@ -2,142 +2,140 @@
function admin_rooms() {
function admin_rooms() {
global $user;
global $user;
$html = "";
$rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = array ();
if (!isset ($_REQUEST["action"])) {
foreach ($rooms_source as $room)
$html .= "Hallo " . $user['Nick'] .
$rooms[] = array (
",< br / > \nhier hast du die Mö glichkeit, neue Rä ume fü r die Schichtplä ne einzutragen " .
'name' => $room['Name'],
"oder vorhandene abzuä ndern:< br / > < br / > \n";
'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓ ' : '',
'public' => $room['show'] == 'Y' ? '✓ ' : '',
// Räume auflisten
'actions' => '< a class = "ection edit" href = "' . page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'] . '" > edit< / a > < a class = "action delete" href = "' . page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'] . '" > delete< / a > '
if (count($rooms) > 0) {
);
$html .= '< table > < thead > < tr > ';
if (isset ($_REQUEST['show'])) {
$html .= "< table width = \"100%\" class = \"border\" cellpadding = \"2\" cellspacing = \"1\" > \n";
$msg = "";
$html .= "< tr class = \"contenttopic\" > \n";
$name = "";
$from_pentabarf = "";
// Tabellenüberschriften generieren
$public = 'Y';
foreach ($rooms[0] as $attr => $tmp)
$number = "";
if ($attr != 'RID')
$html .= '< th > ' . $attr . '< / th > ';
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$html .= '< th > < / th > ';
$angeltypes = array ();
$html .= '< / tr > < / thead > < tbody > ';
$angeltypes_count = array ();
foreach ($angeltypes_source as $angeltype) {
foreach ($rooms as $i => $room) {
$angeltypes[$angeltype['id']] = $angeltype['name'];
$html .= '< tr > ';
$angeltypes_count[$angeltype['id']] = 0;
foreach ($room as $attr => $value)
}
if ($attr != 'RID')
$html .= '< td > ' . $value . '< / td > ';
$html .= '< td > < a href = "' . page_link_to(" admin_rooms " ) . ' & action = change&RID=' . $ room [ ' RID ' ] . ' " > Edit< / a > < / td > ';
$html .= '< / tr > ';
}
$html .= '< / tbody > < / table > ';
if (test_request_int('id')) {
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($_REQUEST['id']));
if (count($room) > 0) {
$id = $_REQUEST['id'];
$name = $room[0]['Name'];
$from_pentabarf = $room[0]['FromPentabarf'];
$public = $room[0]['show'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
foreach ($needed_angeltypes as $needed_angeltype)
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
} else
redirect(page_link_to('admin_rooms'));
}
}
$html .= "< hr / > < a href = \"" . page_link_to ( " admin_rooms " ) . " & action = new\" > Neuen Raum/Ort eintragen< / a > < br / > \n";
} else {
switch ($_REQUEST["action"]) {
case 'new' :
if ($_REQUEST['show'] == 'edit') {
$html .= template_render('../templates/admin_rooms_new_form.html', array (
if (isset ($_REQUEST['submit'])) {
'link' => page_link_to("admin_rooms")
$ok = true;
));
break;
case 'newsave' :
if (isset ($_REQUEST['name']) & & strlen(strip_request_item('name')) > 0)
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
$name = strip_request_item('name');
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
else {
$from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf']));
$ok = false;
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
$msg .= error("Please enter a name.", true);
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
}
sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "'");
header("Location: " . page_link_to("admin_rooms"));
break;
case 'change' :
if (isset ($_REQUEST['from_pentabarf']))
if (isset ($_REQUEST['RID']) & & preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
$from_pentabarf = 'Y';
$rid = $_REQUEST['RID'];
else
else
return error("Incomplete call, missing Room ID.", true);
$from_pentabarf = '';
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
if (count($room) > 0) {
list ($room) = $room;
$room_angel_types = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`name`");
$angel_types = "";
foreach ($room_angel_types as $room_angel_type) {
if ($room_angel_type['count'] == "")
$room_angel_type['count'] = "0";
$angel_types .= '< tr > < td > ' . $room_angel_type['name'] . '< / td > < td > < input type = "text" name = "angel_type_' . $room_angel_type['id'] . '" value = "' . $room_angel_type['count'] . '" / > < / td > < / tr > ';
}
$html .= template_render('../templates/admin_rooms_edit_form.html', array (
if (isset ($_REQUEST['public']))
'link' => page_link_to("admin_rooms"),
$public = 'Y';
'room_id' => $rid,
'name' => $room['Name'],
'man' => $room['Man'],
'number' => $room['Number'],
'from_pentabarf_options' => html_options('FromPentabarf', array (
'Y' => 'Yes',
'N' => 'No'
), $room['FromPentabarf']),
'show_options' => html_options('Show', array (
'Y' => 'Yes',
'N' => 'No'
), $room['show']),
'angel_types' => $angel_types
));
} else
return error("No Room found.", true);
break;
case 'changesave' :
if (isset ($_REQUEST['RID']) & & preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
$rid = $_REQUEST['RID'];
else
else
return error("Incomplete call, missing Room ID.", true);
$public = '';
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
if (count($room) > 0) {
list ($room) = $room;
$room_angel_types = sql_select("SELECT `AngelTypes`.* FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`name`");
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
if (isset ($_REQUEST['number']))
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
$number = strip_request_item('number');
$from_pentabarf = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['FromPentabarf']));
else
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
$ok = false;
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
foreach ($angeltypes as $angeltype_id => $angeltype)
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid));
if (isset ($_REQUEST['angeltype_count_' . $angeltype_id]) & & preg_match("/^[0-9]{1,11}$/", $_REQUEST['angeltype_count_' . $angeltype_id]))
foreach ($room_angel_types as $room_angel_type) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
if (isset ($_REQUEST['angel_type_' . $room_angel_type['id']]) & & preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['id']]))
else {
$count = $_REQUEST['angel_type_' . $room_angel_type['id']];
$ok = false;
else
$msg .= error(sprintf("Please enter needed angels for type %s.", $angeltype), true);
$count = "0";
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['id']) . ", `count`=" . sql_escape($count));
}
}
header("Location: " . page_link_to("admin_rooms"));
} else
return error("No Room found.", true);
break;
case 'delete' :
if ($ok) {
if (isset ($_REQUEST['RID']) & & preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
$rid = $_REQUEST['RID'] ;
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
else
foreach ($angeltypes_count as $angeltype_id => $angeltype_count)
return error("Incomplete call, missing Room ID.", true );
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($id) . ", `angel_type_id`=" . sql_escape($angeltype_id) . ", `count`=" . sql_escape($angeltype_count));
if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) {
success("Room saved.");
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
redirect(page_link_to("admin_rooms"));
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1");
}
header("Location: " . page_link_to("admin_rooms"));
}
} else
$angeltypes_count_form = array ();
return error("No Room found.", true);
foreach ($angeltypes as $angeltype_id => $angeltype)
break;
$angeltypes_count_form[] = form_text('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]);
return page(array (
buttons(array (
button(page_link_to('admin_rooms'), "Back", 'back')
)),
$msg,
form(array (
form_text('name', "Name", $name),
form_checkbox('from_pentabarf', "Pentabarf-Import", $from_pentabarf),
form_checkbox('public', "Public", $public),
form_text('number', "Number", $number),
form_info("Needed angels:", ""),
join($angeltypes_count_form),
form_submit('submit', 'Save')
))
));
}
elseif ($_REQUEST['show'] == 'delete') {
if (isset ($_REQUEST['ack'])) {
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id) . " LIMIT 1");
success(sprintf("Room %s deleted.", $name));
redirect(page_link_to('admin_rooms'));
}
return page(array (
buttons(array (
button(page_link_to('admin_rooms'), "Back", 'back')
)),
sprintf("Do you want to delete room %s?", $name),
buttons(array (
button(page_link_to('admin_rooms') . '& show=delete& id=' . $id . '& ack', "Delete", 'delete')
))
));
}
}
}
}
return $html;
return page(array (
buttons(array (
button(page_link_to('admin_rooms'), "Add", 'add')
)),
msg(),
table(array (
'name' => "Name",
'from_pentabarf' => "Pentabarf-Import",
'public' => "Public",
'actions' => ""
), $rooms)
));
}
}
?>
?>
Philip Häusler
13 years ago