#28 finnished logging

main
Philip Häusler 12 years ago
parent 346209fbc2
commit 7c42769ab8

@ -135,6 +135,7 @@ function admin_user() {
} }
} }
engelsystem_log("Set angeltypes of " . $user_source['Nick'] . " to: " . join(", ", $user_angel_type_info));
success("Angeltypes saved."); success("Angeltypes saved.");
redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']); redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
} }
@ -202,19 +203,26 @@ function admin_user() {
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`"); $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`"); $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
$groups = array();
$grouplist = array (); $grouplist = array ();
foreach ($groups as $group) foreach ($groups_source as $group) {
$groups[$group['UID']] = $group;
$grouplist[] = $group['UID']; $grouplist[] = $group['UID'];
}
if (!is_array($_REQUEST['groups'])) if (!is_array($_REQUEST['groups']))
$_REQUEST['groups'] = array (); $_REQUEST['groups'] = array ();
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
foreach ($_REQUEST['groups'] as $group) $user_groups_info = array();
if (in_array($group, $grouplist)) foreach ($_REQUEST['groups'] as $group) {
sql_query("INSERT INTO `UserGroups` SET `uid`=" . if (in_array($group, $grouplist)) {
sql_escape($id) . ", `group_id`=" . sql_escape($group)); sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group));
$user_groups_info[] = $groups[$group]['Name'];
}
}
engelsystem_log("Set groups of " . $user_source['Nick'] . " to: " . join(", ", $user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true); $html .= success("Benutzergruppen gespeichert.", true);
} else { } else {
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true); $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
@ -229,6 +237,7 @@ function admin_user() {
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id)); sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
engelsystem_log("Deleted user " . $user_source['Nick']);
$html .= success("Benutzer gelöscht!", true); $html .= success("Benutzer gelöscht!", true);
} else { } else {
$html .= error("Du kannst Dich nicht selber löschen!", true); $html .= error("Du kannst Dich nicht selber löschen!", true);
@ -254,12 +263,14 @@ function admin_user() {
"WHERE `UID` = '" . sql_escape($id) . "WHERE `UID` = '" . sql_escape($id) .
"' LIMIT 1;"; "' LIMIT 1;";
sql_query($SQL); sql_query($SQL);
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
$html .= success("Änderung wurde gespeichert...\n", true); $html .= success("Änderung wurde gespeichert...\n", true);
break; break;
case 'change_pw' : case 'change_pw' :
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($id, $_REQUEST['new_pw']); set_password($id, $_REQUEST['new_pw']);
engelsystem_log("Set new password for " . $user_source['Nick']);
$html .= success("Passwort neu gesetzt.", true); $html .= success("Passwort neu gesetzt.", true);
} else { } else {
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true); $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);

@ -116,9 +116,12 @@ function guest_register() {
set_password($user_id, $_REQUEST['password']); set_password($user_id, $_REQUEST['password']);
// Assign angel-types // Assign angel-types
foreach ($selected_angel_types as $selected_angel_type_id) $user_angel_types_info = array();
foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
$user_angel_types_info[] = $angel_types[$selected_angel_type_id]['name'];
}
engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info));
success(Get_Text("makeuser_writeOK4")); success(Get_Text("makeuser_writeOK4"));
//if (!isset ($_SESSION['uid'])) //if (!isset ($_SESSION['uid']))
redirect(page_link_to('login')); redirect(page_link_to('login'));

@ -3,100 +3,98 @@
// Zeigt die Schichten an, die ein Benutzer belegt // Zeigt die Schichten an, die ein Benutzer belegt
function user_myshifts() { function user_myshifts() {
global $LETZTES_AUSTRAGEN; global $LETZTES_AUSTRAGEN;
global $user, $privileges; global $user, $privileges;
$msg = ""; $msg = "";
if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) { if (isset ($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
} else { } else {
$id = $user['UID']; $id = $user['UID'];
} }
list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
if ($id != $user['UID']) if ($id != $user['UID'])
$msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true); $msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true);
if (isset ($_REQUEST['reset'])) { if (isset ($_REQUEST['reset'])) {
if ($_REQUEST['reset'] == "ack") { if ($_REQUEST['reset'] == "ack") {
user_reset_ical_key($user); user_reset_ical_key($user);
success("Key geändert."); success("Key geändert.");
redirect(page_link_to('user_myshifts')); redirect(page_link_to('user_myshifts'));
} }
return template_render('../templates/user_myshifts_reset.html', array ()); return template_render('../templates/user_myshifts_reset.html', array ());
} }
elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit']; $id = $_REQUEST['edit'];
$shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
if (count($shift) > 0) { if (count($shift) > 0) {
$shift = $shift[0]; $shift = $shift[0];
if (isset ($_REQUEST['submit'])) { if (isset ($_REQUEST['submit'])) {
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $user_source = User($shift['UID']);
sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
engelsystem_log("Updated " . $user_source['Nick'] . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment);
success("Schicht gespeichert.");
redirect(page_link_to('user_myshifts'));
}
success("Schicht gespeichert."); return template_render('../templates/user_shifts_add.html', array (
redirect(page_link_to('user_myshifts')); 'angel' => $shifts_user['Nick'],
} 'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
'location' => $shift['Name'],
'title' => $shift['name'],
'type' => $shift['angel_type'],
'comment' => $shift['Comment']
));
} else
redirect(page_link_to('user_myshifts'));
}
elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
$id = $_REQUEST['cancel'];
$shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
if (count($shift) > 0) {
$shift = $shift[0];
if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
$msg .= success(Get_Text("pub_myshifts_signed_off"), true);
} else
$msg .= error(Get_Text("pub_myshifts_too_late"), true);
} else
redirect(page_link_to('user_myshifts'));
}
$shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
return template_render('../templates/user_shifts_add.html', array ( $html = "";
'angel' => $shifts_user['Nick'], foreach ($shifts as $shift) {
'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), if (time() > $shift['end'])
'location' => $shift['Name'], $html .= '<tr class="done">';
'title' => $shift['name'], else
'type' => $shift['angel_type'], $html .= '<tr>';
'comment' => $shift['Comment'] $html .= '<td>' . date("Y-m-d", $shift['start']) . '</td>';
)); $html .= '<td>' . date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '</td>';
} else $html .= '<td>' . $shift['Name'] . '</td>';
redirect(page_link_to('user_myshifts')); $html .= '<td>' . $shift['name'] . '</td>';
} $html .= '<td>' . $shift['Comment'] . '</td>';
elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { $html .= '<td>';
$id = $_REQUEST['cancel']; $html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">' . Get_Text('edit') . '</a>';
$shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 3600)
if (count($shift) > 0) { $html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">' . Get_Text('sign_off') . '</a>';
$shift = $shift[0]; $html .= '</td>';
if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) { $html .= '</tr>';
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); }
$msg .= success(Get_Text("pub_myshifts_signed_off"), true); if ($html == "")
} else $html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
$msg .= error(Get_Text("pub_myshifts_too_late"), true);
} else
redirect(page_link_to('user_myshifts'));
}
$shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
$html = ""; return msg().template_render('../templates/user_myshifts.html', array (
foreach ($shifts as $shift) { 'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
if (time() > $shift['end']) 'shifts' => $html,
$html .= '<tr class="done">'; 'msg' => $msg,
else 'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
$html .= '<tr>'; page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
$html .= '<td>' . date("Y-m-d", $shift['start']) . '</td>'; page_link_to('user_myshifts') . '&reset'),
$html .= '<td>' . date("H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '</td>'; ));
$html .= '<td>' . $shift['Name'] . '</td>';
$html .= '<td>' . $shift['name'] . '</td>';
$html .= '<td>' . $shift['Comment'] . '</td>';
$html .= '<td>';
$html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">' . Get_Text('edit') . '</a>';
if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 3600)
$html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">' . Get_Text('sign_off') . '</a>';
$html .= '</td>';
$html .= '</tr>';
}
if ($html == "")
$html = '<tr><td>' . ucfirst(Get_Text('none')) . '...</td><td></td><td></td><td></td><td></td><td>' . sprintf(Get_Text('pub_myshifts_goto_shifts'), page_link_to('user_shifts')) . '</td></tr>';
if ($shifts_user['ical_key'] == "")
user_reset_ical_key($shifts_user);
return msg().template_render('../templates/user_myshifts.html', array (
'intro' => sprintf(Get_Text('pub_myshifts_intro'), $LETZTES_AUSTRAGEN),
'shifts' => $html,
'msg' => $msg,
'ical_text' => sprintf(Get_Text('inc_schicht_ical_text'),
page_link_to_absolute('ical') . '&key=' . $shifts_user['ical_key'],
page_link_to('user_myshifts') . '&reset'),
));
} }
?> ?>

@ -58,6 +58,7 @@ function user_news_comments() {
if (isset ($_REQUEST["text"])) { if (isset ($_REQUEST["text"])) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
engelsystem_log("Created news_comment: " . $text);
$html .= success("Eintrag wurde gespeichert", true); $html .= success("Eintrag wurde gespeichert", true);
} }
@ -114,6 +115,7 @@ function user_news() {
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
"', '" . sql_escape($_POST["treffen"]) . "');"); "', '" . sql_escape($_POST["treffen"]) . "');");
engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
$html .= success(Get_Text(4), true); $html .= success(Get_Text(4), true);
} }

@ -1,201 +1,207 @@
<?php <?php
function user_settings() { function user_settings() {
global $enable_tshirt_size, $tshirt_sizes, $themes, $languages; global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
global $user; global $user;
$msg = ""; $msg = "";
$nick = $user['Nick']; $nick = $user['Nick'];
$lastname = $user['Name']; $lastname = $user['Name'];
$prename = $user['Vorname']; $prename = $user['Vorname'];
$age = $user['Alter']; $age = $user['Alter'];
$tel = $user['Telefon']; $tel = $user['Telefon'];
$dect = $user['DECT']; $dect = $user['DECT'];
$mobile = $user['Handy']; $mobile = $user['Handy'];
$mail = $user['email']; $mail = $user['email'];
$icq = $user['ICQ']; $icq = $user['ICQ'];
$jabber = $user['jabber']; $jabber = $user['jabber'];
$hometown = $user['Hometown']; $hometown = $user['Hometown'];
$tshirt_size = $user['Size']; $tshirt_size = $user['Size'];
$password_hash = ""; $password_hash = "";
$selected_theme = $user['color']; $selected_theme = $user['color'];
$selected_language = $user['Sprache']; $selected_language = $user['Sprache'];
$selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID'])); $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
$selected_angel_types = array (); $selected_angel_types = array ();
foreach ($selected_angel_types_source as $selected_angel_type) foreach ($selected_angel_types_source as $selected_angel_type)
$selected_angel_types[] = $selected_angel_type['angeltype_id']; $selected_angel_types[] = $selected_angel_type['angeltype_id'];
$angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array (); $angel_types = array ();
foreach ($angel_types_source as $angel_type) foreach ($angel_types_source as $angel_type)
$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
if (isset ($_REQUEST['submit'])) { if (isset ($_REQUEST['submit'])) {
$ok = true; $ok = true;
if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) { if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
$nick = strip_request_item('nick'); $nick = strip_request_item('nick');
if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
$ok = false; $ok = false;
$msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true); $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
} }
} else { } else {
$ok = false; $ok = false;
$msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true); $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
} }
if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
$mail = strip_request_item('mail'); $mail = strip_request_item('mail');
if (!check_email($mail)) { if (!check_email($mail)) {
$ok = false; $ok = false;
$msg .= error(Get_Text("makeuser_error_mail"), true); $msg .= error(Get_Text("makeuser_error_mail"), true);
} }
} else { } else {
$ok = false; $ok = false;
$msg .= error("Please enter your e-mail.", true); $msg .= error("Please enter your e-mail.", true);
} }
if (isset ($_REQUEST['icq'])) if (isset ($_REQUEST['icq']))
$icq = strip_request_item('icq'); $icq = strip_request_item('icq');
if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
$jabber = strip_request_item('jabber'); $jabber = strip_request_item('jabber');
if (!check_email($jabber)) { if (!check_email($jabber)) {
$ok = false; $ok = false;
$msg .= error("Please check your jabber.", true); $msg .= error("Please check your jabber.", true);
} }
} }
if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']])) if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
$tshirt_size = $_REQUEST['tshirt_size']; $tshirt_size = $_REQUEST['tshirt_size'];
else { else {
$ok = false; $ok = false;
} }
$selected_angel_types = array (); $selected_angel_types = array ();
foreach ($angel_types as $angel_type_id => $angel_type_name) foreach ($angel_types as $angel_type_id => $angel_type_name)
if (isset ($_REQUEST['angel_types_' . $angel_type_id])) if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
$selected_angel_types[] = $angel_type_id; $selected_angel_types[] = $angel_type_id;
// Trivia // Trivia
if (isset ($_REQUEST['lastname'])) if (isset ($_REQUEST['lastname']))
$lastname = strip_request_item('lastname'); $lastname = strip_request_item('lastname');
if (isset ($_REQUEST['prename'])) if (isset ($_REQUEST['prename']))
$prename = strip_request_item('prename'); $prename = strip_request_item('prename');
if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
$age = strip_request_item('age'); $age = strip_request_item('age');
if (isset ($_REQUEST['tel'])) if (isset ($_REQUEST['tel']))
$tel = strip_request_item('tel'); $tel = strip_request_item('tel');
if (isset ($_REQUEST['dect'])) if (isset ($_REQUEST['dect']))
$dect = strip_request_item('dect'); $dect = strip_request_item('dect');
if (isset ($_REQUEST['mobile'])) if (isset ($_REQUEST['mobile']))
$mobile = strip_request_item('mobile'); $mobile = strip_request_item('mobile');
if (isset ($_REQUEST['hometown'])) if (isset ($_REQUEST['hometown']))
$hometown = strip_request_item('hometown'); $hometown = strip_request_item('hometown');
if ($ok) { if ($ok) {
sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) . sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
"', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
"', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
"', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID'])); "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
// Assign angel-types // Assign angel-types
foreach ($angel_types_source as $angel_type) $user_angel_type_info = array();
if (!in_array($angel_type['id'], $selected_angel_types)) foreach ($angel_types_source as $angel_type) {
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1"); if (!in_array($angel_type['id'], $selected_angel_types))
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
foreach ($selected_angel_types as $selected_angel_type_id) else
if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) $user_angel_type_info[] = $angel_type['name'];
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); }
success("Settings saved."); foreach ($selected_angel_types as $selected_angel_type_id) {
redirect(page_link_to('user_settings')); if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
} sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
} }
elseif (isset ($_REQUEST['submit_password'])) {
$ok = true; engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));
success("Settings saved.");
if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) redirect(page_link_to('user_settings'));
$msg .= error(Get_Text(30), true); }
elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) }
$msg .= error(Get_Text("makeuser_error_password2")); elseif (isset ($_REQUEST['submit_password'])) {
elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) $ok = true;
$msg .= error(Get_Text("makeuser_error_password1"), true);
elseif(set_password($user['UID'], $_REQUEST['new_password'])) if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
success("Password saved."); $msg .= error(Get_Text(30), true);
else elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
error("Failed setting password."); $msg .= error(Get_Text("makeuser_error_password2"));
redirect(page_link_to('user_settings')); elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
} $msg .= error(Get_Text("makeuser_error_password1"), true);
elseif (isset ($_REQUEST['submit_theme'])) { elseif(set_password($user['UID'], $_REQUEST['new_password']))
$ok = true; success("Password saved.");
else
if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']])) error("Failed setting password.");
$selected_theme = $_REQUEST['theme']; redirect(page_link_to('user_settings'));
else }
$ok = false; elseif (isset ($_REQUEST['submit_theme'])) {
$ok = true;
if ($ok) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID'])); if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
$selected_theme = $_REQUEST['theme'];
success("Theme changed."); else
redirect(page_link_to('user_settings')); $ok = false;
}
} if ($ok) {
elseif (isset ($_REQUEST['submit_language'])) { sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
$ok = true;
success("Theme changed.");
if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']])) redirect(page_link_to('user_settings'));
$selected_language = $_REQUEST['language']; }
else }
$ok = false; elseif (isset ($_REQUEST['submit_language'])) {
$ok = true;
if ($ok) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID'])); if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
$_SESSION['Sprache'] = $selected_language; $selected_language = $_REQUEST['language'];
else
success("Language changed."); $ok = false;
redirect(page_link_to('user_settings'));
} if ($ok) {
} sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
$_SESSION['Sprache'] = $selected_language;
return page(array (
sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']), success("Language changed.");
$msg, redirect(page_link_to('user_settings'));
msg(), }
form(array ( }
form_info("", Get_Text("pub_einstellungen_Text_UserData")),
form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick), return page(array (
form_text('lastname', Get_Text("makeuser_Nachname"), $lastname), sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
form_text('prename', Get_Text("makeuser_Vorname"), $prename), $msg,
form_text('age', Get_Text("makeuser_Alter"), $age), msg(),
form_text('tel', Get_Text("makeuser_Telefon"), $tel), form(array (
form_text('dect', Get_Text("makeuser_DECT"), $dect), form_info("", Get_Text("pub_einstellungen_Text_UserData")),
form_text('mobile', Get_Text("makeuser_Handy"), $mobile), form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail), form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
form_text('icq', "ICQ", $icq), form_text('prename', Get_Text("makeuser_Vorname"), $prename),
form_text('jabber', "Jabber", $jabber), form_text('age', Get_Text("makeuser_Alter"), $age),
form_text('hometown', Get_Text("makeuser_Hometown"), $hometown), form_text('tel', Get_Text("makeuser_Telefon"), $tel),
$enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '', form_text('dect', Get_Text("makeuser_DECT"), $dect),
form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types), form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
form_submit('submit', Get_Text("save")) form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
)), form_text('icq', "ICQ", $icq),
form(array ( form_text('jabber', "Jabber", $jabber),
form_info("", Get_Text(14)), form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
form_password('password', Get_Text(15)), $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
form_password('new_password', Get_Text(16)), form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
form_password('new_password2', Get_Text(17)), form_submit('submit', Get_Text("save"))
form_submit('submit_password', Get_Text("save")) )),
)), form(array (
form(array ( form_info("", Get_Text(14)),
form_info("", Get_Text(18)), form_password('password', Get_Text(15)),
form_select('theme', Get_Text(19), $themes, $selected_theme), form_password('new_password', Get_Text(16)),
form_submit('submit_theme', Get_Text("save")) form_password('new_password2', Get_Text(17)),
)), form_submit('submit_password', Get_Text("save"))
form(array ( )),
form_info("", Get_Text(20)), form(array (
form_select('language', Get_Text(21), $languages, $selected_language), form_info("", Get_Text(18)),
form_submit('submit_language', Get_Text("save")) form_select('theme', Get_Text(19), $themes, $selected_theme),
)) form_submit('submit_theme', Get_Text("save"))
)); )),
form(array (
form_info("", Get_Text(20)),
form_select('language', Get_Text(21), $languages, $selected_language),
form_submit('submit_language', Get_Text("save"))
))
));
} }
?> ?>

@ -9,8 +9,15 @@ function user_shifts() {
else else
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1"); $shift_entry_source = sql_select("SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id) . " LIMIT 1");
success("Der Schicht-Eintrag wurde gelöscht."); if(count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0];
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
engelsystem_log("Deleted " . $shift_entry_source['Nick'] . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("y-m-d H:i", $shift_entry_source['start']) . " to " . date("y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
success("Der Schicht-Eintrag wurde gelöscht.");
}
else error("Entry not found.");
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
// Schicht bearbeiten // Schicht bearbeiten
@ -43,9 +50,12 @@ function user_shifts() {
// Engeltypen laden // Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array();
$needed_angel_types = array (); $needed_angel_types = array ();
foreach ($types as $type) foreach ($types as $type) {
$angel_types[$type['id']] = $type;
$needed_angel_types[$type['id']] = 0; $needed_angel_types[$type['id']] = 0;
}
// Benötigte Engeltypen vom Raum // Benötigte Engeltypen vom Raum
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`"); $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`");
@ -110,8 +120,13 @@ function user_shifts() {
if ($ok) { if ($ok) {
sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
foreach ($needed_angel_types as $type_id => $count) $needed_angel_types_info = array();
foreach ($needed_angel_types as $type_id => $count) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count)); sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
$needed_angel_types_info[] = $angel_types[$type_id];
}
engelsystem_log("Updated shift " . $name . " from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
success("Schicht gespeichert."); success("Schicht gespeichert.");
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
@ -155,6 +170,7 @@ function user_shifts() {
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success("Die Schicht wurde gelöscht."); success("Die Schicht wurde gelöscht.");
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
@ -222,6 +238,8 @@ function user_shifts() {
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id)); sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id));
$user_source = User($user_id);
engelsystem_log("User " . $user_source['Nick'] . " signed up for shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>'); success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>');
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }

@ -6,125 +6,126 @@
*/ */
$tshirt_sizes = array ( $tshirt_sizes = array (
'' => "Please select...", '' => "Please select...",
'S' => "S", 'S' => "S",
'M' => "M", 'M' => "M",
'L' => "L", 'L' => "L",
'XL' => "XL", 'XL' => "XL",
'2XL' => "2XL", '2XL' => "2XL",
'3XL' => "3XL", '3XL' => "3XL",
'4XL' => "4XL", '4XL' => "4XL",
'5XL' => "5XL", '5XL' => "5XL",
'S-G' => "S Girl", 'S-G' => "S Girl",
'M-G' => "M Girl", 'M-G' => "M Girl",
'L-G' => "L Girl", 'L-G' => "L Girl",
'XL-G' => "XL Girl" 'XL-G' => "XL Girl"
); );
function user_reset_ical_key($user) { function user_reset_ical_key($user) {
$user['ical_key'] = md5($user['Nick'] . time() . rand()); $user['ical_key'] = md5($user['Nick'] . time() . rand());
sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1"); sql_query("UPDATE `User` SET `ical_key`='" . sql_escape($user['ical_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
engelsystem_log("iCal key resetted.");
} }
function UID2Nick($UID) { function UID2Nick($UID) {
if ($UID > 0) if ($UID > 0)
$SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'"; $SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
else else
$SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'"; $SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
$Erg = sql_select($SQL); $Erg = sql_select($SQL);
if (count($Erg) > 0) { if (count($Erg) > 0) {
if ($UID > 0) if ($UID > 0)
return $Erg[0]['Nick']; return $Erg[0]['Nick'];
else else
return "Group-" . $Erg[0]['Name']; return "Group-" . $Erg[0]['Name'];
} else { } else {
if ($UID == -1) if ($UID == -1)
return "Guest"; return "Guest";
else else
return "UserID $UID not found"; return "UserID $UID not found";
} }
} }
function TID2Type($TID) { function TID2Type($TID) {
global $con; global $con;
$SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'"; $SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
$Erg = mysql_query($SQL, $con); $Erg = mysql_query($SQL, $con);
if (mysql_num_rows($Erg)) if (mysql_num_rows($Erg))
return mysql_result($Erg, 0); return mysql_result($Erg, 0);
else else
return ""; return "";
} }
function ReplaceSmilies($neueckig) { function ReplaceSmilies($neueckig) {
$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig); $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig); $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig); $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig); $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig); $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig); $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig); $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig); $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig); $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig); $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig); $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig); $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig); $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig); $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
return $neueckig; return $neueckig;
} }
function GetPictureShow($UID) { function GetPictureShow($UID) {
global $con; global $con;
$SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'"; $SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
$res = mysql_query($SQL, $con); $res = mysql_query($SQL, $con);
if (mysql_num_rows($res) == 1) if (mysql_num_rows($res) == 1)
return mysql_result($res, 0, 0); return mysql_result($res, 0, 0);
else else
return ""; return "";
} }
function displayPicture($UID, $height = "30") { function displayPicture($UID, $height = "30") {
global $url, $ENGEL_ROOT; global $url, $ENGEL_ROOT;
if ($height > 0) if ($height > 0)
return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>"); return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
else else
return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>"); return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
} }
function displayavatar($UID, $height = "30") { function displayavatar($UID, $height = "30") {
global $con, $url, $ENGEL_ROOT; global $con, $url, $ENGEL_ROOT;
if (GetPictureShow($UID) == 'Y') if (GetPictureShow($UID) == 'Y')
return "&nbsp;" . displayPicture($UID, $height); return "&nbsp;" . displayPicture($UID, $height);
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1"); $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
if (count($user) > 0) if (count($user) > 0)
if ($user[0]['Avatar'] > 0) if ($user[0]['Avatar'] > 0)
return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>'; return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
} }
function UIDgekommen($UID) { function UIDgekommen($UID) {
global $con; global $con;
$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'"; $SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
$Erg = mysql_query($SQL, $con); $Erg = mysql_query($SQL, $con);
if (mysql_num_rows($Erg)) if (mysql_num_rows($Erg))
return mysql_result($Erg, 0); return mysql_result($Erg, 0);
else else
return "0"; return "0";
} }
?> ?>

@ -43,7 +43,7 @@
</table> </table>
<hr/> <hr/>
<p> <p>
Frage einen Orga: Frage einen Erzengel:
</p> </p>
<form action="%link%&action=ask" method="post"> <form action="%link%&action=ask" method="post">
<table> <table>

Loading…
Cancel
Save