#28 finnished logging

main
Philip Häusler 12 years ago
parent 346209fbc2
commit 7c42769ab8

@ -135,6 +135,7 @@ function admin_user() {
} }
} }
engelsystem_log("Set angeltypes of " . $user_source['Nick'] . " to: " . join(", ", $user_angel_type_info));
success("Angeltypes saved."); success("Angeltypes saved.");
redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']); redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
} }
@ -202,19 +203,26 @@ function admin_user() {
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`"); $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`"); $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
$groups = array();
$grouplist = array (); $grouplist = array ();
foreach ($groups as $group) foreach ($groups_source as $group) {
$groups[$group['UID']] = $group;
$grouplist[] = $group['UID']; $grouplist[] = $group['UID'];
}
if (!is_array($_REQUEST['groups'])) if (!is_array($_REQUEST['groups']))
$_REQUEST['groups'] = array (); $_REQUEST['groups'] = array ();
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
foreach ($_REQUEST['groups'] as $group) $user_groups_info = array();
if (in_array($group, $grouplist)) foreach ($_REQUEST['groups'] as $group) {
sql_query("INSERT INTO `UserGroups` SET `uid`=" . if (in_array($group, $grouplist)) {
sql_escape($id) . ", `group_id`=" . sql_escape($group)); sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group));
$user_groups_info[] = $groups[$group]['Name'];
}
}
engelsystem_log("Set groups of " . $user_source['Nick'] . " to: " . join(", ", $user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true); $html .= success("Benutzergruppen gespeichert.", true);
} else { } else {
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true); $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
@ -229,6 +237,7 @@ function admin_user() {
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id)); sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
engelsystem_log("Deleted user " . $user_source['Nick']);
$html .= success("Benutzer gelöscht!", true); $html .= success("Benutzer gelöscht!", true);
} else { } else {
$html .= error("Du kannst Dich nicht selber löschen!", true); $html .= error("Du kannst Dich nicht selber löschen!", true);
@ -254,12 +263,14 @@ function admin_user() {
"WHERE `UID` = '" . sql_escape($id) . "WHERE `UID` = '" . sql_escape($id) .
"' LIMIT 1;"; "' LIMIT 1;";
sql_query($SQL); sql_query($SQL);
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
$html .= success("Änderung wurde gespeichert...\n", true); $html .= success("Änderung wurde gespeichert...\n", true);
break; break;
case 'change_pw' : case 'change_pw' :
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($id, $_REQUEST['new_pw']); set_password($id, $_REQUEST['new_pw']);
engelsystem_log("Set new password for " . $user_source['Nick']);
$html .= success("Passwort neu gesetzt.", true); $html .= success("Passwort neu gesetzt.", true);
} else { } else {
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true); $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);

@ -116,9 +116,12 @@ function guest_register() {
set_password($user_id, $_REQUEST['password']); set_password($user_id, $_REQUEST['password']);
// Assign angel-types // Assign angel-types
foreach ($selected_angel_types as $selected_angel_type_id) $user_angel_types_info = array();
foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
$user_angel_types_info[] = $angel_types[$selected_angel_type_id]['name'];
}
engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info));
success(Get_Text("makeuser_writeOK4")); success(Get_Text("makeuser_writeOK4"));
//if (!isset ($_SESSION['uid'])) //if (!isset ($_SESSION['uid']))
redirect(page_link_to('login')); redirect(page_link_to('login'));

@ -28,14 +28,15 @@ function user_myshifts() {
} }
elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit']; $id = $_REQUEST['edit'];
$shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
if (count($shift) > 0) { if (count($shift) > 0) {
$shift = $shift[0]; $shift = $shift[0];
if (isset ($_REQUEST['submit'])) { if (isset ($_REQUEST['submit'])) {
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
$user_source = User($shift['UID']);
sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
engelsystem_log("Updated " . $user_source['Nick'] . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment);
success("Schicht gespeichert."); success("Schicht gespeichert.");
redirect(page_link_to('user_myshifts')); redirect(page_link_to('user_myshifts'));
} }
@ -87,9 +88,6 @@ function user_myshifts() {
if ($html == "") if ($html == "")
$html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>'; $html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
if ($shifts_user['ical_key'] == "")
user_reset_ical_key($shifts_user);
return msg().template_render('../templates/user_myshifts.html', array ( return msg().template_render('../templates/user_myshifts.html', array (
'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN), 'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
'shifts' => $html, 'shifts' => $html,
@ -97,6 +95,6 @@ function user_myshifts() {
'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'), 'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'], page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
page_link_to('user_myshifts') . '&reset'), page_link_to('user_myshifts') . '&reset'),
)); ));
} }
?> ?>

@ -58,6 +58,7 @@ function user_news_comments() {
if (isset ($_REQUEST["text"])) { if (isset ($_REQUEST["text"])) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
engelsystem_log("Created news_comment: " . $text);
$html .= success("Eintrag wurde gespeichert", true); $html .= success("Eintrag wurde gespeichert", true);
} }
@ -114,6 +115,7 @@ function user_news() {
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
"', '" . sql_escape($_POST["treffen"]) . "');"); "', '" . sql_escape($_POST["treffen"]) . "');");
engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
$html .= success(Get_Text(4), true); $html .= success(Get_Text(4), true);
} }

@ -99,14 +99,20 @@ function user_settings() {
"', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID'])); "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
// Assign angel-types // Assign angel-types
foreach ($angel_types_source as $angel_type) $user_angel_type_info = array();
foreach ($angel_types_source as $angel_type) {
if (!in_array($angel_type['id'], $selected_angel_types)) if (!in_array($angel_type['id'], $selected_angel_types))
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1"); sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
else
$user_angel_type_info[] = $angel_type['name'];
}
foreach ($selected_angel_types as $selected_angel_type_id) foreach ($selected_angel_types as $selected_angel_type_id) {
if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
}
engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));
success("Settings saved."); success("Settings saved.");
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} }

@ -9,8 +9,15 @@ function user_shifts() {
else else
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$shift_entry_source = sql_select("SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id) . " LIMIT 1");
if(count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0];
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1"); sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
engelsystem_log("Deleted " . $shift_entry_source['Nick'] . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("y-m-d H:i", $shift_entry_source['start']) . " to " . date("y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
success("Der Schicht-Eintrag wurde gelöscht."); success("Der Schicht-Eintrag wurde gelöscht.");
}
else error("Entry not found.");
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
// Schicht bearbeiten // Schicht bearbeiten
@ -43,9 +50,12 @@ function user_shifts() {
// Engeltypen laden // Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array();
$needed_angel_types = array (); $needed_angel_types = array ();
foreach ($types as $type) foreach ($types as $type) {
$angel_types[$type['id']] = $type;
$needed_angel_types[$type['id']] = 0; $needed_angel_types[$type['id']] = 0;
}
// Benötigte Engeltypen vom Raum // Benötigte Engeltypen vom Raum
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`"); $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`");
@ -110,8 +120,13 @@ function user_shifts() {
if ($ok) { if ($ok) {
sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
foreach ($needed_angel_types as $type_id => $count) $needed_angel_types_info = array();
foreach ($needed_angel_types as $type_id => $count) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count)); sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
$needed_angel_types_info[] = $angel_types[$type_id];
}
engelsystem_log("Updated shift " . $name . " from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
success("Schicht gespeichert."); success("Schicht gespeichert.");
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
@ -155,6 +170,7 @@ function user_shifts() {
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success("Die Schicht wurde gelöscht."); success("Die Schicht wurde gelöscht.");
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
@ -222,6 +238,8 @@ function user_shifts() {
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id)); sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id));
$user_source = User($user_id);
engelsystem_log("User " . $user_source['Nick'] . " signed up for shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>'); success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>');
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }

@ -23,6 +23,7 @@ $tshirt_sizes = array (
function user_reset_ical_key($user) { function user_reset_ical_key($user) {
$user['ical_key'] = md5($user['Nick'] . time() . rand()); $user['ical_key'] = md5($user['Nick'] . time() . rand());
sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
engelsystem_log("iCal key resetted.");
} }
function UID2Nick($UID) { function UID2Nick($UID) {

@ -43,7 +43,7 @@
</table> </table>
<hr/> <hr/>
<p> <p>
Frage einen Orga: Frage einen Erzengel:
</p> </p>
<form action="%link%&action=ask" method="post"> <form action="%link%&action=ask" method="post">
<table> <table>

Loading…
Cancel
Save