make short variable names longer
This commit is contained in:
parent
c231070dcc
commit
07ddbb0f4c
|
@ -7,7 +7,7 @@
|
||||||
* @param unknown $colors colors for the data rows
|
* @param unknown $colors colors for the data rows
|
||||||
* @param unknown $data the data
|
* @param unknown $data the data
|
||||||
*/
|
*/
|
||||||
function bargraph($id, $key, $row_names, $colors, $data) {
|
function bargraph($dom_id, $key, $row_names, $colors, $data) {
|
||||||
$labels = [];
|
$labels = [];
|
||||||
foreach ($data as $dataset) {
|
foreach ($data as $dataset) {
|
||||||
$labels[] = $dataset[$key];
|
$labels[] = $dataset[$key];
|
||||||
|
@ -26,10 +26,10 @@ function bargraph($id, $key, $row_names, $colors, $data) {
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
return '<canvas id="' . $id . '" style="width: 100%; height: 300px;"></canvas>
|
return '<canvas id="' . $dom_id . '" style="width: 100%; height: 300px;"></canvas>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
$(function(){
|
$(function(){
|
||||||
var ctx = $("#' . $id . '").get(0).getContext("2d");
|
var ctx = $("#' . $dom_id . '").get(0).getContext("2d");
|
||||||
var chart = new Chart(ctx).Bar(' . json_encode([
|
var chart = new Chart(ctx).Bar(' . json_encode([
|
||||||
'labels' => $labels,
|
'labels' => $labels,
|
||||||
'datasets' => $datasets
|
'datasets' => $datasets
|
||||||
|
|
|
@ -133,11 +133,11 @@ function AngelType_ids() {
|
||||||
/**
|
/**
|
||||||
* Returns angelType by id.
|
* Returns angelType by id.
|
||||||
*
|
*
|
||||||
* @param $id angelType
|
* @param $angeltype_id angelType
|
||||||
* ID
|
* ID
|
||||||
*/
|
*/
|
||||||
function AngelType($id) {
|
function AngelType($angeltype_id) {
|
||||||
$angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
|
$angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "' LIMIT 1");
|
||||||
if ($angelType_source === false) {
|
if ($angelType_source === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,11 +10,11 @@ function Message_ids() {
|
||||||
/**
|
/**
|
||||||
* Returns message by id.
|
* Returns message by id.
|
||||||
*
|
*
|
||||||
* @param $id message
|
* @param $message_id message
|
||||||
* ID
|
* ID
|
||||||
*/
|
*/
|
||||||
function Message($id) {
|
function Message($message_id) {
|
||||||
$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
|
$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
|
||||||
if ($message_source === false) {
|
if ($message_source === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -29,19 +29,19 @@ function Message($id) {
|
||||||
* TODO: global $user con not be used in model!
|
* TODO: global $user con not be used in model!
|
||||||
* send message
|
* send message
|
||||||
*
|
*
|
||||||
* @param $id User
|
* @param $receiver_user_id User
|
||||||
* ID of Reciever
|
* ID of Reciever
|
||||||
* @param $text Text
|
* @param $text Text
|
||||||
* of Message
|
* of Message
|
||||||
*/
|
*/
|
||||||
function Message_send($id, $text) {
|
function Message_send($receiver_user_id, $text) {
|
||||||
global $user;
|
global $user;
|
||||||
|
|
||||||
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
|
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
|
||||||
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id));
|
$receiver_user_id = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($receiver_user_id));
|
||||||
|
|
||||||
if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($to) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
|
if (($text != "" && is_numeric($receiver_user_id)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($receiver_user_id) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
|
||||||
sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($to) . "', `Text`='" . sql_escape($text) . "'");
|
sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($receiver_user_id) . "', `Text`='" . sql_escape($text) . "'");
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -34,10 +34,10 @@ function Room_create($name, $from_frab, $public) {
|
||||||
/**
|
/**
|
||||||
* Returns room by id.
|
* Returns room by id.
|
||||||
*
|
*
|
||||||
* @param $id RID
|
* @param $room_id RID
|
||||||
*/
|
*/
|
||||||
function Room($id) {
|
function Room($room_id) {
|
||||||
$room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($id) . "' AND `show` = 'Y'");
|
$room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($room_id) . "' AND `show` = 'Y'");
|
||||||
|
|
||||||
if ($room_source === false) {
|
if ($room_source === false) {
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -229,16 +229,16 @@ function Shifts_filtered() {
|
||||||
/**
|
/**
|
||||||
* Returns Shift by id.
|
* Returns Shift by id.
|
||||||
*
|
*
|
||||||
* @param $id Shift
|
* @param $shift_id Shift
|
||||||
* ID
|
* ID
|
||||||
*/
|
*/
|
||||||
function Shift($id) {
|
function Shift($shift_id) {
|
||||||
$shifts_source = sql_select("
|
$shifts_source = sql_select("
|
||||||
SELECT `Shifts`.*, `ShiftTypes`.`name`
|
SELECT `Shifts`.*, `ShiftTypes`.`name`
|
||||||
FROM `Shifts`
|
FROM `Shifts`
|
||||||
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
|
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
|
||||||
WHERE `SID`='" . sql_escape($id) . "'");
|
WHERE `SID`='" . sql_escape($shift_id) . "'");
|
||||||
$shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($id) . "'");
|
$shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift_id) . "'");
|
||||||
|
|
||||||
if ($shifts_source === false) {
|
if ($shifts_source === false) {
|
||||||
return false;
|
return false;
|
||||||
|
@ -249,14 +249,14 @@ function Shift($id) {
|
||||||
$result['ShiftEntry'] = $shiftsEntry_source;
|
$result['ShiftEntry'] = $shiftsEntry_source;
|
||||||
$result['NeedAngels'] = [];
|
$result['NeedAngels'] = [];
|
||||||
|
|
||||||
$temp = NeededAngelTypes_by_shift($id);
|
$temp = NeededAngelTypes_by_shift($shift_id);
|
||||||
foreach ($temp as $e) {
|
foreach ($temp as $e) {
|
||||||
$result['NeedAngels'][] = array(
|
$result['NeedAngels'][] = [
|
||||||
'TID' => $e['angel_type_id'],
|
'TID' => $e['angel_type_id'],
|
||||||
'count' => $e['count'],
|
'count' => $e['count'],
|
||||||
'restricted' => $e['restricted'],
|
'restricted' => $e['restricted'],
|
||||||
'taken' => $e['taken']
|
'taken' => $e['taken']
|
||||||
);
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
|
|
|
@ -160,10 +160,10 @@ function User_validate_Nick($nick) {
|
||||||
/**
|
/**
|
||||||
* Returns user by id.
|
* Returns user by id.
|
||||||
*
|
*
|
||||||
* @param $id UID
|
* @param $user_id UID
|
||||||
*/
|
*/
|
||||||
function User($id) {
|
function User($user_id) {
|
||||||
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
if ($user_source === false) {
|
if ($user_source === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -177,10 +177,10 @@ function User($id) {
|
||||||
* TODO: Merge into normal user function
|
* TODO: Merge into normal user function
|
||||||
* Returns user by id (limit informations.
|
* Returns user by id (limit informations.
|
||||||
*
|
*
|
||||||
* @param $id UID
|
* @param $user_id UID
|
||||||
*/
|
*/
|
||||||
function mUser_Limit($id) {
|
function mUser_Limit($user_id) {
|
||||||
$user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber` FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
$user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber` FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
if ($user_source === false) {
|
if ($user_source === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -63,40 +63,40 @@ function admin_active() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
|
if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
|
||||||
$id = $_REQUEST['active'];
|
$user_id = $_REQUEST['active'];
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
|
engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
|
||||||
$msg = success(_("Angel has been marked as active."), true);
|
$msg = success(_("Angel has been marked as active."), true);
|
||||||
} else {
|
} else {
|
||||||
$msg = error(_("Angel not found."), true);
|
$msg = error(_("Angel not found."), true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
|
} elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
|
||||||
$id = $_REQUEST['not_active'];
|
$user_id = $_REQUEST['not_active'];
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
|
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
|
||||||
$msg = success(_("Angel has been marked as not active."), true);
|
$msg = success(_("Angel has been marked as not active."), true);
|
||||||
} else {
|
} else {
|
||||||
$msg = error(_("Angel not found."), true);
|
$msg = error(_("Angel not found."), true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
|
} elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
|
||||||
$id = $_REQUEST['tshirt'];
|
$user_id = $_REQUEST['tshirt'];
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
|
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
|
||||||
$msg = success(_("Angel has got a t-shirt."), true);
|
$msg = success(_("Angel has got a t-shirt."), true);
|
||||||
} else {
|
} else {
|
||||||
$msg = error("Angel not found.", true);
|
$msg = error("Angel not found.", true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
|
} elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
|
||||||
$id = $_REQUEST['not_tshirt'];
|
$user_id = $_REQUEST['not_tshirt'];
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
|
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
|
||||||
$msg = success(_("Angel has got no t-shirt."), true);
|
$msg = success(_("Angel has got no t-shirt."), true);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -12,10 +12,10 @@ function admin_arrive() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
|
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
|
||||||
$id = $_REQUEST['reset'];
|
$user_id = $_REQUEST['reset'];
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
|
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
|
||||||
success(_("Reset done. Angel has not arrived."));
|
success(_("Reset done. Angel has not arrived."));
|
||||||
redirect(user_link($user_source));
|
redirect(user_link($user_source));
|
||||||
|
@ -23,10 +23,10 @@ function admin_arrive() {
|
||||||
$msg = error(_("Angel not found."), true);
|
$msg = error(_("Angel not found."), true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
|
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
|
||||||
$id = $_REQUEST['arrived'];
|
$user_id = $_REQUEST['arrived'];
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
|
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
|
||||||
success(_("Angel has been marked as arrived."));
|
success(_("Angel has been marked as arrived."));
|
||||||
redirect(user_link($user_source));
|
redirect(user_link($user_source));
|
||||||
|
|
|
@ -35,15 +35,15 @@ function admin_groups() {
|
||||||
switch ($_REQUEST["action"]) {
|
switch ($_REQUEST["action"]) {
|
||||||
case 'edit':
|
case 'edit':
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$group_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error("Incomplete call, missing Groups ID.", true);
|
return error("Incomplete call, missing Groups ID.", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
$group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
|
||||||
if (count($room) > 0) {
|
if (count($group) > 0) {
|
||||||
list($room) = $room;
|
list($group) = $group;
|
||||||
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`");
|
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`");
|
||||||
$privileges_html = "";
|
$privileges_html = "";
|
||||||
$privileges_form = [];
|
$privileges_form = [];
|
||||||
foreach ($privileges as $priv) {
|
foreach ($privileges as $priv) {
|
||||||
|
@ -53,7 +53,7 @@ function admin_groups() {
|
||||||
|
|
||||||
$privileges_form[] = form_submit('submit', _("Save"));
|
$privileges_form[] = form_submit('submit', _("Save"));
|
||||||
$html .= page_with_title(_("Edit group"), [
|
$html .= page_with_title(_("Edit group"), [
|
||||||
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $id)
|
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id)
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
return error("No Group found.", true);
|
return error("No Group found.", true);
|
||||||
|
@ -62,29 +62,29 @@ function admin_groups() {
|
||||||
|
|
||||||
case 'save':
|
case 'save':
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$group_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error("Incomplete call, missing Groups ID.", true);
|
return error("Incomplete call, missing Groups ID.", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
$group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
|
||||||
if (! is_array($_REQUEST['privileges'])) {
|
if (! is_array($_REQUEST['privileges'])) {
|
||||||
$_REQUEST['privileges'] = [];
|
$_REQUEST['privileges'] = [];
|
||||||
}
|
}
|
||||||
if (count($room) > 0) {
|
if (count($group) > 0) {
|
||||||
list($room) = $room;
|
list($group) = $group;
|
||||||
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'");
|
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'");
|
||||||
$privilege_names = [];
|
$privilege_names = [];
|
||||||
foreach ($_REQUEST['privileges'] as $priv) {
|
foreach ($_REQUEST['privileges'] as $priv) {
|
||||||
if (preg_match("/^[0-9]{1,}$/", $priv)) {
|
if (preg_match("/^[0-9]{1,}$/", $priv)) {
|
||||||
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
|
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
|
||||||
if (count($group_privileges_source) > 0) {
|
if (count($group_privileges_source) > 0) {
|
||||||
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($id) . "', `privilege_id`='" . sql_escape($priv) . "'");
|
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'");
|
||||||
$privilege_names[] = $group_privileges_source[0]['name'];
|
$privilege_names[] = $group_privileges_source[0]['name'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names));
|
engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names));
|
||||||
redirect(page_link_to("admin_groups"));
|
redirect(page_link_to("admin_groups"));
|
||||||
} else {
|
} else {
|
||||||
return error("No Group found.", true);
|
return error("No Group found.", true);
|
||||||
|
|
|
@ -8,12 +8,12 @@ function admin_news() {
|
||||||
} else {
|
} else {
|
||||||
$html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg();
|
$html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg();
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$news_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error("Incomplete call, missing News ID.", true);
|
return error("Incomplete call, missing News ID.", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
|
$news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1");
|
||||||
if (count($news) > 0) {
|
if (count($news) > 0) {
|
||||||
switch ($_REQUEST["action"]) {
|
switch ($_REQUEST["action"]) {
|
||||||
default:
|
default:
|
||||||
|
@ -33,9 +33,9 @@ function admin_news() {
|
||||||
form_textarea('eText', _("Message"), $news['Text']),
|
form_textarea('eText', _("Message"), $news['Text']),
|
||||||
form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1),
|
form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1),
|
||||||
form_submit('submit', _("Save"))
|
form_submit('submit', _("Save"))
|
||||||
], page_link_to('admin_news&action=save&id=' . $id));
|
], page_link_to('admin_news&action=save&id=' . $news_id));
|
||||||
|
|
||||||
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
|
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'save':
|
case 'save':
|
||||||
|
@ -47,7 +47,7 @@ function admin_news() {
|
||||||
`Text`='" . sql_escape($_POST["eText"]) . "',
|
`Text`='" . sql_escape($_POST["eText"]) . "',
|
||||||
`UID`='" . sql_escape($user['UID']) . "',
|
`UID`='" . sql_escape($user['UID']) . "',
|
||||||
`Treffen`='" . sql_escape($_POST["eTreffen"]) . "'
|
`Treffen`='" . sql_escape($_POST["eTreffen"]) . "'
|
||||||
WHERE `ID`='" . sql_escape($id) . "'");
|
WHERE `ID`='" . sql_escape($news_id) . "'");
|
||||||
engelsystem_log("News updated: " . $_POST["eBetreff"]);
|
engelsystem_log("News updated: " . $_POST["eBetreff"]);
|
||||||
success(_("News entry updated."));
|
success(_("News entry updated."));
|
||||||
redirect(page_link_to("news"));
|
redirect(page_link_to("news"));
|
||||||
|
@ -56,7 +56,7 @@ function admin_news() {
|
||||||
case 'delete':
|
case 'delete':
|
||||||
list($news) = $news;
|
list($news) = $news;
|
||||||
|
|
||||||
sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1");
|
||||||
engelsystem_log("News deleted: " . $news['Betreff']);
|
engelsystem_log("News deleted: " . $news['Betreff']);
|
||||||
success(_("News entry deleted."));
|
success(_("News entry deleted."));
|
||||||
redirect(page_link_to("news"));
|
redirect(page_link_to("news"));
|
||||||
|
|
|
@ -83,17 +83,17 @@ function admin_questions() {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($_REQUEST['action']) {
|
||||||
case 'answer':
|
case 'answer':
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$question_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error("Incomplete call, missing Question ID.", true);
|
return error("Incomplete call, missing Question ID.", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
|
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
|
||||||
if (count($question) > 0 && $question[0]['AID'] == null) {
|
if (count($question) > 0 && $question[0]['AID'] == null) {
|
||||||
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
|
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
|
||||||
|
|
||||||
if ($answer != "") {
|
if ($answer != "") {
|
||||||
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
|
||||||
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
|
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
|
||||||
redirect(page_link_to("admin_questions"));
|
redirect(page_link_to("admin_questions"));
|
||||||
} else {
|
} else {
|
||||||
|
@ -105,14 +105,14 @@ function admin_questions() {
|
||||||
break;
|
break;
|
||||||
case 'delete':
|
case 'delete':
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$question_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error("Incomplete call, missing Question ID.", true);
|
return error("Incomplete call, missing Question ID.", true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
|
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
|
||||||
if (count($question) > 0) {
|
if (count($question) > 0) {
|
||||||
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
|
||||||
engelsystem_log("Question deleted: " . $question[0]['Question']);
|
engelsystem_log("Question deleted: " . $question[0]['Question']);
|
||||||
redirect(page_link_to("admin_questions"));
|
redirect(page_link_to("admin_questions"));
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -38,12 +38,12 @@ function admin_rooms() {
|
||||||
if (test_request_int('id')) {
|
if (test_request_int('id')) {
|
||||||
$room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'");
|
$room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'");
|
||||||
if (count($room) > 0) {
|
if (count($room) > 0) {
|
||||||
$id = $_REQUEST['id'];
|
$room_id = $_REQUEST['id'];
|
||||||
$name = $room[0]['Name'];
|
$name = $room[0]['Name'];
|
||||||
$from_pentabarf = $room[0]['FromPentabarf'];
|
$from_pentabarf = $room[0]['FromPentabarf'];
|
||||||
$public = $room[0]['show'];
|
$public = $room[0]['show'];
|
||||||
$number = $room[0]['Number'];
|
$number = $room[0]['Number'];
|
||||||
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
|
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
|
||||||
foreach ($needed_angeltypes as $needed_angeltype) {
|
foreach ($needed_angeltypes as $needed_angeltype) {
|
||||||
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
|
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
|
||||||
}
|
}
|
||||||
|
@ -58,7 +58,7 @@ function admin_rooms() {
|
||||||
|
|
||||||
if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
|
if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
|
||||||
$name = strip_request_item('name');
|
$name = strip_request_item('name');
|
||||||
if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($id)) > 0) {
|
if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($room_id)) > 0) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(_("This name is already in use."), true);
|
$msg .= error(_("This name is already in use."), true);
|
||||||
}
|
}
|
||||||
|
@ -95,18 +95,18 @@ function admin_rooms() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($valid) {
|
if ($valid) {
|
||||||
if (isset($id)) {
|
if (isset($room_id)) {
|
||||||
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($room_id) . "' LIMIT 1");
|
||||||
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
|
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
|
||||||
} else {
|
} else {
|
||||||
$id = Room_create($name, $from_pentabarf, $public, $number);
|
$room_id = Room_create($name, $from_pentabarf, $public, $number);
|
||||||
if ($id === false) {
|
if ($room_id === false) {
|
||||||
engelsystem_error("Unable to create room.");
|
engelsystem_error("Unable to create room.");
|
||||||
}
|
}
|
||||||
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
|
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
|
||||||
}
|
}
|
||||||
|
|
||||||
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
|
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
|
||||||
$needed_angeltype_info = array();
|
$needed_angeltype_info = array();
|
||||||
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
|
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
|
||||||
$angeltype = AngelType($angeltype_id);
|
$angeltype = AngelType($angeltype_id);
|
||||||
|
@ -114,7 +114,7 @@ function admin_rooms() {
|
||||||
engelsystem_error("Unable to load angeltype.");
|
engelsystem_error("Unable to load angeltype.");
|
||||||
}
|
}
|
||||||
if ($angeltype != null) {
|
if ($angeltype != null) {
|
||||||
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
|
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($room_id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
|
||||||
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
|
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -158,7 +158,7 @@ function admin_rooms() {
|
||||||
]);
|
]);
|
||||||
} elseif ($_REQUEST['show'] == 'delete') {
|
} elseif ($_REQUEST['show'] == 'delete') {
|
||||||
if (isset($_REQUEST['ack'])) {
|
if (isset($_REQUEST['ack'])) {
|
||||||
if (! Room_delete($id)) {
|
if (! Room_delete($room_id)) {
|
||||||
engelsystem_error("Unable to delete room.");
|
engelsystem_error("Unable to delete room.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -173,7 +173,7 @@ function admin_rooms() {
|
||||||
]),
|
]),
|
||||||
sprintf(_("Do you want to delete room %s?"), $name),
|
sprintf(_("Do you want to delete room %s?"), $name),
|
||||||
buttons([
|
buttons([
|
||||||
button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete')
|
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete')
|
||||||
])
|
])
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,9 +13,9 @@ function admin_user() {
|
||||||
redirect(users_link());
|
redirect(users_link());
|
||||||
}
|
}
|
||||||
|
|
||||||
$id = $_REQUEST['id'];
|
$user_id = $_REQUEST['id'];
|
||||||
if (! isset($_REQUEST['action'])) {
|
if (! isset($_REQUEST['action'])) {
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
if ($user_source === false) {
|
if ($user_source === false) {
|
||||||
engelsystem_error('Unable to load user.');
|
engelsystem_error('Unable to load user.');
|
||||||
}
|
}
|
||||||
|
@ -26,7 +26,7 @@ function admin_user() {
|
||||||
|
|
||||||
$html .= "Hallo,<br />" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
|
$html .= "Hallo,<br />" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
|
||||||
|
|
||||||
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
|
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$user_id\" method=\"post\">\n";
|
||||||
$html .= "<table border=\"0\">\n";
|
$html .= "<table border=\"0\">\n";
|
||||||
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
|
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
|
||||||
$html .= "<tr><td>\n";
|
$html .= "<tr><td>\n";
|
||||||
|
@ -80,7 +80,7 @@ function admin_user() {
|
||||||
|
|
||||||
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
|
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
|
||||||
|
|
||||||
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
|
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$user_id\" method=\"post\">\n";
|
||||||
$html .= "<table>\n";
|
$html .= "<table>\n";
|
||||||
$html .= " <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
|
$html .= " <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
|
||||||
$html .= " <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
|
$html .= " <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
|
||||||
|
@ -96,16 +96,16 @@ function admin_user() {
|
||||||
$my_highest_group = $my_highest_group[0]['group_id'];
|
$my_highest_group = $my_highest_group[0]['group_id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1");
|
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1");
|
||||||
if (count($his_highest_group) > 0) {
|
if (count($his_highest_group) > 0) {
|
||||||
$his_highest_group = $his_highest_group[0]['group_id'];
|
$his_highest_group = $his_highest_group[0]['group_id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
|
if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
|
||||||
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
|
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $user_id . "\" method=\"post\">\n";
|
||||||
$html .= '<table>';
|
$html .= '<table>';
|
||||||
|
|
||||||
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
|
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
|
||||||
foreach ($groups as $group) {
|
foreach ($groups as $group) {
|
||||||
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
|
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
|
||||||
}
|
}
|
||||||
|
@ -126,12 +126,12 @@ function admin_user() {
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($_REQUEST['action']) {
|
||||||
case 'save_groups':
|
case 'save_groups':
|
||||||
if ($id != $user['UID']) {
|
if ($user_id != $user['UID']) {
|
||||||
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
|
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
|
||||||
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`");
|
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`");
|
||||||
|
|
||||||
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
|
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
|
||||||
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
|
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
|
||||||
$groups = [];
|
$groups = [];
|
||||||
$grouplist = [];
|
$grouplist = [];
|
||||||
foreach ($groups_source as $group) {
|
foreach ($groups_source as $group) {
|
||||||
|
@ -143,15 +143,15 @@ function admin_user() {
|
||||||
$_REQUEST['groups'] = [];
|
$_REQUEST['groups'] = [];
|
||||||
}
|
}
|
||||||
|
|
||||||
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
|
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'");
|
||||||
$user_groups_info = [];
|
$user_groups_info = [];
|
||||||
foreach ($_REQUEST['groups'] as $group) {
|
foreach ($_REQUEST['groups'] as $group) {
|
||||||
if (in_array($group, $grouplist)) {
|
if (in_array($group, $grouplist)) {
|
||||||
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
|
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'");
|
||||||
$user_groups_info[] = $groups[$group]['Name'];
|
$user_groups_info[] = $groups[$group]['Name'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
|
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
|
||||||
$html .= success("Benutzergruppen gespeichert.", true);
|
$html .= success("Benutzergruppen gespeichert.", true);
|
||||||
} else {
|
} else {
|
||||||
|
@ -184,7 +184,7 @@ function admin_user() {
|
||||||
`force_active`= " . sql_escape($force_active) . ",
|
`force_active`= " . sql_escape($force_active) . ",
|
||||||
`Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "',
|
`Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "',
|
||||||
`Hometown` = '" . sql_escape($_POST["Hometown"]) . "'
|
`Hometown` = '" . sql_escape($_POST["Hometown"]) . "'
|
||||||
WHERE `UID` = '" . sql_escape($id) . "'
|
WHERE `UID` = '" . sql_escape($user_id) . "'
|
||||||
LIMIT 1";
|
LIMIT 1";
|
||||||
sql_query($SQL);
|
sql_query($SQL);
|
||||||
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
|
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
|
||||||
|
@ -193,8 +193,8 @@ function admin_user() {
|
||||||
|
|
||||||
case 'change_pw':
|
case 'change_pw':
|
||||||
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
|
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
|
||||||
set_password($id, $_REQUEST['new_pw']);
|
set_password($user_id, $_REQUEST['new_pw']);
|
||||||
$user_source = User($id);
|
$user_source = User($user_id);
|
||||||
engelsystem_log("Set new password for " . User_Nick_render($user_source));
|
engelsystem_log("Set new password for " . User_Nick_render($user_source));
|
||||||
$html .= success("Passwort neu gesetzt.", true);
|
$html .= success("Passwort neu gesetzt.", true);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -91,14 +91,14 @@ function user_messages() {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($_REQUEST['action']) {
|
||||||
case "read":
|
case "read":
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$message_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error(_("Incomplete call, missing Message ID."), true);
|
return error(_("Incomplete call, missing Message ID."), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
|
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
|
||||||
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
|
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
|
||||||
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
|
||||||
redirect(page_link_to("user_messages"));
|
redirect(page_link_to("user_messages"));
|
||||||
} else {
|
} else {
|
||||||
return error(_("No Message found."), true);
|
return error(_("No Message found."), true);
|
||||||
|
@ -107,14 +107,14 @@ function user_messages() {
|
||||||
|
|
||||||
case "delete":
|
case "delete":
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$message_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error(_("Incomplete call, missing Message ID."), true);
|
return error(_("Incomplete call, missing Message ID."), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
|
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
|
||||||
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
|
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
|
||||||
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
|
||||||
redirect(page_link_to("user_messages"));
|
redirect(page_link_to("user_messages"));
|
||||||
} else {
|
} else {
|
||||||
return error(_("No Message found."), true);
|
return error(_("No Message found."), true);
|
||||||
|
|
|
@ -10,12 +10,12 @@ function user_myshifts() {
|
||||||
global $user, $privileges;
|
global $user, $privileges;
|
||||||
|
|
||||||
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
|
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
|
||||||
$id = $_REQUEST['id'];
|
$user_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
$id = $user['UID'];
|
$user_id = $user['UID'];
|
||||||
}
|
}
|
||||||
|
|
||||||
list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
|
list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
|
||||||
|
|
||||||
if (isset($_REQUEST['reset'])) {
|
if (isset($_REQUEST['reset'])) {
|
||||||
if ($_REQUEST['reset'] == "ack") {
|
if ($_REQUEST['reset'] == "ack") {
|
||||||
|
@ -28,7 +28,7 @@ function user_myshifts() {
|
||||||
button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
|
button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')
|
||||||
]);
|
]);
|
||||||
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
|
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
|
||||||
$id = $_REQUEST['edit'];
|
$user_id = $_REQUEST['edit'];
|
||||||
$shift = sql_select("SELECT
|
$shift = sql_select("SELECT
|
||||||
`ShiftEntry`.`freeloaded`,
|
`ShiftEntry`.`freeloaded`,
|
||||||
`ShiftEntry`.`freeload_comment`,
|
`ShiftEntry`.`freeload_comment`,
|
||||||
|
@ -43,7 +43,7 @@ function user_myshifts() {
|
||||||
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
|
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
|
||||||
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
|
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
|
||||||
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
|
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
|
||||||
WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "'
|
WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "'
|
||||||
AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
|
AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
|
||||||
if (count($shift) > 0) {
|
if (count($shift) > 0) {
|
||||||
$shift = $shift[0];
|
$shift = $shift[0];
|
||||||
|
@ -66,7 +66,7 @@ function user_myshifts() {
|
||||||
|
|
||||||
if ($valid) {
|
if ($valid) {
|
||||||
$result = ShiftEntry_update([
|
$result = ShiftEntry_update([
|
||||||
'id' => $id,
|
'id' => $user_id,
|
||||||
'Comment' => $comment,
|
'Comment' => $comment,
|
||||||
'freeloaded' => $freeloaded,
|
'freeloaded' => $freeloaded,
|
||||||
'freeload_comment' => $freeload_comment
|
'freeload_comment' => $freeload_comment
|
||||||
|
@ -85,16 +85,16 @@ function user_myshifts() {
|
||||||
} else
|
} else
|
||||||
redirect(page_link_to('user_myshifts'));
|
redirect(page_link_to('user_myshifts'));
|
||||||
} elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
|
} elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
|
||||||
$id = $_REQUEST['cancel'];
|
$user_id = $_REQUEST['cancel'];
|
||||||
$shift = sql_select("
|
$shift = sql_select("
|
||||||
SELECT *
|
SELECT *
|
||||||
FROM `Shifts`
|
FROM `Shifts`
|
||||||
INNER JOIN `ShiftEntry` USING (`SID`)
|
INNER JOIN `ShiftEntry` USING (`SID`)
|
||||||
WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
|
WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
|
||||||
if (count($shift) > 0) {
|
if (count($shift) > 0) {
|
||||||
$shift = $shift[0];
|
$shift = $shift[0];
|
||||||
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
|
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
|
||||||
$result = ShiftEntry_delete($id);
|
$result = ShiftEntry_delete($user_id);
|
||||||
if ($result === false) {
|
if ($result === false) {
|
||||||
engelsystem_error('Unable to delete shift entry.');
|
engelsystem_error('Unable to delete shift entry.');
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,14 +39,14 @@ function user_questions() {
|
||||||
break;
|
break;
|
||||||
case 'delete':
|
case 'delete':
|
||||||
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
|
||||||
$id = $_REQUEST['id'];
|
$question_id = $_REQUEST['id'];
|
||||||
} else {
|
} else {
|
||||||
return error(_("Incomplete call, missing Question ID."), true);
|
return error(_("Incomplete call, missing Question ID."), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
|
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
|
||||||
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
|
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
|
||||||
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
|
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
|
||||||
redirect(page_link_to("user_questions"));
|
redirect(page_link_to("user_questions"));
|
||||||
} else {
|
} else {
|
||||||
return page_with_title(questions_title(), [
|
return page_with_title(questions_title(), [
|
||||||
|
|
|
@ -41,9 +41,9 @@ function glyph_bool($boolean) {
|
||||||
return '<span class="text-' . ($boolean ? 'success' : 'danger') . '">' . glyph($boolean ? 'ok' : 'remove') . '</span>';
|
return '<span class="text-' . ($boolean ? 'success' : 'danger') . '">' . glyph($boolean ? 'ok' : 'remove') . '</span>';
|
||||||
}
|
}
|
||||||
|
|
||||||
function div($class, $content = array(), $id = "") {
|
function div($class, $content = array(), $dom_id = "") {
|
||||||
$id = $id != '' ? ' id="' . $id . '"' : '';
|
$dom_id = $dom_id != '' ? ' id="' . $dom_id . '"' : '';
|
||||||
return '<div' . $id . ' class="' . $class . '">' . join("\n", $content) . '</div>';
|
return '<div' . $dom_id . ' class="' . $class . '">' . join("\n", $content) . '</div>';
|
||||||
}
|
}
|
||||||
|
|
||||||
function heading($content, $number = 1) {
|
function heading($content, $number = 1) {
|
||||||
|
@ -84,12 +84,12 @@ function toolbar_dropdown($glyphicon, $label, $submenu, $class = '') {
|
||||||
}
|
}
|
||||||
|
|
||||||
function toolbar_popover($glyphicon, $label, $content, $class = '') {
|
function toolbar_popover($glyphicon, $label, $content, $class = '') {
|
||||||
$id = md5(microtime() . $glyphicon . $label);
|
$dom_id = md5(microtime() . $glyphicon . $label);
|
||||||
return '<li class="dropdown messages ' . $class . '">
|
return '<li class="dropdown messages ' . $class . '">
|
||||||
<a id="' . $id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a>
|
<a id="' . $dom_id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
$(function(){
|
$(function(){
|
||||||
$("#' . $id . '").popover({
|
$("#' . $dom_id . '").popover({
|
||||||
trigger: "focus",
|
trigger: "focus",
|
||||||
html: true,
|
html: true,
|
||||||
content: "' . addslashes(join('', $content)) . '",
|
content: "' . addslashes(join('', $content)) . '",
|
||||||
|
@ -145,16 +145,16 @@ function form_spinner($name, $label, $value) {
|
||||||
* @return HTML
|
* @return HTML
|
||||||
*/
|
*/
|
||||||
function form_date($name, $label, $value, $start_date = '') {
|
function form_date($name, $label, $value, $start_date = '') {
|
||||||
$id = $name . '-date';
|
$dom_id = $name . '-date';
|
||||||
$value = is_numeric($value) ? date('Y-m-d', $value) : '';
|
$value = is_numeric($value) ? date('Y-m-d', $value) : '';
|
||||||
$start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : '';
|
$start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : '';
|
||||||
return form_element($label, '
|
return form_element($label, '
|
||||||
<div class="input-group date" id="' . $id . '">
|
<div class="input-group date" id="' . $dom_id . '">
|
||||||
<input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span>
|
<input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span>
|
||||||
</div>
|
</div>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
$(function(){
|
$(function(){
|
||||||
$("#' . $id . '").datepicker({
|
$("#' . $dom_id . '").datepicker({
|
||||||
language: "' . locale_short() . '",
|
language: "' . locale_short() . '",
|
||||||
todayBtn: "linked",
|
todayBtn: "linked",
|
||||||
format: "yyyy-mm-dd",
|
format: "yyyy-mm-dd",
|
||||||
|
@ -162,7 +162,7 @@ function form_date($name, $label, $value, $start_date = '') {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
', $id);
|
', $dom_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -208,14 +208,14 @@ function form_multi_checkboxes($names, $label, $items, $selected, $disabled = ar
|
||||||
foreach ($items as $key => $item) {
|
foreach ($items as $key => $item) {
|
||||||
$html .= "<tr>";
|
$html .= "<tr>";
|
||||||
foreach ($names as $name => $title) {
|
foreach ($names as $name => $title) {
|
||||||
$id = $name . '_' . $key;
|
$dom_id = $name . '_' . $key;
|
||||||
$sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
|
$sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
|
||||||
if (! empty($disabled) && ! empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) {
|
if (! empty($disabled) && ! empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) {
|
||||||
$sel .= ' disabled="disabled"';
|
$sel .= ' disabled="disabled"';
|
||||||
}
|
}
|
||||||
$html .= '<td style="text-align: center;"><input type="checkbox" id="' . $id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
|
$html .= '<td style="text-align: center;"><input type="checkbox" id="' . $dom_id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
|
||||||
}
|
}
|
||||||
$html .= '<td><label for="' . $id . '">' . $item . '</label></td></tr>';
|
$html .= '<td><label for="' . $dom_id . '">' . $item . '</label></td></tr>';
|
||||||
}
|
}
|
||||||
$html .= "</tbody></table>";
|
$html .= "</tbody></table>";
|
||||||
return form_element($label, $html);
|
return form_element($label, $html);
|
||||||
|
@ -452,8 +452,8 @@ function html_options($name, $options, $selected = "") {
|
||||||
return $html;
|
return $html;
|
||||||
}
|
}
|
||||||
|
|
||||||
function html_select_key($id, $name, $rows, $selected) {
|
function html_select_key($dom_id, $name, $rows, $selected) {
|
||||||
$html = '<select class="form-control" id="' . $id . '" name="' . $name . '">';
|
$html = '<select class="form-control" id="' . $dom_id . '" name="' . $name . '">';
|
||||||
foreach ($rows as $key => $row) {
|
foreach ($rows as $key => $row) {
|
||||||
if (($key == $selected) || ($row == $selected)) {
|
if (($key == $selected) || ($row == $selected)) {
|
||||||
$html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
|
$html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
|
||||||
|
|
|
@ -19,126 +19,126 @@ $free_pages = [
|
||||||
];
|
];
|
||||||
|
|
||||||
// Gewünschte Seite/Funktion
|
// Gewünschte Seite/Funktion
|
||||||
$p = "";
|
$page = "";
|
||||||
if (! isset($_REQUEST['p'])) {
|
if (! isset($_REQUEST['p'])) {
|
||||||
$_REQUEST['p'] = isset($user) ? "news" : "login";
|
$_REQUEST['p'] = isset($user) ? "news" : "login";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (in_array($_REQUEST['p'], $free_pages) || in_array($_REQUEST['p'], $privileges))) {
|
if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (in_array($_REQUEST['p'], $free_pages) || in_array($_REQUEST['p'], $privileges))) {
|
||||||
$p = $_REQUEST['p'];
|
$page = $_REQUEST['p'];
|
||||||
|
|
||||||
$title = $p;
|
$title = $page;
|
||||||
$content = "";
|
$content = "";
|
||||||
|
|
||||||
if ($p == "api") {
|
if ($page == "api") {
|
||||||
require_once realpath(__DIR__ . '/../includes/controller/api.php');
|
require_once realpath(__DIR__ . '/../includes/controller/api.php');
|
||||||
error("Api disabled temporily.");
|
error("Api disabled temporily.");
|
||||||
redirect(page_link_to('login'));
|
redirect(page_link_to('login'));
|
||||||
api_controller();
|
api_controller();
|
||||||
} elseif ($p == "ical") {
|
} elseif ($page == "ical") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
|
require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
|
||||||
user_ical();
|
user_ical();
|
||||||
} elseif ($p == "atom") {
|
} elseif ($page == "atom") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
|
require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
|
||||||
user_atom();
|
user_atom();
|
||||||
} elseif ($p == "shifts_json_export") {
|
} elseif ($page == "shifts_json_export") {
|
||||||
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
|
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
|
||||||
shifts_json_export_controller();
|
shifts_json_export_controller();
|
||||||
} elseif ($p == "shifts_json_export_all") {
|
} elseif ($page == "shifts_json_export_all") {
|
||||||
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
|
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
|
||||||
shifts_json_export_all_controller();
|
shifts_json_export_all_controller();
|
||||||
} elseif ($p == "stats") {
|
} elseif ($page == "stats") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
|
require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
|
||||||
guest_stats();
|
guest_stats();
|
||||||
} elseif ($p == "user_password_recovery") {
|
} elseif ($page == "user_password_recovery") {
|
||||||
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
|
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
|
||||||
$title = user_password_recovery_title();
|
$title = user_password_recovery_title();
|
||||||
$content = user_password_recovery_controller();
|
$content = user_password_recovery_controller();
|
||||||
} elseif ($p == "angeltypes") {
|
} elseif ($page == "angeltypes") {
|
||||||
list($title, $content) = angeltypes_controller();
|
list($title, $content) = angeltypes_controller();
|
||||||
} elseif ($p == "shifts") {
|
} elseif ($page == "shifts") {
|
||||||
list($title, $content) = shifts_controller();
|
list($title, $content) = shifts_controller();
|
||||||
} elseif ($p == "users") {
|
} elseif ($page == "users") {
|
||||||
list($title, $content) = users_controller();
|
list($title, $content) = users_controller();
|
||||||
} elseif ($p == "user_angeltypes") {
|
} elseif ($page == "user_angeltypes") {
|
||||||
list($title, $content) = user_angeltypes_controller();
|
list($title, $content) = user_angeltypes_controller();
|
||||||
} elseif ($p == "user_driver_licenses") {
|
} elseif ($page == "user_driver_licenses") {
|
||||||
list($title, $content) = user_driver_licenses_controller();
|
list($title, $content) = user_driver_licenses_controller();
|
||||||
} elseif ($p == "shifttypes") {
|
} elseif ($page == "shifttypes") {
|
||||||
list($title, $content) = shifttypes_controller();
|
list($title, $content) = shifttypes_controller();
|
||||||
} elseif ($p == "admin_event_config") {
|
} elseif ($page == "admin_event_config") {
|
||||||
list($title, $content) = event_config_edit_controller();
|
list($title, $content) = event_config_edit_controller();
|
||||||
} elseif ($p == "news") {
|
} elseif ($page == "news") {
|
||||||
$title = news_title();
|
$title = news_title();
|
||||||
$content = user_news();
|
$content = user_news();
|
||||||
} elseif ($p == "news_comments") {
|
} elseif ($page == "news_comments") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
|
require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
|
||||||
$title = user_news_comments_title();
|
$title = user_news_comments_title();
|
||||||
$content = user_news_comments();
|
$content = user_news_comments();
|
||||||
} elseif ($p == "user_meetings") {
|
} elseif ($page == "user_meetings") {
|
||||||
$title = meetings_title();
|
$title = meetings_title();
|
||||||
$content = user_meetings();
|
$content = user_meetings();
|
||||||
} elseif ($p == "user_myshifts") {
|
} elseif ($page == "user_myshifts") {
|
||||||
$title = myshifts_title();
|
$title = myshifts_title();
|
||||||
$content = user_myshifts();
|
$content = user_myshifts();
|
||||||
} elseif ($p == "user_shifts") {
|
} elseif ($page == "user_shifts") {
|
||||||
$title = shifts_title();
|
$title = shifts_title();
|
||||||
$content = user_shifts();
|
$content = user_shifts();
|
||||||
} elseif ($p == "user_messages") {
|
} elseif ($page == "user_messages") {
|
||||||
$title = messages_title();
|
$title = messages_title();
|
||||||
$content = user_messages();
|
$content = user_messages();
|
||||||
} elseif ($p == "user_questions") {
|
} elseif ($page == "user_questions") {
|
||||||
$title = questions_title();
|
$title = questions_title();
|
||||||
$content = user_questions();
|
$content = user_questions();
|
||||||
} elseif ($p == "user_settings") {
|
} elseif ($page == "user_settings") {
|
||||||
$title = settings_title();
|
$title = settings_title();
|
||||||
$content = user_settings();
|
$content = user_settings();
|
||||||
} elseif ($p == "login") {
|
} elseif ($page == "login") {
|
||||||
$title = login_title();
|
$title = login_title();
|
||||||
$content = guest_login();
|
$content = guest_login();
|
||||||
} elseif ($p == "register") {
|
} elseif ($page == "register") {
|
||||||
$title = register_title();
|
$title = register_title();
|
||||||
$content = guest_register();
|
$content = guest_register();
|
||||||
} elseif ($p == "logout") {
|
} elseif ($page == "logout") {
|
||||||
$title = logout_title();
|
$title = logout_title();
|
||||||
$content = guest_logout();
|
$content = guest_logout();
|
||||||
} elseif ($p == "admin_questions") {
|
} elseif ($page == "admin_questions") {
|
||||||
$title = admin_questions_title();
|
$title = admin_questions_title();
|
||||||
$content = admin_questions();
|
$content = admin_questions();
|
||||||
} elseif ($p == "admin_user") {
|
} elseif ($page == "admin_user") {
|
||||||
$title = admin_user_title();
|
$title = admin_user_title();
|
||||||
$content = admin_user();
|
$content = admin_user();
|
||||||
} elseif ($p == "admin_arrive") {
|
} elseif ($page == "admin_arrive") {
|
||||||
$title = admin_arrive_title();
|
$title = admin_arrive_title();
|
||||||
$content = admin_arrive();
|
$content = admin_arrive();
|
||||||
} elseif ($p == "admin_active") {
|
} elseif ($page == "admin_active") {
|
||||||
$title = admin_active_title();
|
$title = admin_active_title();
|
||||||
$content = admin_active();
|
$content = admin_active();
|
||||||
} elseif ($p == "admin_free") {
|
} elseif ($page == "admin_free") {
|
||||||
$title = admin_free_title();
|
$title = admin_free_title();
|
||||||
$content = admin_free();
|
$content = admin_free();
|
||||||
} elseif ($p == "admin_news") {
|
} elseif ($page == "admin_news") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
|
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
|
||||||
$content = admin_news();
|
$content = admin_news();
|
||||||
} elseif ($p == "admin_rooms") {
|
} elseif ($page == "admin_rooms") {
|
||||||
$title = admin_rooms_title();
|
$title = admin_rooms_title();
|
||||||
$content = admin_rooms();
|
$content = admin_rooms();
|
||||||
} elseif ($p == "admin_groups") {
|
} elseif ($page == "admin_groups") {
|
||||||
$title = admin_groups_title();
|
$title = admin_groups_title();
|
||||||
$content = admin_groups();
|
$content = admin_groups();
|
||||||
} elseif ($p == "admin_language") {
|
} elseif ($page == "admin_language") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/admin_language.php');
|
require_once realpath(__DIR__ . '/../includes/pages/admin_language.php');
|
||||||
$content = admin_language();
|
$content = admin_language();
|
||||||
} elseif ($p == "admin_import") {
|
} elseif ($page == "admin_import") {
|
||||||
$title = admin_import_title();
|
$title = admin_import_title();
|
||||||
$content = admin_import();
|
$content = admin_import();
|
||||||
} elseif ($p == "admin_shifts") {
|
} elseif ($page == "admin_shifts") {
|
||||||
$title = admin_shifts_title();
|
$title = admin_shifts_title();
|
||||||
$content = admin_shifts();
|
$content = admin_shifts();
|
||||||
} elseif ($p == "admin_log") {
|
} elseif ($page == "admin_log") {
|
||||||
$title = admin_log_title();
|
$title = admin_log_title();
|
||||||
$content = admin_log();
|
$content = admin_log();
|
||||||
} elseif ($p == "credits") {
|
} elseif ($page == "credits") {
|
||||||
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
|
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
|
||||||
$title = credits_title();
|
$title = credits_title();
|
||||||
$content = guest_credits();
|
$content = guest_credits();
|
||||||
|
@ -165,7 +165,7 @@ if ($event_config === false) {
|
||||||
echo template_render('../templates/layout.html', [
|
echo template_render('../templates/layout.html', [
|
||||||
'theme' => isset($user) ? $user['color'] : $default_theme,
|
'theme' => isset($user) ? $user['color'] : $default_theme,
|
||||||
'title' => $title,
|
'title' => $title,
|
||||||
'atom_link' => ($p == 'news' || $p == 'user_meetings') ? '<link href="' . page_link_to('atom') . (($p == 'user_meetings') ? '&meetings=1' : '') . '&key=' . $user['api_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '',
|
'atom_link' => ($page == 'news' || $page == 'user_meetings') ? '<link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&meetings=1' : '') . '&key=' . $user['api_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '',
|
||||||
'menu' => make_menu(),
|
'menu' => make_menu(),
|
||||||
'content' => msg() . $content,
|
'content' => msg() . $content,
|
||||||
'header_toolbar' => header_toolbar(),
|
'header_toolbar' => header_toolbar(),
|
||||||
|
|
Loading…
Reference in New Issue