Changed $_GET, $_POST and $_REQUEST to use the Request object
This commit is contained in:
parent
04217834fa
commit
3a1e460249
|
@ -81,7 +81,7 @@ function angeltype_delete_controller()
|
||||||
|
|
||||||
$angeltype = load_angeltype();
|
$angeltype = load_angeltype();
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if (request()->has('confirmed')) {
|
||||||
AngelType_delete($angeltype);
|
AngelType_delete($angeltype);
|
||||||
success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype)));
|
success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype)));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
@ -104,8 +104,9 @@ function angeltype_edit_controller()
|
||||||
|
|
||||||
// In supporter mode only allow to modify description
|
// In supporter mode only allow to modify description
|
||||||
$supporter_mode = !in_array('admin_angel_types', $privileges);
|
$supporter_mode = !in_array('admin_angel_types', $privileges);
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['angeltype_id'])) {
|
if ($request->has('angeltype_id')) {
|
||||||
// Edit existing angeltype
|
// Edit existing angeltype
|
||||||
$angeltype = load_angeltype();
|
$angeltype = load_angeltype();
|
||||||
|
|
||||||
|
@ -121,12 +122,12 @@ function angeltype_edit_controller()
|
||||||
$angeltype = AngelType_new();
|
$angeltype = AngelType_new();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (!$supporter_mode) {
|
if (!$supporter_mode) {
|
||||||
if (isset($_REQUEST['name'])) {
|
if ($request->has('name')) {
|
||||||
$result = AngelType_validate_name($_REQUEST['name'], $angeltype);
|
$result = AngelType_validate_name($request->get('name'), $angeltype);
|
||||||
$angeltype['name'] = $result->getValue();
|
$angeltype['name'] = $result->getValue();
|
||||||
if (!$result->isValid()) {
|
if (!$result->isValid()) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -134,10 +135,10 @@ function angeltype_edit_controller()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$angeltype['restricted'] = isset($_REQUEST['restricted']);
|
$angeltype['restricted'] = $request->has('restricted');
|
||||||
$angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']);
|
$angeltype['no_self_signup'] = $request->has('no_self_signup');
|
||||||
|
|
||||||
$angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']);
|
$angeltype['requires_driver_license'] = $request->has('requires_driver_license');
|
||||||
}
|
}
|
||||||
|
|
||||||
$angeltype['description'] = strip_request_item_nl('description', $angeltype['description']);
|
$angeltype['description'] = strip_request_item_nl('description', $angeltype['description']);
|
||||||
|
@ -262,11 +263,12 @@ function angeltypes_list_controller()
|
||||||
*/
|
*/
|
||||||
function load_angeltype()
|
function load_angeltype()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['angeltype_id'])) {
|
$request = request();
|
||||||
|
if (!$request->has('angeltype_id')) {
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$angeltype = AngelType($_REQUEST['angeltype_id']);
|
$angeltype = AngelType($request->input('angeltype_id'));
|
||||||
if ($angeltype == null) {
|
if ($angeltype == null) {
|
||||||
error(_('Angeltype doesn\'t exist . '));
|
error(_('Angeltype doesn\'t exist . '));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
|
|
@ -19,6 +19,7 @@ function event_config_edit_controller()
|
||||||
redirect('?');
|
redirect('?');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$request = request();
|
||||||
$event_name = null;
|
$event_name = null;
|
||||||
$event_welcome_msg = null;
|
$event_welcome_msg = null;
|
||||||
$buildup_start_date = null;
|
$buildup_start_date = null;
|
||||||
|
@ -36,17 +37,17 @@ function event_config_edit_controller()
|
||||||
$event_welcome_msg = $event_config['event_welcome_msg'];
|
$event_welcome_msg = $event_config['event_welcome_msg'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['event_name'])) {
|
if ($request->has('event_name')) {
|
||||||
$event_name = strip_request_item('event_name');
|
$event_name = strip_request_item('event_name');
|
||||||
}
|
}
|
||||||
if ($event_name == '') {
|
if ($event_name == '') {
|
||||||
$event_name = null;
|
$event_name = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['event_welcome_msg'])) {
|
if ($request->has('event_welcome_msg')) {
|
||||||
$event_welcome_msg = strip_request_item_nl('event_welcome_msg');
|
$event_welcome_msg = strip_request_item_nl('event_welcome_msg');
|
||||||
}
|
}
|
||||||
if ($event_welcome_msg == '') {
|
if ($event_welcome_msg == '') {
|
||||||
|
|
|
@ -19,6 +19,7 @@ function room_controller()
|
||||||
redirect(page_link_to());
|
redirect(page_link_to());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$request = request();
|
||||||
$room = load_room(false);
|
$room = load_room(false);
|
||||||
if ($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) {
|
if ($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) {
|
||||||
redirect(page_link_to());
|
redirect(page_link_to());
|
||||||
|
@ -42,8 +43,8 @@ function room_controller()
|
||||||
if (!empty($days)) {
|
if (!empty($days)) {
|
||||||
$selected_day = $days[0];
|
$selected_day = $days[0];
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['shifts_filter_day'])) {
|
if ($request->has('shifts_filter_day')) {
|
||||||
$selected_day = $_REQUEST['shifts_filter_day'];
|
$selected_day = $request->input('shifts_filter_day');
|
||||||
}
|
}
|
||||||
$shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00'));
|
$shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00'));
|
||||||
$shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59'));
|
$shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59'));
|
||||||
|
@ -66,11 +67,13 @@ function room_controller()
|
||||||
*/
|
*/
|
||||||
function rooms_controller()
|
function rooms_controller()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['action'])) {
|
$request = request();
|
||||||
$_REQUEST['action'] = 'list';
|
$action = $request->input('action');
|
||||||
|
if (!$request->has('action')) {
|
||||||
|
$action = 'list';
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($_REQUEST['action']) {
|
switch ($action) {
|
||||||
case 'view':
|
case 'view':
|
||||||
return room_controller();
|
return room_controller();
|
||||||
case 'list':
|
case 'list':
|
||||||
|
@ -112,7 +115,7 @@ function load_room($onlyVisible = true)
|
||||||
redirect(page_link_to());
|
redirect(page_link_to());
|
||||||
}
|
}
|
||||||
|
|
||||||
$room = Room($_REQUEST['room_id'], $onlyVisible);
|
$room = Room(request()->input('room_id'), $onlyVisible);
|
||||||
if ($room == null) {
|
if ($room == null) {
|
||||||
redirect(page_link_to());
|
redirect(page_link_to());
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,9 +11,10 @@ function shift_entry_add_controller()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
|
|
||||||
|
$request = request();
|
||||||
$shift_id = 0;
|
$shift_id = 0;
|
||||||
if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) {
|
if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) {
|
||||||
$shift_id = $_REQUEST['shift_id'];
|
$shift_id = $request->input('shift_id');
|
||||||
} else {
|
} else {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
|
@ -32,8 +33,8 @@ function shift_entry_add_controller()
|
||||||
}
|
}
|
||||||
|
|
||||||
$type_id = 0;
|
$type_id = 0;
|
||||||
if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) {
|
if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) {
|
||||||
$type_id = $_REQUEST['type_id'];
|
$type_id = $request->input('type_id');
|
||||||
} else {
|
} else {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
|
@ -63,14 +64,14 @@ function shift_entry_add_controller()
|
||||||
}
|
}
|
||||||
|
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['user_id'])
|
$request->has('user_id')
|
||||||
&& preg_match('/^\d*$/', $_REQUEST['user_id'])
|
&& preg_match('/^\d*$/', $request->input('user_id'))
|
||||||
&& (
|
&& (
|
||||||
in_array('user_shifts_admin', $privileges)
|
in_array('user_shifts_admin', $privileges)
|
||||||
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)
|
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)
|
||||||
)
|
)
|
||||||
) {
|
) {
|
||||||
$user_id = $_REQUEST['user_id'];
|
$user_id = $request->input('user_id');
|
||||||
} else {
|
} else {
|
||||||
$user_id = $user['UID'];
|
$user_id = $user['UID'];
|
||||||
}
|
}
|
||||||
|
@ -92,7 +93,7 @@ function shift_entry_add_controller()
|
||||||
redirect(shift_link($shift));
|
redirect(shift_link($shift));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$selected_type_id = $type_id;
|
$selected_type_id = $type_id;
|
||||||
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter',
|
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter',
|
||||||
$privileges)
|
$privileges)
|
||||||
|
@ -103,14 +104,14 @@ function shift_entry_add_controller()
|
||||||
}
|
}
|
||||||
|
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['angeltype_id'])
|
$request->has('angeltype_id')
|
||||||
&& test_request_int('angeltype_id')
|
&& test_request_int('angeltype_id')
|
||||||
&& count(DB::select(
|
&& count(DB::select(
|
||||||
'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1',
|
'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1',
|
||||||
[$_REQUEST['angeltype_id']]
|
[$request->input('angeltype_id')]
|
||||||
)) > 0
|
)) > 0
|
||||||
) {
|
) {
|
||||||
$selected_type_id = $_REQUEST['angeltype_id'];
|
$selected_type_id = $request->input('angeltype_id');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -124,7 +125,7 @@ function shift_entry_add_controller()
|
||||||
$freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false;
|
$freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false;
|
||||||
$freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : '';
|
$freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : '';
|
||||||
if (in_array('user_shifts_admin', $privileges)) {
|
if (in_array('user_shifts_admin', $privileges)) {
|
||||||
$freeloaded = isset($_REQUEST['freeloaded']);
|
$freeloaded = $request->has('freeloaded');
|
||||||
$freeload_comment = strip_request_item_nl('freeload_comment');
|
$freeload_comment = strip_request_item_nl('freeload_comment');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -236,11 +237,12 @@ function shift_entry_add_controller()
|
||||||
function shift_entry_delete_controller()
|
function shift_entry_delete_controller()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) {
|
if (!$request->has('entry_id') || !test_request_int('entry_id')) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
$entry_id = $_REQUEST['entry_id'];
|
$entry_id = $request->input('entry_id');
|
||||||
|
|
||||||
$shift_entry_source = DB::select('
|
$shift_entry_source = DB::select('
|
||||||
SELECT
|
SELECT
|
||||||
|
|
|
@ -44,15 +44,16 @@ function shift_edit_controller()
|
||||||
// Schicht bearbeiten
|
// Schicht bearbeiten
|
||||||
$msg = '';
|
$msg = '';
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!in_array('admin_shifts', $privileges)) {
|
if (!in_array('admin_shifts', $privileges)) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_REQUEST['edit_shift']) || !test_request_int('edit_shift')) {
|
if (!$request->has('edit_shift') || !test_request_int('edit_shift')) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
$shift_id = $_REQUEST['edit_shift'];
|
$shift_id = $request->input('edit_shift');
|
||||||
|
|
||||||
$shift = Shift($shift_id);
|
$shift = Shift($shift_id);
|
||||||
|
|
||||||
|
@ -73,33 +74,37 @@ function shift_edit_controller()
|
||||||
$start = $shift['start'];
|
$start = $shift['start'];
|
||||||
$end = $shift['end'];
|
$end = $shift['end'];
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
// Name/Bezeichnung der Schicht, darf leer sein
|
// Name/Bezeichnung der Schicht, darf leer sein
|
||||||
$title = strip_request_item('title');
|
$title = strip_request_item('title');
|
||||||
|
|
||||||
// Auswahl der sichtbaren Locations für die Schichten
|
// Auswahl der sichtbaren Locations für die Schichten
|
||||||
if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
|
if (
|
||||||
$rid = $_REQUEST['rid'];
|
$request->has('rid')
|
||||||
|
&& preg_match('/^\d+$/', $request->input('rid'))
|
||||||
|
&& isset($room[$request->input('rid')])
|
||||||
|
) {
|
||||||
|
$rid = $request->input('rid');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(_('Please select a room.'), true);
|
$msg .= error(_('Please select a room.'), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
|
if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
|
||||||
$shifttype_id = $_REQUEST['shifttype_id'];
|
$shifttype_id = $request->input('shifttype_id');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(_('Please select a shifttype.'), true);
|
$msg .= error(_('Please select a shifttype.'), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
|
if ($request->has('start') && $tmp = parse_date('Y-m-d H:i', $request->input('start'))) {
|
||||||
$start = $tmp;
|
$start = $tmp;
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(_('Please enter a valid starting time for the shifts.'), true);
|
$msg .= error(_('Please enter a valid starting time for the shifts.'), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
|
if ($request->has('end') && $tmp = parse_date('Y-m-d H:i', $request->input('end'))) {
|
||||||
$end = $tmp;
|
$end = $tmp;
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -112,8 +117,8 @@ function shift_edit_controller()
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
|
foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
|
||||||
if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) {
|
if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) {
|
||||||
$needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]);
|
$needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(sprintf(
|
$msg .= error(sprintf(
|
||||||
|
@ -186,16 +191,17 @@ function shift_edit_controller()
|
||||||
function shift_delete_controller()
|
function shift_delete_controller()
|
||||||
{
|
{
|
||||||
global $privileges;
|
global $privileges;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!in_array('user_shifts_admin', $privileges)) {
|
if (!in_array('user_shifts_admin', $privileges)) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
|
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
|
||||||
if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) {
|
if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
$shift_id = $_REQUEST['delete_shift'];
|
$shift_id = $request->input('delete_shift');
|
||||||
|
|
||||||
$shift = Shift($shift_id);
|
$shift = Shift($shift_id);
|
||||||
if ($shift == null) {
|
if ($shift == null) {
|
||||||
|
@ -203,7 +209,7 @@ function shift_delete_controller()
|
||||||
}
|
}
|
||||||
|
|
||||||
// Schicht löschen bestätigt
|
// Schicht löschen bestätigt
|
||||||
if (isset($_REQUEST['delete'])) {
|
if ($request->has('delete')) {
|
||||||
Shift_delete($shift_id);
|
Shift_delete($shift_id);
|
||||||
|
|
||||||
engelsystem_log(
|
engelsystem_log(
|
||||||
|
@ -232,16 +238,17 @@ function shift_delete_controller()
|
||||||
function shift_controller()
|
function shift_controller()
|
||||||
{
|
{
|
||||||
global $user, $privileges;
|
global $user, $privileges;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!in_array('user_shifts', $privileges)) {
|
if (!in_array('user_shifts', $privileges)) {
|
||||||
redirect(page_link_to('?'));
|
redirect(page_link_to('?'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_REQUEST['shift_id'])) {
|
if (!$request->has('shift_id')) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$shift = Shift($_REQUEST['shift_id']);
|
$shift = Shift($request->input('shift_id'));
|
||||||
if ($shift == null) {
|
if ($shift == null) {
|
||||||
error(_('Shift could not be found.'));
|
error(_('Shift could not be found.'));
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
|
@ -285,11 +292,12 @@ function shift_controller()
|
||||||
*/
|
*/
|
||||||
function shifts_controller()
|
function shifts_controller()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['action'])) {
|
$request = request();
|
||||||
|
if (!$request->has('action')) {
|
||||||
redirect(page_link_to('user_shifts'));
|
redirect(page_link_to('user_shifts'));
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'view':
|
case 'view':
|
||||||
return shift_controller();
|
return shift_controller();
|
||||||
case 'next':
|
case 'next':
|
||||||
|
@ -330,16 +338,17 @@ function shift_next_controller()
|
||||||
function shifts_json_export_all_controller()
|
function shifts_json_export_all_controller()
|
||||||
{
|
{
|
||||||
$api_key = config('api_key');
|
$api_key = config('api_key');
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (empty($api_key)) {
|
if (empty($api_key)) {
|
||||||
engelsystem_error('Config contains empty apikey.');
|
engelsystem_error('Config contains empty apikey.');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_REQUEST['api_key'])) {
|
if (!$request->has('api_key')) {
|
||||||
engelsystem_error('Missing parameter api_key.');
|
engelsystem_error('Missing parameter api_key.');
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_REQUEST['api_key'] != $api_key) {
|
if ($request->input('api_key') != $api_key) {
|
||||||
engelsystem_error('Invalid api_key.');
|
engelsystem_error('Invalid api_key.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -359,12 +368,13 @@ function shifts_json_export_all_controller()
|
||||||
function shifts_json_export_controller()
|
function shifts_json_export_controller()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
|
if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) {
|
||||||
engelsystem_error('Missing key.');
|
engelsystem_error('Missing key.');
|
||||||
}
|
}
|
||||||
|
|
||||||
$key = $_REQUEST['key'];
|
$key = $request->input('key');
|
||||||
|
|
||||||
$user = User_by_api_key($key);
|
$user = User_by_api_key($key);
|
||||||
if ($user == null) {
|
if ($user == null) {
|
||||||
|
|
|
@ -16,17 +16,18 @@ function shifttype_link($shifttype)
|
||||||
*/
|
*/
|
||||||
function shifttype_delete_controller()
|
function shifttype_delete_controller()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['shifttype_id'])) {
|
$request = request();
|
||||||
|
if (!$request->has('shifttype_id')) {
|
||||||
redirect(page_link_to('shifttypes'));
|
redirect(page_link_to('shifttypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$shifttype = ShiftType($_REQUEST['shifttype_id']);
|
$shifttype = ShiftType($request->input('shifttype_id'));
|
||||||
|
|
||||||
if ($shifttype == null) {
|
if ($shifttype == null) {
|
||||||
redirect(page_link_to('shifttypes'));
|
redirect(page_link_to('shifttypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if ($request->has('confirmed')) {
|
||||||
$result = ShiftType_delete($shifttype['id']);
|
$result = ShiftType_delete($shifttype['id']);
|
||||||
if (empty($result)) {
|
if (empty($result)) {
|
||||||
engelsystem_error('Unable to delete shifttype.');
|
engelsystem_error('Unable to delete shifttype.');
|
||||||
|
@ -56,9 +57,10 @@ function shifttype_edit_controller()
|
||||||
$description = '';
|
$description = '';
|
||||||
|
|
||||||
$angeltypes = AngelTypes();
|
$angeltypes = AngelTypes();
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['shifttype_id'])) {
|
if ($request->has('shifttype_id')) {
|
||||||
$shifttype = ShiftType($_REQUEST['shifttype_id']);
|
$shifttype = ShiftType($request->input('shifttype_id'));
|
||||||
if ($shifttype == null) {
|
if ($shifttype == null) {
|
||||||
error(_('Shifttype not found.'));
|
error(_('Shifttype not found.'));
|
||||||
redirect(page_link_to('shifttypes'));
|
redirect(page_link_to('shifttypes'));
|
||||||
|
@ -69,23 +71,23 @@ function shifttype_edit_controller()
|
||||||
$description = $shifttype['description'];
|
$description = $shifttype['description'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
|
if ($request->has('name') && $request->input('name') != '') {
|
||||||
$name = strip_request_item('name');
|
$name = strip_request_item('name');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please enter a name.'));
|
error(_('Please enter a name.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) {
|
if ($request->has('angeltype_id') && preg_match('/^\d+$/', $request->input('angeltype_id'))) {
|
||||||
$angeltype_id = $_REQUEST['angeltype_id'];
|
$angeltype_id = $request->input('angeltype_id');
|
||||||
} else {
|
} else {
|
||||||
$angeltype_id = null;
|
$angeltype_id = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['description'])) {
|
if ($request->has('description')) {
|
||||||
$description = strip_request_item_nl('description');
|
$description = strip_request_item_nl('description');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -120,10 +122,11 @@ function shifttype_edit_controller()
|
||||||
*/
|
*/
|
||||||
function shifttype_controller()
|
function shifttype_controller()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['shifttype_id'])) {
|
$request = request();
|
||||||
|
if (!$request->has('shifttype_id')) {
|
||||||
redirect(page_link_to('shifttypes'));
|
redirect(page_link_to('shifttypes'));
|
||||||
}
|
}
|
||||||
$shifttype = ShiftType($_REQUEST['shifttype_id']);
|
$shifttype = ShiftType($request->input('shifttype_id'));
|
||||||
if ($shifttype == null) {
|
if ($shifttype == null) {
|
||||||
redirect(page_link_to('shifttypes'));
|
redirect(page_link_to('shifttypes'));
|
||||||
}
|
}
|
||||||
|
@ -174,11 +177,13 @@ function shifttypes_title()
|
||||||
*/
|
*/
|
||||||
function shifttypes_controller()
|
function shifttypes_controller()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['action'])) {
|
$request = request();
|
||||||
$_REQUEST['action'] = 'list';
|
$action = 'list';
|
||||||
|
if ($request->has('action')) {
|
||||||
|
$action = $request->input('action');
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($_REQUEST['action']) {
|
switch ($action) {
|
||||||
case 'view':
|
case 'view':
|
||||||
return shifttype_controller();
|
return shifttype_controller();
|
||||||
case 'edit':
|
case 'edit':
|
||||||
|
|
|
@ -38,13 +38,14 @@ function user_angeltypes_unconfirmed_hint()
|
||||||
function user_angeltypes_delete_all_controller()
|
function user_angeltypes_delete_all_controller()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['angeltype_id'])) {
|
if (!$request->has('angeltype_id')) {
|
||||||
error(_('Angeltype doesn\'t exist.'));
|
error(_('Angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$angeltype = AngelType($_REQUEST['angeltype_id']);
|
$angeltype = AngelType($request->input('angeltype_id'));
|
||||||
if ($angeltype == null) {
|
if ($angeltype == null) {
|
||||||
error(_('Angeltype doesn\'t exist.'));
|
error(_('Angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
@ -55,7 +56,7 @@ function user_angeltypes_delete_all_controller()
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if ($request->has('confirmed')) {
|
||||||
UserAngelTypes_delete_all($angeltype['id']);
|
UserAngelTypes_delete_all($angeltype['id']);
|
||||||
|
|
||||||
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
|
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
|
||||||
|
@ -77,13 +78,14 @@ function user_angeltypes_delete_all_controller()
|
||||||
function user_angeltypes_confirm_all_controller()
|
function user_angeltypes_confirm_all_controller()
|
||||||
{
|
{
|
||||||
global $user, $privileges;
|
global $user, $privileges;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['angeltype_id'])) {
|
if (!$request->has('angeltype_id')) {
|
||||||
error(_('Angeltype doesn\'t exist.'));
|
error(_('Angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$angeltype = AngelType($_REQUEST['angeltype_id']);
|
$angeltype = AngelType($request->input('angeltype_id'));
|
||||||
if ($angeltype == null) {
|
if ($angeltype == null) {
|
||||||
error(_('Angeltype doesn\'t exist.'));
|
error(_('Angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
@ -100,7 +102,7 @@ function user_angeltypes_confirm_all_controller()
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if ($request->has('confirmed')) {
|
||||||
UserAngelTypes_confirm_all($angeltype['id'], $user);
|
UserAngelTypes_confirm_all($angeltype['id'], $user);
|
||||||
|
|
||||||
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
|
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
|
||||||
|
@ -122,13 +124,14 @@ function user_angeltypes_confirm_all_controller()
|
||||||
function user_angeltype_confirm_controller()
|
function user_angeltype_confirm_controller()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['user_angeltype_id'])) {
|
if (!$request->has('user_angeltype_id')) {
|
||||||
error(_('User angeltype doesn\'t exist.'));
|
error(_('User angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
|
$user_angeltype = UserAngelType($request->input('user_angeltype_id'));
|
||||||
if ($user_angeltype == null) {
|
if ($user_angeltype == null) {
|
||||||
error(_('User angeltype doesn\'t exist.'));
|
error(_('User angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
@ -151,7 +154,7 @@ function user_angeltype_confirm_controller()
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if ($request->has('confirmed')) {
|
||||||
UserAngelType_confirm($user_angeltype['id'], $user);
|
UserAngelType_confirm($user_angeltype['id'], $user);
|
||||||
|
|
||||||
engelsystem_log(sprintf(
|
engelsystem_log(sprintf(
|
||||||
|
@ -181,13 +184,14 @@ function user_angeltype_confirm_controller()
|
||||||
function user_angeltype_delete_controller()
|
function user_angeltype_delete_controller()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['user_angeltype_id'])) {
|
if (!$request->has('user_angeltype_id')) {
|
||||||
error(_('User angeltype doesn\'t exist.'));
|
error(_('User angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
|
$user_angeltype = UserAngelType($request->input('user_angeltype_id'));
|
||||||
if ($user_angeltype == null) {
|
if ($user_angeltype == null) {
|
||||||
error(_('User angeltype doesn\'t exist.'));
|
error(_('User angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
@ -210,7 +214,7 @@ function user_angeltype_delete_controller()
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if ($request->has('confirmed')) {
|
||||||
$result = UserAngelType_delete($user_angeltype);
|
$result = UserAngelType_delete($user_angeltype);
|
||||||
if ($result === false) {
|
if ($result === false) {
|
||||||
engelsystem_error('Unable to delete user angeltype.');
|
engelsystem_error('Unable to delete user angeltype.');
|
||||||
|
@ -238,25 +242,26 @@ function user_angeltype_update_controller()
|
||||||
{
|
{
|
||||||
global $privileges;
|
global $privileges;
|
||||||
$supporter = false;
|
$supporter = false;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!in_array('admin_angel_types', $privileges)) {
|
if (!in_array('admin_angel_types', $privileges)) {
|
||||||
error(_('You are not allowed to set supporter rights.'));
|
error(_('You are not allowed to set supporter rights.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_REQUEST['user_angeltype_id'])) {
|
if (!$request->has('user_angeltype_id')) {
|
||||||
error(_('User angeltype doesn\'t exist.'));
|
error(_('User angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['supporter']) && preg_match('/^[01]$/', $_REQUEST['supporter'])) {
|
if ($request->has('supporter') && preg_match('/^[01]$/', $request->input('supporter'))) {
|
||||||
$supporter = $_REQUEST['supporter'] == '1';
|
$supporter = $request->input('supporter') == '1';
|
||||||
} else {
|
} else {
|
||||||
error(_('No supporter update given.'));
|
error(_('No supporter update given.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
|
$user_angeltype = UserAngelType($request->input('user_angeltype_id'));
|
||||||
if ($user_angeltype == null) {
|
if ($user_angeltype == null) {
|
||||||
error(_('User angeltype doesn\'t exist.'));
|
error(_('User angeltype doesn\'t exist.'));
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
|
@ -274,7 +279,7 @@ function user_angeltype_update_controller()
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if ($request->has('confirmed')) {
|
||||||
UserAngelType_update($user_angeltype['id'], $supporter);
|
UserAngelType_update($user_angeltype['id'], $supporter);
|
||||||
|
|
||||||
$success_message = sprintf(
|
$success_message = sprintf(
|
||||||
|
@ -300,7 +305,6 @@ function user_angeltype_update_controller()
|
||||||
function user_angeltype_add_controller()
|
function user_angeltype_add_controller()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
|
||||||
$angeltype = load_angeltype();
|
$angeltype = load_angeltype();
|
||||||
|
|
||||||
// User is joining by itself
|
// User is joining by itself
|
||||||
|
@ -316,7 +320,7 @@ function user_angeltype_add_controller()
|
||||||
// Load possible users, that are not in the angeltype already
|
// Load possible users, that are not in the angeltype already
|
||||||
$users_source = Users_by_angeltype_inverted($angeltype);
|
$users_source = Users_by_angeltype_inverted($angeltype);
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if (request()->has('submit')) {
|
||||||
$user_source = load_user();
|
$user_source = load_user();
|
||||||
|
|
||||||
if (!UserAngelType_exists($user_source, $angeltype)) {
|
if (!UserAngelType_exists($user_source, $angeltype)) {
|
||||||
|
@ -366,7 +370,7 @@ function user_angeltype_join_controller($angeltype)
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['confirmed'])) {
|
if (request()->has('confirmed')) {
|
||||||
$user_angeltype_id = UserAngelType_create($user, $angeltype);
|
$user_angeltype_id = UserAngelType_create($user, $angeltype);
|
||||||
|
|
||||||
$success_message = sprintf(_('You joined %s.'), $angeltype['name']);
|
$success_message = sprintf(_('You joined %s.'), $angeltype['name']);
|
||||||
|
@ -398,11 +402,12 @@ function user_angeltype_join_controller($angeltype)
|
||||||
*/
|
*/
|
||||||
function user_angeltypes_controller()
|
function user_angeltypes_controller()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['action'])) {
|
$request = request();
|
||||||
|
if (!$request->has('action')) {
|
||||||
redirect(page_link_to('angeltypes'));
|
redirect(page_link_to('angeltypes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'delete_all':
|
case 'delete_all':
|
||||||
return user_angeltypes_delete_all_controller();
|
return user_angeltypes_delete_all_controller();
|
||||||
case 'confirm_all':
|
case 'confirm_all':
|
||||||
|
|
|
@ -74,11 +74,11 @@ function user_driver_license_edit_link($user = null)
|
||||||
function user_driver_license_load_user()
|
function user_driver_license_load_user()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
$user_source = $user;
|
$user_source = $user;
|
||||||
|
|
||||||
if (isset($_REQUEST['user_id'])) {
|
if ($request->has('user_id')) {
|
||||||
$user_source = User($_REQUEST['user_id']);
|
$user_source = User($request->input('user_id'));
|
||||||
if ($user_source == null) {
|
if ($user_source == null) {
|
||||||
redirect(user_driver_license_edit_link());
|
redirect(user_driver_license_edit_link());
|
||||||
}
|
}
|
||||||
|
@ -95,7 +95,7 @@ function user_driver_license_load_user()
|
||||||
function user_driver_license_edit_controller()
|
function user_driver_license_edit_controller()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
|
$request = request();
|
||||||
$user_source = user_driver_license_load_user();
|
$user_source = user_driver_license_load_user();
|
||||||
|
|
||||||
// only privilege admin_user can edit other users driver license information
|
// only privilege admin_user can edit other users driver license information
|
||||||
|
@ -111,15 +111,15 @@ function user_driver_license_edit_controller()
|
||||||
$wants_to_drive = true;
|
$wants_to_drive = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$wants_to_drive = isset($_REQUEST['wants_to_drive']);
|
$wants_to_drive = $request->has('wants_to_drive');
|
||||||
if ($wants_to_drive) {
|
if ($wants_to_drive) {
|
||||||
$user_driver_license['has_car'] = isset($_REQUEST['has_car']);
|
$user_driver_license['has_car'] = $request->has('has_car');
|
||||||
$user_driver_license['has_license_car'] = isset($_REQUEST['has_license_car']);
|
$user_driver_license['has_license_car'] = $request->has('has_license_car');
|
||||||
$user_driver_license['has_license_3_5t_transporter'] = isset($_REQUEST['has_license_3_5t_transporter']);
|
$user_driver_license['has_license_3_5t_transporter'] = $request->has('has_license_3_5t_transporter');
|
||||||
$user_driver_license['has_license_7_5t_truck'] = isset($_REQUEST['has_license_7_5t_truck']);
|
$user_driver_license['has_license_7_5t_truck'] = $request->has('has_license_7_5t_truck');
|
||||||
$user_driver_license['has_license_12_5t_truck'] = isset($_REQUEST['has_license_12_5t_truck']);
|
$user_driver_license['has_license_12_5t_truck'] = $request->has('has_license_12_5t_truck');
|
||||||
$user_driver_license['has_license_forklift'] = isset($_REQUEST['has_license_forklift']);
|
$user_driver_license['has_license_forklift'] = $request->has('has_license_forklift');
|
||||||
|
|
||||||
if (UserDriverLicense_valid($user_driver_license)) {
|
if (UserDriverLicense_valid($user_driver_license)) {
|
||||||
if ($user_driver_license['user_id'] == null) {
|
if ($user_driver_license['user_id'] == null) {
|
||||||
|
|
|
@ -12,16 +12,18 @@ use Engelsystem\ShiftsFilter;
|
||||||
function users_controller()
|
function users_controller()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($user)) {
|
if (!isset($user)) {
|
||||||
redirect(page_link_to(''));
|
redirect(page_link_to(''));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_REQUEST['action'])) {
|
$action = 'list';
|
||||||
$_REQUEST['action'] = 'list';
|
if ($request->has('action')) {
|
||||||
|
$action = $request->input('action');
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($_REQUEST['action']) {
|
switch ($action) {
|
||||||
case 'view':
|
case 'view':
|
||||||
return user_controller();
|
return user_controller();
|
||||||
case 'delete':
|
case 'delete':
|
||||||
|
@ -42,9 +44,10 @@ function users_controller()
|
||||||
function user_delete_controller()
|
function user_delete_controller()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['user_id'])) {
|
if ($request->has('user_id')) {
|
||||||
$user_source = User($_REQUEST['user_id']);
|
$user_source = User($request->get('user_id'));
|
||||||
} else {
|
} else {
|
||||||
$user_source = $user;
|
$user_source = $user;
|
||||||
}
|
}
|
||||||
|
@ -59,11 +62,14 @@ function user_delete_controller()
|
||||||
redirect(user_link($user));
|
redirect(user_link($user));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],
|
if (
|
||||||
$user['UID']))
|
!(
|
||||||
|
$request->has('password')
|
||||||
|
&& verify_password($request->input('password'), $user['Passwort'], $user['UID'])
|
||||||
|
)
|
||||||
) {
|
) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Your password is incorrect. Please try it again.'));
|
error(_('Your password is incorrect. Please try it again.'));
|
||||||
|
@ -130,9 +136,10 @@ function user_link($user)
|
||||||
function user_edit_vouchers_controller()
|
function user_edit_vouchers_controller()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['user_id'])) {
|
if ($request->has('user_id')) {
|
||||||
$user_source = User($_REQUEST['user_id']);
|
$user_source = User($request->input('user_id'));
|
||||||
} else {
|
} else {
|
||||||
$user_source = $user;
|
$user_source = $user;
|
||||||
}
|
}
|
||||||
|
@ -141,12 +148,16 @@ function user_edit_vouchers_controller()
|
||||||
redirect(page_link_to(''));
|
redirect(page_link_to(''));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
$vouchers = '';
|
$vouchers = '';
|
||||||
if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {
|
if (
|
||||||
$vouchers = trim($_REQUEST['vouchers']);
|
$request->has('vouchers')
|
||||||
|
&& test_request_int('vouchers')
|
||||||
|
&& trim($request->input('vouchers')) >= 0
|
||||||
|
) {
|
||||||
|
$vouchers = trim($request->input('vouchers'));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please enter a valid number of vouchers.'));
|
error(_('Please enter a valid number of vouchers.'));
|
||||||
|
@ -180,10 +191,11 @@ function user_edit_vouchers_controller()
|
||||||
function user_controller()
|
function user_controller()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$user_source = $user;
|
$user_source = $user;
|
||||||
if (isset($_REQUEST['user_id'])) {
|
if ($request->has('user_id')) {
|
||||||
$user_source = User($_REQUEST['user_id']);
|
$user_source = User($request->input('user_id'));
|
||||||
if ($user_source == null) {
|
if ($user_source == null) {
|
||||||
error(_('User not found.'));
|
error(_('User not found.'));
|
||||||
redirect('?');
|
redirect('?');
|
||||||
|
@ -241,14 +253,15 @@ function user_controller()
|
||||||
function users_list_controller()
|
function users_list_controller()
|
||||||
{
|
{
|
||||||
global $privileges;
|
global $privileges;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!in_array('admin_user', $privileges)) {
|
if (!in_array('admin_user', $privileges)) {
|
||||||
redirect(page_link_to(''));
|
redirect(page_link_to(''));
|
||||||
}
|
}
|
||||||
|
|
||||||
$order_by = 'Nick';
|
$order_by = 'Nick';
|
||||||
if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) {
|
if ($request->has('OrderBy') && in_array($request->input('OrderBy'), User_sortable_columns())) {
|
||||||
$order_by = $_REQUEST['OrderBy'];
|
$order_by = $request->input('OrderBy');
|
||||||
}
|
}
|
||||||
|
|
||||||
$users = Users($order_by);
|
$users = Users($order_by);
|
||||||
|
@ -282,20 +295,21 @@ function users_list_controller()
|
||||||
*/
|
*/
|
||||||
function user_password_recovery_set_new_controller()
|
function user_password_recovery_set_new_controller()
|
||||||
{
|
{
|
||||||
$user_source = User_by_password_recovery_token($_REQUEST['token']);
|
$request = request();
|
||||||
|
$user_source = User_by_password_recovery_token($request->input('token'));
|
||||||
if ($user_source == null) {
|
if ($user_source == null) {
|
||||||
error(_('Token is not correct.'));
|
error(_('Token is not correct.'));
|
||||||
redirect(page_link_to('login'));
|
redirect(page_link_to('login'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['password'])
|
$request->has('password')
|
||||||
&& strlen($_REQUEST['password']) >= config('min_password_length')
|
&& strlen($request->post('password')) >= config('min_password_length')
|
||||||
) {
|
) {
|
||||||
if ($_REQUEST['password'] != $_REQUEST['password2']) {
|
if ($request->post('password') != $request->post('password2')) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Your passwords don\'t match.'));
|
error(_('Your passwords don\'t match.'));
|
||||||
}
|
}
|
||||||
|
@ -305,7 +319,7 @@ function user_password_recovery_set_new_controller()
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($valid) {
|
if ($valid) {
|
||||||
set_password($user_source['UID'], $_REQUEST['password']);
|
set_password($user_source['UID'], $request->post('password'));
|
||||||
success(_('Password saved.'));
|
success(_('Password saved.'));
|
||||||
redirect(page_link_to('login'));
|
redirect(page_link_to('login'));
|
||||||
}
|
}
|
||||||
|
@ -321,10 +335,11 @@ function user_password_recovery_set_new_controller()
|
||||||
*/
|
*/
|
||||||
function user_password_recovery_start_controller()
|
function user_password_recovery_start_controller()
|
||||||
{
|
{
|
||||||
if (isset($_REQUEST['submit'])) {
|
$request = request();
|
||||||
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) {
|
if ($request->has('email') && strlen(strip_request_item('email')) > 0) {
|
||||||
$email = strip_request_item('email');
|
$email = strip_request_item('email');
|
||||||
if (check_email($email)) {
|
if (check_email($email)) {
|
||||||
$user_source = User_by_email($email);
|
$user_source = User_by_email($email);
|
||||||
|
@ -367,7 +382,7 @@ function user_password_recovery_start_controller()
|
||||||
*/
|
*/
|
||||||
function user_password_recovery_controller()
|
function user_password_recovery_controller()
|
||||||
{
|
{
|
||||||
if (isset($_REQUEST['token'])) {
|
if (request()->has('token')) {
|
||||||
return user_password_recovery_set_new_controller();
|
return user_password_recovery_set_new_controller();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -391,11 +406,12 @@ function user_password_recovery_title()
|
||||||
*/
|
*/
|
||||||
function load_user()
|
function load_user()
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST['user_id'])) {
|
$request = request();
|
||||||
|
if (!$request->has('user_id')) {
|
||||||
redirect(page_link_to());
|
redirect(page_link_to());
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = User($_REQUEST['user_id']);
|
$user = User($request->input('user_id'));
|
||||||
|
|
||||||
if ($user == null) {
|
if ($user == null) {
|
||||||
error(_('User doesn\'t exist.'));
|
error(_('User doesn\'t exist.'));
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
use Engelsystem\Config\Config;
|
use Engelsystem\Config\Config;
|
||||||
use Engelsystem\Database\Db;
|
use Engelsystem\Database\Db;
|
||||||
use Engelsystem\Exceptions\Handler as ExceptionHandler;
|
use Engelsystem\Exceptions\Handler as ExceptionHandler;
|
||||||
|
use Engelsystem\Http\Request;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This file includes all needed functions, connects to the db etc.
|
* This file includes all needed functions, connects to the db etc.
|
||||||
|
@ -31,6 +32,13 @@ if (file_exists(__DIR__ . '/../config/config.php')) {
|
||||||
date_default_timezone_set($config->get('timezone'));
|
date_default_timezone_set($config->get('timezone'));
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize Request
|
||||||
|
*/
|
||||||
|
$request = new Request();
|
||||||
|
$request->create();
|
||||||
|
$request::setInstance($request);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check for maintenance
|
* Check for maintenance
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -26,12 +26,12 @@ function locale_short()
|
||||||
function gettext_init()
|
function gettext_init()
|
||||||
{
|
{
|
||||||
$locales = config('locales');
|
$locales = config('locales');
|
||||||
$default_locale = config('default_locale');
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['set_locale']) && isset($locales[$_REQUEST['set_locale']])) {
|
if ($request->has('set_locale') && isset($locales[$request->input('set_locale')])) {
|
||||||
$_SESSION['locale'] = $_REQUEST['set_locale'];
|
$_SESSION['locale'] = $request->input('set_locale');
|
||||||
} elseif (!isset($_SESSION['locale'])) {
|
} elseif (!isset($_SESSION['locale'])) {
|
||||||
$_SESSION['locale'] = $default_locale;
|
$_SESSION['locale'] = config('default_locale');
|
||||||
}
|
}
|
||||||
|
|
||||||
gettext_locale();
|
gettext_locale();
|
||||||
|
|
|
@ -17,6 +17,7 @@ function admin_active()
|
||||||
{
|
{
|
||||||
$tshirt_sizes = config('tshirt_sizes');
|
$tshirt_sizes = config('tshirt_sizes');
|
||||||
$shift_sum_formula = config('shift_sum_formula');
|
$shift_sum_formula = config('shift_sum_formula');
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$msg = '';
|
$msg = '';
|
||||||
$search = '';
|
$search = '';
|
||||||
|
@ -25,16 +26,16 @@ function admin_active()
|
||||||
$limit = '';
|
$limit = '';
|
||||||
$set_active = '';
|
$set_active = '';
|
||||||
|
|
||||||
if (isset($_REQUEST['search'])) {
|
if ($request->has('search')) {
|
||||||
$search = strip_request_item('search');
|
$search = strip_request_item('search');
|
||||||
}
|
}
|
||||||
|
|
||||||
$show_all_shifts = isset($_REQUEST['show_all_shifts']);
|
$show_all_shifts = $request->has('show_all_shifts');
|
||||||
|
|
||||||
if (isset($_REQUEST['set_active'])) {
|
if ($request->has('set_active')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) {
|
if ($request->has('count') && preg_match('/^\d+$/', $request->input('count'))) {
|
||||||
$count = strip_request_item('count');
|
$count = strip_request_item('count');
|
||||||
if ($count < $forced_count) {
|
if ($count < $forced_count) {
|
||||||
error(sprintf(
|
error(sprintf(
|
||||||
|
@ -51,7 +52,7 @@ function admin_active()
|
||||||
if ($valid) {
|
if ($valid) {
|
||||||
$limit = ' LIMIT ' . $count;
|
$limit = ' LIMIT ' . $count;
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['ack'])) {
|
if ($request->has('ack')) {
|
||||||
DB::update('UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0');
|
DB::update('UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0');
|
||||||
$users = DB::select(sprintf('
|
$users = DB::select(sprintf('
|
||||||
SELECT
|
SELECT
|
||||||
|
@ -89,8 +90,8 @@ function admin_active()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) {
|
if ($request->has('active') && preg_match('/^\d+$/', $request->input('active'))) {
|
||||||
$user_id = $_REQUEST['active'];
|
$user_id = $request->input('active');
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
|
DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
|
||||||
|
@ -99,8 +100,8 @@ function admin_active()
|
||||||
} else {
|
} else {
|
||||||
$msg = error(_('Angel not found.'), true);
|
$msg = error(_('Angel not found.'), true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) {
|
} elseif ($request->has('not_active') && preg_match('/^\d+$/', $request->input('not_active'))) {
|
||||||
$user_id = $_REQUEST['not_active'];
|
$user_id = $request->input('not_active');
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
DB::update('UPDATE `User` SET `Aktiv`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
|
DB::update('UPDATE `User` SET `Aktiv`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
|
||||||
|
@ -109,8 +110,8 @@ function admin_active()
|
||||||
} else {
|
} else {
|
||||||
$msg = error(_('Angel not found.'), true);
|
$msg = error(_('Angel not found.'), true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) {
|
} elseif ($request->has('tshirt') && preg_match('/^\d+$/', $request->input('tshirt'))) {
|
||||||
$user_id = $_REQUEST['tshirt'];
|
$user_id = $request->input('tshirt');
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
DB::update('UPDATE `User` SET `Tshirt`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
|
DB::update('UPDATE `User` SET `Tshirt`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
|
||||||
|
@ -119,8 +120,8 @@ function admin_active()
|
||||||
} else {
|
} else {
|
||||||
$msg = error('Angel not found.', true);
|
$msg = error('Angel not found.', true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) {
|
} elseif ($request->has('not_tshirt') && preg_match('/^\d+$/', $request->input('not_tshirt'))) {
|
||||||
$user_id = $_REQUEST['not_tshirt'];
|
$user_id = $request->input('not_tshirt');
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
DB::update('UPDATE `User` SET `Tshirt`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
|
DB::update('UPDATE `User` SET `Tshirt`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
|
||||||
|
|
|
@ -17,12 +17,14 @@ function admin_arrive()
|
||||||
{
|
{
|
||||||
$msg = '';
|
$msg = '';
|
||||||
$search = '';
|
$search = '';
|
||||||
if (isset($_REQUEST['search'])) {
|
$request = request();
|
||||||
|
|
||||||
|
if ($request->has('search')) {
|
||||||
$search = strip_request_item('search');
|
$search = strip_request_item('search');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) {
|
if ($request->has('reset') && preg_match('/^\d*$/', $request->input('reset'))) {
|
||||||
$user_id = $_REQUEST['reset'];
|
$user_id = $request->input('reset');
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
DB::update('
|
DB::update('
|
||||||
|
@ -37,8 +39,8 @@ function admin_arrive()
|
||||||
} else {
|
} else {
|
||||||
$msg = error(_('Angel not found.'), true);
|
$msg = error(_('Angel not found.'), true);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) {
|
} elseif ($request->has('arrived') && preg_match('/^\d*$/', $request->input('arrived'))) {
|
||||||
$user_id = $_REQUEST['arrived'];
|
$user_id = $request->input('arrived');
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source != null) {
|
if ($user_source != null) {
|
||||||
DB::update('
|
DB::update('
|
||||||
|
|
|
@ -16,20 +16,20 @@ function admin_free_title()
|
||||||
function admin_free()
|
function admin_free()
|
||||||
{
|
{
|
||||||
global $privileges;
|
global $privileges;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$search = '';
|
$search = '';
|
||||||
if (isset($_REQUEST['search'])) {
|
if ($request->has('search')) {
|
||||||
$search = strip_request_item('search');
|
$search = strip_request_item('search');
|
||||||
}
|
}
|
||||||
|
|
||||||
$angelTypeSearch = '';
|
$angelTypeSearch = '';
|
||||||
if (empty($_REQUEST['angeltype'])) {
|
$angelType = $request->input('angeltype', '');
|
||||||
$_REQUEST['angeltype'] = '';
|
if (!empty($angelType)) {
|
||||||
} else {
|
|
||||||
$angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '
|
$angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '
|
||||||
. DB::getPdo()->quote($_REQUEST['angeltype'])
|
. DB::getPdo()->quote($angelType)
|
||||||
. ' AND `UserAngelTypes`.`user_id` = `User`.`UID`';
|
. ' AND `UserAngelTypes`.`user_id` = `User`.`UID`';
|
||||||
if (isset($_REQUEST['confirmed_only'])) {
|
if ($request->has('confirmed_only')) {
|
||||||
$angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`';
|
$angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`';
|
||||||
}
|
}
|
||||||
$angelTypeSearch .= ') ';
|
$angelTypeSearch .= ') ';
|
||||||
|
@ -105,10 +105,10 @@ function admin_free()
|
||||||
form_text('search', _('Search'), $search)
|
form_text('search', _('Search'), $search)
|
||||||
]),
|
]),
|
||||||
div('col-md-4', [
|
div('col-md-4', [
|
||||||
form_select('angeltype', _('Angeltype'), $angel_types, $_REQUEST['angeltype'])
|
form_select('angeltype', _('Angeltype'), $angel_types, $angelType)
|
||||||
]),
|
]),
|
||||||
div('col-md-2', [
|
div('col-md-2', [
|
||||||
form_checkbox('confirmed_only', _('Only confirmed'), isset($_REQUEST['confirmed_only']))
|
form_checkbox('confirmed_only', _('Only confirmed'), $request->has('confirmed_only'))
|
||||||
]),
|
]),
|
||||||
div('col-md-2', [
|
div('col-md-2', [
|
||||||
form_submit('submit', _('Search'))
|
form_submit('submit', _('Search'))
|
||||||
|
|
|
@ -16,8 +16,10 @@ function admin_groups_title()
|
||||||
function admin_groups()
|
function admin_groups()
|
||||||
{
|
{
|
||||||
$html = '';
|
$html = '';
|
||||||
|
$request = request();
|
||||||
$groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`');
|
$groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`');
|
||||||
if (!isset($_REQUEST['action'])) {
|
|
||||||
|
if (!$request->has('action')) {
|
||||||
$groups_table = [];
|
$groups_table = [];
|
||||||
foreach ($groups as $group) {
|
foreach ($groups as $group) {
|
||||||
$privileges = DB::select('
|
$privileges = DB::select('
|
||||||
|
@ -51,10 +53,10 @@ function admin_groups()
|
||||||
], $groups_table)
|
], $groups_table)
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'edit':
|
case 'edit':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^-\d{1,11}$/', $request->input('id'))) {
|
||||||
$group_id = $_REQUEST['id'];
|
$group_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error('Incomplete call, missing Groups ID.', true);
|
return error('Incomplete call, missing Groups ID.', true);
|
||||||
}
|
}
|
||||||
|
@ -99,21 +101,22 @@ function admin_groups()
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'save':
|
case 'save':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^-\d{1,11}$/', $request->input('id'))) {
|
||||||
$group_id = $_REQUEST['id'];
|
$group_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error('Incomplete call, missing Groups ID.', true);
|
return error('Incomplete call, missing Groups ID.', true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
|
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
|
||||||
if (!is_array($_REQUEST['privileges'])) {
|
$privileges = $request->get('privileges');
|
||||||
$_REQUEST['privileges'] = [];
|
if (!is_array($privileges)) {
|
||||||
|
$privileges = [];
|
||||||
}
|
}
|
||||||
if (!empty($group)) {
|
if (!empty($group)) {
|
||||||
$group = array_shift($group);
|
$group = array_shift($group);
|
||||||
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
|
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
|
||||||
$privilege_names = [];
|
$privilege_names = [];
|
||||||
foreach ($_REQUEST['privileges'] as $privilege) {
|
foreach ($privileges as $privilege) {
|
||||||
if (preg_match('/^\d{1,}$/', $privilege)) {
|
if (preg_match('/^\d{1,}$/', $privilege)) {
|
||||||
$group_privileges_source = DB::select(
|
$group_privileges_source = DB::select(
|
||||||
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
|
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
|
||||||
|
|
|
@ -15,21 +15,21 @@ function admin_import_title()
|
||||||
*/
|
*/
|
||||||
function admin_import()
|
function admin_import()
|
||||||
{
|
{
|
||||||
global $rooms_import;
|
global $rooms_import, $user;
|
||||||
global $user;
|
|
||||||
$html = '';
|
$html = '';
|
||||||
$import_dir = __DIR__ . '/../../import';
|
$import_dir = __DIR__ . '/../../import';
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$step = 'input';
|
$step = 'input';
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['step'])
|
$request->has('step')
|
||||||
&& in_array($step, [
|
&& in_array($request->input('step'), [
|
||||||
'input',
|
'input',
|
||||||
'check',
|
'check',
|
||||||
'import'
|
'import'
|
||||||
])
|
])
|
||||||
) {
|
) {
|
||||||
$step = $_REQUEST['step'];
|
$step = $request->input('step');
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($test_handle = @fopen($import_dir . '/tmp', 'w')) {
|
if ($test_handle = @fopen($import_dir . '/tmp', 'w')) {
|
||||||
|
@ -57,25 +57,25 @@ function admin_import()
|
||||||
case 'input':
|
case 'input':
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
|
if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
|
||||||
$shifttype_id = $_REQUEST['shifttype_id'];
|
$shifttype_id = $request->input('shifttype_id');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please select a shift type.'));
|
error(_('Please select a shift type.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
|
if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) {
|
||||||
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
|
$add_minutes_start = trim($request->input('add_minutes_start'));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
|
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
|
if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) {
|
||||||
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
|
$add_minutes_end = trim($request->input('add_minutes_end'));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
|
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
|
||||||
|
@ -133,22 +133,22 @@ function admin_import()
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
|
if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
|
||||||
$shifttype_id = $_REQUEST['shifttype_id'];
|
$shifttype_id = $request->input('shifttype_id');
|
||||||
} else {
|
} else {
|
||||||
error(_('Please select a shift type.'));
|
error(_('Please select a shift type.'));
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
|
if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) {
|
||||||
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
|
$add_minutes_start = trim($request->input('add_minutes_start'));
|
||||||
} else {
|
} else {
|
||||||
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
|
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
|
if ($request->has('add_minutes_end') && is_numeric(trim($request->input(('add_minutes_end'))))) {
|
||||||
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
|
$add_minutes_end = trim($request->input('add_minutes_end'));
|
||||||
} else {
|
} else {
|
||||||
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
|
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
|
@ -227,22 +227,22 @@ function admin_import()
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
|
if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
|
||||||
$shifttype_id = $_REQUEST['shifttype_id'];
|
$shifttype_id = $request->input('shifttype_id');
|
||||||
} else {
|
} else {
|
||||||
error(_('Please select a shift type.'));
|
error(_('Please select a shift type.'));
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
|
if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) {
|
||||||
$add_minutes_start = trim($_REQUEST['add_minutes_start']);
|
$add_minutes_start = trim($request->input('add_minutes_start'));
|
||||||
} else {
|
} else {
|
||||||
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
|
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
|
if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) {
|
||||||
$add_minutes_end = trim($_REQUEST['add_minutes_end']);
|
$add_minutes_end = trim($request->input('add_minutes_end'));
|
||||||
} else {
|
} else {
|
||||||
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
|
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
|
||||||
redirect(page_link_to('admin_import'));
|
redirect(page_link_to('admin_import'));
|
||||||
|
|
|
@ -14,7 +14,7 @@ function admin_log_title()
|
||||||
function admin_log()
|
function admin_log()
|
||||||
{
|
{
|
||||||
$filter = '';
|
$filter = '';
|
||||||
if (isset($_REQUEST['keyword'])) {
|
if (request()->has('keyword')) {
|
||||||
$filter = strip_request_item('keyword');
|
$filter = strip_request_item('keyword');
|
||||||
}
|
}
|
||||||
$log_entries_source = LogEntries_filter($filter);
|
$log_entries_source = LogEntries_filter($filter);
|
||||||
|
|
|
@ -8,14 +8,15 @@ use Engelsystem\Database\DB;
|
||||||
function admin_news()
|
function admin_news()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_GET['action'])) {
|
if (!$request->has('action')) {
|
||||||
redirect(page_link_to('news'));
|
redirect(page_link_to('news'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
|
$html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
|
||||||
$news_id = $_REQUEST['id'];
|
$news_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error('Incomplete call, missing News ID.', true);
|
return error('Incomplete call, missing News ID.', true);
|
||||||
}
|
}
|
||||||
|
@ -25,7 +26,7 @@ function admin_news()
|
||||||
return error('No News found.', true);
|
return error('No News found.', true);
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'edit':
|
case 'edit':
|
||||||
$news = array_shift($news);
|
$news = array_shift($news);
|
||||||
$user_source = User($news['UID']);
|
$user_source = User($news['UID']);
|
||||||
|
@ -56,14 +57,14 @@ function admin_news()
|
||||||
',
|
',
|
||||||
[
|
[
|
||||||
time(),
|
time(),
|
||||||
$_POST["eBetreff"],
|
$request->post('eBetreff'),
|
||||||
$_POST["eText"],
|
$request->post('eText'),
|
||||||
$user['UID'],
|
$user['UID'],
|
||||||
isset($_POST["eTreffen"]) ? 1 : 0,
|
$request->has('eTreffen') ? 1 : 0,
|
||||||
$news_id
|
$news_id
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
engelsystem_log('News updated: ' . $_POST['eBetreff']);
|
engelsystem_log('News updated: ' . $request->post('eBetreff'));
|
||||||
success(_('News entry updated.'));
|
success(_('News entry updated.'));
|
||||||
redirect(page_link_to('news'));
|
redirect(page_link_to('news'));
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -38,8 +38,9 @@ function admin_new_questions()
|
||||||
function admin_questions()
|
function admin_questions()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['action'])) {
|
if (!$request->has('action')) {
|
||||||
$unanswered_questions_table = [];
|
$unanswered_questions_table = [];
|
||||||
$questions = DB::select('SELECT * FROM `Questions` WHERE `AID` IS NULL');
|
$questions = DB::select('SELECT * FROM `Questions` WHERE `AID` IS NULL');
|
||||||
foreach ($questions as $question) {
|
foreach ($questions as $question) {
|
||||||
|
@ -96,10 +97,10 @@ function admin_questions()
|
||||||
], $answered_questions_table)
|
], $answered_questions_table)
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'answer':
|
case 'answer':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
|
||||||
$question_id = $_REQUEST['id'];
|
$question_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error('Incomplete call, missing Question ID.', true);
|
return error('Incomplete call, missing Question ID.', true);
|
||||||
}
|
}
|
||||||
|
@ -112,7 +113,7 @@ function admin_questions()
|
||||||
$answer = trim(
|
$answer = trim(
|
||||||
preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
|
preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
|
||||||
'',
|
'',
|
||||||
strip_tags($_REQUEST['answer'])
|
strip_tags($request->input('answer'))
|
||||||
));
|
));
|
||||||
|
|
||||||
if ($answer != '') {
|
if ($answer != '') {
|
||||||
|
@ -138,8 +139,8 @@ function admin_questions()
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'delete':
|
case 'delete':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
|
||||||
$question_id = $_REQUEST['id'];
|
$question_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error('Incomplete call, missing Question ID.', true);
|
return error('Incomplete call, missing Question ID.', true);
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,6 +17,8 @@ function admin_rooms()
|
||||||
{
|
{
|
||||||
$rooms_source = DB::select('SELECT * FROM `Room` ORDER BY `Name`');
|
$rooms_source = DB::select('SELECT * FROM `Room` ORDER BY `Name`');
|
||||||
$rooms = [];
|
$rooms = [];
|
||||||
|
$request = request();
|
||||||
|
|
||||||
foreach ($rooms_source as $room) {
|
foreach ($rooms_source as $room) {
|
||||||
$rooms[] = [
|
$rooms[] = [
|
||||||
'name' => Room_name_render($room),
|
'name' => Room_name_render($room),
|
||||||
|
@ -30,7 +32,7 @@ function admin_rooms()
|
||||||
}
|
}
|
||||||
$room = null;
|
$room = null;
|
||||||
|
|
||||||
if (isset($_REQUEST['show'])) {
|
if ($request->has('show')) {
|
||||||
$msg = '';
|
$msg = '';
|
||||||
$name = '';
|
$name = '';
|
||||||
$from_pentabarf = '';
|
$from_pentabarf = '';
|
||||||
|
@ -47,7 +49,7 @@ function admin_rooms()
|
||||||
}
|
}
|
||||||
|
|
||||||
if (test_request_int('id')) {
|
if (test_request_int('id')) {
|
||||||
$room = Room($_REQUEST['id'], false);
|
$room = Room($request->input('id'), false);
|
||||||
if ($room === false) {
|
if ($room === false) {
|
||||||
engelsystem_error('Unable to load room.');
|
engelsystem_error('Unable to load room.');
|
||||||
}
|
}
|
||||||
|
@ -55,7 +57,7 @@ function admin_rooms()
|
||||||
redirect(page_link_to('admin_rooms'));
|
redirect(page_link_to('admin_rooms'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$room_id = $_REQUEST['id'];
|
$room_id = $request->input('id');
|
||||||
$name = $room['Name'];
|
$name = $room['Name'];
|
||||||
$from_pentabarf = $room['FromPentabarf'];
|
$from_pentabarf = $room['FromPentabarf'];
|
||||||
$public = $room['show'];
|
$public = $room['show'];
|
||||||
|
@ -70,11 +72,11 @@ function admin_rooms()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_REQUEST['show'] == 'edit') {
|
if ($request->input('show') == 'edit') {
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
|
if ($request->has('name') && strlen(strip_request_item('name')) > 0) {
|
||||||
$name = strip_request_item('name');
|
$name = strip_request_item('name');
|
||||||
if (
|
if (
|
||||||
isset($room)
|
isset($room)
|
||||||
|
@ -91,19 +93,17 @@ function admin_rooms()
|
||||||
$msg .= error(_('Please enter a name.'), true);
|
$msg .= error(_('Please enter a name.'), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['from_pentabarf'])) {
|
|
||||||
$from_pentabarf = 'Y';
|
|
||||||
} else {
|
|
||||||
$from_pentabarf = '';
|
$from_pentabarf = '';
|
||||||
|
if ($request->has('from_pentabarf')) {
|
||||||
|
$from_pentabarf = 'Y';
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['public'])) {
|
|
||||||
$public = 'Y';
|
|
||||||
} else {
|
|
||||||
$public = '';
|
$public = '';
|
||||||
|
if ($request->has('public')) {
|
||||||
|
$public = 'Y';
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['number'])) {
|
if ($request->has('number')) {
|
||||||
$number = strip_request_item('number');
|
$number = strip_request_item('number');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -111,10 +111,10 @@ function admin_rooms()
|
||||||
|
|
||||||
foreach ($angeltypes as $angeltype_id => $angeltype) {
|
foreach ($angeltypes as $angeltype_id => $angeltype) {
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['angeltype_count_' . $angeltype_id])
|
$request->has('angeltype_count_' . $angeltype_id)
|
||||||
&& preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
|
&& preg_match('/^\d{1,4}$/', $request->input('angeltype_count_' . $angeltype_id))
|
||||||
) {
|
) {
|
||||||
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
|
$angeltypes_count[$angeltype_id] = $request->input('angeltype_count_' . $angeltype_id);
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
|
$msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
|
||||||
|
@ -209,8 +209,8 @@ function admin_rooms()
|
||||||
form_submit('submit', _('Save'))
|
form_submit('submit', _('Save'))
|
||||||
])
|
])
|
||||||
]);
|
]);
|
||||||
} elseif ($_REQUEST['show'] == 'delete') {
|
} elseif ($request->input('show') == 'delete') {
|
||||||
if (isset($_REQUEST['ack'])) {
|
if ($request->has('ack')) {
|
||||||
if (!Room_delete($room_id)) {
|
if (!Room_delete($room_id)) {
|
||||||
engelsystem_error('Unable to delete room.');
|
engelsystem_error('Unable to delete room.');
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,7 +18,7 @@ function admin_shifts_title()
|
||||||
function admin_shifts()
|
function admin_shifts()
|
||||||
{
|
{
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
$request = request();
|
||||||
$start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
|
$start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
|
||||||
$end = $start;
|
$end = $start;
|
||||||
$mode = 'single';
|
$mode = 'single';
|
||||||
|
@ -52,14 +52,14 @@ function admin_shifts()
|
||||||
$shifttypes[$shifttype['id']] = $shifttype['name'];
|
$shifttypes[$shifttype['id']] = $shifttype['name'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
|
if ($request->has('preview') || $request->has('back')) {
|
||||||
if (isset($_REQUEST['shifttype_id'])) {
|
if ($request->has('shifttype_id')) {
|
||||||
$shifttype = ShiftType($_REQUEST['shifttype_id']);
|
$shifttype = ShiftType($request->input('shifttype_id'));
|
||||||
if ($shifttype == null) {
|
if ($shifttype == null) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please select a shift type.'));
|
error(_('Please select a shift type.'));
|
||||||
} else {
|
} else {
|
||||||
$shifttype_id = $_REQUEST['shifttype_id'];
|
$shifttype_id = $request->input('shifttype_id');
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -71,25 +71,25 @@ function admin_shifts()
|
||||||
|
|
||||||
// Auswahl der sichtbaren Locations für die Schichten
|
// Auswahl der sichtbaren Locations für die Schichten
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['rid'])
|
$request->has('rid')
|
||||||
&& preg_match('/^\d+$/', $_REQUEST['rid'])
|
&& preg_match('/^\d+$/', $request->input('rid'))
|
||||||
&& isset($room_array[$_REQUEST['rid']])
|
&& isset($room_array[$request->input('rid')])
|
||||||
) {
|
) {
|
||||||
$rid = $_REQUEST['rid'];
|
$rid = $request->input('rid');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$rid = $rooms[0]['RID'];
|
$rid = $rooms[0]['RID'];
|
||||||
error(_('Please select a location.'));
|
error(_('Please select a location.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
|
if ($request->has('start') && $tmp = parse_date('Y-m-d H:i', $request->input('start'))) {
|
||||||
$start = $tmp;
|
$start = $tmp;
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please select a start time.'));
|
error(_('Please select a start time.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
|
if ($request->has('end') && $tmp = parse_date('Y-m-d H:i', $request->input('end'))) {
|
||||||
$end = $tmp;
|
$end = $tmp;
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -101,24 +101,24 @@ function admin_shifts()
|
||||||
error(_('The shifts end has to be after its start.'));
|
error(_('The shifts end has to be after its start.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['mode'])) {
|
if ($request->has('mode')) {
|
||||||
if ($_REQUEST['mode'] == 'single') {
|
if ($request->input('mode') == 'single') {
|
||||||
$mode = 'single';
|
$mode = 'single';
|
||||||
} elseif ($_REQUEST['mode'] == 'multi') {
|
} elseif ($request->input('mode') == 'multi') {
|
||||||
if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) {
|
if ($request->has('length') && preg_match('/^\d+$/', trim($request->input('length')))) {
|
||||||
$mode = 'multi';
|
$mode = 'multi';
|
||||||
$length = trim($_REQUEST['length']);
|
$length = trim($request->input('length'));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please enter a shift duration in minutes.'));
|
error(_('Please enter a shift duration in minutes.'));
|
||||||
}
|
}
|
||||||
} elseif ($_REQUEST['mode'] == 'variable') {
|
} elseif ($request->input('mode') == 'variable') {
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['change_hours'])
|
$request->has('change_hours')
|
||||||
&& preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
|
&& preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $request->input('change_hours'))))
|
||||||
) {
|
) {
|
||||||
$mode = 'variable';
|
$mode = 'variable';
|
||||||
$change_hours = array_map('trim', explode(',', $_REQUEST['change_hours']));
|
$change_hours = array_map('trim', explode(',', $request->input('change_hours')));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Please split the shift-change hours by colons.'));
|
error(_('Please split the shift-change hours by colons.'));
|
||||||
|
@ -129,17 +129,17 @@ function admin_shifts()
|
||||||
error(_('Please select a mode.'));
|
error(_('Please select a mode.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['angelmode'])) {
|
if ($request->has('angelmode')) {
|
||||||
if ($_REQUEST['angelmode'] == 'location') {
|
if ($request->input('angelmode') == 'location') {
|
||||||
$angelmode = 'location';
|
$angelmode = 'location';
|
||||||
} elseif ($_REQUEST['angelmode'] == 'manually') {
|
} elseif ($request->input('angelmode') == 'manually') {
|
||||||
$angelmode = 'manually';
|
$angelmode = 'manually';
|
||||||
foreach ($types as $type) {
|
foreach ($types as $type) {
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['type_' . $type['id']])
|
$request->has('type_' . $type['id'])
|
||||||
&& preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']]))
|
&& preg_match('/^\d+$/', trim($request->input('type_' . $type['id'])))
|
||||||
) {
|
) {
|
||||||
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
|
$needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id']));
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
|
error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
|
||||||
|
@ -159,7 +159,7 @@ function admin_shifts()
|
||||||
}
|
}
|
||||||
|
|
||||||
// Beim Zurück-Knopf das Formular zeigen
|
// Beim Zurück-Knopf das Formular zeigen
|
||||||
if (isset($_REQUEST['back'])) {
|
if ($request->has('back')) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -304,9 +304,9 @@ function admin_shifts()
|
||||||
])
|
])
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['submit'])) {
|
} elseif ($request->has('submit')) {
|
||||||
if (
|
if (
|
||||||
!isset($_SESSION['admin_shifts_shifts'])
|
!$request->has('admin_shifts_shifts')
|
||||||
|| !isset($_SESSION['admin_shifts_types'])
|
|| !isset($_SESSION['admin_shifts_types'])
|
||||||
|| !is_array($_SESSION['admin_shifts_shifts'])
|
|| !is_array($_SESSION['admin_shifts_shifts'])
|
||||||
|| !is_array($_SESSION['admin_shifts_types'])
|
|| !is_array($_SESSION['admin_shifts_types'])
|
||||||
|
@ -360,8 +360,9 @@ function admin_shifts()
|
||||||
unset($_SESSION['admin_shifts_types']);
|
unset($_SESSION['admin_shifts_types']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_REQUEST['rid'])) {
|
$rid = null;
|
||||||
$_REQUEST['rid'] = null;
|
if ($request->has('rid')) {
|
||||||
|
$rid = $request->input('rid');
|
||||||
}
|
}
|
||||||
$angel_types = '';
|
$angel_types = '';
|
||||||
foreach ($types as $type) {
|
foreach ($types as $type) {
|
||||||
|
@ -378,7 +379,7 @@ function admin_shifts()
|
||||||
form([
|
form([
|
||||||
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
|
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
|
||||||
form_text('title', _('Title'), $title),
|
form_text('title', _('Title'), $title),
|
||||||
form_select('rid', _('Room'), $room_array, $_REQUEST['rid']),
|
form_select('rid', _('Room'), $room_array, $rid),
|
||||||
div('row', [
|
div('row', [
|
||||||
div('col-md-6', [
|
div('col-md-6', [
|
||||||
form_text('start', _('Start'), date('Y-m-d H:i', $start)),
|
form_text('start', _('Start'), date('Y-m-d H:i', $start)),
|
||||||
|
@ -386,7 +387,7 @@ function admin_shifts()
|
||||||
form_info(_('Mode'), ''),
|
form_info(_('Mode'), ''),
|
||||||
form_radio('mode', _('Create one shift'), $mode == 'single', 'single'),
|
form_radio('mode', _('Create one shift'), $mode == 'single', 'single'),
|
||||||
form_radio('mode', _('Create multiple shifts'), $mode == 'multi', 'multi'),
|
form_radio('mode', _('Create multiple shifts'), $mode == 'multi', 'multi'),
|
||||||
form_text('length', _('Length'), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
|
form_text('length', _('Length'), $request->has('length') ? $request->input('length') : '120'),
|
||||||
form_radio(
|
form_radio(
|
||||||
'mode',
|
'mode',
|
||||||
_('Create multiple shifts with variable length'),
|
_('Create multiple shifts with variable length'),
|
||||||
|
@ -396,7 +397,7 @@ function admin_shifts()
|
||||||
form_text(
|
form_text(
|
||||||
'change_hours',
|
'change_hours',
|
||||||
_('Shift change hours'),
|
_('Shift change hours'),
|
||||||
!empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
|
$request->has('change_hours') ? $request->input('input') : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
|
||||||
)
|
)
|
||||||
]),
|
]),
|
||||||
div('col-md-6', [
|
div('col-md-6', [
|
||||||
|
|
|
@ -17,6 +17,7 @@ function admin_user()
|
||||||
{
|
{
|
||||||
global $user, $privileges;
|
global $user, $privileges;
|
||||||
$tshirt_sizes = config('tshirt_sizes');
|
$tshirt_sizes = config('tshirt_sizes');
|
||||||
|
$request = request();
|
||||||
|
|
||||||
foreach ($tshirt_sizes as $key => $size) {
|
foreach ($tshirt_sizes as $key => $size) {
|
||||||
if (empty($size)) {
|
if (empty($size)) {
|
||||||
|
@ -26,12 +27,12 @@ function admin_user()
|
||||||
|
|
||||||
$html = '';
|
$html = '';
|
||||||
|
|
||||||
if (!isset($_REQUEST['id'])) {
|
if (!$request->has('id')) {
|
||||||
redirect(users_link());
|
redirect(users_link());
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_id = $_REQUEST['id'];
|
$user_id = $request->input('id');
|
||||||
if (!isset($_REQUEST['action'])) {
|
if (!$request->has('action')) {
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if ($user_source == null) {
|
if ($user_source == null) {
|
||||||
error(_('This user does not exist.'));
|
error(_('This user does not exist.'));
|
||||||
|
@ -171,7 +172,7 @@ function admin_user()
|
||||||
|
|
||||||
$html .= "<hr />";
|
$html .= "<hr />";
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'save_groups':
|
case 'save_groups':
|
||||||
if ($user_id != $user['UID']) {
|
if ($user_id != $user['UID']) {
|
||||||
$my_highest_group = DB::select(
|
$my_highest_group = DB::select(
|
||||||
|
@ -212,13 +213,14 @@ function admin_user()
|
||||||
$grouplist[] = $group['UID'];
|
$grouplist[] = $group['UID'];
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_array($_REQUEST['groups'])) {
|
$groupsRequest = $request->input('groups');
|
||||||
$_REQUEST['groups'] = [];
|
if (!is_array($groupsRequest)) {
|
||||||
|
$groupsRequest = [];
|
||||||
}
|
}
|
||||||
|
|
||||||
DB::delete('DELETE FROM `UserGroups` WHERE `uid`=?', [$user_id]);
|
DB::delete('DELETE FROM `UserGroups` WHERE `uid`=?', [$user_id]);
|
||||||
$user_groups_info = [];
|
$user_groups_info = [];
|
||||||
foreach ($_REQUEST['groups'] as $group) {
|
foreach ($groupsRequest as $group) {
|
||||||
if (in_array($group, $grouplist)) {
|
if (in_array($group, $grouplist)) {
|
||||||
DB::insert(
|
DB::insert(
|
||||||
'INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, ?)',
|
'INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, ?)',
|
||||||
|
@ -244,7 +246,7 @@ function admin_user()
|
||||||
$force_active = $user['force_active'];
|
$force_active = $user['force_active'];
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
if (in_array('admin_active', $privileges)) {
|
if (in_array('admin_active', $privileges)) {
|
||||||
$force_active = $_REQUEST['force_active'];
|
$force_active = $request->input('force_active');
|
||||||
}
|
}
|
||||||
$sql = '
|
$sql = '
|
||||||
UPDATE `User` SET
|
UPDATE `User` SET
|
||||||
|
@ -255,7 +257,7 @@ function admin_user()
|
||||||
`Handy` = ?,
|
`Handy` = ?,
|
||||||
`Alter` =?,
|
`Alter` =?,
|
||||||
`DECT` = ?,
|
`DECT` = ?,
|
||||||
' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($_POST["eemail"]) . ',' : '') . '
|
' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->post('eemail')) . ',' : '') . '
|
||||||
`jabber` = ?,
|
`jabber` = ?,
|
||||||
`Size` = ?,
|
`Size` = ?,
|
||||||
`Gekommen`= ?,
|
`Gekommen`= ?,
|
||||||
|
@ -266,34 +268,34 @@ function admin_user()
|
||||||
WHERE `UID` = ?
|
WHERE `UID` = ?
|
||||||
LIMIT 1';
|
LIMIT 1';
|
||||||
DB::update($sql, [
|
DB::update($sql, [
|
||||||
$_POST['eNick'],
|
$request->post('eNick'),
|
||||||
$_POST['eName'],
|
$request->post('eName'),
|
||||||
$_POST['eVorname'],
|
$request->post('eVorname'),
|
||||||
$_POST['eTelefon'],
|
$request->post('eTelefon'),
|
||||||
$_POST['eHandy'],
|
$request->post('eHandy'),
|
||||||
$_POST['eAlter'],
|
$request->post('eAlter'),
|
||||||
$_POST['eDECT'],
|
$request->post('eDECT'),
|
||||||
$_POST['ejabber'],
|
$request->post('ejabber'),
|
||||||
$_POST['eSize'],
|
$request->post('eSize'),
|
||||||
$_POST['eGekommen'],
|
$request->post('eGekommen'),
|
||||||
$_POST['eAktiv'],
|
$request->post('eAktiv'),
|
||||||
$force_active,
|
$force_active,
|
||||||
$_POST['eTshirt'],
|
$request->post('eTshirt'),
|
||||||
$_POST['Hometown'],
|
$request->post('Hometown'),
|
||||||
$user_id,
|
$user_id,
|
||||||
]);
|
]);
|
||||||
engelsystem_log(
|
engelsystem_log(
|
||||||
'Updated user: ' . $_POST['eNick'] . ', ' . $_POST['eSize']
|
'Updated user: ' . $request->post('eNick') . ', ' . $request->post('eSize')
|
||||||
. ', arrived: ' . $_POST['eGekommen']
|
. ', arrived: ' . $request->post('eVorname')
|
||||||
. ', active: ' . $_POST['eAktiv']
|
. ', active: ' . $request->post('eAktiv')
|
||||||
. ', tshirt: ' . $_POST['eTshirt']
|
. ', tshirt: ' . $request->post('eTshirt')
|
||||||
);
|
);
|
||||||
$html .= success('Änderung wurde gespeichert...' . "\n", true);
|
$html .= success('Änderung wurde gespeichert...' . "\n", true);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'change_pw':
|
case 'change_pw':
|
||||||
if ($_REQUEST['new_pw'] != '' && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
|
if ($request->post('new_pw') != '' && $request->post('new_pw') == $request->post('new_pw2')) {
|
||||||
set_password($user_id, $_REQUEST['new_pw']);
|
set_password($user_id, $request->post('new_pw'));
|
||||||
$user_source = User($user_id);
|
$user_source = User($user_id);
|
||||||
engelsystem_log('Set new password for ' . User_Nick_render($user_source));
|
engelsystem_log('Set new password for ' . User_Nick_render($user_source));
|
||||||
$html .= success('Passwort neu gesetzt.', true);
|
$html .= success('Passwort neu gesetzt.', true);
|
||||||
|
|
|
@ -38,6 +38,7 @@ function guest_register()
|
||||||
$enable_tshirt_size = config('enable_tshirt_size');
|
$enable_tshirt_size = config('enable_tshirt_size');
|
||||||
$min_password_length = config('min_password_length');
|
$min_password_length = config('min_password_length');
|
||||||
$event_config = EventConfig();
|
$event_config = EventConfig();
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$msg = '';
|
$msg = '';
|
||||||
$nick = '';
|
$nick = '';
|
||||||
|
@ -73,11 +74,11 @@ function guest_register()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) {
|
if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 1) {
|
||||||
$nick = User_validate_Nick($_REQUEST['nick']);
|
$nick = User_validate_Nick($request->input('nick'));
|
||||||
if (count(DB::select('SELECT `UID` FROM `User` WHERE `Nick`=? LIMIT 1', [$nick])) > 0) {
|
if (count(DB::select('SELECT `UID` FROM `User` WHERE `Nick`=? LIMIT 1', [$nick])) > 0) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(sprintf(_('Your nick "%s" already exists.'), $nick), true);
|
$msg .= error(sprintf(_('Your nick "%s" already exists.'), $nick), true);
|
||||||
|
@ -86,11 +87,11 @@ function guest_register()
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(sprintf(
|
$msg .= error(sprintf(
|
||||||
_('Your nick "%s" is too short (min. 2 characters).'),
|
_('Your nick "%s" is too short (min. 2 characters).'),
|
||||||
User_validate_Nick($_REQUEST['nick'])
|
User_validate_Nick($request->input('nick'))
|
||||||
), true);
|
), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
|
if ($request->has('mail') && strlen(strip_request_item('mail')) > 0) {
|
||||||
$mail = strip_request_item('mail');
|
$mail = strip_request_item('mail');
|
||||||
if (!check_email($mail)) {
|
if (!check_email($mail)) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -101,15 +102,15 @@ function guest_register()
|
||||||
$msg .= error(_('Please enter your e-mail.'), true);
|
$msg .= error(_('Please enter your e-mail.'), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['email_shiftinfo'])) {
|
if ($request->has('email_shiftinfo')) {
|
||||||
$email_shiftinfo = true;
|
$email_shiftinfo = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['email_by_human_allowed'])) {
|
if ($request->has('email_by_human_allowed')) {
|
||||||
$email_by_human_allowed = true;
|
$email_by_human_allowed = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
|
if ($request->has('jabber') && strlen(strip_request_item('jabber')) > 0) {
|
||||||
$jabber = strip_request_item('jabber');
|
$jabber = strip_request_item('jabber');
|
||||||
if (!check_email($jabber)) {
|
if (!check_email($jabber)) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -118,16 +119,16 @@ function guest_register()
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($enable_tshirt_size) {
|
if ($enable_tshirt_size) {
|
||||||
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') {
|
if ($request->has('tshirt_size') && isset($tshirt_sizes[$request->input('tshirt_size')])) {
|
||||||
$tshirt_size = $_REQUEST['tshirt_size'];
|
$tshirt_size = $request->input('tshirt_size');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(_('Please select your shirt size.'), true);
|
$msg .= error(_('Please select your shirt size.'), true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
|
if ($request->has('password') && strlen($request->post('password')) >= $min_password_length) {
|
||||||
if ($_REQUEST['password'] != $_REQUEST['password2']) {
|
if ($request->post('password') != $request->post('password2')) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
$msg .= error(_('Your passwords don\'t match.'), true);
|
$msg .= error(_('Your passwords don\'t match.'), true);
|
||||||
}
|
}
|
||||||
|
@ -139,8 +140,8 @@ function guest_register()
|
||||||
), true);
|
), true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['planned_arrival_date'])) {
|
if ($request->has('planned_arrival_date')) {
|
||||||
$tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
|
$tmp = parse_date('Y-m-d H:i', $request->input('planned_arrival_date') . ' 00:00');
|
||||||
$result = User_validate_planned_arrival_date($tmp);
|
$result = User_validate_planned_arrival_date($tmp);
|
||||||
$planned_arrival_date = $result->getValue();
|
$planned_arrival_date = $result->getValue();
|
||||||
if (!$result->isValid()) {
|
if (!$result->isValid()) {
|
||||||
|
@ -151,34 +152,34 @@ function guest_register()
|
||||||
|
|
||||||
$selected_angel_types = [];
|
$selected_angel_types = [];
|
||||||
foreach (array_keys($angel_types) as $angel_type_id) {
|
foreach (array_keys($angel_types) as $angel_type_id) {
|
||||||
if (isset($_REQUEST['angel_types_' . $angel_type_id])) {
|
if ($request->has('angel_types_' . $angel_type_id)) {
|
||||||
$selected_angel_types[] = $angel_type_id;
|
$selected_angel_types[] = $angel_type_id;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Trivia
|
// Trivia
|
||||||
if (isset($_REQUEST['lastname'])) {
|
if ($request->has('lastname')) {
|
||||||
$lastName = strip_request_item('lastname');
|
$lastName = strip_request_item('lastname');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['prename'])) {
|
if ($request->has('prename')) {
|
||||||
$preName = strip_request_item('prename');
|
$preName = strip_request_item('prename');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) {
|
if ($request->has('age') && preg_match('/^\d{0,4}$/', $request->input('age'))) {
|
||||||
$age = strip_request_item('age');
|
$age = strip_request_item('age');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['tel'])) {
|
if ($request->has('tel')) {
|
||||||
$tel = strip_request_item('tel');
|
$tel = strip_request_item('tel');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['dect'])) {
|
if ($request->has('dect')) {
|
||||||
$dect = strip_request_item('dect');
|
$dect = strip_request_item('dect');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['mobile'])) {
|
if ($request->has('mobile')) {
|
||||||
$mobile = strip_request_item('mobile');
|
$mobile = strip_request_item('mobile');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['hometown'])) {
|
if ($request->has('hometown')) {
|
||||||
$hometown = strip_request_item('hometown');
|
$hometown = strip_request_item('hometown');
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['comment'])) {
|
if ($request->has('comment')) {
|
||||||
$comment = strip_request_item_nl('comment');
|
$comment = strip_request_item_nl('comment');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -233,7 +234,7 @@ function guest_register()
|
||||||
// Assign user-group and set password
|
// Assign user-group and set password
|
||||||
$user_id = DB::getPdo()->lastInsertId();
|
$user_id = DB::getPdo()->lastInsertId();
|
||||||
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]);
|
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]);
|
||||||
set_password($user_id, $_REQUEST['password']);
|
set_password($user_id, $request->post('password'));
|
||||||
|
|
||||||
// Assign angel-types
|
// Assign angel-types
|
||||||
$user_angel_types_info = [];
|
$user_angel_types_info = [];
|
||||||
|
@ -391,18 +392,18 @@ function guest_logout()
|
||||||
function guest_login()
|
function guest_login()
|
||||||
{
|
{
|
||||||
$nick = '';
|
$nick = '';
|
||||||
|
$request = request();
|
||||||
unset($_SESSION['uid']);
|
unset($_SESSION['uid']);
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
|
if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) {
|
||||||
$nick = User_validate_Nick($_REQUEST['nick']);
|
$nick = User_validate_Nick($request->input('nick'));
|
||||||
$login_user = DB::select('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
|
$login_user = DB::select('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
|
||||||
if (count($login_user) > 0) {
|
if (count($login_user) > 0) {
|
||||||
$login_user = $login_user[0];
|
$login_user = $login_user[0];
|
||||||
if (isset($_REQUEST['password'])) {
|
if ($request->has('password')) {
|
||||||
if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
|
if (!verify_password($request->post('password'), $login_user['Passwort'], $login_user['UID'])) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
error(_('Your password is incorrect. Please try it again.'));
|
error(_('Your password is incorrect. Please try it again.'));
|
||||||
}
|
}
|
||||||
|
@ -487,6 +488,6 @@ function get_register_hint()
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
//FIXME: return error(_('Registration is disabled.'), true);
|
//@TODO: FIXME: return error(_('Registration is disabled.'), true);
|
||||||
return error('Registration is <a href="https://engelsystem.de/33c3/overwhelmed.html">disabled</a>.', true);
|
return error('Registration is <a href="https://engelsystem.de/33c3/overwhelmed.html">disabled</a>.', true);
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,9 +5,10 @@ use Engelsystem\Database\DB;
|
||||||
function guest_stats()
|
function guest_stats()
|
||||||
{
|
{
|
||||||
$apiKey = config('api_key');
|
$apiKey = config('api_key');
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['api_key'])) {
|
if ($request->has('api_key')) {
|
||||||
if ($_REQUEST['api_key'] == $apiKey && !empty($apiKey)) {
|
if (!empty($apiKey) && $request->input('api_key') == $apiKey) {
|
||||||
$stats = [];
|
$stats = [];
|
||||||
|
|
||||||
list($user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User`');
|
list($user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User`');
|
||||||
|
|
|
@ -8,11 +8,12 @@ use Engelsystem\Database\DB;
|
||||||
function user_atom()
|
function user_atom()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
|
if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) {
|
||||||
engelsystem_error('Missing key.');
|
engelsystem_error('Missing key.');
|
||||||
}
|
}
|
||||||
$key = $_REQUEST['key'];
|
$key = $request->input('key');
|
||||||
|
|
||||||
$user = User_by_api_key($key);
|
$user = User_by_api_key($key);
|
||||||
if ($user == null) {
|
if ($user == null) {
|
||||||
|
@ -25,7 +26,7 @@ function user_atom()
|
||||||
$news = DB::select('
|
$news = DB::select('
|
||||||
SELECT *
|
SELECT *
|
||||||
FROM `News`
|
FROM `News`
|
||||||
' . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . '
|
' . (!$request->has('meetings') ? '' : 'WHERE `Treffen` = 1 ') . '
|
||||||
ORDER BY `ID`
|
ORDER BY `ID`
|
||||||
DESC LIMIT ' . (int)config('display_news')
|
DESC LIMIT ' . (int)config('display_news')
|
||||||
);
|
);
|
||||||
|
|
|
@ -6,11 +6,12 @@
|
||||||
function user_ical()
|
function user_ical()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
|
if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) {
|
||||||
engelsystem_error('Missing key.');
|
engelsystem_error('Missing key.');
|
||||||
}
|
}
|
||||||
$key = $_REQUEST['key'];
|
$key = $request->input('key');
|
||||||
|
|
||||||
$user = User_by_api_key($key);
|
$user = User_by_api_key($key);
|
||||||
if ($user == null) {
|
if ($user == null) {
|
||||||
|
|
|
@ -35,8 +35,9 @@ function user_unread_messages()
|
||||||
function user_messages()
|
function user_messages()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['action'])) {
|
if (!$request->has('action')) {
|
||||||
$users = DB::select(
|
$users = DB::select(
|
||||||
'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`',
|
'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`',
|
||||||
[$user['UID']]
|
[$user['UID']]
|
||||||
|
@ -121,10 +122,10 @@ function user_messages()
|
||||||
], page_link_to('user_messages') . '&action=send')
|
], page_link_to('user_messages') . '&action=send')
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'read':
|
case 'read':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
|
||||||
$message_id = $_REQUEST['id'];
|
$message_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error(_('Incomplete call, missing Message ID.'), true);
|
return error(_('Incomplete call, missing Message ID.'), true);
|
||||||
}
|
}
|
||||||
|
@ -145,8 +146,8 @@ function user_messages()
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'delete':
|
case 'delete':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
|
||||||
$message_id = $_REQUEST['id'];
|
$message_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error(_('Incomplete call, missing Message ID.'), true);
|
return error(_('Incomplete call, missing Message ID.'), true);
|
||||||
}
|
}
|
||||||
|
@ -164,7 +165,8 @@ function user_messages()
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'send':
|
case 'send':
|
||||||
if (Message_send($_REQUEST['to'], $_REQUEST['text'])) {
|
// @TODO: Validation?
|
||||||
|
if (Message_send($request->input('to'), $request->input('text'))) {
|
||||||
redirect(page_link_to('user_messages'));
|
redirect(page_link_to('user_messages'));
|
||||||
} else {
|
} else {
|
||||||
return error(_('Transmitting was terminated with an Error.'), true);
|
return error(_('Transmitting was terminated with an Error.'), true);
|
||||||
|
|
|
@ -18,14 +18,15 @@ function myshifts_title()
|
||||||
function user_myshifts()
|
function user_myshifts()
|
||||||
{
|
{
|
||||||
global $user, $privileges;
|
global $user, $privileges;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['id'])
|
$request->has('id')
|
||||||
&& in_array('user_shifts_admin', $privileges)
|
&& in_array('user_shifts_admin', $privileges)
|
||||||
&& preg_match('/^\d{1,}$/', $_REQUEST['id'])
|
&& preg_match('/^\d{1,}$/', $request->input('id'))
|
||||||
&& count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0
|
&& count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$request->input('id')])) > 0
|
||||||
) {
|
) {
|
||||||
$user_id = $_REQUEST['id'];
|
$user_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
$user_id = $user['UID'];
|
$user_id = $user['UID'];
|
||||||
}
|
}
|
||||||
|
@ -33,8 +34,8 @@ function user_myshifts()
|
||||||
$shifts_user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
|
$shifts_user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
|
||||||
$shifts_user = array_shift($shifts_user);
|
$shifts_user = array_shift($shifts_user);
|
||||||
|
|
||||||
if (isset($_REQUEST['reset'])) {
|
if ($request->has('reset')) {
|
||||||
if ($_REQUEST['reset'] == 'ack') {
|
if ($request->input('reset') == 'ack') {
|
||||||
User_reset_api_key($user);
|
User_reset_api_key($user);
|
||||||
success(_('Key changed.'));
|
success(_('Key changed.'));
|
||||||
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
|
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
|
||||||
|
@ -46,8 +47,8 @@ function user_myshifts()
|
||||||
),
|
),
|
||||||
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
|
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
|
||||||
]);
|
]);
|
||||||
} elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) {
|
} elseif ($request->has('edit') && preg_match('/^\d*$/', $request->input('edit'))) {
|
||||||
$user_id = $_REQUEST['edit'];
|
$user_id = $request->input('edit');
|
||||||
$shift = DB::select('
|
$shift = DB::select('
|
||||||
SELECT
|
SELECT
|
||||||
`ShiftEntry`.`freeloaded`,
|
`ShiftEntry`.`freeloaded`,
|
||||||
|
@ -77,10 +78,10 @@ function user_myshifts()
|
||||||
$freeloaded = $shift['freeloaded'];
|
$freeloaded = $shift['freeloaded'];
|
||||||
$freeload_comment = $shift['freeload_comment'];
|
$freeload_comment = $shift['freeload_comment'];
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$valid = true;
|
$valid = true;
|
||||||
if (in_array('user_shifts_admin', $privileges)) {
|
if (in_array('user_shifts_admin', $privileges)) {
|
||||||
$freeloaded = isset($_REQUEST['freeloaded']);
|
$freeloaded = $request->has('freeloaded');
|
||||||
$freeload_comment = strip_request_item_nl('freeload_comment');
|
$freeload_comment = strip_request_item_nl('freeload_comment');
|
||||||
if ($freeloaded && $freeload_comment == '') {
|
if ($freeloaded && $freeload_comment == '') {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -128,8 +129,8 @@ function user_myshifts()
|
||||||
} else {
|
} else {
|
||||||
redirect(page_link_to('user_myshifts'));
|
redirect(page_link_to('user_myshifts'));
|
||||||
}
|
}
|
||||||
} elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) {
|
} elseif ($request->has('cancel') && preg_match('/^\d*$/', $request->input('cancel'))) {
|
||||||
$user_id = $_REQUEST['cancel'];
|
$user_id = $request->input('cancel');
|
||||||
$shift = DB::select('
|
$shift = DB::select('
|
||||||
SELECT *
|
SELECT *
|
||||||
FROM `Shifts`
|
FROM `Shifts`
|
||||||
|
|
|
@ -33,9 +33,10 @@ function user_meetings()
|
||||||
{
|
{
|
||||||
$display_news = config('display_news');
|
$display_news = config('display_news');
|
||||||
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
|
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
|
if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) {
|
||||||
$page = $_REQUEST['page'];
|
$page = $request->input('page');
|
||||||
} else {
|
} else {
|
||||||
$page = 0;
|
$page = 0;
|
||||||
}
|
}
|
||||||
|
@ -56,9 +57,9 @@ function user_meetings()
|
||||||
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
|
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
|
||||||
$html .= '<div class="text-center">' . '<ul class="pagination">';
|
$html .= '<div class="text-center">' . '<ul class="pagination">';
|
||||||
for ($i = 0; $i < $dis_rows; $i++) {
|
for ($i = 0; $i < $dis_rows; $i++) {
|
||||||
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
|
if ($request->has('page') && $i == $request->input('page')) {
|
||||||
$html .= '<li class="active">';
|
$html .= '<li class="active">';
|
||||||
} elseif (!isset($_REQUEST['page']) && $i == 0) {
|
} elseif (!$request->has('page') && $i == 0) {
|
||||||
$html .= '<li class="active">';
|
$html .= '<li class="active">';
|
||||||
} else {
|
} else {
|
||||||
$html .= '<li>';
|
$html .= '<li>';
|
||||||
|
@ -116,17 +117,19 @@ function user_news_comments()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
|
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['nid'])
|
$request->has('nid')
|
||||||
&& preg_match('/^\d{1,}$/', $_REQUEST['nid'])
|
&& preg_match('/^\d{1,}$/', $request->input('nid'))
|
||||||
&& count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0
|
&& count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$request->input('nid')])) > 0
|
||||||
) {
|
) {
|
||||||
$nid = $_REQUEST['nid'];
|
$nid = $request->input('nid');
|
||||||
$news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]);
|
$news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]);
|
||||||
$news = array_shift($news);
|
$news = array_shift($news);
|
||||||
if (isset($_REQUEST['text'])) {
|
if ($request->has('text')) {
|
||||||
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($request->input('text')));
|
||||||
DB::insert('
|
DB::insert('
|
||||||
INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
|
INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
|
||||||
VALUES (?, ?, ?, ?)
|
VALUES (?, ?, ?, ?)
|
||||||
|
@ -179,12 +182,14 @@ function user_news()
|
||||||
{
|
{
|
||||||
global $privileges, $user;
|
global $privileges, $user;
|
||||||
$display_news = config('display_news');
|
$display_news = config('display_news');
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
|
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
|
||||||
|
|
||||||
if (isset($_POST['text']) && isset($_POST['betreff']) && in_array('admin_news', $privileges)) {
|
$isMeeting = $request->post('treffen');
|
||||||
if (!isset($_POST['treffen']) || !in_array('admin_news', $privileges)) {
|
if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) {
|
||||||
$_POST['treffen'] = 0;
|
if (!$request->has('treffen') || !in_array('admin_news', $privileges)) {
|
||||||
|
$isMeeting = 0;
|
||||||
}
|
}
|
||||||
DB::insert('
|
DB::insert('
|
||||||
INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
|
INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
|
||||||
|
@ -192,19 +197,19 @@ function user_news()
|
||||||
',
|
',
|
||||||
[
|
[
|
||||||
time(),
|
time(),
|
||||||
$_POST['betreff'],
|
$request->post('betreff'),
|
||||||
$_POST['text'],
|
$request->post('text'),
|
||||||
$user['UID'],
|
$user['UID'],
|
||||||
$_POST['treffen'],
|
$isMeeting,
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $_POST['treffen']);
|
engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $isMeeting);
|
||||||
success(_('Entry saved.'));
|
success(_('Entry saved.'));
|
||||||
redirect(page_link_to('news'));
|
redirect(page_link_to('news'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
|
if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) {
|
||||||
$page = $_REQUEST['page'];
|
$page = $request->input('page');
|
||||||
} else {
|
} else {
|
||||||
$page = 0;
|
$page = 0;
|
||||||
}
|
}
|
||||||
|
@ -225,9 +230,9 @@ function user_news()
|
||||||
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
|
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
|
||||||
$html .= '<div class="text-center">' . '<ul class="pagination">';
|
$html .= '<div class="text-center">' . '<ul class="pagination">';
|
||||||
for ($i = 0; $i < $dis_rows; $i++) {
|
for ($i = 0; $i < $dis_rows; $i++) {
|
||||||
if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
|
if ($request->has('page') && $i == $request->input('page')) {
|
||||||
$html .= '<li class="active">';
|
$html .= '<li class="active">';
|
||||||
} elseif (!isset($_REQUEST['page']) && $i == 0) {
|
} elseif (!$request->has('page') && $i == 0) {
|
||||||
$html .= '<li class="active">';
|
$html .= '<li class="active">';
|
||||||
} else {
|
} else {
|
||||||
$html .= '<li>';
|
$html .= '<li>';
|
||||||
|
|
|
@ -16,8 +16,9 @@ function questions_title()
|
||||||
function user_questions()
|
function user_questions()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (!isset($_REQUEST['action'])) {
|
if (!$request->has('action')) {
|
||||||
$open_questions = DB::select(
|
$open_questions = DB::select(
|
||||||
'SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=?',
|
'SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=?',
|
||||||
[$user['UID']]
|
[$user['UID']]
|
||||||
|
@ -34,7 +35,7 @@ function user_questions()
|
||||||
|
|
||||||
return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask');
|
return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask');
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($request->input('action')) {
|
||||||
case 'ask':
|
case 'ask':
|
||||||
$question = strip_request_item_nl('question');
|
$question = strip_request_item_nl('question');
|
||||||
if ($question != '') {
|
if ($question != '') {
|
||||||
|
@ -56,8 +57,8 @@ function user_questions()
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'delete':
|
case 'delete':
|
||||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
|
||||||
$question_id = $_REQUEST['id'];
|
$question_id = $request->input('id');
|
||||||
} else {
|
} else {
|
||||||
return error(_('Incomplete call, missing Question ID.'), true);
|
return error(_('Incomplete call, missing Question ID.'), true);
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,9 +21,10 @@ function settings_title()
|
||||||
function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
|
function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
|
||||||
{
|
{
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['mail'])) {
|
if ($request->has('mail')) {
|
||||||
$result = User_validate_mail($_REQUEST['mail']);
|
$result = User_validate_mail($request->input('mail'));
|
||||||
$user_source['email'] = $result->getValue();
|
$user_source['email'] = $result->getValue();
|
||||||
if (!$result->isValid()) {
|
if (!$result->isValid()) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -34,11 +35,11 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
|
||||||
error(_('Please enter your e-mail.'));
|
error(_('Please enter your e-mail.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_source['email_shiftinfo'] = isset($_REQUEST['email_shiftinfo']);
|
$user_source['email_shiftinfo'] = $request->has('email_shiftinfo');
|
||||||
$user_source['email_by_human_allowed'] = isset($_REQUEST['email_by_human_allowed']);
|
$user_source['email_by_human_allowed'] = $request->has('email_by_human_allowed');
|
||||||
|
|
||||||
if (isset($_REQUEST['jabber'])) {
|
if ($request->has('jabber')) {
|
||||||
$result = User_validate_jabber($_REQUEST['jabber']);
|
$result = User_validate_jabber($request->input('jabber'));
|
||||||
$user_source['jabber'] = $result->getValue();
|
$user_source['jabber'] = $result->getValue();
|
||||||
if (!$result->isValid()) {
|
if (!$result->isValid()) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
|
@ -46,14 +47,14 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
|
if ($request->has('tshirt_size') && isset($tshirt_sizes[$request->input('tshirt_size')])) {
|
||||||
$user_source['Size'] = $_REQUEST['tshirt_size'];
|
$user_source['Size'] = $request->input('tshirt_size');
|
||||||
} elseif ($enable_tshirt_size) {
|
} elseif ($enable_tshirt_size) {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['planned_arrival_date'])) {
|
if ($request->has('planned_arrival_date')) {
|
||||||
$tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
|
$tmp = parse_date('Y-m-d H:i', $request->input('planned_arrival_date') . ' 00:00');
|
||||||
$result = User_validate_planned_arrival_date($tmp);
|
$result = User_validate_planned_arrival_date($tmp);
|
||||||
$user_source['planned_arrival_date'] = $result->getValue();
|
$user_source['planned_arrival_date'] = $result->getValue();
|
||||||
if (!$result->isValid()) {
|
if (!$result->isValid()) {
|
||||||
|
@ -62,8 +63,8 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['planned_departure_date'])) {
|
if ($request->has('planned_departure_date')) {
|
||||||
$tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_departure_date'] . ' 00:00');
|
$tmp = parse_date('Y-m-d H:i', $request->input('planned_departure_date') . ' 00:00');
|
||||||
$result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp);
|
$result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp);
|
||||||
$user_source['planned_departure_date'] = $result->getValue();
|
$user_source['planned_departure_date'] = $result->getValue();
|
||||||
if (!$result->isValid()) {
|
if (!$result->isValid()) {
|
||||||
|
@ -97,16 +98,17 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
|
||||||
*/
|
*/
|
||||||
function user_settings_password($user_source)
|
function user_settings_password($user_source)
|
||||||
{
|
{
|
||||||
|
$request = request();
|
||||||
if (
|
if (
|
||||||
!isset($_REQUEST['password'])
|
!$request->has('password')
|
||||||
|| !verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])
|
|| !verify_password($request->post('password'), $user_source['Passwort'], $user_source['UID'])
|
||||||
) {
|
) {
|
||||||
error(_('-> not OK. Please try again.'));
|
error(_('-> not OK. Please try again.'));
|
||||||
} elseif (strlen($_REQUEST['new_password']) < config('min_password_length')) {
|
} elseif (strlen($request->post('new_password')) < config('min_password_length')) {
|
||||||
error(_('Your password is to short (please use at least 6 characters).'));
|
error(_('Your password is to short (please use at least 6 characters).'));
|
||||||
} elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
|
} elseif ($request->post('new_password') != $request->post('new_password2')) {
|
||||||
error(_('Your passwords don\'t match.'));
|
error(_('Your passwords don\'t match.'));
|
||||||
} elseif (set_password($user_source['UID'], $_REQUEST['new_password'])) {
|
} elseif (set_password($user_source['UID'], $request->post('new_password'))) {
|
||||||
success(_('Password saved.'));
|
success(_('Password saved.'));
|
||||||
} else {
|
} else {
|
||||||
error(_('Failed setting password.'));
|
error(_('Failed setting password.'));
|
||||||
|
@ -124,9 +126,10 @@ function user_settings_password($user_source)
|
||||||
function user_settings_theme($user_source, $themes)
|
function user_settings_theme($user_source, $themes)
|
||||||
{
|
{
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
|
if ($request->has('theme') && isset($themes[$request->input('theme')])) {
|
||||||
$user_source['color'] = $_REQUEST['theme'];
|
$user_source['color'] = $request->input('theme');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
}
|
}
|
||||||
|
@ -160,9 +163,10 @@ function user_settings_theme($user_source, $themes)
|
||||||
function user_settings_locale($user_source, $locales)
|
function user_settings_locale($user_source, $locales)
|
||||||
{
|
{
|
||||||
$valid = true;
|
$valid = true;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
|
if ($request->has('language') && isset($locales[$request->input('language')])) {
|
||||||
$user_source['Sprache'] = $_REQUEST['language'];
|
$user_source['Sprache'] = $request->input('language');
|
||||||
} else {
|
} else {
|
||||||
$valid = false;
|
$valid = false;
|
||||||
}
|
}
|
||||||
|
@ -195,6 +199,7 @@ function user_settings_locale($user_source, $locales)
|
||||||
function user_settings()
|
function user_settings()
|
||||||
{
|
{
|
||||||
global $themes, $user;
|
global $themes, $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
$enable_tshirt_size = config('enable_tshirt_size');
|
$enable_tshirt_size = config('enable_tshirt_size');
|
||||||
$tshirt_sizes = config('tshirt_sizes');
|
$tshirt_sizes = config('tshirt_sizes');
|
||||||
|
@ -220,13 +225,13 @@ function user_settings()
|
||||||
|
|
||||||
$user_source = $user;
|
$user_source = $user;
|
||||||
|
|
||||||
if (isset($_REQUEST['submit'])) {
|
if ($request->has('submit')) {
|
||||||
$user_source = user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes);
|
$user_source = user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes);
|
||||||
} elseif (isset($_REQUEST['submit_password'])) {
|
} elseif ($request->has('submit_password')) {
|
||||||
user_settings_password($user_source);
|
user_settings_password($user_source);
|
||||||
} elseif (isset($_REQUEST['submit_theme'])) {
|
} elseif ($request->has('submit_theme')) {
|
||||||
$user_source = user_settings_theme($user_source, $themes);
|
$user_source = user_settings_theme($user_source, $themes);
|
||||||
} elseif (isset($_REQUEST['submit_language'])) {
|
} elseif ($request->has('submit_language')) {
|
||||||
$user_source = user_settings_locale($user_source, $locales);
|
$user_source = user_settings_locale($user_source, $locales);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -23,20 +23,21 @@ function shifts_title()
|
||||||
function user_shifts()
|
function user_shifts()
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (User_is_freeloader($user)) {
|
if (User_is_freeloader($user)) {
|
||||||
redirect(page_link_to('user_myshifts'));
|
redirect(page_link_to('user_myshifts'));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
|
// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
|
||||||
if (isset($_REQUEST['entry_id'])) {
|
if ($request->has('entry_id')) {
|
||||||
shift_entry_delete_controller();
|
shift_entry_delete_controller();
|
||||||
return '';
|
return '';
|
||||||
} elseif (isset($_REQUEST['edit_shift'])) {
|
} elseif ($request->has('edit_shift')) {
|
||||||
return shift_edit_controller();
|
return shift_edit_controller();
|
||||||
} elseif (isset($_REQUEST['delete_shift'])) {
|
} elseif ($request->has('delete_shift')) {
|
||||||
return shift_delete_controller();
|
return shift_delete_controller();
|
||||||
} elseif (isset($_REQUEST['shift_id'])) {
|
} elseif ($request->has('shift_id')) {
|
||||||
return shift_entry_add_controller();
|
return shift_entry_add_controller();
|
||||||
}
|
}
|
||||||
return view_user_shifts();
|
return view_user_shifts();
|
||||||
|
|
|
@ -18,12 +18,14 @@ function check_request_datetime($date_name, $time_name, $allowed_days, $default_
|
||||||
{
|
{
|
||||||
$time = date('H:i', $default_value);
|
$time = date('H:i', $default_value);
|
||||||
$day = date('Y-m-d', $default_value);
|
$day = date('Y-m-d', $default_value);
|
||||||
|
$request = request();
|
||||||
|
|
||||||
if (isset($_REQUEST[$time_name]) && preg_match('#^\d{1,2}:\d\d$#', trim($_REQUEST[$time_name]))) {
|
if ($request->has($time_name) && preg_match('#^\d{1,2}:\d\d$#', trim($request->input($time_name)))) {
|
||||||
$time = trim($_REQUEST[$time_name]);
|
$time = trim($request->input($time_name));
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST[$date_name]) && in_array($_REQUEST[$date_name], $allowed_days)) {
|
|
||||||
$day = $_REQUEST[$date_name];
|
if ($request->has($date_name) && in_array($request->input($date_name), $allowed_days)) {
|
||||||
|
$day = $request->input($date_name);
|
||||||
}
|
}
|
||||||
|
|
||||||
return parse_date('Y-m-d H:i', $day . ' ' . $time);
|
return parse_date('Y-m-d H:i', $day . ' ' . $time);
|
||||||
|
@ -94,8 +96,9 @@ function select_array($data, $key_name, $value_name)
|
||||||
*/
|
*/
|
||||||
function check_request_int_array($name, $default = [])
|
function check_request_int_array($name, $default = [])
|
||||||
{
|
{
|
||||||
if (isset($_REQUEST[$name]) && is_array($_REQUEST[$name])) {
|
$request = request();
|
||||||
return array_filter($_REQUEST[$name], 'is_numeric');
|
if ($request->has($name) && is_array($request->input($name))) {
|
||||||
|
return array_filter($request->input($name), 'is_numeric');
|
||||||
}
|
}
|
||||||
return $default;
|
return $default;
|
||||||
}
|
}
|
||||||
|
@ -111,10 +114,11 @@ function check_request_int_array($name, $default = [])
|
||||||
*/
|
*/
|
||||||
function check_request_date($name, $error_message = null, $null_allowed = false)
|
function check_request_date($name, $error_message = null, $null_allowed = false)
|
||||||
{
|
{
|
||||||
if (!isset($_REQUEST[$name])) {
|
$request = request();
|
||||||
|
if (!$request->has($name)) {
|
||||||
return new ValidationResult($null_allowed, null);
|
return new ValidationResult($null_allowed, null);
|
||||||
}
|
}
|
||||||
return check_date($_REQUEST[$name], $error_message, $null_allowed);
|
return check_date($request->input($name), $error_message, $null_allowed);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -148,8 +152,9 @@ function check_date($input, $error_message = null, $null_allowed = false)
|
||||||
*/
|
*/
|
||||||
function strip_request_item($name, $default_value = null)
|
function strip_request_item($name, $default_value = null)
|
||||||
{
|
{
|
||||||
if (isset($_REQUEST[$name])) {
|
$request = request();
|
||||||
return strip_item($_REQUEST[$name]);
|
if ($request->has($name)) {
|
||||||
|
return strip_item($request->input($name));
|
||||||
}
|
}
|
||||||
return $default_value;
|
return $default_value;
|
||||||
}
|
}
|
||||||
|
@ -163,8 +168,9 @@ function strip_request_item($name, $default_value = null)
|
||||||
*/
|
*/
|
||||||
function test_request_int($name)
|
function test_request_int($name)
|
||||||
{
|
{
|
||||||
if (isset($_REQUEST[$name])) {
|
$request = request();
|
||||||
return preg_match('/^\d*$/', $_REQUEST[$name]);
|
if ($request->has($name)) {
|
||||||
|
return preg_match('/^\d*$/', $request->input($name));
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -178,8 +184,9 @@ function test_request_int($name)
|
||||||
*/
|
*/
|
||||||
function strip_request_item_nl($name, $default_value = null)
|
function strip_request_item_nl($name, $default_value = null)
|
||||||
{
|
{
|
||||||
if (isset($_REQUEST[$name])) {
|
$request = request();
|
||||||
return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($_REQUEST[$name]));
|
if ($request->has($name)) {
|
||||||
|
return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($request->get($name)));
|
||||||
}
|
}
|
||||||
return $default_value;
|
return $default_value;
|
||||||
}
|
}
|
||||||
|
|
|
@ -336,10 +336,10 @@ function table_buttons($buttons = [])
|
||||||
* Load and render template
|
* Load and render template
|
||||||
*
|
*
|
||||||
* @param string $file
|
* @param string $file
|
||||||
* @param string $data
|
* @param string[] $data
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
function template_render($file, $data)
|
function template_render($file, $data = [])
|
||||||
{
|
{
|
||||||
if (file_exists($file)) {
|
if (file_exists($file)) {
|
||||||
$template = file_get_contents($file);
|
$template = file_get_contents($file);
|
||||||
|
|
|
@ -24,24 +24,22 @@ $page = '';
|
||||||
$title = '';
|
$title = '';
|
||||||
$content = '';
|
$content = '';
|
||||||
|
|
||||||
if (!isset($_REQUEST['p'])) {
|
$page = $request->input('p');
|
||||||
$_REQUEST['p'] = isset($user) ? 'news' : 'login';
|
if (empty($page)) {
|
||||||
|
$page = isset($user) ? 'news' : 'login';
|
||||||
}
|
}
|
||||||
|
|
||||||
if (
|
if (
|
||||||
isset($_REQUEST['p'])
|
preg_match('/^\w*$/i', $page)
|
||||||
&& preg_match('/^\w*$/i', $_REQUEST['p'])
|
|
||||||
&& (
|
&& (
|
||||||
in_array($_REQUEST['p'], $free_pages)
|
in_array($page, $free_pages)
|
||||||
|| (isset($privileges) && in_array($_REQUEST['p'], $privileges))
|
|| (isset($privileges) && in_array($page, $privileges))
|
||||||
)
|
)
|
||||||
) {
|
) {
|
||||||
$page = $_REQUEST['p'];
|
|
||||||
|
|
||||||
$title = $page;
|
$title = $page;
|
||||||
|
|
||||||
if ($page == 'api') {
|
if ($page == 'api') {
|
||||||
error('Api disabled temporily.');
|
error('Api disabled temporarily.');
|
||||||
redirect(page_link_to());
|
redirect(page_link_to());
|
||||||
require_once realpath(__DIR__ . '/../includes/controller/api.php');
|
require_once realpath(__DIR__ . '/../includes/controller/api.php');
|
||||||
api_controller();
|
api_controller();
|
||||||
|
|
|
@ -0,0 +1,110 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Engelsystem\Http;
|
||||||
|
|
||||||
|
use ErrorException;
|
||||||
|
|
||||||
|
class Request
|
||||||
|
{
|
||||||
|
/** @var self */
|
||||||
|
protected static $instance;
|
||||||
|
|
||||||
|
/** @var array of POST data */
|
||||||
|
protected $request;
|
||||||
|
|
||||||
|
/** @var array of GET data */
|
||||||
|
protected $query;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize request
|
||||||
|
*/
|
||||||
|
public function create()
|
||||||
|
{
|
||||||
|
$this->request = $_POST;
|
||||||
|
$this->query = $_GET;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get GET input
|
||||||
|
*
|
||||||
|
* @param string $key
|
||||||
|
* @param mixed $default
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function get($key, $default = null)
|
||||||
|
{
|
||||||
|
if (!empty($this->query[$key])) {
|
||||||
|
return $this->query[$key];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $default;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get POST input
|
||||||
|
*
|
||||||
|
* @param string $key
|
||||||
|
* @param mixed $default
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function post($key, $default = null)
|
||||||
|
{
|
||||||
|
if (!empty($this->request[$key])) {
|
||||||
|
return $this->request[$key];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $default;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get input data
|
||||||
|
*
|
||||||
|
* @param string $key
|
||||||
|
* @param mixed $default
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function input($key, $default = null)
|
||||||
|
{
|
||||||
|
$data = $this->request + $this->query;
|
||||||
|
|
||||||
|
if (!empty($data[$key])) {
|
||||||
|
return $data[$key];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $default;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if the input exists
|
||||||
|
*
|
||||||
|
* @param string $key
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function has($key)
|
||||||
|
{
|
||||||
|
$value = $this->input($key);
|
||||||
|
|
||||||
|
return !empty($value);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return self
|
||||||
|
* @throws ErrorException
|
||||||
|
*/
|
||||||
|
public static function getInstance()
|
||||||
|
{
|
||||||
|
if (!self::$instance instanceof self) {
|
||||||
|
throw new ErrorException('Request not initialized');
|
||||||
|
}
|
||||||
|
|
||||||
|
return self::$instance;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param self $instance
|
||||||
|
*/
|
||||||
|
public static function setInstance($instance)
|
||||||
|
{
|
||||||
|
self::$instance = $instance;
|
||||||
|
}
|
||||||
|
}
|
|
@ -2,6 +2,7 @@
|
||||||
// Some useful functions
|
// Some useful functions
|
||||||
|
|
||||||
use Engelsystem\Config\Config;
|
use Engelsystem\Config\Config;
|
||||||
|
use Engelsystem\Http\Request;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get or set config values
|
* Get or set config values
|
||||||
|
@ -22,3 +23,19 @@ function config($key = null, $default = null)
|
||||||
|
|
||||||
return Config::getInstance()->get($key, $default);
|
return Config::getInstance()->get($key, $default);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $key
|
||||||
|
* @param mixed $default
|
||||||
|
* @return Request|mixed
|
||||||
|
*/
|
||||||
|
function request($key = null, $default = null)
|
||||||
|
{
|
||||||
|
$request = Request::getInstance();
|
||||||
|
|
||||||
|
if (is_null($key)) {
|
||||||
|
return $request;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $request->input($key, $default);
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue