iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #344 from MyIgel/master 

Prepared routing, added symfony http Closes #336 and closes #337
This commit is contained in:
msquare 2017-09-11 17:52:55 +02:00 committed by GitHub
parent 581b81f1b2 0a20883aa8
commit 3591606130
62 changed files with 1132 additions and 708 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -8,7 +8,7 @@ Please visit https://engelsystem.de for a feature list.
## Installation ## Installation
### Requirements: ### Requirements:
* PHP >= 5.6.4, PHP >= 7.0.0 recommended * PHP >= 7.0.0
* MySQL-Server >= 5.5.x * MySQL-Server >= 5.5.x
* Webserver, i.e. lighttpd, nginx, or Apache * Webserver, i.e. lighttpd, nginx, or Apache

7
composer.json
View File

@ -14,12 +14,13 @@
} }
], ],
"require": { "require": {
"php": ">=5.6.4", "php": ">=7.0.0",
"erusev/parsedown": "1.6.*", "erusev/parsedown": "1.6.*",
"twbs/bootstrap": "^3.3" "twbs/bootstrap": "^3.3",
"symfony/http-foundation": "^3.3"
}, },
"require-dev": { "require-dev": {
"phpunit/phpunit": "^6.2" "phpunit/phpunit": "^6.3"
}, },
"autoload": { "autoload": {
"psr-4": { "psr-4": {

27
config/config.default.php
View File

@ -4,7 +4,7 @@
return [ return [
// MySQL-Connection Settings // MySQL-Connection Settings
'database' => [ 'database' => [
'host' => 'localhost', 'host' => 'localhost',
'user' => 'root', 'user' => 'root',
'pw' => '', 'pw' => '',
@ -12,28 +12,28 @@ return [
], ],
// For accessing stats // For accessing stats
'api_key' => '', 'api_key' => '',
// Enable maintenance mode (show a static page) // Enable maintenance mode (show a static page)
'maintenance' => false, 'maintenance' => false,
// Set to development to enable debugging messages // Set to development to enable debugging messages
'environment' => 'production', 'environment' => 'production',
// URL to the angel faq and job description // URL to the angel faq and job description
'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers', 'faq_url' => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers',
// Contact email address, linked on every page // Contact email address, linked on every page
'contact_email' => 'mailto:ticket@c3heaven.de', 'contact_email' => 'mailto:ticket@c3heaven.de',
// From address of all emails // From address of all emails
'no_reply_email' => 'noreply@engelsystem.de', 'no_reply_email' => 'noreply@engelsystem.de',
// Default theme, 1=style1.css // Default theme, 1=style1.css
'theme' => 1, 'theme' => 1,
// Available themes // Available themes
'available_themes' => [ 'available_themes' => [
'4' => 'Engelsystem 33c3 (2016)', '4' => 'Engelsystem 33c3 (2016)',
'3' => 'Engelsystem 32c3 (2015)', '3' => 'Engelsystem 32c3 (2015)',
'2' => 'Engelsystem cccamp15', '2' => 'Engelsystem cccamp15',
@ -42,10 +42,13 @@ return [
], ],
// Number of News shown on one site // Number of News shown on one site
'display_news' => 6, 'display_news' => 6,
// Only arrived angels can sign up for shifts
'signup_requires_arrival' => false,
// Anzahl Stunden bis zum Austragen eigener Schichten // Anzahl Stunden bis zum Austragen eigener Schichten
'last_unsubscribe' => 3, 'last_unsubscribe' => 3,
// Setzt den zu verwendenden Crypto-Algorithmus (entsprechend der Dokumentation von crypt()). // Setzt den zu verwendenden Crypto-Algorithmus (entsprechend der Dokumentation von crypt()).
// Falls ein Benutzerpasswort in einem anderen Format gespeichert ist, // Falls ein Benutzerpasswort in einem anderen Format gespeichert ist,
@ -55,7 +58,7 @@ return [
// Blowfish '$2y$13' // Blowfish '$2y$13'
// SHA-256 '$5$rounds=5000' // SHA-256 '$5$rounds=5000'
// SHA-512 '$6$rounds=5000' // SHA-512 '$6$rounds=5000'
'crypt_alg' => '$6$rounds=5000', // SHA-512 'crypt_alg' => '$6$rounds=5000',
'min_password_length' => 8, 'min_password_length' => 8,

22
db/update.sql
View File

@ -8,19 +8,23 @@ ALTER TABLE `User` ADD COLUMN `email_by_human_allowed` BOOLEAN NOT NULL;
-- No Self Sign Up for some Angel Types -- No Self Sign Up for some Angel Types
ALTER TABLE AngelTypes ADD no_self_signup TINYINT(1) NOT NULL; ALTER TABLE AngelTypes ADD no_self_signup TINYINT(1) NOT NULL;
ALTER TABLE `AngelTypes` ALTER TABLE `AngelTypes`
ADD `contact_user_id` INT NULL, ADD `contact_user_id` INT NULL,
ADD `contact_name` VARCHAR(250) NULL, ADD `contact_name` VARCHAR(250) NULL,
ADD `contact_dect` VARCHAR(5) NULL, ADD `contact_dect` VARCHAR(5) NULL,
ADD `contact_email` VARCHAR(250) NULL, ADD `contact_email` VARCHAR(250) NULL,
ADD INDEX (`contact_user_id`); ADD INDEX (`contact_user_id`);
ALTER TABLE `AngelTypes` ALTER TABLE `AngelTypes`
ADD FOREIGN KEY (`contact_user_id`) REFERENCES `User`(`UID`) ON DELETE SET NULL ON UPDATE CASCADE; ADD FOREIGN KEY (`contact_user_id`) REFERENCES `User`(`UID`) ON DELETE SET NULL ON UPDATE CASCADE;
INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (NULL, 'shiftentry_edit_angeltype_supporter', 'If user with this privilege is angeltype supporter, he can put users in shifts for their angeltype'); INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (NULL, 'shiftentry_edit_angeltype_supporter', 'If user with this privilege is angeltype supporter, he can put users in shifts for their angeltype');
-- DB Performance -- DB Performance
ALTER TABLE `Shifts` ADD INDEX(`start`); ALTER TABLE `Shifts` ADD INDEX(`start`);
ALTER TABLE `NeededAngelTypes` ADD INDEX(`count`); ALTER TABLE `NeededAngelTypes` ADD INDEX(`count`);
-- Security
UPDATE `Groups` SET UID = UID * 10;
INSERT INTO `Groups` (Name, UID) VALUES ('News Admin', -65);
INSERT INTO `Privileges` (id, name, `desc`) VALUES (42, 'admin_news_html', 'Use HTML in news');
INSERT INTO `GroupPrivileges` (group_id, privilege_id) VALUES (-65, 14), (-65, 42);

9
includes/autoload.php Normal file
View File

@ -0,0 +1,9 @@
<?php
// Check for autoloader
if (!is_readable(__DIR__ . '/../vendor/autoload.php')) {
die('Please run composer.phar install');
}
// Include composer autoloader
require_once __DIR__ . '/../vendor/autoload.php';

26
includes/controller/angeltypes_controller.php
View File

@ -42,7 +42,7 @@ function angeltypes_controller()
*/ */
function angeltype_link($angeltype_id) function angeltype_link($angeltype_id)
{ {
return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id; return page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype_id]);
} }
/** /**
@ -127,7 +127,7 @@ function angeltype_edit_controller()
if (!$supporter_mode) { if (!$supporter_mode) {
if ($request->has('name')) { if ($request->has('name')) {
$result = AngelType_validate_name($request->input('name'), $angeltype); $result = AngelType_validate_name($request->postData('name'), $angeltype);
$angeltype['name'] = $result->getValue(); $angeltype['name'] = $result->getValue();
if (!$result->isValid()) { if (!$result->isValid()) {
$valid = false; $valid = false;
@ -211,17 +211,21 @@ function angeltypes_list_controller()
foreach ($angeltypes as &$angeltype) { foreach ($angeltypes as &$angeltype) {
$actions = [ $actions = [
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('view'), 'btn-xs') button(
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('view'),
'btn-xs'
)
]; ];
if (in_array('admin_angel_types', $privileges)) { if (in_array('admin_angel_types', $privileges)) {
$actions[] = button( $actions[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], page_link_to('angeltypes', ['action' => 'edit', 'angeltype_id' => $angeltype['id']]),
_('edit'), _('edit'),
'btn-xs' 'btn-xs'
); );
$actions[] = button( $actions[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], page_link_to('angeltypes', ['action' => 'delete', 'angeltype_id' => $angeltype['id']]),
_('delete'), _('delete'),
'btn-xs' 'btn-xs'
); );
@ -230,13 +234,15 @@ function angeltypes_list_controller()
$angeltype['membership'] = AngelType_render_membership($angeltype); $angeltype['membership'] = AngelType_render_membership($angeltype);
if ($angeltype['user_angeltype_id'] != null) { if ($angeltype['user_angeltype_id'] != null) {
$actions[] = button( $actions[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], page_link_to('user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $angeltype['user_angeltype_id']]
),
_('leave'), _('leave'),
'btn-xs' 'btn-xs'
); );
} else { } else {
$actions[] = button( $actions[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
_('join'), _('join'),
'btn-xs' 'btn-xs'
); );
@ -245,7 +251,11 @@ function angeltypes_list_controller()
$angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : ''; $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : '';
$angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share'); $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share');
$angeltype['name'] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'] . '">' . $angeltype['name'] . '</a>'; $angeltype['name'] = '<a href="'
. page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])
. '">'
. $angeltype['name']
. '</a>';
$angeltype['actions'] = table_buttons($actions); $angeltype['actions'] = table_buttons($actions);
} }

5
includes/controller/rooms_controller.php
View File

@ -1,4 +1,5 @@
<?php <?php
use Engelsystem\ShiftsFilter; use Engelsystem\ShiftsFilter;
use Engelsystem\ShiftsFilterRenderer; use Engelsystem\ShiftsFilterRenderer;
@ -88,7 +89,7 @@ function rooms_controller()
*/ */
function room_link($room) function room_link($room)
{ {
return page_link_to('rooms') . '&action=view&room_id=' . $room['RID']; return page_link_to('rooms', ['action' => 'view', 'room_id' => $room['RID']]);
} }
/** /**
@ -97,7 +98,7 @@ function room_link($room)
*/ */
function room_edit_link($room) function room_edit_link($room)
{ {
return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID']; return page_link_to('admin_rooms', ['show' => 'edit', 'id' => $room['RID']]);
} }
/** /**

8
includes/controller/shift_entries_controller.php
View File

@ -13,7 +13,7 @@ function shift_entry_add_controller()
$request = request(); $request = request();
$shift_id = 0; $shift_id = 0;
if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) { if ($request->has('shift_id') && preg_match('/^\d+$/', $request->input('shift_id'))) {
$shift_id = $request->input('shift_id'); $shift_id = $request->input('shift_id');
} else { } else {
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
@ -27,13 +27,13 @@ function shift_entry_add_controller()
} }
$shift = Shift($shift_id); $shift = Shift($shift_id);
$shift['Name'] = $room_array[$shift['RID']];
if ($shift == null) { if ($shift == null) {
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
$shift['Name'] = $room_array[$shift['RID']];
$type_id = 0; $type_id = 0;
if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) { if ($request->has('type_id') && preg_match('/^\d+$/', $request->input('type_id'))) {
$type_id = $request->input('type_id'); $type_id = $request->input('type_id');
} else { } else {
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
@ -64,7 +64,7 @@ function shift_entry_add_controller()
if ( if (
$request->has('user_id') $request->has('user_id')
&& preg_match('/^\d*$/', $request->input('user_id')) && preg_match('/^\d+$/', $request->input('user_id'))
&& ( && (
in_array('user_shifts_admin', $privileges) in_array('user_shifts_admin', $privileges)
|| in_array('shiftentry_edit_angeltype_supporter', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)

45
includes/controller/shifts_controller.php
View File

@ -1,4 +1,5 @@
<?php <?php
use Engelsystem\ShiftSignupState; use Engelsystem\ShiftSignupState;
/** /**
@ -7,10 +8,13 @@ use Engelsystem\ShiftSignupState;
*/ */
function shift_link($shift) function shift_link($shift)
{ {
$link = page_link_to('shifts') . '&action=view'; $parameters = ['action' => 'view'];
if (isset($shift['SID'])) { if (isset($shift['SID'])) {
$link .= '&shift_id=' . $shift['SID']; $parameters['shift_id'] = $shift['SID'];
} }
$link = page_link_to('shifts', $parameters);
return $link; return $link;
} }
@ -20,7 +24,7 @@ function shift_link($shift)
*/ */
function shift_delete_link($shift) function shift_delete_link($shift)
{ {
return page_link_to('user_shifts') . '&delete_shift=' . $shift['SID']; return page_link_to('user_shifts', ['delete_shift' => $shift['SID']]);
} }
/** /**
@ -29,7 +33,7 @@ function shift_delete_link($shift)
*/ */
function shift_edit_link($shift) function shift_edit_link($shift)
{ {
return page_link_to('user_shifts') . '&edit_shift=' . $shift['SID']; return page_link_to('user_shifts', ['edit_shift' => $shift['SID']]);
} }
/** /**
@ -61,7 +65,7 @@ function shift_edit_controller()
$angeltypes = select_array(AngelTypes(), 'id', 'name'); $angeltypes = select_array(AngelTypes(), 'id', 'name');
$shifttypes = select_array(ShiftTypes(), 'id', 'name'); $shifttypes = select_array(ShiftTypes(), 'id', 'name');
$needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'id', 'count'); $needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'angel_type_id', 'count');
foreach (array_keys($angeltypes) as $angeltype_id) { foreach (array_keys($angeltypes) as $angeltype_id) {
if (!isset($needed_angel_types[$angeltype_id])) { if (!isset($needed_angel_types[$angeltype_id])) {
$needed_angel_types[$angeltype_id] = 0; $needed_angel_types[$angeltype_id] = 0;
@ -116,15 +120,20 @@ function shift_edit_controller()
$msg .= error(_('The ending time has to be after the starting time.'), true); $msg .= error(_('The ending time has to be after the starting time.'), true);
} }
foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) { foreach ($needed_angel_types as $needed_angeltype_id => $count) {
if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) { $needed_angel_types[$needed_angeltype_id] = 0;
$needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id));
} else { $queryKey = 'type_' . $needed_angeltype_id;
$valid = false; if ($request->has($queryKey)) {
$msg .= error(sprintf( if (test_request_int($queryKey)) {
_('Please check your input for needed angels of type %s.'), $needed_angel_types[$needed_angeltype_id] = trim($request->input($queryKey));
$needed_angeltype_name } else {
), true); $valid = false;
$msg .= error(sprintf(
_('Please check your input for needed angels of type %s.'),
$angeltypes[$needed_angeltype_id]
), true);
}
} }
} }
@ -195,7 +204,7 @@ function shift_delete_controller()
} }
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg) // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) { if (!$request->has('delete_shift') || !preg_match('/^\d+$/', $request->input('delete_shift'))) {
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
$shift_id = $request->input('delete_shift'); $shift_id = $request->input('delete_shift');
@ -225,7 +234,9 @@ function shift_delete_controller()
date('Y-m-d H:i', $shift['start']), date('Y-m-d H:i', $shift['start']),
date('H:i', $shift['end']) date('H:i', $shift['end'])
), true), ), true),
'<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _('delete') . '</a>' '<a class="button" href="'
. page_link_to('user_shifts', ['delete_shift' => $shift_id, 'delete' => 1]) .
'">' . _('delete') . '</a>'
]); ]);
} }
@ -308,8 +319,6 @@ function shifts_controller()
/** /**
* Redirects the user to his next shift. * Redirects the user to his next shift.
*
* @return false
*/ */
function shift_next_controller() function shift_next_controller()
{ {

4
includes/controller/shifttypes_controller.php
View File

@ -6,7 +6,7 @@
*/ */
function shifttype_link($shifttype) function shifttype_link($shifttype)
{ {
return page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id']; return page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype['id']]);
} }
/** /**
@ -100,7 +100,7 @@ function shifttype_edit_controller()
engelsystem_log('Created shifttype ' . $name); engelsystem_log('Created shifttype ' . $name);
success(_('Created shifttype.')); success(_('Created shifttype.'));
} }
redirect(page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype_id); redirect(page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype_id]));
} }
} }

17
includes/controller/user_angeltypes_controller.php
View File

@ -17,8 +17,7 @@ function user_angeltypes_unconfirmed_hint()
$unconfirmed_links = []; $unconfirmed_links = [];
foreach ($unconfirmed_user_angeltypes as $user_angeltype) { foreach ($unconfirmed_user_angeltypes as $user_angeltype) {
$unconfirmed_links[] = '<a href="' $unconfirmed_links[] = '<a href="'
. page_link_to('angeltypes') . page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $user_angeltype['angeltype_id']])
. '&action=view&angeltype_id=' . $user_angeltype['angeltype_id']
. '">' . $user_angeltype['name'] . '">' . $user_angeltype['name']
. ' (+' . $user_angeltype['count'] . ')' . ' (+' . $user_angeltype['count'] . ')'
. '</a>'; . '</a>';
@ -61,7 +60,7 @@ function user_angeltypes_delete_all_controller()
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype))); engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
success(sprintf(_('Denied all users for angeltype %s.'), AngelType_name_render($angeltype))); success(sprintf(_('Denied all users for angeltype %s.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
return [ return [
@ -107,7 +106,7 @@ function user_angeltypes_confirm_all_controller()
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype))); engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
success(sprintf(_('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype))); success(sprintf(_('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
return [ return [
@ -167,7 +166,7 @@ function user_angeltype_confirm_controller()
User_Nick_render($user_source), User_Nick_render($user_source),
AngelType_name_render($angeltype) AngelType_name_render($angeltype)
)); ));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
return [ return [
@ -221,7 +220,7 @@ function user_angeltype_delete_controller()
engelsystem_log($success_message); engelsystem_log($success_message);
success($success_message); success($success_message);
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
return [ return [
@ -287,7 +286,7 @@ function user_angeltype_update_controller()
engelsystem_log($success_message); engelsystem_log($success_message);
success($success_message); success($success_message);
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
return [ return [
@ -341,7 +340,7 @@ function user_angeltype_add_controller()
AngelType_name_render($angeltype) AngelType_name_render($angeltype)
)); ));
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
} }
@ -383,7 +382,7 @@ function user_angeltype_join_controller($angeltype)
)); ));
} }
redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']); redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]));
} }
return [ return [

2
includes/controller/user_driver_licenses_controller.php
View File

@ -63,7 +63,7 @@ function user_driver_license_edit_link($user = null)
if ($user == null) { if ($user == null) {
return page_link_to('user_driver_licenses'); return page_link_to('user_driver_licenses');
} }
return page_link_to('user_driver_licenses') . '&user_id=' . $user['UID']; return page_link_to('user_driver_licenses', ['user_id' => $user['UID']]);
} }
/** /**

18
includes/controller/users_controller.php
View File

@ -47,7 +47,7 @@ function user_delete_controller()
$request = request(); $request = request();
if ($request->has('user_id')) { if ($request->has('user_id')) {
$user_source = User($request->get('user_id')); $user_source = User($request->query->get('user_id'));
} else { } else {
$user_source = $user; $user_source = $user;
} }
@ -68,7 +68,7 @@ function user_delete_controller()
if ( if (
!( !(
$request->has('password') $request->has('password')
&& verify_password($request->post('password'), $user['Passwort'], $user['UID']) && verify_password($request->postData('password'), $user['Passwort'], $user['UID'])
) )
) { ) {
$valid = false; $valid = false;
@ -106,7 +106,7 @@ function users_link()
*/ */
function user_edit_link($user) function user_edit_link($user)
{ {
return page_link_to('admin_user') . '&user_id=' . $user['UID']; return page_link_to('admin_user', ['user_id' => $user['UID']]);
} }
/** /**
@ -115,7 +115,7 @@ function user_edit_link($user)
*/ */
function user_delete_link($user) function user_delete_link($user)
{ {
return page_link_to('users') . '&action=delete&user_id=' . $user['UID']; return page_link_to('users', ['action' => 'delete', 'user_id' => $user['UID']]);
} }
/** /**
@ -124,7 +124,7 @@ function user_delete_link($user)
*/ */
function user_link($user) function user_link($user)
{ {
return page_link_to('users') . '&action=view&user_id=' . $user['UID']; return page_link_to('users', ['action' => 'view', 'user_id' => $user['UID']]);
} }
/** /**
@ -297,9 +297,9 @@ function user_password_recovery_set_new_controller()
if ( if (
$request->has('password') $request->has('password')
&& strlen($request->post('password')) >= config('min_password_length') && strlen($request->postData('password')) >= config('min_password_length')
) { ) {
if ($request->post('password') != $request->post('password2')) { if ($request->postData('password') != $request->postData('password2')) {
$valid = false; $valid = false;
error(_('Your passwords don\'t match.')); error(_('Your passwords don\'t match.'));
} }
@ -309,7 +309,7 @@ function user_password_recovery_set_new_controller()
} }
if ($valid) { if ($valid) {
set_password($user_source['UID'], $request->post('password')); set_password($user_source['UID'], $request->postData('password'));
success(_('Password saved.')); success(_('Password saved.'));
redirect(page_link_to('login')); redirect(page_link_to('login'));
} }
@ -353,7 +353,7 @@ function user_password_recovery_start_controller()
_('Password recovery'), _('Password recovery'),
sprintf( sprintf(
_('Please visit %s to recover your password.'), _('Please visit %s to recover your password.'),
page_link_to_absolute('user_password_recovery') . '&token=' . $token page_link_to('user_password_recovery', ['token' => $token])
) )
); );
success(_('We sent an email containing your password recovery link.')); success(_('We sent an email containing your password recovery link.'));

161
includes/engelsystem_provider.php
View File

@ -6,16 +6,13 @@ use Engelsystem\Exceptions\Handler as ExceptionHandler;
use Engelsystem\Http\Request; use Engelsystem\Http\Request;
use Engelsystem\Renderer\HtmlEngine; use Engelsystem\Renderer\HtmlEngine;
use Engelsystem\Renderer\Renderer; use Engelsystem\Renderer\Renderer;
use Symfony\Component\HttpFoundation\Session\Session;
/** /**
* This file includes all needed functions, connects to the db etc. * This file includes all needed functions, connects to the db etc.
*/ */
if (!is_readable(__DIR__ . '/../vendor/autoload.php')) { require_once __DIR__ . '/autoload.php';
die('Please run composer.phar install');
}
require __DIR__ . '/../vendor/autoload.php';
/** /**
* Load configuration * Load configuration
@ -36,9 +33,10 @@ date_default_timezone_set($config->get('timezone'));
/** /**
* Initialize Request * Initialize Request
*
* @var Request $request
*/ */
$request = new Request(); $request = Request::createFromGlobals();
$request->create();
$request::setInstance($request); $request::setInstance($request);
/** /**
@ -86,88 +84,95 @@ Db::getPdo()->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
/** /**
* Include legacy code * Include legacy code
*/ */
require_once realpath(__DIR__ . '/../includes/sys_auth.php'); $includeFiles = [
require_once realpath(__DIR__ . '/../includes/sys_form.php'); __DIR__ . '/../includes/sys_auth.php',
require_once realpath(__DIR__ . '/../includes/sys_log.php'); __DIR__ . '/../includes/sys_form.php',
require_once realpath(__DIR__ . '/../includes/sys_menu.php'); __DIR__ . '/../includes/sys_log.php',
require_once realpath(__DIR__ . '/../includes/sys_page.php'); __DIR__ . '/../includes/sys_menu.php',
require_once realpath(__DIR__ . '/../includes/sys_template.php'); __DIR__ . '/../includes/sys_page.php',
__DIR__ . '/../includes/sys_template.php',
require_once realpath(__DIR__ . '/../includes/model/AngelType_model.php'); __DIR__ . '/../includes/model/AngelType_model.php',
require_once realpath(__DIR__ . '/../includes/model/EventConfig_model.php'); __DIR__ . '/../includes/model/EventConfig_model.php',
require_once realpath(__DIR__ . '/../includes/model/LogEntries_model.php'); __DIR__ . '/../includes/model/LogEntries_model.php',
require_once realpath(__DIR__ . '/../includes/model/Message_model.php'); __DIR__ . '/../includes/model/Message_model.php',
require_once realpath(__DIR__ . '/../includes/model/NeededAngelTypes_model.php'); __DIR__ . '/../includes/model/NeededAngelTypes_model.php',
require_once realpath(__DIR__ . '/../includes/model/Room_model.php'); __DIR__ . '/../includes/model/Room_model.php',
require_once realpath(__DIR__ . '/../includes/model/ShiftEntry_model.php'); __DIR__ . '/../includes/model/ShiftEntry_model.php',
require_once realpath(__DIR__ . '/../includes/model/Shifts_model.php'); __DIR__ . '/../includes/model/Shifts_model.php',
require_once realpath(__DIR__ . '/../includes/model/ShiftsFilter.php'); __DIR__ . '/../includes/model/ShiftsFilter.php',
require_once realpath(__DIR__ . '/../includes/model/ShiftSignupState.php'); __DIR__ . '/../includes/model/ShiftSignupState.php',
require_once realpath(__DIR__ . '/../includes/model/ShiftTypes_model.php'); __DIR__ . '/../includes/model/ShiftTypes_model.php',
require_once realpath(__DIR__ . '/../includes/model/UserAngelTypes_model.php'); __DIR__ . '/../includes/model/UserAngelTypes_model.php',
require_once realpath(__DIR__ . '/../includes/model/UserDriverLicenses_model.php'); __DIR__ . '/../includes/model/UserDriverLicenses_model.php',
require_once realpath(__DIR__ . '/../includes/model/UserGroups_model.php'); __DIR__ . '/../includes/model/UserGroups_model.php',
require_once realpath(__DIR__ . '/../includes/model/User_model.php'); __DIR__ . '/../includes/model/User_model.php',
require_once realpath(__DIR__ . '/../includes/model/ValidationResult.php'); __DIR__ . '/../includes/model/ValidationResult.php',
require_once realpath(__DIR__ . '/../includes/view/AngelTypes_view.php'); __DIR__ . '/../includes/view/AngelTypes_view.php',
require_once realpath(__DIR__ . '/../includes/view/EventConfig_view.php'); __DIR__ . '/../includes/view/EventConfig_view.php',
require_once realpath(__DIR__ . '/../includes/view/Questions_view.php'); __DIR__ . '/../includes/view/Questions_view.php',
require_once realpath(__DIR__ . '/../includes/view/Rooms_view.php'); __DIR__ . '/../includes/view/Rooms_view.php',
require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarLane.php'); __DIR__ . '/../includes/view/ShiftCalendarLane.php',
require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarRenderer.php'); __DIR__ . '/../includes/view/ShiftCalendarRenderer.php',
require_once realpath(__DIR__ . '/../includes/view/ShiftCalendarShiftRenderer.php'); __DIR__ . '/../includes/view/ShiftCalendarShiftRenderer.php',
require_once realpath(__DIR__ . '/../includes/view/ShiftsFilterRenderer.php'); __DIR__ . '/../includes/view/ShiftsFilterRenderer.php',
require_once realpath(__DIR__ . '/../includes/view/Shifts_view.php'); __DIR__ . '/../includes/view/Shifts_view.php',
require_once realpath(__DIR__ . '/../includes/view/ShiftEntry_view.php'); __DIR__ . '/../includes/view/ShiftEntry_view.php',
require_once realpath(__DIR__ . '/../includes/view/ShiftTypes_view.php'); __DIR__ . '/../includes/view/ShiftTypes_view.php',
require_once realpath(__DIR__ . '/../includes/view/UserAngelTypes_view.php'); __DIR__ . '/../includes/view/UserAngelTypes_view.php',
require_once realpath(__DIR__ . '/../includes/view/UserDriverLicenses_view.php'); __DIR__ . '/../includes/view/UserDriverLicenses_view.php',
require_once realpath(__DIR__ . '/../includes/view/UserHintsRenderer.php'); __DIR__ . '/../includes/view/UserHintsRenderer.php',
require_once realpath(__DIR__ . '/../includes/view/User_view.php'); __DIR__ . '/../includes/view/User_view.php',
require_once realpath(__DIR__ . '/../includes/controller/angeltypes_controller.php'); __DIR__ . '/../includes/controller/angeltypes_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/event_config_controller.php'); __DIR__ . '/../includes/controller/event_config_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/rooms_controller.php'); __DIR__ . '/../includes/controller/rooms_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/shift_entries_controller.php'); __DIR__ . '/../includes/controller/shift_entries_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); __DIR__ . '/../includes/controller/shifts_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/shifttypes_controller.php'); __DIR__ . '/../includes/controller/shifttypes_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php'); __DIR__ . '/../includes/controller/users_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/user_angeltypes_controller.php'); __DIR__ . '/../includes/controller/user_angeltypes_controller.php',
require_once realpath(__DIR__ . '/../includes/controller/user_driver_licenses_controller.php'); __DIR__ . '/../includes/controller/user_driver_licenses_controller.php',
require_once realpath(__DIR__ . '/../includes/helper/graph_helper.php'); __DIR__ . '/../includes/helper/graph_helper.php',
require_once realpath(__DIR__ . '/../includes/helper/internationalization_helper.php'); __DIR__ . '/../includes/helper/internationalization_helper.php',
require_once realpath(__DIR__ . '/../includes/helper/message_helper.php'); __DIR__ . '/../includes/helper/message_helper.php',
require_once realpath(__DIR__ . '/../includes/helper/error_helper.php'); __DIR__ . '/../includes/helper/error_helper.php',
require_once realpath(__DIR__ . '/../includes/helper/email_helper.php'); __DIR__ . '/../includes/helper/email_helper.php',
require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php'); __DIR__ . '/../includes/mailer/shifts_mailer.php',
require_once realpath(__DIR__ . '/../includes/mailer/users_mailer.php'); __DIR__ . '/../includes/mailer/users_mailer.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_active.php'); __DIR__ . '/../includes/pages/admin_active.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_arrive.php'); __DIR__ . '/../includes/pages/admin_arrive.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_free.php'); __DIR__ . '/../includes/pages/admin_free.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_groups.php'); __DIR__ . '/../includes/pages/admin_groups.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_import.php'); __DIR__ . '/../includes/pages/admin_import.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_log.php'); __DIR__ . '/../includes/pages/admin_log.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_questions.php'); __DIR__ . '/../includes/pages/admin_questions.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_rooms.php'); __DIR__ . '/../includes/pages/admin_rooms.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_shifts.php'); __DIR__ . '/../includes/pages/admin_shifts.php',
require_once realpath(__DIR__ . '/../includes/pages/admin_user.php'); __DIR__ . '/../includes/pages/admin_user.php',
require_once realpath(__DIR__ . '/../includes/pages/guest_login.php'); __DIR__ . '/../includes/pages/guest_login.php',
require_once realpath(__DIR__ . '/../includes/pages/user_messages.php'); __DIR__ . '/../includes/pages/user_messages.php',
require_once realpath(__DIR__ . '/../includes/pages/user_myshifts.php'); __DIR__ . '/../includes/pages/user_myshifts.php',
require_once realpath(__DIR__ . '/../includes/pages/user_news.php'); __DIR__ . '/../includes/pages/user_news.php',
require_once realpath(__DIR__ . '/../includes/pages/user_questions.php'); __DIR__ . '/../includes/pages/user_questions.php',
require_once realpath(__DIR__ . '/../includes/pages/user_settings.php'); __DIR__ . '/../includes/pages/user_settings.php',
require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php'); __DIR__ . '/../includes/pages/user_shifts.php',
];
foreach ($includeFiles as $file) {
require_once realpath($file);
}
/** /**
* Init application * Init application
*/ */
session_start(); $session = new Session();
$session->start();
$request->setSession($session);
gettext_init(); gettext_init();

25
includes/helper/internationalization_helper.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Engelsystem\Http\Request;
/** /**
* Return currently active locale * Return currently active locale
* *
@ -7,7 +9,7 @@
*/ */
function locale() function locale()
{ {
return $_SESSION['locale']; return session()->get('locale');
} }
/** /**
@ -27,11 +29,12 @@ function gettext_init()
{ {
$locales = config('locales'); $locales = config('locales');
$request = request(); $request = request();
$session = session();
if ($request->has('set_locale') && isset($locales[$request->input('set_locale')])) { if ($request->has('set_locale') && isset($locales[$request->input('set_locale')])) {
$_SESSION['locale'] = $request->input('set_locale'); $session->set('locale', $request->input('set_locale'));
} elseif (!isset($_SESSION['locale'])) { } elseif (!$session->has('locale')) {
$_SESSION['locale'] = config('default_locale'); $session->set('locale', config('default_locale'));
} }
gettext_locale(); gettext_locale();
@ -48,7 +51,7 @@ function gettext_init()
function gettext_locale($locale = null) function gettext_locale($locale = null)
{ {
if ($locale == null) { if ($locale == null) {
$locale = $_SESSION['locale']; $locale = session()->get('locale');
} }
putenv('LC_ALL=' . $locale); putenv('LC_ALL=' . $locale);
@ -62,14 +65,20 @@ function gettext_locale($locale = null)
*/ */
function make_langselect() function make_langselect()
{ {
$url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') > 0 ? '&' : '?') . 'set_locale='; $request = Request::getInstance();
$items = []; $items = [];
foreach (config('locales') as $locale => $name) { foreach (config('locales') as $locale => $name) {
$url = url($request->getPathInfo(), ['set_locale' => $locale]);
$items[] = toolbar_item_link( $items[] = toolbar_item_link(
htmlspecialchars($url) . $locale, htmlspecialchars($url),
'', '',
'<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name sprintf(
'<img src="%s" alt="%s" title="%2$s"> %2$s',
url('pic/flag/' . $locale . '.png'),
$name
)
); );
} }
return $items; return $items;

32
includes/helper/message_helper.php
View File

@ -7,12 +7,12 @@
*/ */
function msg() function msg()
{ {
if (!isset($_SESSION['msg'])) { $session = session();
return '';
} $message = $session->get('msg', '');
$msg = $_SESSION['msg']; $session->set('msg', '');
$_SESSION['msg'] = '';
return $msg; return $message;
} }
/** /**
@ -57,21 +57,23 @@ function success($msg, $immediately = false)
* @param string $class * @param string $class
* @param string $msg * @param string $msg
* @param bool $immediately * @param bool $immediately
* @return string|null * @return string
*/ */
function alert($class, $msg, $immediately = false) function alert($class, $msg, $immediately = false)
{ {
$session = session();
if (empty($msg)) {
return '';
}
if ($immediately) { if ($immediately) {
if ($msg == '') {
return '';
}
return '<div class="alert alert-' . $class . '">' . $msg . '</div>'; return '<div class="alert alert-' . $class . '">' . $msg . '</div>';
} }
if (!isset($_SESSION['msg'])) { $message = $session->get('msg', '');
$_SESSION['msg'] = ''; $message .= alert($class, $msg, true);
} $session->set('msg', $message);
$_SESSION['msg'] .= alert($class, $msg, true);
return null; return '';
} }

7
includes/model/Shifts_model.php
View File

@ -45,7 +45,7 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts
ORDER BY `start`'; ORDER BY `start`';
return DB::select( return DB::select(
$sql, $sql,
[ [
@ -245,6 +245,10 @@ function Shift_signup_allowed_angel(
) { ) {
$free_entries = Shift_free_entries($needed_angeltype, $shift_entries); $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
if (config('signup_requires_arrival') && !$user['Gekommen']) {
return new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, $free_entries);
}
if ($user_shifts == null) { if ($user_shifts == null) {
$user_shifts = Shifts_by_user($user); $user_shifts = Shifts_by_user($user);
} }
@ -444,6 +448,7 @@ function Shift_update($shift)
* *
* @param array $shift * @param array $shift
* @return bool|null * @return bool|null
* @throws Exception
*/ */
function Shift_update_by_psid($shift) function Shift_update_by_psid($shift)
{ {

2
includes/model/User_model.php
View File

@ -241,7 +241,7 @@ function Users_by_angeltype($angeltype)
`UserAngelTypes`.`id` AS `user_angeltype_id`, `UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`, `UserAngelTypes`.`confirm_user_id`,
`UserAngelTypes`.`supporter`, `UserAngelTypes`.`supporter`,
(`UserDriverLicenses`.`user_id` IS NOT NULL) as `wants_to_drive`, (`UserDriverLicenses`.`user_id` IS NOT NULL) AS `wants_to_drive`,
`UserDriverLicenses`.* `UserDriverLicenses`.*
FROM `User` FROM `User`
JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id` JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`

52
includes/pages/admin_active.php
View File

@ -82,9 +82,13 @@ function admin_active()
$limit = ''; $limit = '';
$msg = success(_('Marked angels.'), true); $msg = success(_('Marked angels.'), true);
} else { } else {
$set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; ' $set_active = '<a href="' . page_link_to('admin_active', ['search' => $search]) . '">&laquo; '
. _('back') . '</a> | <a href="' . _('back')
. page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">' . '</a> | <a href="'
. page_link_to(
'admin_active',
['search' => $search, 'count' => $count, 'set_active' => 1, 'ack' => 1]
) . '">'
. _('apply') . _('apply')
. '</a>'; . '</a>';
} }
@ -176,28 +180,46 @@ function admin_active()
$actions = []; $actions = [];
if ($usr['Aktiv'] == 0) { if ($usr['Aktiv'] == 0) {
$actions[] = '<a href="' $parameters = [
. page_link_to('admin_active') . '&amp;active=' . $usr['UID'] 'active' => $usr['UID'],
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' 'search' => $search,
];
if ($show_all_shifts) {
$parameters['show_all_shifts'] = 1;
}
$actions[] = '<a href="' . page_link_to('admin_active', $parameters) . '">'
. _('set active') . _('set active')
. '</a>'; . '</a>';
} }
if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) { if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
$actions[] = '<a href="' $parametersRemove = [
. page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] 'not_active' => $usr['UID'],
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' 'search' => $search,
];
$parametersShirt = [
'tshirt' => $usr['UID'],
'search' => $search,
];
if ($show_all_shifts) {
$parametersRemove['show_all_shifts'] = 1;
$parametersShirt['show_all_shifts'] = 1;
}
$actions[] = '<a href="' . page_link_to('admin_active', $parametersRemove) . '">'
. _('remove active') . _('remove active')
. '</a>'; . '</a>';
$actions[] = '<a href="' $actions[] = '<a href="' . page_link_to('admin_active', $parametersShirt) . '">'
. page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID']
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
. _('got t-shirt') . _('got t-shirt')
. '</a>'; . '</a>';
} }
if ($usr['Tshirt'] == 1) { if ($usr['Tshirt'] == 1) {
$actions[] = '<a href="' $parameters = [
. page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] 'not_tshirt' => $usr['UID'],
. ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' 'search' => $search,
];
if ($show_all_shifts) {
$parameters['show_all_shifts'] = 1;
}
$actions[] = '<a href="' . page_link_to('admin_active', $parameters) . '">'
. _('remove t-shirt') . _('remove t-shirt')
. '</a>'; . '</a>';
} }

14
includes/pages/admin_arrive.php
View File

@ -23,7 +23,7 @@ function admin_arrive()
$search = strip_request_item('search'); $search = strip_request_item('search');
} }
if ($request->has('reset') && preg_match('/^\d*$/', $request->input('reset'))) { if ($request->has('reset') && preg_match('/^\d+$/', $request->input('reset'))) {
$user_id = $request->input('reset'); $user_id = $request->input('reset');
$user_source = User($user_id); $user_source = User($user_id);
if ($user_source != null) { if ($user_source != null) {
@ -39,7 +39,7 @@ function admin_arrive()
} else { } else {
$msg = error(_('Angel not found.'), true); $msg = error(_('Angel not found.'), true);
} }
} elseif ($request->has('arrived') && preg_match('/^\d*$/', $request->input('arrived'))) { } elseif ($request->has('arrived') && preg_match('/^\d+$/', $request->input('arrived'))) {
$user_id = $request->input('arrived'); $user_id = $request->input('arrived');
$user_source = User($user_id); $user_source = User($user_id);
if ($user_source != null) { if ($user_source != null) {
@ -92,8 +92,14 @@ function admin_arrive()
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-'; $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-';
$usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : ''; $usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : '';
$usr['actions'] = $usr['Gekommen'] == 1 $usr['actions'] = $usr['Gekommen'] == 1
? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _('reset') . '</a>' ? '<a href="' . page_link_to(
: '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _('arrived') . '</a>'; 'admin_arrive',
['reset' => $usr['UID'], 'search' => $search]
) . '">' . _('reset') . '</a>'
: '<a href="' . page_link_to(
'admin_arrive',
['arrived' => $usr['UID'], 'search' => $search]
) . '">' . _('arrived') . '</a>';
if ($usr['arrival_date'] > 0) { if ($usr['arrival_date'] > 0) {
$day = date('Y-m-d', $usr['arrival_date']); $day = date('Y-m-d', $usr['arrival_date']);

2
includes/pages/admin_free.php
View File

@ -94,7 +94,7 @@ function admin_free()
'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'), 'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'),
'actions' => 'actions' =>
in_array('admin_user', $privileges) in_array('admin_user', $privileges)
? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _('edit'), 'btn-xs') ? button(page_link_to('admin_user', ['id' => $usr['UID']]), _('edit'), 'btn-xs')
: '' : ''
]; ];
} }

13
includes/pages/admin_groups.php
View File

@ -38,7 +38,8 @@ function admin_groups()
'name' => $group['Name'], 'name' => $group['Name'],
'privileges' => join(', ', $privileges_html), 'privileges' => join(', ', $privileges_html),
'actions' => button( 'actions' => button(
page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], page_link_to('admin_groups',
['action' => 'edit', 'id' => $group['UID']]),
_('edit'), _('edit'),
'btn-xs' 'btn-xs'
) )
@ -80,7 +81,8 @@ function admin_groups()
'privileges[]', 'privileges[]',
$privilege['desc'] . ' (' . $privilege['name'] . ')', $privilege['desc'] . ' (' . $privilege['name'] . ')',
$privilege['group_id'] != '', $privilege['group_id'] != '',
$privilege['id'] $privilege['id'],
'privilege-' . $privilege['name']
); );
$privileges_html .= sprintf( $privileges_html .= sprintf(
'<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>', '<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>',
@ -93,7 +95,10 @@ function admin_groups()
$privileges_form[] = form_submit('submit', _('Save')); $privileges_form[] = form_submit('submit', _('Save'));
$html .= page_with_title(_('Edit group'), [ $html .= page_with_title(_('Edit group'), [
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) form(
$privileges_form,
page_link_to('admin_groups', ['action' => 'save', 'id' => $group_id])
)
]); ]);
} else { } else {
return error('No Group found.', true); return error('No Group found.', true);
@ -108,7 +113,7 @@ function admin_groups()
} }
$group = DB::selectOne('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]); $group = DB::selectOne('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
$privileges = $request->get('privileges'); $privileges = $request->postData('privileges');
if (!is_array($privileges)) { if (!is_array($privileges)) {
$privileges = []; $privileges = [];
} }

22
includes/pages/admin_import.php
View File

@ -98,10 +98,12 @@ function admin_import()
if ($valid) { if ($valid) {
redirect( redirect(
page_link_to('admin_import') page_link_to('admin_import', [
. '&step=check&shifttype_id=' . $shifttype_id 'step' => 'check',
. '&add_minutes_end=' . $add_minutes_end 'shifttype_id' => $shifttype_id,
. '&add_minutes_start=' . $add_minutes_start 'add_minutes_end' => $add_minutes_end,
'add_minutes_start' => $add_minutes_start,
])
); );
} else { } else {
$html .= div('well well-sm text-center', [ $html .= div('well well-sm text-center', [
@ -207,10 +209,12 @@ function admin_import()
], shifts_printable($events_deleted, $shifttypes)), ], shifts_printable($events_deleted, $shifttypes)),
form_submit('submit', _('Import')) form_submit('submit', _('Import'))
], ],
page_link_to('admin_import') page_link_to('admin_import', [
. '&step=import&shifttype_id=' . $shifttype_id 'step' => 'import',
. '&add_minutes_end=' . $add_minutes_end 'shifttype_id' => $shifttype_id,
. '&add_minutes_start=' . $add_minutes_start 'add_minutes_end' => $add_minutes_end,
'add_minutes_start' => $add_minutes_start,
])
); );
break; break;
@ -248,7 +252,7 @@ function admin_import()
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) { foreach ($rooms_new as $room) {
$result = Room_create($room, true, true); $result = Room_create($room, true, true);
$rooms_import[trim($room)] = $result; $rooms_import[trim($room)] = $result;
} }
foreach ($rooms_deleted as $room) { foreach ($rooms_deleted as $room) {

37
includes/pages/admin_news.php
View File

@ -7,7 +7,7 @@ use Engelsystem\Database\DB;
*/ */
function admin_news() function admin_news()
{ {
global $user; global $user, $privileges;
$request = request(); $request = request();
if (!$request->has('action')) { if (!$request->has('action')) {
@ -30,21 +30,31 @@ function admin_news()
case 'edit': case 'edit':
$user_source = User($news['UID']); $user_source = User($news['UID']);
$html .= form([ $html .= form(
form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])), [
form_info(_('Author'), User_Nick_render($user_source)), form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])),
form_text('eBetreff', _('Subject'), $news['Betreff']), form_info(_('Author'), User_Nick_render($user_source)),
form_textarea('eText', _('Message'), $news['Text']), form_text('eBetreff', _('Subject'), $news['Betreff']),
form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1), form_textarea('eText', _('Message'), $news['Text']),
form_submit('submit', _('Save')) form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1),
], page_link_to('admin_news&action=save&id=' . $news_id)); form_submit('submit', _('Save'))
],
page_link_to('admin_news', ['action' => 'save', 'id' => $news_id])
);
$html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">' $html .= '<a class="btn btn-danger" href="'
. page_link_to('admin_news', ['action' => 'delete', 'id' => $news_id])
. '">'
. '<span class="glyphicon glyphicon-trash"></span> ' . _('Delete') . '<span class="glyphicon glyphicon-trash"></span> ' . _('Delete')
. '</a>'; . '</a>';
break; break;
case 'save': case 'save':
$text = $request->postData('eText');
if (!in_array('admin_news_html', $privileges)) {
$text = strip_tags($text);
}
DB::update(' DB::update('
UPDATE `News` SET UPDATE `News` SET
`Datum`=?, `Datum`=?,
@ -56,14 +66,15 @@ function admin_news()
', ',
[ [
time(), time(),
$request->post('eBetreff'), strip_tags($request->postData('eBetreff')),
$request->post('eText'), $text,
$user['UID'], $user['UID'],
$request->has('eTreffen') ? 1 : 0, $request->has('eTreffen') ? 1 : 0,
$news_id $news_id
] ]
); );
engelsystem_log('News updated: ' . $request->post('eBetreff'));
engelsystem_log('News updated: ' . $request->postData('eBetreff'));
success(_('News entry updated.')); success(_('News entry updated.'));
redirect(page_link_to('news')); redirect(page_link_to('news'));
break; break;

6
includes/pages/admin_questions.php
View File

@ -52,9 +52,9 @@ function admin_questions()
'answer' => form([ 'answer' => form([
form_textarea('answer', '', ''), form_textarea('answer', '', ''),
form_submit('submit', _('Save')) form_submit('submit', _('Save'))
], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), ], page_link_to('admin_questions', ['action' => 'answer', 'id' => $question['QID']])),
'actions' => button( 'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'], page_link_to('admin_questions', ['action' => 'delete', 'id' => $question['QID']]),
_('delete'), _('delete'),
'btn-xs' 'btn-xs'
) )
@ -72,7 +72,7 @@ function admin_questions()
'answered_by' => User_Nick_render($answer_user_source), 'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", '<br />', $question['Answer']), 'answer' => str_replace("\n", '<br />', $question['Answer']),
'actions' => button( 'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'], page_link_to('admin_questions', ['action' => 'delete', 'id' => $question['QID']]),
_('delete'), _('delete'),
'btn-xs' 'btn-xs'
) )

21
includes/pages/admin_rooms.php
View File

@ -25,8 +25,8 @@ function admin_rooms()
'from_pentabarf' => glyph_bool($room['FromPentabarf'] == 'Y'), 'from_pentabarf' => glyph_bool($room['FromPentabarf'] == 'Y'),
'public' => glyph_bool($room['show'] == 'Y'), 'public' => glyph_bool($room['show'] == 'Y'),
'actions' => table_buttons([ 'actions' => table_buttons([
button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _('edit'), 'btn-xs'), button(page_link_to('admin_rooms', ['show' => 'edit', 'id' => $room['RID']]), _('edit'), 'btn-xs'),
button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _('delete'), 'btn-xs') button(page_link_to('admin_rooms', ['show' => 'delete', 'id' => $room['RID']]), _('delete'), 'btn-xs')
]) ])
]; ];
} }
@ -107,11 +107,14 @@ function admin_rooms()
} }
foreach ($angeltypes as $angeltype_id => $angeltype) { foreach ($angeltypes as $angeltype_id => $angeltype) {
if ( $angeltypes_count[$angeltype_id] = 0;
$request->has('angeltype_count_' . $angeltype_id) $queryKey = 'angeltype_count_' . $angeltype_id;
&& preg_match('/^\d{1,4}$/', $request->input('angeltype_count_' . $angeltype_id)) if (!$request->has($queryKey)) {
) { continue;
$angeltypes_count[$angeltype_id] = $request->input('angeltype_count_' . $angeltype_id); }
if (preg_match('/^\d{1,4}$/', $request->input($queryKey))) {
$angeltypes_count[$angeltype_id] = $request->input($queryKey);
} else { } else {
$valid = false; $valid = false;
$msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true); $msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
@ -220,7 +223,7 @@ function admin_rooms()
sprintf(_('Do you want to delete room %s?'), $name), sprintf(_('Do you want to delete room %s?'), $name),
buttons([ buttons([
button( button(
page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', page_link_to('admin_rooms', ['show' => 'delete', 'id' => $room_id, 'ack' => 1]),
_('Delete'), _('Delete'),
'delete btn-danger' 'delete btn-danger'
) )
@ -231,7 +234,7 @@ function admin_rooms()
return page_with_title(admin_rooms_title(), [ return page_with_title(admin_rooms_title(), [
buttons([ buttons([
button(page_link_to('admin_rooms') . '&show=edit', _('add')) button(page_link_to('admin_rooms', ['show' => 'edit']), _('add'))
]), ]),
msg(), msg(),
table([ table([

27
includes/pages/admin_shifts.php
View File

@ -19,6 +19,7 @@ function admin_shifts()
{ {
$valid = true; $valid = true;
$request = request(); $request = request();
$session = session();
$start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00'); $start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
$end = $start; $end = $start;
$mode = 'single'; $mode = 'single';
@ -132,16 +133,14 @@ function admin_shifts()
} elseif ($request->input('angelmode') == 'manually') { } elseif ($request->input('angelmode') == 'manually') {
$angelmode = 'manually'; $angelmode = 'manually';
foreach ($types as $type) { foreach ($types as $type) {
if ( if (preg_match('/^\d+$/', trim($request->input('type_' . $type['id'], 0)))) {
$request->has('type_' . $type['id']) $needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id'], 0));
&& preg_match('/^\d+$/', trim($request->input('type_' . $type['id'])))
) {
$needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id']));
} else { } else {
$valid = false; $valid = false;
error(sprintf(_('Please check the needed angels for team %s.'), $type['name'])); error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
} }
} }
if (array_sum($needed_angel_types) == 0) { if (array_sum($needed_angel_types) == 0) {
$valid = false; $valid = false;
error(_('There are 0 angels needed. Please enter the amounts of needed angels.')); error(_('There are 0 angels needed. Please enter the amounts of needed angels.'));
@ -272,8 +271,8 @@ function admin_shifts()
} }
// Fürs Anlegen zwischenspeichern: // Fürs Anlegen zwischenspeichern:
$_SESSION['admin_shifts_shifts'] = $shifts; $session->set('admin_shifts_shifts', $shifts);
$_SESSION['admin_shifts_types'] = $needed_angel_types; $session->set('admin_shifts_types', $needed_angel_types);
$hidden_types = ''; $hidden_types = '';
foreach ($needed_angel_types as $type_id => $count) { foreach ($needed_angel_types as $type_id => $count) {
@ -303,16 +302,14 @@ function admin_shifts()
} }
} elseif ($request->has('submit')) { } elseif ($request->has('submit')) {
if ( if (
!$request->has('admin_shifts_shifts') !is_array($session->get('admin_shifts_shifts'))
|| !isset($_SESSION['admin_shifts_types']) || !is_array($session->get('admin_shifts_types'))
|| !is_array($_SESSION['admin_shifts_shifts'])
|| !is_array($_SESSION['admin_shifts_types'])
) { ) {
redirect(page_link_to('admin_shifts')); redirect(page_link_to('admin_shifts'));
} }
$needed_angel_types_info = []; $needed_angel_types_info = [];
foreach ($_SESSION['admin_shifts_shifts'] as $shift) { foreach ($session->get('admin_shifts_shifts', []) as $shift) {
$shift['URL'] = null; $shift['URL'] = null;
$shift['PSID'] = null; $shift['PSID'] = null;
$shift_id = Shift_create($shift); $shift_id = Shift_create($shift);
@ -324,7 +321,7 @@ function admin_shifts()
. ' to ' . date('Y-m-d H:i', $shift['end']) . ' to ' . date('Y-m-d H:i', $shift['end'])
); );
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { foreach ($session->get('admin_shifts_types', []) as $type_id => $count) {
$angel_type_source = DB::selectOne(' $angel_type_source = DB::selectOne('
SELECT * SELECT *
FROM `AngelTypes` FROM `AngelTypes`
@ -350,8 +347,8 @@ function admin_shifts()
success('Schichten angelegt.'); success('Schichten angelegt.');
redirect(page_link_to('admin_shifts')); redirect(page_link_to('admin_shifts'));
} else { } else {
unset($_SESSION['admin_shifts_shifts']); $session->remove('admin_shifts_shifts');
unset($_SESSION['admin_shifts_types']); $session->remove('admin_shifts_types');
} }
$rid = null; $rid = null;

74
includes/pages/admin_user.php
View File

@ -46,25 +46,27 @@ function admin_user()
. 'Wenn T-Shirt ein \'Ja\' enth&auml;lt, bedeutet dies, dass der Engel ' . 'Wenn T-Shirt ein \'Ja\' enth&auml;lt, bedeutet dies, dass der Engel '
. 'bereits sein T-Shirt erhalten hat.<br /><br />' . "\n"; . 'bereits sein T-Shirt erhalten hat.<br /><br />' . "\n";
$html .= '<form action="' . page_link_to('admin_user') . '&action=save&id=' . $user_id . '" method="post">' . "\n"; $html .= '<form action="'
. page_link_to('admin_user', ['action' => 'save', 'id' => $user_id])
. '" method="post">' . "\n";
$html .= '<table border="0">' . "\n"; $html .= '<table border="0">' . "\n";
$html .= '<input type="hidden" name="Type" value="Normal">' . "\n"; $html .= '<input type="hidden" name="Type" value="Normal">' . "\n";
$html .= '<tr><td>' . "\n"; $html .= '<tr><td>' . "\n";
$html .= '<table>' . "\n"; $html .= '<table>' . "\n";
$html .= ' <tr><td>Nick</td><td>' . '<input type="text" size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Nick</td><td>' . '<input size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Last login</td><td><p class="help-block">' $html .= ' <tr><td>Last login</td><td><p class="help-block">'
. date('Y-m-d H:i', $user_source['lastLogIn']) . date('Y-m-d H:i', $user_source['lastLogIn'])
. '</p></td></tr>' . "\n"; . '</p></td></tr>' . "\n";
$html .= ' <tr><td>Name</td><td>' . '<input type="text" size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Name</td><td>' . '<input size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Vorname</td><td>' . '<input type="text" size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Vorname</td><td>' . '<input size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Alter</td><td>' . '<input type="text" size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Alter</td><td>' . '<input size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Telefon</td><td>' . '<input type="text" size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Telefon</td><td>' . '<input size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Handy</td><td>' . '<input type="text" size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Handy</td><td>' . '<input size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>DECT</td><td>' . '<input type="text" size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>DECT</td><td>' . '<input size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n";
if ($user_source['email_by_human_allowed']) { if ($user_source['email_by_human_allowed']) {
$html .= " <tr><td>email</td><td>" . '<input type="text" size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n"; $html .= " <tr><td>email</td><td>" . '<input size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n";
} }
$html .= " <tr><td>jabber</td><td>" . '<input type="text" size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n"; $html .= " <tr><td>jabber</td><td>" . '<input size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Size</td><td>' $html .= ' <tr><td>Size</td><td>'
. html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . '</td></tr>' . "\n"; . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . '</td></tr>' . "\n";
@ -91,7 +93,7 @@ function admin_user()
$html .= ' <tr><td>T-Shirt</td><td>' . "\n"; $html .= ' <tr><td>T-Shirt</td><td>' . "\n";
$html .= html_options('eTshirt', $options, $user_source['Tshirt']) . '</td></tr>' . "\n"; $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . '</td></tr>' . "\n";
$html .= ' <tr><td>Hometown</td><td>' . '<input type="text" size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Hometown</td><td>' . '<input size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n";
$html .= '</table>' . "\n" . '</td><td valign="top"></td></tr>'; $html .= '</table>' . "\n" . '</td><td valign="top"></td></tr>';
@ -105,7 +107,8 @@ function admin_user()
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.')); $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
$html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:<form action="' $html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:<form action="'
. page_link_to('admin_user') . '&action=change_pw&id=' . $user_id . '" method="post">' . "\n"; . page_link_to('admin_user', ['action' => 'change_pw', 'id' => $user_id])
. '" method="post">' . "\n";
$html .= '<table>' . "\n"; $html .= '<table>' . "\n";
$html .= ' <tr><td>Passwort</td><td>' . '<input type="password" size="40" name="new_pw" value="" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Passwort</td><td>' . '<input type="password" size="40" name="new_pw" value="" class="form-control"></td></tr>' . "\n";
$html .= ' <tr><td>Wiederholung</td><td>' . '<input type="password" size="40" name="new_pw2" value="" class="form-control"></td></tr>' . "\n"; $html .= ' <tr><td>Wiederholung</td><td>' . '<input type="password" size="40" name="new_pw2" value="" class="form-control"></td></tr>' . "\n";
@ -134,7 +137,8 @@ function admin_user()
if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) { if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:<form action="' $html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:<form action="'
. page_link_to('admin_user') . '&action=save_groups&id=' . $user_id . '" method="post">' . "\n"; . page_link_to('admin_user', ['action' => 'save_groups', 'id' => $user_id])
. '" method="post">' . "\n";
$html .= '<table>'; $html .= '<table>';
$groups = DB::select(' $groups = DB::select('
@ -175,11 +179,11 @@ function admin_user()
switch ($request->input('action')) { switch ($request->input('action')) {
case 'save_groups': case 'save_groups':
if ($user_id != $user['UID']) { if ($user_id != $user['UID']) {
$my_highest_group = DB::select( $my_highest_group = DB::selectOne(
'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`', 'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
[$user['UID']] [$user['UID']]
); );
$his_highest_group = DB::select( $his_highest_group = DB::selectOne(
'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`', 'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
[$user_id] [$user_id]
); );
@ -257,7 +261,7 @@ function admin_user()
`Handy` = ?, `Handy` = ?,
`Alter` =?, `Alter` =?,
`DECT` = ?, `DECT` = ?,
' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->post('eemail')) . ',' : '') . ' ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->postData('eemail')) . ',' : '') . '
`jabber` = ?, `jabber` = ?,
`Size` = ?, `Size` = ?,
`Gekommen`= ?, `Gekommen`= ?,
@ -268,34 +272,34 @@ function admin_user()
WHERE `UID` = ? WHERE `UID` = ?
LIMIT 1'; LIMIT 1';
DB::update($sql, [ DB::update($sql, [
$request->post('eNick'), User_validate_Nick($request->postData('eNick')),
$request->post('eName'), $request->postData('eName'),
$request->post('eVorname'), $request->postData('eVorname'),
$request->post('eTelefon'), $request->postData('eTelefon'),
$request->post('eHandy'), $request->postData('eHandy'),
$request->post('eAlter'), $request->postData('eAlter'),
$request->post('eDECT'), $request->postData('eDECT'),
$request->post('ejabber'), $request->postData('ejabber'),
$request->post('eSize'), $request->postData('eSize'),
$request->post('eGekommen'), $request->postData('eGekommen'),
$request->post('eAktiv'), $request->postData('eAktiv'),
$force_active, $force_active,
$request->post('eTshirt'), $request->postData('eTshirt'),
$request->post('Hometown'), $request->postData('Hometown'),
$user_id, $user_id,
]); ]);
engelsystem_log( engelsystem_log(
'Updated user: ' . $request->post('eNick') . ', ' . $request->post('eSize') 'Updated user: ' . $request->postData('eNick') . ', ' . $request->postData('eSize')
. ', arrived: ' . $request->post('eVorname') . ', arrived: ' . $request->postData('eVorname')
. ', active: ' . $request->post('eAktiv') . ', active: ' . $request->postData('eAktiv')
. ', tshirt: ' . $request->post('eTshirt') . ', tshirt: ' . $request->postData('eTshirt')
); );
$html .= success('Änderung wurde gespeichert...' . "\n", true); $html .= success('Änderung wurde gespeichert...' . "\n", true);
break; break;
case 'change_pw': case 'change_pw':
if ($request->post('new_pw') != '' && $request->post('new_pw') == $request->post('new_pw2')) { if ($request->postData('new_pw') != '' && $request->postData('new_pw') == $request->postData('new_pw2')) {
set_password($user_id, $request->post('new_pw')); set_password($user_id, $request->postData('new_pw'));
$user_source = User($user_id); $user_source = User($user_id);
engelsystem_log('Set new password for ' . User_Nick_render($user_source)); engelsystem_log('Set new password for ' . User_Nick_render($user_source));
$html .= success('Passwort neu gesetzt.', true); $html .= success('Passwort neu gesetzt.', true);

42
includes/pages/guest_login.php
View File

@ -39,6 +39,7 @@ function guest_register()
$min_password_length = config('min_password_length'); $min_password_length = config('min_password_length');
$event_config = EventConfig(); $event_config = EventConfig();
$request = request(); $request = request();
$session = session();
$msg = ''; $msg = '';
$nick = ''; $nick = '';
@ -127,8 +128,8 @@ function guest_register()
} }
} }
if ($request->has('password') && strlen($request->post('password')) >= $min_password_length) { if ($request->has('password') && strlen($request->postData('password')) >= $min_password_length) {
if ($request->post('password') != $request->post('password2')) { if ($request->postData('password') != $request->postData('password2')) {
$valid = false; $valid = false;
$msg .= error(_('Your passwords don\'t match.'), true); $msg .= error(_('Your passwords don\'t match.'), true);
} }
@ -226,15 +227,15 @@ function guest_register()
$password_hash, $password_hash,
$comment, $comment,
$hometown, $hometown,
$_SESSION['locale'], $session->get('locale'),
$planned_arrival_date, $planned_arrival_date,
] ]
); );
// Assign user-group and set password // Assign user-group and set password
$user_id = DB::getPdo()->lastInsertId(); $user_id = DB::getPdo()->lastInsertId();
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]); DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -20)', [$user_id]);
set_password($user_id, $request->post('password')); set_password($user_id, $request->postData('password'));
// Assign angel-types // Assign angel-types
$user_angel_types_info = []; $user_angel_types_info = [];
@ -328,7 +329,7 @@ function guest_register()
'angel_types', 'angel_types',
_('What do you want to do?') . sprintf( _('What do you want to do?') . sprintf(
' (<a href="%s">%s</a>)', ' (<a href="%s">%s</a>)',
page_link_to('angeltypes') . '&action=about', page_link_to('angeltypes', ['action' => 'about']),
_('Description of job types') _('Description of job types')
), ),
$angel_types, $angel_types,
@ -377,32 +378,43 @@ function guest_register()
]); ]);
} }
/**
* @return string
*/
function entry_required() function entry_required()
{ {
return '<span class="text-info glyphicon glyphicon-warning-sign"></span>'; return '<span class="text-info glyphicon glyphicon-warning-sign"></span>';
} }
/**
* @return bool
*/
function guest_logout() function guest_logout()
{ {
session_destroy(); session()->invalidate();
redirect(page_link_to('start')); redirect(page_link_to('start'));
return true; return true;
} }
/**
* @return string
*/
function guest_login() function guest_login()
{ {
$nick = ''; $nick = '';
$request = request(); $request = request();
unset($_SESSION['uid']); $session = session();
$valid = true; $valid = true;
$session->remove('uid');
if ($request->has('submit')) { if ($request->has('submit')) {
if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) { if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) {
$nick = User_validate_Nick($request->input('nick')); $nick = User_validate_Nick($request->input('nick'));
$login_user = DB::selectOne('SELECT * FROM `User` WHERE `Nick`=?', [$nick]); $login_user = DB::selectOne('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
if (!empty($login_user)) { if (!empty($login_user)) {
if ($request->has('password')) { if ($request->has('password')) {
if (!verify_password($request->post('password'), $login_user['Passwort'], $login_user['UID'])) { if (!verify_password($request->postData('password'), $login_user['Passwort'], $login_user['UID'])) {
$valid = false; $valid = false;
error(_('Your password is incorrect. Please try it again.')); error(_('Your password is incorrect. Please try it again.'));
} }
@ -420,8 +432,8 @@ function guest_login()
} }
if ($valid && !empty($login_user)) { if ($valid && !empty($login_user)) {
$_SESSION['uid'] = $login_user['UID']; $session->set('uid', $login_user['UID']);
$_SESSION['locale'] = $login_user['Sprache']; $session->set('locale', $login_user['Sprache']);
redirect(page_link_to('news')); redirect(page_link_to('news'));
} }
@ -466,7 +478,10 @@ function guest_login()
heading(_('What can I do?'), 2), heading(_('What can I do?'), 2),
'<p>' . _('Please read about the jobs you can do to help us.') . '</p>', '<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;') button(
page_link_to('angeltypes', ['action' => 'about']),
_('Teams/Job description') . ' &raquo;'
)
]) ])
]) ])
]) ])
@ -474,6 +489,9 @@ function guest_login()
]); ]);
} }
/**
* @return string
*/
function get_register_hint() function get_register_hint()
{ {
global $privileges; global $privileges;

19
includes/pages/user_atom.php
View File

@ -1,6 +1,7 @@
<?php <?php
use Engelsystem\Database\DB; use Engelsystem\Database\DB;
use Engelsystem\Http\Request;
/** /**
* Publically available page to feed the news to feed readers * Publically available page to feed the news to feed readers
@ -44,14 +45,15 @@ function user_atom()
*/ */
function make_atom_entries_from_news($news_entries) function make_atom_entries_from_news($news_entries)
{ {
$request = Request::getInstance();
$html = '<?xml version="1.0" encoding="utf-8"?> $html = '<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom"> <feed xmlns="http://www.w3.org/2005/Atom">
<title>Engelsystem</title> <title>Engelsystem</title>
<id>' . $_SERVER['HTTP_HOST'] <id>' . $request->getHttpHost()
. htmlspecialchars(preg_replace( . htmlspecialchars(preg_replace(
'#[&?]key=[a-f\d]{32}#', '#[&?]key=[a-f\d]{32}#',
'', '',
$_SERVER['REQUEST_URI'] $request->getRequestUri()
)) ))
. '</id> . '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . '</updated>' . "\n"; <updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . '</updated>' . "\n";
@ -64,11 +66,12 @@ function make_atom_entries_from_news($news_entries)
function make_atom_entry_from_news($news_entry) function make_atom_entry_from_news($news_entry)
{ {
return ' <entry> return '
<entry>
<title>' . htmlspecialchars($news_entry['Betreff']) . '</title> <title>' . htmlspecialchars($news_entry['Betreff']) . '</title>
<link href="' . page_link_to_absolute('news_comments&amp;nid=') . $news_entry['ID'] . '"/> <link href="' . page_link_to('news_comments', ['nid' => $news_entry['ID']]) . '"/>
<id>' . preg_replace('#^https?://#', '', page_link_to_absolute('news')) . '-' . $news_entry['ID'] . '</id> <id>' . preg_replace('#^https?://#', '', page_link_to('news_comments', ['nid' => $news_entry['ID']])) . '</id>
<updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated> <updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated>
<summary type="html">' . htmlspecialchars($news_entry['Text']) . '</summary> <summary>' . htmlspecialchars($news_entry['Text']) . '</summary>
</entry>' . "\n"; </entry>' . "\n";
} }

6
includes/pages/user_messages.php
View File

@ -92,14 +92,14 @@ function user_messages()
if ($message['RUID'] == $user['UID']) { if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N') { if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button( $messages_table_entry['actions'] = button(
page_link_to('user_messages') . '&action=read&id=' . $message['id'], page_link_to('user_messages', ['action' => 'read', 'id' => $message['id']]),
_('mark as read'), _('mark as read'),
'btn-xs' 'btn-xs'
); );
} }
} else { } else {
$messages_table_entry['actions'] = button( $messages_table_entry['actions'] = button(
page_link_to('user_messages') . '&action=delete&id=' . $message['id'], page_link_to('user_messages', ['action' => 'delete', 'id' => $message['id']]),
_('delete message'), _('delete message'),
'btn-xs' 'btn-xs'
); );
@ -119,7 +119,7 @@ function user_messages()
'text' => _('Message'), 'text' => _('Message'),
'actions' => '' 'actions' => ''
], $messages_table) ], $messages_table)
], page_link_to('user_messages') . '&action=send') ], page_link_to('user_messages', ['action' => 'send']))
]); ]);
} else { } else {
switch ($request->input('action')) { switch ($request->input('action')) {

12
includes/pages/user_myshifts.php
View File

@ -37,16 +37,16 @@ function user_myshifts()
if ($request->input('reset') == 'ack') { if ($request->input('reset') == 'ack') {
User_reset_api_key($user); User_reset_api_key($user);
success(_('Key changed.')); success(_('Key changed.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']]));
} }
return page_with_title(_('Reset API key'), [ return page_with_title(_('Reset API key'), [
error( error(
_('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'), _('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'),
true true
), ),
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger') button(page_link_to('user_myshifts', ['reset' => 'ack']), _('Continue'), 'btn-danger')
]); ]);
} elseif ($request->has('edit') && preg_match('/^\d*$/', $request->input('edit'))) { } elseif ($request->has('edit') && preg_match('/^\d+$/', $request->input('edit'))) {
$user_id = $request->input('edit'); $user_id = $request->input('edit');
$shift = DB::selectOne(' $shift = DB::selectOne('
SELECT SELECT
@ -106,7 +106,7 @@ function user_myshifts()
. '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO') . '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO')
); );
success(_('Shift saved.')); success(_('Shift saved.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']]));
} }
} }
@ -124,7 +124,7 @@ function user_myshifts()
} else { } else {
redirect(page_link_to('user_myshifts')); redirect(page_link_to('user_myshifts'));
} }
} elseif ($request->has('cancel') && preg_match('/^\d*$/', $request->input('cancel'))) { } elseif ($request->has('cancel') && preg_match('/^\d+$/', $request->input('cancel'))) {
$user_id = $request->input('cancel'); $user_id = $request->input('cancel');
$shift = DB::selectOne(' $shift = DB::selectOne('
SELECT * SELECT *
@ -164,6 +164,6 @@ function user_myshifts()
} }
} }
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user['UID']]));
return ''; return '';
} }

40
includes/pages/user_news.php
View File

@ -35,8 +35,8 @@ function user_meetings()
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg(); $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
$request = request(); $request = request();
if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) { if (preg_match('/^\d{1,}$/', $request->input('page', 0))) {
$page = $request->input('page'); $page = $request->input('page', 0);
} else { } else {
$page = 0; $page = 0;
} }
@ -57,14 +57,14 @@ function user_meetings()
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news); $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">'; $html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) { for ($i = 0; $i < $dis_rows; $i++) {
if ($request->has('page') && $i == $request->input('page')) { if ($request->has('page') && $i == $request->input('page', 0)) {
$html .= '<li class="active">'; $html .= '<li class="active">';
} elseif (!$request->has('page') && $i == 0) { } elseif (!$request->has('page') && $i == 0) {
$html .= '<li class="active">'; $html .= '<li class="active">';
} else { } else {
$html .= '<li>'; $html .= '<li>';
} }
$html .= '<a href="' . page_link_to('user_meetings') . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; $html .= '<a href="' . page_link_to('user_meetings', ['page' => $i]) . '">' . ($i + 1) . '</a></li>';
} }
$html .= '</ul></div></div>'; $html .= '</ul></div></div>';
@ -89,7 +89,7 @@ function display_news($news)
$html .= '<div class="panel-footer text-muted">'; $html .= '<div class="panel-footer text-muted">';
if (in_array('admin_news', $privileges)) { if (in_array('admin_news', $privileges)) {
$html .= '<div class="pull-right">' $html .= '<div class="pull-right">'
. button_glyph(page_link_to('admin_news') . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . button_glyph(page_link_to('admin_news', ['action' => 'edit', 'id' => $news['ID']]), 'edit', 'btn-xs')
. '</div>'; . '</div>';
} }
$html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . '&emsp;'; $html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . '&emsp;';
@ -98,7 +98,7 @@ function display_news($news)
$html .= User_Nick_render($user_source); $html .= User_Nick_render($user_source);
if ($page != 'news_comments') { if ($page != 'news_comments') {
$html .= '&emsp;<a href="' . page_link_to('news_comments') . '&nid=' . $news['ID'] . '">' $html .= '&emsp;<a href="' . page_link_to('news_comments', ['nid' => $news['ID']]) . '">'
. '<span class="glyphicon glyphicon-comment"></span> ' . '<span class="glyphicon glyphicon-comment"></span> '
. _('Comments') . ' &raquo;</a> ' . _('Comments') . ' &raquo;</a> '
. '<span class="badge">' . '<span class="badge">'
@ -154,7 +154,7 @@ function user_news_comments()
$user_source = User($comment['UID']); $user_source = User($comment['UID']);
$html .= '<div class="panel panel-default">'; $html .= '<div class="panel panel-default">';
$html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>'; $html .= '<div class="panel-body">' . nl2br(htmlspecialchars($comment['Text'])) . '</div>';
$html .= '<div class="panel-footer text-muted">'; $html .= '<div class="panel-footer text-muted">';
$html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;'; $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;';
$html .= User_Nick_render($user_source); $html .= User_Nick_render($user_source);
@ -166,7 +166,7 @@ function user_news_comments()
$html .= form([ $html .= form([
form_textarea('text', _('Message'), ''), form_textarea('text', _('Message'), ''),
form_submit('submit', _('Save')) form_submit('submit', _('Save'))
], page_link_to('news_comments') . '&nid=' . $news['ID']); ], page_link_to('news_comments', ['nid' => $news['ID']]));
} else { } else {
$html .= _('Invalid request.'); $html .= _('Invalid request.');
} }
@ -185,30 +185,36 @@ function user_news()
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg(); $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
$isMeeting = $request->post('treffen'); $isMeeting = $request->postData('treffen');
if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) { if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) {
if (!$request->has('treffen') || !in_array('admin_news', $privileges)) { if (!$request->has('treffen')) {
$isMeeting = 0; $isMeeting = 0;
} }
$text = $request->postData('text');
if (!in_array('admin_news_html', $privileges)) {
$text = strip_tags($text);
}
DB::insert(' DB::insert('
INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
VALUES (?, ?, ?, ?, ?) VALUES (?, ?, ?, ?, ?)
', ',
[ [
time(), time(),
$request->post('betreff'), strip_tags($request->postData('betreff')),
$request->post('text'), $text,
$user['UID'], $user['UID'],
$isMeeting, $isMeeting,
] ]
); );
engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $isMeeting); engelsystem_log('Created news: ' . $request->postData('betreff') . ', treffen: ' . $isMeeting);
success(_('Entry saved.')); success(_('Entry saved.'));
redirect(page_link_to('news')); redirect(page_link_to('news'));
} }
if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) { if (preg_match('/^\d{1,}$/', $request->input('page', 0))) {
$page = $request->input('page'); $page = $request->input('page', 0);
} else { } else {
$page = 0; $page = 0;
} }
@ -229,14 +235,14 @@ function user_news()
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news); $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">'; $html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) { for ($i = 0; $i < $dis_rows; $i++) {
if ($request->has('page') && $i == $request->input('page')) { if ($request->has('page') && $i == $request->input('page', 0)) {
$html .= '<li class="active">'; $html .= '<li class="active">';
} elseif (!$request->has('page') && $i == 0) { } elseif (!$request->has('page') && $i == 0) {
$html .= '<li class="active">'; $html .= '<li class="active">';
} else { } else {
$html .= '<li>'; $html .= '<li>';
} }
$html .= '<a href="' . page_link_to('news') . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; $html .= '<a href="' . page_link_to('news', ['page' => $i]) . '">' . ($i + 1) . '</a></li>';
} }
$html .= '</ul></div>'; $html .= '</ul></div>';

6
includes/pages/user_questions.php
View File

@ -33,7 +33,11 @@ function user_questions()
$question['answer_user'] = User_Nick_render($answer_user_source); $question['answer_user'] = User_Nick_render($answer_user_source);
} }
return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask'); return Questions_view(
$open_questions,
$answered_questions,
page_link_to('user_questions', ['action' => 'ask'])
);
} else { } else {
switch ($request->input('action')) { switch ($request->input('action')) {
case 'ask': case 'ask':

13
includes/pages/user_settings.php
View File

@ -84,7 +84,7 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
if ($valid) { if ($valid) {
User_update($user_source); User_update($user_source);
success(_('Settings saved.')); success(_('Settings saved.'));
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
} }
@ -102,15 +102,15 @@ function user_settings_password($user_source)
$request = request(); $request = request();
if ( if (
!$request->has('password') !$request->has('password')
|| !verify_password($request->post('password'), $user_source['Passwort'], $user_source['UID']) || !verify_password($request->postData('password'), $user_source['Passwort'], $user_source['UID'])
) { ) {
error(_('-> not OK. Please try again.')); error(_('-> not OK. Please try again.'));
} elseif (strlen($request->post('new_password')) < config('min_password_length')) { } elseif (strlen($request->postData('new_password')) < config('min_password_length')) {
error(_('Your password is to short (please use at least 6 characters).')); error(_('Your password is to short (please use at least 6 characters).'));
} elseif ($request->post('new_password') != $request->post('new_password2')) { } elseif ($request->postData('new_password') != $request->postData('new_password2')) {
error(_('Your passwords don\'t match.')); error(_('Your passwords don\'t match.'));
} else { } else {
set_password($user_source['UID'], $request->post('new_password')); set_password($user_source['UID'], $request->postData('new_password'));
success(_('Password saved.')); success(_('Password saved.'));
} }
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));
@ -164,6 +164,7 @@ function user_settings_locale($user_source, $locales)
{ {
$valid = true; $valid = true;
$request = request(); $request = request();
$session = session();
if ($request->has('language') && isset($locales[$request->input('language')])) { if ($request->has('language') && isset($locales[$request->input('language')])) {
$user_source['Sprache'] = $request->input('language'); $user_source['Sprache'] = $request->input('language');
@ -182,7 +183,7 @@ function user_settings_locale($user_source, $locales)
$user_source['UID'], $user_source['UID'],
] ]
); );
$_SESSION['locale'] = $user_source['Sprache']; $session->set('locale', $user_source['Sprache']);
success('Language changed.'); success('Language changed.');
redirect(page_link_to('user_settings')); redirect(page_link_to('user_settings'));

25
includes/pages/user_shifts.php
View File

@ -167,20 +167,23 @@ function view_user_shifts()
{ {
global $user, $privileges, $ical_shifts; global $user, $privileges, $ical_shifts;
$session = session();
$ical_shifts = []; $ical_shifts = [];
$days = load_days(); $days = load_days();
$rooms = load_rooms(); $rooms = load_rooms();
$types = load_types(); $types = load_types();
if (!isset($_SESSION['ShiftsFilter'])) { if (!$session->has('ShiftsFilter')) {
$room_ids = [ $room_ids = [
$rooms[0]['id'] $rooms[0]['id']
]; ];
$type_ids = array_map('get_ids_from_array', $types); $type_ids = array_map('get_ids_from_array', $types);
$_SESSION['ShiftsFilter'] = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids); $shiftsFilter = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids);
$session->set('ShiftsFilter', $shiftsFilter);
} }
update_ShiftsFilter($_SESSION['ShiftsFilter'], in_array('user_shifts_admin', $privileges), $days);
$shiftsFilter = $_SESSION['ShiftsFilter']; $shiftsFilter = $session->get('ShiftsFilter');
update_ShiftsFilter($shiftsFilter, in_array('user_shifts_admin', $privileges), $days);
$shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter); $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
@ -203,6 +206,11 @@ function view_user_shifts()
$end_day = date('Y-m-d', $shiftsFilter->getEndTime()); $end_day = date('Y-m-d', $shiftsFilter->getEndTime());
$end_time = date('H:i', $shiftsFilter->getEndTime()); $end_time = date('H:i', $shiftsFilter->getEndTime());
$assignNotice = '';
if (config('signup_requires_arrival') && !$user['Gekommen']) {
$assignNotice = info(render_user_arrived_hint(), true);
}
return page([ return page([
div('col-md-12', [ div('col-md-12', [
msg(), msg(),
@ -223,15 +231,16 @@ function view_user_shifts()
'task_notice' => 'task_notice' =>
'<sup>1</sup>' '<sup>1</sup>'
. _('The tasks shown here are influenced by the angeltypes you joined already!') . _('The tasks shown here are influenced by the angeltypes you joined already!')
. ' <a href="' . page_link_to('angeltypes') . '&action=about' . '">' . ' <a href="' . page_link_to('angeltypes', ['action' => 'about']) . '">'
. _('Description of the jobs.') . _('Description of the jobs.')
. '</a>', . '</a>',
'assign_notice' => $assignNotice,
'shifts_table' => msg() . $shiftCalendarRenderer->render(), 'shifts_table' => msg() . $shiftCalendarRenderer->render(),
'ical_text' => '<h2>' . _('iCal export') . '</h2><p>' . sprintf( 'ical_text' => '<h2>' . _('iCal export') . '</h2><p>' . sprintf(
_('Export of shown shifts. <a href="%s">iCal format</a> or <a href="%s">JSON format</a> available (please keep secret, otherwise <a href="%s">reset the api key</a>).'), _('Export of shown shifts. <a href="%s">iCal format</a> or <a href="%s">JSON format</a> available (please keep secret, otherwise <a href="%s">reset the api key</a>).'),
page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to('ical', ['key' => $user['api_key']]),
page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('shifts_json_export', ['key' => $user['api_key']]),
page_link_to('user_myshifts') . '&reset' page_link_to('user_myshifts', ['reset' => 1])
) . '</p>', ) . '</p>',
'filter' => _('Filter') 'filter' => _('Filter')
]) ])

13
includes/sys_auth.php
View File

@ -10,8 +10,10 @@ function load_auth()
global $user, $privileges; global $user, $privileges;
$user = null; $user = null;
if (isset($_SESSION['uid'])) { $session = session();
$user = DB::selectOne('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$_SESSION['uid']]);
if ($session->has('uid')) {
$user = DB::selectOne('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$session->get('uid')]);
if (!empty($user)) { if (!empty($user)) {
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
DB::update(' DB::update('
@ -21,16 +23,17 @@ function load_auth()
LIMIT 1 LIMIT 1
', [ ', [
time(), time(),
$_SESSION['uid'], $session->get('uid'),
]); ]);
$privileges = privileges_for_user($user['UID']); $privileges = privileges_for_user($user['UID']);
return; return;
} }
unset($_SESSION['uid']);
$session->remove('uid');
} }
// guest privileges // guest privileges
$privileges = privileges_for_group(-1); $privileges = privileges_for_group(-10);
} }
/** /**

24
includes/sys_form.php
View File

@ -10,7 +10,7 @@
*/ */
function form_hidden($name, $value) function form_hidden($name, $value)
{ {
return '<input type="hidden" name="' . $name . '" value="' . $value . '" />'; return '<input type="hidden" name="' . $name . '" value="' . htmlspecialchars($value) . '" />';
} }
/** /**
@ -25,7 +25,7 @@ function form_spinner($name, $label, $value)
{ {
return form_element($label, ' return form_element($label, '
<div class="input-group"> <div class="input-group">
<input id="spinner-' . $name . '" class="form-control" type="text" name="' . $name . '" value="' . $value . '" /> <input id="spinner-' . $name . '" class="form-control" name="' . $name . '" value="' . htmlspecialchars($value) . '" />
<div class="input-group-btn"> <div class="input-group-btn">
<button id="spinner-' . $name . '-down" class="btn btn-default" type="button"> <button id="spinner-' . $name . '-down" class="btn btn-default" type="button">
<span class="glyphicon glyphicon-minus"></span> <span class="glyphicon glyphicon-minus"></span>
@ -66,7 +66,8 @@ function form_date($name, $label, $value, $start_date = '', $end_date = '')
$end_date = is_numeric($end_date) ? date('Y-m-d', $end_date) : ''; $end_date = is_numeric($end_date) ? date('Y-m-d', $end_date) : '';
return form_element($label, ' return form_element($label, '
<div class="input-group date" id="' . $dom_id . '"> <div class="input-group date" id="' . $dom_id . '">
<input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span> <input name="' . $name . '" class="form-control" value="' . htmlspecialchars($value) . '">'
. '<span class="input-group-addon">' . glyph('th') . '</span>
</div> </div>
<script type="text/javascript"> <script type="text/javascript">
$(function(){ $(function(){
@ -144,12 +145,17 @@ function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []
* @param string $label * @param string $label
* @param string $selected * @param string $selected
* @param string $value * @param string $value
* @param string $id
* @return string * @return string
*/ */
function form_checkbox($name, $label, $selected, $value = 'checked') function form_checkbox($name, $label, $selected, $value = 'checked', $id = null)
{ {
if (is_null($id)) {
$id = $name;
}
return '<div class="checkbox"><label>' return '<div class="checkbox"><label>'
. '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '" ' . '<input type="checkbox" id="' . $id . '" name="' . $name . '" value="' . htmlspecialchars($value) . '" '
. ($selected ? ' checked="checked"' : '') . ' /> ' . ($selected ? ' checked="checked"' : '') . ' /> '
. $label . $label
. '</label></div>'; . '</label></div>';
@ -167,7 +173,7 @@ function form_checkbox($name, $label, $selected, $value = 'checked')
function form_radio($name, $label, $selected, $value) function form_radio($name, $label, $selected, $value)
{ {
return '<div class="radio">' return '<div class="radio">'
. '<label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . $value . '" ' . '<label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . htmlspecialchars($value) . '" '
. ($selected ? ' checked="checked"' : '') . ' /> ' . ($selected ? ' checked="checked"' : '') . ' /> '
. $label . $label
. '</label></div>'; . '</label></div>';
@ -328,8 +334,8 @@ function form_textarea($name, $label, $value, $disabled = false)
$disabled = $disabled ? ' disabled="disabled"' : ''; $disabled = $disabled ? ' disabled="disabled"' : '';
return form_element( return form_element(
$label, $label,
'<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="' '<textarea rows="5" class="form-control" id="form_' . $name . '" name="'
. $name . '" ' . $disabled . '>' . $value . '</textarea>', . $name . '" ' . $disabled . '>' . htmlspecialchars($value) . '</textarea>',
'form_' . $name 'form_' . $name
); );
} }
@ -374,7 +380,7 @@ function form_element($label, $input, $for = '')
*/ */
function form($elements, $action = '') function form($elements, $action = '')
{ {
return '<form role="form" action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>'; return '<form action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
} }
/** /**

26
includes/sys_menu.php
View File

@ -1,28 +1,16 @@
<?php <?php
use Engelsystem\UserHintsRenderer; use Engelsystem\UserHintsRenderer;
/** /**
* @param string $page * @param string $page
* @param array $parameters get parameters
* @return string * @return string
*/ */
function page_link_to($page = '') function page_link_to($page = '', $parameters = [])
{ {
if ($page == '') { $page = str_replace('_', '-', $page);
return '?'; return url($page, $parameters);
}
return '?p=' . $page;
}
/**
* @param string $page
* @return string
*/
function page_link_to_absolute($page)
{
return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
. $_SERVER['HTTP_HOST']
. preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI'])
. page_link_to($page);
} }
/** /**
@ -65,7 +53,7 @@ function header_toolbar()
if (isset($user)) { if (isset($user)) {
$toolbar_items[] = toolbar_item_link( $toolbar_items[] = toolbar_item_link(
page_link_to('shifts') . '&amp;action=next', page_link_to('shifts', ['action' => 'next']),
'time', 'time',
User_shift_state_render($user) User_shift_state_render($user)
); );
@ -86,7 +74,7 @@ function header_toolbar()
$toolbar_items[] = header_render_hints(); $toolbar_items[] = header_render_hints();
if (in_array('user_myshifts', $privileges)) { if (in_array('user_myshifts', $privileges)) {
$toolbar_items[] = toolbar_item_link( $toolbar_items[] = toolbar_item_link(
page_link_to('users') . '&amp;action=view', page_link_to('users', ['action' => 'view']),
' icon-icon_angel', ' icon-icon_angel',
$user['Nick'], $user['Nick'],
$page == 'users' $page == 'users'

16
includes/sys_page.php
View File

@ -1,4 +1,5 @@
<?php <?php
use Engelsystem\ValidationResult; use Engelsystem\ValidationResult;
/** /**
@ -168,11 +169,12 @@ function strip_request_item($name, $default_value = null)
*/ */
function test_request_int($name) function test_request_int($name)
{ {
$request = request(); $input = request()->input($name);
if ($request->has($name)) { if (is_null($input)) {
return preg_match('/^\d*$/', $request->input($name)); return false;
} }
return false;
return preg_match('/^\d+$/', $input);
} }
/** /**
@ -186,7 +188,11 @@ function strip_request_item_nl($name, $default_value = null)
{ {
$request = request(); $request = request();
if ($request->has($name)) { if ($request->has($name)) {
return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($request->input($name))); return preg_replace(
"/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui",
'',
strip_tags($request->input($name))
);
} }
return $default_value; return $default_value;
} }

71
includes/view/AngelTypes_view.php
View File

@ -50,7 +50,10 @@ function AngelType_delete_view($angeltype)
buttons([ buttons([
button(page_link_to('angeltypes'), _('cancel'), 'cancel'), button(page_link_to('angeltypes'), _('cancel'), 'cancel'),
button( button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed', page_link_to(
'angeltypes',
['action' => 'delete', 'angeltype_id' => $angeltype['id'], 'confirmed' => 1]
),
_('delete'), _('delete'),
'ok' 'ok'
) )
@ -67,7 +70,6 @@ function AngelType_delete_view($angeltype)
*/ */
function AngelType_edit_view($angeltype, $supporter_mode) function AngelType_edit_view($angeltype, $supporter_mode)
{ {
$contact_info = AngelType_contact_info($angeltype);
return page_with_title(sprintf(_('Edit %s'), $angeltype['name']), [ return page_with_title(sprintf(_('Edit %s'), $angeltype['name']), [
buttons([ buttons([
button(page_link_to('angeltypes'), _('Angeltypes'), 'back') button(page_link_to('angeltypes'), _('Angeltypes'), 'back')
@ -127,7 +129,7 @@ function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes,
if ($user_angeltype == null) { if ($user_angeltype == null) {
$buttons[] = button( $buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
_('join'), _('join'),
'add' 'add'
); );
@ -142,20 +144,22 @@ function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes,
$angeltype['name'] $angeltype['name']
)); ));
} }
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'], $buttons[] = button(
_('leave'), 'cancel'); page_link_to('user_angeltypes', ['action' => 'delete', 'user_angeltype_id' => $user_angeltype['id']]),
_('leave'), 'cancel'
);
} }
if ($admin_angeltypes || $supporter) { if ($admin_angeltypes || $supporter) {
$buttons[] = button( $buttons[] = button(
page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], page_link_to('angeltypes', ['action' => 'edit', 'angeltype_id' => $angeltype['id']]),
_('edit'), _('edit'),
'edit' 'edit'
); );
} }
if ($admin_angeltypes) { if ($admin_angeltypes) {
$buttons[] = button( $buttons[] = button(
page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], page_link_to('angeltypes', ['action' => 'delete', 'angeltype_id' => $angeltype['id']]),
_('delete'), _('delete'),
'delete' 'delete'
); );
@ -193,12 +197,18 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($angeltype['restricted'] && $member['confirm_user_id'] == null) { if ($angeltype['restricted'] && $member['confirm_user_id'] == null) {
$member['actions'] = table_buttons([ $member['actions'] = table_buttons([
button( button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'], page_link_to(
'user_angeltypes',
['action' => 'confirm', 'user_angeltype_id' => $member['user_angeltype_id']]
),
_('confirm'), _('confirm'),
'btn-xs' 'btn-xs'
), ),
button( button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], page_link_to(
'user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $member['user_angeltype_id']]
),
_('deny'), _('deny'),
'btn-xs' 'btn-xs'
) )
@ -208,7 +218,11 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($admin_angeltypes) { if ($admin_angeltypes) {
$member['actions'] = table_buttons([ $member['actions'] = table_buttons([
button( button(
page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0', page_link_to('user_angeltypes', [
'action' => 'update',
'user_angeltype_id' => $member['user_angeltype_id'],
'supporter' => 0
]),
_('Remove supporter rights'), _('Remove supporter rights'),
'btn-xs' 'btn-xs'
) )
@ -221,11 +235,18 @@ function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $a
if ($admin_user_angeltypes) { if ($admin_user_angeltypes) {
$member['actions'] = table_buttons([ $member['actions'] = table_buttons([
$admin_angeltypes $admin_angeltypes
? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1', ? button(page_link_to('user_angeltypes', [
'action' => 'update',
'user_angeltype_id' => $member['user_angeltype_id'],
'supporter' => 1
]),
_('Add supporter rights'), 'btn-xs') _('Add supporter rights'), 'btn-xs')
: '', : '',
button( button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], page_link_to('user_angeltypes', [
'action' => 'delete',
'user_angeltype_id' => $member['user_angeltype_id']
]),
_('remove'), _('remove'),
'btn-xs' 'btn-xs'
) )
@ -339,7 +360,14 @@ function AngelType_view(
$page[] = '<h3>' . _('Members') . '</h3>'; $page[] = '<h3>' . _('Members') . '</h3>';
if ($admin_user_angeltypes) { if ($admin_user_angeltypes) {
$page[] = buttons([ $page[] = buttons([
button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _('Add'), 'add') button(
page_link_to(
'user_angeltypes',
['action' => 'add', 'angeltype_id' => $angeltype['id']]
),
_('Add'),
'add'
)
]); ]);
} }
$page[] = table($table_headers, $members_confirmed); $page[] = table($table_headers, $members_confirmed);
@ -348,12 +376,12 @@ function AngelType_view(
$page[] = '<h3>' . _('Unconfirmed') . '</h3>'; $page[] = '<h3>' . _('Unconfirmed') . '</h3>';
$page[] = buttons([ $page[] = buttons([
button( button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'], page_link_to('user_angeltypes', ['action' => 'confirm_all', 'angeltype_id' => $angeltype['id']]),
_('confirm all'), _('confirm all'),
'ok' 'ok'
), ),
button( button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'], page_link_to('user_angeltypes', ['action' => 'delete_all', 'angeltype_id' => $angeltype['id']]),
_('deny all'), _('deny all'),
'cancel' 'cancel'
) )
@ -376,8 +404,10 @@ function AngelTypes_list_view($angeltypes, $admin_angeltypes)
return page_with_title(angeltypes_title(), [ return page_with_title(angeltypes_title(), [
msg(), msg(),
buttons([ buttons([
$admin_angeltypes ? button(page_link_to('angeltypes') . '&action=edit', _('New angeltype'), 'add') : '', $admin_angeltypes
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description')) ? button(page_link_to('angeltypes', ['action' => 'edit']), _('New angeltype'), 'add')
: '',
button(page_link_to('angeltypes', ['action' => 'about']), _('Teams/Job description'))
]), ]),
table([ table([
'name' => _('Name'), 'name' => _('Name'),
@ -405,13 +435,16 @@ function AngelTypes_about_view_angeltype($angeltype)
$buttons = []; $buttons = [];
if ($angeltype['user_angeltype_id'] != null) { if ($angeltype['user_angeltype_id'] != null) {
$buttons[] = button( $buttons[] = button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], page_link_to(
'user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $angeltype['user_angeltype_id']]
),
_('leave'), _('leave'),
'cancel' 'cancel'
); );
} else { } else {
$buttons[] = button( $buttons[] = button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
_('join'), _('join'),
'add' 'add'
); );

12
includes/view/Questions_view.php
View File

@ -9,14 +9,22 @@
function Questions_view($open_questions, $answered_questions, $ask_action) function Questions_view($open_questions, $answered_questions, $ask_action)
{ {
foreach ($open_questions as &$question) { foreach ($open_questions as &$question) {
$question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>'; $question['actions'] = '<a href="'
. page_link_to('user_questions', ['action' => 'delete', 'id' => $question['QID']])
. '">'
. _('delete')
. '</a>';
$question['Question'] = str_replace("\n", '<br />', $question['Question']); $question['Question'] = str_replace("\n", '<br />', $question['Question']);
} }
foreach ($answered_questions as &$question) { foreach ($answered_questions as &$question) {
$question['Question'] = str_replace("\n", '<br />', $question['Question']); $question['Question'] = str_replace("\n", '<br />', $question['Question']);
$question['Answer'] = str_replace("\n", '<br />', $question['Answer']); $question['Answer'] = str_replace("\n", '<br />', $question['Answer']);
$question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>'; $question['actions'] = '<a href="'
. page_link_to('user_questions', ['action' => 'delete', 'id' => $question['QID']])
. '">'
. _('delete')
. '</a>';
} }
return page_with_title(questions_title(), [ return page_with_title(questions_title(), [

11
includes/view/Rooms_view.php
View File

@ -1,4 +1,5 @@
<?php <?php
use Engelsystem\ShiftCalendarRenderer; use Engelsystem\ShiftCalendarRenderer;
use Engelsystem\ShiftsFilterRenderer; use Engelsystem\ShiftsFilterRenderer;
@ -10,8 +11,16 @@ use Engelsystem\ShiftsFilterRenderer;
*/ */
function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer) function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer)
{ {
global $user;
$assignNotice = '';
if (config('signup_requires_arrival') && !$user['Gekommen']) {
$assignNotice = info(render_user_arrived_hint(), true);
}
return page_with_title(glyph('map-marker') . $room['Name'], [ return page_with_title(glyph('map-marker') . $room['Name'], [
$shiftsFilterRenderer->render(room_link($room)), $shiftsFilterRenderer->render($room),
$assignNotice,
$shiftCalendarRenderer->render() $shiftCalendarRenderer->render()
]); ]);
} }

76
includes/view/ShiftCalendarRenderer.php
View File

@ -1,11 +1,9 @@
<?php <?php
namespace Engelsystem;
use Exception; namespace Engelsystem;
class ShiftCalendarRenderer class ShiftCalendarRenderer
{ {
/** /**
* 15m * 60s/m = 900s * 15m * 60s/m = 900s
*/ */
@ -51,10 +49,10 @@ class ShiftCalendarRenderer
/** /**
* ShiftCalendarRenderer constructor. * ShiftCalendarRenderer constructor.
* *
* @param array[] $shifts * @param array[] $shifts
* @param array[] $needed_angeltypes * @param array[] $needed_angeltypes
* @param array[] $shift_entries * @param array[] $shift_entries
* @param ShiftsFilter $shiftsFilter * @param ShiftsFilter $shiftsFilter
*/ */
public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter) public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter)
{ {
@ -69,23 +67,21 @@ class ShiftCalendarRenderer
/** /**
* Assigns the shifts to different lanes per room if they collide * Assigns the shifts to different lanes per room if they collide
* *
* @param array[] $shifts * @param array[] $shifts The shifts to assign
* The shifts to assign
*
* @return array Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts * @return array Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts
*/ */
private function assignShiftsToLanes($shifts) private function assignShiftsToLanes($shifts)
{ {
// array that assigns a room id to a list of lanes (per room) // array that assigns a room id to a list of lanes (per room)
$lanes = []; $lanes = [];
foreach ($shifts as $shift) { foreach ($shifts as $shift) {
$room_id = $shift['RID']; $room_id = $shift['RID'];
$header = Room_name_render([ $header = Room_name_render([
'RID' => $room_id, 'RID' => $room_id,
'Name' => $shift['room_name'] 'Name' => $shift['room_name']
]); ]);
if (! isset($lanes[$room_id])) { if (!isset($lanes[$room_id])) {
// initialize room with one lane // initialize room with one lane
$lanes[$room_id] = [ $lanes[$room_id] = [
new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot()) new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot())
@ -95,7 +91,7 @@ class ShiftCalendarRenderer
$shift_added = false; $shift_added = false;
foreach ($lanes[$room_id] as $lane) { foreach ($lanes[$room_id] as $lane) {
/** @var ShiftCalendarLane $lane */ /** @var ShiftCalendarLane $lane */
if($lane->shiftFits($shift)) { if ($lane->shiftFits($shift)) {
$lane->addShift($shift); $lane->addShift($shift);
$shift_added = true; $shift_added = true;
break; break;
@ -108,12 +104,11 @@ class ShiftCalendarRenderer
$lanes[$room_id][] = $newLane; $lanes[$room_id][] = $newLane;
} }
} }
return $lanes; return $lanes;
} }
/** /**
*
* @return int * @return int
*/ */
public function getFirstBlockStartTime() public function getFirstBlockStartTime()
@ -122,7 +117,6 @@ class ShiftCalendarRenderer
} }
/** /**
*
* @return int * @return int
*/ */
public function getLastBlockEndTime() public function getLastBlockEndTime()
@ -131,7 +125,6 @@ class ShiftCalendarRenderer
} }
/** /**
*
* @return float * @return float
*/ */
public function getBlocksPerSlot() public function getBlocksPerSlot()
@ -153,9 +146,9 @@ class ShiftCalendarRenderer
return ''; return '';
} }
return div('shift-calendar', [ return div('shift-calendar', [
$this->renderTimeLane(), $this->renderTimeLane(),
$this->renderShiftLanes() $this->renderShiftLanes()
]) . $this->renderLegend(); ]) . $this->renderLegend();
} }
/** /**
@ -171,41 +164,45 @@ class ShiftCalendarRenderer
$html .= $this->renderLane($lane); $html .= $this->renderLane($lane);
} }
} }
return $html; return $html;
} }
/** /**
* Renders a single lane * Renders a single lane
* *
* @param ShiftCalendarLane $lane * @param ShiftCalendarLane $lane The lane to render
* The lane to render
* @return string * @return string
*/ */
private function renderLane(ShiftCalendarLane $lane) private function renderLane(ShiftCalendarLane $lane)
{ {
global $user; global $user;
$shift_renderer = new ShiftCalendarShiftRenderer(); $shift_renderer = new ShiftCalendarShiftRenderer();
$html = ''; $html = '';
$rendered_until = $this->getFirstBlockStartTime(); $rendered_until = $this->getFirstBlockStartTime();
foreach ($lane->getShifts() as $shift) { foreach ($lane->getShifts() as $shift) {
while ($rendered_until + ShiftCalendarRenderer::SECONDS_PER_ROW <= $shift['start']) { while ($rendered_until + ShiftCalendarRenderer::SECONDS_PER_ROW <= $shift['start']) {
$html .= $this->renderTick($rendered_until); $html .= $this->renderTick($rendered_until);
$rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW; $rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
} }
list ($shift_height, $shift_html) = $shift_renderer->render($shift, $this->needed_angeltypes[$shift['SID']], $this->shift_entries[$shift['SID']], $user); list ($shift_height, $shift_html) = $shift_renderer->render(
$shift,
$this->needed_angeltypes[$shift['SID']],
$this->shift_entries[$shift['SID']],
$user
);
$html .= $shift_html; $html .= $shift_html;
$rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW; $rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW;
} }
while ($rendered_until < $this->getLastBlockEndTime()) { while ($rendered_until < $this->getLastBlockEndTime()) {
$html .= $this->renderTick($rendered_until); $html .= $this->renderTick($rendered_until);
$rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW; $rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
} }
return div('lane', [ return div('lane', [
div('header', $lane->getHeader()), div('header', $lane->getHeader()),
$html $html
@ -215,23 +212,21 @@ class ShiftCalendarRenderer
/** /**
* Renders a tick/block for given time * Renders a tick/block for given time
* *
* @param int $time * @param int $time unix timestamp
* unix timestamp * @param boolean $label Should time labels be generated?
* @param boolean $label
* Should time labels be generated?
* @return string rendered tick html * @return string rendered tick html
*/ */
private function renderTick($time, $label = false) private function renderTick($time, $label = false)
{ {
if ($time % (24 * 60 * 60) == 23 * 60 * 60) { if ($time % (24 * 60 * 60) == 23 * 60 * 60) {
if (! $label) { if (!$label) {
return div('tick day'); return div('tick day');
} }
return div('tick day', [ return div('tick day', [
date('m-d<b\r />H:i', $time) date('m-d<b\r />H:i', $time)
]); ]);
} elseif ($time % (60 * 60) == 0) { } elseif ($time % (60 * 60) == 0) {
if (! $label) { if (!$label) {
return div('tick hour'); return div('tick hour');
} }
return div('tick hour', [ return div('tick hour', [
@ -253,7 +248,7 @@ class ShiftCalendarRenderer
_('Time') _('Time')
]) ])
]; ];
for ($block = 0; $block < $this->getBlocksPerSlot(); $block ++) { for ($block = 0; $block < $this->getBlocksPerSlot(); $block++) {
$thistime = $this->getFirstBlockStartTime() + ($block * ShiftCalendarRenderer::SECONDS_PER_ROW); $thistime = $this->getFirstBlockStartTime() + ($block * ShiftCalendarRenderer::SECONDS_PER_ROW);
$time_slot[] = $this->renderTick($thistime, true); $time_slot[] = $this->renderTick($thistime, true);
} }
@ -261,8 +256,7 @@ class ShiftCalendarRenderer
} }
/** /**
* * @param array[] $shifts
* @param array[] $shifts
* @return int * @return int
*/ */
private function calcFirstBlockStartTime($shifts) private function calcFirstBlockStartTime($shifts)
@ -277,8 +271,7 @@ class ShiftCalendarRenderer
} }
/** /**
* * @param array[] $shifts
* @param array[] $shifts
* @return int * @return int
*/ */
private function calcLastBlockEndTime($shifts) private function calcLastBlockEndTime($shifts)
@ -293,7 +286,6 @@ class ShiftCalendarRenderer
} }
/** /**
*
* @return int * @return int
*/ */
private function calcBlocksPerSlot() private function calcBlocksPerSlot()

26
includes/view/ShiftCalendarShiftRenderer.php
View File

@ -124,11 +124,15 @@ class ShiftCalendarShiftRenderer
} }
if (in_array('user_shifts_admin', $privileges)) { if (in_array('user_shifts_admin', $privileges)) {
$html .= '<li class="list-group-item">' . button( $html .= '<li class="list-group-item">' . _('Add more angels') . ':';
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'], foreach ($needed_angeltypes as $angeltype) {
_('Add more angels'), $html .= ' ' . button(
'btn-xs' page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']]),
) . '</li>'; $angeltype['name'],
'btn-xs'
);
}
$html .= '</li>';
} }
if ($html != '') { if ($html != '') {
return [ return [
@ -169,11 +173,13 @@ class ShiftCalendarShiftRenderer
case ShiftSignupState::ADMIN: case ShiftSignupState::ADMIN:
case ShiftSignupState::FREE: case ShiftSignupState::FREE:
// When admin or free display a link + button for sign up // When admin or free display a link + button for sign up
$entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' $entry_list[] = '<a href="'
. page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']])
. '">'
. $inner_text . $inner_text
. '</a> ' . '</a> '
. button( . button(
page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'], page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']]),
_('Sign up'), 'btn-xs btn-primary' _('Sign up'), 'btn-xs btn-primary'
); );
break; break;
@ -191,7 +197,7 @@ class ShiftCalendarShiftRenderer
// Add link to join the angeltype first // Add link to join the angeltype first
$entry_list[] = $inner_text . '<br />' $entry_list[] = $inner_text . '<br />'
. button( . button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], page_link_to('user_angeltypes', ['action' => 'add', 'angeltype_id' => $angeltype['id']]),
sprintf(_('Become %s'), $angeltype['name']), sprintf(_('Become %s'), $angeltype['name']),
'btn-xs' 'btn-xs'
); );
@ -232,8 +238,8 @@ class ShiftCalendarShiftRenderer
$header_buttons = ''; $header_buttons = '';
if (in_array('admin_shifts', $privileges)) { if (in_array('admin_shifts', $privileges)) {
$header_buttons = '<div class="pull-right">' . table_buttons([ $header_buttons = '<div class="pull-right">' . table_buttons([
button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'), button(page_link_to('user_shifts', ['edit_shift' => $shift['SID']]), glyph('edit'), 'btn-xs'),
button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs') button(page_link_to('user_shifts', ['delete_shift' => $shift['SID']]), glyph('trash'), 'btn-xs')
]) . '</div>'; ]) . '</div>';
} }
$shift_heading = date('H:i', $shift['start']) . ' &dash; ' $shift_heading = date('H:i', $shift['start']) . ' &dash; '

34
includes/view/ShiftTypes_view.php
View File

@ -24,7 +24,10 @@ function ShiftType_delete_view($shifttype)
buttons([ buttons([
button(page_link_to('shifttypes'), _('cancel'), 'cancel'), button(page_link_to('shifttypes'), _('cancel'), 'cancel'),
button( button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed', page_link_to(
'shifttypes',
['action' => 'delete', 'shifttype_id' => $shifttype['id'], 'confirmed' => 1]
),
_('delete'), _('delete'),
'ok btn-danger' 'ok btn-danger'
) )
@ -81,12 +84,16 @@ function ShiftType_view($shifttype, $angeltype)
buttons([ buttons([
button(page_link_to('shifttypes'), shifttypes_title(), 'back'), button(page_link_to('shifttypes'), shifttypes_title(), 'back'),
$angeltype ? button( $angeltype ? button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
$angeltype['name'] $angeltype['name']
) : '', ) : '',
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'edit'),
button( button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], page_link_to('shifttypes', ['action' => 'edit', 'shifttype_id' => $shifttype['id']]),
_('edit'),
'edit'
),
button(
page_link_to('shifttypes', ['action' => 'delete', 'shifttype_id' => $shifttype['id']]),
_('delete'), _('delete'),
'delete' 'delete'
) )
@ -103,11 +110,22 @@ function ShiftType_view($shifttype, $angeltype)
function ShiftTypes_list_view($shifttypes) function ShiftTypes_list_view($shifttypes)
{ {
foreach ($shifttypes as &$shifttype) { foreach ($shifttypes as &$shifttype) {
$shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>'; $shifttype['name'] = '<a href="'
. page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype['id']])
. '">'
. $shifttype['name']
. '</a>';
$shifttype['actions'] = table_buttons([ $shifttype['actions'] = table_buttons([
button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'),
button( button(
page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], page_link_to(
'shifttypes',
['action' => 'edit', 'shifttype_id' => $shifttype['id']]
),
_('edit'),
'btn-xs'
),
button(
page_link_to('shifttypes', ['action' => 'delete', 'shifttype_id' => $shifttype['id']]),
_('delete'), _('delete'),
'btn-xs' 'btn-xs'
) )
@ -117,7 +135,7 @@ function ShiftTypes_list_view($shifttypes)
return page_with_title(shifttypes_title(), [ return page_with_title(shifttypes_title(), [
msg(), msg(),
buttons([ buttons([
button(page_link_to('shifttypes') . '&action=edit', _('New shifttype'), 'add') button(page_link_to('shifttypes', ['action' => 'edit']), _('New shifttype'), 'add')
]), ]),
table([ table([
'name' => _('Name'), 'name' => _('Name'),

11
includes/view/ShiftsFilterRenderer.php
View File

@ -39,17 +39,22 @@ class ShiftsFilterRenderer
/** /**
* Renders the filter. * Renders the filter.
* *
* @param string $link_base * @param array $room
* @return string Generated HTML * @return string Generated HTML
*/ */
public function render($link_base) public function render($room)
{ {
$toolbar = []; $toolbar = [];
if ($this->daySelectionEnabled && !empty($this->days)) { if ($this->daySelectionEnabled && !empty($this->days)) {
$selected_day = date('Y-m-d', $this->shiftsFilter->getStartTime()); $selected_day = date('Y-m-d', $this->shiftsFilter->getStartTime());
$day_dropdown_items = []; $day_dropdown_items = [];
foreach ($this->days as $day) { foreach ($this->days as $day) {
$day_dropdown_items[] = toolbar_item_link($link_base . '&shifts_filter_day=' . $day, '', $day); $link = page_link_to('rooms', [
'action' => 'view',
'room_id' => $room['RID'],
'shifts_filter_day' => $day,
]);
$day_dropdown_items[] = toolbar_item_link($link, '', $day);
} }
$toolbar[] = toolbar_dropdown('', $selected_day, $day_dropdown_items, 'active'); $toolbar[] = toolbar_dropdown('', $selected_day, $day_dropdown_items, 'active');
} }

9
includes/view/Shifts_view.php
View File

@ -1,4 +1,5 @@
<?php <?php
use Engelsystem\ShiftSignupState; use Engelsystem\ShiftSignupState;
/** /**
@ -41,12 +42,12 @@ function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null)
if ($angeltype['shift_signup_state']->isSignupAllowed()) { if ($angeltype['shift_signup_state']->isSignupAllowed()) {
return button( return button(
page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'], page_link_to('user_shifts', ['shift_id' => $shift['SID'], 'type_id' => $angeltype['id']]),
_('Sign up') _('Sign up')
); );
} elseif ($user_angeltype == null) { } elseif ($user_angeltype == null) {
return button( return button(
page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
sprintf(_('Become %s'), sprintf(_('Become %s'),
$angeltype['name']) $angeltype['name'])
); );
@ -207,12 +208,12 @@ function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angelty
$entry .= ' <div class="btn-group">'; $entry .= ' <div class="btn-group">';
if ($user_shift_admin) { if ($user_shift_admin) {
$entry .= button_glyph( $entry .= button_glyph(
page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], page_link_to('user_myshifts', ['edit' => $shift_entry['id'], 'id' => $shift_entry['UID']]),
'pencil', 'pencil',
'btn-xs' 'btn-xs'
); );
} }
$entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs'); $entry .= button_glyph(page_link_to('user_shifts', ['entry_id' => $shift_entry['id']]), 'trash', 'btn-xs');
$entry .= '</div>'; $entry .= '</div>';
} }
return $entry; return $entry;

73
includes/view/UserAngelTypes_view.php
View File

@ -19,12 +19,18 @@ function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporte
User_Nick_render($user) User_Nick_render($user)
), true), ), true),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button( button(
page_link_to('user_angeltypes') page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
. '&action=update&user_angeltype_id=' . $user_angeltype['id'] _('cancel'),
. '&supporter=' . ($supporter ? '1' : '0') 'cancel'
. '&confirmed', ),
button(
page_link_to('user_angeltypes', [
'action' => 'update',
'user_angeltype_id' => $user_angeltype['id'],
'supporter' => ($supporter ? '1' : '0'),
'confirmed' => 1,
]),
_('yes'), _('yes'),
'ok' 'ok'
) )
@ -42,9 +48,19 @@ function UserAngelTypes_delete_all_view($angeltype)
msg(), msg(),
info(sprintf(_('Do you really want to deny all users for %s?'), $angeltype['name']), true), info(sprintf(_('Do you really want to deny all users for %s?'), $angeltype['name']), true),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button( button(
page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed', page_link_to(
'angeltypes',
['action' => 'view', 'angeltype_id' => $angeltype['id']]
),
_('cancel'),
'cancel'
),
button(
page_link_to(
'user_angeltypes',
['action' => 'delete_all', 'angeltype_id' => $angeltype['id'], 'confirmed' => 1]
),
_('yes'), _('yes'),
'ok' 'ok'
) )
@ -62,9 +78,11 @@ function UserAngelTypes_confirm_all_view($angeltype)
msg(), msg(),
info(sprintf(_('Do you really want to confirm all users for %s?'), $angeltype['name']), true), info(sprintf(_('Do you really want to confirm all users for %s?'), $angeltype['name']), true),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'), button(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]), _('cancel'),
'cancel'),
button( button(
page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed', page_link_to('user_angeltypes',
['action' => 'confirm_all', 'angeltype_id' => $angeltype['id'], 'confirmed' => 1]),
_('yes'), _('yes'),
'ok' 'ok'
) )
@ -84,9 +102,16 @@ function UserAngelType_confirm_view($user_angeltype, $user, $angeltype)
msg(), msg(),
info(sprintf(_('Do you really want to confirm %s for %s?'), User_Nick_render($user), $angeltype['name']), true), info(sprintf(_('Do you really want to confirm %s for %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button( button(
page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to(
'user_angeltypes',
['action' => 'confirm', 'user_angeltype_id' => $user_angeltype['id'], 'confirmed' => 1]
),
_('yes'), _('yes'),
'ok' 'ok'
) )
@ -106,9 +131,14 @@ function UserAngelType_delete_view($user_angeltype, $user, $angeltype)
msg(), msg(),
info(sprintf(_('Do you really want to delete %s from %s?'), User_Nick_render($user), $angeltype['name']), true), info(sprintf(_('Do you really want to delete %s from %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button( button(
page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to('user_angeltypes',
['action' => 'delete', 'user_angeltype_id' => $user_angeltype['id'], 'confirmed' => 1]),
_('yes'), _('yes'),
'ok' 'ok'
) )
@ -132,7 +162,11 @@ function UserAngelType_add_view($angeltype, $users_source, $user_id)
return page_with_title(_('Add user to angeltype'), [ return page_with_title(_('Add user to angeltype'), [
msg(), msg(),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('back'), 'back') button(
page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('back'),
'back'
)
]), ]),
form([ form([
form_info(_('Angeltype'), $angeltype['name']), form_info(_('Angeltype'), $angeltype['name']),
@ -153,9 +187,16 @@ function UserAngelType_join_view($user, $angeltype)
msg(), msg(),
info(sprintf(_('Do you really want to add %s to %s?'), User_Nick_render($user), $angeltype['name']), true), info(sprintf(_('Do you really want to add %s to %s?'), User_Nick_render($user), $angeltype['name']), true),
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
button( button(
page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed', page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']]),
_('cancel'),
'cancel'
),
button(
page_link_to(
'user_angeltypes',
['action' => 'add', 'angeltype_id' => $angeltype['id'], 'user_id' => $user['UID'], 'confirmed' => 1]
),
_('save'), _('save'),
'ok' 'ok'
) )

46
includes/view/User_view.php
View File

@ -127,7 +127,7 @@ function User_registration_success_view($event_welcome_message)
'<h2>' . _('What can I do?') . '</h2>', '<h2>' . _('What can I do?') . '</h2>',
'<p>' . _('Please read about the jobs you can do to help us.') . '</p>', '<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
buttons([ buttons([
button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;') button(page_link_to('angeltypes', ['action' => 'about']), _('Teams/Job description') . ' &raquo;')
]) ])
]) ])
]) ])
@ -172,10 +172,13 @@ function User_edit_vouchers_view($user)
button(user_link($user), glyph('chevron-left') . _('back')) button(user_link($user), glyph('chevron-left') . _('back'))
]), ]),
info(sprintf(_('Angel should receive at least %d vouchers.'), User_get_eligable_voucher_count($user)), true), info(sprintf(_('Angel should receive at least %d vouchers.'), User_get_eligable_voucher_count($user)), true),
form([ form(
form_spinner('vouchers', _('Number of vouchers given out'), $user['got_voucher']), [
form_submit('submit', _('Save')) form_spinner('vouchers', _('Number of vouchers given out'), $user['got_voucher']),
], page_link_to('users') . '&action=edit_vouchers&user_id=' . $user['UID']) form_submit('submit', _('Save'))
],
page_link_to('users', ['action' => 'edit_vouchers', 'user_id' => $user['UID']])
)
]); ]);
} }
@ -208,7 +211,7 @@ function Users_view(
$user['Tshirt'] = glyph_bool($user['Tshirt']); $user['Tshirt'] = glyph_bool($user['Tshirt']);
$user['lastLogIn'] = date(_('m/d/Y h:i a'), $user['lastLogIn']); $user['lastLogIn'] = date(_('m/d/Y h:i a'), $user['lastLogIn']);
$user['actions'] = table_buttons([ $user['actions'] = table_buttons([
button_glyph(page_link_to('admin_user') . '&id=' . $user['UID'], 'edit', 'btn-xs') button_glyph(page_link_to('admin_user', ['id' => $user['UID']]), 'edit', 'btn-xs')
]); ]);
} }
$users[] = [ $users[] = [
@ -253,7 +256,11 @@ function Users_view(
*/ */
function Users_table_header_link($column, $label, $order_by) function Users_table_header_link($column, $label, $order_by)
{ {
return '<a href="' . page_link_to('users') . '&OrderBy=' . $column . '">' . $label . ($order_by == $column ? ' <span class="caret"></span>' : '') . '</a>'; return '<a href="'
. page_link_to('users', ['OrderBy' => $column])
. '">'
. $label . ($order_by == $column ? ' <span class="caret"></span>' : '')
. '</a>';
} }
/** /**
@ -347,7 +354,7 @@ function User_view_myshift($shift, $user_source, $its_me)
]; ];
if ($its_me || in_array('user_shifts_admin', $privileges)) { if ($its_me || in_array('user_shifts_admin', $privileges)) {
$myshift['actions'][] = button( $myshift['actions'][] = button(
page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '&id=' . $user_source['UID'], page_link_to('user_myshifts', ['edit' => $shift['id'], 'id' => $user_source['UID']]),
glyph('edit') . _('edit'), glyph('edit') . _('edit'),
'btn-xs' 'btn-xs'
); );
@ -356,8 +363,15 @@ function User_view_myshift($shift, $user_source, $its_me)
($shift['start'] > time() + config('last_unsubscribe') * 3600) ($shift['start'] > time() + config('last_unsubscribe') * 3600)
|| in_array('user_shifts_admin', $privileges) || in_array('user_shifts_admin', $privileges)
) { ) {
$parameters = [
'cancel' => $shift['id'],
'id' => $user_source['UID'],
];
if ($its_me) {
$parameters['id'] = '';
}
$myshift['actions'][] = button( $myshift['actions'][] = button(
page_link_to('user_myshifts') . ((!$its_me) ? '&id=' . $user_source['UID'] : '') . '&cancel=' . $shift['id'], page_link_to('user_myshifts', $parameters),
glyph('trash') . _('sign off'), glyph('trash') . _('sign off'),
'btn-xs' 'btn-xs'
); );
@ -427,7 +441,7 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
div('col-md-12', [ div('col-md-12', [
buttons([ buttons([
$admin_user_privilege ? button( $admin_user_privilege ? button(
page_link_to('admin_user') . '&id=' . $user_source['UID'], page_link_to('admin_user', ['id' => $user_source['UID']]),
glyph('edit') . _('edit') glyph('edit') . _('edit')
) : '', ) : '',
$admin_user_privilege ? button( $admin_user_privilege ? button(
@ -435,24 +449,24 @@ function User_view($user_source, $admin_user_privilege, $freeloader, $user_angel
glyph('road') . _('driving license') glyph('road') . _('driving license')
) : '', ) : '',
($admin_user_privilege && !$user_source['Gekommen']) ? button( ($admin_user_privilege && !$user_source['Gekommen']) ? button(
page_link_to('admin_arrive') . '&arrived=' . $user_source['UID'], page_link_to('admin_arrive', ['arrived' => $user_source['UID']]),
_('arrived') _('arrived')
) : '', ) : '',
$admin_user_privilege ? button( $admin_user_privilege ? button(
page_link_to('users') . '&action=edit_vouchers&user_id=' . $user_source['UID'], page_link_to('users', ['action' => 'edit_vouchers', 'user_id' => $user_source['UID']]),
glyph('cutlery') . _('Edit vouchers') glyph('cutlery') . _('Edit vouchers')
) : '', ) : '',
$its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _('Settings')) : '', $its_me ? button(page_link_to('user_settings'), glyph('list-alt') . _('Settings')) : '',
$its_me ? button( $its_me ? button(
page_link_to('ical') . '&key=' . $user_source['api_key'], page_link_to('ical', ['key' => $user_source['api_key']]),
glyph('calendar') . _('iCal Export') glyph('calendar') . _('iCal Export')
) : '', ) : '',
$its_me ? button( $its_me ? button(
page_link_to('shifts_json_export') . '&key=' . $user_source['api_key'], page_link_to('shifts_json_export', ['key' => $user_source['api_key']]),
glyph('export') . _('JSON Export') glyph('export') . _('JSON Export')
) : '', ) : '',
$its_me ? button( $its_me ? button(
page_link_to('user_myshifts') . '&reset', page_link_to('user_myshifts', ['reset' => 1]),
glyph('repeat') . _('Reset API key') glyph('repeat') . _('Reset API key')
) : '' ) : ''
]) ])
@ -607,7 +621,7 @@ function User_groups_render($user_groups)
function User_Nick_render($user_source) function User_Nick_render($user_source)
{ {
return '<a class="' . ($user_source['Gekommen'] ? '' : 'text-muted') . '" href="' return '<a class="' . ($user_source['Gekommen'] ? '' : 'text-muted') . '" href="'
. page_link_to('users') . '&amp;action=view&amp;user_id=' . $user_source['UID'] . page_link_to('users', ['action' => 'view', 'user_id' => $user_source['UID']])
. '"><span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . '</a>'; . '"><span class="icon-icon_angel"></span> ' . htmlspecialchars($user_source['Nick']) . '</a>';
} }

15
phpunit.xml
View File

@ -1,12 +1,8 @@
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.5/phpunit.xsd"
backupGlobals="false"
bootstrap="./includes/engelsystem_provider.php" bootstrap="./includes/engelsystem_provider.php"
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/6.3/phpunit.xsd"
colors="true" colors="true"
convertErrorsToExceptions="true" >
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false">
<testsuites> <testsuites>
<testsuite name="Models"> <testsuite name="Models">
<directory>./test/model/</directory> <directory>./test/model/</directory>
@ -16,10 +12,7 @@
<whitelist> <whitelist>
<directory>./include/</directory> <directory>./include/</directory>
<directory>./public/</directory> <directory>./public/</directory>
<directory>./src/</directory> <directory>./src/</directory>
</whitelist> </whitelist>
</filter> </filter>
<php>
<const name="PHPUNIT_TESTSUITE" value="true"/>
</php>
</phpunit> </phpunit>

8
public/.htaccess Normal file
View File

@ -0,0 +1,8 @@
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

291
public/index.php
View File

@ -1,4 +1,7 @@
<?php <?php
use Engelsystem\Http\Request;
require_once realpath(__DIR__ . '/../includes/engelsystem_provider.php'); require_once realpath(__DIR__ . '/../includes/engelsystem_provider.php');
$free_pages = [ $free_pages = [
@ -16,7 +19,7 @@ $free_pages = [
'stats', 'stats',
'users', 'users',
'user_driver_licenses', 'user_driver_licenses',
'user_password_recovery' 'user_password_recovery',
]; ];
// Gewünschte Seite/Funktion // Gewünschte Seite/Funktion
@ -24,8 +27,13 @@ $page = '';
$title = ''; $title = '';
$content = ''; $content = '';
$page = $request->input('p'); /** @var Request $request */
$page = $request->query->get('p');
if (empty($page)) { if (empty($page)) {
$page = $request->path();
$page = str_replace('-', '_', $page);
}
if ($page == '/') {
$page = isset($user) ? 'news' : 'login'; $page = isset($user) ? 'news' : 'login';
} }
@ -38,120 +46,158 @@ if (
) { ) {
$title = $page; $title = $page;
if ($page == 'api') { switch ($page) {
error('Api disabled temporarily.'); case 'api':
redirect(page_link_to()); error('Api disabled temporarily.');
require_once realpath(__DIR__ . '/../includes/controller/api.php'); redirect(page_link_to());
api_controller(); break;
} elseif ($page == 'ical') { case 'ical':
require_once realpath(__DIR__ . '/../includes/pages/user_ical.php'); require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
user_ical(); user_ical();
} elseif ($page == 'atom') { break;
require_once realpath(__DIR__ . '/../includes/pages/user_atom.php'); case 'atom':
user_atom(); require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
} elseif ($page == 'shifts_json_export') { user_atom();
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); break;
shifts_json_export_controller(); case 'shifts_json_export':
} elseif ($page == 'shifts_json_export_all') { require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php'); shifts_json_export_controller();
shifts_json_export_all_controller(); break;
} elseif ($page == 'stats') { case 'shifts_json_export_all':
require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php'); require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
guest_stats(); shifts_json_export_all_controller();
} elseif ($page == 'user_password_recovery') { break;
require_once realpath(__DIR__ . '/../includes/controller/users_controller.php'); case 'stats':
$title = user_password_recovery_title(); require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
$content = user_password_recovery_controller(); guest_stats();
} elseif ($page == 'angeltypes') { break;
list($title, $content) = angeltypes_controller(); case 'user_password_recovery':
} elseif ($page == 'shifts') { require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
list($title, $content) = shifts_controller(); $title = user_password_recovery_title();
} elseif ($page == 'users') { $content = user_password_recovery_controller();
list($title, $content) = users_controller(); break;
} elseif ($page == 'user_angeltypes') { case 'angeltypes':
list($title, $content) = user_angeltypes_controller(); list($title, $content) = angeltypes_controller();
} elseif ($page == 'user_driver_licenses') { break;
list($title, $content) = user_driver_licenses_controller(); case 'shifts':
} elseif ($page == 'shifttypes') { list($title, $content) = shifts_controller();
list($title, $content) = shifttypes_controller(); break;
} elseif ($page == 'admin_event_config') { case 'users':
list($title, $content) = event_config_edit_controller(); list($title, $content) = users_controller();
} elseif ($page == 'rooms') { break;
list($title, $content) = rooms_controller(); case 'user_angeltypes':
} elseif ($page == 'news') { list($title, $content) = user_angeltypes_controller();
$title = news_title(); break;
$content = user_news(); case 'user_driver_licenses':
} elseif ($page == 'news_comments') { list($title, $content) = user_driver_licenses_controller();
require_once realpath(__DIR__ . '/../includes/pages/user_news.php'); break;
$title = user_news_comments_title(); case 'shifttypes':
$content = user_news_comments(); list($title, $content) = shifttypes_controller();
} elseif ($page == 'user_meetings') { break;
$title = meetings_title(); case 'admin_event_config':
$content = user_meetings(); list($title, $content) = event_config_edit_controller();
} elseif ($page == 'user_myshifts') { break;
$title = myshifts_title(); case 'rooms':
$content = user_myshifts(); list($title, $content) = rooms_controller();
} elseif ($page == 'user_shifts') { break;
$title = shifts_title(); case 'news':
$content = user_shifts(); $title = news_title();
} elseif ($page == 'user_messages') { $content = user_news();
$title = messages_title(); break;
$content = user_messages(); case 'news_comments':
} elseif ($page == 'user_questions') { require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
$title = questions_title(); $title = user_news_comments_title();
$content = user_questions(); $content = user_news_comments();
} elseif ($page == 'user_settings') { break;
$title = settings_title(); case 'user_meetings':
$content = user_settings(); $title = meetings_title();
} elseif ($page == 'login') { $content = user_meetings();
$title = login_title(); break;
$content = guest_login(); case 'user_myshifts':
} elseif ($page == 'register') { $title = myshifts_title();
$title = register_title(); $content = user_myshifts();
$content = guest_register(); break;
} elseif ($page == 'logout') { case 'user_shifts':
$title = logout_title(); $title = shifts_title();
$content = guest_logout(); $content = user_shifts();
} elseif ($page == 'admin_questions') { break;
$title = admin_questions_title(); case 'user_messages':
$content = admin_questions(); $title = messages_title();
} elseif ($page == 'admin_user') { $content = user_messages();
$title = admin_user_title(); break;
$content = admin_user(); case 'user_questions':
} elseif ($page == 'admin_arrive') { $title = questions_title();
$title = admin_arrive_title(); $content = user_questions();
$content = admin_arrive(); break;
} elseif ($page == 'admin_active') { case 'user_settings':
$title = admin_active_title(); $title = settings_title();
$content = admin_active(); $content = user_settings();
} elseif ($page == 'admin_free') { break;
$title = admin_free_title(); case 'login':
$content = admin_free(); $title = login_title();
} elseif ($page == 'admin_news') { $content = guest_login();
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php'); break;
$content = admin_news(); case 'register':
} elseif ($page == 'admin_rooms') { $title = register_title();
$title = admin_rooms_title(); $content = guest_register();
$content = admin_rooms(); break;
} elseif ($page == 'admin_groups') { case 'logout':
$title = admin_groups_title(); $title = logout_title();
$content = admin_groups(); $content = guest_logout();
} elseif ($page == 'admin_import') { break;
$title = admin_import_title(); case 'admin_questions':
$content = admin_import(); $title = admin_questions_title();
} elseif ($page == 'admin_shifts') { $content = admin_questions();
$title = admin_shifts_title(); break;
$content = admin_shifts(); case 'admin_user':
} elseif ($page == 'admin_log') { $title = admin_user_title();
$title = admin_log_title(); $content = admin_user();
$content = admin_log(); break;
} elseif ($page == 'credits') { case 'admin_arrive':
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php'); $title = admin_arrive_title();
$title = credits_title(); $content = admin_arrive();
$content = guest_credits(); break;
} else { case 'admin_active':
require_once realpath(__DIR__ . '/../includes/pages/guest_start.php'); $title = admin_active_title();
$content = guest_start(); $content = admin_active();
break;
case 'admin_free':
$title = admin_free_title();
$content = admin_free();
break;
case 'admin_news':
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
$content = admin_news();
break;
case 'admin_rooms':
$title = admin_rooms_title();
$content = admin_rooms();
break;
case 'admin_groups':
$title = admin_groups_title();
$content = admin_groups();
break;
case 'admin_import':
$title = admin_import_title();
$content = admin_import();
break;
case 'admin_shifts':
$title = admin_shifts_title();
$content = admin_shifts();
break;
case 'admin_log':
$title = admin_log_title();
$content = admin_log();
break;
case 'credits':
require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
$title = credits_title();
$content = guest_credits();
break;
default:
require_once realpath(__DIR__ . '/../includes/pages/guest_start.php');
$content = guest_start();
break;
} }
} else { } else {
// Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen // Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
@ -166,14 +212,23 @@ if (
$event_config = EventConfig(); $event_config = EventConfig();
$parameters = [
'key' => (isset($user) ? $user['api_key'] : ''),
];
if ($page == 'user_meetings') {
$parameters['meetings'] = 1;
}
echo view(__DIR__ . '/../templates/layout.html', [ echo view(__DIR__ . '/../templates/layout.html', [
'theme' => isset($user) ? $user['color'] : config('theme'), 'theme' => isset($user) ? $user['color'] : config('theme'),
'title' => $title, 'title' => $title,
'atom_link' => ($page == 'news' || $page == 'user_meetings') 'atom_link' => ($page == 'news' || $page == 'user_meetings')
? ' <link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&meetings=1' : '') ? ' <link href="'
. '&amp;key=' . (isset($user) ? $user['api_key'] : '') . page_link_to('atom', $parameters)
. '" type = "application/atom+xml" rel = "alternate" title = "Atom Feed">' . '" type = "application/atom+xml" rel = "alternate" title = "Atom Feed">'
: '', : '',
'start_page_url' => page_link_to('/'),
'credits_url' => page_link_to('credits'),
'menu' => make_menu(), 'menu' => make_menu(),
'content' => msg() . $content, 'content' => msg() . $content,
'header_toolbar' => header_toolbar(), 'header_toolbar' => header_toolbar(),

9
src/Database/Db.php
View File

@ -79,9 +79,10 @@ class Db
return self::$stm->fetchAll(PDO::FETCH_ASSOC); return self::$stm->fetchAll(PDO::FETCH_ASSOC);
} }
/** /**
* Run a select query and return only the first result or null if no result is found. * Run a select query and return only the first result or null if no result is found.
*
* @param string $query * @param string $query
* @param array $bindings * @param array $bindings
* @return array|null * @return array|null
@ -89,11 +90,11 @@ class Db
public static function selectOne($query, array $bindings = []) public static function selectOne($query, array $bindings = [])
{ {
$result = self::select($query, $bindings); $result = self::select($query, $bindings);
if(empty($result)) { if (empty($result)) {
return null; return null;
} }
return array_shift($result); return array_shift($result);
} }

56
src/Exceptions/Handler.php
View File

@ -34,7 +34,9 @@ class Handler
*/ */
public function errorHandler($number, $string, $file, $line, $context) public function errorHandler($number, $string, $file, $line, $context)
{ {
$this->handle('error', $number, $string, $file, $line, $context); $trace = array_reverse(debug_backtrace());
$this->handle('error', $number, $string, $file, $line, $context, $trace);
} }
/** /**
@ -59,8 +61,9 @@ class Handler
* @param string $file * @param string $file
* @param int $line * @param int $line
* @param array $context * @param array $context
* @param array $trace
*/ */
protected function handle($type, $number, $string, $file, $line, $context = []) protected function handle($type, $number, $string, $file, $line, $context = [], $trace = [])
{ {
error_log(sprintf('%s: Number: %s, String: %s, File: %s:%u, Context: %s', error_log(sprintf('%s: Number: %s, String: %s, File: %s:%u, Context: %s',
$type, $type,
@ -71,13 +74,16 @@ class Handler
json_encode($context) json_encode($context)
)); ));
$file = $this->stripBasePath($file);
if ($this->environment == self::ENV_DEVELOPMENT) { if ($this->environment == self::ENV_DEVELOPMENT) {
echo '<pre style="background-color:#333;color:#ccc;z-index:1000;position:absolute;top:1em;padding:1em;width:97%;overflow-y:auto;">'; echo '<pre style="background-color:#333;color:#ccc;z-index:1000;position:fixed;bottom:1em;padding:1em;width:97%;max-height: 90%;overflow-y:auto;">';
echo sprintf('%s: (%s)' . PHP_EOL, ucfirst($type), $number); echo sprintf('%s: (%s)' . PHP_EOL, ucfirst($type), $number);
var_export([ var_export([
'string' => $string, 'string' => $string,
'file' => $file . ':' . $line, 'file' => $file . ':' . $line,
'context' => ($this->environment == self::ENV_DEVELOPMENT ? $context : null), 'context' => $context,
'stacktrace' => $this->formatStackTrace($trace),
]); ]);
echo '</pre>'; echo '</pre>';
die(); die();
@ -87,6 +93,44 @@ class Handler
die(); die();
} }
/**
* @param array $stackTrace
* @return array
*/
protected function formatStackTrace($stackTrace)
{
$return = [];
foreach ($stackTrace as $trace) {
$path = '';
$line = '';
if (isset($trace['file']) && isset($trace['line'])) {
$path = $this->stripBasePath($trace['file']);
$line = $trace['line'];
}
$functionName = $trace['function'];
$return[] = [
'file' => $path . ':' . $line,
$functionName => $trace['args'],
];
}
return $return;
}
/**
* @param string $path
* @return string
*/
protected function stripBasePath($path)
{
$basePath = realpath(__DIR__ . '/../..') . '/';
return str_replace($basePath, '', $path);
}
/** /**
* @param string $environment * @param string $environment
*/ */

76
src/Http/Request.php
View File

@ -3,43 +3,13 @@
namespace Engelsystem\Http; namespace Engelsystem\Http;
use ErrorException; use ErrorException;
use Symfony\Component\HttpFoundation\Request as SymfonyRequest;
class Request class Request extends SymfonyRequest
{ {
/** @var self */ /** @var self */
protected static $instance; protected static $instance;
/** @var array of POST data */
protected $request;
/** @var array of GET data */
protected $query;
/**
* Initialize request
*/
public function create()
{
$this->request = $_POST;
$this->query = $_GET;
}
/**
* Get GET input
*
* @param string $key
* @param mixed $default
* @return mixed
*/
public function get($key, $default = null)
{
if (!empty($this->query[$key])) {
return $this->query[$key];
}
return $default;
}
/** /**
* Get POST input * Get POST input
* *
@ -47,13 +17,9 @@ class Request
* @param mixed $default * @param mixed $default
* @return mixed * @return mixed
*/ */
public function post($key, $default = null) public function postData($key, $default = null)
{ {
if (!empty($this->request[$key])) { return $this->request->get($key, $default);
return $this->request[$key];
}
return $default;
} }
/** /**
@ -65,13 +31,7 @@ class Request
*/ */
public function input($key, $default = null) public function input($key, $default = null)
{ {
$data = $this->request + $this->query; return $this->get($key, $default);
if (isset($data[$key])) {
return $data[$key];
}
return $default;
} }
/** /**
@ -82,9 +42,31 @@ class Request
*/ */
public function has($key) public function has($key)
{ {
$data = $this->request + $this->query; $value = $this->input($key);
return isset($data[$key]); return !empty($value);
}
/**
* Get the requested path
*
* @return string
*/
public function path()
{
$pattern = trim($this->getPathInfo(), '/');
return $pattern == '' ? '/' : $pattern;
}
/**
* Return the current URL
*
* @return string
*/
public function url()
{
return rtrim(preg_replace('/\?.*/', '', $this->getUri()), '/');
} }
/** /**

27
src/Routing/UrlGenerator.php Normal file
View File

@ -0,0 +1,27 @@
<?php
namespace Engelsystem\Routing;
use Engelsystem\Http\Request;
class UrlGenerator
{
/**
* @param string $path
* @param array $parameters
* @return string
*/
public static function to($path, $parameters = [])
{
$path = '/' . ltrim($path, '/');
$request = Request::getInstance();
$uri = $request->getUriForPath($path);
if (!empty($parameters) && is_array($parameters)) {
$parameters = http_build_query($parameters);
$uri .= '?' . $parameters;
}
return $uri;
}
}

28
src/helpers.php
View File

@ -4,6 +4,8 @@
use Engelsystem\Config\Config; use Engelsystem\Config\Config;
use Engelsystem\Http\Request; use Engelsystem\Http\Request;
use Engelsystem\Renderer\Renderer; use Engelsystem\Renderer\Renderer;
use Engelsystem\Routing\UrlGenerator;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
/** /**
* Get or set config values * Get or set config values
@ -41,6 +43,22 @@ function request($key = null, $default = null)
return $request->input($key, $default); return $request->input($key, $default);
} }
/**
* @param string $key
* @param mixed $default
* @return SessionInterface|mixed
*/
function session($key = null, $default = null)
{
$session = request()->getSession();
if (is_null($key)) {
return $session;
}
return $session->get($key, $default);
}
/** /**
* @param string $template * @param string $template
* @param mixed[] $data * @param mixed[] $data
@ -56,3 +74,13 @@ function view($template = null, $data = null)
return $renderer->render($template, $data); return $renderer->render($template, $data);
} }
/**
* @param string $path
* @param array $parameters
* @return string
*/
function url($path, $parameters = [])
{
return UrlGenerator::to($path, $parameters);
}

7
templates/guest_credits.html
View File

@ -20,11 +20,10 @@
<div class="col-md-4"> <div class="col-md-4">
<h2>Hosting</h2> <h2>Hosting</h2>
<p> <p>
Webspace, development platform and domain on <a href="https://engelsystem.de">engelsystem.de</a> is currently provided by Webspace, development platform and domain on <a href="https://engelsystem.de">engelsystem.de</a>
<a href="https://www.wybt.net/">would you buy this?</a> (ichdasich) is currently provided by <a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)
and adminstrated by <a href="http://mortzu.de/">mortzu</a>, and adminstrated by <a href="http://mortzu.de/">mortzu</a>,
<a href="http://derf.homelinux.org/">derf</a> <a href="http://derf.homelinux.org/">derf</a> and ichdasich.
and ichdasich.
</p> </p>
</div> </div>
<div class="col-md-4"> <div class="col-md-4">

6
templates/layout.html
View File

@ -22,7 +22,9 @@
<span class="icon-bar"></span> <span class="icon-bar"></span>
<span class="icon-bar"></span> <span class="icon-bar"></span>
</button> </button>
<a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a> <a class="navbar-brand" href="%start_page_url%">
<span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
</a>
</div> </div>
<div class="collapse navbar-collapse" id="navbar-collapse-1">%menu% %header_toolbar%</div> <div class="collapse navbar-collapse" id="navbar-collapse-1">%menu% %header_toolbar%</div>
</div> </div>
@ -38,7 +40,7 @@
· <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a> · <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a>
· <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
· <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
· <a href="?p=credits">Credits</a> · <a href="%credits_url%">Credits</a>
</div> </div>
</div> </div>
</div> </div>

2
templates/maintenance.html
View File

@ -21,7 +21,7 @@
<span class="icon-bar"></span> <span class="icon-bar"></span>
<span class="icon-bar"></span> <span class="icon-bar"></span>
</button> </button>
<a class="navbar-brand" href="?"> <a class="navbar-brand" href="#">
<span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong> <span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
</a> </a>
</div> </div>

17
templates/user_shifts.html
View File

@ -4,12 +4,14 @@
var days = document.getElementById(id + '_day').getElementsByTagName( var days = document.getElementById(id + '_day').getElementsByTagName(
'option'); 'option');
for (var i = 0; i < days.length; i++) { for (var i = 0; i < days.length; i++) {
if (days[i].value == moment().format('YYYY-MM-DD')) if (days[i].value === moment().format('YYYY-MM-DD')) {
days[i].selected = true; days[i].selected = true;
}
} }
} }
</script> </script>
<form class="form-inline" action="" method="get">
<form class="form-inline" action="">
<input type="hidden" name="p" value="user_shifts"> <input type="hidden" name="p" value="user_shifts">
<div class="row"> <div class="row">
<div class="col-md-6"> <div class="col-md-6">
@ -17,7 +19,7 @@
<div class="form-group">%start_select%</div> <div class="form-group">%start_select%</div>
<div class="form-group"> <div class="form-group">
<div class="input-group"> <div class="input-group">
<input class="form-control" type="text" id="start_time" name="start_time" size="5" <input class="form-control" id="start_time" name="start_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%"> pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
<div class="input-group-btn"> <div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');"> <button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');">
@ -30,7 +32,7 @@
<div class="form-group">%end_select%</div> <div class="form-group">%end_select%</div>
<div class="form-group"> <div class="form-group">
<div class="input-group"> <div class="input-group">
<input class="form-control" type="text" id="end_time" name="end_time" size="5" <input class="form-control" id="end_time" name="end_time" size="5"
pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%"> pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
<div class="input-group-btn"> <div class="input-group-btn">
<button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');"> <button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');">
@ -46,8 +48,11 @@
</div> </div>
<div class="row"> <div class="row">
<div class="col-md-6"> <div class="col-md-6">
<div>%task_notice%</div> <div>%assign_notice%</div>
<input class="btn btn-primary" type="submit" style="width: 75%; margin-bottom: 20px" value="%filter%"> </div>
<div class="col-md-6">
<div><p>%task_notice%</p></div>
<input class="btn btn-primary" type="submit" style="width:75%; margin-bottom: 20px" value="%filter%">
</div> </div>
</div> </div>
</form> </form>