engelsystem/includes/pages/user_shifts.php

<?php
function user_shifts() {
	global $user, $privileges;
	// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
	if (isset ($_REQUEST['entry_id']) && in_array('user_shifts_admin', $privileges)) {
		if (isset ($_REQUEST['entry_id']) && preg_match("/^[0-9]*$/", $_REQUEST['entry_id']))
			$entry_id = $_REQUEST['entry_id'];
		else
			header("Location: " . page_link_to('user_shifts'));

		sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
		return success("Der Schicht-Eintrag wurde gelöscht..");
	}
	// Schicht bearbeiten
	elseif (isset ($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) {
		$msg = "";
		$ok = true;

		if (isset ($_REQUEST['edit_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['edit_shift']))
			$shift_id = $_REQUEST['edit_shift'];
		else
			header("Location: " . page_link_to('user_shifts'));

		if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1") > 0)
			return error("Du kannst nur Schichten bearbeiten, bei denen niemand eingetragen ist.");

		$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
		if (count($shift) == 0)
			header("Location: " . page_link_to('user_shifts'));
		$shift = $shift[0];

		// Locations laden
		$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
		$room_array = array ();
		foreach ($rooms as $room)
			$room_array[$room['RID']] = $room['Name'];

		// Engeltypen laden
		$types = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `shift_id`=" . sql_escape($shift_id) . " ORDER BY `AngelTypes`.`Name`");
		$needed_angel_types = array ();
		foreach ($types as $type)
			$needed_angel_types[$type['TID']] = $type['count'];

		$name = $shift['name'];
		$rid = $shift['RID'];
		$start = $shift['start'];
		$end = $shift['end'];

		if (isset ($_REQUEST['submit'])) {
			// Name/Bezeichnung der Schicht, darf leer sein
			$name = strip_request_item('name');

			// Auswahl der sichtbaren Locations für die Schichten
			if (isset ($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset ($room_array[$_REQUEST['rid']]))
				$rid = $_REQUEST['rid'];
			else {
				$ok = false;
				$rid = $rooms[0]['RID'];
				$msg .= error("Wähle bitte einen Raum aus.");
			}

			if (isset ($_REQUEST['start']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
				$start = $tmp->getTimestamp();
			else {
				$ok = false;
				$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.");
			}

			if (isset ($_REQUEST['end']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))
				$end = $tmp->getTimestamp();
			else {
				$ok = false;
				$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.");
			}

			if ($start >= $end) {
				$ok = false;
				$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!");
			}

			foreach ($types as $type) {
				if (isset ($_REQUEST['type_' . $type['TID']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['TID']]))) {
					$needed_angel_types[$type['TID']] = trim($_REQUEST['type_' . $type['TID']]);
				} else {
					$ok = false;
					$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['Name'] . ".");
				}
			}
			if (array_sum($needed_angel_types) == 0) {
				$ok = false;
				$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.");
			}

			if ($ok) {
				sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
				sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
				foreach ($needed_angel_types as $type_id => $count)
					sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
				return success("Schicht gespeichert.");
			}
		}

		$room_select = html_select_key('rid', $room_array, $rid);
		$angel_types = "";
		foreach ($types as $type) {
			$angel_types .= template_render('../templates/admin_shifts_angel_types.html', array (
				'id' => $type['TID'],
				'type' => $type['Name'],
				'value' => $needed_angel_types[$type['TID']]
			));
		}
		return template_render('../templates/user_shifts_edit.html', array (
			'msg' => $msg,
			'name' => $name,
			'room_select' => $room_select,
			'start' => date("Y-m-d H:i", $start),
			'end' => date("Y-m-d H:i", $end),
			'angel_types' => $angel_types
		));
	}
	// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
	elseif (isset ($_REQUEST['delete_shift']) && in_array('user_shifts_admin', $privileges)) {
		if (isset ($_REQUEST['delete_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['delete_shift']))
			$shift_id = $_REQUEST['delete_shift'];
		else
			header("Location: " . page_link_to('user_shifts'));

		$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
		if (count($shift) == 0)
			header("Location: " . page_link_to('user_shifts'));
		$shift = $shift[0];

		// Schicht löschen bestätigt
		if (isset ($_REQUEST['delete'])) {
			sql_query("DELETE FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id));
			sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
			sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");

			return success("Die Schicht wurde gelöscht.");
		}

		return template_render('../templates/user_shifts_admin_delete.html', array (
			'name' => $shift['name'],
			'start' => date("Y-m-d H:i", $shift['start']),
			'end' => date("H:i", $shift['end']),
			'id' => $shift_id
		));
	}
	elseif (isset ($_REQUEST['shift_id'])) {
		if (isset ($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id']))
			$shift_id = $_REQUEST['shift_id'];
		else
			header("Location: " . page_link_to('user_shifts'));

		$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
		if (count($shift) == 0)
			header("Location: " . page_link_to('user_shifts'));
		$shift = $shift[0];

		if (isset ($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id']))
			$type_id = $_REQUEST['type_id'];
		else
			header("Location: " . page_link_to('user_shifts'));

		$type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($type_id) . " LIMIT 1");
		if (count($type) == 0)
			header("Location: " . page_link_to('user_shifts'));
		$type = $type[0];

		if (isset ($_REQUEST['submit'])) {
			if (in_array('user_shifts_admin', $privileges)) {
				if (isset ($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']))
					$user_id = $_REQUEST['user_id'];
				else
					$user_id = $user['UID'];

				$user_test = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1");
				if (count($user_test) == 0)
					header("Location: " . page_link_to('user_shifts'));
			} else
				$user_id = $user['UID'];

			// TODO: Kollisionserkennung, andere Schichten zur gleichen Uhrzeit darf der Engel auch nicht belegt haben...
			$entries = sql_select("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']));
			foreach ($entries as $entry)
				if ($entry['UID'] == $user_id)
					return error("This angel does already have an entry for this shift.");

			$comment = strip_request_item_nl('comment');
			sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($type_id) . ", `SID`=" . sql_escape($shift_id));
			return success("Du bist eingetragen. Danke!") . '<a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>';
		}

		if (in_array('user_shifts_admin', $privileges)) {
			$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
			$users_select = array ();
			foreach ($users as $usr)
				$users_select[$usr['UID']] = $usr['Nick'];
			$user_text = html_select_key('user_id', $users_select, $user['UID']);
		} else
			$user_text = $user['Nick'];

		return template_render('../templates/user_shifts_add.html', array (
			//'date' => date("Y-m-d H:i", $shift['start']) . ', ' . date("H:i", $shift['end'] - $shift['start']) . 'h',
			'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
			'title' => $shift['name'],
			'location' => $shift['Name'],
			'angel' => $user_text,
			'type' => $type['Name'],
			'comment' => ""
		));
	} else {
		$shifts = sql_select("SELECT * FROM `Shifts` ORDER BY `start`");
		$days = array ();
		$rooms = array ();
		if (count($shifts) > 0) {
			foreach ($shifts as $shift)
				$days[] = date("Y-m-d", $shift['start']);
			$days = array_unique($days);
			$day = $days[0];
			if (isset ($_REQUEST['day']))
				$day = $_REQUEST['day'];

			$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
			$id = 0;
			if (isset ($_REQUEST['room_id']) && preg_match("/^[0-9]*$/", $_REQUEST['room_id']))
				$id = $_REQUEST['room_id'];
			$day_timestamp = DateTime :: createFromFormat("Y-m-d-Hi", $day . "-0000")->getTimestamp();

			if ($id == 0)
				$shifts = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `start` > " . sql_escape(time()) . " ORDER BY `start`");
			else
				$shifts = sql_select("SELECT * FROM `Shifts` WHERE `RID`=" . sql_escape($id) . " AND `start` >= " . sql_escape($day_timestamp) . " AND `start` < " . sql_escape($day_timestamp +24 * 60 * 60) . " ORDER BY `start`");

			$shifts_table = "";
			$row_count = 0;
			foreach ($shifts as $shift) {
				$shift_row = '<tr><td>' . date(($id == 0 ? "Y-m-d " : "") . "H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . ($id == 0 ? "<br />" . $shift['Name'] : "") . '</td><td>' . $shift['name'];
				if (in_array('admin_shifts', $privileges))
					$shift_row .= ' <a href="?p=user_shifts&edit_shift=' . $shift['SID'] . '">[edit]</a> <a href="?p=user_shifts&delete_shift=' . $shift['SID'] . '">[x]</a>';
				$shift_row .= '<br />';
				$show_shift = false;
				$angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `shift_id`=" . sql_escape($shift['SID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");
				if (count($angeltypes) == 0)
					$angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");

				if (count($angeltypes) > 0) {
					$my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0;
					foreach ($angeltypes as $angeltype) {
						$entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['TID']) . " ORDER BY `Nick`");
						$entry_list = array ();
						foreach ($entries as $entry) {
							if (in_array('user_shifts_admin', $privileges))
								$entry_list[] = '<a href="' . page_link_to('user_myshifts') . '&id=' . $entry['UID'] . '">' . $entry['Nick'] . '</a> <a href="' . page_link_to('user_shifts') . '&entry_id=' . $entry['id'] . '">[x]</a>';
							else
								$entry_list[] = $entry['Nick'];
						}
						if ($angeltype['count'] - count($entries) > 0)
							if (!$my_shift || in_array('user_shifts_admin', $privileges)) {
								$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['TID'] . '">' . ($angeltype['count'] - count($entries)) . ' Helfer' . ($angeltype['count'] - count($entries) != 1 ? '' : '') . ' gebraucht &raquo;</a>';
								$show_shift = true;
							} else
								$entry_list[] = ($angeltype['count'] - count($entries)) . ' Helfer gebraucht';

						$shift_row .= '<b>' . $angeltype['Name'] . ':</b> ';
						$shift_row .= join(", ", $entry_list);
						$shift_row .= '<br />';
					}
				}
				if ($id != 0 || ($show_shift && $row_count++ < 15))
					$shifts_table .= $shift_row . '</td></tr>';
			}
		}

		return template_render('../templates/user_shifts.html', array (
			'room_select' => make_room_select($rooms, $id, $day),
			'day_select' => make_day_select($days, $day, $id),
			'shifts_table' => $shifts_table
		));
	}
}

function make_day_select($days, $day, $id) {
	$html = array ();
	foreach ($days as $d) {
		if ($day == $d && $id != 0)
			$html[] = '<b>' . $d . '</b>';
		else
			$html[] = '<a href="' . page_link_to('user_shifts') . '&day=' . $d . '&room_id=' . $id . '">' . $d . '</a>';
	}
	return join(' | ', $html);
}

function make_room_select($rooms, $id, $day) {
	$html = array ();
	foreach ($rooms as $room) {
		if ($room['RID'] == $id)
			$html[] = '<b>' . $room['Name'] . '</b>';
		else
			$html[] = '<a href="' . page_link_to('user_shifts') . '&room_id=' . $room['RID'] . '&day=' . $day . '">' . $room['Name'] . '</a>';
	}
	if ($id == 0)
		$html[] = '<b>Nächste freie Schichten</b>';
	else
		$html[] = '<a href="' . page_link_to('user_shifts') . '&room_id=0">Nächste freie Schichten</a>';
	return join(' | ', $html);
}
?>
-												#6 angels shifts

											
										
										
											2011-07-13 14:30:19 +02:00
+								<?php
 								function user_shifts() {
-												angel shift signup

											
										
										
											2011-07-14 19:53:26 +02:00
+									global $user, $privileges;
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
+									// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+									if (isset ($_REQUEST['entry_id']) && in_array('user_shifts_admin', $privileges)) {
 										if (isset ($_REQUEST['entry_id']) && preg_match("/^[0-9]*$/", $_REQUEST['entry_id']))
-												#5 delete shifts

											
										
										
											2011-09-12 18:32:45 +02:00
+											$entry_id = $_REQUEST['entry_id'];
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+										else
 											header("Location: " . page_link_to('user_shifts'));
-												angel shift signup

											
										
										
											2011-07-14 19:53:26 +02:00
-												#5 delete shifts

											
										
										
											2011-09-12 18:32:45 +02:00
+										sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
-												translated user_shifts to german

											
										
										
											2011-09-14 23:05:43 +02:00
+										return success("Der Schicht-Eintrag wurde gelöscht..");
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+									}
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
+									// Schicht bearbeiten
 									elseif (isset ($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) {
 										$msg = "";
 										$ok = true;
 										if (isset ($_REQUEST['edit_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['edit_shift']))
 											$shift_id = $_REQUEST['edit_shift'];
 										else
 											header("Location: " . page_link_to('user_shifts'));
-												#5 begin edit shifts feature, completed

											
										
										
											2011-10-11 18:55:26 +02:00
+										if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1") > 0)
 											return error("Du kannst nur Schichten bearbeiten, bei denen niemand eingetragen ist.");
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
+										$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
 										if (count($shift) == 0)
 											header("Location: " . page_link_to('user_shifts'));
 										$shift = $shift[0];
 										// Locations laden
 										$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
 										$room_array = array ();
 										foreach ($rooms as $room)
 											$room_array[$room['RID']] = $room['Name'];
 										// Engeltypen laden
-												#5 begin edit shifts feature, completed

											
										
										
											2011-10-11 18:55:26 +02:00
+										$types = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `shift_id`=" . sql_escape($shift_id) . " ORDER BY `AngelTypes`.`Name`");
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
+										$needed_angel_types = array ();
 										foreach ($types as $type)
-												#5 begin edit shifts feature, simplified needed angels

											
										
										
											2011-10-11 18:35:29 +02:00
+											$needed_angel_types[$type['TID']] = $type['count'];
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
 										$name = $shift['name'];
 										$rid = $shift['RID'];
 										$start = $shift['start'];
 										$end = $shift['end'];
-												#5 begin edit shifts feature, completed

											
										
										
											2011-10-11 18:55:26 +02:00
+										if (isset ($_REQUEST['submit'])) {
 											// Name/Bezeichnung der Schicht, darf leer sein
 											$name = strip_request_item('name');
 											// Auswahl der sichtbaren Locations für die Schichten
 											if (isset ($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset ($room_array[$_REQUEST['rid']]))
 												$rid = $_REQUEST['rid'];
 											else {
 												$ok = false;
 												$rid = $rooms[0]['RID'];
 												$msg .= error("Wähle bitte einen Raum aus.");
 											}
 											if (isset ($_REQUEST['start']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
 												$start = $tmp->getTimestamp();
 											else {
 												$ok = false;
 												$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.");
 											}
 											if (isset ($_REQUEST['end']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))
 												$end = $tmp->getTimestamp();
 											else {
 												$ok = false;
 												$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.");
 											}
 											if ($start >= $end) {
 												$ok = false;
 												$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!");
 											}
 											foreach ($types as $type) {
 												if (isset ($_REQUEST['type_' . $type['TID']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['TID']]))) {
 													$needed_angel_types[$type['TID']] = trim($_REQUEST['type_' . $type['TID']]);
 												} else {
 													$ok = false;
 													$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['Name'] . ".");
 												}
 											}
 											if (array_sum($needed_angel_types) == 0) {
 												$ok = false;
 												$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.");
 											}
 											if ($ok) {
 												sql_query("UPDATE `Shifts` SET `start`=" . sql_escape($start) . ", `end`=" . sql_escape($end) . ", `RID`=" . sql_escape($rid) . ", `name`='" . sql_escape($name) . "' WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
 												sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
 												foreach ($needed_angel_types as $type_id => $count)
 													sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
 												return success("Schicht gespeichert.");
 											}
 										}
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
+										$room_select = html_select_key('rid', $room_array, $rid);
 										$angel_types = "";
 										foreach ($types as $type) {
 											$angel_types .= template_render('../templates/admin_shifts_angel_types.html', array (
 												'id' => $type['TID'],
 												'type' => $type['Name'],
 												'value' => $needed_angel_types[$type['TID']]
 											));
 										}
 										return template_render('../templates/user_shifts_edit.html', array (
 											'msg' => $msg,
 											'name' => $name,
 											'room_select' => $room_select,
 											'start' => date("Y-m-d H:i", $start),
 											'end' => date("Y-m-d H:i", $end),
 											'angel_types' => $angel_types
 										));
 									}
-												#5 delete shifts

											
										
										
											2011-09-12 18:32:45 +02:00
+									// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
 									elseif (isset ($_REQUEST['delete_shift']) && in_array('user_shifts_admin', $privileges)) {
 										if (isset ($_REQUEST['delete_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['delete_shift']))
 											$shift_id = $_REQUEST['delete_shift'];
 										else
 											header("Location: " . page_link_to('user_shifts'));
 										$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
 										if (count($shift) == 0)
 											header("Location: " . page_link_to('user_shifts'));
 										$shift = $shift[0];
 										// Schicht löschen bestätigt
 										if (isset ($_REQUEST['delete'])) {
 											sql_query("DELETE FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id));
 											sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
 											sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
 											return success("Die Schicht wurde gelöscht.");
 										}
 										return template_render('../templates/user_shifts_admin_delete.html', array (
 											'name' => $shift['name'],
 											'start' => date("Y-m-d H:i", $shift['start']),
 											'end' => date("H:i", $shift['end']),
 											'id' => $shift_id
 										));
 									}
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+									elseif (isset ($_REQUEST['shift_id'])) {
-												#6 prepare for shift entries, verify

											
										
										
											2011-07-13 15:55:27 +02:00
+										if (isset ($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id']))
 											$shift_id = $_REQUEST['shift_id'];
 										else
 											header("Location: " . page_link_to('user_shifts'));
-												angel shift signup

											
										
										
											2011-07-14 19:53:26 +02:00
+										$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
-												#6 prepare for shift entries, verify

											
										
										
											2011-07-13 15:55:27 +02:00
+										if (count($shift) == 0)
 											header("Location: " . page_link_to('user_shifts'));
 										$shift = $shift[0];
 										if (isset ($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id']))
 											$type_id = $_REQUEST['type_id'];
 										else
 											header("Location: " . page_link_to('user_shifts'));
-												angel shift signup

											
										
										
											2011-07-14 19:53:26 +02:00
+										$type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($type_id) . " LIMIT 1");
 										if (count($type) == 0)
 											header("Location: " . page_link_to('user_shifts'));
 										$type = $type[0];
 										if (isset ($_REQUEST['submit'])) {
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+											if (in_array('user_shifts_admin', $privileges)) {
 												if (isset ($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']))
 													$user_id = $_REQUEST['user_id'];
 												else
 													$user_id = $user['UID'];
 												$user_test = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1");
 												if (count($user_test) == 0)
 													header("Location: " . page_link_to('user_shifts'));
 											} else
 												$user_id = $user['UID'];
-												#6, begin myshifts

											
										
										
											2011-07-15 17:50:57 +02:00
+											// TODO: Kollisionserkennung, andere Schichten zur gleichen Uhrzeit darf der Engel auch nicht belegt haben...
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+											$entries = sql_select("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']));
 											foreach ($entries as $entry)
 												if ($entry['UID'] == $user_id)
 													return error("This angel does already have an entry for this shift.");
-												#6 my shifts | cancel my shifts

											
										
										
											2011-07-19 19:12:36 +02:00
+											$comment = strip_request_item_nl('comment');
 											sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($type_id) . ", `SID`=" . sql_escape($shift_id));
-												translated user_shifts to german

											
										
										
											2011-09-14 23:05:43 +02:00
+											return success("Du bist eingetragen. Danke!") . '<a href="' . page_link_to('user_myshifts') . '">Meine Schichten &raquo;</a>';
-												angel shift signup

											
										
										
											2011-07-14 19:53:26 +02:00
+										}
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+										if (in_array('user_shifts_admin', $privileges)) {
 											$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
 											$users_select = array ();
 											foreach ($users as $usr)
 												$users_select[$usr['UID']] = $usr['Nick'];
 											$user_text = html_select_key('user_id', $users_select, $user['UID']);
 										} else
 											$user_text = $user['Nick'];
-												#6 prepare for shift entries, verify

											
										
										
											2011-07-13 15:55:27 +02:00
+										return template_render('../templates/user_shifts_add.html', array (
-												fixed shift length display

											
										
										
											2011-09-29 14:38:23 +02:00
+											//'date' => date("Y-m-d H:i", $shift['start']) . ', ' . date("H:i", $shift['end'] - $shift['start']) . 'h',
 											'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
-												angel shift signup

											
										
										
											2011-07-14 19:53:26 +02:00
+											'title' => $shift['name'],
 											'location' => $shift['Name'],
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+											'angel' => $user_text,
-												#6 edit my shift comment

											
										
										
											2011-07-19 19:56:15 +02:00
+											'type' => $type['Name'],
 											'comment' => ""
-												#6 prepare for shift entries, verify

											
										
										
											2011-07-13 15:55:27 +02:00
+										));
-												#6 prepare for shift entries

											
										
										
											2011-07-13 15:17:15 +02:00
+									} else {
 										$shifts = sql_select("SELECT * FROM `Shifts` ORDER BY `start`");
 										$days = array ();
-												user_shifts fixed error with empty shifts table

											
										
										
											2011-09-14 22:45:15 +02:00
+										$rooms = array ();
 										if (count($shifts) > 0) {
 											foreach ($shifts as $shift)
 												$days[] = date("Y-m-d", $shift['start']);
 											$days = array_unique($days);
 											$day = $days[0];
 											if (isset ($_REQUEST['day']))
 												$day = $_REQUEST['day'];
 											$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
 											$id = 0;
 											if (isset ($_REQUEST['room_id']) && preg_match("/^[0-9]*$/", $_REQUEST['room_id']))
 												$id = $_REQUEST['room_id'];
 											$day_timestamp = DateTime :: createFromFormat("Y-m-d-Hi", $day . "-0000")->getTimestamp();
 											if ($id == 0)
 												$shifts = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `start` > " . sql_escape(time()) . " ORDER BY `start`");
 											else
 												$shifts = sql_select("SELECT * FROM `Shifts` WHERE `RID`=" . sql_escape($id) . " AND `start` >= " . sql_escape($day_timestamp) . " AND `start` < " . sql_escape($day_timestamp +24 * 60 * 60) . " ORDER BY `start`");
 											$shifts_table = "";
 											$row_count = 0;
 											foreach ($shifts as $shift) {
 												$shift_row = '<tr><td>' . date(($id == 0 ? "Y-m-d " : "") . "H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . ($id == 0 ? "<br />" . $shift['Name'] : "") . '</td><td>' . $shift['name'];
 												if (in_array('admin_shifts', $privileges))
-												#5 begin edit shifts feature

											
										
										
											2011-10-11 18:29:26 +02:00
+													$shift_row .= ' <a href="?p=user_shifts&edit_shift=' . $shift['SID'] . '">[edit]</a> <a href="?p=user_shifts&delete_shift=' . $shift['SID'] . '">[x]</a>';
-												user_shifts fixed error with empty shifts table

											
										
										
											2011-09-14 22:45:15 +02:00
+												$shift_row .= '<br />';
 												$show_shift = false;
 												$angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `shift_id`=" . sql_escape($shift['SID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");
 												if (count($angeltypes) == 0)
 													$angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");
 												if (count($angeltypes) > 0) {
 													$my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0;
 													foreach ($angeltypes as $angeltype) {
 														$entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['TID']) . " ORDER BY `Nick`");
 														$entry_list = array ();
 														foreach ($entries as $entry) {
 															if (in_array('user_shifts_admin', $privileges))
-												#37 schichten von fremen usern einsehen können, für dispatcher

											
										
										
											2011-11-09 08:47:58 +01:00
+																$entry_list[] = '<a href="' . page_link_to('user_myshifts') . '&id=' . $entry['UID'] . '">' . $entry['Nick'] . '</a> <a href="' . page_link_to('user_shifts') . '&entry_id=' . $entry['id'] . '">[x]</a>';
-												user_shifts fixed error with empty shifts table

											
										
										
											2011-09-14 22:45:15 +02:00
+															else
 																$entry_list[] = $entry['Nick'];
 														}
 														if ($angeltype['count'] - count($entries) > 0)
 															if (!$my_shift || in_array('user_shifts_admin', $privileges)) {
-												translated user_shifts to german

											
										
										
											2011-09-14 23:05:43 +02:00
+																$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['TID'] . '">' . ($angeltype['count'] - count($entries)) . ' Helfer' . ($angeltype['count'] - count($entries) != 1 ? '' : '') . ' gebraucht &raquo;</a>';
-												user_shifts fixed error with empty shifts table

											
										
										
											2011-09-14 22:45:15 +02:00
+																$show_shift = true;
 															} else
-												translated user_shifts to german

											
										
										
											2011-09-14 23:05:43 +02:00
+																$entry_list[] = ($angeltype['count'] - count($entries)) . ' Helfer gebraucht';
-												user_shifts fixed error with empty shifts table

											
										
										
											2011-09-14 22:45:15 +02:00
 														$shift_row .= '<b>' . $angeltype['Name'] . ':</b> ';
 														$shift_row .= join(", ", $entry_list);
 														$shift_row .= '<br />';
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+													}
-												#6 prepare for shift entries

											
										
										
											2011-07-13 15:17:15 +02:00
+												}
-												user_shifts fixed error with empty shifts table

											
										
										
											2011-09-14 22:45:15 +02:00
+												if ($id != 0 || ($show_shift && $row_count++ < 15))
 													$shifts_table .= $shift_row . '</td></tr>';
-												#6 browse shifts

											
										
										
											2011-07-13 15:01:17 +02:00
+											}
 										}
-												#6 angels shifts

											
										
										
											2011-07-13 14:30:19 +02:00
-												#6 prepare for shift entries

											
										
										
											2011-07-13 15:17:15 +02:00
+										return template_render('../templates/user_shifts.html', array (
 											'room_select' => make_room_select($rooms, $id, $day),
 											'day_select' => make_day_select($days, $day, $id),
 											'shifts_table' => $shifts_table
 										));
 									}
-												#6 angels shifts

											
										
										
											2011-07-13 14:30:19 +02:00
+								}
 								function make_day_select($days, $day, $id) {
 									$html = array ();
 									foreach ($days as $d) {
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+										if ($day == $d && $id != 0)
-												#6 angels shifts

											
										
										
											2011-07-13 14:30:19 +02:00
+											$html[] = '<b>' . $d . '</b>';
 										else
 											$html[] = '<a href="' . page_link_to('user_shifts') . '&day=' . $d . '&room_id=' . $id . '">' . $d . '</a>';
 									}
 									return join(' | ', $html);
 								}
 								function make_room_select($rooms, $id, $day) {
 									$html = array ();
 									foreach ($rooms as $room) {
 										if ($room['RID'] == $id)
 											$html[] = '<b>' . $room['Name'] . '</b>';
 										else
 											$html[] = '<a href="' . page_link_to('user_shifts') . '&room_id=' . $room['RID'] . '&day=' . $day . '">' . $room['Name'] . '</a>';
 									}
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+									if ($id == 0)
-												translated user_shifts to german

											
										
										
											2011-09-14 23:05:43 +02:00
+										$html[] = '<b>Nächste freie Schichten</b>';
-												#6, shift registration and shift entry administration

											
										
										
											2011-07-14 20:57:02 +02:00
+									else
-												translated user_shifts to german

											
										
										
											2011-09-14 23:05:43 +02:00
+										$html[] = '<a href="' . page_link_to('user_shifts') . '&room_id=0">Nächste freie Schichten</a>';
-												#6 angels shifts

											
										
										
											2011-07-13 14:30:19 +02:00
+									return join(' | ', $html);
 								}
-												user_shifts: 15 freie noch kommende schichten anzeigen (und nicht bereits vergangene)

											
										
										
											2011-08-13 14:37:54 +02:00
+								?>