engelsystem/includes/pages/user_myshifts.php

<?php

function myshifts_title()
{
    return _("My shifts");
}

// Zeigt die Schichten an, die ein Benutzer belegt
function user_myshifts()
{
    global $LETZTES_AUSTRAGEN;
    global $user, $privileges;

    if (
        isset($_REQUEST['id'])
        && in_array("user_shifts_admin", $privileges)
        && preg_match("/^[0-9]{1,}$/", $_REQUEST['id'])
        && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0
    ) {
        $user_id = $_REQUEST['id'];
    } else {
        $user_id = $user['UID'];
    }

    list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");

    if (isset($_REQUEST['reset'])) {
        if ($_REQUEST['reset'] == "ack") {
            User_reset_api_key($user);
            success(_("Key changed."));
            redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
        }
        return page_with_title(_("Reset API key"), [
            error(
                _("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."),
                true
            ),
            button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
        ]);
    } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
        $user_id = $_REQUEST['edit'];
        $shift = sql_select("SELECT
        `ShiftEntry`.`freeloaded`,
        `ShiftEntry`.`freeload_comment`,
        `ShiftEntry`.`Comment`,
        `ShiftEntry`.`UID`,
        `ShiftTypes`.`name`,
        `Shifts`.*,
        `Room`.`Name`,
        `AngelTypes`.`name` AS `angel_type`
        FROM `ShiftEntry`
        JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
        JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
        JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
        JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
        WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "'
        AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
        if (count($shift) > 0) {
            $shift = $shift[0];
            $freeloaded = $shift['freeloaded'];
            $freeload_comment = $shift['freeload_comment'];

            if (isset($_REQUEST['submit'])) {
                $valid = true;
                if (in_array("user_shifts_admin", $privileges)) {
                    $freeloaded = isset($_REQUEST['freeloaded']);
                    $freeload_comment = strip_request_item_nl('freeload_comment');
                    if ($freeloaded && $freeload_comment == '') {
                        $valid = false;
                        error(_("Please enter a freeload comment!"));
                    }
                }

                $comment = strip_request_item_nl('comment');
                $user_source = User($shift['UID']);

                if ($valid) {
                    $result = ShiftEntry_update([
                        'id'               => $user_id,
                        'Comment'          => $comment,
                        'freeloaded'       => $freeloaded,
                        'freeload_comment' => $freeload_comment
                    ]);
                    if ($result === false) {
                        engelsystem_error('Unable to update shift entry.');
                    }

                    engelsystem_log(
                        "Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name']
                        . " from " . date("Y-m-d H:i", $shift['start'])
                        . " to " . date("Y-m-d H:i", $shift['end'])
                        . " with comment " . $comment
                        . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO")
                    );
                    success(_("Shift saved."));
                    redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
                }
            }

            return ShiftEntry_edit_view(
                User_Nick_render($shifts_user),
                date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),
                $shift['Name'],
                $shift['name'],
                $shift['angel_type'],
                $shift['Comment'],
                $shift['freeloaded'],
                $shift['freeload_comment'],
                in_array("user_shifts_admin", $privileges)
            );
        } else {
            redirect(page_link_to('user_myshifts'));
        }
    } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
        $user_id = $_REQUEST['cancel'];
        $shift = sql_select("
        SELECT *
        FROM `Shifts` 
        INNER JOIN `ShiftEntry` USING (`SID`) 
        WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
        if (count($shift) > 0) {
            $shift = $shift[0];
            if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
                $result = ShiftEntry_delete($user_id);
                if ($result === false) {
                    engelsystem_error('Unable to delete shift entry.');
                }
                $room = Room($shift['RID']);
                $angeltype = AngelType($shift['TID']);
                $shifttype = ShiftType($shift['shifttype_id']);

                engelsystem_log(
                    "Deleted own shift: " . $shifttype['name']
                    . " at " . $room['Name']
                    . " from " . date("Y-m-d H:i", $shift['start'])
                    . " to " . date("Y-m-d H:i", $shift['end'])
                    . " as " . $angeltype['name']
                );
                success(_("Shift canceled."));
            } else {
                error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
            }
        } else {
            redirect(user_link($shifts_user));
        }
    }

    redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
#6, begin myshifts 2011-07-15 17:50:57 +02:00			`<?php`
clear up mvc for user list 2014-09-28 15:01:02 +02:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function myshifts_title()`
			`{`
			`return _("My shifts");`
basic gettext integration 2013-11-25 21:04:58 +01:00			`}`
#6 my shifts \| cancel my shifts 2011-07-19 19:12:36 +02:00
#27 ical export, beginn 2011-10-11 19:47:49 +02:00			`// Zeigt die Schichten an, die ein Benutzer belegt`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_myshifts()`
			`{`
			`global $LETZTES_AUSTRAGEN;`
			`global $user, $privileges;`
Formatting 2017-01-02 15:43:36 +01:00
			`if (`
			`isset($_REQUEST['id'])`
			`&& in_array("user_shifts_admin", $privileges)`
			`&& preg_match("/^[0-9]{1,}$/", $_REQUEST['id'])`
			&& sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0
			`) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$user_id = $_REQUEST['id'];`
			`} else {`
			`$user_id = $user['UID'];`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_REQUEST['reset'])) {`
			`if ($_REQUEST['reset'] == "ack") {`
			`User_reset_api_key($user);`
			`success(_("Key changed."));`
			`redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);`
			`}`
			`return page_with_title(_("Reset API key"), [`
Formatting 2017-01-02 15:43:36 +01:00			`error(`
			`_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."),`
			`true`
			`),`
			`button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')`
			`]);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {`
			`$user_id = $_REQUEST['edit'];`
			`$shift = sql_select("SELECT`
add freeload info to shiftentry update log issue #28 2014-12-12 23:40:13 +01:00			`ShiftEntry`.`freeloaded`,
			`ShiftEntry`.`freeload_comment`,
			`ShiftEntry`.`Comment`,
			`ShiftEntry`.`UID`,
integrate shift type into shifts 2014-12-17 17:22:35 +01:00			`ShiftTypes`.`name`,
add freeload info to shiftentry update log issue #28 2014-12-12 23:40:13 +01:00			`Shifts`.*,
			`Room`.`Name`,
Formatting 2017-01-02 15:43:36 +01:00			`AngelTypes`.`name` AS `angel_type`
add freeload info to shiftentry update log issue #28 2014-12-12 23:40:13 +01:00			FROM `ShiftEntry`
			JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
			JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
integrate shift type into shifts 2014-12-17 17:22:35 +01:00			JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
add freeload info to shiftentry update log issue #28 2014-12-12 23:40:13 +01:00			JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
make short variable names longer 2016-09-29 12:45:06 +02:00			WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "'
harden the sql queries 2014-12-28 13:44:56 +01:00			AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (count($shift) > 0) {`
			`$shift = $shift[0];`
			`$freeloaded = $shift['freeloaded'];`
			`$freeload_comment = $shift['freeload_comment'];`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_REQUEST['submit'])) {`
			`$valid = true;`
			`if (in_array("user_shifts_admin", $privileges)) {`
			`$freeloaded = isset($_REQUEST['freeloaded']);`
			`$freeload_comment = strip_request_item_nl('freeload_comment');`
			`if ($freeloaded && $freeload_comment == '') {`
			`$valid = false;`
			`error(_("Please enter a freeload comment!"));`
			`}`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$comment = strip_request_item_nl('comment');`
			`$user_source = User($shift['UID']);`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if ($valid) {`
			`$result = ShiftEntry_update([`
Formatting 2017-01-02 15:43:36 +01:00			`'id' => $user_id,`
			`'Comment' => $comment,`
			`'freeloaded' => $freeloaded,`
			`'freeload_comment' => $freeload_comment`
			`]);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if ($result === false) {`
			`engelsystem_error('Unable to update shift entry.');`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
			`engelsystem_log(`
			`"Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name']`
			`. " from " . date("Y-m-d H:i", $shift['start'])`
			`. " to " . date("Y-m-d H:i", $shift['end'])`
			`. " with comment " . $comment`
			`. ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO")`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`success(_("Shift saved."));`
			`redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);`
			`}`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
			`return ShiftEntry_edit_view(`
			`User_Nick_render($shifts_user),`
			`date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift),`
			`$shift['Name'],`
			`$shift['name'],`
			`$shift['angel_type'],`
			`$shift['Comment'],`
			`$shift['freeloaded'],`
			`$shift['freeload_comment'],`
			`in_array("user_shifts_admin", $privileges)`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`} else {`
			`redirect(page_link_to('user_myshifts'));`
			`}`
			`} elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {`
			`$user_id = $_REQUEST['cancel'];`
			`$shift = sql_select("`
add log entry for deleting own shift entries 2015-08-14 09:28:32 +02:00			`SELECT *`
integrate shift type into shifts 2014-12-17 17:22:35 +01:00			FROM `Shifts`
			INNER JOIN `ShiftEntry` USING (`SID`)
make short variable names longer 2016-09-29 12:45:06 +02:00			WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (count($shift) > 0) {`
			`$shift = $shift[0];`
			`if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) \|\| in_array('user_shifts_admin', $privileges)) {`
			`$result = ShiftEntry_delete($user_id);`
			`if ($result === false) {`
			`engelsystem_error('Unable to delete shift entry.');`
			`}`
			`$room = Room($shift['RID']);`
			`$angeltype = AngelType($shift['TID']);`
			`$shifttype = ShiftType($shift['shifttype_id']);`
Formatting 2017-01-02 15:43:36 +01:00
			`engelsystem_log(`
			`"Deleted own shift: " . $shifttype['name']`
			`. " at " . $room['Name']`
			`. " from " . date("Y-m-d H:i", $shift['start'])`
			`. " to " . date("Y-m-d H:i", $shift['end'])`
			`. " as " . $angeltype['name']`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`success(_("Shift canceled."));`
			`} else {`
			`error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));`
			`}`
			`} else {`
			`redirect(user_link($shifts_user));`
			`}`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);`
#6 my shifts \| cancel my shifts 2011-07-19 19:12:36 +02:00			`}`