split user setting in different files

15 years ago · 6cfc2d6da0
parent 93e0fc9705
commit 6cfc2d6da0
10 changed files with 509 additions and 201 deletions
--- a/DB/Sprache.sql
+++ b/DB/Sprache.sql
@ -574,8 +574,14 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/shiftadd.php'
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/shiftadd.php', 'EN', ' ');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/schichtplan_druck.php', 'DE', ' ');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/schichtplan_druck.php', 'EN', ' ');
-INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user2.php', 'DE', ' ');
-INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user2.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeNormal.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeNormal.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeSecure.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userChangeSecure.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveNormal.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveNormal.php', 'EN', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveSecure.php', 'DE', ' ');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userSaveSecure.php', 'EN', ' ');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dbUpdateFromXLS.php', 'DE', 'UpdateDB');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dbUpdateFromXLS.php', 'EN', 'UpdateDB');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect.php', 'DE', 'Dect');
@ -584,6 +590,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect_call.php
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/dect_call.php', 'EN', ' ');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user.php', 'DE', 'Engelliste');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/user.php', 'EN', 'Engel-list');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'DE', 'Benutzer Gruppen');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'EN', 'User Group');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userDefaultSetting.php', 'DE', 'Engel Voreinstellungen');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/userDefaultSetting.php', 'EN', 'Engel Default Setting');
 INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/UserPicture.php', 'DE', 'Benutzerbilder');
--- a/DB/UserCVS.sql
+++ b/DB/UserCVS.sql
@ -18,51 +18,56 @@
 DROP TABLE IF EXISTS `UserCVS`;
 CREATE TABLE `UserCVS` (
  `UID` int(11) NOT NULL default '0',
-  `index.php` char(1) NOT NULL default 'N',
-  `logout.php` char(1) NOT NULL default 'Y',
-  `faq.php` char(1) NOT NULL default 'Y',
-  `lageplan.php` char(1) NOT NULL default 'N',
-  `makeuser.php` char(1) NOT NULL default 'N',
-  `nonpublic/index.php` char(1) NOT NULL default 'Y',
-  `nonpublic/news.php` char(1) NOT NULL default 'Y',
-  `nonpublic/newsAddMeting` char(1) NOT NULL default 'N',
-  `nonpublic/news_comments.php` char(1) NOT NULL default 'Y',
-  `nonpublic/myschichtplan.php` char(1) NOT NULL default 'Y',
-  `nonpublic/myschichtplan_ical.php` char(1) NOT NULL default 'Y',
-  `nonpublic/engelbesprechung.php` char(1) NOT NULL default 'Y',
-  `nonpublic/schichtplan.php` char(1) NOT NULL default 'Y',
-  `nonpublic/schichtplan_add.php` char(1) NOT NULL default 'Y',
-  `nonpublic/wecken.php` char(1) NOT NULL default 'N',
-  `nonpublic/waeckliste.php` char(1) NOT NULL default 'N',
-  `nonpublic/messages.php` char(1) NOT NULL default 'Y',
-  `nonpublic/faq.php` char(1) NOT NULL default 'Y',
-  `nonpublic/einstellungen.php` char(1) NOT NULL default 'Y',
-  `Change T_Shirt Size` char(1) NOT NULL default 'Y',
-  `admin/index.php` char(1) NOT NULL default 'N',
-  `admin/room.php` char(1) NOT NULL default 'N',
-  `admin/EngelType.php` char(1) NOT NULL default 'N',
-  `admin/schichtplan.php` char(1) NOT NULL default 'N',
-  `admin/shiftadd.php` char(1) NOT NULL default 'N',
-  `admin/schichtplan_druck.php` char(1) NOT NULL default 'N',
-  `admin/user.php` char(1) NOT NULL default 'N',
-  `admin/user2.php` char(1) NOT NULL default 'N',
-  `admin/userDefaultSetting.php` char(1) NOT NULL default 'N',
-  `admin/UserPicture.php` char(1) NOT NULL default 'N',
-  `admin/userArrived.php` char(1) NOT NULL default 'N',
-  `admin/aktiv.php` char(1) NOT NULL default 'N',
-  `admin/tshirt.php` char(1) NOT NULL default 'N',
-  `admin/news.php` char(1) NOT NULL default 'N',
-  `admin/faq.php` char(1) NOT NULL default 'N',
-  `admin/free.php` char(1) NOT NULL default 'N',
-  `admin/sprache.php` char(1) NOT NULL default 'N',
-  `admin/dect.php` char(1) NOT NULL default 'N',
-  `admin/dect_call.php` char(1) NOT NULL default 'N',
-  `admin/dbUpdateFromXLS.php` char(1) NOT NULL default 'N',
-  `admin/Recentchanges.php` char(1) NOT NULL default 'N',
-  `admin/debug.php` char(1) NOT NULL default 'N',
-  `Herald` char(1) NOT NULL default 'N',
-  `Info` char(1) NOT NULL default 'N',
-  `Conference` char(1) NOT NULL default 'N',
+  `GroupID` int(11) default NULL,
+  `index.php` char(1) NOT NULL default 'G',
+  `logout.php` char(1) NOT NULL default 'G',
+  `faq.php` char(1) NOT NULL default 'G',
+  `lageplan.php` char(1) NOT NULL default 'G',
+  `makeuser.php` char(1) NOT NULL default 'G',
+  `nonpublic/index.php` char(1) NOT NULL default 'G',
+  `nonpublic/news.php` char(1) NOT NULL default 'G',
+  `nonpublic/newsAddMeting` char(1) NOT NULL default 'G',
+  `nonpublic/news_comments.php` char(1) NOT NULL default 'G',
+  `nonpublic/myschichtplan.php` char(1) NOT NULL default 'G',
+  `nonpublic/myschichtplan_ical.php` char(1) NOT NULL default 'G',
+  `nonpublic/engelbesprechung.php` char(1) NOT NULL default 'G',
+  `nonpublic/schichtplan.php` char(1) NOT NULL default 'G',
+  `nonpublic/schichtplan_add.php` char(1) NOT NULL default 'G',
+  `nonpublic/wecken.php` char(1) NOT NULL default 'G',
+  `nonpublic/waeckliste.php` char(1) NOT NULL default 'G',
+  `nonpublic/messages.php` char(1) NOT NULL default 'G',
+  `nonpublic/faq.php` char(1) NOT NULL default 'G',
+  `nonpublic/einstellungen.php` char(1) NOT NULL default 'G',
+  `Change T_Shirt Size` char(1) NOT NULL default 'G',
+  `admin/index.php` char(1) NOT NULL default 'G',
+  `admin/room.php` char(1) NOT NULL default 'G',
+  `admin/EngelType.php` char(1) NOT NULL default 'G',
+  `admin/schichtplan.php` char(1) NOT NULL default 'G',
+  `admin/shiftadd.php` char(1) NOT NULL default 'G',
+  `admin/schichtplan_druck.php` char(1) NOT NULL default 'G',
+  `admin/user.php` char(1) NOT NULL default 'G',
+  `admin/userChangeNormal.php` char(1) NOT NULL default 'G',
+  `admin/userChangeSecure.php` char(1) NOT NULL default 'G',
+  `admin/userSaveNormal.php` char(1) NOT NULL default 'G',
+  `admin/userSaveSecure.php` char(1) NOT NULL default 'G',
+  `admin/group.php` char(1) NOT NULL default 'G',
+  `admin/userDefaultSetting.php` char(1) NOT NULL default 'G',
+  `admin/UserPicture.php` char(1) NOT NULL default 'G',
+  `admin/userArrived.php` char(1) NOT NULL default 'G',
+  `admin/aktiv.php` char(1) NOT NULL default 'G',
+  `admin/tshirt.php` char(1) NOT NULL default 'G',
+  `admin/news.php` char(1) NOT NULL default 'G',
+  `admin/faq.php` char(1) NOT NULL default 'G',
+  `admin/free.php` char(1) NOT NULL default 'G',
+  `admin/sprache.php` char(1) NOT NULL default 'G',
+  `admin/dect.php` char(1) NOT NULL default 'G',
+  `admin/dect_call.php` char(1) NOT NULL default 'G',
+  `admin/dbUpdateFromXLS.php` char(1) NOT NULL default 'G',
+  `admin/Recentchanges.php` char(1) NOT NULL default 'G',
+  `admin/debug.php` char(1) NOT NULL default 'G',
+  `Herald` char(1) NOT NULL default 'G',
+  `Info` char(1) NOT NULL default 'G',
+  `Conference` char(1) NOT NULL default 'G',
  PRIMARY KEY  (`UID`)
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1;

@ -70,141 +75,3 @@ CREATE TABLE `UserCVS` (
 -- Daten f?r Tabelle `UserCVS`
 -- 

-INSERT INTO `UserCVS` (`UID`,
- `index.php`,
- `logout.php`,
- `faq.php`,
- `lageplan.php`,
- `makeuser.php`,
- `nonpublic/index.php`,
- `nonpublic/news.php`,
- `nonpublic/newsAddMeting`,
- `nonpublic/news_comments.php`,
- `nonpublic/myschichtplan.php`,
- `nonpublic/myschichtplan_ical.php`,
- `nonpublic/engelbesprechung.php`,
- `nonpublic/schichtplan.php`,
- `nonpublic/schichtplan_add.php`,
- `nonpublic/wecken.php`,
- `nonpublic/waeckliste.php`,
- `nonpublic/messages.php`,
- `nonpublic/faq.php`,
- `nonpublic/einstellungen.php`,
- `Change T_Shirt Size`,
- `admin/index.php`,
- `admin/room.php`,
- `admin/EngelType.php`,
- `admin/schichtplan.php`,
- `admin/shiftadd.php`,
- `admin/schichtplan_druck.php`,
- `admin/user.php`,
- `admin/user2.php`,
- `admin/userDefaultSetting.php`,
- `admin/UserPicture.php`,
- `admin/aktiv.php`,
- `admin/tshirt.php`,
- `admin/news.php`,
- `admin/faq.php`,
- `admin/free.php`,
- `admin/sprache.php`,
- `admin/dect.php`,
- `admin/dect_call.php`,
- `admin/dbUpdateFromXLS.php`,
- `admin/Recentchanges.php`,
- `admin/debug.php`,
- `Herald`,
- `Info`,
- `Conference`) VALUES
-
-(-1, 
- 'Y',
- 'N',
- 'Y',
- 'N',
- 'Y',
- 'Y',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N',
- 'N'),
--    1    2    3    4    5    6    7    8    9   10   11   12   13   14   15   16   17   18   19   20   21   22   23   24   25   26   27   28   29   30   31   32   33   34   35   36   37   38   39   40   41   42   43
-(1, 
- 'N',
- 'Y',
- 'N',
- 'N',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'N',
- 'N',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'Y',
- 'N');
-
--- a/DB/update_20100112_2300.sql
+++ b/DB/update_20100112_2300.sql
@ -1,2 +1,5 @@
 ALTER TABLE `UserCVS` ADD `GroupID` INT NULL AFTER `UID` ;
+ALTER TABLE `UserCVS` ADD `admin\group.php` CHAR( 1 ) NOT NULL DEFAULT 'N' AFTER `admin/userDefaultSetting.php` ;

+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'DE', 'Benutzer Gruppen');
+INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('admin/group.php', 'EN', 'User Group');
--- a/www-ssl/admin/group.php
+++ b/www-ssl/admin/group.php
@ -0,0 +1,40 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Editieren der Engelliste";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+
+if (!IsSet($_GET["enterGID"]))
+{
+	// Userliste, keine UID uebergeben...
+
+	$SQL = "SELECT * FROM `UserGroups` ORDER BY `Name` ASC";
+	$Erg = mysql_query($SQL, $con);
+	echo mysql_error($con);
+
+	// anzahl zeilen
+	$Zeilen  = mysql_num_rows($Erg);
+
+	echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
+	echo "<tr class=\"contenttopic\">\n";
+	echo "\t<td>Groupname</td>\n";
+	echo "\t<td>-</td>\n";
+	echo "</tr>\n";
+
+	for ($n = 0 ; $n < $Zeilen ; $n++) {
+		echo "<tr class=\"content\">\n";
+		echo "\t<td>".mysql_result($Erg, $n, "Name")."</td>\n";
+		
+		echo "<td><a href=\"./userChangeSecure.php?enterUID=".
+			mysql_result($Erg, $n, "UID")."&Type=Secure\">change</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "\t</table>\n";
+	// Ende Userliste
+} 
+
+include ("../../includes/footer.php");
+?>
+
+
--- a/www-ssl/admin/pic
+++ b/www-ssl/admin/pic
@ -1 +0,0 @@
-../pic
--- a/www-ssl/admin/user.php
+++ b/www-ssl/admin/user.php
@ -90,24 +90,11 @@ if (!IsSet($_GET["enterUID"]))
 		echo "\t<td>".mysql_result($Erg, $n, "Aktiv")."</td>\n";
 		$Tshirt += mysql_result($Erg, $n, "Tshirt");
 		echo "\t<td>".mysql_result($Erg, $n, "Tshirt")."</td>\n";
-		echo "\t<td><a href=\"./user.php?enterUID=".
+		echo "\t<td><a href=\"./userChangeNormal.php?enterUID=".
 			mysql_result($Erg, $n, "UID")."&Type=Normal\">&Auml;nd.</a></td>\n";
 		echo "\t<td>";
 		
-		//check userCVS=OK
-		$SQL2 = "SELECT `UID` FROM `UserCVS` WHERE (`UID`='". mysql_result($Erg, $n, "UID"). "')";
-		$Erg2 = mysql_query($SQL2, $con);
-		echo mysql_error($con);
-		if( mysql_num_rows($Erg2)==0)
-		{
-			$SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('". mysql_result($Erg, $n, "UID"). "');";
-			$Erg3 = db_query($SQL3, "admin/user.php auto CVS create");
-			if( $Erg3 )
-				echo "was create<br>\n";
-			else
-				echo mysql_error($con);
-		}
-		echo "<a href=\"./user.php?enterUID=".
+		echo "<a href=\"./userChangeSecure.php?enterUID=".
 			mysql_result($Erg, $n, "UID")."&Type=Secure\">Secure</a></td>\n";
 		echo "</tr>\n";
 	}
--- a/www-ssl/admin/userChangeNormal.php
+++ b/www-ssl/admin/userChangeNormal.php
@ -0,0 +1,143 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Editieren der Engelliste";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+
+if (IsSet($_GET["enterUID"]))
+{ 
+	// UserID wurde mit uebergeben --> Aendern...
+
+	echo "Hallo,<br>".
+	 	"hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' ".
+		"wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ".
+		"dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ".
+		"Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
+		"bereits sein T-Shirt erhalten hat.<br><br>\n";
+
+	echo "<form action=\"./userSaveNormal.php?action=change\" method=\"POST\">\n";
+	echo "<table border=\"0\">\n";
+	echo "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
+
+	$SQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["enterUID"]. "'";
+	$Erg = mysql_query($SQL, $con);
+		
+	if (mysql_num_rows($Erg) != 1) 
+		echo "<tr><td>Sorry, der Engel (UID=". $_GET["enterUID"]. 
+			") wurde in der Liste nicht gefunden.</td></tr>";
+	else
+	{
+		echo "<tr><td>\n";
+		echo "<table>\n";
+		echo "  <tr><td>Nick</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eNick\" value=\"".
+			mysql_result($Erg, 0, "Nick")."\"></td></tr>\n";
+		echo "  <tr><td>lastLogIn</td><td>".
+			"<input type=\"text\" size=\"20\" name=\"elastLogIn\" value=\"".
+			mysql_result($Erg, 0, "lastLogIn"). "\" disabled></td></tr>\n";
+		echo "  <tr><td>Name</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eName\" value=\"".
+			mysql_result($Erg, 0, "Name")."\"></td></tr>\n";
+		echo "  <tr><td>Vorname</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"".
+			mysql_result($Erg, 0, "Vorname")."\"></td></tr>\n";
+		echo "  <tr><td>Alter</td><td>".
+			"<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"".
+			mysql_result($Erg, 0, "Alter")."\"></td></tr>\n";
+		echo "  <tr><td>Telefon</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"".
+			mysql_result($Erg, 0, "Telefon")."\"></td></tr>\n";
+		echo "  <tr><td>Handy</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"".
+			mysql_result($Erg, 0, "Handy")."\"></td></tr>\n";
+		echo "  <tr><td>DECT</td><td>".
+			"<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"".
+			mysql_result($Erg, 0, "DECT")."\"></td></tr>\n";
+		echo "  <tr><td>email</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eemail\" value=\"".
+			mysql_result($Erg, 0, "email")."\"></td></tr>\n";
+		echo "  <tr><td>ICQ</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"".
+			mysql_result($Erg, 0, "ICQ")."\"></td></tr>\n";
+		echo "  <tr><td>jabber</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"".
+			mysql_result($Erg, 0, "jabber")."\"></td></tr>\n";
+		echo "  <tr><td>Size</td><td>".
+			"<input type=\"text\" size=\"5\" name=\"eSize\" value=\"".
+			mysql_result($Erg, 0, "Size")."\"></td></tr>\n";
+		echo "  <tr><td>Passwort</td><td>".
+			"<a href=\"./user2.php?action=newpw&eUID="
+			.mysql_result($Erg, 0, "UID")."\">neues Kennwort setzen</a></td></tr>\n";
+ 
+		// Gekommen? 
+		echo "  <tr><td>Gekommen</td><td>\n";
+		echo "      <input type=\"radio\" name=\"eGekommen\" value=\"0\"";
+		if (mysql_result($Erg, 0, "Gekommen")=='0') 
+			echo " checked"; 
+		echo ">No \n";
+		echo "      <input type=\"radio\" name=\"eGekommen\" value=\"1\"";
+		if (mysql_result($Erg, 0, "Gekommen")=='1') 
+			echo " checked";
+		echo ">Yes \n";
+		echo "</td></tr>\n";
+
+		// Aktiv?
+		echo "  <tr><td>Aktiv</td><td>\n";
+		echo "      <input type=\"radio\" name=\"eAktiv\" value=\"0\"";
+		if (mysql_result($Erg, 0, "Aktiv")=='0') 
+			echo " checked";
+		echo ">No \n";
+		echo "      <input type=\"radio\" name=\"eAktiv\" value=\"1\"";
+		if (mysql_result($Erg, 0, "Aktiv")=='1') 
+			echo " checked"; 
+		echo ">Yes \n";
+		echo "</td></tr>\n";
+
+		// T-Shirt bekommen? 
+		echo "  <tr><td>T-Shirt</td><td>\n";
+		echo "      <input type=\"radio\" name=\"eTshirt\" value=\"0\"";
+		if (mysql_result($Erg, 0, "Tshirt")=='0')
+			echo " checked";
+		echo ">No \n";
+		echo "      <input type=\"radio\" name=\"eTshirt\" value=\"1\"";
+		if (mysql_result($Erg, 0, "Tshirt")=='1') 
+			echo " checked";
+		echo ">Yes \n";
+		echo "</td></tr>\n";
+
+		// Menu links/rechts 
+		echo "  <tr><td>Menu</td><td>\n";
+		echo "      <input type=\"radio\" name=\"eMenu\" value=\"L\"";
+		if (mysql_result($Erg, 0, "Menu")=='L')
+			echo " checked";
+		echo ">L \n";
+		echo "      <input type=\"radio\" name=\"eMenu\" value=\"R\"";
+		if (mysql_result($Erg, 0, "Menu")=='R') 
+			echo " checked";
+		echo ">R \n";
+		echo "</td></tr>\n";
+			
+		echo "  <tr><td>Hometown</td><td>".
+			"<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"".
+			mysql_result($Erg, 0, "Hometown")."\"></td></tr>\n";
+		
+		echo "</table>\n</td><td valign=\"top\">". displayavatar($_GET["enterUID"], FALSE). "</td></tr>";
+	}
+
+	echo "</td></tr>\n";
+	echo "</table>\n<br>\n";
+	echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+	echo "<input type=\"submit\" value=\"sichern...\">\n";
+	echo "</form>";
+
+	echo "<form action=\"./userSaveNormal.php?action=delete\" method=\"POST\">\n";
+	echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+	echo "<input type=\"submit\" value=\"l&ouml;schen...\">\n";
+	echo "</form>";
+}
+
+include ("../../includes/footer.php");
+?>
+
+
--- a/www-ssl/admin/userChangeSecure.php
+++ b/www-ssl/admin/userChangeSecure.php
@ -0,0 +1,99 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Editieren der Engelliste";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+
+if (IsSet($_GET["enterUID"]))
+{ 
+	// UserID wurde mit uebergeben --> Aendern...
+
+	echo "Hallo,<br>".
+	 	"hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' ".
+		"wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, ".
+		"dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. ".
+		"Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
+		"bereits sein T-Shirt erhalten hat.<br><br>\n";
+
+	echo "<form action=\"./userChangeSecure.php?action=change\" method=\"POST\">\n";
+	echo "<table border=\"0\">\n";
+	echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n";
+
+	// CVS-Rechte
+	echo "  <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n";
+
+	$SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'";
+	$Erg_CVS =  mysql_query($SQL_CVS, $con);
+		
+	if( mysql_num_rows($Erg_CVS) != 1) 
+		echo "Sorry, der Engel (UID=". $_GET["enterUID"]. ") wurde in der Liste nicht gefunden.";
+	else
+	{
+		$CVS_Data = mysql_fetch_array($Erg_CVS);
+		$CVS_Data_i = 1;
+		foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) 
+		{
+	  		$CVS_Data_i++;
+			//nur jeder zweiter sonst wird für jeden text noch die position (Zahl) ausgegeben
+			if( $CVS_Data_i%2 && $CVS_Data_Name!="UID") 
+			{
+				if($CVS_Data_Name=="GroupID") {
+					if( $_GET["enterUID"] > 0 )
+					{
+						echo "<tr><td><b>Group</b></td>\n".
+							"<td><select name=\"GroupID\">";
+
+						$SQL_Group = "SELECT * FROM `UserGroups`";
+						$Erg_Group =  mysql_query($SQL_Group, $con);
+						for ($n = 0 ; $n < mysql_num_rows($Erg_Group) ; $n++)
+						{
+							$UID =  mysql_result($Erg_Group, $n, "UID");
+							echo "\t<option value=\"$UID\"";
+							if( $CVS_Data_Value == $UID)
+								echo " selected";
+							echo ">". mysql_result($Erg_Group, $n, "Name"). "</option>\n";
+						}
+						echo "</select></td></tr>";
+					}
+				} else {
+					echo "<tr><td>$CVS_Data_Name</td>\n<td>";
+					echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"Y\" ";
+					if( $CVS_Data_Value == "Y" )	
+				   		echo " checked";
+					echo ">allow \n";
+					echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"N\" ";
+					if( $CVS_Data_Value == "N" )
+				    		echo " checked";
+					echo ">denied \n";
+					if( $_GET["enterUID"] > 0 )
+					{
+						echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"G\" ";
+						if( $CVS_Data_Value == "G" )
+				    			echo " checked";
+						echo ">group-setting \n";
+						echo "</td></tr>";
+				    	}
+				}
+			} //IF
+		} //Foreach	    
+		echo "</td></tr>\n";
+	} // IF TYPE
+
+	// Ende Formular
+	echo "</td></tr>\n";
+	echo "</table>\n<br>\n";
+	echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+	echo "<input type=\"submit\" value=\"sichern...\">\n";
+	echo "</form>";
+
+	echo "<form action=\"./userSaveSecure.php?action=delete\" method=\"POST\">\n";
+	echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+	echo "<input type=\"submit\" value=\"l&ouml;schen...\">\n";
+	echo "</form>";
+}
+
+include ("../../includes/footer.php");
+?>
+
+
--- a/www-ssl/admin/userSaveNormal.php
+++ b/www-ssl/admin/userSaveNormal.php
--- a/www-ssl/admin/userSaveSecure.php
+++ b/www-ssl/admin/userSaveSecure.php
@ -0,0 +1,162 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Index";
+include ("../../includes/header.php");
+include ("../../includes/funktion_db_list.php");
+include ("../../includes/crypt.php");
+include ("../../includes/funktion_db.php");
+
+if (IsSet($_GET["action"])) 
+{
+	
+	SetHeaderGo2Back();
+	echo "Gesendeter Befehl: ". $_GET["action"]. "<br>";
+
+	switch ($_GET["action"]) 
+	{
+	case "change":
+		if (IsSet($_POST["enterUID"]))
+		{
+			if ($_POST["Type"] == "Normal")
+			{
+				$SQL = "UPDATE `User` SET ";
+				$SQL.= " `Nick` = '". $_POST["eNick"]. "', `Name` = '". $_POST["eName"]. "', ".
+					"`Vorname` = '". $_POST["eVorname"]. "', ".
+					"`Telefon` = '". $_POST["eTelefon"]. "', ".
+					"`Handy` = '". $_POST["eHandy"]. "', ".
+					"`DECT` = '". $_POST["eDECT"]. "', ".
+					"`email` = '". $_POST["eemail"]. "', ".
+					"`ICQ` = '". $_POST["eICQ"]. "', ".
+					"`jabber` = '". $_POST["ejabber"]. "', ".
+					"`Size` = '". $_POST["eSize"]. "', ".
+					"`Gekommen`= '". $_POST["eGekommen"]. "', ".
+					"`Aktiv`= '". $_POST["eAktiv"]. "', ".
+					"`Tshirt` = '". $_POST["eTshirt"]. "', ".
+					"`Hometown` = '". $_POST["Hometown"]. "', ".
+					"`Menu` = '". $_POST["eMenu"]. "' ".
+					"WHERE `UID` = '". $_POST["enterUID"]. 
+					"' LIMIT 1;";
+				echo "User-";
+				$Erg = db_query($SQL, "change user details");
+				if ($Erg == 1) {
+					echo "&Auml;nderung wurde gesichert...\n";
+				} else {
+					echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+				}
+			}
+			elseif ($_POST["Type"] == "Secure")
+			{
+				$SQL2 = "UPDATE `UserCVS` SET ";
+			  	$SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "'";
+				$Erg_CVS =  mysql_query($SQL_CVS, $con);
+				$CVS_Data = mysql_fetch_array($Erg_CVS);
+				$CVS_Data_i = 1;
+				foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) 
+				{
+					if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") {
+						if( $CVS_Data_Name == "GroupID")
+						{
+							if( $_POST["enterUID"] > 0 )
+								$SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", ";
+						} else {
+							$SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', ";
+						}
+					}
+			    		$CVS_Data_i++;
+				}
+				$SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 );
+				$SQL2.= "  WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+				echo "<br>Secure-";
+				$Erg = db_query($SQL2, "change user CVS");
+				if ($Erg == 1) {
+					echo "&Auml;nderung wurde gesichert...\n";
+				} else {
+					echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+				}
+			}
+			else
+				echo "<h1>Fehler: Unbekanter Type (". $_POST["Type"]. ") übergeben\n</h1>\n";
+		}
+		else
+			echo "<h1>Fehler: UserID (enterUID) wurde nicht per POST übergeben</h1>\n";
+		break;
+
+	case "delete":
+		if (IsSet($_POST["enterUID"]))
+		{
+			echo "delate User...";
+			$SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+			$Erg = db_query($SQL, "User delete");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+			
+			echo "<br>\ndelate UserCVS...";
+			$SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+			$Erg = db_query($SQL2, "User CVS delete");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+			
+			echo "<br>\ndelate UserEntry...";
+			$SQL3="UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL ".
+				  "WHERE `UID`='". $_POST["enterUID"]. "';";
+			$Erg = db_query($SQL3, "delate UserEntry");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+		}
+		break;
+
+
+	case "newpw":
+		echo "Bitte neues Kennwort f&uuml;r <b>";
+		// Get Nick
+		$USQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["eUID"]. "'";
+		$Erg = mysql_query($USQL, $con);
+		echo mysql_result($Erg, 0, "Nick");
+		echo "</b> eingeben:<br>";
+		echo "<form action=\"./user2.php?action=newpwsave\" method=\"POST\">\n";	
+		echo "<input type=\"Password\" name=\"ePasswort\">";
+		echo "<input type=\"Password\" name=\"ePasswort2\">";
+		echo "<input type=\"hidden\" name=\"eUID\" value=\"". $_GET["eUID"]. "\">";
+	        echo "<input type=\"submit\" value=\"sichern...\">\n";
+	        echo "</form>";
+		break;
+
+	case "newpwsave":
+		if ($_POST["ePasswort"] == $_POST["ePasswort2"]) 
+		{	// beide Passwoerter passen... 
+			$_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]);
+			$SQL =	"UPDATE `User` SET `Passwort`='". $_POST["ePasswort"]. "' ".
+				"WHERE `UID`='". $_POST["eUID"]. "'";
+			$Erg = db_query($SQL, "User new passwort");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+		} 
+		else 
+			echo "Das Passwort wurde nicht &uuml;bereinstimmend eingegeben!";
+		break;
+	} // end switch
+
+// ende - Action ist gesetzt 
+} 
+else 
+{
+	// kein Action gesetzt -> abbruch
+	echo "Unzul&auml;ssiger Aufruf.<br>Bitte neu editieren...";
+}
+
+include ("../../includes/footer.php");
+?>
+