mysql to mysqli and a lot of cleanup and mvc

main
Philip Häusler 11 years ago
parent d50cc21f50
commit bfb0cacd54

@ -1286,26 +1286,6 @@ INSERT INTO `UserGroups` (`id`, `uid`, `group_id`) VALUES
(21, 3, -2),
(22, 3, -5);
-- --------------------------------------------------------
--
-- Tabellenstruktur für Tabelle `UserPicture`
--
DROP TABLE IF EXISTS `UserPicture`;
CREATE TABLE IF NOT EXISTS `UserPicture` (
`UID` int(11) NOT NULL DEFAULT '0',
`Bild` longblob NOT NULL,
`ContentType` varchar(20) NOT NULL DEFAULT '',
`show` char(1) NOT NULL DEFAULT 'N',
PRIMARY KEY (`UID`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
--
-- Daten für Tabelle `UserPicture`
--
-- --------------------------------------------------------
--

@ -1,6 +1,6 @@
<?php
require_once (dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'public' . DIRECTORY_SEPARATOR . 'bootstrap.php');
require_once ('includes/sys_mysql.php');
require_once ('includes/mysql_provider.php');
require_once ('config/config.php');
require_once ('config/config_db.php');
sql_connect($config['host'], $config['user'], $config['pw'], $config['db']);

@ -0,0 +1,11 @@
<?php
/**
* Displays a fatal message and stops execution.
* @param string $message
*/
function engelsystem_error($message) {
die($message);
}
?>

@ -0,0 +1,59 @@
<?php
/**
* Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
*/
function msg() {
if (!isset ($_SESSION['msg']))
return "";
$msg = $_SESSION['msg'];
$_SESSION['msg'] = "";
return $msg;
}
/**
* Rendert eine Information
*/
function info($msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "")
return "";
return '<p class="info">' . $msg . '</p>';
} else {
if (!isset ($_SESSION['msg']))
$_SESSION['msg'] = "";
$_SESSION['msg'] .= info($msg, true);
}
}
/**
* Rendert eine Fehlermeldung
*/
function error($msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "")
return "";
return '<p class="error">' . $msg . '</p>';
} else {
if (!isset ($_SESSION['msg']))
$_SESSION['msg'] = "";
$_SESSION['msg'] .= error($msg, true);
}
}
/**
* Rendert eine Erfolgsmeldung
*/
function success($msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "")
return "";
return '<p class="success">' . $msg . '</p>';
} else {
if (!isset ($_SESSION['msg']))
$_SESSION['msg'] = "";
$_SESSION['msg'] .= success($msg, true);
}
}
?>

@ -6,17 +6,14 @@
* @param $message Log Message
*/
function LogEntry_create($nick, $message) {
$timestamp = time();
sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape($timestamp) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
return sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape(time()) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
}
/**
* Returns log entries of the last 24 hours with maximum count of 1000.
*/
function LogEntries() {
$log_entries_source = sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000");
return $log_entries_source;
return sql_select("SELECT * FROM `LogEntries` WHERE `timestamp` > " . (time() - 24*60*60) . " ORDER BY `timestamp` DESC LIMIT 1000");
}

@ -0,0 +1,18 @@
<?php
/**
* Load a string by key.
* @param string $textid
* @param string $sprache
*/
function Sprache($textid, $sprache) {
$sprache_source = sql_select("SELECT * FROM `Sprache` WHERE `TextID`='" . sql_escape($textid) . "' AND `Sprache`='" . sql_escape($sprache) . "' LIMIT 1");
if($sprache_source === false)
return false;
if(count($sprache_source) == 1)
return $sprache_source[0];
return null;
}
?>

@ -1,11 +1,12 @@
<?php
/**
* Returns user by id.
* @param $id UID
*/
function User($id) {
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
if($user_source === false)
return false;
if(count($user_source) > 0)
return $user_source[0];
return null;
@ -31,7 +32,9 @@ function User_by_api_key($api_key) {
*/
function User_reset_api_key(&$user) {
$user['api_key'] = md5($user['Nick'] . time() . rand());
sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
$result = sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
if($result === false)
return false;
engelsystem_log("API key resetted.");
}

@ -0,0 +1,176 @@
<?php
/**
* Close connection.
*/
function sql_close() {
global $sql_connection;
return $sql_connection->close();
}
/**
* Start new transaction.
*/
function sql_transaction_start() {
global $sql_nested_transaction_level;
if($sql_nested_transaction_level++ == 0)
return sql_query("BEGIN");
else
return true;
}
/**
* Commit transaction.
*/
function sql_transaction_commit() {
global $sql_nested_transaction_level;
if(--$sql_nested_transaction_level == 0)
return sql_query("COMMIT");
else
return true;
}
/**
* Stop transaction, revert database.
*/
function sql_transaction_rollback() {
global $sql_nested_transaction_level;
if(--$sql_nested_transaction_level == 0)
return sql_query("ROLLBACK");
else
return true;
}
/**
* Logs an sql error.
* @param string $message
* @return false
*/
function sql_error($message) {
sql_close();
$message = trim($message) . "\n";
$message .= debug_string_backtrace() . "\n";
error_log('mysql_provider error: ' . $message);
return false;
}
/**
* Connect to mysql server.
* @param string $host Host
* @param string $user Username
* @param string $pass Password
* @param string $db DB to select
* @return mysqli The connection handler
*/
function sql_connect($host, $user, $pass, $db) {
global $sql_connection;
$sql_connection = new mysqli($host, $user, $pass, $db);
if ($sql_connection->connect_errno)
return sql_error("Unable to connect to MySQL: " . $sql_connection->connect_error);
$result = $sql_connection->query("SET CHARACTER SET utf8;");
if (! $result)
return sql_error("Unable to set utf8 character set (" . $sql_connection->errno . ") " . $sql_connection->error);
$result = $sql_connection->set_charset('utf8');
if (! $result)
return sql_error("Unable to set utf8 names (" . $sql_connection->errno . ") " . $sql_connection->error);
return $sql_connection;
}
/**
* Change the selected db in current mysql-connection.
* @param $db_name
* @return bool true on success, false on error
*/
function sql_select_db($db_name) {
global $sql_connection;
if (!$sql_connection->select_db($db_name))
return sql_error("No database selected.");
return true;
}
/**
* MySQL SELECT query
* @param string $query
* @return Result array or false on error
*/
function sql_select($query) {
global $sql_connection;
$result = $sql_connection->query($query);
if ($result) {
$data = array();
while ($line = $result->fetch_assoc())
array_push($data, $line);
return $data;
} else
return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
}
/**
* MySQL execute a query
* @param string $query
* @return mysqli_result|boolean Result resource or false on error
*/
function sql_query($query) {
global $sql_connection;
$result = $sql_connection->query($query);
if ($result) {
return $result;
} else
usr_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
}
/**
* Returns last inserted id.
*
* @return int
*/
function sql_id() {
global $sql_connection;
return $sql_connection->insert_id;
}
/**
* Escape a string for a sql query.
*
* @param string $query
* @return string
*/
function sql_escape($query) {
global $sql_connection;
return $sql_connection->real_escape_string($query);
}
/**
* Count query result lines.
*
* @param string $query
* @return int Count of result lines
*/
function sql_num_query($query) {
global $sql_connection;
return sql_query($query)->num_rows;
}
function sql_select_single_col($query) {
$result = sql_select($query);
return array_map('array_shift', $result);
}
function sql_select_single_cell($query) {
return array_shift(array_shift(sql_select($query)));
}
?>

@ -1,6 +1,7 @@
<?php
function admin_language() {
global $user;
global $languages;
$html = "";
if (!isset ($_POST["TextID"])) {
@ -9,29 +10,24 @@ function admin_language() {
$html .= "<a href=\"" . page_link_to("admin_language") . "&ShowEntry=y\">" . Get_Text("pub_sprache_ShowEntry") . "</a>";
// ausgabe Tabellenueberschift
$SQL_Sprachen = "SELECT `Sprache` FROM `Sprache` GROUP BY `Sprache`;";
$erg_Sprachen = sql_query($SQL_Sprachen);
for ($i = 0; $i < mysql_num_rows($erg_Sprachen); $i++)
$Sprachen[mysql_result($erg_Sprachen, $i, "Sprache")] = $i;
$html .= "\t<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n\t\t<tr>";
$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_TextID") . "</b></td>";
foreach ($Sprachen as $Name => $Value)
foreach($languages as $language => $language_name) {
$html .= "<td class=\"contenttopic\"><b>" .
Get_Text("pub_sprache_Sprache") . " " . $Name .
Get_Text("pub_sprache_Sprache") . " " . $language .
"</b></td>";
$Sprachen[$language] = $language_name;
}
$html .= "\t\t<td class=\"contenttopic\"><b>" . Get_Text("pub_sprache_Edit") . "</b></td>";
$html .= "\t\t</tr>";
if (isset ($_GET["ShowEntry"])) {
// ausgabe eintraege
$SQL = "SELECT * FROM `Sprache` ORDER BY `TextID`;";
$erg = sql_query($SQL);
$sprache_source = sql_select("SELECT * FROM `Sprache` ORDER BY `TextID`, `Sprache`");
$TextID_Old = mysql_result($erg, 0, "TextID");
for ($i = 0; $i < mysql_num_rows($erg); $i++) {
$TextID_New = mysql_result($erg, $i, "TextID");
$TextID_Old = $sprache_source[0]['TextID'];
foreach($sprache_source as $sprache_entry) {
$TextID_New = $sprache_entry['TextID'];
if ($TextID_Old != $TextID_New) {
$html .= "<form action=\"" . page_link_to("admin_language") . "\" method=\"post\">";
$html .= "<tr class=\"content\">\n";
@ -49,7 +45,7 @@ function admin_language() {
$html .= "</form>\n";
$TextID_Old = $TextID_New;
}
$Sprachen[mysql_result($erg, $i, "Sprache")] = mysql_result($erg, $i, "Text");
$Sprachen[$sprache_entry['Sprache']] = $sprache_entry['Text'];
} /*FOR*/
}
@ -76,9 +72,8 @@ function admin_language() {
. "' AND `Sprache`='"
. sql_escape($k) . "'";
$erg_test = sql_query($sql_test);
if (mysql_num_rows($erg_test) == 0) {
$erg_test = sql_select("SELECT * FROM `Sprache` WHERE `TextID`='" . sql_escape($_POST["TextID"]) . "' AND `Sprache`='" . sql_escape($k) . "'");
if (count($erg_test) == 0) {
$sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) " .
"VALUES ('" . sql_escape($_POST["TextID"]) . "', '"
. sql_escape($k) . "', '"
@ -88,7 +83,7 @@ function admin_language() {
$Erg = sql_query($sql_save);
$html .= success("$k Save: OK<br />\n", true);
} else
if (mysql_result($erg_test, 0, "Text") != $v) {
if ($erg_test[0]['Text'] != $v) {
$sql_save = "UPDATE `Sprache` SET `Text`='"
. sql_escape($v) . "' " .
"WHERE `TextID`='"

@ -17,6 +17,10 @@ function admin_news() {
if (count($news) > 0) {
list ($news) = $news;
$user_source = User($news['UID']);
if($user_source === false)
engelsystem_error("Unable to load user.");
$html .= '<a href="' . page_link_to("news") . '">&laquo Back</a>';
$html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
@ -29,7 +33,7 @@ function admin_news() {
$html .= " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
$news["Text"] . "</textarea></td></tr>\n";
$html .= " <tr><td>Engel</td><td>" .
UID2Nick($news["UID"]) . "</td></tr>\n";
User_Nick_render($user_source) . "</td></tr>\n";
$html .= " <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array (
'1' => "Ja",
'0' => "Nein"

@ -18,28 +18,42 @@ function admin_questions() {
if (!isset ($_REQUEST['action'])) {
$open_questions = "";
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`=0");
foreach ($questions as $question)
foreach ($questions as $question) {
$user_source = User($question['UID']);
if($user_source === false)
engelsystem_error("Unable to load user.");
$open_questions .= template_render(
'../templates/admin_question_unanswered.html', array (
'question_nick' => UID2Nick($question['UID']),
'question_nick' => User_Nick_render($user_source),
'question_id' => $question['QID'],
'link' => page_link_to("admin_questions"),
'question' => str_replace("\n", '<br />', $question['Question'])
));
}
$answered_questions = "";
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0");
foreach ($questions as $question)
foreach ($questions as $question) {
$user_source = User($question['UID']);
if($user_source === false)
engelsystem_error("Unable to load user.");
$answer_user_source = User($question['AID']);
if($answer_user_source === false)
engelsystem_error("Unable to load user.");
$answered_questions .= template_render(
'../templates/admin_question_answered.html', array (
'question_id' => $question['QID'],
'question_nick' => UID2Nick($question['UID']),
'question_nick' => User_Nick_render($user_source),
'question' => str_replace("\n", "<br />", $question['Question']),
'answer_nick' => UID2Nick($question['AID']),
'answer_nick' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", "<br />", $question['Answer']),
'link' => page_link_to("admin_questions"),
));
}
return template_render('../templates/admin_questions.html', array (
'link' => page_link_to("admin_questions"),

@ -26,38 +26,38 @@ function admin_user() {
$html .= "<table>\n";
$html .= " <tr><td>Nick</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" .
mysql_result($Erg, 0, "Nick") . "\"></td></tr>\n";
$user_source['Nick'] . "\"></td></tr>\n";
$html .= " <tr><td>lastLogIn</td><td>" .
date("Y-m-d H:i", mysql_result($Erg, 0, "lastLogIn")) . "</td></tr>\n";
date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
$html .= " <tr><td>Name</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eName\" value=\"" .
mysql_result($Erg, 0, "Name") . "\"></td></tr>\n";
$user_source['Name'] . "\"></td></tr>\n";
$html .= " <tr><td>Vorname</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" .
mysql_result($Erg, 0, "Vorname") . "\"></td></tr>\n";
$user_source['Vorname'] . "\"></td></tr>\n";
$html .= " <tr><td>Alter</td><td>" .
"<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" .
mysql_result($Erg, 0, "Alter") . "\"></td></tr>\n";
$user_source['Alter'] . "\"></td></tr>\n";
$html .= " <tr><td>Telefon</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" .
mysql_result($Erg, 0, "Telefon") . "\"></td></tr>\n";
$user_source['Telefon'] . "\"></td></tr>\n";
$html .= " <tr><td>Handy</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" .
mysql_result($Erg, 0, "Handy") . "\"></td></tr>\n";
$user_source['Handy'] . "\"></td></tr>\n";
$html .= " <tr><td>DECT</td><td>" .
"<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" .
mysql_result($Erg, 0, "DECT") . "\"></td></tr>\n";
$user_source['DECT'] . "\"></td></tr>\n";
$html .= " <tr><td>email</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" .
mysql_result($Erg, 0, "email") . "\"></td></tr>\n";
$user_source['email'] . "\"></td></tr>\n";
$html .= " <tr><td>ICQ</td><td>" .
"<input type=\"text\" size=\"40\" name=\"eICQ\" value=\"" .
mysql_result($Erg, 0, "ICQ") . "\"></td></tr>\n";
$user_source['ICQ'] . "\"></td></tr>\n";
$html .= " <tr><td>jabber</td><td>" .
"<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" .
mysql_result($Erg, 0, "jabber") . "\"></td></tr>\n";
$user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" .
html_select_key('size', 'eSize', $tshirt_sizes, mysql_result($Erg, 0, "Size")) . "</td></tr>\n";
html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
$options = array (
'1' => "Yes",
@ -66,21 +66,21 @@ function admin_user() {
// Gekommen?
$html .= " <tr><td>Gekommen</td><td>\n";
$html .= html_options('eGekommen', $options, mysql_result($Erg, 0, "Gekommen")) . "</td></tr>\n";
$html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
// Aktiv?
$html .= " <tr><td>Aktiv</td><td>\n";
$html .= html_options('eAktiv', $options, mysql_result($Erg, 0, "Aktiv")) . "</td></tr>\n";
$html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
// T-Shirt bekommen?
$html .= " <tr><td>T-Shirt</td><td>\n";
$html .= html_options('eTshirt', $options, mysql_result($Erg, 0, "Tshirt")) . "</td></tr>\n";
$html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
$html .= " <tr><td>Hometown</td><td>" .
"<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" .
mysql_result($Erg, 0, "Hometown") . "\"></td></tr>\n";
$user_source['Hometown'] . "\"></td></tr>\n";
$html .= "</table>\n</td><td valign=\"top\">" . displayavatar($id, false) . "</td></tr>";
$html .= "</table>\n</td><td valign=\"top\">" . User_Avatar_render($user_source) . "</td></tr>";
$html .= "</td></tr>\n";
$html .= "</table>\n<br />\n";
@ -113,7 +113,7 @@ function admin_user() {
$selected_angel_types = array_unique($selected_angel_types);
// Assign angel-types
sql_start_transaction();
sql_transaction_start();
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
$user_angel_type_info = array();
if (!empty($selected_angel_types)) {
@ -131,7 +131,7 @@ function admin_user() {
if (!empty($accepted_angel_types))
sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = '" . sql_escape($user['UID']) . "' WHERE `user_id` = '" . sql_escape($user_source['UID']) . "' AND `angeltype_id` IN (" . implode(',', $accepted_angel_types) . ")");
}
sql_stop_transaction();
sql_transaction_commit();
engelsystem_log("Set angeltypes of " . User_Nick_render($user_source) . " to: " . join(", ", $user_angel_type_info));
success("Angeltypes saved.");

@ -30,9 +30,22 @@ function user_messages() {
$messages_html = "";
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
foreach ($messages as $message) {
$messages_html .= sprintf('<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td>' .
'<td>%s</td>', ($message['isRead'] == 'N' ? ' class="new_message"' : ''), ($message['isRead'] == 'N' ? '•' : ''), date("Y-m-d H:i", $message['Datum']), UID2Nick($message['SUID']), UID2Nick($message['RUID']), str_replace("\n", '<br />', $message['Text']));
$sender_user_source = User($message['SUID']);
if($sender_user_source === false)
engelsystem_error("Unable to load user.");
$receiver_user_source = User($message['RUID']);
if($receiver_user_source === false)
engelsystem_error("Unable to load user.");
$messages_html .= sprintf(
'<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td><td>%s</td>',
($message['isRead'] == 'N' ? ' class="new_message"' : ''),
($message['isRead'] == 'N' ? '•' : ''),
date("Y-m-d H:i", $message['Datum']),
User_Nick_render($sender_user_source),
User_Nick_render($receiver_user_source),
str_replace("\n", '<br />', $message['Text'])
);
$messages_html .= '<td>';
if ($message['RUID'] == $user['UID']) {

@ -35,7 +35,12 @@ function display_news($news) {
$html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">';
$html .= '<details>';
$html .= date("Y-m-d H:i", $news['Datum']) . ', ';
$html .= UID2Nick($news['UID']);
$user_source = User($news['UID']);
if($user_source === false)
engelsystem_error("Unable to load user.");
$html .= User_Nick_render($user_source);
if ($p != "news_comments")
$html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') &raquo;</a>';
$html .= '</details>';
@ -69,11 +74,15 @@ function user_news_comments() {
$comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
foreach ($comments as $comment) {
$user_source = User($comment['UID']);
if($user_source === false)
engelsystem_error("Unable to load user.");
$html .= '<article class="news_comment">';
$html .= DisplayAvatar($comment['UID']);
$html .= User_Avatar_render($user_source);
$html .= '<details>';
$html .= $comment['Datum'] . ', ';
$html .= UID2Nick($comment['UID']);
$html .= User_Nick_render($user_source);
$html .= '</details>';
$html .= '<p>' . nl2br($comment['Text']) . '</p>';
$html .= '</article>';

@ -12,7 +12,12 @@ function user_questions() {
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID`>0 AND `UID`=" . sql_escape($user['UID']));
foreach ($questions as $question) {
$answered_questions .= '<tr><td>' . str_replace("\n", '<br />', $question['Question']) . '</td>';
$answered_questions .= '<td>' . UID2Nick($question['AID']) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>';
$answer_user_source = User($question['AID']);
if($answer_user_source === false)
engelsystem_error("Unable to load user.");
$answered_questions .= '<td>' . User_Nick_render($answer_user_source) . '</td><td>' . str_replace("\n", '<br />', $question['Answer']) . '</td>';
$answered_questions .= '<td><a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">Löschen</a></td><tr>';
}

@ -42,7 +42,7 @@ function user_wakeup() {
. Get_Text("pub_wake_beschreibung") . "</p>\n\n";
$html .= Get_Text("pub_wake_beschreibung2");
$html .= '
<table border="0" width="100%" class="border" cellpadding="2" cellspacing="1">
<table border="0" width="100%" class="border" cellpadding="2" cellspacing="1">
<tr class="contenttopic">
<th>' . Get_Text("pub_wake_Datum") . '</th>
<th>' . Get_Text("pub_waeckliste_Nick") . '</th>
@ -50,21 +50,22 @@ function user_wakeup() {
<th>' . Get_Text("pub_wake_Bemerkung") . '</th>
<th></th>
</tr>
';
';
$sql = "SELECT * FROM `Wecken` ORDER BY `Date` ASC";
$Erg = sql_query($sql);
$count = mysql_num_rows($Erg);
for ($i = 0; $i < $count; $i++) {
$row = mysql_fetch_row($Erg);
$wecken_source = sql_select("SELECT * FROM `Wecken` ORDER BY `Date` ASC");
foreach($wecken_source as $wecken) {
$html .= '<tr class="content">';
$html .= '<td>' . date("Y-m-d H:i", mysql_result($Erg, $i, "Date")) . ' </td>';
$html .= '<td>' . UID2Nick(mysql_result($Erg, $i, "UID")) . ' </td>';
$html .= '<td>' . mysql_result($Erg, $i, "Ort") . ' </td>';
$html .= '<td>' . mysql_result($Erg, $i, "Bemerkung") . ' </td>';
if (mysql_result($Erg, $i, "UID") == $user['UID'])
$html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . mysql_result($Erg, $i, "ID") . "\">" . Get_Text("pub_wake_del") . '</a></td>';
$html .= '<td>' . date("Y-m-d H:i", $wecken['Date']) . ' </td>';
$user_source = User($wecken['UID']);
if($user_source === false)
engelsystem_error("Unable to load user.");
$html .= '<td>' . User_Nick_render($user_source) . ' </td>';
$html .= '<td>' . $wecken['Ort'] . ' </td>';
$html .= '<td>' . $wecken['Bemerkung'] . ' </td>';
if ($wecken['UID'] == $user['UID'])
$html .= '<td><a href="' . page_link_to("user_wakeup") . '&action=delete&id=' . $wecken['ID'] . "\">" . Get_Text("pub_wake_del") . '</a></td>';
else
$html .= '<td></td>';
$html .= '</tr>';

@ -31,8 +31,7 @@ function generate_salt($length = 16) {
// set the password of a user
function set_password($uid, $password) {
$res = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1");
return $res && (mysql_affected_rows() > 0);
return sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1");
}
// verify a password given a precomputed salt.
@ -72,8 +71,6 @@ function json_auth_service() {
if (count($Erg) == 1) {
$Erg = $Erg[0];
if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) {
$UID = mysql_result($Erg, 0, "UID");
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";");
foreach ($user_privs as $user_priv)
$privileges[] = $user_priv['name'];

@ -1,38 +0,0 @@
<?php
/**
* Liste verfügbarer Sprachen
*/
$languages = array (
'DE' => "Deutsch",
'EN' => "English"
);
function Get_Text($TextID, $NoError = false) {
global $con, $error_messages, $debug;
if (!isset ($_SESSION['Sprache']))
$_SESSION['Sprache'] = "EN";
if ($_SESSION['Sprache'] == "")
$_SESSION['Sprache'] = "EN";
if (isset ($_GET["SetLanguage"]))
$_SESSION['Sprache'] = $_GET["SetLanguage"];
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='" . $_SESSION['Sprache'] . "'";
@ $Erg = mysql_query($SQL, $con);
if (mysql_num_rows($Erg) == 1)
return mysql_result($Erg, 0, "Text");
elseif ($NoError && !$debug)
return "";
elseif ($debug)
return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x";
else
return $TextID;
}
function Print_Text($TextID, $NoError = false) {
echo Get_Text($TextID, $NoError);
}
?>

@ -1,84 +0,0 @@
<?php
function sql_connect($host, $user, $pw, $db) {
global $con;
global $host;
@ $con = mysql_connect($host, $user, $pw);
if ($con == null)
die("no mysql-connection");
if (!mysql_select_db($db, $con))
die("mysql db-selection failed");
mysql_query("SET CHARACTER SET utf8;", $con);
mysql_query("SET NAMES 'utf8'", $con);
}
// Do select query
function sql_select($query) {
global $con;
$start = microtime(true);
if ($result = mysql_query($query, $con)) {
$data = array ();
while ($line = mysql_fetch_assoc($result)) {
array_push($data, $line);
}
return $data;
} else {
print_r(debug_backtrace());
die('MySQL-query error: ' . $query . ", " . mysql_error($con));
}
}
function sql_select_single_col($query) {
$result = sql_select($query);
return array_map('array_shift', $result);
}
function sql_select_single_cell($query) {
return array_shift(array_shift(sql_select($query)));
}
// Execute a query
function sql_query($query) {
global $con;
$start = microtime(true);
if ($result = mysql_query($query, $con)) {
return $result;
} else {
die('MySQL-query error: ' . $query . ", " . mysql_error($con));
}
}
function sql_id() {
global $con;
return mysql_insert_id($con);
}
function sql_escape($query) {
return mysql_real_escape_string($query);
}
function sql_num_query($query) {
return mysql_num_rows(sql_query($query));
}
function sql_error() {
global $con;
return mysql_error($con);
}
$sql_transaction_counter = 0;
function sql_start_transaction() {
global $sql_transaction_counter;
if ($sql_transaction_counter++ == 0)
sql_query("START TRANSACTION");
}
function sql_stop_transaction() {
global $sql_transaction_counter;
if ($sql_transaction_counter-- == 1)
sql_query("COMMIT");
}
?>

@ -46,59 +46,4 @@ function check_email($email) {
return (bool) preg_match("#^([a-zA-Z0-9_+\-])+(\.([a-zA-Z0-9_+\-])+)*@((\[(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5]))\]))|((([\p{L}0-9])+(([\-])+([\p{L}0-9])+)*\.)+([\p{L}])+(([\-])+([\p{L}0-9])+)*))$#u", $email);
}
/**
* Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
*/
function msg() {
if (!isset ($_SESSION['msg']))
return "";
$msg = $_SESSION['msg'];
$_SESSION['msg'] = "";
return $msg;
}
/**
* Rendert eine Information
*/
function info($msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "")
return "";
return '<p class="info">' . $msg . '</p>';
} else {
if (!isset ($_SESSION['msg']))
$_SESSION['msg'] = "";
$_SESSION['msg'] .= info($msg, true);
}
}
/**
* Rendert eine Fehlermeldung
*/
function error($msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "")
return "";
return '<p class="error">' . $msg . '</p>';
} else {
if (!isset ($_SESSION['msg']))
$_SESSION['msg'] = "";
$_SESSION['msg'] .= error($msg, true);
}
}
/**
* Rendert eine Erfolgsmeldung
*/
function success($msg, $immediatly = false) {
if ($immediatly) {
if ($msg == "")
return "";
return '<p class="success">' . $msg . '</p>';
} else {
if (!isset ($_SESSION['msg']))
$_SESSION['msg'] = "";
$_SESSION['msg'] .= success($msg, true);
}
}
?>

@ -1,454 +0,0 @@
<?php
/**
* Shiftlänge ausrechnen, kommt im Format 12:23h zurück
*/
function shift_length($shift) {
$length = round(($shift['end'] - $shift['start']) / (60 * 60), 0) . ":";
$length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h";
return $length;
}
function load_shift_basics() {
global $VeranstaltungsTageMax, $Room, $RoomID, $EngelType, $EngelTypeID, $TID2Name, $Veranstaltungstage;
// erstellt ein Array der Räume
$rooms = sql_select("SELECT `RID`, `Name` FROM `Room` WHERE `Show`='Y' ORDER BY `Number`, `Name`");
foreach ($rooms as $i => $r) {
$Room[$i] = array (
'RID' => $r['RID'],
'Name' => $r['Name']
);
$RoomID[$r['RID']] = $r['Name'];
}
// erstellt ein Array der Engeltypen
$engel_types = sql_select("SELECT * FROM `EngelType` ORDER BY `name`");
foreach ($engel_types as $engel_type) {
$EngelType[$i] = array (
'id' => $engel_type['id'],
'name' => $engel_type['name'] . Get_Text("inc_schicht_engel")
);
$EngelTypeID[$engel_type['id']] = $engel_type['name'] . Get_Text("inc_schicht_engel");
$TID2Name[$engel_type['id']] = $engel_type['name'];
}
// Erste Schicht suchen
$Pos = 0;
$first_shift = sql_select("SELECT `DateS` FROM `Shifts` ORDER BY `DateS` LIMIT 1");
if (count($first_shift) > 0) {
do {
// Startdatum einlesen und link ausgeben
$DateS = substr($first_shift[0]['DateS'], 0, 10);
$VeranstaltungsTage[$Pos++] = $DateS;
// auslesen den endes und eventuelle weitere tage ausgeben
$last_shift = sql_select("SELECT MAX(`DateE`) FROM `Shifts` WHERE ( (`DateS` like '" . sql_escape($DateS) . "%') AND NOT (`DateE` like '%00:00:00'))");
$DateE = substr($last_shift[0]['DateE'], 0, 10);
if (strlen($DateE) == 0)
$DateE = $DateS;
else
while ($DateS != $DateE) {
$DateS = DatumUm1TagErhoehen($DateS);
$VeranstaltungsTage[$Pos++] = $DateS;
}
// suchen den nächsten eintrag
$first_shift = sql_select("SELECT `DateS` FROM `Shifts` " . "WHERE (`DateS` > '" . sql_escape($DateE) . " 23:59:59' ) " . "ORDER BY `DateS` " . "LIMIT 1");
} while (count($first_shift) > 0);
}
$VeranstaltungsTageMax = $Pos -1;
}
/*#######################################################
# gibt die engelschischten aus #
#######################################################*/
function ausgabe_Feld_Inhalt($SID, $Man) {
// gibt, nach <20>bergabe der der SchichtID (SID) und der RaumBeschreibung,
// die eingetragenden und und offenden Schichteint<6E>ge zur<75>ck
global $EngelType, $EngelTypeID, $TID2Name, $con, $debug, $gmdateOffset;
$Spalten = "";
if (!isset ($_GET["Icon"]))
$_GET["Icon"] = 1;
///////////////////////////////////////////////////////////////////
// Schow Admin Page
///////////////////////////////////////////////////////////////////
$Spalten .= funktion_isLinkAllowed_addLink_OrEmpty("admin/schichtplan.php?action=change&SID=$SID", "edit<br />\n");
///////////////////////////////////////////////////////////////////
// Ausgabe des Schichtnamens
///////////////////////////////////////////////////////////////////
$SQL = "SELECT `URL` FROM `Shifts` WHERE (`SID` = '$SID');";
$Erg = mysql_query($SQL, $con);
if (mysql_result($Erg, 0, 0) != "")
$Spalten .= "<a href=\"" . mysql_result($Erg, 0, 0) . "\" target=\"_black\"><u>$Man:</u></a><br />";
else
$Spalten .= "<u>" .
$Man . ":</u><br />";
///////////////////////////////////////////////////////////////////
// SQL abfrage f<>r die ben<65>tigten schichten
///////////////////////////////////////////////////////////////////
$SQL = "SELECT * FROM `ShiftEntry` WHERE (`SID` = '" . sql_escape($SID) . "') ORDER BY `TID`, `UID` DESC ;";
$Erg = mysql_query($SQL, $con);
$Anzahl = mysql_num_rows($Erg);
$Feld = 0;
$Temp_TID_old = -1;
for ($i = 0; $i < $Anzahl; $i++) {
if (isset ($Temp[$Feld]["TID"]))
$Temp_TID_old = $Temp[$Feld]["TID"];
if (isset ($Temp[$Feld]["UID"]))
$Temp_UID_old = $Temp[$Feld]["UID"];
$Temp_TID = mysql_result($Erg, $i, "TID");
// wenn sich der Type <20>ndert wird zumn<6D>sten feld geweckselt
if ($Temp_TID_old != $Temp_TID)
$Feld++;
$Temp[$Feld]["TID"] = $Temp_TID;
$Temp[$Feld]["UID"] = mysql_result($Erg, $i, "UID");
// sonderfall ersten durchlauf
if ($i == 0) {
$Temp_TID_old = $Temp[$Feld]["TID"];
$Temp_UID_old = $Temp[$Feld]["UID"];
}
// ist es eine zu vergeben schicht?
if ($Temp[$Feld]["UID"] == 0) {
if (isset ($Temp[$Feld]["free"]))
$Temp[$Feld]["free"]++;
else
$Temp[$Feld]["free"] = 1;
} else
$Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"];
} // FOR
///////////////////////////////////////////////////////////////////
// Aus gabe der Schicht
///////////////////////////////////////////////////////////////////
if (isset ($Temp))
if (count($Temp))
foreach ($Temp as $TempEntry => $TempValue) {
if (!isset ($TempValue["free"]))
$TempValue["free"] = 0;
// ausgabe EngelType
$Spalten .= $EngelTypeID[$TempValue["TID"]] . " ";
// ausgabe Eingetragener Engel
if (isset ($TempValue["Engel"]))
if (count($TempValue["Engel"]) > 0) {
if (count($TempValue["Engel"]) == 1)
$Spalten .= Get_Text("inc_schicht_ist") . ":<br />\n";
else
$Spalten .= Get_Text("inc_schicht_sind") . ":<br />\n";
foreach ($TempValue["Engel"] as $TempEngelEntry => $TempEngelID) {
if (funktion_isLinkAllowed("admin/user.php") === TRUE) {
// add color, wenn Engel "Gekommen"
$TempText = ((UIDgekommen($TempEngelID) == "1") ? "<span style=\"color: blue;\">" : "<span style=\"color: red;\">") .
UID2Nick($TempEngelID) . "</span>";
} else {
$TempText = UID2Nick($TempEngelID);
}
// add link to user
$TempText = funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal", $TempText);
$Spalten .= "&nbsp;&nbsp;" . $TempText .
(($_GET["Icon"] == 1) ? DisplayAvatar($TempEngelID) : "") .
"<br />\n";
}
$Spalten = substr($Spalten, 0, strlen($Spalten) - 7);
}
// ausgabe ben<65>tigter Engel
////////////////////////////
//in vergangenheit
$SQLtime = "SELECT `DateE` FROM `Shifts` WHERE (`SID`='" . sql_escape($SID) . "' AND `DateE` >= '" .
gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "')";
$Ergtime = mysql_query($SQLtime, $con);
if (mysql_num_rows($Ergtime) > 0) {
//wenn keien rechte definiert sind
if (!isset ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]]))
$_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] = "Y";
if ($_SESSION['CVS'][$TID2Name[$TempValue["TID"]]] == "Y")
if ($TempValue["free"] > 0) {
$Spalten .= "<br />\n&nbsp;&nbsp;<a href=\"./schichtplan_add.php?SID=$SID&TID=" .
$TempValue["TID"] . "\">";
$Spalten .= $TempValue["free"];
if ($TempValue["free"] != 1)
$Spalten .= Get_Text("inc_schicht_weitere") .
" " . Get_Text("inc_schicht_Engel") .
Get_Text("inc_schicht_wird");
else
$Spalten .= Get_Text("inc_schicht_weiterer") .
" " . Get_Text("inc_schicht_Engel") .
Get_Text("inc_schicht_werden");
$Spalten .= Get_Text("inc_schicht_noch_gesucht");
$Spalten .= "</a>";
}
} else {
if (isset ($TempValue["free"]))
if ($TempValue["free"] > 0)
$Spalten .= "<br />\n&nbsp;&nbsp;<h3><a>Fehlen noch: " .
$TempValue["free"] . "</a></h3>";
}
$Spalten .= "<br />\n";
} // FOREACH
return $Spalten;
} // function Ausgabe_Feld_Inhalt
/*#######################################################
# gibt die engelschischten Druckergerecht aus #
#######################################################*/
function Ausgabe_Feld_Inhalt_Druck($RID, $Man) {
// gibt, nach <20>bergabe der der SchichtID (SID) und der RaumBeschreibung,
// die eingetragenden und und offenden Schichteint<6E>ge zur<75>ck
} // function Ausgabe_Feld_Inhalt
/*#######################################################
# Ausgabe der Raum Spalten #
#######################################################*/
function CreateRoomShifts($raum) {
global $Spalten, $ausdatum, $con, $debug, $GlobalZeileProStunde, $error_messages;
/////////////////////////////////////////////////////////////
// beginnt die erste schicht vor dem heutigen tag und geht dar<61>ber hinaus
/////////////////////////////////////////////////////////////
$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " .
"WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` > '$ausdatum 23:59:59') AND " .
"(`DateS` < '" . sql_escape($ausdatum) . " 00:00:00') ) ORDER BY `DateS`;";
$ErgSonder = mysql_query($SQLSonder, $con);
if ((mysql_num_rows($ErgSonder) > 1)) {
if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) {
echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> ";
for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) {
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" .
mysql_result($ErgSonder, $i, "SID") . "\">" .
mysql_result($ErgSonder, $i, "DateS") .
" '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-24)" .
"</a><br />\n";
}
}
}
elseif ((mysql_num_rows($ErgSonder) == 1)) {
$Spalten[0] .= "<td valign=\"top\" rowspan=\"" . (24 * $GlobalZeileProStunde) . "\">\n" .
"<h3>&uarr;&uarr;&uarr;</h3>" .
Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) .
"<h3>&darr;&darr;&darr;</h3>" .
"\n</td>\n";
return;
}
$ZeitZeiger = 0;
/////////////////////////////////////////////////////////////
// beginnt die erste schicht vor dem heutigen tag?
/////////////////////////////////////////////////////////////
$SQLSonder = "SELECT `SID`, `DateS`, `DateE` , `Len`, `Man` FROM `Shifts` " .
"WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` > '" . sql_escape($ausdatum) . " 00:00:00') AND " .
"(`DateS` < '" . sql_escape($ausdatum) . " 00:00:00') ) ORDER BY `DateS`;";
$ErgSonder = mysql_query($SQLSonder, $con);
if ((mysql_num_rows($ErgSonder) > 1)) {
if (funktion_isLinkAllowed("admin/schichtplan.php") === TRUE) {
echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> ";
for ($i = 0; $i < mysql_num_rows($ErgSonder); $i++) {
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" .
mysql_result($ErgSonder, $i, "SID") . "\">" .
mysql_result($ErgSonder, $i, "DateS") .
" '" . mysql_result($ErgSonder, $i, "Man") . "' (RID $raum) (00-xx)" .
"</a><br />\n";
}
}
}
elseif ((mysql_num_rows($ErgSonder) == 1)) {
$ZeitZeiger = substr(mysql_result($ErgSonder, 0, "DateE"), 11, 2) + (substr(mysql_result($ErgSonder, 0, "DateE"), 14, 2) / 60);
$Spalten[0] .= "<td valign=\"top\" rowspan=\"" . ($ZeitZeiger * $GlobalZeileProStunde) . "\">\n" .
"<h3>&uarr;&uarr;&uarr;</h3>" .
Ausgabe_Feld_Inhalt(mysql_result($ErgSonder, 0, "SID"), mysql_result($ErgSonder, 0, "Man")) .
"\n</td>\n";
}
/////////////////////////////////////////////////////////////
// gibt die schichten f<>r den tag aus
/////////////////////////////////////////////////////////////
$SQL = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " .
"WHERE ((`RID` = '" . sql_escape($raum) . "') and " .
"(`DateS` >= '" . sql_escape($ausdatum) . ' ' . sql_escape($ZeitZeiger) . ":00:00') and " .
"(`DateS` like '" . sql_escape($ausdatum) . "%')) ORDER BY `DateS`;";
$Erg = mysql_query($SQL, $con);
for ($i = 0; $i < mysql_num_rows($Erg); ++ $i) {
$ZeitPos = substr(mysql_result($Erg, $i, "DateS"), 11, 2) + (substr(mysql_result($Erg, $i, "DateS"), 14, 2) / 60);
$len = mysql_result($Erg, $i, "Len");
if ($len <= 0)
array_push($error_messages, "Error in shift denition SID=" . mysql_result($Erg, $i, "SID") . " Len=$len");
if ($ZeitZeiger < $ZeitPos) {
$Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "<td valign=\"top\" rowspan=\"" . (($ZeitPos - $ZeitZeiger) * $GlobalZeileProStunde) . "\">&nbsp;</td>\n";
$ZeitZeiger += $ZeitPos - $ZeitZeiger;
}
if ($ZeitZeiger == $ZeitPos) {
//sonderfall wenn die schicht <20>ber dei 24 stunden hinaus geht
// (eintrag abk<62>rzen, pfeiel ausgeben)
$Spalten[$ZeitZeiger * $GlobalZeileProStunde] .= "<td valign=\"top\" rowspan=\"" .
((($len + $ZeitZeiger) ? $len : 24 - $len + $ZeitZeiger) * $GlobalZeileProStunde) .
"\">\n" .
"" .
Ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) .
((($ZeitZeiger + $len) > 24) ? "<h3>&darr;&darr;&darr;</h3>" : "") .
"\n</td>\n";
$ZeitZeiger += $len;
} else {
echo "<h1>" . Get_Text("pub_schichtplan_colision") . "</h1> ";
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=" .
mysql_result($Erg, $i, "SID") . "\">" .
mysql_result($Erg, $i, "DateS") .
" '" . mysql_result($Erg, $i, "Man") . "' " .
" (" . mysql_result($Erg, $i, "SID") . " R$raum) (xx-xx)</a><br /><br />";
}
}
if ($ZeitZeiger < 24)
$Spalten[($ZeitZeiger * $GlobalZeileProStunde)] .= "<td valign=\"top\" rowspan=\"" .
((24 - $ZeitZeiger) * $GlobalZeileProStunde) .
"\">&nbsp;</td>\n";
} // function CreateRoomShifts
/*#######################################################
# Ausgabe der freien schichten #
#######################################################*/
function showEmptyShifts() {
global $con, $debug, $RoomID, $gmdateOffset;
echo "<table border=\"1\">\n";
echo "<tr>\n";
echo "<th>" . Get_Text("inc_schicht_date") . "</th>\n";
echo "<th>" . Get_Text("inc_schicht_time") . "</th>\n";
echo "<th>" . Get_Text("inc_schicht_room") . "</th>\n";
echo "<th>" . Get_Text("inc_schicht_commend") . "</th>\n";
echo "</tr>\n";
$sql = "SELECT `SID`, `DateS`, `Man`, `RID` FROM `Shifts` " .
"WHERE (`Shifts`.`DateS`>='" . gmdate("Y-m-d H:i:s", time() + $gmdateOffset) . "') " .
"ORDER BY `DateS`, `RID`;";
$Erg = mysql_query($sql, $con);
$angezeigt = 0;
for ($i = 0;($i < mysql_num_rows($Erg)) && ($angezeigt < 15); $i++)
if (isset ($RoomID[mysql_result($Erg, $i, "RID")]))
if ($RoomID[mysql_result($Erg, $i, "RID")] != "") {
$Sql2 = "SELECT `UID` FROM `ShiftEntry` " .
"WHERE `SID`=" . mysql_result($Erg, $i, "SID") . " AND " .
"`UID`='0';";
$Erg2 = mysql_query($Sql2, $con);
if (mysql_num_rows($Erg2) > 0) {
$angezeigt++;
echo "<tr>\n";
echo "<td>" . substr(mysql_result($Erg, $i, "DateS"), 0, 10) . "</td>\n";
echo "<td>" . substr(mysql_result($Erg, $i, "DateS"), 11) . "</td>\n";
echo "<td>" . $RoomID[mysql_result($Erg, $i, "RID")] . "</td>\n";
echo "<td>" .
ausgabe_Feld_Inhalt(mysql_result($Erg, $i, "SID"), mysql_result($Erg, $i, "Man")) .
"</td>\n";
echo "</tr>\n";
}
}
echo "</table>\n";
} //function showEmptyShifts
/*#######################################################
# Gibt die anzahl der Schichten im Raum zur<75>ck #
#######################################################*/
function SummRoomShifts($raum) {
global $ausdatum, $con, $debug, $GlobalZeileProStunde;
$SQLSonder = "SELECT `SID`, `DateS`, `Len`, `Man` FROM `Shifts` " .
"WHERE ((`RID` = '" . sql_escape($raum) . "') AND (`DateE` >= '$ausdatum 00:00:00') AND " .
"(`DateS` <= '$ausdatum 23:59:59') ) ORDER BY `DateS`;";
$ErgSonder = mysql_query($SQLSonder, $con);
return mysql_num_rows($ErgSonder);
}
function DatumUm1TagErhoehen($Datum) {
$Jahr = substr($Datum, 0, 4);
$Monat = substr($Datum, 5, 2);
$Tag = substr($Datum, 8, 2);
$Tag++;
switch ($Monat) {
case 1 :
$Mmax = 31;
break;
case 2 :
$Mmax = 28;
break;
case 3 :
$Mmax = 31;
break;
case 4 :
$Mmax = 30;
break;
case 5 :
$Mmax = 31;
break;
case 6 :
$Mmax = 30;
break;
case 7 :
$Mmax = 31;
break;
case 8 :
$Mmax = 31;
break;
case 9 :
$Mmax = 30;
break;
case 10 :
$Mmax = 31;
break;
case 11 :
$Mmax = 30;
break;
case 12 :
$Mmax = 31;
break;
}
if ($Tag > $Mmax) {
$Tag = 1;
$Monat++;
}
if ($Monat > 12) {
$Monat = 1;
$Jahr++;
}
$Tag = strlen($Tag) == 1 ? "0" . $Tag : $Tag;
$Monat = strlen($Monat) == 1 ? "0" . $Monat : $Monat;
return ("$Jahr-$Monat-$Tag");
}
?>

@ -238,4 +238,30 @@ function img_button($link, $icon, $text, $extra_text = '') {
$translation = empty($text)? '' : Get_Text($text);
return '<a href="' . htmlspecialchars($link) . '"><img src="pic/icons/' . htmlspecialchars($icon) . '.png" alt="' . $translation . '" ' . (empty($translation)? '' : 'title="' . $translation . '"') . '>' . (empty($extra_text)? '' : ' ' . $extra_text) . '</a>';
}
function ReplaceSmilies($neueckig) {
$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
return $neueckig;
}
?>

@ -1,133 +0,0 @@
<?php
function User_Nick_render($user_source) {
global $user, $privileges;
if($user['UID'] == $user_source['UID'] || in_array('user_shifts_admin', $privileges))
return '<a href="' . page_link_to('user_myshifts') . '&amp;id=' . $user_source['UID'] . '">' . htmlspecialchars($user_source['Nick']) . '</a>';
else
return htmlspecialchars($user_source['Nick']);
}
/**
* Available T-Shirt sizes
*/
$tshirt_sizes = array (
'' => "Please select...",
'S' => "S",
'M' => "M",
'L' => "L",
'XL' => "XL",
'2XL' => "2XL",
'3XL' => "3XL",
'4XL' => "4XL",
'5XL' => "5XL",
'S-G' => "S Girl",
'M-G' => "M Girl",
'L-G' => "L Girl",
'XL-G' => "XL Girl"
);
function UID2Nick($UID) {
if ($UID > 0)
$SQL = "SELECT Nick FROM `User` WHERE UID='" . sql_escape($UID) . "'";
else
$SQL = "SELECT Name FROM `Groups` WHERE UID='" . sql_escape($UID) . "'";
$Erg = sql_select($SQL);
if (count($Erg) > 0) {
if ($UID > 0)
return $Erg[0]['Nick'];
else
return "Group-" . $Erg[0]['Name'];
} else {
if ($UID == -1)
return "Guest";
else
return "UserID $UID not found";
}
}
function TID2Type($TID) {
global $con;
$SQL = "SELECT Name FROM `EngelType` WHERE TID='" . sql_escape($TID) . "'";
$Erg = mysql_query($SQL, $con);
if (mysql_num_rows($Erg))
return mysql_result($Erg, 0);
else
return "";
}
function ReplaceSmilies($neueckig) {
$neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
$neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
$neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
$neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
$neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
$neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
$neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
$neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
$neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
$neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
return $neueckig;
}
function GetPictureShow($UID) {
global $con;
$SQL = "SELECT `show` FROM `UserPicture` WHERE `UID`='" . sql_escape($UID) . "'";
$res = mysql_query($SQL, $con);
if (mysql_num_rows($res) == 1)
return mysql_result($res, 0, 0);
else
return "";
}
function displayPicture($UID, $height = "30") {
global $url, $ENGEL_ROOT;
if ($height > 0)
return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
else
return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
}
function displayavatar($UID, $height = "30") {
global $con, $url, $ENGEL_ROOT;
if (GetPictureShow($UID) == 'Y')
return "&nbsp;" . displayPicture($UID, $height);
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($UID) . " LIMIT 1");
if (count($user) > 0)
if ($user[0]['Avatar'] > 0)
return '<div class="avatar">' . ("&nbsp;<img src=\"pic/avatar/avatar" . $user[0]['Avatar'] . ".gif\">") . '</div>';
}
function UIDgekommen($UID) {
global $con;
$SQL = "SELECT `Gekommen` FROM `User` WHERE UID='" . sql_escape($UID) . "'";
$Erg = mysql_query($SQL, $con);
if (mysql_num_rows($Erg))
return mysql_result($Erg, 0);
else
return "0";
}
?>

@ -0,0 +1,11 @@
<?php
/**
* Calc shift length in format 12:23h.
* @param Shift $shift
*/
function shift_length($shift) {
$length = round(($shift['end'] - $shift['start']) / (60 * 60), 0) . ":";
$length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h";
return $length;
}
?>

@ -0,0 +1,36 @@
<?php
/**
* Names of available languages.
*/
$languages = array (
'DE' => "Deutsch",
'EN' => "English"
);
/**
* Display acutual translation of given text id.
* @param string $TextID
* @param bool $NoError
* @return string
*/
function Get_Text($TextID, $NoError = false) {
global $debug;
if (!isset ($_SESSION['Sprache']))
$_SESSION['Sprache'] = "EN";
if ($_SESSION['Sprache'] == "")
$_SESSION['Sprache'] = "EN";
if (isset ($_GET["SetLanguage"]))
$_SESSION['Sprache'] = $_GET["SetLanguage"];
$sprache_source = Sprache($TextID, $_SESSION['Sprache']);
if($sprache_source === false)
engelsystem_error("Unable to load text key.");
if($sprache_source == null) {
if($NoError && !$debug)
return "";
return $TextID;
}
return $sprache_source['Text'];
}
?>

@ -0,0 +1,45 @@
<?php
/**
* Available T-Shirt sizes
*/
$tshirt_sizes = array (
'' => "Please select...",
'S' => "S",
'M' => "M",
'L' => "L",
'XL' => "XL",
'2XL' => "2XL",
'3XL' => "3XL",
'4XL' => "4XL",
'5XL' => "5XL",
'S-G' => "S Girl",
'M-G' => "M Girl",
'L-G' => "L Girl",
'XL-G' => "XL Girl"
);
/**
* Render a users avatar.
* @param User $user
* @return string
*/
function User_Avatar_render($user) {
return '<div class="avatar">&nbsp;<img src="pic/avatar/avatar' . $user['Avatar'] . '.gif"></div>';
}
/**
* Render a user nickname.
* @param User $user_source
* @return string
*/
function User_Nick_render($user_source) {
global $user, $privileges;
if($user['UID'] == $user_source['UID'] || in_array('user_shifts_admin', $privileges))
return '<a href="' . page_link_to('user_myshifts') . '&amp;id=' . $user_source['UID'] . '">' . htmlspecialchars($user_source['Nick']) . '</a>';
else
return htmlspecialchars($user_source['Nick']);
}
?>

@ -1,19 +1,26 @@
<?php
require_once ('bootstrap.php');
require_once ('includes/mysql_provider.php');
require_once ('includes/sys_auth.php');
require_once ('includes/sys_counter.php');
require_once ('includes/sys_lang.php');
require_once ('includes/sys_log.php');
require_once ('includes/sys_menu.php');
require_once ('includes/sys_mysql.php');
require_once ('includes/sys_page.php');
require_once ('includes/sys_shift.php');
require_once ('includes/sys_template.php');
require_once ('includes/sys_user.php');
require_once ('includes/model/LogEntries_model.php');
require_once ('includes/model/Sprache_model.php');
require_once ('includes/model/User_model.php');
require_once ('includes/view/Shifts_view.php');
require_once ('includes/view/Sprache_view.php');
require_once ('includes/view/User_view.php');
require_once ('includes/helper/message_helper.php');
require_once ('includes/helper/error_helper.php');
require_once ('config/config.php');
require_once ('config/config_db.php');

@ -1,51 +0,0 @@
<?php
include "../includes/config.php";
include "../includes/config_IAX.php";
include "../includes/config_db.php";
include "../includes/error_handler.php";
include "../includes/funktion_modem.php";
include "../includes/funktion_cron.php";
// ausfuerungs Ruetmuss (in s)
$StartTimeBeforEvent = (60 / 4) * 60;
$AnrufDelay = -5;
$DebugDECT = false;
// Timeout erhoehen
set_time_limit(50000);
// SQL zusammensetzen
$SQL = "SELECT Shifts.DateS, Shifts.RID, ShiftEntry.UID, ShiftEntry.TID ".
"FROM `Shifts` INNER JOIN `ShiftEntry` ON `Shifts`.`SID` = `ShiftEntry`.`SID` ";
if($DebugDECT)
$SQL .= "WHERE (Shifts.DateS>'2007-07-09 09:45:00' AND ".
"Shifts.DateS<='2007-07-09 11:00:00');";
else
$SQL .= "WHERE ((`Shifts`.`DateS`>'". gmdate("Y-m-d H:i:s", time()+120+$gmdateOffset). "') AND ".
"(`Shifts`.`DateS`<='". gmdate("Y-m-d H:i:s", time()+120+$gmdateOffset+$StartTimeBeforEvent). "') );";
$Erg = mysql_query($SQL, $con);
echo mysql_error($con);
$Z = 0;
for($i = 0; $i < mysql_num_rows($Erg); $i++) {
if(mysql_result($Erg, $i, "UID") > 0) {
$DECTnumber = UID2DECT(mysql_result($Erg, $i, "UID"));
if($DECTnumber != "") {
echo "dial $DECTnumber\n";
DialNumberIAX( $DECTnumber, mysql_result($Erg, $i, "DateS"), mysql_result($Erg, $i, "RID"), mysql_result($Erg, $i, "TID"));
DialNumberModem( $DECTnumber, mysql_result($Erg, $i, "DateS"));
if($Z++ > 10) {
$Z = 0;
sleep(30);
}
}
}
}
return 0;
?>

@ -1,19 +0,0 @@
<?php
include "../includes/db.php";
include "../includes/config.php";
include "../includes/funktion_modem.php";
$SQL = "SELECT DECT FROM `User`;";
$Erg = mysql_query($SQL, $con);
echo mysql_error($con);
for($i=0; $i < mysql_num_rows($Erg); $i++) {
$Number = "#10" . mysql_result($Erg, $i, "DECT");
if(strlen($Number) == 7)
DialNumber($Number);
}
return 0;
?>

@ -1,75 +0,0 @@
<?php
require_once "../includes/config_jabber.php";
require_once "../includes/funktion_jabber.php";
include "../includes/config_MessegeServer.php";
// Set time limit to indefinite execution
set_time_limit(0);
if(DEBUG)
echo "DEBUG mode is enable\n\tjabber is disable\n\n";
if(!DEBUG) {
echo "INIT jabber\n";
$jabber = new Jabber($server, $port, $username, $password, $resource);
if(!($jabber->Connect() && $jabber->SendAuth()))
die("Couldn't connect to Jabber Server.");
}
echo "INIT socked\n";
// Create a UDP socket
$sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP) or die('Could not create socked (' . socket_strerror(socket_last_error()) . ')');
// Bind the socket to an address/port
socket_bind($sock, SERVER_ADDRESS, SERVER_PORT) or die('Could not bind to address (' . socket_strerror(socket_last_error()) . ')');
// Setzt Nonbock Mode
socket_set_nonblock($sock);
$RUNNING = true;
while($RUNNING) {
if(@socket_recvfrom($sock, $data, 65535, 0, $ip, $port)) {
// daten empfangen
$data = substr($data, 0, strlen($data)-1); //ENTER entfernen
echo "\n". gmdate("Y-m-d H:i:s", time()). "\tresive from $ip:$port ". strlen($data). " byte data ($data)\n";
PackedAnalyser( $data);
}
usleep(100000); // 100ms delay keeps the doctor away
} // end while
// disconnect jabber
if(!DEBUG)
$jabber->Disconnect();
// Close the master sockets
socket_close($sock);
function PackedAnalyser($data) {
global $jabber, $RUNNING;
// init array
$matches = array();
//#message
if(preg_match("/^#(message) ([^ ]+) (.+)/i", $data, $matches)) {
if($matches[2]=="" || $matches[3]=="")
echo "\t\t\t\t#messaage parameter fail\n";
else {
// Whisper
if(!DEBUG)
$jabber->SendMessage($value, "normal", NULL, array("body" => $message, "subject" => "Error in Pentabarf"), NULL);
else
echo "\t\t\t\tmessage to:\"". $matches[2]. "\" Text: \"". $matches[3]. "\"\n";
}
} elseif(preg_match("/^#quit/i", $data, $matches)) {
if(DEBUG) {
echo "\t\t\t\tSystem Shutdown\n\n";
$RUNNING = false;
}
} else
echo "\t\t\t\tcommand not found\n\n";
}
?>
Loading…
Cancel
Save