' . $name);
- }
- return $items;
-}
+function make_langselect()
+{
+ $url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') > 0 ? '&' : '?') . 'set_locale=';
-?>
\ No newline at end of file
+ $items = [];
+ foreach (config('locales') as $locale => $name) {
+ $items[] = toolbar_item_link(
+ htmlspecialchars($url) . $locale,
+ '',
+ ' ' . $name
+ );
+ }
+ return $items;
+}
diff --git a/includes/helper/message_helper.php b/includes/helper/message_helper.php
index 37fc84bb..1f429c27 100644
--- a/includes/helper/message_helper.php
+++ b/includes/helper/message_helper.php
@@ -2,52 +2,76 @@
/**
* Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
+ *
+ * @return string
*/
-function msg() {
- if (! isset($_SESSION['msg'])) {
- return "";
- }
- $msg = $_SESSION['msg'];
- $_SESSION['msg'] = "";
- return $msg;
+function msg()
+{
+ if (!isset($_SESSION['msg'])) {
+ return '';
+ }
+ $msg = $_SESSION['msg'];
+ $_SESSION['msg'] = '';
+ return $msg;
}
/**
* Rendert eine Information
+ *
+ * @param string $msg
+ * @param bool $immediately
+ * @return string
*/
-function info($msg, $immediatly = false) {
- return alert('info', $msg, $immediatly);
+function info($msg, $immediately = false)
+{
+ return alert('info', $msg, $immediately);
}
/**
* Rendert eine Fehlermeldung
+ *
+ * @param string $msg
+ * @param bool $immediately
+ * @return string
*/
-function error($msg, $immediatly = false) {
- return alert('danger', $msg, $immediatly);
+function error($msg, $immediately = false)
+{
+ return alert('danger', $msg, $immediately);
}
/**
* Rendert eine Erfolgsmeldung
+ *
+ * @param string $msg
+ * @param bool $immediately
+ * @return string
*/
-function success($msg, $immediatly = false) {
- return alert('success', $msg, $immediatly);
+function success($msg, $immediately = false)
+{
+ return alert('success', $msg, $immediately);
}
/**
* Renders an alert with given alert-* class.
+ *
+ * @param string $class
+ * @param string $msg
+ * @param bool $immediately
+ * @return string|null
*/
-function alert($class, $msg, $immediatly = false) {
- if ($immediatly) {
- if ($msg == "") {
- return "";
+function alert($class, $msg, $immediately = false)
+{
+ if ($immediately) {
+ if ($msg == '') {
+ return '';
+ }
+ return '' . $msg . '
';
}
- return '' . $msg . '
';
- }
-
- if (! isset($_SESSION['msg'])) {
- $_SESSION['msg'] = "";
- }
- $_SESSION['msg'] .= alert($class, $msg, true);
-}
-?>
\ No newline at end of file
+ if (!isset($_SESSION['msg'])) {
+ $_SESSION['msg'] = '';
+ }
+ $_SESSION['msg'] .= alert($class, $msg, true);
+
+ return null;
+}
diff --git a/includes/mailer/shifts_mailer.php b/includes/mailer/shifts_mailer.php
index e1bf422b..5c0e4310 100644
--- a/includes/mailer/shifts_mailer.php
+++ b/includes/mailer/shifts_mailer.php
@@ -1,104 +1,129 @@
+function mail_shift_removed($user, $shift)
+{
+ if (!$user['email_shiftinfo']) {
+ return;
+ }
+
+ $room = Room($shift['RID']);
+
+ $message = _('You have been removed from a Shift:') . "\n";
+ $message .= $shift['name'] . "\n";
+ $message .= $shift['title'] . "\n";
+ $message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
+ $message .= $room['Name'] . "\n";
+
+ engelsystem_email_to_user($user, '[engelsystem] ' . _('Removed from Shift'), $message, true);
+}
diff --git a/includes/mailer/users_mailer.php b/includes/mailer/users_mailer.php
index b08af92b..b3f335d7 100644
--- a/includes/mailer/users_mailer.php
+++ b/includes/mailer/users_mailer.php
@@ -1,9 +1,14 @@
\ No newline at end of file
diff --git a/includes/model/AngelType_model.php b/includes/model/AngelType_model.php
index 8d6a89b3..d437f526 100644
--- a/includes/model/AngelType_model.php
+++ b/includes/model/AngelType_model.php
@@ -1,236 +1,298 @@
null,
- 'name' => "",
- 'restricted' => false,
- 'no_self_signup' => false,
- 'description' => '',
- 'requires_driver_license' => false,
- 'contact_user_id' => null,
- 'contact_name' => null,
- 'contact_dect' => null,
- 'contact_email' => null
- ];
+function AngelType_new()
+{
+ return [
+ 'id' => null,
+ 'name' => '',
+ 'restricted' => false,
+ 'no_self_signup' => false,
+ 'description' => '',
+ 'requires_driver_license' => false,
+ 'contact_user_id' => null,
+ 'contact_name' => null,
+ 'contact_dect' => null,
+ 'contact_email' => null
+ ];
}
/**
* Validates the contact user
*
- * @param Angeltype $angeltype
- * The angeltype
+ * @param array $angeltype The angeltype
* @return ValidationResult
*/
-function AngelType_validate_contact_user_id($angeltype) {
- if (! isset($angeltype['contact_user_id'])) {
- return new ValidationResult(true, null);
- }
- if (isset($angeltype['contact_name']) || isset($angeltype['contact_dect']) || isset($angeltype['contact_email'])) {
- return new ValidationResult(false, $angeltype['contact_user_id']);
- }
- if (User($angeltype['contact_user_id']) == null) {
- return new ValidationResult(false, $angeltype['contact_user_id']);
- }
- return new ValidationResult(true, $angeltype['contact_user_id']);
+function AngelType_validate_contact_user_id($angeltype)
+{
+ if (!isset($angeltype['contact_user_id'])) {
+ return new ValidationResult(true, null);
+ }
+ if (isset($angeltype['contact_name']) || isset($angeltype['contact_dect']) || isset($angeltype['contact_email'])) {
+ return new ValidationResult(false, $angeltype['contact_user_id']);
+ }
+ if (User($angeltype['contact_user_id']) == null) {
+ return new ValidationResult(false, $angeltype['contact_user_id']);
+ }
+ return new ValidationResult(true, $angeltype['contact_user_id']);
}
/**
* Returns contact data (name, dect, email) for given angeltype or null
*
- * @param Angeltype $angeltype
- * The angeltype
+ * @param array $angeltype The angeltype
+ * @return array|null
*/
-function AngelType_contact_info($angeltype) {
- if (isset($angeltype['contact_user_id'])) {
- $contact_user = User($angeltype['contact_user_id']);
- $contact_data = [
- 'contact_name' => $contact_user['Nick'],
- 'contact_dect' => $contact_user['DECT']
- ];
- if ($contact_user['email_by_human_allowed']) {
- $contact_data['contact_email'] = $contact_user['email'];
+function AngelType_contact_info($angeltype)
+{
+ if (isset($angeltype['contact_user_id'])) {
+ $contact_user = User($angeltype['contact_user_id']);
+ $contact_data = [
+ 'contact_name' => $contact_user['Nick'],
+ 'contact_dect' => $contact_user['DECT']
+ ];
+ if ($contact_user['email_by_human_allowed']) {
+ $contact_data['contact_email'] = $contact_user['email'];
+ }
+ return $contact_data;
}
- return $contact_data;
- }
- if (isset($angeltype['contact_name'])) {
- return [
- 'contact_name' => $angeltype['contact_name'],
- 'contact_dect' => $angeltype['contact_dect'],
- 'contact_email' => $angeltype['contact_email']
- ];
- }
- return null;
+ if (isset($angeltype['contact_name'])) {
+ return [
+ 'contact_name' => $angeltype['contact_name'],
+ 'contact_dect' => $angeltype['contact_dect'],
+ 'contact_email' => $angeltype['contact_email']
+ ];
+ }
+
+ return null;
}
/**
* Delete an Angeltype.
*
- * @param Angeltype $angeltype
+ * @param array $angeltype
+ * @return bool
*/
-function AngelType_delete($angeltype) {
- $result = sql_query("
- DELETE FROM `AngelTypes`
- WHERE `id`='" . sql_escape($angeltype['id']) . "'
- LIMIT 1");
- if ($result === false) {
- engelsystem_error("Unable to delete angeltype.");
- }
- engelsystem_log("Deleted angeltype: " . AngelType_name_render($angeltype));
- return $result;
+function AngelType_delete($angeltype)
+{
+ $result = DB::delete('
+ DELETE FROM `AngelTypes`
+ WHERE `id`=?
+ LIMIT 1
+ ', [$angeltype['id']]);
+ if (is_null($result)) {
+ engelsystem_error('Unable to delete angeltype.');
+ }
+ engelsystem_log('Deleted angeltype: ' . AngelType_name_render($angeltype));
+ return true;
}
/**
* Update Angeltype.
*
- * @param Angeltype $angeltype
- * The angeltype
+ * @param array $angeltype The angeltype
+ * @return bool
*/
-function AngelType_update($angeltype) {
- $result = sql_query("
- UPDATE `AngelTypes` SET
- `name`='" . sql_escape($angeltype['name']) . "',
- `restricted`=" . sql_bool($angeltype['restricted']) . ",
- `description`='" . sql_escape($angeltype['description']) . "',
- `requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ",
- `no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . ",
- `contact_user_id`=" . sql_null($angeltype['contact_user_id']) . ",
- `contact_name`=" . sql_null($angeltype['contact_name']) . ",
- `contact_dect`=" . sql_null($angeltype['contact_dect']) . ",
- `contact_email`=" . sql_null($angeltype['contact_email']) . "
- WHERE `id`='" . sql_escape($angeltype['id']) . "'");
- if ($result === false) {
- engelsystem_error("Unable to update angeltype.");
- }
- engelsystem_log("Updated angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['no_self_signup'] ? ", no_self_signup" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : ""));
- return $result;
+function AngelType_update($angeltype)
+{
+ $result = DB::update('
+ UPDATE `AngelTypes` SET
+ `name` = ?,
+ `restricted` = ?,
+ `description` = ?,
+ `requires_driver_license` = ?,
+ `no_self_signup` = ?,
+ `contact_user_id` = ?,
+ `contact_name` = ?,
+ `contact_dect` = ?,
+ `contact_email` = ?
+ WHERE `id` = ?',
+ [
+ $angeltype['name'],
+ $angeltype['restricted'],
+ $angeltype['description'],
+ $angeltype['requires_driver_license'],
+ $angeltype['no_self_signup'],
+ $angeltype['contact_user_id'],
+ $angeltype['contact_name'],
+ $angeltype['contact_dect'],
+ $angeltype['contact_email'],
+ $angeltype['id'],
+ ]
+ );
+ if (is_null($result)) {
+ engelsystem_error('Unable to update angeltype.');
+ }
+ engelsystem_log(
+ 'Updated angeltype: ' . $angeltype['name'] . ($angeltype['restricted'] ? ', restricted' : '')
+ . ($angeltype['no_self_signup'] ? ', no_self_signup' : '')
+ . ($angeltype['requires_driver_license'] ? ', requires driver license' : '')
+ );
+ return true;
}
/**
* Create an Angeltype.
*
- * @param Angeltype $angeltype
- * The angeltype
- * @return the created angeltype
+ * @param array $angeltype The angeltype
+ * @return array the created angeltype
*/
-function AngelType_create($angeltype) {
- $result = sql_query("
- INSERT INTO `AngelTypes` SET
- `name`='" . sql_escape($angeltype['name']) . "',
- `restricted`=" . sql_bool($angeltype['restricted']) . ",
- `description`='" . sql_escape($angeltype['description']) . "',
- `requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ",
- `no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . ",
- `contact_user_id`=" . sql_null($angeltype['contact_user_id']) . ",
- `contact_name`=" . sql_null($angeltype['contact_name']) . ",
- `contact_dect`=" . sql_null($angeltype['contact_dect']) . ",
- `contact_email`=" . sql_null($angeltype['contact_email']));
- if ($result === false) {
- engelsystem_error("Unable to create angeltype.");
- }
- $angeltype['id'] = sql_id();
- engelsystem_log("Created angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : ""));
- return $angeltype;
+function AngelType_create($angeltype)
+{
+ $result = DB::insert('
+ INSERT INTO `AngelTypes` (
+ `name`,
+ `restricted`,
+ `description`,
+ `requires_driver_license`,
+ `no_self_signup`,
+ `contact_user_id`,
+ `contact_name`,
+ `contact_dect`,
+ `contact_email`
+ )
+ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+ ',
+ [
+ $angeltype['name'],
+ (bool)$angeltype['restricted'],
+ $angeltype['description'],
+ (bool)$angeltype['requires_driver_license'],
+ (bool)$angeltype['no_self_signup'],
+ $angeltype['contact_user_id'],
+ $angeltype['contact_name'],
+ $angeltype['contact_dect'],
+ $angeltype['contact_email'],
+ ]
+ );
+ if (is_null($result)) {
+ engelsystem_error('Unable to create angeltype.');
+ }
+ $angeltype['id'] = DB::getPdo()->lastInsertId();
+ engelsystem_log(
+ 'Created angeltype: ' . $angeltype['name']
+ . ($angeltype['restricted'] ? ', restricted' : '')
+ . ($angeltype['requires_driver_license'] ? ', requires driver license' : '')
+ );
+ return $angeltype;
}
/**
* Validates a name for angeltypes.
* Returns ValidationResult containing validation success and validated name.
*
- * @param string $name
- * Wanted name for the angeltype
- * @param AngelType $angeltype
- * The angeltype the name is for
+ * @param string $name Wanted name for the angeltype
+ * @param array $angeltype The angeltype the name is for
+ *
* @return ValidationResult result and validated name
*/
-function AngelType_validate_name($name, $angeltype) {
- $name = strip_item($name);
- if ($name == "") {
- return new ValidationResult(false, "");
- }
- if ($angeltype != null && isset($angeltype['id'])) {
- $valid = sql_num_query("
- SELECT *
- FROM `AngelTypes`
- WHERE `name`='" . sql_escape($name) . "'
- AND NOT `id`='" . sql_escape($angeltype['id']) . "'
- LIMIT 1") == 0;
+function AngelType_validate_name($name, $angeltype)
+{
+ $name = strip_item($name);
+ if ($name == '') {
+ return new ValidationResult(false, '');
+ }
+ if ($angeltype != null && isset($angeltype['id'])) {
+ $valid = (count(DB::select('
+ SELECT `id`
+ FROM `AngelTypes`
+ WHERE `name`=?
+ AND NOT `id`=?
+ LIMIT 1
+ ', [$name, $angeltype['id']])) == 0);
+ return new ValidationResult($valid, $name);
+ }
+ $valid = (count(DB::select('
+ SELECT `id`
+ FROM `AngelTypes`
+ WHERE `name`=?
+ LIMIT 1', [$name])) == 0);
return new ValidationResult($valid, $name);
- }
- $valid = sql_num_query("
- SELECT `id`
- FROM `AngelTypes`
- WHERE `name`='" . sql_escape($name) . "'
- LIMIT 1") == 0;
- return new ValidationResult($valid, $name);
}
/**
* Returns all angeltypes and subscription state to each of them for given user.
*
- * @param User $user
+ * @param array $user
+ * @return array
*/
-function AngelTypes_with_user($user) {
- $result = sql_select("
- SELECT `AngelTypes`.*,
- `UserAngelTypes`.`id` as `user_angeltype_id`,
+function AngelTypes_with_user($user)
+{
+ $result = DB::select('
+ SELECT `AngelTypes`.*,
+ `UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`
- FROM `AngelTypes`
- LEFT JOIN `UserAngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id`
- AND `UserAngelTypes`.`user_id`=" . $user['UID'] . "
- ORDER BY `name`");
- if ($result === false) {
- engelsystem_error("Unable to load angeltypes.");
- }
- return $result;
+ FROM `AngelTypes`
+ LEFT JOIN `UserAngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id`
+ AND `UserAngelTypes`.`user_id` = ?
+ ORDER BY `name`', [$user['UID']]);
+
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load angeltypes.');
+ }
+ return $result;
}
/**
* Returns all angeltypes.
+ *
+ * @return array
*/
-function AngelTypes() {
- $result = sql_select("
- SELECT *
- FROM `AngelTypes`
- ORDER BY `name`");
- if ($result === false) {
- engelsystem_error("Unable to load angeltypes.");
- }
- return $result;
+function AngelTypes()
+{
+ $result = DB::select('
+ SELECT *
+ FROM `AngelTypes`
+ ORDER BY `name`');
+
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load angeltypes.');
+ }
+ return $result;
}
/**
* Returns AngelType id array
+ *
+ * @return array
*/
-function AngelType_ids() {
- $result = sql_select("SELECT `id` FROM `AngelTypes`");
- if ($result === false) {
- engelsystem_error("Unable to load angeltypes.");
- }
- return select_array($result, 'id', 'id');
+function AngelType_ids()
+{
+ $result = DB::select('SELECT `id` FROM `AngelTypes`');
+
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load angeltypes.');
+ }
+ return select_array($result, 'id', 'id');
}
/**
* Returns angelType by id.
*
- * @param $angeltype_id angelType
- * ID
+ * @param int $angeltype_id angelType ID
+ * @return array|null
*/
-function AngelType($angeltype_id) {
- $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "'");
- if ($angelType_source === false) {
- engelsystem_error("Unable to load angeltype.");
- }
- if (count($angelType_source) > 0) {
- return $angelType_source[0];
- }
- return null;
-}
+function AngelType($angeltype_id)
+{
+ $angelType_source = DB::select(
+ 'SELECT * FROM `AngelTypes` WHERE `id`=?',
+ [$angeltype_id]
+ );
+
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load angeltype.');
+ }
-?>
+ if (empty($angelType_source)) {
+ return null;
+ }
+
+ return array_shift($angelType_source);
+}
diff --git a/includes/model/EventConfig_model.php b/includes/model/EventConfig_model.php
index de5073d0..f5846870 100644
--- a/includes/model/EventConfig_model.php
+++ b/includes/model/EventConfig_model.php
@@ -1,46 +1,85 @@
0) {
- return $event_config[0];
- }
- return null;
+function EventConfig()
+{
+ $event_config = DB::select('SELECT * FROM `EventConfig` LIMIT 1');
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load event config.');
+ return null;
+ }
+
+ if (empty($event_config)) {
+ return null;
+ }
+
+ return array_shift($event_config);
}
/**
* Update event config.
*
- * @param string $event_name
- * @param int $buildup_start_date
- * @param int $event_start_date
- * @param int $event_end_date
- * @param int $teardown_end_date
- * @param string $event_welcome_msg
+ * @param string $event_name
+ * @param int $buildup_start_date
+ * @param int $event_start_date
+ * @param int $event_end_date
+ * @param int $teardown_end_date
+ * @param string $event_welcome_msg
+ * @return bool
*/
-function EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg) {
- if (EventConfig() == null) {
- return sql_query("INSERT INTO `EventConfig` SET
- `event_name`=" . sql_null($event_name) . ",
- `buildup_start_date`=" . sql_null($buildup_start_date) . ",
- `event_start_date`=" . sql_null($event_start_date) . ",
- `event_end_date`=" . sql_null($event_end_date) . ",
- `teardown_end_date`=" . sql_null($teardown_end_date) . ",
- `event_welcome_msg`=" . sql_null($event_welcome_msg));
- }
- return sql_query("UPDATE `EventConfig` SET
- `event_name`=" . sql_null($event_name) . ",
- `buildup_start_date`=" . sql_null($buildup_start_date) . ",
- `event_start_date`=" . sql_null($event_start_date) . ",
- `event_end_date`=" . sql_null($event_end_date) . ",
- `teardown_end_date`=" . sql_null($teardown_end_date) . ",
- `event_welcome_msg`=" . sql_null($event_welcome_msg));
+function EventConfig_update(
+ $event_name,
+ $buildup_start_date,
+ $event_start_date,
+ $event_end_date,
+ $teardown_end_date,
+ $event_welcome_msg
+) {
+ if (EventConfig() == null) {
+ return DB::insert('
+ INSERT INTO `EventConfig` (
+ `event_name`,
+ `buildup_start_date`,
+ `event_start_date`,
+ `event_end_date`,
+ `teardown_end_date`,
+ `event_welcome_msg`
+ )
+ VALUES (?, ?, ?, ?, ?, ?)
+ ',
+ [
+ $event_name,
+ $buildup_start_date,
+ $event_start_date,
+ $event_end_date,
+ $teardown_end_date,
+ $event_welcome_msg
+ ]
+ );
+ }
+
+ return (bool)DB::update('
+ UPDATE `EventConfig` SET
+ `event_name` = ?,
+ `buildup_start_date` = ?,
+ `event_start_date` = ?,
+ `event_end_date` = ?,
+ `teardown_end_date` = ?,
+ `event_welcome_msg` = ?
+ ',
+ [
+ $event_name,
+ $buildup_start_date,
+ $event_start_date,
+ $event_end_date,
+ $teardown_end_date,
+ $event_welcome_msg,
+ ]
+ );
}
-?>
diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php
index 09bd03dc..0e11bf8e 100644
--- a/includes/model/LogEntries_model.php
+++ b/includes/model/LogEntries_model.php
@@ -1,38 +1,62 @@
diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php
index 652b60ea..ebd4b37e 100644
--- a/includes/model/Message_model.php
+++ b/includes/model/Message_model.php
@@ -1,27 +1,30 @@
0) {
- return $message_source[0];
- }
- return null;
+function Message($message_id)
+{
+ $message_source = DB::select('SELECT * FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]);
+ if (empty($message_source)) {
+ return null;
+ }
+ return array_shift($message_source);
}
/**
@@ -29,23 +32,39 @@ function Message($message_id) {
* TODO: global $user con not be used in model!
* send message
*
- * @param $receiver_user_id User
- * ID of Reciever
- * @param $text Text
- * of Message
+ * @param int $receiver_user_id User ID of Reciever
+ * @param string $text Text of Message
+ * @return bool
*/
-function Message_send($receiver_user_id, $text) {
- global $user;
-
- $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
- $receiver_user_id = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($receiver_user_id));
-
- if (($text != "" && is_numeric($receiver_user_id)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($receiver_user_id) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
- sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($receiver_user_id) . "', `Text`='" . sql_escape($text) . "'");
- return true;
- }
-
- return false;
-}
+function Message_send($receiver_user_id, $text)
+{
+ global $user;
-?>
\ No newline at end of file
+ $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
+ $receiver_user_id = preg_replace('/([^\d]{1,})/ui', '', strip_tags($receiver_user_id));
+
+ if (
+ ($text != '' && is_numeric($receiver_user_id))
+ && count(DB::select('
+ SELECT `UID`
+ FROM `User`
+ WHERE `UID` = ?
+ AND NOT `UID` = ?
+ LIMIT 1
+ ', [$receiver_user_id, $user['UID']])) > 0
+ ) {
+ return DB::insert('
+ INSERT INTO `Messages` (`Datum`, `SUID`, `RUID`, `Text`)
+ VALUES(?, ?, ?, ?)
+ ',
+ [
+ time(),
+ $user['UID'],
+ $receiver_user_id,
+ $text
+ ]
+ );
+ }
+
+ return false;
+}
diff --git a/includes/model/NeededAngelTypes_model.php b/includes/model/NeededAngelTypes_model.php
index 3bd3660f..97b085f0 100644
--- a/includes/model/NeededAngelTypes_model.php
+++ b/includes/model/NeededAngelTypes_model.php
@@ -1,5 +1,7 @@
lastInsertId();
}
/**
* Deletes all needed angel types from given shift.
*
- * @param int $shift_id
- * id of the shift
+ * @param int $shift_id id of the shift
+ * @return int count of affected rows
*/
-function NeededAngelTypes_delete_by_shift($shift_id) {
- return sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'");
+function NeededAngelTypes_delete_by_shift($shift_id)
+{
+ return (int)DB::delete('DELETE FROM `NeededAngelTypes` WHERE `shift_id` = ?', [$shift_id]);
}
/**
* Deletes all needed angel types from given room.
*
- * @param int $room_id
- * id of the room
+ * @param int $room_id id of the room
+ * @return int count of affected rows
*/
-function NeededAngelTypes_delete_by_room($room_id) {
- return sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
+function NeededAngelTypes_delete_by_room($room_id)
+{
+ return (int)DB::delete(
+ 'DELETE FROM `NeededAngelTypes` WHERE `room_id` = ?',
+ [$room_id]
+ );
}
/**
* Returns all needed angeltypes and already taken needs.
*
- * @param int $shiftID
- * id of shift
+ * @param int $shiftId id of shift
+ * @return array
*/
-function NeededAngelTypes_by_shift($shiftId) {
- $needed_angeltypes_source = sql_select("
+function NeededAngelTypes_by_shift($shiftId)
+{
+ $needed_angeltypes_source = DB::select('
SELECT `NeededAngelTypes`.*, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
- WHERE `shift_id`='" . sql_escape($shiftId) . "'
+ WHERE `shift_id` = ?
AND `count` > 0
- ORDER BY `room_id` DESC
- ");
- if ($needed_angeltypes_source === false) {
- engelsystem_error("Unable to load needed angeltypes.");
- }
-
- // Use settings from room
- if (count($needed_angeltypes_source) == 0) {
- $needed_angeltypes_source = sql_select("
+ ORDER BY `room_id` DESC',
+ [$shiftId]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load needed angeltypes.');
+ }
+
+ // Use settings from room
+ if (count($needed_angeltypes_source) == 0) {
+ $needed_angeltypes_source = DB::select('
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
JOIN `Shifts` ON `Shifts`.`RID` = `NeededAngelTypes`.`room_id`
- WHERE `Shifts`.`SID`='" . sql_escape($shiftId) . "'
+ WHERE `Shifts`.`SID` = ?
AND `count` > 0
ORDER BY `room_id` DESC
- ");
- if ($needed_angeltypes_source === false) {
- engelsystem_error("Unable to load needed angeltypes.");
+ ', [$shiftId]);
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load needed angeltypes.');
+ }
}
- }
-
- $shift_entries = ShiftEntries_by_shift($shiftId);
- $needed_angeltypes = [];
- foreach ($needed_angeltypes_source as $angeltype) {
- $angeltype['shift_entries'] = [];
- $angeltype['taken'] = 0;
- foreach ($shift_entries as $shift_entry) {
- if ($shift_entry['TID'] == $angeltype['angel_type_id'] && $shift_entry['freeloaded'] == 0) {
- $angeltype['taken'] ++;
- $angeltype['shift_entries'][] = $shift_entry;
- }
+
+ $shift_entries = ShiftEntries_by_shift($shiftId);
+ $needed_angeltypes = [];
+ foreach ($needed_angeltypes_source as $angeltype) {
+ $angeltype['shift_entries'] = [];
+ $angeltype['taken'] = 0;
+ foreach ($shift_entries as $shift_entry) {
+ if ($shift_entry['TID'] == $angeltype['angel_type_id'] && $shift_entry['freeloaded'] == 0) {
+ $angeltype['taken']++;
+ $angeltype['shift_entries'][] = $shift_entry;
+ }
+ }
+
+ $needed_angeltypes[] = $angeltype;
}
-
- $needed_angeltypes[] = $angeltype;
- }
-
- return $needed_angeltypes;
-}
-?>
\ No newline at end of file
+ return $needed_angeltypes;
+}
diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php
index 14935de0..c8399bc4 100644
--- a/includes/model/Room_model.php
+++ b/includes/model/Room_model.php
@@ -1,60 +1,82 @@
lastInsertId();
}
/**
* Returns room by id.
*
- * @param $room_id RID
+ * @param int $room_id RID
+ * @param bool $show_only
+ * @return array|false
*/
-function Room($room_id) {
- $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($room_id) . "'");
-
- if ($room_source === false) {
- return false;
- }
- if (count($room_source) > 0) {
- return $room_source[0];
- }
- return null;
-}
+function Room($room_id, $show_only = true)
+{
+ $room_source = DB::select('
+ SELECT *
+ FROM `Room`
+ WHERE `RID` = ?
+ ' . ($show_only ? 'AND `show` = \'Y\'' : ''),
+ [$room_id]
+ );
-?>
+ if (DB::getStm()->errorCode() != '00000') {
+ return false;
+ }
+
+ if (empty($room_source)) {
+ return null;
+ }
+
+ return array_shift($room_source);
+}
diff --git a/includes/model/ShiftEntry_model.php b/includes/model/ShiftEntry_model.php
index 9f4faf9e..d7810feb 100644
--- a/includes/model/ShiftEntry_model.php
+++ b/includes/model/ShiftEntry_model.php
@@ -1,152 +1,251 @@
null,
- 'SID' => null,
- 'TID' => null,
- 'UID' => null,
- 'Comment' => null,
- 'freeloaded_comment' => null,
- 'freeloaded' => false
- ];
+function ShiftEntry_new()
+{
+ return [
+ 'id' => null,
+ 'SID' => null,
+ 'TID' => null,
+ 'UID' => null,
+ 'Comment' => null,
+ 'freeloaded_comment' => null,
+ 'freeloaded' => false
+ ];
}
/**
* Counts all freeloaded shifts.
+ *
+ * @return int
*/
-function ShiftEntries_freeleaded_count() {
- return sql_select_single_cell("SELECT COUNT(*) FROM `ShiftEntry` WHERE `freeloaded` = 1");
+function ShiftEntries_freeleaded_count()
+{
+ $result = DB::select('SELECT COUNT(*) FROM `ShiftEntry` WHERE `freeloaded` = 1');
+ $result = array_shift($result);
+
+ if (!is_array($result)) {
+ return 0;
+ }
+
+ return (int)array_shift($result);
}
/**
* List users subsribed to a given shift.
+ *
+ * @param int $shift_id
+ * @return array
*/
-function ShiftEntries_by_shift($shift_id) {
- return sql_select("
- SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `AngelTypes`.`name` as `angel_type_name`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
- FROM `ShiftEntry`
- JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
- JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
- WHERE `ShiftEntry`.`SID`='" . sql_escape($shift_id) . "'");
+function ShiftEntries_by_shift($shift_id)
+{
+ return DB::select('
+ SELECT
+ `User`.`Nick`,
+ `User`.`email`,
+ `User`.`email_shiftinfo`,
+ `User`.`Sprache`,
+ `User`.`Gekommen`,
+ `ShiftEntry`.`UID`,
+ `ShiftEntry`.`TID`,
+ `ShiftEntry`.`SID`,
+ `AngelTypes`.`name` AS `angel_type_name`,
+ `ShiftEntry`.`Comment`,
+ `ShiftEntry`.`freeloaded`
+ FROM `ShiftEntry`
+ JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
+ JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
+ WHERE `ShiftEntry`.`SID` = ?',
+ [$shift_id]
+ );
}
/**
* Create a new shift entry.
*
- * @param ShiftEntry $shift_entry
+ * @param array $shift_entry
+ * @return bool
*/
-function ShiftEntry_create($shift_entry) {
- mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID']));
- return sql_query("INSERT INTO `ShiftEntry` SET
- `SID`='" . sql_escape($shift_entry['SID']) . "',
- `TID`='" . sql_escape($shift_entry['TID']) . "',
- `UID`='" . sql_escape($shift_entry['UID']) . "',
- `Comment`='" . sql_escape($shift_entry['Comment']) . "',
- `freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
- `freeloaded`=" . sql_bool($shift_entry['freeloaded']));
+function ShiftEntry_create($shift_entry)
+{
+ mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID']));
+ return DB::insert('
+ INSERT INTO `ShiftEntry` (
+ `SID`,
+ `TID`,
+ `UID`,
+ `Comment`,
+ `freeload_comment`,
+ `freeloaded`
+ )
+ VALUES(?, ?, ?, ?, ?, ?)
+ ',
+ [
+ $shift_entry['SID'],
+ $shift_entry['TID'],
+ $shift_entry['UID'],
+ $shift_entry['Comment'],
+ $shift_entry['freeload_comment'],
+ $shift_entry['freeloaded'],
+ ]
+ );
}
/**
* Update a shift entry.
+ *
+ * @param array $shift_entry
+ * @return bool
*/
-function ShiftEntry_update($shift_entry) {
- return sql_query("UPDATE `ShiftEntry` SET
- `Comment`='" . sql_escape($shift_entry['Comment']) . "',
- `freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
- `freeloaded`=" . sql_bool($shift_entry['freeloaded']) . "
- WHERE `id`='" . sql_escape($shift_entry['id']) . "'");
+function ShiftEntry_update($shift_entry)
+{
+ DB::update('
+ UPDATE `ShiftEntry`
+ SET
+ `Comment` = ?,
+ `freeload_comment` = ?,
+ `freeloaded` = ?
+ WHERE `id` = ?',
+ [
+ $shift_entry['Comment'],
+ $shift_entry['freeload_comment'],
+ $shift_entry['freeloaded'],
+ $shift_entry['id']
+ ]
+ );
+
+ return (DB::getStm()->errorCode() == '00000');
}
/**
* Get a shift entry.
+ *
+ * @param int $shift_entry_id
+ * @return array|false|null
*/
-function ShiftEntry($shift_entry_id) {
- $shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
- if ($shift_entry === false) {
- return false;
- }
- if (count($shift_entry) == 0) {
- return null;
- }
- return $shift_entry[0];
+function ShiftEntry($shift_entry_id)
+{
+ $shift_entry = DB::select('SELECT * FROM `ShiftEntry` WHERE `id` = ?', [$shift_entry_id]);
+ if (DB::getStm()->errorCode() != '00000') {
+ return false;
+ }
+ if (empty($shift_entry)) {
+ return null;
+ }
+ return $shift_entry[0];
}
/**
* Delete a shift entry.
+ *
+ * @param int $shift_entry_id
+ * @return bool
*/
-function ShiftEntry_delete($shift_entry_id) {
- $shift_entry = ShiftEntry($shift_entry_id);
- mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID']));
- return sql_query("DELETE FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
+function ShiftEntry_delete($shift_entry_id)
+{
+ $shift_entry = ShiftEntry($shift_entry_id);
+ mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID']));
+ return DB::delete('DELETE FROM `ShiftEntry` WHERE `id` = ?', [$shift_entry_id]);
}
/**
* Returns next (or current) shifts of given user.
*
- * @param User $user
+ * @param array $user
+ * @return array
*/
-function ShiftEntries_upcoming_for_user($user) {
- return sql_select("
- SELECT *
- FROM `ShiftEntry`
- JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
- JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
- WHERE `ShiftEntry`.`UID`=" . sql_escape($user['UID']) . "
- AND `Shifts`.`end` > " . sql_escape(time()) . "
- ORDER BY `Shifts`.`end`
- ");
+function ShiftEntries_upcoming_for_user($user)
+{
+ return DB::select('
+ SELECT *
+ FROM `ShiftEntry`
+ JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
+ JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
+ WHERE `ShiftEntry`.`UID` = ?
+ AND `Shifts`.`end` > ?
+ ORDER BY `Shifts`.`end`
+ ',
+ [
+ $user['UID'],
+ time(),
+ ]
+ );
}
/**
* Returns shifts completed by the given user.
*
- * @param User $user
+ * @param array $user
+ * @return array
*/
-function ShiftEntries_finished_by_user($user) {
- return sql_select("
- SELECT *
- FROM `ShiftEntry`
- JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
- JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
- WHERE `ShiftEntry`.`UID`=" . sql_escape($user['UID']) . "
- AND `Shifts`.`end` < " . sql_escape(time()) . "
- AND `ShiftEntry`.`freeloaded` = 0
- ORDER BY `Shifts`.`end`
- ");
+function ShiftEntries_finished_by_user($user)
+{
+ return DB::select('
+ SELECT *
+ FROM `ShiftEntry`
+ JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
+ JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
+ WHERE `ShiftEntry`.`UID` = ?
+ AND `Shifts`.`end` < ?
+ AND `ShiftEntry`.`freeloaded` = 0
+ ORDER BY `Shifts`.`end`
+ ',
+ [
+ $user['UID'],
+ time(),
+ ]
+ );
}
/**
* Returns all shift entries in given shift for given angeltype.
*
- * @param int $shift_id
- * @param int $angeltype_id
+ * @param int $shift_id
+ * @param int $angeltype_id
+ * @return array
*/
-function ShiftEntries_by_shift_and_angeltype($shift_id, $angeltype_id) {
- $result = sql_select("
- SELECT *
- FROM `ShiftEntry`
- WHERE `SID`=" . sql_escape($shift_id) . "
- AND `TID`=" . sql_escape($angeltype_id) . "
- ");
- if ($result === false) {
- engelsystem_error("Unable to load shift entries.");
- }
- return $result;
+function ShiftEntries_by_shift_and_angeltype($shift_id, $angeltype_id)
+{
+ $result = DB::select('
+ SELECT *
+ FROM `ShiftEntry`
+ WHERE `SID` = ?
+ AND `TID` = ?
+ ',
+ [
+ $shift_id,
+ $angeltype_id,
+ ]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load shift entries.');
+ }
+ return $result;
}
/**
* Returns all freeloaded shifts for given user.
+ *
+ * @param array $user
+ * @return array
*/
-function ShiftEntries_freeloaded_by_user($user) {
- return sql_select("SELECT *
- FROM `ShiftEntry`
- WHERE `freeloaded` = 1
- AND `UID`=" . sql_escape($user['UID']));
+function ShiftEntries_freeloaded_by_user($user)
+{
+ return DB::select('
+ SELECT *
+ FROM `ShiftEntry`
+ WHERE `freeloaded` = 1
+ AND `UID` = ?
+ ',
+ [
+ $user['UID']
+ ]
+ );
}
-
-?>
diff --git a/includes/model/ShiftSignupState.php b/includes/model/ShiftSignupState.php
index 393023ee..9b3de496 100644
--- a/includes/model/ShiftSignupState.php
+++ b/includes/model/ShiftSignupState.php
@@ -6,112 +6,136 @@ namespace Engelsystem;
* BO to represent if there are free slots on a shift for a given angeltype
* and if signup for a given user is possible (or not, because of collisions, etc.)
*/
-class ShiftSignupState {
-
- /**
- * Shift has free places
- */
- const FREE = 'FREE';
-
- /**
- * Shift collides with users shifts
- */
- const COLLIDES = 'COLLIDES';
-
- /**
- * User cannot join because of a restricted angeltype or user is not in the angeltype
- */
- const ANGELTYPE = 'ANGELTYPE';
-
- /**
- * Shift is full
- */
- const OCCUPIED = 'OCCUPIED';
-
- /**
- * User is admin and can do what he wants.
- */
- const ADMIN = 'ADMIN';
-
- /**
- * Shift has already ended, no signup
- */
- const SHIFT_ENDED = 'SHIFT_ENDED';
-
- /**
- * User is already signed up
- */
- const SIGNED_UP = 'SIGNED_UP';
-
- private $state;
-
- private $freeEntries;
-
- public function __construct($state, $free_entries) {
- $this->state = $state;
- $this->freeEntries = $free_entries;
- }
-
- /**
- * Combine this state with another state from the same shift.
- *
- * @param ShiftSignupState $shiftSignupState
- * The other state to combine
- */
- public function combineWith(ShiftSignupState $shiftSignupState) {
- $this->freeEntries += $shiftSignupState->getFreeEntries();
-
- if ($this->valueForState($shiftSignupState->state) > $this->valueForState($this->state)) {
- $this->state = $shiftSignupState->state;
+class ShiftSignupState
+{
+ /**
+ * Shift has free places
+ */
+ const FREE = 'FREE';
+
+ /**
+ * Shift collides with users shifts
+ */
+ const COLLIDES = 'COLLIDES';
+
+ /**
+ * User cannot join because of a restricted angeltype or user is not in the angeltype
+ */
+ const ANGELTYPE = 'ANGELTYPE';
+
+ /**
+ * Shift is full
+ */
+ const OCCUPIED = 'OCCUPIED';
+
+ /**
+ * User is admin and can do what he wants.
+ */
+ const ADMIN = 'ADMIN';
+
+ /**
+ * Shift has already ended, no signup
+ */
+ const SHIFT_ENDED = 'SHIFT_ENDED';
+
+ /**
+ * User is already signed up
+ */
+ const SIGNED_UP = 'SIGNED_UP';
+
+ /** @var string */
+ private $state;
+
+ /** @var int */
+ private $freeEntries;
+
+ /**
+ * ShiftSignupState constructor.
+ *
+ * @param string $state
+ * @param int $free_entries
+ */
+ public function __construct($state, $free_entries)
+ {
+ $this->state = $state;
+ $this->freeEntries = $free_entries;
}
- }
-
- private function valueForState($state) {
- switch ($state) {
- case ShiftSignupState::SHIFT_ENDED:
- return 100;
-
- case ShiftSignupState::SIGNED_UP:
- return 90;
-
- case ShiftSignupState::FREE:
- return 80;
-
- case ShiftSignupState::ANGELTYPE:
- case ShiftSignupState::COLLIDES:
- return 70;
-
- case ShiftSignupState::OCCUPIED:
- case ShiftSignupState::ADMIN:
- return 60;
+
+ /**
+ * Combine this state with another state from the same shift.
+ *
+ * @param ShiftSignupState $shiftSignupState
+ * The other state to combine
+ */
+ public function combineWith(ShiftSignupState $shiftSignupState)
+ {
+ $this->freeEntries += $shiftSignupState->getFreeEntries();
+
+ if ($this->valueForState($shiftSignupState->state) > $this->valueForState($this->state)) {
+ $this->state = $shiftSignupState->state;
+ }
}
- }
-
- /**
- * Returns true, if signup is allowed
- */
- public function isSignupAllowed() {
- switch ($this->state) {
- case ShiftSignupState::FREE:
- case ShiftSignupState::ADMIN:
- return true;
+
+ /**
+ * @param string $state
+ * @return int
+ */
+ private function valueForState($state)
+ {
+ switch ($state) {
+ case ShiftSignupState::SHIFT_ENDED:
+ return 100;
+
+ case ShiftSignupState::SIGNED_UP:
+ return 90;
+
+ case ShiftSignupState::FREE:
+ return 80;
+
+ case ShiftSignupState::ANGELTYPE:
+ case ShiftSignupState::COLLIDES:
+ return 70;
+
+ case ShiftSignupState::OCCUPIED:
+ case ShiftSignupState::ADMIN:
+ return 60;
+ default:
+ return 0;
+ }
+ }
+
+ /**
+ * Returns true, if signup is allowed
+ *
+ * @return bool
+ */
+ public function isSignupAllowed()
+ {
+ switch ($this->state) {
+ case ShiftSignupState::FREE:
+ case ShiftSignupState::ADMIN:
+ return true;
+ }
+ return false;
}
- return false;
- }
-
- /**
- * Return the shift signup state
- */
- public function getState() {
- return $this->state;
- }
-
- /**
- * How many places are free in this shift for the angeltype?
- */
- public function getFreeEntries() {
- return $this->freeEntries;
- }
-}
-?>
\ No newline at end of file
+ /**
+ * Return the shift signup state
+ *
+ * @return string
+ */
+ public function getState()
+ {
+ return $this->state;
+ }
+
+ /**
+ * How many places are free in this shift for the angeltype?
+ *
+ * @return int
+ */
+ public function getFreeEntries()
+ {
+ return $this->freeEntries;
+ }
+}
diff --git a/includes/model/ShiftTypes_model.php b/includes/model/ShiftTypes_model.php
index 89704a65..96a823d4 100644
--- a/includes/model/ShiftTypes_model.php
+++ b/includes/model/ShiftTypes_model.php
@@ -1,69 +1,105 @@
errorCode() == '00000';
}
/**
* Create a shift type.
*
- * @param string $name
- * @param int $angeltype_id
- * @param string $description
- * @return new shifttype id
+ * @param string $name
+ * @param int $angeltype_id
+ * @param string $description
+ * @return int|false new shifttype id
*/
-function ShiftType_create($name, $angeltype_id, $description) {
- $result = sql_query("INSERT INTO `ShiftTypes` SET
- `name`='" . sql_escape($name) . "',
- `angeltype_id`=" . sql_null($angeltype_id) . ",
- `description`='" . sql_escape($description) . "'");
- if ($result === false) {
- return false;
- }
- return sql_id();
+function ShiftType_create($name, $angeltype_id, $description)
+{
+ $result = DB::insert('
+ INSERT INTO `ShiftTypes` (`name`, `angeltype_id`, `description`)
+ VALUES(?, ?, ?)
+ ',
+ [
+ $name,
+ $angeltype_id,
+ $description
+ ]
+ );
+
+ if ($result === false) {
+ return false;
+ }
+
+ return DB::getPdo()->lastInsertId();
}
/**
* Get a shift type by id.
*
- * @param int $shifttype_id
+ * @param int $shifttype_id
+ * @return array|null
*/
-function ShiftType($shifttype_id) {
- $shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
- if ($shifttype === false) {
- engelsystem_error('Unable to load shift type.');
- }
- if ($shifttype == null) {
- return null;
- }
- return $shifttype[0];
+function ShiftType($shifttype_id)
+{
+ $shifttype = DB::select('SELECT * FROM `ShiftTypes` WHERE `id`=?', [$shifttype_id]);
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load shift type.');
+ }
+ if (empty($shifttype)) {
+ return null;
+ }
+ return array_shift($shifttype);
}
/**
* Get all shift types.
+ *
+ * @return array|false
*/
-function ShiftTypes() {
- return sql_select("SELECT * FROM `ShiftTypes` ORDER BY `name`");
-}
+function ShiftTypes()
+{
+ $result = DB::select('SELECT * FROM `ShiftTypes` ORDER BY `name`');
-?>
\ No newline at end of file
+ if (DB::getStm()->errorCode() != '00000') {
+ return false;
+ }
+
+ return $result;
+}
diff --git a/includes/model/ShiftsFilter.php b/includes/model/ShiftsFilter.php
index ff1f5d40..47ef50d7 100644
--- a/includes/model/ShiftsFilter.php
+++ b/includes/model/ShiftsFilter.php
@@ -7,115 +7,170 @@ namespace Engelsystem;
*
* @author msquare
*/
-class ShiftsFilter {
-
- /**
- * How long can the time interval be?
- */
- const MAX_DURATION = 86400;
- // one day
-
- /**
- * Shift is completely full.
- */
- const FILLED_FILLED = 1;
-
- /**
- * Shift has some free slots.
- */
- const FILLED_FREE = 0;
-
- /**
- * Has the user "user shifts admin" privilege?
- *
- * @var boolean
- */
- private $userShiftsAdmin;
-
- private $filled = [];
-
- private $rooms = [];
-
- private $types = [];
-
- private $startTime = null;
-
- private $endTime = null;
-
- public function __construct($user_shifts_admin, $rooms, $types) {
- $this->user_shifts_admin = $user_shifts_admin;
- $this->rooms = $rooms;
- $this->types = $types;
-
- $this->filled = [
- ShiftsFilter::FILLED_FREE
- ];
-
- if ($user_shifts_admin) {
- $this->filled[] = ShiftsFilter::FILLED_FILLED;
+class ShiftsFilter
+{
+ /**
+ * How long can the time interval be?
+ * 86400 = one day
+ */
+ const MAX_DURATION = 86400;
+
+ /**
+ * Shift is completely full.
+ */
+ const FILLED_FILLED = 1;
+
+ /**
+ * Shift has some free slots.
+ */
+ const FILLED_FREE = 0;
+
+ /**
+ * Has the user "user shifts admin" privilege?
+ *
+ * @var boolean
+ */
+ private $userShiftsAdmin;
+
+ /** @var int[] */
+ private $filled = [];
+
+ /** @var int[] */
+ private $rooms = [];
+
+ /** @var int[] */
+ private $types = [];
+
+ /** @var int unix timestamp */
+ private $startTime = null;
+
+ /** @var int unix timestamp */
+ private $endTime = null;
+
+ /**
+ * ShiftsFilter constructor.
+ *
+ * @param bool $user_shifts_admin
+ * @param int[] $rooms
+ * @param int[] $types
+ */
+ public function __construct($user_shifts_admin, $rooms, $types)
+ {
+ $this->user_shifts_admin = $user_shifts_admin;
+ $this->rooms = $rooms;
+ $this->types = $types;
+
+ $this->filled = [
+ ShiftsFilter::FILLED_FREE
+ ];
+
+ if ($user_shifts_admin) {
+ $this->filled[] = ShiftsFilter::FILLED_FILLED;
+ }
}
- }
- public function getStartTime() {
- return $this->startTime;
- }
+ /**
+ * @return int unix timestamp
+ */
+ public function getStartTime()
+ {
+ return $this->startTime;
+ }
- public function setStartTime($startTime) {
- $this->startTime = $startTime;
- }
+ /**
+ * @param int $startTime unix timestamp
+ */
+ public function setStartTime($startTime)
+ {
+ $this->startTime = $startTime;
+ }
- public function getEndTime() {
- return $this->endTime;
- }
+ /**
+ * @return int unix timestamp
+ */
+ public function getEndTime()
+ {
+ return $this->endTime;
+ }
- public function setEndTime($endTime) {
- if ($endTime - $this->startTime > ShiftsFilter::MAX_DURATION) {
- $endTime = $this->startTime + ShiftsFilter::MAX_DURATION;
+ /**
+ * @param int $endTime unix timestamp
+ */
+ public function setEndTime($endTime)
+ {
+ if ($endTime - $this->startTime > ShiftsFilter::MAX_DURATION) {
+ $endTime = $this->startTime + ShiftsFilter::MAX_DURATION;
+ }
+ $this->endTime = $endTime;
}
- $this->endTime = $endTime;
- }
-
- public function getTypes() {
- if (count($this->types) == 0) {
- return [
- 0
- ];
+
+ /**
+ * @return int[]
+ */
+ public function getTypes()
+ {
+ if (count($this->types) == 0) {
+ return [0];
+ }
+ return $this->types;
}
- return $this->types;
- }
-
- public function setTypes($types) {
- $this->types = $types;
- }
-
- public function getRooms() {
- if (count($this->rooms) == 0) {
- return [
- 0
- ];
+
+ /**
+ * @param int[] $types
+ */
+ public function setTypes($types)
+ {
+ $this->types = $types;
}
- return $this->rooms;
- }
- public function setRooms($rooms) {
- $this->rooms = $rooms;
- }
+ /**
+ * @return int[]
+ */
+ public function getRooms()
+ {
+ if (count($this->rooms) == 0) {
+ return [0];
+ }
+ return $this->rooms;
+ }
- public function isUserShiftsAdmin() {
- return $this->userShiftsAdmin;
- }
+ /**
+ * @param int[] $rooms
+ */
+ public function setRooms($rooms)
+ {
+ $this->rooms = $rooms;
+ }
- public function setUserShiftsAdmin($userShiftsAdmin) {
- $this->userShiftsAdmin = $userShiftsAdmin;
- }
+ /**
+ * @return bool
+ */
+ public function isUserShiftsAdmin()
+ {
+ return $this->userShiftsAdmin;
+ }
- public function getFilled() {
- return $this->filled;
- }
+ /**
+ * @param bool $userShiftsAdmin
+ */
+ public function setUserShiftsAdmin($userShiftsAdmin)
+ {
+ $this->userShiftsAdmin = $userShiftsAdmin;
+ }
- public function setFilled($filled) {
- $this->filled = $filled;
- }
-}
+ /**
+ * @return int[]
+ */
+ public function getFilled()
+ {
+ return $this->filled;
+ }
-?>
\ No newline at end of file
+ /**
+ * @param int[] $filled
+ */
+ public function setFilled($filled)
+ {
+ $this->filled = $filled;
+ }
+}
diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php
index 29156423..b0269362 100644
--- a/includes/model/Shifts_model.php
+++ b/includes/model/Shifts_model.php
@@ -1,432 +1,641 @@
errorCode() != '00000') {
+ engelsystem_error('Unable to load shifts.');
+ }
+ return $result;
}
-function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
- $SQL = "SELECT * FROM (
- SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return array[]
+ */
+function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
+{
+ $sql = 'SELECT * FROM (
+ SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `Room` USING (`RID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
- WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
- AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
- AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
+ WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+ AND `start` BETWEEN ? AND ?
+ AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ')
AND `NeededAngelTypes`.`count` > 0
AND `Shifts`.`PSID` IS NULL
-
+
UNION
-
- SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
+
+ SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `Room` USING (`RID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
- WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
- AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
- AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
+ WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+ AND `start` BETWEEN ? AND ?
+ AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ')
AND `NeededAngelTypes`.`count` > 0
- AND NOT `Shifts`.`PSID` IS NULL) as tmp_shifts
-
- ORDER BY `start`";
- $result = sql_select($SQL);
- if ($result === false) {
- engelsystem_error("Unable to load shifts by filter.");
- }
- return $result;
+ AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts
+
+ ORDER BY `start`';
+ $result = DB::select(
+ $sql,
+ [
+ $shiftsFilter->getStartTime(),
+ $shiftsFilter->getEndTime(),
+ $shiftsFilter->getStartTime(),
+ $shiftsFilter->getEndTime(),
+ ]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load shifts by filter.');
+ }
+ return $result;
}
-function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
- $SQL = "SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return array[]
+ */
+function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
+{
+ $sql = '
+ SELECT
+ `NeededAngelTypes`.*,
+ `Shifts`.`SID`,
+ `AngelTypes`.`id`,
+ `AngelTypes`.`name`,
+ `AngelTypes`.`restricted`,
+ `AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
- WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
- AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
+ WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+ AND `start` BETWEEN ? AND ?
AND `Shifts`.`PSID` IS NULL
UNION
- SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
+ SELECT
+ `NeededAngelTypes`.*,
+ `Shifts`.`SID`,
+ `AngelTypes`.`id`,
+ `AngelTypes`.`name`,
+ `AngelTypes`.`restricted`,
+ `AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
- WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
- AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
- AND NOT `Shifts`.`PSID` IS NULL";
- $result = sql_select($SQL);
- if ($result === false) {
- engelsystem_error("Unable to load needed angeltypes by filter.");
- }
- return $result;
+ WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+ AND `start` BETWEEN ? AND ?
+ AND NOT `Shifts`.`PSID` IS NULL';
+ $result = DB::select(
+ $sql,
+ [
+ $shiftsFilter->getStartTime(),
+ $shiftsFilter->getEndTime(),
+ $shiftsFilter->getStartTime(),
+ $shiftsFilter->getEndTime(),
+ ]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load needed angeltypes by filter.');
+ }
+ return $result;
}
-function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype) {
- $result = sql_select("SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
- FROM `Shifts`
- JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
- JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
- WHERE `Shifts`.`SID`=" . sql_escape($shift['SID']) . "
- AND `AngelTypes`.`id`=" . sql_escape($angeltype['id']) . "
- AND `Shifts`.`PSID` IS NULL
-
- UNION
-
- SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
- FROM `Shifts`
- JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
- JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
- WHERE `Shifts`.`SID`=" . sql_escape($shift['SID']) . "
- AND `AngelTypes`.`id`=" . sql_escape($angeltype['id']) . "
- AND NOT `Shifts`.`PSID` IS NULL");
- if ($result === false) {
- engelsystem_error("Unable to load needed angeltypes by filter.");
- }
- if (count($result) == 0) {
- return null;
- }
- return $result[0];
+/**
+ * @param array $shift
+ * @param array $angeltype
+ * @return array|null
+ */
+function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype)
+{
+ $result = DB::select('
+ SELECT
+ `NeededAngelTypes`.*,
+ `Shifts`.`SID`,
+ `AngelTypes`.`id`,
+ `AngelTypes`.`name`,
+ `AngelTypes`.`restricted`,
+ `AngelTypes`.`no_self_signup`
+ FROM `Shifts`
+ JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
+ JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
+ WHERE `Shifts`.`SID`=?
+ AND `AngelTypes`.`id`=?
+ AND `Shifts`.`PSID` IS NULL
+
+ UNION
+
+ SELECT
+ `NeededAngelTypes`.*,
+ `Shifts`.`SID`,
+ `AngelTypes`.`id`,
+ `AngelTypes`.`name`,
+ `AngelTypes`.`restricted`,
+ `AngelTypes`.`no_self_signup`
+ FROM `Shifts`
+ JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
+ JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
+ WHERE `Shifts`.`SID`=?
+ AND `AngelTypes`.`id`=?
+ AND NOT `Shifts`.`PSID` IS NULL
+ ',
+ [
+ $shift['SID'],
+ $angeltype['id'],
+ $shift['SID'],
+ $angeltype['id']
+ ]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load needed angeltypes by filter.');
+ }
+ if (empty($result)) {
+ return null;
+ }
+ return $result[0];
}
-function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
- $SQL = "SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return array
+ */
+function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
+{
+ $sql = '
+ SELECT
+ `User`.`Nick`,
+ `User`.`email`,
+ `User`.`email_shiftinfo`,
+ `User`.`Sprache`,
+ `User`.`Gekommen`,
+ `ShiftEntry`.`UID`,
+ `ShiftEntry`.`TID`,
+ `ShiftEntry`.`SID`,
+ `ShiftEntry`.`Comment`,
+ `ShiftEntry`.`freeloaded`
FROM `Shifts`
JOIN `ShiftEntry` ON `ShiftEntry`.`SID`=`Shifts`.`SID`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
- WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
- AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
- ORDER BY `Shifts`.`start`";
- $result = sql_select($SQL);
- if ($result === false) {
- engelsystem_error("Unable to load shift entries by filter.");
- }
- return $result;
+ WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+ AND `start` BETWEEN ? AND ?
+ ORDER BY `Shifts`.`start`';
+ $result = DB::select(
+ $sql,
+ [
+ $shiftsFilter->getStartTime(),
+ $shiftsFilter->getEndTime(),
+ ]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to load shift entries by filter.');
+ }
+ return $result;
}
/**
* Check if a shift collides with other shifts (in time).
*
- * @param Shift $shift
- * @param array' . _("Shirt statistics") . '
', - table([ - 'size' => _("Size"), - 'needed' => _("Needed shirts"), - 'given' => _("Given shirts") - ], $shirt_statistics) - ]); + + $uc = DB::select('SELECT count(*) FROM `User` WHERE `Tshirt`=1'); + $uc = array_shift($uc); + $uc = array_shift($uc); + + $shirt_statistics[] = [ + 'size' => '' . _('Sum') . '', + 'needed' => '' . User_arrived_count() . '', + 'given' => '' . (int)$uc . '' + ]; + + return page_with_title(admin_active_title(), [ + form([ + form_text('search', _('Search angel:'), $search), + form_checkbox('show_all_shifts', _('Show all shifts'), $show_all_shifts), + form_submit('submit', _('Search')) + ], page_link_to('admin_active')), + $set_active == '' ? form([ + form_text('count', _('How much angels should be active?'), $count), + form_submit('set_active', _('Preview')) + ]) : $set_active, + $msg . msg(), + table([ + 'nick' => _('Nickname'), + 'shirt_size' => _('Size'), + 'shift_count' => _('Shifts'), + 'work_time' => _('Length'), + 'active' => _('Active?'), + 'force_active' => _('Forced'), + 'tshirt' => _('T-shirt?'), + 'actions' => '' + ], $matched_users), + '' . _('Shirt statistics') . '
', + table([ + 'size' => _('Size'), + 'needed' => _('Needed shirts'), + 'given' => _('Given shirts') + ], $shirt_statistics) + ]); } -?> diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index 4a1ee8d7..77155dae 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -1,201 +1,222 @@ 0) { - $match = false; - $index = join(" ", $usr); - foreach ($tokens as $t) { - if (stristr($index, trim($t))) { - $match = true; - break; + + if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) { + $user_id = $_REQUEST['reset']; + $user_source = User($user_id); + if ($user_source != null) { + DB::update(' + UPDATE `User` + SET `Gekommen`=0, `arrival_date` = NULL + WHERE `UID`=? + LIMIT 1 + ', [$user_id]); + engelsystem_log('User set to not arrived: ' . User_Nick_render($user_source)); + success(_('Reset done. Angel has not arrived.')); + redirect(user_link($user_source)); + } else { + $msg = error(_('Angel not found.'), true); + } + } elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) { + $user_id = $_REQUEST['arrived']; + $user_source = User($user_id); + if ($user_source != null) { + DB::update(' + UPDATE `User` + SET `Gekommen`=1, `arrival_date`=? + WHERE `UID`=? + LIMIT 1 + ', [time(), $user_id]); + engelsystem_log('User set has arrived: ' . User_Nick_render($user_source)); + success(_('Angel has been marked as arrived.')); + redirect(user_link($user_source)); + } else { + $msg = error(_('Angel not found.'), true); } - } - if (! $match) { - continue; - } } - - $usr['nick'] = User_Nick_render($usr); - if ($usr['planned_departure_date'] != null) { - $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']); + + $users = DB::select('SELECT * FROM `User` ORDER BY `Nick`'); + $arrival_count_at_day = []; + $planned_arrival_count_at_day = []; + $planned_departure_count_at_day = []; + $users_matched = []; + if ($search == '') { + $tokens = []; } else { - $usr['rendered_planned_departure_date'] = '-'; + $tokens = explode(' ', $search); } - $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); - $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; - $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; - $usr['actions'] = $usr['Gekommen'] == 1 ? '' . _("reset") . '' : '' . _("arrived") . ''; - - if ($usr['arrival_date'] > 0) { - $day = date('Y-m-d', $usr['arrival_date']); - if (! isset($arrival_count_at_day[$day])) { - $arrival_count_at_day[$day] = 0; - } - $arrival_count_at_day[$day] ++; + foreach ($users as $usr) { + if (count($tokens) > 0) { + $match = false; + $index = join(' ', $usr); + foreach ($tokens as $t) { + if (stristr($index, trim($t))) { + $match = true; + break; + } + } + if (!$match) { + continue; + } + } + + $usr['nick'] = User_Nick_render($usr); + if ($usr['planned_departure_date'] != null) { + $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']); + } else { + $usr['rendered_planned_departure_date'] = '-'; + } + $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); + $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-'; + $usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : ''; + $usr['actions'] = $usr['Gekommen'] == 1 + ? '' . _('reset') . '' + : '' . _('arrived') . ''; + + if ($usr['arrival_date'] > 0) { + $day = date('Y-m-d', $usr['arrival_date']); + if (!isset($arrival_count_at_day[$day])) { + $arrival_count_at_day[$day] = 0; + } + $arrival_count_at_day[$day]++; + } + + if ($usr['planned_arrival_date'] != null) { + $day = date('Y-m-d', $usr['planned_arrival_date']); + if (!isset($planned_arrival_count_at_day[$day])) { + $planned_arrival_count_at_day[$day] = 0; + } + $planned_arrival_count_at_day[$day]++; + } + + if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) { + $day = date('Y-m-d', $usr['planned_departure_date']); + if (!isset($planned_departure_count_at_day[$day])) { + $planned_departure_count_at_day[$day] = 0; + } + $planned_departure_count_at_day[$day]++; + } + + $users_matched[] = $usr; } - - if ($usr['planned_arrival_date'] != null) { - $day = date('Y-m-d', $usr['planned_arrival_date']); - if (! isset($planned_arrival_count_at_day[$day])) { - $planned_arrival_count_at_day[$day] = 0; - } - $planned_arrival_count_at_day[$day] ++; + + ksort($arrival_count_at_day); + ksort($planned_arrival_count_at_day); + ksort($planned_departure_count_at_day); + + $arrival_at_day = []; + $arrival_sum = 0; + foreach ($arrival_count_at_day as $day => $count) { + $arrival_sum += $count; + $arrival_at_day[$day] = [ + 'day' => $day, + 'count' => $count, + 'sum' => $arrival_sum + ]; } - - if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) { - $day = date('Y-m-d', $usr['planned_departure_date']); - if (! isset($planned_departure_count_at_day[$day])) { - $planned_departure_count_at_day[$day] = 0; - } - $planned_departure_count_at_day[$day] ++; + + $planned_arrival_at_day = []; + $planned_arrival_sum = 0; + foreach ($planned_arrival_count_at_day as $day => $count) { + $planned_arrival_sum += $count; + $planned_arrival_at_day[$day] = [ + 'day' => $day, + 'count' => $count, + 'sum' => $planned_arrival_sum + ]; } - - $users_matched[] = $usr; - } - - ksort($arrival_count_at_day); - ksort($planned_arrival_count_at_day); - ksort($planned_departure_count_at_day); - - $arrival_at_day = []; - $arrival_sum = 0; - foreach ($arrival_count_at_day as $day => $count) { - $arrival_sum += $count; - $arrival_at_day[$day] = [ - 'day' => $day, - 'count' => $count, - 'sum' => $arrival_sum - ]; - } - - $planned_arrival_at_day = []; - $planned_arrival_sum = 0; - foreach ($planned_arrival_count_at_day as $day => $count) { - $planned_arrival_sum += $count; - $planned_arrival_at_day[$day] = [ - 'day' => $day, - 'count' => $count, - 'sum' => $planned_arrival_sum - ]; - } - - $planned_departure_at_day = []; - $planned_departure_sum = 0; - foreach ($planned_departure_count_at_day as $day => $count) { - $planned_departure_sum += $count; - $planned_departure_at_day[$day] = [ - 'day' => $day, - 'count' => $count, - 'sum' => $planned_departure_sum - ]; - } - - return page_with_title(admin_arrive_title(), [ - msg(), - form([ - form_text('search', _("Search"), $search), - form_submit('submit', _("Search")) - ]), - table([ - 'nick' => _("Nickname"), - 'rendered_planned_arrival_date' => _("Planned arrival"), - 'arrived' => _("Arrived?"), - 'rendered_arrival_date' => _("Arrival date"), - 'rendered_planned_departure_date' => _("Planned departure"), - 'actions' => "" - ], $users_matched), - div('row', [ - div('col-md-4', [ - heading(_("Planned arrival statistics"), 2), - bargraph('planned_arrives', 'day', [ - 'count' => _("arrived"), - 'sum' => _("arrived sum") - ], [ - 'count' => '#090', - 'sum' => '#888' - ], $planned_arrival_at_day), - table([ - 'day' => _("Date"), - 'count' => _("Count"), - 'sum' => _("Sum") - ], $planned_arrival_at_day) - ]), - div('col-md-4', [ - heading(_("Arrival statistics"), 2), - bargraph('arrives', 'day', [ - 'count' => _("arrived"), - 'sum' => _("arrived sum") - ], [ - 'count' => '#090', - 'sum' => '#888' - ], $arrival_at_day), - table([ - 'day' => _("Date"), - 'count' => _("Count"), - 'sum' => _("Sum") - ], $arrival_at_day) - ]), - div('col-md-4', [ - heading(_("Planned departure statistics"), 2), - bargraph('planned_departures', 'day', [ - 'count' => _("arrived"), - 'sum' => _("arrived sum") - ], [ - 'count' => '#090', - 'sum' => '#888' - ], $planned_departure_at_day), - table([ - 'day' => _("Date"), - 'count' => _("Count"), - 'sum' => _("Sum") - ], $planned_departure_at_day) - ]) - ]) - ]); + + $planned_departure_at_day = []; + $planned_departure_sum = 0; + foreach ($planned_departure_count_at_day as $day => $count) { + $planned_departure_sum += $count; + $planned_departure_at_day[$day] = [ + 'day' => $day, + 'count' => $count, + 'sum' => $planned_departure_sum + ]; + } + + return page_with_title(admin_arrive_title(), [ + $msg . msg(), + form([ + form_text('search', _('Search'), $search), + form_submit('submit', _('Search')) + ]), + table([ + 'nick' => _('Nickname'), + 'rendered_planned_arrival_date' => _('Planned arrival'), + 'arrived' => _('Arrived?'), + 'rendered_arrival_date' => _('Arrival date'), + 'rendered_planned_departure_date' => _('Planned departure'), + 'actions' => '' + ], $users_matched), + div('row', [ + div('col-md-4', [ + heading(_('Planned arrival statistics'), 2), + bargraph('planned_arrives', 'day', [ + 'count' => _('arrived'), + 'sum' => _('arrived sum') + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $planned_arrival_at_day), + table([ + 'day' => _('Date'), + 'count' => _('Count'), + 'sum' => _('Sum') + ], $planned_arrival_at_day) + ]), + div('col-md-4', [ + heading(_('Arrival statistics'), 2), + bargraph('arrives', 'day', [ + 'count' => _('arrived'), + 'sum' => _('arrived sum') + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $arrival_at_day), + table([ + 'day' => _('Date'), + 'count' => _('Count'), + 'sum' => _('Sum') + ], $arrival_at_day) + ]), + div('col-md-4', [ + heading(_('Planned departure statistics'), 2), + bargraph('planned_departures', 'day', [ + 'count' => _('arrived'), + 'sum' => _('arrived sum') + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $planned_departure_at_day), + table([ + 'day' => _('Date'), + 'count' => _('Count'), + 'sum' => _('Sum') + ], $planned_departure_at_day) + ]) + ]) + ]); } -?> diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php index 427de61a..daaead22 100644 --- a/includes/pages/admin_free.php +++ b/includes/pages/admin_free.php @@ -1,101 +1,127 @@ 'alle Typen' - ]; - foreach ($angel_types_source as $angel_type) { - $angel_types[$angel_type['id']] = $angel_type['name']; - } - - $users = sql_select(" - SELECT `User`.* - FROM `User` - ${angeltypesearch} - LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` - LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "') - WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL - GROUP BY `User`.`UID` - ORDER BY `Nick`"); - - $free_users_table = []; - if ($search == "") { - $tokens = []; - } else { - $tokens = explode(" ", $search); - } - foreach ($users as $usr) { - if (count($tokens) > 0) { - $match = false; - $index = join("", $usr); - foreach ($tokens as $t) { - if (stristr($index, trim($t))) { - $match = true; - break; + + $angelTypeSearch = ''; + if (empty($_REQUEST['angeltype'])) { + $_REQUEST['angeltype'] = ''; + } else { + $angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = ' + . DB::getPdo()->quote($_REQUEST['angeltype']) + . ' AND `UserAngelTypes`.`user_id` = `User`.`UID`'; + if (isset($_REQUEST['confirmed_only'])) { + $angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`'; } - } - if (! $match) { - continue; - } + $angelTypeSearch .= ') '; } - - $free_users_table[] = [ - 'name' => User_Nick_render($usr), - 'shift_state' => User_shift_state_render($usr), - 'dect' => $usr['DECT'], - 'jabber' => $usr['jabber'], - 'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'), - 'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _("edit"), 'btn-xs') : '' + + $angel_types_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`'); + $angel_types = [ + '' => 'alle Typen' ]; - } - return page_with_title(admin_free_title(), [ - form([ - div('row', [ - div('col-md-4', [ - form_text('search', _("Search"), $search) - ]), - div('col-md-4', [ - form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']) - ]), - div('col-md-2', [ - form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])) - ]), - div('col-md-2', [ - form_submit('submit', _("Search")) - ]) - ]) - ]), - table([ - 'name' => _("Nick"), - 'shift_state' => '', - 'dect' => _("DECT"), - 'jabber' => _("Jabber"), - 'email' => _("E-Mail"), - 'actions' => '' - ], $free_users_table) - ]); + foreach ($angel_types_source as $angel_type) { + $angel_types[$angel_type['id']] = $angel_type['name']; + } + + $users = DB::select(' + SELECT `User`.* + FROM `User` + ' . $angelTypeSearch . ' + LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` + LEFT JOIN `Shifts` + ON ( + `ShiftEntry`.`SID` = `Shifts`.`SID` + AND `Shifts`.`start` < ? + AND `Shifts`.`end` > ? + ) + WHERE `User`.`Gekommen` = 1 + AND `Shifts`.`SID` IS NULL + GROUP BY `User`.`UID` + ORDER BY `Nick` + ', + [ + time(), + time(), + ] + ); + + $free_users_table = []; + if ($search == '') { + $tokens = []; + } else { + $tokens = explode(' ', $search); + } + foreach ($users as $usr) { + if (count($tokens) > 0) { + $match = false; + $index = join('', $usr); + foreach ($tokens as $t) { + if (stristr($index, trim($t))) { + $match = true; + break; + } + } + if (!$match) { + continue; + } + } + + $free_users_table[] = [ + 'name' => User_Nick_render($usr), + 'shift_state' => User_shift_state_render($usr), + 'dect' => $usr['DECT'], + 'jabber' => $usr['jabber'], + 'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'), + 'actions' => + in_array('admin_user', $privileges) + ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _('edit'), 'btn-xs') + : '' + ]; + } + return page_with_title(admin_free_title(), [ + form([ + div('row', [ + div('col-md-4', [ + form_text('search', _('Search'), $search) + ]), + div('col-md-4', [ + form_select('angeltype', _('Angeltype'), $angel_types, $_REQUEST['angeltype']) + ]), + div('col-md-2', [ + form_checkbox('confirmed_only', _('Only confirmed'), isset($_REQUEST['confirmed_only'])) + ]), + div('col-md-2', [ + form_submit('submit', _('Search')) + ]) + ]) + ]), + table([ + 'name' => _('Nick'), + 'shift_state' => '', + 'dect' => _('DECT'), + 'jabber' => _('Jabber'), + 'email' => _('E-Mail'), + 'actions' => '' + ], $free_users_table) + ]); } -?> diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 388e2c68..4011ccf1 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -1,97 +1,144 @@ $group['Name'], - 'privileges' => join(', ', $privileges_html), - 'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs') - ]; - } - - return page_with_title(admin_groups_title(), [ - table([ - 'name' => _("Name"), - 'privileges' => _("Privileges"), - 'actions' => '' - ], $groups_table) - ]); - } else { - switch ($_REQUEST["action"]) { - case 'edit': - if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Groups ID.", true); - } - - $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); - if (count($group) > 0) { - list($group) = $group; - $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`"); - $privileges_html = ""; - $privileges_form = []; - foreach ($privileges as $priv) { - $privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']); - $privileges_html .= sprintf('' . _("Rooms to create") . '
', - table(_("Name"), $rooms_new) - ]), - div('col-sm-6', [ - '' . _("Rooms to delete") . '
', - table(_("Name"), $rooms_deleted) - ]) - ]), - '' . _("Shifts to create") . '
', - table([ - 'day' => _("Day"), - 'start' => _("Start"), - 'end' => _("End"), - 'shifttype' => _('Shift type'), - 'title' => _("Title"), - 'room' => _("Room") - ], shifts_printable($events_new, $shifttypes)), - '' . _("Shifts to update") . '
', - table([ - 'day' => _("Day"), - 'start' => _("Start"), - 'end' => _("End"), - 'shifttype' => _('Shift type'), - 'title' => _("Title"), - 'room' => _("Room") - ], shifts_printable($events_updated, $shifttypes)), - '' . _("Shifts to delete") . '
', - table([ - 'day' => _("Day"), - 'start' => _("Start"), - 'end' => _("End"), - 'shifttype' => _('Shift type'), - 'title' => _("Title"), - 'room' => _("Room") - ], shifts_printable($events_deleted, $shifttypes)), - form_submit('submit', _("Import")) - ], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start); - break; - - case 'import': - if (! file_exists($import_file)) { - error(_('Missing import file.')); - redirect(page_link_to('admin_import')); - } - - if (! file_exists($import_file)) { - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; - } else { - error(_('Please select a shift type.')); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); - } else { - error(_("Please enter an amount of minutes to add to a talk's begin.")); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); - } else { - error(_("Please enter an amount of minutes to add to a talk's end.")); - redirect(page_link_to('admin_import')); - } - - list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); - foreach ($rooms_new as $room) { - $result = Room_create($room, true, true); - if ($result === false) { - engelsystem_error('Unable to create room.'); - } - $rooms_import[trim($room)] = sql_id(); - } - foreach ($rooms_deleted as $room) { - sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1"); - } - - list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end); - foreach ($events_new as $event) { - $result = Shift_create($event); - if ($result === false) { - engelsystem_error('Unable to create shift.'); - } - } - - foreach ($events_updated as $event) { - $result = Shift_update_by_psid($event); - if ($result === false) { - engelsystem_error('Unable to update shift.'); - } - } - - foreach ($events_deleted as $event) { - $result = Shift_delete_by_psid($event['PSID']); - if ($result === false) { - engelsystem_error('Unable to delete shift.'); - } - } - - engelsystem_log("Frab import done"); - - unlink($import_file); - - $html .= div('well well-sm text-center', [ - '' . _('File Upload') . glyph('ok-circle') . '' . mute(glyph('arrow-right')) . '' . _('Validation') . glyph('ok-circle') . '' . mute(glyph('arrow-right')) . '' . _('Import') . glyph('ok-circle') . '' - ]) . success(_("It's done!"), true); - break; - default: - redirect(page_link_to('admin_import')); - } - - return page_with_title(admin_import_title(), [ - msg(), - $html - ]); -} -function prepare_rooms($file) { - global $rooms_import; - $data = read_xml($file); - - // Load rooms from db for compare with input - $rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'"); - $rooms_db = []; - $rooms_import = []; - foreach ($rooms as $room) { - $rooms_db[] = (string) $room['Name']; - $rooms_import[$room['Name']] = $room['RID']; - } - - $events = $data->vcalendar->vevent; - $rooms_pb = []; - foreach ($events as $event) { - $rooms_pb[] = (string) $event->location; - if (! isset($rooms_import[trim($event->location)])) { - $rooms_import[trim($event->location)] = trim($event->location); + if (isset($_REQUEST['submit'])) { + $valid = true; + + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + $valid = false; + error(_('Please select a shift type.')); + } + + if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { + $add_minutes_start = trim($_REQUEST['add_minutes_start']); + } else { + $valid = false; + error(_('Please enter an amount of minutes to add to a talk\'s begin.')); + } + + if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { + $add_minutes_end = trim($_REQUEST['add_minutes_end']); + } else { + $valid = false; + error(_('Please enter an amount of minutes to add to a talk\'s end.')); + } + + if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) { + if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) { + libxml_use_internal_errors(true); + if (simplexml_load_file($import_file) === false) { + $valid = false; + error(_('No valid xml/xcal file provided.')); + unlink($import_file); + } + } else { + $valid = false; + error(_('File upload went wrong.')); + } + } else { + $valid = false; + error(_('Please provide some data.')); + } + } + + if ($valid) { + redirect( + page_link_to('admin_import') + . '&step=check&shifttype_id=' . $shifttype_id + . '&add_minutes_end=' . $add_minutes_end + . '&add_minutes_start=' . $add_minutes_start + ); + } else { + $html .= div('well well-sm text-center', [ + _('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import')) + ]) . div('row', [ + div('col-md-offset-3 col-md-6', [ + form([ + form_info( + '', + _('This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.') + ), + form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), + form_spinner('add_minutes_start', _('Add minutes to start'), $add_minutes_start), + form_spinner('add_minutes_end', _('Add minutes to end'), $add_minutes_end), + form_file('xcal_file', _('xcal-File (.xcal)')), + form_submit('submit', _('Import')) + ]) + ]) + ]); + } + break; + + case 'check': + if (!file_exists($import_file)) { + error(_('Missing import file.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + error(_('Please select a shift type.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { + $add_minutes_start = trim($_REQUEST['add_minutes_start']); + } else { + error(_('Please enter an amount of minutes to add to a talk\'s begin.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { + $add_minutes_end = trim($_REQUEST['add_minutes_end']); + } else { + error(_('Please enter an amount of minutes to add to a talk\'s end.')); + redirect(page_link_to('admin_import')); + } + + list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); + list($events_new, $events_updated, $events_deleted) = prepare_events( + $import_file, + $shifttype_id, + $add_minutes_start, + $add_minutes_end + ); + + $html .= div( + 'well well-sm text-center', + [ + '' . _('File Upload') . glyph('ok-circle') . '' + . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import')) + ] + ) + . form( + [ + div('row', [ + div('col-sm-6', [ + '' . _('Rooms to create') . '
', + table(_('Name'), $rooms_new) + ]), + div('col-sm-6', [ + '' . _('Rooms to delete') . '
', + table(_('Name'), $rooms_deleted) + ]) + ]), + '' . _('Shifts to create') . '
', + table([ + 'day' => _('Day'), + 'start' => _('Start'), + 'end' => _('End'), + 'shifttype' => _('Shift type'), + 'title' => _('Title'), + 'room' => _('Room') + ], shifts_printable($events_new, $shifttypes)), + '' . _('Shifts to update') . '
', + table([ + 'day' => _('Day'), + 'start' => _('Start'), + 'end' => _('End'), + 'shifttype' => _('Shift type'), + 'title' => _('Title'), + 'room' => _('Room') + ], shifts_printable($events_updated, $shifttypes)), + '' . _('Shifts to delete') . '
', + table([ + 'day' => _('Day'), + 'start' => _('Start'), + 'end' => _('End'), + 'shifttype' => _('Shift type'), + 'title' => _('Title'), + 'room' => _('Room') + ], shifts_printable($events_deleted, $shifttypes)), + form_submit('submit', _('Import')) + ], + page_link_to('admin_import') + . '&step=import&shifttype_id=' . $shifttype_id + . '&add_minutes_end=' . $add_minutes_end + . '&add_minutes_start=' . $add_minutes_start + ); + break; + + case 'import': + if (!file_exists($import_file)) { + error(_('Missing import file.')); + redirect(page_link_to('admin_import')); + } + + if (!file_exists($import_file)) { + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + error(_('Please select a shift type.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { + $add_minutes_start = trim($_REQUEST['add_minutes_start']); + } else { + error(_('Please enter an amount of minutes to add to a talk\'s begin.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { + $add_minutes_end = trim($_REQUEST['add_minutes_end']); + } else { + error(_('Please enter an amount of minutes to add to a talk\'s end.')); + redirect(page_link_to('admin_import')); + } + + list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); + foreach ($rooms_new as $room) { + $result = Room_create($room, true, true); + if ($result === false) { + engelsystem_error('Unable to create room.'); + } + $rooms_import[trim($room)] = $result; + } + foreach ($rooms_deleted as $room) { + DB::delete('DELETE FROM `Room` WHERE `Name`=? LIMIT 1', [$room]); + } + + list($events_new, $events_updated, $events_deleted) = prepare_events( + $import_file, + $shifttype_id, + $add_minutes_start, + $add_minutes_end + ); + foreach ($events_new as $event) { + $result = Shift_create($event); + if ($result === false) { + engelsystem_error('Unable to create shift.'); + } + } + + foreach ($events_updated as $event) { + $result = Shift_update_by_psid($event); + if ($result === false) { + engelsystem_error('Unable to update shift.'); + } + } + + foreach ($events_deleted as $event) { + $result = Shift_delete_by_psid($event['PSID']); + if ($result === false) { + engelsystem_error('Unable to delete shift.'); + } + } + + engelsystem_log('Frab import done'); + + unlink($import_file); + + $html .= div('well well-sm text-center', [ + '' . _('File Upload') . glyph('ok-circle') . '' + . mute(glyph('arrow-right')) + . '' . _('Validation') . glyph('ok-circle') . '' + . mute(glyph('arrow-right')) + . '' . _('Import') . glyph('ok-circle') . '' + ]) . success(_('It\'s done!'), true); + break; + default: + redirect(page_link_to('admin_import')); } - } - $rooms_pb = array_unique($rooms_pb); - - $rooms_new = array_diff($rooms_pb, $rooms_db); - $rooms_deleted = array_diff($rooms_db, $rooms_pb); - - return [ - $rooms_new, - $rooms_deleted - ]; + + return page_with_title(admin_import_title(), [ + msg(), + $html + ]); } -function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) { - global $rooms_import; - $data = read_xml($file); - - $rooms = sql_select("SELECT * FROM `Room`"); - $rooms_db = []; - foreach ($rooms as $room) { - $rooms_db[$room['Name']] = $room['RID']; - } - - $events = $data->vcalendar->vevent; - $shifts_pb = []; - foreach ($events as $event) { - $event_pb = $event->children("http://pentabarf.org"); - $event_id = trim($event_pb->{ - 'event-id' }); - $shifts_pb[$event_id] = [ - 'shifttype_id' => $shifttype_id, - 'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60, - 'end' => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60, - 'RID' => $rooms_import[trim($event->location)], - 'title' => trim($event->summary), - 'URL' => trim($event->url), - 'PSID' => $event_id +/** + * @param string $file + * @return array + */ +function prepare_rooms($file) +{ + global $rooms_import; + $data = read_xml($file); + + // Load rooms from db for compare with input + $rooms = DB::select('SELECT `Name`, `RID` FROM `Room` WHERE `FromPentabarf`=\'Y\''); + $rooms_db = []; + $rooms_import = []; + foreach ($rooms as $room) { + $rooms_db[] = $room['Name']; + $rooms_import[$room['Name']] = $room['RID']; + } + + $events = $data->vcalendar->vevent; + $rooms_pb = []; + foreach ($events as $event) { + $rooms_pb[] = (string)$event->location; + if (!isset($rooms_import[trim($event->location)])) { + $rooms_import[trim($event->location)] = trim($event->location); + } + } + $rooms_pb = array_unique($rooms_pb); + + $rooms_new = array_diff($rooms_pb, $rooms_db); + $rooms_deleted = array_diff($rooms_db, $rooms_pb); + + return [ + $rooms_new, + $rooms_deleted ]; - } - - $shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`"); - $shifts_db = []; - foreach ($shifts as $shift) { - $shifts_db[$shift['PSID']] = $shift; - } - - $shifts_new = []; - $shifts_updated = []; - foreach ($shifts_pb as $shift) { - if (! isset($shifts_db[$shift['PSID']])) { - $shifts_new[] = $shift; - } else { - $tmp = $shifts_db[$shift['PSID']]; - if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL']) { - $shifts_updated[] = $shift; - } +} + +/** + * @param string $file + * @param int $shifttype_id + * @param int $add_minutes_start + * @param int $add_minutes_end + * @return array + */ +function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) +{ + global $rooms_import; + $data = read_xml($file); + + $rooms = Rooms(true); + $rooms_db = []; + foreach ($rooms as $room) { + $rooms_db[$room['Name']] = $room['RID']; + } + + $events = $data->vcalendar->vevent; + $shifts_pb = []; + foreach ($events as $event) { + $event_pb = $event->children('http://pentabarf.org'); + $event_id = trim($event_pb->{'event-id'}); + $shifts_pb[$event_id] = [ + 'shifttype_id' => $shifttype_id, + 'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60, + 'end' => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60, + 'RID' => $rooms_import[trim($event->location)], + 'title' => trim($event->summary), + 'URL' => trim($event->url), + 'PSID' => $event_id + ]; } - } - - $shifts_deleted = []; - foreach ($shifts_db as $shift) { - if (! isset($shifts_pb[$shift['PSID']])) { - $shifts_deleted[] = $shift; + + $shifts = DB::select('SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`'); + $shifts_db = []; + foreach ($shifts as $shift) { + $shifts_db[$shift['PSID']] = $shift; } - } - - return [ - $shifts_new, - $shifts_updated, - $shifts_deleted - ]; + + $shifts_new = []; + $shifts_updated = []; + foreach ($shifts_pb as $shift) { + if (!isset($shifts_db[$shift['PSID']])) { + $shifts_new[] = $shift; + } else { + $tmp = $shifts_db[$shift['PSID']]; + if ( + $shift['shifttype_id'] != $tmp['shifttype_id'] + || $shift['title'] != $tmp['title'] + || $shift['start'] != $tmp['start'] + || $shift['end'] != $tmp['end'] + || $shift['RID'] != $tmp['RID'] + || $shift['URL'] != $tmp['URL'] + ) { + $shifts_updated[] = $shift; + } + } + } + + $shifts_deleted = []; + foreach ($shifts_db as $shift) { + if (!isset($shifts_pb[$shift['PSID']])) { + $shifts_deleted[] = $shift; + } + } + + return [ + $shifts_new, + $shifts_updated, + $shifts_deleted + ]; } -function read_xml($file) { - global $xml_import; - if (! isset($xml_import)) { - $xml_import = simplexml_load_file($file); - } - return $xml_import; +/** + * @param string $file + * @return SimpleXMLElement + */ +function read_xml($file) +{ + global $xml_import; + if (!isset($xml_import)) { + $xml_import = simplexml_load_file($file); + } + return $xml_import; } -function shifts_printable($shifts, $shifttypes) { - global $rooms_import; - $rooms = array_flip($rooms_import); - - uasort($shifts, 'shift_sort'); - - $shifts_printable = []; - foreach ($shifts as $shift) { - $shifts_printable[] = [ - 'day' => date("l, Y-m-d", $shift['start']), - 'start' => date("H:i", $shift['start']), - 'shifttype' => ShiftType_name_render([ - 'id' => $shift['shifttype_id'], - 'name' => $shifttypes[$shift['shifttype_id']] - ]), - 'title' => shorten($shift['title']), - 'end' => date("H:i", $shift['end']), - 'room' => $rooms[$shift['RID']] - ]; - } - return $shifts_printable; +/** + * @param array $shifts + * @param array $shifttypes + * @return array + */ +function shifts_printable($shifts, $shifttypes) +{ + global $rooms_import; + $rooms = array_flip($rooms_import); + + uasort($shifts, 'shift_sort'); + + $shifts_printable = []; + foreach ($shifts as $shift) { + $shifts_printable[] = [ + 'day' => date('l, Y-m-d', $shift['start']), + 'start' => date('H:i', $shift['start']), + 'shifttype' => ShiftType_name_render([ + 'id' => $shift['shifttype_id'], + 'name' => $shifttypes[$shift['shifttype_id']] + ]), + 'title' => shorten($shift['title']), + 'end' => date('H:i', $shift['end']), + 'room' => $rooms[$shift['RID']] + ]; + } + return $shifts_printable; } -function shift_sort($shift_a, $shift_b) { - return ($shift_a['start'] < $shift_b['start']) ? - 1 : 1; +/** + * @param array $shift_a + * @param array $shift_b + * @return int + */ +function shift_sort($shift_a, $shift_b) +{ + return ($shift_a['start'] < $shift_b['start']) ? -1 : 1; } -?> diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php index 97b81585..9e5e5827 100644 --- a/includes/pages/admin_log.php +++ b/includes/pages/admin_log.php @@ -1,33 +1,40 @@ "Time", - 'nick' => "Angel", - 'message' => "Log Entry" - ], $log_entries) - ]); +/** + * @return string + */ +function admin_log() +{ + $filter = ''; + if (isset($_REQUEST['keyword'])) { + $filter = strip_request_item('keyword'); + } + $log_entries_source = LogEntries_filter($filter); + + $log_entries = []; + foreach ($log_entries_source as $log_entry) { + $log_entry['date'] = date('d.m.Y H:i', $log_entry['timestamp']); + $log_entries[] = $log_entry; + } + + return page_with_title(admin_log_title(), [ + msg(), + form([ + form_text('keyword', _('Search'), $filter), + form_submit(_('Search'), 'Go') + ]), + table([ + 'date' => 'Time', + 'nick' => 'Angel', + 'message' => 'Log Entry' + ], $log_entries) + ]); } -?> diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 789fc728..bc242831 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -1,67 +1,82 @@' . _("Edit news entry") . '
' . msg(); - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $news_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing News ID.", true); - } - - $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); - if (empty($news)) { - return error("No News found.", true); - } - switch ($_REQUEST["action"]) { - default: - redirect(page_link_to('news')); - case 'edit': - list($news) = $news; - - $user_source = User($news['UID']); - - $html .= form([ - form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), - form_info(_("Author"), User_Nick_render($user_source)), - form_text('eBetreff', _("Subject"), $news['Betreff']), - form_textarea('eText', _("Message"), $news['Text']), - form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), - form_submit('submit', _("Save")) - ], page_link_to('admin_news&action=save&id=' . $news_id)); - - $html .= ' ' . _("Delete") . ''; - break; - - case 'save': - list($news) = $news; - - sql_query("UPDATE `News` SET - `Datum`='" . sql_escape(time()) . "', - `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', - `Text`='" . sql_escape($_POST["eText"]) . "', - `UID`='" . sql_escape($user['UID']) . "', - `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' - WHERE `ID`='" . sql_escape($news_id) . "'"); - engelsystem_log("News updated: " . $_POST["eBetreff"]); - success(_("News entry updated.")); - redirect(page_link_to("news")); - break; - - case 'delete': - list($news) = $news; - - sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); - engelsystem_log("News deleted: " . $news['Betreff']); - success(_("News entry deleted.")); - redirect(page_link_to("news")); - break; - } - return $html . ''; +use Engelsystem\Database\DB; + +/** + * @return string + */ +function admin_news() +{ + global $user; + + if (!isset($_GET['action'])) { + redirect(page_link_to('news')); + } + + $html = '' . _('Edit news entry') . '
' . msg(); + if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) { + $news_id = $_REQUEST['id']; + } else { + return error('Incomplete call, missing News ID.', true); + } + + $news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$news_id]); + if (empty($news)) { + return error('No News found.', true); + } + + switch ($_REQUEST['action']) { + case 'edit': + $news = array_shift($news); + $user_source = User($news['UID']); + + $html .= form([ + form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])), + form_info(_('Author'), User_Nick_render($user_source)), + form_text('eBetreff', _('Subject'), $news['Betreff']), + form_textarea('eText', _('Message'), $news['Text']), + form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1), + form_submit('submit', _('Save')) + ], page_link_to('admin_news&action=save&id=' . $news_id)); + + $html .= '' + . ' ' . _('Delete') + . ''; + break; + + case 'save': + DB::update(' + UPDATE `News` SET + `Datum`=?, + `Betreff`=?, + `Text`=?, + `UID`=?, + `Treffen`=? + WHERE `ID`=? + ', + [ + time(), + $_POST["eBetreff"], + $_POST["eText"], + $user['UID'], + isset($_POST["eTreffen"]) ? 1 : 0, + $news_id + ] + ); + engelsystem_log('News updated: ' . $_POST['eBetreff']); + success(_('News entry updated.')); + redirect(page_link_to('news')); + break; + + case 'delete': + $news = array_shift($news); + DB::delete('DELETE FROM `News` WHERE `ID`=? LIMIT 1', [$news_id]); + engelsystem_log('News deleted: ' . $news['Betreff']); + success(_('News entry deleted.')); + redirect(page_link_to('news')); + break; + default: + redirect(page_link_to('news')); + } + return $html . '", $question['Question']), - 'answer' => form([ - form_textarea('answer', '', ''), - form_submit('submit', _("Save")) - ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), - 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') - ]; - } - - $answered_questions_table = []; - $questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL"); - foreach ($questions as $question) { - $user_source = User($question['UID']); - $answer_user_source = User($question['AID']); - $answered_questions_table[] = [ - 'from' => User_Nick_render($user_source), - 'question' => str_replace("\n", "
", $question['Question']), - 'answered_by' => User_Nick_render($answer_user_source), - 'answer' => str_replace("\n", "
", $question['Answer']), - 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') - ]; - } - - return page_with_title(admin_questions_title(), [ - '
' . _("Unanswered questions") . '
', - table([ - 'from' => _("From"), - 'question' => _("Question"), - 'answer' => _("Answer"), - 'actions' => '' - ], $unanswered_questions_table), - '' . _("Answered questions") . '
', - table([ - 'from' => _("From"), - 'question' => _("Question"), - 'answered_by' => _("Answered by"), - 'answer' => _("Answer"), - 'actions' => '' - ], $answered_questions_table) - ]); - } else { - switch ($_REQUEST['action']) { - case 'answer': - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $question_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Question ID.", true); - } - - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - if (count($question) > 0 && $question[0]['AID'] == null) { - $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']))); - - if ($answer != "") { - sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); - redirect(page_link_to("admin_questions")); - } else { - return error("Enter an answer!", true); - } - } else { - return error("No question found.", true); +/** + * @return string + */ +function admin_questions() +{ + global $user; + + if (!isset($_REQUEST['action'])) { + $unanswered_questions_table = []; + $questions = DB::select('SELECT * FROM `Questions` WHERE `AID` IS NULL'); + foreach ($questions as $question) { + $user_source = User($question['UID']); + + $unanswered_questions_table[] = [ + 'from' => User_Nick_render($user_source), + 'question' => str_replace("\n", '', $question['Question']), + 'answer' => form([ + form_textarea('answer', '', ''), + form_submit('submit', _('Save')) + ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), + 'actions' => button( + page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'], + _('delete'), + 'btn-xs' + ) + ]; } - break; - case 'delete': - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $question_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Question ID.", true); + + $answered_questions_table = []; + $questions = DB::select('SELECT * FROM `Questions` WHERE NOT `AID` IS NULL'); + foreach ($questions as $question) { + $user_source = User($question['UID']); + $answer_user_source = User($question['AID']); + $answered_questions_table[] = [ + 'from' => User_Nick_render($user_source), + 'question' => str_replace("\n", '
', $question['Question']), + 'answered_by' => User_Nick_render($answer_user_source), + 'answer' => str_replace("\n", '
', $question['Answer']), + 'actions' => button( + page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'], + _('delete'), + 'btn-xs' + ) + ]; } - - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - if (count($question) > 0) { - sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - engelsystem_log("Question deleted: " . $question[0]['Question']); - redirect(page_link_to("admin_questions")); - } else { - return error("No question found.", true); + + return page_with_title(admin_questions_title(), [ + '
' . _('Unanswered questions') . '
', + table([ + 'from' => _('From'), + 'question' => _('Question'), + 'answer' => _('Answer'), + 'actions' => '' + ], $unanswered_questions_table), + '' . _('Answered questions') . '
', + table([ + 'from' => _('From'), + 'question' => _('Question'), + 'answered_by' => _('Answered by'), + 'answer' => _('Answer'), + 'actions' => '' + ], $answered_questions_table) + ]); + } else { + switch ($_REQUEST['action']) { + case 'answer': + if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) { + $question_id = $_REQUEST['id']; + } else { + return error('Incomplete call, missing Question ID.', true); + } + + $question = DB::select( + 'SELECT * FROM `Questions` WHERE `QID`=? LIMIT 1', + [$question_id] + ); + if (count($question) > 0 && $question[0]['AID'] == null) { + $answer = trim( + preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", + '', + strip_tags($_REQUEST['answer']) + )); + + if ($answer != '') { + DB::update(' + UPDATE `Questions` + SET `AID`=?, `Answer`=? + WHERE `QID`=? + LIMIT 1 + ', + [ + $user['UID'], + $answer, + $question_id, + ] + ); + engelsystem_log('Question ' . $question[0]['Question'] . ' answered: ' . $answer); + redirect(page_link_to('admin_questions')); + } else { + return error('Enter an answer!', true); + } + } else { + return error('No question found.', true); + } + break; + case 'delete': + if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) { + $question_id = $_REQUEST['id']; + } else { + return error('Incomplete call, missing Question ID.', true); + } + + $question = DB::select( + 'SELECT * FROM `Questions` WHERE `QID`=? LIMIT 1', + [$question_id] + ); + if (count($question) > 0) { + DB::delete('DELETE FROM `Questions` WHERE `QID`=? LIMIT 1', [$question_id]); + engelsystem_log('Question deleted: ' . $question[0]['Question']); + redirect(page_link_to('admin_questions')); + } else { + return error('No question found.', true); + } + break; } - break; } - } + + return ''; } -?> diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 129ed423..d483f99e 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -1,196 +1,251 @@ Room_name_render($room), - 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', - 'public' => $room['show'] == 'Y' ? '✓' : '', - 'actions' => table_buttons([ - button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), - button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') - ]) - ]; - } - $room = null; - - if (isset($_REQUEST['show'])) { - $msg = ""; - $name = ""; - $from_pentabarf = ""; - $public = 'Y'; - $number = ""; - - $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); - $angeltypes = []; - $angeltypes_count = []; - foreach ($angeltypes_source as $angeltype) { - $angeltypes[$angeltype['id']] = $angeltype['name']; - $angeltypes_count[$angeltype['id']] = 0; - } - - if (test_request_int('id')) { - $room = Room($_REQUEST['id']); - if ($room === false) { - engelsystem_error("Unable to load room."); - } - if ($room == null) { - redirect(page_link_to('admin_rooms')); - } - - $room_id = $_REQUEST['id']; - $name = $room['Name']; - $from_pentabarf = $room['FromPentabarf']; - $public = $room['show']; - $number = $room['Number']; - - $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'"); - foreach ($needed_angeltypes as $needed_angeltype) { - $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; - } +/** + * @return string + */ +function admin_rooms() +{ + $rooms_source = DB::select('SELECT * FROM `Room` ORDER BY `Name`'); + $rooms = []; + foreach ($rooms_source as $room) { + $rooms[] = [ + 'name' => Room_name_render($room), + 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', + 'public' => $room['show'] == 'Y' ? '✓' : '', + 'actions' => table_buttons([ + button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _('edit'), 'btn-xs'), + button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _('delete'), 'btn-xs') + ]) + ]; } - - if ($_REQUEST['show'] == 'edit') { - if (isset($_REQUEST['submit'])) { - $valid = true; - - if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { - $name = strip_request_item('name'); - if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($room_id)) > 0) { - $valid = false; - $msg .= error(_("This name is already in use."), true); - } - } else { - $valid = false; - $msg .= error(_("Please enter a name."), true); - } - - if (isset($_REQUEST['from_pentabarf'])) { - $from_pentabarf = 'Y'; - } else { - $from_pentabarf = ''; - } - - if (isset($_REQUEST['public'])) { - $public = 'Y'; - } else { - $public = ''; - } - - if (isset($_REQUEST['number'])) { - $number = strip_request_item('number'); - } else { - $valid = false; - } - - foreach ($angeltypes as $angeltype_id => $angeltype) { - if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) { - $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; - } else { - $valid = false; - $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true); - } + $room = null; + + if (isset($_REQUEST['show'])) { + $msg = ''; + $name = ''; + $from_pentabarf = ''; + $public = 'Y'; + $number = ''; + $room_id = 0; + + $angeltypes_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`'); + $angeltypes = []; + $angeltypes_count = []; + foreach ($angeltypes_source as $angeltype) { + $angeltypes[$angeltype['id']] = $angeltype['name']; + $angeltypes_count[$angeltype['id']] = 0; } - - if ($valid) { - if (isset($room_id)) { - sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($room_id) . "' LIMIT 1"); - engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); - } else { - $room_id = Room_create($name, $from_pentabarf, $public, $number); - if ($room_id === false) { - engelsystem_error("Unable to create room."); + + if (test_request_int('id')) { + $room = Room($_REQUEST['id'], false); + if ($room === false) { + engelsystem_error('Unable to load room.'); } - engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); - } - - NeededAngelTypes_delete_by_room($room_id); - $needed_angeltype_info = []; - foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { - $angeltype = AngelType($angeltype_id); - if ($angeltype != null) { - NeededAngelType_add(null, $angeltype_id, $room_id, $angeltype_count); - $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; + if ($room == null) { + redirect(page_link_to('admin_rooms')); + } + + $room_id = $_REQUEST['id']; + $name = $room['Name']; + $from_pentabarf = $room['FromPentabarf']; + $public = $room['show']; + $number = $room['Number']; + + $needed_angeltypes = DB::select( + 'SELECT `angel_type_id`, `count` FROM `NeededAngelTypes` WHERE `room_id`=?', + [$room_id] + ); + foreach ($needed_angeltypes as $needed_angeltype) { + $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; } - } - - engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info)); - success(_("Room saved.")); - redirect(page_link_to("admin_rooms")); } - } - $angeltypes_count_form = []; - foreach ($angeltypes as $angeltype_id => $angeltype) { - $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [ - form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) - ]); - } - - return page_with_title(admin_rooms_title(), [ - buttons([ - button(page_link_to('admin_rooms'), _("back"), 'back') - ]), - $msg, - form([ - div('row', [ - div('col-md-6', [ - form_text('name', _("Name"), $name), - form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), - form_checkbox('public', _("Public"), $public), - form_text('number', _("Room number"), $number) - ]), - div('col-md-6', [ - div('row', [ - div('col-md-12', [ - form_info(_("Needed angels:")) - ]), - join($angeltypes_count_form) - ]) - ]) - ]), - form_submit('submit', _("Save")) - ]) - ]); - } elseif ($_REQUEST['show'] == 'delete') { - if (isset($_REQUEST['ack'])) { - if (! Room_delete($room_id)) { - engelsystem_error("Unable to delete room."); + + if ($_REQUEST['show'] == 'edit') { + if (isset($_REQUEST['submit'])) { + $valid = true; + + if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { + $name = strip_request_item('name'); + if ( + isset($room) + && count(DB::select( + 'SELECT RID FROM `Room` WHERE `Name`=? AND NOT `RID`=?', + [$name, $room_id] + )) > 0 + ) { + $valid = false; + $msg .= error(_('This name is already in use.'), true); + } + } else { + $valid = false; + $msg .= error(_('Please enter a name.'), true); + } + + if (isset($_REQUEST['from_pentabarf'])) { + $from_pentabarf = 'Y'; + } else { + $from_pentabarf = ''; + } + + if (isset($_REQUEST['public'])) { + $public = 'Y'; + } else { + $public = ''; + } + + if (isset($_REQUEST['number'])) { + $number = strip_request_item('number'); + } else { + $valid = false; + } + + foreach ($angeltypes as $angeltype_id => $angeltype) { + if ( + isset($_REQUEST['angeltype_count_' . $angeltype_id]) + && preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id]) + ) { + $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; + } else { + $valid = false; + $msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true); + } + } + + if ($valid) { + if (!empty($room_id)) { + DB::update(' + UPDATE `Room` + SET + `Name`=?, + `FromPentabarf`=?, + `show`=?, + `Number`=? + WHERE `RID`=? + LIMIT 1 + ', [ + $name, + $from_pentabarf, + $public, + $number, + $room_id, + ]); + engelsystem_log( + 'Room updated: ' . $name + . ', pentabarf import: ' . $from_pentabarf + . ', public: ' . $public + . ', number: ' . $number + ); + } else { + $room_id = Room_create($name, $from_pentabarf, $public, $number); + if ($room_id === false) { + engelsystem_error('Unable to create room.'); + } + engelsystem_log( + 'Room created: ' . $name + . ', pentabarf import: ' + . $from_pentabarf + . ', public: ' . $public + . ', number: ' . $number + ); + } + + NeededAngelTypes_delete_by_room($room_id); + $needed_angeltype_info = []; + foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { + $angeltype = AngelType($angeltype_id); + if ($angeltype != null) { + NeededAngelType_add(null, $angeltype_id, $room_id, $angeltype_count); + $needed_angeltype_info[] = $angeltype['name'] . ': ' . $angeltype_count; + } + } + + engelsystem_log( + 'Set needed angeltypes of room ' . $name + . ' to: ' . join(', ', $needed_angeltype_info) + ); + success(_('Room saved.')); + redirect(page_link_to('admin_rooms')); + } + } + $angeltypes_count_form = []; + foreach ($angeltypes as $angeltype_id => $angeltype) { + $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [ + form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) + ]); + } + + return page_with_title(admin_rooms_title(), [ + buttons([ + button(page_link_to('admin_rooms'), _('back'), 'back') + ]), + $msg, + form([ + div('row', [ + div('col-md-6', [ + form_text('name', _('Name'), $name), + form_checkbox('from_pentabarf', _('Frab import'), $from_pentabarf), + form_checkbox('public', _('Public'), $public), + form_text('number', _('Room number'), $number) + ]), + div('col-md-6', [ + div('row', [ + div('col-md-12', [ + form_info(_('Needed angels:')) + ]), + join($angeltypes_count_form) + ]) + ]) + ]), + form_submit('submit', _('Save')) + ]) + ]); + } elseif ($_REQUEST['show'] == 'delete') { + if (isset($_REQUEST['ack'])) { + if (!Room_delete($room_id)) { + engelsystem_error('Unable to delete room.'); + } + + engelsystem_log('Room deleted: ' . $name); + success(sprintf(_('Room %s deleted.'), $name)); + redirect(page_link_to('admin_rooms')); + } + + return page_with_title(admin_rooms_title(), [ + buttons([ + button(page_link_to('admin_rooms'), _('back'), 'back') + ]), + sprintf(_('Do you want to delete room %s?'), $name), + buttons([ + button( + page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', + _('Delete'), + 'delete btn-danger' + ) + ]) + ]); } - - engelsystem_log("Room deleted: " . $name); - success(sprintf(_("Room %s deleted."), $name)); - redirect(page_link_to('admin_rooms')); - } - - return page_with_title(admin_rooms_title(), [ - buttons([ - button(page_link_to('admin_rooms'), _("back"), 'back') - ]), - sprintf(_("Do you want to delete room %s?"), $name), - buttons([ - button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete') - ]) - ]); } - } - - return page_with_title(admin_rooms_title(), [ - buttons([ - button(page_link_to('admin_rooms') . '&show=edit', _("add")) - ]), - msg(), - table([ - 'name' => _("Name"), - 'from_pentabarf' => _("Frab import"), - 'public' => _("Public"), - 'actions' => "" - ], $rooms) - ]); + + return page_with_title(admin_rooms_title(), [ + buttons([ + button(page_link_to('admin_rooms') . '&show=edit', _('add')) + ]), + msg(), + table([ + 'name' => _('Name'), + 'from_pentabarf' => _('Frab import'), + 'public' => _('Public'), + 'actions' => '' + ], $rooms) + ]); } -?> diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index 42a8c682..06071233 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -1,346 +1,419 @@ = $end) { - $valid = false; - error(_('The shifts end has to be after its start.')); + $shifttypes = []; + foreach ($shifttypes_source as $shifttype) { + $shifttypes[$shifttype['id']] = $shifttype['name']; } - - if (isset($_REQUEST['mode'])) { - if ($_REQUEST['mode'] == 'single') { - $mode = 'single'; - } elseif ($_REQUEST['mode'] == 'multi') { - if (isset($_REQUEST['length']) && preg_match("/^[0-9]+$/", trim($_REQUEST['length']))) { - $mode = 'multi'; - $length = trim($_REQUEST['length']); + + if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) { + if (isset($_REQUEST['shifttype_id'])) { + $shifttype = ShiftType($_REQUEST['shifttype_id']); + if ($shifttype == null) { + $valid = false; + error(_('Please select a shift type.')); + } else { + $shifttype_id = $_REQUEST['shifttype_id']; + } } else { - $valid = false; - error(_('Please enter a shift duration in minutes.')); + $valid = false; + error(_('Please select a shift type.')); } - } elseif ($_REQUEST['mode'] == 'variable') { - if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) { - $mode = 'variable'; - $change_hours = array_map('trim', explode(",", $_REQUEST['change_hours'])); + + // Name/Bezeichnung der Schicht, darf leer sein + $title = strip_request_item('title'); + + // Auswahl der sichtbaren Locations für die Schichten + if ( + isset($_REQUEST['rid']) + && preg_match('/^\d+$/', $_REQUEST['rid']) + && isset($room_array[$_REQUEST['rid']]) + ) { + $rid = $_REQUEST['rid']; } else { - $valid = false; - error(_('Please split the shift-change hours by colons.')); + $valid = false; + $rid = $rooms[0]['RID']; + error(_('Please select a location.')); } - } - } else { - $valid = false; - error(_('Please select a mode.')); - } - - if (isset($_REQUEST['angelmode'])) { - if ($_REQUEST['angelmode'] == 'location') { - $angelmode = 'location'; - } elseif ($_REQUEST['angelmode'] == 'manually') { - $angelmode = 'manually'; - foreach ($types as $type) { - if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) { - $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]); - } else { + + if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) { + $start = $tmp; + } else { + $valid = false; + error(_('Please select a start time.')); + } + + if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) { + $end = $tmp; + } else { $valid = false; - error(sprintf(_('Please check the needed angels for team %s.'), $type['name'])); - } + error(_('Please select an end time.')); } - if (array_sum($needed_angel_types) == 0) { - $valid = false; - error(_('There are 0 angels needed. Please enter the amounts of needed angels.')); + + if ($start >= $end) { + $valid = false; + error(_('The shifts end has to be after its start.')); } - } else { - $valid = false; - error(_('Please select a mode for needed angels.')); - } - } else { - $valid = false; - error(_('Please select needed angels.')); - } - - // Beim Zurück-Knopf das Formular zeigen - if (isset($_REQUEST['back'])) { - $valid = false; - } - - // Alle Eingaben in Ordnung - if ($valid) { - if ($angelmode == 'location') { - $needed_angel_types = []; - $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'"); - foreach ($needed_angel_types_location as $type) { - $needed_angel_types[$type['angel_type_id']] = $type['count']; + + if (isset($_REQUEST['mode'])) { + if ($_REQUEST['mode'] == 'single') { + $mode = 'single'; + } elseif ($_REQUEST['mode'] == 'multi') { + if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) { + $mode = 'multi'; + $length = trim($_REQUEST['length']); + } else { + $valid = false; + error(_('Please enter a shift duration in minutes.')); + } + } elseif ($_REQUEST['mode'] == 'variable') { + if ( + isset($_REQUEST['change_hours']) + && preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours']))) + ) { + $mode = 'variable'; + $change_hours = array_map('trim', explode(',', $_REQUEST['change_hours'])); + } else { + $valid = false; + error(_('Please split the shift-change hours by colons.')); + } + } + } else { + $valid = false; + error(_('Please select a mode.')); } - } - $shifts = []; - if ($mode == 'single') { - $shifts[] = [ - 'start' => $start, - 'end' => $end, - 'RID' => $rid, - 'title' => $title, - 'shifttype_id' => $shifttype_id - ]; - } elseif ($mode == 'multi') { - $shift_start = $start; - do { - $shift_end = $shift_start + $length * 60; - - if ($shift_end > $end) { - $shift_end = $end; - } - if ($shift_start >= $shift_end) { - break; - } - - $shifts[] = [ - 'start' => $shift_start, - 'end' => $shift_end, - 'RID' => $rid, - 'title' => $title, - 'shifttype_id' => $shifttype_id - ]; - - $shift_start = $shift_end; - } while ($shift_end < $end); - } elseif ($mode == 'variable') { - rsort($change_hours); - $day = parse_date("Y-m-d H:i", date("Y-m-d", $start) . " 00:00"); - $change_index = 0; - // Ersten/nächsten passenden Schichtwechsel suchen - foreach ($change_hours as $i => $change_hour) { - if ($start < $day + $change_hour * 60 * 60) { - $change_index = $i; - } elseif ($start == $day + $change_hour * 60 * 60) { - // Start trifft Schichtwechsel - $change_index = ($i + count($change_hours) - 1) % count($change_hours); - break; - } else { - break; - } + + if (isset($_REQUEST['angelmode'])) { + if ($_REQUEST['angelmode'] == 'location') { + $angelmode = 'location'; + } elseif ($_REQUEST['angelmode'] == 'manually') { + $angelmode = 'manually'; + foreach ($types as $type) { + if ( + isset($_REQUEST['type_' . $type['id']]) + && preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']])) + ) { + $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]); + } else { + $valid = false; + error(sprintf(_('Please check the needed angels for team %s.'), $type['name'])); + } + } + if (array_sum($needed_angel_types) == 0) { + $valid = false; + error(_('There are 0 angels needed. Please enter the amounts of needed angels.')); + } + } else { + $valid = false; + error(_('Please select a mode for needed angels.')); + } + } else { + $valid = false; + error(_('Please select needed angels.')); } - - $shift_start = $start; - do { - $day = parse_date("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00"); - $shift_end = $day + $change_hours[$change_index] * 60 * 60; - - if ($shift_end > $end) { - $shift_end = $end; - } - if ($shift_start >= $shift_end) { - $shift_end += 24 * 60 * 60; - } - - $shifts[] = [ - 'start' => $shift_start, - 'end' => $shift_end, - 'RID' => $rid, - 'title' => $title, - 'shifttype_id' => $shifttype_id - ]; - - $shift_start = $shift_end; - $change_index = ($change_index + count($change_hours) - 1) % count($change_hours); - } while ($shift_end < $end); - } - - $shifts_table = []; - foreach ($shifts as $shift) { - $shifts_table_entry = [ - 'timeslot' => ' ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '' . Room_name_render(Room($shift['RID'])), - 'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '
' . $shift['title'] : ''), - 'needed_angels' => '' - ]; - foreach ($types as $type) { - if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) { - $shifts_table_entry['needed_angels'] .= '' . AngelType_name_render($type) . ': ' . $needed_angel_types[$type['id']] . '
'; - } + + // Beim Zurück-Knopf das Formular zeigen + if (isset($_REQUEST['back'])) { + $valid = false; } - $shifts_table[] = $shifts_table_entry; - } - - // Fürs Anlegen zwischenspeichern: - $_SESSION['admin_shifts_shifts'] = $shifts; - $_SESSION['admin_shifts_types'] = $needed_angel_types; - - $hidden_types = ""; - foreach ($needed_angel_types as $type_id => $count) { - $hidden_types .= form_hidden('type_' . $type_id, $count); - } - return page_with_title(_("Preview"), [ - form([ - $hidden_types, - form_hidden('shifttype_id', $shifttype_id), - form_hidden('title', $title), - form_hidden('rid', $rid), - form_hidden('start', date("Y-m-d H:i", $start)), - form_hidden('end', date("Y-m-d H:i", $end)), - form_hidden('mode', $mode), - form_hidden('length', $length), - form_hidden('change_hours', implode(', ', $change_hours)), - form_hidden('angelmode', $angelmode), - form_submit('back', _("back")), - table([ - 'timeslot' => _('Time and location'), - 'title' => _('Type and title'), - 'needed_angels' => _('Needed angels') - ], $shifts_table), - form_submit('submit', _("Save")) - ]) - ]); + + // Alle Eingaben in Ordnung + if ($valid) { + if ($angelmode == 'location') { + $needed_angel_types = []; + $needed_angel_types_location = DB::select(' + SELECT `angel_type_id`, `count` + FROM `NeededAngelTypes` + WHERE `room_id`=? + ', + [$rid] + ); + foreach ($needed_angel_types_location as $type) { + $needed_angel_types[$type['angel_type_id']] = $type['count']; + } + } + $shifts = []; + if ($mode == 'single') { + $shifts[] = [ + 'start' => $start, + 'end' => $end, + 'RID' => $rid, + 'title' => $title, + 'shifttype_id' => $shifttype_id + ]; + } elseif ($mode == 'multi') { + $shift_start = (int)$start; + do { + $shift_end = $shift_start + (int)$length * 60; + + if ($shift_end > $end) { + $shift_end = $end; + } + if ($shift_start >= $shift_end) { + break; + } + + $shifts[] = [ + 'start' => $shift_start, + 'end' => $shift_end, + 'RID' => $rid, + 'title' => $title, + 'shifttype_id' => $shifttype_id + ]; + + $shift_start = $shift_end; + } while ($shift_end < $end); + } elseif ($mode == 'variable') { + rsort($change_hours); + $day = parse_date('Y-m-d H:i', date('Y-m-d', $start) . ' 00:00'); + $change_index = 0; + // Ersten/nächsten passenden Schichtwechsel suchen + foreach ($change_hours as $i => $change_hour) { + if ($start < $day + $change_hour * 60 * 60) { + $change_index = $i; + } elseif ($start == $day + $change_hour * 60 * 60) { + // Start trifft Schichtwechsel + $change_index = ($i + count($change_hours) - 1) % count($change_hours); + break; + } else { + break; + } + } + + $shift_start = $start; + do { + $day = parse_date('Y-m-d H:i', date('Y-m-d', $shift_start) . ' 00:00'); + $shift_end = $day + $change_hours[$change_index] * 60 * 60; + + if ($shift_end > $end) { + $shift_end = $end; + } + if ($shift_start >= $shift_end) { + $shift_end += 24 * 60 * 60; + } + + $shifts[] = [ + 'start' => $shift_start, + 'end' => $shift_end, + 'RID' => $rid, + 'title' => $title, + 'shifttype_id' => $shifttype_id + ]; + + $shift_start = $shift_end; + $change_index = ($change_index + count($change_hours) - 1) % count($change_hours); + } while ($shift_end < $end); + } + + $shifts_table = []; + foreach ($shifts as $shift) { + $shifts_table_entry = [ + 'timeslot' => + ' ' + . date('Y-m-d H:i', $shift['start']) + . ' - ' + . date('H:i', $shift['end']) + . '
' + . Room_name_render(Room($shift['RID'])), + 'title' => + ShiftType_name_render(ShiftType($shifttype_id)) + . ($shift['title'] ? '
' . $shift['title'] : ''), + 'needed_angels' => '' + ]; + foreach ($types as $type) { + if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) { + $shifts_table_entry['needed_angels'] .= '' . AngelType_name_render($type) . ': ' . $needed_angel_types[$type['id']] . '
'; + } + } + $shifts_table[] = $shifts_table_entry; + } + + // Fürs Anlegen zwischenspeichern: + $_SESSION['admin_shifts_shifts'] = $shifts; + $_SESSION['admin_shifts_types'] = $needed_angel_types; + + $hidden_types = ''; + foreach ($needed_angel_types as $type_id => $count) { + $hidden_types .= form_hidden('type_' . $type_id, $count); + } + return page_with_title(_('Preview'), [ + form([ + $hidden_types, + form_hidden('shifttype_id', $shifttype_id), + form_hidden('title', $title), + form_hidden('rid', $rid), + form_hidden('start', date('Y-m-d H:i', $start)), + form_hidden('end', date('Y-m-d H:i', $end)), + form_hidden('mode', $mode), + form_hidden('length', $length), + form_hidden('change_hours', implode(', ', $change_hours)), + form_hidden('angelmode', $angelmode), + form_submit('back', _('back')), + table([ + 'timeslot' => _('Time and location'), + 'title' => _('Type and title'), + 'needed_angels' => _('Needed angels') + ], $shifts_table), + form_submit('submit', _('Save')) + ]) + ]); + } + } elseif (isset($_REQUEST['submit'])) { + if ( + !isset($_SESSION['admin_shifts_shifts']) + || !isset($_SESSION['admin_shifts_types']) + || !is_array($_SESSION['admin_shifts_shifts']) + || !is_array($_SESSION['admin_shifts_types']) + ) { + redirect(page_link_to('admin_shifts')); + } + + $needed_angel_types_info = []; + foreach ($_SESSION['admin_shifts_shifts'] as $shift) { + $shift['URL'] = null; + $shift['PSID'] = null; + $shift_id = Shift_create($shift); + if ($shift_id === false) { + engelsystem_error('Unable to create shift.'); + } + + engelsystem_log( + 'Shift created: ' . $shifttypes[$shift['shifttype_id']] + . ' with title ' . $shift['title'] + . ' from ' . date('Y-m-d H:i', $shift['start']) + . ' to ' . date('Y-m-d H:i', $shift['end']) + ); + + foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { + $angel_type_source = DB::select(' + SELECT * + FROM `AngelTypes` + WHERE `id` = ? + LIMIT 1', [$type_id]); + if (!empty($angel_type_source)) { + DB::insert(' + INSERT INTO `NeededAngelTypes` (`shift_id`, `angel_type_id`, `count`) + VALUES (?, ?, ?) + ', + [ + $shift_id, + $type_id, + $count + ] + ); + $needed_angel_types_info[] = $angel_type_source[0]['name'] . ': ' . $count; + } + } + } + + engelsystem_log('Shift needs following angel types: ' . join(', ', $needed_angel_types_info)); + success('Schichten angelegt.'); + redirect(page_link_to('admin_shifts')); + } else { + unset($_SESSION['admin_shifts_shifts']); + unset($_SESSION['admin_shifts_types']); } - } elseif (isset($_REQUEST['submit'])) { - if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) { - redirect(page_link_to('admin_shifts')); + + if (!isset($_REQUEST['rid'])) { + $_REQUEST['rid'] = null; } - - foreach ($_SESSION['admin_shifts_shifts'] as $shift) { - $shift['URL'] = null; - $shift['PSID'] = null; - $shift_id = Shift_create($shift); - if ($shift_id === false) { - engelsystem_error('Unable to create shift.'); - } - - engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); - $needed_angel_types_info = []; - foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { - $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); - if (count($angel_type_source) > 0) { - sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'"); - $needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count; - } - } + $angel_types = ''; + foreach ($types as $type) { + $angel_types .= '
' . form_spinner(
+ 'type_' . $type['id'],
+ $type['name'],
+ $needed_angel_types[$type['id']]
+ )
+ . '
';
}
-
- engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info));
- success("Schichten angelegt.");
- redirect(page_link_to('admin_shifts'));
- } else {
- unset($_SESSION['admin_shifts_shifts']);
- unset($_SESSION['admin_shifts_types']);
- }
-
- if (! isset($_REQUEST['rid'])) {
- $_REQUEST['rid'] = null;
- }
- $angel_types = "";
- foreach ($types as $type) {
- $angel_types .= '' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '
';
- }
-
- return page_with_title(admin_shifts_title(), [
- msg(),
- form([
- form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
- form_text('title', _("Title"), $title),
- form_select('rid', _("Room"), $room_array, $_REQUEST['rid']),
- div('row', [
- div('col-md-6', [
- form_text('start', _("Start"), date("Y-m-d H:i", $start)),
- form_text('end', _("End"), date("Y-m-d H:i", $end)),
- form_info(_("Mode"), ''),
- form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
- form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
- form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
- form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
- form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22')
- ]),
- div('col-md-6', [
- form_info(_("Needed angels"), ''),
- form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
- form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
- div('row', [
- $angel_types
- ])
- ])
- ]),
- form_submit('preview', _("Preview"))
- ])
- ]);
+
+ return page_with_title(admin_shifts_title(), [
+ msg(),
+ form([
+ form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
+ form_text('title', _('Title'), $title),
+ form_select('rid', _('Room'), $room_array, $_REQUEST['rid']),
+ div('row', [
+ div('col-md-6', [
+ form_text('start', _('Start'), date('Y-m-d H:i', $start)),
+ form_text('end', _('End'), date('Y-m-d H:i', $end)),
+ form_info(_('Mode'), ''),
+ form_radio('mode', _('Create one shift'), $mode == 'single', 'single'),
+ form_radio('mode', _('Create multiple shifts'), $mode == 'multi', 'multi'),
+ form_text('length', _('Length'), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
+ form_radio(
+ 'mode',
+ _('Create multiple shifts with variable length'),
+ $mode == 'variable',
+ 'variable'
+ ),
+ form_text(
+ 'change_hours',
+ _('Shift change hours'),
+ !empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
+ )
+ ]),
+ div('col-md-6', [
+ form_info(_('Needed angels'), ''),
+ form_radio(
+ 'angelmode',
+ _('Take needed angels from room settings'),
+ $angelmode == 'location',
+ 'location'
+ ),
+ form_radio('angelmode', _('The following angels are needed'), $angelmode == 'manually', 'manually'),
+ div('row', [
+ $angel_types
+ ])
+ ])
+ ]),
+ form_submit('preview', _('Preview'))
+ ])
+ ]);
}
-?>
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 737bd91f..8f833087 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -1,208 +1,310 @@
" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.\n"; - - $html .= ""; - - $html .= "
"; - - $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.')); - - $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:"; - - $html .= "
"; - - $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1"); - if (count($my_highest_group) > 0) { - $my_highest_group = $my_highest_group[0]['group_id']; - } - - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1"); - if (count($his_highest_group) > 0) { - $his_highest_group = $his_highest_group[0]['group_id']; +/** + * @return string + */ +function admin_user() +{ + global $user, $privileges; + $tshirt_sizes = config('tshirt_sizes'); + + foreach ($tshirt_sizes as $key => $size) { + if (empty($size)) { + unset($tshirt_sizes[$key]); + } } - - if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) { - $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:"; - - $html .= "
"; + + $html = ''; + + if (!isset($_REQUEST['id'])) { + redirect(users_link()); } - - $html .= buttons([ - button(user_delete_link($user_source), glyph('lock') . _("delete"), 'btn-danger') - ]); - - $html .= "
"; - } else { - switch ($_REQUEST['action']) { - case 'save_groups': - if ($user_id != $user['UID']) { - $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`"); - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`"); - - if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { - $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); - $groups = []; - $grouplist = []; - foreach ($groups_source as $group) { - $groups[$group['UID']] = $group; - $grouplist[] = $group['UID']; - } - - if (! is_array($_REQUEST['groups'])) { - $_REQUEST['groups'] = []; - } - - sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'"); - $user_groups_info = []; - foreach ($_REQUEST['groups'] as $group) { - if (in_array($group, $grouplist)) { - sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'"); - $user_groups_info[] = $groups[$group]['Name']; - } - } - $user_source = User($user_id); - engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info)); - $html .= success("Benutzergruppen gespeichert.", true); - } else { - $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true); - } - } else { - $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true); + + $user_id = $_REQUEST['id']; + if (!isset($_REQUEST['action'])) { + $user_source = User($user_id); + if ($user_source == null) { + error(_('This user does not exist.')); + redirect(users_link()); + } + + $html .= 'Hallo,
' + . 'hier kannst du den Eintrag ändern. Unter dem Punkt \'Gekommen\' ' + . 'wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ' + . 'dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ' + . 'Wenn T-Shirt ein \'Ja\' enthält, bedeutet dies, dass der Engel ' + . 'bereits sein T-Shirt erhalten hat.
' . "\n"; + + $html .= ''; + + $html .= '
'; + + $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.')); + + $html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:'; + + $html .= '
'; + + $my_highest_group = DB::select( + 'SELECT group_id FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id` LIMIT 1', + [$user['UID']] + ); + if (count($my_highest_group) > 0) { + $my_highest_group = $my_highest_group[0]['group_id']; } - $SQL = "UPDATE `User` SET - `Nick` = '" . sql_escape($_POST["eNick"]) . "', - `Name` = '" . sql_escape($_POST["eName"]) . "', - `Vorname` = '" . sql_escape($_POST["eVorname"]) . "', - `Telefon` = '" . sql_escape($_POST["eTelefon"]) . "', - `Handy` = '" . sql_escape($_POST["eHandy"]) . "', - `Alter` = '" . sql_escape($_POST["eAlter"]) . "', - `DECT` = '" . sql_escape($_POST["eDECT"]) . "', - " . ($user_source['email_by_human_allowed'] ? "`email` = '" . sql_escape($_POST["eemail"]) . "'" : "") . " - `jabber` = '" . sql_escape($_POST["ejabber"]) . "', - `Size` = '" . sql_escape($_POST["eSize"]) . "', - `Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "', - `Aktiv`= '" . sql_escape($_POST["eAktiv"]) . "', - `force_active`= " . sql_escape($force_active) . ", - `Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "', - `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' - WHERE `UID` = '" . sql_escape($user_id) . "' - LIMIT 1"; - sql_query($SQL); - engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]); - $html .= success("Änderung wurde gespeichert...\n", true); - break; - - case 'change_pw': - if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { - set_password($user_id, $_REQUEST['new_pw']); - $user_source = User($user_id); - engelsystem_log("Set new password for " . User_Nick_render($user_source)); - $html .= success("Passwort neu gesetzt.", true); - } else { - $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true); + + $his_highest_group = DB::select( + 'SELECT `group_id` FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id` LIMIT 1', + [$user_id] + ); + if (count($his_highest_group) > 0) { + $his_highest_group = $his_highest_group[0]['group_id']; + } + + if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) { + $html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:'; + + $html .= '
'; + } + + $html .= buttons([ + button(user_delete_link($user_source), glyph('lock') . _('delete'), 'btn-danger') + ]); + + $html .= "
"; + } else { + switch ($_REQUEST['action']) { + case 'save_groups': + if ($user_id != $user['UID']) { + $my_highest_group = DB::select( + 'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`', + [$user['UID']] + ); + $his_highest_group = DB::select( + 'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`', + [$user_id] + ); + + if ( + count($my_highest_group) > 0 + && ( + count($his_highest_group) == 0 + || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']) + ) + ) { + $groups_source = DB::select(' + SELECT * + FROM `Groups` + LEFT OUTER JOIN `UserGroups` ON ( + `UserGroups`.`group_id` = `Groups`.`UID` + AND `UserGroups`.`uid` = ? + ) + WHERE `Groups`.`UID` >= ? + ORDER BY `Groups`.`Name` + ', + [ + $user_id, + $my_highest_group[0]['group_id'], + ] + ); + $groups = []; + $grouplist = []; + foreach ($groups_source as $group) { + $groups[$group['UID']] = $group; + $grouplist[] = $group['UID']; + } + + if (!is_array($_REQUEST['groups'])) { + $_REQUEST['groups'] = []; + } + + DB::delete('DELETE FROM `UserGroups` WHERE `uid`=?', [$user_id]); + $user_groups_info = []; + foreach ($_REQUEST['groups'] as $group) { + if (in_array($group, $grouplist)) { + DB::insert( + 'INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, ?)', + [$user_id, $group] + ); + $user_groups_info[] = $groups[$group]['Name']; + } + } + $user_source = User($user_id); + engelsystem_log( + 'Set groups of ' . User_Nick_render($user_source) . ' to: ' . join(', ', $user_groups_info) + ); + $html .= success('Benutzergruppen gespeichert.', true); + } else { + $html .= error('Du kannst keine Engel mit mehr Rechten bearbeiten.', true); + } + } else { + $html .= error('Du kannst Deine eigenen Rechte nicht bearbeiten.', true); + } + break; + + case 'save': + $force_active = $user['force_active']; + $user_source = User($user_id); + if (in_array('admin_active', $privileges)) { + $force_active = $_REQUEST['force_active']; + } + $sql = ' + UPDATE `User` SET + `Nick` = ?, + `Name` = ?, + `Vorname` = ?, + `Telefon` = ?, + `Handy` = ?, + `Alter` =?, + `DECT` = ?, + ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($_POST["eemail"]) . ',' : '') . ' + `jabber` = ?, + `Size` = ?, + `Gekommen`= ?, + `Aktiv`= ?, + `force_active`= ?, + `Tshirt` = ?, + `Hometown` = ? + WHERE `UID` = ? + LIMIT 1'; + DB::update($sql, [ + $_POST['eNick'], + $_POST['eName'], + $_POST['eVorname'], + $_POST['eTelefon'], + $_POST['eHandy'], + $_POST['eAlter'], + $_POST['eDECT'], + $_POST['ejabber'], + $_POST['eSize'], + $_POST['eGekommen'], + $_POST['eAktiv'], + $force_active, + $_POST['eTshirt'], + $_POST['Hometown'], + $user_id, + ]); + engelsystem_log( + 'Updated user: ' . $_POST['eNick'] . ', ' . $_POST['eSize'] + . ', arrived: ' . $_POST['eGekommen'] + . ', active: ' . $_POST['eAktiv'] + . ', tshirt: ' . $_POST['eTshirt'] + ); + $html .= success('Änderung wurde gespeichert...' . "\n", true); + break; + + case 'change_pw': + if ($_REQUEST['new_pw'] != '' && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { + set_password($user_id, $_REQUEST['new_pw']); + $user_source = User($user_id); + engelsystem_log('Set new password for ' . User_Nick_render($user_source)); + $html .= success('Passwort neu gesetzt.', true); + } else { + $html .= error('Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!', true); + } + break; } - break; } - } - - return page_with_title(_("Edit user"), [ - $html - ]); + + return page_with_title(_('Edit user'), [ + $html + ]); } -?> diff --git a/includes/pages/guest_credits.php b/includes/pages/guest_credits.php index cbdc3133..d9224cbb 100644 --- a/includes/pages/guest_credits.php +++ b/includes/pages/guest_credits.php @@ -1,9 +1,17 @@ \ No newline at end of file diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 54abe5ca..99970a01 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -1,400 +1,492 @@ 1) { - $nick = User_validate_Nick($_REQUEST['nick']); - if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' LIMIT 1") > 0) { - $valid = false; - $msg .= error(sprintf(_("Your nick "%s" already exists."), $nick), true); - } - } else { - $valid = false; - $msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true); - } - - if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { - $mail = strip_request_item('mail'); - if (! check_email($mail)) { - $valid = false; - $msg .= error(_("E-mail address is not correct."), true); - } - } else { - $valid = false; - $msg .= error(_("Please enter your e-mail."), true); - } - - if (isset($_REQUEST['email_shiftinfo'])) { - $email_shiftinfo = true; - } - - if (isset($_REQUEST['email_by_human_allowed'])) { - $email_by_human_allowed = true; - } - - if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { - $jabber = strip_request_item('jabber'); - if (! check_email($jabber)) { - $valid = false; - $msg .= error(_("Please check your jabber account information."), true); - } - } - - if ($enable_tshirt_size) { - if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') { - $tshirt_size = $_REQUEST['tshirt_size']; - } else { - $valid = false; - $msg .= error(_("Please select your shirt size."), true); - } - } - - if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) { - if ($_REQUEST['password'] != $_REQUEST['password2']) { - $valid = false; - $msg .= error(_("Your passwords don't match."), true); - } - } else { - $valid = false; - $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), $min_password_length), true); - } - - if (isset($_REQUEST['planned_arrival_date'])) { - $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00"); - $result = User_validate_planned_arrival_date($tmp); - $planned_arrival_date = $result->getValue(); - if (! $result->isValid()) { - $valid = false; - error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.")); - } - } - +/** + * Engel registrieren + * + * @return string + */ +function guest_register() +{ + global $user; + $tshirt_sizes = config('tshirt_sizes'); + $enable_tshirt_size = config('enable_tshirt_size'); + $min_password_length = config('min_password_length'); + $event_config = EventConfig(); + + $msg = ''; + $nick = ''; + $lastName = ''; + $preName = ''; + $age = ''; + $tel = ''; + $dect = ''; + $mobile = ''; + $mail = ''; + $email_shiftinfo = false; + $email_by_human_allowed = false; + $jabber = ''; + $hometown = ''; + $comment = ''; + $tshirt_size = ''; + $password_hash = ''; $selected_angel_types = []; - foreach (array_keys($angel_types) as $angel_type_id) { - if (isset($_REQUEST['angel_types_' . $angel_type_id])) { - $selected_angel_types[] = $angel_type_id; - } - } - - // Trivia - if (isset($_REQUEST['lastname'])) { - $lastname = strip_request_item('lastname'); - } - if (isset($_REQUEST['prename'])) { - $prename = strip_request_item('prename'); - } - if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) { - $age = strip_request_item('age'); - } - if (isset($_REQUEST['tel'])) { - $tel = strip_request_item('tel'); - } - if (isset($_REQUEST['dect'])) { - $dect = strip_request_item('dect'); - } - if (isset($_REQUEST['mobile'])) { - $mobile = strip_request_item('mobile'); - } - if (isset($_REQUEST['hometown'])) { - $hometown = strip_request_item('hometown'); - } - if (isset($_REQUEST['comment'])) { - $comment = strip_request_item_nl('comment'); + $planned_arrival_date = null; + + $angel_types_source = AngelTypes(); + $angel_types = []; + foreach ($angel_types_source as $angel_type) { + $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? ' (restricted)' : ''); + if (!$angel_type['restricted']) { + $selected_angel_types[] = $angel_type['id']; + } } - - if ($valid) { - sql_query(" - INSERT INTO `User` SET - `color`='" . sql_escape($default_theme) . "', - `Nick`='" . sql_escape($nick) . "', - `Vorname`='" . sql_escape($prename) . "', - `Name`='" . sql_escape($lastname) . "', - `Alter`='" . sql_escape($age) . "', - `Telefon`='" . sql_escape($tel) . "', - `DECT`='" . sql_escape($dect) . "', - `Handy`='" . sql_escape($mobile) . "', - `email`='" . sql_escape($mail) . "', - `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", - `email_by_human_allowed`=" . sql_bool($email_by_human_allowed) . ", - `jabber`='" . sql_escape($jabber) . "', - `Size`='" . sql_escape($tshirt_size) . "', - `Passwort`='" . sql_escape($password_hash) . "', - `kommentar`='" . sql_escape($comment) . "', - `Hometown`='" . sql_escape($hometown) . "', - `CreateDate`=NOW(), - `Sprache`='" . sql_escape($_SESSION["locale"]) . "', - `arrival_date`=NULL, - `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'"); - - // Assign user-group and set password - $user_id = sql_id(); - sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2"); - set_password($user_id, $_REQUEST['password']); - - // Assign angel-types - $user_angel_types_info = []; - foreach ($selected_angel_types as $selected_angel_type_id) { - sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'"); - $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; - } - - engelsystem_log("User " . User_Nick_render(User($user_id)) . " signed up as: " . join(", ", $user_angel_types_info)); - success(_("Angel registration successful!")); - - // User is already logged in - that means a supporter has registered an angel. Return to register page. - if (isset($user)) { - redirect(page_link_to('register')); - } - - // If a welcome message is present, display registration success page. - if ($event_config != null && $event_config['event_welcome_msg'] != null) { - return User_registration_success_view($event_config['event_welcome_msg']); - } - - redirect('?'); + + foreach ($tshirt_sizes as $key => $size) { + if (empty($size)) { + unset($tshirt_sizes[$key]); + } } - } - - $buildup_start_date = time(); - $teardown_end_date = null; - if ($event_config != null) { - if (isset($event_config['buildup_start_date'])) { - $buildup_start_date = $event_config['buildup_start_date']; + + if (isset($_REQUEST['submit'])) { + $valid = true; + + if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) { + $nick = User_validate_Nick($_REQUEST['nick']); + if (count(DB::select('SELECT `UID` FROM `User` WHERE `Nick`=? LIMIT 1', [$nick])) > 0) { + $valid = false; + $msg .= error(sprintf(_('Your nick "%s" already exists.'), $nick), true); + } + } else { + $valid = false; + $msg .= error(sprintf( + _('Your nick "%s" is too short (min. 2 characters).'), + User_validate_Nick($_REQUEST['nick']) + ), true); + } + + if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { + $mail = strip_request_item('mail'); + if (!check_email($mail)) { + $valid = false; + $msg .= error(_('E-mail address is not correct.'), true); + } + } else { + $valid = false; + $msg .= error(_('Please enter your e-mail.'), true); + } + + if (isset($_REQUEST['email_shiftinfo'])) { + $email_shiftinfo = true; + } + + if (isset($_REQUEST['email_by_human_allowed'])) { + $email_by_human_allowed = true; + } + + if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { + $jabber = strip_request_item('jabber'); + if (!check_email($jabber)) { + $valid = false; + $msg .= error(_('Please check your jabber account information.'), true); + } + } + + if ($enable_tshirt_size) { + if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') { + $tshirt_size = $_REQUEST['tshirt_size']; + } else { + $valid = false; + $msg .= error(_('Please select your shirt size.'), true); + } + } + + if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) { + if ($_REQUEST['password'] != $_REQUEST['password2']) { + $valid = false; + $msg .= error(_('Your passwords don\'t match.'), true); + } + } else { + $valid = false; + $msg .= error(sprintf( + _('Your password is too short (please use at least %s characters).'), + $min_password_length + ), true); + } + + if (isset($_REQUEST['planned_arrival_date'])) { + $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00'); + $result = User_validate_planned_arrival_date($tmp); + $planned_arrival_date = $result->getValue(); + if (!$result->isValid()) { + $valid = false; + error(_('Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.')); + } + } + + $selected_angel_types = []; + foreach (array_keys($angel_types) as $angel_type_id) { + if (isset($_REQUEST['angel_types_' . $angel_type_id])) { + $selected_angel_types[] = $angel_type_id; + } + } + + // Trivia + if (isset($_REQUEST['lastname'])) { + $lastName = strip_request_item('lastname'); + } + if (isset($_REQUEST['prename'])) { + $preName = strip_request_item('prename'); + } + if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) { + $age = strip_request_item('age'); + } + if (isset($_REQUEST['tel'])) { + $tel = strip_request_item('tel'); + } + if (isset($_REQUEST['dect'])) { + $dect = strip_request_item('dect'); + } + if (isset($_REQUEST['mobile'])) { + $mobile = strip_request_item('mobile'); + } + if (isset($_REQUEST['hometown'])) { + $hometown = strip_request_item('hometown'); + } + if (isset($_REQUEST['comment'])) { + $comment = strip_request_item_nl('comment'); + } + + if ($valid) { + DB::insert(' + INSERT INTO `User` ( + `color`, + `Nick`, + `Vorname`, + `Name`, + `Alter`, + `Telefon`, + `DECT`, + `Handy`, + `email`, + `email_shiftinfo`, + `email_by_human_allowed`, + `jabber`, + `Size`, + `Passwort`, + `kommentar`, + `Hometown`, + `CreateDate`, + `Sprache`, + `arrival_date`, + `planned_arrival_date` + ) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, NULL, ?) + ', + [ + config('theme'), + $nick, + $preName, + $lastName, + $age, + $tel, + $dect, + $mobile, + $mail, + (bool)$email_shiftinfo, + (bool)$email_by_human_allowed, + $jabber, + $tshirt_size, + $password_hash, + $comment, + $hometown, + $_SESSION['locale'], + $planned_arrival_date, + ] + ); + + // Assign user-group and set password + $user_id = DB::getPdo()->lastInsertId(); + DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]); + set_password($user_id, $_REQUEST['password']); + + // Assign angel-types + $user_angel_types_info = []; + foreach ($selected_angel_types as $selected_angel_type_id) { + DB::insert( + 'INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES (?, ?)', + [$user_id, $selected_angel_type_id] + ); + $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; + } + + engelsystem_log( + 'User ' . User_Nick_render(User($user_id)) + . ' signed up as: ' . join(', ', $user_angel_types_info) + ); + success(_('Angel registration successful!')); + + // User is already logged in - that means a supporter has registered an angel. Return to register page. + if (isset($user)) { + redirect(page_link_to('register')); + } + + // If a welcome message is present, display registration success page. + if ($event_config != null && $event_config['event_welcome_msg'] != null) { + return User_registration_success_view($event_config['event_welcome_msg']); + } + + redirect('?'); + } } - if(isset($event_config['teardown_end_date'])) { - $teardown_end_date = $event_config['teardown_end_date']; + + $buildup_start_date = time(); + $teardown_end_date = null; + if ($event_config != null) { + if (isset($event_config['buildup_start_date'])) { + $buildup_start_date = $event_config['buildup_start_date']; + } + if (isset($event_config['teardown_end_date'])) { + $teardown_end_date = $event_config['teardown_end_date']; + } } - } - - return page_with_title(register_title(), [ - _("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task scheduler."), - $msg, - msg(), - form([ - div('row', [ - div('col-md-6', [ - div('row', [ - div('col-sm-4', [ - form_text('nick', _("Nick") . ' ' . entry_required(), $nick) - ]), - div('col-sm-8', [ - form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), - form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $email_shiftinfo), - form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $email_by_human_allowed) - ]) - ]), - div('row', [ - div('col-sm-6', [ - form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, $buildup_start_date, $teardown_end_date) - ]), - div('col-sm-6', [ - $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '' - ]) - ]), - div('row', [ - div('col-sm-6', [ - form_password('password', _("Password") . ' ' . entry_required()) - ]), - div('col-sm-6', [ - form_password('password2', _("Confirm password") . ' ' . entry_required()) - ]) - ]), - form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (%s)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types), - form_info("", _("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.")) - ]), - div('col-md-6', [ - div('row', [ - div('col-sm-4', [ - form_text('dect', _("DECT"), $dect) - ]), - div('col-sm-4', [ - form_text('mobile', _("Mobile"), $mobile) - ]), - div('col-sm-4', [ - form_text('tel', _("Phone"), $tel) - ]) - ]), - form_text('jabber', _("Jabber"), $jabber), - div('row', [ - div('col-sm-6', [ - form_text('prename', _("First name"), $prename) - ]), - div('col-sm-6', [ - form_text('lastname', _("Last name"), $lastname) - ]) - ]), - div('row', [ - div('col-sm-3', [ - form_text('age', _("Age"), $age) - ]), - div('col-sm-9', [ - form_text('hometown', _("Hometown"), $hometown) - ]) - ]), - form_info(entry_required() . ' = ' . _("Entry required!")) - ]) - ]), - // form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment), - form_submit('submit', _("Register")) - ]) - ]); + + return page_with_title(register_title(), [ + _('By completing this form you\'re registering as a Chaos-Angel. This script will create you an account in the angel task scheduler.'), + $msg, + msg(), + form([ + div('row', [ + div('col-md-6', [ + div('row', [ + div('col-sm-4', [ + form_text('nick', _('Nick') . ' ' . entry_required(), $nick) + ]), + div('col-sm-8', [ + form_email('mail', _('E-Mail') . ' ' . entry_required(), $mail), + form_checkbox( + 'email_shiftinfo', + _('The engelsystem is allowed to send me an email (e.g. when my shifts change)'), + $email_shiftinfo + ), + form_checkbox( + 'email_by_human_allowed', + _('Humans are allowed to send me an email (e.g. for ticket vouchers)'), + $email_by_human_allowed + ) + ]) + ]), + div('row', [ + div('col-sm-6', [ + form_date( + 'planned_arrival_date', + _('Planned date of arrival') . ' ' . entry_required(), + $planned_arrival_date, $buildup_start_date, $teardown_end_date + ) + ]), + div('col-sm-6', [ + $enable_tshirt_size ? form_select('tshirt_size', + _('Shirt size') . ' ' . entry_required(), + $tshirt_sizes, $tshirt_size) : '' + ]) + ]), + div('row', [ + div('col-sm-6', [ + form_password('password', _('Password') . ' ' . entry_required()) + ]), + div('col-sm-6', [ + form_password('password2', _('Confirm password') . ' ' . entry_required()) + ]) + ]), + form_checkboxes( + 'angel_types', + _('What do you want to do?') . sprintf( + ' (%s)', + page_link_to('angeltypes') . '&action=about', + _('Description of job types') + ), + $angel_types, + $selected_angel_types + ), + form_info( + '', + _('Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.') + ) + ]), + div('col-md-6', [ + div('row', [ + div('col-sm-4', [ + form_text('dect', _('DECT'), $dect) + ]), + div('col-sm-4', [ + form_text('mobile', _('Mobile'), $mobile) + ]), + div('col-sm-4', [ + form_text('tel', _('Phone'), $tel) + ]) + ]), + form_text('jabber', _('Jabber'), $jabber), + div('row', [ + div('col-sm-6', [ + form_text('prename', _('First name'), $preName) + ]), + div('col-sm-6', [ + form_text('lastname', _('Last name'), $lastName) + ]) + ]), + div('row', [ + div('col-sm-3', [ + form_text('age', _('Age'), $age) + ]), + div('col-sm-9', [ + form_text('hometown', _('Hometown'), $hometown) + ]) + ]), + form_info(entry_required() . ' = ' . _('Entry required!')) + ]) + ]), + // form_textarea('comment', _('Did you help at former CCC events and which tasks have you performed then?'), $comment), + form_submit('submit', _('Register')) + ]) + ]); } -function entry_required() { - return ''; +function entry_required() +{ + return ''; } -function guest_logout() { - session_destroy(); - redirect(page_link_to("start")); +function guest_logout() +{ + session_destroy(); + redirect(page_link_to('start')); + return true; } -function guest_login() { - $nick = ""; - - unset($_SESSION['uid']); - $valid = true; - - if (isset($_REQUEST['submit'])) { - - if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) { - $nick = User_validate_Nick($_REQUEST['nick']); - $login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "'"); - if (count($login_user) > 0) { - $login_user = $login_user[0]; - if (isset($_REQUEST['password'])) { - if (! verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) { - $valid = false; - error(_("Your password is incorrect. Please try it again.")); - } +function guest_login() +{ + $nick = ''; + + unset($_SESSION['uid']); + $valid = true; + + if (isset($_REQUEST['submit'])) { + if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) { + $nick = User_validate_Nick($_REQUEST['nick']); + $login_user = DB::select('SELECT * FROM `User` WHERE `Nick`=?', [$nick]); + if (count($login_user) > 0) { + $login_user = $login_user[0]; + if (isset($_REQUEST['password'])) { + if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) { + $valid = false; + error(_('Your password is incorrect. Please try it again.')); + } + } else { + $valid = false; + error(_('Please enter a password.')); + } + } else { + $valid = false; + error(_('No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher.')); + } } else { - $valid = false; - error(_("Please enter a password.")); + $valid = false; + error(_('Please enter a nickname.')); + } + + if ($valid && !empty($login_user)) { + $_SESSION['uid'] = $login_user['UID']; + $_SESSION['locale'] = $login_user['Sprache']; + + redirect(page_link_to('news')); } - } else { - $valid = false; - error(_("No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher.")); - } - } else { - $valid = false; - error(_("Please enter a nickname.")); - } - - if ($valid) { - $_SESSION['uid'] = $login_user['UID']; - $_SESSION['locale'] = $login_user['Sprache']; - - redirect(page_link_to('news')); } - } - - $event_config = EventConfig(); - - return page([ - div('col-md-12', [ - div('row', [ - EventConfig_countdown_page($event_config) - ]), - div('row', [ - div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [ - div('panel panel-primary first', [ - div('panel-heading', [ - ' ' . _("Login") - ]), - div('panel-body', [ - msg(), - form([ - form_text_placeholder('nick', _("Nick"), $nick), - form_password_placeholder('password', _("Password")), - form_submit('submit', _("Login")), - ! $valid ? buttons([ - button(page_link_to('user_password_recovery'), _("I forgot my password")) - ]) : '' - ]) - ]), - div('panel-footer', [ - glyph('info-sign') . _("Please note: You have to activate cookies!") - ]) - ]) - ]) - ]), - div('row', [ - div('col-sm-6 text-center', [ - heading(register_title(), 2), - get_register_hint() - ]), - div('col-sm-6 text-center', [ - heading(_("What can I do?"), 2), - '
' . _("Please read about the jobs you can do to help us.") . '
', - buttons([ - button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' »') - ]) - ]) - ]) - ]) - ]); -} -function get_register_hint() { - global $privileges; - - if (in_array('register', $privileges)) { - return join('', [ - '' . _("Please sign up, if you want to help us!") . '
', - buttons([ - button(page_link_to('register'), register_title() . ' »') - ]) + $event_config = EventConfig(); + + return page([ + div('col-md-12', [ + div('row', [ + EventConfig_countdown_page($event_config) + ]), + div('row', [ + div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [ + div('panel panel-primary first', [ + div('panel-heading', [ + ' ' . _('Login') + ]), + div('panel-body', [ + msg(), + form([ + form_text_placeholder('nick', _('Nick'), $nick), + form_password_placeholder('password', _('Password')), + form_submit('submit', _('Login')), + !$valid ? buttons([ + button(page_link_to('user_password_recovery'), _('I forgot my password')) + ]) : '' + ]) + ]), + div('panel-footer', [ + glyph('info-sign') . _('Please note: You have to activate cookies!') + ]) + ]) + ]) + ]), + div('row', [ + div('col-sm-6 text-center', [ + heading(register_title(), 2), + get_register_hint() + ]), + div('col-sm-6 text-center', [ + heading(_('What can I do?'), 2), + '' . _('Please read about the jobs you can do to help us.') . '
', + buttons([ + button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' »') + ]) + ]) + ]) + ]) ]); - } - - //FIXME: return error(_("Registration is disabled."), true); - return error("Registration is disabled.", true); } -?> + +function get_register_hint() +{ + global $privileges; + + if (in_array('register', $privileges)) { + return join('', [ + '' . _('Please sign up, if you want to help us!') . '
', + buttons([ + button(page_link_to('register'), register_title() . ' »') + ]) + ]); + } + + //FIXME: return error(_('Registration is disabled.'), true); + return error('Registration is disabled.', true); +} diff --git a/includes/pages/guest_start.php b/includes/pages/guest_start.php index 8f008a8d..4cd2fa42 100644 --- a/includes/pages/guest_start.php +++ b/includes/pages/guest_start.php @@ -1,5 +1,6 @@ \ No newline at end of file diff --git a/includes/pages/guest_stats.php b/includes/pages/guest_stats.php index 71fde137..6b6f0572 100644 --- a/includes/pages/guest_stats.php +++ b/includes/pages/guest_stats.php @@ -1,35 +1,48 @@ 'Wrong api_key.' + ])); } raw_output(json_encode([ - 'error' => "Wrong api_key." + 'error' => 'Missing parameter api_key.' ])); - } - raw_output(json_encode([ - 'error' => "Missing parameter api_key." - ])); } - -?> diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index 9a765634..d7c77d52 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -1,51 +1,73 @@ +/** + * @param array[] $news_entries + * @return string + */ +function make_atom_entries_from_news($news_entries) +{ + $html = '', $message['Text']) - ]; - - if ($message['RUID'] == $user['UID']) { - if ($message['isRead'] == 'N') { - $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs'); +/** + * @return string + */ +function user_unread_messages() +{ + global $user; + + if (isset($user)) { + $new_messages = count(DB::select( + 'SELECT `id` FROM `Messages` WHERE isRead=\'N\' AND `RUID`=?', + [$user['UID']] + )); + if ($new_messages > 0) { + return ' ' . $new_messages . ''; } - } else { - $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs'); - } - $messages_table[] = $messages_table_entry; } - - return page_with_title(messages_title(), [ - msg(), - sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)), - form([ - table([ - 'new' => _("New"), - 'timestamp' => _("Date"), - 'from' => _("Transmitted"), - 'to' => _("Recipient"), - 'text' => _("Message"), - 'actions' => '' - ], $messages_table) - ], page_link_to('user_messages') . '&action=send') - ]); - } else { - switch ($_REQUEST['action']) { - case "read": - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $message_id = $_REQUEST['id']; - } else { - return error(_("Incomplete call, missing Message ID."), true); - } - - $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { - sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - redirect(page_link_to("user_messages")); - } else { - return error(_("No Message found."), true); - } - break; - - case "delete": - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $message_id = $_REQUEST['id']; - } else { - return error(_("Incomplete call, missing Message ID."), true); + return ''; +} + +/** + * @return string + */ +function user_messages() +{ + global $user; + + if (!isset($_REQUEST['action'])) { + $users = DB::select( + 'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`', + [$user['UID']] + ); + + $to_select_data = [ + '' => _('Select recipient...') + ]; + + foreach ($users as $u) { + $to_select_data[$u['UID']] = $u['Nick']; } - - $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { - sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - redirect(page_link_to("user_messages")); - } else { - return error(_("No Message found."), true); + + $to_select = html_select_key('to', 'to', $to_select_data, ''); + + $messages = DB::select(' + SELECT * + FROM `Messages` + WHERE `SUID`=? + OR `RUID`=? + ORDER BY `isRead`,`Datum` DESC + ', + [ + $user['UID'], + $user['UID'], + ] + ); + + $messages_table = [ + [ + 'news' => '', + 'timestamp' => date('Y-m-d H:i'), + 'from' => User_Nick_render($user), + 'to' => $to_select, + 'text' => form_textarea('text', '', ''), + 'actions' => form_submit('submit', _('Save')) + ] + ]; + + foreach ($messages as $message) { + $sender_user_source = User($message['SUID']); + $receiver_user_source = User($message['RUID']); + + $messages_table_entry = [ + 'new' => $message['isRead'] == 'N' ? '' : '', + 'timestamp' => date('Y-m-d H:i', $message['Datum']), + 'from' => User_Nick_render($sender_user_source), + 'to' => User_Nick_render($receiver_user_source), + 'text' => str_replace("\n", '
', $message['Text']) + ]; + + if ($message['RUID'] == $user['UID']) { + if ($message['isRead'] == 'N') { + $messages_table_entry['actions'] = button( + page_link_to('user_messages') . '&action=read&id=' . $message['id'], + _('mark as read'), + 'btn-xs' + ); + } + } else { + $messages_table_entry['actions'] = button( + page_link_to('user_messages') . '&action=delete&id=' . $message['id'], + _('delete message'), + 'btn-xs' + ); + } + $messages_table[] = $messages_table_entry; } - break; - - case "send": - if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) { - redirect(page_link_to("user_messages")); - } else { - return error(_("Transmitting was terminated with an Error."), true); + + return page_with_title(messages_title(), [ + msg(), + sprintf(_('Hello %s, here can you leave messages for other angels'), User_Nick_render($user)), + form([ + table([ + 'new' => _('New'), + 'timestamp' => _('Date'), + 'from' => _('Transmitted'), + 'to' => _('Recipient'), + 'text' => _('Message'), + 'actions' => '' + ], $messages_table) + ], page_link_to('user_messages') . '&action=send') + ]); + } else { + switch ($_REQUEST['action']) { + case 'read': + if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) { + $message_id = $_REQUEST['id']; + } else { + return error(_('Incomplete call, missing Message ID.'), true); + } + + $message = DB::select( + 'SELECT `RUID` FROM `Messages` WHERE `id`=? LIMIT 1', + [$message_id] + ); + if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { + DB::update( + 'UPDATE `Messages` SET `isRead`=\'Y\' WHERE `id`=? LIMIT 1', + [$message_id] + ); + redirect(page_link_to('user_messages')); + } else { + return error(_('No Message found.'), true); + } + break; + + case 'delete': + if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) { + $message_id = $_REQUEST['id']; + } else { + return error(_('Incomplete call, missing Message ID.'), true); + } + + $message = DB::select( + 'SELECT `SUID` FROM `Messages` WHERE `id`=? LIMIT 1', + [$message_id] + ); + if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { + DB::delete('DELETE FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]); + redirect(page_link_to('user_messages')); + } else { + return error(_('No Message found.'), true); + } + break; + + case 'send': + if (Message_send($_REQUEST['to'], $_REQUEST['text'])) { + redirect(page_link_to('user_messages')); + } else { + return error(_('Transmitting was terminated with an Error.'), true); + } + break; + + default: + return error(_('Wrong action.'), true); } - break; - - default: - return error(_("Wrong action."), true); } - } + + return ''; } -?> diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index 3cf0c571..6048093a 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -1,118 +1,176 @@ 0) { - $user_id = $_REQUEST['id']; - } else { - $user_id = $user['UID']; - } - - list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); - - if (isset($_REQUEST['reset'])) { - if ($_REQUEST['reset'] == "ack") { - User_reset_api_key($user); - success(_("Key changed.")); - redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); +/** + * Zeigt die Schichten an, die ein Benutzer belegt + * + * @return string + */ +function user_myshifts() +{ + global $user, $privileges; + + if ( + isset($_REQUEST['id']) + && in_array('user_shifts_admin', $privileges) + && preg_match('/^\d{1,}$/', $_REQUEST['id']) + && count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0 + ) { + $user_id = $_REQUEST['id']; + } else { + $user_id = $user['UID']; } - return page_with_title(_("Reset API key"), [ - error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true), - button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') - ]); - } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { - $user_id = $_REQUEST['edit']; - $shift = sql_select("SELECT - `ShiftEntry`.`freeloaded`, - `ShiftEntry`.`freeload_comment`, - `ShiftEntry`.`Comment`, - `ShiftEntry`.`UID`, - `ShiftTypes`.`name`, - `Shifts`.*, - `Room`.`Name`, - `AngelTypes`.`name` as `angel_type` - FROM `ShiftEntry` - JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) - JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) - JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) - JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' - AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1"); - if (count($shift) > 0) { - $shift = $shift[0]; - $freeloaded = $shift['freeloaded']; - $freeload_comment = $shift['freeload_comment']; - - if (isset($_REQUEST['submit'])) { - $valid = true; - if (in_array("user_shifts_admin", $privileges)) { - $freeloaded = isset($_REQUEST['freeloaded']); - $freeload_comment = strip_request_item_nl('freeload_comment'); - if ($freeloaded && $freeload_comment == '') { - $valid = false; - error(_("Please enter a freeload comment!")); - } + + $shifts_user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]); + $shifts_user = array_shift($shifts_user); + + if (isset($_REQUEST['reset'])) { + if ($_REQUEST['reset'] == 'ack') { + User_reset_api_key($user); + success(_('Key changed.')); + redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); } - - $comment = strip_request_item_nl('comment'); - $user_source = User($shift['UID']); - - if ($valid) { - $result = ShiftEntry_update([ - 'id' => $user_id, - 'Comment' => $comment, - 'freeloaded' => $freeloaded, - 'freeload_comment' => $freeload_comment - ]); - if ($result === false) { - engelsystem_error('Unable to update shift entry.'); - } - - engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO")); - success(_("Shift saved.")); - redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + return page_with_title(_('Reset API key'), [ + error( + _('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'), + true + ), + button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger') + ]); + } elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) { + $user_id = $_REQUEST['edit']; + $shift = DB::select(' + SELECT + `ShiftEntry`.`freeloaded`, + `ShiftEntry`.`freeload_comment`, + `ShiftEntry`.`Comment`, + `ShiftEntry`.`UID`, + `ShiftTypes`.`name`, + `Shifts`.*, + `Room`.`Name`, + `AngelTypes`.`name` AS `angel_type` + FROM `ShiftEntry` + JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) + JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) + JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) + JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) + WHERE `ShiftEntry`.`id`=? + AND `UID`=? + LIMIT 1 + ', + [ + $user_id, + $shifts_user['UID'], + ] + ); + if (count($shift) > 0) { + $shift = array_shift($shift); + $freeloaded = $shift['freeloaded']; + $freeload_comment = $shift['freeload_comment']; + + if (isset($_REQUEST['submit'])) { + $valid = true; + if (in_array('user_shifts_admin', $privileges)) { + $freeloaded = isset($_REQUEST['freeloaded']); + $freeload_comment = strip_request_item_nl('freeload_comment'); + if ($freeloaded && $freeload_comment == '') { + $valid = false; + error(_('Please enter a freeload comment!')); + } + } + + $comment = strip_request_item_nl('comment'); + $user_source = User($shift['UID']); + + if ($valid) { + $result = ShiftEntry_update([ + 'id' => $user_id, + 'Comment' => $comment, + 'freeloaded' => $freeloaded, + 'freeload_comment' => $freeload_comment + ]); + if ($result === false) { + engelsystem_error('Unable to update shift entry.'); + } + + engelsystem_log( + 'Updated ' . User_Nick_render($user_source) . '\'s shift ' . $shift['name'] + . ' from ' . date('Y-m-d H:i', $shift['start']) + . ' to ' . date('Y-m-d H:i', $shift['end']) + . ' with comment ' . $comment + . '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO') + ); + success(_('Shift saved.')); + redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + } + } + + return ShiftEntry_edit_view( + User_Nick_render($shifts_user), + date('Y-m-d H:i', $shift['start']) . ', ' . shift_length($shift), + $shift['Name'], + $shift['name'], + $shift['angel_type'], + $shift['Comment'], + $shift['freeloaded'], + $shift['freeload_comment'], + in_array('user_shifts_admin', $privileges) + ); + } else { + redirect(page_link_to('user_myshifts')); } - } - - return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges)); - } else { - redirect(page_link_to('user_myshifts')); - } - } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { - $user_id = $_REQUEST['cancel']; - $shift = sql_select(" - SELECT * - FROM `Shifts` - INNER JOIN `ShiftEntry` USING (`SID`) - WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'"); - if (count($shift) > 0) { - $shift = $shift[0]; - if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) { - $result = ShiftEntry_delete($user_id); - if ($result === false) { - engelsystem_error('Unable to delete shift entry.'); + } elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) { + $user_id = $_REQUEST['cancel']; + $shift = DB::select(' + SELECT * + FROM `Shifts` + INNER JOIN `ShiftEntry` USING (`SID`) + WHERE `ShiftEntry`.`id`=? AND `UID`=? + ', + [ + $user_id, + $shifts_user['UID'], + ] + ); + if (count($shift) > 0) { + $shift = array_shift($shift); + if ( + ($shift['start'] > time() + config('last_unsubscribe') * 3600) + || in_array('user_shifts_admin', $privileges) + ) { + $result = ShiftEntry_delete($user_id); + if ($result === false) { + engelsystem_error('Unable to delete shift entry.'); + } + $room = Room($shift['RID']); + $angeltype = AngelType($shift['TID']); + $shifttype = ShiftType($shift['shifttype_id']); + + engelsystem_log( + 'Deleted own shift: ' . $shifttype['name'] + . ' at ' . $room['Name'] + . ' from ' . date('Y-m-d H:i', $shift['start']) + . ' to ' . date('Y-m-d H:i', $shift['end']) + . ' as ' . $angeltype['name'] + ); + success(_('Shift canceled.')); + } else { + error(_('It\'s too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.')); + } + } else { + redirect(user_link($shifts_user)); } - $room = Room($shift['RID']); - $angeltype = AngelType($shift['TID']); - $shifttype = ShiftType($shift['shifttype_id']); - - engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']); - success(_("Shift canceled.")); - } else { - error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.")); - } - } else { - redirect(user_link($shifts_user)); } - } - - redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + + redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); + return ''; } -?> diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 97f7ec83..b1e337b6 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -1,169 +1,251 @@
' . meetings_title() . '
' . msg(); - - if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { - $page = $_REQUEST['page']; - } else { - $page = 0; - } - - $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); - foreach ($news as $entry) { - $html .= display_news($entry); - } - - $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); - $html .= '' . '
';
-
- return $html;
-}
-function display_news($news) {
- global $privileges, $page;
-
- $html = '';
- $html .= '- ';
- for ($i = 0; $i < $dis_rows; $i ++) {
- if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
- $html .= '
- '; - } elseif (! isset($_REQUEST['page']) && $i == 0) { - $html .= '
- ';
+/**
+ * @return string
+ */
+function user_meetings()
+{
+ $display_news = config('display_news');
+ $html = '
' . meetings_title() . '
' . msg(); + + if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) { + $page = $_REQUEST['page']; } else { - $html .= '- '; + $page = 0; } - $html .= '' . ($i + 1) . '
'; - } - $html .= '
';
- $html .= '
';
- return $html;
+ $news = DB::select(sprintf('
+ SELECT *
+ FROM `News`
+ WHERE `Treffen`=1
+ ORDER BY `Datum`DESC
+ LIMIT %u, %u',
+ $page * $display_news,
+ $display_news
+ ));
+ foreach ($news as $entry) {
+ $html .= display_news($entry);
+ }
+
+ $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
+ $html .= '';
- $html .= '
';
- $html .= '' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '
'; - $html .= '' . ReplaceSmilies(nl2br($news['Text'])) . '
';
-
- $html .= '';
- $html .= '' . '
';
+
+ return $html;
}
-function user_news_comments() {
- global $user;
-
- $html = '- ';
+ for ($i = 0; $i < $dis_rows; $i++) {
+ if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
+ $html .= '
- '; + } elseif (!isset($_REQUEST['page']) && $i == 0) { + $html .= '
- '; + } else { + $html .= '
- '; + } + $html .= '' . ($i + 1) . ' '; + } + $html .= '
' . user_news_comments_title() . '
'; - if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) { - $nid = $_REQUEST["nid"]; - list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1"); - if (isset($_REQUEST["text"])) { - $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); - sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); - engelsystem_log("Created news_comment: " . $text); - $html .= success(_("Entry saved."), true); +/** + * @param array $news + * @return string + */ +function display_news($news) +{ + global $privileges, $page; + + $html = ''; + $html .= '';
+ $html .= '
';
+ $html .= '';
+ $html .= '
';
+ $html .= '' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '
'; + $html .= '' . ReplaceSmilies(nl2br($news['Text'])) . '
';
+
+ $html .= '';
+ $html .= '' . news_title() . '
' . msg(); - - if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) { - if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) { - $_POST["treffen"] = 0; +/** + * @return string + */ +function user_news_comments() +{ + global $user; + + $html = '' . user_news_comments_title() . '
'; + if ( + isset($_REQUEST['nid']) + && preg_match('/^\d{1,}$/', $_REQUEST['nid']) + && count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0 + ) { + $nid = $_REQUEST['nid']; + $news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]); + $news = array_shift($news); + if (isset($_REQUEST['text'])) { + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); + DB::insert(' + INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) + VALUES (?, ?, ?, ?) + ', + [ + $nid, + date('Y-m-d H:i:s'), + $text, + $user["UID"], + ] + ); + engelsystem_log('Created news_comment: ' . $text); + $html .= success(_('Entry saved.'), true); + } + + $html .= display_news($news); + + $comments = DB::select( + 'SELECT * FROM `NewsComments` WHERE `Refid`=? ORDER BY \'ID\'', + [$nid] + ); + foreach ($comments as $comment) { + $user_source = User($comment['UID']); + + $html .= '';
+ $html .= '
';
+ }
+
+ $html .= '' . nl2br($comment['Text']) . '
';
+ $html .= '';
+ $html .= '' . _('New Comment:') . '
'; + $html .= form([ + form_textarea('text', _('Message'), ''), + form_submit('submit', _('Save')) + ], page_link_to('news_comments') . '&nid=' . $news['ID']); + } else { + $html .= _('Invalid request.'); + } + + return $html . '' . news_title() . '
' . msg(); + + if (isset($_POST['text']) && isset($_POST['betreff']) && in_array('admin_news', $privileges)) { + if (!isset($_POST['treffen']) || !in_array('admin_news', $privileges)) { + $_POST['treffen'] = 0; + } + DB::insert(' + INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) + VALUES (?, ?, ?, ?, ?) + ', + [ + time(), + $_POST['betreff'], + $_POST['text'], + $user['UID'], + $_POST['treffen'], + ] + ); + engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $_POST['treffen']); + success(_('Entry saved.')); + redirect(page_link_to('news')); } - sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');"); - engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]); - success(_("Entry saved.")); - redirect(page_link_to('news')); - } - - if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { - $page = $_REQUEST['page']; - } else { - $page = 0; - } - - $news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); - foreach ($news as $entry) { - $html .= display_news($entry); - } - - $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); - $html .= '' . '
';
-
- if (in_array("admin_news", $privileges)) {
- $html .= '- ';
- for ($i = 0; $i < $dis_rows; $i ++) {
- if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
- $html .= '
- '; - } elseif (! isset($_REQUEST['page']) && $i == 0) { - $html .= '
- '; + + if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) { + $page = $_REQUEST['page']; } else { - $html .= '
- ';
+ $page = 0;
+ }
+
+ $news = DB::select(sprintf('
+ SELECT *
+ FROM `News`
+ ORDER BY `Datum`
+ DESC LIMIT %u, %u
+ ',
+ $page * $display_news,
+ $display_news
+ ));
+ foreach ($news as $entry) {
+ $html .= display_news($entry);
+ }
+
+ $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
+ $html .= '' . ''; + + if (in_array('admin_news', $privileges)) { + $html .= '
- ';
+ for ($i = 0; $i < $dis_rows; $i++) {
+ if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
+ $html .= '
- '; + } elseif (!isset($_REQUEST['page']) && $i == 0) { + $html .= '
- '; + } else { + $html .= '
- '; + } + $html .= '' . ($i + 1) . ' '; + } + $html .= '
'; + $html .= '' . _('Create news:') . '
'; + + $html .= form([ + form_text('betreff', _('Subject'), ''), + form_textarea('text', _('Message'), ''), + form_checkbox('treffen', _('Meeting'), false, 1), + form_submit('submit', _('Save')) + ]); } - $html .= '' . ($i + 1) . ' ';
- }
- $html .= '
'; - $html .= '
' . _("Create news:") . '
'; - - $html .= form([ - form_text('betreff', _("Subject"), ''), - form_textarea('text', _("Message"), ''), - form_checkbox('treffen', _("Meeting"), false, 1), - form_submit('submit', _("Save")) - ]); - } - return $html . '' . _("iCal export") . '
' . sprintf(_("Export of shown shifts. iCal format or JSON format available (please keep secret, otherwise reset the api key)."), page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('user_myshifts') . '&reset') . '
', - 'filter' => _("Filter") - ]) - ]) - ]); + $start_day = date('Y-m-d', $shiftsFilter->getStartTime()); + $start_time = date('H:i', $shiftsFilter->getStartTime()); + $end_day = date('Y-m-d', $shiftsFilter->getEndTime()); + $end_time = date('H:i', $shiftsFilter->getEndTime()); + + return page([ + div('col-md-12', [ + msg(), + template_render(__DIR__ . '/../../templates/user_shifts.html', [ + 'title' => shifts_title(), + 'room_select' => make_select($rooms, $shiftsFilter->getRooms(), 'rooms', _('Rooms')), + 'start_select' => html_select_key('start_day', 'start_day', array_combine($days, $days), $start_day), + 'start_time' => $start_time, + 'end_select' => html_select_key('end_day', 'end_day', array_combine($days, $days), $end_day), + 'end_time' => $end_time, + 'type_select' => make_select( + $types, + $shiftsFilter->getTypes(), + 'types', + _('Angeltypes') . '1' + ), + 'filled_select' => make_select($filled, $shiftsFilter->getFilled(), 'filled', _('Occupancy')), + 'task_notice' => + '1' + . _('The tasks shown here are influenced by the angeltypes you joined already!') + . ' ' + . _('Description of the jobs.') + . '', + 'shifts_table' => msg() . $shiftCalendarRenderer->render(), + 'ical_text' => '' . _('iCal export') . '
' . sprintf( + _('Export of shown shifts. iCal format or JSON format available (please keep secret, otherwise reset the api key).'), + page_link_to_absolute('ical') . '&key=' . $user['api_key'], + page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], + page_link_to('user_myshifts') . '&reset' + ) . '
', + 'filter' => _('Filter') + ]) + ]) + ]); } -function get_ids_from_array($array) { - return $array["id"]; +/** + * @param array $array + * @return array + */ +function get_ids_from_array($array) +{ + return $array['id']; } -function make_select($items, $selected, $name, $title = null) { - $html_items = []; - if (isset($title)) { - $html_items[] = '' . $title . '
' . "\n"; - } - - foreach ($items as $i) { - $html_items[] = '' . (! isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock")) . '
'; - } - $html = '
' . "\n";
- $html .= implode("\n", $html_items);
- $html .= buttons([
- button("javascript: checkAll('selection_" . $name . "', true)", _("All"), ""),
- button("javascript: checkAll('selection_" . $name . "', false)", _("None"), "")
- ]);
- $html .= '
' . "\n";
- return $html;
+function make_select($items, $selected, $name, $title = null)
+{
+ $html_items = [];
+ if (isset($title)) {
+ $html_items[] = '' . $title . '
' . "\n"; + } + + foreach ($items as $i) { + $html_items[] = ''
+ . ''
+ . (!isset($i['enabled']) || $i['enabled'] ? '' : glyph('lock'))
+ . '
'; + } + $html = '
' . "\n";
+ $html .= implode("\n", $html_items);
+ $html .= buttons([
+ button('javascript: checkAll(\'selection_' . $name . '\', true)', _('All'), ''),
+ button('javascript: checkAll(\'selection_' . $name . '\', false)', _('None'), '')
+ ]);
+ $html .= '
' . "\n";
+ return $html;
}
-?>
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
index 7a1dd4b7..856ed4ab 100644
--- a/includes/sys_auth.php
+++ b/includes/sys_auth.php
@@ -1,91 +1,160 @@
0) {
- // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
- list($user) = $user;
- sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
- $privileges = privileges_for_user($user['UID']);
- return;
+function load_auth()
+{
+ global $user, $privileges;
+
+ $user = null;
+ if (isset($_SESSION['uid'])) {
+ $user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$_SESSION['uid']]);
+ if (count($user) > 0) {
+ // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
+ $user = array_shift($user);
+ DB::update('
+ UPDATE `User`
+ SET `lastLogIn` = ?
+ WHERE `UID` = ?
+ LIMIT 1
+ ', [
+ time(),
+ $_SESSION['uid'],
+ ]);
+ $privileges = privileges_for_user($user['UID']);
+ return;
+ }
+ unset($_SESSION['uid']);
}
- unset($_SESSION['uid']);
- }
-
- // guest privileges
- $privileges = privileges_for_group(- 1);
+
+ // guest privileges
+ $privileges = privileges_for_group(-1);
}
/**
* generate a salt (random string) of arbitrary length suitable for the use with crypt()
+ *
+ * @param int $length
+ * @return string
*/
-function generate_salt($length = 16) {
- $alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- $salt = "";
- for ($i = 0; $i < $length; $i ++) {
- $salt .= $alphabet[rand(0, strlen($alphabet) - 1)];
- }
- return $salt;
+function generate_salt($length = 16)
+{
+ $alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+ $salt = '';
+ for ($i = 0; $i < $length; $i++) {
+ $salt .= $alphabet[rand(0, strlen($alphabet) - 1)];
+ }
+ return $salt;
}
/**
* set the password of a user
+ *
+ * @param int $uid
+ * @param string $password
+ * @return bool
*/
-function set_password($uid, $password) {
- global $crypt_alg;
- $result = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt(16) . '$')) . "', `password_recovery_token`=NULL WHERE `UID` = " . intval($uid) . " LIMIT 1");
- if ($result === false) {
- engelsystem_error('Unable to update password.');
- }
- return $result;
+function set_password($uid, $password)
+{
+ $result = DB::update('
+ UPDATE `User`
+ SET `Passwort` = ?,
+ `password_recovery_token`=NULL
+ WHERE `UID` = ?
+ LIMIT 1
+ ',
+ [
+ crypt($password, config('crypt_alg') . '$' . generate_salt(16) . '$'),
+ $uid
+ ]
+ );
+ if (DB::getStm()->errorCode() != '00000') {
+ engelsystem_error('Unable to update password.');
+ }
+ return $result;
}
/**
* verify a password given a precomputed salt.
* if $uid is given and $salt is an old-style salt (plain md5), we convert it automatically
+ *
+ * @param string $password
+ * @param string $salt
+ * @param int $uid
+ * @return bool
*/
-function verify_password($password, $salt, $uid = false) {
- global $crypt_alg;
- $correct = false;
- if (substr($salt, 0, 1) == '$') { // new-style crypt()
- $correct = crypt($password, $salt) == $salt;
- } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore
- $correct = crypt($password, '77') == $salt;
- } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore
- $correct = md5($password) == $salt;
- }
+function verify_password($password, $salt, $uid = null)
+{
+ $crypt_alg = config('crypt_alg');
+ $correct = false;
+ if (substr($salt, 0, 1) == '$') { // new-style crypt()
+ $correct = crypt($password, $salt) == $salt;
+ } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore
+ $correct = crypt($password, '77') == $salt;
+ } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore
+ $correct = md5($password) == $salt;
+ }
- if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && $uid) {
- // this password is stored in another format than we want it to be.
- // let's update it!
- // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash
- sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt() . '$')) . "' WHERE `UID` = " . intval($uid) . " AND `Passwort` = '" . sql_escape($salt) . "' LIMIT 1");
- }
- return $correct;
+ if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && intval($uid)) {
+ // this password is stored in another format than we want it to be.
+ // let's update it!
+ // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash
+ DB::update('
+ UPDATE `User`
+ SET `Passwort` = ?
+ WHERE `UID` = ?
+ AND `Passwort` = ?
+ LIMIT 1
+ ',
+ [
+ crypt($password, $crypt_alg . '$' . generate_salt() . '$'),
+ $uid,
+ $salt,
+ ]
+ );
+ }
+ return $correct;
}
-function privileges_for_user($user_id) {
- $privileges = [];
- $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'");
- foreach ($user_privs as $user_priv) {
- $privileges[] = $user_priv['name'];
- }
- return $privileges;
+/**
+ * @param int $user_id
+ * @return array
+ */
+function privileges_for_user($user_id)
+{
+ $privileges = [];
+ $user_privileges = DB::select('
+ SELECT `Privileges`.`name`
+ FROM `User`
+ JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`)
+ JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`)
+ JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
+ WHERE `User`.`UID`=?
+ ', [$user_id]);
+ foreach ($user_privileges as $user_privilege) {
+ $privileges[] = $user_privilege['name'];
+ }
+ return $privileges;
}
-function privileges_for_group($group_id) {
- $privileges = [];
- $groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group_id) . "'");
- foreach ($groups_privs as $guest_priv) {
- $privileges[] = $guest_priv['name'];
- }
- return $privileges;
+/**
+ * @param int $group_id
+ * @return array
+ */
+function privileges_for_group($group_id)
+{
+ $privileges = [];
+ $groups_privileges = DB::select('
+ SELECT `name`
+ FROM `GroupPrivileges`
+ JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
+ WHERE `group_id`=?
+ ', [$group_id]);
+ foreach ($groups_privileges as $guest_privilege) {
+ $privileges[] = $guest_privilege['name'];
+ }
+ return $privileges;
}
-?>
diff --git a/includes/sys_form.php b/includes/sys_form.php
index 98ef2134..936e3203 100644
--- a/includes/sys_form.php
+++ b/includes/sys_form.php
@@ -4,21 +4,26 @@
/**
* Renders a hidden input
*
- * @param string $name
- * Name of the input
- * @param string $value
- * The value
+ * @param string $name Name of the input
+ * @param string $value The value
* @return string rendered html
*/
-function form_hidden($name, $value) {
- return '';
+function form_hidden($name, $value)
+{
+ return '';
}
/**
* Rendert ein Zahlenfeld mit Buttons zum verstellen
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $value
+ * @return string
*/
-function form_spinner($name, $label, $value) {
- return form_element($label, '
+function form_spinner($name, $label, $value)
+{
+ return form_element($label, '
@@ -31,11 +36,13 @@ function form_spinner($name, $label, $value) {
' . glyph('th') . '
@@ -80,202 +85,332 @@ function form_date($name, $label, $value, $start_date = '', $end_date = '') {
/**
* Rendert eine Liste von Checkboxen für ein Formular
*
- * @param
- * name Die Namen der Checkboxen werden aus name_key gebildet
- * @param
- * label Die Beschriftung der Liste
- * @param
- * items Array mit den einzelnen Checkboxen
- * @param
- * selected Array mit den Keys, die ausgewählt sind
+ * @param string $name Die Namen der Checkboxen werden aus name_key gebildet
+ * @param string $label Die Beschriftung der Liste
+ * @param array $items Array mit den einzelnen Checkboxen
+ * @param array $selected Array mit den Keys, die ausgewählt sind
+ * @return string
*/
-function form_checkboxes($name, $label, $items, $selected) {
- $html = form_element($label, '');
- foreach ($items as $key => $item) {
- $html .= form_checkbox($name . '_' . $key, $item, array_search($key, $selected) !== false);
- }
- return $html;
+function form_checkboxes($name, $label, $items, $selected)
+{
+ $html = form_element($label, '');
+ foreach ($items as $key => $item) {
+ $html .= form_checkbox($name . '_' . $key, $item, array_search($key, $selected) !== false);
+ }
+ return $html;
}
/**
* Rendert eine Tabelle von Checkboxen für ein Formular
*
- * @param
- * names Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
- * @param
- * label Die Beschriftung der gesamten Tabelle
- * @param
- * items Array mit den Beschriftungen der Zeilen
- * @param
- * selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo markierten Checkboxen ist
- * @param
- * disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
+ * @param string[] $names Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
+ * @param string $label Die Beschriftung der gesamten Tabelle
+ * @param string[] $items Array mit den Beschriftungen der Zeilen
+ * @param array[] $selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo
+ * markierten Checkboxen ist
+ * @param array $disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
+ * @return string
*/
-function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []) {
- $html = "| $title | "; - } - $html .= "||||
|---|---|---|---|---|
| '; +function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []) +{ + $html = ' |
| ' . $title . ' | '; + } + $html .= '|
|---|---|
| ' + . '' + . ' | '; + } + $html .= ''; - } - $html .= " |
'
+ . '
';
}
/**
* Rendert einen Infotext in das Formular
+ *
+ * @param string $label
+ * @param string $text
+ * @return string
*/
-function form_info($label, $text = "") {
- if ($label == "") {
- return '' . glyph('info-sign') . $text . '';
- }
- if ($text == "") {
- return '' . $label . '
'; - } - return form_element($label, '' . $text . '
', ''); +function form_info($label, $text = '') +{ + if ($label == '') { + return '' . glyph('info-sign') . $text . ''; + } + if ($text == '') { + return '' . $label . '
'; + } + return form_element($label, '' . $text . '
', ''); } /** * Rendert den Absenden-Button eines Formulars + * + * @param string $name + * @param string $label + * @return string */ -function form_submit($name, $label) { - return form_element('', ""); +function form_submit($name, $label) +{ + return form_element( + '', + '' + ); } /** * Rendert ein Formular-Textfeld + * + * @param string $name + * @param string $label + * @param string $value + * @param bool $disabled + * @return string */ -function form_text($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_text($name, $label, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element( + $label, + '', + 'form_' . $name + ); } /** * Renders a text input with placeholder instead of label. * - * @param String $name - * Input name - * @param String $placeholder - * Placeholder - * @param String $value - * The value - * @param Boolean $disabled - * Is the field enabled? + * @param String $name Input name + * @param String $placeholder Placeholder + * @param String $value The value + * @param Boolean $disabled Is the field enabled? + * @return string */ -function form_text_placeholder($name, $placeholder, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element('', ''); +function form_text_placeholder($name, $placeholder, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element('', + '' + ); } /** * Rendert ein Formular-Emailfeld + * + * @param string $name + * @param string $label + * @param string $value + * @param bool $disabled + * @return string */ -function form_email($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_email($name, $label, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element( + $label, + '', + 'form_' . $name + ); } /** * Rendert ein Formular-Dateifeld + * + * @param string $name + * @param string $label + * @return string */ -function form_file($name, $label) { - return form_element($label, '', 'form_' . $name); +function form_file($name, $label) +{ + return form_element($label, '', 'form_' . $name); } /** * Rendert ein Formular-Passwortfeld + * + * @param string $name + * @param string $label + * @param bool $disabled + * @return string */ -function form_password($name, $label, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_password($name, $label, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element( + $label, + '', + 'form_' . $name + ); } /** * Renders a password input with placeholder instead of label. + * + * @param string $name + * @param string $placeholder + * @param bool $disabled + * @return string */ -function form_password_placeholder($name, $placeholder, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element('', '', 'form_' . $name); +function form_password_placeholder($name, $placeholder, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element( + '', + '', + 'form_' . $name + ); } /** * Rendert ein Formular-Textfeld + * + * @param string $name + * @param string $label + * @param string $value + * @param bool $disabled + * @return string */ -function form_textarea($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_textarea($name, $label, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element( + $label, + '', + 'form_' . $name + ); } /** * Rendert ein Formular-Auswahlfeld + * + * @param string $name + * @param string $label + * @param string[] $values + * @param string $selected + * @return string */ -function form_select($name, $label, $values, $selected) { - return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name); +function form_select($name, $label, $values, $selected) +{ + return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name); } /** * Rendert ein Formular-Element + * + * @param string $label + * @param string $input + * @param string $for + * @return string */ -function form_element($label, $input, $for = "") { - if ($label == '') { - return '' . $input . '
';
- }
-
- return '' . '' . $input . '
';
+function form_element($label, $input, $for = '')
+{
+ if ($label == '') {
+ return '' . $input . '
';
+ }
+
+ return '' . '' . $input . '
';
}
/**
* Rendert ein Formular
+ *
+ * @param string[] $elements
+ * @param string $action
+ * @return string
*/
-function form($elements, $action = "") {
- return '';
+function form($elements, $action = '')
+{
+ return '';
}
-function html_options($name, $options, $selected = "") {
- $html = "";
- foreach ($options as $value => $label) {
- $html .= ' ' . $label;
- }
-
- return $html;
+/**
+ * @param string $name
+ * @param String[] $options
+ * @param string $selected
+ * @return string
+ */
+function html_options($name, $options, $selected = '')
+{
+ $html = '';
+ foreach ($options as $value => $label) {
+ $html .= ' ' . $label;
+ }
+
+ return $html;
}
-function html_select_key($dom_id, $name, $rows, $selected) {
- $html = '';
+ return $html;
}
-
-?>
\ No newline at end of file
diff --git a/includes/sys_log.php b/includes/sys_log.php
index 66c323c1..c4ef890e 100644
--- a/includes/sys_log.php
+++ b/includes/sys_log.php
@@ -4,36 +4,15 @@
* Write a log entry.
* This should be used to log user's activity.
*
- * @param
- * $message
+ * @param string $message
*/
-function engelsystem_log($message) {
- global $user;
-
- $nick = "Guest";
- if (isset($user)) {
- $nick = User_Nick_render($user);
- }
- LogEntry_create($nick, $message);
-}
+function engelsystem_log($message)
+{
+ global $user;
-/**
- * Generates a PHP Stacktrace.
- */
-function debug_string_backtrace() {
- ob_start();
- debug_print_backtrace();
- $trace = ob_get_contents();
- ob_end_clean();
-
- // Remove first item from backtrace as it's this function which
- // is redundant.
- $trace = preg_replace('/^#0\s+' . __FUNCTION__ . "[^\n]*\n/", '', $trace, 1);
-
- // Renumber backtrace items.
- // $trace = preg_replace('/^#(\d+)/me', '\'#\' . ($1 - 1)', $trace);
-
- return $trace;
+ $nick = "Guest";
+ if (isset($user)) {
+ $nick = User_Nick_render($user);
+ }
+ LogEntry_create($nick, $message);
}
-
-?>
\ No newline at end of file
diff --git a/includes/sys_menu.php b/includes/sys_menu.php
index cb90fb7b..0b7d6b37 100644
--- a/includes/sys_menu.php
+++ b/includes/sys_menu.php
@@ -1,185 +1,223 @@
addHint(admin_new_questions());
- $hints_renderer->addHint(user_angeltypes_unconfirmed_hint());
- $hints_renderer->addHint(render_user_departure_date_hint());
- $hints_renderer->addHint(user_driver_license_required_hint());
-
- // Important hints:
- $hints_renderer->addHint(render_user_freeloader_hint(), true);
- $hints_renderer->addHint(render_user_arrived_hint(), true);
- $hints_renderer->addHint(render_user_tshirt_hint(), true);
- $hints_renderer->addHint(render_user_dect_hint(), true);
- }
-
- return $hints_renderer->render();
+function header_render_hints()
+{
+ global $user;
+
+ $hints_renderer = new UserHintsRenderer();
+
+ if (isset($user)) {
+ $hints_renderer->addHint(admin_new_questions());
+ $hints_renderer->addHint(user_angeltypes_unconfirmed_hint());
+ $hints_renderer->addHint(render_user_departure_date_hint());
+ $hints_renderer->addHint(user_driver_license_required_hint());
+
+ // Important hints:
+ $hints_renderer->addHint(render_user_freeloader_hint(), true);
+ $hints_renderer->addHint(render_user_arrived_hint(), true);
+ $hints_renderer->addHint(render_user_tshirt_hint(), true);
+ $hints_renderer->addHint(render_user_dect_hint(), true);
+ }
+
+ return $hints_renderer->render();
}
/**
* Renders the header toolbar containing search, login/logout, user and settings links.
+ *
+ * @return string
*/
-function header_toolbar() {
- global $page, $privileges, $user;
-
- $toolbar_items = [];
-
- if (isset($user)) {
- $toolbar_items[] = toolbar_item_link(page_link_to('shifts') . '&action=next', 'time', User_shift_state_render($user));
- }
-
- if (! isset($user) && in_array('register', $privileges)) {
- $toolbar_items[] = toolbar_item_link(page_link_to('register'), 'plus', register_title(), $page == 'register');
- }
-
- if (in_array('login', $privileges)) {
- $toolbar_items[] = toolbar_item_link(page_link_to('login'), 'log-in', login_title(), $page == 'login');
- }
-
- if (isset($user) && in_array('user_messages', $privileges)) {
- $toolbar_items[] = toolbar_item_link(page_link_to('user_messages'), 'envelope', user_unread_messages());
- }
-
- $toolbar_items[] = header_render_hints();
- if (in_array('user_myshifts', $privileges)) {
- $toolbar_items[] = toolbar_item_link(page_link_to('users') . '&action=view', ' icon-icon_angel', $user['Nick'], $page == 'users');
- }
-
- $user_submenu = make_user_submenu();
- if (count($user_submenu) > 0) {
- $toolbar_items[] = toolbar_dropdown('', '', $user_submenu);
- }
-
- return toolbar($toolbar_items, true);
+function header_toolbar()
+{
+ global $page, $privileges, $user;
+
+ $toolbar_items = [];
+
+ if (isset($user)) {
+ $toolbar_items[] = toolbar_item_link(
+ page_link_to('shifts') . '&action=next',
+ 'time',
+ User_shift_state_render($user)
+ );
+ }
+
+ if (!isset($user) && in_array('register', $privileges)) {
+ $toolbar_items[] = toolbar_item_link(page_link_to('register'), 'plus', register_title(), $page == 'register');
+ }
+
+ if (in_array('login', $privileges)) {
+ $toolbar_items[] = toolbar_item_link(page_link_to('login'), 'log-in', login_title(), $page == 'login');
+ }
+
+ if (isset($user) && in_array('user_messages', $privileges)) {
+ $toolbar_items[] = toolbar_item_link(page_link_to('user_messages'), 'envelope', user_unread_messages());
+ }
+
+ $toolbar_items[] = header_render_hints();
+ if (in_array('user_myshifts', $privileges)) {
+ $toolbar_items[] = toolbar_item_link(
+ page_link_to('users') . '&action=view',
+ ' icon-icon_angel',
+ $user['Nick'],
+ $page == 'users'
+ );
+ }
+
+ $user_submenu = make_user_submenu();
+ if (count($user_submenu) > 0) {
+ $toolbar_items[] = toolbar_dropdown('', '', $user_submenu);
+ }
+
+ return toolbar($toolbar_items, true);
}
-function make_user_submenu() {
- global $privileges, $page;
-
- $user_submenu = make_langselect();
-
- if (in_array('user_settings', $privileges) || in_array('logout', $privileges)) {
- $user_submenu[] = toolbar_item_divider();
- }
-
- if (in_array('user_settings', $privileges)) {
- $user_submenu[] = toolbar_item_link(page_link_to('user_settings'), 'list-alt', settings_title(), $page == 'user_settings');
- }
-
- if (in_array('logout', $privileges)) {
- $user_submenu[] = toolbar_item_link(page_link_to('logout'), 'log-out', logout_title(), $page == 'logout');
- }
-
- return $user_submenu;
+/**
+ * @return array
+ */
+function make_user_submenu()
+{
+ global $privileges, $page;
+
+ $user_submenu = make_langselect();
+
+ if (in_array('user_settings', $privileges) || in_array('logout', $privileges)) {
+ $user_submenu[] = toolbar_item_divider();
+ }
+
+ if (in_array('user_settings', $privileges)) {
+ $user_submenu[] = toolbar_item_link(
+ page_link_to('user_settings'),
+ 'list-alt',
+ settings_title(),
+ $page == 'user_settings'
+ );
+ }
+
+ if (in_array('logout', $privileges)) {
+ $user_submenu[] = toolbar_item_link(page_link_to('logout'), 'log-out', logout_title(), $page == 'logout');
+ }
+
+ return $user_submenu;
}
-function make_navigation() {
- global $page, $privileges;
-
- $menu = [];
- $pages = [
- "news" => news_title(),
- "user_meetings" => meetings_title(),
- "user_shifts" => shifts_title(),
- "angeltypes" => angeltypes_title(),
- "user_questions" => questions_title()
- ];
-
- foreach ($pages as $menu_page => $title) {
- if (in_array($menu_page, $privileges)) {
- $menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
- }
- }
-
- $menu = make_room_navigation($menu);
-
- $admin_menu = [];
- $admin_pages = [
- "admin_arrive" => admin_arrive_title(),
- "admin_active" => admin_active_title(),
- "admin_user" => admin_user_title(),
- "admin_free" => admin_free_title(),
- "admin_questions" => admin_questions_title(),
- "shifttypes" => shifttypes_title(),
- "admin_shifts" => admin_shifts_title(),
- "admin_rooms" => admin_rooms_title(),
- "admin_groups" => admin_groups_title(),
- "admin_import" => admin_import_title(),
- "admin_log" => admin_log_title(),
- "admin_event_config" => event_config_title()
- ];
-
- foreach ($admin_pages as $menu_page => $title) {
- if (in_array($menu_page, $privileges)) {
- $admin_menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
- }
- }
-
- if (count($admin_menu) > 0) {
- $menu[] = toolbar_dropdown('', _("Admin"), $admin_menu);
- }
-
- return toolbar($menu);
+/**
+ * @return string
+ */
+function make_navigation()
+{
+ global $page, $privileges;
+
+ $menu = [];
+ $pages = [
+ 'news' => news_title(),
+ 'user_meetings' => meetings_title(),
+ 'user_shifts' => shifts_title(),
+ 'angeltypes' => angeltypes_title(),
+ 'user_questions' => questions_title()
+ ];
+
+ foreach ($pages as $menu_page => $title) {
+ if (in_array($menu_page, $privileges)) {
+ $menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
+ }
+ }
+
+ $menu = make_room_navigation($menu);
+
+ $admin_menu = [];
+ $admin_pages = [
+ 'admin_arrive' => admin_arrive_title(),
+ 'admin_active' => admin_active_title(),
+ 'admin_user' => admin_user_title(),
+ 'admin_free' => admin_free_title(),
+ 'admin_questions' => admin_questions_title(),
+ 'shifttypes' => shifttypes_title(),
+ 'admin_shifts' => admin_shifts_title(),
+ 'admin_rooms' => admin_rooms_title(),
+ 'admin_groups' => admin_groups_title(),
+ 'admin_import' => admin_import_title(),
+ 'admin_log' => admin_log_title(),
+ 'admin_event_config' => event_config_title()
+ ];
+
+ foreach ($admin_pages as $menu_page => $title) {
+ if (in_array($menu_page, $privileges)) {
+ $admin_menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
+ }
+ }
+
+ if (count($admin_menu) > 0) {
+ $menu[] = toolbar_dropdown('', _('Admin'), $admin_menu);
+ }
+
+ return toolbar($menu);
}
/**
* Adds room navigation to the given menu.
*
- * @param string[] $menu
- * Rendered menu
+ * @param string[] $menu Rendered menu
+ * @return string[]
*/
-function make_room_navigation($menu) {
- global $privileges;
-
- if (! in_array('view_rooms', $privileges)) {
+function make_room_navigation($menu)
+{
+ global $privileges;
+
+ if (!in_array('view_rooms', $privileges)) {
+ return $menu;
+ }
+
+ $rooms = Rooms();
+ $room_menu = [];
+ if (in_array('admin_rooms', $privileges)) {
+ $room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _('Manage rooms'));
+ }
+ if (count($room_menu) > 0) {
+ $room_menu[] = toolbar_item_divider();
+ }
+ foreach ($rooms as $room) {
+ $room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']);
+ }
+ if (count($room_menu) > 0) {
+ $menu[] = toolbar_dropdown('map-marker', _('Rooms'), $room_menu);
+ }
return $menu;
- }
-
- //get a list of all rooms
- $rooms = Rooms(true);
-
- $room_menu = [];
- if (in_array('admin_rooms', $privileges)) {
- $room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _("Manage rooms"));
- }
- if (count($room_menu) > 0) {
- $room_menu[] = toolbar_item_divider();
- }
- foreach ($rooms as $room) {
- if($room['show'] == 'Y' || // room is public
- ($room['show'] != 'Y' && in_array('admin_rooms', $privileges)) // room is not public, but user can admin_rooms
- ) {
- $room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']);
- }
- }
- if (count($room_menu > 0)) {
- $menu[] = toolbar_dropdown('map-marker', _("Rooms"), $room_menu);
- }
- return $menu;
}
-function make_menu() {
- return make_navigation();
+/**
+ * @return string
+ */
+function make_menu()
+{
+ return make_navigation();
}
-
-?>
diff --git a/includes/sys_page.php b/includes/sys_page.php
index 82ce9896..b2199988 100644
--- a/includes/sys_page.php
+++ b/includes/sys_page.php
@@ -8,184 +8,200 @@ use Engelsystem\ValidationResult;
/**
* Parse a date from da day and a time textfield.
*
- * @param string $date_name
- * Name of the textfield containing the day (format Y-m-d)
- * @param string $time_name
- * Name of the textfield containing the time (format H:i)
- * @param string[] $allowed_days
- * List of allowed days in format Y-m-d
- * @param int $default_value
- * Default value unix timestamp
+ * @param string $date_name Name of the textfield containing the day (format Y-m-d)
+ * @param string $time_name Name of the textfield containing the time (format H:i)
+ * @param string[] $allowed_days List of allowed days in format Y-m-d
+ * @param int $default_value Default value unix timestamp
+ * @return int|null
*/
-function check_request_datetime($date_name, $time_name, $allowed_days, $default_value) {
- $time = date("H:i", $default_value);
- $day = date("Y-m-d", $default_value);
-
- if (isset($_REQUEST[$time_name]) && preg_match('#^\d{1,2}:\d\d$#', trim($_REQUEST[$time_name]))) {
- $time = trim($_REQUEST[$time_name]);
- }
- if (isset($_REQUEST[$date_name]) && in_array($_REQUEST[$date_name], $allowed_days)) {
- $day = $_REQUEST[$date_name];
- }
-
- return parse_date("Y-m-d H:i", $day . " " . $time);
+function check_request_datetime($date_name, $time_name, $allowed_days, $default_value)
+{
+ $time = date('H:i', $default_value);
+ $day = date('Y-m-d', $default_value);
+
+ if (isset($_REQUEST[$time_name]) && preg_match('#^\d{1,2}:\d\d$#', trim($_REQUEST[$time_name]))) {
+ $time = trim($_REQUEST[$time_name]);
+ }
+ if (isset($_REQUEST[$date_name]) && in_array($_REQUEST[$date_name], $allowed_days)) {
+ $day = $_REQUEST[$date_name];
+ }
+
+ return parse_date('Y-m-d H:i', $day . ' ' . $time);
}
/**
* Parse a date into unix timestamp
*
- * @param string $pattern
- * The date pattern (i.e. Y-m-d H:i)
- * @param string $value
- * The string to parse
- * @return The parsed unix timestamp
+ * @param string $pattern The date pattern (i.e. Y-m-d H:i)
+ * @param string $value The string to parse
+ * @return int|null The parsed unix timestamp
*/
-function parse_date($pattern, $value) {
- $datetime = DateTime::createFromFormat($pattern, trim($value));
- if ($datetime == null) {
- return null;
- }
- return $datetime->getTimestamp();
+function parse_date($pattern, $value)
+{
+ $datetime = DateTime::createFromFormat($pattern, trim($value));
+ if ($datetime == null) {
+ return null;
+ }
+ return $datetime->getTimestamp();
}
/**
* Leitet den Browser an die übergebene URL weiter und hält das Script an.
+ *
+ * @param string $url
*/
-function redirect($url) {
- header("Location: " . $url, true, 302);
- raw_output("");
+function redirect($url)
+{
+ header('Location: ' . $url, true, 302);
+ raw_output('');
}
/**
* Echoes given output and dies.
*
- * @param String $output
- * String to display
+ * @param String $output String to display
*/
-function raw_output($output) {
- echo $output;
- die();
+function raw_output($output = '')
+{
+ echo $output;
+ die();
}
/**
* Helper function for transforming list of entities into array for select boxes.
*
- * @param array $data
- * The data array
- * @param string $key_name
- * name of the column to use as id/key
- * @param string $value_name
- * name of the column to use as displayed value
+ * @param array $data The data array
+ * @param string $key_name name of the column to use as id/key
+ * @param string $value_name name of the column to use as displayed value
+ *
+ * @return array
*/
-function select_array($data, $key_name, $value_name) {
- $ret = [];
- foreach ($data as $value) {
- $ret[$value[$key_name]] = $value[$value_name];
- }
- return $ret;
+function select_array($data, $key_name, $value_name)
+{
+ $return = [];
+ foreach ($data as $value) {
+ $return[$value[$key_name]] = $value[$value_name];
+ }
+ return $return;
}
/**
* Returns an int[] from given request param name.
*
- * @param String $name
- * Name of the request param
- * @param array';
+/**
+ * @param int $valuemin
+ * @param int $valuemax
+ * @param int $valuenow
+ * @param string $class
+ * @param string $content
+ * @return string
+ */
+function progress_bar($valuemin, $valuemax, $valuenow, $class = '', $content = '')
+{
+ return '
'
+ . ''
+ . '
';
}
/**
* Render glyphicon
*
- * @param string $glyph_name
+ * @param string $glyph_name
+ * @return string
*/
-function glyph($glyph_name) {
- return ' ';
+function glyph($glyph_name)
+{
+ return ' ';
}
/**
* Renders a tick or a cross by given boolean
*
- * @param boolean $boolean
+ * @param boolean $boolean
+ * @return string
*/
-function glyph_bool($boolean) {
- return '' . glyph($boolean ? 'ok' : 'remove') . '';
+function glyph_bool($boolean)
+{
+ return '' . glyph($boolean ? 'ok' : 'remove') . '';
}
-function div($class, $content = [], $dom_id = "") {
- if (is_array($content)) {
- $content = join("\n", $content);
- }
- $dom_id = $dom_id != '' ? ' id="' . $dom_id . '"' : '';
- return '