iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

remove user angeltype administration from user-edit

This commit is contained in:
Philip Häusler 2014-12-27 21:48:08 +01:00
parent af52251cef
commit 247d9b65c1
2 changed files with 32 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
includes/pages/admin_user.php
View File

@ -33,7 +33,7 @@ function admin_user() {
$html .= " <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n"; $html .= " <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n";
$html .= " <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n"; $html .= " <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n";
$html .= " <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n"; $html .= " <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
$html .= "<tr><td>".form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $user_source['email_shiftinfo']) . "</td></tr>\n"; $html .= "<tr><td>" . form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $user_source['email_shiftinfo']) . "</td></tr>\n";
$html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n"; $html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n"; $html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
@ -71,66 +71,7 @@ function admin_user() {
$html .= "<hr />"; $html .= "<hr />";
// UserAngelType subform $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
list($user_source) = sql_select($SQL);
$selected_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
$accepted_angel_types = sql_select_single_col("SELECT `angeltype_id` FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']) . " AND `confirm_user_id` IS NOT NULL");
$nonrestricted_angel_types = sql_select_single_col("SELECT `id` FROM `AngelTypes` WHERE `restricted` = 0");
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$angel_types = array();
foreach ($angel_types_source as $angel_type)
$angel_types[$angel_type['id']] = $angel_type['name'];
if (isset($_REQUEST['submit_user_angeltypes'])) {
$selected_angel_types = isset($_REQUEST['selected_angel_types']) && is_array($_REQUEST['selected_angel_types']) ? array_intersect($_REQUEST['selected_angel_types'], array_keys($angel_types)) : array();
$accepted_angel_types = isset($_REQUEST['accepted_angel_types']) && is_array($_REQUEST['accepted_angel_types']) ? array_unique(array_diff(array_intersect($_REQUEST['accepted_angel_types'], array_keys($angel_types)), $nonrestricted_angel_types)) : array();
if (in_array("admin_user_angeltypes", $privileges))
$selected_angel_types = array_merge((array) $selected_angel_types, $accepted_angel_types);
$selected_angel_types = array_unique($selected_angel_types);
// Assign angel-types
sql_transaction_start();
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user_source['UID']));
$user_angel_type_info = array();
if (! empty($selected_angel_types)) {
$SQL = "INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ";
foreach ($selected_angel_types as $selected_angel_type_id) {
$SQL .= "(" . $user_source['UID'] . ", " . $selected_angel_type_id . "),";
$user_angel_type_info[] = $angel_types[$selected_angel_type_id] . (in_array($selected_angel_type_id, $accepted_angel_types) ? ' (confirmed)' : '');
}
// remove superfluous comma
$SQL = substr($SQL, 0, - 1);
sql_query($SQL);
}
if (in_array("admin_user_angeltypes", $privileges)) {
sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = NULL WHERE `user_id` = " . sql_escape($user_source['UID']));
if (! empty($accepted_angel_types))
sql_query("UPDATE `UserAngelTypes` SET `confirm_user_id` = '" . sql_escape($user['UID']) . "' WHERE `user_id` = '" . sql_escape($user_source['UID']) . "' AND `angeltype_id` IN (" . implode(',', $accepted_angel_types) . ")");
}
sql_transaction_commit();
engelsystem_log("Set angeltypes of " . User_Nick_render($user_source) . " to: " . join(", ", $user_angel_type_info));
success("Angeltypes saved.");
redirect(page_link_to('admin_user') . '&id=' . $user_source['UID']);
}
$html .= form(array(
msg(),
form_multi_checkboxes(array(
'selected_angel_types' => 'gewünscht',
'accepted_angel_types' => 'akzeptiert'
), "Angeltypes", $angel_types, array(
'selected_angel_types' => $selected_angel_types,
'accepted_angel_types' => array_merge($accepted_angel_types, $nonrestricted_angel_types)
), array(
'accepted_angel_types' => $nonrestricted_angel_types
)),
form_submit('submit_user_angeltypes', _("Save"))
));
$html .= "<hr />";
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n"; $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
$html .= "<table>\n"; $html .= "<table>\n";

119
includes/pages/user_settings.php
View File

@ -7,7 +7,7 @@ function settings_title() {
function user_settings() { function user_settings() {
global $enable_tshirt_size, $tshirt_sizes, $themes, $locales; global $enable_tshirt_size, $tshirt_sizes, $themes, $locales;
global $user; global $user;
$msg = ""; $msg = "";
$nick = $user['Nick']; $nick = $user['Nick'];
$lastname = $user['Name']; $lastname = $user['Name'];
@ -24,34 +24,10 @@ function user_settings() {
$password_hash = ""; $password_hash = "";
$selected_theme = $user['color']; $selected_theme = $user['color'];
$selected_language = $user['Sprache']; $selected_language = $user['Sprache'];
$selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
$selected_angel_types_source_ids = array();
$selected_angel_types = array();
foreach ($selected_angel_types_source as $selected_angel_type) {
$selected_angel_types[] = $selected_angel_type['angeltype_id'];
$selected_angel_types_source_ids[] = $selected_angel_type['angeltype_id'];
}
$angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array();
foreach ($angel_types_source as $angel_type)
$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
if (isset($_REQUEST['submit'])) { if (isset($_REQUEST['submit'])) {
$ok = true; $ok = true;
if (isset($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
$nick = strip_request_item('nick');
if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
$ok = false;
$msg .= error(sprintf(_("Your nick &quot;%s&quot; already exists."), $nick), true);
}
} else {
$ok = false;
$msg .= error(sprintf(_("Your nick &quot;%s&quot; is too short (min. 2 characters)."), strip_request_item('nick')), true);
}
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
$mail = strip_request_item('mail'); $mail = strip_request_item('mail');
if (! check_email($mail)) { if (! check_email($mail)) {
@ -62,9 +38,9 @@ function user_settings() {
$ok = false; $ok = false;
$msg .= error(_("Please enter your e-mail."), true); $msg .= error(_("Please enter your e-mail."), true);
} }
$email_shiftinfo = isset($_REQUEST['email_shiftinfo']); $email_shiftinfo = isset($_REQUEST['email_shiftinfo']);
if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
$jabber = strip_request_item('jabber'); $jabber = strip_request_item('jabber');
if (! check_email($jabber)) { if (! check_email($jabber)) {
@ -72,18 +48,13 @@ function user_settings() {
$msg .= error(_("Please check your jabber account information."), true); $msg .= error(_("Please check your jabber account information."), true);
} }
} }
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]))
$tshirt_size = $_REQUEST['tshirt_size']; $tshirt_size = $_REQUEST['tshirt_size'];
elseif ($enable_tshirt_size) { elseif ($enable_tshirt_size) {
$ok = false; $ok = false;
} }
$selected_angel_types = array();
foreach ($angel_types as $angel_type_id => $angel_type_name)
if (isset($_REQUEST['angel_types_' . $angel_type_id]))
$selected_angel_types[] = $angel_type_id;
// Trivia // Trivia
if (isset($_REQUEST['lastname'])) if (isset($_REQUEST['lastname']))
$lastname = strip_request_item('lastname'); $lastname = strip_request_item('lastname');
@ -99,7 +70,7 @@ function user_settings() {
$mobile = strip_request_item('mobile'); $mobile = strip_request_item('mobile');
if (isset($_REQUEST['hometown'])) if (isset($_REQUEST['hometown']))
$hometown = strip_request_item('hometown'); $hometown = strip_request_item('hometown');
if ($ok) { if ($ok) {
sql_query(" sql_query("
UPDATE `User` SET UPDATE `User` SET
@ -116,43 +87,13 @@ function user_settings() {
`Size`='" . sql_escape($tshirt_size) . "', `Size`='" . sql_escape($tshirt_size) . "',
`Hometown`='" . sql_escape($hometown) . "' `Hometown`='" . sql_escape($hometown) . "'
WHERE `UID`=" . sql_escape($user['UID'])); WHERE `UID`=" . sql_escape($user['UID']));
// Assign angel-types
$deleted_angel_type_names = array();
$added_angel_type_names = array();
foreach($selected_angel_types_source as $source_angel_type) {
if (!in_array($source_angel_type["angeltype_id"], $selected_angel_types)) {
$deleted_angel_type_names[] = $angel_types[$source_angel_type["angeltype_id"]];
sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`='" . sql_escape($user['UID']) . "' AND `angeltype_id` = ". sql_escape($source_angel_type["angeltype_id"]));
}
}
foreach($selected_angel_types as $selected_angel_type) {
if (!in_array($selected_angel_type, $selected_angel_types_source_ids)) {
$added_angel_type_names[] = $angel_types[$selected_angel_type];
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type));
}
}
if(count($deleted_angel_type_names) > 0 || count($added_angel_type_names) > 0) {
$log_message = "User changed his own Angel Types. ";
if(count($deleted_angel_type_names) > 0) {
$log_message .= "Removed: " . implode(", ", $deleted_angel_type_names) . " ";
}
if(count($added_angel_type_names) > 0) {
$log_message .= "Added: " . implode(", ", $added_angel_type_names);
}
engelsystem_log($log_message);
}
success(_("Settings saved.")); success(_("Settings saved."));
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} }
} elseif (isset($_REQUEST['submit_password'])) { } elseif (isset($_REQUEST['submit_password'])) {
$ok = true; $ok = true;
if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
$msg .= error(_("-> not OK. Please try again."), true); $msg .= error(_("-> not OK. Please try again."), true);
elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
@ -166,58 +107,58 @@ function user_settings() {
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} elseif (isset($_REQUEST['submit_theme'])) { } elseif (isset($_REQUEST['submit_theme'])) {
$ok = true; $ok = true;
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']]))
$selected_theme = $_REQUEST['theme']; $selected_theme = $_REQUEST['theme'];
else else
$ok = false; $ok = false;
if ($ok) { if ($ok) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID'])); sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
success(_("Theme changed.")); success(_("Theme changed."));
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} }
} elseif (isset($_REQUEST['submit_language'])) { } elseif (isset($_REQUEST['submit_language'])) {
$ok = true; $ok = true;
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']]))
$selected_language = $_REQUEST['language']; $selected_language = $_REQUEST['language'];
else else
$ok = false; $ok = false;
if ($ok) { if ($ok) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID'])); sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
$_SESSION['locale'] = $selected_language; $_SESSION['locale'] = $selected_language;
success("Language changed."); success("Language changed.");
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} }
} }
return page_with_title(settings_title(), array( return page_with_title(settings_title(), array(
sprintf(_("Hello %s, here you can change your personal settings i.e. password, color settings etc."), User_Nick_render($user)),
$msg, $msg,
msg(), msg(),
div('row', array( div('row', array(
div('col-md-6', array( div('col-md-6', array(
form(array( form(array(
form_info(_("Here you can change your user details.")), form_info('', _("Here you can change your user details.")),
form_text('nick', _("Nick") . "*", $nick), form_info(entry_required() . ' = ' . _("Entry required!")),
form_text('nick', _("Nick") . ' ' . entry_required(), $nick, true),
form_text('lastname', _("Last name"), $lastname), form_text('lastname', _("Last name"), $lastname),
form_text('prename', _("First name"), $prename), form_text('prename', _("First name"), $prename),
form_text('age', _("Age"), $age), form_text('age', _("Age"), $age),
form_text('tel', _("Phone"), $tel), form_text('tel', _("Phone"), $tel),
form_text('dect', _("DECT"), $dect), form_text('dect', _("DECT"), $dect),
form_text('mobile', _("Mobile"), $mobile), form_text('mobile', _("Mobile"), $mobile),
form_text('mail', _("E-Mail") . "*", $mail), form_text('mail', _("E-Mail") . ' ' . entry_required(), $mail),
form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo), form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo),
form_text('jabber', _("Jabber"), $jabber), form_text('jabber', _("Jabber"), $jabber),
form_text('hometown', _("Hometown"), $hometown), form_text('hometown', _("Hometown"), $hometown),
$enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '', $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '',
form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types), form_info('', _('Please visit the angeltypes page to manage your angeltypes.')),
form_submit('submit', _("Save")) form_submit('submit', _("Save"))
)) ))
)), )),
div('col-md-6', array( div('col-md-6', array(
form(array( form(array(
@ -225,20 +166,20 @@ function user_settings() {
form_password('password', _("Old password:")), form_password('password', _("Old password:")),
form_password('new_password', _("New password:")), form_password('new_password', _("New password:")),
form_password('new_password2', _("Password confirmation:")), form_password('new_password2', _("Password confirmation:")),
form_submit('submit_password', _("Save")) form_submit('submit_password', _("Save"))
)), )),
form(array( form(array(
form_info(_("Here you can choose your color settings:")), form_info(_("Here you can choose your color settings:")),
form_select('theme', _("Color settings:"), $themes, $selected_theme), form_select('theme', _("Color settings:"), $themes, $selected_theme),
form_submit('submit_theme', _("Save")) form_submit('submit_theme', _("Save"))
)), )),
form(array( form(array(
form_info(_("Here you can choose your language:")), form_info(_("Here you can choose your language:")),
form_select('language', _("Language:"), $locales, $selected_language), form_select('language', _("Language:"), $locales, $selected_language),
form_submit('submit_language', _("Save")) form_submit('submit_language', _("Save"))
)) ))
)) ))
)) ))
)); ));
} }
?> ?>