form validation for creating shifts (admin_shifts) and changed database layout

This commit is contained in:
Philip Häusler 2011-09-07 23:30:05 +02:00
parent 82522881d4
commit 4303b05d08
6 changed files with 166 additions and 82 deletions

View File

@ -3,7 +3,7 @@
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Erstellungszeit: 19. Juli 2011 um 19:07
-- Erstellungszeit: 07. September 2011 um 21:23
-- Server Version: 5.1.44
-- PHP-Version: 5.3.1
@ -70,32 +70,33 @@ CREATE TABLE IF NOT EXISTS `Counter` (
--
INSERT INTO `Counter` (`URL`, `Anz`) VALUES
('news', 243),
('login', 85),
('news', 248),
('login', 89),
('logout', 22),
('start', 59),
('faq', 35),
('credits', 12),
('start', 65),
('faq', 36),
('credits', 13),
('register', 24),
('admin_rooms', 117),
('admin_angel_types', 84),
('admin_rooms', 123),
('admin_angel_types', 85),
('user_settings', 163),
('user_messages', 124),
('admin_groups', 188),
('admin_groups', 196),
('user_questions', 63),
('admin_questions', 51),
('admin_faq', 60),
('admin_faq', 61),
('admin_news', 35),
('news_comments', 158),
('admin_user', 219),
('admin_user', 225),
('user_meetings', 15),
('admin_language', 37),
('admin_language', 38),
('admin_log', 19),
('user_wakeup', 70),
('admin_import', 241),
('user_shifts', 371),
('user_myshifts', 94),
('admin_arrive', 44);
('admin_import', 245),
('user_shifts', 414),
('user_myshifts', 101),
('admin_arrive', 89),
('admin_shifts', 145);
-- --------------------------------------------------------
@ -141,7 +142,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` (
`privilege_id` int(11) NOT NULL,
PRIMARY KEY (`id`),
KEY `group_id` (`group_id`,`privilege_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=110 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=118 ;
--
-- Daten für Tabelle `GroupPrivileges`
@ -153,17 +154,17 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES
(106, -2, 8),
(105, -2, 11),
(23, -1, 2),
(62, -5, 16),
(61, -5, 6),
(116, -5, 16),
(115, -5, 28),
(104, -2, 26),
(103, -2, 9),
(86, -6, 21),
(60, -5, 12),
(59, -5, 14),
(114, -5, 6),
(113, -5, 12),
(102, -2, 17),
(58, -5, 13),
(57, -5, 7),
(63, -5, 5),
(112, -5, 14),
(111, -5, 13),
(110, -5, 7),
(101, -2, 15),
(87, -6, 18),
(100, -2, 3),
@ -172,7 +173,8 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES
(88, -1, 1),
(98, -3, 25),
(108, -2, 20),
(109, -4, 27);
(109, -4, 27),
(117, -5, 5);
-- --------------------------------------------------------
@ -227,6 +229,37 @@ INSERT INTO `Messages` (`id`, `Datum`, `SUID`, `RUID`, `isRead`, `Text`) VALUES
-- --------------------------------------------------------
--
-- Tabellenstruktur für Tabelle `NeededAngelTypes`
--
CREATE TABLE IF NOT EXISTS `NeededAngelTypes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`room_id` int(11) DEFAULT NULL,
`shift_id` int(11) DEFAULT NULL,
`angel_type_id` int(11) NOT NULL,
`count` int(11) NOT NULL,
PRIMARY KEY (`id`),
KEY `room_id` (`room_id`,`angel_type_id`),
KEY `shift_id` (`shift_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=13 ;
--
-- Daten für Tabelle `NeededAngelTypes`
--
INSERT INTO `NeededAngelTypes` (`id`, `room_id`, `shift_id`, `angel_type_id`, `count`) VALUES
(4, 3, NULL, 5, 2),
(3, 3, NULL, 4, 2),
(5, 2, NULL, 4, 0),
(6, 2, NULL, 5, 2),
(10, 11, NULL, 5, 0),
(9, 11, NULL, 4, 2),
(11, 10, NULL, 4, 2),
(12, 10, NULL, 5, 0);
-- --------------------------------------------------------
--
-- Tabellenstruktur für Tabelle `News`
--
@ -287,7 +320,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` (
`desc` varchar(1024) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=28 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=29 ;
--
-- Daten für Tabelle `Privileges`
@ -320,7 +353,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES
(24, 'user_shifts', 'Signup for shifts'),
(25, 'user_shifts_admin', 'Signup other angels for shifts.'),
(26, 'user_myshifts', 'Allow angels to view their own shifts and cancel them.'),
(27, 'admin_arrive', 'Mark angels when they arrive.');
(27, 'admin_arrive', 'Mark angels when they arrive.'),
(28, 'admin_shifts', 'Create shifts');
-- --------------------------------------------------------
@ -370,35 +404,6 @@ INSERT INTO `Room` (`RID`, `Name`, `Man`, `FromPentabarf`, `show`, `Number`) VAL
-- --------------------------------------------------------
--
-- Tabellenstruktur für Tabelle `RoomAngelTypes`
--
CREATE TABLE IF NOT EXISTS `RoomAngelTypes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`room_id` int(11) NOT NULL,
`angel_type_id` int(11) NOT NULL,
`count` int(11) NOT NULL,
PRIMARY KEY (`id`),
KEY `room_id` (`room_id`,`angel_type_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=13 ;
--
-- Daten für Tabelle `RoomAngelTypes`
--
INSERT INTO `RoomAngelTypes` (`id`, `room_id`, `angel_type_id`, `count`) VALUES
(4, 3, 5, 2),
(3, 3, 4, 2),
(5, 2, 4, 0),
(6, 2, 5, 2),
(10, 11, 5, 0),
(9, 11, 4, 2),
(11, 10, 4, 2),
(12, 10, 5, 0);
-- --------------------------------------------------------
--
-- Tabellenstruktur für Tabelle `ShiftEntry`
--
@ -410,12 +415,14 @@ CREATE TABLE IF NOT EXISTS `ShiftEntry` (
`UID` int(11) NOT NULL DEFAULT '0',
`Comment` text,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=14 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=15 ;
--
-- Daten für Tabelle `ShiftEntry`
--
INSERT INTO `ShiftEntry` (`id`, `SID`, `TID`, `UID`, `Comment`) VALUES
(14, 131, 4, 1, 'asdfasdfasdf');
-- --------------------------------------------------------
@ -1149,7 +1156,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES
('user_myshifts', 'DE', 'Meine Schichten'),
('user_myshifts', 'EN', 'My shifts'),
('admin_arrive', 'DE', 'Engel Ankunft'),
('admin_arrive', 'EN', 'Arrived angels');
('admin_arrive', 'EN', 'Arrived angels'),
('admin_shifts', 'DE', 'Schichten erstellen'),
('admin_shifts', 'EN', 'Create shifts');
-- --------------------------------------------------------
@ -1192,8 +1201,8 @@ CREATE TABLE IF NOT EXISTS `User` (
--
INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES
(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '21232f297a57a5a743894a0e4a801fc3', 0, 1, 0, 10, 'DE', 115, 'L', 1311102448, '0000-00-00 00:00:00', '', '', ''),
(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 1, 10, 'DE', 0, 'L', 1307110798, '2011-06-03 07:55:24', 'AudioEngel', '', '');
(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '21232f297a57a5a743894a0e4a801fc3', 1, 1, 0, 10, 'DE', 115, 'L', 1315430361, '0000-00-00 00:00:00', '', '', ''),
(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307110798, '2011-06-03 07:55:24', 'AudioEngel', '', '');
-- --------------------------------------------------------

View File

@ -83,7 +83,7 @@ function admin_angel_types() {
$angel_type = sql_select("SELECT * FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
if (count($angel_type) > 0) {
sql_query("DELETE FROM `AngelTypes` WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `RoomAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `angel_type_id`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("admin_angel_types"));
} else
return error("No Angel Type found.");

View File

@ -63,7 +63,7 @@ function admin_rooms() {
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
if (count($room) > 0) {
list ($room) = $room;
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`TID` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
$angel_types = "";
foreach ($room_angel_types as $room_angel_type) {
@ -101,7 +101,7 @@ function admin_rooms() {
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
if (count($room) > 0) {
list ($room) = $room;
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `RoomAngelTypes` ON (`AngelTypes`.`TID` = `RoomAngelTypes`.`angel_type_id` AND `RoomAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
$room_angel_types = sql_select("SELECT * FROM `AngelTypes` LEFT OUTER JOIN `NeededAngelTypes` ON (`AngelTypes`.`TID` = `NeededAngelTypes`.`angel_type_id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($rid) . ") ORDER BY `AngelTypes`.`Name`");
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Name']));
$man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['Man']));
@ -109,13 +109,13 @@ function admin_rooms() {
$show = preg_replace("/([^YN]{1,})/ui", '', strip_tags($_REQUEST['Show']));
$number = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['Number']));
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($show) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid));
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid));
foreach ($room_angel_types as $room_angel_type) {
if (isset ($_REQUEST['angel_type_' . $room_angel_type['TID']]) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['angel_type_' . $room_angel_type['TID']]))
$count = $_REQUEST['angel_type_' . $room_angel_type['TID']];
else
$count = "0";
sql_query("INSERT INTO `RoomAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count));
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($rid) . ", `angel_type_id`=" . sql_escape($room_angel_type['TID']) . ", `count`=" . sql_escape($count));
}
header("Location: " . page_link_to("admin_rooms"));
} else
@ -130,7 +130,7 @@ function admin_rooms() {
if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) {
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
sql_query("DELETE FROM `RoomAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1");
header("Location: " . page_link_to("admin_rooms"));
} else
return error("No Room found.");

View File

@ -8,8 +8,10 @@ function admin_shifts() {
$name = "";
$rid = 0;
$start = date('Y-m-d 00:00');
$end = date('Y-m-d 00:00', time() + 24 * 60 * 60);
$start = DateTime :: createFromFormat("Y-m-d H:i", date("Y-m-d") . " 00:00")->getTimestamp();
$end = $start +24 * 60 * 60;
$mode = 'single';
$angelmode = 'location';
// Locations laden
$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
@ -17,18 +19,22 @@ function admin_shifts() {
foreach ($rooms as $room)
$room_array[$room['RID']] = $room['Name'];
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `Name`");
$needed_angel_types = array ();
foreach ($types as $type)
$needed_angel_types[$type['TID']] = 0;
if (isset ($_REQUEST['preview'])) {
// Name/Bezeichnung der Schicht, darf nicht leer sein
if (isset ($_REQUEST['name']) && strlen($_REQUEST['name']) > 0)
$name = strip_request_item('name');
else {
$ok = false;
$name = "";
$msg .= error("Gib bitte einen Namen für die Schicht(en) an.");
}
// Auswahl der sichtbaren Locations für die Schichten
if (isset ($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset ($room_array[$_REQUEST['rid']]))
$rid = $_REQUEST['rid'];
else {
@ -36,16 +42,80 @@ function admin_shifts() {
$rid = $rooms[0]['RID'];
$msg .= error("Wähle bitte einen Raum aus.");
}
}
$room_select = html_select_key('rid', $room_array, '');
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `Name`");
if (isset ($_REQUEST['start']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
$start = $tmp->getTimestamp();
else {
$ok = false;
$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.");
}
if (isset ($_REQUEST['end']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))
$end = $tmp->getTimestamp();
else {
$ok = false;
$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.");
}
if ($start >= $end) {
$ok = false;
$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!");
}
if (isset ($_REQUEST['mode'])) {
if ($_REQUEST['mode'] == 'single') {
$mode = 'single';
}
elseif ($_REQUEST['mode'] == 'multi') {
if (isset ($_REQUEST['length']) && preg_match("/^[0-9]+$/", trim($_REQUEST['length']))) {
$mode = 'multi';
$length = trim($_REQUEST['length']);
} else {
$ok = false;
$msg .= error("Bitte gib eine Schichtlänge in Minuten an.");
}
}
elseif ($_REQUEST['mode'] == 'variable') {
if (isset ($_REQUEST['change_hours']) && preg_match("/^([0-9]+(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) {
$mode = 'variable';
$change_hours = explode(",", $_REQUEST['change_hours']);
} else {
$ok = false;
$msg .= error("Bitte gib die Schichtwechsel-Stunden kommagetrennt ein.");
}
}
} else {
$ok = false;
$msg .= error("Bitte wähle einen Modus.");
}
if (isset ($_REQUEST['angelmode'])) {
if ($_REQUEST['angelmode'] == 'location') {
$angelmode = 'location';
}
elseif ($_REQUEST['angelmode'] == 'manually') {
foreach ($types as $type) {
if (isset ($_REQUEST['type_' . $type['TID']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['TID']]))) {
$needed_angel_types[$type['TID']] = trim($_REQUEST['type_' . $type['TID']]);
} else {
$ok = false;
$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['Name'] . ".");
}
}
} else {
$ok = false;
$msg .= error("Bitte Wähle einen Modus für die benötigten Engel.");
}
}
}
$room_select = html_select_key('rid', $room_array, '');
$angel_types = "";
foreach ($types as $type) {
$angel_types .= template_render('../templates/admin_shifts_angel_types.html', array (
'id' => $type['TID'],
'type' => $type['Name'],
'value' => "0"
'value' => $needed_angel_types[$type['TID']]
));
}
return template_render('../templates/admin_shifts.html', array (
@ -53,8 +123,13 @@ function admin_shifts() {
'room_select' => $room_select,
'msg' => $msg,
'name' => $name,
'start' => $start,
'end' => $end
'start' => date("Y-m-d H:i", $start),
'end' => date("Y-m-d H:i", $end),
'mode_single_selected' => $_REQUEST['mode'] == 'single' ? 'checked="checked"' : '',
'mode_multi_selected' => $_REQUEST['mode'] == 'multi' ? 'checked="checked"' : '',
'mode_variable_selected' => $_REQUEST['mode'] == 'variable' ? 'checked="checked"' : '',
'angelmode_location_selected' => $_REQUEST['angelmode'] == 'location' ? 'checked="checked"' : '',
'angelmode_manually_selected' => $_REQUEST['angelmode'] == 'manually' ? 'checked="checked"' : ''
));
}
?>

View File

@ -98,7 +98,7 @@ function user_shifts() {
foreach ($shifts as $shift) {
$shift_row = '<tr><td>' . date(($id == 0 ? "Y-m-d " : "") . "H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . ($id == 0 ? "<br />" . $shift['Name'] : "") . '</td><td>' . $shift['name'] . '<br />';
$show_shift = false;
$angeltypes = sql_select("SELECT * FROM `RoomAngelTypes` JOIN `AngelTypes` ON (`RoomAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");
$angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`TID`) WHERE `room_id`=" . sql_escape($shift['RID']) . " AND `count` > 0 ORDER BY `AngelTypes`.`Name`");
if (count($angeltypes) > 0) {
$my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0;

View File

@ -29,12 +29,12 @@
</p><h2>Modus:</h2>
<p>
<label>
<input type="radio" name="method" value="single" />
<input type="radio" name="mode" value="single" %mode_single_selected%/>
</label>Eine Schicht erstellen.
</p>
<p>
<label>
<input type="radio" name="method" value="multi" />
<input type="radio" name="mode" value="multi" %mode_multi_selected%/>
</label>Mehrere Schichten erstellen:
</p>
<p>
@ -45,7 +45,7 @@
</p>
<p>
<label>
<input type="radio" name="method" value="variable" />
<input type="radio" name="mode" value="variable" %mode_variable_selected%/>
</label>Mehrere Schichten mit variabler Länge erstellen:
</p>
<p>
@ -56,12 +56,12 @@
</p><h2>Benötigte Engel:</h2>
<p>
<label>
<input type="radio" name="angelmode" value="location" />
<input type="radio" name="angelmode" value="location" %angelmode_location_selected%/>
</label>Benötigte Engel vom Ort übernehmen.
</p>
<p>
<label>
<input type="radio" name="angelmode" value="manually" />
<input type="radio" name="angelmode" value="manually" %angelmode_manually_selected%/>
</label>Es werden folgende Engel benötigt:
</p>%angel_types%
<p>