be begonen auf auf registerglobals=off aus gegeben anlass umzustellen, hab nonpublic geschafft
Variabenpruefung ist auch auf strickt gesetzt und eventuelle error beseitigt git-svn-id: svn://svn.cccv.de/engel-system@14 29ba0400-6e00-0410-a75a-ca02368028f8
This commit is contained in:
parent
abf811c604
commit
1b5b81d601
|
@ -1,8 +1,10 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
if( !isset($Page["Public"])) $Page["Public"]="N";
|
||||||
|
|
||||||
$Page["Name"] = substr( $_SERVER['PHP_SELF'], strlen($ENGEL_ROOT) );
|
$Page["Name"] = substr( $_SERVER['PHP_SELF'], strlen($ENGEL_ROOT) );
|
||||||
$Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ];
|
if( isset( $_SESSION['CVS'][ $Page["Name"] ]))
|
||||||
|
$Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ];
|
||||||
|
|
||||||
if( $DEBUG )
|
if( $DEBUG )
|
||||||
{
|
{
|
||||||
|
|
|
@ -16,7 +16,7 @@ if( $Page["ShowTabel"]=="Y" )
|
||||||
<br>
|
<br>
|
||||||
<p align="center">
|
<p align="center">
|
||||||
<?PHP If (IsSet($_SESSION['oldurl']))
|
<?PHP If (IsSet($_SESSION['oldurl']))
|
||||||
echo "<a href=\"".$oldurl."\">".Get_Text(11)."</a> ";
|
echo "<a href=\"". $_SESSION["oldurl"]. "\">".Get_Text(11)."</a> ";
|
||||||
?>
|
?>
|
||||||
<a href="#top"><?PHP echo Get_Text(12); ?></a>
|
<a href="#top"><?PHP echo Get_Text(12); ?></a>
|
||||||
</p>
|
</p>
|
||||||
|
@ -48,12 +48,19 @@ $MenueTableEnd="
|
||||||
include("./inc/funktion_menu.php");
|
include("./inc/funktion_menu.php");
|
||||||
include("./menu.php");
|
include("./menu.php");
|
||||||
|
|
||||||
ShowMenu( $Menu );
|
if( isset( $Menu))
|
||||||
echo "<br>";
|
{
|
||||||
ShowMenu( $MenuAdmin );
|
ShowMenu( $Menu );
|
||||||
|
echo "<br>";
|
||||||
|
}
|
||||||
|
if( isset( $MenuAdmin))
|
||||||
|
ShowMenu( $MenuAdmin );
|
||||||
|
|
||||||
echo "<br>";
|
echo "<br>";
|
||||||
|
|
||||||
|
if( !isset($submenus))
|
||||||
|
$submenus = 0;
|
||||||
|
|
||||||
if ($submenus >= 1 ) {
|
if ($submenus >= 1 ) {
|
||||||
$inc_name=$_SERVER['PHP_SELF'];
|
$inc_name=$_SERVER['PHP_SELF'];
|
||||||
$filenamepos=strrpos($inc_name, '/');
|
$filenamepos=strrpos($inc_name, '/');
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
|
|
||||||
function Get_Text ($TextID)
|
function Get_Text ($TextID)
|
||||||
{
|
{
|
||||||
if ($_SESSION['Sprache']=="") $_SESSION['Sprache']="EN";
|
if( !isset($_SESSION['Sprache'])) $_SESSION['Sprache'] = "EN";
|
||||||
|
if( $_SESSION['Sprache']=="") $_SESSION['Sprache']="EN";
|
||||||
|
|
||||||
GLOBAL $con;
|
GLOBAL $con;
|
||||||
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='".$_SESSION['Sprache']."'";
|
$SQL = "SELECT * FROM `Sprache` WHERE TextID=\"$TextID\" AND Sprache ='".$_SESSION['Sprache']."'";
|
||||||
|
|
|
@ -19,8 +19,8 @@ function ShowMenu( $Menu )
|
||||||
|
|
||||||
if( $_SESSION['CVS'][$MenuFile] == "Y")
|
if( $_SESSION['CVS'][$MenuFile] == "Y")
|
||||||
echo "\t\t\t<li><a href=\"". $Entry["File"]. "\">". $Entry["Name"]. "</a></li>\n";
|
echo "\t\t\t<li><a href=\"". $Entry["File"]. "\">". $Entry["Name"]. "</a></li>\n";
|
||||||
|
if( isset($Entry["Line"]))
|
||||||
echo $Entry["Line"];
|
echo $Entry["Line"];
|
||||||
|
|
||||||
|
|
||||||
//DEBUG
|
//DEBUG
|
||||||
|
|
|
@ -45,6 +45,7 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
//form Config
|
//form Config
|
||||||
global $CCC_Start, $CCC_End, $DEBUG;
|
global $CCC_Start, $CCC_End, $DEBUG;
|
||||||
|
|
||||||
|
$Spalten = "";
|
||||||
|
|
||||||
///////////////////////////////////////////////////////////////////
|
///////////////////////////////////////////////////////////////////
|
||||||
// Schow Admin Page
|
// Schow Admin Page
|
||||||
|
@ -72,10 +73,13 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
|
|
||||||
$Anzahl = mysql_num_rows($Erg);
|
$Anzahl = mysql_num_rows($Erg);
|
||||||
$Feld=0;
|
$Feld=0;
|
||||||
|
$Temp_TID_old=-1;
|
||||||
for( $i = 0; $i < $Anzahl; $i++ )
|
for( $i = 0; $i < $Anzahl; $i++ )
|
||||||
{
|
{
|
||||||
$Temp_TID_old = $Temp[$Feld]["TID"];
|
if( isset($Temp[$Feld]["TID"]))
|
||||||
$Temp_UID_old = $Temp[$Feld]["UID"];
|
$Temp_TID_old = $Temp[$Feld]["TID"];
|
||||||
|
if( isset($Temp[$Feld]["UID"]))
|
||||||
|
$Temp_UID_old = $Temp[$Feld]["UID"];
|
||||||
|
|
||||||
$Temp_TID = mysql_result($Erg, $i, "TID");
|
$Temp_TID = mysql_result($Erg, $i, "TID");
|
||||||
|
|
||||||
|
@ -95,7 +99,12 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
|
|
||||||
// ist es eine zu vergeben schicht?
|
// ist es eine zu vergeben schicht?
|
||||||
if( $Temp[$Feld]["UID"] == 0 )
|
if( $Temp[$Feld]["UID"] == 0 )
|
||||||
$Temp[$Feld]["free"]++;
|
{
|
||||||
|
if( isset($Temp[$Feld]["free"]))
|
||||||
|
$Temp[$Feld]["free"]++;
|
||||||
|
else
|
||||||
|
$Temp[$Feld]["free"]=1;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
$Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"];
|
$Temp[$Feld]["Engel"][] = $Temp[$Feld]["UID"];
|
||||||
} // FOR
|
} // FOR
|
||||||
|
@ -111,8 +120,9 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
$Spalten.= $EngelTypeID[ $TempValue["TID"] ]. " ";
|
$Spalten.= $EngelTypeID[ $TempValue["TID"] ]. " ";
|
||||||
|
|
||||||
// ausgabe Eingetragener Engel
|
// ausgabe Eingetragener Engel
|
||||||
if( count($TempValue["Engel"]) > 0 )
|
if( isset($TempValue["Engel"]))
|
||||||
{
|
if( count($TempValue["Engel"]) > 0 )
|
||||||
|
{
|
||||||
if( count($TempValue["Engel"]) == 1 )
|
if( count($TempValue["Engel"]) == 1 )
|
||||||
$Spalten.= Get_Text("inc_schicht_ist"). ":<br>\n\t\t";
|
$Spalten.= Get_Text("inc_schicht_ist"). ":<br>\n\t\t";
|
||||||
else
|
else
|
||||||
|
@ -123,7 +133,7 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
DisplayAvatar( $TempEngelID ).
|
DisplayAvatar( $TempEngelID ).
|
||||||
"<br>\n\t\t";
|
"<br>\n\t\t";
|
||||||
$Spalten = substr( $Spalten, 0, strlen($Spalten)-7 );
|
$Spalten = substr( $Spalten, 0, strlen($Spalten)-7 );
|
||||||
}
|
}
|
||||||
|
|
||||||
// ausgabe benötigter Engel
|
// ausgabe benötigter Engel
|
||||||
////////////////////////////
|
////////////////////////////
|
||||||
|
@ -137,10 +147,12 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
$SQLerlaubnis = "SELECT Name FROM `EngelType` WHERE TID = '". $TempValue["TID"]. "'";
|
$SQLerlaubnis = "SELECT Name FROM `EngelType` WHERE TID = '". $TempValue["TID"]. "'";
|
||||||
$Ergerlaubnis = mysql_query( $SQLerlaubnis, $con);
|
$Ergerlaubnis = mysql_query( $SQLerlaubnis, $con);
|
||||||
if( mysql_num_rows( $Ergerlaubnis))
|
if( mysql_num_rows( $Ergerlaubnis))
|
||||||
if( $_SESSION['CVS'][mysql_result( $Ergerlaubnis, 0, "Name")] == "Y" ||
|
//setzen wenn nicht definiert
|
||||||
$_SESSION['CVS'][mysql_result( $Ergerlaubnis, 0, "Name")] == "")
|
if( !isset($_SESSION['CVS'][mysql_result( $Ergerlaubnis, 0, "Name")]))
|
||||||
if( $TempValue["free"] > 0 )
|
$_SESSION['CVS'][mysql_result( $Ergerlaubnis, 0, "Name")] = "Y";
|
||||||
{
|
if( $_SESSION['CVS'][mysql_result( $Ergerlaubnis, 0, "Name")] == "Y")
|
||||||
|
if( $TempValue["free"] > 0 )
|
||||||
|
{
|
||||||
$Spalten.= "<br>\n\t\t <a href=\"./schichtplan_add.php?SID=$SID&TID=".
|
$Spalten.= "<br>\n\t\t <a href=\"./schichtplan_add.php?SID=$SID&TID=".
|
||||||
$TempValue["TID"]."\">";
|
$TempValue["TID"]."\">";
|
||||||
$Spalten.= $TempValue["free"];
|
$Spalten.= $TempValue["free"];
|
||||||
|
@ -154,12 +166,14 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
|
||||||
Get_Text("inc_schicht_werden");
|
Get_Text("inc_schicht_werden");
|
||||||
$Spalten.= Get_Text("inc_schicht_noch_gesucht");
|
$Spalten.= Get_Text("inc_schicht_noch_gesucht");
|
||||||
$Spalten.= "</a>";
|
$Spalten.= "</a>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if( $TempValue["free"] > 0 )
|
if( isset($TempValue["free"]))
|
||||||
$Spalten.= "<br>\n\t\t <h3><a>Fehlen noch: ". $TempValue["free"]. "</a></h3>";
|
if( $TempValue["free"] > 0 )
|
||||||
|
$Spalten.= "<br>\n\t\t <h3><a>Fehlen noch: ".
|
||||||
|
$TempValue["free"]. "</a></h3>";
|
||||||
}
|
}
|
||||||
$Spalten.= "<br>\n\t\t";
|
$Spalten.= "<br>\n\t\t";
|
||||||
|
|
||||||
|
@ -287,8 +301,8 @@ function CreateRoomShifts( $raum )
|
||||||
" (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)<br><br>";
|
" (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)<br><br>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if( $ZeitZeiger <= 24 )
|
if( $ZeitZeiger < 24 )
|
||||||
$Spalten[$ZeitZeiger * $GlobalZeileProStunde].=
|
$Spalten[($ZeitZeiger * $GlobalZeileProStunde)].=
|
||||||
"\t\t<td valign=\"top\" rowspan=\"".
|
"\t\t<td valign=\"top\" rowspan=\"".
|
||||||
((24 - $ZeitZeiger) * $GlobalZeileProStunde ).
|
((24 - $ZeitZeiger) * $GlobalZeileProStunde ).
|
||||||
"\"> </td>\n";
|
"\"> </td>\n";
|
||||||
|
|
|
@ -157,7 +157,7 @@ function ausgabe_Zeile( $RID, $Time, &$AnzahlEintraege )
|
||||||
" (`DateS` like '". gmdate("Y-m-d H", $Time). "%')) ) ORDER BY `DateS`;";
|
" (`DateS` like '". gmdate("Y-m-d H", $Time). "%')) ) ORDER BY `DateS`;";
|
||||||
|
|
||||||
$ErgRoom = mysql_query($SQL, $con);
|
$ErgRoom = mysql_query($SQL, $con);
|
||||||
$Out.= "\t<td>";
|
$Out= "\t<td>";
|
||||||
if( mysql_num_rows( $ErgRoom)>0 )
|
if( mysql_num_rows( $ErgRoom)>0 )
|
||||||
for( $i=1; $i<=mysql_num_rows( $ErgRoom); $i++ )
|
for( $i=1; $i<=mysql_num_rows( $ErgRoom); $i++ )
|
||||||
{
|
{
|
||||||
|
|
|
@ -89,9 +89,11 @@ if( $Page["ShowTabel"]=="Y" )
|
||||||
echo "\n\n\n";
|
echo "\n\n\n";
|
||||||
|
|
||||||
if (IsSet($_SESSION['UID'])) {
|
if (IsSet($_SESSION['UID'])) {
|
||||||
$BACKUP_SESSION_OLDURL = $_SESSION['oldurl'];
|
if( isset($_SESSION['oldurl']))
|
||||||
$_SESSION['oldurl'] = $_SESSION['newurl'];
|
$BACKUP_SESSION_OLDURL = $_SESSION['oldurl'];
|
||||||
$_SESSION['newurl'] = $REQUEST_URI;
|
if( isset($_SESSION['newurl']))
|
||||||
|
$_SESSION['oldurl'] = $_SESSION['newurl'];
|
||||||
|
$_SESSION['newurl'] = $_SERVER["REQUEST_URI"];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
//soll dein funktion entahlten die alle übergebenen parameter überprüft
|
//soll dein funktion entahlten die alle übergebenen parameter überprüft
|
||||||
//'`'"
|
//'`'"
|
||||||
|
|
||||||
foreach ($_GET as $k => $v)
|
foreach ($_GET as $k => $v)
|
||||||
{
|
{
|
||||||
$v = htmlspecialchars($v);
|
$v = htmlspecialchars($v);
|
||||||
|
@ -13,6 +13,7 @@ foreach ($_GET as $k => $v)
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
$_GET[$k] = $v;
|
$_GET[$k] = $v;
|
||||||
|
echo "GET $k=\"$v\"<br>";
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($_POST as $k => $v)
|
foreach ($_POST as $k => $v)
|
||||||
|
@ -25,6 +26,7 @@ foreach ($_POST as $k => $v)
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
$_POST[$k] = $v;
|
$_POST[$k] = $v;
|
||||||
|
echo "POST $k=\"$v\"<br>";
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -4,12 +4,10 @@ $header = "Deine persönlichen Einstellungen";
|
||||||
include ("./inc/header.php");
|
include ("./inc/header.php");
|
||||||
include ("./inc/crypt.php");
|
include ("./inc/crypt.php");
|
||||||
|
|
||||||
if (!IsSet($action)) {
|
if (!IsSet($_POST["action"]))
|
||||||
|
{
|
||||||
echo Get_Text(1).$_SESSION['Nick'].",<br>\n\n";
|
echo Get_Text(1).$_SESSION['Nick'].",<br>\n\n";
|
||||||
|
Print_Text(13);
|
||||||
Print_Text(13);
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<hr width=\"100%\">
|
<hr width=\"100%\">
|
||||||
<? Print_Text("pub_einstellungen_Text_UserData");?>
|
<? Print_Text("pub_einstellungen_Text_UserData");?>
|
||||||
|
@ -115,17 +113,16 @@ Print_Text(13);
|
||||||
|
|
||||||
//$ANZ_AVATAR= shell_exec("ls ".$_SERVER["DOCUMENT_ROOT"].$ENGEL_ROOT."inc/avatar/ | wc -l");
|
//$ANZ_AVATAR= shell_exec("ls ".$_SERVER["DOCUMENT_ROOT"].$ENGEL_ROOT."inc/avatar/ | wc -l");
|
||||||
$ANZ_AVATAR= shell_exec("ls inc/avatar/ | wc -l");
|
$ANZ_AVATAR= shell_exec("ls inc/avatar/ | wc -l");
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<select name="eAvatar" onChange="document.avatar.src = './inc/avatar/avatar' + this.value + '.gif'"
|
<select name="eAvatar" onChange="document.avatar.src = './inc/avatar/avatar' + this.value + '.gif'"
|
||||||
onKeyup= "document.avatar.src = './inc/avatar/avatar' + this.value + '.gif'">
|
onKeyup= "document.avatar.src = './inc/avatar/avatar' + this.value + '.gif'">
|
||||||
<option value="0" name="eAvatar" <?php if ($_SESSION['Avatar'] == $i) { echo " selected"; } ?>> <?PHP Print_Text(24); ?> </option>
|
|
||||||
<?php
|
<?php
|
||||||
for ($i=1; $i <= $ANZ_AVATAR; $i++ ){
|
for ($i=1; $i <= $ANZ_AVATAR; $i++ )
|
||||||
echo "\t\t\t\t<option value=\"$i\"";
|
{
|
||||||
if ($_SESSION['Avatar'] == $i) { echo " selected"; }
|
echo "\t\t\t\t<option value=\"$i\"";
|
||||||
echo ">avatar$i</option>\n";
|
if ($_SESSION['Avatar'] == $i) { echo " selected"; }
|
||||||
|
echo ">avatar$i</option>\n";
|
||||||
}
|
}
|
||||||
echo "\n";
|
echo "\n";
|
||||||
?>
|
?>
|
||||||
|
@ -141,17 +138,18 @@ $ANZ_AVATAR= shell_exec("ls inc/avatar/ | wc -l");
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
switch ($action) {
|
switch ($_POST["action"]) {
|
||||||
|
|
||||||
case 'set':
|
case 'set':
|
||||||
if ($new1==$new2){
|
if ($_POST["new1"]==$_POST["new2"]){
|
||||||
Print_Text(25);
|
Print_Text(25);
|
||||||
$sql = "select * from User where UID=".$_SESSION['UID'];
|
$sql = "select * from User where UID=".$_SESSION['UID'];
|
||||||
$Erg = mysql_query($sql, $con);
|
$Erg = mysql_query($sql, $con);
|
||||||
if (PassCrypt($old)==mysql_result($Erg, $i, "Passwort")) {
|
if (PassCrypt($_POST["old"])==mysql_result($Erg, 0, "Passwort")) {
|
||||||
Print_Text(26);
|
Print_Text(26);
|
||||||
Print_Text(27);
|
Print_Text(27);
|
||||||
$usql = "update User set Passwort='".PassCrypt($new1)."' where UID=".$_SESSION['UID']." limit 1";
|
$usql = "update User set Passwort='".PassCrypt($_POST["new1"])."' ".
|
||||||
|
"where UID=".$_SESSION['UID']." limit 1";
|
||||||
$Erg = mysql_query($usql, $con);
|
$Erg = mysql_query($usql, $con);
|
||||||
if ($Erg==1) {
|
if ($Erg==1) {
|
||||||
Print_Text(28);
|
Print_Text(28);
|
||||||
|
@ -168,9 +166,9 @@ case 'set':
|
||||||
|
|
||||||
case 'colour':
|
case 'colour':
|
||||||
|
|
||||||
$chsql="Update User set color= \"$colourid\" where UID = \"".$_SESSION['UID']."\" limit 1";
|
$chsql="Update User set color= \"". $_POST["colourid"]. "\" where UID = \"".$_SESSION['UID']."\" limit 1";
|
||||||
$Erg = mysql_query($chsql, $con);
|
$Erg = mysql_query($chsql, $con);
|
||||||
$_SESSION['color']=$colourid;
|
$_SESSION['color']=$_POST["colourid"];
|
||||||
if ($Erg==1) {
|
if ($Erg==1) {
|
||||||
Print_Text(32);
|
Print_Text(32);
|
||||||
} else {
|
} else {
|
||||||
|
@ -181,9 +179,9 @@ case 'colour':
|
||||||
|
|
||||||
case 'sprache':
|
case 'sprache':
|
||||||
|
|
||||||
$chsql="Update User set Sprache = \"$language\" where UID = \"".$_SESSION['UID']."\" limit 1";
|
$chsql="Update User set Sprache = \"". $_POST["language"]. "\" where UID = \"".$_SESSION['UID']."\" limit 1";
|
||||||
$Erg = mysql_query($chsql, $con);
|
$Erg = mysql_query($chsql, $con);
|
||||||
$_SESSION['Sprache']=$language;
|
$_SESSION['Sprache']=$_POST["language"];
|
||||||
if ($Erg==1) {
|
if ($Erg==1) {
|
||||||
Print_Text(33);
|
Print_Text(33);
|
||||||
} else {
|
} else {
|
||||||
|
@ -192,11 +190,10 @@ case 'sprache':
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
||||||
case 'avatar':
|
case 'avatar':
|
||||||
$chsql="Update User set Avatar = \"$eAvatar\" where UID = \"".$_SESSION['UID']."\" limit 1";
|
$chsql="Update User set Avatar = \"". $_POST["eAvatar"]. "\" where UID = \"". $_SESSION['UID']. "\" limit 1";
|
||||||
$Erg = mysql_query($chsql, $con);
|
$Erg = mysql_query($chsql, $con);
|
||||||
$_SESSION['Avatar']=$eAvatar;
|
$_SESSION['Avatar']=$_POST["eAvatar"];
|
||||||
if ($Erg==1) {
|
if ($Erg==1) {
|
||||||
Print_Text(34);
|
Print_Text(34);
|
||||||
} else {
|
} else {
|
||||||
|
@ -206,22 +203,23 @@ case 'avatar':
|
||||||
|
|
||||||
case 'setUserData':
|
case 'setUserData':
|
||||||
$chsql= "UPDATE User SET ".
|
$chsql= "UPDATE User SET ".
|
||||||
"`Nick`='$eNick', `Name`='$eName', `Vorname`='$eVorname', ".
|
"`Nick`='". $_POST["eNick"]. "', `Name`='". $_POST["eName"]. "', ".
|
||||||
"`Alter`='$eAlter', `Telefon`='$eTelefon', `Handy`='$eHandy', ".
|
"`Vorname`='". $_POST["eVorname"]. "', `Alter`='". $_POST["eAlter"]. "', ".
|
||||||
"`DECT`='$eDECT', `email`='$eemail' ".
|
"`Telefon`='". $_POST["eTelefon"]. "', `Handy`='". $_POST["eHandy"]. "', ".
|
||||||
|
"`DECT`='". $_POST["eDECT"]. "', `email`='". $_POST["eemail"]. "' ".
|
||||||
"WHERE UID='". $_SESSION['UID']. "' LIMIT 1;";
|
"WHERE UID='". $_SESSION['UID']. "' LIMIT 1;";
|
||||||
$Erg = mysql_query($chsql, $con);
|
$Erg = mysql_query($chsql, $con);
|
||||||
|
|
||||||
if ($Erg==1)
|
if ($Erg==1)
|
||||||
{
|
{
|
||||||
$_SESSION['Nick'] = $eNick;
|
$_SESSION['Nick'] = $_POST["eNick"];
|
||||||
$_SESSION['Name'] = $eName;
|
$_SESSION['Name'] = $_POST["eName"];
|
||||||
$_SESSION['Vorname'] = $eVorname;
|
$_SESSION['Vorname'] = $_POST["eVorname"];
|
||||||
$_SESSION['Alter'] = $eAlter;
|
$_SESSION['Alter'] = $_POST["eAlter"];
|
||||||
$_SESSION['Telefon'] = $eTelefon;
|
$_SESSION['Telefon'] = $_POST["eTelefon"];
|
||||||
$_SESSION['Handy'] = $eHandy;
|
$_SESSION['Handy'] = $_POST["eHandy"];
|
||||||
$_SESSION['DECT'] = $eDECT;
|
$_SESSION['DECT'] = $_POST["eDECT"];
|
||||||
$_SESSION['email'] = $eemail;
|
$_SESSION['email'] = $_POST["eemail"];
|
||||||
|
|
||||||
Print_Text("pub_einstellungen_UserDateSaved");
|
Print_Text("pub_einstellungen_UserDateSaved");
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,9 +5,9 @@ include ("./inc/header.php");
|
||||||
|
|
||||||
|
|
||||||
// Erstaufruf, oder Frage bereits abgeschickt?
|
// Erstaufruf, oder Frage bereits abgeschickt?
|
||||||
if (!IsSet($eUID)) {
|
if (!IsSet($_POST["eUID"]))
|
||||||
|
{
|
||||||
Print_Text(35);
|
Print_Text(35);
|
||||||
?>
|
?>
|
||||||
<br><br>
|
<br><br>
|
||||||
<form action="./faq.php" method="POST">
|
<form action="./faq.php" method="POST">
|
||||||
|
@ -20,9 +20,9 @@ Print_Text(35);
|
||||||
} else {
|
} else {
|
||||||
// Auswertung d. Formular-Daten:
|
// Auswertung d. Formular-Daten:
|
||||||
|
|
||||||
echo "<b>".Get_Text(37)."</b><br><br>\n".nl2br($frage)."<br><br>\n".Get_Text(38)."<br>\n";
|
echo "<b>".Get_Text(37)."</b><br><br>\n".nl2br($_POST["frage"])."<br><br>\n".Get_Text(38)."<br>\n";
|
||||||
|
|
||||||
$SQL = "INSERT into Questions VALUES (\"\", \"".$_SESSION['UID']."\", \"$frage\", \"\", \"\")";
|
$SQL = "INSERT into Questions VALUES (\"\", \"".$_SESSION['UID']."\", \"". $_POST["frage"]. "\", \"\", \"\")";
|
||||||
$Erg = mysql_query($SQL, $con);
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ session_start(); // alte Session - falls vorhanden - wiederherstellen...
|
||||||
|
|
||||||
if (!IsSet($_SESSION['UID'])) {
|
if (!IsSet($_SESSION['UID'])) {
|
||||||
|
|
||||||
$sql = "select * from User where Nick = '$user'";
|
$sql = "select * from User where Nick = '". $_POST["user"]. "'";
|
||||||
|
|
||||||
$userstring = mysql_query($sql, $con);
|
$userstring = mysql_query($sql, $con);
|
||||||
|
|
||||||
|
@ -18,7 +18,7 @@ if (!IsSet($_SESSION['UID'])) {
|
||||||
$user_anz = mysql_num_rows($userstring);
|
$user_anz = mysql_num_rows($userstring);
|
||||||
|
|
||||||
if ($user_anz == 1) { // Check, ob User angemeldet wird...
|
if ($user_anz == 1) { // Check, ob User angemeldet wird...
|
||||||
if (mysql_result($userstring, 0, "Passwort") == PassCrypt($password)) { // Passwort ok...
|
if (mysql_result($userstring, 0, "Passwort") == PassCrypt($_POST["password"])) { // Passwort ok...
|
||||||
// Session wird eingeleitet und Session-Variablen gesetzt..
|
// Session wird eingeleitet und Session-Variablen gesetzt..
|
||||||
// session_start();
|
// session_start();
|
||||||
session_name("Himmel");
|
session_name("Himmel");
|
||||||
|
|
|
@ -8,7 +8,7 @@ include ("./inc/funktionen.php");
|
||||||
include ("./inc/funktion_schichtplan.php");
|
include ("./inc/funktion_schichtplan.php");
|
||||||
|
|
||||||
|
|
||||||
If( !IsSet($action) )
|
If( !IsSet($_GET["action"]) )
|
||||||
{
|
{
|
||||||
|
|
||||||
echo Get_Text("Hello").$_SESSION['Nick'].", <br>\n";
|
echo Get_Text("Hello").$_SESSION['Nick'].", <br>\n";
|
||||||
|
@ -81,12 +81,12 @@ echo "</table>\n\n";
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
If( $action == "austragen" )
|
If( $_GET["action"] == "austragen" )
|
||||||
{
|
{
|
||||||
echo Get_Text("pub_mywake_delate1")."<br>\n";
|
echo Get_Text("pub_mywake_delate1")."<br>\n";
|
||||||
|
|
||||||
$sql = "SELECT * FROM `Shifts` WHERE ";
|
$sql = "SELECT * FROM `Shifts` WHERE ";
|
||||||
$sql.= "(SID = \"$SID\")";
|
$sql.= "(SID = \"". $_GET["SID"]. "\")";
|
||||||
$Erg = mysql_query($sql, $con);
|
$Erg = mysql_query($sql, $con);
|
||||||
|
|
||||||
$schichtdate = mysql_result( $Erg, 0, "DateS" );
|
$schichtdate = mysql_result( $Erg, 0, "DateS" );
|
||||||
|
@ -106,7 +106,7 @@ else
|
||||||
{
|
{
|
||||||
$sql2 = "UPDATE `ShiftEntry` ".
|
$sql2 = "UPDATE `ShiftEntry` ".
|
||||||
"SET `UID` = '0', `Comment` = NULL ".
|
"SET `UID` = '0', `Comment` = NULL ".
|
||||||
"WHERE `SID` = '$SID' AND `UID` = '". $_SESSION['UID']. "' LIMIT 1;";
|
"WHERE `SID` = '". $_GET["SID"]. "' AND `UID` = '". $_SESSION['UID']. "' LIMIT 1;";
|
||||||
$Erg2 = mysql_query($sql2, $con);
|
$Erg2 = mysql_query($sql2, $con);
|
||||||
if ($Erg2 == 1)
|
if ($Erg2 == 1)
|
||||||
echo Get_Text("pub_mywake_add_ok"). "\n";
|
echo Get_Text("pub_mywake_add_ok"). "\n";
|
||||||
|
@ -116,27 +116,27 @@ else
|
||||||
else
|
else
|
||||||
echo Get_Text("pub_mywake_after"). "\n";
|
echo Get_Text("pub_mywake_after"). "\n";
|
||||||
}
|
}
|
||||||
elseif( $action == "edit" )
|
elseif( $_GET["action"] == "edit" )
|
||||||
{
|
{
|
||||||
echo Get_Text("pub_myshift_Edit_Text1"). "\n";
|
echo Get_Text("pub_myshift_Edit_Text1"). "\n";
|
||||||
|
|
||||||
$sql = "SELECT * FROM `ShiftEntry` WHERE ";
|
$sql = "SELECT * FROM `ShiftEntry` WHERE ";
|
||||||
$sql.= "(SID=\"$SID\" AND UID=\"". $_SESSION['UID']. "\" )";
|
$sql.= "(SID=\"". $_GET["SID"]. "\" AND UID=\"". $_SESSION['UID']. "\" )";
|
||||||
$Erg = mysql_query($sql, $con);
|
$Erg = mysql_query($sql, $con);
|
||||||
|
|
||||||
echo "<form action=\"./myschichtplan.php\" method=\"post\">\n";
|
echo "<form action=\"./myschichtplan.php\" method=\"post\">\n";
|
||||||
echo "<textarea name='newtext' cols='50' rows='10'>". mysql_result( $Erg, 0, "Comment" ). "</textarea><br><br>\n";
|
echo "<textarea name='newtext' cols='50' rows='10'>". mysql_result( $Erg, 0, "Comment" ). "</textarea><br><br>\n";
|
||||||
echo "<input type=\"submit\" value=\"save\">\n";
|
echo "<input type=\"submit\" value=\"save\">\n";
|
||||||
echo "<input type=\"hidden\" name=\"SID\" value=\"$SID\">\n";
|
echo "<input type=\"hidden\" name=\"SID\" value=\"". $_GET["SID"]. "\">\n";
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"editSave\">\n";
|
echo "<input type=\"hidden\" name=\"action\" value=\"editSave\">\n";
|
||||||
echo "</form>";
|
echo "</form>";
|
||||||
}
|
}
|
||||||
elseif( $action == "editSave" )
|
elseif( $_GET["action"] == "editSave" )
|
||||||
{
|
{
|
||||||
echo Get_Text("pub_myshift_EditSave_Text1"). "<br>\n";
|
echo Get_Text("pub_myshift_EditSave_Text1"). "<br>\n";
|
||||||
$sql = "UPDATE `ShiftEntry` ".
|
$sql = "UPDATE `ShiftEntry` ".
|
||||||
"SET `Comment` = \"". $newtext. "\" ".
|
"SET `Comment` = \"". $_GET["newtext"]. "\" ".
|
||||||
"WHERE `SID`='$SID' AND `UID`='". $_SESSION['UID']. "' LIMIT 1;";
|
"WHERE `SID`='". $_GET["SID"]. "' AND `UID`='". $_SESSION['UID']. "' LIMIT 1;";
|
||||||
$Erg = mysql_query($sql, $con);
|
$Erg = mysql_query($sql, $con);
|
||||||
if ($Erg == 1)
|
if ($Erg == 1)
|
||||||
echo "\t ...". Get_Text("pub_myshift_EditSave_OK"). "\n";
|
echo "\t ...". Get_Text("pub_myshift_EditSave_OK"). "\n";
|
||||||
|
|
|
@ -2,6 +2,12 @@
|
||||||
$title = "Himmel";
|
$title = "Himmel";
|
||||||
$header = "Schichtpläne";
|
$header = "Schichtpläne";
|
||||||
$submenus = 2;
|
$submenus = 2;
|
||||||
|
|
||||||
|
if( isset($_GET["ausdatum"]))
|
||||||
|
$ausdatum = $_GET["ausdatum"];
|
||||||
|
if( isset($_GET["raum"]))
|
||||||
|
$raum = $_GET["raum"];
|
||||||
|
|
||||||
include ("./inc/header.php");
|
include ("./inc/header.php");
|
||||||
include ("./inc/funktion_user.php");
|
include ("./inc/funktion_user.php");
|
||||||
include ("./inc/funktionen.php");
|
include ("./inc/funktionen.php");
|
||||||
|
|
|
@ -6,11 +6,11 @@ include ("./inc/funktion_user.php");
|
||||||
include ("./inc/funktion_schichtplan.php");
|
include ("./inc/funktion_schichtplan.php");
|
||||||
include ("./inc/funktionen.php");
|
include ("./inc/funktionen.php");
|
||||||
|
|
||||||
if (isset($newtext) && isset($SID) && isset($TID)) {
|
if (isset($_POST["newtext"]) && isset($_POST["SID"]) && isset($_POST["TID"])) {
|
||||||
SetHeaderGo2Back();
|
SetHeaderGo2Back();
|
||||||
|
|
||||||
// datum der einzutragenden schicht heraussuhen...
|
// datum der einzutragenden schicht heraussuhen...
|
||||||
$ShiftSQL = "SELECT `DateS`, `DateE` FROM `Shifts` WHERE `SID`='$SID'";
|
$ShiftSQL = "SELECT `DateS`, `DateE` FROM `Shifts` WHERE `SID`='". $_POST["SID"]. ".'";
|
||||||
$ShiftErg = mysql_query ($ShiftSQL, $con);
|
$ShiftErg = mysql_query ($ShiftSQL, $con);
|
||||||
$beginSchicht = mysql_result($ShiftErg, 0, "DateS");
|
$beginSchicht = mysql_result($ShiftErg, 0, "DateS");
|
||||||
$endSchicht = mysql_result($ShiftErg, 0, "DateE");
|
$endSchicht = mysql_result($ShiftErg, 0, "DateE");
|
||||||
|
@ -34,7 +34,7 @@ if (isset($newtext) && isset($SID) && isset($TID)) {
|
||||||
{
|
{
|
||||||
//ermitteln der noch gesuchten
|
//ermitteln der noch gesuchten
|
||||||
$SQL3 = "SELECT * FROM `ShiftEntry`".
|
$SQL3 = "SELECT * FROM `ShiftEntry`".
|
||||||
" WHERE ((`SID` = '$SID') and (`TID` = '$TID') and (`UID` = '0'));";
|
" WHERE ((`SID` = '". $_POST["SID"]. "') and (`TID` = '". $_POST["TID"]. "') and (`UID` = '0'));";
|
||||||
$Erg3 = mysql_query($SQL3, $con);
|
$Erg3 = mysql_query($SQL3, $con);
|
||||||
|
|
||||||
if( mysql_num_rows($Erg3) <= 0 )
|
if( mysql_num_rows($Erg3) <= 0 )
|
||||||
|
@ -44,8 +44,10 @@ if (isset($newtext) && isset($SID) && isset($TID)) {
|
||||||
//write shift
|
//write shift
|
||||||
$SQL = "UPDATE `ShiftEntry` SET ".
|
$SQL = "UPDATE `ShiftEntry` SET ".
|
||||||
"`UID` = '". $_SESSION['UID']. "', ".
|
"`UID` = '". $_SESSION['UID']. "', ".
|
||||||
"`Comment` = '$newtext' ".
|
"`Comment` = '". $_POST["newtext"]. "' ".
|
||||||
"WHERE ((`SID` = '$SID') and (`TID` = '$TID') and (`UID` = '0')) LIMIT 1;";
|
"WHERE ( (`SID` = '". $_POST["SID"]. "') and ".
|
||||||
|
"(`TID` = '". $_POST["TID"]. "') and ".
|
||||||
|
"(`UID` = '0')) LIMIT 1;";
|
||||||
$Erg = mysql_query($SQL, $con);
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
if ($Erg != 1)
|
if ($Erg != 1)
|
||||||
|
@ -56,13 +58,13 @@ if (isset($newtext) && isset($SID) && isset($TID)) {
|
||||||
}//TO Many USERS
|
}//TO Many USERS
|
||||||
}//Allready in Shift
|
}//Allready in Shift
|
||||||
}
|
}
|
||||||
elseif (isset($SID) && isset($TID)) {
|
elseif (isset($_GET["SID"]) && isset($_GET["TID"])) {
|
||||||
echo Get_Text("pub_schichtplan_add_Text1"). "<br><br>\n\n".
|
echo Get_Text("pub_schichtplan_add_Text1"). "<br><br>\n\n".
|
||||||
"<form action=\"./schichtplan_add.php\" method=\"post\">".
|
"<form action=\"./schichtplan_add.php\" method=\"post\">\n".
|
||||||
"<table border=\"0\">";
|
"<table border=\"0\">\n";
|
||||||
|
|
||||||
$SQL = "SELECT * FROM `Shifts` WHERE ";
|
$SQL = "SELECT * FROM `Shifts` WHERE ";
|
||||||
$SQL .="(SID = '".$SID."')";
|
$SQL .="(SID = '". $_GET["SID"]. "')";
|
||||||
$Erg = mysql_query($SQL, $con);
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
echo "<tr><td>". Get_Text("pub_schichtplan_add_Date"). ":</td> <td>".
|
echo "<tr><td>". Get_Text("pub_schichtplan_add_Date"). ":</td> <td>".
|
||||||
|
@ -72,7 +74,7 @@ elseif (isset($SID) && isset($TID)) {
|
||||||
$RoomID[ mysql_result($Erg, 0, "RID") ]. "</td></tr>\n";
|
$RoomID[ mysql_result($Erg, 0, "RID") ]. "</td></tr>\n";
|
||||||
|
|
||||||
echo "<tr><td>". Get_Text("pub_schichtplan_add_Job"). ":</td> <td>".
|
echo "<tr><td>". Get_Text("pub_schichtplan_add_Job"). ":</td> <td>".
|
||||||
$EngelTypeID[$TID]. "</td></tr>\n";
|
$EngelTypeID[$_GET["TID"]]. "</td></tr>\n";
|
||||||
|
|
||||||
echo "<tr><td>". Get_Text("pub_schichtplan_add_Len"). ":</td> <td>".
|
echo "<tr><td>". Get_Text("pub_schichtplan_add_Len"). ":</td> <td>".
|
||||||
mysql_result($Erg, 0, "Len"). "h</td></tr>\n";
|
mysql_result($Erg, 0, "Len"). "h</td></tr>\n";
|
||||||
|
@ -86,8 +88,8 @@ elseif (isset($SID) && isset($TID)) {
|
||||||
echo "<tr><td> </td>\n".
|
echo "<tr><td> </td>\n".
|
||||||
"<td><input type=\"submit\" value=\"". Get_Text("pub_schichtplan_add_submit"). "\"> </td></tr>\n".
|
"<td><input type=\"submit\" value=\"". Get_Text("pub_schichtplan_add_submit"). "\"> </td></tr>\n".
|
||||||
"</table>\n".
|
"</table>\n".
|
||||||
"<input type=\"hidden\" name=\"SID\" value=\"$SID\">\n".
|
"<input type=\"hidden\" name=\"SID\" value=\"". $_GET["SID"]. "\">\n".
|
||||||
"<input type=\"hidden\" name=\"TID\" value=\"$TID\">\n".
|
"<input type=\"hidden\" name=\"TID\" value=\"". $_GET["TID"]. "\">\n".
|
||||||
"</form>";
|
"</form>";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,7 +15,7 @@ $Time = time()+3600+3600;
|
||||||
<HEAD>
|
<HEAD>
|
||||||
<TITLE>Schichtpläne für Beamer</TITLE>
|
<TITLE>Schichtpläne für Beamer</TITLE>
|
||||||
<!--<link rel=stylesheet type="text/css" href="./inc/css/style1.css">-->
|
<!--<link rel=stylesheet type="text/css" href="./inc/css/style1.css">-->
|
||||||
<meta http-equiv="refresh" content="30; URL=<?substr($url, 0, strlen($url)-1). $ENGEL_ROOT. $Page["Name"]?>">
|
<meta http-equiv="refresh" content="30; URL=<?echo substr($url, 0, strlen($url)-1). $_SERVER['PHP_SELF']?>">
|
||||||
</HEAD>
|
</HEAD>
|
||||||
<BODY>
|
<BODY>
|
||||||
<?
|
<?
|
||||||
|
|
|
@ -6,19 +6,6 @@ $header = "Weckdienst - Liste der zu weckenden Engel";
|
||||||
|
|
||||||
include ("./inc/header.php");
|
include ("./inc/header.php");
|
||||||
|
|
||||||
if ($eintragen == "Weck mich!") {
|
|
||||||
$SQL = "INSERT INTO Wecken (`UID`, `Date`, `Ort`, `Bemerkung`) VALUES (".$_SESSION['UID'].", \"$Date\", \"$Ort\", \"$Bemerkung\") ";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
if ($Erg == 1) { Print_Text(4); }
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($eintragen == "loeschen") {
|
|
||||||
$SQL = "Delete from Wecken where UID = ".$_SESSION['UID']." and ID = $weckID limit 1";
|
|
||||||
$Erg = mysql_query($SQL, $con);
|
|
||||||
if ($Erg == 1) {
|
|
||||||
Print_Text(4);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<? echo Get_Text(1). $_SESSION['Nick'].",<br>\n".
|
<? echo Get_Text(1). $_SESSION['Nick'].",<br>\n".
|
||||||
|
|
|
@ -5,19 +5,24 @@ $header = "Weckdienst";
|
||||||
include ("./inc/header.php");
|
include ("./inc/header.php");
|
||||||
include ("./inc/funktion_user.php");
|
include ("./inc/funktion_user.php");
|
||||||
|
|
||||||
if ($eintragen == Get_Text("pub_wake_bouton") ) {
|
if( isset($_POST["eintragen"]))
|
||||||
$SQL = "INSERT INTO Wecken (`UID`, `Date`, `Ort`, `Bemerkung`) VALUES (".$_SESSION['UID'].", \"$Date\", \"$Ort\", \"$Bemerkung\") ";
|
if( $_POST["eintragen"] == Get_Text("pub_wake_bouton") )
|
||||||
$Erg = mysql_query($SQL, $con);
|
{
|
||||||
if ($Erg == 1) { Print_Text(4); }
|
$SQL = "INSERT INTO Wecken (`UID`, `Date`, `Ort`, `Bemerkung`) ".
|
||||||
}
|
"VALUES (".$_SESSION['UID'].", \"". $_POST["Date"]. "\", \"". $_POST["Ort"].
|
||||||
|
"\", \"". $_POST["Bemerkung"]. "\") ";
|
||||||
if ($eintragen == "loeschen") {
|
$Erg = mysql_query($SQL, $con);
|
||||||
$SQL = "Delete from Wecken where UID = ".$_SESSION['UID']." and ID = $weckID limit 1";
|
if ($Erg == 1)
|
||||||
$Erg = mysql_query($SQL, $con);
|
Print_Text(4);
|
||||||
if ($Erg == 1) {
|
}
|
||||||
Print_Text(4);
|
if( isset($_GET["eintragen"]))
|
||||||
}
|
if ($_GET["eintragen"] == "loeschen")
|
||||||
}
|
{
|
||||||
|
$SQL = "Delete from Wecken where UID = ".$_SESSION['UID']." and ID = ". $_GET["weckID"]." limit 1";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
if ($Erg == 1)
|
||||||
|
Print_Text(4);
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<? echo Get_Text("Hello").$_SESSION['Nick'].",<br>".Get_Text("pub_wake_beschreibung")?>
|
<? echo Get_Text("Hello").$_SESSION['Nick'].",<br>".Get_Text("pub_wake_beschreibung")?>
|
||||||
|
|
Loading…
Reference in New Issue