Merge pull request #344 from MyIgel/master

Prepared routing, added symfony http Closes #336 and closes #337
This commit is contained in:
msquare 2017-09-11 17:52:55 +02:00 committed by GitHub
commit 3591606130
62 changed files with 1132 additions and 708 deletions

View File

@ -8,7 +8,7 @@ Please visit https://engelsystem.de for a feature list.
## Installation
### Requirements:
* PHP >= 5.6.4, PHP >= 7.0.0 recommended
* PHP >= 7.0.0
* MySQL-Server >= 5.5.x
* Webserver, i.e. lighttpd, nginx, or Apache

View File

@ -14,12 +14,13 @@
}
],
"require": {
"php": ">=5.6.4",
"php": ">=7.0.0",
"erusev/parsedown": "1.6.*",
"twbs/bootstrap": "^3.3"
"twbs/bootstrap": "^3.3",
"symfony/http-foundation": "^3.3"
},
"require-dev": {
"phpunit/phpunit": "^6.2"
"phpunit/phpunit": "^6.3"
},
"autoload": {
"psr-4": {

View File

@ -4,7 +4,7 @@
return [
// MySQL-Connection Settings
'database' => [
'database' => [
'host' => 'localhost',
'user' => 'root',
'pw' => '',
@ -12,28 +12,28 @@ return [
],
// For accessing stats
'api_key' => '',
'api_key' => '',
// Enable maintenance mode (show a static page)
'maintenance' => false,
'maintenance' => false,
// Set to development to enable debugging messages
'environment' => 'production',
'environment' => 'production',
// URL to the angel faq and job description
'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers',
'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers',
// Contact email address, linked on every page
'contact_email' => 'mailto:ticket@c3heaven.de',
'contact_email' => 'mailto:ticket@c3heaven.de',
// From address of all emails
'no_reply_email' => 'noreply@engelsystem.de',
'no_reply_email' => 'noreply@engelsystem.de',
// Default theme, 1=style1.css
'theme' => 1,
'theme' => 1,
// Available themes
'available_themes' => [
'available_themes' => [
'4' => 'Engelsystem 33c3 (2016)',
'3' => 'Engelsystem 32c3 (2015)',
'2' => 'Engelsystem cccamp15',
@ -42,10 +42,13 @@ return [
],
// Number of News shown on one site
'display_news' => 6,
'display_news' => 6,
// Only arrived angels can sign up for shifts
'signup_requires_arrival' => false,
// Anzahl Stunden bis zum Austragen eigener Schichten
'last_unsubscribe' => 3,
'last_unsubscribe' => 3,
// Setzt den zu verwendenden Crypto-Algorithmus (entsprechend der Dokumentation von crypt()).
// Falls ein Benutzerpasswort in einem anderen Format gespeichert ist,
@ -55,7 +58,7 @@ return [
// Blowfish '$2y$13'
// SHA-256 '$5$rounds=5000'
// SHA-512 '$6$rounds=5000'
'crypt_alg' => '$6$rounds=5000', // SHA-512
'crypt_alg' => '$6$rounds=5000',
'min_password_length' => 8,

View File

@ -8,19 +8,23 @@ ALTER TABLE `User` ADD COLUMN `email_by_human_allowed` BOOLEAN NOT NULL;
-- No Self Sign Up for some Angel Types
ALTER TABLE AngelTypes ADD no_self_signup TINYINT(1) NOT NULL;
ALTER TABLE `AngelTypes`
ADD `contact_user_id` INT NULL,
ADD `contact_name` VARCHAR(250) NULL,
ADD `contact_dect` VARCHAR(5) NULL,
ADD `contact_email` VARCHAR(250) NULL,
ALTER TABLE `AngelTypes`
ADD `contact_user_id` INT NULL,
ADD `contact_name` VARCHAR(250) NULL,
ADD `contact_dect` VARCHAR(5) NULL,
ADD `contact_email` VARCHAR(250) NULL,
ADD INDEX (`contact_user_id`);
ALTER TABLE `AngelTypes`
ALTER TABLE `AngelTypes`
ADD FOREIGN KEY (`contact_user_id`) REFERENCES `User`(`UID`) ON DELETE SET NULL ON UPDATE CASCADE;
INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (NULL, 'shiftentry_edit_angeltype_supporter', 'If user with this privilege is angeltype supporter, he can put users in shifts for their angeltype');
-- DB Performance
ALTER TABLE `Shifts` ADD INDEX(`start`);
ALTER TABLE `NeededAngelTypes` ADD INDEX(`count`);
ALTER TABLE `NeededAngelTypes` ADD INDEX(`count`);
-- Security
UPDATE `Groups` SET UID = UID * 10;
INSERT INTO `Groups` (Name, UID) VALUES ('News Admin', -65);
INSERT INTO `Privileges` (id, name, `desc`) VALUES (42, 'admin_news_html', 'Use HTML in news');
INSERT INTO `GroupPrivileges` (group_id, privilege_id) VALUES (-65, 14), (-65, 42);

9
includes/autoload.php Normal file
View File

@ -0,0 +1,9 @@
<?php
// Check for autoloader
if (!is_readable(__DIR__ . '/../vendor/autoload.php')) {
die('Please run composer.phar install');
}
// Include composer autoloader
require_once __DIR__ . '/../vendor/autoload.php';

View File

@ -42,7 +42,7 @@ function angeltypes_controller()
*/
function angeltype_link($angeltype_id)
{
return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id;
return page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype_id]);
}
/**
@ -127,7 +127,7 @@ function angeltype_edit_controller()
if (!$supporter_mode) {
if ($request->has('name')) {
$result = AngelType_validate_name($request->input('name'), $angeltype);
$result = AngelType_validate_name($request->postData('name'), $angeltype);
$angeltype['name'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
@ -211,17 +211,21 @@ function angeltypes_list_controller()
foreach ($angeltypes as &$angeltype) {
$actions = [
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('view'), 'btn-xs')
button(
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('view'),
'btn-xs'
)
];
if (in_array('admin_angel_types', $privileges)) {
$actions[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
page_link_to('angeltypes', ['action' => 'edit', 'angeltype_id' => $angeltype['id']]),
_('edit'),
'btn-xs'
);
$actions[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
page_link_to('angeltypes', ['action' => 'delete', 'angeltype_id' => $angeltype['id']]),
_('delete'),
'btn-xs'
);
@ -230,13 +234,15 @@ function angeltypes_list_controller()
$angeltype['membership'] = AngelType_render_membership($angeltype);
if ($angeltype['user_angeltype_id'] != null) {
$actions[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
page_link_to('user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $angeltype['user_angeltype_id']]
),
_('leave'),
'btn-xs'
);
} else {
$actions[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
_('join'),
'btn-xs'
);
@ -245,7 +251,11 @@ function angeltypes_list_controller()
$angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : '';
$angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share');
$angeltype['name'] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'] . '">' . $angeltype['name'] . '</a>';
$angeltype['name'] = '<a href="'
. page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])
. '">'
. $angeltype['name']
. '</a>';
$angeltype['actions'] = table_buttons($actions);
}

View File

@ -1,4 +1,5 @@
<?php
use Engelsystem\ShiftsFilter;
use Engelsystem\ShiftsFilterRenderer;
@ -88,7 +89,7 @@ function rooms_controller()
*/
function room_link($room)
{
return page_link_to('rooms') . '&action=view&room_id=' . $room['RID'];
return page_link_to('rooms', ['action' => 'view', 'room_id' => $room['RID']]);
}
/**
@ -97,7 +98,7 @@ function room_link($room)
*/
function room_edit_link($room)
{
return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'];
return page_link_to('admin_rooms', ['show' => 'edit', 'id' => $room['RID']]);
}
/**

View File

@ -13,7 +13,7 @@ function shift_entry_add_controller()
$request = request();
$shift_id = 0;
if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) {
if ($request->has('shift_id') && preg_match('/^\d+$/', $request->input('shift_id'))) {
$shift_id = $request->input('shift_id');
} else {
redirect(page_link_to('user_shifts'));
@ -27,13 +27,13 @@ function shift_entry_add_controller()
}
$shift = Shift($shift_id);
$shift['Name'] = $room_array[$shift['RID']];
if ($shift == null) {
redirect(page_link_to('user_shifts'));
}
$shift['Name'] = $room_array[$shift['RID']];
$type_id = 0;
if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) {
if ($request->has('type_id') && preg_match('/^\d+$/', $request->input('type_id'))) {
$type_id = $request->input('type_id');
} else {
redirect(page_link_to('user_shifts'));
@ -64,7 +64,7 @@ function shift_entry_add_controller()
if (
$request->has('user_id')
&& preg_match('/^\d*$/', $request->input('user_id'))
&& preg_match('/^\d+$/', $request->input('user_id'))
&& (
in_array('user_shifts_admin', $privileges)
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)

View File

@ -1,4 +1,5 @@
<?php
use Engelsystem\ShiftSignupState;
/**
@ -7,10 +8,13 @@ use Engelsystem\ShiftSignupState;
*/
function shift_link($shift)
{
$link = page_link_to('shifts') . '&action=view';
$parameters = ['action' => 'view'];
if (isset($shift['SID'])) {
$link .= '&shift_id=' . $shift['SID'];
$parameters['shift_id'] = $shift['SID'];
}
$link = page_link_to('shifts', $parameters);
return $link;
}
@ -20,7 +24,7 @@ function shift_link($shift)
*/
function shift_delete_link($shift)
{
return page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'];
return page_link_to('user_shifts', ['delete_shift' => $shift['SID']]);
}
/**
@ -29,7 +33,7 @@ function shift_delete_link($shift)
*/
function shift_edit_link($shift)
{
return page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'];
return page_link_to('user_shifts', ['edit_shift' => $shift['SID']]);
}
/**
@ -61,7 +65,7 @@ function shift_edit_controller()
$angeltypes = select_array(AngelTypes(), 'id', 'name');
$shifttypes = select_array(ShiftTypes(), 'id', 'name');
$needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'id', 'count');
$needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'angel_type_id', 'count');
foreach (array_keys($angeltypes) as $angeltype_id) {
if (!isset($needed_angel_types[$angeltype_id])) {
$needed_angel_types[$angeltype_id] = 0;
@ -116,15 +120,20 @@ function shift_edit_controller()
$msg .= error(_('The ending time has to be after the starting time.'), true);
}
foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) {
$needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id));
} else {
$valid = false;
$msg .= error(sprintf(
_('Please check your input for needed angels of type %s.'),
$needed_angeltype_name
), true);
foreach ($needed_angel_types as $needed_angeltype_id => $count) {
$needed_angel_types[$needed_angeltype_id] = 0;
$queryKey = 'type_' . $needed_angeltype_id;
if ($request->has($queryKey)) {
if (test_request_int($queryKey)) {
$needed_angel_types[$needed_angeltype_id] = trim($request->input($queryKey));
} else {
$valid = false;
$msg .= error(sprintf(
_('Please check your input for needed angels of type %s.'),
$angeltypes[$needed_angeltype_id]
), true);
}
}
}
@ -195,7 +204,7 @@ function shift_delete_controller()
}
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) {
if (!$request->has('delete_shift') || !preg_match('/^\d+$/', $request->input('delete_shift'))) {
redirect(page_link_to('user_shifts'));
}
$shift_id = $request->input('delete_shift');
@ -225,7 +234,9 @@ function shift_delete_controller()
date('Y-m-d H:i', $shift['start']),
date('H:i', $shift['end'])
), true),
'<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _('delete') . '</a>'
'<a class="button" href="'
. page_link_to('user_shifts', ['delete_shift' => $shift_id, 'delete' => 1]) .
'">' . _('delete') . '</a>'
]);
}
@ -308,8 +319,6 @@ function shifts_controller()
/**
* Redirects the user to his next shift.
*
* @return false
*/
function shift_next_controller()
{

View File

@ -6,7 +6,7 @@
*/
function shifttype_link($shifttype)
{
return page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'];
return page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype['id']]);
}
/**
@ -100,7 +100,7 @@ function shifttype_edit_controller()
engelsystem_log('Created shifttype ' . $name);
success(_('Created shifttype.'));
}
redirect(page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype_id);
redirect(page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype_id]));
}
}

View File

@ -17,8 +17,7 @@ function user_angeltypes_unconfirmed_hint()
$unconfirmed_links = [];
foreach ($unconfirmed_user_angeltypes as $user_angeltype) {
$unconfirmed_links[] = '<a href="'
. page_link_to('angeltypes')
. '&action=view&angeltype_id=' . $user_angeltype['angeltype_id']
. page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $user_angeltype['angeltype_id']])
. '">' . $user_angeltype['name']
. ' (+' . $user_angeltype['count'] . ')'
. '</a>';
@ -61,7 +60,7 @@ function user_angeltypes_delete_all_controller()
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
success(sprintf(_('Denied all users for angeltype %s.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
return [
@ -107,7 +106,7 @@ function user_angeltypes_confirm_all_controller()
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
success(sprintf(_('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
return [
@ -167,7 +166,7 @@ function user_angeltype_confirm_controller()
User_Nick_render($user_source),
AngelType_name_render($angeltype)
));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
return [
@ -221,7 +220,7 @@ function user_angeltype_delete_controller()
engelsystem_log($success_message);
success($success_message);
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
return [
@ -287,7 +286,7 @@ function user_angeltype_update_controller()
engelsystem_log($success_message);
success($success_message);
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
return [
@ -341,7 +340,7 @@ function user_angeltype_add_controller()
AngelType_name_render($angeltype)
));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
}
@ -383,7 +382,7 @@ function user_angeltype_join_controller($angeltype)
));
}
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
}
return [

View File

@ -63,7 +63,7 @@ function user_driver_license_edit_link($user = null)
if ($user == null) {
return page_link_to('user_driver_licenses');
}
return page_link_to('user_driver_licenses') . '&user_id=' . $user['UID'];
return page_link_to('user_driver_licenses', ['user_id' => $user['UID']]);
}
/**

View File

@ -47,7 +47,7 @@ function user_delete_controller()
$request = request();
if ($request->has('user_id')) {
$user_source = User($request->get('user_id'));
$user_source = User($request->query->get('user_id'));
} else {
$user_source = $user;
}
@ -68,7 +68,7 @@ function user_delete_controller()
if (
!(
$request->has('password')
&& verify_password($request->post('password'), $user['Passwort'], $user['UID'])
&& verify_password($request->postData('password'), $user['Passwort'], $user['UID'])
)
) {
$valid = false;
@ -106,7 +106,7 @@ function users_link()
*/
function user_edit_link($user)
{
return page_link_to('admin_user') . '&user_id=' . $user['UID'];
return page_link_to('admin_user', ['user_id' => $user['UID']]);
}
/**
@ -115,7 +115,7 @@ function user_edit_link($user)
*/
function user_delete_link($user)
{
return page_link_to('users') . '&action=delete&user_id=' . $user['UID'];
return page_link_to('users', ['action' => 'delete', 'user_id' => $user['UID']]);
}
/**
@ -124,7 +124,7 @@ function user_delete_link($user)
*/
function user_link($user)
{
return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
return page_link_to('users', ['action' => 'view', 'user_id' => $user['UID']]);
}
/**
@ -297,9 +297,9 @@ function user_password_recovery_set_new_controller()
if (
$request->has('password')
&& strlen($request->post('password')) >= config('min_password_length')
&& strlen($request->postData('password')) >= config('min_password_length')
) {
if ($request->post('password') != $request->post('password2')) {
if ($request->postData('password') != $request->postData('password2')) {
$valid = false;
error(_('Your passwords don\'t match.'));
}
@ -309,7 +309,7 @@ function user_password_recovery_set_new_controller()
}
if ($valid) {
set_password($user_source['UID'], $request->post('password'));
set_password($user_source['UID'], $request->postData('password'));
success(_('Password saved.'));
redirect(page_link_to('login'));
}
@ -353,7 +353,7 @@ function user_password_recovery_start_controller()
_('Password recovery'),
sprintf(
_('Please visit %s to recover your password.'),
page_link_to_absolute('user_password_recovery') . '&token=' . $token
page_link_to('user_password_recovery', ['token' => $token])
)
);
success(_('We sent an email containing your password recovery link.'));

View File

@ -6,16 +6,13 @@ use Engelsystem\Exceptions\Handler as ExceptionHandler;
use Engelsystem\Http\Request;
use Engelsystem\Renderer\HtmlEngine;
use Engelsystem\Renderer\Renderer;
use Symfony\Component\HttpFoundation\Session\Session;
/**
* This file includes all needed functions, connects to the db etc.
*/
if (!is_readable(__DIR__ . '/../vendor/autoload.php')) {
die('Please run composer.phar install');
}
require __DIR__ . '/../vendor/autoload.php';
require_once __DIR__ . '/autoload.php';
/**
* Load configuration
@ -36,9 +33,10 @@ date_default_timezone_set($config->get('timezone'));
/**
* Initialize Request
*
* @var Request $request
*/
$request = new Request();
$request->create();
$request = Request::createFromGlobals();
$request::setInstance($request);
/**
@ -86,88 +84,95 @@ Db::getPdo()->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
/**
* Include legacy code
*/
require_once realpath(__DIR__ . '/../includes/sys_auth.php');
require_once realpath(__DIR__ . '/../includes/sys_form.php');
require_once realpath(__DIR__ . '/../includes/sys_log.php');
require_once realpath(__DIR__ . '/../includes/sys_menu.php');
require_once realpath(__DIR__ . '/../includes/sys_page.php');
require_once realpath(__DIR__ . '/../includes/sys_template.php');
$includeFiles = [
__DIR__ . '/../includes/sys_auth.php',
__DIR__ . '/../includes/sys_form.php',
__DIR__ . '/../includes/sys_log.php',
__DIR__ . '/../includes/sys_menu.php',
__DIR__ . '/../includes/sys_page.php',
__DIR__ . '/../includes/sys_template.php',
require_once realpath(__DIR__ . '/../includes/model/AngelType_model.php');
require_once realpath(__DIR__ . '/../includes/model/EventConfig_model.php');
require_once realpath(__DIR__ . '/../includes/model/LogEntries_model.php');
require_once realpath(__DIR__ . '/../includes/model/Message_model.php');
require_once realpath(__DIR__ . '/../includes/model/NeededAngelTypes_model.php');
require_once realpath(__DIR__ . '/../includes/model/Room_model.php');
require_once realpath(__DIR__ . '/../includes/model/ShiftEntry_model.php');
require_once realpath(__DIR__ . '/../includes/model/Shifts_model.php');
require_once realpath(__DIR__ . '/../includes/model/ShiftsFilter.php');
require_once realpath(__DIR__ . '/../includes/model/ShiftSignupState.php');
require_once realpath(__DIR__ . '/../includes/model/ShiftTypes_model.php');
require_once realpath(__DIR__ . '/../includes/model/UserAngelTypes_model.php');
require_once realpath(__DIR__ . '/../includes/model/UserDriverLicenses_model.php');
require_once realpath(__DIR__ . '/../includes/model/UserGroups_model.php');
require_once realpath(__DIR__ . '/../includes/model/User_model.php');
require_once realpath(__DIR__ . '/../includes/model/ValidationResult.php');
__DIR__ . '/../includes/model/AngelType_model.php',
__DIR__ . '/../includes/model/EventConfig_model.php',
__DIR__ . '/../includes/model/LogEntries_model.php',
__DIR__ . '/../includes/model/Message_model.php',
__DIR__ . '/../includes/model/NeededAngelTypes_model.php',
__DIR__ . '/../includes/model/Room_model.php',
__DIR__ . '/../includes/model/ShiftEntry_model.php',
__DIR__ . '/../includes/model/Shifts_model.php',
__DIR__ . '/../includes/model/ShiftsFilter.php',
__DIR__ . '/../includes/model/ShiftSignupState.php',
__DIR__ . '/../includes/model/ShiftTypes_model.php',
__DIR__ . '/../includes/model/UserAngelTypes_model.php',
__DIR__ . '/../includes/model/UserDriverLicenses_model.php',
__DIR__ . '/../includes/model/UserGroups_model.php',
__DIR__ . '/../includes/model/User_model.php',
__DIR__ . '/../includes/model/ValidationResult.php',
require_once realpath(__DIR__ . '/../includes/view/AngelTypes_view.php');
require_once realpath(__DIR__ . '/../includes/view/EventConfig_view.php');
require_once realpath(__DIR__ . '/../includes/view/Questions_view.php');
require_once realpath(__DIR__ . '/../includes/view/Rooms_view.php');
require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarLane.php');
require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarRenderer.php');
require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarShiftRenderer.php');
require_once realpath(__DIR__ . '/../includes/view/ShiftsFilterRenderer.php');
require_once realpath(__DIR__ . '/../includes/view/Shifts_view.php');
require_once realpath(__DIR__ . '/../includes/view/ShiftEntry_view.php');
require_once realpath(__DIR__ . '/../includes/view/ShiftTypes_view.php');
require_once realpath(__DIR__ . '/../includes/view/UserAngelTypes_view.php');
require_once realpath(__DIR__ . '/../includes/view/UserDriverLicenses_view.php');
require_once realpath(__DIR__ . '/../includes/view/UserHintsRenderer.php');
require_once realpath(__DIR__ . '/../includes/view/User_view.php');
__DIR__ . '/../includes/view/AngelTypes_view.php',
__DIR__ . '/../includes/view/EventConfig_view.php',
__DIR__ . '/../includes/view/Questions_view.php',
__DIR__ . '/../includes/view/Rooms_view.php',
__DIR__ . '/../includes/view/ShiftCalendarLane.php',
__DIR__ . '/../includes/view/ShiftCalendarRenderer.php',
__DIR__ . '/../includes/view/ShiftCalendarShiftRenderer.php',
__DIR__ . '/../includes/view/ShiftsFilterRenderer.php',
__DIR__ . '/../includes/view/Shifts_view.php',
__DIR__ . '/../includes/view/ShiftEntry_view.php',
__DIR__ . '/../includes/view/ShiftTypes_view.php',
__DIR__ . '/../includes/view/UserAngelTypes_view.php',
__DIR__ . '/../includes/view/UserDriverLicenses_view.php',
__DIR__ . '/../includes/view/UserHintsRenderer.php',
__DIR__ . '/../includes/view/User_view.php',
require_once realpath(__DIR__ . '/../includes/controller/angeltypes_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/event_config_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/rooms_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/shift_entries_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/shifttypes_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/user_angeltypes_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/user_driver_licenses_controller.php');
__DIR__ . '/../includes/controller/angeltypes_controller.php',
__DIR__ . '/../includes/controller/event_config_controller.php',
__DIR__ . '/../includes/controller/rooms_controller.php',
__DIR__ . '/../includes/controller/shift_entries_controller.php',
__DIR__ . '/../includes/controller/shifts_controller.php',
__DIR__ . '/../includes/controller/shifttypes_controller.php',
__DIR__ . '/../includes/controller/users_controller.php',
__DIR__ . '/../includes/controller/user_angeltypes_controller.php',
__DIR__ . '/../includes/controller/user_driver_licenses_controller.php',
require_once realpath(__DIR__ . '/../includes/helper/graph_helper.php');
require_once realpath(__DIR__ . '/../includes/helper/internationalization_helper.php');
require_once realpath(__DIR__ . '/../includes/helper/message_helper.php');
require_once realpath(__DIR__ . '/../includes/helper/error_helper.php');
require_once realpath(__DIR__ . '/../includes/helper/email_helper.php');
__DIR__ . '/../includes/helper/graph_helper.php',
__DIR__ . '/../includes/helper/internationalization_helper.php',
__DIR__ . '/../includes/helper/message_helper.php',
__DIR__ . '/../includes/helper/error_helper.php',
__DIR__ . '/../includes/helper/email_helper.php',
require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php');
require_once realpath(__DIR__ . '/../includes/mailer/users_mailer.php');
__DIR__ . '/../includes/mailer/shifts_mailer.php',
__DIR__ . '/../includes/mailer/users_mailer.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_active.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_arrive.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_free.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_groups.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_import.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_log.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_questions.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_rooms.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_shifts.php');
require_once realpath(__DIR__ . '/../includes/pages/admin_user.php');
require_once realpath(__DIR__ . '/../includes/pages/guest_login.php');
require_once realpath(__DIR__ . '/../includes/pages/user_messages.php');
require_once realpath(__DIR__ . '/../includes/pages/user_myshifts.php');
require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
require_once realpath(__DIR__ . '/../includes/pages/user_questions.php');
require_once realpath(__DIR__ . '/../includes/pages/user_settings.php');
require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php');
__DIR__ . '/../includes/pages/admin_active.php',
__DIR__ . '/../includes/pages/admin_arrive.php',
__DIR__ . '/../includes/pages/admin_free.php',
__DIR__ . '/../includes/pages/admin_groups.php',
__DIR__ . '/../includes/pages/admin_import.php',
__DIR__ . '/../includes/pages/admin_log.php',
__DIR__ . '/../includes/pages/admin_questions.php',
__DIR__ . '/../includes/pages/admin_rooms.php',
__DIR__ . '/../includes/pages/admin_shifts.php',
__DIR__ . '/../includes/pages/admin_user.php',
__DIR__ . '/../includes/pages/guest_login.php',
__DIR__ . '/../includes/pages/user_messages.php',
__DIR__ . '/../includes/pages/user_myshifts.php',
__DIR__ . '/../includes/pages/user_news.php',
__DIR__ . '/../includes/pages/user_questions.php',
__DIR__ . '/../includes/pages/user_settings.php',
__DIR__ . '/../includes/pages/user_shifts.php',
];
foreach ($includeFiles as $file) {
require_once realpath($file);
}
/**
* Init application
*/
session_start();
$session = new Session();
$session->start();
$request->setSession($session);
gettext_init();

View File

@ -1,5 +1,7 @@
<?php
use Engelsystem\Http\Request;
/**
* Return currently active locale
*
@ -7,7 +9,7 @@
*/
function locale()
{
return $_SESSION['locale'];
return session()->get('locale');
}
/**
@ -27,11 +29,12 @@ function gettext_init()
{
$locales = config('locales');
$request = request();
$session = session();
if ($request->has('set_locale') && isset($locales[$request->input('set_locale')])) {
$_SESSION['locale'] = $request->input('set_locale');
} elseif (!isset($_SESSION['locale'])) {
$_SESSION['locale'] = config('default_locale');
$session->set('locale', $request->input('set_locale'));
} elseif (!$session->has('locale')) {
$session->set('locale', config('default_locale'));
}
gettext_locale();
@ -48,7 +51,7 @@ function gettext_init()
function gettext_locale($locale = null)
{
if ($locale == null) {
$locale = $_SESSION['locale'];
$locale = session()->get('locale');
}
putenv('LC_ALL=' . $locale);
@ -62,14 +65,20 @@ function gettext_locale($locale = null)
*/
function make_langselect()
{
$url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') > 0 ? '&' : '?') . 'set_locale=';
$request = Request::getInstance();
$items = [];
foreach (config('locales') as $locale => $name) {
$url = url($request->getPathInfo(), ['set_locale' => $locale]);
$items[] = toolbar_item_link(
htmlspecialchars($url) . $locale,
htmlspecialchars($url),
'',
'<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name
sprintf(
'<img src="%s" alt="%s" title="%2$s"> %2$s',
url('pic/flag/' . $locale . '.png'),
$name
)
);
}
return $items;

View File

@ -7,12 +7,12 @@
*/
function msg()
{
if (!isset($_SESSION['msg'])) {
return '';
}
$msg = $_SESSION['msg'];
$_SESSION['msg'] = '';
return $msg;
$session = session();
$message = $session->get('msg', '');
$session->set('msg', '');
return $message;
}
/**
@ -57,21 +57,23 @@ function success($msg, $immediately = false)
* @param string $class
* @param string $msg
* @param bool $immediately
* @return string|null
* @return string
*/
function alert($class, $msg, $immediately = false)
{
$session = session();
if (empty($msg)) {
return '';
}
if ($immediately) {
if ($msg == '') {
return '';
}
return '<div class="alert alert-' . $class . '">' . $msg . '</div>';
}
if (!isset($_SESSION['msg'])) {
$_SESSION['msg'] = '';
}
$_SESSION['msg'] .= alert($class, $msg, true);
$message = $session->get('msg', '');
$message .= alert($class, $msg, true);
$session->set('msg', $message);
return null;
return '';
}

View File

@ -45,7 +45,7 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts
ORDER BY `start`';
return DB::select(
$sql,
[
@ -245,6 +245,10 @@ function Shift_signup_allowed_angel(
) {
$free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
if (config('signup_requires_arrival') && !$user['Gekommen']) {
return new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, $free_entries);
}
if ($user_shifts == null) {
$user_shifts = Shifts_by_user($user);
}
@ -444,6 +448,7 @@ function Shift_update($shift)
*
* @param array $shift
* @return bool|null
* @throws Exception
*/
function Shift_update_by_psid($shift)
{

View File

@ -241,7 +241,7 @@ function Users_by_angeltype($angeltype)
`UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`,
(`UserDriverLicenses`.`user_id` IS NOT NULL) as `wants_to_drive`,
(`UserDriverLicenses`.`user_id` IS NOT NULL) AS `wants_to_drive`,
`UserDriverLicenses`.*
FROM `User`
JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`

View File

@ -82,9 +82,13 @@ function admin_active()
$limit = '';
$msg = success(_('Marked angels.'), true);
} else {
$set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; '
. _('back') . '</a> | <a href="'
. page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">'
$set_active = '<a href="' . page_link_to('admin_active', ['search' => $search]) . '">&laquo; '
. _('back')
. '</a> | <a href="'
. page_link_to(
'admin_active',
['search' => $search, 'count' => $count, 'set_active' => 1, 'ack' => 1]
) . '">'
. _('apply')
. '</a>';
}
@ -176,28 +180,46 @@ function admin_active()
$actions = [];
if ($usr['Aktiv'] == 0) {
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;active=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
$parameters = [
'active' => $usr['UID'],
'search' => $search,
];
if ($show_all_shifts) {
$parameters['show_all_shifts'] = 1;
}
$actions[] = '<a href="' . page_link_to('admin_active', $parameters) . '">'
. _('set active')
. '</a>';
}
if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;not_active=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
$parametersRemove = [
'not_active' => $usr['UID'],
'search' => $search,
];
$parametersShirt = [
'tshirt' => $usr['UID'],
'search' => $search,
];
if ($show_all_shifts) {
$parametersRemove['show_all_shifts'] = 1;
$parametersShirt['show_all_shifts'] = 1;
}
$actions[] = '<a href="' . page_link_to('admin_active', $parametersRemove) . '">'
. _('remove active')
. '</a>';
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
$actions[] = '<a href="' . page_link_to('admin_active', $parametersShirt) . '">'
. _('got t-shirt')
. '</a>';
}
if ($usr['Tshirt'] == 1) {
$actions[] = '<a href="'
. page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
$parameters = [
'not_tshirt' => $usr['UID'],
'search' => $search,
];
if ($show_all_shifts) {
$parameters['show_all_shifts'] = 1;
}
$actions[] = '<a href="' . page_link_to('admin_active', $parameters) . '">'
. _('remove t-shirt')
. '</a>';
}

View File

@ -23,7 +23,7 @@ function admin_arrive()
$search = strip_request_item('search');
}
if ($request->has('reset') && preg_match('/^\d*$/', $request->input('reset'))) {
if ($request->has('reset') && preg_match('/^\d+$/', $request->input('reset'))) {
$user_id = $request->input('reset');
$user_source = User($user_id);
if ($user_source != null) {
@ -39,7 +39,7 @@ function admin_arrive()
} else {
$msg = error(_('Angel not found.'), true);
}
} elseif ($request->has('arrived') && preg_match('/^\d*$/', $request->input('arrived'))) {
} elseif ($request->has('arrived') && preg_match('/^\d+$/', $request->input('arrived'))) {
$user_id = $request->input('arrived');
$user_source = User($user_id);
if ($user_source != null) {
@ -92,8 +92,14 @@ function admin_arrive()
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-';
$usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : '';
$usr['actions'] = $usr['Gekommen'] == 1
? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _('reset') . '</a>'
: '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _('arrived') . '</a>';
? '<a href="' . page_link_to(
'admin_arrive',
['reset' => $usr['UID'], 'search' => $search]
) . '">' . _('reset') . '</a>'
: '<a href="' . page_link_to(
'admin_arrive',
['arrived' => $usr['UID'], 'search' => $search]
) . '">' . _('arrived') . '</a>';
if ($usr['arrival_date'] > 0) {
$day = date('Y-m-d', $usr['arrival_date']);

View File

@ -94,7 +94,7 @@ function admin_free()
'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'),
'actions' =>
in_array('admin_user', $privileges)
? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _('edit'), 'btn-xs')
? button(page_link_to('admin_user', ['id' => $usr['UID']]), _('edit'), 'btn-xs')
: ''
];
}

View File

@ -38,7 +38,8 @@ function admin_groups()
'name' => $group['Name'],
'privileges' => join(', ', $privileges_html),
'actions' => button(
page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'],
page_link_to('admin_groups',
['action' => 'edit', 'id' => $group['UID']]),
_('edit'),
'btn-xs'
)
@ -80,7 +81,8 @@ function admin_groups()
'privileges[]',
$privilege['desc'] . ' (' . $privilege['name'] . ')',
$privilege['group_id'] != '',
$privilege['id']
$privilege['id'],
'privilege-' . $privilege['name']
);
$privileges_html .= sprintf(
'<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>',
@ -93,7 +95,10 @@ function admin_groups()
$privileges_form[] = form_submit('submit', _('Save'));
$html .= page_with_title(_('Edit group'), [
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id)
form(
$privileges_form,
page_link_to('admin_groups', ['action' => 'save', 'id' => $group_id])
)
]);
} else {
return error('No Group found.', true);
@ -108,7 +113,7 @@ function admin_groups()
}
$group = DB::selectOne('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
$privileges = $request->get('privileges');
$privileges = $request->postData('privileges');
if (!is_array($privileges)) {
$privileges = [];
}

View File

@ -98,10 +98,12 @@ function admin_import()
if ($valid) {
redirect(
page_link_to('admin_import')
. '&step=check&shifttype_id=' . $shifttype_id
. '&add_minutes_end=' . $add_minutes_end
. '&add_minutes_start=' . $add_minutes_start
page_link_to('admin_import', [
'step' => 'check',
'shifttype_id' => $shifttype_id,
'add_minutes_end' => $add_minutes_end,
'add_minutes_start' => $add_minutes_start,
])
);
} else {
$html .= div('well well-sm text-center', [
@ -207,10 +209,12 @@ function admin_import()
], shifts_printable($events_deleted, $shifttypes)),
form_submit('submit', _('Import'))
],
page_link_to('admin_import')
. '&step=import&shifttype_id=' . $shifttype_id
. '&add_minutes_end=' . $add_minutes_end
. '&add_minutes_start=' . $add_minutes_start
page_link_to('admin_import', [
'step' => 'import',
'shifttype_id' => $shifttype_id,
'add_minutes_end' => $add_minutes_end,
'add_minutes_start' => $add_minutes_start,
])
);
break;
@ -248,7 +252,7 @@ function admin_import()
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) {
$result = Room_create($room, true, true);
$rooms_import[trim($room)] = $result;
}
foreach ($rooms_deleted as $room) {

View File

@ -7,7 +7,7 @@ use Engelsystem\Database\DB;
*/
function admin_news()
{
global $user;
global $user, $privileges;
$request = request();
if (!$request->has('action')) {
@ -30,21 +30,31 @@ function admin_news()
case 'edit':
$user_source = User($news['UID']);
$html .= form([
form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])),
form_info(_('Author'), User_Nick_render($user_source)),
form_text('eBetreff', _('Subject'), $news['Betreff']),
form_textarea('eText', _('Message'), $news['Text']),
form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1),
form_submit('submit', _('Save'))
], page_link_to('admin_news&action=save&id=' . $news_id));
$html .= form(
[
form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])),
form_info(_('Author'), User_Nick_render($user_source)),
form_text('eBetreff', _('Subject'), $news['Betreff']),
form_textarea('eText', _('Message'), $news['Text']),
form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1),
form_submit('submit', _('Save'))
],
page_link_to('admin_news', ['action' => 'save', 'id' => $news_id])
);
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">'
$html .= '<a class="btn btn-danger" href="'
. page_link_to('admin_news', ['action' => 'delete', 'id' => $news_id])
. '">'
. '<span class="glyphicon glyphicon-trash"></span> ' . _('Delete')
. '</a>';
break;
case 'save':
$text = $request->postData('eText');
if (!in_array('admin_news_html', $privileges)) {
$text = strip_tags($text);
}
DB::update('
UPDATE `News` SET
`Datum`=?,
@ -56,14 +66,15 @@ function admin_news()
',
[
time(),
$request->post('eBetreff'),
$request->post('eText'),
strip_tags($request->postData('eBetreff')),
$text,
$user['UID'],
$request->has('eTreffen') ? 1 : 0,
$news_id
]
);
engelsystem_log('News updated: ' . $request->post('eBetreff'));
engelsystem_log('News updated: ' . $request->postData('eBetreff'));
success(_('News entry updated.'));
redirect(page_link_to('news'));
break;

View File

@ -52,9 +52,9 @@ function admin_questions()
'answer' => form([
form_textarea('answer', '', ''),
form_submit('submit', _('Save'))
], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
], page_link_to('admin_questions', ['action' => 'answer', 'id' => $question['QID']])),
'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
page_link_to('admin_questions', ['action' => 'delete', 'id' => $question['QID']]),
_('delete'),
'btn-xs'
)
@ -72,7 +72,7 @@ function admin_questions()
'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", '<br />', $question['Answer']),
'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
page_link_to('admin_questions', ['action' => 'delete', 'id' => $question['QID']]),
_('delete'),
'btn-xs'
)

View File

@ -25,8 +25,8 @@ function admin_rooms()
'from_pentabarf' => glyph_bool($room['FromPentabarf'] == 'Y'),
'public' => glyph_bool($room['show'] == 'Y'),
'actions' => table_buttons([
button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _('edit'), 'btn-xs'),
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _('delete'), 'btn-xs')
button(page_link_to('admin_rooms', ['show' => 'edit', 'id' => $room['RID']]), _('edit'), 'btn-xs'),
button(page_link_to('admin_rooms', ['show' => 'delete', 'id' => $room['RID']]), _('delete'), 'btn-xs')
])
];
}
@ -107,11 +107,14 @@ function admin_rooms()
}
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (
$request->has('angeltype_count_' . $angeltype_id)
&& preg_match('/^\d{1,4}$/', $request->input('angeltype_count_' . $angeltype_id))
) {
$angeltypes_count[$angeltype_id] = $request->input('angeltype_count_' . $angeltype_id);
$angeltypes_count[$angeltype_id] = 0;
$queryKey = 'angeltype_count_' . $angeltype_id;
if (!$request->has($queryKey)) {
continue;
}
if (preg_match('/^\d{1,4}$/', $request->input($queryKey))) {
$angeltypes_count[$angeltype_id] = $request->input($queryKey);
} else {
$valid = false;
$msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
@ -220,7 +223,7 @@ function admin_rooms()
sprintf(_('Do you want to delete room %s?'), $name),
buttons([
button(
page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack',
page_link_to('admin_rooms', ['show' => 'delete', 'id' => $room_id, 'ack' => 1]),
_('Delete'),
'delete btn-danger'
)
@ -231,7 +234,7 @@ function admin_rooms()
return page_with_title(admin_rooms_title(), [
buttons([
button(page_link_to('admin_rooms') . '&show=edit', _('add'))
button(page_link_to('admin_rooms', ['show' => 'edit']), _('add'))
]),
msg(),
table([

View File

@ -19,6 +19,7 @@ function admin_shifts()
{
$valid = true;
$request = request();
$session = session();
$start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
$end = $start;
$mode = 'single';
@ -132,16 +133,14 @@ function admin_shifts()
} elseif ($request->input('angelmode') == 'manually') {
$angelmode = 'manually';
foreach ($types as $type) {
if (
$request->has('type_' . $type['id'])
&& preg_match('/^\d+$/', trim($request->input('type_' . $type['id'])))
) {
$needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id']));
if (preg_match('/^\d+$/', trim($request->input('type_' . $type['id'], 0)))) {
$needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id'], 0));
} else {
$valid = false;
error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
}
}
if (array_sum($needed_angel_types) == 0) {
$valid = false;
error(_('There are 0 angels needed. Please enter the amounts of needed angels.'));
@ -272,8 +271,8 @@ function admin_shifts()
}
// Fürs Anlegen zwischenspeichern:
$_SESSION['admin_shifts_shifts'] = $shifts;
$_SESSION['admin_shifts_types'] = $needed_angel_types;
$session->set('admin_shifts_shifts', $shifts);
$session->set('admin_shifts_types', $needed_angel_types);
$hidden_types = '';
foreach ($needed_angel_types as $type_id => $count) {
@ -303,16 +302,14 @@ function admin_shifts()
}
} elseif ($request->has('submit')) {
if (
!$request->has('admin_shifts_shifts')
|| !isset($_SESSION['admin_shifts_types'])
|| !is_array($_SESSION['admin_shifts_shifts'])
|| !is_array($_SESSION['admin_shifts_types'])
!is_array($session->get('admin_shifts_shifts'))
|| !is_array($session->get('admin_shifts_types'))
) {
redirect(page_link_to('admin_shifts'));
}
$needed_angel_types_info = [];
foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
foreach ($session->get('admin_shifts_shifts', []) as $shift) {
$shift['URL'] = null;
$shift['PSID'] = null;
$shift_id = Shift_create($shift);
@ -324,7 +321,7 @@ function admin_shifts()
. ' to ' . date('Y-m-d H:i', $shift['end'])
);
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
foreach ($session->get('admin_shifts_types', []) as $type_id => $count) {
$angel_type_source = DB::selectOne('
SELECT *
FROM `AngelTypes`
@ -350,8 +347,8 @@ function admin_shifts()
success('Schichten angelegt.');
redirect(page_link_to('admin_shifts'));
} else {
unset($_SESSION['admin_shifts_shifts']);
unset($_SESSION['admin_shifts_types']);
$session->remove('admin_shifts_shifts');
$session->remove('admin_shifts_types');
}
$rid = null;

View File

@ -46,25 +46,27 @@ function admin_user()
. 'Wenn T-Shirt ein \'Ja\' enth&auml;lt, bedeutet dies, dass der Engel '
. 'bereits sein T-Shirt erhalten hat.<br /><br />' . "\n";
$html .= '<form action="' . page_link_to('admin_user') . '&action=save&id=' . $user_id . '" method="post">' . "\n";
$html .= '<form action="'
. page_link_to('admin_user', ['action' => 'save', 'id' => $user_id])
. '" method="post">' . "\n";
$html .= '<table border="0">' . "\n";
$html .= '<input type="hidden" name="Type" value="Normal">' . "\n";
$html .= '<tr><td>' . "\n";
$html .= '<table>' . "\n";
$html .= ' <tr><td>Nick</td><td>' . '<input type="text" size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Nick</td><td>' . '<input size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Last login</td><td><p class="help-block">'
. date('Y-m-d H:i', $user_source['lastLogIn'])
. '</p></td></tr>' . "\n";
$html .= ' <tr><td>Name</td><td>' . '<input type="text" size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Vorname</td><td>' . '<input type="text" size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Alter</td><td>' . '<input type="text" size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Telefon</td><td>' . '<input type="text" size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Handy</td><td>' . '<input type="text" size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>DECT</td><td>' . '<input type="text" size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Name</td><td>' . '<input size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Vorname</td><td>' . '<input size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Alter</td><td>' . '<input size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Telefon</td><td>' . '<input size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Handy</td><td>' . '<input size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>DECT</td><td>' . '<input size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n";
if ($user_source['email_by_human_allowed']) {
$html .= " <tr><td>email</td><td>" . '<input type="text" size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n";
$html .= " <tr><td>email</td><td>" . '<input size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n";
}
$html .= " <tr><td>jabber</td><td>" . '<input type="text" size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n";
$html .= " <tr><td>jabber</td><td>" . '<input size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Size</td><td>'
. html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . '</td></tr>' . "\n";
@ -91,7 +93,7 @@ function admin_user()
$html .= ' <tr><td>T-Shirt</td><td>' . "\n";
$html .= html_options('eTshirt', $options, $user_source['Tshirt']) . '</td></tr>' . "\n";
$html .= ' <tr><td>Hometown</td><td>' . '<input type="text" size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Hometown</td><td>' . '<input size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n";
$html .= '</table>' . "\n" . '</td><td valign="top"></td></tr>';
@ -105,7 +107,8 @@ function admin_user()
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
$html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:<form action="'
. page_link_to('admin_user') . '&action=change_pw&id=' . $user_id . '" method="post">' . "\n";
. page_link_to('admin_user', ['action' => 'change_pw', 'id' => $user_id])
. '" method="post">' . "\n";
$html .= '<table>' . "\n";
$html .= ' <tr><td>Passwort</td><td>' . '<input type="password" size="40" name="new_pw" value="" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Wiederholung</td><td>' . '<input type="password" size="40" name="new_pw2" value="" class="form-control"></td></tr>' . "\n";
@ -134,7 +137,8 @@ function admin_user()
if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:<form action="'
. page_link_to('admin_user') . '&action=save_groups&id=' . $user_id . '" method="post">' . "\n";
. page_link_to('admin_user', ['action' => 'save_groups', 'id' => $user_id])
. '" method="post">' . "\n";
$html .= '<table>';
$groups = DB::select('
@ -175,11 +179,11 @@ function admin_user()
switch ($request->input('action')) {
case 'save_groups':
if ($user_id != $user['UID']) {
$my_highest_group = DB::select(
$my_highest_group = DB::selectOne(
'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
[$user['UID']]
);
$his_highest_group = DB::select(
$his_highest_group = DB::selectOne(
'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
[$user_id]
);
@ -257,7 +261,7 @@ function admin_user()
`Handy` = ?,
`Alter` =?,
`DECT` = ?,
' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->post('eemail')) . ',' : '') . '
' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->postData('eemail')) . ',' : '') . '
`jabber` = ?,
`Size` = ?,
`Gekommen`= ?,
@ -268,34 +272,34 @@ function admin_user()
WHERE `UID` = ?
LIMIT 1';
DB::update($sql, [
$request->post('eNick'),
$request->post('eName'),
$request->post('eVorname'),
$request->post('eTelefon'),
$request->post('eHandy'),
$request->post('eAlter'),
$request->post('eDECT'),
$request->post('ejabber'),
$request->post('eSize'),
$request->post('eGekommen'),
$request->post('eAktiv'),
User_validate_Nick($request->postData('eNick')),
$request->postData('eName'),
$request->postData('eVorname'),
$request->postData('eTelefon'),
$request->postData('eHandy'),
$request->postData('eAlter'),
$request->postData('eDECT'),
$request->postData('ejabber'),
$request->postData('eSize'),
$request->postData('eGekommen'),
$request->postData('eAktiv'),
$force_active,
$request->post('eTshirt'),
$request->post('Hometown'),
$request->postData('eTshirt'),
$request->postData('Hometown'),
$user_id,
]);
engelsystem_log(
'Updated user: ' . $request->post('eNick') . ', ' . $request->post('eSize')
. ', arrived: ' . $request->post('eVorname')
. ', active: ' . $request->post('eAktiv')
. ', tshirt: ' . $request->post('eTshirt')
'Updated user: ' . $request->postData('eNick') . ', ' . $request->postData('eSize')
. ', arrived: ' . $request->postData('eVorname')
. ', active: ' . $request->postData('eAktiv')
. ', tshirt: ' . $request->postData('eTshirt')
);
$html .= success('Änderung wurde gespeichert...' . "\n", true);
break;
case 'change_pw':
if ($request->post('new_pw') != '' && $request->post('new_pw') == $request->post('new_pw2')) {
set_password($user_id, $request->post('new_pw'));
if ($request->postData('new_pw') != '' && $request->postData('new_pw') == $request->postData('new_pw2')) {
set_password($user_id, $request->postData('new_pw'));
$user_source = User($user_id);
engelsystem_log('Set new password for ' . User_Nick_render($user_source));
$html .= success('Passwort neu gesetzt.', true);

View File

@ -39,6 +39,7 @@ function guest_register()
$min_password_length = config('min_password_length');
$event_config = EventConfig();
$request = request();
$session = session();
$msg = '';
$nick = '';
@ -127,8 +128,8 @@ function guest_register()
}
}
if ($request->has('password') && strlen($request->post('password')) >= $min_password_length) {
if ($request->post('password') != $request->post('password2')) {
if ($request->has('password') && strlen($request->postData('password')) >= $min_password_length) {
if ($request->postData('password') != $request->postData('password2')) {
$valid = false;
$msg .= error(_('Your passwords don\'t match.'), true);
}
@ -226,15 +227,15 @@ function guest_register()
$password_hash,
$comment,
$hometown,
$_SESSION['locale'],
$session->get('locale'),
$planned_arrival_date,
]
);
// Assign user-group and set password
$user_id = DB::getPdo()->lastInsertId();
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]);
set_password($user_id, $request->post('password'));
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -20)', [$user_id]);
set_password($user_id, $request->postData('password'));
// Assign angel-types
$user_angel_types_info = [];
@ -328,7 +329,7 @@ function guest_register()
'angel_types',
_('What do you want to do?') . sprintf(
' (<a href="%s">%s</a>)',
page_link_to('angeltypes') . '&action=about',
page_link_to('angeltypes', ['action' => 'about']),
_('Description of job types')
),
$angel_types,
@ -377,32 +378,43 @@ function guest_register()
]);
}
/**
* @return string
*/
function entry_required()
{
return '<span class="text-info glyphicon glyphicon-warning-sign"></span>';
}
/**
* @return bool
*/
function guest_logout()
{
session_destroy();
session()->invalidate();
redirect(page_link_to('start'));
return true;
}
/**
* @return string
*/
function guest_login()
{
$nick = '';
$request = request();
unset($_SESSION['uid']);
$session = session();
$valid = true;
$session->remove('uid');
if ($request->has('submit')) {
if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) {
$nick = User_validate_Nick($request->input('nick'));
$login_user = DB::selectOne('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
if (!empty($login_user)) {
if ($request->has('password')) {
if (!verify_password($request->post('password'), $login_user['Passwort'], $login_user['UID'])) {
if (!verify_password($request->postData('password'), $login_user['Passwort'], $login_user['UID'])) {
$valid = false;
error(_('Your password is incorrect. Please try it again.'));
}
@ -420,8 +432,8 @@ function guest_login()
}
if ($valid && !empty($login_user)) {
$_SESSION['uid'] = $login_user['UID'];
$_SESSION['locale'] = $login_user['Sprache'];
$session->set('uid', $login_user['UID']);
$session->set('locale', $login_user['Sprache']);
redirect(page_link_to('news'));
}
@ -466,7 +478,10 @@ function guest_login()
heading(_('What can I do?'), 2),
'<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
buttons([
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;')
button(
page_link_to('angeltypes', ['action' => 'about']),
_('Teams/Job description') . ' &raquo;'
)
])
])
])
@ -474,6 +489,9 @@ function guest_login()
]);
}
/**
* @return string
*/
function get_register_hint()
{
global $privileges;

View File

@ -1,6 +1,7 @@
<?php
use Engelsystem\Database\DB;
use Engelsystem\Http\Request;
/**
* Publically available page to feed the news to feed readers
@ -44,14 +45,15 @@ function user_atom()
*/
function make_atom_entries_from_news($news_entries)
{
$request = Request::getInstance();
$html = '<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Engelsystem</title>
<id>' . $_SERVER['HTTP_HOST']
<id>' . $request->getHttpHost()
. htmlspecialchars(preg_replace(
'#[&?]key=[a-f\d]{32}#',
'',
$_SERVER['REQUEST_URI']
$request->getRequestUri()
))
. '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . '</updated>' . "\n";
@ -64,11 +66,12 @@ function make_atom_entries_from_news($news_entries)
function make_atom_entry_from_news($news_entry)
{
return ' <entry>
return '
<entry>
<title>' . htmlspecialchars($news_entry['Betreff']) . '</title>
<link href="' . page_link_to_absolute('news_comments&amp;nid=') . $news_entry['ID'] . '"/>
<id>' . preg_replace('#^https?://#', '', page_link_to_absolute('news')) . '-' . $news_entry['ID'] . '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated>
<summary type="html">' . htmlspecialchars($news_entry['Text']) . '</summary>
</entry>' . "\n";
<link href="' . page_link_to('news_comments', ['nid' => $news_entry['ID']]) . '"/>
<id>' . preg_replace('#^https?://#', '', page_link_to('news_comments', ['nid' => $news_entry['ID']])) . '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated>
<summary>' . htmlspecialchars($news_entry['Text']) . '</summary>
</entry>' . "\n";
}

View File

@ -92,14 +92,14 @@ function user_messages()
if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button(
page_link_to('user_messages') . '&action=read&id=' . $message['id'],
page_link_to('user_messages', ['action' => 'read', 'id' => $message['id']]),
_('mark as read'),
'btn-xs'
);
}
} else {
$messages_table_entry['actions'] = button(
page_link_to('user_messages') . '&action=delete&id=' . $message['id'],
page_link_to('user_messages', ['action' => 'delete', 'id' => $message['id']]),
_('delete message'),
'btn-xs'
);
@ -119,7 +119,7 @@ function user_messages()
'text' => _('Message'),
'actions' => ''
], $messages_table)
], page_link_to('user_messages') . '&action=send')
], page_link_to('user_messages', ['action' => 'send']))
]);
} else {
switch ($request->input('action')) {

View File

@ -37,16 +37,16 @@ function user_myshifts()
if ($request->input('reset') == 'ack') {
User_reset_api_key($user);
success(_('Key changed.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']]));
}
return page_with_title(_('Reset API key'), [
error(
_('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'),
true
),
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
button(page_link_to('user_myshifts', ['reset' => 'ack']), _('Continue'), 'btn-danger')
]);
} elseif ($request->has('edit') && preg_match('/^\d*$/', $request->input('edit'))) {
} elseif ($request->has('edit') && preg_match('/^\d+$/', $request->input('edit'))) {
$user_id = $request->input('edit');
$shift = DB::selectOne('
SELECT
@ -106,7 +106,7 @@ function user_myshifts()
. '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO')
);
success(_('Shift saved.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']]));
}
}
@ -124,7 +124,7 @@ function user_myshifts()
} else {
redirect(page_link_to('user_myshifts'));
}
} elseif ($request->has('cancel') && preg_match('/^\d*$/', $request->input('cancel'))) {
} elseif ($request->has('cancel') && preg_match('/^\d+$/', $request->input('cancel'))) {
$user_id = $request->input('cancel');
$shift = DB::selectOne('
SELECT *
@ -164,6 +164,6 @@ function user_myshifts()
}
}
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']]));
return '';
}

View File

@ -35,8 +35,8 @@ function user_meetings()
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
$request = request();
if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) {
$page = $request->input('page');
if (preg_match('/^\d{1,}$/', $request->input('page', 0))) {
$page = $request->input('page', 0);
} else {
$page = 0;
}
@ -57,14 +57,14 @@ function user_meetings()
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) {
if ($request->has('page') && $i == $request->input('page')) {
if ($request->has('page') && $i == $request->input('page', 0)) {
$html .= '<li class="active">';
} elseif (!$request->has('page') && $i == 0) {
$html .= '<li class="active">';
} else {
$html .= '<li>';
}
$html .= '<a href="' . page_link_to('user_meetings') . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
$html .= '<a href="' . page_link_to('user_meetings', ['page' => $i]) . '">' . ($i + 1) . '</a></li>';
}
$html .= '</ul></div></div>';
@ -89,7 +89,7 @@ function display_news($news)
$html .= '<div class="panel-footer text-muted">';
if (in_array('admin_news', $privileges)) {
$html .= '<div class="pull-right">'
. button_glyph(page_link_to('admin_news') . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs')
. button_glyph(page_link_to('admin_news', ['action' => 'edit', 'id' => $news['ID']]), 'edit', 'btn-xs')
. '</div>';
}
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . '&emsp;';
@ -98,7 +98,7 @@ function display_news($news)
$html .= User_Nick_render($user_source);
if ($page != 'news_comments') {
$html .= '&emsp;<a href="' . page_link_to('news_comments') . '&nid=' . $news['ID'] . '">'
$html .= '&emsp;<a href="' . page_link_to('news_comments', ['nid' => $news['ID']]) . '">'
. '<span class="glyphicon glyphicon-comment"></span> '
. _('Comments') . ' &raquo;</a> '
. '<span class="badge">'
@ -154,7 +154,7 @@ function user_news_comments()
$user_source = User($comment['UID']);
$html .= '<div class="panel panel-default">';
$html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';
$html .= '<div class="panel-body">' . nl2br(htmlspecialchars($comment['Text'])) . '</div>';
$html .= '<div class="panel-footer text-muted">';
$html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;';
$html .= User_Nick_render($user_source);
@ -166,7 +166,7 @@ function user_news_comments()
$html .= form([
form_textarea('text', _('Message'), ''),
form_submit('submit', _('Save'))
], page_link_to('news_comments') . '&nid=' . $news['ID']);
], page_link_to('news_comments', ['nid' => $news['ID']]));
} else {
$html .= _('Invalid request.');
}
@ -185,30 +185,36 @@ function user_news()
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
$isMeeting = $request->post('treffen');
$isMeeting = $request->postData('treffen');
if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) {
if (!$request->has('treffen') || !in_array('admin_news', $privileges)) {
if (!$request->has('treffen')) {
$isMeeting = 0;
}
$text = $request->postData('text');
if (!in_array('admin_news_html', $privileges)) {
$text = strip_tags($text);
}
DB::insert('
INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
VALUES (?, ?, ?, ?, ?)
',
[
time(),
$request->post('betreff'),
$request->post('text'),
strip_tags($request->postData('betreff')),
$text,
$user['UID'],
$isMeeting,
]
);
engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $isMeeting);
engelsystem_log('Created news: ' . $request->postData('betreff') . ', treffen: ' . $isMeeting);
success(_('Entry saved.'));
redirect(page_link_to('news'));
}
if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) {
$page = $request->input('page');
if (preg_match('/^\d{1,}$/', $request->input('page', 0))) {
$page = $request->input('page', 0);
} else {
$page = 0;
}
@ -229,14 +235,14 @@ function user_news()
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) {
if ($request->has('page') && $i == $request->input('page')) {
if ($request->has('page') && $i == $request->input('page', 0)) {
$html .= '<li class="active">';
} elseif (!$request->has('page') && $i == 0) {
$html .= '<li class="active">';
} else {
$html .= '<li>';
}
$html .= '<a href="' . page_link_to('news') . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
$html .= '<a href="' . page_link_to('news', ['page' => $i]) . '">' . ($i + 1) . '</a></li>';
}
$html .= '</ul></div>';

View File

@ -33,7 +33,11 @@ function user_questions()
$question['answer_user'] = User_Nick_render($answer_user_source);
}
return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask');
return Questions_view(
$open_questions,
$answered_questions,
page_link_to('user_questions', ['action' => 'ask'])
);
} else {
switch ($request->input('action')) {
case 'ask':

View File

@ -84,7 +84,7 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
if ($valid) {
User_update($user_source);
success(_('Settings saved.'));
redirect(page_link_to('user_settings'));
}
@ -102,15 +102,15 @@ function user_settings_password($user_source)
$request = request();
if (
!$request->has('password')
|| !verify_password($request->post('password'), $user_source['Passwort'], $user_source['UID'])
|| !verify_password($request->postData('password'), $user_source['Passwort'], $user_source['UID'])
) {
error(_('-> not OK. Please try again.'));
} elseif (strlen($request->post('new_password')) < config('min_password_length')) {
} elseif (strlen($request->postData('new_password')) < config('min_password_length')) {
error(_('Your password is to short (please use at least 6 characters).'));
} elseif ($request->post('new_password') != $request->post('new_password2')) {
} elseif ($request->postData('new_password') != $request->postData('new_password2')) {
error(_('Your passwords don\'t match.'));
} else {
set_password($user_source['UID'], $request->post('new_password'));
set_password($user_source['UID'], $request->postData('new_password'));
success(_('Password saved.'));
}
redirect(page_link_to('user_settings'));
@ -164,6 +164,7 @@ function user_settings_locale($user_source, $locales)
{
$valid = true;
$request = request();
$session = session();
if ($request->has('language') && isset($locales[$request->input('language')])) {
$user_source['Sprache'] = $request->input('language');
@ -182,7 +183,7 @@ function user_settings_locale($user_source, $locales)
$user_source['UID'],
]
);
$_SESSION['locale'] = $user_source['Sprache'];
$session->set('locale', $user_source['Sprache']);
success('Language changed.');
redirect(page_link_to('user_settings'));

View File

@ -167,20 +167,23 @@ function view_user_shifts()
{
global $user, $privileges, $ical_shifts;
$session = session();
$ical_shifts = [];
$days = load_days();
$rooms = load_rooms();
$types = load_types();
if (!isset($_SESSION['ShiftsFilter'])) {
if (!$session->has('ShiftsFilter')) {
$room_ids = [
$rooms[0]['id']
];
$type_ids = array_map('get_ids_from_array', $types);
$_SESSION['ShiftsFilter'] = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids);
$shiftsFilter = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids);
$session->set('ShiftsFilter', $shiftsFilter);
}
update_ShiftsFilter($_SESSION['ShiftsFilter'], in_array('user_shifts_admin', $privileges), $days);
$shiftsFilter = $_SESSION['ShiftsFilter'];
$shiftsFilter = $session->get('ShiftsFilter');
update_ShiftsFilter($shiftsFilter, in_array('user_shifts_admin', $privileges), $days);
$shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
@ -203,6 +206,11 @@ function view_user_shifts()
$end_day = date('Y-m-d', $shiftsFilter->getEndTime());
$end_time = date('H:i', $shiftsFilter->getEndTime());
$assignNotice = '';
if (config('signup_requires_arrival') && !$user['Gekommen']) {
$assignNotice = info(render_user_arrived_hint(), true);
}
return page([
div('col-md-12', [
msg(),
@ -223,15 +231,16 @@ function view_user_shifts()
'task_notice' =>
'<sup>1</sup>'
. _('The tasks shown here are influenced by the angeltypes you joined already!')
. ' <a href="' . page_link_to('angeltypes') . '&action=about' . '">'
. ' <a href="' . page_link_to('angeltypes', ['action' => 'about']) . '">'
. _('Description of the jobs.')
. '</a>',
'assign_notice' => $assignNotice,
'shifts_table' => msg() . $shiftCalendarRenderer->render(),
'ical_text' => '<h2>' . _('iCal export') . '</h2><p>' . sprintf(
_('Export of shown shifts. <a href="%s">iCal format</a> or <a href="%s">JSON format</a> available (please keep secret, otherwise <a href="%s">reset the api key</a>).'),
page_link_to_absolute('ical') . '&key=' . $user['api_key'],
page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'],
page_link_to('user_myshifts') . '&reset'
page_link_to('ical', ['key' => $user['api_key']]),
page_link_to('shifts_json_export', ['key' => $user['api_key']]),
page_link_to('user_myshifts', ['reset' => 1])
) . '</p>',
'filter' => _('Filter')
])

View File

@ -10,8 +10,10 @@ function load_auth()
global $user, $privileges;
$user = null;
if (isset($_SESSION['uid'])) {
$user = DB::selectOne('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$_SESSION['uid']]);
$session = session();
if ($session->has('uid')) {
$user = DB::selectOne('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$session->get('uid')]);
if (!empty($user)) {
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
DB::update('
@ -21,16 +23,17 @@ function load_auth()
LIMIT 1
', [
time(),
$_SESSION['uid'],
$session->get('uid'),
]);
$privileges = privileges_for_user($user['UID']);
return;
}
unset($_SESSION['uid']);
$session->remove('uid');
}
// guest privileges
$privileges = privileges_for_group(-1);
$privileges = privileges_for_group(-10);
}
/**

View File

@ -10,7 +10,7 @@
*/
function form_hidden($name, $value)
{
return '<input type="hidden" name="' . $name . '" value="' . $value . '" />';
return '<input type="hidden" name="' . $name . '" value="' . htmlspecialchars($value) . '" />';
}
/**
@ -25,7 +25,7 @@ function form_spinner($name, $label, $value)
{
return form_element($label, '
<div class="input-group">
<input id="spinner-' . $name . '" class="form-control" type="text" name="' . $name . '" value="' . $value . '" />
<input id="spinner-' . $name . '" class="form-control" name="' . $name . '" value="' . htmlspecialchars($value) . '" />
<div class="input-group-btn">
<button id="spinner-' . $name . '-down" class="btn btn-default" type="button">
<span class="glyphicon glyphicon-minus"></span>
@ -66,7 +66,8 @@ function form_date($name, $label, $value, $start_date = '', $end_date = '')
$end_date = is_numeric($end_date) ? date('Y-m-d', $end_date) : '';
return form_element($label, '
<div class="input-group date" id="' . $dom_id . '">
<input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span>
<input name="' . $name . '" class="form-control" value="' . htmlspecialchars($value) . '">'
. '<span class="input-group-addon">' . glyph('th') . '</span>
</div>
<script type="text/javascript">
$(function(){
@ -144,12 +145,17 @@ function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []
* @param string $label
* @param string $selected
* @param string $value
* @param string $id
* @return string
*/
function form_checkbox($name, $label, $selected, $value = 'checked')
function form_checkbox($name, $label, $selected, $value = 'checked', $id = null)
{
if (is_null($id)) {
$id = $name;
}
return '<div class="checkbox"><label>'
. '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '" '
. '<input type="checkbox" id="' . $id . '" name="' . $name . '" value="' . htmlspecialchars($value) . '" '
. ($selected ? ' checked="checked"' : '') . ' /> '
. $label
. '</label></div>';
@ -167,7 +173,7 @@ function form_checkbox($name, $label, $selected, $value = 'checked')
function form_radio($name, $label, $selected, $value)
{
return '<div class="radio">'
. '<label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . $value . '" '
. '<label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . htmlspecialchars($value) . '" '
. ($selected ? ' checked="checked"' : '') . ' /> '
. $label
. '</label></div>';
@ -328,8 +334,8 @@ function form_textarea($name, $label, $value, $disabled = false)
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element(
$label,
'<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="'
. $name . '" ' . $disabled . '>' . $value . '</textarea>',
'<textarea rows="5" class="form-control" id="form_' . $name . '" name="'
. $name . '" ' . $disabled . '>' . htmlspecialchars($value) . '</textarea>',
'form_' . $name
);
}
@ -374,7 +380,7 @@ function form_element($label, $input, $for = '')
*/
function form($elements, $action = '')
{
return '<form role="form" action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
return '<form action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
}
/**

View File

@ -1,28 +1,16 @@
<?php
use Engelsystem\UserHintsRenderer;
/**
* @param string $page
* @param array $parameters get parameters
* @return string
*/
function page_link_to($page = '')
function page_link_to($page = '', $parameters = [])
{
if ($page == '') {
return '?';
}
return '?p=' . $page;
}
/**
* @param string $page
* @return string
*/
function page_link_to_absolute($page)
{
return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
. $_SERVER['HTTP_HOST']
. preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI'])
. page_link_to($page);
$page = str_replace('_', '-', $page);
return url($page, $parameters);
}
/**
@ -65,7 +53,7 @@ function header_toolbar()
if (isset($user)) {
$toolbar_items[] = toolbar_item_link(
page_link_to('shifts') . '&amp;action=next',
page_link_to('shifts', ['action' => 'next']),
'time',
User_shift_state_render($user)
);
@ -86,7 +74,7 @@ function header_toolbar()
$toolbar_items[] = header_render_hints();
if (in_array('user_myshifts', $privileges)) {
$toolbar_items[] = toolbar_item_link(
page_link_to('users') . '&amp;action=view',
page_link_to('users', ['action' => 'view']),
' icon-icon_angel',
$user['Nick'],
$page == 'users'

View File

@ -1,4 +1,5 @@
<?php
use Engelsystem\ValidationResult;
/**
@ -168,11 +169,12 @@ function strip_request_item($name, $default_value = null)
*/
function test_request_int($name)
{
$request = request();
if ($request->has($name)) {
return preg_match('/^\d*$/', $request->input($name));
$input = request()->input($name);
if (is_null($input)) {
return false;
}
return false;
return preg_match('/^\d+$/', $input);
}
/**
@ -186,7 +188,11 @@ function strip_request_item_nl($name, $default_value = null)
{
$request = request();
if ($request->has($name)) {
return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($request->input($name)));
return preg_replace(
"/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui",
'',
strip_tags($request->input($name))
);
}
return $default_value;
}

View File

@ -50,7 +50,10 @@ function AngelType_delete_view($angeltype)
buttons([
button(page_link_to('angeltypes'), _('cancel'), 'cancel'),
button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed',
page_link_to(
'angeltypes',
['action' => 'delete', 'angeltype_id' => $angeltype['id'], 'confirmed' => 1]
),
_('delete'),
'ok'
)
@ -67,7 +70,6 @@ function AngelType_delete_view($angeltype)
*/
function AngelType_edit_view($angeltype, $supporter_mode)
{
$contact_info = AngelType_contact_info($angeltype);
return page_with_title(sprintf(_('Edit %s'), $angeltype['name']), [
buttons([
button(page_link_to('angeltypes'), _('Angeltypes'), 'back')
@ -127,7 +129,7 @@ function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes,
if ($user_angeltype == null) {
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
_('join'),
'add'
);
@ -142,20 +144,22 @@ function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes,
$angeltype['name']
));
}
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'],
_('leave'), 'cancel');
$buttons[] = button(
page_link_to('user_angeltypes', ['action' => 'delete', 'user_angeltype_id' => $user_angeltype['id']]),
_('leave'), 'cancel'
);
}
if ($admin_angeltypes || $supporter) {
$buttons[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
page_link_to('angeltypes', ['action' => 'edit', 'angeltype_id' => $angeltype['id']]),
_('edit'),
'edit'
);
}
if ($admin_angeltypes) {
$buttons[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
page_link_to('angeltypes', ['action' => 'delete', 'angeltype_id' => $angeltype['id']]),
_('delete'),
'delete'
);
@ -193,12 +197,18 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($angeltype['restricted'] && $member['confirm_user_id'] == null) {
$member['actions'] = table_buttons([
button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'],
page_link_to(
'user_angeltypes',
['action' => 'confirm', 'user_angeltype_id' => $member['user_angeltype_id']]
),
_('confirm'),
'btn-xs'
),
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
page_link_to(
'user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $member['user_angeltype_id']]
),
_('deny'),
'btn-xs'
)
@ -208,7 +218,11 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($admin_angeltypes) {
$member['actions'] = table_buttons([
button(
page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0',
page_link_to('user_angeltypes', [
'action' => 'update',
'user_angeltype_id' => $member['user_angeltype_id'],
'supporter' => 0
]),
_('Remove supporter rights'),
'btn-xs'
)
@ -221,11 +235,18 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($admin_user_angeltypes) {
$member['actions'] = table_buttons([
$admin_angeltypes
? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1',
? button(page_link_to('user_angeltypes', [
'action' => 'update',
'user_angeltype_id' => $member['user_angeltype_id'],
'supporter' => 1
]),
_('Add supporter rights'), 'btn-xs')
: '',
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
page_link_to('user_angeltypes', [
'action' => 'delete',
'user_angeltype_id' => $member['user_angeltype_id']
]),
_('remove'),
'btn-xs'
)
@ -339,7 +360,14 @@ function AngelType_view(
$page[] = '<h3>' . _('Members') . '</h3>';
if ($admin_user_angeltypes) {
$page[] = buttons([
button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _('Add'), 'add')
button(
page_link_to(
'user_angeltypes',
['action' => 'add', 'angeltype_id' => $angeltype['id']]
),
_('Add'),
'add'
)
]);
}
$page[] = table($table_headers, $members_confirmed);
@ -348,12 +376,12 @@ function AngelType_view(
$page[] = '<h3>' . _('Unconfirmed') . '</h3>';
$page[] = buttons([
button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'],
page_link_to('user_angeltypes', ['action' => 'confirm_all', 'angeltype_id' => $angeltype['id']]),
_('confirm all'),
'ok'
),
button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'],
page_link_to('user_angeltypes', ['action' => 'delete_all', 'angeltype_id' => $angeltype['id']]),
_('deny all'),
'cancel'
)
@ -376,8 +404,10 @@ function AngelTypes_list_view($angeltypes, $admin_angeltypes)
return page_with_title(angeltypes_title(), [
msg(),
buttons([
$admin_angeltypes ? button(page_link_to('angeltypes') . '&action=edit', _('New angeltype'), 'add') : '',
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description'))
$admin_angeltypes
? button(page_link_to('angeltypes', ['action' => 'edit']), _('New angeltype'), 'add')
: '',
button(page_link_to('angeltypes', ['action' => 'about']), _('Teams/Job description'))
]),
table([
'name' => _('Name'),
@ -405,13 +435,16 @@ function AngelTypes_about_view_angeltype($angeltype)
$buttons = [];
if ($angeltype['user_angeltype_id'] != null) {
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
page_link_to(
'user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $angeltype['user_angeltype_id']]
),
_('leave'),
'cancel'
);
} else {
$buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
_('join'),
'add'
);

View File

@ -9,14 +9,22 @@
function Questions_view($open_questions, $answered_questions, $ask_action)
{
foreach ($open_questions as &$question) {
$question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>';
$question['actions'] = '<a href="'
. page_link_to('user_questions', ['action' => 'delete', 'id' => $question['QID']])
. '">'
. _('delete')
. '</a>';
$question['Question'] = str_replace("\n", '<br />', $question['Question']);
}
foreach ($answered_questions as &$question) {
$question['Question'] = str_replace("\n", '<br />', $question['Question']);
$question['Answer'] = str_replace("\n", '<br />', $question['Answer']);
$question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>';
$question['actions'] = '<a href="'
. page_link_to('user_questions', ['action' => 'delete', 'id' => $question['QID']])
. '">'
. _('delete')
. '</a>';
}
return page_with_title(questions_title(), [

View File

@ -1,4 +1,5 @@
<?php
use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilterRenderer;
@ -10,8 +11,16 @@ use Engelsystem\ShiftsFilterRenderer;
*/
function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer)
{
global $user;
$assignNotice = '';
if (config('signup_requires_arrival') && !$user['Gekommen']) {
$assignNotice = info(render_user_arrived_hint(), true);
}
return page_with_title(glyph('map-marker') . $room['Name'], [
$shiftsFilterRenderer->render(room_link($room)),
$shiftsFilterRenderer->render($room),
$assignNotice,
$shiftCalendarRenderer->render()
]);
}

View File

@ -1,11 +1,9 @@
<?php
namespace Engelsystem;
use Exception;
namespace Engelsystem;
class ShiftCalendarRenderer
{
/**
* 15m * 60s/m = 900s
*/
@ -51,10 +49,10 @@ class ShiftCalendarRenderer
/**
* ShiftCalendarRenderer constructor.
*
* @param array[] $shifts
* @param array[] $needed_angeltypes
* @param array[] $shift_entries
* @param ShiftsFilter $shiftsFilter
* @param array[] $shifts
* @param array[] $needed_angeltypes
* @param array[] $shift_entries
* @param ShiftsFilter $shiftsFilter
*/
public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter)
{
@ -69,23 +67,21 @@ class ShiftCalendarRenderer
/**
* Assigns the shifts to different lanes per room if they collide
*
* @param array[] $shifts
* The shifts to assign
*
* @param array[] $shifts The shifts to assign
* @return array Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts
*/
private function assignShiftsToLanes($shifts)
{
// array that assigns a room id to a list of lanes (per room)
$lanes = [];
foreach ($shifts as $shift) {
$room_id = $shift['RID'];
$header = Room_name_render([
'RID' => $room_id,
'RID' => $room_id,
'Name' => $shift['room_name']
]);
if (! isset($lanes[$room_id])) {
if (!isset($lanes[$room_id])) {
// initialize room with one lane
$lanes[$room_id] = [
new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot())
@ -95,7 +91,7 @@ class ShiftCalendarRenderer
$shift_added = false;
foreach ($lanes[$room_id] as $lane) {
/** @var ShiftCalendarLane $lane */
if($lane->shiftFits($shift)) {
if ($lane->shiftFits($shift)) {
$lane->addShift($shift);
$shift_added = true;
break;
@ -108,12 +104,11 @@ class ShiftCalendarRenderer
$lanes[$room_id][] = $newLane;
}
}
return $lanes;
}
/**
*
* @return int
*/
public function getFirstBlockStartTime()
@ -122,7 +117,6 @@ class ShiftCalendarRenderer
}
/**
*
* @return int
*/
public function getLastBlockEndTime()
@ -131,7 +125,6 @@ class ShiftCalendarRenderer
}
/**
*
* @return float
*/
public function getBlocksPerSlot()
@ -153,9 +146,9 @@ class ShiftCalendarRenderer
return '';
}
return div('shift-calendar', [
$this->renderTimeLane(),
$this->renderShiftLanes()
]) . $this->renderLegend();
$this->renderTimeLane(),
$this->renderShiftLanes()
]) . $this->renderLegend();
}
/**
@ -171,41 +164,45 @@ class ShiftCalendarRenderer
$html .= $this->renderLane($lane);
}
}
return $html;
}
/**
* Renders a single lane
*
* @param ShiftCalendarLane $lane
* The lane to render
* @param ShiftCalendarLane $lane The lane to render
* @return string
*/
private function renderLane(ShiftCalendarLane $lane)
{
global $user;
$shift_renderer = new ShiftCalendarShiftRenderer();
$html = '';
$rendered_until = $this->getFirstBlockStartTime();
foreach ($lane->getShifts() as $shift) {
while ($rendered_until + ShiftCalendarRenderer::SECONDS_PER_ROW <= $shift['start']) {
$html .= $this->renderTick($rendered_until);
$rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
}
list ($shift_height, $shift_html) = $shift_renderer->render($shift, $this->needed_angeltypes[$shift['SID']], $this->shift_entries[$shift['SID']], $user);
list ($shift_height, $shift_html) = $shift_renderer->render(
$shift,
$this->needed_angeltypes[$shift['SID']],
$this->shift_entries[$shift['SID']],
$user
);
$html .= $shift_html;
$rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW;
}
while ($rendered_until < $this->getLastBlockEndTime()) {
$html .= $this->renderTick($rendered_until);
$rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
}
return div('lane', [
div('header', $lane->getHeader()),
$html
@ -215,23 +212,21 @@ class ShiftCalendarRenderer
/**
* Renders a tick/block for given time
*
* @param int $time
* unix timestamp
* @param boolean $label
* Should time labels be generated?
* @param int $time unix timestamp
* @param boolean $label Should time labels be generated?
* @return string rendered tick html
*/
private function renderTick($time, $label = false)
{
if ($time % (24 * 60 * 60) == 23 * 60 * 60) {
if (! $label) {
if (!$label) {
return div('tick day');
}
return div('tick day', [
date('m-d<b\r />H:i', $time)
]);
} elseif ($time % (60 * 60) == 0) {
if (! $label) {
if (!$label) {
return div('tick hour');
}
return div('tick hour', [
@ -253,7 +248,7 @@ class ShiftCalendarRenderer
_('Time')
])
];
for ($block = 0; $block < $this->getBlocksPerSlot(); $block ++) {
for ($block = 0; $block < $this->getBlocksPerSlot(); $block++) {
$thistime = $this->getFirstBlockStartTime() + ($block * ShiftCalendarRenderer::SECONDS_PER_ROW);
$time_slot[] = $this->renderTick($thistime, true);
}
@ -261,8 +256,7 @@ class ShiftCalendarRenderer
}
/**
*
* @param array[] $shifts
* @param array[] $shifts
* @return int
*/
private function calcFirstBlockStartTime($shifts)
@ -277,8 +271,7 @@ class ShiftCalendarRenderer
}
/**
*
* @param array[] $shifts
* @param array[] $shifts
* @return int
*/
private function calcLastBlockEndTime($shifts)
@ -293,7 +286,6 @@ class ShiftCalendarRenderer
}
/**
*
* @return int
*/
private function calcBlocksPerSlot()

View File

@ -124,11 +124,15 @@ class ShiftCalendarShiftRenderer
}
if (in_array('user_shifts_admin', $privileges)) {
$html .= '<li class="list-group-item">' . button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'],
_('Add more angels'),
'btn-xs'
) . '</li>';
$html .= '<li class="list-group-item">' . _('Add more angels') . ':';
foreach ($needed_angeltypes as $angeltype) {
$html .= ' ' . button(
page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']]),
$angeltype['name'],
'btn-xs'
);
}
$html .= '</li>';
}
if ($html != '') {
return [
@ -169,11 +173,13 @@ class ShiftCalendarShiftRenderer
case ShiftSignupState::ADMIN:
case ShiftSignupState::FREE:
// When admin or free display a link + button for sign up
$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">'
$entry_list[] = '<a href="'
. page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']])
. '">'
. $inner_text
. '</a> '
. button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'],
page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']]),
_('Sign up'), 'btn-xs btn-primary'
);
break;
@ -191,7 +197,7 @@ class ShiftCalendarShiftRenderer
// Add link to join the angeltype first
$entry_list[] = $inner_text . '<br />'
. button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
sprintf(_('Become %s'), $angeltype['name']),
'btn-xs'
);
@ -232,8 +238,8 @@ class ShiftCalendarShiftRenderer
$header_buttons = '';
if (in_array('admin_shifts', $privileges)) {
$header_buttons = '<div class="pull-right">' . table_buttons([
button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'),
button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs')
button(page_link_to('user_shifts', ['edit_shift' => $shift['SID']]), glyph('edit'), 'btn-xs'),
button(page_link_to('user_shifts', ['delete_shift' => $shift['SID']]), glyph('trash'), 'btn-xs')
]) . '</div>';
}
$shift_heading = date('H:i', $shift['start']) . ' &dash; '

View File

@ -24,7 +24,10 @@ function ShiftType_delete_view($shifttype)
buttons([
button(page_link_to('shifttypes'), _('cancel'), 'cancel'),
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed',
page_link_to(
'shifttypes',
['action' => 'delete', 'shifttype_id' => $shifttype['id'], 'confirmed' => 1]
),
_('delete'),
'ok btn-danger'
)
@ -81,12 +84,16 @@ function ShiftType_view($shifttype, $angeltype)
buttons([
button(page_link_to('shifttypes'), shifttypes_title(), 'back'),
$angeltype ? button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
$angeltype['name']
) : '',
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'edit'),
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
page_link_to('shifttypes', ['action' => 'edit', 'shifttype_id' => $shifttype['id']]),
_('edit'),
'edit'
),
button(
page_link_to('shifttypes', ['action' => 'delete', 'shifttype_id' => $shifttype['id']]),
_('delete'),
'delete'
)
@ -103,11 +110,22 @@ function ShiftType_view($shifttype, $angeltype)
function ShiftTypes_list_view($shifttypes)
{
foreach ($shifttypes as &$shifttype) {
$shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>';
$shifttype['name'] = '<a href="'
. page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype['id']])
. '">'
. $shifttype['name']
. '</a>';
$shifttype['actions'] = table_buttons([
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'),
button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
page_link_to(
'shifttypes',
['action' => 'edit', 'shifttype_id' => $shifttype['id']]
),
_('edit'),
'btn-xs'
),
button(
page_link_to('shifttypes', ['action' => 'delete', 'shifttype_id' => $shifttype['id']]),
_('delete'),
'btn-xs'
)
@ -117,7 +135,7 @@ function ShiftTypes_list_view($shifttypes)
return page_with_title(shifttypes_title(), [
msg(),
buttons([
button(page_link_to('shifttypes') . '&action=edit', _('New shifttype'), 'add')
button(page_link_to('shifttypes', ['action' => 'edit']), _('New shifttype'), 'add')
]),
table([
'name' => _('Name'),

View File

@ -39,17 +39,22 @@ class ShiftsFilterRenderer
/**
* Renders the filter.
*
* @param string $link_base
* @param array $room
* @return string Generated HTML
*/
public function render($link_base)
public function render($room)
{
$toolbar = [];
if ($this->daySelectionEnabled && !empty($this->days)) {
$selected_day = date('Y-m-d', $this->shiftsFilter->getStartTime());
$day_dropdown_items = [];
foreach ($this->days as $day) {
$day_dropdown_items[] = toolbar_item_link($link_base . '&shifts_filter_day=' . $day, '', $day);
$link = page_link_to('rooms', [
'action' => 'view',
'room_id' => $room['RID'],
'shifts_filter_day' => $day,
]);
$day_dropdown_items[] = toolbar_item_link($link, '', $day);
}
$toolbar[] = toolbar_dropdown('', $selected_day, $day_dropdown_items, 'active');
}

View File

@ -1,4 +1,5 @@
<?php
use Engelsystem\ShiftSignupState;
/**
@ -41,12 +42,12 @@ function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null)
if ($angeltype['shift_signup_state']->isSignupAllowed()) {
return button(
page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'],
page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']]),
_('Sign up')
);
} elseif ($user_angeltype == null) {
return button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
sprintf(_('Become %s'),
$angeltype['name'])
);
@ -207,12 +208,12 @@ function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angelty
$entry .= ' <div class="btn-group">';
if ($user_shift_admin) {
$entry .= button_glyph(
page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'],
page_link_to('user_myshifts', ['edit' => $shift_entry['id'], 'id' => $shift_entry['UID']]),
'pencil',
'btn-xs'
);
}
$entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
$entry .= button_glyph(page_link_to('user_shifts', ['entry_id' => $shift_entry['id']]), 'trash', 'btn-xs');
$entry .= '</div>';
}
return $entry;

View File

@ -19,12 +19,18 @@ function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporte
User_Nick_render($user)
), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes')
. '&action=update&user_angeltype_id=' . $user_angeltype['id']
. '&supporter=' . ($supporter ? '1' : '0')
. '&confirmed',
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to('user_angeltypes', [
'action' => 'update',
'user_angeltype_id' => $user_angeltype['id'],
'supporter' => ($supporter ? '1' : '0'),
'confirmed' => 1,
]),
_('yes'),
'ok'
)
@ -42,9 +48,19 @@ function UserAngelTypes_delete_all_view($angeltype)
msg(),
info(sprintf(_('Do you really want to deny all users for %s?'), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
page_link_to(
'angeltypes',
['action' => 'view', 'angeltype_id' => $angeltype['id']]
),
_('cancel'),
'cancel'
),
button(
page_link_to(
'user_angeltypes',
['action' => 'delete_all', 'angeltype_id' => $angeltype['id'], 'confirmed' => 1]
),
_('yes'),
'ok'
)
@ -62,9 +78,11 @@ function UserAngelTypes_confirm_all_view($angeltype)
msg(),
info(sprintf(_('Do you really want to confirm all users for %s?'), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]), _('cancel'),
'cancel'),
button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
page_link_to('user_angeltypes',
['action' => 'confirm_all', 'angeltype_id' => $angeltype['id'], 'confirmed' => 1]),
_('yes'),
'ok'
)
@ -84,9 +102,16 @@ function UserAngelType_confirm_view($user_angeltype, $user, $angeltype)
msg(),
info(sprintf(_('Do you really want to confirm %s for %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to(
'user_angeltypes',
['action' => 'confirm', 'user_angeltype_id' => $user_angeltype['id'], 'confirmed' => 1]
),
_('yes'),
'ok'
)
@ -106,9 +131,14 @@ function UserAngelType_delete_view($user_angeltype, $user, $angeltype)
msg(),
info(sprintf(_('Do you really want to delete %s from %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to('user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $user_angeltype['id'], 'confirmed' => 1]),
_('yes'),
'ok'
)
@ -132,7 +162,11 @@ function UserAngelType_add_view($angeltype, $users_source, $user_id)
return page_with_title(_('Add user to angeltype'), [
msg(),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('back'), 'back')
button(
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('back'),
'back'
)
]),
form([
form_info(_('Angeltype'), $angeltype['name']),
@ -153,9 +187,16 @@ function UserAngelType_join_view($user, $angeltype)
msg(),
info(sprintf(_('Do you really want to add %s to %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed',
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to(
'user_angeltypes',
['action' => 'add', 'angeltype_id' => $angeltype['id'], 'user_id' => $user['UID'], 'confirmed' => 1]
),
_('save'),
'ok'
)

View File

@ -127,7 +127,7 @@ function User_registration_success_view($event_welcome_message)
'<h2>' . _('What can I do?') . '</h2>',
'<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
buttons([
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;')
button(page_link_to('angeltypes', ['action' => 'about']), _('Teams/Job description') . ' &raquo;')
])
])
])
@ -172,10 +172,13 @@ function User_edit_vouchers_view($user)
button(user_link($user), glyph('chevron-left') . _('back'))
]),
info(sprintf(_('Angel should receive at least %d vouchers.'), User_get_eligable_voucher_count($user)), true),
form([
form_spinner('vouchers', _('Number of vouchers given out'), $user['got_voucher']),
form_submit('submit', _('Save'))
], page_link_to('users') . '&action=edit_vouchers&user_id=' . $user['UID'])
form(
[
form_spinner('vouchers', _('Number of vouchers given out'), $user['got_voucher']),
form_submit('submit', _('Save'))
],
page_link_to('users', ['action' => 'edit_vouchers', 'user_id' => $user['UID']])
)
]);
}
@ -208,7 +211,7 @@ function Users_view(
$user['Tshirt'] = glyph_bool($user['Tshirt']);
$user['lastLogIn'] = date(_('m/d/Y h:i a'), $user['lastLogIn']);
$user['actions'] = table_buttons([
button_glyph(page_link_to('admin_user') . '&id=' . $user['UID'], 'edit', 'btn-xs')
button_glyph(page_link_to('admin_user', ['id' => $user['UID']]), 'edit', 'btn-xs')
]);
}
$users[] = [
@ -253,7 +256,11 @@ function Users_view(
*/
function Users_table_header_link($column, $label, $order_by)
{
return '<a href="' . page_link_to('users') . '&OrderBy=' . $column . '">' . $label . ($order_by == $column ? ' <span class="caret"></span>' : '') . '</a>';
return '<a href="'
. page_link_to('users', ['OrderBy' => $column])
. '">'
. $label . ($order_by == $column ? ' <span class="caret"></span>' : '')
. '</a>';
}
/**
@ -347,7 +354,7 @@ function User_view_myshift($shift, $user_source, $its_me)
];
if ($its_me || in_array('user_shifts_admin', $privileges)) {
$myshift['actions'][] = button(
page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '&id=' . $user_source['UID'],
page_link_to('user_myshifts', ['edit' => $shift['id'], 'id' => $user_source['UID']]),
glyph('edit') . _('edit'),
'btn-xs'
);
@ -356,8 +363,15 @@ function User_view_myshift($shift, $user_source, $its_me)
($shift['start'] > time() + config('last_unsubscribe') * 3600)
|| in_array('user_shifts_admin', $privileges)
) {
$parameters = [
'cancel' => $shift['id'],
'id' => $user_source['UID'],
];
if ($its_me) {
$parameters['id'] = '';
}
$myshift['actions'][] = button(
page_link_to('user_myshifts') . ((!$its_me) ? '&id=' . $user_source['UID'] : '') . '&cancel=' . $shift['id'],
page_link_to('user_myshifts', $parameters),
glyph('trash') . _('sign off'),
'btn-xs'
);
@ -427,7 +441,7 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
div('col-md-12', [
buttons([
$admin_user_privilege ? button(
page_link_to('admin_user') . '&id=' . $user_source['UID'],
page_link_to('admin_user', ['id' => $user_source['UID']]),
glyph('edit') . _('edit')
) : '',
$admin_user_privilege ? button(
@ -435,24 +449,24 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
glyph('road') . _('driving license')
) : '',
($admin_user_privilege && !$user_source['Gekommen']) ? button(
page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'],
page_link_to('admin_arrive', ['arrived' => $user_source['UID']]),
_('arrived')
) : '',
$admin_user_privilege ? button(
page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'],
page_link_to('users', ['action' => 'edit_vouchers', 'user_id' => $user_source['UID']]),
glyph('cutlery') . _('Edit vouchers')
) : '',
$its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _('Settings')) : '',
$its_me ? button(
page_link_to('ical') . '&key=' . $user_source['api_key'],
page_link_to('ical', ['key' => $user_source['api_key']]),
glyph('calendar') . _('iCal Export')
) : '',
$its_me ? button(
page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'],
page_link_to('shifts_json_export', ['key' => $user_source['api_key']]),
glyph('export') . _('JSON Export')
) : '',
$its_me ? button(
page_link_to('user_myshifts') . '&reset',
page_link_to('user_myshifts', ['reset' => 1]),
glyph('repeat') . _('Reset API key')
) : ''
])
@ -607,7 +621,7 @@ function User_groups_render($user_groups)
function User_Nick_render($user_source)
{
return '<a class="' . ($user_source['Gekommen'] ? '' : 'text-muted') . '" href="'
. page_link_to('users') . '&amp;action=view&amp;user_id=' . $user_source['UID']
. page_link_to('users', ['action' => 'view', 'user_id' => $user_source['UID']])
. '"><span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . '</a>';
}

View File

@ -1,12 +1,8 @@
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.5/phpunit.xsd"
backupGlobals="false"
bootstrap="./includes/engelsystem_provider.php"
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/6.3/phpunit.xsd"
colors="true"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false">
>
<testsuites>
<testsuite name="Models">
<directory>./test/model/</directory>
@ -16,10 +12,7 @@
<whitelist>
<directory>./include/</directory>
<directory>./public/</directory>
<directory>./src/</directory>
</whitelist>
<directory>./src/</directory>
</whitelist>
</filter>
<php>
<const name="PHPUNIT_TESTSUITE" value="true"/>
</php>
</phpunit>

8
public/.htaccess Normal file
View File

@ -0,0 +1,8 @@
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

View File

@ -1,4 +1,7 @@
<?php
use Engelsystem\Http\Request;
require_once realpath(__DIR__ . '/../includes/engelsystem_provider.php');
$free_pages = [
@ -16,7 +19,7 @@ $free_pages = [
'stats',
'users',
'user_driver_licenses',
'user_password_recovery'
'user_password_recovery',
];
// Gewünschte Seite/Funktion
@ -24,8 +27,13 @@ $page = '';
$title = '';
$content = '';
$page = $request->input('p');
/** @var Request $request */
$page = $request->query->get('p');
if (empty($page)) {
$page = $request->path();
$page = str_replace('-', '_', $page);
}
if ($page == '/') {
$page = isset($user) ? 'news' : 'login';
}
@ -38,120 +46,158 @@ if (
) {
$title = $page;
if ($page == 'api') {
error('Api disabled temporarily.');
redirect(page_link_to());
require_once realpath(__DIR__ . '/../includes/controller/api.php');
api_controller();
} elseif ($page == 'ical') {
require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
user_ical();
} elseif ($page == 'atom') {
require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
user_atom();
} elseif ($page == 'shifts_json_export') {
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
shifts_json_export_controller();
} elseif ($page == 'shifts_json_export_all') {
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
shifts_json_export_all_controller();
} elseif ($page == 'stats') {
require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
guest_stats();
} elseif ($page == 'user_password_recovery') {
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
$title = user_password_recovery_title();
$content = user_password_recovery_controller();
} elseif ($page == 'angeltypes') {
list($title, $content) = angeltypes_controller();
} elseif ($page == 'shifts') {
list($title, $content) = shifts_controller();
} elseif ($page == 'users') {
list($title, $content) = users_controller();
} elseif ($page == 'user_angeltypes') {
list($title, $content) = user_angeltypes_controller();
} elseif ($page == 'user_driver_licenses') {
list($title, $content) = user_driver_licenses_controller();
} elseif ($page == 'shifttypes') {
list($title, $content) = shifttypes_controller();
} elseif ($page == 'admin_event_config') {
list($title, $content) = event_config_edit_controller();
} elseif ($page == 'rooms') {
list($title, $content) = rooms_controller();
} elseif ($page == 'news') {
$title = news_title();
$content = user_news();
} elseif ($page == 'news_comments') {
require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
$title = user_news_comments_title();
$content = user_news_comments();
} elseif ($page == 'user_meetings') {
$title = meetings_title();
$content = user_meetings();
} elseif ($page == 'user_myshifts') {
$title = myshifts_title();
$content = user_myshifts();
} elseif ($page == 'user_shifts') {
$title = shifts_title();
$content = user_shifts();
} elseif ($page == 'user_messages') {
$title = messages_title();
$content = user_messages();
} elseif ($page == 'user_questions') {
$title = questions_title();
$content = user_questions();
} elseif ($page == 'user_settings') {
$title = settings_title();
$content = user_settings();
} elseif ($page == 'login') {
$title = login_title();
$content = guest_login();
} elseif ($page == 'register') {
$title = register_title();
$content = guest_register();
} elseif ($page == 'logout') {
$title = logout_title();
$content = guest_logout();
} elseif ($page == 'admin_questions') {
$title = admin_questions_title();
$content = admin_questions();
} elseif ($page == 'admin_user') {
$title = admin_user_title();
$content = admin_user();
} elseif ($page == 'admin_arrive') {
$title = admin_arrive_title();
$content = admin_arrive();
} elseif ($page == 'admin_active') {
$title = admin_active_title();
$content = admin_active();
} elseif ($page == 'admin_free') {
$title = admin_free_title();
$content = admin_free();
} elseif ($page == 'admin_news') {
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
$content = admin_news();
} elseif ($page == 'admin_rooms') {
$title = admin_rooms_title();
$content = admin_rooms();
} elseif ($page == 'admin_groups') {
$title = admin_groups_title();
$content = admin_groups();
} elseif ($page == 'admin_import') {
$title = admin_import_title();
$content = admin_import();
} elseif ($page == 'admin_shifts') {
$title = admin_shifts_title();
$content = admin_shifts();
} elseif ($page == 'admin_log') {
$title = admin_log_title();
$content = admin_log();
} elseif ($page == 'credits') {
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
$title = credits_title();
$content = guest_credits();
} else {
require_once realpath(__DIR__ . '/../includes/pages/guest_start.php');
$content = guest_start();
switch ($page) {
case 'api':
error('Api disabled temporarily.');
redirect(page_link_to());
break;
case 'ical':
require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
user_ical();
break;
case 'atom':
require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
user_atom();
break;
case 'shifts_json_export':
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
shifts_json_export_controller();
break;
case 'shifts_json_export_all':
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
shifts_json_export_all_controller();
break;
case 'stats':
require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
guest_stats();
break;
case 'user_password_recovery':
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
$title = user_password_recovery_title();
$content = user_password_recovery_controller();
break;
case 'angeltypes':
list($title, $content) = angeltypes_controller();
break;
case 'shifts':
list($title, $content) = shifts_controller();
break;
case 'users':
list($title, $content) = users_controller();
break;
case 'user_angeltypes':
list($title, $content) = user_angeltypes_controller();
break;
case 'user_driver_licenses':
list($title, $content) = user_driver_licenses_controller();
break;
case 'shifttypes':
list($title, $content) = shifttypes_controller();
break;
case 'admin_event_config':
list($title, $content) = event_config_edit_controller();
break;
case 'rooms':
list($title, $content) = rooms_controller();
break;
case 'news':
$title = news_title();
$content = user_news();
break;
case 'news_comments':
require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
$title = user_news_comments_title();
$content = user_news_comments();
break;
case 'user_meetings':
$title = meetings_title();
$content = user_meetings();
break;
case 'user_myshifts':
$title = myshifts_title();
$content = user_myshifts();
break;
case 'user_shifts':
$title = shifts_title();
$content = user_shifts();
break;
case 'user_messages':
$title = messages_title();
$content = user_messages();
break;
case 'user_questions':
$title = questions_title();
$content = user_questions();
break;
case 'user_settings':
$title = settings_title();
$content = user_settings();
break;
case 'login':
$title = login_title();
$content = guest_login();
break;
case 'register':
$title = register_title();
$content = guest_register();
break;
case 'logout':
$title = logout_title();
$content = guest_logout();
break;
case 'admin_questions':
$title = admin_questions_title();
$content = admin_questions();
break;
case 'admin_user':
$title = admin_user_title();
$content = admin_user();
break;
case 'admin_arrive':
$title = admin_arrive_title();
$content = admin_arrive();
break;
case 'admin_active':
$title = admin_active_title();
$content = admin_active();
break;
case 'admin_free':
$title = admin_free_title();
$content = admin_free();
break;
case 'admin_news':
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
$content = admin_news();
break;
case 'admin_rooms':
$title = admin_rooms_title();
$content = admin_rooms();
break;
case 'admin_groups':
$title = admin_groups_title();
$content = admin_groups();
break;
case 'admin_import':
$title = admin_import_title();
$content = admin_import();
break;
case 'admin_shifts':
$title = admin_shifts_title();
$content = admin_shifts();
break;
case 'admin_log':
$title = admin_log_title();
$content = admin_log();
break;
case 'credits':
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
$title = credits_title();
$content = guest_credits();
break;
default:
require_once realpath(__DIR__ . '/../includes/pages/guest_start.php');
$content = guest_start();
break;
}
} else {
// Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
@ -166,14 +212,23 @@ if (
$event_config = EventConfig();
$parameters = [
'key' => (isset($user) ? $user['api_key'] : ''),
];
if ($page == 'user_meetings') {
$parameters['meetings'] = 1;
}
echo view(__DIR__ . '/../templates/layout.html', [
'theme' => isset($user) ? $user['color'] : config('theme'),
'title' => $title,
'atom_link' => ($page == 'news' || $page == 'user_meetings')
? ' <link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&meetings=1' : '')
. '&amp;key=' . (isset($user) ? $user['api_key'] : '')
? ' <link href="'
. page_link_to('atom', $parameters)
. '" type = "application/atom+xml" rel = "alternate" title = "Atom Feed">'
: '',
'start_page_url' => page_link_to('/'),
'credits_url' => page_link_to('credits'),
'menu' => make_menu(),
'content' => msg() . $content,
'header_toolbar' => header_toolbar(),

View File

@ -79,9 +79,10 @@ class Db
return self::$stm->fetchAll(PDO::FETCH_ASSOC);
}
/**
* Run a select query and return only the first result or null if no result is found.
*
* @param string $query
* @param array $bindings
* @return array|null
@ -89,11 +90,11 @@ class Db
public static function selectOne($query, array $bindings = [])
{
$result = self::select($query, $bindings);
if(empty($result)) {
if (empty($result)) {
return null;
}
return array_shift($result);
}

View File

@ -34,7 +34,9 @@ class Handler
*/
public function errorHandler($number, $string, $file, $line, $context)
{
$this->handle('error', $number, $string, $file, $line, $context);
$trace = array_reverse(debug_backtrace());
$this->handle('error', $number, $string, $file, $line, $context, $trace);
}
/**
@ -59,8 +61,9 @@ class Handler
* @param string $file
* @param int $line
* @param array $context
* @param array $trace
*/
protected function handle($type, $number, $string, $file, $line, $context = [])
protected function handle($type, $number, $string, $file, $line, $context = [], $trace = [])
{
error_log(sprintf('%s: Number: %s, String: %s, File: %s:%u, Context: %s',
$type,
@ -71,13 +74,16 @@ class Handler
json_encode($context)
));
$file = $this->stripBasePath($file);
if ($this->environment == self::ENV_DEVELOPMENT) {
echo '<pre style="background-color:#333;color:#ccc;z-index:1000;position:absolute;top:1em;padding:1em;width:97%;overflow-y:auto;">';
echo '<pre style="background-color:#333;color:#ccc;z-index:1000;position:fixed;bottom:1em;padding:1em;width:97%;max-height: 90%;overflow-y:auto;">';
echo sprintf('%s: (%s)' . PHP_EOL, ucfirst($type), $number);
var_export([
'string' => $string,
'file' => $file . ':' . $line,
'context' => ($this->environment == self::ENV_DEVELOPMENT ? $context : null),
'string' => $string,
'file' => $file . ':' . $line,
'context' => $context,
'stacktrace' => $this->formatStackTrace($trace),
]);
echo '</pre>';
die();
@ -87,6 +93,44 @@ class Handler
die();
}
/**
* @param array $stackTrace
* @return array
*/
protected function formatStackTrace($stackTrace)
{
$return = [];
foreach ($stackTrace as $trace) {
$path = '';
$line = '';
if (isset($trace['file']) && isset($trace['line'])) {
$path = $this->stripBasePath($trace['file']);
$line = $trace['line'];
}
$functionName = $trace['function'];
$return[] = [
'file' => $path . ':' . $line,
$functionName => $trace['args'],
];
}
return $return;
}
/**
* @param string $path
* @return string
*/
protected function stripBasePath($path)
{
$basePath = realpath(__DIR__ . '/../..') . '/';
return str_replace($basePath, '', $path);
}
/**
* @param string $environment
*/

View File

@ -3,43 +3,13 @@
namespace Engelsystem\Http;
use ErrorException;
use Symfony\Component\HttpFoundation\Request as SymfonyRequest;
class Request
class Request extends SymfonyRequest
{
/** @var self */
protected static $instance;
/** @var array of POST data */
protected $request;
/** @var array of GET data */
protected $query;
/**
* Initialize request
*/
public function create()
{
$this->request = $_POST;
$this->query = $_GET;
}
/**
* Get GET input
*
* @param string $key
* @param mixed $default
* @return mixed
*/
public function get($key, $default = null)
{
if (!empty($this->query[$key])) {
return $this->query[$key];
}
return $default;
}
/**
* Get POST input
*
@ -47,13 +17,9 @@ class Request
* @param mixed $default
* @return mixed
*/
public function post($key, $default = null)
public function postData($key, $default = null)
{
if (!empty($this->request[$key])) {
return $this->request[$key];
}
return $default;
return $this->request->get($key, $default);
}
/**
@ -65,13 +31,7 @@ class Request
*/
public function input($key, $default = null)
{
$data = $this->request + $this->query;
if (isset($data[$key])) {
return $data[$key];
}
return $default;
return $this->get($key, $default);
}
/**
@ -82,9 +42,31 @@ class Request
*/
public function has($key)
{
$data = $this->request + $this->query;
$value = $this->input($key);
return isset($data[$key]);
return !empty($value);
}
/**
* Get the requested path
*
* @return string
*/
public function path()
{
$pattern = trim($this->getPathInfo(), '/');
return $pattern == '' ? '/' : $pattern;
}
/**
* Return the current URL
*
* @return string
*/
public function url()
{
return rtrim(preg_replace('/\?.*/', '', $this->getUri()), '/');
}
/**

View File

@ -0,0 +1,27 @@
<?php
namespace Engelsystem\Routing;
use Engelsystem\Http\Request;
class UrlGenerator
{
/**
* @param string $path
* @param array $parameters
* @return string
*/
public static function to($path, $parameters = [])
{
$path = '/' . ltrim($path, '/');
$request = Request::getInstance();
$uri = $request->getUriForPath($path);
if (!empty($parameters) && is_array($parameters)) {
$parameters = http_build_query($parameters);
$uri .= '?' . $parameters;
}
return $uri;
}
}

View File

@ -4,6 +4,8 @@
use Engelsystem\Config\Config;
use Engelsystem\Http\Request;
use Engelsystem\Renderer\Renderer;
use Engelsystem\Routing\UrlGenerator;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
/**
* Get or set config values
@ -41,6 +43,22 @@ function request($key = null, $default = null)
return $request->input($key, $default);
}
/**
* @param string $key
* @param mixed $default
* @return SessionInterface|mixed
*/
function session($key = null, $default = null)
{
$session = request()->getSession();
if (is_null($key)) {
return $session;
}
return $session->get($key, $default);
}
/**
* @param string $template
* @param mixed[] $data
@ -56,3 +74,13 @@ function view($template = null, $data = null)
return $renderer->render($template, $data);
}
/**
* @param string $path
* @param array $parameters
* @return string
*/
function url($path, $parameters = [])
{
return UrlGenerator::to($path, $parameters);
}

View File

@ -20,11 +20,10 @@
<div class="col-md-4">
<h2>Hosting</h2>
<p>
Webspace, development platform and domain on <a href="https://engelsystem.de">engelsystem.de</a> is currently provided by
<a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)
Webspace, development platform and domain on <a href="https://engelsystem.de">engelsystem.de</a>
is currently provided by <a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)
and adminstrated by <a href="http://mortzu.de/">mortzu</a>,
<a href="http://derf.homelinux.org/">derf</a>
and ichdasich.
<a href="http://derf.homelinux.org/">derf</a> and ichdasich.
</p>
</div>
<div class="col-md-4">

View File

@ -22,7 +22,9 @@
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
<a class="navbar-brand" href="%start_page_url%">
<span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
</a>
</div>
<div class="collapse navbar-collapse" id="navbar-collapse-1">%menu% %header_toolbar%</div>
</div>
@ -38,7 +40,7 @@
· <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a>
· <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
· <a href="?p=credits">Credits</a>
· <a href="%credits_url%">Credits</a>
</div>
</div>
</div>

View File

@ -21,7 +21,7 @@
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="?">
<a class="navbar-brand" href="#">
<span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
</a>
</div>

View File

@ -4,12 +4,14 @@
var days = document.getElementById(id + '_day').getElementsByTagName(
'option');
for (var i = 0; i < days.length; i++) {
if (days[i].value == moment().format('YYYY-MM-DD'))
if (days[i].value === moment().format('YYYY-MM-DD')) {
days[i].selected = true;
}
}
}
</script>
<form class="form-inline" action="" method="get">
<form class="form-inline" action="">
<input type="hidden" name="p" value="user_shifts">
<div class="row">
<div class="col-md-6">
@ -17,7 +19,7 @@
<div class="form-group">%start_select%</div>
<div class="form-group">
<div class="input-group">
<input class="form-control" type="text" id="start_time" name="start_time" size="5"
<input class="form-control" id="start_time" name="start_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
<div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');">
@ -30,7 +32,7 @@
<div class="form-group">%end_select%</div>
<div class="form-group">
<div class="input-group">
<input class="form-control" type="text" id="end_time" name="end_time" size="5"
<input class="form-control" id="end_time" name="end_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
<div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');">
@ -46,8 +48,11 @@
</div>
<div class="row">
<div class="col-md-6">
<div>%task_notice%</div>
<input class="btn btn-primary" type="submit" style="width: 75%; margin-bottom: 20px" value="%filter%">
<div>%assign_notice%</div>
</div>
<div class="col-md-6">
<div><p>%task_notice%</p></div>
<input class="btn btn-primary" type="submit" style="width:75%; margin-bottom: 20px" value="%filter%">
</div>
</div>
</form>