kontakt
/
engelsystem
3
0
Fork 0
Code Issues 12 Pull Requests Projects Releases Wiki Activity

more redirects - better flow when configuring shifts and shift entries

Browse Source
main
Philip Häusler 13 years ago
parent b864f2c5b1
commit e8cc1e7b4f
2 changed files with 45 additions and 35 deletions
Show Stats Download Patch File Download Diff File

13
includes/pages/user_myshifts.php
Unescape Escape View File

@ -21,7 +21,8 @@ function user_myshifts() {
if (isset ($_REQUEST['reset'])) { if (isset ($_REQUEST['reset'])) {
if ($_REQUEST['reset'] == "ack") { if ($_REQUEST['reset'] == "ack") {
user_reset_ical_key($user); user_reset_ical_key($user);
return success("Key geändert.", true); success("Key geändert.");
redirect(page_link_to('user_myshifts'));
} }
return template_render('../templates/user_myshifts_reset.html', array ()); return template_render('../templates/user_myshifts_reset.html', array ());
} }
@ -34,7 +35,9 @@ function user_myshifts() {
if (isset ($_REQUEST['submit'])) { if (isset ($_REQUEST['submit'])) {
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to('user_myshifts'));
success("Schicht gespeichert.");
redirect(page_link_to('user_myshifts'));
} }
return template_render('../templates/user_shifts_add.html', array ( return template_render('../templates/user_shifts_add.html', array (
@ -46,7 +49,7 @@ function user_myshifts() {
'comment' => $shift['Comment'] 'comment' => $shift['Comment']
)); ));
} else } else
header("Location: " . page_link_to('user_myshifts')); redirect(page_link_to('user_myshifts'));
} }
elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
$id = $_REQUEST['cancel']; $id = $_REQUEST['cancel'];
@ -59,7 +62,7 @@ function user_myshifts() {
} else } else
$msg .= error("Es ist zu spät um sich aus der Schicht auszutragen. Frage ggf. einen Orga.", true); $msg .= error("Es ist zu spät um sich aus der Schicht auszutragen. Frage ggf. einen Orga.", true);
} else } else
header("Location: " . page_link_to('user_myshifts')); redirect(page_link_to('user_myshifts'));
} }
$shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`"); $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`");
@ -87,7 +90,7 @@ function user_myshifts() {
if ($shifts_user['ical_key'] == "") if ($shifts_user['ical_key'] == "")
user_reset_ical_key($shifts_user); user_reset_ical_key($shifts_user);
return template_render('../templates/user_myshifts.html', array ( return msg().template_render('../templates/user_myshifts.html', array (
'h' => $LETZTES_AUSTRAGEN, 'h' => $LETZTES_AUSTRAGEN,
'shifts' => $html, 'shifts' => $html,
'msg' => $msg, 'msg' => $msg,

67
includes/pages/user_shifts.php
Unescape Escape View File

@ -4,30 +4,33 @@ function user_shifts() {
// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins // Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
if (isset ($_REQUEST['entry_id']) && in_array('user_shifts_admin', $privileges)) { if (isset ($_REQUEST['entry_id']) && in_array('user_shifts_admin', $privileges)) {
if (isset ($_REQUEST['entry_id']) && preg_match("/^[0-9]*$/", $_REQUEST['entry_id'])) if (isset ($_REQUEST['entry_id']) && test_request_int('entry_id'))
$entry_id = $_REQUEST['entry_id']; $entry_id = $_REQUEST['entry_id'];
else else
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1"); sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
return success("Der Schicht-Eintrag wurde gelöscht..", true); success("Der Schicht-Eintrag wurde gelöscht.");
redirect(page_link_to('user_shifts'));
} }
// Schicht bearbeiten // Schicht bearbeiten
elseif (isset ($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) { elseif (isset ($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) {
$msg = ""; $msg = "";
$ok = true; $ok = true;
if (isset ($_REQUEST['edit_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['edit_shift'])) if (isset ($_REQUEST['edit_shift']) && test_request_int('edit_shift'))
$shift_id = $_REQUEST['edit_shift']; $shift_id = $_REQUEST['edit_shift'];
else else
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1") > 0) if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1") > 0) {
return error("Du kannst nur Schichten bearbeiten, bei denen niemand eingetragen ist.", true); error("Du kannst nur Schichten bearbeiten, bei denen niemand eingetragen ist.");
redirect(page_link_to('user_shift'));
}
$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); $shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
if (count($shift) == 0) if (count($shift) == 0)
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$shift = $shift[0]; $shift = $shift[0];
// Locations laden // Locations laden
@ -37,10 +40,10 @@ function user_shifts() {
$room_array[$room['RID']] = $room['Name']; $room_array[$room['RID']] = $room['Name'];
// Engeltypen laden // Engeltypen laden
$types = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) WHERE `shift_id`=" . sql_escape($shift_id) . " ORDER BY `AngelTypes`.`name`"); $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`=" . sql_escape($shift_id) . ") ORDER BY `AngelTypes`.`name`");
$needed_angel_types = array (); $needed_angel_types = array ();
foreach ($types as $type) foreach ($needed_angel_types_source as $type)
$needed_angel_types[$type['id']] = $type['count']; $needed_angel_types[$type['id']] = $type['count'] != "" ? $type['count'] : "0";
$name = $shift['name']; $name = $shift['name'];
$rid = $shift['RID']; $rid = $shift['RID'];
@ -79,7 +82,7 @@ function user_shifts() {
$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!", true); $msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!", true);
} }
foreach ($types as $type) { foreach ($needed_angel_types_source as $type) {
if (isset ($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) { if (isset ($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) {
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]); $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
} else { } else {
@ -87,23 +90,20 @@ function user_shifts() {
$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['name'] . ".", true); $msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['name'] . ".", true);
} }
} }
if (array_sum($needed_angel_types) == 0) {
$ok = false;
$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.", true);
}
if ($ok) { if ($ok) {
sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
foreach ($needed_angel_types as $type_id => $count) foreach ($needed_angel_types as $type_id => $count)
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count)); sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
return success("Schicht gespeichert.", true); success("Schicht gespeichert.");
redirect(page_link_to('user_shifts'));
} }
} }
$room_select = html_select_key('rid', 'rid', $room_array, $rid); $room_select = html_select_key('rid', 'rid', $room_array, $rid);
$angel_types = ""; $angel_types = "";
foreach ($types as $type) { foreach ($needed_angel_types_source as $type) {
$angel_types .= template_render('../templates/admin_shifts_angel_types.html', array ( $angel_types .= template_render('../templates/admin_shifts_angel_types.html', array (
'id' => $type['id'], 'id' => $type['id'],
'type' => $type['name'], 'type' => $type['name'],
@ -137,7 +137,8 @@ function user_shifts() {
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
return success("Die Schicht wurde gelöscht.", true); success("Die Schicht wurde gelöscht.");
redirect(page_link_to('user_shifts'));
} }
return template_render('../templates/user_shifts_admin_delete.html', array ( return template_render('../templates/user_shifts_admin_delete.html', array (
@ -169,6 +170,7 @@ function user_shifts() {
$type = $type[0]; $type = $type[0];
if (isset ($_REQUEST['submit'])) { if (isset ($_REQUEST['submit'])) {
$selected_type_id = $type_id;
if (in_array('user_shifts_admin', $privileges)) { if (in_array('user_shifts_admin', $privileges)) {
if (isset ($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id'])) if (isset ($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']))
$user_id = $_REQUEST['user_id']; $user_id = $_REQUEST['user_id'];
@ -177,6 +179,9 @@ function user_shifts() {
if (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1") == 0) if (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1") == 0)
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
if (isset ($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($_REQUEST['angeltype_id']) . " LIMIT 1") > 0)
$selected_type_id = $_REQUEST['angeltype_id'];
} else } else
$user_id = $user['UID']; $user_id = $user['UID'];
@ -187,8 +192,10 @@ function user_shifts() {
return error("This angel does already have an entry for this shift.", true); return error("This angel does already have an entry for this shift.", true);
$comment = strip_request_item_nl('comment'); $comment = strip_request_item_nl('comment');
sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($type_id) . ", `SID`=" . sql_escape($shift_id)); sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($selected_type_id) . ", `SID`=" . sql_escape($shift_id));
return success("Du bist eingetragen. Danke!", true) . '<a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>';
success("Du bist eingetragen. Danke!" . ' <a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>');
redirect(page_link_to('user_shifts'));
} }
if (in_array('user_shifts_admin', $privileges)) { if (in_array('user_shifts_admin', $privileges)) {
@ -277,9 +284,9 @@ function view_user_shifts() {
); );
$shifts = sql_select("SELECT `Shifts`.*, `Room`.`Name` as `room_name` FROM `Shifts` JOIN `Room` USING (`RID`) $shifts = sql_select("SELECT `Shifts`.*, `Room`.`Name` as `room_name` FROM `Shifts` JOIN `Room` USING (`RID`)
WHERE `Shifts`.`RID` IN (" . implode(',', $_SESSION['user_shifts']['rooms']) . ") WHERE `Shifts`.`RID` IN (" . implode(',', $_SESSION['user_shifts']['rooms']) . ")
AND DATE(FROM_UNIXTIME(`start`)) IN ('" . implode("','", $_SESSION['user_shifts']['days']) . "') AND DATE(FROM_UNIXTIME(`start`)) IN ('" . implode("','", $_SESSION['user_shifts']['days']) . "')
ORDER BY `start`"); ORDER BY `start`");
$shifts_table = ""; $shifts_table = "";
$row_count = 0; $row_count = 0;
@ -299,17 +306,17 @@ function view_user_shifts() {
$is_free = false; $is_free = false;
$shift_has_special_needs = 0 < sql_num_query("SELECT `id` FROM `NeededAngelTypes` WHERE `shift_id` = " . $shift['SID']); $shift_has_special_needs = 0 < sql_num_query("SELECT `id` FROM `NeededAngelTypes` WHERE `shift_id` = " . $shift['SID']);
$query = "SELECT * $query = "SELECT *
FROM `NeededAngelTypes` FROM `NeededAngelTypes`
JOIN `AngelTypes` JOIN `AngelTypes`
ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`)
WHERE "; WHERE ";
if ($shift_has_special_needs) if ($shift_has_special_needs)
$query .= "`shift_id` = " . sql_escape($shift['SID']); $query .= "`shift_id` = " . sql_escape($shift['SID']);
else else
$query .= "`room_id` = " . sql_escape($shift['RID']); $query .= "`room_id` = " . sql_escape($shift['RID']);
$query .= " AND `count` > 0 $query .= " AND `count` > 0
AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ")
ORDER BY `AngelTypes`.`name`"; ORDER BY `AngelTypes`.`name`";
$angeltypes = sql_select($query); $angeltypes = sql_select($query);
if (count($angeltypes) > 0) { if (count($angeltypes) > 0) {

Write Preview
Loading…
Cancel
Save