#37 schichten von fremen usern einsehen können, für dispatcher

main
Philip Häusler 13 years ago
parent 45a59ba974
commit 471cbad391

@ -1,6 +1,6 @@
<?php <?php
function admin_user() { function admin_user() {
global $user; global $user, $privileges;
$html = ""; $html = "";
@ -280,6 +280,9 @@ function admin_user() {
$title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "<br />"; $title .= "jabber: " . mysql_result($Erg, $n, "jabber") . "<br />";
$html .= "<tr class=\"content\">\n"; $html .= "<tr class=\"content\">\n";
if (in_array("user_shifts_admin", $privileges))
$html .= "\t<td><a href=\"" . page_link_to("user_myshifts") . "&id=" . mysql_result($Erg, $n, "UID") . "\">" . mysql_result($Erg, $n, "Nick") . "</a></td>\n";
else
$html .= "\t<td>" . mysql_result($Erg, $n, "Nick") . "</td>\n"; $html .= "\t<td>" . mysql_result($Erg, $n, "Nick") . "</td>\n";
$html .= "\t<td>" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "</td>\n"; $html .= "\t<td>" . mysql_result($Erg, $n, "Vorname") . " " . mysql_result($Erg, $n, "Name") . "</td>\n";
$html .= "\t<td>" . mysql_result($Erg, $n, "Alter") . "</td>\n"; $html .= "\t<td>" . mysql_result($Erg, $n, "Alter") . "</td>\n";

@ -7,6 +7,17 @@ function user_myshifts() {
global $user, $privileges; global $user, $privileges;
$msg = ""; $msg = "";
if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
$id = $_REQUEST['id'];
} else {
$id = $user['UID'];
}
list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
if ($id != $user['UID'])
$msg .= error("Du betrachtest die Schichten von " . $shifts_user['Nick'] . ".");
if (isset ($_REQUEST['reset'])) { if (isset ($_REQUEST['reset'])) {
if ($_REQUEST['reset'] == "ack") { if ($_REQUEST['reset'] == "ack") {
user_reset_ical_key(); user_reset_ical_key();
@ -16,7 +27,7 @@ function user_myshifts() {
} }
elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit']; $id = $_REQUEST['edit'];
$shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`Name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`TID`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`Name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`TID`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
if (count($shift) > 0) { if (count($shift) > 0) {
$shift = $shift[0]; $shift = $shift[0];
@ -27,7 +38,7 @@ function user_myshifts() {
} }
return template_render('../templates/user_shifts_add.html', array ( return template_render('../templates/user_shifts_add.html', array (
'angel' => $user['Nick'], 'angel' => $shifts_user['Nick'],
'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), 'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
'location' => $shift['Name'], 'location' => $shift['Name'],
'title' => $shift['name'], 'title' => $shift['name'],
@ -39,18 +50,18 @@ function user_myshifts() {
} }
elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
$id = $_REQUEST['cancel']; $id = $_REQUEST['cancel'];
$shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
if (count($shift) > 0) { if (count($shift) > 0) {
$shift = $shift[0]; $shift = $shift[0];
if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 60) || in_array('user_shifts_admin', $privileges)) { if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 60) || in_array('user_shifts_admin', $privileges)) {
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
$msg = success("Du wurdest aus der Schicht ausgetragen."); $msg .= success("Du wurdest aus der Schicht ausgetragen.");
} else } else
$msg = error("Es ist zu spät um sich aus der Schicht auszutragen. Frage ggf. einen Orga.'"); $msg .= error("Es ist zu spät um sich aus der Schicht auszutragen. Frage ggf. einen Orga.'");
} else } else
header("Location: " . page_link_to('user_myshifts')); header("Location: " . page_link_to('user_myshifts'));
} }
$shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($user['UID']) . " ORDER BY `start`"); $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
$html = ""; $html = "";
foreach ($shifts as $shift) { foreach ($shifts as $shift) {
@ -73,20 +84,19 @@ function user_myshifts() {
if ($html == "") if ($html == "")
$html = '<tr><td>Keine...</td><td></td><td></td><td></td><td></td><td>Gehe zum <a href="' . page_link_to('user_shifts') . '">Schichtplan</a> um Dich für Schichten einzutragen.</td></tr>'; $html = '<tr><td>Keine...</td><td></td><td></td><td></td><td></td><td>Gehe zum <a href="' . page_link_to('user_shifts') . '">Schichtplan</a> um Dich für Schichten einzutragen.</td></tr>';
if ($user['ical_key'] == "") if ($shifts_user['ical_key'] == "")
user_reset_ical_key(); user_reset_ical_key($shifts_user);
return template_render('../templates/user_myshifts.html', array ( return template_render('../templates/user_myshifts.html', array (
'h' => $LETZTES_AUSTRAGEN, 'h' => $LETZTES_AUSTRAGEN,
'shifts' => $html, 'shifts' => $html,
'msg' => $msg, 'msg' => $msg,
'ical_link' => page_link_to_absolute('ical') . '&key=' . $user['ical_key'], 'ical_link' => page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
'reset_link' => page_link_to('user_myshifts') . '&reset' 'reset_link' => page_link_to('user_myshifts') . '&reset'
)); ));
} }
function user_reset_ical_key() { function user_reset_ical_key($user) {
global $user;
$user['ical_key'] = md5($user['Nick'] . time() . rand()); $user['ical_key'] = md5($user['Nick'] . time() . rand());
sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
} }

@ -251,7 +251,7 @@ function user_shifts() {
$entry_list = array (); $entry_list = array ();
foreach ($entries as $entry) { foreach ($entries as $entry) {
if (in_array('user_shifts_admin', $privileges)) if (in_array('user_shifts_admin', $privileges))
$entry_list[] = $entry['Nick'] . ' <a href="' . page_link_to('user_shifts') . '&entry_id=' . $entry['id'] . '">[x]</a>'; $entry_list[] = '<a href="' . page_link_to('user_myshifts') . '&id=' . $entry['UID'] . '">' . $entry['Nick'] . '</a> <a href="' . page_link_to('user_shifts') . '&entry_id=' . $entry['id'] . '">[x]</a>';
else else
$entry_list[] = $entry['Nick']; $entry_list[] = $entry['Nick'];
} }

Loading…
Cancel
Save