$forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1");
$count = $forced_count;
$limit = "";
$limit = "";
$set_active = "";
$set_active = "";
if (isset($_REQUEST['search']))
if (isset($_REQUEST['search']))
@ -16,9 +17,13 @@ function admin_active() {
if (isset($_REQUEST['set_active'])) {
if (isset($_REQUEST['set_active'])) {
$ok = true;
$ok = true;
if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count']))
if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) {
$count = strip_request_item('count');
$count = strip_request_item('count');
else {
if ($count < $forced_count) {
error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count));
redirect(page_link_to('admin_active'));
}
} else {
$ok = false;
$ok = false;
$msg .= error(_("Please enter a number of angels to be marked as active."), true);
$msg .= error(_("Please enter a number of angels to be marked as active."), true);
}
}
@ -27,7 +32,7 @@ function admin_active() {
$limit = " LIMIT " . $count;
$limit = " LIMIT " . $count;
if (isset($_REQUEST['ack'])) {
if (isset($_REQUEST['ack'])) {
sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 AND `User`.`force_active`=0 GROUP BY `User`.`UID` ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
$user_nicks = array();
$user_nicks = array();
foreach ($users as $usr) {
foreach ($users as $usr) {
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
@ -80,7 +85,7 @@ function admin_active() {
$msg = error(_("Angel not found."), true);
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
global $user, $privileges, $tshirt_sizes, $privileges;
global $user, $privileges, $tshirt_sizes, $privileges;
$html = "";
$html = "";
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
$id = $_REQUEST['id'];
$id = $_REQUEST['id'];
if (!isset ($_REQUEST['action'])) {
if (! isset($_REQUEST['action'])) {
$html .= "Hallo,<br/>" .
$html .= "Hallo,<br/>" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br/><br/>\n";
"hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " .
"wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " .
"dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " .
"Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " .
$selected_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
$selected_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
$accepted_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `confirm_user_id` IS NOT NULL");
$accepted_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `confirm_user_id` IS NOT NULL");
$nonrestricted_angel_types = sql_select_single_col("SELECT `id` FROM `AngelTypes` WHERE `restricted` = 0");
$nonrestricted_angel_types = sql_select_single_col("SELECT `id` FROM `AngelTypes` WHERE `restricted` = 0");
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<formaction=\"".page_link_to("admin_user")."&action=change_pw&id=$id\"method=\"post\">\n";
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<formaction=\"".page_link_to("admin_user")."&action=change_pw&id=$id\"method=\"post\">\n";
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<formaction=\"".page_link_to("admin_user")."&action=save_groups&id=".$id."\"method=\"post\">\n";
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<formaction=\"".page_link_to("admin_user")."&action=save_groups&id=".$id."\"method=\"post\">\n";
$html .= '<table>';
$html .= '<table>';
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1");
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1");
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`");
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`");
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
$groups = array();
$groups = array();
$grouplist = array();
$grouplist = array();
foreach ($groups_source as $group) {
foreach ($groups_source as $group) {
$groups[$group['UID']] = $group;
$groups[$group['UID']] = $group;
$grouplist[] = $group['UID'];
$grouplist[] = $group['UID'];
}
}
if (!is_array($_REQUEST['groups']))
if (!is_array($_REQUEST['groups']))
$_REQUEST['groups'] = array();
$_REQUEST['groups'] = array();
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
$user_groups_info = array();
$user_groups_info = array();
foreach ($_REQUEST['groups'] as $group) {
foreach ($_REQUEST['groups'] as $group) {
@ -233,8 +208,8 @@ function admin_user() {
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
}
}
break;
break;
case 'delete':
case 'delete':
if ($user['UID'] != $id) {
if ($user['UID'] != $id) {
$user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
$user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
@ -246,31 +221,19 @@ function admin_user() {
$html .= error("Du kannst Dich nicht selber löschen!", true);
$html .= error("Du kannst Dich nicht selber löschen!", true);
$html .= success("Änderung wurde gespeichert...\n", true);
$html .= success("Änderung wurde gespeichert...\n", true);
break;
break;
case 'change_pw':
case 'change_pw':
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($id, $_REQUEST['new_pw']);
set_password($id, $_REQUEST['new_pw']);
$user_source = User($id);
$user_source = User($id);
@ -284,19 +247,19 @@ function admin_user() {
}
}
} else {
} else {
// Userliste, keine UID uebergeben...
// Userliste, keine UID uebergeben...
$html .= "<ahref=\"".page_link_to("register")."\">Neuen Engel eintragen »</a><br/><br/>\n";
$html .= "<ahref=\"".page_link_to("register")."\">Neuen Engel eintragen »</a><br/><br/>\n";
if (!isset($_GET["OrderBy"]))
if (!isset($_GET["OrderBy"]))
$_GET["OrderBy"] = "Nick";
$_GET["OrderBy"] = "Nick";
$SQL = "SELECT * FROM `User` ORDER BY `" . sql_escape($_GET["OrderBy"]) . "` ASC";
$SQL = "SELECT * FROM `User` ORDER BY `" . sql_escape($_GET["OrderBy"]) . "` ASC";
$angels = sql_select($SQL);
$angels = sql_select($SQL);
// anzahl zeilen
// anzahl zeilen
$Zeilen = count($angels);
$Zeilen = count($angels);
$html .= "Anzahl Engel: $Zeilen<br/><br/>\n";
$html .= "Anzahl Engel: $Zeilen<br/><br/>\n";
function prepare_angel_table($angel) {
function prepare_angel_table($angel) {
global $privileges;
global $privileges;
$groups = sql_select_single_col("SELECT `Name` FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape($angel["UID"]) . " ORDER BY `Groups`.`Name`");
$groups = sql_select_single_col("SELECT `Name` FROM `UserGroups` JOIN `Groups` ON (`Groups`.`UID` = `UserGroups`.`group_id`) WHERE `UserGroups`.`uid`=" . sql_escape($angel["UID"]) . " ORDER BY `Groups`.`Name`");