prohibit inline control structures on pages

main
msquare 8 years ago
parent 1ec19b46f3
commit 91dafb19ec

@ -14,8 +14,9 @@ function admin_active() {
$limit = ""; $limit = "";
$set_active = ""; $set_active = "";
if (isset($_REQUEST['search'])) if (isset($_REQUEST['search'])) {
$search = strip_request_item('search'); $search = strip_request_item('search');
}
$show_all_shifts = isset($_REQUEST['show_all_shifts']); $show_all_shifts = isset($_REQUEST['show_all_shifts']);
@ -33,8 +34,9 @@ function admin_active() {
$msg .= error(_("Please enter a number of angels to be marked as active."), true); $msg .= error(_("Please enter a number of angels to be marked as active."), true);
} }
if ($ok) if ($ok) {
$limit = " LIMIT " . $count; $limit = " LIMIT " . $count;
}
if (isset($_REQUEST['ack'])) { if (isset($_REQUEST['ack'])) {
sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0"); sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
$users = sql_select(" $users = sql_select("
@ -67,8 +69,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is active now."); engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
$msg = success(_("Angel has been marked as active."), true); $msg = success(_("Angel has been marked as active."), true);
} else } else {
$msg = error(_("Angel not found."), true); $msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) { } elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
$id = $_REQUEST['not_active']; $id = $_REQUEST['not_active'];
$user_source = User($id); $user_source = User($id);
@ -76,8 +79,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now."); engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
$msg = success(_("Angel has been marked as not active."), true); $msg = success(_("Angel has been marked as not active."), true);
} else } else {
$msg = error(_("Angel not found."), true); $msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) { } elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
$id = $_REQUEST['tshirt']; $id = $_REQUEST['tshirt'];
$user_source = User($id); $user_source = User($id);
@ -85,8 +89,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now."); engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
$msg = success(_("Angel has got a t-shirt."), true); $msg = success(_("Angel has got a t-shirt."), true);
} else } else {
$msg = error("Angel not found.", true); $msg = error("Angel not found.", true);
}
} elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) { } elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
$id = $_REQUEST['not_tshirt']; $id = $_REQUEST['not_tshirt'];
$user_source = User($id); $user_source = User($id);
@ -94,8 +99,9 @@ function admin_active() {
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt."); engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
$msg = success(_("Angel has got no t-shirt."), true); $msg = success(_("Angel has got no t-shirt."), true);
} else } else {
$msg = error(_("Angel not found."), true); $msg = error(_("Angel not found."), true);
}
} }
$users = sql_select(" $users = sql_select("
@ -107,21 +113,24 @@ function admin_active() {
GROUP BY `User`.`UID` GROUP BY `User`.`UID`
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit); ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
$matched_users = array(); $matched_users = [];
if ($search == "") if ($search == "") {
$tokens = array(); $tokens = [];
else } else {
$tokens = explode(" ", $search); $tokens = explode(" ", $search);
}
foreach ($users as &$usr) { foreach ($users as &$usr) {
if (count($tokens) > 0) { if (count($tokens) > 0) {
$match = false; $match = false;
foreach ($tokens as $t) foreach ($tokens as $t) {
if (stristr($usr['Nick'], trim($t))) { if (stristr($usr['Nick'], trim($t))) {
$match = true; $match = true;
break; break;
} }
if (! $match) }
if (! $match) {
continue; continue;
}
} }
$usr['nick'] = User_Nick_render($usr); $usr['nick'] = User_Nick_render($usr);
$usr['shirt_size'] = $tshirt_sizes[$usr['Size']]; $usr['shirt_size'] = $tshirt_sizes[$usr['Size']];
@ -131,14 +140,16 @@ function admin_active() {
$usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1); $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1);
$actions = array(); $actions = array();
if ($usr['Aktiv'] == 0) if ($usr['Aktiv'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("set active") . '</a>'; $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("set active") . '</a>';
}
if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) { if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove active") . '</a>'; $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove active") . '</a>';
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>'; $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>';
} }
if ($usr['Tshirt'] == 1) if ($usr['Tshirt'] == 1) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>'; $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>';
}
$usr['actions'] = join(' ', $actions); $usr['actions'] = join(' ', $actions);
@ -161,18 +172,18 @@ function admin_active() {
'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' 'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>'
]; ];
return page_with_title(admin_active_title(), array( return page_with_title(admin_active_title(), [
form(array( form([
form_text('search', _("Search angel:"), $search), form_text('search', _("Search angel:"), $search),
form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts), form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts),
form_submit('submit', _("Search")) form_submit('submit', _("Search"))
), page_link_to('admin_active')), ], page_link_to('admin_active')),
$set_active == "" ? form(array( $set_active == "" ? form([
form_text('count', _("How much angels should be active?"), $count), form_text('count', _("How much angels should be active?"), $count),
form_submit('set_active', _("Preview")) form_submit('set_active', _("Preview"))
)) : $set_active, ]) : $set_active,
msg(), msg(),
table(array( table([
'nick' => _("Nickname"), 'nick' => _("Nickname"),
'shirt_size' => _("Size"), 'shirt_size' => _("Size"),
'shift_count' => _("Shifts"), 'shift_count' => _("Shifts"),
@ -181,13 +192,13 @@ function admin_active() {
'force_active' => _("Forced"), 'force_active' => _("Forced"),
'tshirt' => _("T-shirt?"), 'tshirt' => _("T-shirt?"),
'actions' => "" 'actions' => ""
), $matched_users), ], $matched_users),
'<h2>' . _("Shirt statistics") . '</h2>', '<h2>' . _("Shirt statistics") . '</h2>',
table(array( table([
'size' => _("Size"), 'size' => _("Size"),
'needed' => _("Needed shirts"), 'needed' => _("Needed shirts"),
'given' => _("Given shirts") 'given' => _("Given shirts")
), $shirt_statistics) ], $shirt_statistics)
)); ]);
} }
?> ?>

@ -7,8 +7,9 @@ function admin_arrive_title() {
function admin_arrive() { function admin_arrive() {
$msg = ""; $msg = "";
$search = ""; $search = "";
if (isset($_REQUEST['search'])) if (isset($_REQUEST['search'])) {
$search = strip_request_item('search'); $search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) { if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
$id = $_REQUEST['reset']; $id = $_REQUEST['reset'];
@ -18,8 +19,9 @@ function admin_arrive() {
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source)); engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
success(_("Reset done. Angel has not arrived.")); success(_("Reset done. Angel has not arrived."));
redirect(user_link($user_source)); redirect(user_link($user_source));
} else } else {
$msg = error(_("Angel not found."), true); $msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) { } elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
$id = $_REQUEST['arrived']; $id = $_REQUEST['arrived'];
$user_source = User($id); $user_source = User($id);
@ -28,8 +30,9 @@ function admin_arrive() {
engelsystem_log("User set has arrived: " . User_Nick_render($user_source)); engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
success(_("Angel has been marked as arrived.")); success(_("Angel has been marked as arrived."));
redirect(user_link($user_source)); redirect(user_link($user_source));
} else } else {
$msg = error(_("Angel not found."), true); $msg = error(_("Angel not found."), true);
}
} }
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`"); $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
@ -37,28 +40,32 @@ function admin_arrive() {
$planned_arrival_count_at_day = []; $planned_arrival_count_at_day = [];
$planned_departure_count_at_day = []; $planned_departure_count_at_day = [];
$users_matched = []; $users_matched = [];
if ($search == "") if ($search == "") {
$tokens = []; $tokens = [];
else } else {
$tokens = explode(" ", $search); $tokens = explode(" ", $search);
}
foreach ($users as $usr) { foreach ($users as $usr) {
if (count($tokens) > 0) { if (count($tokens) > 0) {
$match = false; $match = false;
$index = join(" ", $usr); $index = join(" ", $usr);
foreach ($tokens as $t) foreach ($tokens as $t) {
if (stristr($index, trim($t))) { if (stristr($index, trim($t))) {
$match = true; $match = true;
break; break;
} }
if (! $match) }
if (! $match) {
continue; continue;
}
} }
$usr['nick'] = User_Nick_render($usr); $usr['nick'] = User_Nick_render($usr);
if ($usr['planned_departure_date'] != null) if ($usr['planned_departure_date'] != null) {
$usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']); $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']);
else } else {
$usr['rendered_planned_departure_date'] = '-'; $usr['rendered_planned_departure_date'] = '-';
}
$usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
$usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
@ -66,22 +73,25 @@ function admin_arrive() {
if ($usr['arrival_date'] > 0) { if ($usr['arrival_date'] > 0) {
$day = date('Y-m-d', $usr['arrival_date']); $day = date('Y-m-d', $usr['arrival_date']);
if (! isset($arrival_count_at_day[$day])) if (! isset($arrival_count_at_day[$day])) {
$arrival_count_at_day[$day] = 0; $arrival_count_at_day[$day] = 0;
}
$arrival_count_at_day[$day] ++; $arrival_count_at_day[$day] ++;
} }
if ($usr['planned_arrival_date'] != null) { if ($usr['planned_arrival_date'] != null) {
$day = date('Y-m-d', $usr['planned_arrival_date']); $day = date('Y-m-d', $usr['planned_arrival_date']);
if (! isset($planned_arrival_count_at_day[$day])) if (! isset($planned_arrival_count_at_day[$day])) {
$planned_arrival_count_at_day[$day] = 0; $planned_arrival_count_at_day[$day] = 0;
}
$planned_arrival_count_at_day[$day] ++; $planned_arrival_count_at_day[$day] ++;
} }
if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) { if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) {
$day = date('Y-m-d', $usr['planned_departure_date']); $day = date('Y-m-d', $usr['planned_departure_date']);
if (! isset($planned_departure_count_at_day[$day])) if (! isset($planned_departure_count_at_day[$day])) {
$planned_departure_count_at_day[$day] = 0; $planned_departure_count_at_day[$day] = 0;
}
$planned_departure_count_at_day[$day] ++; $planned_departure_count_at_day[$day] ++;
} }
@ -125,20 +135,20 @@ function admin_arrive() {
]; ];
} }
return page_with_title(admin_arrive_title(), array( return page_with_title(admin_arrive_title(), [
msg(), msg(),
form(array( form([
form_text('search', _("Search"), $search), form_text('search', _("Search"), $search),
form_submit('submit', _("Search")) form_submit('submit', _("Search"))
)), ]),
table(array( table([
'nick' => _("Nickname"), 'nick' => _("Nickname"),
'rendered_planned_arrival_date' => _("Planned arrival"), 'rendered_planned_arrival_date' => _("Planned arrival"),
'arrived' => _("Arrived?"), 'arrived' => _("Arrived?"),
'rendered_arrival_date' => _("Arrival date"), 'rendered_arrival_date' => _("Arrival date"),
'rendered_planned_departure_date' => _("Planned departure"), 'rendered_planned_departure_date' => _("Planned departure"),
'actions' => "" 'actions' => ""
), $users_matched), ], $users_matched),
div('row', [ div('row', [
div('col-md-4', [ div('col-md-4', [
heading(_("Planned arrival statistics"), 2), heading(_("Planned arrival statistics"), 2),
@ -186,6 +196,6 @@ function admin_arrive() {
], $planned_departure_at_day) ], $planned_departure_at_day)
]) ])
]) ])
)); ]);
} }
?> ?>

@ -1,4 +1,5 @@
<?php <?php
function admin_free_title() { function admin_free_title() {
return _("Free angels"); return _("Free angels");
} }
@ -7,25 +8,28 @@ function admin_free() {
global $privileges; global $privileges;
$search = ""; $search = "";
if (isset($_REQUEST['search'])) if (isset($_REQUEST['search'])) {
$search = strip_request_item('search'); $search = strip_request_item('search');
}
$angeltypesearch = ""; $angeltypesearch = "";
if (empty($_REQUEST['angeltype'])) if (empty($_REQUEST['angeltype'])) {
$_REQUEST['angeltype'] = ''; $_REQUEST['angeltype'] = '';
else { } else {
$angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`"; $angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`";
if (isset($_REQUEST['confirmed_only'])) if (isset($_REQUEST['confirmed_only'])) {
$angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`"; $angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`";
}
$angeltypesearch .= ") "; $angeltypesearch .= ") ";
} }
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`"); $angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$angel_types = array( $angel_types = [
'' => 'alle Typen' '' => 'alle Typen'
); ];
foreach ($angel_types_source as $angel_type) foreach ($angel_types_source as $angel_type) {
$angel_types[$angel_type['id']] = $angel_type['name']; $angel_types[$angel_type['id']] = $angel_type['name'];
}
$users = sql_select(" $users = sql_select("
SELECT `User`.* SELECT `User`.*
@ -37,58 +41,61 @@ function admin_free() {
GROUP BY `User`.`UID` GROUP BY `User`.`UID`
ORDER BY `Nick`"); ORDER BY `Nick`");
$free_users_table = array(); $free_users_table = [];
if ($search == "") if ($search == "") {
$tokens = array(); $tokens = [];
else } else {
$tokens = explode(" ", $search); $tokens = explode(" ", $search);
}
foreach ($users as $usr) { foreach ($users as $usr) {
if (count($tokens) > 0) { if (count($tokens) > 0) {
$match = false; $match = false;
$index = join("", $usr); $index = join("", $usr);
foreach ($tokens as $t) foreach ($tokens as $t) {
if (stristr($index, trim($t))) { if (stristr($index, trim($t))) {
$match = true; $match = true;
break; break;
} }
if (! $match) }
if (! $match) {
continue; continue;
}
} }
$free_users_table[] = array( $free_users_table[] = [
'name' => User_Nick_render($usr), 'name' => User_Nick_render($usr),
'shift_state' => User_shift_state_render($usr), 'shift_state' => User_shift_state_render($usr),
'dect' => $usr['DECT'], 'dect' => $usr['DECT'],
'jabber' => $usr['jabber'], 'jabber' => $usr['jabber'],
'email' => $usr['email'], 'email' => $usr['email'],
'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs') : '' 'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs') : ''
); ];
} }
return page_with_title(admin_free_title(), array( return page_with_title(admin_free_title(), [
form(array( form([
div('row', array( div('row', [
div('col-md-4', array( div('col-md-4', [
form_text('search', _("Search"), $search) form_text('search', _("Search"), $search)
)), ]),
div('col-md-4', array( div('col-md-4', [
form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']) form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype'])
)), ]),
div('col-md-2', array( div('col-md-2', [
form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])) form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only']))
)), ]),
div('col-md-2', array( div('col-md-2', [
form_submit('submit', _("Search")) form_submit('submit', _("Search"))
)) ])
)) ])
)), ]),
table(array( table([
'name' => _("Nick"), 'name' => _("Nick"),
'shift_state' => '', 'shift_state' => '',
'dect' => _("DECT"), 'dect' => _("DECT"),
'jabber' => _("Jabber"), 'jabber' => _("Jabber"),
'email' => _("E-Mail"), 'email' => _("E-Mail"),
'actions' => '' 'actions' => ''
), $free_users_table) ], $free_users_table)
)); ]);
} }
?> ?>

@ -1,4 +1,5 @@
<?php <?php
function admin_groups_title() { function admin_groups_title() {
return _("Grouprights"); return _("Grouprights");
} }
@ -12,63 +13,68 @@ function admin_groups() {
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'"); $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
$privileges_html = array(); $privileges_html = array();
foreach ($privileges as $priv) foreach ($privileges as $priv) {
$privileges_html[] = $priv['name']; $privileges_html[] = $priv['name'];
}
$groups_table[] = array( $groups_table[] = [
'name' => $group['Name'], 'name' => $group['Name'],
'privileges' => join(', ', $privileges_html), 'privileges' => join(', ', $privileges_html),
'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs') 'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs')
); ];
} }
return page_with_title(admin_groups_title(), array( return page_with_title(admin_groups_title(), [
table(array( table([
'name' => _("Name"), 'name' => _("Name"),
'privileges' => _("Privileges"), 'privileges' => _("Privileges"),
'actions' => '' 'actions' => ''
), $groups_table) ], $groups_table)
)); ]);
} else { } else {
switch ($_REQUEST["action"]) { switch ($_REQUEST["action"]) {
case 'edit': case 'edit':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error("Incomplete call, missing Groups ID.", true); return error("Incomplete call, missing Groups ID.", true);
}
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (count($room) > 0) { if (count($room) > 0) {
list($room) = $room; list($room) = $room;
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`"); $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`");
$privileges_html = ""; $privileges_html = "";
$privileges_form = array(); $privileges_form = [];
foreach ($privileges as $priv) { foreach ($privileges as $priv) {
$privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']); $privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']);
$privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']); $privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']);
} }
$privileges_form[] = form_submit('submit', _("Save")); $privileges_form[] = form_submit('submit', _("Save"));
$html .= page_with_title(_("Edit group"), array( $html .= page_with_title(_("Edit group"), [
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $id) form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $id)
)); ]);
} else } else {
return error("No Group found.", true); return error("No Group found.", true);
}
break; break;
case 'save': case 'save':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error("Incomplete call, missing Groups ID.", true); return error("Incomplete call, missing Groups ID.", true);
}
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (! is_array($_REQUEST['privileges'])) if (! is_array($_REQUEST['privileges'])) {
$_REQUEST['privileges'] = array(); $_REQUEST['privileges'] = [];
}
if (count($room) > 0) { if (count($room) > 0) {
list($room) = $room; list($room) = $room;
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'"); sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'");
$privilege_names = array(); $privilege_names = [];
foreach ($_REQUEST['privileges'] as $priv) { foreach ($_REQUEST['privileges'] as $priv) {
if (preg_match("/^[0-9]{1,}$/", $priv)) { if (preg_match("/^[0-9]{1,}$/", $priv)) {
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
@ -80,8 +86,9 @@ function admin_groups() {
} }
engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names)); engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names));
redirect(page_link_to("admin_groups")); redirect(page_link_to("admin_groups"));
} else } else {
return error("No Group found.", true); return error("No Group found.", true);
}
break; break;
} }
} }

@ -14,8 +14,9 @@ function admin_import() {
'input', 'input',
'check', 'check',
'import' 'import'
])) ])) {
$step = $_REQUEST['step']; $step = $_REQUEST['step'];
}
if ($test_handle = fopen('../import/tmp', 'w')) { if ($test_handle = fopen('../import/tmp', 'w')) {
fclose($test_handle); fclose($test_handle);
@ -30,11 +31,13 @@ function admin_import() {
$add_minutes_end = 15; $add_minutes_end = 15;
$shifttypes_source = ShiftTypes(); $shifttypes_source = ShiftTypes();
if ($shifttypes_source === false) if ($shifttypes_source === false) {
engelsystem_error('Unable to load shifttypes.'); engelsystem_error('Unable to load shifttypes.');
}
$shifttypes = []; $shifttypes = [];
foreach ($shifttypes_source as $shifttype) foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name']; $shifttypes[$shifttype['id']] = $shifttype['name'];
}
switch ($step) { switch ($step) {
case 'input': case 'input':
@ -43,23 +46,23 @@ function admin_import() {
if (isset($_REQUEST['submit'])) { if (isset($_REQUEST['submit'])) {
$ok = true; $ok = true;
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id']; $shifttype_id = $_REQUEST['shifttype_id'];
else { } else {
$ok = false; $ok = false;
error(_('Please select a shift type.')); error(_('Please select a shift type.'));
} }
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']); $add_minutes_start = trim($_REQUEST['add_minutes_start']);
else { } else {
$ok = false; $ok = false;
error(_("Please enter an amount of minutes to add to a talk's begin.")); error(_("Please enter an amount of minutes to add to a talk's begin."));
} }
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']); $add_minutes_end = trim($_REQUEST['add_minutes_end']);
else { } else {
$ok = false; $ok = false;
error(_("Please enter an amount of minutes to add to a talk's end.")); error(_("Please enter an amount of minutes to add to a talk's end."));
} }
@ -89,14 +92,14 @@ function admin_import() {
_('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import')) _('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import'))
]) . div('row', [ ]) . div('row', [
div('col-md-offset-3 col-md-6', [ div('col-md-offset-3 col-md-6', [
form(array( form([
form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")), form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")),
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start), form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start),
form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end), form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end),
form_file('xcal_file', _("xcal-File (.xcal)")), form_file('xcal_file', _("xcal-File (.xcal)")),
form_submit('submit', _("Import")) form_submit('submit', _("Import"))
)) ])
]) ])
]); ]);
} }
@ -108,23 +111,23 @@ function admin_import() {
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id']; $shifttype_id = $_REQUEST['shifttype_id'];
else { } else {
error(_('Please select a shift type.')); error(_('Please select a shift type.'));
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']); $add_minutes_start = trim($_REQUEST['add_minutes_start']);
else { } else {
error(_("Please enter an amount of minutes to add to a talk's begin.")); error(_("Please enter an amount of minutes to add to a talk's begin."));
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']); $add_minutes_end = trim($_REQUEST['add_minutes_end']);
else { } else {
error(_("Please enter an amount of minutes to add to a talk's end.")); error(_("Please enter an amount of minutes to add to a talk's end."));
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
@ -146,32 +149,32 @@ function admin_import() {
]) ])
]), ]),
'<h3>' . _("Shifts to create") . '</h3>', '<h3>' . _("Shifts to create") . '</h3>',
table(array( table([
'day' => _("Day"), 'day' => _("Day"),
'start' => _("Start"), 'start' => _("Start"),
'end' => _("End"), 'end' => _("End"),
'shifttype' => _('Shift type'), 'shifttype' => _('Shift type'),
'title' => _("Title"), 'title' => _("Title"),
'room' => _("Room") 'room' => _("Room")
), shifts_printable($events_new, $shifttypes)), ], shifts_printable($events_new, $shifttypes)),
'<h3>' . _("Shifts to update") . '</h3>', '<h3>' . _("Shifts to update") . '</h3>',
table(array( table([
'day' => _("Day"), 'day' => _("Day"),
'start' => _("Start"), 'start' => _("Start"),
'end' => _("End"), 'end' => _("End"),
'shifttype' => _('Shift type'), 'shifttype' => _('Shift type'),
'title' => _("Title"), 'title' => _("Title"),
'room' => _("Room") 'room' => _("Room")
), shifts_printable($events_updated, $shifttypes)), ], shifts_printable($events_updated, $shifttypes)),
'<h3>' . _("Shifts to delete") . '</h3>', '<h3>' . _("Shifts to delete") . '</h3>',
table(array( table([
'day' => _("Day"), 'day' => _("Day"),
'start' => _("Start"), 'start' => _("Start"),
'end' => _("End"), 'end' => _("End"),
'shifttype' => _('Shift type'), 'shifttype' => _('Shift type'),
'title' => _("Title"), 'title' => _("Title"),
'room' => _("Room") 'room' => _("Room")
), shifts_printable($events_deleted, $shifttypes)), ], shifts_printable($events_deleted, $shifttypes)),
form_submit('submit', _("Import")) form_submit('submit', _("Import"))
], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start); ], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
break; break;
@ -182,26 +185,27 @@ function admin_import() {
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
if (! file_exists($import_file)) if (! file_exists($import_file)) {
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id']; $shifttype_id = $_REQUEST['shifttype_id'];
else { } else {
error(_('Please select a shift type.')); error(_('Please select a shift type.'));
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
$add_minutes_start = trim($_REQUEST['add_minutes_start']); $add_minutes_start = trim($_REQUEST['add_minutes_start']);
else { } else {
error(_("Please enter an amount of minutes to add to a talk's begin.")); error(_("Please enter an amount of minutes to add to a talk's begin."));
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
$add_minutes_end = trim($_REQUEST['add_minutes_end']); $add_minutes_end = trim($_REQUEST['add_minutes_end']);
else { } else {
error(_("Please enter an amount of minutes to add to a talk's end.")); error(_("Please enter an amount of minutes to add to a talk's end."));
redirect(page_link_to('admin_import')); redirect(page_link_to('admin_import'));
} }
@ -209,33 +213,38 @@ function admin_import() {
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) { foreach ($rooms_new as $room) {
$result = Room_create($room, true, true); $result = Room_create($room, true, true);
if ($result === false) if ($result === false) {
engelsystem_error('Unable to create room.'); engelsystem_error('Unable to create room.');
}
$rooms_import[trim($room)] = sql_id(); $rooms_import[trim($room)] = sql_id();
} }
foreach ($rooms_deleted as $room) foreach ($rooms_deleted as $room) {
sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1"); sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
}
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end); list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
foreach ($events_new as $event) { foreach ($events_new as $event) {
$result = Shift_create($event); $result = Shift_create($event);
if ($result === false) if ($result === false) {
engelsystem_error('Unable to create shift.'); engelsystem_error('Unable to create shift.');
}
} }
foreach ($events_updated as $event) { foreach ($events_updated as $event) {
$result = Shift_update_by_psid($event); $result = Shift_update_by_psid($event);
if ($result === false) if ($result === false) {
engelsystem_error('Unable to update shift.'); engelsystem_error('Unable to update shift.');
}
} }
foreach ($events_deleted as $event) { foreach ($events_deleted as $event) {
$result = Shift_delete_by_psid($event['PSID']); $result = Shift_delete_by_psid($event['PSID']);
if ($result === false) if ($result === false) {
engelsystem_error('Unable to delete shift.'); engelsystem_error('Unable to delete shift.');
}
} }
engelsystem_log("Pentabarf import done"); engelsystem_log("Frab import done");
unlink($import_file); unlink($import_file);
@ -258,30 +267,31 @@ function prepare_rooms($file) {
$data = read_xml($file); $data = read_xml($file);
// Load rooms from db for compare with input // Load rooms from db for compare with input
$rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'"); $rooms = sql_select("SELECT * FROM `Room`");
$rooms_db = array(); $rooms_db = [];
$rooms_import = array(); $rooms_import = [];
foreach ($rooms as $room) { foreach ($rooms as $room) {
$rooms_db[] = (string) $room['Name']; $rooms_db[] = (string) $room['Name'];
$rooms_import[$room['Name']] = $room['RID']; $rooms_import[$room['Name']] = $room['RID'];
} }
$events = $data->vcalendar->vevent; $events = $data->vcalendar->vevent;
$rooms_pb = array(); $rooms_pb = [];
foreach ($events as $event) { foreach ($events as $event) {
$rooms_pb[] = (string) $event->location; $rooms_pb[] = (string) $event->location;
if (! isset($rooms_import[trim($event->location)])) if (! isset($rooms_import[trim($event->location)])) {
$rooms_import[trim($event->location)] = trim($event->location); $rooms_import[trim($event->location)] = trim($event->location);
}
} }
$rooms_pb = array_unique($rooms_pb); $rooms_pb = array_unique($rooms_pb);
$rooms_new = array_diff($rooms_pb, $rooms_db); $rooms_new = array_diff($rooms_pb, $rooms_db);
$rooms_deleted = array_diff($rooms_db, $rooms_pb); $rooms_deleted = array_diff($rooms_db, $rooms_pb);
return array( return [
$rooms_new, $rooms_new,
$rooms_deleted $rooms_deleted
); ];
} }
function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) { function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) {
@ -289,17 +299,18 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
$data = read_xml($file); $data = read_xml($file);
$rooms = sql_select("SELECT * FROM `Room`"); $rooms = sql_select("SELECT * FROM `Room`");
$rooms_db = array(); $rooms_db = [];
foreach ($rooms as $room) foreach ($rooms as $room) {
$rooms_db[$room['Name']] = $room['RID']; $rooms_db[$room['Name']] = $room['RID'];
}
$events = $data->vcalendar->vevent; $events = $data->vcalendar->vevent;
$shifts_pb = array(); $shifts_pb = [];
foreach ($events as $event) { foreach ($events as $event) {
$event_pb = $event->children("http://pentabarf.org"); $event_pb = $event->children("http://pentabarf.org");
$event_id = trim($event_pb->{ $event_id = trim($event_pb->{
'event-id' }); 'event-id' });
$shifts_pb[$event_id] = array( $shifts_pb[$event_id] = [
'shifttype_id' => $shifttype_id, 'shifttype_id' => $shifttype_id,
'start' => DateTime::createFromFormat("Ymd\THis", $event->dtstart)->getTimestamp() - $add_minutes_start * 60, 'start' => DateTime::createFromFormat("Ymd\THis", $event->dtstart)->getTimestamp() - $add_minutes_start * 60,
'end' => DateTime::createFromFormat("Ymd\THis", $event->dtend)->getTimestamp() + $add_minutes_end * 60, 'end' => DateTime::createFromFormat("Ymd\THis", $event->dtend)->getTimestamp() + $add_minutes_end * 60,
@ -307,41 +318,47 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e
'title' => trim($event->summary), 'title' => trim($event->summary),
'URL' => trim($event->url), 'URL' => trim($event->url),
'PSID' => $event_id 'PSID' => $event_id
); ];
} }
$shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`"); $shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`");
$shifts_db = array(); $shifts_db = [];
foreach ($shifts as $shift) foreach ($shifts as $shift) {
$shifts_db[$shift['PSID']] = $shift; $shifts_db[$shift['PSID']] = $shift;
}
$shifts_new = []; $shifts_new = [];
$shifts_updated = []; $shifts_updated = [];
foreach ($shifts_pb as $shift) foreach ($shifts_pb as $shift) {
if (! isset($shifts_db[$shift['PSID']])) if (! isset($shifts_db[$shift['PSID']])) {
$shifts_new[] = $shift; $shifts_new[] = $shift;
else { } else {
$tmp = $shifts_db[$shift['PSID']]; $tmp = $shifts_db[$shift['PSID']];
if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL']) if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL']) {
$shifts_updated[] = $shift; $shifts_updated[] = $shift;
}
} }
}
$shifts_deleted = array(); $shifts_deleted = [];
foreach ($shifts_db as $shift) foreach ($shifts_db as $shift) {
if (! isset($shifts_pb[$shift['PSID']])) if (! isset($shifts_pb[$shift['PSID']])) {
$shifts_deleted[] = $shift; $shifts_deleted[] = $shift;
}
}
return array( return [
$shifts_new, $shifts_new,
$shifts_updated, $shifts_updated,
$shifts_deleted $shifts_deleted
); ];
} }
function read_xml($file) { function read_xml($file) {
global $xml_import; global $xml_import;
if (! isset($xml_import)) if (! isset($xml_import)) {
$xml_import = simplexml_load_file($file); $xml_import = simplexml_load_file($file);
}
return $xml_import; return $xml_import;
} }
@ -351,9 +368,9 @@ function shifts_printable($shifts, $shifttypes) {
uasort($shifts, 'shift_sort'); uasort($shifts, 'shift_sort');
$shifts_printable = array(); $shifts_printable = [];
foreach ($shifts as $shift) foreach ($shifts as $shift) {
$shifts_printable[] = array( $shifts_printable[] = [
'day' => date("l, Y-m-d", $shift['start']), 'day' => date("l, Y-m-d", $shift['start']),
'start' => date("H:i", $shift['start']), 'start' => date("H:i", $shift['start']),
'shifttype' => ShiftType_name_render([ 'shifttype' => ShiftType_name_render([
@ -363,7 +380,8 @@ function shifts_printable($shifts, $shifttypes) {
'title' => shorten($shift['title']), 'title' => shorten($shift['title']),
'end' => date("H:i", $shift['end']), 'end' => date("H:i", $shift['end']),
'room' => $rooms[$shift['RID']] 'room' => $rooms[$shift['RID']]
); ];
}
return $shifts_printable; return $shifts_printable;
} }

@ -1,10 +1,10 @@
<?php <?php
function admin_log_title() { function admin_log_title() {
return _("Log"); return _("Log");
} }
function admin_log() { function admin_log() {
if (isset($_POST['keyword'])) { if (isset($_POST['keyword'])) {
$filter = $_POST['keyword']; $filter = $_POST['keyword'];
$log_entries_source = LogEntries_filter($_POST['keyword']); $log_entries_source = LogEntries_filter($_POST['keyword']);
@ -12,24 +12,24 @@ function admin_log() {
$filter = ""; $filter = "";
$log_entries_source = LogEntries(); $log_entries_source = LogEntries();
} }
$log_entries = array(); $log_entries = [];
foreach ($log_entries_source as $log_entry) { foreach ($log_entries_source as $log_entry) {
$log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']); $log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']);
$log_entries[] = $log_entry; $log_entries[] = $log_entry;
} }
return page_with_title(admin_log_title(), array( return page_with_title(admin_log_title(), [
msg(), msg(),
form(array( form([
form_text('keyword', _("Search"), $filter), form_text('keyword', _("Search"), $filter),
form_submit(_("Search"), "Go") form_submit(_("Search"), "Go")
)), ]),
table(array( table([
'date' => "Time", 'date' => "Time",
'nick' => "Angel", 'nick' => "Angel",
'message' => "Log Entry" 'message' => "Log Entry"
), $log_entries) ], $log_entries)
)); ]);
} }
?> ?>

@ -1,4 +1,5 @@
<?php <?php
function admin_news() { function admin_news() {
global $user; global $user;
@ -6,10 +7,11 @@ function admin_news() {
redirect(page_link_to("news")); redirect(page_link_to("news"));
} else { } else {
$html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg(); $html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg();
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error("Incomplete call, missing News ID.", true); return error("Incomplete call, missing News ID.", true);
}
$news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1"); $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
if (count($news) > 0) { if (count($news) > 0) {
@ -20,17 +22,18 @@ function admin_news() {
list($news) = $news; list($news) = $news;
$user_source = User($news['UID']); $user_source = User($news['UID']);
if ($user_source === false) if ($user_source === false) {
engelsystem_error("Unable to load user."); engelsystem_error("Unable to load user.");
}
$html .= form(array( $html .= form([
form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])),
form_info(_("Author"), User_Nick_render($user_source)), form_info(_("Author"), User_Nick_render($user_source)),
form_text('eBetreff', _("Subject"), $news['Betreff']), form_text('eBetreff', _("Subject"), $news['Betreff']),
form_textarea('eText', _("Message"), $news['Text']), form_textarea('eText', _("Message"), $news['Text']),
form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
), page_link_to('admin_news&action=save&id=' . $id)); ], page_link_to('admin_news&action=save&id=' . $id));
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
break; break;

@ -1,113 +1,123 @@
<?php <?php
function admin_questions_title() { function admin_questions_title() {
return _("Answer questions"); return _("Answer questions");
} }
function admin_new_questions() { function admin_new_questions() {
global $privileges; global $privileges;
if (in_array("admin_questions", $privileges)) { if (in_array("admin_questions", $privileges)) {
$new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID` IS NULL"); $new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID` IS NULL");
if ($new_messages > 0) if ($new_messages > 0) {
return info('<a href="' . page_link_to("admin_questions") . '">' . _('There are unanswered questions!') . '</a>', true); return info('<a href="' . page_link_to("admin_questions") . '">' . _('There are unanswered questions!') . '</a>', true);
}
} }
return ""; return "";
} }
function admin_questions() { function admin_questions() {
global $user; global $user;
if (! isset($_REQUEST['action'])) { if (! isset($_REQUEST['action'])) {
$unanswered_questions_table = array(); $unanswered_questions_table = array();
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL"); $questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
foreach ($questions as $question) { foreach ($questions as $question) {
$user_source = User($question['UID']); $user_source = User($question['UID']);
if ($user_source === false) if ($user_source === false) {
engelsystem_error("Unable to load user."); engelsystem_error("Unable to load user.");
}
$unanswered_questions_table[] = array(
$unanswered_questions_table[] = [
'from' => User_Nick_render($user_source), 'from' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']), 'question' => str_replace("\n", "<br />", $question['Question']),
'answer' => form(array( 'answer' => form([
form_textarea('answer', '', ''), form_textarea('answer', '', ''),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
), page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
); ];
} }
$answered_questions_table = array(); $answered_questions_table = [];
$questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL"); $questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
foreach ($questions as $question) { foreach ($questions as $question) {
$user_source = User($question['UID']); $user_source = User($question['UID']);
if ($user_source === false) if ($user_source === false) {
engelsystem_error("Unable to load user."); engelsystem_error("Unable to load user.");
}
$answer_user_source = User($question['AID']); $answer_user_source = User($question['AID']);
if ($answer_user_source === false) if ($answer_user_source === false) {
engelsystem_error("Unable to load user."); engelsystem_error("Unable to load user.");
$answered_questions_table[] = array( }
$answered_questions_table[] = [
'from' => User_Nick_render($user_source), 'from' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']), 'question' => str_replace("\n", "<br />", $question['Question']),
'answered_by' => User_Nick_render($answer_user_source), 'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", "<br />", $question['Answer']), 'answer' => str_replace("\n", "<br />", $question['Answer']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
); ];
} }
return page_with_title(admin_questions_title(), array( return page_with_title(admin_questions_title(), [
'<h2>' . _("Unanswered questions") . '</h2>', '<h2>' . _("Unanswered questions") . '</h2>',
table(array( table([
'from' => _("From"), 'from' => _("From"),
'question' => _("Question"), 'question' => _("Question"),
'answer' => _("Answer"), 'answer' => _("Answer"),
'actions' => '' 'actions' => ''
), $unanswered_questions_table), ], $unanswered_questions_table),
'<h2>' . _("Answered questions") . '</h2>', '<h2>' . _("Answered questions") . '</h2>',
table(array( table([
'from' => _("From"), 'from' => _("From"),
'question' => _("Question"), 'question' => _("Question"),
'answered_by' => _("Answered by"), 'answered_by' => _("Answered by"),
'answer' => _("Answer"), 'answer' => _("Answer"),
'actions' => '' 'actions' => ''
), $answered_questions_table) ], $answered_questions_table)
)); ]);
} else { } else {
switch ($_REQUEST['action']) { switch ($_REQUEST['action']) {
case 'answer': case 'answer':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error("Incomplete call, missing Question ID.", true); return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) { if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']))); $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
if ($answer != "") { if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions")); redirect(page_link_to("admin_questions"));
} else } else {
return error("Gib eine Antwort ein!", true); return error("Enter an answer!", true);
} else }
} else {
return error("No question found.", true); return error("No question found.", true);
}
break; break;
case 'delete': case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error("Incomplete call, missing Question ID.", true); return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0) { if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']); engelsystem_log("Question deleted: " . $question[0]['Question']);
redirect(page_link_to("admin_questions")); redirect(page_link_to("admin_questions"));
} else } else {
return error("No question found.", true); return error("No question found.", true);
}
break; break;
} }
} }

@ -6,17 +6,18 @@ function admin_rooms_title() {
function admin_rooms() { function admin_rooms() {
$rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = array(); $rooms = [];
foreach ($rooms_source as $room) foreach ($rooms_source as $room) {
$rooms[] = array( $rooms[] = [
'name' => $room['Name'], 'name' => $room['Name'],
'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '&#10003;' : '', 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '&#10003;' : '',
'public' => $room['show'] == 'Y' ? '&#10003;' : '', 'public' => $room['show'] == 'Y' ? '&#10003;' : '',
'actions' => buttons(array( 'actions' => buttons([
button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'),
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs')
)) ])
); ];
}
$room = null; $room = null;
if (isset($_REQUEST['show'])) { if (isset($_REQUEST['show'])) {
@ -27,8 +28,8 @@ function admin_rooms() {
$number = ""; $number = "";
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes = array(); $angeltypes = [];
$angeltypes_count = array(); $angeltypes_count = [];
foreach ($angeltypes_source as $angeltype) { foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype['name']; $angeltypes[$angeltype['id']] = $angeltype['name'];
$angeltypes_count[$angeltype['id']] = 0; $angeltypes_count[$angeltype['id']] = 0;
@ -43,10 +44,12 @@ function admin_rooms() {
$public = $room[0]['show']; $public = $room[0]['show'];
$number = $room[0]['Number']; $number = $room[0]['Number'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
foreach ($needed_angeltypes as $needed_angeltype) foreach ($needed_angeltypes as $needed_angeltype) {
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
} else }
} else {
redirect(page_link_to('admin_rooms')); redirect(page_link_to('admin_rooms'));
}
} }
if ($_REQUEST['show'] == 'edit') { if ($_REQUEST['show'] == 'edit') {
@ -64,25 +67,28 @@ function admin_rooms() {
$msg .= error(_("Please enter a name."), true); $msg .= error(_("Please enter a name."), true);
} }
if (isset($_REQUEST['from_pentabarf'])) if (isset($_REQUEST['from_pentabarf'])) {
$from_pentabarf = 'Y'; $from_pentabarf = 'Y';
else } else {
$from_pentabarf = ''; $from_pentabarf = '';
}
if (isset($_REQUEST['public'])) if (isset($_REQUEST['public'])) {
$public = 'Y'; $public = 'Y';
else } else {
$public = ''; $public = '';
}
if (isset($_REQUEST['number'])) if (isset($_REQUEST['number'])) {
$number = strip_request_item('number'); $number = strip_request_item('number');
else } else {
$ok = false; $ok = false;
}
foreach ($angeltypes as $angeltype_id => $angeltype) { foreach ($angeltypes as $angeltype_id => $angeltype) {
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
else { } else {
$ok = false; $ok = false;
$msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true); $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
} }
@ -94,8 +100,9 @@ function admin_rooms() {
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
} else { } else {
$id = Room_create($name, $from_pentabarf, $public, $number); $id = Room_create($name, $from_pentabarf, $public, $number);
if ($id === false) if ($id === false) {
engelsystem_error("Unable to create room."); engelsystem_error("Unable to create room.");
}
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
} }
@ -103,8 +110,9 @@ function admin_rooms() {
$needed_angeltype_info = array(); $needed_angeltype_info = array();
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
$angeltype = AngelType($angeltype_id); $angeltype = AngelType($angeltype_id);
if ($angeltype === false) if ($angeltype === false) {
engelsystem_error("Unable to load angeltype."); engelsystem_error("Unable to load angeltype.");
}
if ($angeltype != null) { if ($angeltype != null) {
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'"); sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
@ -116,70 +124,72 @@ function admin_rooms() {
redirect(page_link_to("admin_rooms")); redirect(page_link_to("admin_rooms"));
} }
} }
$angeltypes_count_form = array(); $angeltypes_count_form = [];
foreach ($angeltypes as $angeltype_id => $angeltype) foreach ($angeltypes as $angeltype_id => $angeltype) {
$angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array( $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [
form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id])
)); ]);
}
return page_with_title(admin_rooms_title(), array( return page_with_title(admin_rooms_title(), [
buttons(array( buttons([
button(page_link_to('admin_rooms'), _("back"), 'back') button(page_link_to('admin_rooms'), _("back"), 'back')
)), ]),
$msg, $msg,
form(array( form([
div('row', array( div('row', [
div('col-md-6', array( div('col-md-6', [
form_text('name', _("Name"), $name), form_text('name', _("Name"), $name),
form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf),
form_checkbox('public', _("Public"), $public), form_checkbox('public', _("Public"), $public),
form_text('number', _("Room number"), $number) form_text('number', _("Room number"), $number)
)), ]),
div('col-md-6', array( div('col-md-6', [
div('row', array( div('row', [
div('col-md-12', array( div('col-md-12', [
form_info(_("Needed angels:")) form_info(_("Needed angels:"))
)), ]),
join($angeltypes_count_form) join($angeltypes_count_form)
)) ])
)) ])
)), ]),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
)) ])
)); ]);
} elseif ($_REQUEST['show'] == 'delete') { } elseif ($_REQUEST['show'] == 'delete') {
if (isset($_REQUEST['ack'])) { if (isset($_REQUEST['ack'])) {
if (! Room_delete($id)) if (! Room_delete($id)) {
engelsystem_error("Unable to delete room."); engelsystem_error("Unable to delete room.");
}
engelsystem_log("Room deleted: " . $name); engelsystem_log("Room deleted: " . $name);
success(sprintf(_("Room %s deleted."), $name)); success(sprintf(_("Room %s deleted."), $name));
redirect(page_link_to('admin_rooms')); redirect(page_link_to('admin_rooms'));
} }
return page_with_title(admin_rooms_title(), array( return page_with_title(admin_rooms_title(), [
buttons(array( buttons([
button(page_link_to('admin_rooms'), _("back"), 'back') button(page_link_to('admin_rooms'), _("back"), 'back')
)), ]),
sprintf(_("Do you want to delete room %s?"), $name), sprintf(_("Do you want to delete room %s?"), $name),
buttons(array( buttons([
button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete') button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete')
)) ])
)); ]);
} }
} }
return page_with_title(admin_rooms_title(), array( return page_with_title(admin_rooms_title(), [
buttons(array( buttons([
button(page_link_to('admin_rooms') . '&show=edit', _("add")) button(page_link_to('admin_rooms') . '&show=edit', _("add"))
)), ]),
msg(), msg(),
table(array( table([
'name' => _("Name"), 'name' => _("Name"),
'from_pentabarf' => _("Frab import"), 'from_pentabarf' => _("Frab import"),
'public' => _("Public"), 'public' => _("Public"),
'actions' => "" 'actions' => ""
), $rooms) ], $rooms)
)); ]);
} }
?> ?>

@ -14,40 +14,46 @@ function admin_shifts() {
$mode = 'single'; $mode = 'single';
$angelmode = 'manually'; $angelmode = 'manually';
$length = ''; $length = '';
$change_hours = array(); $change_hours = [];
$title = ""; $title = "";
$shifttype_id = null; $shifttype_id = null;
// Locations laden (auch unsichtbare - fuer Erzengel ist das ok) // Locations laden (auch unsichtbare - fuer Erzengel ist das ok)
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$room_array = array(); $room_array = [];
foreach ($rooms as $room) foreach ($rooms as $room) {
$room_array[$room['RID']] = $room['Name']; $room_array[$room['RID']] = $room['Name'];
}
// Engeltypen laden
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$needed_angel_types = array(); $needed_angel_types = [];
foreach ($types as $type) foreach ($types as $type) {
$needed_angel_types[$type['id']] = 0; $needed_angel_types[$type['id']] = 0;
}
// Load shift types
// Load shift types
$shifttypes_source = ShiftTypes(); $shifttypes_source = ShiftTypes();
if ($shifttypes_source === false) if ($shifttypes_source === false) {
engelsystem_error('Unable to load shift types.'); engelsystem_error('Unable to load shift types.');
}
$shifttypes = []; $shifttypes = [];
foreach ($shifttypes_source as $shifttype) foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name']; $shifttypes[$shifttype['id']] = $shifttype['name'];
}
if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) { if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
if (isset($_REQUEST['shifttype_id'])) { if (isset($_REQUEST['shifttype_id'])) {
$shifttype = ShiftType($_REQUEST['shifttype_id']); $shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false) if ($shifttype === false) {
engelsystem_error('Unable to load shift type.'); engelsystem_error('Unable to load shift type.');
}
if ($shifttype == null) { if ($shifttype == null) {
$ok = false; $ok = false;
error(_('Please select a shift type.')); error(_('Please select a shift type.'));
} else } else {
$shifttype_id = $_REQUEST['shifttype_id']; $shifttype_id = $_REQUEST['shifttype_id'];
}
} else { } else {
$ok = false; $ok = false;
error(_('Please select a shift type.')); error(_('Please select a shift type.'));
@ -57,24 +63,24 @@ function admin_shifts() {
$title = strip_request_item('title'); $title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten // Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
$rid = $_REQUEST['rid']; $rid = $_REQUEST['rid'];
else { } else {
$ok = false; $ok = false;
$rid = $rooms[0]['RID']; $rid = $rooms[0]['RID'];
error(_('Please select a location.')); error(_('Please select a location.'));
} }
if (isset($_REQUEST['start']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start']))) if (isset($_REQUEST['start']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start']))) {
$start = $tmp->getTimestamp(); $start = $tmp->getTimestamp();
else { } else {
$ok = false; $ok = false;
error(_('Please select a start time.')); error(_('Please select a start time.'));
} }
if (isset($_REQUEST['end']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end']))) if (isset($_REQUEST['end']) && $tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end']))) {
$end = $tmp->getTimestamp(); $end = $tmp->getTimestamp();
else { } else {
$ok = false; $ok = false;
error(_('Please select an end time.')); error(_('Please select an end time.'));
} }
@ -136,43 +142,47 @@ function admin_shifts() {
} }
// Beim Zurück-Knopf das Formular zeigen // Beim Zurück-Knopf das Formular zeigen
if (isset($_REQUEST['back'])) if (isset($_REQUEST['back'])) {
$ok = false; $ok = false;
}
// Alle Eingaben in Ordnung
// Alle Eingaben in Ordnung
if ($ok) { if ($ok) {
if ($angelmode == 'location') { if ($angelmode == 'location') {
$needed_angel_types = array(); $needed_angel_types = [];
$needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'"); $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
foreach ($needed_angel_types_location as $type) foreach ($needed_angel_types_location as $type) {
$needed_angel_types[$type['angel_type_id']] = $type['count']; $needed_angel_types[$type['angel_type_id']] = $type['count'];
}
} }
$shifts = array(); $shifts = [];
if ($mode == 'single') { if ($mode == 'single') {
$shifts[] = array( $shifts[] = [
'start' => $start, 'start' => $start,
'end' => $end, 'end' => $end,
'RID' => $rid, 'RID' => $rid,
'title' => $title, 'title' => $title,
'shifttype_id' => $shifttype_id 'shifttype_id' => $shifttype_id
); ];
} elseif ($mode == 'multi') { } elseif ($mode == 'multi') {
$shift_start = $start; $shift_start = $start;
do { do {
$shift_end = $shift_start + $length * 60; $shift_end = $shift_start + $length * 60;
if ($shift_end > $end) if ($shift_end > $end) {
$shift_end = $end; $shift_end = $end;
if ($shift_start >= $shift_end) }
if ($shift_start >= $shift_end) {
break; break;
}
$shifts[] = array( $shifts[] = [
'start' => $shift_start, 'start' => $shift_start,
'end' => $shift_end, 'end' => $shift_end,
'RID' => $rid, 'RID' => $rid,
'title' => $title, 'title' => $title,
'shifttype_id' => $shifttype_id 'shifttype_id' => $shifttype_id
); ];
$shift_start = $shift_end; $shift_start = $shift_end;
} while ($shift_end < $end); } while ($shift_end < $end);
@ -182,14 +192,15 @@ function admin_shifts() {
$change_index = 0; $change_index = 0;
// Ersten/nächsten passenden Schichtwechsel suchen // Ersten/nächsten passenden Schichtwechsel suchen
foreach ($change_hours as $i => $change_hour) { foreach ($change_hours as $i => $change_hour) {
if ($start < $day + $change_hour * 60 * 60) if ($start < $day + $change_hour * 60 * 60) {
$change_index = $i; $change_index = $i;
elseif ($start == $day + $change_hour * 60 * 60) { } elseif ($start == $day + $change_hour * 60 * 60) {
// Start trifft Schichtwechsel // Start trifft Schichtwechsel
$change_index = ($i + count($change_hours) - 1) % count($change_hours); $change_index = ($i + count($change_hours) - 1) % count($change_hours);
break; break;
} else } else {
break; break;
}
} }
$shift_start = $start; $shift_start = $start;
@ -197,35 +208,38 @@ function admin_shifts() {
$day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00")->getTimestamp(); $day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00")->getTimestamp();
$shift_end = $day + $change_hours[$change_index] * 60 * 60; $shift_end = $day + $change_hours[$change_index] * 60 * 60;
if ($shift_end > $end) if ($shift_end > $end) {
$shift_end = $end; $shift_end = $end;
if ($shift_start >= $shift_end) }
if ($shift_start >= $shift_end) {
$shift_end += 24 * 60 * 60; $shift_end += 24 * 60 * 60;
}
$shifts[] = array( $shifts[] = [
'start' => $shift_start, 'start' => $shift_start,
'end' => $shift_end, 'end' => $shift_end,
'RID' => $rid, 'RID' => $rid,
'title' => $title, 'title' => $title,
'shifttype_id' => $shifttype_id 'shifttype_id' => $shifttype_id
); ];
$shift_start = $shift_end; $shift_start = $shift_end;
$change_index = ($change_index + count($change_hours) - 1) % count($change_hours); $change_index = ($change_index + count($change_hours) - 1) % count($change_hours);
} while ($shift_end < $end); } while ($shift_end < $end);
} }
$shifts_table = array(); $shifts_table = [];
foreach ($shifts as $shift) { foreach ($shifts as $shift) {
$shifts_table_entry = [ $shifts_table_entry = [
'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])), 'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])),
'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''), 'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''),
'needed_angels' => '' 'needed_angels' => ''
]; ];
foreach ($types as $type) foreach ($types as $type) {
if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) {
$shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />'; $shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />';
}
}
$shifts_table[] = $shifts_table_entry; $shifts_table[] = $shifts_table_entry;
} }
@ -234,10 +248,11 @@ function admin_shifts() {
$_SESSION['admin_shifts_types'] = $needed_angel_types; $_SESSION['admin_shifts_types'] = $needed_angel_types;
$hidden_types = ""; $hidden_types = "";
foreach ($needed_angel_types as $type_id => $count) foreach ($needed_angel_types as $type_id => $count) {
$hidden_types .= form_hidden('type_' . $type_id, $count); $hidden_types .= form_hidden('type_' . $type_id, $count);
return page_with_title(_("Preview"), array( }
form(array( return page_with_title(_("Preview"), [
form([
$hidden_types, $hidden_types,
form_hidden('shifttype_id', $shifttype_id), form_hidden('shifttype_id', $shifttype_id),
form_hidden('title', $title), form_hidden('title', $title),
@ -249,28 +264,30 @@ function admin_shifts() {
form_hidden('change_hours', implode(', ', $change_hours)), form_hidden('change_hours', implode(', ', $change_hours)),
form_hidden('angelmode', $angelmode), form_hidden('angelmode', $angelmode),
form_submit('back', _("back")), form_submit('back', _("back")),
table(array( table([
'timeslot' => _('Time and location'), 'timeslot' => _('Time and location'),
'title' => _('Type and title'), 'title' => _('Type and title'),
'needed_angels' => _('Needed angels') 'needed_angels' => _('Needed angels')
), $shifts_table), ], $shifts_table),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
)) ])
)); ]);
} }
} elseif (isset($_REQUEST['submit'])) { } elseif (isset($_REQUEST['submit'])) {
if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) {
redirect(page_link_to('admin_shifts')); redirect(page_link_to('admin_shifts'));
}
foreach ($_SESSION['admin_shifts_shifts'] as $shift) { foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
$shift['URL'] = null; $shift['URL'] = null;
$shift['PSID'] = null; $shift['PSID'] = null;
$shift_id = Shift_create($shift); $shift_id = Shift_create($shift);
if ($shift_id === false) if ($shift_id === false) {
engelsystem_error('Unable to create shift.'); engelsystem_error('Unable to create shift.');
}
engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
$needed_angel_types_info = array(); $needed_angel_types_info = [];
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
if (count($angel_type_source) > 0) { if (count($angel_type_source) > 0) {
@ -288,38 +305,42 @@ function admin_shifts() {
unset($_SESSION['admin_shifts_types']); unset($_SESSION['admin_shifts_types']);
} }
if (! isset($_REQUEST['rid'])) if (! isset($_REQUEST['rid'])) {
$_REQUEST['rid'] = null; $_REQUEST['rid'] = null;
}
$angel_types = ""; $angel_types = "";
foreach ($types as $type) foreach ($types as $type) {
$angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>'; $angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>';
}
return page_with_title(admin_shifts_title(), array( return page_with_title(admin_shifts_title(), [
msg(), msg(),
form(array( form([
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_text('title', _("Title"), $title), form_text('title', _("Title"), $title),
form_select('rid', _("Room"), $room_array, $_REQUEST['rid']), form_select('rid', _("Room"), $room_array, $_REQUEST['rid']),
'<div class="row">', div('row', [
'<div class="col-md-6">', div('col-md-6', [
form_text('start', _("Start"), date("Y-m-d H:i", $start)), form_text('start', _("Start"), date("Y-m-d H:i", $start)),
form_text('end', _("End"), date("Y-m-d H:i", $end)), form_text('end', _("End"), date("Y-m-d H:i", $end)),
form_info(_("Mode"), ''), form_info(_("Mode"), ''),
form_radio('mode', _("Create one shift"), $mode == 'single', 'single'), form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'), form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'), form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'), form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'), form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22')
'</div>', ]),
'<div class="col-md-6">', div('col-md-6', [
form_info(_("Needed angels"), ''), form_info(_("Needed angels"), ''),
form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'), form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'), form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
'<div class="row">'.$angel_types.'</div>', div('row', [
'</div>', $angel_types
'</div>', ])
])
]),
form_submit('preview', _("Preview")) form_submit('preview', _("Preview"))
)) ])
)); ]);
} }
?> ?>

@ -9,14 +9,16 @@ function admin_user() {
$html = ''; $html = '';
if (! isset($_REQUEST['id'])) if (! isset($_REQUEST['id'])) {
redirect(users_link()); redirect(users_link());
}
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
if (! isset($_REQUEST['action'])) { if (! isset($_REQUEST['action'])) {
$user_source = User($id); $user_source = User($id);
if ($user_source === false) if ($user_source === false) {
engelsystem_error('Unable to load user.'); engelsystem_error('Unable to load user.');
}
if ($user_source == null) { if ($user_source == null) {
error(_('This user does not exist.')); error(_('This user does not exist.'));
redirect(users_link()); redirect(users_link());
@ -42,10 +44,10 @@ function admin_user() {
$html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n"; $html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n"; $html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
$options = array( $options = [
'1' => "Yes", '1' => _("Yes"),
'0' => "No" '0' => _("No")
); ];
// Gekommen? // Gekommen?
$html .= " <tr><td>Gekommen</td><td>\n"; $html .= " <tr><td>Gekommen</td><td>\n";
@ -90,20 +92,23 @@ function admin_user() {
$html .= "<hr />"; $html .= "<hr />";
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1"); $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
if (count($my_highest_group) > 0) if (count($my_highest_group) > 0) {
$my_highest_group = $my_highest_group[0]['group_id']; $my_highest_group = $my_highest_group[0]['group_id'];
}
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1"); $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1");
if (count($his_highest_group) > 0) if (count($his_highest_group) > 0) {
$his_highest_group = $his_highest_group[0]['group_id']; $his_highest_group = $his_highest_group[0]['group_id'];
}
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n"; $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
$html .= '<table>'; $html .= '<table>';
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`"); $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
foreach ($groups as $group) foreach ($groups as $group) {
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>'; $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
}
$html .= '</table>'; $html .= '</table>';
@ -127,18 +132,19 @@ function admin_user() {
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
$groups = array(); $groups = [];
$grouplist = array(); $grouplist = [];
foreach ($groups_source as $group) { foreach ($groups_source as $group) {
$groups[$group['UID']] = $group; $groups[$group['UID']] = $group;
$grouplist[] = $group['UID']; $grouplist[] = $group['UID'];
} }
if (! is_array($_REQUEST['groups'])) if (! is_array($_REQUEST['groups'])) {
$_REQUEST['groups'] = array(); $_REQUEST['groups'] = [];
}
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
$user_groups_info = array(); $user_groups_info = [];
foreach ($_REQUEST['groups'] as $group) { foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) { if (in_array($group, $grouplist)) {
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'"); sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
@ -158,8 +164,9 @@ function admin_user() {
case 'save': case 'save':
$force_active = $user['force_active']; $force_active = $user['force_active'];
if (in_array('admin_active', $privileges)) if (in_array('admin_active', $privileges)) {
$force_active = $_REQUEST['force_active']; $force_active = $_REQUEST['force_active'];
}
$SQL = "UPDATE `User` SET $SQL = "UPDATE `User` SET
`Nick` = '" . sql_escape($_POST["eNick"]) . "', `Nick` = '" . sql_escape($_POST["eNick"]) . "',
`Name` = '" . sql_escape($_POST["eName"]) . "', `Name` = '" . sql_escape($_POST["eName"]) . "',
@ -197,8 +204,8 @@ function admin_user() {
} }
} }
return page_with_title(_('Edit user'), array( return page_with_title(_("Edit user"), [
$html $html
)); ]);
} }
?> ?>

@ -4,6 +4,6 @@ function credits_title() {
} }
function guest_credits() { function guest_credits() {
return template_render('../templates/guest_credits.html', array()); return template_render('../templates/guest_credits.html', []);
} }
?> ?>

@ -17,8 +17,9 @@ function guest_register() {
global $tshirt_sizes, $enable_tshirt_size, $default_theme, $user; global $tshirt_sizes, $enable_tshirt_size, $default_theme, $user;
$event_config = EventConfig(); $event_config = EventConfig();
if ($event_config === false) if ($event_config === false) {
engelsystem_error("Unable to load event config."); engelsystem_error("Unable to load event config.");
}
$msg = ""; $msg = "";
$nick = ""; $nick = "";
@ -35,15 +36,16 @@ function guest_register() {
$comment = ""; $comment = "";
$tshirt_size = ''; $tshirt_size = '';
$password_hash = ""; $password_hash = "";
$selected_angel_types = array(); $selected_angel_types = [];
$planned_arrival_date = null; $planned_arrival_date = null;
$angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array(); $angel_types = [];
foreach ($angel_types_source as $angel_type) { foreach ($angel_types_source as $angel_type) {
$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
if (! $angel_type['restricted']) if (! $angel_type['restricted']) {
$selected_angel_types[] = $angel_type['id']; $selected_angel_types[] = $angel_type['id'];
}
} }
if (isset($_REQUEST['submit'])) { if (isset($_REQUEST['submit'])) {
@ -71,8 +73,9 @@ function guest_register() {
$msg .= error(_("Please enter your e-mail."), true); $msg .= error(_("Please enter your e-mail."), true);
} }
if (isset($_REQUEST['email_shiftinfo'])) if (isset($_REQUEST['email_shiftinfo'])) {
$email_shiftinfo = true; $email_shiftinfo = true;
}
if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
$jabber = strip_request_item('jabber'); $jabber = strip_request_item('jabber');
@ -83,9 +86,9 @@ function guest_register() {
} }
if ($enable_tshirt_size) { if ($enable_tshirt_size) {
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') {
$tshirt_size = $_REQUEST['tshirt_size']; $tshirt_size = $_REQUEST['tshirt_size'];
else { } else {
$ok = false; $ok = false;
$msg .= error(_("Please select your shirt size."), true); $msg .= error(_("Please select your shirt size."), true);
} }
@ -108,28 +111,38 @@ function guest_register() {
$msg .= error(_("Please enter your planned date of arrival."), true); $msg .= error(_("Please enter your planned date of arrival."), true);
} }
$selected_angel_types = array(); $selected_angel_types = [];
foreach (array_keys($angel_types) as $angel_type_id) foreach (array_keys($angel_types) as $angel_type_id) {
if (isset($_REQUEST['angel_types_' . $angel_type_id])) if (isset($_REQUEST['angel_types_' . $angel_type_id])) {
$selected_angel_types[] = $angel_type_id; $selected_angel_types[] = $angel_type_id;
}
// Trivia }
if (isset($_REQUEST['lastname']))
// Trivia
if (isset($_REQUEST['lastname'])) {
$lastname = strip_request_item('lastname'); $lastname = strip_request_item('lastname');
if (isset($_REQUEST['prename'])) }
if (isset($_REQUEST['prename'])) {
$prename = strip_request_item('prename'); $prename = strip_request_item('prename');
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) }
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) {
$age = strip_request_item('age'); $age = strip_request_item('age');
if (isset($_REQUEST['tel'])) }
if (isset($_REQUEST['tel'])) {
$tel = strip_request_item('tel'); $tel = strip_request_item('tel');
if (isset($_REQUEST['dect'])) }
if (isset($_REQUEST['dect'])) {
$dect = strip_request_item('dect'); $dect = strip_request_item('dect');
if (isset($_REQUEST['mobile'])) }
if (isset($_REQUEST['mobile'])) {
$mobile = strip_request_item('mobile'); $mobile = strip_request_item('mobile');
if (isset($_REQUEST['hometown'])) }
if (isset($_REQUEST['hometown'])) {
$hometown = strip_request_item('hometown'); $hometown = strip_request_item('hometown');
if (isset($_REQUEST['comment'])) }
if (isset($_REQUEST['comment'])) {
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
}
if ($ok) { if ($ok) {
sql_query(" sql_query("
@ -160,7 +173,7 @@ function guest_register() {
set_password($user_id, $_REQUEST['password']); set_password($user_id, $_REQUEST['password']);
// Assign angel-types // Assign angel-types
$user_angel_types_info = array(); $user_angel_types_info = [];
foreach ($selected_angel_types as $selected_angel_type_id) { foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'"); sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'");
$user_angel_types_info[] = $angel_types[$selected_angel_type_id]; $user_angel_types_info[] = $angel_types[$selected_angel_type_id];
@ -183,77 +196,77 @@ function guest_register() {
} }
} }
return page_with_title(register_title(), array( return page_with_title(register_title(), [
_("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task sheduler."), _("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task sheduler."),
$msg, $msg,
msg(), msg(),
form(array( form([
div('row', array( div('row', [
div('col-md-6', array( div('col-md-6', [
div('row', array( div('row', [
div('col-sm-4', array( div('col-sm-4', [
form_text('nick', _("Nick") . ' ' . entry_required(), $nick) form_text('nick', _("Nick") . ' ' . entry_required(), $nick)
)), ]),
div('col-sm-8', array( div('col-sm-8', [
form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail),
form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo) form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo)
)) ])
)), ]),
div('row', array( div('row', [
div('col-sm-6', array( div('col-sm-6', [
form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()) form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time())
)), ]),
div('col-sm-6', array( div('col-sm-6', [
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '' $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : ''
)) ])
)), ]),
div('row', array( div('row', [
div('col-sm-6', array( div('col-sm-6', [
form_password('password', _("Password") . ' ' . entry_required()) form_password('password', _("Password") . ' ' . entry_required())
)), ]),
div('col-sm-6', array( div('col-sm-6', [
form_password('password2', _("Confirm password") . ' ' . entry_required()) form_password('password2', _("Confirm password") . ' ' . entry_required())
)) ])
)), ]),
form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types), form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types),
form_info("", _("Restricted angel types need will be confirmed later by an archangel. You can change your selection in the options section.")) form_info("", _("Restricted angel types need will be confirmed later by an archangel. You can change your selection in the options section."))
)), ]),
div('col-md-6', array( div('col-md-6', [
div('row', array( div('row', [
div('col-sm-4', array( div('col-sm-4', [
form_text('dect', _("DECT"), $dect) form_text('dect', _("DECT"), $dect)
)), ]),
div('col-sm-4', array( div('col-sm-4', [
form_text('mobile', _("Mobile"), $mobile) form_text('mobile', _("Mobile"), $mobile)
)), ]),
div('col-sm-4', array( div('col-sm-4', [
form_text('tel', _("Phone"), $tel) form_text('tel', _("Phone"), $tel)
)) ])
)), ]),
form_text('jabber', _("Jabber"), $jabber), form_text('jabber', _("Jabber"), $jabber),
div('row', array( div('row', [
div('col-sm-6', array( div('col-sm-6', [
form_text('prename', _("First name"), $prename) form_text('prename', _("First name"), $prename)
)), ]),
div('col-sm-6', array( div('col-sm-6', [
form_text('lastname', _("Last name"), $lastname) form_text('lastname', _("Last name"), $lastname)
)) ])
)), ]),
div('row', array( div('row', [
div('col-sm-3', array( div('col-sm-3', [
form_text('age', _("Age"), $age) form_text('age', _("Age"), $age)
)), ]),
div('col-sm-9', array( div('col-sm-9', [
form_text('hometown', _("Hometown"), $hometown) form_text('hometown', _("Hometown"), $hometown)
)) ])
)), ]),
form_info(entry_required() . ' = ' . _("Entry required!")) form_info(entry_required() . ' = ' . _("Entry required!"))
)) ])
)), ]),
// form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment), // form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment),
form_submit('submit', _("Register")) form_submit('submit', _("Register"))
)) ])
)); ]);
} }
function entry_required() { function entry_required() {

@ -19,8 +19,9 @@ function user_ical() {
engelsystem_error("Key invalid."); engelsystem_error("Key invalid.");
} }
if (! in_array('ical', privileges_for_user($user['UID']))) if (! in_array('ical', privileges_for_user($user['UID']))) {
engelsystem_error("No privilege for ical."); engelsystem_error("No privilege for ical.");
}
$ical_shifts = load_ical_shifts(); $ical_shifts = load_ical_shifts();

@ -9,8 +9,9 @@ function user_unread_messages() {
if (isset($user)) { if (isset($user)) {
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'"); $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
if ($new_messages > 0) if ($new_messages > 0) {
return ' <span class="badge danger">' . $new_messages . '</span>'; return ' <span class="badge danger">' . $new_messages . '</span>';
}
} }
return ''; return '';
} }
@ -21,12 +22,13 @@ function user_messages() {
if (! isset($_REQUEST['action'])) { if (! isset($_REQUEST['action'])) {
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`"); $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
$to_select_data = array( $to_select_data = [
"" => _("Select recipient...") "" => _("Select recipient...")
); ];
foreach ($users as $u) foreach ($users as $u) {
$to_select_data[$u['UID']] = $u['Nick']; $to_select_data[$u['UID']] = $u['Nick'];
}
$to_select = html_select_key('to', 'to', $to_select_data, ''); $to_select = html_select_key('to', 'to', $to_select_data, '');
@ -45,70 +47,78 @@ function user_messages() {
foreach ($messages as $message) { foreach ($messages as $message) {
$sender_user_source = User($message['SUID']); $sender_user_source = User($message['SUID']);
if ($sender_user_source === false) if ($sender_user_source === false) {
engelsystem_error(_("Unable to load user.")); engelsystem_error(_("Unable to load user."));
}
$receiver_user_source = User($message['RUID']); $receiver_user_source = User($message['RUID']);
if ($receiver_user_source === false) if ($receiver_user_source === false) {
engelsystem_error(_("Unable to load user.")); engelsystem_error(_("Unable to load user."));
}
$messages_table_entry = array( $messages_table_entry = [
'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '', 'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',
'timestamp' => date("Y-m-d H:i", $message['Datum']), 'timestamp' => date("Y-m-d H:i", $message['Datum']),
'from' => User_Nick_render($sender_user_source), 'from' => User_Nick_render($sender_user_source),
'to' => User_Nick_render($receiver_user_source), 'to' => User_Nick_render($receiver_user_source),
'text' => str_replace("\n", '<br />', $message['Text']) 'text' => str_replace("\n", '<br />', $message['Text'])
); ];
if ($message['RUID'] == $user['UID']) { if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N') if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs'); $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs');
} else }
} else {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs'); $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs');
}
$messages_table[] = $messages_table_entry; $messages_table[] = $messages_table_entry;
} }
return page_with_title(messages_title(), array( return page_with_title(messages_title(), [
msg(), msg(),
sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)), sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)),
form(array( form([
table(array( table([
'new' => _("New"), 'new' => _("New"),
'timestamp' => _("Date"), 'timestamp' => _("Date"),
'from' => _("Transmitted"), 'from' => _("Transmitted"),
'to' => _("Recipient"), 'to' => _("Recipient"),
'text' => _("Message"), 'text' => _("Message"),
'actions' => '' 'actions' => ''
), $messages_table) ], $messages_table)
), page_link_to('user_messages') . '&action=send') ], page_link_to('user_messages') . '&action=send')
)); ]);
} else { } else {
switch ($_REQUEST['action']) { switch ($_REQUEST['action']) {
case "read": case "read":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error(_("Incomplete call, missing Message ID."), true); return error(_("Incomplete call, missing Message ID."), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else } else {
return error(_("No Message found."), true); return error(_("No Message found."), true);
}
break; break;
case "delete": case "delete":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error(_("Incomplete call, missing Message ID."), true); return error(_("Incomplete call, missing Message ID."), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else } else {
return error(_("No Message found."), true); return error(_("No Message found."), true);
}
break; break;
case "send": case "send":

@ -23,10 +23,10 @@ function user_myshifts() {
success(_("Key changed.")); success(_("Key changed."));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
} }
return page_with_title(_("Reset API key"), array( return page_with_title(_("Reset API key"), [
error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true), error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true),
button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
)); ]);
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit']; $id = $_REQUEST['edit'];
$shift = sql_select("SELECT $shift = sql_select("SELECT
@ -65,14 +65,15 @@ function user_myshifts() {
$user_source = User($shift['UID']); $user_source = User($shift['UID']);
if ($ok) { if ($ok) {
$result = ShiftEntry_update(array( $result = ShiftEntry_update([
'id' => $id, 'id' => $id,
'Comment' => $comment, 'Comment' => $comment,
'freeloaded' => $freeloaded, 'freeloaded' => $freeloaded,
'freeload_comment' => $freeload_comment 'freeload_comment' => $freeload_comment
)); ]);
if ($result === false) if ($result === false) {
engelsystem_error('Unable to update shift entry.'); engelsystem_error('Unable to update shift entry.');
}
engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO")); engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
success(_("Shift saved.")); success(_("Shift saved."));
@ -94,18 +95,21 @@ function user_myshifts() {
$shift = $shift[0]; $shift = $shift[0];
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) { if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
$result = ShiftEntry_delete($id); $result = ShiftEntry_delete($id);
if ($result === false) if ($result === false) {
engelsystem_error('Unable to delete shift entry.'); engelsystem_error('Unable to delete shift entry.');
}
$room = Room($shift['RID']); $room = Room($shift['RID']);
$angeltype = AngelType($shift['TID']); $angeltype = AngelType($shift['TID']);
$shifttype = ShiftType($shift['shifttype_id']); $shifttype = ShiftType($shift['shifttype_id']);
engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']); engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
success(_("Shift canceled.")); success(_("Shift canceled."));
} else } else {
error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.")); error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
} else }
} else {
redirect(user_link($shifts_user)); redirect(user_link($shifts_user));
}
} }
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);

@ -1,4 +1,5 @@
<?php <?php
function user_news_comments_title() { function user_news_comments_title() {
return _("News comments"); return _("News comments");
} }
@ -13,57 +14,62 @@ function meetings_title() {
function user_meetings() { function user_meetings() {
global $DISPLAY_NEWS; global $DISPLAY_NEWS;
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg(); $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
$page = $_REQUEST['page']; $page = $_REQUEST['page'];
else } else {
$page = 0; $page = 0;
}
$news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
foreach ($news as $entry) foreach ($news as $entry) {
$html .= display_news($entry); $html .= display_news($entry);
}
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
$html .= '<div class="text-center">' . '<ul class="pagination">'; $html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i ++) { for ($i = 0; $i < $dis_rows; $i ++) {
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
$html .= '<li class="active">'; $html .= '<li class="active">';
elseif (! isset($_REQUEST['page']) && $i == 0) } elseif (! isset($_REQUEST['page']) && $i == 0) {
$html .= '<li class="active">'; $html .= '<li class="active">';
else } else {
$html .= '<li>'; $html .= '<li>';
}
$html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; $html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
} }
$html .= '</ul></div></div>'; $html .= '</ul></div></div>';
return $html; return $html;
} }
function display_news($news) { function display_news($news) {
global $privileges, $p; global $privileges, $p;
$html = ''; $html = '';
$html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">'; $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">';
$html .= '<div class="panel-heading">'; $html .= '<div class="panel-heading">';
$html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>'; $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
$html .= '</div>'; $html .= '</div>';
$html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>'; $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';
$html .= '<div class="panel-footer text-muted">'; $html .= '<div class="panel-footer text-muted">';
if (in_array("admin_news", $privileges)) if (in_array("admin_news", $privileges)) {
$html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>'; $html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>';
}
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;'; $html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';
$user_source = User($news['UID']); $user_source = User($news['UID']);
if ($user_source === false) if ($user_source === false) {
engelsystem_error(_("Unable to load user.")); engelsystem_error(_("Unable to load user."));
}
$html .= User_Nick_render($user_source); $html .= User_Nick_render($user_source);
if ($p != "news_comments") if ($p != "news_comments") {
$html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' &raquo;</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>'; $html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' &raquo;</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>';
}
$html .= '</div>'; $html .= '</div>';
$html .= '</div>'; $html .= '</div>';
return $html; return $html;
@ -71,7 +77,7 @@ function display_news($news) {
function user_news_comments() { function user_news_comments() {
global $user; global $user;
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>'; $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) { if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
$nid = $_REQUEST["nid"]; $nid = $_REQUEST["nid"];
@ -82,15 +88,16 @@ function user_news_comments() {
engelsystem_log("Created news_comment: " . $text); engelsystem_log("Created news_comment: " . $text);
$html .= success(_("Entry saved."), true); $html .= success(_("Entry saved."), true);
} }
$html .= display_news($news); $html .= display_news($news);
$comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
foreach ($comments as $comment) { foreach ($comments as $comment) {
$user_source = User($comment['UID']); $user_source = User($comment['UID']);
if ($user_source === false) if ($user_source === false) {
engelsystem_error(_("Unable to load user.")); engelsystem_error(_("Unable to load user."));
}
$html .= '<div class="panel panel-default">'; $html .= '<div class="panel panel-default">';
$html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>'; $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';
$html .= '<div class="panel-footer text-muted">'; $html .= '<div class="panel-footer text-muted">';
@ -99,66 +106,69 @@ function user_news_comments() {
$html .= '</div>'; $html .= '</div>';
$html .= '</div>'; $html .= '</div>';
} }
$html .= '<hr /><h2>' . _("New Comment:") . '</h2>'; $html .= '<hr /><h2>' . _("New Comment:") . '</h2>';
$html .= form(array( $html .= form([
form_textarea('text', _("Message"), ''), form_textarea('text', _("Message"), ''),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
), page_link_to('news_comments') . '&nid=' . $news['ID']); ], page_link_to('news_comments') . '&nid=' . $news['ID']);
} else { } else {
$html .= _("Invalid request."); $html .= _("Invalid request.");
} }
return $html . '</div>'; return $html . '</div>';
} }
function user_news() { function user_news() {
global $DISPLAY_NEWS, $privileges, $user; global $DISPLAY_NEWS, $privileges, $user;
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg(); $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) { if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) {
if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) {
$_POST["treffen"] = 0; $_POST["treffen"] = 0;
}
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');"); sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');");
engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]); engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
success(_("Entry saved.")); success(_("Entry saved."));
redirect(page_link_to('news')); redirect(page_link_to('news'));
} }
if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
$page = $_REQUEST['page']; $page = $_REQUEST['page'];
else } else {
$page = 0; $page = 0;
}
$news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); $news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
foreach ($news as $entry) foreach ($news as $entry) {
$html .= display_news($entry); $html .= display_news($entry);
}
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
$html .= '<div class="text-center">' . '<ul class="pagination">'; $html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i ++) { for ($i = 0; $i < $dis_rows; $i ++) {
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
$html .= '<li class="active">'; $html .= '<li class="active">';
elseif (! isset($_REQUEST['page']) && $i == 0) } elseif (! isset($_REQUEST['page']) && $i == 0) {
$html .= '<li class="active">'; $html .= '<li class="active">';
else } else {
$html .= '<li>'; $html .= '<li>';
}
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
} }
$html .= '</ul></div>'; $html .= '</ul></div>';
if (in_array("admin_news", $privileges)) { if (in_array("admin_news", $privileges)) {
$html .= '<hr />'; $html .= '<hr />';
$html .= '<h2>' . _("Create news:") . '</h2>'; $html .= '<h2>' . _("Create news:") . '</h2>';
$html .= form(array( $html .= form([
form_text('betreff', _("Subject"), ''), form_text('betreff', _("Subject"), ''),
form_textarea('text', _("Message"), ''), form_textarea('text', _("Message"), ''),
form_checkbox('treffen', _("Meeting"), false, 1), form_checkbox('treffen', _("Meeting"), false, 1),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
)); ]);
} }
return $html . '</div>'; return $html . '</div>';
} }

@ -1,4 +1,5 @@
<?php <?php
function questions_title() { function questions_title() {
return _("Ask an archangel"); return _("Ask an archangel");
} }
@ -12,8 +13,9 @@ function user_questions() {
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
foreach ($answered_questions as &$question) { foreach ($answered_questions as &$question) {
$answer_user_source = User($question['AID']); $answer_user_source = User($question['AID']);
if ($answer_user_source === false) if ($answer_user_source === false) {
engelsystem_error(_("Unable to load user.")); engelsystem_error(_("Unable to load user."));
}
$question['answer_user'] = User_Nick_render($answer_user_source); $question['answer_user'] = User_Nick_render($answer_user_source);
} }
@ -24,29 +26,33 @@ function user_questions() {
$question = strip_request_item_nl('question'); $question = strip_request_item_nl('question');
if ($question != "") { if ($question != "") {
$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'"); $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
if ($result === false) if ($result === false) {
engelsystem_error(_("Unable to save question.")); engelsystem_error(_("Unable to save question."));
}
success(_("You question was saved.")); success(_("You question was saved."));
redirect(page_link_to("user_questions")); redirect(page_link_to("user_questions"));
} else } else {
return page_with_title(questions_title(), array( return page_with_title(questions_title(), [
error(_("Please enter a question!"), true) error(_("Please enter a question!"), true)
)); ]);
}
break; break;
case 'delete': case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
else } else {
return error(_("Incomplete call, missing Question ID."), true); return error(_("Incomplete call, missing Question ID."), true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_questions")); redirect(page_link_to("user_questions"));
} else } else {
return page_with_title(questions_title(), array( return page_with_title(questions_title(), [
error(_("No question found."), true) error(_("No question found."), true)
)); ]);
}
break; break;
} }
} }

@ -50,9 +50,9 @@ function user_settings() {
} }
} }
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
$tshirt_size = $_REQUEST['tshirt_size']; $tshirt_size = $_REQUEST['tshirt_size'];
elseif ($enable_tshirt_size) { } elseif ($enable_tshirt_size) {
$ok = false; $ok = false;
} }
@ -70,24 +70,32 @@ function user_settings() {
$ok = false; $ok = false;
$msg .= error(_("Please enter your planned date of departure."), true); $msg .= error(_("Please enter your planned date of departure."), true);
} }
} else } else {
$planned_departure_date = null; $planned_departure_date = null;
}
// Trivia
if (isset($_REQUEST['lastname'])) // Trivia
if (isset($_REQUEST['lastname'])) {
$lastname = strip_request_item('lastname'); $lastname = strip_request_item('lastname');
if (isset($_REQUEST['prename'])) }
if (isset($_REQUEST['prename'])) {
$prename = strip_request_item('prename'); $prename = strip_request_item('prename');
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) }
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) {
$age = strip_request_item('age'); $age = strip_request_item('age');
if (isset($_REQUEST['tel'])) }
if (isset($_REQUEST['tel'])) {
$tel = strip_request_item('tel'); $tel = strip_request_item('tel');
if (isset($_REQUEST['dect'])) }
if (isset($_REQUEST['dect'])) {
$dect = strip_request_item('dect'); $dect = strip_request_item('dect');
if (isset($_REQUEST['mobile'])) }
if (isset($_REQUEST['mobile'])) {
$mobile = strip_request_item('mobile'); $mobile = strip_request_item('mobile');
if (isset($_REQUEST['hometown'])) }
if (isset($_REQUEST['hometown'])) {
$hometown = strip_request_item('hometown'); $hometown = strip_request_item('hometown');
}
if ($ok) { if ($ok) {
sql_query(" sql_query("
@ -114,24 +122,26 @@ function user_settings() {
} elseif (isset($_REQUEST['submit_password'])) { } elseif (isset($_REQUEST['submit_password'])) {
$ok = true; $ok = true;
if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) {
$msg .= error(_("-> not OK. Please try again."), true); $msg .= error(_("-> not OK. Please try again."), true);
elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) } elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) {
$msg .= error(_("Your password is to short (please use at least 6 characters)."), true); $msg .= error(_("Your password is to short (please use at least 6 characters)."), true);
elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) } elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
$msg .= error(_("Your passwords don't match."), true); $msg .= error(_("Your passwords don't match."), true);
elseif (set_password($user['UID'], $_REQUEST['new_password'])) } elseif (set_password($user['UID'], $_REQUEST['new_password'])) {
success(_("Password saved.")); success(_("Password saved."));
else } else {
error(_("Failed setting password.")); error(_("Failed setting password."));
}
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} elseif (isset($_REQUEST['submit_theme'])) { } elseif (isset($_REQUEST['submit_theme'])) {
$ok = true; $ok = true;
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
$selected_theme = $_REQUEST['theme']; $selected_theme = $_REQUEST['theme'];
else } else {
$ok = false; $ok = false;
}
if ($ok) { if ($ok) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'"); sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
@ -142,10 +152,11 @@ function user_settings() {
} elseif (isset($_REQUEST['submit_language'])) { } elseif (isset($_REQUEST['submit_language'])) {
$ok = true; $ok = true;
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
$selected_language = $_REQUEST['language']; $selected_language = $_REQUEST['language'];
else } else {
$ok = false; $ok = false;
}
if ($ok) { if ($ok) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'"); sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
@ -156,12 +167,12 @@ function user_settings() {
} }
} }
return page_with_title(settings_title(), array( return page_with_title(settings_title(), [
$msg, $msg,
msg(), msg(),
div('row', array( div('row', [
div('col-md-6', array( div('col-md-6', [
form(array( form([
form_info('', _("Here you can change your user details.")), form_info('', _("Here you can change your user details.")),
form_info(entry_required() . ' = ' . _("Entry required!")), form_info(entry_required() . ' = ' . _("Entry required!")),
form_text('nick', _("Nick"), $nick, true), form_text('nick', _("Nick"), $nick, true),
@ -180,28 +191,28 @@ function user_settings() {
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '', $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '',
form_info('', _('Please visit the angeltypes page to manage your angeltypes.')), form_info('', _('Please visit the angeltypes page to manage your angeltypes.')),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
)) ])
)), ]),
div('col-md-6', array( div('col-md-6', [
form(array( form([
form_info(_("Here you can change your password.")), form_info(_("Here you can change your password.")),
form_password('password', _("Old password:")), form_password('password', _("Old password:")),
form_password('new_password', _("New password:")), form_password('new_password', _("New password:")),
form_password('new_password2', _("Password confirmation:")), form_password('new_password2', _("Password confirmation:")),
form_submit('submit_password', _("Save")) form_submit('submit_password', _("Save"))
)), ]),
form(array( form([
form_info(_("Here you can choose your color settings:")), form_info(_("Here you can choose your color settings:")),
form_select('theme', _("Color settings:"), $themes, $selected_theme), form_select('theme', _("Color settings:"), $themes, $selected_theme),
form_submit('submit_theme', _("Save")) form_submit('submit_theme', _("Save"))
)), ]),
form(array( form([
form_info(_("Here you can choose your language:")), form_info(_("Here you can choose your language:")),
form_select('language', _("Language:"), $locales, $selected_language), form_select('language', _("Language:"), $locales, $selected_language),
form_submit('submit_language', _("Save")) form_submit('submit_language', _("Save"))
)) ])
)) ])
)) ])
)); ]);
} }
?> ?>

File diff suppressed because it is too large Load Diff
Loading…
Cancel
Save