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['TID']]))
|
||||||
|
$count = $_REQUEST['angel_type_' . $room_angel_type['TID']];
|
||||||
|
else
|
||||||
|
$count = "0";
|
||||||
|
sql_query("INSERT INTO `RoomAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count));
|
||||||
|
}
|
||||||
|
header("Location: " . page_link_to("admin_rooms"));
|
||||||
|
} else
|
||||||
|
return error("No Room found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||||
|
$rid = $_REQUEST['RID'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Room ID.");
|
||||||
|
|
||||||
|
if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) {
|
||||||
|
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||||
|
sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("admin_rooms"));
|
||||||
|
} else
|
||||||
|
return error("No Room found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,324 @@
|
|||||||
|
<?php
|
||||||
|
function admin_user() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
include ("includes/funktion_db_list.php");
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$html .= "Hallo,<br />" .
|
||||||
|
"hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " .
|
||||||
|
"wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " .
|
||||||
|
"dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " .
|
||||||
|
"Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " .
|
||||||
|
"bereits sein T-Shirt erhalten hat.<br /><br />\n";
|
||||||
|
|
||||||
|
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
|
||||||
|
$html .= "<table border=\"0\">\n";
|
||||||
|
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
|
||||||
|
|
||||||
|
$SQL = "SELECT * FROM `User` WHERE `UID`='" . $id . "'";
|
||||||
|
$Erg = sql_query($SQL);
|
||||||
|
|
||||||
|
$html .= "<tr><td>\n";
|
||||||
|
$html .= "<table>\n";
|
||||||
|
$html .= " <tr><td>Nick</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Nick") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>lastLogIn</td><td>" .
|
||||||
|
date("Y-m-d H:i", mysql_result($Erg, 0, "lastLogIn")) . "</td></tr>\n";
|
||||||
|
$html .= " <tr><td>Name</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eName\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Name") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Vorname</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Vorname") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Alter</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Alter") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Telefon</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Telefon") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Handy</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Handy") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>DECT</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "DECT") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>email</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "email") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>ICQ</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "ICQ") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>jabber</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "jabber") . "\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Size</td><td>" .
|
||||||
|
html_select_key('size', array (
|
||||||
|
'S' => "S",
|
||||||
|
'M' => "M",
|
||||||
|
'L' => "L",
|
||||||
|
'XL' => "XL",
|
||||||
|
'2XL' => "2XL",
|
||||||
|
'3XL' => "3XL",
|
||||||
|
'4XL' => "4XL",
|
||||||
|
'5XL' => "5XL",
|
||||||
|
'S-G' => "S Girl",
|
||||||
|
'M-G' => "M Girl",
|
||||||
|
'L-G' => "L Girl",
|
||||||
|
'XL-G' => "XL Girl"
|
||||||
|
), mysql_result($Erg, 0, "Size")) . "</td></tr>\n";
|
||||||
|
|
||||||
|
$options = array (
|
||||||
|
'1' => "Yes",
|
||||||
|
'0' => "No"
|
||||||
|
);
|
||||||
|
|
||||||
|
// Gekommen?
|
||||||
|
$html .= " <tr><td>Gekommen</td><td>\n";
|
||||||
|
$html .= html_options('eGekommen', $options, mysql_result($Erg, 0, "Gekommen")) . "</td></tr>\n";
|
||||||
|
|
||||||
|
// Aktiv?
|
||||||
|
$html .= " <tr><td>Aktiv</td><td>\n";
|
||||||
|
$html .= html_options('eAktiv', $options, mysql_result($Erg, 0, "Aktiv")) . "</td></tr>\n";
|
||||||
|
|
||||||
|
// T-Shirt bekommen?
|
||||||
|
$html .= " <tr><td>T-Shirt</td><td>\n";
|
||||||
|
$html .= html_options('eTshirt', $options, mysql_result($Erg, 0, "Tshirt")) . "</td></tr>\n";
|
||||||
|
|
||||||
|
$html .= " <tr><td>Hometown</td><td>" .
|
||||||
|
"<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" .
|
||||||
|
mysql_result($Erg, 0, "Hometown") . "\"></td></tr>\n";
|
||||||
|
|
||||||
|
$html .= "</table>\n</td><td valign=\"top\">" . displayavatar($id, false) . "</td></tr>";
|
||||||
|
|
||||||
|
$html .= "</td></tr>\n";
|
||||||
|
$html .= "</table>\n<br />\n";
|
||||||
|
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
|
||||||
|
$html .= "</form>";
|
||||||
|
|
||||||
|
$html .= "<hr />";
|
||||||
|
|
||||||
|
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
|
||||||
|
$html .= "<table>\n";
|
||||||
|
$html .= " <tr><td>Passwort</td><td>" .
|
||||||
|
"<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
|
||||||
|
$html .= " <tr><td>Wiederholung</td><td>" .
|
||||||
|
"<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
|
||||||
|
|
||||||
|
$html .= "</table>";
|
||||||
|
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
|
||||||
|
$html .= "</form>";
|
||||||
|
|
||||||
|
$html .= "<hr />";
|
||||||
|
|
||||||
|
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
|
||||||
|
$html .= '<table>';
|
||||||
|
|
||||||
|
list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`");
|
||||||
|
list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`");
|
||||||
|
|
||||||
|
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
|
||||||
|
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`");
|
||||||
|
foreach ($groups as $group)
|
||||||
|
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
|
||||||
|
|
||||||
|
$html .= '</table>';
|
||||||
|
|
||||||
|
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
|
||||||
|
$html .= "</form>";
|
||||||
|
|
||||||
|
$html .= "<hr />";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=delete&id=" . $id . "\" method=\"post\">\n";
|
||||||
|
$html .= "<input type=\"submit\" value=\"Löschen\">\n";
|
||||||
|
$html .= "</form>";
|
||||||
|
|
||||||
|
$html .= "<hr />";
|
||||||
|
$html .= funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_REQUEST['id']);
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case 'save_groups' :
|
||||||
|
if ($id != $user['UID']) {
|
||||||
|
list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`");
|
||||||
|
list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`");
|
||||||
|
|
||||||
|
if ($my_highest_group <= $his_highest_group) {
|
||||||
|
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`");
|
||||||
|
$grouplist = array ();
|
||||||
|
foreach ($groups as $group)
|
||||||
|
$grouplist[] = $group['UID'];
|
||||||
|
|
||||||
|
if (!is_array($_REQUEST['groups']))
|
||||||
|
$_REQUEST['groups'] = array ();
|
||||||
|
|
||||||
|
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
|
||||||
|
foreach ($_REQUEST['groups'] as $group)
|
||||||
|
if (in_array($group, $grouplist))
|
||||||
|
sql_query("INSERT INTO `UserGroups` SET `uid`=" .
|
||||||
|
sql_escape($id) . ", `group_id`=" . sql_escape($group));
|
||||||
|
$html .= success("Benutzergruppen gespeichert.");
|
||||||
|
} else {
|
||||||
|
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.");
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delete' :
|
||||||
|
if ($user['UID'] != $id) {
|
||||||
|
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
|
||||||
|
sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
|
||||||
|
$html .= success("Benutzer gelöscht!");
|
||||||
|
} else {
|
||||||
|
$html .= error("Du kannst Dich nicht selber löschen!");
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'save' :
|
||||||
|
$SQL = "UPDATE `User` SET ";
|
||||||
|
$SQL .= " `Nick` = '" . $_POST["eNick"] . "', `Name` = '" . $_POST["eName"] . "', " .
|
||||||
|
"`Vorname` = '" . $_POST["eVorname"] . "', " .
|
||||||
|
"`Telefon` = '" . $_POST["eTelefon"] . "', " .
|
||||||
|
"`Handy` = '" . $_POST["eHandy"] . "', " .
|
||||||
|
"`Alter` = '" . $_POST["eAlter"] . "', " .
|
||||||
|
"`DECT` = '" . $_POST["eDECT"] . "', " .
|
||||||
|
"`email` = '" . $_POST["eemail"] . "', " .
|
||||||
|
"`ICQ` = '" . $_POST["eICQ"] . "', " .
|
||||||
|
"`jabber` = '" . $_POST["ejabber"] . "', " .
|
||||||
|
"`Size` = '" . $_POST["eSize"] . "', " .
|
||||||
|
"`Gekommen`= '" . $_POST["eGekommen"] . "', " .
|
||||||
|
"`Aktiv`= '" . $_POST["eAktiv"] . "', " .
|
||||||
|
"`Tshirt` = '" . $_POST["eTshirt"] . "', " .
|
||||||
|
"`Hometown` = '" . $_POST["Hometown"] . "' " .
|
||||||
|
"WHERE `UID` = '" . $id .
|
||||||
|
"' LIMIT 1;";
|
||||||
|
sql_query($SQL);
|
||||||
|
$html .= success("Änderung wurde gespeichert...\n");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'change_pw' :
|
||||||
|
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
|
||||||
|
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
$html .= success("Passwort neu gesetzt.");
|
||||||
|
} else {
|
||||||
|
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!");
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// Userliste, keine UID uebergeben...
|
||||||
|
|
||||||
|
$html .= "<a href=\"" . page_link_to("register") . "\">Neuen Engel eintragen »</a><br /><br />\n";
|
||||||
|
|
||||||
|
if (!isset ($_GET["OrderBy"]))
|
||||||
|
$_GET["OrderBy"] = "Nick";
|
||||||
|
$SQL = "SELECT * FROM `User` ORDER BY `" . sql_escape($_GET["OrderBy"]) . "` ASC";
|
||||||
|
$Erg = sql_query($SQL);
|
||||||
|
|
||||||
|
// anzahl zeilen
|
||||||
|
$Zeilen = mysql_num_rows($Erg);
|
||||||
|
|
||||||
|
$html .= "Anzahl Engel: $Zeilen<br /><br />\n";
|
||||||
|
$html .= '
|
||||||
|
<table width="100%" class="border" cellpadding="2" cellspacing="1"> <thead>
|
||||||
|
<tr class="contenttopic">
|
||||||
|
<th>
|
||||||
|
<a href="' . page_link_to("admin_user") . '&OrderBy=Nick">Nick</a>
|
||||||
|
</th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Vorname">Vorname</a> <a href="' . page_link_to("admin_user") . '&OrderBy=Name">Name</a></th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Alter">Alter</a></th>
|
||||||
|
<th>
|
||||||
|
<a href="' . page_link_to("admin_user") . '&OrderBy=email">E-Mail</a>
|
||||||
|
</th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Size">Größe</a></th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Gekommen">Gekommen</a></th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Aktiv">Aktiv</a></th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=Tshirt">T-Shirt</a></th>
|
||||||
|
<th><a href="' . page_link_to("admin_user") . '&OrderBy=CreateDate">Registriert</a></th>
|
||||||
|
<th>Änd.</th>
|
||||||
|
</tr></thead>';
|
||||||
|
$Gekommen = 0;
|
||||||
|
$Active = 0;
|
||||||
|
$Tshirt = 0;
|
||||||
|
|
||||||
|
for ($n = 0; $n < $Zeilen; $n++) {
|
||||||
|
$title = "";
|
||||||
|
$user_groups = sql_select("SELECT * FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape(mysql_result($Erg, $n, "UID")) . " ORDER BY `Groups`.`Name`");
|
||||||
|
$groups = array ();
|
||||||
|
foreach ($user_groups as $user_group) {
|
||||||
|
$groups[] = $user_group['Name'];
|
||||||
|
}
|
||||||
|
$title .= 'Groups: ' . join(", ", $groups) . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "Telefon")) > 0)
|
||||||
|
$title .= "Tel: " . mysql_result($Erg, $n, "Telefon") . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "Handy")) > 0)
|
||||||
|
$title .= "Handy: " . mysql_result($Erg, $n, "Handy") . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "DECT")) > 0)
|
||||||
|
$title .= "DECT: <a href=\"./dect.php?custum=" . mysql_result($Erg, $n, "DECT") . "\">" .
|
||||||
|
mysql_result($Erg, $n, "DECT") . "</a><br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "Hometown")) > 0)
|
||||||
|
$title .= "Hometown: " . mysql_result($Erg, $n, "Hometown") . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "lastLogIn")) > 0)
|
||||||
|
$title .= "Last login: " . date("Y-m-d H:i", mysql_result($Erg, $n, "lastLogIn")) . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "Art")) > 0)
|
||||||
|
$title .= "Type: " . mysql_result($Erg, $n, "Art") . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "ICQ")) > 0)
|
||||||
|
$title .= "ICQ: " . mysql_result($Erg, $n, "ICQ") . "<br />";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "jabber")) > 0)
|
||||||
|
$title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "<br />";
|
||||||
|
|
||||||
|
$html .= "<tr class=\"content\">\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Nick") . "</td>\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "</td>\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Alter") . "</td>\n";
|
||||||
|
$html .= "\t<td>";
|
||||||
|
if (strlen(mysql_result($Erg, $n, "email")) > 0)
|
||||||
|
$html .= "<a href=\"mailto:" . mysql_result($Erg, $n, "email") . "\">" .
|
||||||
|
mysql_result($Erg, $n, "email") . "</a>";
|
||||||
|
$html .= '<div class="hidden">' . $title . '</div>';
|
||||||
|
$html .= "</td>\n";
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Size") . "</td>\n";
|
||||||
|
$Gekommen += mysql_result($Erg, $n, "Gekommen");
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Gekommen") . "</td>\n";
|
||||||
|
$Active += mysql_result($Erg, $n, "Aktiv");
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Aktiv") . "</td>\n";
|
||||||
|
$Tshirt += mysql_result($Erg, $n, "Tshirt");
|
||||||
|
$html .= "\t<td>" . mysql_result($Erg, $n, "Tshirt") . "</td>\n";
|
||||||
|
$html .= "<td>" . mysql_result($Erg, $n, "CreateDate") . "</td>";
|
||||||
|
$html .= "\t<td>" . '<a href="' . page_link_to("admin_user") . '&id=' . mysql_result($Erg, $n, "UID") . '">Edit</a>' .
|
||||||
|
"</td>\n";
|
||||||
|
$html .= "</tr>\n";
|
||||||
|
}
|
||||||
|
$html .= "<tr>" .
|
||||||
|
"<td></td><td></td><td></td><td></td><td></td>" .
|
||||||
|
"<td>$Gekommen</td><td>$Active</td><td>$Tshirt</td><td></td><td></td></tr>\n";
|
||||||
|
$html .= "\t</table>\n";
|
||||||
|
// Ende Userliste
|
||||||
|
|
||||||
|
$html .= "<hr /><h2>Statistics</h2>";
|
||||||
|
$html .= funktion_db_element_list_2row("Hometown", "SELECT COUNT(`Hometown`), `Hometown` FROM `User` GROUP BY `Hometown`");
|
||||||
|
|
||||||
|
$html .= "<br />\n";
|
||||||
|
|
||||||
|
$html .= funktion_db_element_list_2row("Engeltypen", "SELECT COUNT(`Art`), `Art` FROM `User` GROUP BY `Art`");
|
||||||
|
|
||||||
|
$html .= "<br />\n";
|
||||||
|
|
||||||
|
$html .= funktion_db_element_list_2row("Used Groups", "SELECT Groups.Name AS 'GroupName', COUNT(Groups.Name) AS Count FROM `UserGroups` " .
|
||||||
|
"LEFT JOIN `Groups` ON Groups.UID = UserGroups.group_id " .
|
||||||
|
"WHERE (UserGroups.group_id!='NULL') " .
|
||||||
|
"GROUP BY `GroupName` " .
|
||||||
|
"");
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
function guest_credits() {
|
||||||
|
return template_render('../templates/guest_credits.html', array ());
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,24 @@
|
|||||||
|
<?php
|
||||||
|
function guest_faq() {
|
||||||
|
$html = "";
|
||||||
|
$faqs = sql_select("SELECT * FROM `FAQ`");
|
||||||
|
foreach ($faqs as $faq) {
|
||||||
|
$html .= "<dl>";
|
||||||
|
if ($_SESSION['Sprache'] == "DE") {
|
||||||
|
$html .= sprintf(
|
||||||
|
'<dt>%s</dt> <dd>%s</dd>',
|
||||||
|
$faq['Frage_de'],
|
||||||
|
$faq['Antwort_de']
|
||||||
|
);
|
||||||
|
} else {
|
||||||
|
$html .= sprintf(
|
||||||
|
'<dt>%s</dt> <dd>%s</dd>',
|
||||||
|
$faq['Frage_en'],
|
||||||
|
$faq['Antwort_en']
|
||||||
|
);
|
||||||
|
}
|
||||||
|
$html .= "</dl>";
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,269 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
|
||||||
|
// Engel registrieren
|
||||||
|
function guest_register() {
|
||||||
|
$html = "";
|
||||||
|
$success = "none";
|
||||||
|
|
||||||
|
if (isset ($_POST["send"])) {
|
||||||
|
$eNick = trim($_POST["Nick"]);
|
||||||
|
|
||||||
|
if ($_POST["Alter"] == "")
|
||||||
|
$_POST["Alter"] = 23;
|
||||||
|
|
||||||
|
// user vorhanden?
|
||||||
|
$Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'");
|
||||||
|
|
||||||
|
if (strlen($_POST["Nick"]) < 2)
|
||||||
|
$error = Get_Text("makeuser_error_nick1")
|
||||||
|
. $_POST["Nick"] . Get_Text("makeuser_error_nick2");
|
||||||
|
|
||||||
|
elseif (count($Ergans) > 0)
|
||||||
|
$error = Get_Text("makeuser_error_nick1")
|
||||||
|
. $_POST["Nick"] . Get_Text("makeuser_error_nick3");
|
||||||
|
|
||||||
|
elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false)
|
||||||
|
$error = Get_Text("makeuser_error_mail");
|
||||||
|
|
||||||
|
elseif (!is_numeric($_POST["Alter"]))
|
||||||
|
$error = Get_Text("makeuser_error_Alter");
|
||||||
|
|
||||||
|
elseif ($_POST["Passwort"] != $_POST["Passwort2"])
|
||||||
|
$error = Get_Text("makeuser_error_password1");
|
||||||
|
|
||||||
|
elseif (strlen($_POST["Passwort"]) < 6)
|
||||||
|
$error = Get_Text("makeuser_error_password2");
|
||||||
|
|
||||||
|
else {
|
||||||
|
$_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
|
||||||
|
unset ($_POST["Passwort2"]);
|
||||||
|
|
||||||
|
$Erg = sql_query("INSERT INTO `User` (" .
|
||||||
|
"`Nick` , " . "`Name` , " .
|
||||||
|
"`Vorname`, " . "`Alter` , " .
|
||||||
|
"`Telefon`, " . "`DECT`, " .
|
||||||
|
"`Handy`, " . "`email`, " .
|
||||||
|
"`ICQ`, " . "`jabber`, " .
|
||||||
|
"`Size`, " . "`Passwort`, " .
|
||||||
|
"`Art` , " . "`kommentar`, " .
|
||||||
|
"`Hometown`," . "`CreateDate`, `Sprache` ) " .
|
||||||
|
"VALUES ( '"
|
||||||
|
. sql_escape($_POST["Nick"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Name"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Vorname"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Alter"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Telefon"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["DECT"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Handy"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["email"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["ICQ"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["jabber"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Size"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Passwort"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Art"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["kommentar"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Hometown"]) . "',"
|
||||||
|
. "NOW(), '"
|
||||||
|
. sql_escape($_SESSION["Sprache"])
|
||||||
|
. "')"
|
||||||
|
);
|
||||||
|
|
||||||
|
if ($Erg != 1) {
|
||||||
|
$html .= Get_Text("makeuser_error_write1") . "<br />\n";
|
||||||
|
$error = sql_error();
|
||||||
|
} else {
|
||||||
|
$html .= "<p class=\"success\">" . Get_Text("makeuser_writeOK") . "\n";
|
||||||
|
|
||||||
|
$Erg3 = mysql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape(sql_id()) . ", `group_id`=-2");
|
||||||
|
|
||||||
|
if ($Erg3 != 1) {
|
||||||
|
$html .= "<h1>" . Get_Text("makeuser_error_write2") . "<br />\n";
|
||||||
|
$error = sql_error();
|
||||||
|
} else {
|
||||||
|
$html .= Get_Text("makeuser_writeOK2") . "<br />\n";
|
||||||
|
$html .= "<h1>" . Get_Text("makeuser_writeOK3") . "</h1>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= Get_Text("makeuser_writeOK4") . "</p><p></p>\n<br /><br />\n";
|
||||||
|
$success = "any";
|
||||||
|
|
||||||
|
if (isset ($SubscribeMailinglist)) {
|
||||||
|
if ($_POST["subscribe-mailinglist"] == "") {
|
||||||
|
$headers = "From: " . $_POST["email"] . "\r\n" .
|
||||||
|
"X-Mailer: PHP/" . phpversion();
|
||||||
|
mail($SubscribeMailinglist, "subject", "message", $headers);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset ($error))
|
||||||
|
$html .= error($error);
|
||||||
|
} else {
|
||||||
|
// init vars
|
||||||
|
$_POST["Nick"] = "";
|
||||||
|
$_POST["Name"] = "";
|
||||||
|
$_POST["Vorname"] = "";
|
||||||
|
$_POST["Alter"] = "";
|
||||||
|
$_POST["Telefon"] = "";
|
||||||
|
$_POST["DECT"] = "";
|
||||||
|
$_POST["Handy"] = "";
|
||||||
|
$_POST["email"] = "";
|
||||||
|
$_POST["subscribe-mailinglist"] = "";
|
||||||
|
$_POST["ICQ"] = "";
|
||||||
|
$_POST["jabber"] = "";
|
||||||
|
$_POST["Size"] = "L";
|
||||||
|
$_POST["Art"] = "";
|
||||||
|
$_POST["kommentar"] = "";
|
||||||
|
$_POST["Hometown"] = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($success == "none") {
|
||||||
|
$html .= "<h1>" . Get_Text("makeuser_text0") . "</h1>\n";
|
||||||
|
$html .= "<h2>" . Get_Text("makeuser_text1") . "</h2>\n";
|
||||||
|
$html .= "<form action=\"\" method=\"post\">\n";
|
||||||
|
$html .= "<table>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Nickname") . "*</td><td><input type=\"text\" size=\"40\" name=\"Nick\" value=\"" . $_POST["Nick"] . "\" /></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Nachname") . "</td><td><input type=\"text\" size=\"40\" name=\"Name\" value=\"" . $_POST["Name"] . "\" /></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Vorname") . "</td><td><input type=\"text\" size=\"40\" name=\"Vorname\" value=\"" . $_POST["Vorname"] . "\" /></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Alter") . "</td><td><input type=\"text\" size=\"40\" name=\"Alter\" value=\"" . $_POST["Alter"] . "\"></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Telefon") . "</td><td><input type=\"text\" size=\"40\" name=\"Telefon\" value=\"" . $_POST["Telefon"] . "\"></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_DECT") . "</td><td><input type=\"text\" size=\"40\" name=\"DECT\" value=\"" . $_POST["DECT"] . "\"></td><td>\n";
|
||||||
|
$html .= "<!--a href=\"https://21c3.ccc.de/wiki/index.php/POC\"><img src=\"./pic/external.png\" alt=\"external: \">DECT</a--></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Handy") . "</td><td><input type=\"text\" size=\"40\" name=\"Handy\" value=\"" . $_POST["Handy"] . "\"></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_E-Mail") . "*</td><td><input type=\"text\" size=\"40\" name=\"email\" value=\"" . $_POST["email"] . "\"></td></tr>\n";
|
||||||
|
|
||||||
|
if (isset ($SubscribeMailinglist))
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_subscribe-mailinglist") . "</td><td><input type=\"checkbox\" name=\"subscribe-mailinglist\" value=\"" . $_POST["subscribe-mailinglist"] . "\">($SubscribeMailinglist)</td></tr>\n";
|
||||||
|
|
||||||
|
$html .= "<tr><td>ICQ</td><td><input type=\"text\" size=\"40\" name=\"ICQ\" value=\"" . $_POST["ICQ"] . "\"></td></tr>\n";
|
||||||
|
$html .= "<tr><td>jabber</td><td><input type=\"text\" size=\"40\" name=\"jabber\" value=\"" . $_POST["jabber"] . "\"></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_T-Shirt") . " Grösse*</td><td align=\"left\">\n";
|
||||||
|
$html .= "<select name=\"Size\">\n";
|
||||||
|
$html .= "<option value=\"S\"";
|
||||||
|
if ($_POST["Size"] == "S")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">S</option>\n";
|
||||||
|
$html .= "<option value=\"M\"";
|
||||||
|
if ($_POST["Size"] == "M")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">M</option>\n";
|
||||||
|
$html .= "<option value=\"L\"";
|
||||||
|
if ($_POST["Size"] == "L")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">L</option>\n";
|
||||||
|
$html .= "<option value=\"XL\"";
|
||||||
|
if ($_POST["Size"] == "XL")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">XL</option>\n";
|
||||||
|
$html .= "<option value=\"2XL\"";
|
||||||
|
if ($_POST["Size"] == "2XL")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">2XL</option>\n";
|
||||||
|
$html .= "<option value=\"3XL\"";
|
||||||
|
if ($_POST["Size"] == "3XL")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">3XL</option>\n";
|
||||||
|
$html .= "<option value=\"4XL\"";
|
||||||
|
if ($_POST["Size"] == "4XL")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">4XL</option>\n";
|
||||||
|
$html .= "<option value=\"5XL\"";
|
||||||
|
if ($_POST["Size"] == "5XL")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">5XL</option>\n";
|
||||||
|
$html .= "<option value=\"S-G\"";
|
||||||
|
if ($_POST["Size"] == "S-G")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">S Girl</option>\n";
|
||||||
|
$html .= "<option value=\"M-G\"";
|
||||||
|
if ($_POST["Size"] == "M-G")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">M Girl</option>\n";
|
||||||
|
$html .= "<option value=\"L-G\"";
|
||||||
|
if ($_POST["Size"] == "L-G")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">L Girl</option>\n";
|
||||||
|
$html .= "<option value=\"XL-G\"";
|
||||||
|
if ($_POST["Size"] == "XL-G")
|
||||||
|
$html .= " selected";
|
||||||
|
$html .= ">XL Girl</option>\n";
|
||||||
|
$html .= "</select>\n";
|
||||||
|
$html .= "</td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Engelart") . "</td><td align=\"left\">\n";
|
||||||
|
$html .= "<select name=\"Art\">\n";
|
||||||
|
|
||||||
|
$engel_types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `NAME`");
|
||||||
|
foreach ($engel_types as $engel_type) {
|
||||||
|
$Name = $engel_type['Name'] . Get_Text("inc_schicht_engel");
|
||||||
|
$html .= "<option value=\"" . $Name . "\"";
|
||||||
|
|
||||||
|
if ($_POST["Art"] == $Name)
|
||||||
|
$html .= " selected";
|
||||||
|
|
||||||
|
$html .= ">$Name</option>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "</select>\n";
|
||||||
|
$html .= "</td>\n";
|
||||||
|
$html .= "</tr>\n";
|
||||||
|
$html .= "<tr>\n";
|
||||||
|
$html .= "<td>" . Get_Text("makeuser_text2") . "</td>\n";
|
||||||
|
$html .= "<td><textarea rows=\"5\" cols=\"40\" name=\"kommentar\">" . $_POST["kommentar"] . "</textarea></td>\n";
|
||||||
|
$html .= "</tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Hometown") . "</td><td><input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $_POST["Hometown"] . "\"></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Passwort") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort\"/></td></tr>\n";
|
||||||
|
$html .= "<tr><td>" . Get_Text("makeuser_Passwort2") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort2\"/></td></tr>\n";
|
||||||
|
$html .= "<tr><td> </td><td><input type=\"submit\" name=\"send\" value=\"" . Get_Text("makeuser_Anmelden") . "\"/></td></tr>\n";
|
||||||
|
$html .= "</table>\n";
|
||||||
|
$html .= "</form>\n";
|
||||||
|
$html .= Get_Text("makeuser_text3");
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function guest_logout() {
|
||||||
|
unset ($_SESSION['uid']);
|
||||||
|
header("Location: " . page_link_to("start"));
|
||||||
|
}
|
||||||
|
|
||||||
|
function guest_login() {
|
||||||
|
global $user;
|
||||||
|
unset ($_SESSION['uid']);
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
if (isset ($_REQUEST['login_submit'])) {
|
||||||
|
$login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST["user"]) . "'");
|
||||||
|
|
||||||
|
if (count($login_user) == 1) { // Check, ob User angemeldet wird...
|
||||||
|
$login_user = $login_user[0];
|
||||||
|
if ($login_user["Passwort"] == PassCrypt($_REQUEST["password"])) { // Passwort ok...
|
||||||
|
$_SESSION['uid'] = $login_user['UID'];
|
||||||
|
$_SESSION['Sprache'] = $login_user['Sprache'];
|
||||||
|
header("Location: " . page_link_to("news"));
|
||||||
|
} else { // Passwort nicht ok...
|
||||||
|
$ErrorText = "pub_index_pass_no_ok";
|
||||||
|
} // Ende Passwort-Check
|
||||||
|
} else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
|
||||||
|
if ($user_anz == 0)
|
||||||
|
$ErrorText = "pub_index_User_unset";
|
||||||
|
else
|
||||||
|
$ErrorText = "pub_index_User_more_as_one";
|
||||||
|
} // Ende Check, ob User angemeldet wurde}
|
||||||
|
}
|
||||||
|
if (isset ($ErrorText))
|
||||||
|
$html .= error(Get_Text($ErrorText));
|
||||||
|
$html .= guest_login_form();
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function guest_login_form() {
|
||||||
|
return template_render("../templates/guest_login_form.html", array (
|
||||||
|
'link' => page_link_to("login"),
|
||||||
|
'nick' => Get_Text("index_lang_nick"),
|
||||||
|
'pass' => Get_Text("index_lang_pass"),
|
||||||
|
'send' => Get_Text("index_lang_send")
|
||||||
|
));
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,13 @@
|
|||||||
|
<?php
|
||||||
|
function guest_start() {
|
||||||
|
require_once ('includes/pages/guest_login.php');
|
||||||
|
$html = "<p>" . Get_Text("index_text1") . "</p>\n";
|
||||||
|
$html .= "<p>" . Get_Text("index_text2") . "</p>\n";
|
||||||
|
$html .= "<p>" . Get_Text("index_text3") . "</p>\n";
|
||||||
|
|
||||||
|
$html .= guest_login_form();
|
||||||
|
|
||||||
|
$html .= "<h6>" . Get_Text("index_text4") . "</h6>";
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,239 @@
|
|||||||
|
<?php
|
||||||
|
function user_unread_messages() {
|
||||||
|
global $user, $privileges;
|
||||||
|
|
||||||
|
if (in_array("user_messages", $privileges)) {
|
||||||
|
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
|
||||||
|
|
||||||
|
if ($new_messages > 0)
|
||||||
|
return sprintf(
|
||||||
|
'<p class="notice"><a href="%s">%s %s %s</a></p><hr />',
|
||||||
|
page_link_to("user_messages"),
|
||||||
|
Get_Text("pub_messages_new1"),
|
||||||
|
$new_messages,
|
||||||
|
Get_Text("pub_messages_new2")
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
function user_messages() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`="
|
||||||
|
. sql_escape($user['UID']) . " ORDER BY `Nick`");
|
||||||
|
|
||||||
|
$to_select_data = array (
|
||||||
|
"" => "Select receiver..."
|
||||||
|
);
|
||||||
|
|
||||||
|
foreach ($users as $u)
|
||||||
|
$to_select_data[$u['UID']] = $u['Nick'];
|
||||||
|
|
||||||
|
$to_select = html_select_key('to', $to_select_data, '');
|
||||||
|
|
||||||
|
$messages_html = "";
|
||||||
|
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`="
|
||||||
|
. sql_escape($user['UID'])
|
||||||
|
. " OR `RUID`=" . sql_escape($user['UID'])
|
||||||
|
. " ORDER BY `isRead`,`Datum` DESC"
|
||||||
|
);
|
||||||
|
foreach ($messages as $message) {
|
||||||
|
|
||||||
|
$messages_html .= sprintf(
|
||||||
|
'<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td>'
|
||||||
|
.'<td>%s</td>',
|
||||||
|
($message['isRead'] == 'N' ? ' class="new_message"' : ''),
|
||||||
|
($message['isRead'] == 'N' ? '•' : ''),
|
||||||
|
date("Y-m-d H:i", $message['Datum']),
|
||||||
|
UID2Nick($message['SUID']),
|
||||||
|
UID2Nick($message['RUID']),
|
||||||
|
str_replace("\n", '<br />', $message['Text'])
|
||||||
|
);
|
||||||
|
|
||||||
|
$messages_html .= '<td>';
|
||||||
|
if ($message['RUID'] == $user['UID']) {
|
||||||
|
if ($message['isRead'] == 'N')
|
||||||
|
$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>';
|
||||||
|
} else {
|
||||||
|
$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>';
|
||||||
|
}
|
||||||
|
$messages_html .= '</td></tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
return template_render('../templates/user_messages.html', array (
|
||||||
|
'link' => page_link_to("user_messages"),
|
||||||
|
'greeting' => Get_Text("Hello") . $user['Nick'] . ", <br />\n"
|
||||||
|
. Get_Text("pub_messages_text1") . "<br /><br />\n",
|
||||||
|
'messages' => $messages_html,
|
||||||
|
'new_label' => Get_Text("pub_messages_Neu"),
|
||||||
|
'date_label' => Get_Text("pub_messages_Datum"),
|
||||||
|
'from_label' => Get_Text("pub_messages_Von"),
|
||||||
|
'to_label' => Get_Text("pub_messages_An"),
|
||||||
|
'text_label' => Get_Text("pub_messages_Text"),
|
||||||
|
'date' => date("Y-m-d H:i"),
|
||||||
|
'from' => $user['Nick'],
|
||||||
|
'to_select' => $to_select,
|
||||||
|
'submit_label' => Get_Text("save")
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case "read" :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Message ID.");
|
||||||
|
|
||||||
|
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
|
||||||
|
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_messages"));
|
||||||
|
} else
|
||||||
|
return error("No Message found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "delete" :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Message ID.");
|
||||||
|
|
||||||
|
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
|
||||||
|
sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_messages"));
|
||||||
|
} else
|
||||||
|
return error("No Message found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "send" :
|
||||||
|
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
||||||
|
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
|
||||||
|
if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
|
||||||
|
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
|
||||||
|
header("Location: " . page_link_to("user_messages"));
|
||||||
|
} else {
|
||||||
|
return error(Get_Text("pub_messages_Send_Error"));
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset ($_GET["action"]))
|
||||||
|
$_GET["action"] = "start";
|
||||||
|
|
||||||
|
switch ($_GET["action"]) {
|
||||||
|
case "start" :
|
||||||
|
echo Get_Text("Hello") . $_SESSION['Nick'] . ", <br />\n";
|
||||||
|
echo Get_Text("pub_messages_text1") . "<br /><br />\n";
|
||||||
|
|
||||||
|
//show exist Messages
|
||||||
|
$SQL = "SELECT * FROM `Messages` WHERE `SUID`='" . $_SESSION["UID"] . "' OR `RUID`='" . $_SESSION["UID"] . "'";
|
||||||
|
$erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
echo "<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Datum") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Von") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_An") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Text") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
|
||||||
|
for ($i = 0; $i < mysql_num_rows($erg); $i++) {
|
||||||
|
echo "<tr class=\"content\">\n";
|
||||||
|
echo "<td>" . mysql_result($erg, $i, "Datum") . "</td>\n";
|
||||||
|
echo "<td>" . UID2Nick(mysql_result($erg, $i, "SUID")) . "</td>\n";
|
||||||
|
echo "<td>" . UID2Nick(mysql_result($erg, $i, "RUID")) . "</td>\n";
|
||||||
|
echo "<td>" . mysql_result($erg, $i, "Text") . "</td>\n";
|
||||||
|
echo "<td>";
|
||||||
|
|
||||||
|
if (mysql_result($erg, $i, "RUID") == $_SESSION["UID"]) {
|
||||||
|
echo "<a href=\"?action=DelMsg&Datum=" . mysql_result($erg, $i, "Datum") . "\">" . Get_Text("pub_messages_DelMsg") . "</a>";
|
||||||
|
|
||||||
|
if (mysql_result($erg, $i, "isRead") == "N")
|
||||||
|
echo "<a href=\"?action=MarkRead&Datum=" . mysql_result($erg, $i, "Datum") . "\">" . Get_Text("pub_messages_MarkRead") . "</a>";
|
||||||
|
} else {
|
||||||
|
if (mysql_result($erg, $i, "isRead") == "N")
|
||||||
|
echo Get_Text("pub_messages_NotRead");
|
||||||
|
}
|
||||||
|
|
||||||
|
echo "</td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
// send Messeges
|
||||||
|
echo "<form action=\"" . $_SERVER['SCRIPT_NAME'] . "?action=SendMsg\" method=\"POST\">";
|
||||||
|
echo "<tr class=\"content\">\n";
|
||||||
|
echo "<td></td>\n";
|
||||||
|
echo "<td></td>\n";
|
||||||
|
|
||||||
|
// Listet alle Nicks auf
|
||||||
|
echo "<td><select name=\"RUID\">\n";
|
||||||
|
|
||||||
|
$usql = "SELECT * FROM `User` WHERE (`UID`!='" . $_SESSION["UID"] . "') ORDER BY `Nick`";
|
||||||
|
$uErg = mysql_query($usql, $con);
|
||||||
|
$urowcount = mysql_num_rows($uErg);
|
||||||
|
|
||||||
|
for ($k = 0; $k < $urowcount; $k++) {
|
||||||
|
echo "<option value=\"" . mysql_result($uErg, $k, "UID") . "\">" . mysql_result($uErg, $k, "Nick") . "</option>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
echo "</select></td>\n";
|
||||||
|
echo "<td><textarea name=\"Text\" cols=\"30\" rows=\"10\"></textarea></td>\n";
|
||||||
|
echo "<td><input type=\"submit\" value=\"" . Get_Text("save") . "\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "</form>";
|
||||||
|
|
||||||
|
echo "</table>\n";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "SendMsg" :
|
||||||
|
echo Get_Text("pub_messages_Send1") . "...<br />\n";
|
||||||
|
|
||||||
|
$SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (" .
|
||||||
|
"'" . gmdate("Y-m-j H:i:s", time()) . "', " .
|
||||||
|
"'" . $_SESSION["UID"] . "', " .
|
||||||
|
"'" . $_POST["RUID"] . "', " .
|
||||||
|
"'" . $_POST["Text"] . "');";
|
||||||
|
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if ($Erg == 1)
|
||||||
|
echo Get_Text("pub_messages_Send_OK") . "\n";
|
||||||
|
else
|
||||||
|
echo Get_Text("pub_messages_Send_Error") . "...\n(" . mysql_error($con) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "MarkRead" :
|
||||||
|
$SQL = "UPDATE `Messages` SET `isRead` = 'Y' " .
|
||||||
|
"WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID`='" . $_SESSION["UID"] . "' " .
|
||||||
|
"LIMIT 1 ;";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if ($Erg == 1)
|
||||||
|
echo Get_Text("pub_messages_MarkRead_OK") . "\n";
|
||||||
|
else
|
||||||
|
echo Get_Text("pub_messages_MarkRead_KO") . "...\n(" . mysql_error($con) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "DelMsg" :
|
||||||
|
$SQL = "DELETE FROM `Messages` " .
|
||||||
|
"WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID` ='" . $_SESSION["UID"] . "' " .
|
||||||
|
"LIMIT 1;";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if ($Erg == 1)
|
||||||
|
echo Get_Text("pub_messages_DelMsg_OK") . "\n";
|
||||||
|
else
|
||||||
|
echo Get_Text("pub_messages_DelMsg_KO") . "...\n(" . mysql_error($con) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
|
default :
|
||||||
|
echo Get_Text("pub_messages_NoCommand");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,168 @@
|
|||||||
|
<?php
|
||||||
|
function user_meetings() {
|
||||||
|
global $DISPLAY_NEWS, $privileges, $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
|
||||||
|
if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
|
||||||
|
$page = $_REQUEST['page'];
|
||||||
|
else
|
||||||
|
$page = 0;
|
||||||
|
|
||||||
|
$news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS);
|
||||||
|
foreach ($news as $entry)
|
||||||
|
$html .= display_news($entry);
|
||||||
|
|
||||||
|
$html .= "<div class=\"pagination\">\n\n";
|
||||||
|
$dis_rows = ceil(sql_num_query("SELECT * FROM `News` WHERE `Treffen`=1") / $DISPLAY_NEWS);
|
||||||
|
|
||||||
|
$html .= Get_Text(5);
|
||||||
|
|
||||||
|
for ($i = 0; $i < $dis_rows; $i++) {
|
||||||
|
if ($i == $_REQUEST['page'])
|
||||||
|
$html .= ($i +1) . " ";
|
||||||
|
else
|
||||||
|
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a> ';
|
||||||
|
}
|
||||||
|
$html .= '</div>';
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function display_news($news) {
|
||||||
|
global $privileges, $p;
|
||||||
|
|
||||||
|
$html .= "";
|
||||||
|
$html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">';
|
||||||
|
$html .= '<details>';
|
||||||
|
$html .= date("Y-m-d H:i", $news['Datum']) . ', ';
|
||||||
|
$html .= UID2Nick($news['UID']);
|
||||||
|
if ($p != "news_comments")
|
||||||
|
$html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »</a>';
|
||||||
|
$html .= '</details>';
|
||||||
|
$html .= '<h3>' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
|
||||||
|
$html .= '<p>' . ReplaceSmilies(nl2br($news['Text'])) . '</p>';
|
||||||
|
if (in_array("admin_news", $privileges))
|
||||||
|
$html .= "<details><a href=\"" . page_link_to("admin_news") . "&action=edit&id=" . $news['ID'] . "\">Edit</a></details>\n";
|
||||||
|
|
||||||
|
$html .= '</article>';
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function user_news_comments() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) {
|
||||||
|
$nid = $_REQUEST["nid"];
|
||||||
|
list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1");
|
||||||
|
if (isset ($_REQUEST["text"])) {
|
||||||
|
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
||||||
|
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
|
||||||
|
$html .= success("Eintrag wurde gespeichert");
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= '<a href="' . page_link_to("news") . '">« Back</a>';
|
||||||
|
$html .= display_news($news);
|
||||||
|
|
||||||
|
$html .= '<h2>Kommentare</h2>';
|
||||||
|
|
||||||
|
$comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'");
|
||||||
|
foreach ($comments as $comment) {
|
||||||
|
$html .= '<article class="news_comment">';
|
||||||
|
$html .= DisplayAvatar($comment['UID']);
|
||||||
|
$html .= '<details>';
|
||||||
|
$html .= $comment['Datum'] . ', ';
|
||||||
|
$html .= UID2Nick($comment['UID']);
|
||||||
|
$html .= '</details>';
|
||||||
|
$html .= '<p>' . nl2br($comment['Text']) . '</p>';
|
||||||
|
$html .= '</article>';
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "</table>";
|
||||||
|
$html .= '
|
||||||
|
<br />
|
||||||
|
<hr>
|
||||||
|
<h2>Neuer Kommentar:</h2>
|
||||||
|
<a name="Neu"> </a>
|
||||||
|
|
||||||
|
<form action="' . page_link_to("news_comments") . '" method="post">
|
||||||
|
<input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td align="right" valign="top">Text:</td>
|
||||||
|
<td><textarea name="text" cols="50" rows="10"></textarea></td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<br />
|
||||||
|
<input type="submit" value="sichern...">
|
||||||
|
</form>';
|
||||||
|
} else {
|
||||||
|
$html .= "Fehlerhafter Aufruf!";
|
||||||
|
}
|
||||||
|
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function user_news() {
|
||||||
|
global $DISPLAY_NEWS, $privileges, $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
|
||||||
|
if (isset ($_POST["text"]) && isset ($_POST["betreff"])) {
|
||||||
|
if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges))
|
||||||
|
$_POST["treffen"] = 0;
|
||||||
|
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
|
||||||
|
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
|
||||||
|
"', '" . sql_escape($_POST["treffen"]) . "');");
|
||||||
|
$html .= success(Get_Text(4));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
|
||||||
|
$page = $_REQUEST['page'];
|
||||||
|
else
|
||||||
|
$page = 0;
|
||||||
|
|
||||||
|
$news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS);
|
||||||
|
foreach ($news as $entry)
|
||||||
|
$html .= display_news($entry);
|
||||||
|
|
||||||
|
$html .= "<div class=\"pagination\">\n\n";
|
||||||
|
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
|
||||||
|
|
||||||
|
$html .= Get_Text(5);
|
||||||
|
|
||||||
|
for ($i = 0; $i < $dis_rows; $i++) {
|
||||||
|
if ($i == $_REQUEST['page'])
|
||||||
|
$html .= ($i +1) . " ";
|
||||||
|
else
|
||||||
|
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a> ';
|
||||||
|
}
|
||||||
|
$html .= '</div>
|
||||||
|
<br /><hr />
|
||||||
|
<h2>' . Get_Text(6) . '</h2>
|
||||||
|
<a name="Neu"> </a>
|
||||||
|
|
||||||
|
<form action="" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td align="right">' . Get_Text(7) . '</td>
|
||||||
|
<td><input type="text" name="betreff" size="60"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td align="right">' . Get_Text(8) . '</td>
|
||||||
|
<td><textarea name="text" cols="50" rows="10"></textarea></td>
|
||||||
|
</tr>';
|
||||||
|
if (in_array('admin_news', $privileges)) {
|
||||||
|
$html .= ' <tr>
|
||||||
|
<td align="right">' . Get_Text(9) . '</td>
|
||||||
|
<td><input type="checkbox" name="treffen" size="1" value="1"></td>
|
||||||
|
</tr>';
|
||||||
|
|
||||||
|
}
|
||||||
|
$html .= '</table>
|
||||||
|
<br />
|
||||||
|
<input type="submit" value="' . Get_Text("save") . '">
|
||||||
|
</form>';
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,50 @@
|
|||||||
|
<?php
|
||||||
|
function user_questions() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$open_questions = "";
|
||||||
|
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0 AND `UID`=" . sql_escape($user['UID']));
|
||||||
|
foreach ($questions as $question)
|
||||||
|
$open_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td><td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Delete</a></td><tr>';
|
||||||
|
|
||||||
|
$answered_questions = "";
|
||||||
|
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0 AND `UID`=" . sql_escape($user['UID']));
|
||||||
|
foreach ($questions as $question) {
|
||||||
|
$answered_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td>';
|
||||||
|
$answered_questions .= '<td>' . UID2Nick($question['AID']) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>';
|
||||||
|
$answered_questions .= '<td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Delete</a></td><tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
return template_render('../templates/user_questions.html', array (
|
||||||
|
'link' => page_link_to("user_questions"),
|
||||||
|
'open_questions' => $open_questions,
|
||||||
|
'answered_questions' => $answered_questions
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case 'ask' :
|
||||||
|
$question = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question'])));
|
||||||
|
if ($question != "") {
|
||||||
|
sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'");
|
||||||
|
header("Location: " . page_link_to("user_questions"));
|
||||||
|
} else
|
||||||
|
return error("Please enter a question!");
|
||||||
|
break;
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Question ID.");
|
||||||
|
|
||||||
|
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
|
||||||
|
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_questions"));
|
||||||
|
} else
|
||||||
|
return error("No question found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,252 @@
|
|||||||
|
<?php
|
||||||
|
function user_settings() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$tshirt_html = template_render('../templates/user_settings_tshirt.html', array (
|
||||||
|
'label_size' => Get_Text("makeuser_T-Shirt"),
|
||||||
|
'size_select' => ($user['Tshirt'] == 0) ? html_select_key('size', array (
|
||||||
|
'S' => "S",
|
||||||
|
'M' => "M",
|
||||||
|
'L' => "L",
|
||||||
|
'XL' => "XL",
|
||||||
|
'2XL' => "2XL",
|
||||||
|
'3XL' => "3XL",
|
||||||
|
'4XL' => "4XL",
|
||||||
|
'5XL' => "5XL",
|
||||||
|
'S-G' => "S Girl",
|
||||||
|
'M-G' => "M Girl",
|
||||||
|
'L-G' => "L Girl",
|
||||||
|
'XL-G' => "XL Girl"
|
||||||
|
), $user['Size']) : $user['Size']
|
||||||
|
));
|
||||||
|
|
||||||
|
return template_render('../templates/user_settings.html', array (
|
||||||
|
'link' => page_link_to("user_settings"),
|
||||||
|
'greeting' => Get_Text("Hallo") . $user['Nick'] . ",<br />" . Get_Text(13),
|
||||||
|
'text_user_data' => Get_Text("pub_einstellungen_Text_UserData"),
|
||||||
|
'label_nick' => Get_Text("pub_einstellungen_Nick"),
|
||||||
|
'label_name' => Get_Text("pub_einstellungen_Name"),
|
||||||
|
'label_prename' => Get_Text("pub_einstellungen_Vorname"),
|
||||||
|
'label_age' => Get_Text("pub_einstellungen_Alter"),
|
||||||
|
'label_tel' => Get_Text("pub_einstellungen_Telefon"),
|
||||||
|
'label_mobile' => Get_Text("pub_einstellungen_Handy"),
|
||||||
|
'label_dect' => Get_Text("pub_einstellungen_DECT"),
|
||||||
|
'label_mail' => Get_Text("pub_einstellungen_Email"),
|
||||||
|
'label_hometown' => Get_Text("pub_einstellungen_Hometown"),
|
||||||
|
'nick' => $user['Nick'],
|
||||||
|
'name' => $user['Name'],
|
||||||
|
'prename' => $user['Vorname'],
|
||||||
|
'age' => $user['Alter'],
|
||||||
|
'tel' => $user['Telefon'],
|
||||||
|
'mobile' => $user['Handy'],
|
||||||
|
'dect' => $user['DECT'],
|
||||||
|
'mail' => $user['email'],
|
||||||
|
'icq' => $user['ICQ'],
|
||||||
|
'jabber' => $user['jabber'],
|
||||||
|
'hometown' => $user['Hometown'],
|
||||||
|
'label_save' => Get_Text("save"),
|
||||||
|
'tshirts' => $tshirt_html,
|
||||||
|
'text_password' => Get_Text(14),
|
||||||
|
'current_pw_label' => Get_Text(15),
|
||||||
|
'new_pw_label' => Get_Text(16),
|
||||||
|
'new_pw2_label' => Get_Text(17),
|
||||||
|
'text_theme' => Get_Text(18),
|
||||||
|
'theme_label' => Get_Text(19),
|
||||||
|
'theme_select' => html_select_key('theme', array (
|
||||||
|
"1" => "Standard-Style",
|
||||||
|
"2" => "ot/Gelber Style",
|
||||||
|
"3" => "Club-Mate Style",
|
||||||
|
"5" => "Debian Style",
|
||||||
|
"6" => "c-base Style",
|
||||||
|
"7" => "Blau/Gelber Style",
|
||||||
|
"8" => "Pastel Style",
|
||||||
|
"4" => "Test Style",
|
||||||
|
"9" => "Test Style 21c3",
|
||||||
|
"10" => "msquare (cccamp2011)"
|
||||||
|
), $user['color']),
|
||||||
|
'text_language' => Get_Text(20),
|
||||||
|
'language_label' => Get_Text(21),
|
||||||
|
'language_select' => html_select_key('language', array (
|
||||||
|
'DE' => "Deutsch",
|
||||||
|
'EN' => "English"
|
||||||
|
), $user['Sprache'])
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case 'sprache' :
|
||||||
|
if (isset ($_REQUEST['language']) && preg_match("/^DE|EN$/", $_REQUEST['language']))
|
||||||
|
$language = $_REQUEST['language'];
|
||||||
|
else
|
||||||
|
$language = "EN";
|
||||||
|
sql_query("UPDATE `User` SET " . "`Sprache`='" . sql_escape($language) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||||
|
$_SESSION['Sprache'] = $language;
|
||||||
|
header("Location: " . page_link_to("user_settings"));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'colour' :
|
||||||
|
$theme = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['theme']));
|
||||||
|
sql_query("UPDATE `User` SET " . "`color`='" . sql_escape($theme) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_settings"));
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'set' :
|
||||||
|
$html = "";
|
||||||
|
if ($_REQUEST["new_pw"] == $_REQUEST["new_pw2"]) {
|
||||||
|
if (PassCrypt($_REQUEST["current_pw"]) == $user['Passwort']) {
|
||||||
|
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_settings"));
|
||||||
|
} else {
|
||||||
|
$html .= error(Get_Text(30));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$html .= error(Get_Text(31));
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "setUserData" :
|
||||||
|
$nick = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['nick']));
|
||||||
|
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name']));
|
||||||
|
$prename = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['prename']));
|
||||||
|
$age = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['age']));
|
||||||
|
$tel = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['tel']));
|
||||||
|
$mobile = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mobile']));
|
||||||
|
$dect = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['dect']));
|
||||||
|
$mail = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mail']));
|
||||||
|
$icq = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['icq']));
|
||||||
|
$jabber = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['jabber']));
|
||||||
|
$hometown = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['hometown']));
|
||||||
|
$size = ($user['TShirt'] == 0) ? preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['size'])) : $user['Size'];
|
||||||
|
|
||||||
|
sql_query("UPDATE `User` SET " .
|
||||||
|
"`Nick`='" . sql_escape($nick) . "', " .
|
||||||
|
"`Name`='" . sql_escape($name) . "', " .
|
||||||
|
"`Vorname`='" . sql_escape($prename) . "', " .
|
||||||
|
"`Alter`='" . sql_escape($age) . "', " .
|
||||||
|
"`Telefon`='" . sql_escape($tel) . "', " .
|
||||||
|
"`Handy`='" . sql_escape($mobile) . "', " .
|
||||||
|
"`DECT`='" . sql_escape($dect) . "', " .
|
||||||
|
"`email`='" . sql_escape($mail) . "', " .
|
||||||
|
"`ICQ`='" . sql_escape($icq) . "', " .
|
||||||
|
"`jabber`='" . sql_escape($jabber) . "', " .
|
||||||
|
"`Hometown`='" . sql_escape($hometown) . "', " .
|
||||||
|
"`Size`='" . sql_escape($size) . "' " .
|
||||||
|
"WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_settings"));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// AVATARE
|
||||||
|
/*
|
||||||
|
if (get_cfg_var("file_uploads")) {
|
||||||
|
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
||||||
|
echo Get_Text('pub_einstellungen_PictureUpload') . "<br />";
|
||||||
|
echo "<form action=\"./einstellungen.php\" method=\"post\" enctype=\"multipart/form-data\">\n";
|
||||||
|
echo "<input type=\"hidden\" name=\"action\" value=\"sendPicture\">\n";
|
||||||
|
echo "<input name=\"file\" type=\"file\" size=\"50\" maxlength=\"" . get_cfg_var("post_max_size") . "\">\n";
|
||||||
|
echo "(max " . get_cfg_var("post_max_size") . "Byte)<br />\n";
|
||||||
|
echo "<input type=\"submit\" value=\"" . Get_Text("upload"), "\">\n";
|
||||||
|
echo "</form>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
switch (GetPicturShow($_SESSION['UID'])) {
|
||||||
|
case 'Y' :
|
||||||
|
echo Get_Text('pub_einstellungen_PictureShow') . "<br />";
|
||||||
|
echo displayPictur($_SESSION['UID'], 0);
|
||||||
|
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
|
||||||
|
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
|
||||||
|
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
|
||||||
|
echo "</form>\n";
|
||||||
|
break;
|
||||||
|
case 'N' :
|
||||||
|
echo Get_Text('pub_einstellungen_PictureNoShow') . "<br />";
|
||||||
|
echo displayPictur($_SESSION['UID'], 0);
|
||||||
|
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
|
||||||
|
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
|
||||||
|
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
|
||||||
|
echo "</form>\n";
|
||||||
|
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
||||||
|
case '' :
|
||||||
|
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
||||||
|
echo Get_Text(22) . "<br />";
|
||||||
|
echo "\n<form action=\"./einstellungen.php\" method=\"post\">\n";
|
||||||
|
echo "<input type=\"hidden\" name=\"action\" value=\"avatar\">\n";
|
||||||
|
echo "<table>\n";
|
||||||
|
echo "<tr>\n<td>" . Get_Text(23) . "<br /></td>\n</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>\n";
|
||||||
|
echo "<select name=\"eAvatar\" onChange=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\" onKeyup=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\">\n";
|
||||||
|
|
||||||
|
for ($i = 1; file_exists("../pic/avatar/avatar" . $i . ".gif"); $i++)
|
||||||
|
echo "<option value=\"" . $i . "\"" . ($_SESSION['Avatar'] == $i ? " selected" : "") . ">avatar" . $i . "</option>\n";
|
||||||
|
|
||||||
|
echo "</select> \n";
|
||||||
|
echo "<img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . $_SESSION['Avatar'] . ".gif\" name=\"avatar\" border=\"0\" align=\"top\">\n";
|
||||||
|
echo "</td>\n</tr>\n";
|
||||||
|
echo "</table>\n";
|
||||||
|
echo "<input type=\"submit\" value=\"" . Get_Text("save") . "\">\n";
|
||||||
|
echo "</form>\n";
|
||||||
|
break;
|
||||||
|
} //CASE
|
||||||
|
|
||||||
|
} else {
|
||||||
|
switch ($_POST["action"]) {
|
||||||
|
|
||||||
|
case 'avatar' :
|
||||||
|
$chsql = "UPDATE `User` SET `Avatar`='" . $_POST["eAvatar"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
||||||
|
$Erg = mysql_query($chsql, $con);
|
||||||
|
$_SESSION['Avatar'] = $_POST["eAvatar"];
|
||||||
|
if ($Erg == 1)
|
||||||
|
Print_Text(34);
|
||||||
|
else
|
||||||
|
Print_Text(29);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'setUserData' :
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'sendPicture' :
|
||||||
|
if ($_FILES["file"]["size"] > 0) {
|
||||||
|
if (($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif")) {
|
||||||
|
$data = addslashes(fread(fopen($_FILES["file"]["tmp_name"], "r"), filesize($_FILES["file"]["tmp_name"])));
|
||||||
|
|
||||||
|
if (GetPicturShow($_SESSION['UID']) == "")
|
||||||
|
$SQL = "INSERT INTO `UserPicture` " .
|
||||||
|
"( `UID`,`Bild`, `ContentType`, `show`) " .
|
||||||
|
"VALUES ('" . $_SESSION['UID'] . "', '$data', '" . $_FILES["file"]["type"] . "', 'N')";
|
||||||
|
else
|
||||||
|
$SQL = "UPDATE `UserPicture` SET " .
|
||||||
|
"`Bild`='$data', " .
|
||||||
|
"`ContentType`='" . $_FILES["file"]["type"] . "', " .
|
||||||
|
"`show`='N' " .
|
||||||
|
"WHERE `UID`='" . $_SESSION['UID'] . "'";
|
||||||
|
|
||||||
|
$res = mysql_query($SQL, $con);
|
||||||
|
if ($res)
|
||||||
|
Print_Text("pub_einstellungen_send_OK");
|
||||||
|
else
|
||||||
|
Print_Text("pub_einstellungen_send_KO");
|
||||||
|
|
||||||
|
echo "<h6>('" . $_FILES["file"]["name"] . "', MIME-Type: " . $_FILES["file"]["type"] . ", " . $_FILES["file"]["size"] . " Byte)</h6>";
|
||||||
|
} else
|
||||||
|
Print_Text("pub_einstellungen_send_KO");
|
||||||
|
} else
|
||||||
|
Print_Text("pub_einstellungen_send_KO");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delPicture' :
|
||||||
|
$chsql = "DELETE FROM `UserPicture` WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
||||||
|
$Erg = mysql_query($chsql, $con);
|
||||||
|
if ($Erg == 1)
|
||||||
|
Print_Text("pub_einstellungen_del_OK");
|
||||||
|
else
|
||||||
|
Print_Text("pub_einstellungen_del_KO");
|
||||||
|
Break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,86 @@
|
|||||||
|
<?php
|
||||||
|
function user_wakeup() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
$html = "";
|
||||||
|
|
||||||
|
if (isset ($_REQUEST['action'])) {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case 'create' :
|
||||||
|
$date = DateTime::createFromFormat("Y-m-d H:i", $_REQUEST['Date']);
|
||||||
|
if ($date != null) {
|
||||||
|
$date = $date->getTimestamp();
|
||||||
|
$bemerkung = strip_request_item_nl('Bemerkung');
|
||||||
|
$ort = strip_request_item('Ort');
|
||||||
|
$SQL = "INSERT INTO `Wecken` (`UID`, `Date`, `Ort`, `Bemerkung`) "
|
||||||
|
. "VALUES ('" . sql_escape($user['UID']) . "', '"
|
||||||
|
. sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'"
|
||||||
|
. sql_escape($bemerkung) . "')";
|
||||||
|
sql_query($SQL);
|
||||||
|
$html .= success(Get_Text(4));
|
||||||
|
} else
|
||||||
|
$html .= error("Broken date!");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'delete' :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing wake-up ID.");
|
||||||
|
|
||||||
|
$wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) {
|
||||||
|
sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
$html .= success("Wake-up call deleted.");
|
||||||
|
} else
|
||||||
|
return error("No wake-up found.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "<p>" . Get_Text("Hello") . $user['Nick'] . ",<br />"
|
||||||
|
. Get_Text("pub_wake_beschreibung") . "</p>\n\n";
|
||||||
|
$html .= Get_Text("pub_wake_beschreibung2");
|
||||||
|
$html .= '
|
||||||
|
<table border="0" width="100%" class="border" cellpadding="2" cellspacing="1">
|
||||||
|
<tr class="contenttopic">
|
||||||
|
<th>' . Get_Text("pub_wake_Datum") . '</th>
|
||||||
|
<th>' . Get_Text("pub_waeckliste_Nick") . '</th>
|
||||||
|
<th>' . Get_Text("pub_wake_Ort") . '</th>
|
||||||
|
<th>' . Get_Text("pub_wake_Bemerkung") . '</th>
|
||||||
|
<th></th>
|
||||||
|
</tr>
|
||||||
|
';
|
||||||
|
|
||||||
|
$sql = "SELECT * FROM `Wecken` ORDER BY `Date` ASC";
|
||||||
|
$Erg = sql_query($sql);
|
||||||
|
$count = mysql_num_rows($Erg);
|
||||||
|
|
||||||
|
for ($i = 0; $i < $count; $i++) {
|
||||||
|
$row = mysql_fetch_row($Erg);
|
||||||
|
$html .= '<tr class="content">';
|
||||||
|
$html .= '<td>' . date("Y-m-d H:i", mysql_result($Erg, $i, "Date")) . ' </td>';
|
||||||
|
$html .= '<td>' . UID2Nick(mysql_result($Erg, $i, "UID")) . ' </td>';
|
||||||
|
$html .= '<td>' . mysql_result($Erg, $i, "Ort") . ' </td>';
|
||||||
|
$html .= '<td>' . mysql_result($Erg, $i, "Bemerkung") . ' </td>';
|
||||||
|
if (mysql_result($Erg, $i, "UID") == $user['UID'])
|
||||||
|
$html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . mysql_result($Erg, $i, "ID") . "\">" . Get_Text("pub_wake_del") . '</a></td>';
|
||||||
|
else
|
||||||
|
$html .= '<td></td>';
|
||||||
|
$html .= '</tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= '</table><hr />' . Get_Text("pub_wake_Text2");
|
||||||
|
|
||||||
|
$html .= template_render('../templates/user_wakeup.html', array (
|
||||||
|
'wakeup_link' => page_link_to("user_wakeup"),
|
||||||
|
'date_text' => Get_Text("pub_wake_Datum"),
|
||||||
|
'date_value' => date("Y-m-d H:i"),
|
||||||
|
'place_text' => Get_Text("pub_wake_Ort"),
|
||||||
|
'comment_text' => Get_Text("pub_wake_Bemerkung"),
|
||||||
|
'comment_value' => "Knock knock Leo, follow the white rabbit to the blue tent",
|
||||||
|
'submit_text' => Get_Text("pub_wake_bouton")
|
||||||
|
));
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -1,41 +0,0 @@
|
|||||||
<?php
|
|
||||||
//soll dein funktion entahlten die alle übergebenen parameter überprüft
|
|
||||||
//'`'"
|
|
||||||
|
|
||||||
if( $DEBUG)
|
|
||||||
echo "secure.php START<br>\n";
|
|
||||||
|
|
||||||
foreach ($_GET as $k => $v)
|
|
||||||
{
|
|
||||||
// $v = htmlspecialchars($v, ENT_QUOTES);
|
|
||||||
// $v = mysql_escape_string($v);
|
|
||||||
$v = htmlentities($v, ENT_QUOTES);
|
|
||||||
if (preg_match('/([\'"`\'])/', $v, $match))
|
|
||||||
{
|
|
||||||
print "sorry get has illegal char '$match[1]'";
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
$_GET[$k] = $v;
|
|
||||||
|
|
||||||
if( $DEBUG)
|
|
||||||
echo "GET $k=\"$v\"<br>";
|
|
||||||
}
|
|
||||||
|
|
||||||
foreach ($_POST as $k => $v)
|
|
||||||
{
|
|
||||||
// $v = htmlspecialchars($v, ENT_QUOTES);
|
|
||||||
// $v = mysql_escape_string($v);
|
|
||||||
$v = htmlentities($v, ENT_QUOTES);
|
|
||||||
if (preg_match('/([\'"`\'])/', $v, $match)) {
|
|
||||||
print "sorry post has illegal char '$match[1]'";
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
$_POST[$k] = $v;
|
|
||||||
|
|
||||||
if( $DEBUG)
|
|
||||||
echo "POST $k=\"$v\"<br>";
|
|
||||||
}
|
|
||||||
if( $DEBUG)
|
|
||||||
echo "secure.php END<br>\n";
|
|
||||||
|
|
||||||
?>
|
|
@ -0,0 +1,95 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
|
||||||
|
// Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
|
||||||
|
function load_auth() {
|
||||||
|
global $user, $privileges;
|
||||||
|
|
||||||
|
if (!isset ($_SESSION['IP']))
|
||||||
|
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
|
||||||
|
|
||||||
|
if ($_SESSION['IP'] != $_SERVER['REMOTE_ADDR']) {
|
||||||
|
session_destroy();
|
||||||
|
header("Location: " . link_to_page($start));
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = null;
|
||||||
|
if (isset ($_SESSION['uid'])) {
|
||||||
|
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");
|
||||||
|
if (count($user) > 0) {
|
||||||
|
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
|
||||||
|
list ($user) = $user;
|
||||||
|
sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
|
||||||
|
} else
|
||||||
|
unset ($_SESSION['uid']);
|
||||||
|
}
|
||||||
|
|
||||||
|
$privileges = isset ($user) ? privileges_for_user($user['UID']) : privileges_for_group(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
function PassCrypt($passwort) {
|
||||||
|
global $crypt_system;
|
||||||
|
|
||||||
|
switch ($crypt_system) {
|
||||||
|
case "crypt" :
|
||||||
|
return "{crypt}" . crypt($passwort, "77");
|
||||||
|
case "md5" :
|
||||||
|
return md5($passwort);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// JSON Authorisierungs-Schnittstelle
|
||||||
|
function json_auth_service() {
|
||||||
|
global $CurrentExternAuthPass;
|
||||||
|
|
||||||
|
header("Content-Type: application/json");
|
||||||
|
|
||||||
|
$User = $_REQUEST['user'];
|
||||||
|
$Pass = $_REQUEST['pw'];
|
||||||
|
$SourceOuth = $_REQUEST['so'];
|
||||||
|
|
||||||
|
if (isset ($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) {
|
||||||
|
$sql = "SELECT * FROM `User` WHERE `Nick`='" . sql_escape($User) . "'";
|
||||||
|
$Erg = sql_query($sql);
|
||||||
|
|
||||||
|
if (mysql_num_rows($Erg) == 1) {
|
||||||
|
if (mysql_result($Erg, 0, "Passwort") == PassCrypt($Pass)) {
|
||||||
|
$UID = mysql_result($Erg, 0, "UID");
|
||||||
|
|
||||||
|
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";");
|
||||||
|
foreach ($user_privs as $user_priv)
|
||||||
|
$privileges[] = $user_priv['name'];
|
||||||
|
|
||||||
|
$msg = array (
|
||||||
|
'status' => 'success',
|
||||||
|
'rights' => $privileges
|
||||||
|
);
|
||||||
|
echo json_encode($msg);
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
echo json_encode(array (
|
||||||
|
'status' => 'failed',
|
||||||
|
'error' => "JSON Service GET syntax: https://engelsystem.de/?auth&user=<user>&pw=<password>&so=<key>, POST is possible too"
|
||||||
|
));
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
function privileges_for_user($user_id) {
|
||||||
|
$privileges = array ();
|
||||||
|
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user_id) . ";");
|
||||||
|
foreach ($user_privs as $user_priv)
|
||||||
|
$privileges[] = $user_priv['name'];
|
||||||
|
return $privileges;
|
||||||
|
}
|
||||||
|
|
||||||
|
function privileges_for_group($group_id) {
|
||||||
|
$privileges = array ();
|
||||||
|
$groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group_id));
|
||||||
|
foreach ($groups_privs as $guest_priv)
|
||||||
|
$privileges[] = $guest_priv['name'];
|
||||||
|
return $privileges;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,10 @@
|
|||||||
|
<?php
|
||||||
|
function counter() {
|
||||||
|
global $p;
|
||||||
|
|
||||||
|
if (sql_num_query("SELECT `Anz` FROM `Counter` WHERE `URL`='" . sql_escape($p) . "'") == 0)
|
||||||
|
sql_query("INSERT INTO `Counter` ( `URL` , `Anz` ) VALUES ('" . sql_escape($p) . "', '1');");
|
||||||
|
else
|
||||||
|
sql_query("UPDATE `Counter` SET `Anz` = `Anz` + 1 WHERE `URL` = '" . sql_escape($p) . "' LIMIT 1 ;");
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,26 @@
|
|||||||
|
<?php
|
||||||
|
function Get_Text($TextID, $NoError = false) {
|
||||||
|
global $con, $error_messages, $debug;
|
||||||
|
|
||||||
|
if (!isset ($_SESSION['Sprache']))
|
||||||
|
$_SESSION['Sprache'] = "EN";
|
||||||
|
if ($_SESSION['Sprache'] == "")
|
||||||
|
$_SESSION['Sprache'] = "EN";
|
||||||
|
if (isset ($_GET["SetLanguage"]))
|
||||||
|
$_SESSION['Sprache'] = $_GET["SetLanguage"];
|
||||||
|
|
||||||
|
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='" . $_SESSION['Sprache'] . "'";
|
||||||
|
@ $Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if (mysql_num_rows($Erg) == 1)
|
||||||
|
return (@ mysql_result($Erg, 0, "Text"));
|
||||||
|
elseif ($NoError && !$debug) return "";
|
||||||
|
else {
|
||||||
|
return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function Print_Text($TextID, $NoError = false) {
|
||||||
|
echo Get_Text($TextID, $NoError);
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,121 @@
|
|||||||
|
<?php
|
||||||
|
function page_link_to($page) {
|
||||||
|
return '?p=' . $page;
|
||||||
|
}
|
||||||
|
|
||||||
|
function make_navigation() {
|
||||||
|
global $p;
|
||||||
|
global $privileges;
|
||||||
|
$menu_items = $privileges;
|
||||||
|
$menu_items[] = "faq";
|
||||||
|
$menu = "";
|
||||||
|
|
||||||
|
// Standard Navigation
|
||||||
|
$menu .= make_navigation_for(Get_Text('/'), array (
|
||||||
|
"start",
|
||||||
|
"login",
|
||||||
|
"logout",
|
||||||
|
"register",
|
||||||
|
"faq"
|
||||||
|
));
|
||||||
|
|
||||||
|
// Engel Navigation
|
||||||
|
$menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array (
|
||||||
|
"news",
|
||||||
|
"user_meetings",
|
||||||
|
"user_myshifts",
|
||||||
|
"user_shifts",
|
||||||
|
"user_messages",
|
||||||
|
"user_questions",
|
||||||
|
"user_wakeup",
|
||||||
|
"user_settings"
|
||||||
|
));
|
||||||
|
|
||||||
|
// Admin Navigation
|
||||||
|
$menu .= make_navigation_for(Get_Text('admin/'), array (
|
||||||
|
"admin_user",
|
||||||
|
"admin_usershifts",
|
||||||
|
"admin_questions",
|
||||||
|
"admin_angel_types",
|
||||||
|
"admin_shifts",
|
||||||
|
"admin_rooms",
|
||||||
|
"admin_groups",
|
||||||
|
"admin_faq",
|
||||||
|
"admin_language",
|
||||||
|
"admin_import",
|
||||||
|
"admin_log"
|
||||||
|
));
|
||||||
|
return $menu;
|
||||||
|
}
|
||||||
|
|
||||||
|
function make_navigation_for($name, $pages) {
|
||||||
|
global $privileges, $p;
|
||||||
|
|
||||||
|
$specials = array (
|
||||||
|
"faq"
|
||||||
|
);
|
||||||
|
|
||||||
|
$menu = "";
|
||||||
|
foreach ($pages as $page)
|
||||||
|
if (in_array($page, $privileges) || in_array($page, $specials))
|
||||||
|
$menu .= '<li' . ($page == $p ? ' class="selected"' : '') . '><a href="' . page_link_to($page) . '">' . Get_Text($page) . '</a></li>';
|
||||||
|
|
||||||
|
if ($menu != "")
|
||||||
|
$menu = '<nav class="container"><h4>' . $name . '</h4><ul class="content">' . $menu . '</ul></nav>';
|
||||||
|
return $menu;
|
||||||
|
}
|
||||||
|
|
||||||
|
function make_menu() {
|
||||||
|
return make_navigation() . make_onlineusers() . make_langselect();
|
||||||
|
}
|
||||||
|
|
||||||
|
function make_onlineusers() {
|
||||||
|
global $privileges, $user;
|
||||||
|
$html = '<nav class="container"><h4>Engel online</h4>';
|
||||||
|
|
||||||
|
$query = "SELECT UID, Nick, lastLogIn " . "FROM User " . "WHERE (`lastLogIn` > '" . (time() - 60 * 60) . "') " . "ORDER BY lastLogIn DESC";
|
||||||
|
$users = sql_select($query);
|
||||||
|
|
||||||
|
if (count($users) > 0) {
|
||||||
|
$html .= "<ul class=\"content\">";
|
||||||
|
|
||||||
|
foreach ($users as $online_user) {
|
||||||
|
if (isset ($user) && $online_user['UID'] == $user['UID'])
|
||||||
|
continue;
|
||||||
|
|
||||||
|
$html .= "<li>";
|
||||||
|
|
||||||
|
//if (isset ($user))
|
||||||
|
//$html .= DisplayAvatar($online_user['UID']);
|
||||||
|
|
||||||
|
// Show Admin Page
|
||||||
|
if (in_array("admin_user_edit", $privileges)) {
|
||||||
|
$html .= '<a href="admin/userChangeNormal.php?enterUID=' . $online_user['UID'] . '&Type=Normal">' . $online_user['Nick'] . '</a>';
|
||||||
|
} else {
|
||||||
|
$html .= $online_user['Nick'];
|
||||||
|
}
|
||||||
|
$last_action = time() - $online_user['lastLogIn'];
|
||||||
|
|
||||||
|
$html .= " " . date("i:s", $last_action);
|
||||||
|
$html .= "</li>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "</ul>";
|
||||||
|
} else {
|
||||||
|
$html .= '<p class="content">Nobody...</p>';
|
||||||
|
}
|
||||||
|
$html .= '</nav>';
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function make_langselect() {
|
||||||
|
if (strpos($_SERVER["REQUEST_URI"], "?") > 0)
|
||||||
|
$URL = $_SERVER["REQUEST_URI"] . "&SetLanguage=";
|
||||||
|
else
|
||||||
|
$URL = $_SERVER["REQUEST_URI"] . "?SetLanguage=";
|
||||||
|
|
||||||
|
$html = '<p class="content"><a class="sprache" href="' . $URL . 'DE"><img src="pic/flag/de.png" alt="DE" title="Deutsch"></a>';
|
||||||
|
$html .= '<a class="sprache" href="' . $URL . 'EN"><img src="pic/flag/en.png" alt="EN" title="English"></a></p>';
|
||||||
|
return '<nav class="container"><h4>' . Get_Text("Sprache") . '</h4>' . $html . '</nav>';
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,61 @@
|
|||||||
|
<?php
|
||||||
|
function sql_connect($host, $user, $pw, $db) {
|
||||||
|
global $con;
|
||||||
|
global $host;
|
||||||
|
|
||||||
|
@ $con = mysql_connect($host, $user, $pw);
|
||||||
|
|
||||||
|
if ($con == null)
|
||||||
|
die("no mysql-connection");
|
||||||
|
|
||||||
|
if (!mysql_select_db($db, $con))
|
||||||
|
die("mysql db-selection failed");
|
||||||
|
|
||||||
|
mysql_query("SET CHARACTER SET utf8;", $con);
|
||||||
|
mysql_query("SET NAMES 'utf8'", $con);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Do select query
|
||||||
|
function sql_select($query) {
|
||||||
|
global $con;
|
||||||
|
$start = microtime(true);
|
||||||
|
if ($result = mysql_query($query, $con)) {
|
||||||
|
$data = array ();
|
||||||
|
while ($line = mysql_fetch_assoc($result)) {
|
||||||
|
array_push($data, $line);
|
||||||
|
}
|
||||||
|
return $data;
|
||||||
|
} else {
|
||||||
|
die('MySQL-query error: ' . $query . ", " . mysql_error($con));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Execute a query
|
||||||
|
function sql_query($query) {
|
||||||
|
global $con;
|
||||||
|
$start = microtime(true);
|
||||||
|
if ($result = mysql_query($query, $con)) {
|
||||||
|
return $result;
|
||||||
|
} else {
|
||||||
|
die('MySQL-query error: ' . $query . ", " . mysql_error($con));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function sql_id() {
|
||||||
|
global $con;
|
||||||
|
return mysql_insert_id($con);
|
||||||
|
}
|
||||||
|
|
||||||
|
function sql_escape($query) {
|
||||||
|
return mysql_real_escape_string($query);
|
||||||
|
}
|
||||||
|
|
||||||
|
function sql_num_query($query) {
|
||||||
|
return mysql_num_rows(sql_query($query));
|
||||||
|
}
|
||||||
|
|
||||||
|
function sql_error() {
|
||||||
|
global $con;
|
||||||
|
return mysql_error($con);
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,26 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
function strip_request_item($name) {
|
||||||
|
return preg_replace(
|
||||||
|
"/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui",
|
||||||
|
'',
|
||||||
|
strip_tags($_REQUEST[$name])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
function strip_request_item_nl($name) {
|
||||||
|
return preg_replace(
|
||||||
|
"/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
|
||||||
|
'',
|
||||||
|
strip_tags($_REQUEST[$name])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
function error($msg) {
|
||||||
|
return '<p class="error">' . $msg . '</p>';
|
||||||
|
}
|
||||||
|
|
||||||
|
function success($msg) {
|
||||||
|
return '<p class="success">' . $msg . '</p>';
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,36 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
|
||||||
|
// Load and render template
|
||||||
|
function template_render($file, $data) {
|
||||||
|
if (file_exists($file)) {
|
||||||
|
$template = file_get_contents($file);
|
||||||
|
if (is_array($data))
|
||||||
|
foreach ($data as $name => $content) {
|
||||||
|
$template = str_replace("%" . $name . "%", $content, $template);
|
||||||
|
}
|
||||||
|
return $template;
|
||||||
|
} else {
|
||||||
|
die('Cannot find template file «' . $file . '».');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function html_options($name, $options, $selected = "") {
|
||||||
|
$html = "";
|
||||||
|
foreach ($options as $value => $label)
|
||||||
|
$html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label;
|
||||||
|
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
function html_select_key($name, $rows, $selected) {
|
||||||
|
$html = '<select name="' . $name . '">';
|
||||||
|
foreach ($rows as $key => $row)
|
||||||
|
if (($key == $selected) || ($row == $selected))
|
||||||
|
$html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
|
||||||
|
else
|
||||||
|
$html .= '<option value="' . $key . '">' . $row . '</option>';
|
||||||
|
$html .= '</select>';
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,106 @@
|
|||||||
|
<?php
|
||||||
|
function UID2Nick($UID) {
|
||||||
|
if ($UID > 0)
|
||||||
|
$SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
|
||||||
|
else
|
||||||
|
$SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
|
||||||
|
|
||||||
|
$Erg = sql_select($SQL);
|
||||||
|
|
||||||
|
if (count($Erg) > 0) {
|
||||||
|
if ($UID > 0)
|
||||||
|
return $Erg[0]['Nick'];
|
||||||
|
else
|
||||||
|
return "Group-" . $Erg[0]['Name'];
|
||||||
|
} else {
|
||||||
|
if ($UID == -1)
|
||||||
|
return "Guest";
|
||||||
|
else
|
||||||
|
return "UserID $UID not found";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function TID2Type($TID) {
|
||||||
|
global $con;
|
||||||
|
|
||||||
|
$SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if (mysql_num_rows($Erg))
|
||||||
|
return mysql_result($Erg, 0);
|
||||||
|
else
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
function ReplaceSmilies($neueckig) {
|
||||||
|
global $url, $ENGEL_ROOT;
|
||||||
|
|
||||||
|
$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
|
||||||
|
$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
|
||||||
|
|
||||||
|
return $neueckig;
|
||||||
|
}
|
||||||
|
|
||||||
|
function GetPicturShow($UID) {
|
||||||
|
global $con;
|
||||||
|
|
||||||
|
$SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
|
||||||
|
$res = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if (mysql_num_rows($res) == 1)
|
||||||
|
return mysql_result($res, 0, 0);
|
||||||
|
else
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
function displayPictur($UID, $height = "30") {
|
||||||
|
global $url, $ENGEL_ROOT;
|
||||||
|
|
||||||
|
if ($height > 0)
|
||||||
|
return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
|
||||||
|
else
|
||||||
|
return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
|
||||||
|
}
|
||||||
|
|
||||||
|
function displayavatar($UID, $height = "30") {
|
||||||
|
global $con, $url, $ENGEL_ROOT;
|
||||||
|
|
||||||
|
if (GetPicturShow($UID) == 'Y')
|
||||||
|
return " " . displayPictur($UID, $height);
|
||||||
|
|
||||||
|
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
|
||||||
|
if (count($user) > 0)
|
||||||
|
if ($user[0]['Avatar'] > 0)
|
||||||
|
return '<div class="avatar">' . (" <img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
|
||||||
|
}
|
||||||
|
|
||||||
|
function UIDgekommen($UID) {
|
||||||
|
global $con;
|
||||||
|
|
||||||
|
$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if (mysql_num_rows($Erg))
|
||||||
|
return mysql_result($Erg, 0);
|
||||||
|
else
|
||||||
|
return "0";
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,41 @@
|
|||||||
|
Angel types:
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
Name
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Man
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Action
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%table%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<hr />
|
||||||
|
<h2>Create new Angel type:</h2>
|
||||||
|
<form action="%link%&action=create" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Name
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="name" value="" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Man
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="man" value="" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table><input type="submit" name="submit" value="Create" />
|
||||||
|
</form>
|
@ -0,0 +1,24 @@
|
|||||||
|
Edit angel type:
|
||||||
|
<form action="%link%&action=save" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Name
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="name" value="%name%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Man
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="man" value="%man%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table><input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Save" />
|
||||||
|
</form>
|
||||||
|
<form action="%link%&action=delete" method="post">
|
||||||
|
<input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Delete" />
|
||||||
|
</form>
|
@ -0,0 +1,56 @@
|
|||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
Deutsch
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
English
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%faqs%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<hr/>Create new FAQ:
|
||||||
|
<form action="%link%&action=create" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Frage
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="frage"></textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Antwort
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="antwort"></textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Question
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="question"></textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Answer
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="answer"></textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input type="submit" name="submit" value="Create" />
|
||||||
|
</form>
|
@ -0,0 +1,41 @@
|
|||||||
|
Edit FAQ:
|
||||||
|
<form action="%link%&action=save" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Frage
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="frage">%frage%</textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Antwort
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="antwort">%antwort%</textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Question
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="question">%question%</textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Answer
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="answer">%answer%</textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Save" />
|
||||||
|
</form><hr/>
|
||||||
|
<form action="%link%&action=delete" method="post">
|
||||||
|
Delete FAQ: <input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Delete" />
|
||||||
|
</form>
|
@ -0,0 +1,21 @@
|
|||||||
|
Hallo %nick%,
|
||||||
|
<br/>
|
||||||
|
hier hast du die Möglichkeit Gruppenrechte zu ändern:
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
Name
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Rechte
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%groups%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
@ -0,0 +1,21 @@
|
|||||||
|
<form action="%link%&action=save" method="post">
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Name
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Description
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%privileges%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<input type="hidden" name="id" value="%id%" /><input type="submit" name="submit" value="Save" />
|
||||||
|
</form>
|
@ -0,0 +1,9 @@
|
|||||||
|
<tr>
|
||||||
|
<td> %question_nick% </td>
|
||||||
|
<td> %question% </td>
|
||||||
|
<td> %answer_nick% </td>
|
||||||
|
<td> %answer% </td>
|
||||||
|
<td>
|
||||||
|
<a href="%link%&action=delete&id=%question_id%">Delete</a>
|
||||||
|
</td>
|
||||||
|
</tr>
|
@ -0,0 +1,14 @@
|
|||||||
|
<tr>
|
||||||
|
<td> %question_nick% </td>
|
||||||
|
<td> %question% </td>
|
||||||
|
<td>
|
||||||
|
<form action="%link%&action=answer" method="post">
|
||||||
|
<textarea name="answer"></textarea>
|
||||||
|
<input type="hidden" name="id" value="%question_id%" />
|
||||||
|
<input type="submit" name="submit" value="Send" />
|
||||||
|
</form>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<a href="%link%&action=delete&id=%question_id%">Delete</a>
|
||||||
|
</td>
|
||||||
|
</tr>
|
@ -0,0 +1,47 @@
|
|||||||
|
Not yet answered questions:
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
From
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Question
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Answer
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%open_questions%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<hr/> Answered questions:
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
From
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Question
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
From
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Answer
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%answered_questions%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
@ -0,0 +1,59 @@
|
|||||||
|
Raum und dafür benötigte Engel bearbeiten:
|
||||||
|
<br/>
|
||||||
|
<form action="%link%&action=changesave" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Name
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="Name" value="%name%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Man
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="Man" value="%man%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
From Pentabarf
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%from_pentabarf_options%
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Show
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%show_options%
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Number
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="Number" value="%number%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
Angle Type
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Needed for this room
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
%angel_types%
|
||||||
|
</table>
|
||||||
|
<input type="hidden" name="RID" value="%room_id%" /><input type="submit" value="Save" />
|
||||||
|
</form>
|
||||||
|
<form action="%link%&action=delete" method="post">
|
||||||
|
<input type="hidden" name="RID" value="%room_id%" /><input type="submit" value="Delete" />
|
||||||
|
</form>
|
@ -0,0 +1,46 @@
|
|||||||
|
Neuen Raum einrichten:
|
||||||
|
<br/>
|
||||||
|
<form action="%link%&action=newsave" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Name
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="Name" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Man
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="Man" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
From Pentabarf
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="radio" name="FromPentabarf" value="Y" /> Yes <input type="radio" name="FromPentabarf" value="N" />No
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Show
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="radio" name="Show" value="Y" /> Yes<input type="radio" name="Show" value="N" /> No
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Number
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="Number" value="" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table><input type="submit" value="Create" />
|
||||||
|
</form>
|
@ -0,0 +1,12 @@
|
|||||||
|
<h2>The angelsystem has been (re)done by:</h2>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
?
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
helios
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
msquare
|
||||||
|
</li>
|
||||||
|
</ul>
|
@ -0,0 +1,22 @@
|
|||||||
|
<form action="%link%" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td align="right">
|
||||||
|
%nick%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="text" name="user" size="23" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td align="right">
|
||||||
|
%pass%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="password" name="password" size="23">
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<br/>
|
||||||
|
<input type="submit" name="login_submit" value="%send%">
|
||||||
|
</form>
|
@ -0,0 +1,42 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>%title% - Engelsystem</title>
|
||||||
|
<meta charset="UTF-8" />
|
||||||
|
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
|
||||||
|
<meta name="content-style-type" content="text/css" />
|
||||||
|
<meta name="keywords" content="Engel, Himmelsverwaltung" />
|
||||||
|
<meta http-equiv="Content-Style-Type" content="text/css" />
|
||||||
|
<meta http-equiv="expires" content="0" />
|
||||||
|
<meta name="robots" content="index" />
|
||||||
|
<meta name="revisit-after" content="1 days" />
|
||||||
|
<script type="text/javascript" src="css/grossbild.js">
|
||||||
|
</script>
|
||||||
|
<link rel="stylesheet" type="text/css" href="css/base.css" />
|
||||||
|
<link rel="stylesheet" type="text/css" href="css/style%theme%.css" />
|
||||||
|
</head>
|
||||||
|
<body class="background">
|
||||||
|
<header>
|
||||||
|
<a href="?" id="logo"></a>
|
||||||
|
</header>
|
||||||
|
<div id="body">
|
||||||
|
<div id="menu">
|
||||||
|
%menu%
|
||||||
|
</div>
|
||||||
|
<div id="content" class="container">
|
||||||
|
<h1>%title%</h1>
|
||||||
|
<article class="content">
|
||||||
|
%content%
|
||||||
|
</article>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<footer>
|
||||||
|
<p>
|
||||||
|
© copyleft | <a href="mailto:erzengel@lists.ccc.de">Contact</a>
|
||||||
|
| <a href="?p=credits">Credits</a>
|
||||||
|
<br/>
|
||||||
|
This is hell. Temporarily.
|
||||||
|
</p>
|
||||||
|
</footer>
|
||||||
|
</body>
|
||||||
|
</html>
|
@ -0,0 +1,50 @@
|
|||||||
|
%greeting%
|
||||||
|
<form action="%link%&action=send" method="post">
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
%new_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%date_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%from_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%to_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%text_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%messages%
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%date%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%from%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%to_select%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="text"></textarea>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="submit" name="submit" value="%submit_label%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</form>
|
@ -0,0 +1,52 @@
|
|||||||
|
Not yet answered questions:
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
Question
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%open_questions%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<hr/> Answered questions:
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
Question
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
From
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
Answer
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%answered_questions%
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<hr/>Ask an arch angel:
|
||||||
|
<form action="%link%&action=ask" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
Question:
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="question"></textarea>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input type="submit" name="submit" value="Ask" />
|
||||||
|
</form>
|
@ -0,0 +1,106 @@
|
|||||||
|
%greeting%
|
||||||
|
|
||||||
|
<hr width="100%">
|
||||||
|
%text_user_data%
|
||||||
|
<form action="%link%&action=setUserData" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>%label_nick%</td>
|
||||||
|
<td><input type="text" name="nick" size="23" value="%nick%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_name%</td>
|
||||||
|
<td><input type="text" name="name" size="23" value="%name%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_prename%</td>
|
||||||
|
<td><input type="text" name="prename" size="23" value="%prename%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_age%</td>
|
||||||
|
<td><input type="text" name="age" size="3" value="%age%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_tel%</td>
|
||||||
|
<td><input type="text" name="tel" size="40" value="%tel%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_mobile%</td>
|
||||||
|
<td><input type="text" name="mobile" size="40" value="%mobile%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_dect%</td>
|
||||||
|
<td><input type="text" name="dect" size="4" value="%dect%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_mail%</td>
|
||||||
|
<td><input type="text" name="mail" size="40" value="%mail%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>ICQ</td>
|
||||||
|
<td><input type="text" name="icq" size="40" value="%icq%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>jabber</td>
|
||||||
|
<td><input type="text" name="jabber" size="40" value="%jabber%"></td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td>%label_hometown%</td>
|
||||||
|
<td><input type="text" name="hometown" size="40" value="%hometown%"></td>
|
||||||
|
</tr>
|
||||||
|
%tshirts%
|
||||||
|
</table>
|
||||||
|
<input type="submit" value="%label_save%">
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<hr />
|
||||||
|
|
||||||
|
%text_password%
|
||||||
|
<form action="%link%&action=set" method="post">
|
||||||
|
<table>
|
||||||
|
<tr><td>%current_pw_label%</td><td><input type="password" name="current_pw" size="20"></td></tr>
|
||||||
|
<tr><td>%new_pw_label%</td><td><input type="password" name="new_pw" size="20"></td></tr>
|
||||||
|
<tr><td>%new_pw2_label%</td><td><input type="password" name="new_pw2" size="20"></td></tr>
|
||||||
|
</table>
|
||||||
|
<input type="submit" value="%label_save%">
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<hr />
|
||||||
|
|
||||||
|
%text_theme%
|
||||||
|
<form action="%link%&action=colour" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>%theme_label%</td>
|
||||||
|
<td>
|
||||||
|
%theme_select%
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input type="submit" value="%label_save%">
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<hr />
|
||||||
|
|
||||||
|
%text_language%
|
||||||
|
<form action="%link%&action=sprache" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td>%language_label%</td>
|
||||||
|
<td>
|
||||||
|
%language_select%
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input type="submit" value="%label_save%">
|
||||||
|
</form>
|
@ -0,0 +1,4 @@
|
|||||||
|
<tr>
|
||||||
|
<td>%label_size%</td>
|
||||||
|
<td>%size_select%</td>
|
||||||
|
</tr>
|
@ -0,0 +1,18 @@
|
|||||||
|
<form action="%wakeup_link%&action=create" method="post">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td align="right"> %date_text%: </td>
|
||||||
|
<td><input type="text" name="Date" value="%date_value%"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td align="right"> %place_text% </td>
|
||||||
|
<td><input type="text" name="Ort" value=""></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td align="right"> %comment_text% </td>
|
||||||
|
<td><textarea name="Bemerkung" rows="5" cols="40">
|
||||||
|
%comment_value%</textarea></td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input type="submit" name="submit" value="%submit_text%" />
|
||||||
|
</form>
|
@ -1,191 +0,0 @@
|
|||||||
<?php
|
|
||||||
$title = "Räume";
|
|
||||||
$header = "Verwaltung der Räume";
|
|
||||||
include ("../../includes/header.php");
|
|
||||||
include("../../includes/funktion_db.php");
|
|
||||||
|
|
||||||
function runSQL( $SQL)
|
|
||||||
{
|
|
||||||
global $con;
|
|
||||||
// hier muesste das SQL ausgefuehrt werden...
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
if ($Erg)
|
|
||||||
{
|
|
||||||
echo "Änderung wurde gesichert...<br>";
|
|
||||||
echo "[$SQL]<br>";
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
echo "Fehler beim speichern... bitte noch ein mal probieren :)";
|
|
||||||
echo "<br><br>".mysql_error( $con ). "<br>";
|
|
||||||
echo "[$SQL]<br>";
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function runSQL_log( $SQL, $commed)
|
|
||||||
{
|
|
||||||
global $con;
|
|
||||||
// hier muesste das SQL ausgefuehrt werden...
|
|
||||||
$Erg = db_query($SQL, $commed);
|
|
||||||
if ($Erg)
|
|
||||||
{
|
|
||||||
echo "Änderung wurde gesichert...<br>";
|
|
||||||
echo "[$SQL]<br>";
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
echo "Fehler beim speichern... bitte noch ein mal probieren :)";
|
|
||||||
echo "<br><br>".mysql_error( $con ). "<br>";
|
|
||||||
echo "[$SQL]<br>";
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$Sql = "SELECT * FROM `EngelType` ORDER BY `NAME`";
|
|
||||||
$Erg = mysql_query($Sql, $con);
|
|
||||||
|
|
||||||
if( !IsSet($_GET["action"]) )
|
|
||||||
{
|
|
||||||
echo "Hallo ".$_SESSION['Nick'].
|
|
||||||
",<br>\nhier hast du die Möglichkeit, neue Engeltypen für die Schichtpläne einzutragen ".
|
|
||||||
"oder vorhandene abzuändern:<br><br>\n";
|
|
||||||
|
|
||||||
echo "<a href=\"./EngelType.php?action=new\">- Neuen EngelType eintragen</a><br>\n";
|
|
||||||
|
|
||||||
echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
|
||||||
echo "<tr class=\"contenttopic\">\n";
|
|
||||||
|
|
||||||
for( $i = 1; $i < mysql_num_fields($Erg); $i++ )
|
|
||||||
{
|
|
||||||
echo "\t<td>". mysql_field_name($Erg, $i). "</td>";
|
|
||||||
}
|
|
||||||
echo "\t<td>Ändern</td>";
|
|
||||||
echo "</tr>";
|
|
||||||
|
|
||||||
for( $t = 0; $t < mysql_num_rows($Erg); $t++ )
|
|
||||||
{
|
|
||||||
echo "\t<tr class=\"content\">\n";
|
|
||||||
for ($j = 1; $j < mysql_num_fields($Erg); $j++)
|
|
||||||
{
|
|
||||||
echo "\t\t<td>".mysql_result($Erg, $t, $j)."</td>\n";
|
|
||||||
}
|
|
||||||
echo "\t\t<td><a href=\"./EngelType.php?action=change&TID=".mysql_result($Erg, $t, "TID")."\">###</a></td>\n";
|
|
||||||
echo "\t</tr>\n";
|
|
||||||
} // ende Auflistung Raeume
|
|
||||||
echo "</table>";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
|
|
||||||
switch ($_GET["action"]) {
|
|
||||||
|
|
||||||
case 'new':
|
|
||||||
echo "Neuen EngelType einrichten: <br>";
|
|
||||||
echo "<form action=\"./EngelType.php\" method=\"GET\">\n";
|
|
||||||
echo "<table>\n";
|
|
||||||
|
|
||||||
for( $Uj = 1; $Uj < mysql_num_fields($Erg); $Uj++ )
|
|
||||||
{
|
|
||||||
echo "<td>".mysql_field_name($Erg, $Uj)."</td>".
|
|
||||||
"<td><input type=\"text\" size=\"40\" name=\"".mysql_field_name($Erg, $Uj)."\"></td></tr>\n";
|
|
||||||
}
|
|
||||||
echo "</table>\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"newsave\">\n";
|
|
||||||
echo "<input type=\"submit\" value=\"sichern...\">\n";
|
|
||||||
echo "</form>";
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'newsave':
|
|
||||||
$vars = $_GET;
|
|
||||||
$count = count($vars) - 1;
|
|
||||||
$vars = array_splice($vars, 0, $count);
|
|
||||||
$Keys="";
|
|
||||||
$Values="";
|
|
||||||
foreach($vars as $key => $value){
|
|
||||||
$Keys .= ", `$key`";
|
|
||||||
$Values .= ", '$value'";
|
|
||||||
}
|
|
||||||
|
|
||||||
if( runSQL_log( "INSERT INTO `EngelType` (". substr($Keys, 2). ") VALUES (". substr($Values, 2). ")",
|
|
||||||
"save new EngelType") )
|
|
||||||
{
|
|
||||||
SetHeaderGo2Back();
|
|
||||||
|
|
||||||
$SQL2 = "SELECT * FROM `EngelType` WHERE `Name`='". $_GET["Name"]. "'";
|
|
||||||
$ERG = mysql_query($SQL2, $con);
|
|
||||||
|
|
||||||
if( mysql_num_rows($ERG) == 1)
|
|
||||||
runSQL_log( "ALTER TABLE `Room` ADD `DEFAULT_EID_". mysql_result( $ERG, 0, 0).
|
|
||||||
"` INT DEFAULT '0' NOT NULL;",
|
|
||||||
"add new EngelType in Romm Table");
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'change':
|
|
||||||
if (! IsSet($_GET["TID"]))
|
|
||||||
echo "Fehlerhafter Aufruf!";
|
|
||||||
else
|
|
||||||
{
|
|
||||||
echo "Raum abändern:\n";
|
|
||||||
echo "Hier kannst du eintragen, den EngelType ändern.";
|
|
||||||
echo "<form action=\"./EngelType.php\" method=\"GET\">\n";
|
|
||||||
echo "<table>\n";
|
|
||||||
|
|
||||||
$SQL2 = "SELECT * FROM `EngelType` WHERE `TID`='". $_GET["TID"]. "'";
|
|
||||||
$ERG = mysql_query($SQL2, $con);
|
|
||||||
|
|
||||||
for ($Uj = 1; $Uj < mysql_num_fields($ERG); $Uj++)
|
|
||||||
echo "<tr><td>". mysql_field_name($ERG, $Uj). "</td>".
|
|
||||||
"<td><input type=\"text\" size=\"40\" name=\"e". mysql_field_name($ERG, $Uj). "\" ".
|
|
||||||
"value=\"". mysql_result($ERG, 0, $Uj). "\"></td></tr>\n";
|
|
||||||
|
|
||||||
echo "</table>\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"eTID\" value=\"". $_GET["TID"]. "\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"changesave\">\n";
|
|
||||||
echo "<input type=\"submit\" value=\"sichern...\">\n";
|
|
||||||
echo "</form>";
|
|
||||||
echo "<form action=\"./EngelType.php\" method=\"GET\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"TID\" value=\"". $_GET["TID"]. "\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"delete\">\n";
|
|
||||||
echo "<input type=\"submit\" value=\"Löschen...\">";
|
|
||||||
echo "</form>";
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'changesave':
|
|
||||||
$vars = $_GET;
|
|
||||||
$count = count($vars) - 2;
|
|
||||||
$vars = array_splice($vars, 0, $count);
|
|
||||||
$keys="";
|
|
||||||
$sql="";
|
|
||||||
foreach($vars as $key => $value)
|
|
||||||
{
|
|
||||||
$keys = substr( $key, 1);
|
|
||||||
$sql .= ", `". $keys. "`='". $value. "'";
|
|
||||||
}
|
|
||||||
runSQL_log( "UPDATE `EngelType` SET ". substr($sql, 2). " WHERE `TID`='". $_GET["eTID"]. "'",
|
|
||||||
"Save Change EngelType");
|
|
||||||
SetHeaderGo2Back();
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'delete':
|
|
||||||
if (IsSet($_GET["TID"]))
|
|
||||||
{
|
|
||||||
if( runSQL_log( "DELETE FROM `EngelType` WHERE `TID`='". $_GET["TID"]. "'", "delete EngelType"))
|
|
||||||
runSQL_log( "ALTER TABLE `Room` DROP `DEFAULT_EID_". $_GET["TID"]. "`;",
|
|
||||||
"delete EngelType in Room Table");
|
|
||||||
}
|
|
||||||
else
|
|
||||||
echo "Fehlerhafter Aufruf";
|
|
||||||
SetHeaderGo2Back();
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
include ("../../includes/footer.php");
|
|
||||||
?>
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue