kontakt
/
engelsystem
3
0
Fork 0
Code Issues 12 Pull Requests Projects Releases Wiki Activity

prohibit inline control structures on pages

Browse Source
main
msquare 8 years ago
parent 1ec19b46f3
commit 91dafb19ec
20 changed files with 1086 additions and 856 deletions
Show Stats Download Patch File Download Diff File

59
includes/pages/admin_active.php
Unescape Escape View File

@ -14,8 +14,9 @@ function admin_active() {
$limit = "";
$set_active = "";
if (isset($_REQUEST['search']))
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
$show_all_shifts = isset($_REQUEST['show_all_shifts']);
@ -33,8 +34,9 @@ function admin_active() {
$msg .= error(_("Please enter a number of angels to be marked as active."), true);
}
if ($ok)
if ($ok) {
$limit = " LIMIT " . $count;
}
if (isset($_REQUEST['ack'])) {
sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
$users = sql_select("
@ -67,8 +69,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
$msg = success(_("Angel has been marked as active."), true);
} else
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
$id = $_REQUEST['not_active'];
$user_source = User($id);
@ -76,8 +79,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
$msg = success(_("Angel has been marked as not active."), true);
} else
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
$id = $_REQUEST['tshirt'];
$user_source = User($id);
@ -85,8 +89,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
$msg = success(_("Angel has got a t-shirt."), true);
} else
} else {
$msg = error("Angel not found.", true);
}
} elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
$id = $_REQUEST['not_tshirt'];
$user_source = User($id);
@ -94,8 +99,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
$msg = success(_("Angel has got no t-shirt."), true);
} else
} else {
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("
@ -107,21 +113,24 @@ function admin_active() {
GROUP BY `User`.`UID`
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
$matched_users = array();
if ($search == "")
$tokens = array();
else
$matched_users = [];
if ($search == "") {
$tokens = [];
} else {
$tokens = explode(" ", $search);
}
foreach ($users as &$usr) {
if (count($tokens) > 0) {
$match = false;
foreach ($tokens as $t)
foreach ($tokens as $t) {
if (stristr($usr['Nick'], trim($t))) {
$match = true;
break;
}
if (! $match)
}
if (! $match) {
continue;
}
}
$usr['nick'] = User_Nick_render($usr);
$usr['shirt_size'] = $tshirt_sizes[$usr['Size']];
@ -131,14 +140,16 @@ function admin_active() {
$usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1);
$actions = array();
if ($usr['Aktiv'] == 0)
if ($usr['Aktiv'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("set active") . '</a>';
}
if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove active") . '</a>';
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>';
}
if ($usr['Tshirt'] == 1)
if ($usr['Tshirt'] == 1) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>';
}
$usr['actions'] = join(' ', $actions);
@ -161,18 +172,18 @@ function admin_active() {
'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>'
];
return page_with_title(admin_active_title(), array(
form(array(
return page_with_title(admin_active_title(), [
form([
form_text('search', _("Search angel:"), $search),
form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts),
form_submit('submit', _("Search"))
), page_link_to('admin_active')),
$set_active == "" ? form(array(
], page_link_to('admin_active')),
$set_active == "" ? form([
form_text('count', _("How much angels should be active?"), $count),
form_submit('set_active', _("Preview"))
)) : $set_active,
]) : $set_active,
msg(),
table(array(
table([
'nick' => _("Nickname"),
'shirt_size' => _("Size"),
'shift_count' => _("Shifts"),
@ -181,13 +192,13 @@ function admin_active() {
'force_active' => _("Forced"),
'tshirt' => _("T-shirt?"),
'actions' => ""
), $matched_users),
], $matched_users),
'<h2>' . _("Shirt statistics") . '</h2>',
table(array(
table([
'size' => _("Size"),
'needed' => _("Needed shirts"),
'given' => _("Given shirts")
), $shirt_statistics)
));
], $shirt_statistics)
]);
}
?>

46
includes/pages/admin_arrive.php
Unescape Escape View File

@ -7,8 +7,9 @@ function admin_arrive_title() {
function admin_arrive() {
$msg = "";
$search = "";
if (isset($_REQUEST['search']))
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
$id = $_REQUEST['reset'];
@ -18,8 +19,9 @@ function admin_arrive() {
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
success(_("Reset done. Angel has not arrived."));
redirect(user_link($user_source));
} else
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
$id = $_REQUEST['arrived'];
$user_source = User($id);
@ -28,8 +30,9 @@ function admin_arrive() {
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
success(_("Angel has been marked as arrived."));
redirect(user_link($user_source));
} else
} else {
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
@ -37,28 +40,32 @@ function admin_arrive() {
$planned_arrival_count_at_day = [];
$planned_departure_count_at_day = [];
$users_matched = [];
if ($search == "")
if ($search == "") {
$tokens = [];
else
} else {
$tokens = explode(" ", $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join(" ", $usr);
foreach ($tokens as $t)
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
if (! $match)
}
if (! $match) {
continue;
}
}
$usr['nick'] = User_Nick_render($usr);
if ($usr['planned_departure_date'] != null)
if ($usr['planned_departure_date'] != null) {
$usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']);
else
} else {
$usr['rendered_planned_departure_date'] = '-';
}
$usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
$usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
@ -66,22 +73,25 @@ function admin_arrive() {
if ($usr['arrival_date'] > 0) {
$day = date('Y-m-d', $usr['arrival_date']);
if (! isset($arrival_count_at_day[$day]))
if (! isset($arrival_count_at_day[$day])) {
$arrival_count_at_day[$day] = 0;
}
$arrival_count_at_day[$day] ++;
}
if ($usr['planned_arrival_date'] != null) {
$day = date('Y-m-d', $usr['planned_arrival_date']);
if (! isset($planned_arrival_count_at_day[$day]))
if (! isset($planned_arrival_count_at_day[$day])) {
$planned_arrival_count_at_day[$day] = 0;
}
$planned_arrival_count_at_day[$day] ++;
}
if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) {
$day = date('Y-m-d', $usr['planned_departure_date']);
if (! isset($planned_departure_count_at_day[$day]))
if (! isset($planned_departure_count_at_day[$day])) {
$planned_departure_count_at_day[$day] = 0;
}
$planned_departure_count_at_day[$day] ++;
}
@ -125,20 +135,20 @@ function admin_arrive() {
];
}
return page_with_title(admin_arrive_title(), array(
return page_with_title(admin_arrive_title(), [
msg(),
form(array(
form([
form_text('search', _("Search"), $search),
form_submit('submit', _("Search"))
)),
table(array(
]),
table([
'nick' => _("Nickname"),
'rendered_planned_arrival_date' => _("Planned arrival"),
'arrived' => _("Arrived?"),
'rendered_arrival_date' => _("Arrival date"),
'rendered_planned_departure_date' => _("Planned departure"),
'actions' => ""
), $users_matched),
], $users_matched),
div('row', [
div('col-md-4', [
heading(_("Planned arrival statistics"), 2),
@ -186,6 +196,6 @@ function admin_arrive() {
], $planned_departure_at_day)
])
])
));
]);
}
?>

69
includes/pages/admin_free.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php
function admin_free_title() {
return _("Free angels");
}
@ -7,25 +8,28 @@ function admin_free() {
global $privileges;
$search = "";
if (isset($_REQUEST['search']))
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
$angeltypesearch = "";
if (empty($_REQUEST['angeltype']))
if (empty($_REQUEST['angeltype'])) {
$_REQUEST['angeltype'] = '';
else {
} else {
$angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`";
if (isset($_REQUEST['confirmed_only']))
if (isset($_REQUEST['confirmed_only'])) {
$angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`";
}
$angeltypesearch .= ") ";
}
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$angel_types = array(
$angel_types = [
'' => 'alle Typen'
);
foreach ($angel_types_source as $angel_type)
];
foreach ($angel_types_source as $angel_type) {
$angel_types[$angel_type['id']] = $angel_type['name'];
}
$users = sql_select("
SELECT `User`.*
@ -37,58 +41,61 @@ function admin_free() {
GROUP BY `User`.`UID`
ORDER BY `Nick`");
$free_users_table = array();
if ($search == "")
$tokens = array();
else
$free_users_table = [];
if ($search == "") {
$tokens = [];
} else {
$tokens = explode(" ", $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join("", $usr);
foreach ($tokens as $t)
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
if (! $match)
}
if (! $match) {
continue;
}
}
$free_users_table[] = array(
$free_users_table[] = [
'name' => User_Nick_render($usr),
'shift_state' => User_shift_state_render($usr),
'dect' => $usr['DECT'],
'jabber' => $usr['jabber'],
'email' => $usr['email'],
'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs') : ''
);
];
}
return page_with_title(admin_free_title(), array(
form(array(
div('row', array(
div('col-md-4', array(
return page_with_title(admin_free_title(), [
form([
div('row', [
div('col-md-4', [
form_text('search', _("Search"), $search)
)),
div('col-md-4', array(
]),
div('col-md-4', [
form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype'])
)),
div('col-md-2', array(
]),
div('col-md-2', [
form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only']))
)),
div('col-md-2', array(
]),
div('col-md-2', [
form_submit('submit', _("Search"))
))
))
)),
table(array(
])
])
]),
table([
'name' => _("Nick"),
'shift_state' => '',
'dect' => _("DECT"),
'jabber' => _("Jabber"),
'email' => _("E-Mail"),
'actions' => ''
), $free_users_table)
));
], $free_users_table)
]);
}
?>

45
includes/pages/admin_groups.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php
function admin_groups_title() {
return _("Grouprights");
}
@ -12,63 +13,68 @@ function admin_groups() {
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
$privileges_html = array();
foreach ($privileges as $priv)
foreach ($privileges as $priv) {
$privileges_html[] = $priv['name'];
}
$groups_table[] = array(
$groups_table[] = [
'name' => $group['Name'],
'privileges' => join(', ', $privileges_html),
'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs')
);
];
}
return page_with_title(admin_groups_title(), array(
table(array(
return page_with_title(admin_groups_title(), [
table([
'name' => _("Name"),
'privileges' => _("Privileges"),
'actions' => ''
), $groups_table)
));
], $groups_table)
]);
} else {
switch ($_REQUEST["action"]) {
case 'edit':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error("Incomplete call, missing Groups ID.", true);
}
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (count($room) > 0) {
list($room) = $room;
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`");
$privileges_html = "";
$privileges_form = array();
$privileges_form = [];
foreach ($privileges as $priv) {
$privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']);
$privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']);
}
$privileges_form[] = form_submit('submit', _("Save"));
$html .= page_with_title(_("Edit group"), array(
$html .= page_with_title(_("Edit group"), [
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $id)
));
} else
]);
} else {
return error("No Group found.", true);
}
break;
case 'save':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error("Incomplete call, missing Groups ID.", true);
}
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (! is_array($_REQUEST['privileges']))
$_REQUEST['privileges'] = array();
if (! is_array($_REQUEST['privileges'])) {
$_REQUEST['privileges'] = [];
}
if (count($room) > 0) {
list($room) = $room;
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'");
$privilege_names = array();
$privilege_names = [];
foreach ($_REQUEST['privileges'] as $priv) {
if (preg_match("/^[0-9]{1,}$/", $priv)) {
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
@ -80,8 +86,9 @@ function admin_groups() {
}
engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names));
redirect(page_link_to("admin_groups"));
} else
} else {
return error("No Group found.", true);
}
break;
}
}

146
includes/pages/admin_import.php
Unescape Escape View File

@ -14,8 +14,9 @@ function admin_import() {
'input',
'check',
'import'
]))
])) {
$step = $_REQUEST['step'];
}
if ($test_handle = fopen('../import/tmp', 'w')) {
fclose($test_handle);
@ -30,11 +31,13 @@ function admin_import() {
$add_minutes_end = 15;
$shifttypes_source = ShiftTypes();
if ($shifttypes_source === false)
if ($shifttypes_source === false) {
engelsystem_error('Unable to load shifttypes.');
}
$shifttypes = [];
foreach ($shifttypes_source as $shifttype)
foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
switch ($step) {
case 'input':
@ -43,23 +46,23 @@ function admin_import() {
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']]))
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
else {
} else {
$ok = false;
error(_('Please select a shift type.'));
}
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start'])))
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
else {
} else {
$ok = false;
error(_("Please enter an amount of minutes to add to a talk's begin."));
}
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end'])))
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
else {
} else {
$ok = false;
error(_("Please enter an amount of minutes to add to a talk's end."));
}
@ -89,14 +92,14 @@ function admin_import() {
_('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import'))
]) . div('row', [
div('col-md-offset-3 col-md-6', [
form(array(
form([
form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")),
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start),
form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end),
form_file('xcal_file', _("xcal-File (.xcal)")),
form_submit('submit', _("Import"))
))
])
])
]);
}
@ -108,23 +111,23 @@ function admin_import() {
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']]))
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
else {
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start'])))
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
else {
} else {
error(_("Please enter an amount of minutes to add to a talk's begin."));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end'])))
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
else {
} else {
error(_("Please enter an amount of minutes to add to a talk's end."));
redirect(page_link_to('admin_import'));
}
@ -146,32 +149,32 @@ function admin_import() {
])
]),
'<h3>' . _("Shifts to create") . '</h3>',
table(array(
table([
'day' => _("Day"),
'start' => _("Start"),
'end' => _("End"),
'shifttype' => _('Shift type'),
'title' => _("Title"),
'room' => _("Room")
), shifts_printable($events_new, $shifttypes)),
], shifts_printable($events_new, $shifttypes)),
'<h3>' . _("Shifts to update") . '</h3>',
table(array(
table([
'day' => _("Day"),
'start' => _("Start"),
'end' => _("End"),
'shifttype' => _('Shift type'),
'title' => _("Title"),
'room' => _("Room")
), shifts_printable($events_updated, $shifttypes)),
], shifts_printable($events_updated, $shifttypes)),
'<h3>' . _("Shifts to delete") . '</h3>',
table(array(
table([
'day' => _("Day"),
'start' => _("Start"),
'end' => _("End"),
'shifttype' => _('Shift type'),
'title' => _("Title"),
'room' => _("Room")
), shifts_printable($events_deleted, $shifttypes)),
], shifts_printable($events_deleted, $shifttypes)),
form_submit('submit', _("Import"))
], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
break;
@ -182,26 +185,27 @@ function admin_import() {
redirect(page_link_to('admin_import'));
}
if (! file_exists($import_file))
if (! file_exists($import_file)) {
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']]))
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
else {
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start'])))
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
else {
} else {
error(_("Please enter an amount of minutes to add to a talk's begin."));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end'])))
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
else {
} else {
error(_("Please enter an amount of minutes to add to a talk's end."));
redirect(page_link_to('admin_import'));
}
@ -209,33 +213,38 @@ function admin_import() {
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) {
$result = Room_create($room, true, true);
if ($result === false)
if ($result === false) {
engelsystem_error('Unable to create room.');
}
$rooms_import[trim($room)] = sql_id();
}
foreach ($rooms_deleted as $room)
foreach ($rooms_deleted as $room) {
sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
}
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
foreach ($events_new as $event) {
$result = Shift_create($event);
if ($result === false)
if ($result === false) {
engelsystem_error('Unable to create shift.');
}
}
foreach ($events_updated as $event) {
$result = Shift_update_by_psid($event);
if ($result === false)
if ($result === false) {
engelsystem_error('Unable to update shift.');
}
}
foreach ($events_deleted as $event) {
$result = Shift_delete_by_psid($event['PSID']);
if ($result === false)
if ($result === false) {
engelsystem_error('Unable to delete shift.');
}
}
engelsystem_log("Pentabarf import done");
engelsystem_log("Frab import done");
unlink($import_file);
@ -258,30 +267,31 @@ function prepare_rooms($file) {
$data = read_xml($file);
// Load rooms from db for compare with input
$rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'");
$rooms_db = array();
$rooms_import = array();
$rooms = sql_select("SELECT * FROM `Room`");
$rooms_db = [];
$rooms_import = [];
foreach ($rooms as $room) {
$rooms_db[] = (string) $room['Name'];
$rooms_import[$room['Name']] = $room['RID'];
}
$events = $data->vcalendar->vevent;
$rooms_pb = array();
$rooms_pb = [];
foreach ($events as $event) {
$rooms_pb[] = (string) $event->location;
if (! isset($rooms_import[trim($event->location)]))
if (! isset($rooms_import[trim($event->location)])) {
$rooms_import[trim($event->location)] = trim($event->location);
}
}
$rooms_pb = array_unique($rooms_pb);
$rooms_new = array_diff($rooms_pb, $rooms_db);
$rooms_deleted = array_diff($rooms_db, $rooms_pb);
return array(
return [
$rooms_new,
$rooms_deleted
);
];
}
function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) {
@ -289,17 +299,18 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
$data = read_xml($file);
$rooms = sql_select("SELECT * FROM `Room`");
$rooms_db = array();
foreach ($rooms as $room)
$rooms_db = [];
foreach ($rooms as $room) {
$rooms_db[$room['Name']] = $room['RID'];
}
$events = $data->vcalendar->vevent;
$shifts_pb = array();
$shifts_pb = [];
foreach ($events as $event) {
$event_pb = $event->children("http://pentabarf.org");
$event_id = trim($event_pb->{
'event-id' });
$shifts_pb[$event_id] = array(
$shifts_pb[$event_id] = [
'shifttype_id' => $shifttype_id,
'start' => DateTime::createFromFormat("Ymd\THis", $event->dtstart)->getTimestamp() - $add_minutes_start * 60,
'end' => DateTime::createFromFormat("Ymd\THis", $event->dtend)->getTimestamp() + $add_minutes_end * 60,
@ -307,41 +318,47 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
'title' => trim($event->summary),
'URL' => trim($event->url),
'PSID' => $event_id
);
];
}
$shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`");
$shifts_db = array();
foreach ($shifts as $shift)
$shifts_db = [];
foreach ($shifts as $shift) {
$shifts_db[$shift['PSID']] = $shift;
}
$shifts_new = [];
$shifts_updated = [];
foreach ($shifts_pb as $shift)
if (! isset($shifts_db[$shift['PSID']]))
foreach ($shifts_pb as $shift) {
if (! isset($shifts_db[$shift['PSID']])) {
$shifts_new[] = $shift;
else {
} else {
$tmp = $shifts_db[$shift['PSID']];
if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL'])
if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL']) {
$shifts_updated[] = $shift;
}
}
}
$shifts_deleted = array();
foreach ($shifts_db as $shift)
if (! isset($shifts_pb[$shift['PSID']]))
$shifts_deleted = [];
foreach ($shifts_db as $shift) {
if (! isset($shifts_pb[$shift['PSID']])) {
$shifts_deleted[] = $shift;
}
}
return array(
return [
$shifts_new,
$shifts_updated,
$shifts_deleted
);
];
}
function read_xml($file) {
global $xml_import;
if (! isset($xml_import))
if (! isset($xml_import)) {
$xml_import = simplexml_load_file($file);
}
return $xml_import;
}
@ -351,9 +368,9 @@ function shifts_printable($shifts, $shifttypes) {
uasort($shifts, 'shift_sort');
$shifts_printable = array();
foreach ($shifts as $shift)
$shifts_printable[] = array(
$shifts_printable = [];
foreach ($shifts as $shift) {
$shifts_printable[] = [
'day' => date("l, Y-m-d", $shift['start']),
'start' => date("H:i", $shift['start']),
'shifttype' => ShiftType_name_render([
@ -363,7 +380,8 @@ function shifts_printable($shifts, $shifttypes) {
'title' => shorten($shift['title']),
'end' => date("H:i", $shift['end']),
'room' => $rooms[$shift['RID']]
);
];
}
return $shifts_printable;
}

26
includes/pages/admin_log.php
Unescape Escape View File

@ -1,10 +1,10 @@
<?php
function admin_log_title() {
return _("Log");
}
function admin_log() {
if (isset($_POST['keyword'])) {
$filter = $_POST['keyword'];
$log_entries_source = LogEntries_filter($_POST['keyword']);
@ -12,24 +12,24 @@ function admin_log() {
$filter = "";
$log_entries_source = LogEntries();
}
$log_entries = array();
$log_entries = [];
foreach ($log_entries_source as $log_entry) {
$log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']);
$log_entries[] = $log_entry;
}
return page_with_title(admin_log_title(), array(
return page_with_title(admin_log_title(), [
msg(),
form(array(
form_text('keyword', _("Search"), $filter),
form_submit(_("Search"), "Go")
)),
table(array(
form([
form_text('keyword', _("Search"), $filter),
form_submit(_("Search"), "Go")
]),
table([
'date' => "Time",
'nick' => "Angel",
'message' => "Log Entry"
), $log_entries)
));
'message' => "Log Entry"
], $log_entries)
]);
}
?>

13
includes/pages/admin_news.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php
function admin_news() {
global $user;
@ -6,10 +7,11 @@ function admin_news() {
redirect(page_link_to("news"));
} else {
$html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg();
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error("Incomplete call, missing News ID.", true);
}
$news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
if (count($news) > 0) {
@ -20,17 +22,18 @@ function admin_news() {
list($news) = $news;
$user_source = User($news['UID']);
if ($user_source === false)
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
$html .= form(array(
$html .= form([
form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])),
form_info(_("Author"), User_Nick_render($user_source)),
form_text('eBetreff', _("Subject"), $news['Betreff']),
form_textarea('eText', _("Message"), $news['Text']),
form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1),
form_submit('submit', _("Save"))
), page_link_to('admin_news&action=save&id=' . $id));
], page_link_to('admin_news&action=save&id=' . $id));
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
break;

92
includes/pages/admin_questions.php
Unescape Escape View File

@ -1,113 +1,123 @@
<?php
function admin_questions_title() {
return _("Answer questions");
}
function admin_new_questions() {
global $privileges;
if (in_array("admin_questions", $privileges)) {
$new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID` IS NULL");
if ($new_messages > 0)
if ($new_messages > 0) {
return info('<a href="' . page_link_to("admin_questions") . '">' . _('There are unanswered questions!') . '</a>', true);
}
}
return "";
}
function admin_questions() {
global $user;
if (! isset($_REQUEST['action'])) {
$unanswered_questions_table = array();
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
if ($user_source === false)
if ($user_source === false) {
engelsystem_error("Unable to load user.");
$unanswered_questions_table[] = array(
}
$unanswered_questions_table[] = [
'from' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']),
'answer' => form(array(
'answer' => form([
form_textarea('answer', '', ''),
form_submit('submit', _("Save"))
), page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
);
form_submit('submit', _("Save"))
], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
];
}
$answered_questions_table = array();
$answered_questions_table = [];
$questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
if ($user_source === false)
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
$answer_user_source = User($question['AID']);
if ($answer_user_source === false)
if ($answer_user_source === false) {
engelsystem_error("Unable to load user.");
$answered_questions_table[] = array(
}
$answered_questions_table[] = [
'from' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']),
'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", "<br />", $question['Answer']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
);
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
];
}
return page_with_title(admin_questions_title(), array(
return page_with_title(admin_questions_title(), [
'<h2>' . _("Unanswered questions") . '</h2>',
table(array(
table([
'from' => _("From"),
'question' => _("Question"),
'answer' => _("Answer"),
'actions' => ''
), $unanswered_questions_table),
'actions' => ''
], $unanswered_questions_table),
'<h2>' . _("Answered questions") . '</h2>',
table(array(
table([
'from' => _("From"),
'question' => _("Question"),
'answered_by' => _("Answered by"),
'answer' => _("Answer"),
'actions' => ''
), $answered_questions_table)
));
'actions' => ''
], $answered_questions_table)
]);
} else {
switch ($_REQUEST['action']) {
case 'answer':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions"));
} else
return error("Gib eine Antwort ein!", true);
} else
} else {
return error("Enter an answer!", true);
}
} else {
return error("No question found.", true);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']);
redirect(page_link_to("admin_questions"));
} else
} else {
return error("No question found.", true);
}
break;
}
}

116
includes/pages/admin_rooms.php
Unescape Escape View File

@ -6,17 +6,18 @@ function admin_rooms_title() {
function admin_rooms() {
$rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = array();
foreach ($rooms_source as $room)
$rooms[] = array(
$rooms = [];
foreach ($rooms_source as $room) {
$rooms[] = [
'name' => $room['Name'],
'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '&#10003;' : '',
'public' => $room['show'] == 'Y' ? '&#10003;' : '',
'actions' => buttons(array(
'actions' => buttons([
button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'),
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs')
))
);
])
];
}
$room = null;
if (isset($_REQUEST['show'])) {
@ -27,8 +28,8 @@ function admin_rooms() {
$number = "";
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes = array();
$angeltypes_count = array();
$angeltypes = [];
$angeltypes_count = [];
foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype['name'];
$angeltypes_count[$angeltype['id']] = 0;
@ -43,10 +44,12 @@ function admin_rooms() {
$public = $room[0]['show'];
$number = $room[0]['Number'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
foreach ($needed_angeltypes as $needed_angeltype)
foreach ($needed_angeltypes as $needed_angeltype) {
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
} else
}
} else {
redirect(page_link_to('admin_rooms'));
}
}
if ($_REQUEST['show'] == 'edit') {
@ -64,25 +67,28 @@ function admin_rooms() {
$msg .= error(_("Please enter a name."), true);
}
if (isset($_REQUEST['from_pentabarf']))
if (isset($_REQUEST['from_pentabarf'])) {
$from_pentabarf = 'Y';
else
} else {
$from_pentabarf = '';
}
if (isset($_REQUEST['public']))
if (isset($_REQUEST['public'])) {
$public = 'Y';
else
} else {
$public = '';
}
if (isset($_REQUEST['number']))
if (isset($_REQUEST['number'])) {
$number = strip_request_item('number');
else
} else {
$ok = false;
}
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id]))
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
else {
} else {
$ok = false;
$msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
}
@ -94,8 +100,9 @@ function admin_rooms() {
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
} else {
$id = Room_create($name, $from_pentabarf, $public, $number);
if ($id === false)
if ($id === false) {
engelsystem_error("Unable to create room.");
}
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
}
@ -103,8 +110,9 @@ function admin_rooms() {
$needed_angeltype_info = array();
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
$angeltype = AngelType($angeltype_id);
if ($angeltype === false)
if ($angeltype === false) {
engelsystem_error("Unable to load angeltype.");
}
if ($angeltype != null) {
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
@ -116,70 +124,72 @@ function admin_rooms() {
redirect(page_link_to("admin_rooms"));
}
}
$angeltypes_count_form = array();
foreach ($angeltypes as $angeltype_id => $angeltype)
$angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(
$angeltypes_count_form = [];
foreach ($angeltypes as $angeltype_id => $angeltype) {
$angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [
form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id])
));
]);
}
return page_with_title(admin_rooms_title(), array(
buttons(array(
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms'), _("back"), 'back')
)),
]),
$msg,
form(array(
div('row', array(
div('col-md-6', array(
form([
div('row', [
div('col-md-6', [
form_text('name', _("Name"), $name),
form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf),
form_checkbox('public', _("Public"), $public),
form_text('number', _("Room number"), $number)
)),
div('col-md-6', array(
div('row', array(
div('col-md-12', array(
]),
div('col-md-6', [
div('row', [
div('col-md-12', [
form_info(_("Needed angels:"))
)),
]),
join($angeltypes_count_form)
))
))
)),
])
])
]),
form_submit('submit', _("Save"))
))
));
])
]);
} elseif ($_REQUEST['show'] == 'delete') {
if (isset($_REQUEST['ack'])) {
if (! Room_delete($id))
if (! Room_delete($id)) {
engelsystem_error("Unable to delete room.");
}
engelsystem_log("Room deleted: " . $name);
success(sprintf(_("Room %s deleted."), $name));
redirect(page_link_to('admin_rooms'));
}
return page_with_title(admin_rooms_title(), array(
buttons(array(
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms'), _("back"), 'back')
)),
]),
sprintf(_("Do you want to delete room %s?"), $name),
buttons(array(
buttons([
button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete')
))
));
])
]);
}
}
return page_with_title(admin_rooms_title(), array(
buttons(array(
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms') . '&show=edit', _("add"))
)),
]),
msg(),
table(array(
table([
'name' => _("Name"),
'from_pentabarf' => _("Frab import"),
'public' => _("Public"),
'actions' => ""
), $rooms)
));
], $rooms)
]);
}
?>

173
includes/pages/admin_shifts.php
Unescape Escape View File

@ -14,40 +14,46 @@ function admin_shifts() {
$mode = 'single';
$angelmode = 'manually';
$length = '';
$change_hours = array();
$change_hours = [];
$title = "";
$shifttype_id = null;
// Locations laden (auch unsichtbare - fuer Erzengel ist das ok)
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$room_array = array();
foreach ($rooms as $room)
$room_array = [];
foreach ($rooms as $room) {
$room_array[$room['RID']] = $room['Name'];
// Engeltypen laden
}
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$needed_angel_types = array();
foreach ($types as $type)
$needed_angel_types = [];
foreach ($types as $type) {
$needed_angel_types[$type['id']] = 0;
// Load shift types
}
// Load shift types
$shifttypes_source = ShiftTypes();
if ($shifttypes_source === false)
if ($shifttypes_source === false) {
engelsystem_error('Unable to load shift types.');
}
$shifttypes = [];
foreach ($shifttypes_source as $shifttype)
foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
if (isset($_REQUEST['shifttype_id'])) {
$shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false)
if ($shifttype === false) {
engelsystem_error('Unable to load shift type.');
}
if ($shifttype == null) {
$ok = false;
error(_('Please select a shift type.'));
} else
} else {
$shifttype_id = $_REQUEST['shifttype_id'];
}
} else {
$ok = false;
error(_('Please select a shift type.'));
@ -57,24 +63,24 @@ function admin_shifts() {
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']]))
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
$rid = $_REQUEST['rid'];
else {
} else {
$ok = false;
$rid = $rooms[0]['RID'];
error(_('Please select a location.'));
}
if (isset($_REQUEST['start']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
if (isset($_REQUEST['start']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start']))) {
$start = $tmp->getTimestamp();
else {
} else {
$ok = false;
error(_('Please select a start time.'));
}
if (isset($_REQUEST['end']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))
if (isset($_REQUEST['end']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end']))) {
$end = $tmp->getTimestamp();
else {
} else {
$ok = false;
error(_('Please select an end time.'));
}
@ -136,43 +142,47 @@ function admin_shifts() {
}
// Beim Zurück-Knopf das Formular zeigen
if (isset($_REQUEST['back']))
if (isset($_REQUEST['back'])) {
$ok = false;
// Alle Eingaben in Ordnung
}
// Alle Eingaben in Ordnung
if ($ok) {
if ($angelmode == 'location') {
$needed_angel_types = array();
$needed_angel_types = [];
$needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
foreach ($needed_angel_types_location as $type)
foreach ($needed_angel_types_location as $type) {
$needed_angel_types[$type['angel_type_id']] = $type['count'];
}
}
$shifts = array();
$shifts = [];
if ($mode == 'single') {
$shifts[] = array(
$shifts[] = [
'start' => $start,
'end' => $end,
'RID' => $rid,
'title' => $title,
'shifttype_id' => $shifttype_id
);
];
} elseif ($mode == 'multi') {
$shift_start = $start;
do {
$shift_end = $shift_start + $length * 60;
if ($shift_end > $end)
if ($shift_end > $end) {
$shift_end = $end;
if ($shift_start >= $shift_end)
}
if ($shift_start >= $shift_end) {
break;
}
$shifts[] = array(
$shifts[] = [
'start' => $shift_start,
'end' => $shift_end,
'RID' => $rid,
'title' => $title,
'shifttype_id' => $shifttype_id
);
];
$shift_start = $shift_end;
} while ($shift_end < $end);
@ -182,14 +192,15 @@ function admin_shifts() {
$change_index = 0;
// Ersten/nächsten passenden Schichtwechsel suchen
foreach ($change_hours as $i => $change_hour) {
if ($start < $day + $change_hour * 60 * 60)
if ($start < $day + $change_hour * 60 * 60) {
$change_index = $i;
elseif ($start == $day + $change_hour * 60 * 60) {
} elseif ($start == $day + $change_hour * 60 * 60) {
// Start trifft Schichtwechsel
$change_index = ($i + count($change_hours) - 1) % count($change_hours);
break;
} else
} else {
break;
}
}
$shift_start = $start;
@ -197,35 +208,38 @@ function admin_shifts() {
$day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00")->getTimestamp();
$shift_end = $day + $change_hours[$change_index] * 60 * 60;
if ($shift_end > $end)
if ($shift_end > $end) {
$shift_end = $end;
if ($shift_start >= $shift_end)
}
if ($shift_start >= $shift_end) {
$shift_end += 24 * 60 * 60;
}
$shifts[] = array(
$shifts[] = [
'start' => $shift_start,
'end' => $shift_end,
'RID' => $rid,
'title' => $title,
'shifttype_id' => $shifttype_id
);
];
$shift_start = $shift_end;
$change_index = ($change_index + count($change_hours) - 1) % count($change_hours);
} while ($shift_end < $end);
}
$shifts_table = array();
$shifts_table = [];
foreach ($shifts as $shift) {
$shifts_table_entry = [
'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])),
'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''),
'needed_angels' => ''
];
foreach ($types as $type)
if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0)
foreach ($types as $type) {
if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) {
$shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />';
}
}
$shifts_table[] = $shifts_table_entry;
}
@ -234,10 +248,11 @@ function admin_shifts() {
$_SESSION['admin_shifts_types'] = $needed_angel_types;
$hidden_types = "";
foreach ($needed_angel_types as $type_id => $count)
foreach ($needed_angel_types as $type_id => $count) {
$hidden_types .= form_hidden('type_' . $type_id, $count);
return page_with_title(_("Preview"), array(
form(array(
}
return page_with_title(_("Preview"), [
form([
$hidden_types,
form_hidden('shifttype_id', $shifttype_id),
form_hidden('title', $title),
@ -249,28 +264,30 @@ function admin_shifts() {
form_hidden('change_hours', implode(', ', $change_hours)),
form_hidden('angelmode', $angelmode),
form_submit('back', _("back")),
table(array(
table([
'timeslot' => _('Time and location'),
'title' => _('Type and title'),
'needed_angels' => _('Needed angels')
), $shifts_table),
], $shifts_table),
form_submit('submit', _("Save"))
))
));
])
]);
}
} elseif (isset($_REQUEST['submit'])) {
if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types']))
if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) {
redirect(page_link_to('admin_shifts'));
}
foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
$shift['URL'] = null;
$shift['PSID'] = null;
$shift_id = Shift_create($shift);
if ($shift_id === false)
if ($shift_id === false) {
engelsystem_error('Unable to create shift.');
}
engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
$needed_angel_types_info = array();
$needed_angel_types_info = [];
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
if (count($angel_type_source) > 0) {
@ -288,38 +305,42 @@ function admin_shifts() {
unset($_SESSION['admin_shifts_types']);
}
if (! isset($_REQUEST['rid']))
if (! isset($_REQUEST['rid'])) {
$_REQUEST['rid'] = null;
}
$angel_types = "";
foreach ($types as $type)
foreach ($types as $type) {
$angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>';
}
return page_with_title(admin_shifts_title(), array(
return page_with_title(admin_shifts_title(), [
msg(),
form(array(
form([
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_text('title', _("Title"), $title),
form_select('rid', _("Room"), $room_array, $_REQUEST['rid']),
'<div class="row">',
'<div class="col-md-6">',
form_text('start', _("Start"), date("Y-m-d H:i", $start)),
form_text('end', _("End"), date("Y-m-d H:i", $end)),
form_info(_("Mode"), ''),
form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'),
'</div>',
'<div class="col-md-6">',
form_info(_("Needed angels"), ''),
form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
'<div class="row">'.$angel_types.'</div>',
'</div>',
'</div>',
div('row', [
div('col-md-6', [
form_text('start', _("Start"), date("Y-m-d H:i", $start)),
form_text('end', _("End"), date("Y-m-d H:i", $end)),
form_info(_("Mode"), ''),
form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22')
]),
div('col-md-6', [
form_info(_("Needed angels"), ''),
form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
div('row', [
$angel_types
])
])
]),
form_submit('preview', _("Preview"))
))
));
])
]);
}
?>

41
includes/pages/admin_user.php
Unescape Escape View File

@ -9,14 +9,16 @@ function admin_user() {
$html = '';
if (! isset($_REQUEST['id']))
if (! isset($_REQUEST['id'])) {
redirect(users_link());
}
$id = $_REQUEST['id'];
if (! isset($_REQUEST['action'])) {
$user_source = User($id);
if ($user_source === false)
if ($user_source === false) {
engelsystem_error('Unable to load user.');
}
if ($user_source == null) {
error(_('This user does not exist.'));
redirect(users_link());
@ -42,10 +44,10 @@ function admin_user() {
$html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
$options = array(
'1' => "Yes",
'0' => "No"
);
$options = [
'1' => _("Yes"),
'0' => _("No")
];
// Gekommen?
$html .= " <tr><td>Gekommen</td><td>\n";
@ -90,20 +92,23 @@ function admin_user() {
$html .= "<hr />";
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
if (count($my_highest_group) > 0)
if (count($my_highest_group) > 0) {
$my_highest_group = $my_highest_group[0]['group_id'];
}
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1");
if (count($his_highest_group) > 0)
if (count($his_highest_group) > 0) {
$his_highest_group = $his_highest_group[0]['group_id'];
}
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
$html .= '<table>';
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
foreach ($groups as $group)
foreach ($groups as $group) {
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
}
$html .= '</table>';
@ -127,18 +132,19 @@ function admin_user() {
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
$groups = array();
$grouplist = array();
$groups = [];
$grouplist = [];
foreach ($groups_source as $group) {
$groups[$group['UID']] = $group;
$grouplist[] = $group['UID'];
}
if (! is_array($_REQUEST['groups']))
$_REQUEST['groups'] = array();
if (! is_array($_REQUEST['groups'])) {
$_REQUEST['groups'] = [];
}
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
$user_groups_info = array();
$user_groups_info = [];
foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) {
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
@ -158,8 +164,9 @@ function admin_user() {
case 'save':
$force_active = $user['force_active'];
if (in_array('admin_active', $privileges))
if (in_array('admin_active', $privileges)) {
$force_active = $_REQUEST['force_active'];
}
$SQL = "UPDATE `User` SET
`Nick` = '" . sql_escape($_POST["eNick"]) . "',
`Name` = '" . sql_escape($_POST["eName"]) . "',
@ -197,8 +204,8 @@ function admin_user() {
}
}
return page_with_title(_('Edit user'), array(
return page_with_title(_("Edit user"), [
$html
));
]);
}
?>

2
includes/pages/guest_credits.php
Unescape Escape View File

@ -4,6 +4,6 @@ function credits_title() {
}
function guest_credits() {
return template_render('../templates/guest_credits.html', array());
return template_render('../templates/guest_credits.html', []);
}
?>

151
includes/pages/guest_login.php
Unescape Escape View File

@ -17,8 +17,9 @@ function guest_register() {
global $tshirt_sizes, $enable_tshirt_size, $default_theme, $user;
$event_config = EventConfig();
if ($event_config === false)
if ($event_config === false) {
engelsystem_error("Unable to load event config.");
}
$msg = "";
$nick = "";
@ -35,15 +36,16 @@ function guest_register() {
$comment = "";
$tshirt_size = '';
$password_hash = "";
$selected_angel_types = array();
$selected_angel_types = [];
$planned_arrival_date = null;
$angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array();
$angel_types = [];
foreach ($angel_types_source as $angel_type) {
$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
if (! $angel_type['restricted'])
if (! $angel_type['restricted']) {
$selected_angel_types[] = $angel_type['id'];
}
}
if (isset($_REQUEST['submit'])) {
@ -71,8 +73,9 @@ function guest_register() {
$msg .= error(_("Please enter your e-mail."), true);
}
if (isset($_REQUEST['email_shiftinfo']))
if (isset($_REQUEST['email_shiftinfo'])) {
$email_shiftinfo = true;
}
if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
$jabber = strip_request_item('jabber');
@ -83,9 +86,9 @@ function guest_register() {
}
if ($enable_tshirt_size) {
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '')
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') {
$tshirt_size = $_REQUEST['tshirt_size'];
else {
} else {
$ok = false;
$msg .= error(_("Please select your shirt size."), true);
}
@ -108,28 +111,38 @@ function guest_register() {
$msg .= error(_("Please enter your planned date of arrival."), true);
}
$selected_angel_types = array();
foreach (array_keys($angel_types) as $angel_type_id)
if (isset($_REQUEST['angel_types_' . $angel_type_id]))
$selected_angel_types = [];
foreach (array_keys($angel_types) as $angel_type_id) {
if (isset($_REQUEST['angel_types_' . $angel_type_id])) {
$selected_angel_types[] = $angel_type_id;
// Trivia
if (isset($_REQUEST['lastname']))
}
}
// Trivia
if (isset($_REQUEST['lastname'])) {
$lastname = strip_request_item('lastname');
if (isset($_REQUEST['prename']))
}
if (isset($_REQUEST['prename'])) {
$prename = strip_request_item('prename');
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
}
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) {
$age = strip_request_item('age');
if (isset($_REQUEST['tel']))
}
if (isset($_REQUEST['tel'])) {
$tel = strip_request_item('tel');
if (isset($_REQUEST['dect']))
}
if (isset($_REQUEST['dect'])) {
$dect = strip_request_item('dect');
if (isset($_REQUEST['mobile']))
}
if (isset($_REQUEST['mobile'])) {
$mobile = strip_request_item('mobile');
if (isset($_REQUEST['hometown']))
}
if (isset($_REQUEST['hometown'])) {
$hometown = strip_request_item('hometown');
if (isset($_REQUEST['comment']))
}
if (isset($_REQUEST['comment'])) {
$comment = strip_request_item_nl('comment');
}
if ($ok) {
sql_query("
@ -160,7 +173,7 @@ function guest_register() {
set_password($user_id, $_REQUEST['password']);
// Assign angel-types
$user_angel_types_info = array();
$user_angel_types_info = [];
foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'");
$user_angel_types_info[] = $angel_types[$selected_angel_type_id];
@ -183,77 +196,77 @@ function guest_register() {
}
}
return page_with_title(register_title(), array(
return page_with_title(register_title(), [
_("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task sheduler."),
$msg,
msg(),
form(array(
div('row', array(
div('col-md-6', array(
div('row', array(
div('col-sm-4', array(
form([
div('row', [
div('col-md-6', [
div('row', [
div('col-sm-4', [
form_text('nick', _("Nick") . ' ' . entry_required(), $nick)
)),
div('col-sm-8', array(
]),
div('col-sm-8', [
form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail),
form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo)
))
)),
div('row', array(
div('col-sm-6', array(
])
]),
div('row', [
div('col-sm-6', [
form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time())
)),
div('col-sm-6', array(
]),
div('col-sm-6', [
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : ''
))
)),
div('row', array(
div('col-sm-6', array(
])
]),
div('row', [
div('col-sm-6', [
form_password('password', _("Password") . ' ' . entry_required())
)),
div('col-sm-6', array(
]),
div('col-sm-6', [
form_password('password2', _("Confirm password") . ' ' . entry_required())
))
)),
])
]),
form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types),
form_info("", _("Restricted angel types need will be confirmed later by an archangel. You can change your selection in the options section."))
)),
div('col-md-6', array(
div('row', array(
div('col-sm-4', array(
]),
div('col-md-6', [
div('row', [
div('col-sm-4', [
form_text('dect', _("DECT"), $dect)
)),
div('col-sm-4', array(
]),
div('col-sm-4', [
form_text('mobile', _("Mobile"), $mobile)
)),
div('col-sm-4', array(
]),
div('col-sm-4', [
form_text('tel', _("Phone"), $tel)
))
)),
])
]),
form_text('jabber', _("Jabber"), $jabber),
div('row', array(
div('col-sm-6', array(
div('row', [
div('col-sm-6', [
form_text('prename', _("First name"), $prename)
)),
div('col-sm-6', array(
]),
div('col-sm-6', [
form_text('lastname', _("Last name"), $lastname)
))
)),
div('row', array(
div('col-sm-3', array(
])
]),
div('row', [
div('col-sm-3', [
form_text('age', _("Age"), $age)
)),
div('col-sm-9', array(
]),
div('col-sm-9', [
form_text('hometown', _("Hometown"), $hometown)
))
)),
])
]),
form_info(entry_required() . ' = ' . _("Entry required!"))
))
)),
])
]),
// form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment),
form_submit('submit', _("Register"))
))
));
])
]);
}
function entry_required() {

3
includes/pages/user_ical.php
Unescape Escape View File

@ -19,8 +19,9 @@ function user_ical() {
engelsystem_error("Key invalid.");
}
if (! in_array('ical', privileges_for_user($user['UID'])))
if (! in_array('ical', privileges_for_user($user['UID']))) {
engelsystem_error("No privilege for ical.");
}
$ical_shifts = load_ical_shifts();

54
includes/pages/user_messages.php
Unescape Escape View File

@ -9,8 +9,9 @@ function user_unread_messages() {
if (isset($user)) {
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
if ($new_messages > 0)
if ($new_messages > 0) {
return ' <span class="badge danger">' . $new_messages . '</span>';
}
}
return '';
}
@ -21,12 +22,13 @@ function user_messages() {
if (! isset($_REQUEST['action'])) {
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
$to_select_data = array(
$to_select_data = [
"" => _("Select recipient...")
);
];
foreach ($users as $u)
foreach ($users as $u) {
$to_select_data[$u['UID']] = $u['Nick'];
}
$to_select = html_select_key('to', 'to', $to_select_data, '');
@ -45,70 +47,78 @@ function user_messages() {
foreach ($messages as $message) {
$sender_user_source = User($message['SUID']);
if ($sender_user_source === false)
if ($sender_user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$receiver_user_source = User($message['RUID']);
if ($receiver_user_source === false)
if ($receiver_user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$messages_table_entry = array(
$messages_table_entry = [
'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',
'timestamp' => date("Y-m-d H:i", $message['Datum']),
'from' => User_Nick_render($sender_user_source),
'to' => User_Nick_render($receiver_user_source),
'text' => str_replace("\n", '<br />', $message['Text'])
);
];
if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N')
if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs');
} else
}
} else {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs');
}
$messages_table[] = $messages_table_entry;
}
return page_with_title(messages_title(), array(
return page_with_title(messages_title(), [
msg(),
sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)),
form(array(
table(array(
form([
table([
'new' => _("New"),
'timestamp' => _("Date"),
'from' => _("Transmitted"),
'to' => _("Recipient"),
'text' => _("Message"),
'actions' => ''
), $messages_table)
), page_link_to('user_messages') . '&action=send')
));
], $messages_table)
], page_link_to('user_messages') . '&action=send')
]);
} else {
switch ($_REQUEST['action']) {
case "read":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error(_("Incomplete call, missing Message ID."), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
} else
} else {
return error(_("No Message found."), true);
}
break;
case "delete":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error(_("Incomplete call, missing Message ID."), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
} else
} else {
return error(_("No Message found."), true);
}
break;
case "send":

20
includes/pages/user_myshifts.php
Unescape Escape View File

@ -23,10 +23,10 @@ function user_myshifts() {
success(_("Key changed."));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
return page_with_title(_("Reset API key"), array(
return page_with_title(_("Reset API key"), [
error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true),
button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
));
]);
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit'];
$shift = sql_select("SELECT
@ -65,14 +65,15 @@ function user_myshifts() {
$user_source = User($shift['UID']);
if ($ok) {
$result = ShiftEntry_update(array(
$result = ShiftEntry_update([
'id' => $id,
'Comment' => $comment,
'freeloaded' => $freeloaded,
'freeload_comment' => $freeload_comment
));
if ($result === false)
]);
if ($result === false) {
engelsystem_error('Unable to update shift entry.');
}
engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
success(_("Shift saved."));
@ -94,18 +95,21 @@ function user_myshifts() {
$shift = $shift[0];
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
$result = ShiftEntry_delete($id);
if ($result === false)
if ($result === false) {
engelsystem_error('Unable to delete shift entry.');
}
$room = Room($shift['RID']);
$angeltype = AngelType($shift['TID']);
$shifttype = ShiftType($shift['shifttype_id']);
engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
success(_("Shift canceled."));
} else
} else {
error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
} else
}
} else {
redirect(user_link($shifts_user));
}
}
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);

104
includes/pages/user_news.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php
function user_news_comments_title() {
return _("News comments");
}
@ -13,57 +14,62 @@ function meetings_title() {
function user_meetings() {
global $DISPLAY_NEWS;
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
$page = $_REQUEST['page'];
else
} else {
$page = 0;
}
$news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
foreach ($news as $entry)
foreach ($news as $entry) {
$html .= display_news($entry);
}
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i ++) {
if (isset($_REQUEST['page']) && $i == $_REQUEST['page'])
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
$html .= '<li class="active">';
elseif (! isset($_REQUEST['page']) && $i == 0)
} elseif (! isset($_REQUEST['page']) && $i == 0) {
$html .= '<li class="active">';
else
} else {
$html .= '<li>';
}
$html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
}
$html .= '</ul></div></div>';
return $html;
}
function display_news($news) {
global $privileges, $p;
$html = '';
$html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">';
$html .= '<div class="panel-heading">';
$html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
$html .= '</div>';
$html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';
$html .= '<div class="panel-footer text-muted">';
if (in_array("admin_news", $privileges))
if (in_array("admin_news", $privileges)) {
$html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>';
}
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';
$user_source = User($news['UID']);
if ($user_source === false)
if ($user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$html .= User_Nick_render($user_source);
if ($p != "news_comments")
if ($p != "news_comments") {
$html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' &raquo;</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>';
}
$html .= '</div>';
$html .= '</div>';
return $html;
@ -71,7 +77,7 @@ function display_news($news) {
function user_news_comments() {
global $user;
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
$nid = $_REQUEST["nid"];
@ -82,15 +88,16 @@ function user_news_comments() {
engelsystem_log("Created news_comment: " . $text);
$html .= success(_("Entry saved."), true);
}
$html .= display_news($news);
$comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
foreach ($comments as $comment) {
$user_source = User($comment['UID']);
if ($user_source === false)
if ($user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$html .= '<div class="panel panel-default">';
$html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';
$html .= '<div class="panel-footer text-muted">';
@ -99,66 +106,69 @@ function user_news_comments() {
$html .= '</div>';
$html .= '</div>';
}
$html .= '<hr /><h2>' . _("New Comment:") . '</h2>';
$html .= form(array(
$html .= form([
form_textarea('text', _("Message"), ''),
form_submit('submit', _("Save"))
), page_link_to('news_comments') . '&nid=' . $news['ID']);
form_submit('submit', _("Save"))
], page_link_to('news_comments') . '&nid=' . $news['ID']);
} else {
$html .= _("Invalid request.");
}
return $html . '</div>';
}
function user_news() {
global $DISPLAY_NEWS, $privileges, $user;
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) {
if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges))
if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) {
$_POST["treffen"] = 0;
}
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');");
engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
success(_("Entry saved."));
redirect(page_link_to('news'));
}
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
$page = $_REQUEST['page'];
else
} else {
$page = 0;
}
$news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
foreach ($news as $entry)
foreach ($news as $entry) {
$html .= display_news($entry);
}
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i ++) {
if (isset($_REQUEST['page']) && $i == $_REQUEST['page'])
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
$html .= '<li class="active">';
elseif (! isset($_REQUEST['page']) && $i == 0)
} elseif (! isset($_REQUEST['page']) && $i == 0) {
$html .= '<li class="active">';
else
} else {
$html .= '<li>';
}
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
}
$html .= '</ul></div>';
if (in_array("admin_news", $privileges)) {
$html .= '<hr />';
$html .= '<h2>' . _("Create news:") . '</h2>';
$html .= form(array(
$html .= form([
form_text('betreff', _("Subject"), ''),
form_textarea('text', _("Message"), ''),
form_checkbox('treffen', _("Meeting"), false, 1),
form_submit('submit', _("Save"))
));
form_submit('submit', _("Save"))
]);
}
return $html . '</div>';
}

26
includes/pages/user_questions.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php
function questions_title() {
return _("Ask an archangel");
}
@ -12,8 +13,9 @@ function user_questions() {
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
foreach ($answered_questions as &$question) {
$answer_user_source = User($question['AID']);
if ($answer_user_source === false)
if ($answer_user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$question['answer_user'] = User_Nick_render($answer_user_source);
}
@ -24,29 +26,33 @@ function user_questions() {
$question = strip_request_item_nl('question');
if ($question != "") {
$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
if ($result === false)
if ($result === false) {
engelsystem_error(_("Unable to save question."));
}
success(_("You question was saved."));
redirect(page_link_to("user_questions"));
} else
return page_with_title(questions_title(), array(
} else {
return page_with_title(questions_title(), [
error(_("Please enter a question!"), true)
));
]);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
else
} else {
return error(_("Incomplete call, missing Question ID."), true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_questions"));
} else
return page_with_title(questions_title(), array(
} else {
return page_with_title(questions_title(), [
error(_("No question found."), true)
));
]);
}
break;
}
}

85
includes/pages/user_settings.php
Unescape Escape View File

@ -50,9 +50,9 @@ function user_settings() {
}
}
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]))
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
$tshirt_size = $_REQUEST['tshirt_size'];
elseif ($enable_tshirt_size) {
} elseif ($enable_tshirt_size) {
$ok = false;
}
@ -70,24 +70,32 @@ function user_settings() {
$ok = false;
$msg .= error(_("Please enter your planned date of departure."), true);
}
} else
} else {
$planned_departure_date = null;
// Trivia
if (isset($_REQUEST['lastname']))
}
// Trivia
if (isset($_REQUEST['lastname'])) {
$lastname = strip_request_item('lastname');
if (isset($_REQUEST['prename']))
}
if (isset($_REQUEST['prename'])) {
$prename = strip_request_item('prename');
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
}
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) {
$age = strip_request_item('age');
if (isset($_REQUEST['tel']))
}
if (isset($_REQUEST['tel'])) {
$tel = strip_request_item('tel');
if (isset($_REQUEST['dect']))
}
if (isset($_REQUEST['dect'])) {
$dect = strip_request_item('dect');
if (isset($_REQUEST['mobile']))
}
if (isset($_REQUEST['mobile'])) {
$mobile = strip_request_item('mobile');
if (isset($_REQUEST['hometown']))
}
if (isset($_REQUEST['hometown'])) {
$hometown = strip_request_item('hometown');
}
if ($ok) {
sql_query("
@ -114,24 +122,26 @@ function user_settings() {
} elseif (isset($_REQUEST['submit_password'])) {
$ok = true;
if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) {
$msg .= error(_("-> not OK. Please try again."), true);
elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
} elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) {
$msg .= error(_("Your password is to short (please use at least 6 characters)."), true);
elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
} elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
$msg .= error(_("Your passwords don't match."), true);
elseif (set_password($user['UID'], $_REQUEST['new_password']))
} elseif (set_password($user['UID'], $_REQUEST['new_password'])) {
success(_("Password saved."));
else
} else {
error(_("Failed setting password."));
}
redirect(page_link_to('user_settings'));
} elseif (isset($_REQUEST['submit_theme'])) {
$ok = true;
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']]))
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
$selected_theme = $_REQUEST['theme'];
else
} else {
$ok = false;
}
if ($ok) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
@ -142,10 +152,11 @@ function user_settings() {
} elseif (isset($_REQUEST['submit_language'])) {
$ok = true;
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']]))
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
$selected_language = $_REQUEST['language'];
else
} else {
$ok = false;
}
if ($ok) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
@ -156,12 +167,12 @@ function user_settings() {
}
}
return page_with_title(settings_title(), array(
return page_with_title(settings_title(), [
$msg,
msg(),
div('row', array(
div('col-md-6', array(
form(array(
div('row', [
div('col-md-6', [
form([
form_info('', _("Here you can change your user details.")),
form_info(entry_required() . ' = ' . _("Entry required!")),
form_text('nick', _("Nick"), $nick, true),
@ -180,28 +191,28 @@ function user_settings() {
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '',
form_info('', _('Please visit the angeltypes page to manage your angeltypes.')),
form_submit('submit', _("Save"))
))
)),
div('col-md-6', array(
form(array(
])
]),
div('col-md-6', [
form([
form_info(_("Here you can change your password.")),
form_password('password', _("Old password:")),
form_password('new_password', _("New password:")),
form_password('new_password2', _("Password confirmation:")),
form_submit('submit_password', _("Save"))
)),
form(array(
]),
form([
form_info(_("Here you can choose your color settings:")),
form_select('theme', _("Color settings:"), $themes, $selected_theme),
form_submit('submit_theme', _("Save"))
)),
form(array(
]),
form([
form_info(_("Here you can choose your language:")),
form_select('language', _("Language:"), $locales, $selected_language),
form_submit('submit_language', _("Save"))
))
))
))
));
])
])
])
]);
}
?>

671
includes/pages/user_shifts.php
View File

File diff suppressed because it is too large Load Diff
Write Preview
Loading…
Cancel
Save