kontakt
/
engelsystem
3
0
Fork 0
Code Issues 12 Pull Requests Projects Releases Wiki Activity

Formatting

Browse Source
main
Bot 8 years ago committed by Igor Scheller
parent 7313e15ce8
commit d71e7bbfad
89 changed files with 5395 additions and 4286 deletions
Show Stats Download Patch File Download Diff File

35
includes/controller/angeltypes_controller.php
Unescape Escape View File

@ -167,7 +167,16 @@ function angeltype_controller()
return [
sprintf(_("Team %s"), $angeltype['name']),
AngelType_view($angeltype, $members, $user_angeltype, in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'], in_array('admin_angel_types', $privileges), $user_angeltype['supporter'], $user_driver_license, $user)
AngelType_view(
$angeltype,
$members,
$user_angeltype,
in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'],
in_array('admin_angel_types', $privileges),
$user_angeltype['supporter'],
$user_driver_license,
$user
)
];
}
@ -190,15 +199,31 @@ function angeltypes_list_controller()
];
if (in_array('admin_angel_types', $privileges)) {
$actions[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), "btn-xs");
$actions[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), "btn-xs");
$actions[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
_("edit"),
"btn-xs"
);
$actions[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
_("delete"),
"btn-xs"
);
}
$angeltype['membership'] = AngelType_render_membership($angeltype);
if ($angeltype['user_angeltype_id'] != null) {
$actions[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), "btn-xs");
$actions[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
_("leave"),
"btn-xs"
);
} else {
$actions[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), "btn-xs");
$actions[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
_("join"),
"btn-xs"
);
}
$angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : '';

24
includes/controller/event_config_controller.php
Unescape Escape View File

@ -84,13 +84,24 @@ function event_config_edit_controller()
}
if ($valid) {
$result = EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg);
$result = EventConfig_update(
$event_name,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date,
$event_welcome_msg
);
if ($result === false) {
engelsystem_error("Unable to update event config.");
}
engelsystem_log("Changed event config: $event_name, $event_welcome_msg, " . date("Y-m-d", $buildup_start_date) . ", " . date("Y-m-d", $event_start_date) . ", " . date("Y-m-d", $event_end_date) . ", " . date("Y-m-d", $teardown_end_date));
engelsystem_log(
"Changed event config: $event_name, $event_welcome_msg, "
. date("Y-m-d", $buildup_start_date) . ", " . date("Y-m-d", $event_start_date) . ", "
. date("Y-m-d", $event_end_date) . ", " . date("Y-m-d", $teardown_end_date)
);
success(_("Settings saved."));
redirect(page_link_to('admin_event_config'));
}
@ -98,6 +109,13 @@ function event_config_edit_controller()
return [
event_config_title(),
EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date)
EventConfig_edit_view(
$event_name,
$event_welcome_msg,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date
)
];
}

11
includes/controller/rooms_controller.php
Unescape Escape View File

@ -1,7 +1,6 @@
<?php
use Engelsystem\ShiftsFilterRenderer;
use Engelsystem\ShiftsFilter;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilterRenderer;
/**
* Room controllers for managing everything room related.
@ -28,9 +27,11 @@ function room_controller()
}
}
$shiftsFilter = new ShiftsFilter(true, [
$room['RID']
], AngelType_ids());
$shiftsFilter = new ShiftsFilter(
true,
[$room['RID']],
AngelType_ids()
);
$selected_day = date("Y-m-d");
if (!empty($days)) {
$selected_day = $days[0];

87
includes/controller/shift_entries_controller.php
Unescape Escape View File

@ -35,7 +35,18 @@ function shift_entry_add_controller()
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
$type = AngelType($type_id);
} else {
$type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL))");
$type = sql_select("
SELECT * FROM `UserAngelTypes`
JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`)
WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "'
AND (
`AngelTypes`.`restricted` = 0
OR (
`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "'
AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL
)
)
");
$type = $type[0];
}
@ -43,7 +54,14 @@ function shift_entry_add_controller()
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges))) {
if (
isset($_REQUEST['user_id'])
&& preg_match("/^[0-9]*$/", $_REQUEST['user_id'])
&& (
in_array('user_shifts_admin', $privileges)
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)
)
) {
$user_id = $_REQUEST['user_id'];
} else {
$user_id = $user['UID'];
@ -52,7 +70,15 @@ function shift_entry_add_controller()
$needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type);
$shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']);
$shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type, null, null, $needed_angeltype, $shift_entries);
$shift_signup_allowed = Shift_signup_allowed(
User($user_id),
$shift,
$type,
null,
null,
$needed_angeltype,
$shift_entries
);
if (!$shift_signup_allowed->isSignupAllowed()) {
error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running."));
redirect(shift_link($shift));
@ -60,12 +86,18 @@ function shift_entry_add_controller()
if (isset($_REQUEST['submit'])) {
$selected_type_id = $type_id;
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter',
$privileges)
) {
if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) {
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) {
if (
isset($_REQUEST['angeltype_id'])
&& test_request_int('angeltype_id')
&& sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0
) {
$selected_type_id = $_REQUEST['angeltype_id'];
}
}
@ -94,18 +126,31 @@ function shift_entry_add_controller()
engelsystem_error('Unable to create shift entry.');
}
if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "'") == 0) {
if (
$type['restricted'] == 0
&& sql_num_query("
SELECT * FROM `UserAngelTypes`
INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id`
WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "'
AND `user_id` = '" . sql_escape($user_id) . "'
") == 0
) {
sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')");
}
$user_source = User($user_id);
engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i",
$shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
success(_("You are subscribed. Thank you!") . ' <a href="' . page_link_to('user_myshifts') . '">' . _("My shifts") . ' &raquo;</a>');
redirect(shift_link($shift));
}
if (in_array('user_shifts_admin', $privileges)) {
$users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`");
$users = sql_select("
SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded`
FROM `User`
ORDER BY `Nick`
");
$users_select = [];
foreach ($users as $usr) {
$users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")");
@ -141,7 +186,9 @@ function shift_entry_add_controller()
$angeltype_select = $type['name'];
}
return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' &ndash; ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "", false, null, in_array('user_shifts_admin', $privileges));
return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' &ndash; ' . date('Y-m-d H:i',
$shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "",
false, null, in_array('user_shifts_admin', $privileges));
}
/**
@ -157,7 +204,15 @@ function shift_entry_delete_controller()
$entry_id = $_REQUEST['entry_id'];
$shift_entry_source = sql_select("
SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type`, `AngelTypes`.`id` as `angeltype_id`
SELECT
`User`.`Nick`,
`ShiftEntry`.`Comment`,
`ShiftEntry`.`UID`,
`ShiftTypes`.`name`,
`Shifts`.*,
`Room`.`Name`,
`AngelTypes`.`name` AS `angel_type`,
`AngelTypes`.`id` AS `angeltype_id`
FROM `ShiftEntry`
JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`)
JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
@ -168,7 +223,9 @@ function shift_entry_delete_controller()
if (count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0];
if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) {
if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter',
$privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))
) {
redirect(page_link_to('user_shifts'));
}
@ -177,7 +234,13 @@ function shift_entry_delete_controller()
engelsystem_error('Unable to delete shift entry.');
}
engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("Y-m-d H:i", $shift_entry_source['start']) . " to " . date("Y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
engelsystem_log(
"Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name']
. " at " . $shift_entry_source['Name']
. " from " . date("Y-m-d H:i", $shift_entry_source['start'])
. " to " . date("Y-m-d H:i", $shift_entry_source['end'])
. " as " . $shift_entry_source['angel_type']
);
success(_("Shift entry deleted."));
} else {
error(_("Entry not found."));

38
includes/controller/shifts_controller.php
Unescape Escape View File

@ -98,7 +98,10 @@ function shift_edit_controller()
$needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]);
} else {
$valid = false;
$msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $needed_angeltype_name), true);
$msg .= error(sprintf(
_("Please check your input for needed angels of type %s."),
$needed_angeltype_name
), true);
}
}
@ -120,7 +123,12 @@ function shift_edit_controller()
$needed_angel_types_info[] = $angeltypes[$type_id] . ": " . $count;
}
engelsystem_log("Updated shift '" . $shifttypes[$shifttype_id] . ", " . $title . "' from " . date("Y-m-d H:i", $start) . " to " . date("Y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
engelsystem_log(
"Updated shift '" . $shifttypes[$shifttype_id] . ", " . $title
. "' from " . date("Y-m-d H:i", $start)
. " to " . date("Y-m-d H:i", $end)
. " with angel types " . join(", ", $needed_angel_types_info)
);
success(_("Shift updated."));
redirect(shift_link([
@ -131,10 +139,13 @@ function shift_edit_controller()
$angel_types_spinner = "";
foreach ($angeltypes as $angeltype_id => $angeltype_name) {
$angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name, $needed_angel_types[$angeltype_id]);
$angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name,
$needed_angel_types[$angeltype_id]);
}
return page_with_title(shifts_title(), [
return page_with_title(
shifts_title(),
[
msg(),
'<noscript>' . info(_("This page is much more comfortable with javascript."), true) . '</noscript>',
form([
@ -147,7 +158,8 @@ function shift_edit_controller()
$angel_types_spinner,
form_submit('submit', _("Save"))
])
]);
]
);
}
function shift_delete_controller()
@ -173,13 +185,22 @@ function shift_delete_controller()
if (isset($_REQUEST['delete'])) {
Shift_delete($shift_id);
engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
engelsystem_log(
"Deleted shift " . $shift['name']
. " from " . date("Y-m-d H:i", $shift['start'])
. " to " . date("Y-m-d H:i", $shift['end'])
);
success(_("Shift deleted."));
redirect(page_link_to('user_shifts'));
}
return page_with_title(shifts_title(), [
error(sprintf(_("Do you want to delete the shift %s from %s to %s?"), $shift['name'], date("Y-m-d H:i", $shift['start']), date("H:i", $shift['end'])), true),
error(sprintf(
_("Do you want to delete the shift %s from %s to %s?"),
$shift['name'],
date("Y-m-d H:i", $shift['start']),
date("H:i", $shift['end'])
), true),
'<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _("delete") . '</a>'
]);
}
@ -212,7 +233,8 @@ function shift_controller()
$needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype);
$shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $angeltype['id']);
$angeltype_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, $user_shifts, $needed_angeltype, $shift_entries);
$angeltype_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, $user_shifts, $needed_angeltype,
$shift_entries);
if ($shift_signup_state == null) {
$shift_signup_state = $angeltype_signup_state;
} else {

47
includes/controller/user_angeltypes_controller.php
Unescape Escape View File

@ -17,7 +17,10 @@ function user_angeltypes_unconfirmed_hint()
$unconfirmed_links[] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $user_angeltype['angeltype_id'] . '">' . $user_angeltype['name'] . ' (+' . $user_angeltype['count'] . ')' . '</a>';
}
return sprintf(ngettext("There is %d unconfirmed angeltype.", "There are %d unconfirmed angeltypes.", count($unconfirmed_user_angeltypes)), count($unconfirmed_user_angeltypes)) . " " . _('Angel types which need approvals:') . ' ' . join(', ', $unconfirmed_links);
return sprintf(ngettext("There is %d unconfirmed angeltype.", "There are %d unconfirmed angeltypes.",
count($unconfirmed_user_angeltypes)),
count($unconfirmed_user_angeltypes)) . " " . _('Angel types which need approvals:') . ' ' . join(', ',
$unconfirmed_links);
}
/**
@ -141,8 +144,16 @@ function user_angeltype_confirm_controller()
engelsystem_error("Unable to confirm user angeltype.");
}
engelsystem_log(sprintf("%s confirmed for angeltype %s", User_Nick_render($user_source), AngelType_name_render($angeltype)));
success(sprintf(_("%s confirmed for angeltype %s."), User_Nick_render($user_source), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
"%s confirmed for angeltype %s",
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
success(sprintf(
_("%s confirmed for angeltype %s."),
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
@ -251,7 +262,11 @@ function user_angeltype_update_controller()
if (isset($_REQUEST['confirmed'])) {
UserAngelType_update($user_angeltype['id'], $supporter);
$success_message = sprintf($supporter ? _("Added supporter rights for %s to %s.") : _("Removed supporter rights for %s from %s."), AngelType_name_render($angeltype), User_Nick_render($user_source));
$success_message = sprintf(
$supporter ? _("Added supporter rights for %s to %s.") : _("Removed supporter rights for %s from %s."),
AngelType_name_render($angeltype),
User_Nick_render($user_source)
);
engelsystem_log($success_message);
success($success_message);
@ -292,11 +307,23 @@ function user_angeltype_add_controller()
if (!UserAngelType_exists($user_source, $angeltype)) {
$user_angeltype_id = UserAngelType_create($user_source, $angeltype);
engelsystem_log(sprintf("User %s added to %s.", User_Nick_render($user_source), AngelType_name_render($angeltype)));
success(sprintf(_("User %s added to %s."), User_Nick_render($user_source), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
"User %s added to %s.",
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
success(sprintf(
_("User %s added to %s."),
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
UserAngelType_confirm($user_angeltype_id, $user_source);
engelsystem_log(sprintf("User %s confirmed as %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
"User %s confirmed as %s.",
User_Nick_render($user),
AngelType_name_render($angeltype)
));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
}
@ -330,7 +357,11 @@ function user_angeltype_join_controller($angeltype)
if (in_array('admin_user_angeltypes', $privileges)) {
UserAngelType_confirm($user_angeltype_id, $user);
engelsystem_log(sprintf("User %s confirmed as %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
engelsystem_log(sprintf(
"User %s confirmed as %s.",
User_Nick_render($user),
AngelType_name_render($angeltype)
));
}
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);

8
includes/controller/user_driver_licenses_controller.php
Unescape Escape View File

@ -1,7 +1,8 @@
<?php
/**
* Generates a hint, if user joined angeltypes that require a driving license and the user has no driver license information provided.
* Generates a hint, if user joined angeltypes that require a driving license and the user has no driver license
* information provided.
*/
function user_driver_license_required_hint()
{
@ -17,7 +18,10 @@ function user_driver_license_required_hint()
foreach ($angeltypes as $angeltype) {
if ($angeltype['requires_driver_license']) {
return sprintf(_("You joined an angeltype which requires a driving license. Please edit your driving license information here: %s."), '<a href="' . user_driver_license_edit_link() . '">' . _("driving license information") . '</a>');
return sprintf(
_("You joined an angeltype which requires a driving license. Please edit your driving license information here: %s."),
'<a href="' . user_driver_license_edit_link() . '">' . _("driving license information") . '</a>'
);
}
}

44
includes/controller/users_controller.php
Unescape Escape View File

@ -1,6 +1,6 @@
<?php
use Engelsystem\ShiftsFilter;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilter;
/**
* Route user actions.
@ -58,7 +58,9 @@ function user_delete_controller()
if (isset($_REQUEST['submit'])) {
$valid = true;
if (! (isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))) {
if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],
$user['UID']))
) {
$valid = false;
error(_("Your password is incorrect. Please try it again."));
}
@ -136,7 +138,8 @@ function user_edit_vouchers_controller()
}
success(_("Saved the number of vouchers."));
engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf("Got %s vouchers", $user_source['got_voucher']));
engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf("Got %s vouchers",
$user_source['got_voucher']));
redirect(user_link($user_source));
}
@ -181,7 +184,15 @@ function user_controller()
return [
$user_source['Nick'],
User_view($user_source, in_array('admin_user', $privileges), User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID'])
User_view(
$user_source,
in_array('admin_user', $privileges),
User_is_freeloader($user_source),
User_angeltypes($user_source),
User_groups($user_source),
$shifts,
$user['UID'] == $user_source['UID']
)
];
}
@ -212,7 +223,16 @@ function users_list_controller()
return [
_('All users'),
Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count(), User_got_voucher_count())
Users_view(
$users,
$order_by,
User_arrived_count(),
User_active_count(),
User_force_active_count(),
ShiftEntries_freeleaded_count(),
User_tshirts_count(),
User_got_voucher_count()
)
];
}
@ -278,7 +298,14 @@ function user_password_recovery_start_controller()
if ($valid) {
$token = User_generate_password_recovery_token($user_source);
engelsystem_email_to_user($user_source, _("Password recovery"), sprintf(_("Please visit %s to recover your password."), page_link_to_absolute('user_password_recovery') . '&token=' . $token));
engelsystem_email_to_user(
$user_source,
_("Password recovery"),
sprintf(
_("Please visit %s to recover your password."),
page_link_to_absolute('user_password_recovery') . '&token=' . $token
)
);
success(_("We sent an email containing your password recovery link."));
redirect(page_link_to('login'));
}
@ -355,7 +382,10 @@ function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter)
unset($needed_angeltypes_source);
unset($shift_entries_source);
if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())) {
if (
in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled())
&& in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())
) {
return new ShiftCalendarRenderer($shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
}

8
includes/helper/email_helper.php
Unescape Escape View File

@ -10,7 +10,10 @@ function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_it
gettext_locale($recipient_user['Sprache']);
$message = sprintf(_("Hi %s,"), $recipient_user['Nick']) . "\n\n" . _("here is a message for you from the engelsystem:") . "\n\n" . $message . "\n\n" . _("This email is autogenerated and has not to be signed. You got this email because you are registered in the engelsystem.");
$message = sprintf(_("Hi %s,"), $recipient_user['Nick']) . "\n\n"
. _("here is a message for you from the engelsystem:") . "\n\n"
. $message . "\n\n"
. _("This email is autogenerated and has not to be signed. You got this email because you are registered in the engelsystem.");
gettext_locale();
return engelsystem_email($recipient_user['email'], $title, $message);
@ -18,7 +21,8 @@ function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_it
function engelsystem_email($address, $title, $message)
{
$result = mail($address, $title, $message, "Content-Type: text/plain; charset=UTF-8\r\nFrom: Engelsystem <noreply@engelsystem.de>");
$result = mail($address, $title, $message,
"Content-Type: text/plain; charset=UTF-8\r\nFrom: Engelsystem <noreply@engelsystem.de>");
if ($result === false) {
engelsystem_error('Unable to send email.');
}

1
includes/helper/graph_helper.php
Unescape Escape View File

@ -2,6 +2,7 @@
/**
* Renders a bargraph
*
* @param string $key keyname of the x-axis
* @param array $row_names keynames for the data rows
* @param unknown $colors colors for the data rows

6
includes/helper/internationalization_helper.php
Unescape Escape View File

@ -68,7 +68,11 @@ function make_langselect()
$items = [];
foreach ($locales as $locale => $name) {
$items[] = toolbar_item_link(htmlspecialchars($URL) . $locale, '', '<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name);
$items[] = toolbar_item_link(
htmlspecialchars($URL) . $locale,
'',
'<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name
);
}
return $items;
}

12
includes/mailer/shifts_mailer.php
Unescape Escape View File

@ -22,12 +22,20 @@ function mail_shift_change($old_shift, $new_shift)
}
if ($old_shift["start"] != $new_shift["start"]) {
$message .= sprintf(_("* Shift Start changed from %s to %s"), date("Y-m-d H:i", $old_shift["start"]), date("Y-m-d H:i", $new_shift["start"])) . "\n";
$message .= sprintf(
_("* Shift Start changed from %s to %s"),
date("Y-m-d H:i", $old_shift["start"]),
date("Y-m-d H:i", $new_shift["start"])
) . "\n";
$noticable_changes = true;
}
if ($old_shift["end"] != $new_shift["end"]) {
$message .= sprintf(_("* Shift End changed from %s to %s"), date("Y-m-d H:i", $old_shift["end"]), date("Y-m-d H:i", $new_shift["end"])) . "\n";
$message .= sprintf(
_("* Shift End changed from %s to %s"),
date("Y-m-d H:i", $old_shift["end"]),
date("Y-m-d H:i", $new_shift["end"])
) . "\n";
$noticable_changes = true;
}

6
includes/mailer/users_mailer.php
Unescape Escape View File

@ -5,5 +5,9 @@
*/
function mail_user_delete($user)
{
engelsystem_email_to_user($user, '[engelsystem] ' . _("Your account has been deleted"), _("Your angelsystem account has been deleted. If you have any questions regarding your account deletion, please contact heaven."));
engelsystem_email_to_user(
$user,
'[engelsystem] ' . _("Your account has been deleted"),
_("Your angelsystem account has been deleted. If you have any questions regarding your account deletion, please contact heaven.")
);
}

2
includes/model/AngelType_model.php
Unescape Escape View File

@ -186,7 +186,7 @@ function AngelTypes_with_user($user)
{
$result = sql_select("
SELECT `AngelTypes`.*,
`UserAngelTypes`.`id` as `user_angeltype_id`,
`UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`
FROM `AngelTypes`

10
includes/model/EventConfig_model.php
Unescape Escape View File

@ -26,8 +26,14 @@ function EventConfig()
* @param int $teardown_end_date
* @param string $event_welcome_msg
*/
function EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg)
{
function EventConfig_update(
$event_name,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date,
$event_welcome_msg
) {
if (EventConfig() == null) {
return sql_query("INSERT INTO `EventConfig` SET
`event_name`=" . sql_null($event_name) . ",

19
includes/model/Message_model.php
Unescape Escape View File

@ -43,8 +43,23 @@ function Message_send($receiver_user_id, $text)
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$receiver_user_id = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($receiver_user_id));
if (($text != "" && is_numeric($receiver_user_id)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($receiver_user_id) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($receiver_user_id) . "', `Text`='" . sql_escape($text) . "'");
if (
($text != "" && is_numeric($receiver_user_id))
&& (sql_num_query("
SELECT *
FROM `User`
WHERE `UID`='" . sql_escape($receiver_user_id) . "'
AND NOT `UID`='" . sql_escape($user['UID']) . "'
LIMIT 1
") > 0)
) {
sql_query("
INSERT INTO `Messages`
SET `Datum`='" . sql_escape(time()) . "',
`SUID`='" . sql_escape($user['UID']) . "',
`RUID`='" . sql_escape($receiver_user_id) . "',
`Text`='" . sql_escape($text) . "'
");
return true;
}

1
includes/model/Room_model.php
Unescape Escape View File

@ -2,6 +2,7 @@
/**
* returns a list of rooms.
*
* @param boolean $show_all returns also hidden rooms when true
*/
function Rooms($show_all = false)

13
includes/model/ShiftEntry_model.php
Unescape Escape View File

@ -31,7 +31,18 @@ function ShiftEntries_freeleaded_count()
function ShiftEntries_by_shift($shift_id)
{
return sql_select("
SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `AngelTypes`.`name` as `angel_type_name`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
SELECT
`User`.`Nick`,
`User`.`email`,
`User`.`email_shiftinfo`,
`User`.`Sprache`,
`User`.`Gekommen`,
`ShiftEntry`.`UID`,
`ShiftEntry`.`TID`,
`ShiftEntry`.`SID`,
`AngelTypes`.`name` AS `angel_type_name`,
`ShiftEntry`.`Comment`,
`ShiftEntry`.`freeloaded`
FROM `ShiftEntry`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`

13
includes/model/ShiftTypes_model.php
Unescape Escape View File

@ -2,6 +2,7 @@
/**
* Delete a shift type.
*
* @param int $shifttype_id
*/
function ShiftType_delete($shifttype_id)
@ -19,11 +20,13 @@ function ShiftType_delete($shifttype_id)
*/
function ShiftType_update($shifttype_id, $name, $angeltype_id, $description)
{
return sql_query("UPDATE `ShiftTypes` SET
return sql_query("
UPDATE `ShiftTypes` SET
`name`='" . sql_escape($name) . "',
`angeltype_id`=" . sql_null($angeltype_id) . ",
`description`='" . sql_escape($description) . "'
WHERE `id`='" . sql_escape($shifttype_id) . "'");
WHERE `id`='" . sql_escape($shifttype_id) . "'
");
}
/**
@ -36,10 +39,12 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description)
*/
function ShiftType_create($name, $angeltype_id, $description)
{
$result = sql_query("INSERT INTO `ShiftTypes` SET
$result = sql_query("
INSERT INTO `ShiftTypes` SET
`name`='" . sql_escape($name) . "',
`angeltype_id`=" . sql_null($angeltype_id) . ",
`description`='" . sql_escape($description) . "'");
`description`='" . sql_escape($description) . "'
");
if ($result === false) {
return false;
}

8
includes/model/ShiftsFilter.php
Unescape Escape View File

@ -84,9 +84,7 @@ class ShiftsFilter
public function getTypes()
{
if (count($this->types) == 0) {
return [
0
];
return [0];
}
return $this->types;
}
@ -99,9 +97,7 @@ class ShiftsFilter
public function getRooms()
{
if (count($this->rooms) == 0) {
return [
0
];
return [0];
}
return $this->rooms;
}

113
includes/model/Shifts_model.php
Unescape Escape View File

@ -14,7 +14,7 @@ function Shifts_by_room($room)
function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
{
$SQL = "SELECT * FROM (
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `Room` USING (`RID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
@ -27,7 +27,7 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
UNION
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `Room` USING (`RID`)
JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
@ -36,7 +36,7 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
AND `NeededAngelTypes`.`count` > 0
AND NOT `Shifts`.`PSID` IS NULL) as tmp_shifts
AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts
ORDER BY `start`";
$result = sql_select($SQL);
@ -48,7 +48,14 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
{
$SQL = "SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
$SQL = "
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
@ -58,7 +65,13 @@ function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
UNION
SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
@ -74,7 +87,14 @@ function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype)
{
$result = sql_select("SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
$result = sql_select("
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
@ -84,7 +104,13 @@ function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype)
UNION
SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
SELECT
`NeededAngelTypes`.*,
`Shifts`.`SID`,
`AngelTypes`.`id`,
`AngelTypes`.`name`,
`AngelTypes`.`restricted`,
`AngelTypes`.`no_self_signup`
FROM `Shifts`
JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
@ -102,7 +128,18 @@ function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype)
function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
{
$SQL = "SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
$SQL = "
SELECT
`User`.`Nick`,
`User`.`email`,
`User`.`email_shiftinfo`,
`User`.`Sprache`,
`User`.`Gekommen`,
`ShiftEntry`.`UID`,
`ShiftEntry`.`TID`,
`ShiftEntry`.`SID`,
`ShiftEntry`.`Comment`,
`ShiftEntry`.`freeloaded`
FROM `Shifts`
JOIN `ShiftEntry` ON `ShiftEntry`.`SID`=`Shifts`.`SID`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
@ -158,10 +195,18 @@ function Shift_free_entries($needed_angeltype, $shift_entries)
* @param array <Shift> $user_shifts
* List of the users shifts
* @param boolean $angeltype_supporter
* True, if the user has angeltype supporter rights for the angeltype, which enables him to sign somebody up for the shift.
* True, if the user has angeltype supporter rights for the angeltype, which enables him to sign
* somebody up for the shift.
*/
function Shift_signup_allowed_angel($user, $shift, $angeltype, $user_angeltype, $user_shifts, $needed_angeltype, $shift_entries)
{
function Shift_signup_allowed_angel(
$user,
$shift,
$angeltype,
$user_angeltype,
$user_shifts,
$needed_angeltype,
$shift_entries
) {
$free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
if ($user['Gekommen'] == 0) {
@ -198,7 +243,11 @@ function Shift_signup_allowed_angel($user, $shift, $angeltype, $user_angeltype,
$user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
}
if ($user_angeltype == null || ($angeltype['no_self_signup'] == 1 && $user_angeltype != null) || ($angeltype['restricted'] == 1 && $user_angeltype != null && ! isset($user_angeltype['confirm_user_id']))) {
if (
$user_angeltype == null
|| ($angeltype['no_self_signup'] == 1 && $user_angeltype != null)
|| ($angeltype['restricted'] == 1 && $user_angeltype != null && !isset($user_angeltype['confirm_user_id']))
) {
// you cannot join if user is not of this angel type
// you cannot join if you are not confirmed
// you cannot join if angeltype has no self signup
@ -258,19 +307,37 @@ function Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entrie
* @param array <Shift> $user_shifts
* List of the users shifts
*/
function Shift_signup_allowed($signup_user, $shift, $angeltype, $user_angeltype = null, $user_shifts = null, $needed_angeltype, $shift_entries)
{
function Shift_signup_allowed(
$signup_user,
$shift,
$angeltype,
$user_angeltype = null,
$user_shifts = null,
$needed_angeltype,
$shift_entries
) {
global $user, $privileges;
if (in_array('user_shifts_admin', $privileges)) {
return Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entries);
}
if (in_array('shiftentry_edit_angeltype_supporter', $privileges) && User_is_AngelType_supporter($user, $angeltype)) {
if (
in_array('shiftentry_edit_angeltype_supporter', $privileges)
&& User_is_AngelType_supporter($user, $angeltype)
) {
return Shift_signup_allowed_angeltype_supporter($angeltype, $needed_angeltype, $shift_entries);
}
return Shift_signup_allowed_angel($signup_user, $shift, $angeltype, $user_angeltype, $user_shifts, $needed_angeltype, $shift_entries);
return Shift_signup_allowed_angel(
$signup_user,
$shift,
$angeltype,
$user_angeltype,
$user_shifts,
$needed_angeltype,
$shift_entries
);
}
/**
@ -304,7 +371,8 @@ function Shift_update($shift)
$shift['name'] = ShiftType($shift['shifttype_id'])['name'];
mail_shift_change(Shift($shift['SID']), $shift);
return sql_query("UPDATE `Shifts` SET
return sql_query("
UPDATE `Shifts` SET
`shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
`start`='" . sql_escape($shift['start']) . "',
`end`='" . sql_escape($shift['end']) . "',
@ -314,7 +382,8 @@ function Shift_update($shift)
`PSID`=" . sql_null($shift['PSID']) . ",
`edited_by_user_id`='" . sql_escape($user['UID']) . "',
`edited_at_timestamp`=" . time() . "
WHERE `SID`='" . sql_escape($shift['SID']) . "'");
WHERE `SID`='" . sql_escape($shift['SID']) . "'
");
}
/**
@ -341,7 +410,8 @@ function Shift_update_by_psid($shift)
function Shift_create($shift)
{
global $user;
$result = sql_query("INSERT INTO `Shifts` SET
$result = sql_query("
INSERT INTO `Shifts` SET
`shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
`start`='" . sql_escape($shift['start']) . "',
`end`='" . sql_escape($shift['end']) . "',
@ -350,7 +420,8 @@ function Shift_create($shift)
`URL`=" . sql_null($shift['URL']) . ",
`PSID`=" . sql_null($shift['PSID']) . ",
`created_by_user_id`='" . sql_escape($user['UID']) . "',
`created_at_timestamp`=" . time());
`created_at_timestamp`=" . time()
);
if ($result === false) {
return false;
}
@ -427,7 +498,7 @@ function Shift($shift_id)
function Shifts()
{
$shifts_source = sql_select("
SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`RID`, `Room`.`Name` as `room_name`
SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`RID`, `Room`.`Name` AS `room_name`
FROM `Shifts`
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON `Room`.`RID` = `Shifts`.`RID`

19
includes/model/UserAngelTypes_model.php
Unescape Escape View File

@ -54,16 +54,17 @@ function User_unconfirmed_AngelTypes($user)
SELECT
`UserAngelTypes`.*,
`AngelTypes`.`name`,
count(`UnconfirmedMembers`.`user_id`) as `count`
count(`UnconfirmedMembers`.`user_id`) AS `count`
FROM `UserAngelTypes`
JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
JOIN `UserAngelTypes` as `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
JOIN `UserAngelTypes` AS `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
AND `UserAngelTypes`.`supporter`=TRUE
AND `AngelTypes`.`restricted`=TRUE
AND `UnconfirmedMembers`.`confirm_user_id` IS NULL
GROUP BY `UserAngelTypes`.`angeltype_id`
ORDER BY `AngelTypes`.`name`");
ORDER BY `AngelTypes`.`name`
");
if ($result === false) {
engelsystem_error("Unable to load user angeltypes.");
}
@ -87,7 +88,8 @@ function User_is_AngelType_supporter(&$user, $angeltype)
WHERE `user_id`='" . sql_escape($user['UID']) . "'
AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
AND `supporter`=TRUE
LIMIT 1") > 0) || in_array('admin_user_angeltypes', $user['privileges']);
LIMIT 1
") > 0) || in_array('admin_user_angeltypes', $user['privileges']);
}
/**
@ -102,7 +104,8 @@ function UserAngelType_update($user_angeltype_id, $supporter)
UPDATE `UserAngelTypes`
SET `supporter`=" . sql_bool($supporter) . "
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
LIMIT 1
");
if ($result === false) {
engelsystem_error("Unable to update supporter rights.");
}
@ -119,7 +122,8 @@ function UserAngelTypes_delete_all($angeltype_id)
$result = sql_query("
DELETE FROM `UserAngelTypes`
WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
AND `confirm_user_id` IS NULL");
AND `confirm_user_id` IS NULL
");
if ($result === false) {
engelsystem_error("Unable to delete all unconfirmed users.");
}
@ -138,7 +142,8 @@ function UserAngelTypes_confirm_all($angeltype_id, $confirm_user)
UPDATE `UserAngelTypes`
SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
AND `confirm_user_id` IS NULL");
AND `confirm_user_id` IS NULL
");
if ($result === false) {
engelsystem_error("Unable to confirm all users.");
}

7
includes/model/UserDriverLicenses_model.php
Unescape Escape View File

@ -26,7 +26,12 @@ function UserDriverLicense_new()
*/
function UserDriverLicense_valid($user_driver_license)
{
return $user_driver_license['has_car'] || $user_driver_license['has_license_car'] || $user_driver_license['has_license_3_5t_transporter'] || $user_driver_license['has_license_7_5t_truck'] || $user_driver_license['has_license_12_5t_truck'] || $user_driver_license['has_license_forklift'];
return $user_driver_license['has_car']
|| $user_driver_license['has_license_car']
|| $user_driver_license['has_license_3_5t_transporter']
|| $user_driver_license['has_license_7_5t_truck']
|| $user_driver_license['has_license_12_5t_truck']
|| $user_driver_license['has_license_forklift'];
}
/**

1
includes/model/UserGroups_model.php
Unescape Escape View File

@ -2,6 +2,7 @@
/**
* Returns users groups
*
* @param User $user
*/
function User_groups($user)

11
includes/model/User_model.php
Unescape Escape View File

@ -22,7 +22,8 @@ function User_delete($user_id)
*/
function User_update($user)
{
return sql_query("UPDATE `User` SET
return sql_query("
UPDATE `User` SET
`Nick`='" . sql_escape($user['Nick']) . "',
`Name`='" . sql_escape($user['Name']) . "',
`Vorname`='" . sql_escape($user['Vorname']) . "',
@ -46,7 +47,8 @@ function User_update($user)
`arrival_date`='" . sql_escape($user['arrival_date']) . "',
`planned_arrival_date`='" . sql_escape($user['planned_arrival_date']) . "',
`planned_departure_date`=" . sql_null($user['planned_departure_date']) . "
WHERE `UID`='" . sql_escape($user['UID']) . "'");
WHERE `UID`='" . sql_escape($user['UID']) . "'
");
}
/**
@ -130,7 +132,8 @@ function Users_by_angeltype_inverted($angeltype)
$result = sql_select("
SELECT `User`.*
FROM `User`
LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "')
LEFT JOIN `UserAngelTypes`
ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "')
WHERE `UserAngelTypes`.`id` IS NULL
ORDER BY `Nick`");
if ($result === false) {
@ -149,7 +152,7 @@ function Users_by_angeltype($angeltype)
$result = sql_select("
SELECT
`User`.*,
`UserAngelTypes`.`id` as `user_angeltype_id`,
`UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`,
`UserDriverLicenses`.*

8
includes/pages/admin_active.php
Unescape Escape View File

@ -28,7 +28,10 @@ function admin_active()
if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) {
$count = strip_request_item('count');
if ($count < $forced_count) {
error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count));
error(sprintf(
_("At least %s angels are forced to be active. The number has to be greater."),
$forced_count
));
redirect(page_link_to('admin_active'));
}
} else {
@ -112,7 +115,8 @@ function admin_active()
LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` " . ($show_all_shifts ? "" : "AND (`Shifts`.`end` < " . time() . " OR `Shifts`.`end` IS NULL)") . "
WHERE `User`.`Gekommen` = 1
GROUP BY `User`.`UID`
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit
);
$matched_users = [];
if ($search == "") {
$tokens = [];

5
includes/pages/admin_free.php
Unescape Escape View File

@ -70,7 +70,10 @@ function admin_free()
'dect' => $usr['DECT'],
'jabber' => $usr['jabber'],
'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'),
'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs') : ''
'actions' =>
in_array('admin_user', $privileges)
? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs')
: ''
];
}
return page_with_title(admin_free_title(), [

44
includes/pages/admin_groups.php
Unescape Escape View File

@ -12,7 +12,12 @@ function admin_groups()
if (!isset($_REQUEST["action"])) {
$groups_table = [];
foreach ($groups as $group) {
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
$privileges = sql_select("
SELECT *
FROM `GroupPrivileges`
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `group_id`='" . sql_escape($group['UID']) . "'
");
$privileges_html = [];
foreach ($privileges as $priv) {
@ -22,7 +27,11 @@ function admin_groups()
$groups_table[] = [
'name' => $group['Name'],
'privileges' => join(', ', $privileges_html),
'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs')
'actions' => button(
page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'],
_("edit"),
'btn-xs'
)
];
}
@ -45,12 +54,32 @@ function admin_groups()
$group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
if (count($group) > 0) {
list($group) = $group;
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`");
$privileges = sql_select("
SELECT `Privileges`.*, `GroupPrivileges`.`group_id`
FROM `Privileges`
LEFT OUTER JOIN `GroupPrivileges`
ON (
`Privileges`.`id` = `GroupPrivileges`.`privilege_id`
AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "'
)
ORDER BY `Privileges`.`name`
");
$privileges_html = "";
$privileges_form = [];
foreach ($privileges as $priv) {
$privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']);
$privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']);
$privileges_form[] = form_checkbox(
'privileges[]',
$priv['desc'] . ' (' . $priv['name'] . ')',
$priv['group_id'] != "",
$priv['id']
);
$privileges_html .= sprintf(
'<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>',
$priv['id'],
($priv['group_id'] != "" ? 'checked="checked"' : ''),
$priv['name'],
$priv['desc']
);
}
$privileges_form[] = form_submit('submit', _("Save"));
@ -86,7 +115,10 @@ function admin_groups()
}
}
}
engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names));
engelsystem_log(
"Group privileges of group " . $group['Name']
. " edited: " . join(", ", $privilege_names)
);
redirect(page_link_to("admin_groups"));
} else {
return error("No Group found.", true);

43
includes/pages/admin_import.php
Unescape Escape View File

@ -13,11 +13,14 @@ function admin_import()
$import_dir = __DIR__ . '/../../import';
$step = "input";
if (isset($_REQUEST['step']) && in_array($step, [
if (
isset($_REQUEST['step'])
&& in_array($step, [
'input',
'check',
'import'
])) {
])
) {
$step = $_REQUEST['step'];
}
@ -96,7 +99,10 @@ function admin_import()
]) . div('row', [
div('col-md-offset-3 col-md-6', [
form([
form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")),
form_info(
'',
_("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")
),
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start),
form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end),
@ -136,11 +142,20 @@ function admin_import()
}
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
$html .= div('well well-sm text-center', [
list($events_new, $events_updated, $events_deleted) = prepare_events(
$import_file,
$shifttype_id,
$add_minutes_start,
$add_minutes_end
);
$html .= div(
'well well-sm text-center',
[
'<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import'))
]) . form([
])
. form(
[
div('row', [
div('col-sm-6', [
'<h3>' . _("Rooms to create") . '</h3>',
@ -179,7 +194,12 @@ function admin_import()
'room' => _("Room")
], shifts_printable($events_deleted, $shifttypes)),
form_submit('submit', _("Import"))
], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
],
page_link_to('admin_import')
. '&step=import&shifttype_id=' . $shifttype_id
. "&add_minutes_end=" . $add_minutes_end
. "&add_minutes_start=" . $add_minutes_start
);
break;
case 'import':
@ -225,7 +245,12 @@ function admin_import()
sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
}
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
list($events_new, $events_updated, $events_deleted) = prepare_events(
$import_file,
$shifttype_id,
$add_minutes_start,
$add_minutes_end
);
foreach ($events_new as $event) {
$result = Shift_create($event);
if ($result === false) {

4
includes/pages/admin_news.php
Unescape Escape View File

@ -36,7 +36,9 @@ function admin_news()
form_submit('submit', _("Save"))
], page_link_to('admin_news&action=save&id=' . $news_id));
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">'
. '<span class="glyphicon glyphicon-trash"></span> ' . _("Delete")
. '</a>';
break;
case 'save':

25
includes/pages/admin_questions.php
Unescape Escape View File

@ -42,7 +42,11 @@ function admin_questions()
form_textarea('answer', '', ''),
form_submit('submit', _("Save"))
], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
'actions' => button(
page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'],
_("delete"),
'btn-xs'
)
];
}
@ -56,7 +60,11 @@ function admin_questions()
'question' => str_replace("\n", "<br />", $question['Question']),
'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", "<br />", $question['Answer']),
'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs')
'actions' => button(
page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'],
_("delete"),
'btn-xs'
)
];
}
@ -88,10 +96,19 @@ function admin_questions()
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
$answer = trim(
preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
'',
strip_tags($_REQUEST['answer'])
));
if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
sql_query("
UPDATE `Questions`
SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "'
WHERE `QID`='" . sql_escape($question_id) . "'
LIMIT 1
");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions"));
} else {

10
includes/pages/admin_rooms.php
Unescape Escape View File

@ -92,7 +92,10 @@ function admin_rooms()
}
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
if (
isset($_REQUEST['angeltype_count_' . $angeltype_id])
&& preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])
) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
} else {
$valid = false;
@ -122,7 +125,10 @@ function admin_rooms()
}
}
engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info));
engelsystem_log(
"Set needed angeltypes of room " . $name
. " to: " . join(", ", $needed_angeltype_info)
);
success(_("Room saved."));
redirect(page_link_to("admin_rooms"));
}

62
includes/pages/admin_shifts.php
Unescape Escape View File

@ -65,7 +65,11 @@ function admin_shifts()
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
if (
isset($_REQUEST['rid'])
&& preg_match("/^[0-9]+$/", $_REQUEST['rid'])
&& isset($room_array[$_REQUEST['rid']])
) {
$rid = $_REQUEST['rid'];
} else {
$valid = false;
@ -104,7 +108,10 @@ function admin_shifts()
error(_('Please enter a shift duration in minutes.'));
}
} elseif ($_REQUEST['mode'] == 'variable') {
if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) {
if (
isset($_REQUEST['change_hours'])
&& preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))
) {
$mode = 'variable';
$change_hours = array_map('trim', explode(",", $_REQUEST['change_hours']));
} else {
@ -123,7 +130,10 @@ function admin_shifts()
} elseif ($_REQUEST['angelmode'] == 'manually') {
$angelmode = 'manually';
foreach ($types as $type) {
if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) {
if (
isset($_REQUEST['type_' . $type['id']])
&& preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))
) {
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
} else {
$valid = false;
@ -233,8 +243,16 @@ function admin_shifts()
$shifts_table = [];
foreach ($shifts as $shift) {
$shifts_table_entry = [
'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])),
'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''),
'timeslot' =>
'<span class="glyphicon glyphicon-time"></span> '
. date("Y-m-d H:i", $shift['start'])
. ' - '
. date("H:i", $shift['end'])
. '<br />'
. Room_name_render(Room($shift['RID'])),
'title' =>
ShiftType_name_render(ShiftType($shifttype_id))
. ($shift['title'] ? '<br />' . $shift['title'] : ''),
'needed_angels' => ''
];
foreach ($types as $type) {
@ -288,7 +306,12 @@ function admin_shifts()
engelsystem_error('Unable to create shift.');
}
engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
engelsystem_log(
"Shift created: " . $shifttypes[$shift['shifttype_id']]
. " with title " . $shift['title']
. " from " . date("Y-m-d H:i", $shift['start'])
. " to " . date("Y-m-d H:i", $shift['end'])
);
$needed_angel_types_info = [];
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
@ -312,7 +335,12 @@ function admin_shifts()
}
$angel_types = "";
foreach ($types as $type) {
$angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>';
$angel_types .= '<div class="col-md-4">' . form_spinner(
'type_' . $type['id'],
$type['name'],
$needed_angel_types[$type['id']]
)
. '</div>';
}
return page_with_title(admin_shifts_title(), [
@ -329,12 +357,26 @@ function admin_shifts()
form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
form_text('length', _("Length"), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22')
form_radio(
'mode',
_("Create multiple shifts with variable length"),
$mode == 'variable',
'variable'
),
form_text(
'change_hours',
_("Shift change hours"),
!empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
)
]),
div('col-md-6', [
form_info(_("Needed angels"), ''),
form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
form_radio(
'angelmode',
_("Take needed angels from room settings"),
$angelmode == 'location',
'location'
),
form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
div('row', [
$angel_types

7
includes/pages/admin_user.php
Unescape Escape View File

@ -42,7 +42,9 @@ function admin_user()
$html .= " <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
}
$html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
$html .= " <tr><td>Size</td><td>"
. html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size'])
. "</td></tr>\n";
$options = [
'1' => _("Yes"),
@ -152,7 +154,8 @@ function admin_user()
}
}
$user_source = User($user_id);
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ",
$user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true);
} else {
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);

53
includes/pages/guest_login.php
Unescape Escape View File

@ -61,7 +61,10 @@ function guest_register()
}
} else {
$valid = false;
$msg .= error(sprintf(_("Your nick &quot;%s&quot; is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true);
$msg .= error(sprintf(
_("Your nick &quot;%s&quot; is too short (min. 2 characters)."),
User_validate_Nick($_REQUEST['nick'])
), true);
}
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
@ -107,7 +110,10 @@ function guest_register()
}
} else {
$valid = false;
$msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), $min_password_length), true);
$msg .= error(sprintf(
_("Your password is too short (please use at least %s characters)."),
$min_password_length
), true);
}
if (isset($_REQUEST['planned_arrival_date'])) {
@ -189,7 +195,10 @@ function guest_register()
$user_angel_types_info[] = $angel_types[$selected_angel_type_id];
}
engelsystem_log("User " . User_Nick_render(User($user_id)) . " signed up as: " . join(", ", $user_angel_types_info));
engelsystem_log(
"User " . User_Nick_render(User($user_id))
. " signed up as: " . join(", ", $user_angel_types_info)
);
success(_("Angel registration successful!"));
// User is already logged in - that means a supporter has registered an angel. Return to register page.
@ -230,16 +239,30 @@ function guest_register()
]),
div('col-sm-8', [
form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail),
form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $email_shiftinfo),
form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $email_by_human_allowed)
form_checkbox(
'email_shiftinfo',
_("The engelsystem is allowed to send me an email (e.g. when my shifts change)"),
$email_shiftinfo
),
form_checkbox(
'email_by_human_allowed',
_("Humans are allowed to send me an email (e.g. for ticket vouchers)"),
$email_by_human_allowed
)
])
]),
div('row', [
div('col-sm-6', [
form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, $buildup_start_date, $teardown_end_date)
form_date(
'planned_arrival_date',
_("Planned date of arrival") . ' ' . entry_required(),
$planned_arrival_date, $buildup_start_date, $teardown_end_date
)
]),
div('col-sm-6', [
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : ''
$enable_tshirt_size ? form_select('tshirt_size',
_("Shirt size") . ' ' . entry_required(),
$tshirt_sizes, $tshirt_size) : ''
])
]),
div('row', [
@ -250,8 +273,20 @@ function guest_register()
form_password('password2', _("Confirm password") . ' ' . entry_required())
])
]),
form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types),
form_info("", _("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section."))
form_checkboxes(
'angel_types',
_("What do you want to do?") . sprintf(
" (<a href=\"%s\">%s</a>)",
page_link_to('angeltypes') . '&action=about',
_("Description of job types")
),
$angel_types,
$selected_angel_types
),
form_info(
"",
_("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.")
)
]),
div('col-md-6', [
div('row', [

4
includes/pages/guest_stats.php
Unescape Escape View File

@ -8,10 +8,10 @@ function guest_stats()
if ($_REQUEST['api_key'] == $api_key) {
$stats = [];
list($user_count) = sql_select("SELECT count(*) as `user_count` FROM `User`");
list($user_count) = sql_select("SELECT count(*) AS `user_count` FROM `User`");
$stats['user_count'] = $user_count['user_count'];
list($arrived_user_count) = sql_select("SELECT count(*) as `user_count` FROM `User` WHERE `Gekommen`=1");
list($arrived_user_count) = sql_select("SELECT count(*) AS `user_count` FROM `User` WHERE `Gekommen`=1");
$stats['arrived_user_count'] = $arrived_user_count['user_count'];
$done_shifts_seconds = sql_select_single_cell("SELECT SUM(`Shifts`.`end` - `Shifts`.`start`) FROM `ShiftEntry` JOIN `Shifts` USING (`SID`) WHERE `Shifts`.`end` < UNIX_TIMESTAMP()");

8
includes/pages/user_atom.php
Unescape Escape View File

@ -32,7 +32,13 @@ function make_atom_entries_from_news($news_entries)
$html = '<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Engelsystem</title>
<id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id>
<id>' . $_SERVER['HTTP_HOST']
. htmlspecialchars(preg_replace(
'#[&?]key=[a-f0-9]{32}#',
'',
$_SERVER['REQUEST_URI']
))
. '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . "</updated>\n";
foreach ($news_entries as $news_entry) {
$html .= make_atom_entry_from_news($news_entry);

3
includes/pages/user_ical.php
Unescape Escape View File

@ -53,7 +53,8 @@ function make_ical_entry_from_shift($shift)
{
$output = "BEGIN:VEVENT\r\n";
$output .= "UID:" . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n";
$output .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name']) . " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n";
$output .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name'])
. " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n";
if (isset($shift['Comment'])) {
$output .= "DESCRIPTION:" . str_replace("\n", "\\n", $shift['Comment']) . "\r\n";
}

12
includes/pages/user_messages.php
Unescape Escape View File

@ -62,10 +62,18 @@ function user_messages()
if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs');
$messages_table_entry['actions'] = button(
page_link_to("user_messages") . '&action=read&id=' . $message['id'],
_("mark as read"),
'btn-xs'
);
}
} else {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs');
$messages_table_entry['actions'] = button(
page_link_to("user_messages") . '&action=delete&id=' . $message['id'],
_("delete message"),
'btn-xs'
);
}
$messages_table[] = $messages_table_entry;
}

42
includes/pages/user_myshifts.php
Unescape Escape View File

@ -11,7 +11,12 @@ function user_myshifts()
global $LETZTES_AUSTRAGEN;
global $user, $privileges;
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
if (
isset($_REQUEST['id'])
&& in_array("user_shifts_admin", $privileges)
&& preg_match("/^[0-9]{1,}$/", $_REQUEST['id'])
&& sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0
) {
$user_id = $_REQUEST['id'];
} else {
$user_id = $user['UID'];
@ -26,7 +31,10 @@ function user_myshifts()
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
return page_with_title(_("Reset API key"), [
error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true),
error(
_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."),
true
),
button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
]);
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
@ -39,7 +47,7 @@ function user_myshifts()
`ShiftTypes`.`name`,
`Shifts`.*,
`Room`.`Name`,
`AngelTypes`.`name` as `angel_type`
`AngelTypes`.`name` AS `angel_type`
FROM `ShiftEntry`
JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
@ -77,13 +85,29 @@ function user_myshifts()
engelsystem_error('Unable to update shift entry.');
}
engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
engelsystem_log(
"Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name']
. " from " . date("Y-m-d H:i", $shift['start'])
. " to " . date("Y-m-d H:i", $shift['end'])
. " with comment " . $comment
. ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO")
);
success(_("Shift saved."));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
}
return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges));
return ShiftEntry_edit_view(
User_Nick_render($shifts_user),
date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
$shift['Name'],
$shift['name'],
$shift['angel_type'],
$shift['Comment'],
$shift['freeloaded'],
$shift['freeload_comment'],
in_array("user_shifts_admin", $privileges)
);
} else {
redirect(page_link_to('user_myshifts'));
}
@ -105,7 +129,13 @@ function user_myshifts()
$angeltype = AngelType($shift['TID']);
$shifttype = ShiftType($shift['shifttype_id']);
engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
engelsystem_log(
"Deleted own shift: " . $shifttype['name']
. " at " . $room['Name']
. " from " . date("Y-m-d H:i", $shift['start'])
. " to " . date("Y-m-d H:i", $shift['end'])
. " as " . $angeltype['name']
);
success(_("Shift canceled."));
} else {
error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));

10
includes/pages/user_news.php
Unescape Escape View File

@ -62,7 +62,9 @@ function display_news($news)
$html .= '<div class="panel-footer text-muted">';
if (in_array("admin_news", $privileges)) {
$html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>';
$html .= '<div class="pull-right">'
. button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs')
. '</div>';
}
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';
@ -82,7 +84,11 @@ function user_news_comments()
global $user;
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
if (
isset($_REQUEST["nid"])
&& preg_match("/^[0-9]{1,}$/", $_REQUEST['nid'])
&& sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0
) {
$nid = $_REQUEST["nid"];
list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
if (isset($_REQUEST["text"])) {

13
includes/pages/user_questions.php
Unescape Escape View File

@ -10,9 +10,13 @@ function user_questions()
global $user;
if (!isset($_REQUEST['action'])) {
$open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
$open_questions = sql_select(
"SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"
);
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
$answered_questions = sql_select(
"SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"
);
foreach ($answered_questions as &$question) {
$answer_user_source = User($question['AID']);
$question['answer_user'] = User_Nick_render($answer_user_source);
@ -24,7 +28,10 @@ function user_questions()
case 'ask':
$question = strip_request_item_nl('question');
if ($question != "") {
$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
$result = sql_query("
INSERT INTO `Questions`
SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'
");
if ($result === false) {
engelsystem_error(_("Unable to save question."));
}

8
includes/pages/user_settings.php
Unescape Escape View File

@ -92,7 +92,10 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
function user_settings_password($user_source)
{
global $min_password_length;
if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])) {
if (
!isset($_REQUEST['password'])
|| !verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])
) {
error(_("-> not OK. Please try again."));
} elseif (strlen($_REQUEST['new_password']) < $min_password_length) {
error(_("Your password is to short (please use at least 6 characters)."));
@ -195,5 +198,6 @@ function user_settings()
$user_source = user_settings_locale($user_source, $locales);
}
return User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, $enable_tshirt_size, $tshirt_sizes);
return User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date,
$enable_tshirt_size, $tshirt_sizes);
}

48
includes/pages/user_shifts.php
Unescape Escape View File

@ -111,7 +111,25 @@ function load_types()
error(_("The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype."));
redirect('?');
}
$types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`");
$types = sql_select("
SELECT
`AngelTypes`.`id`,
`AngelTypes`.`name`,
(
`AngelTypes`.`restricted`=0
OR (
NOT `UserAngelTypes`.`confirm_user_id` IS NULL
OR `UserAngelTypes`.`id` IS NULL
)
) AS `enabled`
FROM `AngelTypes`
LEFT JOIN `UserAngelTypes`
ON (
`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
)
ORDER BY `AngelTypes`.`name`
");
if (empty($types)) {
return sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0");
}
@ -169,11 +187,26 @@ function view_user_shifts()
'start_time' => $start_time,
'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $end_day),
'end_time' => $end_time,
'type_select' => make_select($types, $shiftsFilter->getTypes(), "types", _("Angeltypes") . '<sup>1</sup>'),
'type_select' => make_select(
$types,
$shiftsFilter->getTypes(),
"types",
_("Angeltypes") . '<sup>1</sup>'
),
'filled_select' => make_select($filled, $shiftsFilter->getFilled(), "filled", _("Occupancy")),
'task_notice' => '<sup>1</sup>' . _("The tasks shown here are influenced by the angeltypes you joined already!") . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" . _("Description of the jobs.") . "</a>",
'task_notice' =>
'<sup>1</sup>'
. _("The tasks shown here are influenced by the angeltypes you joined already!")
. " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">"
. _("Description of the jobs.")
. "</a>",
'shifts_table' => msg() . $shiftCalendarRenderer->render(),
'ical_text' => '<h2>' . _("iCal export") . '</h2><p>' . sprintf(_("Export of shown shifts. <a href=\"%s\">iCal format</a> or <a href=\"%s\">JSON format</a> available (please keep secret, otherwise <a href=\"%s\">reset the api key</a>)."), page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('user_myshifts') . '&reset') . '</p>',
'ical_text' => '<h2>' . _("iCal export") . '</h2><p>' . sprintf(
_("Export of shown shifts. <a href=\"%s\">iCal format</a> or <a href=\"%s\">JSON format</a> available (please keep secret, otherwise <a href=\"%s\">reset the api key</a>)."),
page_link_to_absolute('ical') . '&key=' . $user['api_key'],
page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'],
page_link_to('user_myshifts') . '&reset'
) . '</p>',
'filter' => _("Filter")
])
])
@ -193,7 +226,12 @@ function make_select($items, $selected, $name, $title = null)
}
foreach ($items as $i) {
$html_items[] = '<div class="checkbox"><label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '"' . (in_array($i['id'], $selected) ? ' checked="checked"' : '') . '> ' . $i['name'] . '</label>' . (! isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock")) . '</div><br />';
$html_items[] = '<div class="checkbox">'
. '<label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '"'
. (in_array($i['id'], $selected) ? ' checked="checked"' : '')
. '> ' . $i['name'] . '</label>'
. (!isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock"))
. '</div><br />';
}
$html = '<div id="selection_' . $name . '" class="selection ' . $name . '">' . "\n";
$html .= implode("\n", $html_items);

39
includes/sys_auth.php
Unescape Escape View File

@ -13,7 +13,12 @@ function load_auth()
if (count($user) > 0) {
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
list($user) = $user;
sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
sql_query("
UPDATE `User`
SET " . "`lastLogIn` = '" . time() . "'" . "
WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "'
LIMIT 1
");
$privileges = privileges_for_user($user['UID']);
return;
}
@ -43,7 +48,13 @@ function generate_salt($length = 16)
function set_password($uid, $password)
{
global $crypt_alg;
$result = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt(16) . '$')) . "', `password_recovery_token`=NULL WHERE `UID` = " . intval($uid) . " LIMIT 1");
$result = sql_query("
UPDATE `User`
SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt(16) . '$')) . "',
`password_recovery_token`=NULL
WHERE `UID` = " . intval($uid) . "
LIMIT 1
");
if ($result === false) {
engelsystem_error('Unable to update password.');
}
@ -70,7 +81,13 @@ function verify_password($password, $salt, $uid = false)
// this password is stored in another format than we want it to be.
// let's update it!
// we duplicate the query from the above set_password() function to have the extra safety of checking the old hash
sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt() . '$')) . "' WHERE `UID` = " . intval($uid) . " AND `Passwort` = '" . sql_escape($salt) . "' LIMIT 1");
sql_query("
UPDATE `User`
SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt() . '$')) . "'
WHERE `UID` = " . intval($uid) . "
AND `Passwort` = '" . sql_escape($salt) . "'
LIMIT 1
");
}
return $correct;
}
@ -78,7 +95,14 @@ function verify_password($password, $salt, $uid = false)
function privileges_for_user($user_id)
{
$privileges = [];
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'");
$user_privs = sql_select("
SELECT `Privileges`.`name`
FROM `User`
JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`)
JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`)
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `User`.`UID`='" . sql_escape($user_id) . "'
");
foreach ($user_privs as $user_priv) {
$privileges[] = $user_priv['name'];
}
@ -88,7 +112,12 @@ function privileges_for_user($user_id)
function privileges_for_group($group_id)
{
$privileges = [];
$groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group_id) . "'");
$groups_privs = sql_select("
SELECT *
FROM `GroupPrivileges`
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `group_id`='" . sql_escape($group_id) . "'
");
foreach ($groups_privs as $guest_priv) {
$privileges[] = $guest_priv['name'];
}

41
includes/sys_form.php
Unescape Escape View File

@ -111,7 +111,8 @@ function form_checkboxes($name, $label, $items, $selected)
* @param
* items Array mit den Beschriftungen der Zeilen
* @param
* selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo markierten Checkboxen ist
* selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo markierten
* Checkboxen ist
* @param
* disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
*/
@ -173,7 +174,10 @@ function form_info($label, $text = "")
*/
function form_submit($name, $label)
{
return form_element('<input class="btn btn-primary" type="submit" name="' . $name . '" value="' . $label . '" />', "");
return form_element(
'<input class="btn btn-primary" type="submit" name="' . $name . '" value="' . $label . '" />',
""
);
}
/**
@ -182,7 +186,11 @@ function form_submit($name, $label)
function form_text($name, $label, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
return form_element(
$label,
'<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>',
'form_' . $name
);
}
/**
@ -200,7 +208,8 @@ function form_text($name, $label, $value, $disabled = false)
function form_text_placeholder($name, $placeholder, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element('', '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" placeholder="' . $placeholder . '" ' . $disabled . '/>');
return form_element('',
'<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" placeholder="' . $placeholder . '" ' . $disabled . '/>');
}
/**
@ -209,7 +218,11 @@ function form_text_placeholder($name, $placeholder, $value, $disabled = false)
function form_email($name, $label, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
return form_element(
$label,
'<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>',
'form_' . $name
);
}
/**
@ -226,7 +239,11 @@ function form_file($name, $label)
function form_password($name, $label, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name);
return form_element(
$label,
'<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>',
'form_' . $name
);
}
/**
@ -235,7 +252,11 @@ function form_password($name, $label, $disabled = false)
function form_password_placeholder($name, $placeholder, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element('', '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" placeholder="' . $placeholder . '" ' . $disabled . '/>', 'form_' . $name);
return form_element(
'',
'<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" placeholder="' . $placeholder . '" ' . $disabled . '/>',
'form_' . $name
);
}
/**
@ -244,7 +265,11 @@ function form_password_placeholder($name, $placeholder, $disabled = false)
function form_textarea($name, $label, $value, $disabled = false)
{
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name);
return form_element(
$label,
'<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>',
'form_' . $name
);
}
/**

25
includes/sys_menu.php
Unescape Escape View File

@ -11,7 +11,10 @@ function page_link_to($page = "")
function page_link_to_absolute($page)
{
return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI']) . page_link_to($page);
return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
. $_SERVER['HTTP_HOST']
. preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI'])
. page_link_to($page);
}
/**
@ -49,7 +52,11 @@ function header_toolbar()
$toolbar_items = [];
if (isset($user)) {
$toolbar_items[] = toolbar_item_link(page_link_to('shifts') . '&amp;action=next', 'time', User_shift_state_render($user));
$toolbar_items[] = toolbar_item_link(
page_link_to('shifts') . '&amp;action=next',
'time',
User_shift_state_render($user)
);
}
if (!isset($user) && in_array('register', $privileges)) {
@ -66,7 +73,12 @@ function header_toolbar()
$toolbar_items[] = header_render_hints();
if (in_array('user_myshifts', $privileges)) {
$toolbar_items[] = toolbar_item_link(page_link_to('users') . '&amp;action=view', ' icon-icon_angel', $user['Nick'], $page == 'users');
$toolbar_items[] = toolbar_item_link(
page_link_to('users') . '&amp;action=view',
' icon-icon_angel',
$user['Nick'],
$page == 'users'
);
}
$user_submenu = make_user_submenu();
@ -88,7 +100,12 @@ function make_user_submenu()
}
if (in_array('user_settings', $privileges)) {
$user_submenu[] = toolbar_item_link(page_link_to('user_settings'), 'list-alt', settings_title(), $page == 'user_settings');
$user_submenu[] = toolbar_item_link(
page_link_to('user_settings'),
'list-alt',
settings_title(),
$page == 'user_settings'
);
}
if (in_array('logout', $privileges)) {

4
includes/sys_template.php
Unescape Escape View File

@ -255,7 +255,9 @@ function shorten($str, $length = 50)
if (strlen($str) < $length) {
return $str;
}
return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, $length - 3) . '...</span>';
return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">'
. substr($str, 0, $length - 3)
. '...</span>';
}
function table_body($array)

134
includes/view/AngelTypes_view.php
Unescape Escape View File

@ -45,7 +45,11 @@ function AngelType_delete_view($angeltype)
info(sprintf(_("Do you want to delete angeltype %s?"), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes'), _("cancel"), 'cancel'),
button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed', _("delete"), 'ok')
button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed',
_("delete"),
'ok'
)
])
]);
}
@ -67,14 +71,29 @@ function AngelType_edit_view($angeltype, $supporter_mode)
]),
msg(),
form([
$supporter_mode ? form_info(_("Name"), $angeltype['name']) : form_text('name', _("Name"), $angeltype['name']),
$supporter_mode ? form_info(_("Restricted"), $angeltype['restricted'] ? _("Yes") : _("No")) : form_checkbox('restricted', _("Restricted"), $angeltype['restricted']),
$supporter_mode ? form_info(_("No Self Sign Up"), $angeltype['no_self_signup'] ? _("Yes") : _("No")) : form_checkbox('no_self_signup', _("No Self Sign Up"), $angeltype['no_self_signup']),
$supporter_mode ? form_info(_("Requires driver license"), $angeltype['requires_driver_license'] ? _("Yes") : _("No")) : form_checkbox('requires_driver_license', _("Requires driver license"), $angeltype['requires_driver_license']),
$supporter_mode
? form_info(_("Name"), $angeltype['name'])
: form_text('name', _("Name"), $angeltype['name']),
$supporter_mode
? form_info(_("Restricted"), $angeltype['restricted'] ? _("Yes") : _("No"))
: form_checkbox('restricted', _("Restricted"), $angeltype['restricted']),
$supporter_mode
? form_info(_("No Self Sign Up"), $angeltype['no_self_signup'] ? _("Yes") : _("No"))
: form_checkbox('no_self_signup', _("No Self Sign Up"), $angeltype['no_self_signup']),
$supporter_mode
? form_info(_("Requires driver license"), $angeltype['requires_driver_license'] ? _("Yes") : _("No"))
: form_checkbox(
'requires_driver_license',
_("Requires driver license"),
$angeltype['requires_driver_license']
),
//form_text('contact_name', _("Name"), $angeltype['contact_name']),
//form_text('contact_dect', _("DECT"), $angeltype['contact_dect']),
//form_text('contact_email', _("E-Mail"), $angeltype['contact_email']),
form_info("", _("Restricted angel types can only be used by an angel if enabled by a supporter (double opt-in).")),
form_info(
"",
_("Restricted angel types can only be used by an angel if enabled by a supporter (double opt-in).")
),
form_textarea('description', _("Description"), $angeltype['description']),
form_info("", _("Please use markdown for the description.")),
form_submit('submit', _("Save"))
@ -96,23 +115,39 @@ function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes,
}
if ($user_angeltype == null) {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
_("join"),
'add'
);
} else {
if ($angeltype['requires_driver_license'] && $user_driver_license == null) {
error(_("This angeltype requires a driver license. Please enter your driver license information!"));
}
if ($angeltype['restricted'] && $user_angeltype['confirm_user_id'] == null) {
error(sprintf(_("You are unconfirmed for this angeltype. Please go to the introduction for %s to get confirmed."), $angeltype['name']));
error(sprintf(
_("You are unconfirmed for this angeltype. Please go to the introduction for %s to get confirmed."),
$angeltype['name']
));
}
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'], _("leave"), 'cancel');
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'],
_("leave"), 'cancel');
}
if ($admin_angeltypes || $supporter) {
$buttons[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), 'edit');
$buttons[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
_("edit"),
'edit'
);
}
if ($admin_angeltypes) {
$buttons[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), 'delete');
$buttons[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
_("delete"),
'delete'
);
}
return buttons($buttons);
@ -143,14 +178,26 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($angeltype['restricted'] && $member['confirm_user_id'] == null) {
$member['actions'] = table_buttons([
button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'], _("confirm"), 'btn-xs'),
button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("deny"), 'btn-xs')
button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'],
_("confirm"),
'btn-xs'
),
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
_("deny"),
'btn-xs'
)
]);
$members_unconfirmed[] = $member;
} elseif ($member['supporter']) {
if ($admin_angeltypes) {
$member['actions'] = table_buttons([
button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0', _("Remove supporter rights"), 'btn-xs')
button(
page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0',
_("Remove supporter rights"),
'btn-xs'
)
]);
} else {
$member['actions'] = '';
@ -159,8 +206,15 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
} else {
if ($admin_user_angeltypes) {
$member['actions'] = table_buttons([
$admin_angeltypes ? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1', _("Add supporter rights"), 'btn-xs') : '',
button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("remove"), 'btn-xs')
$admin_angeltypes
? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1',
_("Add supporter rights"), 'btn-xs')
: '',
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
_("remove"),
'btn-xs'
)
]);
}
$members_confirmed[] = $member;
@ -203,8 +257,16 @@ function AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes)
/**
* Render an angeltype page containing the member lists.
*/
function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angeltypes, $admin_angeltypes, $supporter, $user_driver_license, $user)
{
function AngelType_view(
$angeltype,
$members,
$user_angeltype,
$admin_user_angeltypes,
$admin_angeltypes,
$supporter,
$user_driver_license,
$user
) {
$page = [
AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user),
msg()
@ -216,7 +278,12 @@ function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angel
$page[] = '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
}
list($supporters, $members_confirmed, $members_unconfirmed) = AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes);
list($supporters, $members_confirmed, $members_unconfirmed) = AngelType_view_members(
$angeltype,
$members,
$admin_user_angeltypes,
$admin_angeltypes
);
$table_headers = AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes);
if (count($supporters) > 0) {
@ -251,8 +318,16 @@ function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angel
if ($admin_user_angeltypes && $angeltype['restricted'] && count($members_unconfirmed) > 0) {
$page[] = '<h3>' . _("Unconfirmed") . '</h3>';
$page[] = buttons([
button(page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'], _("confirm all"), 'ok'),
button(page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'], _("deny all"), 'cancel')
button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'],
_("confirm all"),
'ok'
),
button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'],
_("deny all"),
'cancel'
)
]);
$page[] = table($table_headers, $members_unconfirmed);
}
@ -295,15 +370,26 @@ function AngelTypes_about_view_angeltype($angeltype)
if (isset($angeltype['user_angeltype_id'])) {
$buttons = [];
if ($angeltype['user_angeltype_id'] != null) {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), 'cancel');
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
_("leave"),
'cancel'
);
} else {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
_("join"),
'add'
);
}
$html .= buttons($buttons);
}
if ($angeltype['restricted']) {
$html .= info(_("This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings."), true);
$html .= info(
_("This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings."),
true
);
}
if ($angeltype['description'] != "") {
$html .= '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';

34
includes/view/EventConfig_view.php
Unescape Escape View File

@ -2,6 +2,7 @@
/**
* Shows basic event infos and countdowns.
*
* @param EventConfig $event_config The event configuration
*/
function EventConfig_countdown_page($event_config)
@ -16,7 +17,10 @@ function EventConfig_countdown_page($event_config)
if ($event_config['event_name'] != null) {
$elements[] = div('col-sm-12 text-center', [
heading(sprintf(_("Welcome to the %s!"), $event_config['event_name'] . ' <span class="icon-icon_angel"></span> ENGELSYSTEM'), 2)
heading(sprintf(
_("Welcome to the %s!"),
$event_config['event_name'] . ' <span class="icon-icon_angel"></span> ENGELSYSTEM'
), 2)
]);
}
@ -66,17 +70,29 @@ function EventConfig_info($event_config)
// Event name, start+end date are set
if ($event_config['event_name'] != null && $event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
return sprintf(_("%s, from %s to %s"), $event_config['event_name'], date(_("Y-m-d"), $event_config['event_start_date']), date(_("Y-m-d"), $event_config['event_end_date']));
return sprintf(
_("%s, from %s to %s"),
$event_config['event_name'],
date(_("Y-m-d"), $event_config['event_start_date']),
date(_("Y-m-d"), $event_config['event_end_date'])
);
}
// Event name, start date are set
if ($event_config['event_name'] != null && $event_config['event_start_date'] != null) {
return sprintf(_("%s, starting %s"), $event_config['event_name'], date(_("Y-m-d"), $event_config['event_start_date']));
return sprintf(
_("%s, starting %s"), $event_config['event_name'],
date(_("Y-m-d"), $event_config['event_start_date'])
);
}
// Event start+end date are set
if ($event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
return sprintf(_("Event from %s to %s"), date(_("Y-m-d"), $event_config['event_start_date']), date(_("Y-m-d"), $event_config['event_end_date']));
return sprintf(
_("Event from %s to %s"),
date(_("Y-m-d"), $event_config['event_start_date']),
date(_("Y-m-d"), $event_config['event_end_date'])
);
}
// Only event name is set
@ -99,8 +115,14 @@ function EventConfig_info($event_config)
* @param date $event_end_date
* @param date $teardown_end_date
*/
function EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date)
{
function EventConfig_edit_view(
$event_name,
$event_welcome_msg,
$buildup_start_date,
$event_start_date,
$event_end_date,
$teardown_end_date
) {
return page_with_title(event_config_title(), [
msg(),
form([

2
includes/view/Rooms_view.php
Unescape Escape View File

@ -1,6 +1,6 @@
<?php
use Engelsystem\ShiftsFilterRenderer;
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilterRenderer;
function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer)
{

3
includes/view/ShiftCalendarRenderer.php
Unescape Escape View File

@ -165,7 +165,8 @@ class ShiftCalendarRenderer
$rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
}
list($shift_height, $shift_html) = $shift_renderer->render($shift, $this->needed_angeltypes[$shift['SID']], $this->shift_entries[$shift['SID']], $user);
list($shift_height, $shift_html) = $shift_renderer->render($shift, $this->needed_angeltypes[$shift['SID']],
$this->shift_entries[$shift['SID']], $user);
$html .= $shift_html;
$rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW;
}

51
includes/view/ShiftCalendarShiftRenderer.php
Unescape Escape View File

@ -22,7 +22,12 @@ class ShiftCalendarShiftRenderer
if ($shift['title'] != '') {
$info_text = glyph('info-sign') . $shift['title'] . '<br>';
}
list($shift_signup_state, $shifts_row) = $this->renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user);
list($shift_signup_state, $shifts_row) = $this->renderShiftNeededAngeltypes(
$shift,
$needed_angeltypes,
$shift_entries,
$user
);
$class = $this->classForSignupState($shift_signup_state);
@ -30,7 +35,9 @@ class ShiftCalendarShiftRenderer
$blocks = max(1, $blocks);
return [
$blocks,
div('shift panel panel-' . $class . '" style="height: ' . ($blocks * ShiftCalendarRenderer::BLOCK_HEIGHT - ShiftCalendarRenderer::MARGIN) . 'px"', [
div(
'shift panel panel-' . $class . '" style="height: ' . ($blocks * ShiftCalendarRenderer::BLOCK_HEIGHT - ShiftCalendarRenderer::MARGIN) . 'px"',
[
$this->renderShiftHead($shift),
div('panel-body', [
$info_text,
@ -41,7 +48,8 @@ class ShiftCalendarShiftRenderer
]),
$shifts_row,
div('shift-spacer')
])
]
)
];
}
@ -83,7 +91,12 @@ class ShiftCalendarShiftRenderer
$shift_signup_state = null;
foreach ($needed_angeltypes as $angeltype) {
if ($angeltype['count'] > 0 || count($shift_entries_filtered[$angeltype['id']]) > 0) {
list($angeltype_signup_state, $angeltype_html) = $this->renderShiftNeededAngeltype($shift, $shift_entries_filtered[$angeltype['id']], $angeltype, $user);
list($angeltype_signup_state, $angeltype_html) = $this->renderShiftNeededAngeltype(
$shift,
$shift_entries_filtered[$angeltype['id']],
$angeltype,
$user
);
if ($shift_signup_state == null) {
$shift_signup_state = $angeltype_signup_state;
} else {
@ -97,7 +110,11 @@ class ShiftCalendarShiftRenderer
}
if (in_array('user_shifts_admin', $privileges)) {
$html .= '<li class="list-group-item">' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'], _("Add more angels"), 'btn-xs') . '</li>';
$html .= '<li class="list-group-item">' . button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'],
_("Add more angels"),
'btn-xs'
) . '</li>';
}
if ($html != '') {
return [
@ -129,12 +146,21 @@ class ShiftCalendarShiftRenderer
$entry_list[] = "<span style=\"$style\">" . User_Nick_render($entry) . "</span>";
}
$shift_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, null, $angeltype, $shift_entries);
$inner_text = sprintf(ngettext("%d helper needed", "%d helpers needed", $shift_signup_state->getFreeEntries()), $shift_signup_state->getFreeEntries());
$inner_text = sprintf(
ngettext("%d helper needed", "%d helpers needed", $shift_signup_state->getFreeEntries()),
$shift_signup_state->getFreeEntries()
);
switch ($shift_signup_state->getState()) {
case ShiftSignupState::ADMIN:
case ShiftSignupState::FREE:
// When admin or free display a link + button for sign up
$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . $inner_text . '</a> ' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'], _('Sign up'), 'btn-xs btn-primary');
$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">'
. $inner_text
. '</a> '
. button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'],
_('Sign up'), 'btn-xs btn-primary'
);
break;
case ShiftSignupState::SHIFT_ENDED:
@ -148,7 +174,12 @@ class ShiftCalendarShiftRenderer
$entry_list[] = $inner_text . glyph('lock');
} else {
// Add link to join the angeltype first
$entry_list[] = $inner_text . '<br />' . button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']), 'btn-xs');
$entry_list[] = $inner_text . '<br />'
. button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
sprintf(_('Become %s'), $angeltype['name']),
'btn-xs'
);
}
break;
@ -190,7 +221,9 @@ class ShiftCalendarShiftRenderer
button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs')
]) . '</div>';
}
$shift_heading = date('H:i', $shift['start']) . ' &dash; ' . date('H:i', $shift['end']) . ' &mdash; ' . $shift['name'];
$shift_heading = date('H:i', $shift['start']) . ' &dash; '
. date('H:i', $shift['end']) . ' &mdash; '
. $shift['name'];
return div('panel-heading', [
'<a href="' . shift_link($shift) . '">' . $shift_heading . '</a>',
$header_buttons

14
includes/view/ShiftEntry_view.php
Unescape Escape View File

@ -2,6 +2,7 @@
/**
* Display form for adding/editing a shift entry.
*
* @param string $angel
* @param string $date
* @param string $location
@ -11,8 +12,17 @@
*
* @return string
*/
function ShiftEntry_edit_view($angel, $date, $location, $title, $type, $comment, $freeloaded, $freeload_comment, $user_admin_shifts = false)
{
function ShiftEntry_edit_view(
$angel,
$date,
$location,
$title,
$type,
$comment,
$freeloaded,
$freeload_comment,
$user_admin_shifts = false
) {
$freeload_form = [];
if ($user_admin_shifts) {
$freeload_form = [

23
includes/view/ShiftTypes_view.php
Unescape Escape View File

@ -15,7 +15,11 @@ function ShiftType_delete_view($shifttype)
info(sprintf(_("Do you want to delete shifttype %s?"), $shifttype['name']), true),
buttons([
button(page_link_to('shifttypes'), _("cancel"), 'cancel'),
button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed', _("delete"), 'ok')
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed',
_("delete"),
'ok'
)
])
]);
}
@ -55,9 +59,16 @@ function ShiftType_view($shifttype, $angeltype)
msg(),
buttons([
button(page_link_to('shifttypes'), shifttypes_title(), 'back'),
$angeltype ? button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], $angeltype['name']) : '',
$angeltype ? button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
$angeltype['name']
) : '',
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'edit'),
button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'delete')
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
_('delete'),
'delete'
)
]),
heading(_("Description"), 2),
$parsedown->parse($shifttype['description'])
@ -70,7 +81,11 @@ function ShiftTypes_list_view($shifttypes)
$shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>';
$shifttype['actions'] = table_buttons([
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'),
button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'btn-xs')
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
_('delete'),
'btn-xs'
)
]);
}

52
includes/view/Shifts_view.php
Unescape Escape View File

@ -5,10 +5,18 @@ function Shift_editor_info_render($shift)
{
$info = [];
if ($shift['created_by_user_id'] != null) {
$info[] = sprintf(glyph('plus') . _("created at %s by %s"), date('Y-m-d H:i', $shift['created_at_timestamp']), User_Nick_render(User($shift['created_by_user_id'])));
$info[] = sprintf(
glyph('plus') . _("created at %s by %s"),
date('Y-m-d H:i', $shift['created_at_timestamp']),
User_Nick_render(User($shift['created_by_user_id']))
);
}
if ($shift['edited_by_user_id'] != null) {
$info[] = sprintf(glyph('pencil') . _("edited at %s by %s"), date('Y-m-d H:i', $shift['edited_at_timestamp']), User_Nick_render(User($shift['edited_by_user_id'])));
$info[] = sprintf(
glyph('pencil') . _("edited at %s by %s"),
date('Y-m-d H:i', $shift['edited_at_timestamp']),
User_Nick_render(User($shift['edited_by_user_id']))
);
}
return join('<br />', $info);
}
@ -22,9 +30,16 @@ function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null)
}
if ($angeltype['shift_signup_state']->isSignupAllowed()) {
return button(page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'], _('Sign up'));
return button(
page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'],
_('Sign up')
);
} elseif ($user_angeltype == null) {
return button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']));
return button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
sprintf(_('Become %s'),
$angeltype['name'])
);
}
return '';
}
@ -50,10 +65,16 @@ function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupSt
$needed_angels .= Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin);
}
return page_with_title($shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>', [
return page_with_title(
$shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>',
[
msg(),
$shift_signup_state->getState() == ShiftSignupState::COLLIDES ? info(_('This shift collides with one of your shifts.'), true) : '',
$shift_signup_state->getState() == ShiftSignupState::SIGNED_UP ? info(_('You are signed up for this shift.'), true) : '',
$shift_signup_state->getState() == ShiftSignupState::COLLIDES
? info(_('This shift collides with one of your shifts.'), true)
: '',
$shift_signup_state->getState() == ShiftSignupState::SIGNED_UP
? info(_('You are signed up for this shift.'), true)
: '',
($shift_admin || $admin_shifttypes || $admin_rooms) ? buttons([
$shift_admin ? button(shift_edit_link($shift), glyph('pencil') . _('edit')) : '',
$shift_admin ? button(shift_delete_link($shift), glyph('trash') . _('delete')) : '',
@ -97,7 +118,8 @@ function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupSt
])
]),
$shift_admin ? Shift_editor_info_render($shift) : ''
]);
]
);
}
function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin)
@ -123,7 +145,13 @@ function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shi
$needed_angels .= '<h3>' . AngelType_name_render($angeltype) . '</h3>';
$bar_max = max($needed_angeltype['count'] * 10, $needed_angeltype['taken'] * 10, 10);
$bar_value = max(1, $needed_angeltype['taken'] * 10);
$needed_angels .= progress_bar(0, $bar_max, $bar_value, $class, $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']);
$needed_angels .= progress_bar(
0,
$bar_max,
$bar_value,
$class,
$needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']
);
$angels = [];
foreach ($shift['ShiftEntry'] as $shift_entry) {
@ -147,7 +175,11 @@ function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angelty
if ($user_shift_admin || $angeltype_supporter) {
$entry .= ' <div class="btn-group">';
if ($user_shift_admin) {
$entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs');
$entry .= button_glyph(
page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'],
'pencil',
'btn-xs'
);
}
$entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
$entry .= '</div>';

47
includes/view/UserAngelTypes_view.php
Unescape Escape View File

@ -4,10 +4,23 @@ function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporte
{
return page_with_title($supporter ? _("Add supporter rights") : _("Remove supporter rights"), [
msg(),
info(sprintf($supporter ? _("Do you really want to add supporter rights for %s to %s?") : _("Do you really want to remove supporter rights for %s from %s?"), $angeltype['name'], User_Nick_render($user)), true),
info(sprintf(
$supporter
? _("Do you really want to add supporter rights for %s to %s?")
: _("Do you really want to remove supporter rights for %s from %s?"),
$angeltype['name'],
User_Nick_render($user)
), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $user_angeltype['id'] . '&supporter=' . ($supporter ? '1' : '0') . '&confirmed', _("yes"), 'ok')
button(
page_link_to('user_angeltypes')
. '&action=update&user_angeltype_id=' . $user_angeltype['id']
. '&supporter=' . ($supporter ? '1' : '0')
. '&confirmed',
_("yes"),
'ok'
)
])
]);
}
@ -19,7 +32,11 @@ function UserAngelTypes_delete_all_view($angeltype)
info(sprintf(_("Do you really want to deny all users for %s?"), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
_("yes"),
'ok'
)
])
]);
}
@ -31,7 +48,11 @@ function UserAngelTypes_confirm_all_view($angeltype)
info(sprintf(_("Do you really want to confirm all users for %s?"), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
_("yes"),
'ok'
)
])
]);
}
@ -43,7 +64,11 @@ function UserAngelType_confirm_view($user_angeltype, $user, $angeltype)
info(sprintf(_("Do you really want to confirm %s for %s?"), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
_("yes"),
'ok'
)
])
]);
}
@ -55,7 +80,11 @@ function UserAngelType_delete_view($user_angeltype, $user, $angeltype)
info(sprintf(_("Do you really want to delete %s from %s?"), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', _("yes"), 'ok')
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
_("yes"),
'ok'
)
])
]);
}
@ -87,7 +116,11 @@ function UserAngelType_join_view($user, $angeltype)
info(sprintf(_("Do you really want to add %s to %s?"), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed', _("save"), 'ok')
button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed',
_("save"),
'ok'
)
])
]);
}

24
includes/view/UserDriverLicenses_view.php
Unescape Escape View File

@ -23,12 +23,28 @@ function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver
form_checkbox('wants_to_drive', _("I am willing to operate cars for the PL"), $wants_to_drive),
div('panel panel-default', [
div('panel-body', [
form_checkbox('has_car', _("I have my own car with me and am willing to use it for the PL (You'll get reimbursed for fuel)"), $user_driver_license['has_car']),
form_checkbox(
'has_car',
_("I have my own car with me and am willing to use it for the PL (You'll get reimbursed for fuel)"),
$user_driver_license['has_car']
),
heading(_("Driver license"), 3),
form_checkbox('has_license_car', _("Car"), $user_driver_license['has_license_car']),
form_checkbox('has_license_3_5t_transporter', _("Transporter 3,5t"), $user_driver_license['has_license_3_5t_transporter']),
form_checkbox('has_license_7_5t_truck', _("Truck 7,5t"), $user_driver_license['has_license_7_5t_truck']),
form_checkbox('has_license_12_5t_truck', _("Truck 12,5t"), $user_driver_license['has_license_12_5t_truck']),
form_checkbox(
'has_license_3_5t_transporter',
_("Transporter 3,5t"),
$user_driver_license['has_license_3_5t_transporter']
),
form_checkbox(
'has_license_7_5t_truck',
_("Truck 7,5t"),
$user_driver_license['has_license_7_5t_truck']
),
form_checkbox(
'has_license_12_5t_truck',
_("Truck 12,5t"),
$user_driver_license['has_license_12_5t_truck']
),
form_checkbox('has_license_forklift', _("Forklift"), $user_driver_license['has_license_forklift'])
])
], 'driving_license'),

161
includes/view/User_view.php
Unescape Escape View File

@ -29,8 +29,15 @@ $tshirt_sizes = [
* @param array <String> $themes
* Available themes
*/
function User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, $enable_tshirt_size, $tshirt_sizes)
{
function User_settings_view(
$user_source,
$locales,
$themes,
$buildup_start_date,
$teardown_end_date,
$enable_tshirt_size,
$tshirt_sizes
) {
return page_with_title(settings_title(), [
msg(),
div('row', [
@ -41,18 +48,42 @@ function User_settings_view($user_source, $locales, $themes, $buildup_start_date
form_text('nick', _("Nick"), $user_source['Nick'], true),
form_text('lastname', _("Last name"), $user_source['Name']),
form_text('prename', _("First name"), $user_source['Vorname']),
form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $user_source['planned_arrival_date'], $buildup_start_date, $teardown_end_date),
form_date('planned_departure_date', _("Planned date of departure"), $user_source['planned_departure_date'], $buildup_start_date, $teardown_end_date),
form_date(
'planned_arrival_date',
_("Planned date of arrival") . ' ' . entry_required(),
$user_source['planned_arrival_date'],
$buildup_start_date, $teardown_end_date
),
form_date(
'planned_departure_date',
_("Planned date of departure"),
$user_source['planned_departure_date'],
$buildup_start_date,
$teardown_end_date
),
form_text('age', _("Age"), $user_source['Alter']),
form_text('tel', _("Phone"), $user_source['Telefon']),
form_text('dect', _("DECT"), $user_source['DECT']),
form_text('mobile', _("Mobile"), $user_source['Handy']),
form_text('mail', _("E-Mail") . ' ' . entry_required(), $user_source['email']),
form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $user_source['email_shiftinfo']),
form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $user_source['email_by_human_allowed']),
form_checkbox(
'email_shiftinfo',
_("The engelsystem is allowed to send me an email (e.g. when my shifts change)"),
$user_source['email_shiftinfo']
),
form_checkbox(
'email_by_human_allowed',
_("Humans are allowed to send me an email (e.g. for ticket vouchers)"),
$user_source['email_by_human_allowed']
),
form_text('jabber', _("Jabber"), $user_source['jabber']),
form_text('hometown', _("Hometown"), $user_source['Hometown']),
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $user_source['Size']) : '',
$enable_tshirt_size ? form_select(
'tshirt_size',
_("Shirt size"),
$tshirt_sizes,
$user_source['Size']
) : '',
form_info('', _('Please visit the angeltypes page to manage your angeltypes.')),
form_submit('submit', _("Save"))
])
@ -126,7 +157,10 @@ function User_delete_view($user)
buttons([
button(user_edit_link($user), glyph('chevron-left') . _("back"))
]),
error(_("Do you really want to delete the user including all his shifts and every other piece of his data?"), true),
error(
_("Do you really want to delete the user including all his shifts and every other piece of his data?"),
true
),
form([
form_password('password', _("Your password")),
form_submit('submit', _("Delete"))
@ -152,8 +186,16 @@ function User_edit_vouchers_view($user)
]);
}
function Users_view($users, $order_by, $arrived_count, $active_count, $force_active_count, $freeloads_count, $tshirts_count, $voucher_count)
{
function Users_view(
$users,
$order_by,
$arrived_count,
$active_count,
$force_active_count,
$freeloads_count,
$tshirts_count,
$voucher_count
) {
foreach ($users as &$user) {
$user['Nick'] = User_Nick_render($user);
$user['Gekommen'] = glyph_bool($user['Gekommen']);
@ -283,10 +325,18 @@ function User_view_myshift($shift, $user_source, $its_me)
button(shift_link($shift), glyph('eye-open') . _('view'), 'btn-xs')
];
if ($its_me || in_array('user_shifts_admin', $privileges)) {
$myshift['actions'][] = button(page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '&id=' . $user_source['UID'], glyph('edit') . _('edit'), 'btn-xs');
$myshift['actions'][] = button(
page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '&id=' . $user_source['UID'],
glyph('edit') . _('edit'),
'btn-xs'
);
}
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
$myshift['actions'][] = button(page_link_to('user_myshifts') . ((! $its_me) ? '&id=' . $user_source['UID'] : '') . '&cancel=' . $shift['id'], glyph('trash') . _('sign off'), 'btn-xs');
$myshift['actions'][] = button(
page_link_to('user_myshifts') . ((!$its_me) ? '&id=' . $user_source['UID'] : '') . '&cancel=' . $shift['id'],
glyph('trash') . _('sign off'),
'btn-xs'
);
}
$myshift['actions'] = table_buttons($myshift['actions']);
@ -331,19 +381,42 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
$user_name = htmlspecialchars($user_source['Vorname']) . " " . htmlspecialchars($user_source['Name']);
$myshifts_table = User_view_myshifts($shifts, $user_source, $its_me);
return page_with_title('<span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . ' <small>' . $user_name . '</small>', [
return page_with_title(
'<span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . ' <small>' . $user_name . '</small>',
[
msg(),
div('row space-top', [
div('col-md-12', [
buttons([
$admin_user_privilege ? button(page_link_to('admin_user') . '&id=' . $user_source['UID'], glyph("edit") . _("edit")) : '',
$admin_user_privilege ? button(user_driver_license_edit_link($user_source), glyph("road") . _("driving license")) : '',
($admin_user_privilege && ! $user_source['Gekommen']) ? button(page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'], _("arrived")) : '',
$admin_user_privilege ? button(page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'], glyph('cutlery') . _('Edit vouchers')) : '',
$admin_user_privilege ? button(
page_link_to('admin_user') . '&id=' . $user_source['UID'],
glyph("edit") . _("edit")
) : '',
$admin_user_privilege ? button(
user_driver_license_edit_link($user_source),
glyph("road") . _("driving license")
) : '',
($admin_user_privilege && !$user_source['Gekommen']) ? button(
page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'],
_("arrived")
) : '',
$admin_user_privilege ? button(
page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'],
glyph('cutlery') . _('Edit vouchers')
) : '',
$its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _("Settings")) : '',
$its_me ? button(page_link_to('ical') . '&key=' . $user_source['api_key'], glyph('calendar') . _("iCal Export")) : '',
$its_me ? button(page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'], glyph('export') . _("JSON Export")) : '',
$its_me ? button(page_link_to('user_myshifts') . '&reset', glyph('repeat') . _('Reset API key')) : ''
$its_me ? button(
page_link_to('ical') . '&key=' . $user_source['api_key'],
glyph('calendar') . _("iCal Export")
) : '',
$its_me ? button(
page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'],
glyph('export') . _("JSON Export")
) : '',
$its_me ? button(
page_link_to('user_myshifts') . '&reset',
glyph('repeat') . _('Reset API key')
) : ''
])
])
]),
@ -356,10 +429,38 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
]),
div('col-md-3', [
'<h4>' . _("User state") . '</h4>',
($admin_user_privilege && $freeloader) ? '<span class="text-danger"><span class="glyphicon glyphicon-exclamation-sign"></span> ' . _("Freeloader") . '</span><br />' : '',
$user_source['Gekommen'] ? User_shift_state_render($user_source) . '<br />' : '',
$admin_user_privilege || $its_me ? ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . sprintf(_("Arrived at %s"), date('Y-m-d', $user_source['arrival_date'])) . '</span>' : '<span class="text-danger">' . sprintf(_("Not arrived (Planned: %s)"), date('Y-m-d', $user_source['planned_arrival_date'])) . '</span>') : ($user_source['Gekommen'] ? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . _("Arrived") . '</span>' : '<span class="text-danger">' . _("Not arrived") . '</span>'),
$admin_user_privilege ? ($user_source['got_voucher'] > 0 ? '<br /><span class="text-success">' . glyph('cutlery') . sprintf(ngettext("Got %s voucher", "Got %s vouchers", $user_source['got_voucher']), $user_source['got_voucher']) . '</span><br />' : '<br /><span class="text-danger">' . _("Got no vouchers") . '</span><br />') : '',
($admin_user_privilege && $freeloader)
? '<span class="text-danger"><span class="glyphicon glyphicon-exclamation-sign"></span> ' . _("Freeloader") . '</span><br />'
: '',
$user_source['Gekommen']
? User_shift_state_render($user_source) . '<br />'
: '',
$admin_user_privilege || $its_me
? (
$user_source['Gekommen']
? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> '
. sprintf(_("Arrived at %s"), date('Y-m-d', $user_source['arrival_date']))
. '</span>'
: '<span class="text-danger">'
. sprintf(_("Not arrived (Planned: %s)"), date('Y-m-d', $user_source['planned_arrival_date']))
. '</span>'
)
: (
$user_source['Gekommen']
? '<span class="text-success"><span class="glyphicon glyphicon-home"></span> ' . _("Arrived") . '</span>'
: '<span class="text-danger">' . _("Not arrived") . '</span>'),
$admin_user_privilege
? (
$user_source['got_voucher'] > 0
? '<br /><span class="text-success">'
. glyph('cutlery')
. sprintf(
ngettext("Got %s voucher", "Got %s vouchers", $user_source['got_voucher']),
$user_source['got_voucher']
)
. '</span><br />'
: '<br /><span class="text-danger">' . _("Got no vouchers") . '</span><br />')
: '',
($user_source['Gekommen'] && $admin_user_privilege && $user_source['Aktiv']) ? ' <span class="text-success">' . _("Active") . '</span>' : '',
($user_source['Gekommen'] && $admin_user_privilege && $user_source['Tshirt']) ? ' <span class="text-success">' . _("T-Shirt") . '</span>' : ''
]),
@ -382,7 +483,12 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
'actions' => _("Action")
], $myshifts_table) : '',
$its_me ? info(glyph('info-sign') . _("Your night shifts between 2 and 8 am count twice."), true) : '',
$its_me && count($shifts) == 0 ? error(sprintf(_("Go to the <a href=\"%s\">shifts table</a> to sign yourself up for some shifts."), page_link_to('user_shifts')), true) : ''
$its_me && count($shifts) == 0
? error(sprintf(
_("Go to the <a href=\"%s\">shifts table</a> to sign yourself up for some shifts."),
page_link_to('user_shifts')
), true)
: ''
]);
}
@ -472,7 +578,10 @@ function render_user_freeloader_hint()
global $user, $max_freeloadable_shifts;
if (User_is_freeloader($user)) {
return sprintf(_("You freeloaded at least %s shifts. Shift signup is locked. Please go to heavens desk to be unlocked again."), $max_freeloadable_shifts);
return sprintf(
_("You freeloaded at least %s shifts. Shift signup is locked. Please go to heavens desk to be unlocked again."),
$max_freeloadable_shifts
);
}
return null;

9
public/index.php
Unescape Escape View File

@ -25,7 +25,14 @@ if (! isset($_REQUEST['p'])) {
$_REQUEST['p'] = isset($user) ? "news" : "login";
}
if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (in_array($_REQUEST['p'], $free_pages) || in_array($_REQUEST['p'], $privileges))) {
if (
isset($_REQUEST['p'])
&& preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p'])
&& (
in_array($_REQUEST['p'], $free_pages)
|| in_array($_REQUEST['p'], $privileges)
)
) {
$page = $_REQUEST['p'];
$title = $page;

3
public/js/sticky-headers.js
Unescape Escape View File

@ -1,8 +1,7 @@
/**
* Enables the fixed headers and time lane for the shift-calendar and datatables
*/
$(document).ready(
function() {
$(document).ready(function () {
if ($(".shift-calendar").length) {
var timeLanes = $(".shift-calendar .time");
var headers = $(".shift-calendar .header");

28
public/maintenance.html
Unescape Escape View File

@ -14,10 +14,16 @@
<div class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
<a class="navbar-brand" href="?">
<span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
</a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse-1">
<ul class="nav navbar-nav"></ul>
@ -31,7 +37,9 @@
<div class="jumbotron">
<div class="container text-center">
<h1>
<span class="glyphicon glyphicon-scissors"></span> <span class="glyphicon glyphicon-wrench"></span> <span class="glyphicon glyphicon-fire"></span>
<span class="glyphicon glyphicon-scissors"></span>
<span class="glyphicon glyphicon-wrench"></span>
<span class="glyphicon glyphicon-fire"></span>
</h1>
<div class="col-md-6">
<h2>
@ -39,11 +47,16 @@
</h2>
<p>This may be due to...</p>
<p>
...archangels closing the gates of heaven. <br>...somebody's stolen the power chord and now the battery is empty. <br>...DHCP decided to give me another ip address.
...archangels closing the gates of heaven. <br>
...somebody's stolen the power chord and now the battery is empty. <br>
...DHCP decided to give me another ip address.
</p>
</div>
<div class="col-md-6">
<iframe width="560" height="315" src="https://www.youtube.com/embed/0aV_vHcunSQ?rel=0" frameborder="0" allowfullscreen></iframe>
<iframe width="560" height="315"
src="https://www.youtube.com/embed/0aV_vHcunSQ?rel=0"
frameborder="0" allowfullscreen>
</iframe>
</div>
</div>
</div>
@ -51,7 +64,8 @@
<div class="row">
<div class="col-md-12">
<div class="text-center footer">
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
</div>
</div>
</div>

44
public/overwhelmed.html
Unescape Escape View File

@ -14,15 +14,19 @@
<div class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="https://engelsystem.de"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
<a class="navbar-brand" href="https://engelsystem.de"><span class="icon-icon_angel"></span> <strong
class="visible-lg-inline">ENGELSYSTEM</strong></a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse-1">
<ul class="nav navbar-nav"></ul>
<ul class="nav navbar-nav navbar-right">
</ul>
<ul class="nav navbar-nav navbar-right"></ul>
</div>
</div>
</div>
@ -32,13 +36,28 @@
<div class="container text-center">
<div class="col-md-6 col-md-offset-3">
<h2>Dear Angels,</h2>
<p>The great interest in becoming an angel and participating at 33C3 is is something we are grateful for every time. There is a record number of angels and helping volunteers this year.</p>
<p>We did anticipate a great number but we are overwhelmed by this endless wave of support. We do want to enable each and every one of you to be an angel at the congress, but sadly our resources and capacities at Heaven are limited. The amount of angels at this point is beyond our
planing and to ensure we can support the angels already checked in. We did make a choice never thought possible on a chaos event:</p>
<p>We closed the registration in the Engelsystem and at Heaven Desk at 19:00 27. Dec. 2016.</p>
<p>Everyone of us works for you to support you in being an angel, but the Heaven Desk and the Kitchen among others are limited and so we decided to focus our effort to support those of you already arrived to the best of our abilities.</p>
<p>
For the Heaven Team<br /> Agnes, Jen, LLF and Knuth
The great interest in becoming an angel and participating at 33C3 is is something we are
grateful for every time. There is a record number of angels and helping volunteers this year.
</p>
<p>
We did anticipate a great number but we are overwhelmed by this endless wave of support. We do
want to enable each and every one of you to be an angel at the congress, but sadly our resources
and capacities at Heaven are limited. The amount of angels at this point is beyond our
planing and to ensure we can support the angels already checked in. We did make a choice never
thought possible on a chaos event:
</p>
<p>
We closed the registration in the Engelsystem and at Heaven Desk at 19:00 27. Dec. 2016.
</p>
<p>
Everyone of us works for you to support you in being an angel, but the Heaven Desk and the
Kitchen among others are limited and so we decided to focus our effort to support those of you
already arrived to the best of our abilities.
</p>
<p>
For the Heaven Team<br/>
Agnes, Jen, LLF and Knuth
</p>
</div>
</div>
@ -47,7 +66,8 @@
<div class="row">
<div class="col-md-12">
<div class="text-center footer">
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
<a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
</div>
</div>
</div>

31
shift_markup.html
Unescape Escape View File

@ -40,20 +40,39 @@
<a href="?p=shifts&amp;action=view&amp;shift_id=2696">00:00 02:00 — Bottle Collection</a>
<div class="pull-right">
<div class="btn-group">
<a href="?p=user_shifts&amp;edit_shift=2696" class="btn btn-default btn-xs"> <span class="glyphicon glyphicon-edit"></span>
</a> <a href="?p=user_shifts&amp;delete_shift=2696" class="btn btn-default btn-xs"> <span class="glyphicon glyphicon-trash"></span>
<a href="?p=user_shifts&amp;edit_shift=2696" class="btn btn-default btn-xs">
<span class="glyphicon glyphicon-edit"></span>
</a>
<a href="?p=user_shifts&amp;delete_shift=2696" class="btn btn-default btn-xs">
<span class="glyphicon glyphicon-trash"></span>
</a>
</div>
</div>
</div>
<div class="panel-body">
<span class="glyphicon glyphicon-info-sign"></span> Bottle Collection Quick Response Team<br> <a href="?p=rooms&amp;action=view&amp;room_id=42"> <span class="glyphicon glyphicon-map-marker"></span> Bottle Sorting (Hall H)
<span class="glyphicon glyphicon-info-sign"></span> Bottle Collection Quick Response Team<br>
<a href="?p=rooms&amp;action=view&amp;room_id=42">
<span class="glyphicon glyphicon-map-marker"></span> Bottle Sorting (Hall H)
</a>
</div>
<ul class="list-group">
<li class="list-group-item"><strong><a href="?p=angeltypes&amp;action=view&amp;angeltype_id=104575">Angel</a>:</strong> <span style=""><a class="" href="?p=users&amp;action=view&amp;user_id=1755"><span class="icon-icon_angel"></span> Pantomime</a></span>, <span style=""><a
class="" href="?p=users&amp;action=view&amp;user_id=50"><span class="icon-icon_angel"></span> sandzwerg</a></span></li>
<li class="list-group-item"><a href="?p=user_shifts&amp;shift_id=2696&amp;type_id=104575" class="btn btn-default btn-xs">Neue Engel hinzufügen</a></li>
<li class="list-group-item"><strong><a href="?p=angeltypes&amp;action=view&amp;angeltype_id=104575">Angel</a>:</strong>
<span style="">
<a class="" href="?p=users&amp;action=view&amp;user_id=1755">
<span class="icon-icon_angel"></span> Pantomime
</a>
</span>,
<span style="">
<a class="" href="?p=users&amp;action=view&amp;user_id=50">
<span class="icon-icon_angel"></span> sandzwerg
</a>
</span>
</li>
<li class="list-group-item">
<a href="?p=user_shifts&amp;shift_id=2696&amp;type_id=104575" class="btn btn-default btn-xs">
Neue Engel hinzufügen
</a>
</li>
</ul>
<div class="shift-spacer"></div>
</div>

16
templates/guest_credits.html
Unescape Escape View File

@ -4,17 +4,25 @@
<div class="col-md-4">
<h2>Source code</h2>
<p>
The original system was written by <a href="https://github.com/cookieBerlin/engelsystem">cookie</a>. It was then completely rewritten and greatly enhanced by <a href="http://notrademark.de/">msquare</a> and <a href="http://mortzu.de/">mortzu</a> of <a href="http://planetcyborg.de">planet
cyborg</a>, <a href="http://jplitza.de/">jplitza</a> and gnomus.
The original system was written by <a href="https://github.com/cookieBerlin/engelsystem">cookie</a>.
It was then completely rewritten and greatly enhanced by <a href="http://notrademark.de/">msquare</a>
and <a href="http://myigel.name/">MyIgel</a>,
<a href="http://mortzu.de/">mortzu</a> of <a href="http://planetcyborg.de">planet cyborg</a>,
<a href="http://jplitza.de/">jplitza</a> and gnomus.
</p>
<p>
Please look at the <a href="https://github.com/engelsystem/engelsystem/graphs/contributors">contributor list on github</a> for a more complete version.
Please look at the <a href="https://github.com/engelsystem/engelsystem/graphs/contributors">contributor
list on github</a> for a more complete version.
</p>
</div>
<div class="col-md-4">
<h2>Hosting</h2>
<p>
Webspace, development platform and domain is currently provided by <a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)<br /> and adminstrated by <a href="http://mortzu.de/">mortzu</a>, <a href="http://derf.homelinux.org/">derf</a> and ichdasich.
Webspace, development platform and domain is currently provided by
<a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)<br/>
and adminstrated by <a href="http://mortzu.de/">mortzu</a>,
<a href="http://derf.homelinux.org/">derf</a>
and ichdasich.
</p>
</div>
<div class="col-md-4">

15
templates/layout.html
Unescape Escape View File

@ -15,8 +15,12 @@
<div class="navbar navbar-default navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
</div>
@ -30,8 +34,11 @@
<hr/>
<div class="text-center footer" style="margin-bottom: 10px;">
%event_info%
<a href="%faq_url%">FAQ</a> · <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a> · <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development
Platform</a> · <a href="?p=credits">Credits</a>
<a href="%faq_url%">FAQ</a>
· <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a>
· <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
· <a href="?p=credits">Credits</a>
</div>
</div>
</div>

6
templates/user_shifts.html
Unescape Escape View File

@ -17,7 +17,8 @@
<div class="form-group">%start_select%</div>
<div class="form-group">
<div class="input-group">
<input class="form-control" type="text" id="start_time" name="start_time" size="5" pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
<input class="form-control" type="text" id="start_time" name="start_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
<div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');">
<span class="glyphicon glyphicon-time"></span>
@ -29,7 +30,8 @@
<div class="form-group">%end_select%</div>
<div class="form-group">
<div class="input-group">
<input class="form-control" type="text" id="end_time" name="end_time" size="5" pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
<input class="form-control" type="text" id="end_time" name="end_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
<div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');">
<span class="glyphicon glyphicon-time"></span>

Write Preview
Loading…
Cancel
Save