kontakt
/
engelsystem
Archived
3
0
Fork 0
Code Issues 12 Pull Requests Projects Releases Wiki Activity

Merge branch 'pr/316' into feature-igel-rewrite

Browse Source
main
msquare 9 years ago
parent a5fc5bd097 cd30017b97
commit 56814fa2fd
109 changed files with 13589 additions and 9737 deletions
Show Stats Download Patch File Download Diff File

4
.gitignore vendored
Unescape Escape View File

@ -20,3 +20,7 @@ _vimrc_local.vim
# Project files
/config/config.php
/test/coverage
# Composer files
/vendor/
/composer.lock

6
.gitmodules vendored
Unescape Escape View File

@ -1,6 +0,0 @@
[submodule "vendor/parsedown"]
path = vendor/parsedown
url = https://github.com/erusev/parsedown.git
[submodule "vendor/bootstrap"]
path = themes/assets/bootstrap
url = https://github.com/twbs/bootstrap.git

4
README-ENG.md
Unescape Escape View File

@ -6,7 +6,9 @@
* Webserver, i.e. lighttpd, nginx, or Apache
## Directions:
* Clone the master branch with the submodules: `git clone --recursive https://github.com/engelsystem/engelsystem.git`
* Clone the master branch: `git clone https://github.com/engelsystem/engelsystem.git`
* Install [Composer](https://getcomposer.org/download/)
* Install project dependencies: `composer install`
* Webserver must have write access to the 'import' directory and read access for all other directories
* Webserver must be public.

4
README.md
Unescape Escape View File

@ -9,7 +9,9 @@
* Webserver mit PHP-Anbindung, z.B. lighttpd, nginx oder Apache
## Vorgehen:
* Klonen des `master` inkl. submodules in lokales Verzeichnis: `git clone --recursive https://github.com/engelsystem/engelsystem.git`
* Klonen des `master` in lokales Verzeichnis: `git clone https://github.com/engelsystem/engelsystem.git`
* [Composer](https://getcomposer.org/download/) installieren
* Abhängigkeiten installieren: `composer install`
* Der Webserver muss Schreibrechte auf das Verzeichnis `import` bekommen, für alle anderen Dateien reichen Leserechte.
* Der Webserver muss auf `public` als http-root zeigen.

29
composer.json
Unescape Escape View File

@ -0,0 +1,29 @@
{
"name": "engelsystem/engelsystem",
"description": "Shift planning system for chaos events",
"type": "project",
"license": "GPL-2.0",
"authors": [
{
"name": "msquare",
"email": "msquare@notrademark.de"
},
{
"name": "MyIgel",
"email": "igor.scheller@igorshp.de"
}
],
"require": {
"php": ">=5.4",
"erusev/parsedown": "1.6.*",
"twbs/bootstrap": "^3.3"
},
"autoload": {
"psr-4": {
"Engelsystem\\": "src/"
},
"files": [
"src/helpers.php"
]
}
}

125
config/config.default.php
Unescape Escape View File

@ -1,70 +1,107 @@
<?php
// Enable maintenance mode (showin a static page)
$maintenance_mode = false;
// To change settings create a config.php
return [
// MySQL-Connection Settings
'database' => [
'host' => 'localhost',
'user' => 'root',
'pw' => '',
'db' => 'engelsystem',
],
// For accessing stats
'api_key' => '',
// Enable maintenance mode (show a static page)
'maintenance' => false,
// Set to development to enable debugging messages
'environment' => 'production',
// URL to the angel faq and job description
$faq_url = "https://events.ccc.de/congress/2013/wiki/Static:Volunteers";
'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers',
// contact email address, linked on every page
$contact_email = "mailto:ticket@c3heaven.de";
$no_reply_email = "noreply@engelsystem.de";
// Contact email address, linked on every page
'contact_email' => 'mailto:ticket@c3heaven.de',
// Default-Theme auf der Startseite, 1=style1.css usw.
$default_theme = 1;
// Default theme of the start page, 1=style1.css
'theme' => 1,
// Anzahl der News, die auf einer Seite ausgeben werden koennen...
$DISPLAY_NEWS = 6;
// Number of News shown on one site
'display_news' => 6,
// Anzahl Stunden bis zum Austragen eigener Schichten
$LETZTES_AUSTRAGEN = 3;
'last_unsubscribe' => 3,
// Setzt den zu verwendenden Crypto-Algorismus (entsprechend der Dokumentation von crypt()).
// Falls ein Benutzerpasswort in einem anderen Format gespeichert ist,
// wird es bei der ersten Benutzung des Klartext-Passworts in das neue Format
// konvertiert.
// $crypt_alg = '$1'; // MD5
// $crypt_alg = '$2y$13'; // Blowfish
// $crypt_alg = '$5$rounds=5000'; // SHA-256
$crypt_alg = '$6$rounds=5000'; // SHA-512
// MD5 '$1'
// Blowfish '$2y$13'
// SHA-256 '$5$rounds=5000'
// SHA-512 '$6$rounds=5000'
'crypt_alg' => '$6$rounds=5000', // SHA-512
$min_password_length = 8;
'min_password_length' => 8,
// Wenn Engel beim Registrieren oder in ihrem Profil eine T-Shirt Größe angeben sollen, auf true setzen:
$enable_tshirt_size = true;
'enable_tshirt_size' => true,
// Number of shifts to freeload until angel is locked for shift signup.
$max_freeloadable_shifts = 2;
'max_freeloadable_shifts' => 2,
// local timezone
date_default_timezone_set("Europe/Berlin");
'timezone' => 'Europe/Berlin',
// weigh every shift the same
//'shift_sum_formula' => 'SUM(`end` - `start`)',
// multiply "night shifts" and freeloaded shifts (start or end between 2 and 6 exclusive) by 2
$shift_sum_formula = "SUM(
(1+(
// Multiply 'night shifts' and freeloaded shifts (start or end between 2 and 6 exclusive) by 2
'shift_sum_formula' => '
SUM(
(1 +
(
(HOUR(FROM_UNIXTIME(`Shifts`.`end`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) < 6)
OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`start`)) < 6)
OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) <= 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) >= 6)
))*(`Shifts`.`end` - `Shifts`.`start`)*(1 - 3 * `ShiftEntry`.`freeloaded`)
)";
// voucher calculation
$voucher_settings = [
"initial_vouchers" => 2,
"shifts_per_voucher" => 1
];
// weigh every shift the same
// $shift_sum_formula = "SUM(`end` - `start`)";
// For accessing stats
$api_key = "";
// MySQL-Connection Settings
$config = [
'host' => "localhost",
'user' => "root",
'pw' => "",
'db' => "engelsystem"
)
)
* (`Shifts`.`end` - `Shifts`.`start`)
* (1 - 3 * `ShiftEntry`.`freeloaded`)
)
',
// Voucher calculation
'voucher_settings' => [
'initial_vouchers' => 2,
'shifts_per_voucher' => 1,
],
// Available locales in /locale/
'locales' => [
'de_DE.UTF-8' => 'Deutsch',
'en_US.UTF-8' => 'English',
],
'default_locale' => 'en_US.UTF-8',
// Available T-Shirt sizes, set value to null if not available
'tshirt_sizes' => [
'' => _('Please select...'),
'S' => 'S',
'M' => 'M',
'L' => 'L',
'XL' => 'XL',
'2XL' => '2XL',
'3XL' => '3XL',
'4XL' => '4XL',
'5XL' => '5XL',
'S-G' => 'S Girl',
'M-G' => 'M Girl',
'L-G' => 'L Girl',
'XL-G' => 'XL Girl',
],
];
?>

108
includes/controller/angeltypes_controller.php
Unescape Escape View File

@ -2,21 +2,24 @@
/**
* Text for Angeltype related links.
*
* @return string
*/
function angeltypes_title() {
return _("Angeltypes");
function angeltypes_title()
{
return _('Angeltypes');
}
/**
* Route angeltype actions.
*
* @return array
*/
function angeltypes_controller() {
function angeltypes_controller()
{
$action = strip_request_item('action', 'list');
switch ($action) {
default:
case 'list':
return angeltypes_list_controller();
case 'view':
return angeltype_controller();
case 'edit':
@ -25,22 +28,30 @@ function angeltypes_controller() {
return angeltype_delete_controller();
case 'about':
return angeltypes_about_controller();
case 'list':
default:
return angeltypes_list_controller();
}
}
/**
* Path to angeltype view.
*
* @param AngelType $angeltype_id
* @param int $angeltype_id AngelType id
* @return string
*/
function angeltype_link($angeltype_id) {
function angeltype_link($angeltype_id)
{
return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id;
}
/**
* Job description for all angeltypes (public to everyone)
*
* @return array
*/
function angeltypes_about_controller() {
function angeltypes_about_controller()
{
global $user;
if (isset($user)) {
@ -50,15 +61,18 @@ function angeltypes_about_controller() {
}
return [
_("Teams/Job description"),
_('Teams/Job description'),
AngelTypes_about_view($angeltypes, isset($user))
];
}
/**
* Delete an Angeltype.
*
* @return array
*/
function angeltype_delete_controller() {
function angeltype_delete_controller()
{
global $privileges;
if (!in_array('admin_angel_types', $privileges)) {
@ -69,20 +83,23 @@ function angeltype_delete_controller() {
if (isset($_REQUEST['confirmed'])) {
AngelType_delete($angeltype);
success(sprintf(_("Angeltype %s deleted."), AngelType_name_render($angeltype)));
success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes'));
}
return [
sprintf(_("Delete angeltype %s"), $angeltype['name']),
sprintf(_('Delete angeltype %s'), $angeltype['name']),
AngelType_delete_view($angeltype)
];
}
/**
* Change an Angeltype.
*
* @return array
*/
function angeltype_edit_controller() {
function angeltype_edit_controller()
{
global $privileges, $user;
// In supporter mode only allow to modify description
@ -113,7 +130,7 @@ function angeltype_edit_controller() {
$angeltype['name'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
error(_("Please check the name. Maybe it already exists."));
error(_('Please check the name. Maybe it already exists.'));
}
}
@ -132,21 +149,24 @@ function angeltype_edit_controller() {
$angeltype = AngelType_create($angeltype);
}
success("Angel type saved.");
success('Angel type saved.');
redirect(angeltype_link($angeltype['id']));
}
}
return [
sprintf(_("Edit %s"), $angeltype['name']),
sprintf(_('Edit %s'), $angeltype['name']),
AngelType_edit_view($angeltype, $supporter_mode)
];
}
/**
* View details of a given angeltype.
*
* @return array
*/
function angeltype_controller() {
function angeltype_controller()
{
global $privileges, $user;
if (!in_array('angeltypes', $privileges)) {
@ -159,15 +179,27 @@ function angeltype_controller() {
$members = Users_by_angeltype($angeltype);
return [
sprintf(_("Team %s"), $angeltype['name']),
AngelType_view($angeltype, $members, $user_angeltype, in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'], in_array('admin_angel_types', $privileges), $user_angeltype['supporter'], $user_driver_license, $user)
sprintf(_('Team %s'), $angeltype['name']),
AngelType_view(
$angeltype,
$members,
$user_angeltype,
in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'],
in_array('admin_angel_types', $privileges),
$user_angeltype['supporter'],
$user_driver_license,
$user
)
];
}
/**
* View a list of all angeltypes.
*
* @return array
*/
function angeltypes_list_controller() {
function angeltypes_list_controller()
{
global $privileges, $user;
if (!in_array('angeltypes', $privileges)) {
@ -178,19 +210,35 @@ function angeltypes_list_controller() {
foreach ($angeltypes as &$angeltype) {
$actions = [
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("view"), "btn-xs")
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('view'), 'btn-xs')
];
if (in_array('admin_angel_types', $privileges)) {
$actions[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), "btn-xs");
$actions[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), "btn-xs");
$actions[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
_('edit'),
'btn-xs'
);
$actions[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
_('delete'),
'btn-xs'
);
}
$angeltype['membership'] = AngelType_render_membership($angeltype);
if ($angeltype['user_angeltype_id'] != null) {
$actions[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), "btn-xs");
$actions[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
_('leave'),
'btn-xs'
);
} else {
$actions[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), "btn-xs");
$actions[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
_('join'),
'btn-xs'
);
}
$angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : '';
@ -209,18 +257,20 @@ function angeltypes_list_controller() {
/**
* Loads an angeltype from given angeltype_id request param.
*
* @return array
*/
function load_angeltype() {
function load_angeltype()
{
if (!isset($_REQUEST['angeltype_id'])) {
redirect(page_link_to('angeltypes'));
}
$angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype == null) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist . '));
redirect(page_link_to('angeltypes'));
}
return $angeltype;
}
?>

60
includes/controller/event_config_controller.php
Unescape Escape View File

@ -1,10 +1,18 @@
<?php
function event_config_title() {
return _("Event config");
/**
* @return string
*/
function event_config_title()
{
return _('Event config');
}
function event_config_edit_controller() {
/**
* @return array
*/
function event_config_edit_controller()
{
global $privileges;
if (!in_array('admin_event_config', $privileges)) {
@ -45,59 +53,75 @@ function event_config_edit_controller() {
$event_welcome_msg = null;
}
$result = check_request_date('buildup_start_date', _("Please enter buildup start date."), true);
$result = check_request_date('buildup_start_date', _('Please enter buildup start date.'), true);
$buildup_start_date = $result->getValue();
$valid &= $result->isValid();
$result = check_request_date('event_start_date', _("Please enter event start date."), true);
$result = check_request_date('event_start_date', _('Please enter event start date.'), true);
$event_start_date = $result->getValue();
$valid &= $result->isValid();
$result = check_request_date('event_end_date', _("Please enter event end date."), true);
$result = check_request_date('event_end_date', _('Please enter event end date.'), true);
$event_end_date = $result->getValue();
$valid &= $result->isValid();
$result = check_request_date('teardown_end_date', _("Please enter teardown end date."), true);
$result = check_request_date('teardown_end_date', _('Please enter teardown end date.'), true);
$teardown_end_date = $result->getValue();
$valid &= $result->isValid();
if ($buildup_start_date != null && $event_start_date != null && $buildup_start_date > $event_start_date) {
$valid = false;
error(_("The buildup start date has to be before the event start date."));
error(_('The buildup start date has to be before the event start date.'));
}
if ($event_start_date != null && $event_end_date != null && $event_start_date > $event_end_date) {
$valid = false;
error(_("The event start date has to be before the event end date."));
error(_('The event start date has to be before the event end date.'));
}
if ($event_end_date != null && $teardown_end_date != null && $event_end_date > $teardown_end_date) {
$valid = false;
error(_("The event end date has to be before the teardown end date."));
error(_('The event end date has to be before the teardown end date.'));
}
if ($buildup_start_date != null && $teardown_end_date != null && $buildup_start_date > $teardown_end_date) {
$valid = false;
error(_("The buildup start date has to be before the teardown end date."));
error(_('The buildup start date has to be before the teardown end date.'));
}
if ($valid) {
$result = EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg);
$result = EventConfig_update(
$event_name,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date,
$event_welcome_msg
);
if ($result === false) {
engelsystem_error("Unable to update event config.");
engelsystem_error('Unable to update event config.');
}
engelsystem_log("Changed event config: $event_name, $event_welcome_msg, " . date("Y-m-d", $buildup_start_date) . ", " . date("Y-m-d", $event_start_date) . ", " . date("Y-m-d", $event_end_date) . ", " . date("Y-m-d", $teardown_end_date));
success(_("Settings saved."));
engelsystem_log(
'Changed event config: $event_name, $event_welcome_msg, '
. date('Y-m-d', $buildup_start_date) . ', ' . date('Y-m-d', $event_start_date) . ', '
. date('Y-m-d', $event_end_date) . ', ' . date('Y-m-d', $teardown_end_date)
);
success(_('Settings saved.'));
redirect(page_link_to('admin_event_config'));
}
}
return [
event_config_title(),
EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date)
EventConfig_edit_view(
$event_name,
$event_welcome_msg,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date
)
];
}
?>

65
includes/controller/rooms_controller.php
Unescape Escape View File

@ -1,7 +1,6 @@
<?php
use Engelsystem\ShiftsFilterRenderer;
use Engelsystem\ShiftsFilter;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilterRenderer;
/**
* Room controllers for managing everything room related.
@ -9,42 +8,41 @@ use Engelsystem\ShiftCalendarRenderer;
/**
* View a room with its shifts.
*
* @return array
*/
function room_controller() {
function room_controller()
{
global $privileges;
if (!in_array('view_rooms', $privileges)) {
redirect(page_link_to());
}
$room = load_room();
if($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) {
redirect(page_link_to());
}
$all_shifts = Shifts_by_room($room);
$days = [];
foreach ($all_shifts as $shift) {
$day = date("Y-m-d", $shift['start']);
$day = date('Y-m-d', $shift['start']);
if (!in_array($day, $days)) {
$days[] = $day;
}
}
$shiftsFilter = new ShiftsFilter(true, [
$room['RID']
], AngelType_ids());
$selected_day = date("Y-m-d");
$shiftsFilter = new ShiftsFilter(
true,
[$room['RID']],
AngelType_ids()
);
$selected_day = date('Y-m-d');
if (!empty($days)) {
$selected_day = $days[0];
}
if (isset($_REQUEST['shifts_filter_day'])) {
$selected_day = $_REQUEST['shifts_filter_day'];
}
$shiftsFilter->setStartTime(parse_date("Y-m-d H:i", $selected_day . ' 00:00'));
$shiftsFilter->setEndTime(parse_date("Y-m-d H:i", $selected_day . ' 23:59'));
$shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00'));
$shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59'));
$shiftsFilterRenderer = new ShiftsFilterRenderer($shiftsFilter);
$shiftsFilterRenderer->enableDaySelection($days);
@ -59,33 +57,52 @@ function room_controller() {
/**
* Dispatch different room actions.
*
* @return array
*/
function rooms_controller() {
function rooms_controller()
{
if (!isset($_REQUEST['action'])) {
$_REQUEST['action'] = 'list';
}
switch ($_REQUEST['action']) {
default:
case 'list':
redirect(page_link_to('admin_rooms'));
case 'view':
return room_controller();
case 'list':
default:
redirect(page_link_to('admin_rooms'));
break;
}
exit;
}
function room_link($room) {
/**
* @param array $room
* @return string
*/
function room_link($room)
{
return page_link_to('rooms') . '&action=view&room_id=' . $room['RID'];
}
function room_edit_link($room) {
/**
* @param array $room
* @return string
*/
function room_edit_link($room)
{
return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'];
}
/**
* Loads room by request param room_id
*
* @return array
*/
function load_room() {
function load_room()
{
if (!test_request_int('room_id')) {
redirect(page_link_to());
}
@ -97,5 +114,3 @@ function load_room() {
return $room;
}
?>

178
includes/controller/shift_entries_controller.php
Unescape Escape View File

@ -1,19 +1,25 @@
<?php
use Engelsystem\Database\DB;
/**
* Sign up for a shift.
*
* @return string
*/
function shift_entry_add_controller() {
function shift_entry_add_controller()
{
global $privileges, $user;
if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) {
$shift_id = 0;
if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) {
$shift_id = $_REQUEST['shift_id'];
} else {
redirect(page_link_to('user_shifts'));
}
// Locations laden
$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
$rooms = Rooms();
$room_array = [];
foreach ($rooms as $room) {
$room_array[$room['RID']] = $room['Name'];
@ -25,7 +31,8 @@ function shift_entry_add_controller() {
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) {
$type_id = 0;
if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) {
$type_id = $_REQUEST['type_id'];
} else {
redirect(page_link_to('user_shifts'));
@ -34,15 +41,35 @@ function shift_entry_add_controller() {
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
$type = AngelType($type_id);
} else {
$type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL))");
$type = $type[0];
// TODO: Move queries to model
$type = DB::select('
SELECT *
FROM `UserAngelTypes`
JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`)
WHERE `AngelTypes`.`id` = ?
AND (
`AngelTypes`.`restricted` = 0
OR (
`UserAngelTypes`.`user_id` = ?
AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL
)
)
', [$type_id, $user['UID']]);
$type = array_shift($type);
}
if ($type == null) {
if (empty($type)) {
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges))) {
if (
isset($_REQUEST['user_id'])
&& preg_match('/^\d*$/', $_REQUEST['user_id'])
&& (
in_array('user_shifts_admin', $privileges)
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)
)
) {
$user_id = $_REQUEST['user_id'];
} else {
$user_id = $user['UID'];
@ -51,32 +78,52 @@ function shift_entry_add_controller() {
$needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type);
$shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']);
$shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type, null, null, $needed_angeltype, $shift_entries);
$shift_signup_allowed = Shift_signup_allowed(
User($user_id),
$shift,
$type,
null,
null,
$needed_angeltype,
$shift_entries
);
if (!$shift_signup_allowed->isSignupAllowed()) {
error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running."));
error(_('You are not allowed to sign up for this shift. Maybe shift is full or already running.'));
redirect(shift_link($shift));
}
if (isset($_REQUEST['submit'])) {
$selected_type_id = $type_id;
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter',
$privileges)
) {
if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) {
if (count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=? LIMIT 1', [$user_id])) == 0) {
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) {
if (
isset($_REQUEST['angeltype_id'])
&& test_request_int('angeltype_id')
&& count(DB::select(
'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1',
[$_REQUEST['angeltype_id']]
)) > 0
) {
$selected_type_id = $_REQUEST['angeltype_id'];
}
}
if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) {
return error("This angel does already have an entry for this shift.", true);
if (count(DB::select(
'SELECT `id` FROM `ShiftEntry` WHERE `SID`= ? AND `UID` = ?',
[$shift['SID'], $user_id]))
) {
return error('This angel does already have an entry for this shift.', true);
}
$freeloaded = $shift['freeloaded'];
$freeload_comment = $shift['freeload_comment'];
if (in_array("user_shifts_admin", $privileges)) {
$freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false;
$freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : '';
if (in_array('user_shifts_admin', $privileges)) {
$freeloaded = isset($_REQUEST['freeloaded']);
$freeload_comment = strip_request_item_nl('freeload_comment');
}
@ -94,25 +141,52 @@ function shift_entry_add_controller() {
engelsystem_error('Unable to create shift entry.');
}
if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "'") == 0) {
sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')");
if (
$type['restricted'] == 0
&& count(DB::select('
SELECT `UserAngelTypes`.`id` FROM `UserAngelTypes`
INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id`
WHERE `angeltype_id` = ?
AND `user_id` = ?
', [$selected_type_id, $user_id])) == 0
) {
DB::insert(
'INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES (?, ?)',
[$user_id, $selected_type_id]
);
}
$user_source = User($user_id);
engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
success(_("You are subscribed. Thank you!") . ' <a href="' . page_link_to('user_myshifts') . '">' . _("My shifts") . ' &raquo;</a>');
engelsystem_log(
'User ' . User_Nick_render($user_source)
. ' signed up for shift ' . $shift['name']
. ' from ' . date('Y-m-d H:i', $shift['start'])
. ' to ' . date('Y-m-d H:i', $shift['end'])
);
success(_('You are subscribed. Thank you!') . ' <a href="' . page_link_to('user_myshifts') . '">' . _('My shifts') . ' &raquo;</a>');
redirect(shift_link($shift));
}
$angeltype_select = '';
if (in_array('user_shifts_admin', $privileges)) {
$users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`");
$users = DB::select('
SELECT *,
(
SELECT count(*)
FROM `ShiftEntry`
WHERE `freeloaded`=1
AND `ShiftEntry`.`UID`=`User`.`UID`
) AS `freeloaded`
FROM `User`
ORDER BY `Nick`
');
$users_select = [];
foreach ($users as $usr) {
$users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")");
$users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? '' : ' (' . _('Freeloader') . ')');
}
$user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']);
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`');
$angeltypes = [];
foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype['name'];
@ -141,13 +215,26 @@ function shift_entry_add_controller() {
$angeltype_select = $type['name'];
}
return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' &ndash; ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "", false, null, in_array('user_shifts_admin', $privileges));
return ShiftEntry_edit_view(
$user_text,
date('Y-m-d H:i', $shift['start'])
. ' &ndash; '
. date('Y-m-d H:i', $shift['end'])
. ' (' . shift_length($shift) . ')',
$shift['Name'],
$shift['name'],
$angeltype_select, '',
false,
null,
in_array('user_shifts_admin', $privileges)
);
}
/**
* Remove somebody from a shift.
*/
function shift_entry_delete_controller() {
function shift_entry_delete_controller()
{
global $privileges, $user;
if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) {
@ -155,19 +242,31 @@ function shift_entry_delete_controller() {
}
$entry_id = $_REQUEST['entry_id'];
$shift_entry_source = sql_select("
SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type`, `AngelTypes`.`id` as `angeltype_id`
$shift_entry_source = DB::select('
SELECT
`User`.`Nick`,
`ShiftEntry`.`Comment`,
`ShiftEntry`.`UID`,
`ShiftTypes`.`name`,
`Shifts`.*,
`Room`.`Name`,
`AngelTypes`.`name` AS `angel_type`,
`AngelTypes`.`id` AS `angeltype_id`
FROM `ShiftEntry`
JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`)
JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'");
WHERE `ShiftEntry`.`id`=?',
[$entry_id]
);
if (count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0];
$shift_entry_source = array_shift($shift_entry_source);
if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) {
if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter',
$privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))
) {
redirect(page_link_to('user_shifts'));
}
@ -176,12 +275,17 @@ function shift_entry_delete_controller() {
engelsystem_error('Unable to delete shift entry.');
}
engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("Y-m-d H:i", $shift_entry_source['start']) . " to " . date("Y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
success(_("Shift entry deleted."));
engelsystem_log(
'Deleted ' . User_Nick_render($shift_entry_source) . '\'s shift: ' . $shift_entry_source['name']
. ' at ' . $shift_entry_source['Name']
. ' from ' . date('Y-m-d H:i', $shift_entry_source['start'])
. ' to ' . date('Y-m-d H:i', $shift_entry_source['end'])
. ' as ' . $shift_entry_source['angel_type']
);
success(_('Shift entry deleted.'));
} else {
error(_("Entry not found."));
error(_('Entry not found.'));
}
redirect(shift_link($shift_entry_source));
}
?>

193
includes/controller/shifts_controller.php
Unescape Escape View File

@ -1,26 +1,48 @@
<?php
use Engelsystem\ShiftSignupState;
function shift_link($shift) {
return page_link_to('shifts') . '&action=view&shift_id=' . $shift['SID'];
/**
* @param array $shift
* @return string
*/
function shift_link($shift)
{
$link = page_link_to('shifts') . '&action=view';
if (isset($shift['SID'])) {
$link .= '&shift_id=' . $shift['SID'];
}
return $link;
}
function shift_delete_link($shift) {
/**
* @param array $shift
* @return string
*/
function shift_delete_link($shift)
{
return page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'];
}
function shift_edit_link($shift) {
/**
* @param array $shift
* @return string
*/
function shift_edit_link($shift)
{
return page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'];
}
/**
* Edit a single shift.
*
* @return string
*/
function shift_edit_controller() {
function shift_edit_controller()
{
global $privileges;
// Schicht bearbeiten
$msg = "";
$msg = '';
$valid = true;
if (!in_array('admin_shifts', $privileges)) {
@ -56,11 +78,11 @@ function shift_edit_controller() {
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
$rid = $_REQUEST['rid'];
} else {
$valid = false;
$msg .= error(_("Please select a room."), true);
$msg .= error(_('Please select a room.'), true);
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
@ -70,23 +92,23 @@ function shift_edit_controller() {
$msg .= error(_('Please select a shifttype.'), true);
}
if (isset($_REQUEST['start']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['start'])) {
if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
$start = $tmp;
} else {
$valid = false;
$msg .= error(_("Please enter a valid starting time for the shifts."), true);
$msg .= error(_('Please enter a valid starting time for the shifts.'), true);
}
if (isset($_REQUEST['end']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['end'])) {
if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
$end = $tmp;
} else {
$valid = false;
$msg .= error(_("Please enter a valid ending time for the shifts."), true);
$msg .= error(_('Please enter a valid ending time for the shifts.'), true);
}
if ($start >= $end) {
$valid = false;
$msg .= error(_("The ending time has to be after the starting time."), true);
$msg .= error(_('The ending time has to be after the starting time.'), true);
}
foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
@ -94,7 +116,10 @@ function shift_edit_controller() {
$needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]);
} else {
$valid = false;
$msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $needed_angeltype_name), true);
$msg .= error(sprintf(
_('Please check your input for needed angels of type %s.'),
$needed_angeltype_name
), true);
}
}
@ -113,11 +138,16 @@ function shift_edit_controller() {
$needed_angel_types_info = [];
foreach ($needed_angel_types as $type_id => $count) {
NeededAngelType_add($shift_id, $type_id, null, $count);
$needed_angel_types_info[] = $angeltypes[$type_id] . ": " . $count;
$needed_angel_types_info[] = $angeltypes[$type_id] . ': ' . $count;
}
engelsystem_log("Updated shift '" . $shifttypes[$shifttype_id] . ", " . $title . "' from " . date("Y-m-d H:i", $start) . " to " . date("Y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
success(_("Shift updated."));
engelsystem_log(
'Updated shift \'' . $shifttypes[$shifttype_id] . ', ' . $title
. '\' from ' . date('Y-m-d H:i', $start)
. ' to ' . date('Y-m-d H:i', $end)
. ' with angel types ' . join(', ', $needed_angel_types_info)
);
success(_('Shift updated.'));
redirect(shift_link([
'SID' => $shift_id
@ -125,28 +155,36 @@ function shift_edit_controller() {
}
}
$angel_types_spinner = "";
$angel_types_spinner = '';
foreach ($angeltypes as $angeltype_id => $angeltype_name) {
$angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name, $needed_angel_types[$angeltype_id]);
$angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name,
$needed_angel_types[$angeltype_id]);
}
return page_with_title(shifts_title(), [
return page_with_title(
shifts_title(),
[
msg(),
'<noscript>' . info(_("This page is much more comfortable with javascript."), true) . '</noscript>',
'<noscript>' . info(_('This page is much more comfortable with javascript.'), true) . '</noscript>',
form([
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_text('title', _("Title"), $title),
form_select('rid', _("Room:"), $room, $rid),
form_text('start', _("Start:"), date("Y-m-d H:i", $start)),
form_text('end', _("End:"), date("Y-m-d H:i", $end)),
'<h2>' . _("Needed angels") . '</h2>',
form_text('title', _('Title'), $title),
form_select('rid', _('Room:'), $room, $rid),
form_text('start', _('Start:'), date('Y-m-d H:i', $start)),
form_text('end', _('End:'), date('Y-m-d H:i', $end)),
'<h2>' . _('Needed angels') . '</h2>',
$angel_types_spinner,
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
])
]);
]
);
}
function shift_delete_controller() {
/**
* @return string
*/
function shift_delete_controller()
{
global $privileges;
if (!in_array('user_shifts_admin', $privileges)) {
@ -154,7 +192,7 @@ function shift_delete_controller() {
}
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
if (! isset($_REQUEST['delete_shift']) || ! preg_match("/^[0-9]*$/", $_REQUEST['delete_shift'])) {
if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) {
redirect(page_link_to('user_shifts'));
}
$shift_id = $_REQUEST['delete_shift'];
@ -168,18 +206,31 @@ function shift_delete_controller() {
if (isset($_REQUEST['delete'])) {
Shift_delete($shift_id);
engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
success(_("Shift deleted."));
engelsystem_log(
'Deleted shift ' . $shift['name']
. ' from ' . date('Y-m-d H:i', $shift['start'])
. ' to ' . date('Y-m-d H:i', $shift['end'])
);
success(_('Shift deleted.'));
redirect(page_link_to('user_shifts'));
}
return page_with_title(shifts_title(), [
error(sprintf(_("Do you want to delete the shift %s from %s to %s?"), $shift['name'], date("Y-m-d H:i", $shift['start']), date("H:i", $shift['end'])), true),
'<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _("delete") . '</a>'
error(sprintf(
_('Do you want to delete the shift %s from %s to %s?'),
$shift['name'],
date('Y-m-d H:i', $shift['start']),
date('H:i', $shift['end'])
), true),
'<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _('delete') . '</a>'
]);
}
function shift_controller() {
/**
* @return array
*/
function shift_controller()
{
global $user, $privileges;
if (!in_array('user_shifts', $privileges)) {
@ -192,7 +243,7 @@ function shift_controller() {
$shift = Shift($_REQUEST['shift_id']);
if ($shift == null) {
error(_("Shift could not be found."));
error(_('Shift could not be found.'));
redirect(page_link_to('user_shifts'));
}
@ -206,7 +257,15 @@ function shift_controller() {
$needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype);
$shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $angeltype['id']);
$angeltype_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, $user_shifts, $needed_angeltype, $shift_entries);
$angeltype_signup_state = Shift_signup_allowed(
$user,
$shift,
$angeltype,
null,
$user_shifts,
$needed_angeltype,
$shift_entries
);
if ($shift_signup_state == null) {
$shift_signup_state = $angeltype_signup_state;
} else {
@ -221,25 +280,34 @@ function shift_controller() {
];
}
function shifts_controller() {
/**
* @return array|false
*/
function shifts_controller()
{
if (!isset($_REQUEST['action'])) {
redirect(page_link_to('user_shifts'));
}
switch ($_REQUEST['action']) {
default:
redirect(page_link_to('?'));
case 'view':
return shift_controller();
case 'next':
return shift_next_controller();
default:
redirect(page_link_to('?'));
}
return false;
}
/**
* Redirects the user to his next shift.
*
* @return false
*/
function shift_next_controller() {
function shift_next_controller()
{
global $user, $privileges;
if (!in_array('user_shifts', $privileges)) {
@ -247,41 +315,40 @@ function shift_next_controller() {
}
$upcoming_shifts = ShiftEntries_upcoming_for_user($user);
if ($upcoming_shifts === false) {
return false;
}
if (count($upcoming_shifts) > 0) {
if (!empty($upcoming_shifts)) {
redirect(shift_link($upcoming_shifts[0]));
}
redirect(page_link_to('user_shifts'));
exit;
}
/**
* Export all shifts using api-key.
*/
function shifts_json_export_all_controller() {
global $api_key;
function shifts_json_export_all_controller()
{
$api_key = config('api_key');
if ($api_key == "") {
engelsystem_error("Config contains empty apikey.");
if (empty($api_key)) {
engelsystem_error('Config contains empty apikey.');
}
if (!isset($_REQUEST['api_key'])) {
engelsystem_error("Missing parameter api_key.");
engelsystem_error('Missing parameter api_key.');
}
if ($_REQUEST['api_key'] != $api_key) {
engelsystem_error("Invalid api_key.");
engelsystem_error('Invalid api_key.');
}
$shifts_source = Shifts();
if ($shifts_source === false) {
engelsystem_error("Unable to load shifts.");
engelsystem_error('Unable to load shifts.');
}
header("Content-Type: application/json; charset=utf-8");
header('Content-Type: application/json; charset=utf-8');
raw_output(json_encode($shifts_source));
}
@ -289,36 +356,38 @@ function shifts_json_export_all_controller() {
* Export filtered shifts via JSON.
* (Like iCal Export or shifts view)
*/
function shifts_json_export_controller() {
function shifts_json_export_controller()
{
global $user;
if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) {
engelsystem_error("Missing key.");
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
engelsystem_error('Missing key.');
}
$key = $_REQUEST['key'];
$user = User_by_api_key($key);
if ($user == null) {
engelsystem_error("Key invalid.");
engelsystem_error('Key invalid.');
}
if (!in_array('shifts_json_export', privileges_for_user($user['UID']))) {
engelsystem_error("No privilege for shifts_json_export.");
engelsystem_error('No privilege for shifts_json_export.');
}
$shifts = load_ical_shifts();
header("Content-Type: application/json; charset=utf-8");
header('Content-Type: application/json; charset=utf-8');
raw_output(json_encode($shifts));
}
/**
* Returns users shifts to export.
*
* @return array
*/
function load_ical_shifts() {
function load_ical_shifts()
{
global $user;
return Shifts_by_user($user);
}
?>

69
includes/controller/shifttypes_controller.php
Unescape Escape View File

@ -1,21 +1,26 @@
<?php
function shifttype_link($shifttype) {
/**
* @param array $shifttype
* @return string
*/
function shifttype_link($shifttype)
{
return page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'];
}
/**
* Delete a shifttype.
*
* @return array
*/
function shifttype_delete_controller() {
function shifttype_delete_controller()
{
if (!isset($_REQUEST['shifttype_id'])) {
redirect(page_link_to('shifttypes'));
}
$shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false) {
engelsystem_error('Unable to load shifttype.');
}
if ($shifttype == null) {
redirect(page_link_to('shifttypes'));
@ -23,7 +28,7 @@ function shifttype_delete_controller() {
if (isset($_REQUEST['confirmed'])) {
$result = ShiftType_delete($shifttype['id']);
if ($result === false) {
if (empty($result)) {
engelsystem_error('Unable to delete shifttype.');
}
@ -33,27 +38,27 @@ function shifttype_delete_controller() {
}
return [
sprintf(_("Delete shifttype %s"), $shifttype['name']),
sprintf(_('Delete shifttype %s'), $shifttype['name']),
ShiftType_delete_view($shifttype)
];
}
/**
* Edit or create shift type.
*
* @return array
*/
function shifttype_edit_controller() {
function shifttype_edit_controller()
{
$shifttype_id = null;
$name = "";
$name = '';
$angeltype_id = null;
$description = "";
$description = '';
$angeltypes = AngelTypes();
if (isset($_REQUEST['shifttype_id'])) {
$shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false) {
engelsystem_error('Unable to load shifttype.');
}
if ($shifttype == null) {
error(_('Shifttype not found.'));
redirect(page_link_to('shifttypes'));
@ -74,7 +79,7 @@ function shifttype_edit_controller() {
error(_('Please enter a name.'));
}
if (isset($_REQUEST['angeltype_id']) && preg_match("/^[0-9]+$/", $_REQUEST['angeltype_id'])) {
if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) {
$angeltype_id = $_REQUEST['angeltype_id'];
} else {
$angeltype_id = null;
@ -110,14 +115,15 @@ function shifttype_edit_controller() {
];
}
function shifttype_controller() {
/**
* @return array
*/
function shifttype_controller()
{
if (!isset($_REQUEST['shifttype_id'])) {
redirect(page_link_to('shifttypes'));
}
$shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false) {
engelsystem_error('Unable to load shifttype.');
}
if ($shifttype == null) {
redirect(page_link_to('shifttypes'));
}
@ -135,11 +141,14 @@ function shifttype_controller() {
/**
* List all shift types.
*
* @return array
*/
function shifttypes_list_controller() {
function shifttypes_list_controller()
{
$shifttypes = ShiftTypes();
if ($shifttypes === false) {
engelsystem_error("Unable to load shifttypes.");
engelsystem_error('Unable to load shifttypes.');
}
return [
@ -150,30 +159,34 @@ function shifttypes_list_controller() {
/**
* Text for shift type related links.
*
* @return string
*/
function shifttypes_title() {
return _("Shifttypes");
function shifttypes_title()
{
return _('Shifttypes');
}
/**
* Route shift type actions
*
* @return array
*/
function shifttypes_controller() {
function shifttypes_controller()
{
if (!isset($_REQUEST['action'])) {
$_REQUEST['action'] = 'list';
}
switch ($_REQUEST['action']) {
default:
case 'list':
return shifttypes_list_controller();
case 'view':
return shifttype_controller();
case 'edit':
return shifttype_edit_controller();
case 'delete':
return shifttype_delete_controller();
case 'list':
default:
return shifttypes_list_controller();
}
}
?>

191
includes/controller/user_angeltypes_controller.php
Unescape Escape View File

@ -2,8 +2,11 @@
/**
* Display a hint for team/angeltype supporters if there are unconfirmed users for his angeltype.
*
* @return string|null
*/
function user_angeltypes_unconfirmed_hint() {
function user_angeltypes_unconfirmed_hint()
{
global $user;
$unconfirmed_user_angeltypes = User_unconfirmed_AngelTypes($user);
@ -13,182 +16,207 @@ function user_angeltypes_unconfirmed_hint() {
$unconfirmed_links = [];
foreach ($unconfirmed_user_angeltypes as $user_angeltype) {
$unconfirmed_links[] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $user_angeltype['angeltype_id'] . '">' . $user_angeltype['name'] . ' (+' . $user_angeltype['count'] . ')' . '</a>';
$unconfirmed_links[] = '<a href="'
. page_link_to('angeltypes')
. '&action=view&angeltype_id=' . $user_angeltype['angeltype_id']
. '">' . $user_angeltype['name']
. ' (+' . $user_angeltype['count'] . ')'
. '</a>';
}
return sprintf(ngettext("There is %d unconfirmed angeltype.", "There are %d unconfirmed angeltypes.", count($unconfirmed_user_angeltypes)), count($unconfirmed_user_angeltypes)) . " " . _('Angel types which need approvals:') . ' ' . join(', ', $unconfirmed_links);
return sprintf(ngettext('There is %d unconfirmed angeltype.', 'There are %d unconfirmed angeltypes.',
count($unconfirmed_user_angeltypes)),
count($unconfirmed_user_angeltypes)) . ' ' . _('Angel types which need approvals:') . ' ' . join(', ',
$unconfirmed_links);
}
/**
* Remove all unconfirmed users from a specific angeltype.
*
* @return array
*/
function user_angeltypes_delete_all_controller() {
function user_angeltypes_delete_all_controller()
{
global $user;
if (!isset($_REQUEST['angeltype_id'])) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype == null) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if (!User_is_AngelType_supporter($user, $angeltype)) {
error(_("You are not allowed to delete all users for this angeltype."));
error(_('You are not allowed to delete all users for this angeltype.'));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['confirmed'])) {
UserAngelTypes_delete_all($angeltype['id']);
engelsystem_log(sprintf("Denied all users for angeltype %s", AngelType_name_render($angeltype)));
success(sprintf(_("Denied all users for angeltype %s."), AngelType_name_render($angeltype)));
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
success(sprintf(_('Denied all users for angeltype %s.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
return [
_("Deny all users"),
_('Deny all users'),
UserAngelTypes_delete_all_view($angeltype)
];
}
/**
* Confirm all unconfirmed users for an angeltype.
*
* @return array
*/
function user_angeltypes_confirm_all_controller() {
function user_angeltypes_confirm_all_controller()
{
global $user, $privileges;
if (!isset($_REQUEST['angeltype_id'])) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$angeltype = AngelType($_REQUEST['angeltype_id']);
if ($angeltype == null) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
if ($user_angeltype == null) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if (!in_array('admin_user_angeltypes', $privileges) && !$user_angeltype['supporter']) {
error(_("You are not allowed to confirm all users for this angeltype."));
error(_('You are not allowed to confirm all users for this angeltype.'));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['confirmed'])) {
UserAngelTypes_confirm_all($angeltype['id'], $user);
engelsystem_log(sprintf("Confirmed all users for angeltype %s", AngelType_name_render($angeltype)));
success(sprintf(_("Confirmed all users for angeltype %s."), AngelType_name_render($angeltype)));
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
success(sprintf(_('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
return [
_("Confirm all users"),
_('Confirm all users'),
UserAngelTypes_confirm_all_view($angeltype)
];
}
/**
* Confirm an user for an angeltype.
*
* @return array
*/
function user_angeltype_confirm_controller() {
function user_angeltype_confirm_controller()
{
global $user;
if (!isset($_REQUEST['user_angeltype_id'])) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
if ($user_angeltype == null) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$angeltype = AngelType($user_angeltype['angeltype_id']);
if ($angeltype == null) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if (!User_is_AngelType_supporter($user, $angeltype)) {
error(_("You are not allowed to confirm this users angeltype."));
error(_('You are not allowed to confirm this users angeltype.'));
redirect(page_link_to('angeltypes'));
}
$user_source = User($user_angeltype['user_id']);
if ($user_source == null) {
error(_("User doesn't exist."));
error(_('User doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['confirmed'])) {
$result = UserAngelType_confirm($user_angeltype['id'], $user);
if ($result === false) {
engelsystem_error("Unable to confirm user angeltype.");
}
engelsystem_log(sprintf("%s confirmed for angeltype %s", User_Nick_render($user_source), AngelType_name_render($angeltype)));
success(sprintf(_("%s confirmed for angeltype %s."), User_Nick_render($user_source), AngelType_name_render($angeltype)));
UserAngelType_confirm($user_angeltype['id'], $user);
engelsystem_log(sprintf(
'%s confirmed for angeltype %s',
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
success(sprintf(
_('%s confirmed for angeltype %s.'),
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
return [
_("Confirm angeltype for user"),
_('Confirm angeltype for user'),
UserAngelType_confirm_view($user_angeltype, $user_source, $angeltype)
];
}
/**
* Remove a user from an Angeltype.
*
* @return array
*/
function user_angeltype_delete_controller() {
function user_angeltype_delete_controller()
{
global $user;
if (!isset($_REQUEST['user_angeltype_id'])) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
if ($user_angeltype == null) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$angeltype = AngelType($user_angeltype['angeltype_id']);
if ($angeltype == null) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$user_source = User($user_angeltype['user_id']);
if ($user_source == null) {
error(_("User doesn't exist."));
error(_('User doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if ($user['UID'] != $user_angeltype['user_id'] && !User_is_AngelType_supporter($user, $angeltype)) {
error(_("You are not allowed to delete this users angeltype."));
error(_('You are not allowed to delete this users angeltype.'));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['confirmed'])) {
$result = UserAngelType_delete($user_angeltype);
if ($result === false) {
engelsystem_error("Unable to delete user angeltype.");
engelsystem_error('Unable to delete user angeltype.');
}
$success_message = sprintf(_("User %s removed from %s."), User_Nick_render($user_source), $angeltype['name']);
$success_message = sprintf(_('User %s removed from %s.'), User_Nick_render($user_source), $angeltype['name']);
engelsystem_log($success_message);
success($success_message);
@ -196,56 +224,64 @@ function user_angeltype_delete_controller() {
}
return [
_("Remove angeltype"),
_('Remove angeltype'),
UserAngelType_delete_view($user_angeltype, $user_source, $angeltype)
];
}
/**
* Update an UserAngelType.
*
* @return array
*/
function user_angeltype_update_controller() {
function user_angeltype_update_controller()
{
global $privileges;
$supporter = false;
if (!in_array('admin_angel_types', $privileges)) {
error(_("You are not allowed to set supporter rights."));
error(_('You are not allowed to set supporter rights.'));
redirect(page_link_to('angeltypes'));
}
if (!isset($_REQUEST['user_angeltype_id'])) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['supporter']) && preg_match("/^[01]$/", $_REQUEST['supporter'])) {
$supporter = $_REQUEST['supporter'] == "1";
if (isset($_REQUEST['supporter']) && preg_match('/^[01]$/', $_REQUEST['supporter'])) {
$supporter = $_REQUEST['supporter'] == '1';
} else {
error(_("No supporter update given."));
error(_('No supporter update given.'));
redirect(page_link_to('angeltypes'));
}
$user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
if ($user_angeltype == null) {
error(_("User angeltype doesn't exist."));
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$angeltype = AngelType($user_angeltype['angeltype_id']);
if ($angeltype == null) {
error(_("Angeltype doesn't exist."));
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
$user_source = User($user_angeltype['user_id']);
if ($user_source == null) {
error(_("User doesn't exist."));
error(_('User doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['confirmed'])) {
UserAngelType_update($user_angeltype['id'], $supporter);
$success_message = sprintf($supporter ? _("Added supporter rights for %s to %s.") : _("Removed supporter rights for %s from %s."), AngelType_name_render($angeltype), User_Nick_render($user_source));
$success_message = sprintf(
$supporter ? _('Added supporter rights for %s to %s.') : _('Removed supporter rights for %s from %s.'),
AngelType_name_render($angeltype),
User_Nick_render($user_source)
);
engelsystem_log($success_message);
success($success_message);
@ -253,7 +289,7 @@ function user_angeltype_update_controller() {
}
return [
$supporter ? _("Add supporter rights") : _("Remove supporter rights"),
$supporter ? _('Add supporter rights') : _('Remove supporter rights'),
UserAngelType_update_view($user_angeltype, $user_source, $angeltype, $supporter)
];
}
@ -261,7 +297,8 @@ function user_angeltype_update_controller() {
/**
* User joining an Angeltype (Or supporter doing this for him).
*/
function user_angeltype_add_controller() {
function user_angeltype_add_controller()
{
global $user;
$angeltype = load_angeltype();
@ -285,59 +322,82 @@ function user_angeltype_add_controller() {
if (!UserAngelType_exists($user_source, $angeltype)) {
$user_angeltype_id = UserAngelType_create($user_source, $angeltype);
engelsystem_log(sprintf("User %s added to %s.", User_Nick_render($user_source), AngelType_name_render($angeltype)));
success(sprintf(_("User %s added to %s."), User_Nick_render($user_source), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
'User %s added to %s.',
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
success(sprintf(
_('User %s added to %s.'),
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
UserAngelType_confirm($user_angeltype_id, $user_source);
engelsystem_log(sprintf("User %s confirmed as %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
'User %s confirmed as %s.',
User_Nick_render($user),
AngelType_name_render($angeltype)
));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
}
return [
_("Add user to angeltype"),
_('Add user to angeltype'),
UserAngelType_add_view($angeltype, $users_source, $user_source['UID'])
];
}
/**
* A user joins an angeltype.
*
* @param array $angeltype
* @return array
*/
function user_angeltype_join_controller($angeltype) {
function user_angeltype_join_controller($angeltype)
{
global $user, $privileges;
$user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
if ($user_angeltype != null) {
error(sprintf(_("You are already a %s."), $angeltype['name']));
error(sprintf(_('You are already a %s.'), $angeltype['name']));
redirect(page_link_to('angeltypes'));
}
if (isset($_REQUEST['confirmed'])) {
$user_angeltype_id = UserAngelType_create($user, $angeltype);
$success_message = sprintf(_("You joined %s."), $angeltype['name']);
engelsystem_log(sprintf("User %s joined %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
$success_message = sprintf(_('You joined %s.'), $angeltype['name']);
engelsystem_log(sprintf('User %s joined %s.', User_Nick_render($user), AngelType_name_render($angeltype)));
success($success_message);
if (in_array('admin_user_angeltypes', $privileges)) {
UserAngelType_confirm($user_angeltype_id, $user);
engelsystem_log(sprintf("User %s confirmed as %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
'User %s confirmed as %s.',
User_Nick_render($user),
AngelType_name_render($angeltype)
));
}
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
return [
sprintf(_("Become a %s"), $angeltype['name']),
sprintf(_('Become a %s'), $angeltype['name']),
UserAngelType_join_view($user, $angeltype)
];
}
/**
* Route UserAngelType actions.
*
* @return array
*/
function user_angeltypes_controller() {
function user_angeltypes_controller()
{
if (!isset($_REQUEST['action'])) {
redirect(page_link_to('angeltypes'));
}
@ -357,7 +417,6 @@ function user_angeltypes_controller() {
return user_angeltype_add_controller();
default:
redirect(page_link_to('angeltypes'));
exit;
}
}
?>

52
includes/controller/user_driver_licenses_controller.php
Unescape Escape View File

@ -1,9 +1,13 @@
<?php
/**
* Generates a hint, if user joined angeltypes that require a driving license and the user has no driver license information provided.
* Generates a hint, if user joined angeltypes that require a driving license and the user has no driver license
* information provided.
*
* @return string|null
*/
function user_driver_license_required_hint() {
function user_driver_license_required_hint()
{
global $user;
$angeltypes = User_angeltypes($user);
@ -16,7 +20,10 @@ function user_driver_license_required_hint() {
foreach ($angeltypes as $angeltype) {
if ($angeltype['requires_driver_license']) {
return sprintf(_("You joined an angeltype which requires a driving license. Please edit your driving license information here: %s."), '<a href="' . user_driver_license_edit_link() . '">' . _("driving license information") . '</a>');
return sprintf(
_('You joined an angeltype which requires a driving license. Please edit your driving license information here: %s.'),
'<a href="' . user_driver_license_edit_link() . '">' . _('driving license information') . '</a>'
);
}
}
@ -25,8 +32,11 @@ function user_driver_license_required_hint() {
/**
* Route user driver licenses actions.
*
* @return array
*/
function user_driver_licenses_controller() {
function user_driver_licenses_controller()
{
global $user;
if (!isset($user)) {
@ -45,9 +55,11 @@ function user_driver_licenses_controller() {
/**
* Link to user driver license edit page for given user.
*
* @param User $user
* @param array $user
* @return string
*/
function user_driver_license_edit_link($user = null) {
function user_driver_license_edit_link($user = null)
{
if ($user == null) {
return page_link_to('user_driver_licenses');
}
@ -56,8 +68,11 @@ function user_driver_license_edit_link($user = null) {
/**
* Loads the user for the driver license.
*
* @return array
*/
function user_driver_license_load_user() {
function user_driver_license_load_user()
{
global $user;
$user_source = $user;
@ -74,8 +89,11 @@ function user_driver_license_load_user() {
/**
* Edit a users driver license information.
*
* @return array
*/
function user_driver_license_edit_controller() {
function user_driver_license_edit_controller()
{
global $privileges, $user;
$user_source = user_driver_license_load_user();
@ -105,28 +123,26 @@ function user_driver_license_edit_controller() {
if (UserDriverLicense_valid($user_driver_license)) {
if ($user_driver_license['user_id'] == null) {
$user_driver_license = UserDriverLicenses_create($user_driver_license, $user);
$user_driver_license = UserDriverLicenses_create($user_driver_license, $user_source);
} else {
UserDriverLicenses_update($user_driver_license);
}
engelsystem_log("Driver license information updated.");
success(_("Your driver license information has been saved."));
engelsystem_log('Driver license information updated.');
success(_('Your driver license information has been saved.'));
redirect(user_link($user_source));
} else {
error(_("Please select at least one driving license."));
error(_('Please select at least one driving license.'));
}
} elseif ($user_driver_license['id'] != null) {
} elseif ($user_driver_license['user_id'] != null) {
UserDriverLicenses_delete($user_source['UID']);
engelsystem_log("Driver license information removed.");
success(_("Your driver license information has been removed."));
engelsystem_log('Driver license information removed.');
success(_('Your driver license information has been removed.'));
redirect(user_link($user_source));
}
}
return [
sprintf(_("Edit %s driving license information"), $user_source['Nick']),
sprintf(_('Edit %s driving license information'), $user_source['Nick']),
UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license)
];
}
?>

218
includes/controller/users_controller.php
Unescape Escape View File

@ -1,11 +1,16 @@
<?php
use Engelsystem\ShiftsFilter;
use Engelsystem\Database\DB;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilter;
/**
* Route user actions.
*
* @return array
*/
function users_controller() {
function users_controller()
{
global $user;
if (!isset($user)) {
@ -17,24 +22,25 @@ function users_controller() {
}
switch ($_REQUEST['action']) {
default:
case 'list':
return users_list_controller();
case 'view':
return user_controller();
case 'edit':
return user_edit_controller();
case 'delete':
return user_delete_controller();
case 'edit_vouchers':
return user_edit_vouchers_controller();
case 'list':
default:
return users_list_controller();
}
}
/**
* Delete a user, requires to enter own password for reasons.
*
* @return array
*/
function user_delete_controller() {
function user_delete_controller()
{
global $privileges, $user;
if (isset($_REQUEST['user_id'])) {
@ -49,16 +55,18 @@ function user_delete_controller() {
// You cannot delete yourself
if ($user['UID'] == $user_source['UID']) {
error(_("You cannot delete yourself."));
error(_('You cannot delete yourself.'));
redirect(user_link($user));
}
if (isset($_REQUEST['submit'])) {
$valid = true;
if (! (isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))) {
if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],
$user['UID']))
) {
$valid = false;
error(_("Your password is incorrect. Please try it again."));
error(_('Your password is incorrect. Please try it again.'));
}
if ($valid) {
@ -68,36 +76,59 @@ function user_delete_controller() {
}
mail_user_delete($user_source);
success(_("User deleted."));
engelsystem_log(sprintf("Deleted %s", User_Nick_render($user_source)));
success(_('User deleted.'));
engelsystem_log(sprintf('Deleted %s', User_Nick_render($user_source)));
redirect(users_link());
}
}
return [
sprintf(_("Delete %s"), $user_source['Nick']),
sprintf(_('Delete %s'), $user_source['Nick']),
User_delete_view($user_source)
];
}
function users_link() {
/**
* @return string
*/
function users_link()
{
return page_link_to('users');
}
function user_edit_link($user) {
/**
* @param array $user
* @return string
*/
function user_edit_link($user)
{
return page_link_to('admin_user') . '&user_id=' . $user['UID'];
}
function user_delete_link($user) {
/**
* @param array $user
* @return string
*/
function user_delete_link($user)
{
return page_link_to('users') . '&action=delete&user_id=' . $user['UID'];
}
function user_link($user) {
/**
* @param array $user
* @return string
*/
function user_link($user)
{
return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
}
function user_edit_vouchers_controller() {
/**
* @return array
*/
function user_edit_vouchers_controller()
{
global $privileges, $user;
if (isset($_REQUEST['user_id'])) {
@ -113,11 +144,12 @@ function user_edit_vouchers_controller() {
if (isset($_REQUEST['submit'])) {
$valid = true;
$vouchers = '';
if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {
$vouchers = trim($_REQUEST['vouchers']);
} else {
$valid = false;
error(_("Please enter a valid number of vouchers."));
error(_('Please enter a valid number of vouchers.'));
}
if ($valid) {
@ -128,59 +160,86 @@ function user_edit_vouchers_controller() {
engelsystem_error('Unable to update user.');
}
success(_("Saved the number of vouchers."));
engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf("Got %s vouchers", $user_source['got_voucher']));
success(_('Saved the number of vouchers.'));
engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf('Got %s vouchers',
$user_source['got_voucher']));
redirect(user_link($user_source));
}
}
return [
sprintf(_("%s's vouchers"), $user_source['Nick']),
sprintf(_('%s\'s vouchers'), $user_source['Nick']),
User_edit_vouchers_view($user_source)
];
}
function user_controller() {
/**
* @return array
*/
function user_controller()
{
global $privileges, $user;
$user_source = $user;
if (isset($_REQUEST['user_id'])) {
$user_source = User($_REQUEST['user_id']);
if ($user_source == null) {
error(_("User not found."));
error(_('User not found.'));
redirect('?');
}
}
$shifts = Shifts_by_user($user_source, in_array("user_shifts_admin", $privileges));
$shifts = Shifts_by_user($user_source, in_array('user_shifts_admin', $privileges));
foreach ($shifts as &$shift) {
// TODO: Move queries to model
$shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "' ORDER BY `AngelTypes`.`name`");
$shift['needed_angeltypes'] = DB::select('
SELECT DISTINCT `AngelTypes`.*
FROM `ShiftEntry`
JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
WHERE `ShiftEntry`.`SID` = ?
ORDER BY `AngelTypes`.`name`
',
[$shift['SID']]
);
foreach ($shift['needed_angeltypes'] as &$needed_angeltype) {
$needed_angeltype['users'] = sql_select("
$needed_angeltype['users'] = DB::select('
SELECT `ShiftEntry`.`freeloaded`, `User`.*
FROM `ShiftEntry`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "'
AND `ShiftEntry`.`TID`='" . sql_escape($needed_angeltype['id']) . "'");
WHERE `ShiftEntry`.`SID` = ?
AND `ShiftEntry`.`TID` = ?
',
[$shift['SID'], $needed_angeltype['id']]
);
}
}
if ($user_source['api_key'] == "") {
if ($user_source['api_key'] == '') {
User_reset_api_key($user_source, false);
}
return [
$user_source['Nick'],
User_view($user_source, in_array('admin_user', $privileges), User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID'])
User_view(
$user_source,
in_array('admin_user', $privileges),
User_is_freeloader($user_source),
User_angeltypes($user_source),
User_groups($user_source),
$shifts,
$user['UID'] == $user_source['UID']
)
];
}
/**
* List all users.
*
* @return array
*/
function users_list_controller() {
function users_list_controller()
{
global $privileges;
if (!in_array('admin_user', $privileges)) {
@ -203,37 +262,51 @@ function users_list_controller() {
return [
_('All users'),
Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count(), User_got_voucher_count())
Users_view(
$users,
$order_by,
User_arrived_count(),
User_active_count(),
User_force_active_count(),
ShiftEntries_freeleaded_count(),
User_tshirts_count(),
User_got_voucher_count()
)
];
}
/**
* Second step of password recovery: set a new password using the token link from email
*
* @return string
*/
function user_password_recovery_set_new_controller() {
global $min_password_length;
function user_password_recovery_set_new_controller()
{
$user_source = User_by_password_recovery_token($_REQUEST['token']);
if ($user_source == null) {
error(_("Token is not correct."));
error(_('Token is not correct.'));
redirect(page_link_to('login'));
}
if (isset($_REQUEST['submit'])) {
$valid = true;
if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
if (
isset($_REQUEST['password'])
&& strlen($_REQUEST['password']) >= config('min_password_length')
) {
if ($_REQUEST['password'] != $_REQUEST['password2']) {
$valid = false;
error(_("Your passwords don't match."));
error(_('Your passwords don\'t match.'));
}
} else {
$valid = false;
error(_("Your password is to short (please use at least 6 characters)."));
error(_('Your password is to short (please use at least 6 characters).'));
}
if ($valid) {
set_password($user_source['UID'], $_REQUEST['password']);
success(_("Password saved."));
success(_('Password saved.'));
redirect(page_link_to('login'));
}
}
@ -243,8 +316,11 @@ function user_password_recovery_set_new_controller() {
/**
* First step of password recovery: display a form that asks for your email and send email with recovery link
*
* @return string
*/
function user_password_recovery_start_controller() {
function user_password_recovery_start_controller()
{
if (isset($_REQUEST['submit'])) {
$valid = true;
@ -254,21 +330,28 @@ function user_password_recovery_start_controller() {
$user_source = User_by_email($email);
if ($user_source == null) {
$valid = false;
error(_("E-mail address is not correct."));
error(_('E-mail address is not correct.'));
}
} else {
$valid = false;
error(_("E-mail address is not correct."));
error(_('E-mail address is not correct.'));
}
} else {
$valid = false;
error(_("Please enter your e-mail."));
error(_('Please enter your e-mail.'));
}
if ($valid) {
$token = User_generate_password_recovery_token($user_source);
engelsystem_email_to_user($user_source, _("Password recovery"), sprintf(_("Please visit %s to recover your password."), page_link_to_absolute('user_password_recovery') . '&token=' . $token));
success(_("We sent an email containing your password recovery link."));
engelsystem_email_to_user(
$user_source,
_('Password recovery'),
sprintf(
_('Please visit %s to recover your password.'),
page_link_to_absolute('user_password_recovery') . '&token=' . $token
)
);
success(_('We sent an email containing your password recovery link.'));
redirect(page_link_to('login'));
}
}
@ -279,44 +362,55 @@ function user_password_recovery_start_controller() {
/**
* User password recovery in 2 steps.
* (By email)
*
* @return string
*/
function user_password_recovery_controller() {
function user_password_recovery_controller()
{
if (isset($_REQUEST['token'])) {
return user_password_recovery_set_new_controller();
} else {
return user_password_recovery_start_controller();
}
return user_password_recovery_start_controller();
}
/**
* Menu title for password recovery.
*
* @return string
*/
function user_password_recovery_title() {
return _("Password recovery");
function user_password_recovery_title()
{
return _('Password recovery');
}
/**
* Loads a user from param user_id.
*
* return array
*/
function load_user() {
function load_user()
{
if (!isset($_REQUEST['user_id'])) {
redirect(page_link_to());
}
$user = User($_REQUEST['user_id']);
if ($user === false) {
engelsystem_error("Unable to load user.");
}
if ($user == null) {
error(_("User doesn't exist."));
error(_('User doesn\'t exist.'));
redirect(page_link_to());
}
return $user;
}
function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter) {
/**
* @param ShiftsFilter $shiftsFilter
* @return ShiftCalendarRenderer
*/
function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter)
{
$shifts = Shifts_by_ShiftsFilter($shiftsFilter);
$needed_angeltypes_source = NeededAngeltypes_by_ShiftsFilter($shiftsFilter);
$shift_entries_source = ShiftEntries_by_ShiftsFilter($shiftsFilter);
@ -340,13 +434,17 @@ function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter) {
unset($needed_angeltypes_source);
unset($shift_entries_source);
if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())) {
if (
in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled())
&& in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())
) {
return new ShiftCalendarRenderer($shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
}
$filtered_shifts = [];
foreach ($shifts as $shift) {
$needed_angels_count = 0;
$taken = 0;
foreach ($needed_angeltypes[$shift['SID']] as $needed_angeltype) {
$taken = 0;
foreach ($shift_entries[$shift['SID']] as $shift_entry) {
@ -367,5 +465,3 @@ function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter) {
return new ShiftCalendarRenderer($filtered_shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
}
?>

84
includes/engelsystem_provider.php
Unescape Escape View File

@ -1,9 +1,73 @@
<?php
use Engelsystem\Config\Config;
use Engelsystem\Database\Db;
use Engelsystem\Exceptions\Handler as ExceptionHandler;
/**
* This file includes all needed functions, connects to the db etc.
*/
require_once realpath(__DIR__ . '/../includes/mysqli_provider.php');
if (!is_readable(__DIR__ . '/../vendor/autoload.php')) {
die('Please run composer.phar install');
}
require __DIR__ . '/../vendor/autoload.php';
/**
* Load configuration
*/
$config = new Config();
Config::setInstance($config);
$config->set(require __DIR__ . '/../config/config.default.php');
if (file_exists(__DIR__ . '/../config/config.php')) {
$config->set(array_replace_recursive(
$config->get(null),
require __DIR__ . '/../config/config.php'
));
}
date_default_timezone_set($config->get('timezone'));
/**
* Check for maintenance
*/
if ($config->get('maintenance')) {
echo file_get_contents(__DIR__ . '/../public/maintenance.html');
die();
}
/**
* Register error handler
*/
$errorHandler = new ExceptionHandler();
if (config('environment') == 'development') {
$errorHandler->setEnvironment(ExceptionHandler::ENV_DEVELOPMENT);
ini_set('display_errors', true);
error_reporting(E_ALL);
} else {
ini_set('display_errors', false);
}
/**
* Connect to database
*/
Db::connect(
'mysql:host=' . config('database')['host'] . ';dbname=' . config('database')['db'] . ';charset=utf8',
config('database')['user'],
config('database')['pw']
) || die('Error: Unable to connect to database');
Db::getPdo()->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
Db::getPdo()->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
/**
* Include legacy code
*/
require_once realpath(__DIR__ . '/../includes/sys_auth.php');
require_once realpath(__DIR__ . '/../includes/sys_form.php');
require_once realpath(__DIR__ . '/../includes/sys_log.php');
@ -63,16 +127,6 @@ require_once realpath(__DIR__ . '/../includes/helper/email_helper.php');
require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php');
require_once realpath(__DIR__ . '/../includes/mailer/users_mailer.php');
require_once realpath(__DIR__ . '/../config/config.default.php');
if (file_exists(realpath(__DIR__ . '/../config/config.php'))) {
require_once realpath(__DIR__ . '/../config/config.php');
}
if ($maintenance_mode) {
echo file_get_contents(__DIR__ . '/../public/maintenance.html');
die();
}
require_once realpath(__DIR__ . '/../includes/pages/admin_active.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_arrive.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_free.php');
@ -91,14 +145,12 @@ require_once realpath(__DIR__ . '/../includes/pages/user_questions.php');
require_once realpath(__DIR__ . '/../includes/pages/user_settings.php');
require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php');
require_once realpath(__DIR__ . '/../vendor/parsedown/Parsedown.php');
/**
* Init application
*/
session_start();
gettext_init();
sql_connect($config['host'], $config['user'], $config['pw'], $config['db']);
load_auth();
?>

38
includes/helper/email_helper.php
Unescape Escape View File

@ -1,6 +1,14 @@
<?php
function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_its_me = false) {
/**
* @param array $recipient_user
* @param string $title
* @param string $message
* @param bool $not_if_its_me
* @return bool
*/
function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_its_me = false)
{
global $user;
if ($not_if_its_me && $user['UID'] == $recipient_user['UID']) {
@ -9,18 +17,34 @@ function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_it
gettext_locale($recipient_user['Sprache']);
$message = sprintf(_("Hi %s,"), $recipient_user['Nick']) . "\n\n" . _("here is a message for you from the engelsystem:") . "\n\n" . $message . "\n\n" . _("This email is autogenerated and has not to be signed. You got this email because you are registered in the engelsystem.");
$message = sprintf(_('Hi %s,'), $recipient_user['Nick']) . "\n\n"
. _('here is a message for you from the engelsystem:') . "\n\n"
. $message . "\n\n"
. _('This email is autogenerated and has not to be signed. You got this email because you are registered in the engelsystem.');
gettext_locale();
return engelsystem_email($recipient_user['email'], $title, $message);
}
function engelsystem_email($address, $title, $message) {
global $no_reply_email;
$result = mail($address, $title, $message, sprintf("Content-Type: text/plain; charset=UTF-8\r\nFrom: Engelsystem <%s>", $no_reply_email));
/**
* @param string $address
* @param string $title
* @param string $message
* @return bool
*/
function engelsystem_email($address, $title, $message)
{
$result = mail(
$address,
$title,
$message,
"Content-Type: text/plain; charset=UTF-8\r\nFrom: Engelsystem <noreply@engelsystem.de>"
);
if ($result === false) {
engelsystem_error('Unable to send email.');
}
}
?>
return true;
}

5
includes/helper/error_helper.php
Unescape Escape View File

@ -5,8 +5,7 @@
*
* @param string $message
*/
function engelsystem_error($message) {
function engelsystem_error($message)
{
raw_output($message);
}
?>

12
includes/helper/graph_helper.php
Unescape Escape View File

@ -2,12 +2,16 @@
/**
* Renders a bargraph
*
* @param string $dom_id
* @param string $key key name of the x-axis
* @param array $row_names key names for the data rows
* @param unknown $colors colors for the data rows
* @param unknown $data the data
* @param array $colors colors for the data rows
* @param array $data the data
* @return string
*/
function bargraph($dom_id, $key, $row_names, $colors, $data) {
function bargraph($dom_id, $key, $row_names, $colors, $data)
{
$labels = [];
foreach ($data as $dataset) {
$labels[] = $dataset[$key];
@ -37,5 +41,3 @@ function bargraph($dom_id, $key, $row_names, $colors, $data) {
});
</script>';
}
?>

43
includes/helper/internationalization_helper.php
Unescape Escape View File

@ -1,30 +1,32 @@
<?php
$locales = [
'de_DE.UTF-8' => "Deutsch",
'en_US.UTF-8' => "English"
];
$default_locale = 'en_US.UTF-8';
/**
* Return currently active locale
*
* @return string
*/
function locale() {
function locale()
{
return $_SESSION['locale'];
}
/**
* Returns two letter language code from currently active locale
*
* @return string
*/
function locale_short() {
function locale_short()
{
return substr(locale(), 0, 2);
}
/**
* Initializes gettext for internationalization and updates the sessions locale to use for translation.
*/
function gettext_init() {
global $locales, $default_locale;
function gettext_init()
{
$locales = config('locales');
$default_locale = config('default_locale');
if (isset($_REQUEST['set_locale']) && isset($locales[$_REQUEST['set_locale']])) {
$_SESSION['locale'] = $_REQUEST['set_locale'];
@ -43,7 +45,8 @@ function gettext_init() {
*
* @param string $locale
*/
function gettext_locale($locale = null) {
function gettext_locale($locale = null)
{
if ($locale == null) {
$locale = $_SESSION['locale'];
}
@ -55,17 +58,19 @@ function gettext_locale($locale = null) {
/**
* Renders language selection.
*
* @return string
* @return array
*/
function make_langselect() {
global $locales;
$URL = $_SERVER["REQUEST_URI"] . (strpos($_SERVER["REQUEST_URI"], "?") > 0 ? '&' : '?') . "set_locale=";
function make_langselect()
{
$url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') > 0 ? '&' : '?') . 'set_locale=';
$items = [];
foreach ($locales as $locale => $name) {
$items[] = toolbar_item_link(htmlspecialchars($URL) . $locale, '', '<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name);
foreach (config('locales') as $locale => $name) {
$items[] = toolbar_item_link(
htmlspecialchars($url) . $locale,
'',
'<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name
);
}
return $items;
}
?>

56
includes/helper/message_helper.php
Unescape Escape View File

@ -2,52 +2,76 @@
/**
* Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
*
* @return string
*/
function msg() {
function msg()
{
if (!isset($_SESSION['msg'])) {
return "";
return '';
}
$msg = $_SESSION['msg'];
$_SESSION['msg'] = "";
$_SESSION['msg'] = '';
return $msg;
}
/**
* Rendert eine Information
*
* @param string $msg
* @param bool $immediately
* @return string
*/
function info($msg, $immediatly = false) {
return alert('info', $msg, $immediatly);
function info($msg, $immediately = false)
{
return alert('info', $msg, $immediately);
}
/**
* Rendert eine Fehlermeldung
*
* @param string $msg
* @param bool $immediately
* @return string
*/
function error($msg, $immediatly = false) {
return alert('danger', $msg, $immediatly);
function error($msg, $immediately = false)
{
return alert('danger', $msg, $immediately);
}
/**
* Rendert eine Erfolgsmeldung
*
* @param string $msg
* @param bool $immediately
* @return string
*/
function success($msg, $immediatly = false) {
return alert('success', $msg, $immediatly);
function success($msg, $immediately = false)
{
return alert('success', $msg, $immediately);
}
/**
* Renders an alert with given alert-* class.
*
* @param string $class
* @param string $msg
* @param bool $immediately
* @return string|null
*/
function alert($class, $msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "") {
return "";
function alert($class, $msg, $immediately = false)
{
if ($immediately) {
if ($msg == '') {
return '';
}
return '<div class="alert alert-' . $class . '">' . $msg . '</div>';
}
if (!isset($_SESSION['msg'])) {
$_SESSION['msg'] = "";
$_SESSION['msg'] = '';
}
$_SESSION['msg'] .= alert($class, $msg, true);
}
?>
return null;
}

149
includes/mailer/shifts_mailer.php
Unescape Escape View File

@ -1,104 +1,129 @@
<?php
function mail_shift_change($old_shift, $new_shift) {
$users = ShiftEntries_by_shift($old_shift["SID"]);
$old_room = Room($old_shift["RID"]);
$new_room = Room($new_shift["RID"]);
$noticable_changes = false;
$message = _("A Shift you are registered on has changed:");
/**
* @param array $old_shift
* @param array $new_shift
*/
function mail_shift_change($old_shift, $new_shift)
{
$users = ShiftEntries_by_shift($old_shift['SID']);
$old_room = Room($old_shift['RID']);
$new_room = Room($new_shift['RID']);
$noticeable_changes = false;
$message = _('A Shift you are registered on has changed:');
$message .= "\n";
if ($old_shift["name"] != $new_shift["name"]) {
$message .= sprintf(_("* Shift type changed from %s to %s"), $old_shift["name"], $new_shift["name"]) . "\n";
$noticable_changes = true;
if ($old_shift['name'] != $new_shift['name']) {
$message .= sprintf(_('* Shift type changed from %s to %s'), $old_shift['name'], $new_shift['name']) . "\n";
$noticeable_changes = true;
}
if ($old_shift["title"] != $new_shift["title"]) {
$message .= sprintf(_("* Shift title changed from %s to %s"), $old_shift["title"], $new_shift["title"]) . "\n";
$noticable_changes = true;
if ($old_shift['title'] != $new_shift['title']) {
$message .= sprintf(_('* Shift title changed from %s to %s'), $old_shift['title'], $new_shift['title']) . "\n";
$noticeable_changes = true;
}
if ($old_shift["start"] != $new_shift["start"]) {
$message .= sprintf(_("* Shift Start changed from %s to %s"), date("Y-m-d H:i", $old_shift["start"]), date("Y-m-d H:i", $new_shift["start"])) . "\n";
$noticable_changes = true;
if ($old_shift['start'] != $new_shift['start']) {
$message .= sprintf(
_('* Shift Start changed from %s to %s'),
date('Y-m-d H:i', $old_shift['start']),
date('Y-m-d H:i', $new_shift['start'])
) . "\n";
$noticeable_changes = true;
}
if ($old_shift["end"] != $new_shift["end"]) {
$message .= sprintf(_("* Shift End changed from %s to %s"), date("Y-m-d H:i", $old_shift["end"]), date("Y-m-d H:i", $new_shift["end"])) . "\n";
$noticable_changes = true;
if ($old_shift['end'] != $new_shift['end']) {
$message .= sprintf(
_('* Shift End changed from %s to %s'),
date('Y-m-d H:i', $old_shift['end']),
date('Y-m-d H:i', $new_shift['end'])
) . "\n";
$noticeable_changes = true;
}
if ($old_shift["RID"] != $new_shift["RID"]) {
$message .= sprintf(_("* Shift Location changed from %s to %s"), $old_room["Name"], $new_room["Name"]) . "\n";
$noticable_changes = true;
if ($old_shift['RID'] != $new_shift['RID']) {
$message .= sprintf(_('* Shift Location changed from %s to %s'), $old_room['Name'], $new_room['Name']) . "\n";
$noticeable_changes = true;
}
if (! $noticable_changes) {
if (!$noticeable_changes) {
// There are no changes worth sending an E-Mail
return;
}
$message .= "\n";
$message .= _("The updated Shift:") . "\n";
$message .= _('The updated Shift:') . "\n";
$message .= $new_shift["name"] . "\n";
$message .= $new_shift["title"] . "\n";
$message .= date("Y-m-d H:i", $new_shift["start"]) . " - " . date("H:i", $new_shift["end"]) . "\n";
$message .= $new_room["Name"] . "\n";
$message .= $new_shift['name'] . "\n";
$message .= $new_shift['title'] . "\n";
$message .= date('Y-m-d H:i', $new_shift['start']) . ' - ' . date('H:i', $new_shift['end']) . "\n";
$message .= $new_room['Name'] . "\n";
foreach ($users as $user) {
if ($user["email_shiftinfo"]) {
engelsystem_email_to_user($user, '[engelsystem] ' . _("Your Shift has changed"), $message, true);
if ($user['email_shiftinfo']) {
engelsystem_email_to_user($user, '[engelsystem] ' . _('Your Shift has changed'), $message, true);
}
}
}
function mail_shift_delete($shift) {
$users = ShiftEntries_by_shift($shift["SID"]);
$room = Room($shift["RID"]);
/**
* @param array $shift
*/
function mail_shift_delete($shift)
{
$users = ShiftEntries_by_shift($shift['SID']);
$room = Room($shift['RID']);
$message = _("A Shift you are registered on was deleted:") . "\n";
$message = _('A Shift you are registered on was deleted:') . "\n";
$message .= $shift["name"] . "\n";
$message .= $shift["title"] . "\n";
$message .= date("Y-m-d H:i", $shift["start"]) . " - " . date("H:i", $shift["end"]) . "\n";
$message .= $room["Name"] . "\n";
$message .= $shift['name'] . "\n";
$message .= $shift['title'] . "\n";
$message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
$message .= $room['Name'] . "\n";
foreach ($users as $user) {
if ($user["email_shiftinfo"]) {
engelsystem_email_to_user($user, '[engelsystem] ' . _("Your Shift was deleted"), $message, true);
if ($user['email_shiftinfo']) {
engelsystem_email_to_user($user, '[engelsystem] ' . _('Your Shift was deleted'), $message, true);
}
}
}
/**
* @param array $user
* @param array $shift
*/
function mail_shift_assign($user, $shift)
{
if (!$user['email_shiftinfo']) {
return;
}
function mail_shift_assign($user, $shift) {
if ($user["email_shiftinfo"]) {
$room = Room($shift["RID"]);
$room = Room($shift['RID']);
$message = _("You have been assigned to a Shift:") . "\n";
$message .= $shift["name"] . "\n";
$message .= $shift["title"] . "\n";
$message .= date("Y-m-d H:i", $shift["start"]) . " - " . date("H:i", $shift["end"]) . "\n";
$message .= $room["Name"] . "\n";
$message = _('You have been assigned to a Shift:') . "\n";
$message .= $shift['name'] . "\n";
$message .= $shift['title'] . "\n";
$message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
$message .= $room['Name'] . "\n";
engelsystem_email_to_user($user, '[engelsystem] ' . _("Assigned to Shift"), $message, true);
engelsystem_email_to_user($user, '[engelsystem] ' . _('Assigned to Shift'), $message, true);
}
function mail_shift_removed($user, $shift)
{
if (!$user['email_shiftinfo']) {
return;
}
function mail_shift_removed($user, $shift) {
if ($user["email_shiftinfo"]) {
$room = Room($shift["RID"]);
$room = Room($shift['RID']);
$message = _("You have been removed from a Shift:") . "\n";
$message .= $shift["name"] . "\n";
$message .= $shift["title"] . "\n";
$message .= date("Y-m-d H:i", $shift["start"]) . " - " . date("H:i", $shift["end"]) . "\n";
$message .= $room["Name"] . "\n";
$message = _('You have been removed from a Shift:') . "\n";
$message .= $shift['name'] . "\n";
$message .= $shift['title'] . "\n";
$message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
$message .= $room['Name'] . "\n";
engelsystem_email_to_user($user, '[engelsystem] ' . _("Removed from Shift"), $message, true);
engelsystem_email_to_user($user, '[engelsystem] ' . _('Removed from Shift'), $message, true);
}
}
?>

13
includes/mailer/users_mailer.php
Unescape Escape View File

@ -1,9 +1,14 @@
<?php
/**
* @param User $user_source
* @param array $user
* @return bool
*/
function mail_user_delete($user) {
engelsystem_email_to_user($user, '[engelsystem] ' . _("Your account has been deleted"), _("Your angelsystem account has been deleted. If you have any questions regarding your account deletion, please contact heaven."));
function mail_user_delete($user)
{
return engelsystem_email_to_user(
$user,
'[engelsystem] ' . _('Your account has been deleted'),
_('Your angelsystem account has been deleted. If you have any questions regarding your account deletion, please contact heaven.')
);
}
?>

258
includes/model/AngelType_model.php
Unescape Escape View File

@ -1,14 +1,17 @@
<?php
use Engelsystem\Database\DB;
use Engelsystem\ValidationResult;
/**
* Returns an array containing the basic attributes of angeltypes.
* FIXME! This is the big sign for needing entity objects
*/
function AngelType_new() {
function AngelType_new()
{
return [
'id' => null,
'name' => "",
'name' => '',
'restricted' => false,
'no_self_signup' => false,
'description' => '',
@ -23,11 +26,11 @@ function AngelType_new() {
/**
* Validates the contact user
*
* @param Angeltype $angeltype
* The angeltype
* @param array $angeltype The angeltype
* @return ValidationResult
*/
function AngelType_validate_contact_user_id($angeltype) {
function AngelType_validate_contact_user_id($angeltype)
{
if (!isset($angeltype['contact_user_id'])) {
return new ValidationResult(true, null);
}
@ -43,10 +46,11 @@ function AngelType_validate_contact_user_id($angeltype) {
/**
* Returns contact data (name, dect, email) for given angeltype or null
*
* @param Angeltype $angeltype
* The angeltype
* @param array $angeltype The angeltype
* @return array|null
*/
function AngelType_contact_info($angeltype) {
function AngelType_contact_info($angeltype)
{
if (isset($angeltype['contact_user_id'])) {
$contact_user = User($angeltype['contact_user_id']);
$contact_data = [
@ -65,76 +69,117 @@ function AngelType_contact_info($angeltype) {
'contact_email' => $angeltype['contact_email']
];
}
return null;
}
/**
* Delete an Angeltype.
*
* @param Angeltype $angeltype
* @param array $angeltype
* @return bool
*/
function AngelType_delete($angeltype) {
$result = sql_query("
function AngelType_delete($angeltype)
{
$result = DB::delete('
DELETE FROM `AngelTypes`
WHERE `id`='" . sql_escape($angeltype['id']) . "'
LIMIT 1");
if ($result === false) {
engelsystem_error("Unable to delete angeltype.");
WHERE `id`=?
LIMIT 1
', [$angeltype['id']]);
if (is_null($result)) {
engelsystem_error('Unable to delete angeltype.');
}
engelsystem_log("Deleted angeltype: " . AngelType_name_render($angeltype));
return $result;
engelsystem_log('Deleted angeltype: ' . AngelType_name_render($angeltype));
return true;
}
/**
* Update Angeltype.
*
* @param Angeltype $angeltype
* The angeltype
* @param array $angeltype The angeltype
* @return bool
*/
function AngelType_update($angeltype) {
$result = sql_query("
function AngelType_update($angeltype)
{
$result = DB::update('
UPDATE `AngelTypes` SET
`name`='" . sql_escape($angeltype['name']) . "',
`restricted`=" . sql_bool($angeltype['restricted']) . ",
`description`='" . sql_escape($angeltype['description']) . "',
`requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ",
`no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . ",
`contact_user_id`=" . sql_null($angeltype['contact_user_id']) . ",
`contact_name`=" . sql_null($angeltype['contact_name']) . ",
`contact_dect`=" . sql_null($angeltype['contact_dect']) . ",
`contact_email`=" . sql_null($angeltype['contact_email']) . "
WHERE `id`='" . sql_escape($angeltype['id']) . "'");
if ($result === false) {
engelsystem_error("Unable to update angeltype.");
}
engelsystem_log("Updated angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['no_self_signup'] ? ", no_self_signup" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : ""));
return $result;
`name` = ?,
`restricted` = ?,
`description` = ?,
`requires_driver_license` = ?,
`no_self_signup` = ?,
`contact_user_id` = ?,
`contact_name` = ?,
`contact_dect` = ?,
`contact_email` = ?
WHERE `id` = ?',
[
$angeltype['name'],
$angeltype['restricted'],
$angeltype['description'],
$angeltype['requires_driver_license'],
$angeltype['no_self_signup'],
$angeltype['contact_user_id'],
$angeltype['contact_name'],
$angeltype['contact_dect'],
$angeltype['contact_email'],
$angeltype['id'],
]
);
if (is_null($result)) {
engelsystem_error('Unable to update angeltype.');
}
engelsystem_log(
'Updated angeltype: ' . $angeltype['name'] . ($angeltype['restricted'] ? ', restricted' : '')
. ($angeltype['no_self_signup'] ? ', no_self_signup' : '')
. ($angeltype['requires_driver_license'] ? ', requires driver license' : '')
);
return true;
}
/**
* Create an Angeltype.
*
* @param Angeltype $angeltype
* The angeltype
* @return the created angeltype
* @param array $angeltype The angeltype
* @return array the created angeltype
*/
function AngelType_create($angeltype) {
$result = sql_query("
INSERT INTO `AngelTypes` SET
`name`='" . sql_escape($angeltype['name']) . "',
`restricted`=" . sql_bool($angeltype['restricted']) . ",
`description`='" . sql_escape($angeltype['description']) . "',
`requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ",
`no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . ",
`contact_user_id`=" . sql_null($angeltype['contact_user_id']) . ",
`contact_name`=" . sql_null($angeltype['contact_name']) . ",
`contact_dect`=" . sql_null($angeltype['contact_dect']) . ",
`contact_email`=" . sql_null($angeltype['contact_email']));
if ($result === false) {
engelsystem_error("Unable to create angeltype.");
}
$angeltype['id'] = sql_id();
engelsystem_log("Created angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : ""));
function AngelType_create($angeltype)
{
$result = DB::insert('
INSERT INTO `AngelTypes` (
`name`,
`restricted`,
`description`,
`requires_driver_license`,
`no_self_signup`,
`contact_user_id`,
`contact_name`,
`contact_dect`,
`contact_email`
)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
',
[
$angeltype['name'],
(bool)$angeltype['restricted'],
$angeltype['description'],
(bool)$angeltype['requires_driver_license'],
(bool)$angeltype['no_self_signup'],
$angeltype['contact_user_id'],
$angeltype['contact_name'],
$angeltype['contact_dect'],
$angeltype['contact_email'],
]
);
if (is_null($result)) {
engelsystem_error('Unable to create angeltype.');
}
$angeltype['id'] = DB::getPdo()->lastInsertId();
engelsystem_log(
'Created angeltype: ' . $angeltype['name']
. ($angeltype['restricted'] ? ', restricted' : '')
. ($angeltype['requires_driver_license'] ? ', requires driver license' : '')
);
return $angeltype;
}
@ -142,76 +187,88 @@ function AngelType_create($angeltype) {
* Validates a name for angeltypes.
* Returns ValidationResult containing validation success and validated name.
*
* @param string $name
* Wanted name for the angeltype
* @param AngelType $angeltype
* The angeltype the name is for
* @param string $name Wanted name for the angeltype
* @param array $angeltype The angeltype the name is for
*
* @return ValidationResult result and validated name
*/
function AngelType_validate_name($name, $angeltype) {
function AngelType_validate_name($name, $angeltype)
{
$name = strip_item($name);
if ($name == "") {
return new ValidationResult(false, "");
if ($name == '') {
return new ValidationResult(false, '');
}
if ($angeltype != null && isset($angeltype['id'])) {
$valid = sql_num_query("
SELECT *
$valid = (count(DB::select('
SELECT `id`
FROM `AngelTypes`
WHERE `name`='" . sql_escape($name) . "'
AND NOT `id`='" . sql_escape($angeltype['id']) . "'
LIMIT 1") == 0;
WHERE `name`=?
AND NOT `id`=?
LIMIT 1
', [$name, $angeltype['id']])) == 0);
return new ValidationResult($valid, $name);
}
$valid = sql_num_query("
$valid = (count(DB::select('
SELECT `id`
FROM `AngelTypes`
WHERE `name`='" . sql_escape($name) . "'
LIMIT 1") == 0;
WHERE `name`=?
LIMIT 1', [$name])) == 0);
return new ValidationResult($valid, $name);
}
/**
* Returns all angeltypes and subscription state to each of them for given user.
*
* @param User $user
* @param array $user
* @return array
*/
function AngelTypes_with_user($user) {
$result = sql_select("
function AngelTypes_with_user($user)
{
$result = DB::select('
SELECT `AngelTypes`.*,
`UserAngelTypes`.`id` as `user_angeltype_id`,
`UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`
FROM `AngelTypes`
LEFT JOIN `UserAngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id`
AND `UserAngelTypes`.`user_id`=" . $user['UID'] . "
ORDER BY `name`");
if ($result === false) {
engelsystem_error("Unable to load angeltypes.");
AND `UserAngelTypes`.`user_id` = ?
ORDER BY `name`', [$user['UID']]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load angeltypes.');
}
return $result;
}
/**
* Returns all angeltypes.
*
* @return array
*/
function AngelTypes() {
$result = sql_select("
function AngelTypes()
{
$result = DB::select('
SELECT *
FROM `AngelTypes`
ORDER BY `name`");
if ($result === false) {
engelsystem_error("Unable to load angeltypes.");
ORDER BY `name`');
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load angeltypes.');
}
return $result;
}
/**
* Returns AngelType id array
*
* @return array
*/
function AngelType_ids() {
$result = sql_select("SELECT `id` FROM `AngelTypes`");
if ($result === false) {
engelsystem_error("Unable to load angeltypes.");
function AngelType_ids()
{
$result = DB::select('SELECT `id` FROM `AngelTypes`');
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load angeltypes.');
}
return select_array($result, 'id', 'id');
}
@ -219,18 +276,23 @@ function AngelType_ids() {
/**
* Returns angelType by id.
*
* @param $angeltype_id angelType
* ID
* @param int $angeltype_id angelType ID
* @return array|null
*/
function AngelType($angeltype_id) {
$angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "'");
if ($angelType_source === false) {
engelsystem_error("Unable to load angeltype.");
}
if (count($angelType_source) > 0) {
return $angelType_source[0];
function AngelType($angeltype_id)
{
$angelType_source = DB::select(
'SELECT * FROM `AngelTypes` WHERE `id`=?',
[$angeltype_id]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load angeltype.');
}
if (empty($angelType_source)) {
return null;
}
?>
return array_shift($angelType_source);
}

87
includes/model/EventConfig_model.php
Unescape Escape View File

@ -1,20 +1,27 @@
<?php
use Engelsystem\Database\DB;
/**
* Get event config.
*
* @return array|null
*/
function EventConfig() {
$event_config = sql_select("SELECT * FROM `EventConfig` LIMIT 1");
if ($event_config === false) {
engelsystem_error("Unable to load event config.");
return false;
}
if (count($event_config) > 0) {
return $event_config[0];
function EventConfig()
{
$event_config = DB::select('SELECT * FROM `EventConfig` LIMIT 1');
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load event config.');
return null;
}
if (empty($event_config)) {
return null;
}
return array_shift($event_config);
}
/**
* Update event config.
*
@ -24,23 +31,55 @@ function EventConfig() {
* @param int $event_end_date
* @param int $teardown_end_date
* @param string $event_welcome_msg
* @return bool
*/
function EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg) {
function EventConfig_update(
$event_name,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date,
$event_welcome_msg
) {
if (EventConfig() == null) {
return sql_query("INSERT INTO `EventConfig` SET
`event_name`=" . sql_null($event_name) . ",
`buildup_start_date`=" . sql_null($buildup_start_date) . ",
`event_start_date`=" . sql_null($event_start_date) . ",
`event_end_date`=" . sql_null($event_end_date) . ",
`teardown_end_date`=" . sql_null($teardown_end_date) . ",
`event_welcome_msg`=" . sql_null($event_welcome_msg));
return DB::insert('
INSERT INTO `EventConfig` (
`event_name`,
`buildup_start_date`,
`event_start_date`,
`event_end_date`,
`teardown_end_date`,
`event_welcome_msg`
)
VALUES (?, ?, ?, ?, ?, ?)
',
[
$event_name,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date,
$event_welcome_msg
]
);
}
return sql_query("UPDATE `EventConfig` SET
`event_name`=" . sql_null($event_name) . ",
`buildup_start_date`=" . sql_null($buildup_start_date) . ",
`event_start_date`=" . sql_null($event_start_date) . ",
`event_end_date`=" . sql_null($event_end_date) . ",
`teardown_end_date`=" . sql_null($teardown_end_date) . ",
`event_welcome_msg`=" . sql_null($event_welcome_msg));
return (bool)DB::update('
UPDATE `EventConfig` SET
`event_name` = ?,
`buildup_start_date` = ?,
`event_start_date` = ?,
`event_end_date` = ?,
`teardown_end_date` = ?,
`event_welcome_msg` = ?
',
[
$event_name,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date,
$event_welcome_msg,
]
);
}
?>

52
includes/model/LogEntries_model.php
Unescape Escape View File

@ -1,38 +1,62 @@
<?php
use Engelsystem\Database\DB;
/**
* Creates a log entry.
*
* @param $nick Username
* @param $message Log
* Message
* @param string $nick Username
* @param string $message Log Message
* @return bool
*/
function LogEntry_create($nick, $message) {
return sql_query("INSERT INTO `LogEntries` SET `timestamp`='" . sql_escape(time()) . "', `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
function LogEntry_create($nick, $message)
{
return DB::insert('
INSERT INTO `LogEntries` (`timestamp`, `nick`, `message`)
VALUES(?, ?, ?)
', [time(), $nick, $message]);
}
/**
* Returns log entries with maximum count of 10000.
*
* @return array
*/
function LogEntries() {
return sql_select("SELECT * FROM `LogEntries` ORDER BY `timestamp` DESC LIMIT 10000");
function LogEntries()
{
return DB::select('SELECT * FROM `LogEntries` ORDER BY `timestamp` DESC LIMIT 10000');
}
/**
* Returns log entries filtered by a keyword
*
* @param string $keyword
* @return array
*/
function LogEntries_filter($keyword) {
if ($keyword == "") {
function LogEntries_filter($keyword)
{
if ($keyword == '') {
return LogEntries();
}
return sql_select("SELECT * FROM `LogEntries` WHERE `nick` LIKE '%" . sql_escape($keyword) . "%' OR `message` LIKE '%" . sql_escape($keyword) . "%' ORDER BY `timestamp` DESC");
$keyword = '%' . $keyword . '%';
return DB::select('
SELECT *
FROM `LogEntries`
WHERE `nick` LIKE ?
OR `message` LIKE ?
ORDER BY `timestamp` DESC
',
[$keyword, $keyword]
);
}
/**
* Delete all log entries.
*
* @return bool
*/
function LogEntries_clear_all() {
return sql_query("TRUNCATE `LogEntries`");
function LogEntries_clear_all()
{
return DB::statement('TRUNCATE `LogEntries`');
}
?>

65
includes/model/Message_model.php
Unescape Escape View File

@ -1,51 +1,70 @@
<?php
use Engelsystem\Database\DB;
/**
* Returns Message id array
*
* @return array
*/
function Message_ids() {
return sql_select("SELECT `id` FROM `Messages`");
function Message_ids()
{
return DB::select('SELECT `id` FROM `Messages`');
}
/**
* Returns message by id.
*
* @param $message_id message
* ID
* @param int $message_id message ID
* @return array|null
*/
function Message($message_id) {
$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
if ($message_source === false) {
return false;
}
if (count($message_source) > 0) {
return $message_source[0];
}
function Message($message_id)
{
$message_source = DB::select('SELECT * FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]);
if (empty($message_source)) {
return null;
}
return array_shift($message_source);
}
/**
* TODO: use validation functions, return new message id
* TODO: global $user con not be used in model!
* send message
*
* @param $receiver_user_id User
* ID of Reciever
* @param $text Text
* of Message
* @param int $receiver_user_id User ID of Reciever
* @param string $text Text of Message
* @return bool
*/
function Message_send($receiver_user_id, $text) {
function Message_send($receiver_user_id, $text)
{
global $user;
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$receiver_user_id = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($receiver_user_id));
$receiver_user_id = preg_replace('/([^\d]{1,})/ui', '', strip_tags($receiver_user_id));
if (($text != "" && is_numeric($receiver_user_id)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($receiver_user_id) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($receiver_user_id) . "', `Text`='" . sql_escape($text) . "'");
return true;
if (
($text != '' && is_numeric($receiver_user_id))
&& count(DB::select('
SELECT `UID`
FROM `User`
WHERE `UID` = ?
AND NOT `UID` = ?
LIMIT 1
', [$receiver_user_id, $user['UID']])) > 0
) {
return DB::insert('
INSERT INTO `Messages` (`Datum`, `SUID`, `RUID`, `Text`)
VALUES(?, ?, ?, ?)
',
[
time(),
$user['UID'],
$receiver_user_id,
$text
]
);
}
return false;
}
?>

90
includes/model/NeededAngelTypes_model.php
Unescape Escape View File

@ -1,5 +1,7 @@
<?php
use Engelsystem\Database\DB;
/**
* Entity needed angeltypes describes how many angels of given type are needed for a shift or in a room.
*/
@ -7,80 +9,90 @@
/**
* Insert a new needed angel type.
*
* @param int $shift_id
* The shift. Can be null, but then a room_id must be given.
* @param int $angeltype_id
* The angeltype
* @param int $room_id
* The room. Can be null, but then a shift_id must be given.
* @param int $count
* How many angels are needed?
* @param int $shift_id The shift. Can be null, but then a room_id must be given.
* @param int $angeltype_id The angeltype
* @param int $room_id The room. Can be null, but then a shift_id must be given.
* @param int $count How many angels are needed?
* @return int|false
*/
function NeededAngelType_add($shift_id, $angeltype_id, $room_id, $count) {
$result = sql_query("
INSERT INTO `NeededAngelTypes` SET
`shift_id`=" . sql_null($shift_id) . ",
`angel_type_id`='" . sql_escape($angeltype_id) . "',
`room_id`=" . sql_null($room_id) . ",
`count`='" . sql_escape($count) . "'");
function NeededAngelType_add($shift_id, $angeltype_id, $room_id, $count)
{
$result = DB::insert('
INSERT INTO `NeededAngelTypes` ( `shift_id`, `angel_type_id`, `room_id`, `count`)
VALUES (?, ?, ?, ?)
',
[
$shift_id,
$angeltype_id,
$room_id,
$count,
]);
if ($result === false) {
return false;
}
return sql_id();
return DB::getPdo()->lastInsertId();
}
/**
* Deletes all needed angel types from given shift.
*
* @param int $shift_id
* id of the shift
* @param int $shift_id id of the shift
* @return int count of affected rows
*/
function NeededAngelTypes_delete_by_shift($shift_id) {
return sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'");
function NeededAngelTypes_delete_by_shift($shift_id)
{
return (int)DB::delete('DELETE FROM `NeededAngelTypes` WHERE `shift_id` = ?', [$shift_id]);
}
/**
* Deletes all needed angel types from given room.
*
* @param int $room_id
* id of the room
* @param int $room_id id of the room
* @return int count of affected rows
*/
function NeededAngelTypes_delete_by_room($room_id) {
return sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
function NeededAngelTypes_delete_by_room($room_id)
{
return (int)DB::delete(
'DELETE FROM `NeededAngelTypes` WHERE `room_id` = ?',
[$room_id]
);
}
/**
* Returns all needed angeltypes and already taken needs.
*
* @param int $shiftID
* id of shift
* @param int $shiftId id of shift
* @return array
*/
function NeededAngelTypes_by_shift($shiftId) {
$needed_angeltypes_source = sql_select("
function NeededAngelTypes_by_shift($shiftId)
{
$needed_angeltypes_source = DB::select('
SELECT `NeededAngelTypes`.*, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
WHERE `shift_id`='" . sql_escape($shiftId) . "'
WHERE `shift_id` = ?
AND `count` > 0
ORDER BY `room_id` DESC
");
if ($needed_angeltypes_source === false) {
engelsystem_error("Unable to load needed angeltypes.");
ORDER BY `room_id` DESC',
[$shiftId]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load needed angeltypes.');
}
// Use settings from room
if (count($needed_angeltypes_source) == 0) {
$needed_angeltypes_source = sql_select("
$needed_angeltypes_source = DB::select('
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
JOIN `Shifts` ON `Shifts`.`RID` = `NeededAngelTypes`.`room_id`
WHERE `Shifts`.`SID`='" . sql_escape($shiftId) . "'
WHERE `Shifts`.`SID` = ?
AND `count` > 0
ORDER BY `room_id` DESC
");
if ($needed_angeltypes_source === false) {
engelsystem_error("Unable to load needed angeltypes.");
', [$shiftId]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load needed angeltypes.');
}
}
@ -101,5 +113,3 @@ function NeededAngelTypes_by_shift($shiftId) {
return $needed_angeltypes;
}
?>

76
includes/model/Room_model.php
Unescape Escape View File

@ -1,60 +1,82 @@
<?php
use Engelsystem\Database\DB;
/**
* returns a list of rooms.
*
* @param boolean $show_all returns also hidden rooms when true
* @return array
*/
function Rooms($show_all = false) {
return sql_select("SELECT * FROM `Room`" . ($show_all ? "" : " WHERE `show`='Y'") . " ORDER BY `Name`");
function Rooms($show_all = false)
{
return DB::select('SELECT * FROM `Room`' . ($show_all ? '' : ' WHERE `show`=\'Y\'') . ' ORDER BY `Name`');
}
/**
* Delete a room
*
* @param int $room_id
* @return bool
*/
function Room_delete($room_id) {
return sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($room_id));
function Room_delete($room_id)
{
return DB::delete('DELETE FROM `Room` WHERE `RID` = ?', [$room_id]);
}
/**
* Create a new room
*
* @param string $name
* Name of the room
* @param boolean $from_frab
* Is this a frab imported room?
* @param boolean $public
* Is the room visible for angels?
* @param string $name Name of the room
* @param boolean $from_frab Is this a frab imported room?
* @param boolean $public Is the room visible for angels?
* @param int $number Room number
* @return false|int
*/
function Room_create($name, $from_frab, $public) {
$result = sql_query("
INSERT INTO `Room` SET
`Name`='" . sql_escape($name) . "',
`FromPentabarf`='" . sql_escape($from_frab ? 'Y' : '') . "',
`show`='" . sql_escape($public ? 'Y' : '') . "',
`Number`=0");
if ($result === false) {
function Room_create($name, $from_frab, $public, $number = null)
{
$result = DB::insert('
INSERT INTO `Room` (`Name`, `FromPentabarf`, `show`, `Number`)
VALUES (?, ?, ?, ?)
',
[
$name,
$from_frab ? 'Y' : '',
$public ? 'Y' : '',
(int)$number,
]
);
if (!$result) {
return false;
}
return sql_id();
return DB::getPdo()->lastInsertId();
}
/**
* Returns room by id.
*
* @param $room_id RID
* @param int $room_id RID
* @param bool $show_only
* @return array|false
*/
function Room($room_id) {
$room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($room_id) . "'");
function Room($room_id, $show_only = true)
{
$room_source = DB::select('
SELECT *
FROM `Room`
WHERE `RID` = ?
' . ($show_only ? 'AND `show` = \'Y\'' : ''),
[$room_id]
);
if ($room_source === false) {
if (DB::getStm()->errorCode() != '00000') {
return false;
}
if (count($room_source) > 0) {
return $room_source[0];
}
if (empty($room_source)) {
return null;
}
?>
return array_shift($room_source);
}

203
includes/model/ShiftEntry_model.php
Unescape Escape View File

@ -1,10 +1,15 @@
<?php
use Engelsystem\Database\DB;
/**
* Returns an array with the attributes of shift entries.
* FIXME! Needs entity object.
*
* @return array
*/
function ShiftEntry_new() {
function ShiftEntry_new()
{
return [
'id' => null,
'SID' => null,
@ -18,59 +23,120 @@ function ShiftEntry_new() {
/**
* Counts all freeloaded shifts.
*
* @return int
*/
function ShiftEntries_freeleaded_count() {
return sql_select_single_cell("SELECT COUNT(*) FROM `ShiftEntry` WHERE `freeloaded` = 1");
function ShiftEntries_freeleaded_count()
{
$result = DB::select('SELECT COUNT(*) FROM `ShiftEntry` WHERE `freeloaded` = 1');
$result = array_shift($result);
if (!is_array($result)) {
return 0;
}
return (int)array_shift($result);
}
/**
* List users subsribed to a given shift.
*
* @param int $shift_id
* @return array
*/
function ShiftEntries_by_shift($shift_id) {
return sql_select("
SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `AngelTypes`.`name` as `angel_type_name`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
function ShiftEntries_by_shift($shift_id)
{
return DB::select('
SELECT
`User`.`Nick`,
`User`.`email`,
`User`.`email_shiftinfo`,
`User`.`Sprache`,
`User`.`Gekommen`,
`ShiftEntry`.`UID`,
`ShiftEntry`.`TID`,
`ShiftEntry`.`SID`,
`AngelTypes`.`name` AS `angel_type_name`,
`ShiftEntry`.`Comment`,
`ShiftEntry`.`freeloaded`
FROM `ShiftEntry`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
WHERE `ShiftEntry`.`SID`='" . sql_escape($shift_id) . "'");
WHERE `ShiftEntry`.`SID` = ?',
[$shift_id]
);
}
/**
* Create a new shift entry.
*
* @param ShiftEntry $shift_entry
* @param array $shift_entry
* @return bool
*/
function ShiftEntry_create($shift_entry) {
function ShiftEntry_create($shift_entry)
{
mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID']));
return sql_query("INSERT INTO `ShiftEntry` SET
`SID`='" . sql_escape($shift_entry['SID']) . "',
`TID`='" . sql_escape($shift_entry['TID']) . "',
`UID`='" . sql_escape($shift_entry['UID']) . "',
`Comment`='" . sql_escape($shift_entry['Comment']) . "',
`freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
`freeloaded`=" . sql_bool($shift_entry['freeloaded']));
return DB::insert('
INSERT INTO `ShiftEntry` (
`SID`,
`TID`,
`UID`,
`Comment`,
`freeload_comment`,
`freeloaded`
)
VALUES(?, ?, ?, ?, ?, ?)
',
[
$shift_entry['SID'],
$shift_entry['TID'],
$shift_entry['UID'],
$shift_entry['Comment'],
$shift_entry['freeload_comment'],
$shift_entry['freeloaded'],
]
);
}
/**
* Update a shift entry.
*
* @param array $shift_entry
* @return bool
*/
function ShiftEntry_update($shift_entry) {
return sql_query("UPDATE `ShiftEntry` SET
`Comment`='" . sql_escape($shift_entry['Comment']) . "',
`freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
`freeloaded`=" . sql_bool($shift_entry['freeloaded']) . "
WHERE `id`='" . sql_escape($shift_entry['id']) . "'");
function ShiftEntry_update($shift_entry)
{
DB::update('
UPDATE `ShiftEntry`
SET
`Comment` = ?,
`freeload_comment` = ?,
`freeloaded` = ?
WHERE `id` = ?',
[
$shift_entry['Comment'],
$shift_entry['freeload_comment'],
$shift_entry['freeloaded'],
$shift_entry['id']
]
);
return (DB::getStm()->errorCode() == '00000');
}
/**
* Get a shift entry.
*
* @param int $shift_entry_id
* @return array|false|null
*/
function ShiftEntry($shift_entry_id) {
$shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
if ($shift_entry === false) {
function ShiftEntry($shift_entry_id)
{
$shift_entry = DB::select('SELECT * FROM `ShiftEntry` WHERE `id` = ?', [$shift_entry_id]);
if (DB::getStm()->errorCode() != '00000') {
return false;
}
if (count($shift_entry) == 0) {
if (empty($shift_entry)) {
return null;
}
return $shift_entry[0];
@ -78,46 +144,64 @@ function ShiftEntry($shift_entry_id) {
/**
* Delete a shift entry.
*
* @param int $shift_entry_id
* @return bool
*/
function ShiftEntry_delete($shift_entry_id) {
function ShiftEntry_delete($shift_entry_id)
{
$shift_entry = ShiftEntry($shift_entry_id);
mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID']));
return sql_query("DELETE FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
return DB::delete('DELETE FROM `ShiftEntry` WHERE `id` = ?', [$shift_entry_id]);
}
/**
* Returns next (or current) shifts of given user.
*
* @param User $user
* @param array $user
* @return array
*/
function ShiftEntries_upcoming_for_user($user) {
return sql_select("
function ShiftEntries_upcoming_for_user($user)
{
return DB::select('
SELECT *
FROM `ShiftEntry`
JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
WHERE `ShiftEntry`.`UID`=" . sql_escape($user['UID']) . "
AND `Shifts`.`end` > " . sql_escape(time()) . "
WHERE `ShiftEntry`.`UID` = ?
AND `Shifts`.`end` > ?
ORDER BY `Shifts`.`end`
");
',
[
$user['UID'],
time(),
]
);
}
/**
* Returns shifts completed by the given user.
*
* @param User $user
* @param array $user
* @return array
*/
function ShiftEntries_finished_by_user($user) {
return sql_select("
function ShiftEntries_finished_by_user($user)
{
return DB::select('
SELECT *
FROM `ShiftEntry`
JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
WHERE `ShiftEntry`.`UID`=" . sql_escape($user['UID']) . "
AND `Shifts`.`end` < " . sql_escape(time()) . "
WHERE `ShiftEntry`.`UID` = ?
AND `Shifts`.`end` < ?
AND `ShiftEntry`.`freeloaded` = 0
ORDER BY `Shifts`.`end`
");
',
[
$user['UID'],
time(),
]
);
}
/**
@ -125,28 +209,43 @@ function ShiftEntries_finished_by_user($user) {
*
* @param int $shift_id
* @param int $angeltype_id
* @return array
*/
function ShiftEntries_by_shift_and_angeltype($shift_id, $angeltype_id) {
$result = sql_select("
function ShiftEntries_by_shift_and_angeltype($shift_id, $angeltype_id)
{
$result = DB::select('
SELECT *
FROM `ShiftEntry`
WHERE `SID`=" . sql_escape($shift_id) . "
AND `TID`=" . sql_escape($angeltype_id) . "
");
if ($result === false) {
engelsystem_error("Unable to load shift entries.");
WHERE `SID` = ?
AND `TID` = ?
',
[
$shift_id,
$angeltype_id,
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load shift entries.');
}
return $result;
}
/**
* Returns all freeloaded shifts for given user.
*
* @param array $user
* @return array
*/
function ShiftEntries_freeloaded_by_user($user) {
return sql_select("SELECT *
function ShiftEntries_freeloaded_by_user($user)
{
return DB::select('
SELECT *
FROM `ShiftEntry`
WHERE `freeloaded` = 1
AND `UID`=" . sql_escape($user['UID']));
AND `UID` = ?
',
[
$user['UID']
]
);
}
?>

44
includes/model/ShiftSignupState.php
Unescape Escape View File

@ -6,8 +6,8 @@ namespace Engelsystem;
* BO to represent if there are free slots on a shift for a given angeltype
* and if signup for a given user is possible (or not, because of collisions, etc.)
*/
class ShiftSignupState {
class ShiftSignupState
{
/**
* Shift has free places
*/
@ -43,11 +43,20 @@ class ShiftSignupState {
*/
const SIGNED_UP = 'SIGNED_UP';
/** @var string */
private $state;
/** @var int */
private $freeEntries;
public function __construct($state, $free_entries) {
/**
* ShiftSignupState constructor.
*
* @param string $state
* @param int $free_entries
*/
public function __construct($state, $free_entries)
{
$this->state = $state;
$this->freeEntries = $free_entries;
}
@ -58,7 +67,8 @@ class ShiftSignupState {
* @param ShiftSignupState $shiftSignupState
* The other state to combine
*/
public function combineWith(ShiftSignupState $shiftSignupState) {
public function combineWith(ShiftSignupState $shiftSignupState)
{
$this->freeEntries += $shiftSignupState->getFreeEntries();
if ($this->valueForState($shiftSignupState->state) > $this->valueForState($this->state)) {
@ -66,7 +76,12 @@ class ShiftSignupState {
}
}
private function valueForState($state) {
/**
* @param string $state
* @return int
*/
private function valueForState($state)
{
switch ($state) {
case ShiftSignupState::SHIFT_ENDED:
return 100;
@ -84,13 +99,18 @@ class ShiftSignupState {
case ShiftSignupState::OCCUPIED:
case ShiftSignupState::ADMIN:
return 60;
default:
return 0;
}
}
/**
* Returns true, if signup is allowed
*
* @return bool
*/
public function isSignupAllowed() {
public function isSignupAllowed()
{
switch ($this->state) {
case ShiftSignupState::FREE:
case ShiftSignupState::ADMIN:
@ -101,17 +121,21 @@ class ShiftSignupState {
/**
* Return the shift signup state
*
* @return string
*/
public function getState() {
public function getState()
{
return $this->state;
}
/**
* How many places are free in this shift for the angeltype?
*
* @return int
*/
public function getFreeEntries() {
public function getFreeEntries()
{
return $this->freeEntries;
}
}
?>

82
includes/model/ShiftTypes_model.php
Unescape Escape View File

@ -1,11 +1,16 @@
<?php
use Engelsystem\Database\DB;
/**
* Delete a shift type.
*
* @param int $shifttype_id
* @return bool
*/
function ShiftType_delete($shifttype_id) {
return sql_query("DELETE FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
function ShiftType_delete($shifttype_id)
{
return DB::delete('DELETE FROM `ShiftTypes` WHERE `id`=?', [$shifttype_id]);
}
/**
@ -15,13 +20,26 @@ function ShiftType_delete($shifttype_id) {
* @param string $name
* @param int $angeltype_id
* @param string $description
* @return bool
*/
function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) {
return sql_query("UPDATE `ShiftTypes` SET
`name`='" . sql_escape($name) . "',
`angeltype_id`=" . sql_null($angeltype_id) . ",
`description`='" . sql_escape($description) . "'
WHERE `id`='" . sql_escape($shifttype_id) . "'");
function ShiftType_update($shifttype_id, $name, $angeltype_id, $description)
{
DB::update('
UPDATE `ShiftTypes` SET
`name`=?,
`angeltype_id`=?,
`description`=?
WHERE `id`=?
',
[
$name,
$angeltype_id,
$description,
$shifttype_id,
]
);
return DB::getStm()->errorCode() == '00000';
}
/**
@ -30,40 +48,58 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) {
* @param string $name
* @param int $angeltype_id
* @param string $description
* @return new shifttype id
* @return int|false new shifttype id
*/
function ShiftType_create($name, $angeltype_id, $description) {
$result = sql_query("INSERT INTO `ShiftTypes` SET
`name`='" . sql_escape($name) . "',
`angeltype_id`=" . sql_null($angeltype_id) . ",
`description`='" . sql_escape($description) . "'");
function ShiftType_create($name, $angeltype_id, $description)
{
$result = DB::insert('
INSERT INTO `ShiftTypes` (`name`, `angeltype_id`, `description`)
VALUES(?, ?, ?)
',
[
$name,
$angeltype_id,
$description
]
);
if ($result === false) {
return false;
}
return sql_id();
return DB::getPdo()->lastInsertId();
}
/**
* Get a shift type by id.
*
* @param int $shifttype_id
* @return array|null
*/
function ShiftType($shifttype_id) {
$shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
if ($shifttype === false) {
function ShiftType($shifttype_id)
{
$shifttype = DB::select('SELECT * FROM `ShiftTypes` WHERE `id`=?', [$shifttype_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load shift type.');
}
if ($shifttype == null) {
if (empty($shifttype)) {
return null;
}
return $shifttype[0];
return array_shift($shifttype);
}
/**
* Get all shift types.
*
* @return array|false
*/
function ShiftTypes() {
return sql_select("SELECT * FROM `ShiftTypes` ORDER BY `name`");
function ShiftTypes()
{
$result = DB::select('SELECT * FROM `ShiftTypes` ORDER BY `name`');
if (DB::getStm()->errorCode() != '00000') {
return false;
}
?>
return $result;
}

103
includes/model/ShiftsFilter.php
Unescape Escape View File

@ -7,13 +7,13 @@ namespace Engelsystem;
*
* @author msquare
*/
class ShiftsFilter {
class ShiftsFilter
{
/**
* How long can the time interval be?
* 86400 = one day
*/
const MAX_DURATION = 86400;
// one day
/**
* Shift is completely full.
@ -32,17 +32,30 @@ class ShiftsFilter {
*/
private $userShiftsAdmin;
/** @var int[] */
private $filled = [];
/** @var int[] */
private $rooms = [];
/** @var int[] */
private $types = [];
/** @var int unix timestamp */
private $startTime = null;
/** @var int unix timestamp */
private $endTime = null;
public function __construct($user_shifts_admin, $rooms, $types) {
/**
* ShiftsFilter constructor.
*
* @param bool $user_shifts_admin
* @param int[] $rooms
* @param int[] $types
*/
public function __construct($user_shifts_admin, $rooms, $types)
{
$this->user_shifts_admin = $user_shifts_admin;
$this->rooms = $rooms;
$this->types = $types;
@ -56,66 +69,108 @@ class ShiftsFilter {
}
}
public function getStartTime() {
/**
* @return int unix timestamp
*/
public function getStartTime()
{
return $this->startTime;
}
public function setStartTime($startTime) {
/**
* @param int $startTime unix timestamp
*/
public function setStartTime($startTime)
{
$this->startTime = $startTime;
}
public function getEndTime() {
/**
* @return int unix timestamp
*/
public function getEndTime()
{
return $this->endTime;
}
public function setEndTime($endTime) {
/**
* @param int $endTime unix timestamp
*/
public function setEndTime($endTime)
{
if ($endTime - $this->startTime > ShiftsFilter::MAX_DURATION) {
$endTime = $this->startTime + ShiftsFilter::MAX_DURATION;
}
$this->endTime = $endTime;
}
public function getTypes() {
/**
* @return int[]
*/
public function getTypes()
{
if (count($this->types) == 0) {
return [
0
];
return [0];
}
return $this->types;
}
public function setTypes($types) {
/**
* @param int[] $types
*/
public function setTypes($types)
{
$this->types = $types;
}
public function getRooms() {
/**
* @return int[]
*/
public function getRooms()
{
if (count($this->rooms) == 0) {
return [
0
];
return [0];
}
return $this->rooms;
}
public function setRooms($rooms) {
/**
* @param int[] $rooms
*/
public function setRooms($rooms)
{
$this->rooms = $rooms;
}
public function isUserShiftsAdmin() {
/**
* @return bool
*/
public function isUserShiftsAdmin()
{
return $this->userShiftsAdmin;
}
public function setUserShiftsAdmin($userShiftsAdmin) {
/**
* @param bool $userShiftsAdmin
*/
public function setUserShiftsAdmin($userShiftsAdmin)
{
$this->userShiftsAdmin = $userShiftsAdmin;
}
public function getFilled() {
/**
* @return int[]
*/
public function getFilled()
{
return $this->filled;
}
public function setFilled($filled) {
/**
* @param int[] $filled
*/
public function setFilled($filled)
{
$this->filled = $filled;
}
}
?>

505
includes/model/Shifts_model.php
Unescape Escape View File

@ -1,112 +1,207 @@
<?php
use Engelsystem\Database\DB;
use Engelsystem\ShiftsFilter;
use Engelsystem\ShiftSignupState;
function Shifts_by_room($room) {
$result = sql_select("SELECT * FROM `Shifts` WHERE `RID`=" . sql_escape($room['RID']) . " ORDER BY `start`");
if ($result === false) {
engelsystem_error("Unable to load shifts.");
/**
* @param array $room
* @return array
*/
function Shifts_by_room($room)
{
$result = DB::select('SELECT * FROM `Shifts` WHERE `RID`=? ORDER BY `start`', [$room['RID']]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load shifts.');
}
return $result;
}
function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
$SQL = "SELECT * FROM (
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
/**
* @param ShiftsFilter $shiftsFilter
* @return array[]
*/
function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
{
$sql = 'SELECT * FROM (
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `Room` USING (`RID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
AND `start` BETWEEN ? AND ?
AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ')
AND `NeededAngelTypes`.`count` > 0
AND `Shifts`.`PSID` IS NULL
UNION
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `Room` USING (`RID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
AND `start` BETWEEN ? AND ?
AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ')
AND `NeededAngelTypes`.`count` > 0
AND NOT `Shifts`.`PSID` IS NULL) as tmp_shifts
ORDER BY `start`";
$result = sql_select($SQL);
if ($result === false) {
engelsystem_error("Unable to load shifts by filter.");
AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts
ORDER BY `start`';
$result = DB::select(
$sql,
[
$shiftsFilter->getStartTime(),
$shiftsFilter->getEndTime(),
$shiftsFilter->getStartTime(),
$shiftsFilter->getEndTime(),
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load shifts by filter.');
}
return $result;
}
function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
$SQL = "SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
/**
* @param ShiftsFilter $shiftsFilter
* @return array[]
*/
function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
{
$sql = '
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
AND `start` BETWEEN ? AND ?
AND `Shifts`.`PSID` IS NULL
UNION
SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
AND NOT `Shifts`.`PSID` IS NULL";
$result = sql_select($SQL);
if ($result === false) {
engelsystem_error("Unable to load needed angeltypes by filter.");
WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
AND `start` BETWEEN ? AND ?
AND NOT `Shifts`.`PSID` IS NULL';
$result = DB::select(
$sql,
[
$shiftsFilter->getStartTime(),
$shiftsFilter->getEndTime(),
$shiftsFilter->getStartTime(),
$shiftsFilter->getEndTime(),
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load needed angeltypes by filter.');
}
return $result;
}
function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype) {
$result = sql_select("SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
/**
* @param array $shift
* @param array $angeltype
* @return array|null
*/
function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype)
{
$result = DB::select('
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
WHERE `Shifts`.`SID`=" . sql_escape($shift['SID']) . "
AND `AngelTypes`.`id`=" . sql_escape($angeltype['id']) . "
WHERE `Shifts`.`SID`=?
AND `AngelTypes`.`id`=?
AND `Shifts`.`PSID` IS NULL
UNION
SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
WHERE `Shifts`.`SID`=" . sql_escape($shift['SID']) . "
AND `AngelTypes`.`id`=" . sql_escape($angeltype['id']) . "
AND NOT `Shifts`.`PSID` IS NULL");
if ($result === false) {
engelsystem_error("Unable to load needed angeltypes by filter.");
}
if (count($result) == 0) {
WHERE `Shifts`.`SID`=?
AND `AngelTypes`.`id`=?
AND NOT `Shifts`.`PSID` IS NULL
',
[
$shift['SID'],
$angeltype['id'],
$shift['SID'],
$angeltype['id']
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load needed angeltypes by filter.');
}
if (empty($result)) {
return null;
}
return $result[0];
}
function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
$SQL = "SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
/**
* @param ShiftsFilter $shiftsFilter
* @return array
*/
function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
{
$sql = '
SELECT
`User`.`Nick`,
`User`.`email`,
`User`.`email_shiftinfo`,
`User`.`Sprache`,
`User`.`Gekommen`,
`ShiftEntry`.`UID`,
`ShiftEntry`.`TID`,
`ShiftEntry`.`SID`,
`ShiftEntry`.`Comment`,
`ShiftEntry`.`freeloaded`
FROM `Shifts`
JOIN `ShiftEntry` ON `ShiftEntry`.`SID`=`Shifts`.`SID`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
ORDER BY `Shifts`.`start`";
$result = sql_select($SQL);
if ($result === false) {
engelsystem_error("Unable to load shift entries by filter.");
WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
AND `start` BETWEEN ? AND ?
ORDER BY `Shifts`.`start`';
$result = DB::select(
$sql,
[
$shiftsFilter->getStartTime(),
$shiftsFilter->getEndTime(),
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load shift entries by filter.');
}
return $result;
}
@ -114,10 +209,12 @@ function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
/**
* Check if a shift collides with other shifts (in time).
*
* @param Shift $shift
* @param array<Shift> $shifts
* @param array $shift
* @param array $shifts
* @return bool
*/
function Shift_collides($shift, $shifts) {
function Shift_collides($shift, $shifts)
{
foreach ($shifts as $other_shift) {
if ($shift['SID'] != $other_shift['SID']) {
if (!($shift['start'] >= $other_shift['end'] || $shift['end'] <= $other_shift['start'])) {
@ -130,8 +227,13 @@ function Shift_collides($shift, $shifts) {
/**
* Returns the number of needed angels/free shift entries for an angeltype.
*
* @param array $needed_angeltype
* @param array[] $shift_entries
* @return int
*/
function Shift_free_entries($needed_angeltype, $shift_entries) {
function Shift_free_entries($needed_angeltype, $shift_entries)
{
$taken = 0;
foreach ($shift_entries as $shift_entry) {
if ($shift_entry['freeloaded'] == 0) {
@ -144,16 +246,24 @@ function Shift_free_entries($needed_angeltype, $shift_entries) {
/**
* Check if shift signup is allowed from the end users point of view (no admin like privileges)
*
* @param Shift $shift
* The shift
* @param AngelType $angeltype
* The angeltype to which the user wants to sign up
* @param array<Shift> $user_shifts
* List of the users shifts
* @param boolean $angeltype_supporter
* True, if the user has angeltype supporter rights for the angeltype, which enables him to sign somebody up for the shift.
* @param array $user
* @param array $shift The shift
* @param array $angeltype The angeltype to which the user wants to sign up
* @param array|null $user_angeltype
* @param array|null $user_shifts List of the users shifts
* @param array $needed_angeltype
* @param array[] $shift_entries
* @return ShiftSignupState
*/
function Shift_signup_allowed_angel($user, $shift, $angeltype, $user_angeltype, $user_shifts, $needed_angeltype, $shift_entries) {
function Shift_signup_allowed_angel(
$user,
$shift,
$angeltype,
$user_angeltype,
$user_shifts,
$needed_angeltype,
$shift_entries
) {
$free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
if ($user['Gekommen'] == 0) {
@ -190,7 +300,11 @@ function Shift_signup_allowed_angel($user, $shift, $angeltype, $user_angeltype,
$user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
}
if ($user_angeltype == null || ($angeltype['no_self_signup'] == 1 && $user_angeltype != null) || ($angeltype['restricted'] == 1 && $user_angeltype != null && ! isset($user_angeltype['confirm_user_id']))) {
if (
$user_angeltype == null
|| ($angeltype['no_self_signup'] == 1 && $user_angeltype != null)
|| ($angeltype['restricted'] == 1 && $user_angeltype != null && !isset($user_angeltype['confirm_user_id']))
) {
// you cannot join if user is not of this angel type
// you cannot join if you are not confirmed
// you cannot join if angeltype has no self signup
@ -209,8 +323,13 @@ function Shift_signup_allowed_angel($user, $shift, $angeltype, $user_angeltype,
/**
* Check if an angeltype supporter can sign up a user to a shift.
*
* @param array $needed_angeltype
* @param array[] $shift_entries
* @return ShiftSignupState
*/
function Shift_signup_allowed_angeltype_supporter($angeltype, $needed_angeltype, $shift_entries) {
function Shift_signup_allowed_angeltype_supporter($needed_angeltype, $shift_entries)
{
$free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
if ($free_entries == 0) {
return new ShiftSignupState(ShiftSignupState::OCCUPIED, $free_entries);
@ -222,12 +341,12 @@ function Shift_signup_allowed_angeltype_supporter($angeltype, $needed_angeltype,
/**
* Check if an admin can sign up a user to a shift.
*
* @param Shift $shift
* The shift
* @param AngelType $angeltype
* The angeltype to which the user wants to sign up
* @param array $needed_angeltype
* @param array[] $shift_entries
* @return ShiftSignupState
*/
function Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entries) {
function Shift_signup_allowed_admin($needed_angeltype, $shift_entries)
{
$free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
if ($free_entries == 0) {
@ -241,42 +360,77 @@ function Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entrie
/**
* Check if an angel can sign up for given shift.
*
* @param Shift $shift
* The shift
* @param AngelType $angeltype
* The angeltype to which the user wants to sign up
* @param array<Shift> $user_shifts
* List of the users shifts
* @param array $signup_user
* @param array $shift The shift
* @param array $angeltype The angeltype to which the user wants to sign up
* @param array|null $user_angeltype
* @param array|null $user_shifts List of the users shifts
* @param array $needed_angeltype
* @param array[] $shift_entries
* @return ShiftSignupState
*/
function Shift_signup_allowed($signup_user, $shift, $angeltype, $user_angeltype = null, $user_shifts = null, $needed_angeltype, $shift_entries) {
function Shift_signup_allowed(
$signup_user,
$shift,
$angeltype,
$user_angeltype,
$user_shifts,
$needed_angeltype,
$shift_entries
) {
global $user, $privileges;
if (in_array('user_shifts_admin', $privileges)) {
return Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entries);
return Shift_signup_allowed_admin($needed_angeltype, $shift_entries);
}
if (in_array('shiftentry_edit_angeltype_supporter', $privileges) && User_is_AngelType_supporter($user, $angeltype)) {
return Shift_signup_allowed_angeltype_supporter($angeltype, $needed_angeltype, $shift_entries);
if (
in_array('shiftentry_edit_angeltype_supporter', $privileges)
&& User_is_AngelType_supporter($user, $angeltype)
) {
return Shift_signup_allowed_angeltype_supporter($needed_angeltype, $shift_entries);
}
return Shift_signup_allowed_angel($signup_user, $shift, $angeltype, $user_angeltype, $user_shifts, $needed_angeltype, $shift_entries);
return Shift_signup_allowed_angel(
$signup_user,
$shift,
$angeltype,
$user_angeltype,
$user_shifts,
$needed_angeltype,
$shift_entries
);
}
/**
* Delete a shift by its external id.
*
* @param int $shift_psid
* @return bool
*/
function Shift_delete_by_psid($shift_psid) {
return sql_query("DELETE FROM `Shifts` WHERE `PSID`='" . sql_escape($shift_psid) . "'");
function Shift_delete_by_psid($shift_psid)
{
DB::delete('DELETE FROM `Shifts` WHERE `PSID`=?', [$shift_psid]);
if (DB::getStm()->errorCode() != '00000') {
return false;
}
return true;
}
/**
* Delete a shift.
*
* @param int $shift_id
* @return bool
*/
function Shift_delete($shift_id) {
function Shift_delete($shift_id)
{
mail_shift_delete(Shift($shift_id));
$result = sql_query("DELETE FROM `Shifts` WHERE `SID`='" . sql_escape($shift_id) . "'");
if ($result === false) {
$result = DB::delete('DELETE FROM `Shifts` WHERE `SID`=?', [$shift_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to delete shift.');
}
return $result;
@ -284,36 +438,61 @@ function Shift_delete($shift_id) {
/**
* Update a shift.
*
* @param array $shift
* @return bool
*/
function Shift_update($shift) {
function Shift_update($shift)
{
global $user;
$shift['name'] = ShiftType($shift['shifttype_id'])['name'];
mail_shift_change(Shift($shift['SID']), $shift);
return sql_query("UPDATE `Shifts` SET
`shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
`start`='" . sql_escape($shift['start']) . "',
`end`='" . sql_escape($shift['end']) . "',
`RID`='" . sql_escape($shift['RID']) . "',
`title`=" . sql_null($shift['title']) . ",
`URL`=" . sql_null($shift['URL']) . ",
`PSID`=" . sql_null($shift['PSID']) . ",
`edited_by_user_id`='" . sql_escape($user['UID']) . "',
`edited_at_timestamp`=" . time() . "
WHERE `SID`='" . sql_escape($shift['SID']) . "'");
return (bool)DB::update('
UPDATE `Shifts` SET
`shifttype_id` = ?,
`start` = ?,
`end` = ?,
`RID` = ?,
`title` = ?,
`URL` = ?,
`PSID` = ?,
`edited_by_user_id` = ?,
`edited_at_timestamp` = ?
WHERE `SID` = ?
',
[
$shift['shifttype_id'],
$shift['start'],
$shift['end'],
$shift['RID'],
$shift['title'],
$shift['URL'],
$shift['PSID'],
$user['UID'],
time(),
$shift['SID']
]
);
}
/**
* Update a shift by its external id.
*
* @param array $shift
* @return bool|null
*/
function Shift_update_by_psid($shift) {
$shift_source = sql_select("SELECT `SID` FROM `Shifts` WHERE `PSID`=" . $shift['PSID']);
if ($shift_source === false) {
function Shift_update_by_psid($shift)
{
$shift_source = DB::select('SELECT `SID` FROM `Shifts` WHERE `PSID`=?', [$shift['PSID']]);
if (DB::getStm()->errorCode() != '00000') {
return false;
}
if (count($shift_source) == 0) {
if (empty($shift_source)) {
return null;
}
$shift['SID'] = $shift_source[0]['SID'];
return Shift_update($shift);
}
@ -321,43 +500,70 @@ function Shift_update_by_psid($shift) {
/**
* Create a new shift.
*
* @return new shift id or false
* @param array $shift
* @return int|false shift id or false
*/
function Shift_create($shift) {
function Shift_create($shift)
{
global $user;
$result = sql_query("INSERT INTO `Shifts` SET
`shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
`start`='" . sql_escape($shift['start']) . "',
`end`='" . sql_escape($shift['end']) . "',
`RID`='" . sql_escape($shift['RID']) . "',
`title`=" . sql_null($shift['title']) . ",
`URL`=" . sql_null($shift['URL']) . ",
`PSID`=" . sql_null($shift['PSID']) . ",
`created_by_user_id`='" . sql_escape($user['UID']) . "',
`created_at_timestamp`=" . time());
if ($result === false) {
DB::insert('
INSERT INTO `Shifts` (
`shifttype_id`,
`start`,
`end`,
`RID`,
`title`,
`URL`,
`PSID`,
`created_by_user_id`,
`created_at_timestamp`
)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
',
[
$shift['shifttype_id'],
$shift['start'],
$shift['end'],
$shift['RID'],
$shift['title'],
$shift['URL'],
$shift['PSID'],
$user['UID'],
time(),
]
);
if (DB::getStm()->errorCode() != '00000') {
return false;
}
return sql_id();
return DB::getPdo()->lastInsertId();
}
/**
* Return users shifts.
*
* @param array $user
* @param bool $include_freeload_comments
* @return array
*/
function Shifts_by_user($user, $include_freeload_comments = false) {
$result = sql_select("
SELECT `ShiftTypes`.`id` as `shifttype_id`, `ShiftTypes`.`name`,
function Shifts_by_user($user, $include_freeload_comments = false)
{
$result = DB::select('
SELECT `ShiftTypes`.`id` AS `shifttype_id`, `ShiftTypes`.`name`,
`ShiftEntry`.`id`, `ShiftEntry`.`SID`, `ShiftEntry`.`TID`, `ShiftEntry`.`UID`, `ShiftEntry`.`freeloaded`, `ShiftEntry`.`Comment`,
" . ($include_freeload_comments ? "`ShiftEntry`.`freeload_comment`, " : "") . "
' . ($include_freeload_comments ? '`ShiftEntry`.`freeload_comment`, ' : '') . '
`Shifts`.*, `Room`.*
FROM `ShiftEntry`
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `UID`='" . sql_escape($user['UID']) . "'
WHERE `UID` = ?
ORDER BY `start`
");
if ($result === false) {
',
[
$user['UID']
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load users shifts.');
}
return $result;
@ -366,18 +572,18 @@ function Shifts_by_user($user, $include_freeload_comments = false) {
/**
* Returns Shift by id.
*
* @param $shift_id Shift
* ID
* @param int $shift_id Shift ID
* @return array|null
*/
function Shift($shift_id) {
$shifts_source = sql_select("
function Shift($shift_id)
{
$shifts_source = DB::select('
SELECT `Shifts`.*, `ShiftTypes`.`name`
FROM `Shifts`
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
WHERE `SID`='" . sql_escape($shift_id) . "'");
$shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift_id) . "'");
WHERE `SID`=?', [$shift_id]);
if ($shifts_source === false) {
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load shift.');
}
@ -387,16 +593,21 @@ function Shift($shift_id) {
$result = $shifts_source[0];
$shiftsEntry_source = DB::select('
SELECT `id`, `TID` , `UID` , `freeloaded`
FROM `ShiftEntry`
WHERE `SID`=?', [$shift_id]);
$result['ShiftEntry'] = $shiftsEntry_source;
$result['NeedAngels'] = [];
$temp = NeededAngelTypes_by_shift($shift_id);
foreach ($temp as $e) {
$angelTypes = NeededAngelTypes_by_shift($shift_id);
foreach ($angelTypes as $type) {
$result['NeedAngels'][] = [
'TID' => $e['angel_type_id'],
'count' => $e['count'],
'restricted' => $e['restricted'],
'taken' => $e['taken']
'TID' => $type['angel_type_id'],
'count' => $type['count'],
'restricted' => $type['restricted'],
'taken' => $type['taken']
];
}
@ -405,28 +616,26 @@ function Shift($shift_id) {
/**
* Returns all shifts with needed angeltypes and count of subscribed jobs.
*
* @return array|false
*/
function Shifts() {
$shifts_source = sql_select("
SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`RID`, `Room`.`Name` as `room_name`
function Shifts()
{
$shifts_source = DB::select('
SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`RID`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON `Room`.`RID` = `Shifts`.`RID`
");
if ($shifts_source === false) {
');
if (DB::getStm()->errorCode() != '00000') {
return false;
}
foreach ($shifts_source as &$shift) {
$needed_angeltypes = NeededAngelTypes_by_shift($shift['SID']);
if ($needed_angeltypes === false) {
return false;
}
$shift['angeltypes'] = $needed_angeltypes;
}
return $shifts_source;
}
?>

258
includes/model/UserAngelTypes_model.php
Unescape Escape View File

@ -1,5 +1,7 @@
<?php
use Engelsystem\Database\DB;
/**
* User angeltypes model
*/
@ -7,83 +9,100 @@
/**
* Checks if a user joined an angeltype.
*
* @param User $user
* The user to be checked
* @param Angeltype $angeltype
* The angeltype to be checked
* @param array $user The user to be checked
* @param array $angeltype The angeltype to be checked
* @return boolean
*/
function UserAngelType_exists($user, $angeltype) {
return sql_num_query("
function UserAngelType_exists($user, $angeltype)
{
return count(DB::select('
SELECT `id`
FROM `UserAngelTypes`
WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
") > 0;
WHERE `UserAngelTypes`.`user_id`=?
AND `angeltype_id`=?
', [$user['UID'], $angeltype['id']])) > 0;
}
/**
* List users angeltypes.
*
* @param User $user
* @param array $user
* @return array|false
*/
function User_angeltypes($user) {
$result = sql_select("
function User_angeltypes($user)
{
$result = DB::select('
SELECT `AngelTypes`.*, `UserAngelTypes`.`confirm_user_id`, `UserAngelTypes`.`supporter`
FROM `UserAngelTypes`
JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`
WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
");
if ($result === false) {
engelsystem_error("Unable to load user angeltypes.");
WHERE `UserAngelTypes`.`user_id`=?
', [$user['UID']]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user angeltypes.');
return false;
}
return $result;
}
/**
* Gets unconfirmed user angeltypes for angeltypes of which the given user is a supporter.
*
* @param User $user
* @param array $user
* @return array
*/
function User_unconfirmed_AngelTypes($user) {
$result = sql_select("
function User_unconfirmed_AngelTypes($user)
{
$result = DB::select('
SELECT
`UserAngelTypes`.*,
`AngelTypes`.`name`,
count(`UnconfirmedMembers`.`user_id`) as `count`
count(`UnconfirmedMembers`.`user_id`) AS `count`
FROM `UserAngelTypes`
JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
JOIN `UserAngelTypes` as `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
JOIN `UserAngelTypes` AS `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
WHERE `UserAngelTypes`.`user_id`=?
AND `UserAngelTypes`.`supporter`=TRUE
AND `AngelTypes`.`restricted`=TRUE
AND `UnconfirmedMembers`.`confirm_user_id` IS NULL
GROUP BY `UserAngelTypes`.`angeltype_id`
ORDER BY `AngelTypes`.`name`");
if ($result === false) {
engelsystem_error("Unable to load user angeltypes.");
ORDER BY `AngelTypes`.`name`
', [$user['UID']]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user angeltypes.');
}
return $result;
}
/**
* Returns true if user is angeltype supporter or has privilege admin_user_angeltypes.
*
* @param User $user
* @param AngelType $angeltype
* @param array $user
* @param array $angeltype
* @return bool
*/
function User_is_AngelType_supporter(&$user, $angeltype) {
function User_is_AngelType_supporter(&$user, $angeltype)
{
if (!isset($user['privileges'])) {
$user['privileges'] = privileges_for_user($user['UID']);
}
return (sql_num_query("
return (count(DB::select('
SELECT `id`
FROM `UserAngelTypes`
WHERE `user_id`='" . sql_escape($user['UID']) . "'
AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
WHERE `user_id`=?
AND `angeltype_id`=?
AND `supporter`=TRUE
LIMIT 1") > 0) || in_array('admin_user_angeltypes', $user['privileges']);
LIMIT 1
',
[
$user['UID'],
$angeltype['id']
]
)) > 0)
|| in_array('admin_user_angeltypes', $user['privileges']);
}
/**
@ -91,16 +110,21 @@ function User_is_AngelType_supporter(&$user, $angeltype) {
*
* @param int $user_angeltype_id
* @param bool $supporter
* @return int
*/
function UserAngelType_update($user_angeltype_id, $supporter) {
$result = sql_query("
function UserAngelType_update($user_angeltype_id, $supporter)
{
$result = DB::update('
UPDATE `UserAngelTypes`
SET `supporter`=" . sql_bool($supporter) . "
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
if ($result === false) {
engelsystem_error("Unable to update supporter rights.");
SET `supporter`=?
WHERE `id`=?
LIMIT 1
', [$supporter, $user_angeltype_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to update supporter rights.');
}
return $result;
}
@ -108,122 +132,160 @@ function UserAngelType_update($user_angeltype_id, $supporter) {
* Delete all unconfirmed UserAngelTypes for given Angeltype.
*
* @param int $angeltype_id
* @return bool
*/
function UserAngelTypes_delete_all($angeltype_id) {
$result = sql_query("
function UserAngelTypes_delete_all($angeltype_id)
{
DB::delete('
DELETE FROM `UserAngelTypes`
WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
AND `confirm_user_id` IS NULL");
if ($result === false) {
engelsystem_error("Unable to delete all unconfirmed users.");
WHERE `angeltype_id`=?
AND `confirm_user_id` IS NULL
', [$angeltype_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to delete all unconfirmed users.');
}
return $result;
return true;
}
/**
* Confirm all unconfirmed UserAngelTypes for given Angeltype.
*
* @param int $angeltype_id
* @param User $confirm_user
* @param array $confirm_user
* @return bool
*/
function UserAngelTypes_confirm_all($angeltype_id, $confirm_user) {
$result = sql_query("
function UserAngelTypes_confirm_all($angeltype_id, $confirm_user)
{
$result = DB::update('
UPDATE `UserAngelTypes`
SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
AND `confirm_user_id` IS NULL");
if ($result === false) {
engelsystem_error("Unable to confirm all users.");
SET `confirm_user_id`=?
WHERE `angeltype_id`=?
AND `confirm_user_id` IS NULL
', [$confirm_user['UID'], $angeltype_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to confirm all users.');
}
return $result;
return (bool)$result;
}
/**
* Confirm an UserAngelType with confirming user.
*
* @param int $user_angeltype_id
* @param User $confirm_user
* @param array $confirm_user
* @return bool
*/
function UserAngelType_confirm($user_angeltype_id, $confirm_user) {
$result = sql_query("
function UserAngelType_confirm($user_angeltype_id, $confirm_user)
{
$result = DB::update('
UPDATE `UserAngelTypes`
SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
if ($result === false) {
engelsystem_error("Unable to confirm user angeltype.");
SET `confirm_user_id`=?
WHERE `id`=?
LIMIT 1', [$confirm_user['UID'], $user_angeltype_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to confirm user angeltype.');
}
return $result;
return (bool)$result;
}
/**
* Delete an UserAngelType.
*
* @param UserAngelType $user_angeltype
* @param array $user_angeltype
* @return bool
*/
function UserAngelType_delete($user_angeltype) {
return sql_query("
function UserAngelType_delete($user_angeltype)
{
return (bool)DB::delete('
DELETE FROM `UserAngelTypes`
WHERE `id`='" . sql_escape($user_angeltype['id']) . "'
LIMIT 1");
WHERE `id`=?
LIMIT 1', [$user_angeltype['id']]);
}
/**
* Create an UserAngelType.
*
* @param User $user
* @param Angeltype $angeltype
* @param array $user
* @param array $angeltype
* @return int
*/
function UserAngelType_create($user, $angeltype) {
$result = sql_query("
INSERT INTO `UserAngelTypes` SET
`user_id`='" . sql_escape($user['UID']) . "',
`angeltype_id`='" . sql_escape($angeltype['id']) . "'");
if ($result === false) {
engelsystem_error("Unable to create user angeltype.");
function UserAngelType_create($user, $angeltype)
{
DB::insert('
INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`)
VALUES (?, ?)
',
[
$user['UID'],
$angeltype['id']
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to create user angeltype.');
}
return sql_id();
return DB::getPdo()->lastInsertId();
}
/**
* Get an UserAngelType by its id.
*
* @param int $user_angeltype_id
* @return array|null
*/
function UserAngelType($user_angeltype_id) {
$angeltype = sql_select("
function UserAngelType($user_angeltype_id)
{
$angeltype = DB::select('
SELECT *
FROM `UserAngelTypes`
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
if ($angeltype === false) {
engelsystem_error("Unable to load user angeltype.");
WHERE `id`=?
LIMIT 1', [$user_angeltype_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user angeltype.');
}
if (count($angeltype) == 0) {
if (empty($angeltype)) {
return null;
}
return $angeltype[0];
}
/**
* Get an UserAngelType by user and angeltype.
*
* @param User $user
* @param Angeltype $angeltype
* @param array $user
* @param array $angeltype
* @return array|null
*/
function UserAngelType_by_User_and_AngelType($user, $angeltype) {
$angeltype = sql_select("
function UserAngelType_by_User_and_AngelType($user, $angeltype)
{
$angeltype = DB::select('
SELECT *
FROM `UserAngelTypes`
WHERE `user_id`='" . sql_escape($user['UID']) . "'
AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
LIMIT 1");
if ($angeltype === false) {
engelsystem_error("Unable to load user angeltype.");
WHERE `user_id`=?
AND `angeltype_id`=?
LIMIT 1
',
[
$user['UID'],
$angeltype['id']
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user angeltype.');
}
if (count($angeltype) == 0) {
if (empty($angeltype)) {
return null;
}
return $angeltype[0];
return array_shift($angeltype);
}
?>

136
includes/model/UserDriverLicenses_model.php
Unescape Escape View File

@ -1,10 +1,15 @@
<?php
use Engelsystem\Database\DB;
/**
* Returns a new empty UserDriverLicense
* FIXME entity object needed
*
* @return array
*/
function UserDriverLicense_new() {
function UserDriverLicense_new()
{
return [
'user_id' => null,
'has_car' => false,
@ -19,72 +24,114 @@ function UserDriverLicense_new() {
/**
* Is it valid?
*
* @param UserDriverLicense $user_driver_license
* The UserDriverLicense to check
* @param array $user_driver_license The UserDriverLicense to check
* @return boolean
*/
function UserDriverLicense_valid($user_driver_license) {
return $user_driver_license['has_license_car'] || $user_driver_license['has_license_3_5t_transporter'] || $user_driver_license['has_license_7_5t_truck'] || $user_driver_license['has_license_12_5t_truck'] || $user_driver_license['has_license_forklift'];
function UserDriverLicense_valid($user_driver_license)
{
return $user_driver_license['has_car']
|| $user_driver_license['has_license_car']
|| $user_driver_license['has_license_3_5t_transporter']
|| $user_driver_license['has_license_7_5t_truck']
|| $user_driver_license['has_license_12_5t_truck']
|| $user_driver_license['has_license_forklift'];
}
/**
* Get a users driver license information
*
* @param int $user_id
* The users id
* @param int $user_id The users id
* @return array|false|null
*/
function UserDriverLicense($user_id) {
$user_driver_license = sql_select("SELECT * FROM `UserDriverLicenses` WHERE `user_id`='" . sql_escape($user_id) . "'");
if ($user_driver_license === false) {
function UserDriverLicense($user_id)
{
$user_driver_license = DB::select('
SELECT *
FROM `UserDriverLicenses`
WHERE `user_id`=?', [$user_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user driver license.');
return false;
}
if (count($user_driver_license) > 0) {
return $user_driver_license[0];
}
if (empty($user_driver_license)) {
return null;
}
return array_shift($user_driver_license);
}
/**
* Create a user's driver license entry
*
* @param UserDriverLicense $user_driver_license
* The UserDriverLicense to create
* @param array $user_driver_license The UserDriverLicense to create
* @param array $user
* @return array
*/
function UserDriverLicenses_create($user_driver_license, $user) {
function UserDriverLicenses_create($user_driver_license, $user)
{
$user_driver_license['user_id'] = $user['UID'];
$result = sql_query("
INSERT INTO `UserDriverLicenses` SET
`user_id`=" . sql_escape($user_driver_license['user_id']) . ",
`has_car`=" . sql_bool($user_driver_license['has_car']) . ",
`has_license_car`=" . sql_bool($user_driver_license['has_license_car']) . ",
`has_license_3_5t_transporter`=" . sql_bool($user_driver_license['has_license_3_5t_transporter']) . ",
`has_license_7_5t_truck`=" . sql_bool($user_driver_license['has_license_7_5t_truck']) . ",
`has_license_12_5t_truck`=" . sql_bool($user_driver_license['has_license_12_5t_truck']) . ",
`has_license_forklift`=" . sql_bool($user_driver_license['has_license_forklift']));
if ($result === false) {
DB::insert('
INSERT INTO `UserDriverLicenses` (
`user_id`,
`has_car`,
`has_license_car`,
`has_license_3_5t_transporter`,
`has_license_7_5t_truck`,
`has_license_12_5t_truck`,
`has_license_forklift`
)
VALUES (?, ?, ?, ?, ?, ?, ?)
',
[
$user_driver_license['user_id'],
(bool)$user_driver_license['has_car'],
(bool)$user_driver_license['has_license_car'],
(bool)$user_driver_license['has_license_3_5t_transporter'],
(bool)$user_driver_license['has_license_7_5t_truck'],
(bool)$user_driver_license['has_license_12_5t_truck'],
(bool)$user_driver_license['has_license_forklift'],
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to create user driver license');
}
return $user_driver_license;
}
/**
* Update a user's driver license entry
*
* @param UserDriverLicense $user_driver_license
* The UserDriverLicense to update
* @param array $user_driver_license The UserDriverLicense to update
* @return bool
*/
function UserDriverLicenses_update($user_driver_license) {
$result = sql_query("UPDATE `UserDriverLicenses` SET
`has_car`=" . sql_bool($user_driver_license['has_car']) . ",
`has_license_car`=" . sql_bool($user_driver_license['has_license_car']) . ",
`has_license_3_5t_transporter`=" . sql_bool($user_driver_license['has_license_3_5t_transporter']) . ",
`has_license_7_5t_truck`=" . sql_bool($user_driver_license['has_license_7_5t_truck']) . ",
`has_license_12_5t_truck`=" . sql_bool($user_driver_license['has_license_12_5t_truck']) . ",
`has_license_forklift`=" . sql_bool($user_driver_license['has_license_forklift']) . "
WHERE `user_id`='" . sql_escape($user_driver_license['user_id']) . "'");
if ($result === false) {
engelsystem_error("Unable to update user driver license information");
function UserDriverLicenses_update($user_driver_license)
{
$result = DB::update('
UPDATE `UserDriverLicenses`
SET
`has_car`=?,
`has_license_car`=?,
`has_license_3_5t_transporter`=?,
`has_license_7_5t_truck`=?,
`has_license_12_5t_truck`=?,
`has_license_forklift`=?
WHERE `user_id`=?
',
[
(bool)$user_driver_license['has_car'],
(bool)$user_driver_license['has_license_car'],
(bool)$user_driver_license['has_license_3_5t_transporter'],
(bool)$user_driver_license['has_license_7_5t_truck'],
(bool)$user_driver_license['has_license_12_5t_truck'],
(bool)$user_driver_license['has_license_forklift'],
$user_driver_license['user_id'],
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to update user driver license information');
}
return $result;
}
@ -93,12 +140,13 @@ function UserDriverLicenses_update($user_driver_license) {
* Delete a user's driver license entry
*
* @param int $user_id
* @return bool
*/
function UserDriverLicenses_delete($user_id) {
$result = sql_query("DELETE FROM `UserDriverLicenses` WHERE `user_id`=" . sql_escape($user_id));
if ($result === false) {
engelsystem_error("Unable to remove user driver license information");
function UserDriverLicenses_delete($user_id)
{
$result = DB::delete('DELETE FROM `UserDriverLicenses` WHERE `user_id`=?', [$user_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to remove user driver license information');
}
return $result;
}
?>

19
includes/model/UserGroups_model.php
Unescape Escape View File

@ -1,17 +1,22 @@
<?php
use Engelsystem\Database\DB;
/**
* Returns users groups
* @param User $user
*
* @param array $user
* @return array
*/
function User_groups($user) {
return sql_select("
function User_groups($user)
{
return DB::select('
SELECT `Groups`.*
FROM `UserGroups`
JOIN `Groups` ON `Groups`.`UID`=`UserGroups`.`group_id`
WHERE `UserGroups`.`uid`='" . sql_escape($user['UID']) . "'
WHERE `UserGroups`.`uid`=?
ORDER BY `UserGroups`.`group_id`
");
',
[$user['UID']]
);
}
?>

412
includes/model/User_model.php
Unescape Escape View File

@ -1,4 +1,6 @@
<?php
use Engelsystem\Database\DB;
use Engelsystem\ValidationResult;
/**
@ -9,71 +11,163 @@ use Engelsystem\ValidationResult;
* Delete a user
*
* @param int $user_id
* @return bool
*/
function User_delete($user_id) {
return sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($user_id) . "'");
function User_delete($user_id)
{
DB::delete('DELETE FROM `User` WHERE `UID`=?', [$user_id]);
return DB::getStm()->errorCode() == '00000';
}
/**
* Update user.
*
* @param User $user
* @param array $user
* @return bool
*/
function User_update($user) {
return sql_query("UPDATE `User` SET
`Nick`='" . sql_escape($user['Nick']) . "',
`Name`='" . sql_escape($user['Name']) . "',
`Vorname`='" . sql_escape($user['Vorname']) . "',
`Alter`='" . sql_escape($user['Alter']) . "',
`Telefon`='" . sql_escape($user['Telefon']) . "',
`DECT`='" . sql_escape($user['DECT']) . "',
`Handy`='" . sql_escape($user['Handy']) . "',
`email`='" . sql_escape($user['email']) . "',
`email_shiftinfo`=" . sql_bool($user['email_shiftinfo']) . ",
`email_by_human_allowed`=" . sql_bool($user['email_by_human_allowed']) . ",
`jabber`='" . sql_escape($user['jabber']) . "',
`Size`='" . sql_escape($user['Size']) . "',
`Gekommen`='" . sql_escape($user['Gekommen']) . "',
`Aktiv`='" . sql_escape($user['Aktiv']) . "',
`force_active`=" . sql_bool($user['force_active']) . ",
`Tshirt`='" . sql_escape($user['Tshirt']) . "',
`color`='" . sql_escape($user['color']) . "',
`Sprache`='" . sql_escape($user['Sprache']) . "',
`Hometown`='" . sql_escape($user['Hometown']) . "',
`got_voucher`='" . sql_escape($user['got_voucher']) . "',
`arrival_date`='" . sql_escape($user['arrival_date']) . "',
`planned_arrival_date`='" . sql_escape($user['planned_arrival_date']) . "',
`planned_departure_date`=" . sql_null($user['planned_departure_date']) . "
WHERE `UID`='" . sql_escape($user['UID']) . "'");
function User_update($user)
{
return (bool)DB::update('
UPDATE `User` SET
`Nick`=?,
`Name`=?,
`Vorname`=?,
`Alter`=?,
`Telefon`=?,
`DECT`=?,
`Handy`=?,
`email`=?,
`email_shiftinfo`=?,
`email_by_human_allowed`=?,
`jabber`=?,
`Size`=?,
`Gekommen`=?,
`Aktiv`=?,
`force_active`=?,
`Tshirt`=?,
`color`=?,
`Sprache`=?,
`Hometown`=?,
`got_voucher`=?,
`arrival_date`=?,
`planned_arrival_date`=?,
`planned_departure_date`=?
WHERE `UID`=?
',
[
$user['Nick'],
$user['Name'],
$user['Vorname'],
$user['Alter'],
$user['Telefon'],
$user['DECT'],
$user['Handy'],
$user['email'],
(bool)$user['email_shiftinfo'],
(bool)$user['email_by_human_allowed'],
$user['jabber'],
$user['Size'],
$user['Gekommen'],
$user['Aktiv'],
(bool)$user['force_active'],
$user['Tshirt'],
$user['color'],
$user['Sprache'],
$user['Hometown'],
$user['got_voucher'],
$user['arrival_date'],
$user['planned_arrival_date'],
$user['planned_departure_date'],
$user['UID'],
]
);
}
/**
* Counts all forced active users.
*
* @return int
*/
function User_force_active_count()
{
$result = DB::select('SELECT COUNT(*) FROM `User` WHERE `force_active` = 1');
$result = array_shift($result);
if (empty($result)) {
return 0;
}
return (int)array_shift($result);
}
/**
* @return int
*/
function User_active_count()
{
$result = DB::select('SELECT COUNT(*) FROM `User` WHERE `Aktiv` = 1');
$result = array_shift($result);
if (empty($result)) {
return 0;
}
return (int)array_shift($result);
}
/**
* @return int
*/
function User_force_active_count() {
return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `force_active` = 1");
function User_got_voucher_count()
{
$result = DB::select('SELECT SUM(`got_voucher`) FROM `User`');
$result = array_shift($result);
if (empty($result)) {
return 0;
}
return (int)array_shift($result);
}
function User_active_count() {
return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Aktiv` = 1");
/**
* @return int
*/
function User_arrived_count()
{
$result = DB::select('SELECT COUNT(*) FROM `User` WHERE `Gekommen` = 1');
$result = array_shift($result);
if (empty($result)) {
return 0;
}
function User_got_voucher_count() {
return sql_select_single_cell("SELECT SUM(`got_voucher`) FROM `User`");
return (int)array_shift($result);
}
function User_arrived_count() {
return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Gekommen` = 1");
/**
* @return int
*/
function User_tshirts_count()
{
$result = DB::select('SELECT COUNT(*) FROM `User` WHERE `Tshirt` = 1');
$result = array_shift($result);
if (empty($result)) {
return 0;
}
function User_tshirts_count() {
return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Tshirt` = 1");
return (int)array_shift($result);
}
/**
* Returns all column names for sorting in an array.
*
* @return array
*/
function User_sortable_columns() {
function User_sortable_columns()
{
return [
'Nick',
'Name',
@ -94,36 +188,60 @@ function User_sortable_columns() {
* Get all users, ordered by Nick by default or by given param.
*
* @param string $order_by
* @return array|false
*/
function Users($order_by = 'Nick') {
return sql_select("SELECT * FROM `User` ORDER BY `" . sql_escape($order_by) . "` ASC");
function Users($order_by = 'Nick')
{
$result = DB::select(sprintf('
SELECT *
FROM `User`
ORDER BY `%s` ASC
',
trim(DB::getPdo()->quote($order_by), '\'')
));
if (DB::getStm()->errorCode() != '00000') {
return false;
}
return $result;
}
/**
* Returns true if user is freeloader
*
* @param User $user
* @param array $user
* @return bool
*/
function User_is_freeloader($user) {
global $max_freeloadable_shifts, $user;
function User_is_freeloader($user)
{
global $user;
return count(ShiftEntries_freeloaded_by_user($user)) >= $max_freeloadable_shifts;
return count(ShiftEntries_freeloaded_by_user($user)) >= config('max_freeloadable_shifts');
}
/**
* Returns all users that are not member of given angeltype.
*
* @param Angeltype $angeltype
* @param array $angeltype Angeltype
* @return array
*/
function Users_by_angeltype_inverted($angeltype) {
$result = sql_select("
function Users_by_angeltype_inverted($angeltype)
{
$result = DB::select('
SELECT `User`.*
FROM `User`
LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "')
LEFT JOIN `UserAngelTypes`
ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`=?)
WHERE `UserAngelTypes`.`id` IS NULL
ORDER BY `Nick`");
if ($result === false) {
engelsystem_error("Unable to load users.");
ORDER BY `Nick`
',
[
$angeltype['id']
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load users.');
}
return $result;
}
@ -131,41 +249,53 @@ function Users_by_angeltype_inverted($angeltype) {
/**
* Returns all members of given angeltype.
*
* @param Angeltype $angeltype
* @param array $angeltype
* @return array
*/
function Users_by_angeltype($angeltype) {
$result = sql_select("
function Users_by_angeltype($angeltype)
{
$result = DB::select('
SELECT
`User`.*,
`UserAngelTypes`.`id` as `user_angeltype_id`,
`UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`,
`UserDriverLicenses`.*
FROM `User`
JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`
LEFT JOIN `UserDriverLicenses` ON `User`.`UID`=`UserDriverLicenses`.`user_id`
WHERE `UserAngelTypes`.`angeltype_id`='" . sql_escape($angeltype['id']) . "'
ORDER BY `Nick`");
if ($result === false) {
engelsystem_error("Unable to load members.");
WHERE `UserAngelTypes`.`angeltype_id`=?
ORDER BY `Nick`
',
[
$angeltype['id']
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load members.');
}
return $result;
}
/**
* Returns User id array
*
* @return array
*/
function User_ids() {
return sql_select("SELECT `UID` FROM `User`");
function User_ids()
{
return DB::select('SELECT `UID` FROM `User`');
}
/**
* Strip unwanted characters from a users nick.
*
* @param string $nick
* @return string
*/
function User_validate_Nick($nick) {
return preg_replace("/([^a-z0-9üöäß. _+*-]{1,})/ui", '', $nick);
function User_validate_Nick($nick)
{
return preg_replace('/([^\wüöäß. +*-]{1,})/ui', '', $nick);
}
/**
@ -175,7 +305,8 @@ function User_validate_Nick($nick) {
* The email address to validate
* @return ValidationResult
*/
function User_validate_mail($mail) {
function User_validate_mail($mail)
{
$mail = strip_item($mail);
return new ValidationResult(check_email($mail), $mail);
}
@ -187,7 +318,8 @@ function User_validate_mail($mail) {
* Jabber-ID to validate
* @return ValidationResult
*/
function User_validate_jabber($jabber) {
function User_validate_jabber($jabber)
{
$jabber = strip_item($jabber);
if ($jabber == '') {
// Empty is ok
@ -199,11 +331,11 @@ function User_validate_jabber($jabber) {
/**
* Validate the planned arrival date
*
* @param int $planned_arrival_date
* Unix timestamp
* @param int $planned_arrival_date Unix timestamp
* @return ValidationResult
*/
function User_validate_planned_arrival_date($planned_arrival_date) {
function User_validate_planned_arrival_date($planned_arrival_date)
{
if ($planned_arrival_date == null) {
// null is not okay
return new ValidationResult(false, time());
@ -233,7 +365,8 @@ function User_validate_planned_arrival_date($planned_arrival_date) {
* Unix timestamp
* @return ValidationResult
*/
function User_validate_planned_departure_date($planned_arrival_date, $planned_departure_date) {
function User_validate_planned_departure_date($planned_arrival_date, $planned_departure_date)
{
if ($planned_departure_date == null) {
// null is okay
return new ValidationResult(true, null);
@ -261,34 +394,43 @@ function User_validate_planned_departure_date($planned_arrival_date, $planned_de
/**
* Returns user by id.
*
* @param $user_id UID
* @param int $user_id UID
* @return array|null
*/
function User($user_id) {
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
if (count($user_source) > 0) {
return $user_source[0];
function User($user_id)
{
$user_source = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user.');
}
if (empty($user_source)) {
return null;
}
return array_shift($user_source);
}
/**
* Returns User by api_key.
*
* @param string $api_key
* User api key
* @return Matching user, null or false on error
* @return array|null Matching user, null on error
*/
function User_by_api_key($api_key) {
$user = sql_select("SELECT * FROM `User` WHERE `api_key`='" . sql_escape($api_key) . "' LIMIT 1");
if ($user === false) {
engelsystem_error("Unable to find user by api key.");
function User_by_api_key($api_key)
{
$user = DB::select('SELECT * FROM `User` WHERE `api_key`=? LIMIT 1', [$api_key]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to find user by api key.');
}
if (count($user) == 0) {
if (empty($user)) {
return null;
}
return $user[0];
}
@ -296,70 +438,110 @@ function User_by_api_key($api_key) {
* Returns User by email.
*
* @param string $email
* @return Matching user, null or false on error
* @return array|null Matching user, null or false on error
*/
function User_by_email($email) {
$user = sql_select("SELECT * FROM `User` WHERE `email`='" . sql_escape($email) . "' LIMIT 1");
if ($user === false) {
engelsystem_error("Unable to load user.");
function User_by_email($email)
{
$user = DB::select('SELECT * FROM `User` WHERE `email`=? LIMIT 1', [$email]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user.');
}
if (count($user) == 0) {
if (empty($user)) {
return null;
}
return $user[0];
return array_shift($user);
}
/**
* Returns User by password token.
*
* @param string $token
* @return Matching user, null or false on error
* @return array|null Matching user, null or false on error
*/
function User_by_password_recovery_token($token) {
$user = sql_select("SELECT * FROM `User` WHERE `password_recovery_token`='" . sql_escape($token) . "' LIMIT 1");
if ($user === false) {
engelsystem_error("Unable to load user.");
function User_by_password_recovery_token($token)
{
$user = DB::select('SELECT * FROM `User` WHERE `password_recovery_token`=? LIMIT 1', [$token]);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to load user.');
}
if (count($user) == 0) {
if (empty($user)) {
return null;
}
return $user[0];
return array_shift($user);
}
/**
* Generates a new api key for given user.
*
* @param User $user
* @param array $user
* @param bool $log
* @return bool
*/
function User_reset_api_key(&$user, $log = true) {
function User_reset_api_key(&$user, $log = true)
{
$user['api_key'] = md5($user['Nick'] . time() . rand());
$result = sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
if ($result === false) {
DB::update('
UPDATE `User`
SET `api_key`=?
WHERE `UID`=?
LIMIT 1
',
[
$user['api_key'],
$user['UID']
]
);
if (DB::getStm()->errorCode() != '00000') {
return false;
}
if ($log) {
engelsystem_log(sprintf("API key resetted (%s).", User_Nick_render($user)));
engelsystem_log(sprintf('API key resetted (%s).', User_Nick_render($user)));
}
return true;
}
/**
* Generates a new password recovery token for given user.
*
* @param User $user
* @param array $user
* @return string
*/
function User_generate_password_recovery_token(&$user) {
function User_generate_password_recovery_token(&$user)
{
$user['password_recovery_token'] = md5($user['Nick'] . time() . rand());
$result = sql_query("UPDATE `User` SET `password_recovery_token`='" . sql_escape($user['password_recovery_token']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
if ($result === false) {
engelsystem_error("Unable to generate password recovery token.");
}
engelsystem_log("Password recovery for " . User_Nick_render($user) . " started.");
DB::update('
UPDATE `User`
SET `password_recovery_token`=?
WHERE `UID`=?
LIMIT 1
',
[
$user['password_recovery_token'],
$user['UID'],
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to generate password recovery token.');
}
engelsystem_log('Password recovery for ' . User_Nick_render($user) . ' started.');
return $user['password_recovery_token'];
}
function User_get_eligable_voucher_count(&$user) {
global $voucher_settings;
/**
* @param array $user
* @return float
*/
function User_get_eligable_voucher_count(&$user)
{
$voucher_settings = config('voucher_settings');
$shifts_done = count(ShiftEntries_finished_by_user($user));
$earned_vouchers = $user['got_voucher'] - $voucher_settings['initial_vouchers'];
@ -370,5 +552,3 @@ function User_get_eligable_voucher_count(&$user) {
return $elegible_vouchers;
}
?>

28
includes/model/ValidationResult.php
Unescape Escape View File

@ -6,37 +6,41 @@ namespace Engelsystem;
* BO that represents the result of an entity attribute validation.
* It contains the validated value and a bool for validation success.
*/
class ValidationResult {
class ValidationResult
{
/** @var bool */
private $valid;
/** @var mixed */
private $value;
/**
* Constructor.
*
* @param boolean $valid
* Is the value valid?
* @param * $value
* The validated value
* @param boolean $valid Is the value valid?
* @param mixed $value The validated value
*/
public function __construct($valid, $value) {
public function __construct($valid, $value)
{
$this->valid = $valid;
$this->value = $value;
}
/**
* Is the value valid?
*
* @return bool
*/
public function isValid() {
public function isValid()
{
return $this->valid;
}
/**
* The parsed/validated value.
*
* @return mixed
*/
public function getValue() {
public function getValue()
{
return $this->value;
}
}
?>

216
includes/mysqli_provider.php
Unescape Escape View File

@ -1,216 +0,0 @@
<?php
/**
* Close connection.
*/
function sql_close() {
global $sql_connection;
return $sql_connection->close();
}
/**
* Return NULL if given value is null.
*/
function sql_null($value = null) {
return $value == null ? 'NULL' : ("'" . sql_escape($value) . "'");
}
/**
* Start new transaction.
*/
function sql_transaction_start() {
global $sql_nested_transaction_level;
if ($sql_nested_transaction_level ++ == 0) {
return sql_query("BEGIN");
}
return true;
}
/**
* Commit transaction.
*/
function sql_transaction_commit() {
global $sql_nested_transaction_level;
if (-- $sql_nested_transaction_level == 0) {
return sql_query("COMMIT");
}
return true;
}
/**
* Stop transaction, revert database.
*/
function sql_transaction_rollback() {
global $sql_nested_transaction_level;
if (-- $sql_nested_transaction_level == 0) {
return sql_query("ROLLBACK");
}
return true;
}
/**
* Logs an sql error.
*
* @param string $message
* @return false
*/
function sql_error($message) {
sql_close();
$message = trim($message) . "\n";
$message .= debug_string_backtrace() . "\n";
error_log('mysql_provider error: ' . $message);
return false;
}
/**
* Connect to mysql server.
*
* @param string $host
* Host
* @param string $user
* Username
* @param string $pass
* Password
* @param string $db_name
* DB to select
* @return mysqli The connection handler
*/
function sql_connect($host, $user, $pass, $db_name) {
global $sql_connection;
$sql_connection = new mysqli($host, $user, $pass, $db_name);
if ($sql_connection->connect_errno) {
error("Unable to connect to MySQL: " . $sql_connection->connect_error);
return sql_error("Unable to connect to MySQL: " . $sql_connection->connect_error);
}
$result = $sql_connection->query("SET CHARACTER SET utf8;");
if (! $result) {
return sql_error("Unable to set utf8 character set (" . $sql_connection->errno . ") " . $sql_connection->error);
}
$result = $sql_connection->set_charset('utf8');
if (! $result) {
return sql_error("Unable to set utf8 names (" . $sql_connection->errno . ") " . $sql_connection->error);
}
return $sql_connection;
}
/**
* Change the selected db in current mysql-connection.
*
* @param
* $db_name
* @return bool true on success, false on error
*/
function sql_select_db($db_name) {
global $sql_connection;
if (! $sql_connection->select_db($db_name)) {
return sql_error("No database selected.");
}
return true;
}
/**
* MySQL SELECT query
*
* @param string $query
* @return Result array or false on error
*/
function sql_select($query) {
global $sql_connection;
// echo $query . ";\n";
// echo debug_string_backtrace() . "\n";
$result = $sql_connection->query($query);
if ($result) {
$data = [];
while ($line = $result->fetch_assoc()) {
array_push($data, $line);
}
return $data;
}
return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
}
/**
* MySQL execute a query
*
* @param string $query
* @return mysqli_result boolean resource or false on error
*/
function sql_query($query) {
global $sql_connection;
$result = $sql_connection->query($query);
if ($result) {
return $result;
}
return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
}
/**
* Returns last inserted id.
*
* @return int
*/
function sql_id() {
global $sql_connection;
return $sql_connection->insert_id;
}
/**
* Escape a string for a sql query.
*
* @param string $query
* @return string
*/
function sql_escape($query) {
global $sql_connection;
return $sql_connection->real_escape_string($query);
}
/**
* Convert a boolean for mysql-queries.
*
* @param boolean $boolean
* @return string
*/
function sql_bool($boolean) {
return $boolean == true ? 'TRUE' : 'FALSE';
}
/**
* Count query result lines.
*
* @param string $query
* @return int Count of result lines
*/
function sql_num_query($query) {
return sql_query($query)->num_rows;
}
function sql_select_single_col($query) {
$result = sql_select($query);
return array_map('array_shift', $result);
}
function sql_select_single_cell($query) {
return array_shift(array_shift(sql_select($query)));
}
?>

228
includes/pages/admin_active.php
Unescape Escape View File

@ -1,18 +1,29 @@
<?php
function admin_active_title() {
return _("Active angels");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_active_title()
{
return _('Active angels');
}
function admin_active() {
global $tshirt_sizes, $shift_sum_formula;
/**
* @return string
*/
function admin_active()
{
$tshirt_sizes = config('tshirt_sizes');
$shift_sum_formula = config('shift_sum_formula');
$msg = "";
$search = "";
$forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1");
$msg = '';
$search = '';
$forced_count = count(DB::select('SELECT `UID` FROM `User` WHERE `force_active`=1'));
$count = $forced_count;
$limit = "";
$set_active = "";
$limit = '';
$set_active = '';
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
@ -23,99 +34,124 @@ function admin_active() {
if (isset($_REQUEST['set_active'])) {
$valid = true;
if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) {
if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) {
$count = strip_request_item('count');
if ($count < $forced_count) {
error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count));
error(sprintf(
_('At least %s angels are forced to be active. The number has to be greater.'),
$forced_count
));
redirect(page_link_to('admin_active'));
}
} else {
$valid = false;
$msg .= error(_("Please enter a number of angels to be marked as active."), true);
$msg .= error(_('Please enter a number of angels to be marked as active.'), true);
}
if ($valid) {
$limit = " LIMIT " . $count;
$limit = ' LIMIT ' . $count;
}
if (isset($_REQUEST['ack'])) {
sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
$users = sql_select("
SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, $shift_sum_formula as `shift_length`
DB::update('UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0');
$users = DB::select(sprintf('
SELECT
`User`.*,
COUNT(`ShiftEntry`.`id`) AS `shift_count`,
%s AS `shift_length`
FROM `User`
LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID`
WHERE `User`.`Gekommen` = 1 AND `User`.`force_active`=0
WHERE `User`.`Gekommen` = 1
AND `User`.`force_active`=0
GROUP BY `User`.`UID`
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
ORDER BY `force_active` DESC, `shift_length` DESC
%s
',
$shift_sum_formula,
$limit
));
$user_nicks = [];
foreach ($users as $usr) {
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'");
DB::update('UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=?', [$usr['UID']]);
$user_nicks[] = User_Nick_render($usr);
}
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE");
engelsystem_log("These angels are active now: " . join(", ", $user_nicks));
DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE');
engelsystem_log('These angels are active now: ' . join(', ', $user_nicks));
$limit = "";
$msg = success(_("Marked angels."), true);
$limit = '';
$msg = success(_('Marked angels.'), true);
} else {
$set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">' . _("apply") . '</a>';
$set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; '
. _('back') . '</a> | <a href="'
. page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">'
. _('apply')
. '</a>';
}
}
if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) {
$user_id = $_REQUEST['active'];
$user_source = User($user_id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
$msg = success(_("Angel has been marked as active."), true);
DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
engelsystem_log('User ' . User_Nick_render($user_source) . ' is active now.');
$msg = success(_('Angel has been marked as active.'), true);
} else {
$msg = error(_("Angel not found."), true);
$msg = error(_('Angel not found.'), true);
}
} elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
} elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) {
$user_id = $_REQUEST['not_active'];
$user_source = User($user_id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
$msg = success(_("Angel has been marked as not active."), true);
DB::update('UPDATE `User` SET `Aktiv`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
engelsystem_log('User ' . User_Nick_render($user_source) . ' is NOT active now.');
$msg = success(_('Angel has been marked as not active.'), true);
} else {
$msg = error(_("Angel not found."), true);
$msg = error(_('Angel not found.'), true);
}
} elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
} elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) {
$user_id = $_REQUEST['tshirt'];
$user_source = User($user_id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
$msg = success(_("Angel has got a t-shirt."), true);
DB::update('UPDATE `User` SET `Tshirt`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
engelsystem_log('User ' . User_Nick_render($user_source) . ' has tshirt now.');
$msg = success(_('Angel has got a t-shirt.'), true);
} else {
$msg = error("Angel not found.", true);
$msg = error('Angel not found.', true);
}
} elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
} elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) {
$user_id = $_REQUEST['not_tshirt'];
$user_source = User($user_id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
$msg = success(_("Angel has got no t-shirt."), true);
DB::update('UPDATE `User` SET `Tshirt`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
engelsystem_log('User ' . User_Nick_render($user_source) . ' has NO tshirt.');
$msg = success(_('Angel has got no t-shirt.'), true);
} else {
$msg = error(_("Angel not found."), true);
$msg = error(_('Angel not found.'), true);
}
}
$users = sql_select("
SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length`
$users = DB::select(sprintf('
SELECT
`User`.*,
COUNT(`ShiftEntry`.`id`) AS `shift_count`,
%s AS `shift_length`
FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` " . ($show_all_shifts ? "" : "AND (`Shifts`.`end` < " . time() . " OR `Shifts`.`end` IS NULL)") . "
LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` '
. ($show_all_shifts ? '' : 'AND (`Shifts`.`end` < ' . time() . " OR `Shifts`.`end` IS NULL)") . '
WHERE `User`.`Gekommen` = 1
GROUP BY `User`.`UID`
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
ORDER BY `force_active` DESC, `shift_length` DESC
%s
',
$shift_sum_formula,
$limit
));
$matched_users = [];
if ($search == "") {
if ($search == '') {
$tokens = [];
} else {
$tokens = explode(" ", $search);
$tokens = explode(' ', $search);
}
foreach ($users as &$usr) {
if (count($tokens) > 0) {
@ -139,14 +175,30 @@ function admin_active() {
$actions = [];
if ($usr['Aktiv'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("set active") . '</a>';
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;active=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
. _('set active')
. '</a>';
}
if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove active") . '</a>';
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>';
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;not_active=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
. _('remove active')
. '</a>';
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
. _('got t-shirt')
. '</a>';
}
if ($usr['Tshirt'] == 1) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>';
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
. _('remove t-shirt')
. '</a>';
}
$usr['actions'] = join(' ', $actions);
@ -156,47 +208,65 @@ function admin_active() {
$shirt_statistics = [];
foreach (array_keys($tshirt_sizes) as $size) {
if ($size != '') {
if (!empty($size)) {
$sc = DB::select(
'SELECT count(*) FROM `User` WHERE `Size`=? AND `Gekommen`=1',
[$size]
);
$sc = array_shift($sc);
$sc = array_shift($sc);
$gc = DB::select(
'SELECT count(*) FROM `User` WHERE `Size`=? AND `Tshirt`=1',
[$size]
);
$gc = array_shift($gc);
$gc = array_shift($gc);
$shirt_statistics[] = [
'size' => $size,
'needed' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Gekommen`=1"),
'given' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Tshirt`=1")
'needed' => (int)$sc,
'given' => (int)$gc
];
}
}
$uc = DB::select('SELECT count(*) FROM `User` WHERE `Tshirt`=1');
$uc = array_shift($uc);
$uc = array_shift($uc);
$shirt_statistics[] = [
'size' => '<b>' . _("Sum") . '</b>',
'size' => '<b>' . _('Sum') . '</b>',
'needed' => '<b>' . User_arrived_count() . '</b>',
'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>'
'given' => '<b>' . (int)$uc . '</b>'
];
return page_with_title(admin_active_title(), [
form([
form_text('search', _("Search angel:"), $search),
form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts),
form_submit('submit', _("Search"))
form_text('search', _('Search angel:'), $search),
form_checkbox('show_all_shifts', _('Show all shifts'), $show_all_shifts),
form_submit('submit', _('Search'))
], page_link_to('admin_active')),
$set_active == "" ? form([
form_text('count', _("How much angels should be active?"), $count),
form_submit('set_active', _("Preview"))
$set_active == '' ? form([
form_text('count', _('How much angels should be active?'), $count),
form_submit('set_active', _('Preview'))
]) : $set_active,
msg(),
$msg . msg(),
table([
'nick' => _("Nickname"),
'shirt_size' => _("Size"),
'shift_count' => _("Shifts"),
'work_time' => _("Length"),
'active' => _("Active?"),
'force_active' => _("Forced"),
'tshirt' => _("T-shirt?"),
'actions' => ""
'nick' => _('Nickname'),
'shirt_size' => _('Size'),
'shift_count' => _('Shifts'),
'work_time' => _('Length'),
'active' => _('Active?'),
'force_active' => _('Forced'),
'tshirt' => _('T-shirt?'),
'actions' => ''
], $matched_users),
'<h2>' . _("Shirt statistics") . '</h2>',
'<h2>' . _('Shirt statistics') . '</h2>',
table([
'size' => _("Size"),
'needed' => _("Needed shirts"),
'given' => _("Given shirts")
'size' => _('Size'),
'needed' => _('Needed shirts'),
'given' => _('Given shirts')
], $shirt_statistics)
]);
}
?>

121
includes/pages/admin_arrive.php
Unescape Escape View File

@ -1,54 +1,74 @@
<?php
function admin_arrive_title() {
return _("Arrived angels");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_arrive_title()
{
return _('Arrived angels');
}
function admin_arrive() {
$msg = "";
$search = "";
/**
* @return string
*/
function admin_arrive()
{
$msg = '';
$search = '';
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) {
$user_id = $_REQUEST['reset'];
$user_source = User($user_id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
success(_("Reset done. Angel has not arrived."));
DB::update('
UPDATE `User`
SET `Gekommen`=0, `arrival_date` = NULL
WHERE `UID`=?
LIMIT 1
', [$user_id]);
engelsystem_log('User set to not arrived: ' . User_Nick_render($user_source));
success(_('Reset done. Angel has not arrived.'));
redirect(user_link($user_source));
} else {
$msg = error(_("Angel not found."), true);
$msg = error(_('Angel not found.'), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
} elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) {
$user_id = $_REQUEST['arrived'];
$user_source = User($user_id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
success(_("Angel has been marked as arrived."));
DB::update('
UPDATE `User`
SET `Gekommen`=1, `arrival_date`=?
WHERE `UID`=?
LIMIT 1
', [time(), $user_id]);
engelsystem_log('User set has arrived: ' . User_Nick_render($user_source));
success(_('Angel has been marked as arrived.'));
redirect(user_link($user_source));
} else {
$msg = error(_("Angel not found."), true);
$msg = error(_('Angel not found.'), true);
}
}
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
$users = DB::select('SELECT * FROM `User` ORDER BY `Nick`');
$arrival_count_at_day = [];
$planned_arrival_count_at_day = [];
$planned_departure_count_at_day = [];
$users_matched = [];
if ($search == "") {
if ($search == '') {
$tokens = [];
} else {
$tokens = explode(" ", $search);
$tokens = explode(' ', $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join(" ", $usr);
$index = join(' ', $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
@ -67,9 +87,11 @@ function admin_arrive() {
$usr['rendered_planned_departure_date'] = '-';
}
$usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
$usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
$usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>';
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-';
$usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : '';
$usr['actions'] = $usr['Gekommen'] == 1
? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _('reset') . '</a>'
: '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _('arrived') . '</a>';
if ($usr['arrival_date'] > 0) {
$day = date('Y-m-d', $usr['arrival_date']);
@ -136,66 +158,65 @@ function admin_arrive() {
}
return page_with_title(admin_arrive_title(), [
msg(),
$msg . msg(),
form([
form_text('search', _("Search"), $search),
form_submit('submit', _("Search"))
form_text('search', _('Search'), $search),
form_submit('submit', _('Search'))
]),
table([
'nick' => _("Nickname"),
'rendered_planned_arrival_date' => _("Planned arrival"),
'arrived' => _("Arrived?"),
'rendered_arrival_date' => _("Arrival date"),
'rendered_planned_departure_date' => _("Planned departure"),
'actions' => ""
'nick' => _('Nickname'),
'rendered_planned_arrival_date' => _('Planned arrival'),
'arrived' => _('Arrived?'),
'rendered_arrival_date' => _('Arrival date'),
'rendered_planned_departure_date' => _('Planned departure'),
'actions' => ''
], $users_matched),
div('row', [
div('col-md-4', [
heading(_("Planned arrival statistics"), 2),
heading(_('Planned arrival statistics'), 2),
bargraph('planned_arrives', 'day', [
'count' => _("arrived"),
'sum' => _("arrived sum")
'count' => _('arrived'),
'sum' => _('arrived sum')
], [
'count' => '#090',
'sum' => '#888'
], $planned_arrival_at_day),
table([
'day' => _("Date"),
'count' => _("Count"),
'sum' => _("Sum")
'day' => _('Date'),
'count' => _('Count'),
'sum' => _('Sum')
], $planned_arrival_at_day)
]),
div('col-md-4', [
heading(_("Arrival statistics"), 2),
heading(_('Arrival statistics'), 2),
bargraph('arrives', 'day', [
'count' => _("arrived"),
'sum' => _("arrived sum")
'count' => _('arrived'),
'sum' => _('arrived sum')
], [
'count' => '#090',
'sum' => '#888'
], $arrival_at_day),
table([
'day' => _("Date"),
'count' => _("Count"),
'sum' => _("Sum")
'day' => _('Date'),
'count' => _('Count'),
'sum' => _('Sum')
], $arrival_at_day)
]),
div('col-md-4', [
heading(_("Planned departure statistics"), 2),
heading(_('Planned departure statistics'), 2),
bargraph('planned_departures', 'day', [
'count' => _("arrived"),
'sum' => _("arrived sum")
'count' => _('arrived'),
'sum' => _('arrived sum')
], [
'count' => '#090',
'sum' => '#888'
], $planned_departure_at_day),
table([
'day' => _("Date"),
'count' => _("Count"),
'sum' => _("Sum")
'day' => _('Date'),
'count' => _('Count'),
'sum' => _('Sum')
], $planned_departure_at_day)
])
])
]);
}
?>

80
includes/pages/admin_free.php
Unescape Escape View File

@ -1,29 +1,41 @@
<?php
function admin_free_title() {
return _("Free angels");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_free_title()
{
return _('Free angels');
}
function admin_free() {
/**
* @return string
*/
function admin_free()
{
global $privileges;
$search = "";
$search = '';
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
$angeltypesearch = "";
$angelTypeSearch = '';
if (empty($_REQUEST['angeltype'])) {
$_REQUEST['angeltype'] = '';
} else {
$angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`";
$angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '
. DB::getPdo()->quote($_REQUEST['angeltype'])
. ' AND `UserAngelTypes`.`user_id` = `User`.`UID`';
if (isset($_REQUEST['confirmed_only'])) {
$angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`";
$angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`';
}
$angeltypesearch .= ") ";
$angelTypeSearch .= ') ';
}
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$angel_types_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`');
$angel_types = [
'' => 'alle Typen'
];
@ -31,26 +43,38 @@ function admin_free() {
$angel_types[$angel_type['id']] = $angel_type['name'];
}
$users = sql_select("
$users = DB::select('
SELECT `User`.*
FROM `User`
${angeltypesearch}
' . $angelTypeSearch . '
LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "')
WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL
LEFT JOIN `Shifts`
ON (
`ShiftEntry`.`SID` = `Shifts`.`SID`
AND `Shifts`.`start` < ?
AND `Shifts`.`end` > ?
)
WHERE `User`.`Gekommen` = 1
AND `Shifts`.`SID` IS NULL
GROUP BY `User`.`UID`
ORDER BY `Nick`");
ORDER BY `Nick`
',
[
time(),
time(),
]
);
$free_users_table = [];
if ($search == "") {
if ($search == '') {
$tokens = [];
} else {
$tokens = explode(" ", $search);
$tokens = explode(' ', $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join("", $usr);
$index = join('', $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
@ -68,34 +92,36 @@ function admin_free() {
'dect' => $usr['DECT'],
'jabber' => $usr['jabber'],
'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'),
'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs') : ''
'actions' =>
in_array('admin_user', $privileges)
? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _('edit'), 'btn-xs')
: ''
];
}
return page_with_title(admin_free_title(), [
form([
div('row', [
div('col-md-4', [
form_text('search', _("Search"), $search)
form_text('search', _('Search'), $search)
]),
div('col-md-4', [
form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype'])
form_select('angeltype', _('Angeltype'), $angel_types, $_REQUEST['angeltype'])
]),
div('col-md-2', [
form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only']))
form_checkbox('confirmed_only', _('Only confirmed'), isset($_REQUEST['confirmed_only']))
]),
div('col-md-2', [
form_submit('submit', _("Search"))
form_submit('submit', _('Search'))
])
])
]),
table([
'name' => _("Nick"),
'name' => _('Nick'),
'shift_state' => '',
'dect' => _("DECT"),
'jabber' => _("Jabber"),
'email' => _("E-Mail"),
'dect' => _('DECT'),
'jabber' => _('Jabber'),
'email' => _('E-Mail'),
'actions' => ''
], $free_users_table)
]);
}
?>

131
includes/pages/admin_groups.php
Unescape Escape View File

@ -1,97 +1,144 @@
<?php
function admin_groups_title() {
return _("Grouprights");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_groups_title()
{
return _('Grouprights');
}
function admin_groups() {
$html = "";
$groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
if (! isset($_REQUEST["action"])) {
/**
* @return string
*/
function admin_groups()
{
$html = '';
$groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`');
if (!isset($_REQUEST['action'])) {
$groups_table = [];
foreach ($groups as $group) {
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
$privileges = DB::select('
SELECT `name`
FROM `GroupPrivileges`
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `group_id`=?
', [$group['UID']]);
$privileges_html = [];
foreach ($privileges as $priv) {
$privileges_html[] = $priv['name'];
foreach ($privileges as $privilege) {
$privileges_html[] = $privilege['name'];
}
$groups_table[] = [
'name' => $group['Name'],
'privileges' => join(', ', $privileges_html),
'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs')
'actions' => button(
page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'],
_('edit'),
'btn-xs'
)
];
}
return page_with_title(admin_groups_title(), [
table([
'name' => _("Name"),
'privileges' => _("Privileges"),
'name' => _('Name'),
'privileges' => _('Privileges'),
'actions' => ''
], $groups_table)
]);
} else {
switch ($_REQUEST["action"]) {
switch ($_REQUEST['action']) {
case 'edit':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
$group_id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Groups ID.", true);
return error('Incomplete call, missing Groups ID.', true);
}
$group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
if (count($group) > 0) {
list($group) = $group;
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`");
$privileges_html = "";
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
if (!empty($group)) {
$privileges = DB::select('
SELECT `Privileges`.*, `GroupPrivileges`.`group_id`
FROM `Privileges`
LEFT OUTER JOIN `GroupPrivileges`
ON (
`Privileges`.`id` = `GroupPrivileges`.`privilege_id`
AND `GroupPrivileges`.`group_id`=?
)
ORDER BY `Privileges`.`name`
', [$group_id]);
$privileges_html = '';
$privileges_form = [];
foreach ($privileges as $priv) {
$privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']);
$privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']);
foreach ($privileges as $privilege) {
$privileges_form[] = form_checkbox(
'privileges[]',
$privilege['desc'] . ' (' . $privilege['name'] . ')',
$privilege['group_id'] != '',
$privilege['id']
);
$privileges_html .= sprintf(
'<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>',
$privilege['id'],
($privilege['group_id'] != '' ? 'checked="checked"' : ''),
$privilege['name'],
$privilege['desc']
);
}
$privileges_form[] = form_submit('submit', _("Save"));
$html .= page_with_title(_("Edit group"), [
$privileges_form[] = form_submit('submit', _('Save'));
$html .= page_with_title(_('Edit group'), [
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id)
]);
} else {
return error("No Group found.", true);
return error('No Group found.', true);
}
break;
case 'save':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
$group_id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Groups ID.", true);
return error('Incomplete call, missing Groups ID.', true);
}
$group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
if (!is_array($_REQUEST['privileges'])) {
$_REQUEST['privileges'] = [];
}
if (count($group) > 0) {
list($group) = $group;
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'");
if (!empty($group)) {
$group = array_shift($group);
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
$privilege_names = [];
foreach ($_REQUEST['privileges'] as $priv) {
if (preg_match("/^[0-9]{1,}$/", $priv)) {
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
if (count($group_privileges_source) > 0) {
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'");
$privilege_names[] = $group_privileges_source[0]['name'];
foreach ($_REQUEST['privileges'] as $privilege) {
if (preg_match('/^\d{1,}$/', $privilege)) {
$group_privileges_source = DB::select(
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
[$privilege]
);
if (!empty($group_privileges_source)) {
$group_privileges_source = array_shift($group_privileges_source);
DB::insert(
'INSERT INTO `GroupPrivileges` (`group_id`, `privilege_id`) VALUES (?, ?)',
[$group_id, $privilege]
);
$privilege_names[] = $group_privileges_source['name'];
}
}
}
engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names));
redirect(page_link_to("admin_groups"));
engelsystem_log(
'Group privileges of group ' . $group['Name']
. ' edited: ' . join(', ', $privilege_names)
);
redirect(page_link_to('admin_groups'));
} else {
return error("No Group found.", true);
return error('No Group found.', true);
}
break;
}
}
return $html;
}
?>

223
includes/pages/admin_import.php
Unescape Escape View File

@ -1,21 +1,34 @@
<?php
function admin_import_title() {
return _("Frab import");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_import_title()
{
return _('Frab import');
}
function admin_import() {
/**
* @return string
*/
function admin_import()
{
global $rooms_import;
global $user;
$html = "";
$html = '';
$import_dir = __DIR__ . '/../../import';
$step = "input";
if (isset($_REQUEST['step']) && in_array($step, [
$step = 'input';
if (
isset($_REQUEST['step'])
&& in_array($step, [
'input',
'check',
'import'
])) {
])
) {
$step = $_REQUEST['step'];
}
@ -58,14 +71,14 @@ function admin_import() {
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
} else {
$valid = false;
error(_("Please enter an amount of minutes to add to a talk's begin."));
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
}
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
} else {
$valid = false;
error(_("Please enter an amount of minutes to add to a talk's end."));
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
}
if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
@ -87,19 +100,27 @@ function admin_import() {
}
if ($valid) {
redirect(page_link_to('admin_import') . "&step=check&shifttype_id=" . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
redirect(
page_link_to('admin_import')
. '&step=check&shifttype_id=' . $shifttype_id
. '&add_minutes_end=' . $add_minutes_end
. '&add_minutes_start=' . $add_minutes_start
);
} else {
$html .= div('well well-sm text-center', [
_('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import'))
]) . div('row', [
div('col-md-offset-3 col-md-6', [
form([
form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")),
form_info(
'',
_('This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.')
),
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start),
form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end),
form_file('xcal_file', _("xcal-File (.xcal)")),
form_submit('submit', _("Import"))
form_spinner('add_minutes_start', _('Add minutes to start'), $add_minutes_start),
form_spinner('add_minutes_end', _('Add minutes to end'), $add_minutes_end),
form_file('xcal_file', _('xcal-File (.xcal)')),
form_submit('submit', _('Import'))
])
])
]);
@ -122,62 +143,78 @@ function admin_import() {
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
} else {
error(_("Please enter an amount of minutes to add to a talk's begin."));
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
} else {
error(_("Please enter an amount of minutes to add to a talk's end."));
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
redirect(page_link_to('admin_import'));
}
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
$html .= div('well well-sm text-center', [
'<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import'))
]) . form([
list($events_new, $events_updated, $events_deleted) = prepare_events(
$import_file,
$shifttype_id,
$add_minutes_start,
$add_minutes_end
);
$html .= div(
'well well-sm text-center',
[
'<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>'
. mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import'))
]
)
. form(
[
div('row', [
div('col-sm-6', [
'<h3>' . _("Rooms to create") . '</h3>',
table(_("Name"), $rooms_new)
'<h3>' . _('Rooms to create') . '</h3>',
table(_('Name'), $rooms_new)
]),
div('col-sm-6', [
'<h3>' . _("Rooms to delete") . '</h3>',
table(_("Name"), $rooms_deleted)
'<h3>' . _('Rooms to delete') . '</h3>',
table(_('Name'), $rooms_deleted)
])
]),
'<h3>' . _("Shifts to create") . '</h3>',
'<h3>' . _('Shifts to create') . '</h3>',
table([
'day' => _("Day"),
'start' => _("Start"),
'end' => _("End"),
'day' => _('Day'),
'start' => _('Start'),
'end' => _('End'),
'shifttype' => _('Shift type'),
'title' => _("Title"),
'room' => _("Room")
'title' => _('Title'),
'room' => _('Room')
], shifts_printable($events_new, $shifttypes)),
'<h3>' . _("Shifts to update") . '</h3>',
'<h3>' . _('Shifts to update') . '</h3>',
table([
'day' => _("Day"),
'start' => _("Start"),
'end' => _("End"),
'day' => _('Day'),
'start' => _('Start'),
'end' => _('End'),
'shifttype' => _('Shift type'),
'title' => _("Title"),
'room' => _("Room")
'title' => _('Title'),
'room' => _('Room')
], shifts_printable($events_updated, $shifttypes)),
'<h3>' . _("Shifts to delete") . '</h3>',
'<h3>' . _('Shifts to delete') . '</h3>',
table([
'day' => _("Day"),
'start' => _("Start"),
'end' => _("End"),
'day' => _('Day'),
'start' => _('Start'),
'end' => _('End'),
'shifttype' => _('Shift type'),
'title' => _("Title"),
'room' => _("Room")
'title' => _('Title'),
'room' => _('Room')
], shifts_printable($events_deleted, $shifttypes)),
form_submit('submit', _("Import"))
], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
form_submit('submit', _('Import'))
],
page_link_to('admin_import')
. '&step=import&shifttype_id=' . $shifttype_id
. '&add_minutes_end=' . $add_minutes_end
. '&add_minutes_start=' . $add_minutes_start
);
break;
case 'import':
@ -200,14 +237,14 @@ function admin_import() {
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
} else {
error(_("Please enter an amount of minutes to add to a talk's begin."));
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
} else {
error(_("Please enter an amount of minutes to add to a talk's end."));
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
redirect(page_link_to('admin_import'));
}
@ -217,13 +254,18 @@ function admin_import() {
if ($result === false) {
engelsystem_error('Unable to create room.');
}
$rooms_import[trim($room)] = sql_id();
$rooms_import[trim($room)] = $result;
}
foreach ($rooms_deleted as $room) {
sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
DB::delete('DELETE FROM `Room` WHERE `Name`=? LIMIT 1', [$room]);
}
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
list($events_new, $events_updated, $events_deleted) = prepare_events(
$import_file,
$shifttype_id,
$add_minutes_start,
$add_minutes_end
);
foreach ($events_new as $event) {
$result = Shift_create($event);
if ($result === false) {
@ -245,13 +287,17 @@ function admin_import() {
}
}
engelsystem_log("Frab import done");
engelsystem_log('Frab import done');
unlink($import_file);
$html .= div('well well-sm text-center', [
'<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>'
]) . success(_("It's done!"), true);
'<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>'
. mute(glyph('arrow-right'))
. '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>'
. mute(glyph('arrow-right'))
. '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>'
]) . success(_('It\'s done!'), true);
break;
default:
redirect(page_link_to('admin_import'));
@ -263,16 +309,21 @@ function admin_import() {
]);
}
function prepare_rooms($file) {
/**
* @param string $file
* @return array
*/
function prepare_rooms($file)
{
global $rooms_import;
$data = read_xml($file);
// Load rooms from db for compare with input
$rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'");
$rooms = DB::select('SELECT `Name`, `RID` FROM `Room` WHERE `FromPentabarf`=\'Y\'');
$rooms_db = [];
$rooms_import = [];
foreach ($rooms as $room) {
$rooms_db[] = (string) $room['Name'];
$rooms_db[] = $room['Name'];
$rooms_import[$room['Name']] = $room['RID'];
}
@ -295,11 +346,19 @@ function prepare_rooms($file) {
];
}
function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) {
/**
* @param string $file
* @param int $shifttype_id
* @param int $add_minutes_start
* @param int $add_minutes_end
* @return array
*/
function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end)
{
global $rooms_import;
$data = read_xml($file);
$rooms = sql_select("SELECT * FROM `Room`");
$rooms = Rooms(true);
$rooms_db = [];
foreach ($rooms as $room) {
$rooms_db[$room['Name']] = $room['RID'];
@ -308,9 +367,8 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
$events = $data->vcalendar->vevent;
$shifts_pb = [];
foreach ($events as $event) {
$event_pb = $event->children("http://pentabarf.org");
$event_id = trim($event_pb->{
'event-id' });
$event_pb = $event->children('http://pentabarf.org');
$event_id = trim($event_pb->{'event-id'});
$shifts_pb[$event_id] = [
'shifttype_id' => $shifttype_id,
'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60,
@ -322,7 +380,7 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
];
}
$shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`");
$shifts = DB::select('SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`');
$shifts_db = [];
foreach ($shifts as $shift) {
$shifts_db[$shift['PSID']] = $shift;
@ -335,7 +393,14 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
$shifts_new[] = $shift;
} else {
$tmp = $shifts_db[$shift['PSID']];
if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL']) {
if (
$shift['shifttype_id'] != $tmp['shifttype_id']
|| $shift['title'] != $tmp['title']
|| $shift['start'] != $tmp['start']
|| $shift['end'] != $tmp['end']
|| $shift['RID'] != $tmp['RID']
|| $shift['URL'] != $tmp['URL']
) {
$shifts_updated[] = $shift;
}
}
@ -355,7 +420,12 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
];
}
function read_xml($file) {
/**
* @param string $file
* @return SimpleXMLElement
*/
function read_xml($file)
{
global $xml_import;
if (!isset($xml_import)) {
$xml_import = simplexml_load_file($file);
@ -363,7 +433,13 @@ function read_xml($file) {
return $xml_import;
}
function shifts_printable($shifts, $shifttypes) {
/**
* @param array $shifts
* @param array $shifttypes
* @return array
*/
function shifts_printable($shifts, $shifttypes)
{
global $rooms_import;
$rooms = array_flip($rooms_import);
@ -372,21 +448,26 @@ function shifts_printable($shifts, $shifttypes) {
$shifts_printable = [];
foreach ($shifts as $shift) {
$shifts_printable[] = [
'day' => date("l, Y-m-d", $shift['start']),
'start' => date("H:i", $shift['start']),
'day' => date('l, Y-m-d', $shift['start']),
'start' => date('H:i', $shift['start']),
'shifttype' => ShiftType_name_render([
'id' => $shift['shifttype_id'],
'name' => $shifttypes[$shift['shifttype_id']]
]),
'title' => shorten($shift['title']),
'end' => date("H:i", $shift['end']),
'end' => date('H:i', $shift['end']),
'room' => $rooms[$shift['RID']]
];
}
return $shifts_printable;
}
function shift_sort($shift_a, $shift_b) {
/**
* @param array $shift_a
* @param array $shift_b
* @return int
*/
function shift_sort($shift_a, $shift_b)
{
return ($shift_a['start'] < $shift_b['start']) ? -1 : 1;
}
?>

29
includes/pages/admin_log.php
Unescape Escape View File

@ -1,11 +1,19 @@
<?php
function admin_log_title() {
return _("Log");
/**
* @return string
*/
function admin_log_title()
{
return _('Log');
}
function admin_log() {
$filter = "";
/**
* @return string
*/
function admin_log()
{
$filter = '';
if (isset($_REQUEST['keyword'])) {
$filter = strip_request_item('keyword');
}
@ -13,21 +21,20 @@ function admin_log() {
$log_entries = [];
foreach ($log_entries_source as $log_entry) {
$log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']);
$log_entry['date'] = date('d.m.Y H:i', $log_entry['timestamp']);
$log_entries[] = $log_entry;
}
return page_with_title(admin_log_title(), [
msg(),
form([
form_text('keyword', _("Search"), $filter),
form_submit(_("Search"), "Go")
form_text('keyword', _('Search'), $filter),
form_submit(_('Search'), 'Go')
]),
table([
'date' => "Time",
'nick' => "Angel",
'message' => "Log Entry"
'date' => 'Time',
'nick' => 'Angel',
'message' => 'Log Entry'
], $log_entries)
]);
}
?>

93
includes/pages/admin_news.php
Unescape Escape View File

@ -1,67 +1,82 @@
<?php
function admin_news() {
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_news()
{
global $user;
if (! isset($_GET["action"])) {
redirect(page_link_to("news"));
if (!isset($_GET['action'])) {
redirect(page_link_to('news'));
}
$html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg();
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$news_id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing News ID.", true);
return error('Incomplete call, missing News ID.', true);
}
$news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1");
$news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$news_id]);
if (empty($news)) {
return error("No News found.", true);
return error('No News found.', true);
}
switch ($_REQUEST["action"]) {
default:
redirect(page_link_to('news'));
case 'edit':
list($news) = $news;
switch ($_REQUEST['action']) {
case 'edit':
$news = array_shift($news);
$user_source = User($news['UID']);
$html .= form([
form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])),
form_info(_("Author"), User_Nick_render($user_source)),
form_text('eBetreff', _("Subject"), $news['Betreff']),
form_textarea('eText', _("Message"), $news['Text']),
form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1),
form_submit('submit', _("Save"))
form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])),
form_info(_('Author'), User_Nick_render($user_source)),
form_text('eBetreff', _('Subject'), $news['Betreff']),
form_textarea('eText', _('Message'), $news['Text']),
form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1),
form_submit('submit', _('Save'))
], page_link_to('admin_news&action=save&id=' . $news_id));
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">'
. '<span class="glyphicon glyphicon-trash"></span> ' . _('Delete')
. '</a>';
break;
case 'save':
list($news) = $news;
sql_query("UPDATE `News` SET
`Datum`='" . sql_escape(time()) . "',
`Betreff`='" . sql_escape($_POST["eBetreff"]) . "',
`Text`='" . sql_escape($_POST["eText"]) . "',
`UID`='" . sql_escape($user['UID']) . "',
`Treffen`='" . sql_escape($_POST["eTreffen"]) . "'
WHERE `ID`='" . sql_escape($news_id) . "'");
engelsystem_log("News updated: " . $_POST["eBetreff"]);
success(_("News entry updated."));
redirect(page_link_to("news"));
DB::update('
UPDATE `News` SET
`Datum`=?,
`Betreff`=?,
`Text`=?,
`UID`=?,
`Treffen`=?
WHERE `ID`=?
',
[
time(),
$_POST["eBetreff"],
$_POST["eText"],
$user['UID'],
isset($_POST["eTreffen"]) ? 1 : 0,
$news_id
]
);
engelsystem_log('News updated: ' . $_POST['eBetreff']);
success(_('News entry updated.'));
redirect(page_link_to('news'));
break;
case 'delete':
list($news) = $news;
sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1");
engelsystem_log("News deleted: " . $news['Betreff']);
success(_("News entry deleted."));
redirect(page_link_to("news"));
$news = array_shift($news);
DB::delete('DELETE FROM `News` WHERE `ID`=? LIMIT 1', [$news_id]);
engelsystem_log('News deleted: ' . $news['Betreff']);
success(_('News entry deleted.'));
redirect(page_link_to('news'));
break;
default:
redirect(page_link_to('news'));
}
return $html . '</div>';
}
?>

129
includes/pages/admin_questions.php
Unescape Escape View File

@ -1,21 +1,30 @@
<?php
function admin_questions_title() {
return _("Answer questions");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_questions_title()
{
return _('Answer questions');
}
/**
* Renders a hint for new questions to answer.
*
* @return string|null
*/
function admin_new_questions() {
function admin_new_questions()
{
global $privileges, $page;
if ($page != "admin_questions") {
if (in_array("admin_questions", $privileges)) {
$new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID` IS NULL");
if ($page != 'admin_questions') {
if (in_array('admin_questions', $privileges)) {
$new_messages = count(DB::select('SELECT `QID` FROM `Questions` WHERE `AID` IS NULL'));
if ($new_messages > 0) {
return '<a href="' . page_link_to("admin_questions") . '">' . _('There are unanswered questions!') . '</a>';
return '<a href="' . page_link_to('admin_questions') . '">' . _('There are unanswered questions!') . '</a>';
}
}
}
@ -23,98 +32,132 @@ function admin_new_questions() {
return null;
}
function admin_questions() {
/**
* @return string
*/
function admin_questions()
{
global $user;
if (!isset($_REQUEST['action'])) {
$unanswered_questions_table = [];
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
$questions = DB::select('SELECT * FROM `Questions` WHERE `AID` IS NULL');
foreach ($questions as $question) {
$user_source = User($question['UID']);
$unanswered_questions_table[] = [
'from' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']),
'question' => str_replace("\n", '<br />', $question['Question']),
'answer' => form([
form_textarea('answer', '', ''),
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
_('delete'),
'btn-xs'
)
];
}
$answered_questions_table = [];
$questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
$questions = DB::select('SELECT * FROM `Questions` WHERE NOT `AID` IS NULL');
foreach ($questions as $question) {
$user_source = User($question['UID']);
$answer_user_source = User($question['AID']);
$answered_questions_table[] = [
'from' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']),
'question' => str_replace("\n", '<br />', $question['Question']),
'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", "<br />", $question['Answer']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
'answer' => str_replace("\n", '<br />', $question['Answer']),
'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
_('delete'),
'btn-xs'
)
];
}
return page_with_title(admin_questions_title(), [
'<h2>' . _("Unanswered questions") . '</h2>',
'<h2>' . _('Unanswered questions') . '</h2>',
table([
'from' => _("From"),
'question' => _("Question"),
'answer' => _("Answer"),
'from' => _('From'),
'question' => _('Question'),
'answer' => _('Answer'),
'actions' => ''
], $unanswered_questions_table),
'<h2>' . _("Answered questions") . '</h2>',
'<h2>' . _('Answered questions') . '</h2>',
table([
'from' => _("From"),
'question' => _("Question"),
'answered_by' => _("Answered by"),
'answer' => _("Answer"),
'from' => _('From'),
'question' => _('Question'),
'answered_by' => _('Answered by'),
'answer' => _('Answer'),
'actions' => ''
], $answered_questions_table)
]);
} else {
switch ($_REQUEST['action']) {
case 'answer':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Question ID.", true);
return error('Incomplete call, missing Question ID.', true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
$question = DB::select(
'SELECT * FROM `Questions` WHERE `QID`=? LIMIT 1',
[$question_id]
);
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
$answer = trim(
preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
'',
strip_tags($_REQUEST['answer'])
));
if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions"));
if ($answer != '') {
DB::update('
UPDATE `Questions`
SET `AID`=?, `Answer`=?
WHERE `QID`=?
LIMIT 1
',
[
$user['UID'],
$answer,
$question_id,
]
);
engelsystem_log('Question ' . $question[0]['Question'] . ' answered: ' . $answer);
redirect(page_link_to('admin_questions'));
} else {
return error("Enter an answer!", true);
return error('Enter an answer!', true);
}
} else {
return error("No question found.", true);
return error('No question found.', true);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Question ID.", true);
return error('Incomplete call, missing Question ID.', true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
$question = DB::select(
'SELECT * FROM `Questions` WHERE `QID`=? LIMIT 1',
[$question_id]
);
if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']);
redirect(page_link_to("admin_questions"));
DB::delete('DELETE FROM `Questions` WHERE `QID`=? LIMIT 1', [$question_id]);
engelsystem_log('Question deleted: ' . $question[0]['Question']);
redirect(page_link_to('admin_questions'));
} else {
return error("No question found.", true);
return error('No question found.', true);
}
break;
}
}
return '';
}
?>

153
includes/pages/admin_rooms.php
Unescape Escape View File

@ -1,11 +1,21 @@
<?php
function admin_rooms_title() {
return _("Rooms");
}
function admin_rooms() {
$rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_rooms_title()
{
return _('Rooms');
}
/**
* @return string
*/
function admin_rooms()
{
$rooms_source = DB::select('SELECT * FROM `Room` ORDER BY `Name`');
$rooms = [];
foreach ($rooms_source as $room) {
$rooms[] = [
@ -13,21 +23,22 @@ function admin_rooms() {
'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '&#10003;' : '',
'public' => $room['show'] == 'Y' ? '&#10003;' : '',
'actions' => table_buttons([
button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'),
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs')
button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _('edit'), 'btn-xs'),
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _('delete'), 'btn-xs')
])
];
}
$room = null;
if (isset($_REQUEST['show'])) {
$msg = "";
$name = "";
$from_pentabarf = "";
$msg = '';
$name = '';
$from_pentabarf = '';
$public = 'Y';
$number = "";
$number = '';
$room_id = 0;
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`');
$angeltypes = [];
$angeltypes_count = [];
foreach ($angeltypes_source as $angeltype) {
@ -36,9 +47,9 @@ function admin_rooms() {
}
if (test_request_int('id')) {
$room = Room($_REQUEST['id']);
$room = Room($_REQUEST['id'], false);
if ($room === false) {
engelsystem_error("Unable to load room.");
engelsystem_error('Unable to load room.');
}
if ($room == null) {
redirect(page_link_to('admin_rooms'));
@ -50,7 +61,10 @@ function admin_rooms() {
$public = $room['show'];
$number = $room['Number'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
$needed_angeltypes = DB::select(
'SELECT `angel_type_id`, `count` FROM `NeededAngelTypes` WHERE `room_id`=?',
[$room_id]
);
foreach ($needed_angeltypes as $needed_angeltype) {
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
}
@ -62,13 +76,19 @@ function admin_rooms() {
if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
$name = strip_request_item('name');
if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($room_id)) > 0) {
if (
isset($room)
&& count(DB::select(
'SELECT RID FROM `Room` WHERE `Name`=? AND NOT `RID`=?',
[$name, $room_id]
)) > 0
) {
$valid = false;
$msg .= error(_("This name is already in use."), true);
$msg .= error(_('This name is already in use.'), true);
}
} else {
$valid = false;
$msg .= error(_("Please enter a name."), true);
$msg .= error(_('Please enter a name.'), true);
}
if (isset($_REQUEST['from_pentabarf'])) {
@ -90,24 +110,53 @@ function admin_rooms() {
}
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
if (
isset($_REQUEST['angeltype_count_' . $angeltype_id])
&& preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
} else {
$valid = false;
$msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
$msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
}
}
if ($valid) {
if (isset($room_id)) {
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($room_id) . "' LIMIT 1");
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
if (!empty($room_id)) {
DB::update('
UPDATE `Room`
SET
`Name`=?,
`FromPentabarf`=?,
`show`=?,
`Number`=?
WHERE `RID`=?
LIMIT 1
', [
$name,
$from_pentabarf,
$public,
$number,
$room_id,
]);
engelsystem_log(
'Room updated: ' . $name
. ', pentabarf import: ' . $from_pentabarf
. ', public: ' . $public
. ', number: ' . $number
);
} else {
$room_id = Room_create($name, $from_pentabarf, $public, $number);
if ($room_id === false) {
engelsystem_error("Unable to create room.");
engelsystem_error('Unable to create room.');
}
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
engelsystem_log(
'Room created: ' . $name
. ', pentabarf import: '
. $from_pentabarf
. ', public: ' . $public
. ', number: ' . $number
);
}
NeededAngelTypes_delete_by_room($room_id);
@ -116,13 +165,16 @@ function admin_rooms() {
$angeltype = AngelType($angeltype_id);
if ($angeltype != null) {
NeededAngelType_add(null, $angeltype_id, $room_id, $angeltype_count);
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
$needed_angeltype_info[] = $angeltype['name'] . ': ' . $angeltype_count;
}
}
engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info));
success(_("Room saved."));
redirect(page_link_to("admin_rooms"));
engelsystem_log(
'Set needed angeltypes of room ' . $name
. ' to: ' . join(', ', $needed_angeltype_info)
);
success(_('Room saved.'));
redirect(page_link_to('admin_rooms'));
}
}
$angeltypes_count_form = [];
@ -134,47 +186,51 @@ function admin_rooms() {
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms'), _("back"), 'back')
button(page_link_to('admin_rooms'), _('back'), 'back')
]),
$msg,
form([
div('row', [
div('col-md-6', [
form_text('name', _("Name"), $name),
form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf),
form_checkbox('public', _("Public"), $public),
form_text('number', _("Room number"), $number)
form_text('name', _('Name'), $name),
form_checkbox('from_pentabarf', _('Frab import'), $from_pentabarf),
form_checkbox('public', _('Public'), $public),
form_text('number', _('Room number'), $number)
]),
div('col-md-6', [
div('row', [
div('col-md-12', [
form_info(_("Needed angels:"))
form_info(_('Needed angels:'))
]),
join($angeltypes_count_form)
])
])
]),
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
])
]);
} elseif ($_REQUEST['show'] == 'delete') {
if (isset($_REQUEST['ack'])) {
if (!Room_delete($room_id)) {
engelsystem_error("Unable to delete room.");
engelsystem_error('Unable to delete room.');
}
engelsystem_log("Room deleted: " . $name);
success(sprintf(_("Room %s deleted."), $name));
engelsystem_log('Room deleted: ' . $name);
success(sprintf(_('Room %s deleted.'), $name));
redirect(page_link_to('admin_rooms'));
}
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms'), _("back"), 'back')
button(page_link_to('admin_rooms'), _('back'), 'back')
]),
sprintf(_("Do you want to delete room %s?"), $name),
sprintf(_('Do you want to delete room %s?'), $name),
buttons([
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete')
button(
page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack',
_('Delete'),
'delete btn-danger'
)
])
]);
}
@ -182,15 +238,14 @@ function admin_rooms() {
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms') . '&show=edit', _("add"))
button(page_link_to('admin_rooms') . '&show=edit', _('add'))
]),
msg(),
table([
'name' => _("Name"),
'from_pentabarf' => _("Frab import"),
'public' => _("Public"),
'actions' => ""
'name' => _('Name'),
'from_pentabarf' => _('Frab import'),
'public' => _('Public'),
'actions' => ''
], $rooms)
]);
}
?>

189
includes/pages/admin_shifts.php
Unescape Escape View File

@ -1,32 +1,42 @@
<?php
function admin_shifts_title() {
return _("Create shifts");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_shifts_title()
{
return _('Create shifts');
}
// Assistent zum Anlegen mehrerer neuer Schichten
function admin_shifts() {
/**
* Assistent zum Anlegen mehrerer neuer Schichten
*
* @return string
*/
function admin_shifts()
{
$valid = true;
$rid = 0;
$start = parse_date("Y-m-d H:i", date("Y-m-d") . " 00:00");
$start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
$end = $start;
$mode = 'single';
$angelmode = 'manually';
$length = '';
$change_hours = [];
$title = "";
$title = '';
$shifttype_id = null;
// Locations laden (auch unsichtbare - fuer Erzengel ist das ok)
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = DB::select('SELECT `RID`, `Name` FROM `Room` ORDER BY `Name`');
$room_array = [];
foreach ($rooms as $room) {
$room_array[$room['RID']] = $room['Name'];
}
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$types = DB::select('SELECT * FROM `AngelTypes` ORDER BY `name`');
$needed_angel_types = [];
foreach ($types as $type) {
$needed_angel_types[$type['id']] = 0;
@ -45,9 +55,6 @@ function admin_shifts() {
if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
if (isset($_REQUEST['shifttype_id'])) {
$shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false) {
engelsystem_error('Unable to load shift type.');
}
if ($shifttype == null) {
$valid = false;
error(_('Please select a shift type.'));
@ -63,7 +70,11 @@ function admin_shifts() {
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
if (
isset($_REQUEST['rid'])
&& preg_match('/^\d+$/', $_REQUEST['rid'])
&& isset($room_array[$_REQUEST['rid']])
) {
$rid = $_REQUEST['rid'];
} else {
$valid = false;
@ -71,14 +82,14 @@ function admin_shifts() {
error(_('Please select a location.'));
}
if (isset($_REQUEST['start']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['start'])) {
if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
$start = $tmp;
} else {
$valid = false;
error(_('Please select a start time.'));
}
if (isset($_REQUEST['end']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['end'])) {
if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
$end = $tmp;
} else {
$valid = false;
@ -94,7 +105,7 @@ function admin_shifts() {
if ($_REQUEST['mode'] == 'single') {
$mode = 'single';
} elseif ($_REQUEST['mode'] == 'multi') {
if (isset($_REQUEST['length']) && preg_match("/^[0-9]+$/", trim($_REQUEST['length']))) {
if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) {
$mode = 'multi';
$length = trim($_REQUEST['length']);
} else {
@ -102,9 +113,12 @@ function admin_shifts() {
error(_('Please enter a shift duration in minutes.'));
}
} elseif ($_REQUEST['mode'] == 'variable') {
if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) {
if (
isset($_REQUEST['change_hours'])
&& preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
) {
$mode = 'variable';
$change_hours = array_map('trim', explode(",", $_REQUEST['change_hours']));
$change_hours = array_map('trim', explode(',', $_REQUEST['change_hours']));
} else {
$valid = false;
error(_('Please split the shift-change hours by colons.'));
@ -121,7 +135,10 @@ function admin_shifts() {
} elseif ($_REQUEST['angelmode'] == 'manually') {
$angelmode = 'manually';
foreach ($types as $type) {
if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) {
if (
isset($_REQUEST['type_' . $type['id']])
&& preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']]))
) {
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
} else {
$valid = false;
@ -150,7 +167,13 @@ function admin_shifts() {
if ($valid) {
if ($angelmode == 'location') {
$needed_angel_types = [];
$needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
$needed_angel_types_location = DB::select('
SELECT `angel_type_id`, `count`
FROM `NeededAngelTypes`
WHERE `room_id`=?
',
[$rid]
);
foreach ($needed_angel_types_location as $type) {
$needed_angel_types[$type['angel_type_id']] = $type['count'];
}
@ -165,9 +188,9 @@ function admin_shifts() {
'shifttype_id' => $shifttype_id
];
} elseif ($mode == 'multi') {
$shift_start = $start;
$shift_start = (int)$start;
do {
$shift_end = $shift_start + $length * 60;
$shift_end = $shift_start + (int)$length * 60;
if ($shift_end > $end) {
$shift_end = $end;
@ -188,7 +211,7 @@ function admin_shifts() {
} while ($shift_end < $end);
} elseif ($mode == 'variable') {
rsort($change_hours);
$day = parse_date("Y-m-d H:i", date("Y-m-d", $start) . " 00:00");
$day = parse_date('Y-m-d H:i', date('Y-m-d', $start) . ' 00:00');
$change_index = 0;
// Ersten/nächsten passenden Schichtwechsel suchen
foreach ($change_hours as $i => $change_hour) {
@ -205,7 +228,7 @@ function admin_shifts() {
$shift_start = $start;
do {
$day = parse_date("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00");
$day = parse_date('Y-m-d H:i', date('Y-m-d', $shift_start) . ' 00:00');
$shift_end = $day + $change_hours[$change_index] * 60 * 60;
if ($shift_end > $end) {
@ -231,8 +254,16 @@ function admin_shifts() {
$shifts_table = [];
foreach ($shifts as $shift) {
$shifts_table_entry = [
'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])),
'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''),
'timeslot' =>
'<span class="glyphicon glyphicon-time"></span> '
. date('Y-m-d H:i', $shift['start'])
. ' - '
. date('H:i', $shift['end'])
. '<br />'
. Room_name_render(Room($shift['RID'])),
'title' =>
ShiftType_name_render(ShiftType($shifttype_id))
. ($shift['title'] ? '<br />' . $shift['title'] : ''),
'needed_angels' => ''
];
foreach ($types as $type) {
@ -247,37 +278,43 @@ function admin_shifts() {
$_SESSION['admin_shifts_shifts'] = $shifts;
$_SESSION['admin_shifts_types'] = $needed_angel_types;
$hidden_types = "";
$hidden_types = '';
foreach ($needed_angel_types as $type_id => $count) {
$hidden_types .= form_hidden('type_' . $type_id, $count);
}
return page_with_title(_("Preview"), [
return page_with_title(_('Preview'), [
form([
$hidden_types,
form_hidden('shifttype_id', $shifttype_id),
form_hidden('title', $title),
form_hidden('rid', $rid),
form_hidden('start', date("Y-m-d H:i", $start)),
form_hidden('end', date("Y-m-d H:i", $end)),
form_hidden('start', date('Y-m-d H:i', $start)),
form_hidden('end', date('Y-m-d H:i', $end)),
form_hidden('mode', $mode),
form_hidden('length', $length),
form_hidden('change_hours', implode(', ', $change_hours)),
form_hidden('angelmode', $angelmode),
form_submit('back', _("back")),
form_submit('back', _('back')),
table([
'timeslot' => _('Time and location'),
'title' => _('Type and title'),
'needed_angels' => _('Needed angels')
], $shifts_table),
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
])
]);
}
} elseif (isset($_REQUEST['submit'])) {
if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) {
if (
!isset($_SESSION['admin_shifts_shifts'])
|| !isset($_SESSION['admin_shifts_types'])
|| !is_array($_SESSION['admin_shifts_shifts'])
|| !is_array($_SESSION['admin_shifts_types'])
) {
redirect(page_link_to('admin_shifts'));
}
$needed_angel_types_info = [];
foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
$shift['URL'] = null;
$shift['PSID'] = null;
@ -286,19 +323,37 @@ function admin_shifts() {
engelsystem_error('Unable to create shift.');
}
engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
$needed_angel_types_info = [];
engelsystem_log(
'Shift created: ' . $shifttypes[$shift['shifttype_id']]
. ' with title ' . $shift['title']
. ' from ' . date('Y-m-d H:i', $shift['start'])
. ' to ' . date('Y-m-d H:i', $shift['end'])
);
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
if (count($angel_type_source) > 0) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
$needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count;
$angel_type_source = DB::select('
SELECT *
FROM `AngelTypes`
WHERE `id` = ?
LIMIT 1', [$type_id]);
if (!empty($angel_type_source)) {
DB::insert('
INSERT INTO `NeededAngelTypes` (`shift_id`, `angel_type_id`, `count`)
VALUES (?, ?, ?)
',
[
$shift_id,
$type_id,
$count
]
);
$needed_angel_types_info[] = $angel_type_source[0]['name'] . ': ' . $count;
}
}
}
engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info));
success("Schichten angelegt.");
engelsystem_log('Shift needs following angel types: ' . join(', ', $needed_angel_types_info));
success('Schichten angelegt.');
redirect(page_link_to('admin_shifts'));
} else {
unset($_SESSION['admin_shifts_shifts']);
@ -308,39 +363,57 @@ function admin_shifts() {
if (!isset($_REQUEST['rid'])) {
$_REQUEST['rid'] = null;
}
$angel_types = "";
$angel_types = '';
foreach ($types as $type) {
$angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>';
$angel_types .= '<div class="col-md-4">' . form_spinner(
'type_' . $type['id'],
$type['name'],
$needed_angel_types[$type['id']]
)
. '</div>';
}
return page_with_title(admin_shifts_title(), [
msg(),
form([
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_text('title', _("Title"), $title),
form_select('rid', _("Room"), $room_array, $_REQUEST['rid']),
form_text('title', _('Title'), $title),
form_select('rid', _('Room'), $room_array, $_REQUEST['rid']),
div('row', [
div('col-md-6', [
form_text('start', _("Start"), date("Y-m-d H:i", $start)),
form_text('end', _("End"), date("Y-m-d H:i", $end)),
form_info(_("Mode"), ''),
form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22')
form_text('start', _('Start'), date('Y-m-d H:i', $start)),
form_text('end', _('End'), date('Y-m-d H:i', $end)),
form_info(_('Mode'), ''),
form_radio('mode', _('Create one shift'), $mode == 'single', 'single'),
form_radio('mode', _('Create multiple shifts'), $mode == 'multi', 'multi'),
form_text('length', _('Length'), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
form_radio(
'mode',
_('Create multiple shifts with variable length'),
$mode == 'variable',
'variable'
),
form_text(
'change_hours',
_('Shift change hours'),
!empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
)
]),
div('col-md-6', [
form_info(_("Needed angels"), ''),
form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
form_info(_('Needed angels'), ''),
form_radio(
'angelmode',
_('Take needed angels from room settings'),
$angelmode == 'location',
'location'
),
form_radio('angelmode', _('The following angels are needed'), $angelmode == 'manually', 'manually'),
div('row', [
$angel_types
])
])
]),
form_submit('preview', _("Preview"))
form_submit('preview', _('Preview'))
])
]);
}
?>

292
includes/pages/admin_user.php
Unescape Escape View File

@ -1,11 +1,28 @@
<?php
function admin_user_title() {
return _("All Angels");
use Engelsystem\Database\DB;
/**
* @return string
*/
function admin_user_title()
{
return _('All Angels');
}
function admin_user() {
global $user, $privileges, $tshirt_sizes, $privileges;
/**
* @return string
*/
function admin_user()
{
global $user, $privileges;
$tshirt_sizes = config('tshirt_sizes');
foreach ($tshirt_sizes as $key => $size) {
if (empty($size)) {
unset($tshirt_sizes[$key]);
}
}
$html = '';
@ -21,103 +38,135 @@ function admin_user() {
redirect(users_link());
}
$html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$user_id\" method=\"post\">\n";
$html .= "<table border=\"0\">\n";
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
$html .= "<tr><td>\n";
$html .= "<table>\n";
$html .= " <tr><td>Nick</td><td>" . "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" . $user_source['Nick'] . "\"></td></tr>\n";
$html .= " <tr><td>lastLogIn</td><td>" . date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
$html .= " <tr><td>Name</td><td>" . "<input type=\"text\" size=\"40\" name=\"eName\" value=\"" . $user_source['Name'] . "\"></td></tr>\n";
$html .= " <tr><td>Vorname</td><td>" . "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" . $user_source['Vorname'] . "\"></td></tr>\n";
$html .= " <tr><td>Alter</td><td>" . "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" . $user_source['Alter'] . "\"></td></tr>\n";
$html .= " <tr><td>Telefon</td><td>" . "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" . $user_source['Telefon'] . "\"></td></tr>\n";
$html .= " <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n";
$html .= " <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n";
$html .= 'Hallo,<br />'
. 'hier kannst du den Eintrag &auml;ndern. Unter dem Punkt \'Gekommen\' '
. 'wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, '
. 'dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. '
. 'Wenn T-Shirt ein \'Ja\' enth&auml;lt, bedeutet dies, dass der Engel '
. 'bereits sein T-Shirt erhalten hat.<br /><br />' . "\n";
$html .= '<form action="' . page_link_to('admin_user') . '&action=save&id=' . $user_id . '" method="post">' . "\n";
$html .= '<table border="0">' . "\n";
$html .= '<input type="hidden" name="Type" value="Normal">' . "\n";
$html .= '<tr><td>' . "\n";
$html .= '<table>' . "\n";
$html .= ' <tr><td>Nick</td><td>' . '<input type="text" size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Last login</td><td><p class="help-block">'
. date('Y-m-d H:i', $user_source['lastLogIn'])
. '</p></td></tr>' . "\n";
$html .= ' <tr><td>Name</td><td>' . '<input type="text" size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Vorname</td><td>' . '<input type="text" size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Alter</td><td>' . '<input type="text" size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Telefon</td><td>' . '<input type="text" size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Handy</td><td>' . '<input type="text" size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>DECT</td><td>' . '<input type="text" size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n";
if ($user_source['email_by_human_allowed']) {
$html .= " <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
$html .= " <tr><td>email</td><td>" . '<input type="text" size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n";
}
$html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
$html .= " <tr><td>jabber</td><td>" . '<input type="text" size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Size</td><td>'
. html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . '</td></tr>' . "\n";
$options = [
'1' => _("Yes"),
'0' => _("No")
'1' => _('Yes'),
'0' => _('No')
];
// Gekommen?
$html .= " <tr><td>Gekommen</td><td>\n";
$html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
$html .= ' <tr><td>Gekommen</td><td>' . "\n";
$html .= html_options('eGekommen', $options, $user_source['Gekommen']) . '</td></tr>' . "\n";
// Aktiv?
$html .= " <tr><td>Aktiv</td><td>\n";
$html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
$html .= ' <tr><td>Aktiv</td><td>' . "\n";
$html .= html_options('eAktiv', $options, $user_source['Aktiv']) . '</td></tr>' . "\n";
// Aktiv erzwingen
if (in_array('admin_active', $privileges)) {
$html .= " <tr><td>" . _("Force active") . "</td><td>\n";
$html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n";
$html .= ' <tr><td>' . _('Force active') . '</td><td>' . "\n";
$html .= html_options('force_active', $options, $user_source['force_active']) . '</td></tr>' . "\n";
}
// T-Shirt bekommen?
$html .= " <tr><td>T-Shirt</td><td>\n";
$html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
$html .= ' <tr><td>T-Shirt</td><td>' . "\n";
$html .= html_options('eTshirt', $options, $user_source['Tshirt']) . '</td></tr>' . "\n";
$html .= " <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n";
$html .= ' <tr><td>Hometown</td><td>' . '<input type="text" size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n";
$html .= "</table>\n</td><td valign=\"top\"></td></tr>";
$html .= '</table>' . "\n" . '</td><td valign="top"></td></tr>';
$html .= "</td></tr>\n";
$html .= "</table>\n<br />\n";
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
$html .= "</form>";
$html .= '</td></tr>' . "\n";
$html .= '</table>' . "\n" . '<br />' . "\n";
$html .= '<input type="submit" value="Speichern" class="btn btn-primary">';
$html .= '</form>';
$html .= "<hr />";
$html .= '<hr />';
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$user_id\" method=\"post\">\n";
$html .= "<table>\n";
$html .= " <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
$html .= " <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
$html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:<form action="'
. page_link_to('admin_user') . '&action=change_pw&id=' . $user_id . '" method="post">' . "\n";
$html .= '<table>' . "\n";
$html .= ' <tr><td>Passwort</td><td>' . '<input type="password" size="40" name="new_pw" value="" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Wiederholung</td><td>' . '<input type="password" size="40" name="new_pw2" value="" class="form-control"></td></tr>' . "\n";
$html .= "</table>";
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
$html .= "</form>";
$html .= '</table>' . "\n" . '<br />' . "\n";
$html .= '<input type="submit" value="Speichern" class="btn btn-primary">' . "\n";
$html .= '</form>';
$html .= "<hr />";
$html .= '<hr />';
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
$my_highest_group = DB::select(
'SELECT group_id FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id` LIMIT 1',
[$user['UID']]
);
if (count($my_highest_group) > 0) {
$my_highest_group = $my_highest_group[0]['group_id'];
}
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1");
$his_highest_group = DB::select(
'SELECT `group_id` FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id` LIMIT 1',
[$user_id]
);
if (count($his_highest_group) > 0) {
$his_highest_group = $his_highest_group[0]['group_id'];
}
if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $user_id . "\" method=\"post\">\n";
$html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:<form action="'
. page_link_to('admin_user') . '&action=save_groups&id=' . $user_id . '" method="post">' . "\n";
$html .= '<table>';
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
$groups = DB::select('
SELECT *
FROM `Groups`
LEFT OUTER JOIN `UserGroups` ON (
`UserGroups`.`group_id` = `Groups`.`UID`
AND `UserGroups`.`uid` = ?
)
WHERE `Groups`.`UID` >= ?
ORDER BY `Groups`.`Name`
',
[
$user_id,
$my_highest_group,
]
);
foreach ($groups as $group) {
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '" '
. ($group['group_id'] != '' ? ' checked="checked"' : '')
. ' /></td><td>' . $group['Name'] . '</td></tr>';
}
$html .= '</table>';
$html .= '</table><br>';
$html .= "<input type=\"submit\" value=\"Speichern\">\n";
$html .= "</form>";
$html .= '<input type="submit" value="Speichern" class="btn btn-primary">' . "\n";
$html .= '</form>';
$html .= "<hr />";
$html .= '<hr />';
}
$html .= buttons([
button(user_delete_link($user_source), glyph('lock') . _("delete"), 'btn-danger')
button(user_delete_link($user_source), glyph('lock') . _('delete'), 'btn-danger')
]);
$html .= "<hr />";
@ -125,11 +174,37 @@ function admin_user() {
switch ($_REQUEST['action']) {
case 'save_groups':
if ($user_id != $user['UID']) {
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
$my_highest_group = DB::select(
'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
[$user['UID']]
);
$his_highest_group = DB::select(
'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
[$user_id]
);
if (
count($my_highest_group) > 0
&& (
count($his_highest_group) == 0
|| ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id'])
)
) {
$groups_source = DB::select('
SELECT *
FROM `Groups`
LEFT OUTER JOIN `UserGroups` ON (
`UserGroups`.`group_id` = `Groups`.`UID`
AND `UserGroups`.`uid` = ?
)
WHERE `Groups`.`UID` >= ?
ORDER BY `Groups`.`Name`
',
[
$user_id,
$my_highest_group[0]['group_id'],
]
);
$groups = [];
$grouplist = [];
foreach ($groups_source as $group) {
@ -141,68 +216,95 @@ function admin_user() {
$_REQUEST['groups'] = [];
}
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'");
DB::delete('DELETE FROM `UserGroups` WHERE `uid`=?', [$user_id]);
$user_groups_info = [];
foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) {
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'");
DB::insert(
'INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, ?)',
[$user_id, $group]
);
$user_groups_info[] = $groups[$group]['Name'];
}
}
$user_source = User($user_id);
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true);
engelsystem_log(
'Set groups of ' . User_Nick_render($user_source) . ' to: ' . join(', ', $user_groups_info)
);
$html .= success('Benutzergruppen gespeichert.', true);
} else {
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
$html .= error('Du kannst keine Engel mit mehr Rechten bearbeiten.', true);
}
} else {
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
$html .= error('Du kannst Deine eigenen Rechte nicht bearbeiten.', true);
}
break;
case 'save':
$force_active = $user['force_active'];
$user_source = User($user_id);
if (in_array('admin_active', $privileges)) {
$force_active = $_REQUEST['force_active'];
}
$SQL = "UPDATE `User` SET
`Nick` = '" . sql_escape($_POST["eNick"]) . "',
`Name` = '" . sql_escape($_POST["eName"]) . "',
`Vorname` = '" . sql_escape($_POST["eVorname"]) . "',
`Telefon` = '" . sql_escape($_POST["eTelefon"]) . "',
`Handy` = '" . sql_escape($_POST["eHandy"]) . "',
`Alter` = '" . sql_escape($_POST["eAlter"]) . "',
`DECT` = '" . sql_escape($_POST["eDECT"]) . "',
" . ($user_source['email_by_human_allowed'] ? "`email` = '" . sql_escape($_POST["eemail"]) . "'" : "") . "
`jabber` = '" . sql_escape($_POST["ejabber"]) . "',
`Size` = '" . sql_escape($_POST["eSize"]) . "',
`Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "',
`Aktiv`= '" . sql_escape($_POST["eAktiv"]) . "',
`force_active`= " . sql_escape($force_active) . ",
`Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "',
`Hometown` = '" . sql_escape($_POST["Hometown"]) . "'
WHERE `UID` = '" . sql_escape($user_id) . "'
LIMIT 1";
sql_query($SQL);
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
$html .= success("Änderung wurde gespeichert...\n", true);
$sql = '
UPDATE `User` SET
`Nick` = ?,
`Name` = ?,
`Vorname` = ?,
`Telefon` = ?,
`Handy` = ?,
`Alter` =?,
`DECT` = ?,
' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($_POST["eemail"]) . ',' : '') . '
`jabber` = ?,
`Size` = ?,
`Gekommen`= ?,
`Aktiv`= ?,
`force_active`= ?,
`Tshirt` = ?,
`Hometown` = ?
WHERE `UID` = ?
LIMIT 1';
DB::update($sql, [
$_POST['eNick'],
$_POST['eName'],
$_POST['eVorname'],
$_POST['eTelefon'],
$_POST['eHandy'],
$_POST['eAlter'],
$_POST['eDECT'],
$_POST['ejabber'],
$_POST['eSize'],
$_POST['eGekommen'],
$_POST['eAktiv'],
$force_active,
$_POST['eTshirt'],
$_POST['Hometown'],
$user_id,
]);
engelsystem_log(
'Updated user: ' . $_POST['eNick'] . ', ' . $_POST['eSize']
. ', arrived: ' . $_POST['eGekommen']
. ', active: ' . $_POST['eAktiv']
. ', tshirt: ' . $_POST['eTshirt']
);
$html .= success('Änderung wurde gespeichert...' . "\n", true);
break;
case 'change_pw':
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
if ($_REQUEST['new_pw'] != '' && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($user_id, $_REQUEST['new_pw']);
$user_source = User($user_id);
engelsystem_log("Set new password for " . User_Nick_render($user_source));
$html .= success("Passwort neu gesetzt.", true);
engelsystem_log('Set new password for ' . User_Nick_render($user_source));
$html .= success('Passwort neu gesetzt.', true);
} else {
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
$html .= error('Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!', true);
}
break;
}
}
return page_with_title(_("Edit user"), [
return page_with_title(_('Edit user'), [
$html
]);
}
?>

16
includes/pages/guest_credits.php
Unescape Escape View File

@ -1,9 +1,17 @@
<?php
function credits_title() {
return _("Credits");
/**
* @return string
*/
function credits_title()
{
return _('Credits');
}
function guest_credits() {
/**
* @return string
*/
function guest_credits()
{
return template_render(__DIR__ . '/../../templates/guest_credits.html', []);
}
?>

330
includes/pages/guest_login.php
Unescape Escape View File

@ -1,74 +1,104 @@
<?php
function login_title() {
return _("Login");
}
function register_title() {
return _("Register");
}
function logout_title() {
return _("Logout");
}
// Engel registrieren
function guest_register() {
global $tshirt_sizes, $enable_tshirt_size, $default_theme, $user, $min_password_length;
use Engelsystem\Database\DB;
/**
* @return string
*/
function login_title()
{
return _('Login');
}
/**
* @return string
*/
function register_title()
{
return _('Register');
}
/**
* @return string
*/
function logout_title()
{
return _('Logout');
}
/**
* Engel registrieren
*
* @return string
*/
function guest_register()
{
global $user;
$tshirt_sizes = config('tshirt_sizes');
$enable_tshirt_size = config('enable_tshirt_size');
$min_password_length = config('min_password_length');
$event_config = EventConfig();
$msg = "";
$nick = "";
$lastname = "";
$prename = "";
$age = "";
$tel = "";
$dect = "";
$mobile = "";
$mail = "";
$msg = '';
$nick = '';
$lastName = '';
$preName = '';
$age = '';
$tel = '';
$dect = '';
$mobile = '';
$mail = '';
$email_shiftinfo = false;
$email_by_human_allowed = false;
$jabber = "";
$hometown = "";
$comment = "";
$jabber = '';
$hometown = '';
$comment = '';
$tshirt_size = '';
$password_hash = "";
$password_hash = '';
$selected_angel_types = [];
$planned_arrival_date = null;
$angel_types_source = AngelTypes();
$angel_types = [];
foreach ($angel_types_source as $angel_type) {
$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? ' (restricted)' : '');
if (!$angel_type['restricted']) {
$selected_angel_types[] = $angel_type['id'];
}
}
foreach ($tshirt_sizes as $key => $size) {
if (empty($size)) {
unset($tshirt_sizes[$key]);
}
}
if (isset($_REQUEST['submit'])) {
$valid = true;
if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) {
$nick = User_validate_Nick($_REQUEST['nick']);
if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' LIMIT 1") > 0) {
if (count(DB::select('SELECT `UID` FROM `User` WHERE `Nick`=? LIMIT 1', [$nick])) > 0) {
$valid = false;
$msg .= error(sprintf(_("Your nick &quot;%s&quot; already exists."), $nick), true);
$msg .= error(sprintf(_('Your nick &quot;%s&quot; already exists.'), $nick), true);
}
} else {
$valid = false;
$msg .= error(sprintf(_("Your nick &quot;%s&quot; is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true);
$msg .= error(sprintf(
_('Your nick &quot;%s&quot; is too short (min. 2 characters).'),
User_validate_Nick($_REQUEST['nick'])
), true);
}
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
$mail = strip_request_item('mail');
if (!check_email($mail)) {
$valid = false;
$msg .= error(_("E-mail address is not correct."), true);
$msg .= error(_('E-mail address is not correct.'), true);
}
} else {
$valid = false;
$msg .= error(_("Please enter your e-mail."), true);
$msg .= error(_('Please enter your e-mail.'), true);
}
if (isset($_REQUEST['email_shiftinfo'])) {
@ -83,7 +113,7 @@ function guest_register() {
$jabber = strip_request_item('jabber');
if (!check_email($jabber)) {
$valid = false;
$msg .= error(_("Please check your jabber account information."), true);
$msg .= error(_('Please check your jabber account information.'), true);
}
}
@ -92,27 +122,30 @@ function guest_register() {
$tshirt_size = $_REQUEST['tshirt_size'];
} else {
$valid = false;
$msg .= error(_("Please select your shirt size."), true);
$msg .= error(_('Please select your shirt size.'), true);
}
}
if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
if ($_REQUEST['password'] != $_REQUEST['password2']) {
$valid = false;
$msg .= error(_("Your passwords don't match."), true);
$msg .= error(_('Your passwords don\'t match.'), true);
}
} else {
$valid = false;
$msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), $min_password_length), true);
$msg .= error(sprintf(
_('Your password is too short (please use at least %s characters).'),
$min_password_length
), true);
}
if (isset($_REQUEST['planned_arrival_date'])) {
$tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00");
$tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
$result = User_validate_planned_arrival_date($tmp);
$planned_arrival_date = $result->getValue();
if (!$result->isValid()) {
$valid = false;
error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date."));
error(_('Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.'));
}
}
@ -125,12 +158,12 @@ function guest_register() {
// Trivia
if (isset($_REQUEST['lastname'])) {
$lastname = strip_request_item('lastname');
$lastName = strip_request_item('lastname');
}
if (isset($_REQUEST['prename'])) {
$prename = strip_request_item('prename');
$preName = strip_request_item('prename');
}
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) {
if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) {
$age = strip_request_item('age');
}
if (isset($_REQUEST['tel'])) {
@ -150,43 +183,73 @@ function guest_register() {
}
if ($valid) {
sql_query("
INSERT INTO `User` SET
`color`='" . sql_escape($default_theme) . "',
`Nick`='" . sql_escape($nick) . "',
`Vorname`='" . sql_escape($prename) . "',
`Name`='" . sql_escape($lastname) . "',
`Alter`='" . sql_escape($age) . "',
`Telefon`='" . sql_escape($tel) . "',
`DECT`='" . sql_escape($dect) . "',
`Handy`='" . sql_escape($mobile) . "',
`email`='" . sql_escape($mail) . "',
`email_shiftinfo`=" . sql_bool($email_shiftinfo) . ",
`email_by_human_allowed`=" . sql_bool($email_by_human_allowed) . ",
`jabber`='" . sql_escape($jabber) . "',
`Size`='" . sql_escape($tshirt_size) . "',
`Passwort`='" . sql_escape($password_hash) . "',
`kommentar`='" . sql_escape($comment) . "',
`Hometown`='" . sql_escape($hometown) . "',
`CreateDate`=NOW(),
`Sprache`='" . sql_escape($_SESSION["locale"]) . "',
`arrival_date`=NULL,
`planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'");
DB::insert('
INSERT INTO `User` (
`color`,
`Nick`,
`Vorname`,
`Name`,
`Alter`,
`Telefon`,
`DECT`,
`Handy`,
`email`,
`email_shiftinfo`,
`email_by_human_allowed`,
`jabber`,
`Size`,
`Passwort`,
`kommentar`,
`Hometown`,
`CreateDate`,
`Sprache`,
`arrival_date`,
`planned_arrival_date`
)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, NULL, ?)
',
[
config('theme'),
$nick,
$preName,
$lastName,
$age,
$tel,
$dect,
$mobile,
$mail,
(bool)$email_shiftinfo,
(bool)$email_by_human_allowed,
$jabber,
$tshirt_size,
$password_hash,
$comment,
$hometown,
$_SESSION['locale'],
$planned_arrival_date,
]
);
// Assign user-group and set password
$user_id = sql_id();
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2");
$user_id = DB::getPdo()->lastInsertId();
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]);
set_password($user_id, $_REQUEST['password']);
// Assign angel-types
$user_angel_types_info = [];
foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'");
DB::insert(
'INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES (?, ?)',
[$user_id, $selected_angel_type_id]
);
$user_angel_types_info[] = $angel_types[$selected_angel_type_id];
}
engelsystem_log("User " . User_Nick_render(User($user_id)) . " signed up as: " . join(", ", $user_angel_types_info));
success(_("Angel registration successful!"));
engelsystem_log(
'User ' . User_Nick_render(User($user_id))
. ' signed up as: ' . join(', ', $user_angel_types_info)
);
success(_('Angel registration successful!'));
// User is already logged in - that means a supporter has registered an angel. Return to register page.
if (isset($user)) {
@ -214,7 +277,7 @@ function guest_register() {
}
return page_with_title(register_title(), [
_("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task scheduler."),
_('By completing this form you\'re registering as a Chaos-Angel. This script will create you an account in the angel task scheduler.'),
$msg,
msg(),
form([
@ -222,112 +285,141 @@ function guest_register() {
div('col-md-6', [
div('row', [
div('col-sm-4', [
form_text('nick', _("Nick") . ' ' . entry_required(), $nick)
form_text('nick', _('Nick') . ' ' . entry_required(), $nick)
]),
div('col-sm-8', [
form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail),
form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $email_shiftinfo),
form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $email_by_human_allowed)
form_email('mail', _('E-Mail') . ' ' . entry_required(), $mail),
form_checkbox(
'email_shiftinfo',
_('The engelsystem is allowed to send me an email (e.g. when my shifts change)'),
$email_shiftinfo
),
form_checkbox(
'email_by_human_allowed',
_('Humans are allowed to send me an email (e.g. for ticket vouchers)'),
$email_by_human_allowed
)
])
]),
div('row', [
div('col-sm-6', [
form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, $buildup_start_date, $teardown_end_date)
form_date(
'planned_arrival_date',
_('Planned date of arrival') . ' ' . entry_required(),
$planned_arrival_date, $buildup_start_date, $teardown_end_date
)
]),
div('col-sm-6', [
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : ''
$enable_tshirt_size ? form_select('tshirt_size',
_('Shirt size') . ' ' . entry_required(),
$tshirt_sizes, $tshirt_size) : ''
])
]),
div('row', [
div('col-sm-6', [
form_password('password', _("Password") . ' ' . entry_required())
form_password('password', _('Password') . ' ' . entry_required())
]),
div('col-sm-6', [
form_password('password2', _("Confirm password") . ' ' . entry_required())
form_password('password2', _('Confirm password') . ' ' . entry_required())
])
]),
form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types),
form_info("", _("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section."))
form_checkboxes(
'angel_types',
_('What do you want to do?') . sprintf(
' (<a href="%s">%s</a>)',
page_link_to('angeltypes') . '&action=about',
_('Description of job types')
),
$angel_types,
$selected_angel_types
),
form_info(
'',
_('Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.')
)
]),
div('col-md-6', [
div('row', [
div('col-sm-4', [
form_text('dect', _("DECT"), $dect)
form_text('dect', _('DECT'), $dect)
]),
div('col-sm-4', [
form_text('mobile', _("Mobile"), $mobile)
form_text('mobile', _('Mobile'), $mobile)
]),
div('col-sm-4', [
form_text('tel', _("Phone"), $tel)
form_text('tel', _('Phone'), $tel)
])
]),
form_text('jabber', _("Jabber"), $jabber),
form_text('jabber', _('Jabber'), $jabber),
div('row', [
div('col-sm-6', [
form_text('prename', _("First name"), $prename)
form_text('prename', _('First name'), $preName)
]),
div('col-sm-6', [
form_text('lastname', _("Last name"), $lastname)
form_text('lastname', _('Last name'), $lastName)
])
]),
div('row', [
div('col-sm-3', [
form_text('age', _("Age"), $age)
form_text('age', _('Age'), $age)
]),
div('col-sm-9', [
form_text('hometown', _("Hometown"), $hometown)
form_text('hometown', _('Hometown'), $hometown)
])
]),
form_info(entry_required() . ' = ' . _("Entry required!"))
form_info(entry_required() . ' = ' . _('Entry required!'))
])
]),
// form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment),
form_submit('submit', _("Register"))
// form_textarea('comment', _('Did you help at former CCC events and which tasks have you performed then?'), $comment),
form_submit('submit', _('Register'))
])
]);
}
function entry_required() {
function entry_required()
{
return '<span class="text-info glyphicon glyphicon-warning-sign"></span>';
}
function guest_logout() {
function guest_logout()
{
session_destroy();
redirect(page_link_to("start"));
redirect(page_link_to('start'));
return true;
}
function guest_login() {
$nick = "";
function guest_login()
{
$nick = '';
unset($_SESSION['uid']);
$valid = true;
if (isset($_REQUEST['submit'])) {
if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
$nick = User_validate_Nick($_REQUEST['nick']);
$login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "'");
$login_user = DB::select('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
if (count($login_user) > 0) {
$login_user = $login_user[0];
if (isset($_REQUEST['password'])) {
if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
$valid = false;
error(_("Your password is incorrect. Please try it again."));
error(_('Your password is incorrect. Please try it again.'));
}
} else {
$valid = false;
error(_("Please enter a password."));
error(_('Please enter a password.'));
}
} else {
$valid = false;
error(_("No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher."));
error(_('No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher.'));
}
} else {
$valid = false;
error(_("Please enter a nickname."));
error(_('Please enter a nickname.'));
}
if ($valid) {
if ($valid && !empty($login_user)) {
$_SESSION['uid'] = $login_user['UID'];
$_SESSION['locale'] = $login_user['Sprache'];
@ -346,21 +438,21 @@ function guest_login() {
div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [
div('panel panel-primary first', [
div('panel-heading', [
'<span class="icon-icon_angel"></span> ' . _("Login")
'<span class="icon-icon_angel"></span> ' . _('Login')
]),
div('panel-body', [
msg(),
form([
form_text_placeholder('nick', _("Nick"), $nick),
form_password_placeholder('password', _("Password")),
form_submit('submit', _("Login")),
form_text_placeholder('nick', _('Nick'), $nick),
form_password_placeholder('password', _('Password')),
form_submit('submit', _('Login')),
!$valid ? buttons([
button(page_link_to('user_password_recovery'), _("I forgot my password"))
button(page_link_to('user_password_recovery'), _('I forgot my password'))
]) : ''
])
]),
div('panel-footer', [
glyph('info-sign') . _("Please note: You have to activate cookies!")
glyph('info-sign') . _('Please note: You have to activate cookies!')
])
])
])
@ -371,10 +463,10 @@ function guest_login() {
get_register_hint()
]),
div('col-sm-6 text-center', [
heading(_("What can I do?"), 2),
'<p>' . _("Please read about the jobs you can do to help us.") . '</p>',
heading(_('What can I do?'), 2),
'<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
buttons([
button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' &raquo;')
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;')
])
])
])
@ -382,19 +474,19 @@ function guest_login() {
]);
}
function get_register_hint() {
function get_register_hint()
{
global $privileges;
if (in_array('register', $privileges)) {
return join('', [
'<p>' . _("Please sign up, if you want to help us!") . '</p>',
'<p>' . _('Please sign up, if you want to help us!') . '</p>',
buttons([
button(page_link_to('register'), register_title() . ' &raquo;')
])
]);
}
//FIXME: return error(_("Registration is disabled."), true);
return error("Registration is <a href='https://engelsystem.de/33c3/overwhelmed.html'>disabled</a>.", true);
//FIXME: return error(_('Registration is disabled.'), true);
return error('Registration is <a href="https://engelsystem.de/33c3/overwhelmed.html">disabled</a>.', true);
}
?>

5
includes/pages/guest_start.php
Unescape Escape View File

@ -1,5 +1,6 @@
<?php
function guest_start() {
function guest_start()
{
redirect(page_link_to('login'));
return true;
}
?>

37
includes/pages/guest_stats.php
Unescape Escape View File

@ -1,35 +1,48 @@
<?php
function guest_stats() {
global $api_key;
use Engelsystem\Database\DB;
function guest_stats()
{
$apiKey = config('api_key');
if (isset($_REQUEST['api_key'])) {
if ($_REQUEST['api_key'] == $api_key) {
if ($_REQUEST['api_key'] == $apiKey && !empty($apiKey)) {
$stats = [];
list($user_count) = sql_select("SELECT count(*) as `user_count` FROM `User`");
list($user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User`');
$stats['user_count'] = $user_count['user_count'];
list($arrived_user_count) = sql_select("SELECT count(*) as `user_count` FROM `User` WHERE `Gekommen`=1");
list($arrived_user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User` WHERE `Gekommen`=1');
$stats['arrived_user_count'] = $arrived_user_count['user_count'];
$done_shifts_seconds = sql_select_single_cell("SELECT SUM(`Shifts`.`end` - `Shifts`.`start`) FROM `ShiftEntry` JOIN `Shifts` USING (`SID`) WHERE `Shifts`.`end` < UNIX_TIMESTAMP()");
$done_shifts_seconds = DB::select('
SELECT SUM(`Shifts`.`end` - `Shifts`.`start`)
FROM `ShiftEntry`
JOIN `Shifts` USING (`SID`)
WHERE `Shifts`.`end` < UNIX_TIMESTAMP()
');
$done_shifts_seconds = array_shift($done_shifts_seconds);
$done_shifts_seconds = (int)array_shift($done_shifts_seconds);
$stats['done_work_hours'] = round($done_shifts_seconds / (60 * 60), 0);
$users_in_action = sql_select("SELECT `Shifts`.`start`, `Shifts`.`end` FROM `ShiftEntry` JOIN `Shifts` ON `Shifts`.`SID`=`ShiftEntry`.`SID` WHERE UNIX_TIMESTAMP() BETWEEN `Shifts`.`start` AND `Shifts`.`end`");
$users_in_action = DB::select('
SELECT `Shifts`.`start`, `Shifts`.`end`
FROM `ShiftEntry`
JOIN `Shifts` ON `Shifts`.`SID`=`ShiftEntry`.`SID`
WHERE UNIX_TIMESTAMP() BETWEEN `Shifts`.`start` AND `Shifts`.`end`
');
$stats['users_in_action'] = count($users_in_action);
header("Content-Type: application/json");
header('Content-Type: application/json');
raw_output(json_encode($stats));
return;
}
raw_output(json_encode([
'error' => "Wrong api_key."
'error' => 'Wrong api_key.'
]));
}
raw_output(json_encode([
'error' => "Missing parameter api_key."
'error' => 'Missing parameter api_key.'
]));
}
?>

66
includes/pages/user_atom.php
Unescape Escape View File

@ -1,51 +1,73 @@
<?php
// publically available page to feed the news to feedreaders
function user_atom() {
global $user, $DISPLAY_NEWS;
use Engelsystem\Database\DB;
if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) {
engelsystem_error("Missing key.");
/**
* Publically available page to feed the news to feedreaders
*/
function user_atom()
{
global $user;
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
engelsystem_error('Missing key.');
}
$key = $_REQUEST['key'];
$user = User_by_api_key($key);
if ($user == null) {
engelsystem_error("Key invalid.");
engelsystem_error('Key invalid.');
}
if (!in_array('atom', privileges_for_user($user['UID']))) {
engelsystem_error("No privilege for atom.");
engelsystem_error('No privilege for atom.');
}
$news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS));
$news = DB::select('
SELECT *
FROM `News`
' . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . '
ORDER BY `ID`
DESC LIMIT ' . (int)config('display_news')
);
$output = make_atom_entries_from_news($news);
header('Content-Type: application/atom+xml; charset=utf-8');
header("Content-Length: " . strlen($output));
header('Content-Length: ' . strlen($output));
raw_output($output);
}
function make_atom_entries_from_news($news_entries) {
/**
* @param array[] $news_entries
* @return string
*/
function make_atom_entries_from_news($news_entries)
{
$html = '<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Engelsystem</title>
<id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . "</updated>\n";
<id>' . $_SERVER['HTTP_HOST']
. htmlspecialchars(preg_replace(
'#[&?]key=[a-f\d]{32}#',
'',
$_SERVER['REQUEST_URI']
))
. '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . '</updated>' . "\n";
foreach ($news_entries as $news_entry) {
$html .= make_atom_entry_from_news($news_entry);
}
$html .= "</feed>";
$html .= '</feed>';
return $html;
}
function make_atom_entry_from_news($news_entry) {
return " <entry>
<title>" . htmlspecialchars($news_entry['Betreff']) . "</title>
<link href=\"" . page_link_to_absolute("news_comments&amp;nid=") . "${news_entry['ID']}\"/>
<id>" . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-${news_entry['ID']}</id>
<updated>" . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . "</updated>
<summary type=\"html\">" . htmlspecialchars($news_entry['Text']) . "</summary>
</entry>\n";
function make_atom_entry_from_news($news_entry)
{
return ' <entry>
<title>' . htmlspecialchars($news_entry['Betreff']) . '</title>
<link href="' . page_link_to_absolute('news_comments&amp;nid=') . $news_entry['ID'] . '"/>
<id>' . preg_replace('#^https?://#', '', page_link_to_absolute('news')) . '-' . $news_entry['ID'] . '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated>
<summary type="html">' . htmlspecialchars($news_entry['Text']) . '</summary>
</entry>' . "\n";
}
?>

39
includes/pages/user_ical.php
Unescape Escape View File

@ -3,21 +3,22 @@
/**
* Controller for ical output of users own shifts or any user_shifts filter.
*/
function user_ical() {
function user_ical()
{
global $user;
if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) {
engelsystem_error("Missing key.");
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
engelsystem_error('Missing key.');
}
$key = $_REQUEST['key'];
$user = User_by_api_key($key);
if ($user == null) {
engelsystem_error("Key invalid.");
engelsystem_error('Key invalid.');
}
if (!in_array('ical', privileges_for_user($user['UID']))) {
engelsystem_error("No privilege for ical.");
engelsystem_error('No privilege for ical.');
}
$ical_shifts = load_ical_shifts();
@ -30,34 +31,38 @@ function user_ical() {
*
* @param array <Shift> $shifts
*/
function send_ical_from_shifts($shifts) {
header("Content-Type: text/calendar; charset=utf-8");
function send_ical_from_shifts($shifts)
{
header('Content-Type: text/calendar; charset=utf-8');
header('Content-Disposition: attachment; filename=shifts.ics');
$output = "BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:-//-//Engelsystem//DE\r\nCALSCALE:GREGORIAN\r\n";
foreach ($shifts as $shift) {
$output .= make_ical_entry_from_shift($shift);
}
$output .= "END:VCALENDAR\r\n";
$output = trim($output, "\x0A");
header("Content-Length: " . strlen($output));
header('Content-Length: ' . strlen($output));
raw_output($output);
}
/**
* Renders an ical vevent from given shift.
*
* @param Shift $shift
* @param array $shift
* @return string
*/
function make_ical_entry_from_shift($shift) {
function make_ical_entry_from_shift($shift)
{
$output = "BEGIN:VEVENT\r\n";
$output .= "UID:" . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n";
$output .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name']) . " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n";
$output .= 'UID:' . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n";
$output .= 'SUMMARY:' . str_replace("\n", "\\n", $shift['name'])
. ' (' . str_replace("\n", "\\n", $shift['title']) . ")\r\n";
if (isset($shift['Comment'])) {
$output .= "DESCRIPTION:" . str_replace("\n", "\\n", $shift['Comment']) . "\r\n";
$output .= 'DESCRIPTION:' . str_replace("\n", "\\n", $shift['Comment']) . "\r\n";
}
$output .= "DTSTART;TZID=Europe/Berlin:" . date("Ymd\THis", $shift['start']) . "\r\n";
$output .= "DTEND;TZID=Europe/Berlin:" . date("Ymd\THis", $shift['end']) . "\r\n";
$output .= "LOCATION:" . $shift['Name'] . "\r\n";
$output .= 'DTSTART;TZID=Europe/Berlin:' . date("Ymd\THis", $shift['start']) . "\r\n";
$output .= 'DTEND;TZID=Europe/Berlin:' . date("Ymd\THis", $shift['end']) . "\r\n";
$output .= 'LOCATION:' . $shift['Name'] . "\r\n";
$output .= "END:VEVENT\r\n";
return $output;
}
?>

127
includes/pages/user_messages.php
Unescape Escape View File

@ -1,14 +1,27 @@
<?php
function messages_title() {
return _("Messages");
use Engelsystem\Database\DB;
/**
* @return string
*/
function messages_title()
{
return _('Messages');
}
function user_unread_messages() {
/**
* @return string
*/
function user_unread_messages()
{
global $user;
if (isset($user)) {
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
$new_messages = count(DB::select(
'SELECT `id` FROM `Messages` WHERE isRead=\'N\' AND `RUID`=?',
[$user['UID']]
));
if ($new_messages > 0) {
return ' <span class="badge danger">' . $new_messages . '</span>';
}
@ -16,14 +29,21 @@ function user_unread_messages() {
return '';
}
function user_messages() {
/**
* @return string
*/
function user_messages()
{
global $user;
if (!isset($_REQUEST['action'])) {
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
$users = DB::select(
'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`',
[$user['UID']]
);
$to_select_data = [
"" => _("Select recipient...")
'' => _('Select recipient...')
];
foreach ($users as $u) {
@ -32,16 +52,27 @@ function user_messages() {
$to_select = html_select_key('to', 'to', $to_select_data, '');
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");
$messages = DB::select('
SELECT *
FROM `Messages`
WHERE `SUID`=?
OR `RUID`=?
ORDER BY `isRead`,`Datum` DESC
',
[
$user['UID'],
$user['UID'],
]
);
$messages_table = [
[
'news' => '',
'timestamp' => date("Y-m-d H:i"),
'timestamp' => date('Y-m-d H:i'),
'from' => User_Nick_render($user),
'to' => $to_select,
'text' => form_textarea('text', '', ''),
'actions' => form_submit('submit', _("Save"))
'actions' => form_submit('submit', _('Save'))
]
];
@ -51,7 +82,7 @@ function user_messages() {
$messages_table_entry = [
'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',
'timestamp' => date("Y-m-d H:i", $message['Datum']),
'timestamp' => date('Y-m-d H:i', $message['Datum']),
'from' => User_Nick_render($sender_user_source),
'to' => User_Nick_render($receiver_user_source),
'text' => str_replace("\n", '<br />', $message['Text'])
@ -59,73 +90,91 @@ function user_messages() {
if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs');
$messages_table_entry['actions'] = button(
page_link_to('user_messages') . '&action=read&id=' . $message['id'],
_('mark as read'),
'btn-xs'
);
}
} else {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs');
$messages_table_entry['actions'] = button(
page_link_to('user_messages') . '&action=delete&id=' . $message['id'],
_('delete message'),
'btn-xs'
);
}
$messages_table[] = $messages_table_entry;
}
return page_with_title(messages_title(), [
msg(),
sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)),
sprintf(_('Hello %s, here can you leave messages for other angels'), User_Nick_render($user)),
form([
table([
'new' => _("New"),
'timestamp' => _("Date"),
'from' => _("Transmitted"),
'to' => _("Recipient"),
'text' => _("Message"),
'new' => _('New'),
'timestamp' => _('Date'),
'from' => _('Transmitted'),
'to' => _('Recipient'),
'text' => _('Message'),
'actions' => ''
], $messages_table)
], page_link_to('user_messages') . '&action=send')
]);
} else {
switch ($_REQUEST['action']) {
case "read":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
case 'read':
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$message_id = $_REQUEST['id'];
} else {
return error(_("Incomplete call, missing Message ID."), true);
return error(_('Incomplete call, missing Message ID.'), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
$message = DB::select(
'SELECT `RUID` FROM `Messages` WHERE `id`=? LIMIT 1',
[$message_id]
);
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
DB::update(
'UPDATE `Messages` SET `isRead`=\'Y\' WHERE `id`=? LIMIT 1',
[$message_id]
);
redirect(page_link_to('user_messages'));
} else {
return error(_("No Message found."), true);
return error(_('No Message found.'), true);
}
break;
case "delete":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
case 'delete':
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$message_id = $_REQUEST['id'];
} else {
return error(_("Incomplete call, missing Message ID."), true);
return error(_('Incomplete call, missing Message ID.'), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
$message = DB::select(
'SELECT `SUID` FROM `Messages` WHERE `id`=? LIMIT 1',
[$message_id]
);
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
DB::delete('DELETE FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]);
redirect(page_link_to('user_messages'));
} else {
return error(_("No Message found."), true);
return error(_('No Message found.'), true);
}
break;
case "send":
if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
redirect(page_link_to("user_messages"));
case 'send':
if (Message_send($_REQUEST['to'], $_REQUEST['text'])) {
redirect(page_link_to('user_messages'));
} else {
return error(_("Transmitting was terminated with an Error."), true);
return error(_('Transmitting was terminated with an Error.'), true);
}
break;
default:
return error(_("Wrong action."), true);
return error(_('Wrong action.'), true);
}
}
return '';
}
?>

122
includes/pages/user_myshifts.php
Unescape Escape View File

@ -1,35 +1,55 @@
<?php
function myshifts_title() {
return _("My shifts");
use Engelsystem\Database\DB;
/**
* @return string
*/
function myshifts_title()
{
return _('My shifts');
}
// Zeigt die Schichten an, die ein Benutzer belegt
function user_myshifts() {
global $LETZTES_AUSTRAGEN;
/**
* Zeigt die Schichten an, die ein Benutzer belegt
*
* @return string
*/
function user_myshifts()
{
global $user, $privileges;
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
if (
isset($_REQUEST['id'])
&& in_array('user_shifts_admin', $privileges)
&& preg_match('/^\d{1,}$/', $_REQUEST['id'])
&& count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0
) {
$user_id = $_REQUEST['id'];
} else {
$user_id = $user['UID'];
}
list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
$shifts_user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
$shifts_user = array_shift($shifts_user);
if (isset($_REQUEST['reset'])) {
if ($_REQUEST['reset'] == "ack") {
if ($_REQUEST['reset'] == 'ack') {
User_reset_api_key($user);
success(_("Key changed."));
success(_('Key changed.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
return page_with_title(_("Reset API key"), [
error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true),
button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
return page_with_title(_('Reset API key'), [
error(
_('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'),
true
),
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
]);
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
} elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) {
$user_id = $_REQUEST['edit'];
$shift = sql_select("SELECT
$shift = DB::select('
SELECT
`ShiftEntry`.`freeloaded`,
`ShiftEntry`.`freeload_comment`,
`ShiftEntry`.`Comment`,
@ -37,27 +57,34 @@ function user_myshifts() {
`ShiftTypes`.`name`,
`Shifts`.*,
`Room`.`Name`,
`AngelTypes`.`name` as `angel_type`
`AngelTypes`.`name` AS `angel_type`
FROM `ShiftEntry`
JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "'
AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
WHERE `ShiftEntry`.`id`=?
AND `UID`=?
LIMIT 1
',
[
$user_id,
$shifts_user['UID'],
]
);
if (count($shift) > 0) {
$shift = $shift[0];
$shift = array_shift($shift);
$freeloaded = $shift['freeloaded'];
$freeload_comment = $shift['freeload_comment'];
if (isset($_REQUEST['submit'])) {
$valid = true;
if (in_array("user_shifts_admin", $privileges)) {
if (in_array('user_shifts_admin', $privileges)) {
$freeloaded = isset($_REQUEST['freeloaded']);
$freeload_comment = strip_request_item_nl('freeload_comment');
if ($freeloaded && $freeload_comment == '') {
$valid = false;
error(_("Please enter a freeload comment!"));
error(_('Please enter a freeload comment!'));
}
}
@ -75,26 +102,51 @@ function user_myshifts() {
engelsystem_error('Unable to update shift entry.');
}
engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
success(_("Shift saved."));
engelsystem_log(
'Updated ' . User_Nick_render($user_source) . '\'s shift ' . $shift['name']
. ' from ' . date('Y-m-d H:i', $shift['start'])
. ' to ' . date('Y-m-d H:i', $shift['end'])
. ' with comment ' . $comment
. '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO')
);
success(_('Shift saved.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
}
return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges));
return ShiftEntry_edit_view(
User_Nick_render($shifts_user),
date('Y-m-d H:i', $shift['start']) . ', ' . shift_length($shift),
$shift['Name'],
$shift['name'],
$shift['angel_type'],
$shift['Comment'],
$shift['freeloaded'],
$shift['freeload_comment'],
in_array('user_shifts_admin', $privileges)
);
} else {
redirect(page_link_to('user_myshifts'));
}
} elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
} elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) {
$user_id = $_REQUEST['cancel'];
$shift = sql_select("
$shift = DB::select('
SELECT *
FROM `Shifts`
INNER JOIN `ShiftEntry` USING (`SID`)
WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
WHERE `ShiftEntry`.`id`=? AND `UID`=?
',
[
$user_id,
$shifts_user['UID'],
]
);
if (count($shift) > 0) {
$shift = $shift[0];
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
$shift = array_shift($shift);
if (
($shift['start'] > time() + config('last_unsubscribe') * 3600)
|| in_array('user_shifts_admin', $privileges)
) {
$result = ShiftEntry_delete($user_id);
if ($result === false) {
engelsystem_error('Unable to delete shift entry.');
@ -103,10 +155,16 @@ function user_myshifts() {
$angeltype = AngelType($shift['TID']);
$shifttype = ShiftType($shift['shifttype_id']);
engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
success(_("Shift canceled."));
engelsystem_log(
'Deleted own shift: ' . $shifttype['name']
. ' at ' . $room['Name']
. ' from ' . date('Y-m-d H:i', $shift['start'])
. ' to ' . date('Y-m-d H:i', $shift['end'])
. ' as ' . $angeltype['name']
);
success(_('Shift canceled.'));
} else {
error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
error(_('It\'s too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.'));
}
} else {
redirect(user_link($shifts_user));
@ -114,5 +172,5 @@ function user_myshifts() {
}
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
return '';
}
?>

198
includes/pages/user_news.php
Unescape Escape View File

@ -1,34 +1,59 @@
<?php
function user_news_comments_title() {
return _("News comments");
}
function news_title() {
return _("News");
}
function meetings_title() {
return _("Meetings");
}
function user_meetings() {
global $DISPLAY_NEWS;
use Engelsystem\Database\DB;
/**
* @return string
*/
function user_news_comments_title()
{
return _('News comments');
}
/**
* @return string
*/
function news_title()
{
return _('News');
}
/**
* @return string
*/
function meetings_title()
{
return _('Meetings');
}
/**
* @return string
*/
function user_meetings()
{
$display_news = config('display_news');
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
$page = $_REQUEST['page'];
} else {
$page = 0;
}
$news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
$news = DB::select(sprintf('
SELECT *
FROM `News`
WHERE `Treffen`=1
ORDER BY `Datum`DESC
LIMIT %u, %u',
$page * $display_news,
$display_news
));
foreach ($news as $entry) {
$html .= display_news($entry);
}
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) {
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
@ -38,14 +63,19 @@ function user_meetings() {
} else {
$html .= '<li>';
}
$html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
$html .= '<a href="' . page_link_to('user_meetings') . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
}
$html .= '</ul></div></div>';
return $html;
}
function display_news($news) {
/**
* @param array $news
* @return string
*/
function display_news($news)
{
global $privileges, $page;
$html = '';
@ -56,39 +86,68 @@ function display_news($news) {
$html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';
$html .= '<div class="panel-footer text-muted">';
if (in_array("admin_news", $privileges)) {
$html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>';
if (in_array('admin_news', $privileges)) {
$html .= '<div class="pull-right">'
. button_glyph(page_link_to('admin_news') . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs')
. '</div>';
}
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . '&emsp;';
$user_source = User($news['UID']);
$html .= User_Nick_render($user_source);
if ($page != "news_comments") {
$html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' &raquo;</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>';
if ($page != 'news_comments') {
$html .= '&emsp;<a href="' . page_link_to('news_comments') . '&nid=' . $news['ID'] . '">'
. '<span class="glyphicon glyphicon-comment"></span> '
. _('Comments') . ' &raquo;</a> '
. '<span class="badge">'
. count(DB::select('SELECT `ID` FROM `NewsComments` WHERE `Refid`=?', [$news['ID']]))
. '</span>';
}
$html .= '</div>';
$html .= '</div>';
return $html;
}
function user_news_comments() {
/**
* @return string
*/
function user_news_comments()
{
global $user;
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
$nid = $_REQUEST["nid"];
list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
if (isset($_REQUEST["text"])) {
if (
isset($_REQUEST['nid'])
&& preg_match('/^\d{1,}$/', $_REQUEST['nid'])
&& count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0
) {
$nid = $_REQUEST['nid'];
$news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]);
$news = array_shift($news);
if (isset($_REQUEST['text'])) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
engelsystem_log("Created news_comment: " . $text);
$html .= success(_("Entry saved."), true);
DB::insert('
INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
VALUES (?, ?, ?, ?)
',
[
$nid,
date('Y-m-d H:i:s'),
$text,
$user["UID"],
]
);
engelsystem_log('Created news_comment: ' . $text);
$html .= success(_('Entry saved.'), true);
}
$html .= display_news($news);
$comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
$comments = DB::select(
'SELECT * FROM `NewsComments` WHERE `Refid`=? ORDER BY \'ID\'',
[$nid]
);
foreach ($comments as $comment) {
$user_source = User($comment['UID']);
@ -101,45 +160,69 @@ function user_news_comments() {
$html .= '</div>';
}
$html .= '<hr /><h2>' . _("New Comment:") . '</h2>';
$html .= '<hr /><h2>' . _('New Comment:') . '</h2>';
$html .= form([
form_textarea('text', _("Message"), ''),
form_submit('submit', _("Save"))
form_textarea('text', _('Message'), ''),
form_submit('submit', _('Save'))
], page_link_to('news_comments') . '&nid=' . $news['ID']);
} else {
$html .= _("Invalid request.");
$html .= _('Invalid request.');
}
return $html . '</div>';
}
function user_news() {
global $DISPLAY_NEWS, $privileges, $user;
/**
* @return string
*/
function user_news()
{
global $privileges, $user;
$display_news = config('display_news');
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) {
if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) {
$_POST["treffen"] = 0;
}
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');");
engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
success(_("Entry saved."));
if (isset($_POST['text']) && isset($_POST['betreff']) && in_array('admin_news', $privileges)) {
if (!isset($_POST['treffen']) || !in_array('admin_news', $privileges)) {
$_POST['treffen'] = 0;
}
DB::insert('
INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
VALUES (?, ?, ?, ?, ?)
',
[
time(),
$_POST['betreff'],
$_POST['text'],
$user['UID'],
$_POST['treffen'],
]
);
engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $_POST['treffen']);
success(_('Entry saved.'));
redirect(page_link_to('news'));
}
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
$page = $_REQUEST['page'];
} else {
$page = 0;
}
$news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
$news = DB::select(sprintf('
SELECT *
FROM `News`
ORDER BY `Datum`
DESC LIMIT %u, %u
',
$page * $display_news,
$display_news
));
foreach ($news as $entry) {
$html .= display_news($entry);
}
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) {
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
@ -149,21 +232,20 @@ function user_news() {
} else {
$html .= '<li>';
}
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
$html .= '<a href="' . page_link_to('news') . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
}
$html .= '</ul></div>';
if (in_array("admin_news", $privileges)) {
if (in_array('admin_news', $privileges)) {
$html .= '<hr />';
$html .= '<h2>' . _("Create news:") . '</h2>';
$html .= '<h2>' . _('Create news:') . '</h2>';
$html .= form([
form_text('betreff', _("Subject"), ''),
form_textarea('text', _("Message"), ''),
form_checkbox('treffen', _("Meeting"), false, 1),
form_submit('submit', _("Save"))
form_text('betreff', _('Subject'), ''),
form_textarea('text', _('Message'), ''),
form_checkbox('treffen', _('Meeting'), false, 1),
form_submit('submit', _('Save'))
]);
}
return $html . '</div>';
}
?>

68
includes/pages/user_questions.php
Unescape Escape View File

@ -1,57 +1,85 @@
<?php
function questions_title() {
return _("Ask the Heaven");
use Engelsystem\Database\DB;
/**
* @return string
*/
function questions_title()
{
return _('Ask the Heaven');
}
function user_questions() {
/**
* @return string
*/
function user_questions()
{
global $user;
if (!isset($_REQUEST['action'])) {
$open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
$open_questions = DB::select(
'SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=?',
[$user['UID']]
);
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
$answered_questions = DB::select(
'SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=?',
[$user['UID']]
);
foreach ($answered_questions as &$question) {
$answer_user_source = User($question['AID']);
$question['answer_user'] = User_Nick_render($answer_user_source);
}
return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask');
return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask');
} else {
switch ($_REQUEST['action']) {
case 'ask':
$question = strip_request_item_nl('question');
if ($question != "") {
$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
if ($result === false) {
engelsystem_error(_("Unable to save question."));
if ($question != '') {
$result = DB::insert('
INSERT INTO `Questions` (`UID`, `Question`)
VALUES (?, ?)
',
[$user['UID'], $question]
);
if (!$result) {
engelsystem_error(_('Unable to save question.'));
}
success(_("You question was saved."));
redirect(page_link_to("user_questions"));
success(_('You question was saved.'));
redirect(page_link_to('user_questions'));
} else {
return page_with_title(questions_title(), [
error(_("Please enter a question!"), true)
error(_('Please enter a question!'), true)
]);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error(_("Incomplete call, missing Question ID."), true);
return error(_('Incomplete call, missing Question ID.'), true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
$question = DB::select(
'SELECT `UID` FROM `Questions` WHERE `QID`=? LIMIT 1',
[$question_id]
);
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
redirect(page_link_to("user_questions"));
DB::delete(
'DELETE FROM `Questions` WHERE `QID`=? LIMIT 1',
[$question_id]
);
redirect(page_link_to('user_questions'));
} else {
return page_with_title(questions_title(), [
error(_("No question found."), true)
error(_('No question found.'), true)
]);
}
break;
}
}
return '';
}
?>

136
includes/pages/user_settings.php
Unescape Escape View File

@ -1,16 +1,25 @@
<?php
function settings_title() {
return _("Settings");
use Engelsystem\Database\DB;
/**
* @return string
*/
function settings_title()
{
return _('Settings');
}
/**
* Change user main attributes (name, dates, etc.)
*
* @param User $user_source
* The user
* @param array $user_source The user
* @param bool $enable_tshirt_size
* @param array $tshirt_sizes
* @return array
*/
function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
{
$valid = true;
if (isset($_REQUEST['mail'])) {
@ -18,11 +27,11 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
$user_source['email'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
error(_("E-mail address is not correct."));
error(_('E-mail address is not correct.'));
}
} else {
$valid = false;
error(_("Please enter your e-mail."));
error(_('Please enter your e-mail.'));
}
$user_source['email_shiftinfo'] = isset($_REQUEST['email_shiftinfo']);
@ -33,7 +42,7 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
$user_source['jabber'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
error(_("Please check your jabber account information."));
error(_('Please check your jabber account information.'));
}
}
@ -44,22 +53,22 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
}
if (isset($_REQUEST['planned_arrival_date'])) {
$tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00");
$tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
$result = User_validate_planned_arrival_date($tmp);
$user_source['planned_arrival_date'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date."));
error(_('Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.'));
}
}
if (isset($_REQUEST['planned_departure_date'])) {
$tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_departure_date'] . " 00:00");
$tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_departure_date'] . ' 00:00');
$result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp);
$user_source['planned_departure_date'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
error(_("Please enter your planned date of departure. It should be after your planned arrival date and after buildup start date and before teardown end date."));
error(_('Please enter your planned date of departure. It should be after your planned arrival date and after buildup start date and before teardown end date.'));
}
}
@ -74,7 +83,7 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
if ($valid) {
User_update($user_source);
success(_("Settings saved."));
success(_('Settings saved.'));
redirect(page_link_to('user_settings'));
}
@ -84,21 +93,23 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
/**
* Change user password.
*
* @param User $user_source
* The user
* @param array $user_source The user
*/
function user_settings_password($user_source) {
global $min_password_length;
if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])) {
error(_("-> not OK. Please try again."));
} elseif (strlen($_REQUEST['new_password']) < $min_password_length) {
error(_("Your password is to short (please use at least 6 characters)."));
function user_settings_password($user_source)
{
if (
!isset($_REQUEST['password'])
|| !verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])
) {
error(_('-> not OK. Please try again.'));
} elseif (strlen($_REQUEST['new_password']) < config('min_password_length')) {
error(_('Your password is to short (please use at least 6 characters).'));
} elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
error(_("Your passwords don't match."));
error(_('Your passwords don\'t match.'));
} elseif (set_password($user_source['UID'], $_REQUEST['new_password'])) {
success(_("Password saved."));
success(_('Password saved.'));
} else {
error(_("Failed setting password."));
error(_('Failed setting password.'));
}
redirect(page_link_to('user_settings'));
}
@ -106,12 +117,12 @@ function user_settings_password($user_source) {
/**
* Change user theme
*
* @param User $user_sources
* The user
* @param array<String> $themes
* List of available themes
* @param array $user_source The user
* @param array $themes List of available themes
* @return mixed
*/
function user_settings_theme($user_source, $themes) {
function user_settings_theme($user_source, $themes)
{
$valid = true;
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
@ -121,9 +132,18 @@ function user_settings_theme($user_source, $themes) {
}
if ($valid) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($user_source['color']) . "' WHERE `UID`='" . sql_escape($user_source['UID']) . "'");
success(_("Theme changed."));
DB::update('
UPDATE `User`
SET `color`=?
WHERE `UID`=?
',
[
$user_source['color'],
$user_source['UID'],
]
);
success(_('Theme changed.'));
redirect(page_link_to('user_settings'));
}
@ -133,12 +153,12 @@ function user_settings_theme($user_source, $themes) {
/**
* Change use locale
*
* @param User $user_source
* The user
* @param array<String> $locales
* List of available locales
* @param array $user_source The user
* @param array $locales List of available locales
* @return array
*/
function user_settings_locale($user_source, $locales) {
function user_settings_locale($user_source, $locales)
{
$valid = true;
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
@ -148,10 +168,19 @@ function user_settings_locale($user_source, $locales) {
}
if ($valid) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($user_source['Sprache']) . "' WHERE `UID`='" . sql_escape($user_source['UID']) . "'");
DB::update('
UPDATE `User`
SET `Sprache`=?
WHERE `UID`=?
',
[
$user_source['Sprache'],
$user_source['UID'],
]
);
$_SESSION['locale'] = $user_source['Sprache'];
success("Language changed.");
success('Language changed.');
redirect(page_link_to('user_settings'));
}
@ -160,10 +189,16 @@ function user_settings_locale($user_source, $locales) {
/**
* Main user settings page/controller
*
* @return string
*/
function user_settings() {
global $enable_tshirt_size, $tshirt_sizes, $themes, $locales;
global $user;
function user_settings()
{
global $themes, $user;
$enable_tshirt_size = config('enable_tshirt_size');
$tshirt_sizes = config('tshirt_sizes');
$locales = config('locales');
$buildup_start_date = null;
$teardown_end_date = null;
@ -177,6 +212,12 @@ function user_settings() {
}
}
foreach ($tshirt_sizes as $key => $size) {
if (empty($size)) {
unset($tshirt_sizes[$key]);
}
}
$user_source = $user;
if (isset($_REQUEST['submit'])) {
@ -189,6 +230,13 @@ function user_settings() {
$user_source = user_settings_locale($user_source, $locales);
}
return User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, $enable_tshirt_size, $tshirt_sizes);
return User_settings_view(
$user_source,
$locales,
$themes,
$buildup_start_date,
$teardown_end_date,
$enable_tshirt_size,
$tshirt_sizes
);
}
?>

182
includes/pages/user_shifts.php
Unescape Escape View File

@ -1,8 +1,14 @@
<?php
use Engelsystem\Database\DB;
use Engelsystem\ShiftsFilter;
function shifts_title() {
return _("Shifts");
/**
* @return string
*/
function shifts_title()
{
return _('Shifts');
}
/**
@ -11,8 +17,11 @@ function shifts_title() {
* Transform into shift controller and shift entry controller.
* Split actions into shift edit, shift delete, shift entry edit, shift entry delete
* Introduce simpler and beautiful actions for shift entry join/leave for users
*
* @return string
*/
function user_shifts() {
function user_shifts()
{
global $user;
if (User_is_freeloader($user)) {
@ -21,7 +30,8 @@ function user_shifts() {
// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
if (isset($_REQUEST['entry_id'])) {
return shift_entry_delete_controller();
shift_entry_delete_controller();
return '';
} elseif (isset($_REQUEST['edit_shift'])) {
return shift_edit_controller();
} elseif (isset($_REQUEST['delete_shift'])) {
@ -36,10 +46,11 @@ function user_shifts() {
* Helper function that updates the start and end time from request data.
* Use update_ShiftsFilter().
*
* @param ShiftsFilter $shiftsFilter
* The shiftfilter to update.
* @param ShiftsFilter $shiftsFilter The shiftfilter to update.
* @param string[] $days
*/
function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days) {
function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days)
{
$start_time = $shiftsFilter->getStartTime();
if ($start_time == null) {
$start_time = time();
@ -61,14 +72,12 @@ function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days) {
/**
* Update given ShiftsFilter with filter params from user input
*
* @param ShiftsFilter $shiftsFilter
* The shifts filter to update from request data
* @param boolean $user_shifts_admin
* Has the user user_shift_admin privilege?
* @param string[] $days
* An array of available filter days
* @param ShiftsFilter $shiftsFilter The shifts filter to update from request data
* @param boolean $user_shifts_admin Has the user user_shift_admin privilege?
* @param string[] $days An array of available filter days
*/
function update_ShiftsFilter(ShiftsFilter $shiftsFilter, $user_shifts_admin, $days) {
function update_ShiftsFilter(ShiftsFilter $shiftsFilter, $user_shifts_admin, $days)
{
$shiftsFilter->setUserShiftsAdmin($user_shifts_admin);
$shiftsFilter->setFilled(check_request_int_array('filled', $shiftsFilter->getFilled()));
$shiftsFilter->setRooms(check_request_int_array('rooms', $shiftsFilter->getRooms()));
@ -76,44 +85,86 @@ function update_ShiftsFilter(ShiftsFilter $shiftsFilter, $user_shifts_admin, $da
update_ShiftsFilter_timerange($shiftsFilter, $days);
}
function load_rooms() {
$rooms = sql_select("SELECT `RID` AS `id`, `Name` AS `name` FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
if (count($rooms) == 0) {
error(_("The administration has not configured any rooms yet."));
/**
* @return array
*/
function load_rooms()
{
$rooms = DB::select(
'SELECT `RID` AS `id`, `Name` AS `name` FROM `Room` WHERE `show`=\'Y\' ORDER BY `Name`'
);
if (empty($rooms)) {
error(_('The administration has not configured any rooms yet.'));
redirect('?');
}
return $rooms;
}
function load_days() {
$days = sql_select_single_col("
/**
* @return array
*/
function load_days()
{
$days = DB::select('
SELECT DISTINCT DATE(FROM_UNIXTIME(`start`)) AS `id`, DATE(FROM_UNIXTIME(`start`)) AS `name`
FROM `Shifts`
ORDER BY `start`");
if (count($days) == 0) {
error(_("The administration has not configured any shifts yet."));
ORDER BY `start`
');
$days = array_map('array_shift', $days);
if (empty($days)) {
error(_('The administration has not configured any shifts yet.'));
redirect('?');
}
return $days;
}
function load_types() {
/**
* @return array|false
*/
function load_types()
{
global $user;
if (sql_num_query("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0") == 0) {
error(_("The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype."));
if (!count(DB::select('SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0'))) {
error(_('The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype.'));
redirect('?');
}
$types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`");
$types = DB::select('
SELECT
`AngelTypes`.`id`,
`AngelTypes`.`name`,
(
`AngelTypes`.`restricted`=0
OR (
NOT `UserAngelTypes`.`confirm_user_id` IS NULL
OR `UserAngelTypes`.`id` IS NULL
)
) AS `enabled`
FROM `AngelTypes`
LEFT JOIN `UserAngelTypes`
ON (
`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
AND `UserAngelTypes`.`user_id`=?
)
ORDER BY `AngelTypes`.`name`
',
[
$user['UID'],
]
);
if (empty($types)) {
return sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0");
return DB::select('SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0');
}
return $types;
}
function view_user_shifts() {
global $user, $privileges;
global $ical_shifts;
/**
* @return string
*/
function view_user_shifts()
{
global $user, $privileges, $ical_shifts;
$ical_shifts = [];
$days = load_days();
@ -132,66 +183,91 @@ function view_user_shifts() {
$shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
if ($user['api_key'] == "") {
if ($user['api_key'] == '') {
User_reset_api_key($user, false);
}
$filled = [
[
'id' => '1',
'name' => _("occupied")
'name' => _('occupied')
],
[
'id' => '0',
'name' => _("free")
'name' => _('free')
]
];
$start_day = date("Y-m-d", $shiftsFilter->getStartTime());
$start_time = date("H:i", $shiftsFilter->getStartTime());
$end_day = date("Y-m-d", $shiftsFilter->getEndTime());
$end_time = date("H:i", $shiftsFilter->getEndTime());
$start_day = date('Y-m-d', $shiftsFilter->getStartTime());
$start_time = date('H:i', $shiftsFilter->getStartTime());
$end_day = date('Y-m-d', $shiftsFilter->getEndTime());
$end_time = date('H:i', $shiftsFilter->getEndTime());
return page([
div('col-md-12', [
msg(),
template_render(__DIR__ . '/../../templates/user_shifts.html', [
'title' => shifts_title(),
'room_select' => make_select($rooms, $shiftsFilter->getRooms(), "rooms", _("Rooms")),
'start_select' => html_select_key("start_day", "start_day", array_combine($days, $days), $start_day),
'room_select' => make_select($rooms, $shiftsFilter->getRooms(), 'rooms', _('Rooms')),
'start_select' => html_select_key('start_day', 'start_day', array_combine($days, $days), $start_day),
'start_time' => $start_time,
'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $end_day),
'end_select' => html_select_key('end_day', 'end_day', array_combine($days, $days), $end_day),
'end_time' => $end_time,
'type_select' => make_select($types, $shiftsFilter->getTypes(), "types", _("Angeltypes") . '<sup>1</sup>'),
'filled_select' => make_select($filled, $shiftsFilter->getFilled(), "filled", _("Occupancy")),
'task_notice' => '<sup>1</sup>' . _("The tasks shown here are influenced by the angeltypes you joined already!") . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" . _("Description of the jobs.") . "</a>",
'type_select' => make_select(
$types,
$shiftsFilter->getTypes(),
'types',
_('Angeltypes') . '<sup>1</sup>'
),
'filled_select' => make_select($filled, $shiftsFilter->getFilled(), 'filled', _('Occupancy')),
'task_notice' =>
'<sup>1</sup>'
. _('The tasks shown here are influenced by the angeltypes you joined already!')
. ' <a href="' . page_link_to('angeltypes') . '&action=about' . '">'
. _('Description of the jobs.')
. '</a>',
'shifts_table' => msg() . $shiftCalendarRenderer->render(),
'ical_text' => '<h2>' . _("iCal export") . '</h2><p>' . sprintf(_("Export of shown shifts. <a href=\"%s\">iCal format</a> or <a href=\"%s\">JSON format</a> available (please keep secret, otherwise <a href=\"%s\">reset the api key</a>)."), page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('user_myshifts') . '&reset') . '</p>',
'filter' => _("Filter")
'ical_text' => '<h2>' . _('iCal export') . '</h2><p>' . sprintf(
_('Export of shown shifts. <a href="%s">iCal format</a> or <a href="%s">JSON format</a> available (please keep secret, otherwise <a href="%s">reset the api key</a>).'),
page_link_to_absolute('ical') . '&key=' . $user['api_key'],
page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'],
page_link_to('user_myshifts') . '&reset'
) . '</p>',
'filter' => _('Filter')
])
])
]);
}
function get_ids_from_array($array) {
return $array["id"];
/**
* @param array $array
* @return array
*/
function get_ids_from_array($array)
{
return $array['id'];
}
function make_select($items, $selected, $name, $title = null) {
function make_select($items, $selected, $name, $title = null)
{
$html_items = [];
if (isset($title)) {
$html_items[] = '<h4>' . $title . '</h4>' . "\n";
}
foreach ($items as $i) {
$html_items[] = '<div class="checkbox"><label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '"' . (in_array($i['id'], $selected) ? ' checked="checked"' : '') . '> ' . $i['name'] . '</label>' . (! isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock")) . '</div><br />';
$html_items[] = '<div class="checkbox">'
. '<label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '" '
. (in_array($i['id'], $selected) ? ' checked="checked"' : '')
. ' > ' . $i['name'] . '</label>'
. (!isset($i['enabled']) || $i['enabled'] ? '' : glyph('lock'))
. '</div><br />';
}
$html = '<div id="selection_' . $name . '" class="selection ' . $name . '">' . "\n";
$html .= implode("\n", $html_items);
$html .= buttons([
button("javascript: checkAll('selection_" . $name . "', true)", _("All"), ""),
button("javascript: checkAll('selection_" . $name . "', false)", _("None"), "")
button('javascript: checkAll(\'selection_' . $name . '\', true)', _('All'), ''),
button('javascript: checkAll(\'selection_' . $name . '\', false)', _('None'), '')
]);
$html .= '</div>' . "\n";
return $html;
}
?>

117
includes/sys_auth.php
Unescape Escape View File

@ -1,18 +1,29 @@
<?php
use Engelsystem\Database\DB;
/**
* Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
*/
function load_auth() {
function load_auth()
{
global $user, $privileges;
$user = null;
if (isset($_SESSION['uid'])) {
$user = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_SESSION['uid']) . "' LIMIT 1");
$user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$_SESSION['uid']]);
if (count($user) > 0) {
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
list($user) = $user;
sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
$user = array_shift($user);
DB::update('
UPDATE `User`
SET `lastLogIn` = ?
WHERE `UID` = ?
LIMIT 1
', [
time(),
$_SESSION['uid'],
]);
$privileges = privileges_for_user($user['UID']);
return;
}
@ -25,10 +36,14 @@ function load_auth() {
/**
* generate a salt (random string) of arbitrary length suitable for the use with crypt()
*
* @param int $length
* @return string
*/
function generate_salt($length = 16) {
$alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
$salt = "";
function generate_salt($length = 16)
{
$alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
$salt = '';
for ($i = 0; $i < $length; $i++) {
$salt .= $alphabet[rand(0, strlen($alphabet) - 1)];
}
@ -37,11 +52,26 @@ function generate_salt($length = 16) {
/**
* set the password of a user
*
* @param int $uid
* @param string $password
* @return bool
*/
function set_password($uid, $password) {
global $crypt_alg;
$result = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt(16) . '$')) . "', `password_recovery_token`=NULL WHERE `UID` = " . intval($uid) . " LIMIT 1");
if ($result === false) {
function set_password($uid, $password)
{
$result = DB::update('
UPDATE `User`
SET `Passwort` = ?,
`password_recovery_token`=NULL
WHERE `UID` = ?
LIMIT 1
',
[
crypt($password, config('crypt_alg') . '$' . generate_salt(16) . '$'),
$uid
]
);
if (DB::getStm()->errorCode() != '00000') {
engelsystem_error('Unable to update password.');
}
return $result;
@ -50,9 +80,15 @@ function set_password($uid, $password) {
/**
* verify a password given a precomputed salt.
* if $uid is given and $salt is an old-style salt (plain md5), we convert it automatically
*
* @param string $password
* @param string $salt
* @param int $uid
* @return bool
*/
function verify_password($password, $salt, $uid = false) {
global $crypt_alg;
function verify_password($password, $salt, $uid = null)
{
$crypt_alg = config('crypt_alg');
$correct = false;
if (substr($salt, 0, 1) == '$') { // new-style crypt()
$correct = crypt($password, $salt) == $salt;
@ -62,30 +98,63 @@ function verify_password($password, $salt, $uid = false) {
$correct = md5($password) == $salt;
}
if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && $uid) {
if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && intval($uid)) {
// this password is stored in another format than we want it to be.
// let's update it!
// we duplicate the query from the above set_password() function to have the extra safety of checking the old hash
sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt() . '$')) . "' WHERE `UID` = " . intval($uid) . " AND `Passwort` = '" . sql_escape($salt) . "' LIMIT 1");
DB::update('
UPDATE `User`
SET `Passwort` = ?
WHERE `UID` = ?
AND `Passwort` = ?
LIMIT 1
',
[
crypt($password, $crypt_alg . '$' . generate_salt() . '$'),
$uid,
$salt,
]
);
}
return $correct;
}
function privileges_for_user($user_id) {
/**
* @param int $user_id
* @return array
*/
function privileges_for_user($user_id)
{
$privileges = [];
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'");
foreach ($user_privs as $user_priv) {
$privileges[] = $user_priv['name'];
$user_privileges = DB::select('
SELECT `Privileges`.`name`
FROM `User`
JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`)
JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`)
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `User`.`UID`=?
', [$user_id]);
foreach ($user_privileges as $user_privilege) {
$privileges[] = $user_privilege['name'];
}
return $privileges;
}
function privileges_for_group($group_id) {
/**
* @param int $group_id
* @return array
*/
function privileges_for_group($group_id)
{
$privileges = [];
$groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group_id) . "'");
foreach ($groups_privs as $guest_priv) {
$privileges[] = $guest_priv['name'];
$groups_privileges = DB::select('
SELECT `name`
FROM `GroupPrivileges`
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `group_id`=?
', [$group_id]);
foreach ($groups_privileges as $guest_privilege) {
$privileges[] = $guest_privilege['name'];
}
return $privileges;
}
?>

307
includes/sys_form.php
Unescape Escape View File

@ -4,20 +4,25 @@
/**
* Renders a hidden input
*
* @param string $name
* Name of the input
* @param string $value
* The value
* @param string $name Name of the input
* @param string $value The value
* @return string rendered html
*/
function form_hidden($name, $value) {
function form_hidden($name, $value)
{
return '<input type="hidden" name="' . $name . '" value="' . $value . '" />';
}
/**
* Rendert ein Zahlenfeld mit Buttons zum verstellen
*
* @param string $name
* @param string $label
* @param string $value
* @return string
*/
function form_spinner($name, $label, $value) {
function form_spinner($name, $label, $value)
{
return form_element($label, '
<div class="input-group">
<input id="spinner-' . $name . '" class="form-control" type="text" name="' . $name . '" value="' . $value . '" />
@ -31,11 +36,13 @@ function form_spinner($name, $label, $value) {
</div>
</div>
<script type="text/javascript">
$("#spinner-' . $name . '-down").click(function(e) {
$("#spinner-' . $name . '").val(parseInt($("#spinner-' . $name . '").val()) - 1);
$("#spinner-' . $name . '-down").click(function() {
var spinner = $("#spinner-' . $name . '");
spinner.val(parseInt(spinner.val()) - 1);
});
$("#spinner-' . $name . '-up").click(function(e) {
$("#spinner-' . $name . '").val(parseInt($("#spinner-' . $name . '").val()) + 1);
$("#spinner-' . $name . '-up").click(function() {
var spinner = $("#spinner-' . $name . '");
spinner.val(parseInt(spinner.val()) + 1);
});
</script>
');
@ -44,17 +51,15 @@ function form_spinner($name, $label, $value) {
/**
* Render a bootstrap datepicker
*
* @param string $name
* Name of the parameter
* @param string $label
* Label
* @param int $value
* Unix Timestamp
* @param int $min_date
* Earliest possible date
* @return HTML
* @param string $name Name of the parameter
* @param string $label Label
* @param int $value Unix Timestamp
* @param string $start_date Earliest possible date
* @param string $end_date
* @return string HTML
*/
function form_date($name, $label, $value, $start_date = '', $end_date = '') {
function form_date($name, $label, $value, $start_date = '', $end_date = '')
{
$dom_id = $name . '-date';
$value = is_numeric($value) ? date('Y-m-d', $value) : '';
$start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : '';
@ -80,16 +85,14 @@ function form_date($name, $label, $value, $start_date = '', $end_date = '') {
/**
* Rendert eine Liste von Checkboxen für ein Formular
*
* @param
* name Die Namen der Checkboxen werden aus name_key gebildet
* @param
* label Die Beschriftung der Liste
* @param
* items Array mit den einzelnen Checkboxen
* @param
* selected Array mit den Keys, die ausgewählt sind
* @param string $name Die Namen der Checkboxen werden aus name_key gebildet
* @param string $label Die Beschriftung der Liste
* @param array $items Array mit den einzelnen Checkboxen
* @param array $selected Array mit den Keys, die ausgewählt sind
* @return string
*/
function form_checkboxes($name, $label, $items, $selected) {
function form_checkboxes($name, $label, $items, $selected)
{
$html = form_element($label, '');
foreach ($items as $key => $item) {
$html .= form_checkbox($name . '_' . $key, $item, array_search($key, $selected) !== false);
@ -100,61 +103,89 @@ function form_checkboxes($name, $label, $items, $selected) {
/**
* Rendert eine Tabelle von Checkboxen für ein Formular
*
* @param
* names Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
* @param
* label Die Beschriftung der gesamten Tabelle
* @param
* items Array mit den Beschriftungen der Zeilen
* @param
* selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo markierten Checkboxen ist
* @param
* disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
* @param string[] $names Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
* @param string $label Die Beschriftung der gesamten Tabelle
* @param string[] $items Array mit den Beschriftungen der Zeilen
* @param array[] $selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo
* markierten Checkboxen ist
* @param array $disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
* @return string
*/
function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []) {
$html = "<table><thead><tr>";
function form_multi_checkboxes($names, $label, $items, $selected, $disabled = [])
{
$html = '<table><thead><tr>';
foreach ($names as $title) {
$html .= "<th>$title</th>";
$html .= '<th>' . $title . '</th>';
}
$html .= "</tr></thead><tbody>";
$html .= '</tr></thead><tbody>';
foreach ($items as $key => $item) {
$html .= "<tr>";
$html .= '<tr>';
$dom_id = '';
foreach ($names as $name => $title) {
$dom_id = $name . '_' . $key;
$sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
$sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : '';
if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) {
$sel .= ' disabled="disabled"';
}
$html .= '<td style="text-align: center;"><input type="checkbox" id="' . $dom_id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
$html .= '<td style="text-align: center;">'
. '<input type="checkbox" id="' . $dom_id . '" name="' . $name . '[]" value="' . $key . '" ' . $sel . ' />'
. '</td>';
}
$html .= '<td><label for="' . $dom_id . '">' . $item . '</label></td></tr>';
}
$html .= "</tbody></table>";
$html .= '</tbody></table>';
return form_element($label, $html);
}
/**
* Rendert eine Checkbox
*
* @param string $name
* @param string $label
* @param string $selected
* @param string $value
* @return string
*/
function form_checkbox($name, $label, $selected, $value = 'checked') {
return '<div class="checkbox"><label><input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /> ' . $label . '</label></div>';
function form_checkbox($name, $label, $selected, $value = 'checked')
{
return '<div class="checkbox"><label>'
. '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '" '
. ($selected ? ' checked="checked"' : '') . ' /> '
. $label
. '</label></div>';
}
/**
* Rendert einen Radio
*
* @param string $name
* @param string $label
* @param string $selected
* @param string $value
* @return string
*/
function form_radio($name, $label, $selected, $value) {
return '<div class="radio"><label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /> ' . $label . '</label></div>';
function form_radio($name, $label, $selected, $value)
{
return '<div class="radio">'
. '<label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . $value . '" '
. ($selected ? ' checked="checked"' : '') . ' /> '
. $label
. '</label></div>';
}
/**
* Rendert einen Infotext in das Formular
*
* @param string $label
* @param string $text
* @return string
*/
function form_info($label, $text = "") {
if ($label == "") {
function form_info($label, $text = '')
{
if ($label == '') {
return '<span class="help-block">' . glyph('info-sign') . $text . '</span>';
}
if ($text == "") {
if ($text == '') {
return '<h4>' . $label . '</h4>';
}
return form_element($label, '<p class="form-control-static">' . $text . '</p>', '');
@ -162,86 +193,171 @@ function form_info($label, $text = "") {
/**
* Rendert den Absenden-Button eines Formulars
*
* @param string $name
* @param string $label
* @return string
*/
function form_submit($name, $label) {
return form_element('<input class="btn btn-primary" type="submit" name="' . $name . '" value="' . $label . '" />', "");
function form_submit($name, $label)
{
return form_element(
'<input class="btn btn-primary" type="submit" name="' . $name . '" value="' . $label . '" />',
''
);
}
/**
* Rendert ein Formular-Textfeld
*
* @param string $name
* @param string $label
* @param string $value
* @param bool $disabled
* @return string
*/
function form_text($name, $label, $value, $disabled = false) {
function form_text($name, $label, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
return form_element(
$label,
'<input class="form-control" id="form_' . $name . '" type="text" name="' . $name
. '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>',
'form_' . $name
);
}
/**
* Renders a text input with placeholder instead of label.
*
* @param String $name
* Input name
* @param String $placeholder
* Placeholder
* @param String $value
* The value
* @param Boolean $disabled
* Is the field enabled?
* @param String $name Input name
* @param String $placeholder Placeholder
* @param String $value The value
* @param Boolean $disabled Is the field enabled?
* @return string
*/
function form_text_placeholder($name, $placeholder, $value, $disabled = false) {
function form_text_placeholder($name, $placeholder, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element('', '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" placeholder="' . $placeholder . '" ' . $disabled . '/>');
return form_element('',
'<input class="form-control" id="form_' . $name . '" type="text" name="' . $name
. '" value="' . htmlspecialchars($value) . '" placeholder="' . $placeholder
. '" ' . $disabled . '/>'
);
}
/**
* Rendert ein Formular-Emailfeld
*
* @param string $name
* @param string $label
* @param string $value
* @param bool $disabled
* @return string
*/
function form_email($name, $label, $value, $disabled = false) {
function form_email($name, $label, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
return form_element(
$label,
'<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="'
. htmlspecialchars($value) . '" ' . $disabled . '/>',
'form_' . $name
);
}
/**
* Rendert ein Formular-Dateifeld
*
* @param string $name
* @param string $label
* @return string
*/
function form_file($name, $label) {
function form_file($name, $label)
{
return form_element($label, '<input id="form_' . $name . '" type="file" name="' . $name . '" />', 'form_' . $name);
}
/**
* Rendert ein Formular-Passwortfeld
*
* @param string $name
* @param string $label
* @param bool $disabled
* @return string
*/
function form_password($name, $label, $disabled = false) {
function form_password($name, $label, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name);
return form_element(
$label,
'<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>',
'form_' . $name
);
}
/**
* Renders a password input with placeholder instead of label.
*
* @param string $name
* @param string $placeholder
* @param bool $disabled
* @return string
*/
function form_password_placeholder($name, $placeholder, $disabled = false) {
function form_password_placeholder($name, $placeholder, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element('', '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" placeholder="' . $placeholder . '" ' . $disabled . '/>', 'form_' . $name);
return form_element(
'',
'<input class="form-control" id="form_' . $name . '" type="password" name="'
. $name . '" value="" placeholder="' . $placeholder . '" ' . $disabled . '/>',
'form_' . $name
);
}
/**
* Rendert ein Formular-Textfeld
*
* @param string $name
* @param string $label
* @param string $value
* @param bool $disabled
* @return string
*/
function form_textarea($name, $label, $value, $disabled = false) {
function form_textarea($name, $label, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name);
return form_element(
$label,
'<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="'
. $name . '" ' . $disabled . '>' . $value . '</textarea>',
'form_' . $name
);
}
/**
* Rendert ein Formular-Auswahlfeld
*
* @param string $name
* @param string $label
* @param string[] $values
* @param string $selected
* @return string
*/
function form_select($name, $label, $values, $selected) {
function form_select($name, $label, $values, $selected)
{
return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name);
}
/**
* Rendert ein Formular-Element
*
* @param string $label
* @param string $input
* @param string $for
* @return string
*/
function form_element($label, $input, $for = "") {
function form_element($label, $input, $for = '')
{
if ($label == '') {
return '<div class="form-group">' . $input . '</div>';
}
@ -251,21 +367,42 @@ function form_element($label, $input, $for = "") {
/**
* Rendert ein Formular
*
* @param string[] $elements
* @param string $action
* @return string
*/
function form($elements, $action = "") {
function form($elements, $action = '')
{
return '<form role="form" action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
}
function html_options($name, $options, $selected = "") {
$html = "";
/**
* @param string $name
* @param String[] $options
* @param string $selected
* @return string
*/
function html_options($name, $options, $selected = '')
{
$html = '';
foreach ($options as $value => $label) {
$html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label;
$html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="'
. $name . '" value="' . $value . '"> ' . $label;
}
return $html;
}
function html_select_key($dom_id, $name, $rows, $selected) {
/**
* @param string $dom_id
* @param string $name
* @param string[] $rows
* @param string $selected
* @return string
*/
function html_select_key($dom_id, $name, $rows, $selected)
{
$html = '<select class="form-control" id="' . $dom_id . '" name="' . $name . '">';
foreach ($rows as $key => $row) {
if (($key == $selected) || ($row == $selected)) {
@ -277,5 +414,3 @@ function html_select_key($dom_id, $name, $rows, $selected) {
$html .= '</select>';
return $html;
}
?>

27
includes/sys_log.php
Unescape Escape View File

@ -4,10 +4,10 @@
* Write a log entry.
* This should be used to log user's activity.
*
* @param
* $message
* @param string $message
*/
function engelsystem_log($message) {
function engelsystem_log($message)
{
global $user;
$nick = "Guest";
@ -16,24 +16,3 @@ function engelsystem_log($message) {
}
LogEntry_create($nick, $message);
}
/**
* Generates a PHP Stacktrace.
*/
function debug_string_backtrace() {
ob_start();
debug_print_backtrace();
$trace = ob_get_contents();
ob_end_clean();
// Remove first item from backtrace as it's this function which
// is redundant.
$trace = preg_replace('/^#0\s+' . __FUNCTION__ . "[^\n]*\n/", '', $trace, 1);
// Renumber backtrace items.
// $trace = preg_replace('/^#(\d+)/me', '\'#\' . ($1 - 1)', $trace);
return $trace;
}
?>

128
includes/sys_menu.php
Unescape Escape View File

@ -1,21 +1,37 @@
<?php
use Engelsystem\UserHintsRenderer;
function page_link_to($page = "") {
if ($page == "") {
/**
* @param string $page
* @return string
*/
function page_link_to($page = '')
{
if ($page == '') {
return '?';
}
return '?p=' . $page;
}
function page_link_to_absolute($page) {
return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI']) . page_link_to($page);
/**
* @param string $page
* @return string
*/
function page_link_to_absolute($page)
{
return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
. $_SERVER['HTTP_HOST']
. preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI'])
. page_link_to($page);
}
/**
* Render the user hints
*
* @return string
*/
function header_render_hints() {
function header_render_hints()
{
global $user;
$hints_renderer = new UserHintsRenderer();
@ -38,14 +54,21 @@ function header_render_hints() {
/**
* Renders the header toolbar containing search, login/logout, user and settings links.
*
* @return string
*/
function header_toolbar() {
function header_toolbar()
{
global $page, $privileges, $user;
$toolbar_items = [];
if (isset($user)) {
$toolbar_items[] = toolbar_item_link(page_link_to('shifts') . '&amp;action=next', 'time', User_shift_state_render($user));
$toolbar_items[] = toolbar_item_link(
page_link_to('shifts') . '&amp;action=next',
'time',
User_shift_state_render($user)
);
}
if (!isset($user) && in_array('register', $privileges)) {
@ -62,7 +85,12 @@ function header_toolbar() {
$toolbar_items[] = header_render_hints();
if (in_array('user_myshifts', $privileges)) {
$toolbar_items[] = toolbar_item_link(page_link_to('users') . '&amp;action=view', ' icon-icon_angel', $user['Nick'], $page == 'users');
$toolbar_items[] = toolbar_item_link(
page_link_to('users') . '&amp;action=view',
' icon-icon_angel',
$user['Nick'],
$page == 'users'
);
}
$user_submenu = make_user_submenu();
@ -73,7 +101,11 @@ function header_toolbar() {
return toolbar($toolbar_items, true);
}
function make_user_submenu() {
/**
* @return array
*/
function make_user_submenu()
{
global $privileges, $page;
$user_submenu = make_langselect();
@ -83,7 +115,12 @@ function make_user_submenu() {
}
if (in_array('user_settings', $privileges)) {
$user_submenu[] = toolbar_item_link(page_link_to('user_settings'), 'list-alt', settings_title(), $page == 'user_settings');
$user_submenu[] = toolbar_item_link(
page_link_to('user_settings'),
'list-alt',
settings_title(),
$page == 'user_settings'
);
}
if (in_array('logout', $privileges)) {
@ -93,16 +130,20 @@ function make_user_submenu() {
return $user_submenu;
}
function make_navigation() {
/**
* @return string
*/
function make_navigation()
{
global $page, $privileges;
$menu = [];
$pages = [
"news" => news_title(),
"user_meetings" => meetings_title(),
"user_shifts" => shifts_title(),
"angeltypes" => angeltypes_title(),
"user_questions" => questions_title()
'news' => news_title(),
'user_meetings' => meetings_title(),
'user_shifts' => shifts_title(),
'angeltypes' => angeltypes_title(),
'user_questions' => questions_title()
];
foreach ($pages as $menu_page => $title) {
@ -115,18 +156,18 @@ function make_navigation() {
$admin_menu = [];
$admin_pages = [
"admin_arrive" => admin_arrive_title(),
"admin_active" => admin_active_title(),
"admin_user" => admin_user_title(),
"admin_free" => admin_free_title(),
"admin_questions" => admin_questions_title(),
"shifttypes" => shifttypes_title(),
"admin_shifts" => admin_shifts_title(),
"admin_rooms" => admin_rooms_title(),
"admin_groups" => admin_groups_title(),
"admin_import" => admin_import_title(),
"admin_log" => admin_log_title(),
"admin_event_config" => event_config_title()
'admin_arrive' => admin_arrive_title(),
'admin_active' => admin_active_title(),
'admin_user' => admin_user_title(),
'admin_free' => admin_free_title(),
'admin_questions' => admin_questions_title(),
'shifttypes' => shifttypes_title(),
'admin_shifts' => admin_shifts_title(),
'admin_rooms' => admin_rooms_title(),
'admin_groups' => admin_groups_title(),
'admin_import' => admin_import_title(),
'admin_log' => admin_log_title(),
'admin_event_config' => event_config_title()
];
foreach ($admin_pages as $menu_page => $title) {
@ -136,7 +177,7 @@ function make_navigation() {
}
if (count($admin_menu) > 0) {
$menu[] = toolbar_dropdown('', _("Admin"), $admin_menu);
$menu[] = toolbar_dropdown('', _('Admin'), $admin_menu);
}
return toolbar($menu);
@ -145,41 +186,38 @@ function make_navigation() {
/**
* Adds room navigation to the given menu.
*
* @param string[] $menu
* Rendered menu
* @param string[] $menu Rendered menu
* @return string[]
*/
function make_room_navigation($menu) {
function make_room_navigation($menu)
{
global $privileges;
if (!in_array('view_rooms', $privileges)) {
return $menu;
}
//get a list of all rooms
$rooms = Rooms(true);
$rooms = Rooms();
$room_menu = [];
if (in_array('admin_rooms', $privileges)) {
$room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _("Manage rooms"));
$room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _('Manage rooms'));
}
if (count($room_menu) > 0) {
$room_menu[] = toolbar_item_divider();
}
foreach ($rooms as $room) {
if($room['show'] == 'Y' || // room is public
($room['show'] != 'Y' && in_array('admin_rooms', $privileges)) // room is not public, but user can admin_rooms
) {
$room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']);
}
}
if (count($room_menu > 0)) {
$menu[] = toolbar_dropdown('map-marker', _("Rooms"), $room_menu);
if (count($room_menu) > 0) {
$menu[] = toolbar_dropdown('map-marker', _('Rooms'), $room_menu);
}
return $menu;
}
function make_menu() {
/**
* @return string
*/
function make_menu()
{
return make_navigation();
}
?>

140
includes/sys_page.php
Unescape Escape View File

@ -8,18 +8,16 @@ use Engelsystem\ValidationResult;
/**
* Parse a date from da day and a time textfield.
*
* @param string $date_name
* Name of the textfield containing the day (format Y-m-d)
* @param string $time_name
* Name of the textfield containing the time (format H:i)
* @param string[] $allowed_days
* List of allowed days in format Y-m-d
* @param int $default_value
* Default value unix timestamp
* @param string $date_name Name of the textfield containing the day (format Y-m-d)
* @param string $time_name Name of the textfield containing the time (format H:i)
* @param string[] $allowed_days List of allowed days in format Y-m-d
* @param int $default_value Default value unix timestamp
* @return int|null
*/
function check_request_datetime($date_name, $time_name, $allowed_days, $default_value) {
$time = date("H:i", $default_value);
$day = date("Y-m-d", $default_value);
function check_request_datetime($date_name, $time_name, $allowed_days, $default_value)
{
$time = date('H:i', $default_value);
$day = date('Y-m-d', $default_value);
if (isset($_REQUEST[$time_name]) && preg_match('#^\d{1,2}:\d\d$#', trim($_REQUEST[$time_name]))) {
$time = trim($_REQUEST[$time_name]);
@ -28,19 +26,18 @@ function check_request_datetime($date_name, $time_name, $allowed_days, $default_
$day = $_REQUEST[$date_name];
}
return parse_date("Y-m-d H:i", $day . " " . $time);
return parse_date('Y-m-d H:i', $day . ' ' . $time);
}
/**
* Parse a date into unix timestamp
*
* @param string $pattern
* The date pattern (i.e. Y-m-d H:i)
* @param string $value
* The string to parse
* @return The parsed unix timestamp
* @param string $pattern The date pattern (i.e. Y-m-d H:i)
* @param string $value The string to parse
* @return int|null The parsed unix timestamp
*/
function parse_date($pattern, $value) {
function parse_date($pattern, $value)
{
$datetime = DateTime::createFromFormat($pattern, trim($value));
if ($datetime == null) {
return null;
@ -50,19 +47,22 @@ function parse_date($pattern, $value) {
/**
* Leitet den Browser an die übergebene URL weiter und hält das Script an.
*
* @param string $url
*/
function redirect($url) {
header("Location: " . $url, true, 302);
raw_output("");
function redirect($url)
{
header('Location: ' . $url, true, 302);
raw_output('');
}
/**
* Echoes given output and dies.
*
* @param String $output
* String to display
* @param String $output String to display
*/
function raw_output($output) {
function raw_output($output = '')
{
echo $output;
die();
}
@ -70,30 +70,30 @@ function raw_output($output) {
/**
* Helper function for transforming list of entities into array for select boxes.
*
* @param array $data
* The data array
* @param string $key_name
* name of the column to use as id/key
* @param string $value_name
* name of the column to use as displayed value
* @param array $data The data array
* @param string $key_name name of the column to use as id/key
* @param string $value_name name of the column to use as displayed value
*
* @return array
*/
function select_array($data, $key_name, $value_name) {
$ret = [];
function select_array($data, $key_name, $value_name)
{
$return = [];
foreach ($data as $value) {
$ret[$value[$key_name]] = $value[$value_name];
$return[$value[$key_name]] = $value[$value_name];
}
return $ret;
return $return;
}
/**
* Returns an int[] from given request param name.
*
* @param String $name
* Name of the request param
* @param array<int> $default
* Default return value, if param is not set
* @param string $name Name of the request param
* @param array $default Default return value, if param is not set
* @return array
*/
function check_request_int_array($name, $default = []) {
function check_request_int_array($name, $default = [])
{
if (isset($_REQUEST[$name]) && is_array($_REQUEST[$name])) {
return array_filter($_REQUEST[$name], 'is_numeric');
}
@ -104,15 +104,13 @@ function check_request_int_array($name, $default = []) {
* Checks if given request item (name) can be parsed to a date.
* If not parsable, given error message is put into msg() and null is returned.
*
* @param string $input
* String to be parsed into a date.
* @param string $error_message
* the error message displayed if $input is not parsable
* @param boolean $null_allowed
* is a null value allowed?
* @param string $name to be parsed into a date.
* @param string $error_message the error message displayed if $input is not parsable
* @param boolean $null_allowed is a null value allowed?
* @return ValidationResult containing the parsed date
*/
function check_request_date($name, $error_message = null, $null_allowed = false) {
function check_request_date($name, $error_message = null, $null_allowed = false)
{
if (!isset($_REQUEST[$name])) {
return new ValidationResult($null_allowed, null);
}
@ -123,16 +121,14 @@ function check_request_date($name, $error_message = null, $null_allowed = false)
* Checks if given string can be parsed to a date.
* If not parsable, given error message is put into msg() and null is returned.
*
* @param string $input
* String to be parsed into a date.
* @param string $error_message
* the error message displayed if $input is not parsable
* @param boolean $null_allowed
* is a null value allowed?
* @param string $input String to be parsed into a date.
* @param string $error_message the error message displayed if $input is not parsable
* @param boolean $null_allowed is a null value allowed?
* @return ValidationResult containing the parsed date
*/
function check_date($input, $error_message = null, $null_allowed = false) {
if ($tmp = parse_date("Y-m-d H:i", trim($input) . " 00:00")) {
function check_date($input, $error_message = null, $null_allowed = false)
{
if ($tmp = parse_date('Y-m-d H:i', trim($input) . ' 00:00')) {
return new ValidationResult(true, $tmp);
}
if ($null_allowed) {
@ -145,8 +141,13 @@ function check_date($input, $error_message = null, $null_allowed = false) {
/**
* Returns REQUEST value filtered or default value (null) if not set.
*
* @param string $name
* @param string $default_value
* @return mixed|null
*/
function strip_request_item($name, $default_value = null) {
function strip_request_item($name, $default_value = null)
{
if (isset($_REQUEST[$name])) {
return strip_item($_REQUEST[$name]);
}
@ -156,18 +157,27 @@ function strip_request_item($name, $default_value = null) {
/**
* Testet, ob der angegebene REQUEST Wert ein Integer ist, bzw.
* eine ID sein könnte.
*
* @param string $name
* @return int|false
*/
function test_request_int($name) {
function test_request_int($name)
{
if (isset($_REQUEST[$name])) {
return preg_match("/^[0-9]*$/", $_REQUEST[$name]);
return preg_match('/^\d*$/', $_REQUEST[$name]);
}
return false;
}
/**
* Gibt den gefilterten REQUEST Wert mit Zeilenumbrüchen zurück
*
* @param string $name
* @param mixed $default_value
* @return mixed
*/
function strip_request_item_nl($name, $default_value = null) {
function strip_request_item_nl($name, $default_value = null)
{
if (isset($_REQUEST[$name])) {
return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($_REQUEST[$name]));
}
@ -176,16 +186,22 @@ function strip_request_item_nl($name, $default_value = null) {
/**
* Entfernt unerwünschte Zeichen
*
* @param string $item
* @return string
*/
function strip_item($item) {
function strip_item($item)
{
return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+]{1,})/ui", '', strip_tags($item));
}
/**
* Überprüft eine E-Mail-Adresse.
*
* @param string $email
* @return bool
*/
function check_email($email) {
function check_email($email)
{
return (bool)filter_var($email, FILTER_VALIDATE_EMAIL);
}
?>

287
includes/sys_template.php
Unescape Escape View File

@ -4,44 +4,64 @@
* Liste der verfügbaren Themes
*/
$themes = [
'4' => "Engelsystem 33c3 (2016)",
'3' => "Engelsystem 32c3 (2015)",
"2" => "Engelsystem cccamp15",
"0" => "Engelsystem light",
"1" => "Engelsystem dark"
'4' => 'Engelsystem 33c3 (2016)',
'3' => 'Engelsystem 32c3 (2015)',
'2' => 'Engelsystem cccamp15',
'0' => 'Engelsystem light',
'1' => 'Engelsystem dark'
];
/**
* Display muted (grey) text.
*
* @param string $text
* @return string
*/
function mute($text) {
function mute($text)
{
return '<span class="text-muted">' . $text . '</span>';
}
/**
* Renders a bootstrap label with given content and class.
*
* @param string $content
* The text
* @param string $class
* default, primary, info, success, warning, danger
* @param string $content The text
* @param string $class default, primary, info, success, warning, danger
* @return string
*/
function label($content, $class = 'default') {
function label($content, $class = 'default')
{
return '<span class="label label-' . $class . '">' . $content . '</span>';
}
function progress_bar($valuemin, $valuemax, $valuenow, $class = '', $content = '') {
return '<div class="progress"><div class="progress-bar ' . $class . '" role="progressbar" aria-valuenow="' . $valuenow . '" aria-valuemin="' . $valuemin . '" aria-valuemax="' . $valuemax . '" style="width: ' . floor(($valuenow - $valuemin) * 100 / ($valuemax - $valuemin)) . '%">' . $content . '</div></div>';
/**
* @param int $valuemin
* @param int $valuemax
* @param int $valuenow
* @param string $class
* @param string $content
* @return string
*/
function progress_bar($valuemin, $valuemax, $valuenow, $class = '', $content = '')
{
return '<div class="progress">'
. '<div class="progress-bar ' . $class . '" role="progressbar" '
. 'aria-valuenow="' . $valuenow . '" aria-valuemin="' . $valuemin . '" aria-valuemax="' . $valuemax . '" '
. 'style="width: ' . floor(($valuenow - $valuemin) * 100 / ($valuemax - $valuemin)) . '%"'
. '>'
. $content . ''
. '</div>'
. '</div>';
}
/**
* Render glyphicon
*
* @param string $glyph_name
* @return string
*/
function glyph($glyph_name) {
function glyph($glyph_name)
{
return ' <span class="glyphicon glyphicon-' . $glyph_name . '"></span> ';
}
@ -49,12 +69,21 @@ function glyph($glyph_name) {
* Renders a tick or a cross by given boolean
*
* @param boolean $boolean
* @return string
*/
function glyph_bool($boolean) {
function glyph_bool($boolean)
{
return '<span class="text-' . ($boolean ? 'success' : 'danger') . '">' . glyph($boolean ? 'ok' : 'remove') . '</span>';
}
function div($class, $content = [], $dom_id = "") {
/**
* @param string $class
* @param array $content
* @param string $dom_id
* @return string
*/
function div($class, $content = [], $dom_id = '')
{
if (is_array($content)) {
$content = join("\n", $content);
}
@ -62,21 +91,34 @@ function div($class, $content = [], $dom_id = "") {
return '<div' . $dom_id . ' class="' . $class . '">' . $content . '</div>';
}
function heading($content, $number = 1) {
return "<h" . $number . ">" . $content . "</h" . $number . ">";
/**
* @param string $content
* @param int $number
* @return string
*/
function heading($content, $number = 1)
{
return '<h' . $number . '>' . $content . '</h' . $number . '>';
}
/**
* Render a toolbar.
*
* @param array $items
* @param bool $right
* @return string
*/
function toolbar($items = [], $right = false) {
function toolbar($items = [], $right = false)
{
return '<ul class="nav navbar-nav' . ($right ? ' navbar-right' : '') . '">' . join("\n", $items) . '</ul>';
}
function toolbar_pills($items) {
/**
* @param string[] $items
* @return string
*/
function toolbar_pills($items)
{
return '<ul class="nav nav-pills">' . join("\n", $items) . '</ul>';
}
@ -89,24 +131,58 @@ function toolbar_pills($items) {
* @param bool $selected
* @return string
*/
function toolbar_item_link($href, $glyphicon, $label, $selected = false) {
return '<li class="' . ($selected ? 'active' : '') . '"><a href="' . $href . '">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . '</a></li>';
function toolbar_item_link($href, $glyphicon, $label, $selected = false)
{
return '<li class="' . ($selected ? 'active' : '') . '">'
. '<a href="' . $href . '">'
. ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '')
. $label
. '</a>'
. '</li>';
}
function toolbar_item_divider() {
/**
* @return string
*/
function toolbar_item_divider()
{
return '<li class="divider"></li>';
}
function toolbar_dropdown($glyphicon, $label, $submenu, $class = '') {
/**
* @param string $glyphicon
* @param string $label
* @param array $submenu
* @param string $class
* @return string
*/
function toolbar_dropdown($glyphicon, $label, $submenu, $class = '')
{
return '<li class="dropdown ' . $class . '">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">' . join("\n", $submenu) . '</ul></li>';
<a href="#" class="dropdown-toggle" data-toggle="dropdown">'
. ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '')
. $label
. ' <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">'
. join("\n", $submenu)
. '</ul></li>';
}
function toolbar_popover($glyphicon, $label, $content, $class = '') {
/**
* @param string $glyphicon
* @param string $label
* @param string[] $content
* @param string $class
* @return string
*/
function toolbar_popover($glyphicon, $label, $content, $class = '')
{
$dom_id = md5(microtime() . $glyphicon . $label);
return '<li class="dropdown messages ' . $class . '">
<a id="' . $dom_id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a>
<a id="' . $dom_id . '" href="#" tabindex="0">'
. ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '')
. $label
. ' <span class="caret"></span></a>
<script type="text/javascript">
$(function(){
$("#' . $dom_id . '").popover({
@ -124,23 +200,38 @@ function toolbar_popover($glyphicon, $label, $content, $class = '') {
/**
* Generiert HTML Code für eine "Seite".
* Fügt dazu die übergebenen Elemente zusammen.
*
* @param string[] $elements
* @return string
*/
function page($elements) {
function page($elements)
{
return join($elements);
}
/**
* Generiert HTML Code für eine "Seite" mit zentraler Überschrift
* Fügt dazu die übergebenen Elemente zusammen.
*
* @param string $title
* @param string[] $elements
* @return string
*/
function page_with_title($title, $elements) {
function page_with_title($title, $elements)
{
return '<div class="col-md-12"><h1>' . $title . '</h1>' . join($elements) . '</div>';
}
/**
* Rendert eine Datentabelle
*
* @param array|string $columns
* @param array[] $rows_raw
* @param bool $data
* @return string
*/
function table($columns, $rows_raw, $data = true) {
function table($columns, $rows_raw, $data = true)
{
// If only one column is given
if (!is_array($columns)) {
$rows = [];
@ -160,10 +251,16 @@ function table($columns, $rows_raw, $data = true) {
/**
* Helper for rendering a html-table.
* use table()
*
* @param string[] $columns
* @param array[] $rows
* @param bool $data
* @return string
*/
function render_table($columns, $rows, $data = true) {
function render_table($columns, $rows, $data = true)
{
if (count($rows) == 0) {
return info(_("No data found."), true);
return info(_('No data found.'), true);
}
$html = '<table class="table table-striped' . ($data ? ' data' : '') . '">';
@ -191,88 +288,134 @@ function render_table($columns, $rows, $data = true) {
/**
* Rendert einen Knopf
*
* @param string $href
* @param string $label
* @param string $class
* @return string
*/
function button($href, $label, $class = "") {
function button($href, $label, $class = '')
{
return '<a href="' . $href . '" class="btn btn-default ' . $class . '">' . $label . '</a>';
}
/**
* Rendert einen Knopf mit Glyph
*
* @param string $href
* @param string $glyph
* @param string $class
* @return string
*/
function button_glyph($href, $glyph, $class = "") {
function button_glyph($href, $glyph, $class = '')
{
return button($href, glyph($glyph), $class);
}
/**
* Rendert eine Toolbar mit Knöpfen
*
* @param array $buttons
* @return string
*/
function buttons($buttons = []) {
function buttons($buttons = [])
{
return '<div class="form-group">' . table_buttons($buttons) . '</div>';
}
function table_buttons($buttons = []) {
/**
* @param array $buttons
* @return string
*/
function table_buttons($buttons = [])
{
return '<div class="btn-group">' . join(' ', $buttons) . '</div>';
}
// Load and render template
function template_render($file, $data) {
/**
* Load and render template
*
* @param string $file
* @param string $data
* @return string
*/
function template_render($file, $data)
{
if (file_exists($file)) {
$template = file_get_contents($file);
if (is_array($data)) {
foreach ($data as $name => $content) {
$template = str_replace("%" . $name . "%", $content, $template);
$template = str_replace('%' . $name . '%', $content, $template);
}
}
return $template;
}
engelsystem_error("Cannot find template file &laquo;" . $file . "&raquo;.");
engelsystem_error('Cannot find template file &laquo;' . $file . '&raquo;.');
return '';
}
function shorten($str, $length = 50) {
/**
* @param string $str
* @param int $length
* @return string
*/
function shorten($str, $length = 50)
{
if (strlen($str) < $length) {
return $str;
}
return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, $length - 3) . '...</span>';
return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">'
. substr($str, 0, $length - 3)
. '...</span>';
}
function table_body($array) {
$html = "";
/**
* @param array[] $array
* @return string
*/
function table_body($array)
{
$html = '';
foreach ($array as $line) {
$html .= "<tr>";
$html .= '<tr>';
if (is_array($line)) {
foreach ($line as $td) {
$html .= "<td>" . $td . "</td>";
$html .= '<td>' . $td . '</td>';
}
} else {
$html .= "<td>" . $line . "</td>";
$html .= '<td>' . $line . '</td>';
}
$html .= "</tr>";
$html .= '</tr>';
}
return $html;
}
function ReplaceSmilies($neueckig) {
$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
/**
* @param string $msg
* @return mixed
*/
function ReplaceSmilies($msg)
{
$msg = str_replace(';o))', '<img src="pic/smiles/icon_redface.gif">', $msg);
$msg = str_replace(':-))', '<img src="pic/smiles/icon_redface.gif">', $msg);
$msg = str_replace(';o)', '<img src="pic/smiles/icon_wind.gif">', $msg);
$msg = str_replace(':)', '<img src="pic/smiles/icon_smile.gif">', $msg);
$msg = str_replace(':-)', '<img src="pic/smiles/icon_smile.gif">', $msg);
$msg = str_replace(':(', '<img src="pic/smiles/icon_sad.gif">', $msg);
$msg = str_replace(':-(', '<img src="pic/smiles/icon_sad.gif">', $msg);
$msg = str_replace(':o(', '<img src="pic/smiles/icon_sad.gif">', $msg);
$msg = str_replace(':o)', '<img src="pic/smiles/icon_lol.gif">', $msg);
$msg = str_replace(';o(', '<img src="pic/smiles/icon_cry.gif">', $msg);
$msg = str_replace(';(', '<img src="pic/smiles/icon_cry.gif">', $msg);
$msg = str_replace(';-(', '<img src="pic/smiles/icon_cry.gif">', $msg);
$msg = str_replace('8)', '<img src="pic/smiles/icon_rolleyes.gif">', $msg);
$msg = str_replace('8o)', '<img src="pic/smiles/icon_rolleyes.gif">', $msg);
$msg = str_replace(':P', '<img src="pic/smiles/icon_evil.gif">', $msg);
$msg = str_replace(':-P', '<img src="pic/smiles/icon_evil.gif">', $msg);
$msg = str_replace(':oP', '<img src="pic/smiles/icon_evil.gif">', $msg);
$msg = str_replace(';P', '<img src="pic/smiles/icon_mad.gif">', $msg);
$msg = str_replace(';oP', '<img src="pic/smiles/icon_mad.gif">', $msg);
$msg = str_replace('?)', '<img src="pic/smiles/icon_question.gif">', $msg);
return $neueckig;
return $msg;
}
?>

320
includes/view/AngelTypes_view.php
Unescape Escape View File

@ -7,42 +7,53 @@
/**
* Renders the angeltypes name as link.
*
* @param AngelType $angeltype
* @param array $angeltype
* @return string
*/
function AngelType_name_render($angeltype) {
function AngelType_name_render($angeltype)
{
return '<a href="' . angeltype_link($angeltype['id']) . '">' . ($angeltype['restricted'] ? glyph('lock') : '') . $angeltype['name'] . '</a>';
}
/**
* Render angeltype membership state
*
* @param UserAngelType $user_angeltype
* UserAngelType and AngelType
* @param array $user_angeltype UserAngelType and AngelType
* @return string
*/
function AngelType_render_membership($user_angeltype) {
function AngelType_render_membership($user_angeltype)
{
if ($user_angeltype['user_angeltype_id'] != null) {
if ($user_angeltype['restricted']) {
if ($user_angeltype['confirm_user_id'] == null) {
return glyph('lock') . _("Unconfirmed");
return glyph('lock') . _('Unconfirmed');
} elseif ($user_angeltype['supporter']) {
return glyph_bool(true) . _("supporter");
return glyph_bool(true) . _('supporter');
}
return glyph_bool(true) . _("Member");
return glyph_bool(true) . _('Member');
} elseif ($user_angeltype['supporter']) {
return glyph_bool(true) . _("supporter");
return glyph_bool(true) . _('supporter');
}
return glyph_bool(true) . _("Member");
return glyph_bool(true) . _('Member');
}
return glyph_bool(false);
}
function AngelType_delete_view($angeltype) {
return page_with_title(sprintf(_("Delete angeltype %s"), $angeltype['name']), [
info(sprintf(_("Do you want to delete angeltype %s?"), $angeltype['name']), true),
/**
* @param array $angeltype
* @return string
*/
function AngelType_delete_view($angeltype)
{
return page_with_title(sprintf(_('Delete angeltype %s'), $angeltype['name']), [
info(sprintf(_('Do you want to delete angeltype %s?'), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes'), _("cancel"), 'cancel'),
button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed', _("delete"), 'ok')
button(page_link_to('angeltypes'), _('cancel'), 'cancel'),
button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed',
_('delete'),
'ok'
)
])
]);
}
@ -50,64 +61,104 @@ function AngelType_delete_view($angeltype) {
/**
* Render angeltype edit form.
*
* @param Angeltype $angeltype
* The angeltype to edit
* @param boolean $supporter_mode
* Is the user a supporter of this angeltype?
* @param array $angeltype The angeltype to edit
* @param boolean $supporter_mode Is the user a supporter of this angeltype?
* @return string
*/
function AngelType_edit_view($angeltype, $supporter_mode) {
function AngelType_edit_view($angeltype, $supporter_mode)
{
$contact_info = AngelType_contact_info($angeltype);
return page_with_title(sprintf(_("Edit %s"), $angeltype['name']), [
return page_with_title(sprintf(_('Edit %s'), $angeltype['name']), [
buttons([
button(page_link_to('angeltypes'), _("Angeltypes"), 'back')
button(page_link_to('angeltypes'), _('Angeltypes'), 'back')
]),
msg(),
form([
$supporter_mode ? form_info(_("Name"), $angeltype['name']) : form_text('name', _("Name"), $angeltype['name']),
$supporter_mode ? form_info(_("Restricted"), $angeltype['restricted'] ? _("Yes") : _("No")) : form_checkbox('restricted', _("Restricted"), $angeltype['restricted']),
$supporter_mode ? form_info(_("No Self Sign Up"), $angeltype['no_self_signup'] ? _("Yes") : _("No")) : form_checkbox('no_self_signup', _("No Self Sign Up"), $angeltype['no_self_signup']),
$supporter_mode ? form_info(_("Requires driver license"), $angeltype['requires_driver_license'] ? _("Yes") : _("No")) : form_checkbox('requires_driver_license', _("Requires driver license"), $angeltype['requires_driver_license']),
//form_text('contact_name', _("Name"), $angeltype['contact_name']),
//form_text('contact_dect', _("DECT"), $angeltype['contact_dect']),
//form_text('contact_email', _("E-Mail"), $angeltype['contact_email']),
form_info("", _("Restricted angel types can only be used by an angel if enabled by a supporter (double opt-in).")),
form_textarea('description', _("Description"), $angeltype['description']),
form_info("", _("Please use markdown for the description.")),
form_submit('submit', _("Save"))
$supporter_mode
? form_info(_('Name'), $angeltype['name'])
: form_text('name', _('Name'), $angeltype['name']),
$supporter_mode
? form_info(_('Restricted'), $angeltype['restricted'] ? _('Yes') : _('No'))
: form_checkbox('restricted', _('Restricted'), $angeltype['restricted']),
$supporter_mode
? form_info(_('No Self Sign Up'), $angeltype['no_self_signup'] ? _('Yes') : _('No'))
: form_checkbox('no_self_signup', _('No Self Sign Up'), $angeltype['no_self_signup']),
$supporter_mode
? form_info(_('Requires driver license'), $angeltype['requires_driver_license'] ? _('Yes') : _('No'))
: form_checkbox(
'requires_driver_license',
_('Requires driver license'),
$angeltype['requires_driver_license']
),
//form_text('contact_name', _('Name'), $angeltype['contact_name']),
//form_text('contact_dect', _('DECT'), $angeltype['contact_dect']),
//form_text('contact_email', _('E-Mail'), $angeltype['contact_email']),
form_info(
'',
_('Restricted angel types can only be used by an angel if enabled by a supporter (double opt-in).')
),
form_textarea('description', _('Description'), $angeltype['description']),
form_info('', _('Please use markdown for the description.')),
form_submit('submit', _('Save'))
])
]);
}
/**
* Renders the buttons for the angeltype view.
*
* @param array $angeltype
* @param array|null $user_angeltype
* @param bool $admin_angeltypes
* @param bool $supporter
* @param array|null $user_driver_license
* @param array|null $user
* @return string
*/
function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user) {
function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user)
{
$buttons = [
button(page_link_to('angeltypes'), _("Angeltypes"), 'back')
button(page_link_to('angeltypes'), _('Angeltypes'), 'back')
];
if ($angeltype['requires_driver_license']) {
$buttons[] = button(user_driver_license_edit_link($user), glyph("road") . _("my driving license"));
$buttons[] = button(user_driver_license_edit_link($user), glyph('road') . _('my driving license'));
}
if ($user_angeltype == null) {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
_('join'),
'add'
);
} else {
if ($angeltype['requires_driver_license'] && $user_driver_license == null) {
error(_("This angeltype requires a driver license. Please enter your driver license information!"));
error(_('This angeltype requires a driver license. Please enter your driver license information!'));
}
if ($angeltype['restricted'] && $user_angeltype['confirm_user_id'] == null) {
error(sprintf(_("You are unconfirmed for this angeltype. Please go to the introduction for %s to get confirmed."), $angeltype['name']));
error(sprintf(
_('You are unconfirmed for this angeltype. Please go to the introduction for %s to get confirmed.'),
$angeltype['name']
));
}
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'], _("leave"), 'cancel');
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'],
_('leave'), 'cancel');
}
if ($admin_angeltypes || $supporter) {
$buttons[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), 'edit');
$buttons[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
_('edit'),
'edit'
);
}
if ($admin_angeltypes) {
$buttons[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), 'delete');
$buttons[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
_('delete'),
'delete'
);
}
return buttons($buttons);
@ -116,9 +167,14 @@ function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes,
/**
* Renders and sorts the members of an angeltype into supporters, members and unconfirmed members.
*
* @return [supporters, members, unconfirmed members]
* @param array $angeltype
* @param array $members
* @param bool $admin_user_angeltypes
* @param bool $admin_angeltypes
* @return array [supporters, members, unconfirmed members]
*/
function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes) {
function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes)
{
$supporters = [];
$members_confirmed = [];
$members_unconfirmed = [];
@ -126,7 +182,7 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
$member['Nick'] = User_Nick_render($member);
if ($angeltype['requires_driver_license']) {
$member['wants_to_drive'] = glyph_bool($member['wants_to_drive']);
$member['wants_to_drive'] = glyph_bool($member['user_id']);
$member['has_car'] = glyph_bool($member['has_car']);
$member['has_license_car'] = glyph_bool($member['has_license_car']);
$member['has_license_3_5t_transporter'] = glyph_bool($member['has_license_3_5t_transporter']);
@ -137,14 +193,26 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($angeltype['restricted'] && $member['confirm_user_id'] == null) {
$member['actions'] = table_buttons([
button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'], _("confirm"), 'btn-xs'),
button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("deny"), 'btn-xs')
button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'],
_('confirm'),
'btn-xs'
),
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
_('deny'),
'btn-xs'
)
]);
$members_unconfirmed[] = $member;
} elseif ($member['supporter']) {
if ($admin_angeltypes) {
$member['actions'] = table_buttons([
button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0', _("Remove supporter rights"), 'btn-xs')
button(
page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0',
_('Remove supporter rights'),
'btn-xs'
)
]);
} else {
$member['actions'] = '';
@ -153,8 +221,15 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
} else {
if ($admin_user_angeltypes) {
$member['actions'] = table_buttons([
$admin_angeltypes ? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1', _("Add supporter rights"), 'btn-xs') : '',
button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("remove"), 'btn-xs')
$admin_angeltypes
? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1',
_('Add supporter rights'), 'btn-xs')
: '',
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
_('remove'),
'btn-xs'
)
]);
}
$members_confirmed[] = $member;
@ -170,49 +245,79 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
/**
* Creates the needed member table headers according to given rights and settings from the angeltype.
*
* @param array $angeltype
* @param bool $supporter
* @param bool $admin_angeltypes
* @return array
*/
function AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes) {
function AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes)
{
if ($angeltype['requires_driver_license'] && ($supporter || $admin_angeltypes)) {
return [
'Nick' => _("Nick"),
'DECT' => _("DECT"),
'wants_to_drive' => _("Driver"),
'has_car' => _("Has car"),
'has_license_car' => _("Car"),
'has_license_3_5t_transporter' => _("3,5t Transporter"),
'has_license_7_5t_truck' => _("7,5t Truck"),
'has_license_12_5t_truck' => _("12,5t Truck"),
'has_license_forklift' => _("Forklift"),
'Nick' => _('Nick'),
'DECT' => _('DECT'),
'wants_to_drive' => _('Driver'),
'has_car' => _('Has car'),
'has_license_car' => _('Car'),
'has_license_3_5t_transporter' => _('3,5t Transporter'),
'has_license_7_5t_truck' => _('7,5t Truck'),
'has_license_12_5t_truck' => _('12,5t Truck'),
'has_license_forklift' => _('Forklift'),
'actions' => ''
];
}
return [
'Nick' => _("Nick"),
'DECT' => _("DECT"),
'Nick' => _('Nick'),
'DECT' => _('DECT'),
'actions' => ''
];
}
/**
* Render an angeltype page containing the member lists.
*
* @param array $angeltype
* @param array[] $members
* @param array $user_angeltype
* @param bool $admin_user_angeltypes
* @param bool $admin_angeltypes
* @param bool $supporter
* @param array $user_driver_license
* @param array $user
* @return string
*/
function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angeltypes, $admin_angeltypes, $supporter, $user_driver_license, $user) {
function AngelType_view(
$angeltype,
$members,
$user_angeltype,
$admin_user_angeltypes,
$admin_angeltypes,
$supporter,
$user_driver_license,
$user
) {
$page = [
AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user),
msg()
];
$page[] = '<h3>' . _("Description") . '</h3>';
$page[] = '<h3>' . _('Description') . '</h3>';
$parsedown = new Parsedown();
if ($angeltype['description'] != "") {
if ($angeltype['description'] != '') {
$page[] = '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
}
list($supporters, $members_confirmed, $members_unconfirmed) = AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes);
list($supporters, $members_confirmed, $members_unconfirmed) = AngelType_view_members(
$angeltype,
$members,
$admin_user_angeltypes,
$admin_angeltypes
);
$table_headers = AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes);
if (count($supporters) > 0) {
$page[] = '<h3>' . _("supporters") . '</h3>';
$page[] = '<h3>' . _('supporters') . '</h3>';
$page[] = table($table_headers, $supporters);
}
@ -232,52 +337,67 @@ function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angel
];
}
$page[] = '<h3>' . _("Members") . '</h3>';
$page[] = '<h3>' . _('Members') . '</h3>';
if ($admin_user_angeltypes) {
$page[] = buttons([
button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("Add"), 'add')
button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _('Add'), 'add')
]);
}
$page[] = table($table_headers, $members_confirmed);
if ($admin_user_angeltypes && $angeltype['restricted'] && count($members_unconfirmed) > 0) {
$page[] = '<h3>' . _("Unconfirmed") . '</h3>';
$page[] = '<h3>' . _('Unconfirmed') . '</h3>';
$page[] = buttons([
button(page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'], _("confirm all"), 'ok'),
button(page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'], _("deny all"), 'cancel')
button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'],
_('confirm all'),
'ok'
),
button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'],
_('deny all'),
'cancel'
)
]);
$page[] = table($table_headers, $members_unconfirmed);
}
return page_with_title(sprintf(_("Team %s"), $angeltype['name']), $page);
return page_with_title(sprintf(_('Team %s'), $angeltype['name']), $page);
}
/**
* Display the list of angeltypes.
*
* @param array $angeltypes
* @param bool $admin_angeltypes
* @return string
*/
function AngelTypes_list_view($angeltypes, $admin_angeltypes) {
function AngelTypes_list_view($angeltypes, $admin_angeltypes)
{
return page_with_title(angeltypes_title(), [
msg(),
buttons([
$admin_angeltypes ? button(page_link_to('angeltypes') . '&action=edit', _("New angeltype"), 'add') : '',
button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description"))
$admin_angeltypes ? button(page_link_to('angeltypes') . '&action=edit', _('New angeltype'), 'add') : '',
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description'))
]),
table([
'name' => _("Name"),
'restricted' => glyph('lock') . _("Restricted"),
'no_self_signup' => glyph('share') . _("Self Sign Up Allowed"),
'membership' => _("Membership"),
'actions' => ""
'name' => _('Name'),
'restricted' => glyph('lock') . _('Restricted'),
'no_self_signup' => glyph('share') . _('Self Sign Up Allowed'),
'membership' => _('Membership'),
'actions' => ''
], $angeltypes)
]);
}
/**
* Renders the about info for an angeltype.
*
* @param array $angeltype
* @return string
*/
function AngelTypes_about_view_angeltype($angeltype) {
function AngelTypes_about_view_angeltype($angeltype)
{
$parsedown = new Parsedown();
$html = '<h2>' . $angeltype['name'] . '</h2>';
@ -285,17 +405,28 @@ function AngelTypes_about_view_angeltype($angeltype) {
if (isset($angeltype['user_angeltype_id'])) {
$buttons = [];
if ($angeltype['user_angeltype_id'] != null) {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), 'cancel');
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
_('leave'),
'cancel'
);
} else {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
_('join'),
'add'
);
}
$html .= buttons($buttons);
}
if ($angeltype['restricted']) {
$html .= info(_("This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings."), true);
$html .= info(
_('This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings.'),
true
);
}
if ($angeltype['description'] != "") {
if ($angeltype['description'] != '') {
$html .= '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
}
$html .= '<hr />';
@ -305,25 +436,26 @@ function AngelTypes_about_view_angeltype($angeltype) {
/**
* Renders a site that contains every angeltype and its description, basically as an overview of the needed help types.
*
* @param array[] $angeltypes
* @param bool $user_logged_in
* @return string
*/
function AngelTypes_about_view($angeltypes, $user_logged_in) {
global $faq_url;
function AngelTypes_about_view($angeltypes, $user_logged_in)
{
$content = [
buttons([
!$user_logged_in ? button(page_link_to('register'), register_title()) : '',
!$user_logged_in ? button(page_link_to('login'), login_title()) : '',
$user_logged_in ? button(page_link_to('angeltypes'), angeltypes_title(), 'back') : '',
button($faq_url, _("FAQ"), "btn-primary")
button(config('faq_url'), _('FAQ'), 'btn-primary')
]),
'<p>' . _("Here is the list of teams and their tasks. If you have questions, read the FAQ.") . '</p>',
'<p>' . _('Here is the list of teams and their tasks. If you have questions, read the FAQ.') . '</p>',
'<hr />'
];
foreach ($angeltypes as $angeltype) {
$content[] = AngelTypes_about_view_angeltype($angeltype);
}
return page_with_title(_("Teams/Job description"), $content);
return page_with_title(_('Teams/Job description'), $content);
}
?>

104
includes/view/EventConfig_view.php
Unescape Escape View File

@ -2,12 +2,15 @@
/**
* Shows basic event infos and countdowns.
* @param EventConfig $event_config The event configuration
*
* @param array $event_config The event configuration
* @return string
*/
function EventConfig_countdown_page($event_config) {
function EventConfig_countdown_page($event_config)
{
if ($event_config == null) {
return div('col-md-12 text-center', [
heading(sprintf(_("Welcome to the %s!"), '<span class="icon-icon_angel"></span> ENGELSYSTEM'), 2)
heading(sprintf(_('Welcome to the %s!'), '<span class="icon-icon_angel"></span> ENGELSYSTEM'), 2)
]);
}
@ -15,66 +18,85 @@ function EventConfig_countdown_page($event_config) {
if ($event_config['event_name'] != null) {
$elements[] = div('col-sm-12 text-center', [
heading(sprintf(_("Welcome to the %s!"), $event_config['event_name'] . ' <span class="icon-icon_angel"></span> ENGELSYSTEM'), 2)
heading(sprintf(
_('Welcome to the %s!'),
$event_config['event_name'] . ' <span class="icon-icon_angel"></span> ENGELSYSTEM'
), 2)
]);
}
if ($event_config['buildup_start_date'] != null && time() < $event_config['buildup_start_date']) {
$elements[] = div('col-sm-3 text-center hidden-xs', [
heading(_("Buildup starts"), 4),
heading(_('Buildup starts'), 4),
'<span class="moment-countdown text-big" data-timestamp="' . $event_config['buildup_start_date'] . '">%c</span>',
'<small>' . date(_("Y-m-d"), $event_config['buildup_start_date']) . '</small>'
'<small>' . date(_('Y-m-d'), $event_config['buildup_start_date']) . '</small>'
]);
}
if ($event_config['event_start_date'] != null && time() < $event_config['event_start_date']) {
$elements[] = div('col-sm-3 text-center hidden-xs', [
heading(_("Event starts"), 4),
heading(_('Event starts'), 4),
'<span class="moment-countdown text-big" data-timestamp="' . $event_config['event_start_date'] . '">%c</span>',
'<small>' . date(_("Y-m-d"), $event_config['event_start_date']) . '</small>'
'<small>' . date(_('Y-m-d'), $event_config['event_start_date']) . '</small>'
]);
}
if ($event_config['event_end_date'] != null && time() < $event_config['event_end_date']) {
$elements[] = div('col-sm-3 text-center hidden-xs', [
heading(_("Event ends"), 4),
heading(_('Event ends'), 4),
'<span class="moment-countdown text-big" data-timestamp="' . $event_config['event_end_date'] . '">%c</span>',
'<small>' . date(_("Y-m-d"), $event_config['event_end_date']) . '</small>'
'<small>' . date(_('Y-m-d'), $event_config['event_end_date']) . '</small>'
]);
}
if ($event_config['teardown_end_date'] != null && time() < $event_config['teardown_end_date']) {
$elements[] = div('col-sm-3 text-center hidden-xs', [
heading(_("Teardown ends"), 4),
heading(_('Teardown ends'), 4),
'<span class="moment-countdown text-big" data-timestamp="' . $event_config['teardown_end_date'] . '">%c</span>',
'<small>' . date(_("Y-m-d"), $event_config['teardown_end_date']) . '</small>'
'<small>' . date(_('Y-m-d'), $event_config['teardown_end_date']) . '</small>'
]);
}
return join("", $elements);
return join('', $elements);
}
/**
* Converts event name and start+end date into a line of text.
*
* @param array $event_config
* @return string
*/
function EventConfig_info($event_config) {
function EventConfig_info($event_config)
{
if ($event_config == null) {
return "";
return '';
}
// Event name, start+end date are set
if ($event_config['event_name'] != null && $event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
return sprintf(_("%s, from %s to %s"), $event_config['event_name'], date(_("Y-m-d"), $event_config['event_start_date']), date(_("Y-m-d"), $event_config['event_end_date']));
return sprintf(
_('%s, from %s to %s'),
$event_config['event_name'],
date(_('Y-m-d'), $event_config['event_start_date']),
date(_('Y-m-d'), $event_config['event_end_date'])
);
}
// Event name, start date are set
if ($event_config['event_name'] != null && $event_config['event_start_date'] != null) {
return sprintf(_("%s, starting %s"), $event_config['event_name'], date(_("Y-m-d"), $event_config['event_start_date']));
return sprintf(
_('%s, starting %s'), $event_config['event_name'],
date(_('Y-m-d'), $event_config['event_start_date'])
);
}
// Event start+end date are set
if ($event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
return sprintf(_("Event from %s to %s"), date(_("Y-m-d"), $event_config['event_start_date']), date(_("Y-m-d"), $event_config['event_end_date']));
return sprintf(
_('Event from %s to %s'),
date(_('Y-m-d'), $event_config['event_start_date']),
date(_('Y-m-d'), $event_config['event_end_date'])
);
}
// Only event name is set
@ -82,48 +104,52 @@ function EventConfig_info($event_config) {
return sprintf($event_config['event_name']);
}
return "";
return '';
}
/**
* Render edit page for event config.
*
* @param string $event_name
* The event name
* @param string $event_welcome_msg
* The welcome message
* @param date $buildup_start_date
* @param date $event_start_date
* @param date $event_end_date
* @param date $teardown_end_date
* @param string $event_name The event name
* @param string $event_welcome_msg The welcome message
* @param int $buildup_start_date unix time stamp
* @param int $event_start_date unix time stamp
* @param int $event_end_date unix time stamp
* @param int $teardown_end_date unix time stamp
* @return string
*/
function EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date) {
function EventConfig_edit_view(
$event_name,
$event_welcome_msg,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date
) {
return page_with_title(event_config_title(), [
msg(),
form([
div('row', [
div('col-md-6', [
form_text('event_name', _("Event Name"), $event_name),
form_info('', _("Event Name is shown on the start page.")),
form_textarea('event_welcome_msg', _("Event Welcome Message"), $event_welcome_msg),
form_info('', _("Welcome message is shown after successful registration. You can use markdown."))
form_text('event_name', _('Event Name'), $event_name),
form_info('', _('Event Name is shown on the start page.')),
form_textarea('event_welcome_msg', _('Event Welcome Message'), $event_welcome_msg),
form_info('', _('Welcome message is shown after successful registration. You can use markdown.'))
]),
div('col-md-3 col-xs-6', [
form_date('buildup_start_date', _("Buildup date"), $buildup_start_date),
form_date('event_start_date', _("Event start date"), $event_start_date)
form_date('buildup_start_date', _('Buildup date'), $buildup_start_date),
form_date('event_start_date', _('Event start date'), $event_start_date)
]),
div('col-md-3 col-xs-6', [
form_date('teardown_end_date', _("Teardown end date"), $teardown_end_date),
form_date('event_end_date', _("Event end date"), $event_end_date)
form_date('teardown_end_date', _('Teardown end date'), $teardown_end_date),
form_date('event_end_date', _('Event end date'), $event_end_date)
])
]),
div('row', [
div('col-md-6', [
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
])
])
])
]);
}
?>

37
includes/view/Questions_view.php
Unescape Escape View File

@ -1,37 +1,42 @@
<?php
function Questions_view($open_questions, $answered_questions, $ask_action) {
/**
* @param array[] $open_questions
* @param array[] $answered_questions
* @param string $ask_action
* @return string
*/
function Questions_view($open_questions, $answered_questions, $ask_action)
{
foreach ($open_questions as &$question) {
$question['actions'] = '<a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">' . _("delete") . '</a>';
$question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>';
$question['Question'] = str_replace("\n", '<br />', $question['Question']);
}
foreach ($answered_questions as &$question) {
$question['Question'] = str_replace("\n", '<br />', $question['Question']);
$question['Answer'] = str_replace("\n", '<br />', $question['Answer']);
$question['actions'] = '<a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">' . _("delete") . '</a>';
$question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>';
}
return page_with_title(questions_title(), [
msg(),
heading(_("Open questions"), 2),
heading(_('Open questions'), 2),
table([
'Question' => _("Question"),
'actions' => ""
'Question' => _('Question'),
'actions' => ''
], $open_questions),
heading(_("Answered questions"), 2),
heading(_('Answered questions'), 2),
table([
'Question' => _("Question"),
'answer_user' => _("Answered by"),
'Answer' => _("Answer"),
'actions' => ""
'Question' => _('Question'),
'answer_user' => _('Answered by'),
'Answer' => _('Answer'),
'actions' => ''
], $answered_questions),
heading(_("Ask the Heaven"), 2),
heading(_('Ask the Heaven'), 2),
form([
form_textarea('question', _("Your Question:"), ""),
form_submit('submit', _("Save"))
form_textarea('question', _('Your Question:'), ''),
form_submit('submit', _('Save'))
], $ask_action)
]);
}
?>

20
includes/view/Rooms_view.php
Unescape Escape View File

@ -1,20 +1,30 @@
<?php
use Engelsystem\ShiftsFilterRenderer;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilterRenderer;
function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer) {
/**
* @param array $room
* @param ShiftsFilterRenderer $shiftsFilterRenderer
* @param ShiftCalendarRenderer $shiftCalendarRenderer
* @return string
*/
function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer)
{
return page_with_title(glyph('map-marker') . $room['Name'], [
$shiftsFilterRenderer->render(room_link($room)),
$shiftCalendarRenderer->render()
]);
}
function Room_name_render($room) {
/**
* @param array $room
* @return string
*/
function Room_name_render($room)
{
global $privileges;
if (in_array('view_rooms', $privileges)) {
return '<a href="' . room_link($room) . '">' . glyph('map-marker') . $room['Name'] . '</a>';
}
return glyph('map-marker') . $room['Name'];
}
?>

45
includes/view/ShiftCalendarLane.php
Unescape Escape View File

@ -5,17 +5,29 @@ namespace Engelsystem;
/**
* Represents a single lane in a shifts calendar.
*/
class ShiftCalendarLane {
class ShiftCalendarLane
{
/** @var int */
private $firstBlockStartTime;
/** @var int */
private $blockCount;
/** @var string */
private $header;
/** @var array[] */
private $shifts = [];
public function __construct($header, $firstBlockStartTime, $blockCount) {
/**
* ShiftCalendarLane constructor.
*
* @param string $header
* @param int $firstBlockStartTime Unix timestamp
* @param int $blockCount
*/
public function __construct($header, $firstBlockStartTime, $blockCount)
{
$this->header = $header;
$this->firstBlockStartTime = $firstBlockStartTime;
$this->blockCount = $blockCount;
@ -25,11 +37,11 @@ class ShiftCalendarLane {
* Adds a shift to the lane, but only if it fits.
* Returns true on success.
*
* @param Shift $shift
* The shift to add
* @param array $shift The shift to add
* @return boolean true on success
*/
public function addShift($shift) {
public function addShift($shift)
{
if ($this->shiftFits($shift)) {
$this->shifts[] = $shift;
return true;
@ -40,10 +52,12 @@ class ShiftCalendarLane {
/**
* Returns true if given shift fits into this lane.
*
* @param Shift $shift
* The shift to fit into this lane
* @param array $newShift
* @return bool
* @internal param array $shift The shift to fit into this lane
*/
public function shiftFits($newShift) {
public function shiftFits($newShift)
{
foreach ($this->shifts as $laneShift) {
if (!($newShift['start'] >= $laneShift['end'] || $newShift['end'] <= $laneShift['start'])) {
return false;
@ -52,12 +66,19 @@ class ShiftCalendarLane {
return true;
}
public function getHeader() {
/**
* @return string
*/
public function getHeader()
{
return $this->header;
}
public function getShifts() {
/**
* @return array[]
*/
public function getShifts()
{
return $this->shifts;
}
}
?>

132
includes/view/ShiftCalendarRenderer.php
Unescape Escape View File

@ -2,8 +2,8 @@
namespace Engelsystem;
class ShiftCalendarRenderer {
class ShiftCalendarRenderer
{
/**
* 15m * 60s/m = 900s
*/
@ -25,21 +25,37 @@ class ShiftCalendarRenderer {
*/
const TIME_MARGIN = 1800;
/** @var array */
private $lanes;
/** @var ShiftsFilter */
private $shiftsFilter;
private $firstBlockStartTime = null;
/** @var int */
private $firstBlockStartTime = 0;
private $lastBlockEndTime = null;
/** @var int */
private $lastBlockEndTime = 0;
/** @var int */
private $blocksPerSlot = null;
private $needed_angeltypes = null;
/** @var array[] */
private $needed_angeltypes = [];
private $shift_entries = null;
/** @var array[] */
private $shift_entries = [];
public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter) {
/**
* ShiftCalendarRenderer constructor.
*
* @param array[] $shifts
* @param array[] $needed_angeltypes
* @param array[] $shift_entries
* @param ShiftsFilter $shiftsFilter
*/
public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter)
{
$this->shiftsFilter = $shiftsFilter;
$this->firstBlockStartTime = $this->calcFirstBlockStartTime($shifts);
$this->lastBlockEndTime = $this->calcLastBlockEndTime($shifts);
@ -51,12 +67,12 @@ class ShiftCalendarRenderer {
/**
* Assigns the shifts to different lanes per room if they collide
*
* @param Shift[] $shifts
* The shifts to assign
* @param array[] $shifts The shifts to assign
*
* @return Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts
* @return array Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts
*/
private function assignShiftsToLanes($shifts) {
private function assignShiftsToLanes($shifts)
{
// array that assigns a room id to a list of lanes (per room)
$lanes = [];
@ -75,6 +91,7 @@ class ShiftCalendarRenderer {
// Try to add the shift to the existing lanes for this room
$shift_added = false;
foreach ($lanes[$room_id] as $lane) {
/** @var ShiftCalendarLane $lane */
$shift_added = $lane->addShift($shift);
if ($shift_added == true) {
break;
@ -84,7 +101,7 @@ class ShiftCalendarRenderer {
if ($shift_added == false) {
$newLane = new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot());
if (!$newLane->addShift($shift)) {
engelsystem_error("Unable to add shift to new lane.");
engelsystem_error('Unable to add shift to new lane.');
}
$lanes[$room_id][] = $newLane;
}
@ -93,15 +110,27 @@ class ShiftCalendarRenderer {
return $lanes;
}
public function getFirstBlockStartTime() {
/**
* @return int
*/
public function getFirstBlockStartTime()
{
return $this->firstBlockStartTime;
}
public function getLastBlockEndTime() {
/**
* @return int
*/
public function getLastBlockEndTime()
{
return $this->lastBlockEndTime;
}
public function getBlocksPerSlot() {
/**
* @return float
*/
public function getBlocksPerSlot()
{
if ($this->blocksPerSlot == null) {
$this->blocksPerSlot = $this->calcBlocksPerSlot();
}
@ -111,9 +140,10 @@ class ShiftCalendarRenderer {
/**
* Renders the whole calendar
*
* @return the generated html
* @return string the generated html
*/
public function render() {
public function render()
{
if (count($this->lanes) == 0) {
return '';
}
@ -125,9 +155,12 @@ class ShiftCalendarRenderer {
/**
* Renders the lanes containing the shifts
*
* @return string
*/
private function renderShiftLanes() {
$html = "";
private function renderShiftLanes()
{
$html = '';
foreach ($this->lanes as $room_lanes) {
foreach ($room_lanes as $lane) {
$html .= $this->renderLane($lane);
@ -140,14 +173,15 @@ class ShiftCalendarRenderer {
/**
* Renders a single lane
*
* @param ShiftCalendarLane $lane
* The lane to render
* @param ShiftCalendarLane $lane The lane to render
* @return string
*/
private function renderLane(ShiftCalendarLane $lane) {
private function renderLane(ShiftCalendarLane $lane)
{
global $user;
$shift_renderer = new ShiftCalendarShiftRenderer();
$html = "";
$html = '';
$rendered_until = $this->getFirstBlockStartTime();
foreach ($lane->getShifts() as $shift) {
@ -156,7 +190,12 @@ class ShiftCalendarRenderer {
$rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
}
list($shift_height, $shift_html) = $shift_renderer->render($shift, $this->needed_angeltypes[$shift['SID']], $this->shift_entries[$shift['SID']], $user);
list($shift_height, $shift_html) = $shift_renderer->render(
$shift,
$this->needed_angeltypes[$shift['SID']],
$this->shift_entries[$shift['SID']],
$user
);
$html .= $shift_html;
$rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW;
}
@ -175,13 +214,12 @@ class ShiftCalendarRenderer {
/**
* Renders a tick/block for given time
*
* @param int $time
* unix timestamp
* @param boolean $label
* Should time labels be generated?
* @return rendered tick html
* @param int $time unix timestamp
* @param boolean $label Should time labels be generated?
* @return string rendered tick html
*/
private function renderTick($time, $label = false) {
private function renderTick($time, $label = false)
{
if ($time % (24 * 60 * 60) == 23 * 60 * 60) {
if (!$label) {
return div('tick day');
@ -202,11 +240,14 @@ class ShiftCalendarRenderer {
/**
* Renders the left time lane including hour/day ticks
*
* @return string
*/
private function renderTimeLane() {
private function renderTimeLane()
{
$time_slot = [
div('header', [
_("Time")
_('Time')
])
];
for ($block = 0; $block < $this->getBlocksPerSlot(); $block++) {
@ -216,7 +257,12 @@ class ShiftCalendarRenderer {
return div('lane time', $time_slot);
}
private function calcFirstBlockStartTime($shifts) {
/**
* @param array[] $shifts
* @return int
*/
private function calcFirstBlockStartTime($shifts)
{
$start_time = $this->shiftsFilter->getEndTime();
foreach ($shifts as $shift) {
if ($shift['start'] < $start_time) {
@ -226,7 +272,12 @@ class ShiftCalendarRenderer {
return ShiftCalendarRenderer::SECONDS_PER_ROW * floor(($start_time - ShiftCalendarRenderer::TIME_MARGIN) / ShiftCalendarRenderer::SECONDS_PER_ROW);
}
private function calcLastBlockEndTime($shifts) {
/**
* @param array[] $shifts
* @return int
*/
private function calcLastBlockEndTime($shifts)
{
$end_time = $this->shiftsFilter->getStartTime();
foreach ($shifts as $shift) {
if ($shift['end'] > $end_time) {
@ -236,14 +287,21 @@ class ShiftCalendarRenderer {
return ShiftCalendarRenderer::SECONDS_PER_ROW * ceil(($end_time + ShiftCalendarRenderer::TIME_MARGIN) / ShiftCalendarRenderer::SECONDS_PER_ROW);
}
private function calcBlocksPerSlot() {
/**
* @return int
*/
private function calcBlocksPerSlot()
{
return ceil(($this->getLastBlockEndTime() - $this->getFirstBlockStartTime()) / ShiftCalendarRenderer::SECONDS_PER_ROW);
}
/**
* Renders a legend explaining the shift coloring
*
* @return string
*/
private function renderLegend() {
private function renderLegend()
{
return div('legend', [
label(_('Your shift'), 'primary'),
label(_('Help needed'), 'danger'),
@ -253,5 +311,3 @@ class ShiftCalendarRenderer {
]);
}
}
?>

128
includes/view/ShiftCalendarShiftRenderer.php
Unescape Escape View File

@ -5,30 +5,39 @@ namespace Engelsystem;
/**
* Renders a single shift for the shift calendar
*/
class ShiftCalendarShiftRenderer {
class ShiftCalendarShiftRenderer
{
/**
* Renders a shift
*
* @param Shift $shift
* The shift to render
* @param User $user
* The user who is viewing the shift calendar
* @param array $shift The shift to render
* @param array $needed_angeltypes
* @param array $shift_entries
* @param array $user The user who is viewing the shift calendar
* @return array
*/
public function render($shift, $needed_angeltypes, $shift_entries, $user) {
$info_text = "";
public function render($shift, $needed_angeltypes, $shift_entries, $user)
{
$info_text = '';
if ($shift['title'] != '') {
$info_text = glyph('info-sign') . $shift['title'] . '<br>';
}
list($shift_signup_state, $shifts_row) = $this->renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user);
list($shift_signup_state, $shifts_row) = $this->renderShiftNeededAngeltypes(
$shift,
$needed_angeltypes,
$shift_entries,
$user
);
$class = $this->classForSignupState($shift_signup_state);
$blocks = ceil(($shift["end"] - $shift["start"]) / ShiftCalendarRenderer::SECONDS_PER_ROW);
$blocks = ceil(($shift['end'] - $shift['start']) / ShiftCalendarRenderer::SECONDS_PER_ROW);
$blocks = max(1, $blocks);
return [
$blocks,
div('shift panel panel-' . $class . '" style="height: ' . ($blocks * ShiftCalendarRenderer::BLOCK_HEIGHT - ShiftCalendarRenderer::MARGIN) . 'px"', [
div(
'shift panel panel-' . $class . '" style="height: ' . ($blocks * ShiftCalendarRenderer::BLOCK_HEIGHT - ShiftCalendarRenderer::MARGIN) . 'px"',
[
$this->renderShiftHead($shift),
div('panel-body', [
$info_text,
@ -39,11 +48,17 @@ class ShiftCalendarShiftRenderer {
]),
$shifts_row,
div('shift-spacer')
])
]
)
];
}
private function classForSignupState(ShiftSignupState $shiftSignupState) {
/**
* @param ShiftSignupState $shiftSignupState
* @return string
*/
private function classForSignupState(ShiftSignupState $shiftSignupState)
{
switch ($shiftSignupState->getState()) {
case ShiftSignupState::ADMIN:
case ShiftSignupState::OCCUPIED:
@ -61,10 +76,20 @@ class ShiftCalendarShiftRenderer {
case ShiftSignupState::FREE:
return 'danger';
default:
return '';
}
}
private function renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user) {
/**
* @param array $shift
* @param array[] $needed_angeltypes
* @param array[] $shift_entries
* @param array $user
* @return array
*/
private function renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user)
{
global $privileges;
$shift_entries_filtered = [];
@ -75,11 +100,17 @@ class ShiftCalendarShiftRenderer {
$shift_entries_filtered[$shift_entry['TID']][] = $shift_entry;
}
$html = "";
$html = '';
/** @var ShiftSignupState $shift_signup_state */
$shift_signup_state = null;
foreach ($needed_angeltypes as $angeltype) {
if ($angeltype['count'] > 0 || count($shift_entries_filtered[$angeltype['id']]) > 0) {
list($angeltype_signup_state, $angeltype_html) = $this->renderShiftNeededAngeltype($shift, $shift_entries_filtered[$angeltype['id']], $angeltype, $user);
list($angeltype_signup_state, $angeltype_html) = $this->renderShiftNeededAngeltype(
$shift,
$shift_entries_filtered[$angeltype['id']],
$angeltype,
$user
);
if ($shift_signup_state == null) {
$shift_signup_state = $angeltype_signup_state;
} else {
@ -93,7 +124,11 @@ class ShiftCalendarShiftRenderer {
}
if (in_array('user_shifts_admin', $privileges)) {
$html .= '<li class="list-group-item">' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'], _("Add more angels"), 'btn-xs') . '</li>';
$html .= '<li class="list-group-item">' . button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'],
_('Add more angels'),
'btn-xs'
) . '</li>';
}
if ($html != '') {
return [
@ -103,33 +138,44 @@ class ShiftCalendarShiftRenderer {
}
return [
$shift_signup_state,
""
''
];
}
/**
* Renders a list entry containing the needed angels for an angeltype
*
* @param Shift $shift
* The shift which is rendered
* @param Angeltype $angeltype
* The angeltype, containing informations about needed angeltypes and already signed up angels
* @param User $user
* The user who is viewing the shift calendar
* @param array $shift The shift which is rendered
* @param array[] $shift_entries
* @param array[] $angeltype The angeltype, containing informations about needed angeltypes
* and already signed up angels
* @param array $user The user who is viewing the shift calendar
* @return array
*/
private function renderShiftNeededAngeltype($shift, $shift_entries, $angeltype, $user) {
private function renderShiftNeededAngeltype($shift, $shift_entries, $angeltype, $user)
{
$entry_list = [];
foreach ($shift_entries as $entry) {
$style = $entry['freeloaded'] ? " text-decoration: line-through;" : '';
$entry_list[] = "<span style=\"$style\">" . User_Nick_render($entry) . "</span>";
$style = $entry['freeloaded'] ? ' text-decoration: line-through;' : '';
$entry_list[] = '<span style="' . $style . '">' . User_Nick_render($entry) . '</span>';
}
$shift_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, null, $angeltype, $shift_entries);
$inner_text = sprintf(ngettext("%d helper needed", "%d helpers needed", $shift_signup_state->getFreeEntries()), $shift_signup_state->getFreeEntries());
$inner_text = sprintf(
ngettext('%d helper needed', '%d helpers needed', $shift_signup_state->getFreeEntries()),
$shift_signup_state->getFreeEntries()
);
switch ($shift_signup_state->getState()) {
case ShiftSignupState::ADMIN:
case ShiftSignupState::FREE:
// When admin or free display a link + button for sign up
$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . $inner_text . '</a> ' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'], _('Sign up'), 'btn-xs btn-primary');
$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">'
. $inner_text
. '</a> '
. button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'],
_('Sign up'), 'btn-xs btn-primary'
);
break;
case ShiftSignupState::SHIFT_ENDED:
@ -143,7 +189,12 @@ class ShiftCalendarShiftRenderer {
$entry_list[] = $inner_text . glyph('lock');
} else {
// Add link to join the angeltype first
$entry_list[] = $inner_text . '<br />' . button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']), 'btn-xs');
$entry_list[] = $inner_text . '<br />'
. button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
sprintf(_('Become %s'), $angeltype['name']),
'btn-xs'
);
}
break;
@ -160,7 +211,7 @@ class ShiftCalendarShiftRenderer {
$shifts_row = '<li class="list-group-item">';
$shifts_row .= '<strong>' . AngelType_name_render($angeltype) . ':</strong> ';
$shifts_row .= join(", ", $entry_list);
$shifts_row .= join(', ', $entry_list);
$shifts_row .= '</li>';
return [
$shift_signup_state,
@ -171,25 +222,26 @@ class ShiftCalendarShiftRenderer {
/**
* Renders the shift header
*
* @param Shift $shift
* The shift
* @param array $shift The shift
* @return string
*/
private function renderShiftHead($shift) {
private function renderShiftHead($shift)
{
global $privileges;
$header_buttons = "";
$header_buttons = '';
if (in_array('admin_shifts', $privileges)) {
$header_buttons = '<div class="pull-right">' . table_buttons([
button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'),
button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs')
]) . '</div>';
}
$shift_heading = date('H:i', $shift['start']) . ' &dash; ' . date('H:i', $shift['end']) . ' &mdash; ' . $shift['name'];
$shift_heading = date('H:i', $shift['start']) . ' &dash; '
. date('H:i', $shift['end']) . ' &mdash; '
. $shift['name'];
return div('panel-heading', [
'<a href="' . shift_link($shift) . '">' . $shift_heading . '</a>',
$header_buttons
]);
}
}
?>

41
includes/view/ShiftEntry_view.php
Unescape Escape View File

@ -2,36 +2,47 @@
/**
* Display form for adding/editing a shift entry.
*
* @param string $angel
* @param string $date
* @param string $location
* @param string $title
* @param string $type
* @param string $comment
*
* @param bool $freeloaded
* @param string $freeload_comment
* @param bool $user_admin_shifts
* @return string
*/
function ShiftEntry_edit_view($angel, $date, $location, $title, $type, $comment, $freeloaded, $freeload_comment, $user_admin_shifts = false) {
function ShiftEntry_edit_view(
$angel,
$date,
$location,
$title,
$type,
$comment,
$freeloaded,
$freeload_comment,
$user_admin_shifts = false
) {
$freeload_form = [];
if ($user_admin_shifts) {
$freeload_form = [
form_checkbox('freeloaded', _("Freeloaded"), $freeloaded),
form_textarea('freeload_comment', _("Freeload comment (Only for shift coordination):"), $freeload_comment)
form_checkbox('freeloaded', _('Freeloaded'), $freeloaded),
form_textarea('freeload_comment', _('Freeload comment (Only for shift coordination):'), $freeload_comment)
];
}
return page_with_title(_("Edit shift entry"), [
return page_with_title(_('Edit shift entry'), [
msg(),
form([
form_info(_("Angel:"), $angel),
form_info(_("Date, Duration:"), $date),
form_info(_("Location:"), $location),
form_info(_("Title:"), $title),
form_info(_("Type:"), $type),
form_textarea('comment', _("Comment (for your eyes only):"), $comment),
join("", $freeload_form),
form_submit('submit', _("Save"))
form_info(_('Angel:'), $angel),
form_info(_('Date, Duration:'), $date),
form_info(_('Location:'), $location),
form_info(_('Title:'), $title),
form_info(_('Type:'), $type),
form_textarea('comment', _('Comment (for your eyes only):'), $comment),
join('', $freeload_form),
form_submit('submit', _('Save'))
])
]);
}
?>

73
includes/view/ShiftTypes_view.php
Unescape Escape View File

@ -1,6 +1,11 @@
<?php
function ShiftType_name_render($shifttype) {
/**
* @param array $shifttype
* @return string
*/
function ShiftType_name_render($shifttype)
{
global $privileges;
if (in_array('shifttypes', $privileges)) {
return '<a href="' . shifttype_link($shifttype) . '">' . $shifttype['name'] . '</a>';
@ -8,17 +13,35 @@ function ShiftType_name_render($shifttype) {
return $shifttype['name'];
}
function ShiftType_delete_view($shifttype) {
return page_with_title(sprintf(_("Delete shifttype %s"), $shifttype['name']), [
info(sprintf(_("Do you want to delete shifttype %s?"), $shifttype['name']), true),
/**
* @param array $shifttype
* @return string
*/
function ShiftType_delete_view($shifttype)
{
return page_with_title(sprintf(_('Delete shifttype %s'), $shifttype['name']), [
info(sprintf(_('Do you want to delete shifttype %s?'), $shifttype['name']), true),
buttons([
button(page_link_to('shifttypes'), _("cancel"), 'cancel'),
button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed', _("delete"), 'ok')
button(page_link_to('shifttypes'), _('cancel'), 'cancel'),
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed',
_('delete'),
'ok btn-danger'
)
])
]);
}
function ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id) {
/**
* @param string $name
* @param int $angeltype_id
* @param array[] $angeltypes
* @param string $description
* @param int|bool $shifttype_id
* @return string
*/
function ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id)
{
$angeltypes_select = [
'' => _('All')
];
@ -41,7 +64,13 @@ function ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $s
]);
}
function ShiftType_view($shifttype, $angeltype) {
/**
* @param array $shifttype
* @param array $angeltype
* @return string
*/
function ShiftType_view($shifttype, $angeltype)
{
$parsedown = new Parsedown();
$title = $shifttype['name'];
if ($angeltype) {
@ -51,21 +80,37 @@ function ShiftType_view($shifttype, $angeltype) {
msg(),
buttons([
button(page_link_to('shifttypes'), shifttypes_title(), 'back'),
$angeltype ? button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], $angeltype['name']) : '',
$angeltype ? button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
$angeltype['name']
) : '',
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'edit'),
button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'delete')
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
_('delete'),
'delete'
)
]),
heading(_("Description"), 2),
heading(_('Description'), 2),
$parsedown->parse($shifttype['description'])
]);
}
function ShiftTypes_list_view($shifttypes) {
/**
* @param array[] $shifttypes
* @return string
*/
function ShiftTypes_list_view($shifttypes)
{
foreach ($shifttypes as &$shifttype) {
$shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>';
$shifttype['actions'] = table_buttons([
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'),
button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'btn-xs')
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
_('delete'),
'btn-xs'
)
]);
}
@ -80,5 +125,3 @@ function ShiftTypes_list_view($shifttypes) {
], $shifttypes)
]);
}
?>

32
includes/view/ShiftsFilterRenderer.php
Unescape Escape View File

@ -2,8 +2,8 @@
namespace Engelsystem;
class ShiftsFilterRenderer {
class ShiftsFilterRenderer
{
/**
* The shiftFilter to render.
*
@ -26,19 +26,27 @@ class ShiftsFilterRenderer {
*/
private $days = [];
public function __construct(ShiftsFilter $shiftsFilter) {
/**
* ShiftsFilterRenderer constructor.
*
* @param ShiftsFilter $shiftsFilter
*/
public function __construct(ShiftsFilter $shiftsFilter)
{
$this->shiftsFilter = $shiftsFilter;
}
/**
* Renders the filter.
*
* @return Generated HTML
* @param string $link_base
* @return string Generated HTML
*/
public function render($link_base) {
public function render($link_base)
{
$toolbar = [];
if ($this->daySelectionEnabled && !empty($this->days)) {
$selected_day = date("Y-m-d", $this->shiftsFilter->getStartTime());
$selected_day = date('Y-m-d', $this->shiftsFilter->getStartTime());
$day_dropdown_items = [];
foreach ($this->days as $day) {
$day_dropdown_items[] = toolbar_item_link($link_base . '&shifts_filter_day=' . $day, '', $day);
@ -52,18 +60,22 @@ class ShiftsFilterRenderer {
/**
* Should the filter display a day selection.
*
* @param string[] $days
*/
public function enableDaySelection($days) {
public function enableDaySelection($days)
{
$this->daySelectionEnabled = true;
$this->days = $days;
}
/**
* Should the filter display a day selection.
*
* @return bool
*/
public function isDaySelectionEnabled() {
public function isDaySelectionEnabled()
{
return $this->daySelectionEnabled;
}
}
?>

111
includes/view/Shifts_view.php
Unescape Escape View File

@ -1,18 +1,38 @@
<?php
use Engelsystem\ShiftSignupState;
function Shift_editor_info_render($shift) {
/**
* @param array $shift
* @return string
*/
function Shift_editor_info_render($shift)
{
$info = [];
if ($shift['created_by_user_id'] != null) {
$info[] = sprintf(glyph('plus') . _("created at %s by %s"), date('Y-m-d H:i', $shift['created_at_timestamp']), User_Nick_render(User($shift['created_by_user_id'])));
$info[] = sprintf(
glyph('plus') . _('created at %s by %s'),
date('Y-m-d H:i', $shift['created_at_timestamp']),
User_Nick_render(User($shift['created_by_user_id']))
);
}
if ($shift['edited_by_user_id'] != null) {
$info[] = sprintf(glyph('pencil') . _("edited at %s by %s"), date('Y-m-d H:i', $shift['edited_at_timestamp']), User_Nick_render(User($shift['edited_by_user_id'])));
$info[] = sprintf(
glyph('pencil') . _('edited at %s by %s'),
date('Y-m-d H:i', $shift['edited_at_timestamp']),
User_Nick_render(User($shift['edited_by_user_id']))
);
}
return join('<br />', $info);
}
function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null) {
/**
* @param array $shift
* @param array $angeltype
* @param array $user_angeltype
* @return string
*/
function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null)
{
global $user;
if ($user_angeltype == null) {
@ -20,14 +40,30 @@ function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null)
}
if ($angeltype['shift_signup_state']->isSignupAllowed()) {
return button(page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'], _('Sign up'));
return button(
page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'],
_('Sign up')
);
} elseif ($user_angeltype == null) {
return button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']));
return button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
sprintf(_('Become %s'),
$angeltype['name'])
);
}
return '';
}
function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupState $shift_signup_state) {
/**
* @param array $shift
* @param array $shifttype
* @param array $room
* @param array[] $angeltypes_source
* @param ShiftSignupState $shift_signup_state
* @return string
*/
function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupState $shift_signup_state)
{
global $privileges;
$shift_admin = in_array('admin_shifts', $privileges);
@ -47,10 +83,16 @@ function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupSt
$needed_angels .= Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin);
}
return page_with_title($shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>', [
return page_with_title(
$shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>',
[
msg(),
$shift_signup_state->getState() == ShiftSignupState::COLLIDES ? info(_('This shift collides with one of your shifts.'), true) : '',
$shift_signup_state->getState() == ShiftSignupState::SIGNED_UP ? info(_('You are signed up for this shift.'), true) : '',
$shift_signup_state->getState() == ShiftSignupState::COLLIDES
? info(_('This shift collides with one of your shifts.'), true)
: '',
$shift_signup_state->getState() == ShiftSignupState::SIGNED_UP
? info(_('You are signed up for this shift.'), true)
: '',
($shift_admin || $admin_shifttypes || $admin_rooms) ? buttons([
$shift_admin ? button(shift_edit_link($shift), glyph('pencil') . _('edit')) : '',
$shift_admin ? button(shift_delete_link($shift), glyph('trash') . _('delete')) : '',
@ -94,10 +136,19 @@ function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupSt
])
]),
$shift_admin ? Shift_editor_info_render($shift) : ''
]);
]
);
}
function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin) {
/**
* @param array $needed_angeltype
* @param array $angeltypes
* @param array[] $shift
* @param bool $user_shift_admin
* @return string
*/
function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin)
{
global $user;
$angeltype = $angeltypes[$needed_angeltype['TID']];
@ -119,7 +170,13 @@ function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shi
$needed_angels .= '<h3>' . AngelType_name_render($angeltype) . '</h3>';
$bar_max = max($needed_angeltype['count'] * 10, $needed_angeltype['taken'] * 10, 10);
$bar_value = max(1, $needed_angeltype['taken'] * 10);
$needed_angels .= progress_bar(0, $bar_max, $bar_value, $class, $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']);
$needed_angels .= progress_bar(
0,
$bar_max,
$bar_value,
$class,
$needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']
);
$angels = [];
foreach ($shift['ShiftEntry'] as $shift_entry) {
@ -134,15 +191,26 @@ function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shi
return $needed_angels;
}
function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter) {
/**
* @param array $shift_entry
* @param bool $user_shift_admin
* @param bool $angeltype_supporter
* @return string
*/
function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter)
{
$entry = User_Nick_render(User($shift_entry['UID']));
if ($shift_entry['freeloaded']) {
$entry = '<strike>' . $entry . '</strike>';
$entry = '<del>' . $entry . '</del>';
}
if ($user_shift_admin || $angeltype_supporter) {
$entry .= ' <div class="btn-group">';
if ($user_shift_admin) {
$entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs');
$entry .= button_glyph(
page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'],
'pencil',
'btn-xs'
);
}
$entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
$entry .= '</div>';
@ -153,11 +221,12 @@ function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angelty
/**
* Calc shift length in format 12:23h.
*
* @param Shift $shift
* @param array $shift
* @return string
*/
function shift_length($shift) {
$length = floor(($shift['end'] - $shift['start']) / (60 * 60)) . ":";
$length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h";
function shift_length($shift)
{
$length = floor(($shift['end'] - $shift['start']) / (60 * 60)) . ':';
$length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, '0', STR_PAD_LEFT) . 'h';
return $length;
}
?>

152
includes/view/UserAngelTypes_view.php
Unescape Escape View File

@ -1,88 +1,164 @@
<?php
function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporter) {
return page_with_title($supporter ? _("Add supporter rights") : _("Remove supporter rights"), [
/**
* @param array $user_angeltype
* @param array $user
* @param array $angeltype
* @param bool $supporter
* @return string
*/
function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporter)
{
return page_with_title($supporter ? _('Add supporter rights') : _('Remove supporter rights'), [
msg(),
info(sprintf($supporter ? _("Do you really want to add supporter rights for %s to %s?") : _("Do you really want to remove supporter rights for %s from %s?"), $angeltype['name'], User_Nick_render($user)), true),
info(sprintf(
$supporter
? _('Do you really want to add supporter rights for %s to %s?')
: _('Do you really want to remove supporter rights for %s from %s?'),
$angeltype['name'],
User_Nick_render($user)
), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $user_angeltype['id'] . '&supporter=' . ($supporter ? '1' : '0') . '&confirmed', _("yes"), 'ok')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes')
. '&action=update&user_angeltype_id=' . $user_angeltype['id']
. '&supporter=' . ($supporter ? '1' : '0')
. '&confirmed',
_('yes'),
'ok'
)
])
]);
}
function UserAngelTypes_delete_all_view($angeltype) {
return page_with_title(_("Deny all users"), [
/**
* @param array $angeltype
* @return string
*/
function UserAngelTypes_delete_all_view($angeltype)
{
return page_with_title(_('Deny all users'), [
msg(),
info(sprintf(_("Do you really want to deny all users for %s?"), $angeltype['name']), true),
info(sprintf(_('Do you really want to deny all users for %s?'), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
_('yes'),
'ok'
)
])
]);
}
function UserAngelTypes_confirm_all_view($angeltype) {
return page_with_title(_("Confirm all users"), [
/**
* @param array $angeltype
* @return string
*/
function UserAngelTypes_confirm_all_view($angeltype)
{
return page_with_title(_('Confirm all users'), [
msg(),
info(sprintf(_("Do you really want to confirm all users for %s?"), $angeltype['name']), true),
info(sprintf(_('Do you really want to confirm all users for %s?'), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
_('yes'),
'ok'
)
])
]);
}
function UserAngelType_confirm_view($user_angeltype, $user, $angeltype) {
return page_with_title(_("Confirm angeltype for user"), [
/**
* @param array $user_angeltype
* @param array $user
* @param array $angeltype
* @return string
*/
function UserAngelType_confirm_view($user_angeltype, $user, $angeltype)
{
return page_with_title(_('Confirm angeltype for user'), [
msg(),
info(sprintf(_("Do you really want to confirm %s for %s?"), User_Nick_render($user), $angeltype['name']), true),
info(sprintf(_('Do you really want to confirm %s for %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
_('yes'),
'ok'
)
])
]);
}
function UserAngelType_delete_view($user_angeltype, $user, $angeltype) {
return page_with_title(_("Remove angeltype"), [
/**
* @param array $user_angeltype
* @param array $user
* @param array $angeltype
* @return string
*/
function UserAngelType_delete_view($user_angeltype, $user, $angeltype)
{
return page_with_title(_('Remove angeltype'), [
msg(),
info(sprintf(_("Do you really want to delete %s from %s?"), User_Nick_render($user), $angeltype['name']), true),
info(sprintf(_('Do you really want to delete %s from %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
_('yes'),
'ok'
)
])
]);
}
function UserAngelType_add_view($angeltype, $users_source, $user_id) {
/**
* @param array $angeltype
* @param array[] $users_source
* @param int $user_id
* @return string
*/
function UserAngelType_add_view($angeltype, $users_source, $user_id)
{
$users = [];
foreach ($users_source as $user_source) {
$users[$user_source['UID']] = User_Nick_render($user_source);
}
return page_with_title(_("Add user to angeltype"), [
return page_with_title(_('Add user to angeltype'), [
msg(),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("back"), 'back')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('back'), 'back')
]),
form([
form_info(_("Angeltype"), $angeltype['name']),
form_select('user_id', _("User"), $users, $user_id),
form_submit('submit', _("Add"))
form_info(_('Angeltype'), $angeltype['name']),
form_select('user_id', _('User'), $users, $user_id),
form_submit('submit', _('Add'))
])
]);
}
function UserAngelType_join_view($user, $angeltype) {
return page_with_title(sprintf(_("Become a %s"), $angeltype['name']), [
/**
* @param array $user
* @param array $angeltype
* @return string
*/
function UserAngelType_join_view($user, $angeltype)
{
return page_with_title(sprintf(_('Become a %s'), $angeltype['name']), [
msg(),
info(sprintf(_("Do you really want to add %s to %s?"), User_Nick_render($user), $angeltype['name']), true),
info(sprintf(_('Do you really want to add %s to %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed', _("save"), 'ok')
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed',
_('save'),
'ok'
)
])
]);
}
?>

61
includes/view/UserDriverLicenses_view.php
Unescape Escape View File

@ -3,45 +3,60 @@
/**
* Edit a user's driving license information.
*
* @param User $user_source
* The user
* @param bool $wants_to_drive
* true, if the user wants to drive
* @param UserDriverLicense $user_driver_license
* The user driver license
* @param array $user_source The user
* @param bool $wants_to_drive true, if the user wants to drive
* @param array $user_driver_license The user driver license
* @return string
*/
function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license) {
return page_with_title(sprintf(_("Edit %s driving license information"), User_Nick_render($user_source)), [
function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license)
{
return page_with_title(sprintf(_('Edit %s driving license information'), User_Nick_render($user_source)), [
buttons([
button(user_link($user_source), _("Back to profile"), 'back')
button(user_link($user_source), _('Back to profile'), 'back')
]),
msg(),
form([
form_info(_("Privacy"), _("Your driving license information is only visible for supporters and admins.")),
form_checkbox('wants_to_drive', _("I am willing to drive a car for the event"), $wants_to_drive),
form_info(_('Privacy'), _('Your driving license information is only visible for supporters and admins.')),
form_checkbox('wants_to_drive', _('I am willing to operate cars for the PL'), $wants_to_drive),
div('panel panel-default', [
div('panel-body', [
form_checkbox('has_car', _("I have my own car with me and am willing to use it for the event (You'll get reimbursed for fuel)"), $user_driver_license['has_car']),
heading(_("Driver license"), 3),
form_checkbox('has_license_car', _("Car"), $user_driver_license['has_license_car']),
form_checkbox('has_license_3_5t_transporter', _("Transporter 3,5t"), $user_driver_license['has_license_3_5t_transporter']),
form_checkbox('has_license_7_5t_truck', _("Truck 7,5t"), $user_driver_license['has_license_7_5t_truck']),
form_checkbox('has_license_12_5t_truck', _("Truck 12,5t"), $user_driver_license['has_license_12_5t_truck']),
form_checkbox('has_license_forklift', _("Forklift"), $user_driver_license['has_license_forklift'])
form_checkbox(
'has_car',
_('I have my own car with me and am willing to use it for the PL (You\'ll get reimbursed for fuel)'),
$user_driver_license['has_car']
),
heading(_('Driver license'), 3),
form_checkbox('has_license_car', _('Car'), $user_driver_license['has_license_car']),
form_checkbox(
'has_license_3_5t_transporter',
_('Transporter 3,5t'),
$user_driver_license['has_license_3_5t_transporter']
),
form_checkbox(
'has_license_7_5t_truck',
_('Truck 7,5t'),
$user_driver_license['has_license_7_5t_truck']
),
form_checkbox(
'has_license_12_5t_truck',
_('Truck 12,5t'),
$user_driver_license['has_license_12_5t_truck']
),
form_checkbox('has_license_forklift', _('Forklift'), $user_driver_license['has_license_forklift'])
])
], 'driving_license'),
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
]),
'<script type="text/javascript">
$(function() {
if($("#wants_to_drive").is(":checked"))
var checkbox = $("#wants_to_drive");
if(checkbox.is(":checked"))
$("#driving_license").show();
else
$("#driving_license").hide();
$("#wants_to_drive").click(
function(e) {
checkbox.click(
function() {
if($("#wants_to_drive").is(":checked"))
$("#driving_license").show();
else
@ -52,5 +67,3 @@ function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver
</script>'
]);
}
?>

31
includes/view/UserHintsRenderer.php
Unescape Escape View File

@ -2,16 +2,20 @@
namespace Engelsystem;
class UserHintsRenderer {
class UserHintsRenderer
{
/** @var string[] */
private $hints = [];
private $important = false;
/**
* Render the added hints to a popover for the toolbar.
*
* @return string
*/
public function render() {
public function render()
{
if (count($this->hints) > 0) {
$hint_class = $this->important ? 'danger' : 'info';
$glyphicon = $this->important ? 'warning-sign' : 'info-sign';
@ -25,12 +29,11 @@ class UserHintsRenderer {
/**
* Add a hint to the list, if its not null and a not empty string.
*
* @param string $hint
* The hint
* @param boolean $important
* Is the hint important?
* @param string $hint The hint
* @param boolean $important Is the hint important?
*/
public function addHint($hint, $important = false) {
public function addHint($hint, $important = false)
{
if ($hint != null && $hint != '') {
if ($important) {
$this->important = true;
@ -43,17 +46,21 @@ class UserHintsRenderer {
/**
* Get all hints.
*
* @return string[]
*/
public function getHints() {
public function getHints()
{
return $this->hints;
}
/**
* Are there important hints? This leads to a more intensive icon.
*
* @return bool
*/
public function isImportant() {
public function isImportant()
{
return $this->important;
}
}
?>

587
includes/view/User_view.php
Unescape Escape View File

@ -1,78 +1,94 @@
<?php
/**
* Available T-Shirt sizes
*/
$tshirt_sizes = [
'' => _("Please select..."),
'S' => "S",
'M' => "M",
'L' => "L",
'XL' => "XL",
'2XL' => "2XL",
'3XL' => "3XL",
'4XL' => "4XL",
'5XL' => "5XL",
'S-G' => "S Girl",
'M-G' => "M Girl",
'L-G' => "L Girl",
'XL-G' => "XL Girl"
];
/**
* Renders user settings page
*
* @param User $user_source
* The user
* @param array<String> $locales
* Available languages
* @param array<String> $themes
* Available themes
* @param array $user_source The user
* @param array $locales Available languages
* @param array $themes Available themes
* @param int $buildup_start_date Unix timestamp
* @param int $teardown_end_date Unix timestamp
* @param bool $enable_tshirt_size
* @param array $tshirt_sizes
* @return string
*/
function User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, $enable_tshirt_size, $tshirt_sizes) {
function User_settings_view(
$user_source,
$locales,
$themes,
$buildup_start_date,
$teardown_end_date,
$enable_tshirt_size,
$tshirt_sizes
) {
return page_with_title(settings_title(), [
msg(),
div('row', [
div('col-md-6', [
form([
form_info('', _("Here you can change your user details.")),
form_info(entry_required() . ' = ' . _("Entry required!")),
form_text('nick', _("Nick"), $user_source['Nick'], true),
form_text('lastname', _("Last name"), $user_source['Name']),
form_text('prename', _("First name"), $user_source['Vorname']),
form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $user_source['planned_arrival_date'], $buildup_start_date, $teardown_end_date),
form_date('planned_departure_date', _("Planned date of departure"), $user_source['planned_departure_date'], $buildup_start_date, $teardown_end_date),
form_text('age', _("Age"), $user_source['Alter']),
form_text('tel', _("Phone"), $user_source['Telefon']),
form_text('dect', _("DECT"), $user_source['DECT']),
form_text('mobile', _("Mobile"), $user_source['Handy']),
form_text('mail', _("E-Mail") . ' ' . entry_required(), $user_source['email']),
form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $user_source['email_shiftinfo']),
form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $user_source['email_by_human_allowed']),
form_text('jabber', _("Jabber"), $user_source['jabber']),
form_text('hometown', _("Hometown"), $user_source['Hometown']),
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $user_source['Size']) : '',
form_info('', _('Here you can change your user details.')),
form_info(entry_required() . ' = ' . _('Entry required!')),
form_text('nick', _('Nick'), $user_source['Nick'], true),
form_text('lastname', _('Last name'), $user_source['Name']),
form_text('prename', _('First name'), $user_source['Vorname']),
form_date(
'planned_arrival_date',
_('Planned date of arrival') . ' ' . entry_required(),
$user_source['planned_arrival_date'],
$buildup_start_date,
$teardown_end_date
),
form_date(
'planned_departure_date',
_('Planned date of departure'),
$user_source['planned_departure_date'],
$buildup_start_date,
$teardown_end_date
),
form_text('age', _('Age'), $user_source['Alter']),
form_text('tel', _('Phone'), $user_source['Telefon']),
form_text('dect', _('DECT'), $user_source['DECT']),
form_text('mobile', _('Mobile'), $user_source['Handy']),
form_text('mail', _('E-Mail') . ' ' . entry_required(), $user_source['email']),
form_checkbox(
'email_shiftinfo',
_('The engelsystem is allowed to send me an email (e.g. when my shifts change)'),
$user_source['email_shiftinfo']
),
form_checkbox(
'email_by_human_allowed',
_('Humans are allowed to send me an email (e.g. for ticket vouchers)'),
$user_source['email_by_human_allowed']
),
form_text('jabber', _('Jabber'), $user_source['jabber']),
form_text('hometown', _('Hometown'), $user_source['Hometown']),
$enable_tshirt_size ? form_select(
'tshirt_size',
_('Shirt size'),
$tshirt_sizes,
$user_source['Size']
) : '',
form_info('', _('Please visit the angeltypes page to manage your angeltypes.')),
form_submit('submit', _("Save"))
form_submit('submit', _('Save'))
])
]),
div('col-md-6', [
form([
form_info(_("Here you can change your password.")),
form_password('password', _("Old password:")),
form_password('new_password', _("New password:")),
form_password('new_password2', _("Password confirmation:")),
form_submit('submit_password', _("Save"))
form_info(_('Here you can change your password.')),
form_password('password', _('Old password:')),
form_password('new_password', _('New password:')),
form_password('new_password2', _('Password confirmation:')),
form_submit('submit_password', _('Save'))
]),
form([
form_info(_("Here you can choose your color settings:")),
form_select('theme', _("Color settings:"), $themes, $user_source['color']),
form_submit('submit_theme', _("Save"))
form_info(_('Here you can choose your color settings:')),
form_select('theme', _('Color settings:'), $themes, $user_source['color']),
form_submit('submit_theme', _('Save'))
]),
form([
form_info(_("Here you can choose your language:")),
form_select('language', _("Language:"), $locales, $user_source['Sprache']),
form_submit('submit_language', _("Save"))
form_info(_('Here you can choose your language:')),
form_select('language', _('Language:'), $locales, $user_source['Sprache']),
form_submit('submit_language', _('Save'))
])
])
])
@ -81,33 +97,37 @@ function User_settings_view($user_source, $locales, $themes, $buildup_start_date
/**
* Displays the welcome message to the user and shows a login form.
*
* @param string $event_welcome_message
* @return string
*/
function User_registration_success_view($event_welcome_message) {
function User_registration_success_view($event_welcome_message)
{
$parsedown = new Parsedown();
$event_welcome_message = $parsedown->text($event_welcome_message);
return page_with_title(_("Registration successful"), [
return page_with_title(_('Registration successful'), [
msg(),
div('row', [
div('col-md-4', [
$event_welcome_message
]),
div('col-md-4', [
'<h2>' . _("Login") . '</h2>',
'<h2>' . _('Login') . '</h2>',
form([
form_text('nick', _("Nick"), ""),
form_password('password', _("Password")),
form_submit('submit', _("Login")),
form_text('nick', _('Nick'), ''),
form_password('password', _('Password')),
form_submit('submit', _('Login')),
buttons([
button(page_link_to('user_password_recovery'), _("I forgot my password"))
button(page_link_to('user_password_recovery'), _('I forgot my password'))
]),
info(_("Please note: You have to activate cookies!"), true)
info(_('Please note: You have to activate cookies!'), true)
], page_link_to('login'))
]),
div('col-md-4', [
'<h2>' . _("What can I do?") . '</h2>',
'<p>' . _("Please read about the jobs you can do to help us.") . '</p>',
'<h2>' . _('What can I do?') . '</h2>',
'<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
buttons([
button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' &raquo;')
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;')
])
])
])
@ -116,43 +136,73 @@ function User_registration_success_view($event_welcome_message) {
/**
* Gui for deleting user with password field.
*
* @param array $user
* @return string
*/
function User_delete_view($user) {
return page_with_title(sprintf(_("Delete %s"), User_Nick_render($user)), [
function User_delete_view($user)
{
return page_with_title(sprintf(_('Delete %s'), User_Nick_render($user)), [
msg(),
buttons([
button(user_edit_link($user), glyph('chevron-left') . _("back"))
button(user_edit_link($user), glyph('chevron-left') . _('back'))
]),
error(_("Do you really want to delete the user including all his shifts and every other piece of his data?"), true),
error(
_('Do you really want to delete the user including all his shifts and every other piece of his data?'),
true
),
form([
form_password('password', _("Your password")),
form_submit('submit', _("Delete"))
form_password('password', _('Your password')),
form_submit('submit', _('Delete'))
])
]);
}
/**
* View for editing the number of given vouchers
*
* @param array $user
* @return string
*/
function User_edit_vouchers_view($user) {
return page_with_title(sprintf(_("%s's vouchers"), User_Nick_render($user)), [
function User_edit_vouchers_view($user)
{
return page_with_title(sprintf(_('%s\'s vouchers'), User_Nick_render($user)), [
msg(),
buttons([
button(user_link($user), glyph('chevron-left') . _("back"))
button(user_link($user), glyph('chevron-left') . _('back'))
]),
info(sprintf(_("Angel should receive at least %d vouchers."), User_get_eligable_voucher_count($user)), true),
info(sprintf(_('Angel should receive at least %d vouchers.'), User_get_eligable_voucher_count($user)), true),
form([
form_spinner('vouchers', _("Number of vouchers given out"), $user['got_voucher']),
form_submit('submit', _("Save"))
form_spinner('vouchers', _('Number of vouchers given out'), $user['got_voucher']),
form_submit('submit', _('Save'))
], page_link_to('users') . '&action=edit_vouchers&user_id=' . $user['UID'])
]);
}
function Users_view($users, $order_by, $arrived_count, $active_count, $force_active_count, $freeloads_count, $tshirts_count, $voucher_count) {
/**
* @param array[] $users
* @param string $order_by
* @param int $arrived_count
* @param int $active_count
* @param int $force_active_count
* @param int $freeloads_count
* @param int $tshirts_count
* @param int $voucher_count
* @return string
*/
function Users_view(
$users,
$order_by,
$arrived_count,
$active_count,
$force_active_count,
$freeloads_count,
$tshirts_count,
$voucher_count
) {
foreach ($users as &$user) {
$user['Nick'] = User_Nick_render($user);
$user['Gekommen'] = glyph_bool($user['Gekommen']);
$user['got_voucher'] = $user['got_voucher'];
$user['Aktiv'] = glyph_bool($user['Aktiv']);
$user['force_active'] = glyph_bool($user['force_active']);
$user['Tshirt'] = glyph_bool($user['Tshirt']);
@ -172,79 +222,101 @@ function Users_view($users, $order_by, $arrived_count, $active_count, $force_act
'actions' => '<strong>' . count($users) . '</strong>'
];
return page_with_title(_("All users"), [
return page_with_title(_('All users'), [
msg(),
buttons([
button(page_link_to('register'), glyph('plus') . _("New user"))
button(page_link_to('register'), glyph('plus') . _('New user'))
]),
table([
'Nick' => Users_table_header_link('Nick', _("Nick"), $order_by),
'Vorname' => Users_table_header_link('Vorname', _("Prename"), $order_by),
'Name' => Users_table_header_link('Name', _("Name"), $order_by),
'DECT' => Users_table_header_link('DECT', _("DECT"), $order_by),
'Gekommen' => Users_table_header_link('Gekommen', _("Arrived"), $order_by),
'got_voucher' => Users_table_header_link('got_voucher', _("Voucher"), $order_by),
'Nick' => Users_table_header_link('Nick', _('Nick'), $order_by),
'Vorname' => Users_table_header_link('Vorname', _('Prename'), $order_by),
'Name' => Users_table_header_link('Name', _('Name'), $order_by),
'DECT' => Users_table_header_link('DECT', _('DECT'), $order_by),
'Gekommen' => Users_table_header_link('Gekommen', _('Arrived'), $order_by),
'got_voucher' => Users_table_header_link('got_voucher', _('Voucher'), $order_by),
'freeloads' => _('Freeloads'),
'Aktiv' => Users_table_header_link('Aktiv', _("Active"), $order_by),
'force_active' => Users_table_header_link('force_active', _("Forced"), $order_by),
'Tshirt' => Users_table_header_link('Tshirt', _("T-Shirt"), $order_by),
'Size' => Users_table_header_link('Size', _("Size"), $order_by),
'lastLogIn' => Users_table_header_link('lastLogIn', _("Last login"), $order_by),
'Aktiv' => Users_table_header_link('Aktiv', _('Active'), $order_by),
'force_active' => Users_table_header_link('force_active', _('Forced'), $order_by),
'Tshirt' => Users_table_header_link('Tshirt', _('T-Shirt'), $order_by),
'Size' => Users_table_header_link('Size', _('Size'), $order_by),
'lastLogIn' => Users_table_header_link('lastLogIn', _('Last login'), $order_by),
'actions' => ''
], $users)
]);
}
function Users_table_header_link($column, $label, $order_by) {
/**
* @param string $column
* @param string $label
* @param string $order_by
* @return string
*/
function Users_table_header_link($column, $label, $order_by)
{
return '<a href="' . page_link_to('users') . '&OrderBy=' . $column . '">' . $label . ($order_by == $column ? ' <span class="caret"></span>' : '') . '</a>';
}
function User_shift_state_render($user) {
/**
* @param array $user
* @return string|false
*/
function User_shift_state_render($user)
{
$upcoming_shifts = ShiftEntries_upcoming_for_user($user);
if ($upcoming_shifts === false) {
return false;
}
if (count($upcoming_shifts) == 0) {
return '<span class="text-success">' . _("Free") . '</span>';
if (empty($upcoming_shifts)) {
return '<span class="text-success">' . _('Free') . '</span>';
}
if ($upcoming_shifts[0]['start'] > time()) {
if ($upcoming_shifts[0]['start'] - time() > 3600) {
return '<span class="text-success moment-countdown" data-timestamp="' . $upcoming_shifts[0]['start'] . '">' . _("Next shift %c") . '</span>';
$nextShift = array_shift($upcoming_shifts);
if ($nextShift['start'] > time()) {
if ($nextShift['start'] - time() > 3600) {
return '<span class="text-success moment-countdown" data-timestamp="' . $nextShift['start'] . '">' . _('Next shift %c') . '</span>';
}
return '<span class="text-warning moment-countdown" data-timestamp="' . $upcoming_shifts[0]['start'] . '">' . _("Next shift %c") . '</span>';
return '<span class="text-warning moment-countdown" data-timestamp="' . $nextShift['start'] . '">' . _('Next shift %c') . '</span>';
}
$halfway = ($upcoming_shifts[0]['start'] + $upcoming_shifts[0]['end']) / 2;
$halfway = ($nextShift['start'] + $nextShift['end']) / 2;
if (time() < $halfway) {
return '<span class="text-danger moment-countdown" data-timestamp="' . $upcoming_shifts[0]['start'] . '">' . _("Shift starts %c") . '</span>';
return '<span class="text-danger moment-countdown" data-timestamp="' . $nextShift['start'] . '">' . _('Shift starts %c') . '</span>';
}
return '<span class="text-danger moment-countdown" data-timestamp="' . $upcoming_shifts[0]['end'] . '">' . _("Shift ends %c") . '</span>';
return '<span class="text-danger moment-countdown" data-timestamp="' . $nextShift['end'] . '">' . _('Shift ends %c') . '</span>';
}
function User_view_shiftentries($needed_angel_type) {
/**
* @param array $needed_angel_type
* @return string
*/
function User_view_shiftentries($needed_angel_type)
{
$shift_info = '<br><b>' . $needed_angel_type['name'] . ':</b> ';
$shift_entries = [];
foreach ($needed_angel_type['users'] as $user_shift) {
$member = User_Nick_render($user_shift);
if ($user_shift['freeloaded']) {
$member = '<strike>' . $member . '</strike>';
$member = '<del>' . $member . '</del>';
}
$shift_entries[] = $member;
}
$shift_info .= join(", ", $shift_entries);
$shift_info .= join(', ', $shift_entries);
return $shift_info;
}
/**
* Helper that renders a shift line for user view
*
* @param array $shift
* @param array $user_source
* @param bool $its_me
* @return array
*/
function User_view_myshift($shift, $user_source, $its_me) {
global $LETZTES_AUSTRAGEN, $privileges;
function User_view_myshift($shift, $user_source, $its_me)
{
global $privileges;
$shift_info = '<a href="' . shift_link($shift) . '">' . $shift['name'] . '</a>';
if ($shift['title']) {
@ -255,18 +327,18 @@ function User_view_myshift($shift, $user_source, $its_me) {
}
$myshift = [
'date' => date("Y-m-d", $shift['start']),
'time' => date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']),
'date' => date('Y-m-d', $shift['start']),
'time' => date('H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']),
'room' => $shift['Name'],
'shift_info' => $shift_info,
'comment' => $shift['Comment']
];
if ($shift['freeloaded']) {
if (in_array("user_shifts_admin", $privileges)) {
$myshift['comment'] .= '<br /><p class="error">' . _("Freeloaded") . ': ' . $shift['freeload_comment'] . '</p>';
if (in_array('user_shifts_admin', $privileges)) {
$myshift['comment'] .= '<br /><p class="error">' . _('Freeloaded') . ': ' . $shift['freeload_comment'] . '</p>';
} else {
$myshift['comment'] .= '<br /><p class="error">' . _("Freeloaded") . '</p>';
$myshift['comment'] .= '<br /><p class="error">' . _('Freeloaded') . '</p>';
}
}
@ -274,10 +346,21 @@ function User_view_myshift($shift, $user_source, $its_me) {
button(shift_link($shift), glyph('eye-open') . _('view'), 'btn-xs')
];
if ($its_me || in_array('user_shifts_admin', $privileges)) {
$myshift['actions'][] = button(page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '&id=' . $user_source['UID'], glyph('edit') . _('edit'), 'btn-xs');
}
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
$myshift['actions'][] = button(page_link_to('user_myshifts') . ((! $its_me) ? '&id=' . $user_source['UID'] : '') . '&cancel=' . $shift['id'], glyph('trash') . _('sign off'), 'btn-xs');
$myshift['actions'][] = button(
page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '&id=' . $user_source['UID'],
glyph('edit') . _('edit'),
'btn-xs'
);
}
if (
($shift['start'] > time() + config('last_unsubscribe') * 3600)
|| in_array('user_shifts_admin', $privileges)
) {
$myshift['actions'][] = button(
page_link_to('user_myshifts') . ((!$its_me) ? '&id=' . $user_source['UID'] : '') . '&cancel=' . $shift['id'],
glyph('trash') . _('sign off'),
'btn-xs'
);
}
$myshift['actions'] = table_buttons($myshift['actions']);
@ -286,8 +369,14 @@ function User_view_myshift($shift, $user_source, $its_me) {
/**
* Helper that prepares the shift table for user view
*
* @param array[] $shifts
* @param array $user_source
* @param bool $its_me
* @return array
*/
function User_view_myshifts($shifts, $user_source, $its_me) {
function User_view_myshifts($shifts, $user_source, $its_me)
{
$myshifts_table = [];
$timesum = 0;
foreach ($shifts as $shift) {
@ -302,12 +391,12 @@ function User_view_myshifts($shifts, $user_source, $its_me) {
if (count($myshifts_table) > 0) {
$myshifts_table[] = [
'date' => '<b>' . _("Sum:") . '</b>',
'time' => "<b>" . round($timesum / 3600, 1) . " h</b>",
'room' => "",
'shift_info' => "",
'comment' => "",
'actions' => ""
'date' => '<b>' . _('Sum:') . '</b>',
'time' => '<b>' . round($timesum / 3600, 1) . ' h</b>',
'room' => '',
'shift_info' => '',
'comment' => '',
'actions' => ''
];
}
return $myshifts_table;
@ -315,24 +404,57 @@ function User_view_myshifts($shifts, $user_source, $its_me) {
/**
* Renders view for a single user
*
* @param array $user_source
* @param bool $admin_user_privilege
* @param bool $freeloader
* @param array[] $user_angeltypes
* @param array[] $user_groups
* @param array[] $shifts
* @param bool $its_me
* @return string
*/
function User_view($user_source, $admin_user_privilege, $freeloader, $user_angeltypes, $user_groups, $shifts, $its_me) {
$user_name = htmlspecialchars($user_source['Vorname']) . " " . htmlspecialchars($user_source['Name']);
function User_view($user_source, $admin_user_privilege, $freeloader, $user_angeltypes, $user_groups, $shifts, $its_me)
{
$user_name = htmlspecialchars($user_source['Vorname']) . ' ' . htmlspecialchars($user_source['Name']);
$myshifts_table = User_view_myshifts($shifts, $user_source, $its_me);
return page_with_title('<span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . ' <small>' . $user_name . '</small>', [
return page_with_title(
'<span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . ' <small>' . $user_name . '</small>',
[
msg(),
div('row space-top', [
div('col-md-12', [
buttons([
$admin_user_privilege ? button(page_link_to('admin_user') . '&id=' . $user_source['UID'], glyph("edit") . _("edit")) : '',
$admin_user_privilege ? button(user_driver_license_edit_link($user_source), glyph("road") . _("driving license")) : '',
($admin_user_privilege && ! $user_source['Gekommen']) ? button(page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'], _("arrived")) : '',
$admin_user_privilege ? button(page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'], glyph('cutlery') . _('Edit vouchers')) : '',
$its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _("Settings")) : '',
$its_me ? button(page_link_to('ical') . '&key=' . $user_source['api_key'], glyph('calendar') . _("iCal Export")) : '',
$its_me ? button(page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'], glyph('export') . _("JSON Export")) : '',
$its_me ? button(page_link_to('user_myshifts') . '&reset', glyph('repeat') . _('Reset API key')) : ''
$admin_user_privilege ? button(
page_link_to('admin_user') . '&id=' . $user_source['UID'],
glyph('edit') . _('edit')
) : '',
$admin_user_privilege ? button(
user_driver_license_edit_link($user_source),
glyph('road') . _('driving license')
) : '',
($admin_user_privilege && !$user_source['Gekommen']) ? button(
page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'],
_('arrived')
) : '',
$admin_user_privilege ? button(
page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'],
glyph('cutlery') . _('Edit vouchers')
) : '',
$its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _('Settings')) : '',
$its_me ? button(
page_link_to('ical') . '&key=' . $user_source['api_key'],
glyph('calendar') . _('iCal Export')
) : '',
$its_me ? button(
page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'],
glyph('export') . _('JSON Export')
) : '',
$its_me ? button(
page_link_to('user_myshifts') . '&reset',
glyph('repeat') . _('Reset API key')
) : ''
])
])
]),
@ -344,85 +466,131 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
'</h1>'
]),
div('col-md-3', [
'<h4>' . _("User state") . '</h4>',
($admin_user_privilege && $freeloader) ? '<span class="text-danger"><span class="glyphicon glyphicon-exclamation-sign"></span> ' . _("Freeloader") . '</span><br />' : '',
$user_source['Gekommen'] ? User_shift_state_render($user_source) . '<br />' : '',
$admin_user_privilege || $its_me ? ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . sprintf(_("Arrived at %s"), date('Y-m-d', $user_source['arrival_date'])) . '</span>' : '<span class="text-danger">' . sprintf(_("Not arrived (Planned: %s)"), date('Y-m-d', $user_source['planned_arrival_date'])) . '</span>') : ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . _("Arrived") . '</span>' : '<span class="text-danger">' . _("Not arrived") . '</span>'),
$admin_user_privilege ? ($user_source['got_voucher'] > 0 ? '<br /><span class="text-success">' . glyph('cutlery') . sprintf(ngettext("Got %s voucher", "Got %s vouchers", $user_source['got_voucher']), $user_source['got_voucher']) . '</span><br />' : '<br /><span class="text-danger">' . _("Got no vouchers") . '</span><br />') : '',
($user_source['Gekommen'] && $admin_user_privilege && $user_source['Aktiv']) ? ' <span class="text-success">' . _("Active") . '</span>' : '',
($user_source['Gekommen'] && $admin_user_privilege && $user_source['Tshirt']) ? ' <span class="text-success">' . _("T-Shirt") . '</span>' : ''
'<h4>' . _('User state') . '</h4>',
($admin_user_privilege && $freeloader)
? '<span class="text-danger"><span class="glyphicon glyphicon-exclamation-sign"></span> ' . _('Freeloader') . '</span><br />'
: '',
$user_source['Gekommen']
? User_shift_state_render($user_source) . '<br />'
: '',
$admin_user_privilege || $its_me
? (
$user_source['Gekommen']
? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> '
. sprintf(_('Arrived at %s'), date('Y-m-d', $user_source['arrival_date']))
. '</span>'
: '<span class="text-danger">'
. sprintf(_('Not arrived (Planned: %s)'), date('Y-m-d', $user_source['planned_arrival_date']))
. '</span>'
)
: (
$user_source['Gekommen']
? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . _('Arrived') . '</span>'
: '<span class="text-danger">' . _('Not arrived') . '</span>'),
$admin_user_privilege
? (
$user_source['got_voucher'] > 0
? '<br /><span class="text-success">'
. glyph('cutlery')
. sprintf(
ngettext('Got %s voucher', 'Got %s vouchers', $user_source['got_voucher']),
$user_source['got_voucher']
)
. '</span><br />'
: '<br /><span class="text-danger">' . _('Got no vouchers') . '</span><br />')
: '',
($user_source['Gekommen'] && $admin_user_privilege && $user_source['Aktiv']) ? ' <span class="text-success">' . _('Active') . '</span>' : '',
($user_source['Gekommen'] && $admin_user_privilege && $user_source['Tshirt']) ? ' <span class="text-success">' . _('T-Shirt') . '</span>' : ''
]),
div('col-md-3', [
'<h4>' . _("Angeltypes") . '</h4>',
'<h4>' . _('Angeltypes') . '</h4>',
User_angeltypes_render($user_angeltypes)
]),
div('col-md-3', [
'<h4>' . _("Rights") . '</h4>',
'<h4>' . _('Rights') . '</h4>',
User_groups_render($user_groups)
])
]),
($its_me || $admin_user_privilege) ? '<h2>' . _("Shifts") . '</h2>' : '',
($its_me || $admin_user_privilege) ? '<h2>' . _('Shifts') . '</h2>' : '',
($its_me || $admin_user_privilege) ? table([
'date' => _("Day"),
'time' => _("Time"),
'room' => _("Location"),
'shift_info' => _("Name &amp; workmates"),
'comment' => _("Comment"),
'actions' => _("Action")
'date' => _('Day'),
'time' => _('Time'),
'room' => _('Location'),
'shift_info' => _('Name &amp; workmates'),
'comment' => _('Comment'),
'actions' => _('Action')
], $myshifts_table) : '',
$its_me ? info(glyph('info-sign') . _("Your night shifts between 2 and 8 am count twice."), true) : '',
$its_me && count($shifts) == 0 ? error(sprintf(_("Go to the <a href=\"%s\">shifts table</a> to sign yourself up for some shifts."), page_link_to('user_shifts')), true) : ''
]);
$its_me ? info(glyph('info-sign') . _('Your night shifts between 2 and 8 am count twice.'), true) : '',
$its_me && count($shifts) == 0
? error(sprintf(
_('Go to the <a href="%s">shifts table</a> to sign yourself up for some shifts.'),
page_link_to('user_shifts')
), true)
: ''
]
);
}
/**
* View for password recovery step 1: E-Mail
*
* @return string
*/
function User_password_recovery_view() {
function User_password_recovery_view()
{
return page_with_title(user_password_recovery_title(), [
msg(),
_("We will send you an e-mail with a password recovery link. Please use the email address you used for registration."),
_('We will send you an e-mail with a password recovery link. Please use the email address you used for registration.'),
form([
form_text('email', _("E-Mail"), ""),
form_submit('submit', _("Recover"))
form_text('email', _('E-Mail'), ''),
form_submit('submit', _('Recover'))
])
]);
}
/**
* View for password recovery step 2: New password
*
* @return string
*/
function User_password_set_view() {
function User_password_set_view()
{
return page_with_title(user_password_recovery_title(), [
msg(),
_("Please enter a new password."),
_('Please enter a new password.'),
form([
form_password('password', _("Password")),
form_password('password2', _("Confirm password")),
form_submit('submit', _("Save"))
form_password('password', _('Password')),
form_password('password2', _('Confirm password')),
form_submit('submit', _('Save'))
])
]);
}
function User_angeltypes_render($user_angeltypes) {
/**
* @param array[] $user_angeltypes
* @return string
*/
function User_angeltypes_render($user_angeltypes)
{
$output = [];
foreach ($user_angeltypes as $angeltype) {
$class = "";
if ($angeltype['restricted'] == 1) {
if ($angeltype['confirm_user_id'] != null) {
$class = 'text-success';
} else {
if ($angeltype['restricted'] == 1 && $angeltype['confirm_user_id'] == null) {
$class = 'text-warning';
}
} else {
$class = 'text-success';
}
$output[] = '<a href="' . angeltype_link($angeltype['id']) . '" class="' . $class . '">' . ($angeltype['supporter'] ? glyph('education') : '') . $angeltype['name'] . '</a>';
$output[] = '<a href="' . angeltype_link($angeltype['id']) . '" class="' . $class . '">'
. ($angeltype['supporter'] ? glyph('education') : '') . $angeltype['name']
. '</a>';
}
return join('<br />', $output);
}
function User_groups_render($user_groups) {
/**
* @param array[] $user_groups
* @return string
*/
function User_groups_render($user_groups)
{
$output = [];
foreach ($user_groups as $group) {
$output[] = substr($group['Name'], 2);
@ -433,62 +601,87 @@ function User_groups_render($user_groups) {
/**
* Render a user nickname.
*
* @param User $user_source
* @param array $user_source
* @return string
*/
function User_Nick_render($user_source) {
return '<a class="' . ($user_source['Gekommen'] ? '' : 'text-muted') . '" href="' . page_link_to('users') . '&amp;action=view&amp;user_id=' . $user_source['UID'] . '"><span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . '</a>';
function User_Nick_render($user_source)
{
return '<a class="' . ($user_source['Gekommen'] ? '' : 'text-muted') . '" href="'
. page_link_to('users') . '&amp;action=view&amp;user_id=' . $user_source['UID']
. '"><span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . '</a>';
}
function render_user_departure_date_hint() {
/**
* @return string|null
*/
function render_user_departure_date_hint()
{
global $user;
if (!isset($user['planned_departure_date']) || $user['planned_departure_date'] == null) {
return _("Please enter your planned date of departure on your settings page to give us a feeling for teardown capacities.");
return _('Please enter your planned date of departure on your settings page to give us a feeling for teardown capacities.');
}
return null;
}
function render_user_freeloader_hint() {
global $user, $max_freeloadable_shifts;
/**
* @return string|null
*/
function render_user_freeloader_hint()
{
global $user;
if (User_is_freeloader($user)) {
return sprintf(_("You freeloaded at least %s shifts. Shift signup is locked. Please go to heavens desk to be unlocked again."), $max_freeloadable_shifts);
return sprintf(
_('You freeloaded at least %s shifts. Shift signup is locked. Please go to heavens desk to be unlocked again.'),
config('max_freeloadable_shifts')
);
}
return null;
}
// Hinweis für Engel, die noch nicht angekommen sind
function render_user_arrived_hint() {
/**
* Hinweis für Engel, die noch nicht angekommen sind
*
* @return string|null
*/
function render_user_arrived_hint()
{
global $user;
if ($user['Gekommen'] == 0) {
return _("You are not marked as arrived. Please go to heaven's desk, get your angel badge and/or tell them that you arrived already.");
return _('You are not marked as arrived. Please go to heaven\'s desk, get your angel badge and/or tell them that you arrived already.');
}
return null;
}
function render_user_tshirt_hint() {
global $enable_tshirt_size, $user;
/**
* @return string|null
*/
function render_user_tshirt_hint()
{
global $user;
if ($enable_tshirt_size && $user['Size'] == "") {
return _("You need to specify a tshirt size in your settings!");
if (config('enable_tshirt_size') && $user['Size'] == '') {
return _('You need to specify a tshirt size in your settings!');
}
return null;
}
function render_user_dect_hint() {
/**
* @return string|null
*/
function render_user_dect_hint()
{
global $user;
if ($user['DECT'] == "") {
return _("You need to specify a DECT phone number in your settings! If you don't have a DECT phone, just enter \"-\".");
if ($user['DECT'] == '') {
return _('You need to specify a DECT phone number in your settings! If you don\'t have a DECT phone, just enter \'-\'.');
}
return null;
}
?>

120
public/index.php
Unescape Escape View File

@ -20,128 +20,134 @@ $free_pages = [
];
// Gewünschte Seite/Funktion
$page = "";
$page = '';
$title = '';
$content = '';
if (!isset($_REQUEST['p'])) {
$_REQUEST['p'] = isset($user) ? "news" : "login";
$_REQUEST['p'] = isset($user) ? 'news' : 'login';
}
if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (in_array($_REQUEST['p'], $free_pages) || in_array($_REQUEST['p'], $privileges))) {
if (
isset($_REQUEST['p'])
&& preg_match('/^\w*$/i', $_REQUEST['p'])
&& (
in_array($_REQUEST['p'], $free_pages)
|| (isset($privileges) && in_array($_REQUEST['p'], $privileges))
)
) {
$page = $_REQUEST['p'];
$title = $page;
$content = "";
if ($page == "api") {
if ($page == 'api') {
error('Api disabled temporily.');
redirect(page_link_to());
require_once realpath(__DIR__ . '/../includes/controller/api.php');
error("Api disabled temporily.");
redirect(page_link_to('login'));
api_controller();
} elseif ($page == "ical") {
} elseif ($page == 'ical') {
require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
user_ical();
} elseif ($page == "atom") {
} elseif ($page == 'atom') {
require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
user_atom();
} elseif ($page == "shifts_json_export") {
} elseif ($page == 'shifts_json_export') {
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
shifts_json_export_controller();
} elseif ($page == "shifts_json_export_all") {
} elseif ($page == 'shifts_json_export_all') {
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
shifts_json_export_all_controller();
} elseif ($page == "stats") {
} elseif ($page == 'stats') {
require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
guest_stats();
} elseif ($page == "user_password_recovery") {
} elseif ($page == 'user_password_recovery') {
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
$title = user_password_recovery_title();
$content = user_password_recovery_controller();
} elseif ($page == "angeltypes") {
} elseif ($page == 'angeltypes') {
list($title, $content) = angeltypes_controller();
} elseif ($page == "shifts") {
} elseif ($page == 'shifts') {
list($title, $content) = shifts_controller();
} elseif ($page == "users") {
} elseif ($page == 'users') {
list($title, $content) = users_controller();
} elseif ($page == "user_angeltypes") {
} elseif ($page == 'user_angeltypes') {
list($title, $content) = user_angeltypes_controller();
} elseif ($page == "user_driver_licenses") {
} elseif ($page == 'user_driver_licenses') {
list($title, $content) = user_driver_licenses_controller();
} elseif ($page == "shifttypes") {
} elseif ($page == 'shifttypes') {
list($title, $content) = shifttypes_controller();
} elseif ($page == "admin_event_config") {
} elseif ($page == 'admin_event_config') {
list($title, $content) = event_config_edit_controller();
} elseif ($page == "rooms") {
} elseif ($page == 'rooms') {
list($title, $content) = rooms_controller();
} elseif ($page == "news") {
} elseif ($page == 'news') {
$title = news_title();
$content = user_news();
} elseif ($page == "news_comments") {
} elseif ($page == 'news_comments') {
require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
$title = user_news_comments_title();
$content = user_news_comments();
} elseif ($page == "user_meetings") {
} elseif ($page == 'user_meetings') {
$title = meetings_title();
$content = user_meetings();
} elseif ($page == "user_myshifts") {
} elseif ($page == 'user_myshifts') {
$title = myshifts_title();
$content = user_myshifts();
} elseif ($page == "user_shifts") {
} elseif ($page == 'user_shifts') {
$title = shifts_title();
$content = user_shifts();
} elseif ($page == "user_messages") {
} elseif ($page == 'user_messages') {
$title = messages_title();
$content = user_messages();
} elseif ($page == "user_questions") {
} elseif ($page == 'user_questions') {
$title = questions_title();
$content = user_questions();
} elseif ($page == "user_settings") {
} elseif ($page == 'user_settings') {
$title = settings_title();
$content = user_settings();
} elseif ($page == "login") {
} elseif ($page == 'login') {
$title = login_title();
$content = guest_login();
} elseif ($page == "register") {
} elseif ($page == 'register') {
$title = register_title();
$content = guest_register();
} elseif ($page == "logout") {
} elseif ($page == 'logout') {
$title = logout_title();
$content = guest_logout();
} elseif ($page == "admin_questions") {
} elseif ($page == 'admin_questions') {
$title = admin_questions_title();
$content = admin_questions();
} elseif ($page == "admin_user") {
} elseif ($page == 'admin_user') {
$title = admin_user_title();
$content = admin_user();
} elseif ($page == "admin_arrive") {
} elseif ($page == 'admin_arrive') {
$title = admin_arrive_title();
$content = admin_arrive();
} elseif ($page == "admin_active") {
} elseif ($page == 'admin_active') {
$title = admin_active_title();
$content = admin_active();
} elseif ($page == "admin_free") {
} elseif ($page == 'admin_free') {
$title = admin_free_title();
$content = admin_free();
} elseif ($page == "admin_news") {
} elseif ($page == 'admin_news') {
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
$content = admin_news();
} elseif ($page == "admin_rooms") {
} elseif ($page == 'admin_rooms') {
$title = admin_rooms_title();
$content = admin_rooms();
} elseif ($page == "admin_groups") {
} elseif ($page == 'admin_groups') {
$title = admin_groups_title();
$content = admin_groups();
} elseif ($page == "admin_language") {
require_once realpath(__DIR__ . '/../includes/pages/admin_language.php');
$content = admin_language();
} elseif ($page == "admin_import") {
} elseif ($page == 'admin_import') {
$title = admin_import_title();
$content = admin_import();
} elseif ($page == "admin_shifts") {
} elseif ($page == 'admin_shifts') {
$title = admin_shifts_title();
$content = admin_shifts();
} elseif ($page == "admin_log") {
} elseif ($page == 'admin_log') {
$title = admin_log_title();
$content = admin_log();
} elseif ($page == "credits") {
} elseif ($page == 'credits') {
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
$title = credits_title();
$content = guest_credits();
@ -152,27 +158,29 @@ if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (i
} else {
// Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
if (isset($user)) {
$title = _("No Access");
$content = _("You don't have permission to view this page. You probably have to sign in or register in order to gain access!");
$title = _('No Access');
$content = _('You don\'t have permission to view this page . You probably have to sign in or register in order to gain access!');
} else {
// Sonst zur Loginseite leiten
redirect(page_link_to("login"));
redirect(page_link_to('login'));
}
}
$event_config = EventConfig();
echo template_render(__DIR__ . '/../templates/layout.html', [
'theme' => isset($user) ? $user['color'] : $default_theme,
'theme' => isset($user) ? $user['color'] : config('theme'),
'title' => $title,
'atom_link' => ($page == 'news' || $page == 'user_meetings') ? '<link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&amp;meetings=1' : '') . '&amp;key=' . $user['api_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '',
'atom_link' => ($page == 'news' || $page == 'user_meetings')
? ' <link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&meetings=1' : '')
. '&amp;key=' . (isset($user) ? $user['api_key'] : '')
. '" type = "application/atom+xml" rel = "alternate" title = "Atom Feed">'
: '',
'menu' => make_menu(),
'content' => msg() . $content,
'header_toolbar' => header_toolbar(),
'faq_url' => $faq_url,
'contact_email' => $contact_email,
'faq_url' => config('faq_url'),
'contact_email' => config('contact_email'),
'locale' => locale(),
'event_info' => EventConfig_info($event_config) . ' <br />'
]);
?>

3
public/js/sticky-headers.js
Unescape Escape View File

@ -1,8 +1,7 @@
/**
* Enables the fixed headers and time lane for the shift-calendar and datatables
*/
$(document).ready(
function() {
$(document).ready(function () {
if ($(".shift-calendar").length) {
var timeLanes = $(".shift-calendar .time");
var headers = $(".shift-calendar .header");

28
public/maintenance.html
Unescape Escape View File

@ -14,10 +14,16 @@
<div class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
<a class="navbar-brand" href="?">
<span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
</a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse-1">
<ul class="nav navbar-nav"></ul>
@ -31,7 +37,9 @@
<div class="jumbotron">
<div class="container text-center">
<h1>
<span class="glyphicon glyphicon-scissors"></span> <span class="glyphicon glyphicon-wrench"></span> <span class="glyphicon glyphicon-fire"></span>
<span class="glyphicon glyphicon-scissors"></span>
<span class="glyphicon glyphicon-wrench"></span>
<span class="glyphicon glyphicon-fire"></span>
</h1>
<div class="col-md-6">
<h2>
@ -39,11 +47,16 @@
</h2>
<p>This may be due to...</p>
<p>
...archangels closing the gates of heaven. <br>...somebody's stolen the power chord and now the battery is empty. <br>...DHCP decided to give me another ip address.
...archangels closing the gates of heaven. <br>
...somebody's stolen the power chord and now the battery is empty. <br>
...DHCP decided to give me another ip address.
</p>
</div>
<div class="col-md-6">
<iframe width="560" height="315" src="https://www.youtube.com/embed/0aV_vHcunSQ?rel=0" frameborder="0" allowfullscreen></iframe>
<iframe width="560" height="315"
src="https://www.youtube.com/embed/0aV_vHcunSQ?rel=0"
frameborder="0" allowfullscreen>
</iframe>
</div>
</div>
</div>
@ -51,7 +64,8 @@
<div class="row">
<div class="col-md-12">
<div class="text-center footer">
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
</div>
</div>
</div>

44
public/overwhelmed.html
Unescape Escape View File

@ -14,15 +14,19 @@
<div class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="https://engelsystem.de"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
<a class="navbar-brand" href="https://engelsystem.de"><span class="icon-icon_angel"></span> <strong
class="visible-lg-inline">ENGELSYSTEM</strong></a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse-1">
<ul class="nav navbar-nav"></ul>
<ul class="nav navbar-nav navbar-right">
</ul>
<ul class="nav navbar-nav navbar-right"></ul>
</div>
</div>
</div>
@ -32,13 +36,28 @@
<div class="container text-center">
<div class="col-md-6 col-md-offset-3">
<h2>Dear Angels,</h2>
<p>The great interest in becoming an angel and participating at 33C3 is is something we are grateful for every time. There is a record number of angels and helping volunteers this year.</p>
<p>We did anticipate a great number but we are overwhelmed by this endless wave of support. We do want to enable each and every one of you to be an angel at the congress, but sadly our resources and capacities at Heaven are limited. The amount of angels at this point is beyond our
planing and to ensure we can support the angels already checked in. We did make a choice never thought possible on a chaos event:</p>
<p>We closed the registration in the Engelsystem and at Heaven Desk at 19:00 27. Dec. 2016.</p>
<p>Everyone of us works for you to support you in being an angel, but the Heaven Desk and the Kitchen among others are limited and so we decided to focus our effort to support those of you already arrived to the best of our abilities.</p>
<p>
For the Heaven Team<br /> Agnes, Jen, LLF and Knuth
The great interest in becoming an angel and participating at 33C3 is is something we are
grateful for every time. There is a record number of angels and helping volunteers this year.
</p>
<p>
We did anticipate a great number but we are overwhelmed by this endless wave of support. We do
want to enable each and every one of you to be an angel at the congress, but sadly our resources
and capacities at Heaven are limited. The amount of angels at this point is beyond our
planing and to ensure we can support the angels already checked in. We did make a choice never
thought possible on a chaos event:
</p>
<p>
We closed the registration in the Engelsystem and at Heaven Desk at 19:00 27. Dec. 2016.
</p>
<p>
Everyone of us works for you to support you in being an angel, but the Heaven Desk and the
Kitchen among others are limited and so we decided to focus our effort to support those of you
already arrived to the best of our abilities.
</p>
<p>
For the Heaven Team<br/>
Agnes, Jen, LLF and Knuth
</p>
</div>
</div>
@ -47,7 +66,8 @@
<div class="row">
<div class="col-md-12">
<div class="text-center footer">
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
</div>
</div>
</div>

2
public/vendor/bootstrap vendored
Unescape Escape View File

@ -1 +1 @@
../../themes/assets/bootstrap/dist
../../vendor/twbs/bootstrap/dist

86
shift_markup.html
Unescape Escape View File

@ -1,86 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<link rel="stylesheet" type="text/css" href="public/css/theme3.css" />
<style>
</style>
</head>
<body>
<div class="shift-calendar">
<div class="lane time">
<div class="header">Time</div>
<div class="tick day">2016-12-27 00:00</div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick hour">11:00</div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick hour">12:00</div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick hour">13:00</div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
</div>
<div class="lane">
<div class="header">
<span class="glyphicon glyphicon-map-marker"></span> Bottle Sorting (Hall H)
</div>
<div class="tick day"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="shift panel panel-success" style="height: 160px;">
<div class="panel-heading">
<a href="?p=shifts&amp;action=view&amp;shift_id=2696">00:00 02:00 — Bottle Collection</a>
<div class="pull-right">
<div class="btn-group">
<a href="?p=user_shifts&amp;edit_shift=2696" class="btn btn-default btn-xs"> <span class="glyphicon glyphicon-edit"></span>
</a> <a href="?p=user_shifts&amp;delete_shift=2696" class="btn btn-default btn-xs"> <span class="glyphicon glyphicon-trash"></span>
</a>
</div>
</div>
</div>
<div class="panel-body">
<span class="glyphicon glyphicon-info-sign"></span> Bottle Collection Quick Response Team<br> <a href="?p=rooms&amp;action=view&amp;room_id=42"> <span class="glyphicon glyphicon-map-marker"></span> Bottle Sorting (Hall H)
</a>
</div>
<ul class="list-group">
<li class="list-group-item"><strong><a href="?p=angeltypes&amp;action=view&amp;angeltype_id=104575">Angel</a>:</strong> <span style=""><a class="" href="?p=users&amp;action=view&amp;user_id=1755"><span class="icon-icon_angel"></span> Pantomime</a></span>, <span style=""><a
class="" href="?p=users&amp;action=view&amp;user_id=50"><span class="icon-icon_angel"></span> sandzwerg</a></span></li>
<li class="list-group-item"><a href="?p=user_shifts&amp;shift_id=2696&amp;type_id=104575" class="btn btn-default btn-xs">Neue Engel hinzufügen</a></li>
</ul>
<div class="shift-spacer"></div>
</div>
<div class="tick hour"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
</div>
<div class="lane">
<div class="header"></div>
<div class="tick day"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick hour"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick hour"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick hour"></div>
<div class="tick"></div>
<div class="tick"></div>
<div class="tick"></div>
</div>
</div>
</body>
</html>

128
src/Config/Config.php
Unescape Escape View File

@ -0,0 +1,128 @@
<?php
namespace Engelsystem\Config;
use ErrorException;
class Config
{
/**
* @var self
*/
protected static $instance;
/**
* The config values
*
* @var array
*/
protected $data = [];
/**
* @param string|null $key
* @param mixed $default
* @return mixed
*/
public function get($key, $default = null)
{
if (is_null($key)) {
return $this->data;
}
if ($this->has($key)) {
return $this->data[$key];
}
return $default;
}
/**
* @param string|array $key
* @param mixed $value
*/
public function set($key, $value = null)
{
if (is_array($key)) {
foreach ($key as $configKey => $configValue) {
$this->set($configKey, $configValue);
}
return;
}
$this->data[$key] = $value;
}
/**
* @param string $key
* @return bool
*/
public function has($key)
{
return isset($this->data[$key]);
}
/**
* @param string $key
*/
public function remove($key)
{
unset($this->data[$key]);
}
/**
* @param string $key
* @return mixed
*/
public function __get($key)
{
return $this->get($key);
}
/**
* @param string $key
* @param mixed $value
*/
public function __set($key, $value)
{
$this->set($key, $value);
}
/**
* @param string $key
* @return bool
*/
public function __isset($key)
{
return $this->has($key);
}
/**
* @param string $key
*/
public function __unset($key)
{
$this->remove($key);
}
/**
* @return Config
* @throws ErrorException
*/
public static function getInstance()
{
if (!self::$instance instanceof self) {
throw new ErrorException('Config not initialized');
}
return self::$instance;
}
/**
* @param self $instance
*/
public static function setInstance($instance)
{
self::$instance = $instance;
}
}

170
src/Database/Db.php
Unescape Escape View File

@ -0,0 +1,170 @@
<?php
namespace Engelsystem\Database;
use PDO;
use PDOException;
use PDOStatement;
class Db
{
/** @var PDO */
protected static $db;
/** @var PDOStatement */
protected static $stm = null;
/** @var bool */
protected static $lastStatus = true;
/**
* Connect to database
*
* @param string $dsn
* @param string $username
* @param string $password
* @param array $options
* @return bool
*/
public static function connect($dsn, $username = null, $password = null, $options = [])
{
try {
self::$db = new PDO($dsn, $username, $password, $options);
} catch (PDOException $e) {
return false;
}
return true;
}
/**
* Run a prepared query
*
* @param string $query
* @param array $bindings
* @return PDOStatement
*/
public static function query($query, array $bindings = [])
{
self::$stm = self::$db->prepare($query);
self::$lastStatus = self::$stm->execute($bindings);
return self::$stm;
}
/**
* Run a sql query
*
* @param string $query
* @return bool
*/
public static function unprepared($query)
{
self::$stm = self::$db->query($query);
self::$lastStatus = (self::$stm instanceof PDOStatement);
return self::$lastStatus;
}
/**
* Run a select query
*
* @param string $query
* @param array $bindings
* @return array
*/
public static function select($query, array $bindings = [])
{
self::query($query, $bindings);
return self::$stm->fetchAll(PDO::FETCH_ASSOC);
}
/**
* Run a insert query
*
* @param string $query
* @param array $bindings
* @return bool
*/
public static function insert($query, array $bindings = [])
{
self::query($query, $bindings);
return self::$lastStatus;
}
/**
* Run a update query
*
* @param string $query
* @param array $bindings
* @return int|null
*/
public static function update($query, array $bindings = [])
{
self::query($query, $bindings);
return (self::$lastStatus ? self::$stm->rowCount() : null);
}
/**
* Run a delete query
*
* @param string $query
* @param array $bindings
* @return int|null
*/
public static function delete($query, array $bindings = [])
{
self::query($query, $bindings);
return (self::$lastStatus ? self::$stm->rowCount() : null);
}
/**
* Run a single statement
*
* @param string $query
* @param array $bindings
* @return bool
*/
public static function statement($query, array $bindings = [])
{
self::query($query, $bindings);
return self::$lastStatus;
}
/**
* Returns the last error
*
* @return array
*/
public static function getError()
{
if (!self::$stm instanceof PDOStatement) {
return [-1, null, null];
}
return self::$stm->errorInfo();
}
/**
* Get the PDO instance
*
* @return PDO
*/
public static function getPdo()
{
return self::$db;
}
/**
* @return PDOStatement|false|null
*/
public static function getStm()
{
return self::$stm;
}
}

97
src/Exceptions/Handler.php
Unescape Escape View File

@ -0,0 +1,97 @@
<?php
namespace Engelsystem\Exceptions;
use Exception;
class Handler
{
/** @var string */
protected $environment;
const ENV_PRODUCTION = 'prod';
const ENV_DEVELOPMENT = 'dev';
/**
* Handler constructor.
*
* @param string $environment production|development
*/
public function __construct($environment = self::ENV_PRODUCTION)
{
$this->environment = $environment;
set_error_handler([$this, 'errorHandler']);
set_exception_handler([$this, 'exceptionHandler']);
}
/**
* @param int $number
* @param string $string
* @param string $file
* @param int $line
* @param array $context
*/
public function errorHandler($number, $string, $file, $line, $context)
{
$this->handle('error', $number, $string, $file, $line, $context);
}
/**
* @param Exception $e
*/
public function exceptionHandler(Exception $e)
{
$this->handle(
'exception',
$e->getCode(),
get_class($e) . ': ' . $e->getMessage(),
$e->getFile(),
$e->getLine(),
['exception' => $e]
);
}
/**
* @param string $type
* @param int $number
* @param string $string
* @param string $file
* @param int $line
* @param array $context
*/
protected function handle($type, $number, $string, $file, $line, $context = [])
{
error_log(sprintf('%s: Number: %s, String: %s, File: %s:%u, Context: %s',
$type,
$number,
$string,
$file,
$line,
json_encode($context)
));
if ($this->environment == self::ENV_DEVELOPMENT) {
echo '<pre style="background-color:#333;color:#ccc;z-index:1000;position:fixed;bottom:1em;padding:1em;width:97%;overflow-y:auto;">';
echo sprintf('%s: (%s)' . PHP_EOL, ucfirst($type), $number);
var_export([
'string' => $string,
'file' => $file . ':' . $line,
'context' => ($this->environment == self::ENV_DEVELOPMENT ? $context : null),
]);
echo '</pre>';
die();
}
echo 'An <del>un</del>expected error occurred, a team of untrained monkeys has been dispatched to deal with it.';
die();
}
/**
* @param string $environment
*/
public function setEnvironment($environment)
{
$this->environment = $environment;
}
}

24
src/helpers.php
Unescape Escape View File

@ -0,0 +1,24 @@
<?php
// Some useful functions
use Engelsystem\Config\Config;
/**
* Get or set config values
*
* @param string|array $key
* @param mixed $default
* @return mixed|Config
*/
function config($key = null, $default = null)
{
if (empty($key)) {
return Config::getInstance();
}
if (is_array($key)) {
Config::getInstance()->set($key);
}
return Config::getInstance()->get($key, $default);
}

16
templates/guest_credits.html
Unescape Escape View File

@ -4,17 +4,25 @@
<div class="col-md-4">
<h2>Source code</h2>
<p>
The original system was written by <a href="https://github.com/cookieBerlin/engelsystem">cookie</a>. It was then completely rewritten and greatly enhanced by <a href="http://notrademark.de/">msquare</a> and <a href="http://mortzu.de/">mortzu</a> of <a href="http://planetcyborg.de">planet
cyborg</a>, <a href="http://jplitza.de/">jplitza</a> and gnomus.
The original system was written by <a href="https://github.com/cookieBerlin/engelsystem">cookie</a>.
It was then completely rewritten and greatly enhanced by <a href="http://notrademark.de/">msquare</a>
and <a href="http://myigel.name/">MyIgel</a>,
<a href="http://mortzu.de/">mortzu</a> of <a href="http://planetcyborg.de">planet cyborg</a>,
<a href="http://jplitza.de/">jplitza</a> and gnomus.
</p>
<p>
Please look at the <a href="https://github.com/engelsystem/engelsystem/graphs/contributors">contributor list on github</a> for a more complete version.
Please look at the <a href="https://github.com/engelsystem/engelsystem/graphs/contributors">contributor
list on github</a> for a more complete version.
</p>
</div>
<div class="col-md-4">
<h2>Hosting</h2>
<p>
Webspace, development platform and domain is currently provided by <a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)<br /> and adminstrated by <a href="http://mortzu.de/">mortzu</a>, <a href="http://derf.homelinux.org/">derf</a> and ichdasich.
Webspace, development platform and domain is currently provided by
<a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)<br/>
and adminstrated by <a href="http://mortzu.de/">mortzu</a>,
<a href="http://derf.homelinux.org/">derf</a>
and ichdasich.
</p>
</div>
<div class="col-md-4">

15
templates/layout.html
Unescape Escape View File

@ -15,8 +15,12 @@
<div class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
</div>
@ -30,8 +34,11 @@
<hr/>
<div class="text-center footer" style="margin-bottom: 10px;">
%event_info%
<a href="%faq_url%">FAQ</a> · <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a> · <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development
Platform</a> · <a href="?p=credits">Credits</a>
<a href="%faq_url%">FAQ</a>
· <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a>
· <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
· <a href="?p=credits">Credits</a>
</div>
</div>
</div>

6
templates/user_shifts.html
Unescape Escape View File

@ -17,7 +17,8 @@
<div class="form-group">%start_select%</div>
<div class="form-group">
<div class="input-group">
<input class="form-control" type="text" id="start_time" name="start_time" size="5" pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
<input class="form-control" type="text" id="start_time" name="start_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
<div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');">
<span class="glyphicon glyphicon-time"></span>
@ -29,7 +30,8 @@
<div class="form-group">%end_select%</div>
<div class="form-group">
<div class="input-group">
<input class="form-control" type="text" id="end_time" name="end_time" size="5" pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
<input class="form-control" type="text" id="end_time" name="end_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
<div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');">
<span class="glyphicon glyphicon-time"></span>

18
test/model/LogEntriesModelTest.php
Unescape Escape View File

@ -2,13 +2,15 @@
namespace Engelsystem\Test;
class LogEntriesModelTest extends \PHPUnit_Framework_TestCase {
public function create_LogEntry() {
class LogEntriesModelTest extends \PHPUnit_Framework_TestCase
{
public function create_LogEntry()
{
LogEntry_create('test', 'test');
}
public function test_LogEntry_create() {
public function test_LogEntry_create()
{
$count = count(LogEntries());
$this->assertNotFalse(LogEntry_create('test', 'test_LogEntry_create'));
@ -16,7 +18,8 @@ class LogEntriesModelTest extends \PHPUnit_Framework_TestCase {
$this->assertEquals(count(LogEntries()), $count + 1);
}
public function test_LogEntries_clear_all() {
public function test_LogEntries_clear_all()
{
$this->create_LogEntry();
$this->assertTrue(count(LogEntries()) > 0);
$this->assertNotFalse(LogEntries_clear_all());
@ -26,9 +29,8 @@ class LogEntriesModelTest extends \PHPUnit_Framework_TestCase {
/**
* @after
*/
public function teardown() {
public function teardown()
{
LogEntries_clear_all();
}
}
?>

15
test/model/RoomModelTest.php
Unescape Escape View File

@ -2,15 +2,17 @@
namespace Engelsystem\Test;
class RoomModelTest extends \PHPUnit_Framework_TestCase {
class RoomModelTest extends \PHPUnit_Framework_TestCase
{
private $room_id = null;
public function create_Room() {
public function create_Room()
{
$this->room_id = Room_create('test', false, true, '');
}
public function test_Room() {
public function test_Room()
{
$this->create_Room();
$room = Room($this->room_id);
@ -25,11 +27,10 @@ class RoomModelTest extends \PHPUnit_Framework_TestCase {
/**
* @after
*/
public function teardown() {
public function teardown()
{
if ($this->room_id != null) {
Room_delete($this->room_id);
}
}
}
?>

1
themes/assets/bootstrap

@ -1 +0,0 @@
Subproject commit ad716b9ea9506456f28e2c1bcdd7b4a81b44c11c

Some files were not shown because too many files have changed in this diff Show More