Merge branch 'pr/316' into feature-igel-rewrite

.gitignore

@@ -20,3 +20,7 @@ _vimrc_local.vim
 # Project files
 /config/config.php
 /test/coverage
+
+# Composer files
+/vendor/
+/composer.lock

.gitmodules

@@ -1,6 +0,0 @@
-[submodule "vendor/parsedown"]
-	path = vendor/parsedown
-	url = https://github.com/erusev/parsedown.git
-[submodule "vendor/bootstrap"]
-	path = themes/assets/bootstrap
-	url = https://github.com/twbs/bootstrap.git

README-ENG.md

@@ -6,7 +6,9 @@
  * Webserver, i.e. lighttpd, nginx, or Apache
 
 ## Directions:
- * Clone the master branch with the submodules: `git clone --recursive https://github.com/engelsystem/engelsystem.git`
+ * Clone the master branch: `git clone https://github.com/engelsystem/engelsystem.git`
+ * Install [Composer](https://getcomposer.org/download/)
+ * Install project dependencies: `composer install`
  * Webserver must have write access to the 'import' directory and read access for all other directories
  * Webserver must be public.
 

README.md

@@ -9,7 +9,9 @@
  * Webserver mit PHP-Anbindung, z.B. lighttpd, nginx oder Apache
 
 ## Vorgehen:
- * Klonen des `master` inkl. submodules in lokales Verzeichnis: `git clone --recursive https://github.com/engelsystem/engelsystem.git`
+ * Klonen des `master` in lokales Verzeichnis: `git clone https://github.com/engelsystem/engelsystem.git`
+ * [Composer](https://getcomposer.org/download/) installieren
+ * Abhängigkeiten installieren: `composer install`
  * Der Webserver muss Schreibrechte auf das Verzeichnis `import` bekommen, für alle anderen Dateien reichen Leserechte.
  * Der Webserver muss auf `public` als http-root zeigen.
 

composer.json

@@ -0,0 +1,29 @@
+{
+    "name": "engelsystem/engelsystem",
+    "description": "Shift planning system for chaos events",
+    "type": "project",
+    "license": "GPL-2.0",
+    "authors": [
+        {
+            "name": "msquare",
+            "email": "msquare@notrademark.de"
+        },
+        {
+            "name": "MyIgel",
+            "email": "igor.scheller@igorshp.de"
+        }
+    ],
+    "require": {
+        "php": ">=5.4",
+        "erusev/parsedown": "1.6.*",
+        "twbs/bootstrap": "^3.3"
+    },
+    "autoload": {
+        "psr-4": {
+            "Engelsystem\\": "src/"
+        },
+        "files": [
+            "src/helpers.php"
+        ]
+    }
+}

config/config.default.php

@@ -1,70 +1,107 @@
 <?php
 
-// Enable maintenance mode (showin a static page)
-$maintenance_mode = false;
+// To change settings create a config.php
 
-// URL to the angel faq and job description
-$faq_url = "https://events.ccc.de/congress/2013/wiki/Static:Volunteers";
+return [
+    // MySQL-Connection Settings
+    'database'         => [
+        'host' => 'localhost',
+        'user' => 'root',
+        'pw'   => '',
+        'db'   => 'engelsystem',
+    ],
 
-// contact email address, linked on every page
-$contact_email = "mailto:ticket@c3heaven.de";
-$no_reply_email = "noreply@engelsystem.de";
+    // For accessing stats
+    'api_key'          => '',
 
-// Default-Theme auf der Startseite, 1=style1.css usw.
-$default_theme = 1;
+    // Enable maintenance mode (show a static page)
+    'maintenance'      => false,
 
-// Anzahl der News, die auf einer Seite ausgeben werden koennen...
-$DISPLAY_NEWS = 6;
+    // Set to development to enable debugging messages
+    'environment'      => 'production',
 
-// Anzahl Stunden bis zum Austragen eigener Schichten
-$LETZTES_AUSTRAGEN = 3;
+    // URL to the angel faq and job description
+    'faq_url'          => 'https://events.ccc.de/congress/2013/wiki/Static:Volunteers',
 
-// Setzt den zu verwendenden Crypto-Algorismus (entsprechend der Dokumentation von crypt()).
-// Falls ein Benutzerpasswort in einem anderen Format gespeichert ist,
-// wird es bei der ersten Benutzung des Klartext-Passworts in das neue Format
-// konvertiert.
-// $crypt_alg = '$1'; // MD5
-// $crypt_alg = '$2y$13'; // Blowfish
-// $crypt_alg = '$5$rounds=5000'; // SHA-256
-$crypt_alg = '$6$rounds=5000'; // SHA-512
+    // Contact email address, linked on every page
+    'contact_email'    => 'mailto:ticket@c3heaven.de',
 
-$min_password_length = 8;
+    // Default theme of the start page, 1=style1.css
+    'theme'            => 1,
 
-// Wenn Engel beim Registrieren oder in ihrem Profil eine T-Shirt Größe angeben sollen, auf true setzen:
-$enable_tshirt_size = true;
+    // Number of News shown on one site
+    'display_news'     => 6,
 
-// Number of shifts to freeload until angel is locked for shift signup.
-$max_freeloadable_shifts = 2;
+    // Anzahl Stunden bis zum Austragen eigener Schichten
+    'last_unsubscribe' => 3,
 
-// local timezone
-date_default_timezone_set("Europe/Berlin");
+    // Setzt den zu verwendenden Crypto-Algorismus (entsprechend der Dokumentation von crypt()).
+    // Falls ein Benutzerpasswort in einem anderen Format gespeichert ist,
+    // wird es bei der ersten Benutzung des Klartext-Passworts in das neue Format
+    // konvertiert.
+    //  MD5         '$1'
+    //  Blowfish    '$2y$13'
+    //  SHA-256     '$5$rounds=5000'
+    //  SHA-512     '$6$rounds=5000'
+    'crypt_alg'        => '$6$rounds=5000', // SHA-512
 
-// multiply "night shifts" and freeloaded shifts (start or end between 2 and 6 exclusive) by 2
-$shift_sum_formula = "SUM(
-  (1+(
-    (HOUR(FROM_UNIXTIME(`Shifts`.`end`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) < 6)
-    OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`start`)) < 6)
-    OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) <= 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) >= 6)
-  ))*(`Shifts`.`end` - `Shifts`.`start`)*(1 - 3 * `ShiftEntry`.`freeloaded`)
-)";
+    'min_password_length'     => 8,
 
-// voucher calculation 
-$voucher_settings = [
-	"initial_vouchers" => 2,
-	"shifts_per_voucher" => 1
+    // Wenn Engel beim Registrieren oder in ihrem Profil eine T-Shirt Größe angeben sollen, auf true setzen:
+    'enable_tshirt_size'      => true,
+
+    // Number of shifts to freeload until angel is locked for shift signup.
+    'max_freeloadable_shifts' => 2,
+
+    // local timezone
+    'timezone'                => 'Europe/Berlin',
+
+    // weigh every shift the same
+    //'shift_sum_formula'       => 'SUM(`end` - `start`)',
+
+    // Multiply 'night shifts' and freeloaded shifts (start or end between 2 and 6 exclusive) by 2
+    'shift_sum_formula'       => '
+        SUM(
+            (1 +
+                (
+                  (HOUR(FROM_UNIXTIME(`Shifts`.`end`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) < 6)
+                  OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) > 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`start`)) < 6)
+                  OR (HOUR(FROM_UNIXTIME(`Shifts`.`start`)) <= 2 AND HOUR(FROM_UNIXTIME(`Shifts`.`end`)) >= 6)
+                )
+            )
+            * (`Shifts`.`end` - `Shifts`.`start`)
+            * (1 - 3 * `ShiftEntry`.`freeloaded`)
+        )
+    ',
+
+    // Voucher calculation
+    'voucher_settings'        => [
+        'initial_vouchers'   => 2,
+        'shifts_per_voucher' => 1,
+    ],
+
+    // Available locales in /locale/
+    'locales'                 => [
+        'de_DE.UTF-8' => 'Deutsch',
+        'en_US.UTF-8' => 'English',
+    ],
+
+    'default_locale' => 'en_US.UTF-8',
+
+    // Available T-Shirt sizes, set value to null if not available
+    'tshirt_sizes'   => [
+        ''     => _('Please select...'),
+        'S'    => 'S',
+        'M'    => 'M',
+        'L'    => 'L',
+        'XL'   => 'XL',
+        '2XL'  => '2XL',
+        '3XL'  => '3XL',
+        '4XL'  => '4XL',
+        '5XL'  => '5XL',
+        'S-G'  => 'S Girl',
+        'M-G'  => 'M Girl',
+        'L-G'  => 'L Girl',
+        'XL-G' => 'XL Girl',
+    ],
 ];
-
-// weigh every shift the same
-// $shift_sum_formula = "SUM(`end` - `start`)";
-
-// For accessing stats
-$api_key = "";
-
-// MySQL-Connection Settings
-$config = [
-    'host' => "localhost",
-    'user' => "root",
-    'pw' => "",
-    'db' => "engelsystem"
-];
-?>

includes/controller/angeltypes_controller.php

@@ -2,225 +2,275 @@
 
 /**
  * Text for Angeltype related links.
+ *
+ * @return string
  */
-function angeltypes_title() {
-  return _("Angeltypes");
+function angeltypes_title()
+{
+    return _('Angeltypes');
 }
 
 /**
  * Route angeltype actions.
+ *
+ * @return array
  */
-function angeltypes_controller() {
-  $action = strip_request_item('action', 'list');
-  
-  switch ($action) {
-    default:
-    case 'list':
-      return angeltypes_list_controller();
-    case 'view':
-      return angeltype_controller();
-    case 'edit':
-      return angeltype_edit_controller();
-    case 'delete':
-      return angeltype_delete_controller();
-    case 'about':
-      return angeltypes_about_controller();
-  }
+function angeltypes_controller()
+{
+    $action = strip_request_item('action', 'list');
+
+    switch ($action) {
+        case 'view':
+            return angeltype_controller();
+        case 'edit':
+            return angeltype_edit_controller();
+        case 'delete':
+            return angeltype_delete_controller();
+        case 'about':
+            return angeltypes_about_controller();
+        case 'list':
+        default:
+            return angeltypes_list_controller();
+    }
 }
 
 /**
  * Path to angeltype view.
  *
- * @param AngelType $angeltype_id          
+ * @param int $angeltype_id AngelType id
+ * @return string
  */
-function angeltype_link($angeltype_id) {
-  return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id;
+function angeltype_link($angeltype_id)
+{
+    return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id;
 }
 
 /**
  * Job description for all angeltypes (public to everyone)
+ *
+ * @return array
  */
-function angeltypes_about_controller() {
-  global $user;
-  
-  if (isset($user)) {
-    $angeltypes = AngelTypes_with_user($user);
-  } else {
-    $angeltypes = AngelTypes();
-  }
-  
-  return [
-      _("Teams/Job description"),
-      AngelTypes_about_view($angeltypes, isset($user)) 
-  ];
+function angeltypes_about_controller()
+{
+    global $user;
+
+    if (isset($user)) {
+        $angeltypes = AngelTypes_with_user($user);
+    } else {
+        $angeltypes = AngelTypes();
+    }
+
+    return [
+        _('Teams/Job description'),
+        AngelTypes_about_view($angeltypes, isset($user))
+    ];
 }
 
 /**
  * Delete an Angeltype.
+ *
+ * @return array
  */
-function angeltype_delete_controller() {
-  global $privileges;
-  
-  if (! in_array('admin_angel_types', $privileges)) {
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = load_angeltype();
-  
-  if (isset($_REQUEST['confirmed'])) {
-    AngelType_delete($angeltype);
-    success(sprintf(_("Angeltype %s deleted."), AngelType_name_render($angeltype)));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  return [
-      sprintf(_("Delete angeltype %s"), $angeltype['name']),
-      AngelType_delete_view($angeltype) 
-  ];
+function angeltype_delete_controller()
+{
+    global $privileges;
+
+    if (!in_array('admin_angel_types', $privileges)) {
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = load_angeltype();
+
+    if (isset($_REQUEST['confirmed'])) {
+        AngelType_delete($angeltype);
+        success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype)));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    return [
+        sprintf(_('Delete angeltype %s'), $angeltype['name']),
+        AngelType_delete_view($angeltype)
+    ];
 }
 
 /**
  * Change an Angeltype.
+ *
+ * @return array
  */
-function angeltype_edit_controller() {
-  global $privileges, $user;
-  
-  // In supporter mode only allow to modify description
-  $supporter_mode = ! in_array('admin_angel_types', $privileges);
-  
-  if (isset($_REQUEST['angeltype_id'])) {
-    // Edit existing angeltype
-    $angeltype = load_angeltype();
-    
-    if (! User_is_AngelType_supporter($user, $angeltype)) {
-      redirect(page_link_to('angeltypes'));
-    }
-  } else {
-    // New angeltype
-    if ($supporter_mode) {
-      // Supporters aren't allowed to create new angeltypes.
-      redirect(page_link_to('angeltypes'));
-    }
-    $angeltype = AngelType_new();
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (! $supporter_mode) {
-      if (isset($_REQUEST['name'])) {
-        $result = AngelType_validate_name($_REQUEST['name'], $angeltype);
-        $angeltype['name'] = $result->getValue();
-        if (! $result->isValid()) {
-          $valid = false;
-          error(_("Please check the name. Maybe it already exists."));
-        }
-      }
-      
-      $angeltype['restricted'] = isset($_REQUEST['restricted']);
-      $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']);
+function angeltype_edit_controller()
+{
+    global $privileges, $user;
 
-      $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']);
+    // In supporter mode only allow to modify description
+    $supporter_mode = !in_array('admin_angel_types', $privileges);
+
+    if (isset($_REQUEST['angeltype_id'])) {
+        // Edit existing angeltype
+        $angeltype = load_angeltype();
+
+        if (!User_is_AngelType_supporter($user, $angeltype)) {
+            redirect(page_link_to('angeltypes'));
+        }
+    } else {
+        // New angeltype
+        if ($supporter_mode) {
+            // Supporters aren't allowed to create new angeltypes.
+            redirect(page_link_to('angeltypes'));
+        }
+        $angeltype = AngelType_new();
     }
-    
-    $angeltype['description'] = strip_request_item_nl('description', $angeltype['description']);
-    
-    if ($valid) {
-      if ($angeltype['id'] != null) {
-        AngelType_update($angeltype);
-      } else {
-        $angeltype = AngelType_create($angeltype);
-      }
-      
-      success("Angel type saved.");
-      redirect(angeltype_link($angeltype['id']));
+
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (!$supporter_mode) {
+            if (isset($_REQUEST['name'])) {
+                $result = AngelType_validate_name($_REQUEST['name'], $angeltype);
+                $angeltype['name'] = $result->getValue();
+                if (!$result->isValid()) {
+                    $valid = false;
+                    error(_('Please check the name. Maybe it already exists.'));
+                }
+            }
+
+            $angeltype['restricted'] = isset($_REQUEST['restricted']);
+            $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']);
+
+            $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']);
+        }
+
+        $angeltype['description'] = strip_request_item_nl('description', $angeltype['description']);
+
+        if ($valid) {
+            if ($angeltype['id'] != null) {
+                AngelType_update($angeltype);
+            } else {
+                $angeltype = AngelType_create($angeltype);
+            }
+
+            success('Angel type saved.');
+            redirect(angeltype_link($angeltype['id']));
+        }
     }
-  }
-  
-  return [
-      sprintf(_("Edit %s"), $angeltype['name']),
-      AngelType_edit_view($angeltype, $supporter_mode) 
-  ];
+
+    return [
+        sprintf(_('Edit %s'), $angeltype['name']),
+        AngelType_edit_view($angeltype, $supporter_mode)
+    ];
 }
 
 /**
  * View details of a given angeltype.
+ *
+ * @return array
  */
-function angeltype_controller() {
-  global $privileges, $user;
-  
-  if (! in_array('angeltypes', $privileges)) {
-    redirect('?');
-  }
-  
-  $angeltype = load_angeltype();
-  $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
-  $user_driver_license = UserDriverLicense($user['UID']);
-  $members = Users_by_angeltype($angeltype);
-  
-  return [
-      sprintf(_("Team %s"), $angeltype['name']),
-      AngelType_view($angeltype, $members, $user_angeltype, in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'], in_array('admin_angel_types', $privileges), $user_angeltype['supporter'], $user_driver_license, $user) 
-  ];
+function angeltype_controller()
+{
+    global $privileges, $user;
+
+    if (!in_array('angeltypes', $privileges)) {
+        redirect('?');
+    }
+
+    $angeltype = load_angeltype();
+    $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
+    $user_driver_license = UserDriverLicense($user['UID']);
+    $members = Users_by_angeltype($angeltype);
+
+    return [
+        sprintf(_('Team %s'), $angeltype['name']),
+        AngelType_view(
+            $angeltype,
+            $members,
+            $user_angeltype,
+            in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'],
+            in_array('admin_angel_types', $privileges),
+            $user_angeltype['supporter'],
+            $user_driver_license,
+            $user
+        )
+    ];
 }
 
 /**
  * View a list of all angeltypes.
+ *
+ * @return array
  */
-function angeltypes_list_controller() {
-  global $privileges, $user;
-  
-  if (! in_array('angeltypes', $privileges)) {
-    redirect('?');
-  }
-  
-  $angeltypes = AngelTypes_with_user($user);
-  
-  foreach ($angeltypes as &$angeltype) {
-    $actions = [
-        button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("view"), "btn-xs") 
-    ];
-    
-    if (in_array('admin_angel_types', $privileges)) {
-      $actions[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), "btn-xs");
-      $actions[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), "btn-xs");
-    }
-    
-    $angeltype['membership'] = AngelType_render_membership($angeltype);
-    if ($angeltype['user_angeltype_id'] != null) {
-      $actions[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), "btn-xs");
-    } else {
-      $actions[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), "btn-xs");
-    }
-    
-    $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : '';
-    $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share');
+function angeltypes_list_controller()
+{
+    global $privileges, $user;
 
-    $angeltype['name'] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'] . '">' . $angeltype['name'] . '</a>';
-    
-    $angeltype['actions'] = table_buttons($actions);
-  }
-  
-  return [
-      angeltypes_title(),
-      AngelTypes_list_view($angeltypes, in_array('admin_angel_types', $privileges)) 
-  ];
+    if (!in_array('angeltypes', $privileges)) {
+        redirect('?');
+    }
+
+    $angeltypes = AngelTypes_with_user($user);
+
+    foreach ($angeltypes as &$angeltype) {
+        $actions = [
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('view'), 'btn-xs')
+        ];
+
+        if (in_array('admin_angel_types', $privileges)) {
+            $actions[] = button(
+                page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
+                _('edit'),
+                'btn-xs'
+            );
+            $actions[] = button(
+                page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
+                _('delete'),
+                'btn-xs'
+            );
+        }
+
+        $angeltype['membership'] = AngelType_render_membership($angeltype);
+        if ($angeltype['user_angeltype_id'] != null) {
+            $actions[] = button(
+                page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
+                _('leave'),
+                'btn-xs'
+            );
+        } else {
+            $actions[] = button(
+                page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
+                _('join'),
+                'btn-xs'
+            );
+        }
+
+        $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : '';
+        $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share');
+
+        $angeltype['name'] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'] . '">' . $angeltype['name'] . '</a>';
+
+        $angeltype['actions'] = table_buttons($actions);
+    }
+
+    return [
+        angeltypes_title(),
+        AngelTypes_list_view($angeltypes, in_array('admin_angel_types', $privileges))
+    ];
 }
 
 /**
  * Loads an angeltype from given angeltype_id request param.
+ *
+ * @return array
  */
-function load_angeltype() {
-  if (! isset($_REQUEST['angeltype_id'])) {
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = AngelType($_REQUEST['angeltype_id']);
-  if ($angeltype == null) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  return $angeltype;
+function load_angeltype()
+{
+    if (!isset($_REQUEST['angeltype_id'])) {
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = AngelType($_REQUEST['angeltype_id']);
+    if ($angeltype == null) {
+        error(_('Angeltype doesn\'t exist . '));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    return $angeltype;
 }
-?>

includes/controller/event_config_controller.php

@@ -1,103 +1,127 @@
 <?php
 
-function event_config_title() {
-  return _("Event config");
+/**
+ * @return string
+ */
+function event_config_title()
+{
+    return _('Event config');
 }
 
-function event_config_edit_controller() {
-  global $privileges;
-  
-  if (! in_array('admin_event_config', $privileges)) {
-    redirect('?');
-  }
-  
-  $event_name = null;
-  $event_welcome_msg = null;
-  $buildup_start_date = null;
-  $event_start_date = null;
-  $event_end_date = null;
-  $teardown_end_date = null;
-  
-  $event_config = EventConfig();
-  if ($event_config != null) {
-    $event_name = $event_config['event_name'];
-    $buildup_start_date = $event_config['buildup_start_date'];
-    $event_start_date = $event_config['event_start_date'];
-    $event_end_date = $event_config['event_end_date'];
-    $teardown_end_date = $event_config['teardown_end_date'];
-    $event_welcome_msg = $event_config['event_welcome_msg'];
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (isset($_REQUEST['event_name'])) {
-      $event_name = strip_request_item('event_name');
-    }
-    if ($event_name == '') {
-      $event_name = null;
-    }
-    
-    if (isset($_REQUEST['event_welcome_msg'])) {
-      $event_welcome_msg = strip_request_item_nl('event_welcome_msg');
-    }
-    if ($event_welcome_msg == '') {
-      $event_welcome_msg = null;
-    }
-    
-    $result = check_request_date('buildup_start_date', _("Please enter buildup start date."), true);
-    $buildup_start_date = $result->getValue();
-    $valid &= $result->isValid();
-    
-    $result = check_request_date('event_start_date', _("Please enter event start date."), true);
-    $event_start_date = $result->getValue();
-    $valid &= $result->isValid();
-    
-    $result = check_request_date('event_end_date', _("Please enter event end date."), true);
-    $event_end_date = $result->getValue();
-    $valid &= $result->isValid();
-    
-    $result = check_request_date('teardown_end_date', _("Please enter teardown end date."), true);
-    $teardown_end_date = $result->getValue();
-    $valid &= $result->isValid();
-    
-    if ($buildup_start_date != null && $event_start_date != null && $buildup_start_date > $event_start_date) {
-      $valid = false;
-      error(_("The buildup start date has to be before the event start date."));
-    }
-    
-    if ($event_start_date != null && $event_end_date != null && $event_start_date > $event_end_date) {
-      $valid = false;
-      error(_("The event start date has to be before the event end date."));
-    }
-    
-    if ($event_end_date != null && $teardown_end_date != null && $event_end_date > $teardown_end_date) {
-      $valid = false;
-      error(_("The event end date has to be before the teardown end date."));
-    }
-    
-    if ($buildup_start_date != null && $teardown_end_date != null && $buildup_start_date > $teardown_end_date) {
-      $valid = false;
-      error(_("The buildup start date has to be before the teardown end date."));
-    }
-    
-    if ($valid) {
-      $result = EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg);
-      
-      if ($result === false) {
-        engelsystem_error("Unable to update event config.");
-      }
-      
-      engelsystem_log("Changed event config: $event_name, $event_welcome_msg, " . date("Y-m-d", $buildup_start_date) . ", " . date("Y-m-d", $event_start_date) . ", " . date("Y-m-d", $event_end_date) . ", " . date("Y-m-d", $teardown_end_date));
-      success(_("Settings saved."));
-      redirect(page_link_to('admin_event_config'));
-    }
-  }
-  
-  return [
-      event_config_title(),
-      EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date) 
-  ];
-}
+/**
+ * @return array
+ */
+function event_config_edit_controller()
+{
+    global $privileges;
 
-?>
+    if (!in_array('admin_event_config', $privileges)) {
+        redirect('?');
+    }
+
+    $event_name = null;
+    $event_welcome_msg = null;
+    $buildup_start_date = null;
+    $event_start_date = null;
+    $event_end_date = null;
+    $teardown_end_date = null;
+
+    $event_config = EventConfig();
+    if ($event_config != null) {
+        $event_name = $event_config['event_name'];
+        $buildup_start_date = $event_config['buildup_start_date'];
+        $event_start_date = $event_config['event_start_date'];
+        $event_end_date = $event_config['event_end_date'];
+        $teardown_end_date = $event_config['teardown_end_date'];
+        $event_welcome_msg = $event_config['event_welcome_msg'];
+    }
+
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (isset($_REQUEST['event_name'])) {
+            $event_name = strip_request_item('event_name');
+        }
+        if ($event_name == '') {
+            $event_name = null;
+        }
+
+        if (isset($_REQUEST['event_welcome_msg'])) {
+            $event_welcome_msg = strip_request_item_nl('event_welcome_msg');
+        }
+        if ($event_welcome_msg == '') {
+            $event_welcome_msg = null;
+        }
+
+        $result = check_request_date('buildup_start_date', _('Please enter buildup start date.'), true);
+        $buildup_start_date = $result->getValue();
+        $valid &= $result->isValid();
+
+        $result = check_request_date('event_start_date', _('Please enter event start date.'), true);
+        $event_start_date = $result->getValue();
+        $valid &= $result->isValid();
+
+        $result = check_request_date('event_end_date', _('Please enter event end date.'), true);
+        $event_end_date = $result->getValue();
+        $valid &= $result->isValid();
+
+        $result = check_request_date('teardown_end_date', _('Please enter teardown end date.'), true);
+        $teardown_end_date = $result->getValue();
+        $valid &= $result->isValid();
+
+        if ($buildup_start_date != null && $event_start_date != null && $buildup_start_date > $event_start_date) {
+            $valid = false;
+            error(_('The buildup start date has to be before the event start date.'));
+        }
+
+        if ($event_start_date != null && $event_end_date != null && $event_start_date > $event_end_date) {
+            $valid = false;
+            error(_('The event start date has to be before the event end date.'));
+        }
+
+        if ($event_end_date != null && $teardown_end_date != null && $event_end_date > $teardown_end_date) {
+            $valid = false;
+            error(_('The event end date has to be before the teardown end date.'));
+        }
+
+        if ($buildup_start_date != null && $teardown_end_date != null && $buildup_start_date > $teardown_end_date) {
+            $valid = false;
+            error(_('The buildup start date has to be before the teardown end date.'));
+        }
+
+        if ($valid) {
+            $result = EventConfig_update(
+                $event_name,
+                $buildup_start_date,
+                $event_start_date,
+                $event_end_date,
+                $teardown_end_date,
+                $event_welcome_msg
+            );
+
+            if ($result === false) {
+                engelsystem_error('Unable to update event config.');
+            }
+
+            engelsystem_log(
+                'Changed event config: $event_name, $event_welcome_msg, '
+                . date('Y-m-d', $buildup_start_date) . ', ' . date('Y-m-d', $event_start_date) . ', '
+                . date('Y-m-d', $event_end_date) . ', ' . date('Y-m-d', $teardown_end_date)
+            );
+            success(_('Settings saved.'));
+            redirect(page_link_to('admin_event_config'));
+        }
+    }
+
+    return [
+        event_config_title(),
+        EventConfig_edit_view(
+            $event_name,
+            $event_welcome_msg,
+            $buildup_start_date,
+            $event_start_date,
+            $event_end_date,
+            $teardown_end_date
+        )
+    ];
+}

includes/controller/rooms_controller.php

@@ -1,7 +1,6 @@
 <?php
-use Engelsystem\ShiftsFilterRenderer;
 use Engelsystem\ShiftsFilter;
-use Engelsystem\ShiftCalendarRenderer;
+use Engelsystem\ShiftsFilterRenderer;
 
 /**
  * Room controllers for managing everything room related.
@@ -9,93 +8,109 @@ use Engelsystem\ShiftCalendarRenderer;
 
 /**
  * View a room with its shifts.
+ *
+ * @return array
  */
-function room_controller() {
-  global $privileges;
-  
-  if (! in_array('view_rooms', $privileges)) {
-    redirect(page_link_to());
-  }
+function room_controller()
+{
+    global $privileges;
 
-
-  $room = load_room();
-
-  if($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) {
-      redirect(page_link_to());
-  }
-
-  $all_shifts = Shifts_by_room($room);
-  $days = [];
-  foreach ($all_shifts as $shift) {
-    $day = date("Y-m-d", $shift['start']);
-    if (! in_array($day, $days)) {
-      $days[] = $day;
+    if (!in_array('view_rooms', $privileges)) {
+        redirect(page_link_to());
     }
-  }
-  
-  $shiftsFilter = new ShiftsFilter(true, [
-      $room['RID'] 
-  ], AngelType_ids());
-  $selected_day = date("Y-m-d");
-  if (! empty($days)) {
-    $selected_day = $days[0];
-  }
-  if (isset($_REQUEST['shifts_filter_day'])) {
-    $selected_day = $_REQUEST['shifts_filter_day'];
-  }
-  $shiftsFilter->setStartTime(parse_date("Y-m-d H:i", $selected_day . ' 00:00'));
-  $shiftsFilter->setEndTime(parse_date("Y-m-d H:i", $selected_day . ' 23:59'));
-  
-  $shiftsFilterRenderer = new ShiftsFilterRenderer($shiftsFilter);
-  $shiftsFilterRenderer->enableDaySelection($days);
-  
-  $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
-  
-  return [
-      $room['Name'],
-      Room_view($room, $shiftsFilterRenderer, $shiftCalendarRenderer) 
-  ];
+
+    $room = load_room();
+    $all_shifts = Shifts_by_room($room);
+    $days = [];
+    foreach ($all_shifts as $shift) {
+        $day = date('Y-m-d', $shift['start']);
+        if (!in_array($day, $days)) {
+            $days[] = $day;
+        }
+    }
+
+    $shiftsFilter = new ShiftsFilter(
+        true,
+        [$room['RID']],
+        AngelType_ids()
+    );
+    $selected_day = date('Y-m-d');
+    if (!empty($days)) {
+        $selected_day = $days[0];
+    }
+    if (isset($_REQUEST['shifts_filter_day'])) {
+        $selected_day = $_REQUEST['shifts_filter_day'];
+    }
+    $shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00'));
+    $shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59'));
+
+    $shiftsFilterRenderer = new ShiftsFilterRenderer($shiftsFilter);
+    $shiftsFilterRenderer->enableDaySelection($days);
+
+    $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
+
+    return [
+        $room['Name'],
+        Room_view($room, $shiftsFilterRenderer, $shiftCalendarRenderer)
+    ];
 }
 
 /**
  * Dispatch different room actions.
+ *
+ * @return array
  */
-function rooms_controller() {
-  if (! isset($_REQUEST['action'])) {
-    $_REQUEST['action'] = 'list';
-  }
-  
-  switch ($_REQUEST['action']) {
-    default:
-    case 'list':
-      redirect(page_link_to('admin_rooms'));
-    case 'view':
-      return room_controller();
-  }
+function rooms_controller()
+{
+    if (!isset($_REQUEST['action'])) {
+        $_REQUEST['action'] = 'list';
+    }
+
+    switch ($_REQUEST['action']) {
+        case 'view':
+            return room_controller();
+        case 'list':
+        default:
+            redirect(page_link_to('admin_rooms'));
+            break;
+    }
+
+    exit;
 }
 
-function room_link($room) {
-  return page_link_to('rooms') . '&action=view&room_id=' . $room['RID'];
+/**
+ * @param array $room
+ * @return string
+ */
+function room_link($room)
+{
+    return page_link_to('rooms') . '&action=view&room_id=' . $room['RID'];
 }
 
-function room_edit_link($room) {
-  return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'];
+/**
+ * @param array $room
+ * @return string
+ */
+function room_edit_link($room)
+{
+    return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'];
 }
 
 /**
  * Loads room by request param room_id
+ *
+ * @return array
  */
-function load_room() {
-  if (! test_request_int('room_id')) {
-    redirect(page_link_to());
-  }
-  
-  $room = Room($_REQUEST['room_id']);
-  if ($room == null) {
-    redirect(page_link_to());
-  }
-  
-  return $room;
-}
+function load_room()
+{
+    if (!test_request_int('room_id')) {
+        redirect(page_link_to());
+    }
 
-?>
+    $room = Room($_REQUEST['room_id']);
+    if ($room == null) {
+        redirect(page_link_to());
+    }
+
+    return $room;
+}

includes/controller/shift_entries_controller.php

@@ -1,187 +1,291 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Sign up for a shift.
+ *
+ * @return string
  */
-function shift_entry_add_controller() {
-  global $privileges, $user;
-  
-  if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) {
-    $shift_id = $_REQUEST['shift_id'];
-  } else {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  // Locations laden
-  $rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
-  $room_array = [];
-  foreach ($rooms as $room) {
-    $room_array[$room['RID']] = $room['Name'];
-  }
-  
-  $shift = Shift($shift_id);
-  $shift['Name'] = $room_array[$shift['RID']];
-  if ($shift == null) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) {
-    $type_id = $_REQUEST['type_id'];
-  } else {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
-    $type = AngelType($type_id);
-  } else {
-    $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL))");
-    $type = $type[0];
-  }
-  
-  if ($type == null) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges))) {
-    $user_id = $_REQUEST['user_id'];
-  } else {
-    $user_id = $user['UID'];
-  }
-  
-  $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type);
-  $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']);
-  
-  $shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type, null, null, $needed_angeltype, $shift_entries);
-  if (! $shift_signup_allowed->isSignupAllowed()) {
-    error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running."));
-    redirect(shift_link($shift));
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $selected_type_id = $type_id;
-    if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
-      
-      if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) {
+function shift_entry_add_controller()
+{
+    global $privileges, $user;
+
+    $shift_id = 0;
+    if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) {
+        $shift_id = $_REQUEST['shift_id'];
+    } else {
         redirect(page_link_to('user_shifts'));
-      }
-      
-      if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) {
-        $selected_type_id = $_REQUEST['angeltype_id'];
-      }
     }
-    
-    if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) {
-      return error("This angel does already have an entry for this shift.", true);
+
+    // Locations laden
+    $rooms = Rooms();
+    $room_array = [];
+    foreach ($rooms as $room) {
+        $room_array[$room['RID']] = $room['Name'];
     }
-    
-    $freeloaded = $shift['freeloaded'];
-    $freeload_comment = $shift['freeload_comment'];
-    if (in_array("user_shifts_admin", $privileges)) {
-      $freeloaded = isset($_REQUEST['freeloaded']);
-      $freeload_comment = strip_request_item_nl('freeload_comment');
+
+    $shift = Shift($shift_id);
+    $shift['Name'] = $room_array[$shift['RID']];
+    if ($shift == null) {
+        redirect(page_link_to('user_shifts'));
     }
-    
-    $comment = strip_request_item_nl('comment');
-    $result = ShiftEntry_create([
-        'SID' => $shift_id,
-        'TID' => $selected_type_id,
-        'UID' => $user_id,
-        'Comment' => $comment,
-        'freeloaded' => $freeloaded,
-        'freeload_comment' => $freeload_comment 
-    ]);
-    if ($result === false) {
-      engelsystem_error('Unable to create shift entry.');
+
+    $type_id = 0;
+    if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) {
+        $type_id = $_REQUEST['type_id'];
+    } else {
+        redirect(page_link_to('user_shifts'));
     }
-    
-    if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "'") == 0) {
-      sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')");
+
+    if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
+        $type = AngelType($type_id);
+    } else {
+        // TODO: Move queries to model
+        $type = DB::select('
+            SELECT *
+            FROM `UserAngelTypes`
+            JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`)
+            WHERE `AngelTypes`.`id` = ?
+            AND (
+                `AngelTypes`.`restricted` = 0
+                OR (
+                    `UserAngelTypes`.`user_id` = ?
+                    AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL
+                )
+            )
+        ', [$type_id, $user['UID']]);
+        $type = array_shift($type);
     }
-    
-    $user_source = User($user_id);
-    engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
-    success(_("You are subscribed. Thank you!") . ' <a href="' . page_link_to('user_myshifts') . '">' . _("My shifts") . ' &raquo;</a>');
-    redirect(shift_link($shift));
-  }
-  
-  if (in_array('user_shifts_admin', $privileges)) {
-    $users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`");
-    $users_select = [];
-    foreach ($users as $usr) {
-      $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")");
+
+    if (empty($type)) {
+        redirect(page_link_to('user_shifts'));
     }
-    $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']);
-    
-    $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
-    $angeltypes = [];
-    foreach ($angeltypes_source as $angeltype) {
-      $angeltypes[$angeltype['id']] = $angeltype['name'];
+
+    if (
+        isset($_REQUEST['user_id'])
+        && preg_match('/^\d*$/', $_REQUEST['user_id'])
+        && (
+            in_array('user_shifts_admin', $privileges)
+            || in_array('shiftentry_edit_angeltype_supporter', $privileges)
+        )
+    ) {
+        $user_id = $_REQUEST['user_id'];
+    } else {
+        $user_id = $user['UID'];
     }
-    $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']);
-  } elseif (in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
-    $users = Users_by_angeltype($type);
-    $users_select = [];
-    foreach ($users as $usr) {
-      if (! $type['restricted'] || $usr['confirm_user_id'] != null) {
-        $users_select[$usr['UID']] = $usr['Nick'];
-      }
+
+    $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type);
+    $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']);
+
+    $shift_signup_allowed = Shift_signup_allowed(
+        User($user_id),
+        $shift,
+        $type,
+        null,
+        null,
+        $needed_angeltype,
+        $shift_entries
+    );
+    if (!$shift_signup_allowed->isSignupAllowed()) {
+        error(_('You are not allowed to sign up for this shift. Maybe shift is full or already running.'));
+        redirect(shift_link($shift));
     }
-    $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']);
-    
-    $angeltypes_source = User_angeltypes($user);
-    $angeltypes = [];
-    foreach ($angeltypes_source as $angeltype) {
-      if ($angeltype['supporter']) {
-        $angeltypes[$angeltype['id']] = $angeltype['name'];
-      }
-      $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']);
+
+    if (isset($_REQUEST['submit'])) {
+        $selected_type_id = $type_id;
+        if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter',
+                $privileges)
+        ) {
+
+            if (count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=? LIMIT 1', [$user_id])) == 0) {
+                redirect(page_link_to('user_shifts'));
+            }
+
+            if (
+                isset($_REQUEST['angeltype_id'])
+                && test_request_int('angeltype_id')
+                && count(DB::select(
+                    'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1',
+                    [$_REQUEST['angeltype_id']]
+                )) > 0
+            ) {
+                $selected_type_id = $_REQUEST['angeltype_id'];
+            }
+        }
+
+        if (count(DB::select(
+            'SELECT `id` FROM `ShiftEntry` WHERE `SID`= ? AND `UID` = ?',
+            [$shift['SID'], $user_id]))
+        ) {
+            return error('This angel does already have an entry for this shift.', true);
+        }
+
+        $freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false;
+        $freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : '';
+        if (in_array('user_shifts_admin', $privileges)) {
+            $freeloaded = isset($_REQUEST['freeloaded']);
+            $freeload_comment = strip_request_item_nl('freeload_comment');
+        }
+
+        $comment = strip_request_item_nl('comment');
+        $result = ShiftEntry_create([
+            'SID'              => $shift_id,
+            'TID'              => $selected_type_id,
+            'UID'              => $user_id,
+            'Comment'          => $comment,
+            'freeloaded'       => $freeloaded,
+            'freeload_comment' => $freeload_comment
+        ]);
+        if ($result === false) {
+            engelsystem_error('Unable to create shift entry.');
+        }
+
+        if (
+            $type['restricted'] == 0
+            && count(DB::select('
+              SELECT `UserAngelTypes`.`id` FROM `UserAngelTypes`
+              INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id`
+              WHERE `angeltype_id` = ?
+              AND `user_id` = ?
+            ', [$selected_type_id, $user_id])) == 0
+        ) {
+            DB::insert(
+                'INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES (?, ?)',
+                [$user_id, $selected_type_id]
+            );
+        }
+
+        $user_source = User($user_id);
+        engelsystem_log(
+            'User ' . User_Nick_render($user_source)
+            . ' signed up for shift ' . $shift['name']
+            . ' from ' . date('Y-m-d H:i', $shift['start'])
+            . ' to ' . date('Y-m-d H:i', $shift['end'])
+        );
+        success(_('You are subscribed. Thank you!') . ' <a href="' . page_link_to('user_myshifts') . '">' . _('My shifts') . ' &raquo;</a>');
+        redirect(shift_link($shift));
     }
-  } else {
-    $user_text = User_Nick_render($user);
-    $angeltype_select = $type['name'];
-  }
-  
-  return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' &ndash; ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "", false, null, in_array('user_shifts_admin', $privileges));
+
+    $angeltype_select = '';
+    if (in_array('user_shifts_admin', $privileges)) {
+        $users = DB::select('
+            SELECT *,
+            (
+                SELECT count(*)
+                FROM `ShiftEntry`
+                WHERE `freeloaded`=1
+                AND `ShiftEntry`.`UID`=`User`.`UID`
+            ) AS `freeloaded`
+            FROM `User`
+            ORDER BY `Nick`
+        ');
+        $users_select = [];
+        foreach ($users as $usr) {
+            $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? '' : ' (' . _('Freeloader') . ')');
+        }
+        $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']);
+
+        $angeltypes_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`');
+        $angeltypes = [];
+        foreach ($angeltypes_source as $angeltype) {
+            $angeltypes[$angeltype['id']] = $angeltype['name'];
+        }
+        $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']);
+    } elseif (in_array('shiftentry_edit_angeltype_supporter', $privileges)) {
+        $users = Users_by_angeltype($type);
+        $users_select = [];
+        foreach ($users as $usr) {
+            if (!$type['restricted'] || $usr['confirm_user_id'] != null) {
+                $users_select[$usr['UID']] = $usr['Nick'];
+            }
+        }
+        $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']);
+
+        $angeltypes_source = User_angeltypes($user);
+        $angeltypes = [];
+        foreach ($angeltypes_source as $angeltype) {
+            if ($angeltype['supporter']) {
+                $angeltypes[$angeltype['id']] = $angeltype['name'];
+            }
+            $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']);
+        }
+    } else {
+        $user_text = User_Nick_render($user);
+        $angeltype_select = $type['name'];
+    }
+
+    return ShiftEntry_edit_view(
+        $user_text,
+        date('Y-m-d H:i', $shift['start'])
+        . ' &ndash; '
+        . date('Y-m-d H:i', $shift['end'])
+        . ' (' . shift_length($shift) . ')',
+        $shift['Name'],
+        $shift['name'],
+        $angeltype_select, '',
+        false,
+        null,
+        in_array('user_shifts_admin', $privileges)
+    );
 }
 
 /**
  * Remove somebody from a shift.
  */
-function shift_entry_delete_controller() {
-  global $privileges, $user;
-  
-  if (! isset($_REQUEST['entry_id']) || ! test_request_int('entry_id')) {
-    redirect(page_link_to('user_shifts'));
-  }
-  $entry_id = $_REQUEST['entry_id'];
-  
-  $shift_entry_source = sql_select("
-        SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type`, `AngelTypes`.`id` as `angeltype_id`
+function shift_entry_delete_controller()
+{
+    global $privileges, $user;
+
+    if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) {
+        redirect(page_link_to('user_shifts'));
+    }
+    $entry_id = $_REQUEST['entry_id'];
+
+    $shift_entry_source = DB::select('
+        SELECT
+            `User`.`Nick`,
+            `ShiftEntry`.`Comment`,
+            `ShiftEntry`.`UID`,
+            `ShiftTypes`.`name`,
+            `Shifts`.*,
+            `Room`.`Name`,
+            `AngelTypes`.`name` AS `angel_type`,
+            `AngelTypes`.`id` AS `angeltype_id`
         FROM `ShiftEntry`
         JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`)
         JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
         JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
         JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
         JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
-        WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'");
-  if (count($shift_entry_source) > 0) {
-    $shift_entry_source = $shift_entry_source[0];
-    
-    if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) {
-      redirect(page_link_to('user_shifts'));
-    }
-    
-    $result = ShiftEntry_delete($entry_id);
-    if ($result === false) {
-      engelsystem_error('Unable to delete shift entry.');
-    }
-    
-    engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("Y-m-d H:i", $shift_entry_source['start']) . " to " . date("Y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
-    success(_("Shift entry deleted."));
-  } else {
-    error(_("Entry not found."));
-  }
-  redirect(shift_link($shift_entry_source));
-}
+        WHERE `ShiftEntry`.`id`=?',
+        [$entry_id]
+    );
+    if (count($shift_entry_source) > 0) {
+        $shift_entry_source = array_shift($shift_entry_source);
 
-?>
+        if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter',
+                    $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))
+        ) {
+            redirect(page_link_to('user_shifts'));
+        }
+
+        $result = ShiftEntry_delete($entry_id);
+        if ($result === false) {
+            engelsystem_error('Unable to delete shift entry.');
+        }
+
+        engelsystem_log(
+            'Deleted ' . User_Nick_render($shift_entry_source) . '\'s shift: ' . $shift_entry_source['name']
+            . ' at ' . $shift_entry_source['Name']
+            . ' from ' . date('Y-m-d H:i', $shift_entry_source['start'])
+            . ' to ' . date('Y-m-d H:i', $shift_entry_source['end'])
+            . ' as ' . $shift_entry_source['angel_type']
+        );
+        success(_('Shift entry deleted.'));
+    } else {
+        error(_('Entry not found.'));
+    }
+
+    redirect(shift_link($shift_entry_source));
+}

includes/controller/shifts_controller.php

@@ -1,324 +1,393 @@
 <?php
 use Engelsystem\ShiftSignupState;
 
-function shift_link($shift) {
-  return page_link_to('shifts') . '&action=view&shift_id=' . $shift['SID'];
+/**
+ * @param array $shift
+ * @return string
+ */
+function shift_link($shift)
+{
+    $link = page_link_to('shifts') . '&action=view';
+    if (isset($shift['SID'])) {
+        $link .= '&shift_id=' . $shift['SID'];
+    }
+    return $link;
 }
 
-function shift_delete_link($shift) {
-  return page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'];
+/**
+ * @param array $shift
+ * @return string
+ */
+function shift_delete_link($shift)
+{
+    return page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'];
 }
 
-function shift_edit_link($shift) {
-  return page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'];
+/**
+ * @param array $shift
+ * @return string
+ */
+function shift_edit_link($shift)
+{
+    return page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'];
 }
 
 /**
  * Edit a single shift.
+ *
+ * @return string
  */
-function shift_edit_controller() {
-  global $privileges;
-  
-  // Schicht bearbeiten
-  $msg = "";
-  $valid = true;
-  
-  if (! in_array('admin_shifts', $privileges)) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  if (! isset($_REQUEST['edit_shift']) || ! test_request_int('edit_shift')) {
-    redirect(page_link_to('user_shifts'));
-  }
-  $shift_id = $_REQUEST['edit_shift'];
-  
-  $shift = Shift($shift_id);
-  
-  $room = select_array(Rooms(), 'RID', 'Name');
-  $angeltypes = select_array(AngelTypes(), 'id', 'name');
-  $shifttypes = select_array(ShiftTypes(), 'id', 'name');
-  
-  $needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'id', 'count');
-  foreach (array_keys($angeltypes) as $angeltype_id) {
-    if (! isset($needed_angel_types[$angeltype_id])) {
-      $needed_angel_types[$angeltype_id] = 0;
+function shift_edit_controller()
+{
+    global $privileges;
+
+    // Schicht bearbeiten
+    $msg = '';
+    $valid = true;
+
+    if (!in_array('admin_shifts', $privileges)) {
+        redirect(page_link_to('user_shifts'));
     }
-  }
-  
-  $shifttype_id = $shift['shifttype_id'];
-  $title = $shift['title'];
-  $rid = $shift['RID'];
-  $start = $shift['start'];
-  $end = $shift['end'];
-  
-  if (isset($_REQUEST['submit'])) {
-    // Name/Bezeichnung der Schicht, darf leer sein
-    $title = strip_request_item('title');
-    
-    // Auswahl der sichtbaren Locations für die Schichten
-    if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
-      $rid = $_REQUEST['rid'];
-    } else {
-      $valid = false;
-      $msg .= error(_("Please select a room."), true);
+
+    if (!isset($_REQUEST['edit_shift']) || !test_request_int('edit_shift')) {
+        redirect(page_link_to('user_shifts'));
     }
-    
-    if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
-      $shifttype_id = $_REQUEST['shifttype_id'];
-    } else {
-      $valid = false;
-      $msg .= error(_('Please select a shifttype.'), true);
+    $shift_id = $_REQUEST['edit_shift'];
+
+    $shift = Shift($shift_id);
+
+    $room = select_array(Rooms(), 'RID', 'Name');
+    $angeltypes = select_array(AngelTypes(), 'id', 'name');
+    $shifttypes = select_array(ShiftTypes(), 'id', 'name');
+
+    $needed_angel_types = select_array(NeededAngelTypes_by_shift($shift_id), 'id', 'count');
+    foreach (array_keys($angeltypes) as $angeltype_id) {
+        if (!isset($needed_angel_types[$angeltype_id])) {
+            $needed_angel_types[$angeltype_id] = 0;
+        }
     }
-    
-    if (isset($_REQUEST['start']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['start'])) {
-      $start = $tmp;
-    } else {
-      $valid = false;
-      $msg .= error(_("Please enter a valid starting time for the shifts."), true);
+
+    $shifttype_id = $shift['shifttype_id'];
+    $title = $shift['title'];
+    $rid = $shift['RID'];
+    $start = $shift['start'];
+    $end = $shift['end'];
+
+    if (isset($_REQUEST['submit'])) {
+        // Name/Bezeichnung der Schicht, darf leer sein
+        $title = strip_request_item('title');
+
+        // Auswahl der sichtbaren Locations für die Schichten
+        if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
+            $rid = $_REQUEST['rid'];
+        } else {
+            $valid = false;
+            $msg .= error(_('Please select a room.'), true);
+        }
+
+        if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
+            $shifttype_id = $_REQUEST['shifttype_id'];
+        } else {
+            $valid = false;
+            $msg .= error(_('Please select a shifttype.'), true);
+        }
+
+        if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
+            $start = $tmp;
+        } else {
+            $valid = false;
+            $msg .= error(_('Please enter a valid starting time for the shifts.'), true);
+        }
+
+        if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
+            $end = $tmp;
+        } else {
+            $valid = false;
+            $msg .= error(_('Please enter a valid ending time for the shifts.'), true);
+        }
+
+        if ($start >= $end) {
+            $valid = false;
+            $msg .= error(_('The ending time has to be after the starting time.'), true);
+        }
+
+        foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
+            if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) {
+                $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]);
+            } else {
+                $valid = false;
+                $msg .= error(sprintf(
+                    _('Please check your input for needed angels of type %s.'),
+                    $needed_angeltype_name
+                ), true);
+            }
+        }
+
+        if ($valid) {
+            $shift['shifttype_id'] = $shifttype_id;
+            $shift['title'] = $title;
+            $shift['RID'] = $rid;
+            $shift['start'] = $start;
+            $shift['end'] = $end;
+
+            $result = Shift_update($shift);
+            if ($result === false) {
+                engelsystem_error('Unable to update shift.');
+            }
+            NeededAngelTypes_delete_by_shift($shift_id);
+            $needed_angel_types_info = [];
+            foreach ($needed_angel_types as $type_id => $count) {
+                NeededAngelType_add($shift_id, $type_id, null, $count);
+                $needed_angel_types_info[] = $angeltypes[$type_id] . ': ' . $count;
+            }
+
+            engelsystem_log(
+                'Updated shift \'' . $shifttypes[$shifttype_id] . ', ' . $title
+                . '\' from ' . date('Y-m-d H:i', $start)
+                . ' to ' . date('Y-m-d H:i', $end)
+                . ' with angel types ' . join(', ', $needed_angel_types_info)
+            );
+            success(_('Shift updated.'));
+
+            redirect(shift_link([
+                'SID' => $shift_id
+            ]));
+        }
     }
-    
-    if (isset($_REQUEST['end']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['end'])) {
-      $end = $tmp;
-    } else {
-      $valid = false;
-      $msg .= error(_("Please enter a valid ending time for the shifts."), true);
+
+    $angel_types_spinner = '';
+    foreach ($angeltypes as $angeltype_id => $angeltype_name) {
+        $angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name,
+            $needed_angel_types[$angeltype_id]);
     }
-    
-    if ($start >= $end) {
-      $valid = false;
-      $msg .= error(_("The ending time has to be after the starting time."), true);
-    }
-    
-    foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
-      if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) {
-        $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]);
-      } else {
-        $valid = false;
-        $msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $needed_angeltype_name), true);
-      }
-    }
-    
-    if ($valid) {
-      $shift['shifttype_id'] = $shifttype_id;
-      $shift['title'] = $title;
-      $shift['RID'] = $rid;
-      $shift['start'] = $start;
-      $shift['end'] = $end;
-      
-      $result = Shift_update($shift);
-      if ($result === false) {
-        engelsystem_error('Unable to update shift.');
-      }
-      NeededAngelTypes_delete_by_shift($shift_id);
-      $needed_angel_types_info = [];
-      foreach ($needed_angel_types as $type_id => $count) {
-        NeededAngelType_add($shift_id, $type_id, null, $count);
-        $needed_angel_types_info[] = $angeltypes[$type_id] . ": " . $count;
-      }
-      
-      engelsystem_log("Updated shift '" . $shifttypes[$shifttype_id] . ", " . $title . "' from " . date("Y-m-d H:i", $start) . " to " . date("Y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
-      success(_("Shift updated."));
-      
-      redirect(shift_link([
-          'SID' => $shift_id 
-      ]));
-    }
-  }
-  
-  $angel_types_spinner = "";
-  foreach ($angeltypes as $angeltype_id => $angeltype_name) {
-    $angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name, $needed_angel_types[$angeltype_id]);
-  }
-  
-  return page_with_title(shifts_title(), [
-      msg(),
-      '<noscript>' . info(_("This page is much more comfortable with javascript."), true) . '</noscript>',
-      form([
-          form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
-          form_text('title', _("Title"), $title),
-          form_select('rid', _("Room:"), $room, $rid),
-          form_text('start', _("Start:"), date("Y-m-d H:i", $start)),
-          form_text('end', _("End:"), date("Y-m-d H:i", $end)),
-          '<h2>' . _("Needed angels") . '</h2>',
-          $angel_types_spinner,
-          form_submit('submit', _("Save")) 
-      ]) 
-  ]);
+
+    return page_with_title(
+        shifts_title(),
+        [
+            msg(),
+            '<noscript>' . info(_('This page is much more comfortable with javascript.'), true) . '</noscript>',
+            form([
+                form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
+                form_text('title', _('Title'), $title),
+                form_select('rid', _('Room:'), $room, $rid),
+                form_text('start', _('Start:'), date('Y-m-d H:i', $start)),
+                form_text('end', _('End:'), date('Y-m-d H:i', $end)),
+                '<h2>' . _('Needed angels') . '</h2>',
+                $angel_types_spinner,
+                form_submit('submit', _('Save'))
+            ])
+        ]
+    );
 }
 
-function shift_delete_controller() {
-  global $privileges;
-  
-  if (! in_array('user_shifts_admin', $privileges)) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
-  if (! isset($_REQUEST['delete_shift']) || ! preg_match("/^[0-9]*$/", $_REQUEST['delete_shift'])) {
-    redirect(page_link_to('user_shifts'));
-  }
-  $shift_id = $_REQUEST['delete_shift'];
-  
-  $shift = Shift($shift_id);
-  if ($shift == null) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  // Schicht löschen bestätigt
-  if (isset($_REQUEST['delete'])) {
-    Shift_delete($shift_id);
-    
-    engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
-    success(_("Shift deleted."));
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  return page_with_title(shifts_title(), [
-      error(sprintf(_("Do you want to delete the shift %s from %s to %s?"), $shift['name'], date("Y-m-d H:i", $shift['start']), date("H:i", $shift['end'])), true),
-      '<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _("delete") . '</a>' 
-  ]);
-}
+/**
+ * @return string
+ */
+function shift_delete_controller()
+{
+    global $privileges;
 
-function shift_controller() {
-  global $user, $privileges;
-  
-  if (! in_array('user_shifts', $privileges)) {
-    redirect(page_link_to('?'));
-  }
-  
-  if (! isset($_REQUEST['shift_id'])) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  $shift = Shift($_REQUEST['shift_id']);
-  if ($shift == null) {
-    error(_("Shift could not be found."));
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  $shifttype = ShiftType($shift['shifttype_id']);
-  $room = Room($shift['RID']);
-  $angeltypes = AngelTypes();
-  $user_shifts = Shifts_by_user($user);
-  
-  $shift_signup_state = new ShiftSignupState(ShiftSignupState::OCCUPIED, 0);
-  foreach ($angeltypes as &$angeltype) {
-    $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype);
-    $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $angeltype['id']);
-    
-    $angeltype_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, $user_shifts, $needed_angeltype, $shift_entries);
-    if ($shift_signup_state == null) {
-      $shift_signup_state = $angeltype_signup_state;
-    } else {
-      $shift_signup_state->combineWith($angeltype_signup_state);
+    if (!in_array('user_shifts_admin', $privileges)) {
+        redirect(page_link_to('user_shifts'));
     }
-    $angeltype['shift_signup_state'] = $angeltype_signup_state;
-  }
-  
-  return [
-      $shift['name'],
-      Shift_view($shift, $shifttype, $room, $angeltypes, $shift_signup_state) 
-  ];
+
+    // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
+    if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) {
+        redirect(page_link_to('user_shifts'));
+    }
+    $shift_id = $_REQUEST['delete_shift'];
+
+    $shift = Shift($shift_id);
+    if ($shift == null) {
+        redirect(page_link_to('user_shifts'));
+    }
+
+    // Schicht löschen bestätigt
+    if (isset($_REQUEST['delete'])) {
+        Shift_delete($shift_id);
+
+        engelsystem_log(
+            'Deleted shift ' . $shift['name']
+            . ' from ' . date('Y-m-d H:i', $shift['start'])
+            . ' to ' . date('Y-m-d H:i', $shift['end'])
+        );
+        success(_('Shift deleted.'));
+        redirect(page_link_to('user_shifts'));
+    }
+
+    return page_with_title(shifts_title(), [
+        error(sprintf(
+            _('Do you want to delete the shift %s from %s to %s?'),
+            $shift['name'],
+            date('Y-m-d H:i', $shift['start']),
+            date('H:i', $shift['end'])
+        ), true),
+        '<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _('delete') . '</a>'
+    ]);
 }
 
-function shifts_controller() {
-  if (! isset($_REQUEST['action'])) {
-    redirect(page_link_to('user_shifts'));
-  }
-  
-  switch ($_REQUEST['action']) {
-    default:
-      redirect(page_link_to('?'));
-    case 'view':
-      return shift_controller();
-    case 'next':
-      return shift_next_controller();
-  }
+/**
+ * @return array
+ */
+function shift_controller()
+{
+    global $user, $privileges;
+
+    if (!in_array('user_shifts', $privileges)) {
+        redirect(page_link_to('?'));
+    }
+
+    if (!isset($_REQUEST['shift_id'])) {
+        redirect(page_link_to('user_shifts'));
+    }
+
+    $shift = Shift($_REQUEST['shift_id']);
+    if ($shift == null) {
+        error(_('Shift could not be found.'));
+        redirect(page_link_to('user_shifts'));
+    }
+
+    $shifttype = ShiftType($shift['shifttype_id']);
+    $room = Room($shift['RID']);
+    $angeltypes = AngelTypes();
+    $user_shifts = Shifts_by_user($user);
+
+    $shift_signup_state = new ShiftSignupState(ShiftSignupState::OCCUPIED, 0);
+    foreach ($angeltypes as &$angeltype) {
+        $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype);
+        $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $angeltype['id']);
+
+        $angeltype_signup_state = Shift_signup_allowed(
+            $user,
+            $shift,
+            $angeltype,
+            null,
+            $user_shifts,
+            $needed_angeltype,
+            $shift_entries
+        );
+        if ($shift_signup_state == null) {
+            $shift_signup_state = $angeltype_signup_state;
+        } else {
+            $shift_signup_state->combineWith($angeltype_signup_state);
+        }
+        $angeltype['shift_signup_state'] = $angeltype_signup_state;
+    }
+
+    return [
+        $shift['name'],
+        Shift_view($shift, $shifttype, $room, $angeltypes, $shift_signup_state)
+    ];
+}
+
+/**
+ * @return array|false
+ */
+function shifts_controller()
+{
+    if (!isset($_REQUEST['action'])) {
+        redirect(page_link_to('user_shifts'));
+    }
+
+    switch ($_REQUEST['action']) {
+        case 'view':
+            return shift_controller();
+        case 'next':
+            return shift_next_controller();
+        default:
+            redirect(page_link_to('?'));
+    }
+
+    return false;
 }
 
 /**
  * Redirects the user to his next shift.
+ *
+ * @return false
  */
-function shift_next_controller() {
-  global $user, $privileges;
-  
-  if (! in_array('user_shifts', $privileges)) {
-    redirect(page_link_to('?'));
-  }
-  
-  $upcoming_shifts = ShiftEntries_upcoming_for_user($user);
-  if ($upcoming_shifts === false) {
-    return false;
-  }
-  
-  if (count($upcoming_shifts) > 0) {
-    redirect(shift_link($upcoming_shifts[0]));
-  }
-  
-  redirect(page_link_to('user_shifts'));
+function shift_next_controller()
+{
+    global $user, $privileges;
+
+    if (!in_array('user_shifts', $privileges)) {
+        redirect(page_link_to('?'));
+    }
+
+    $upcoming_shifts = ShiftEntries_upcoming_for_user($user);
+
+    if (!empty($upcoming_shifts)) {
+        redirect(shift_link($upcoming_shifts[0]));
+    }
+
+    redirect(page_link_to('user_shifts'));
+    exit;
 }
 
 /**
  * Export all shifts using api-key.
  */
-function shifts_json_export_all_controller() {
-  global $api_key;
-  
-  if ($api_key == "") {
-    engelsystem_error("Config contains empty apikey.");
-  }
-  
-  if (! isset($_REQUEST['api_key'])) {
-    engelsystem_error("Missing parameter api_key.");
-  }
-  
-  if ($_REQUEST['api_key'] != $api_key) {
-    engelsystem_error("Invalid api_key.");
-  }
-  
-  $shifts_source = Shifts();
-  if ($shifts_source === false) {
-    engelsystem_error("Unable to load shifts.");
-  }
-  
-  header("Content-Type: application/json; charset=utf-8");
-  raw_output(json_encode($shifts_source));
+function shifts_json_export_all_controller()
+{
+    $api_key = config('api_key');
+
+    if (empty($api_key)) {
+        engelsystem_error('Config contains empty apikey.');
+    }
+
+    if (!isset($_REQUEST['api_key'])) {
+        engelsystem_error('Missing parameter api_key.');
+    }
+
+    if ($_REQUEST['api_key'] != $api_key) {
+        engelsystem_error('Invalid api_key.');
+    }
+
+    $shifts_source = Shifts();
+    if ($shifts_source === false) {
+        engelsystem_error('Unable to load shifts.');
+    }
+
+    header('Content-Type: application/json; charset=utf-8');
+    raw_output(json_encode($shifts_source));
 }
 
 /**
  * Export filtered shifts via JSON.
  * (Like iCal Export or shifts view)
  */
-function shifts_json_export_controller() {
-  global $user;
-  
-  if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) {
-    engelsystem_error("Missing key.");
-  }
-  
-  $key = $_REQUEST['key'];
-  
-  $user = User_by_api_key($key);
-  if ($user == null) {
-    engelsystem_error("Key invalid.");
-  }
-  if (! in_array('shifts_json_export', privileges_for_user($user['UID']))) {
-    engelsystem_error("No privilege for shifts_json_export.");
-  }
-  
-  $shifts = load_ical_shifts();
-  
-  header("Content-Type: application/json; charset=utf-8");
-  raw_output(json_encode($shifts));
+function shifts_json_export_controller()
+{
+    global $user;
+
+    if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
+        engelsystem_error('Missing key.');
+    }
+
+    $key = $_REQUEST['key'];
+
+    $user = User_by_api_key($key);
+    if ($user == null) {
+        engelsystem_error('Key invalid.');
+    }
+    if (!in_array('shifts_json_export', privileges_for_user($user['UID']))) {
+        engelsystem_error('No privilege for shifts_json_export.');
+    }
+
+    $shifts = load_ical_shifts();
+
+    header('Content-Type: application/json; charset=utf-8');
+    raw_output(json_encode($shifts));
 }
 
 /**
  * Returns users shifts to export.
+ *
+ * @return array
  */
-function load_ical_shifts() {
-  global $user;
-  
-  return Shifts_by_user($user);
-}
+function load_ical_shifts()
+{
+    global $user;
 
-?>
+    return Shifts_by_user($user);
+}

includes/controller/shifttypes_controller.php

@@ -1,179 +1,192 @@
 <?php
 
-function shifttype_link($shifttype) {
-  return page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'];
+/**
+ * @param array $shifttype
+ * @return string
+ */
+function shifttype_link($shifttype)
+{
+    return page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'];
 }
 
 /**
  * Delete a shifttype.
+ *
+ * @return array
  */
-function shifttype_delete_controller() {
-  if (! isset($_REQUEST['shifttype_id'])) {
-    redirect(page_link_to('shifttypes'));
-  }
-  
-  $shifttype = ShiftType($_REQUEST['shifttype_id']);
-  if ($shifttype === false) {
-    engelsystem_error('Unable to load shifttype.');
-  }
-  
-  if ($shifttype == null) {
-    redirect(page_link_to('shifttypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    $result = ShiftType_delete($shifttype['id']);
-    if ($result === false) {
-      engelsystem_error('Unable to delete shifttype.');
+function shifttype_delete_controller()
+{
+    if (!isset($_REQUEST['shifttype_id'])) {
+        redirect(page_link_to('shifttypes'));
     }
-    
-    engelsystem_log('Deleted shifttype ' . $shifttype['name']);
-    success(sprintf(_('Shifttype %s deleted.'), $shifttype['name']));
-    redirect(page_link_to('shifttypes'));
-  }
-  
-  return [
-      sprintf(_("Delete shifttype %s"), $shifttype['name']),
-      ShiftType_delete_view($shifttype) 
-  ];
+
+    $shifttype = ShiftType($_REQUEST['shifttype_id']);
+
+    if ($shifttype == null) {
+        redirect(page_link_to('shifttypes'));
+    }
+
+    if (isset($_REQUEST['confirmed'])) {
+        $result = ShiftType_delete($shifttype['id']);
+        if (empty($result)) {
+            engelsystem_error('Unable to delete shifttype.');
+        }
+
+        engelsystem_log('Deleted shifttype ' . $shifttype['name']);
+        success(sprintf(_('Shifttype %s deleted.'), $shifttype['name']));
+        redirect(page_link_to('shifttypes'));
+    }
+
+    return [
+        sprintf(_('Delete shifttype %s'), $shifttype['name']),
+        ShiftType_delete_view($shifttype)
+    ];
 }
 
 /**
  * Edit or create shift type.
+ *
+ * @return array
  */
-function shifttype_edit_controller() {
-  $shifttype_id = null;
-  $name = "";
-  $angeltype_id = null;
-  $description = "";
-  
-  $angeltypes = AngelTypes();
-  
-  if (isset($_REQUEST['shifttype_id'])) {
-    $shifttype = ShiftType($_REQUEST['shifttype_id']);
-    if ($shifttype === false) {
-      engelsystem_error('Unable to load shifttype.');
-    }
-    if ($shifttype == null) {
-      error(_('Shifttype not found.'));
-      redirect(page_link_to('shifttypes'));
-    }
-    $shifttype_id = $shifttype['id'];
-    $name = $shifttype['name'];
-    $angeltype_id = $shifttype['angeltype_id'];
-    $description = $shifttype['description'];
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
-      $name = strip_request_item('name');
-    } else {
-      $valid = false;
-      error(_('Please enter a name.'));
-    }
-    
-    if (isset($_REQUEST['angeltype_id']) && preg_match("/^[0-9]+$/", $_REQUEST['angeltype_id'])) {
-      $angeltype_id = $_REQUEST['angeltype_id'];
-    } else {
-      $angeltype_id = null;
-    }
-    
-    if (isset($_REQUEST['description'])) {
-      $description = strip_request_item_nl('description');
-    }
-    
-    if ($valid) {
-      if ($shifttype_id) {
-        $result = ShiftType_update($shifttype_id, $name, $angeltype_id, $description);
-        if ($result === false) {
-          engelsystem_error('Unable to update shifttype.');
+function shifttype_edit_controller()
+{
+    $shifttype_id = null;
+    $name = '';
+    $angeltype_id = null;
+    $description = '';
+
+    $angeltypes = AngelTypes();
+
+    if (isset($_REQUEST['shifttype_id'])) {
+        $shifttype = ShiftType($_REQUEST['shifttype_id']);
+        if ($shifttype == null) {
+            error(_('Shifttype not found.'));
+            redirect(page_link_to('shifttypes'));
         }
-        engelsystem_log('Updated shifttype ' . $name);
-        success(_('Updated shifttype.'));
-      } else {
-        $shifttype_id = ShiftType_create($name, $angeltype_id, $description);
-        if ($shifttype_id === false) {
-          engelsystem_error('Unable to create shifttype.');
-        }
-        engelsystem_log('Created shifttype ' . $name);
-        success(_('Created shifttype.'));
-      }
-      redirect(page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype_id);
+        $shifttype_id = $shifttype['id'];
+        $name = $shifttype['name'];
+        $angeltype_id = $shifttype['angeltype_id'];
+        $description = $shifttype['description'];
     }
-  }
-  
-  return [
-      shifttypes_title(),
-      ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id) 
-  ];
+
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
+            $name = strip_request_item('name');
+        } else {
+            $valid = false;
+            error(_('Please enter a name.'));
+        }
+
+        if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) {
+            $angeltype_id = $_REQUEST['angeltype_id'];
+        } else {
+            $angeltype_id = null;
+        }
+
+        if (isset($_REQUEST['description'])) {
+            $description = strip_request_item_nl('description');
+        }
+
+        if ($valid) {
+            if ($shifttype_id) {
+                $result = ShiftType_update($shifttype_id, $name, $angeltype_id, $description);
+                if ($result === false) {
+                    engelsystem_error('Unable to update shifttype.');
+                }
+                engelsystem_log('Updated shifttype ' . $name);
+                success(_('Updated shifttype.'));
+            } else {
+                $shifttype_id = ShiftType_create($name, $angeltype_id, $description);
+                if ($shifttype_id === false) {
+                    engelsystem_error('Unable to create shifttype.');
+                }
+                engelsystem_log('Created shifttype ' . $name);
+                success(_('Created shifttype.'));
+            }
+            redirect(page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype_id);
+        }
+    }
+
+    return [
+        shifttypes_title(),
+        ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id)
+    ];
 }
 
-function shifttype_controller() {
-  if (! isset($_REQUEST['shifttype_id'])) {
-    redirect(page_link_to('shifttypes'));
-  }
-  $shifttype = ShiftType($_REQUEST['shifttype_id']);
-  if ($shifttype === false) {
-    engelsystem_error('Unable to load shifttype.');
-  }
-  if ($shifttype == null) {
-    redirect(page_link_to('shifttypes'));
-  }
-  
-  $angeltype = null;
-  if ($shifttype['angeltype_id'] != null) {
-    $angeltype = AngelType($shifttype['angeltype_id']);
-  }
-  
-  return [
-      $shifttype['name'],
-      ShiftType_view($shifttype, $angeltype) 
-  ];
+/**
+ * @return array
+ */
+function shifttype_controller()
+{
+    if (!isset($_REQUEST['shifttype_id'])) {
+        redirect(page_link_to('shifttypes'));
+    }
+    $shifttype = ShiftType($_REQUEST['shifttype_id']);
+    if ($shifttype == null) {
+        redirect(page_link_to('shifttypes'));
+    }
+
+    $angeltype = null;
+    if ($shifttype['angeltype_id'] != null) {
+        $angeltype = AngelType($shifttype['angeltype_id']);
+    }
+
+    return [
+        $shifttype['name'],
+        ShiftType_view($shifttype, $angeltype)
+    ];
 }
 
 /**
  * List all shift types.
+ *
+ * @return array
  */
-function shifttypes_list_controller() {
-  $shifttypes = ShiftTypes();
-  if ($shifttypes === false) {
-    engelsystem_error("Unable to load shifttypes.");
-  }
-  
-  return [
-      shifttypes_title(),
-      ShiftTypes_list_view($shifttypes) 
-  ];
+function shifttypes_list_controller()
+{
+    $shifttypes = ShiftTypes();
+    if ($shifttypes === false) {
+        engelsystem_error('Unable to load shifttypes.');
+    }
+
+    return [
+        shifttypes_title(),
+        ShiftTypes_list_view($shifttypes)
+    ];
 }
 
 /**
  * Text for shift type related links.
+ *
+ * @return string
  */
-function shifttypes_title() {
-  return _("Shifttypes");
+function shifttypes_title()
+{
+    return _('Shifttypes');
 }
 
 /**
  * Route shift type actions
+ *
+ * @return array
  */
-function shifttypes_controller() {
-  if (! isset($_REQUEST['action'])) {
-    $_REQUEST['action'] = 'list';
-  }
-  
-  switch ($_REQUEST['action']) {
-    default:
-    case 'list':
-      return shifttypes_list_controller();
-    case 'view':
-      return shifttype_controller();
-    case 'edit':
-      return shifttype_edit_controller();
-    case 'delete':
-      return shifttype_delete_controller();
-  }
-}
+function shifttypes_controller()
+{
+    if (!isset($_REQUEST['action'])) {
+        $_REQUEST['action'] = 'list';
+    }
 
-?>
+    switch ($_REQUEST['action']) {
+        case 'view':
+            return shifttype_controller();
+        case 'edit':
+            return shifttype_edit_controller();
+        case 'delete':
+            return shifttype_delete_controller();
+        case 'list':
+        default:
+            return shifttypes_list_controller();
+    }
+}

includes/controller/user_angeltypes_controller.php

@@ -2,362 +2,421 @@
 
 /**
  * Display a hint for team/angeltype supporters if there are unconfirmed users for his angeltype.
+ *
+ * @return string|null
  */
-function user_angeltypes_unconfirmed_hint() {
-  global $user;
-  
-  $unconfirmed_user_angeltypes = User_unconfirmed_AngelTypes($user);
-  if (count($unconfirmed_user_angeltypes) == 0) {
-    return null;
-  }
-  
-  $unconfirmed_links = [];
-  foreach ($unconfirmed_user_angeltypes as $user_angeltype) {
-    $unconfirmed_links[] = '<a href="' . page_link_to('angeltypes') . '&action=view&angeltype_id=' . $user_angeltype['angeltype_id'] . '">' . $user_angeltype['name'] . ' (+' . $user_angeltype['count'] . ')' . '</a>';
-  }
-  
-  return sprintf(ngettext("There is %d unconfirmed angeltype.", "There are %d unconfirmed angeltypes.", count($unconfirmed_user_angeltypes)), count($unconfirmed_user_angeltypes)) . " " . _('Angel types which need approvals:') . ' ' . join(', ', $unconfirmed_links);
+function user_angeltypes_unconfirmed_hint()
+{
+    global $user;
+
+    $unconfirmed_user_angeltypes = User_unconfirmed_AngelTypes($user);
+    if (count($unconfirmed_user_angeltypes) == 0) {
+        return null;
+    }
+
+    $unconfirmed_links = [];
+    foreach ($unconfirmed_user_angeltypes as $user_angeltype) {
+        $unconfirmed_links[] = '<a href="'
+            . page_link_to('angeltypes')
+            . '&action=view&angeltype_id=' . $user_angeltype['angeltype_id']
+            . '">' . $user_angeltype['name']
+            . ' (+' . $user_angeltype['count'] . ')'
+            . '</a>';
+    }
+
+    return sprintf(ngettext('There is %d unconfirmed angeltype.', 'There are %d unconfirmed angeltypes.',
+            count($unconfirmed_user_angeltypes)),
+            count($unconfirmed_user_angeltypes)) . ' ' . _('Angel types which need approvals:') . ' ' . join(', ',
+            $unconfirmed_links);
 }
 
 /**
  * Remove all unconfirmed users from a specific angeltype.
+ *
+ * @return array
  */
-function user_angeltypes_delete_all_controller() {
-  global $user;
-  
-  if (! isset($_REQUEST['angeltype_id'])) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = AngelType($_REQUEST['angeltype_id']);
-  if ($angeltype == null) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (! User_is_AngelType_supporter($user, $angeltype)) {
-    error(_("You are not allowed to delete all users for this angeltype."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    UserAngelTypes_delete_all($angeltype['id']);
-    
-    engelsystem_log(sprintf("Denied all users for angeltype %s", AngelType_name_render($angeltype)));
-    success(sprintf(_("Denied all users for angeltype %s."), AngelType_name_render($angeltype)));
-    redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
-  }
-  
-  return [
-      _("Deny all users"),
-      UserAngelTypes_delete_all_view($angeltype) 
-  ];
+function user_angeltypes_delete_all_controller()
+{
+    global $user;
+
+    if (!isset($_REQUEST['angeltype_id'])) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = AngelType($_REQUEST['angeltype_id']);
+    if ($angeltype == null) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (!User_is_AngelType_supporter($user, $angeltype)) {
+        error(_('You are not allowed to delete all users for this angeltype.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (isset($_REQUEST['confirmed'])) {
+        UserAngelTypes_delete_all($angeltype['id']);
+
+        engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
+        success(sprintf(_('Denied all users for angeltype %s.'), AngelType_name_render($angeltype)));
+        redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+    }
+
+    return [
+        _('Deny all users'),
+        UserAngelTypes_delete_all_view($angeltype)
+    ];
 }
 
 /**
  * Confirm all unconfirmed users for an angeltype.
+ *
+ * @return array
  */
-function user_angeltypes_confirm_all_controller() {
-  global $user, $privileges;
-  
-  if (! isset($_REQUEST['angeltype_id'])) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = AngelType($_REQUEST['angeltype_id']);
-  if ($angeltype == null) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
-  if ($user_angeltype == null) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (! in_array('admin_user_angeltypes', $privileges) && ! $user_angeltype['supporter']) {
-    error(_("You are not allowed to confirm all users for this angeltype."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    UserAngelTypes_confirm_all($angeltype['id'], $user);
-    
-    engelsystem_log(sprintf("Confirmed all users for angeltype %s", AngelType_name_render($angeltype)));
-    success(sprintf(_("Confirmed all users for angeltype %s."), AngelType_name_render($angeltype)));
-    redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
-  }
-  
-  return [
-      _("Confirm all users"),
-      UserAngelTypes_confirm_all_view($angeltype) 
-  ];
+function user_angeltypes_confirm_all_controller()
+{
+    global $user, $privileges;
+
+    if (!isset($_REQUEST['angeltype_id'])) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = AngelType($_REQUEST['angeltype_id']);
+    if ($angeltype == null) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
+    if ($user_angeltype == null) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (!in_array('admin_user_angeltypes', $privileges) && !$user_angeltype['supporter']) {
+        error(_('You are not allowed to confirm all users for this angeltype.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (isset($_REQUEST['confirmed'])) {
+        UserAngelTypes_confirm_all($angeltype['id'], $user);
+
+        engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
+        success(sprintf(_('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype)));
+        redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+    }
+
+    return [
+        _('Confirm all users'),
+        UserAngelTypes_confirm_all_view($angeltype)
+    ];
 }
 
 /**
  * Confirm an user for an angeltype.
+ *
+ * @return array
  */
-function user_angeltype_confirm_controller() {
-  global $user;
-  
-  if (! isset($_REQUEST['user_angeltype_id'])) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
-  if ($user_angeltype == null) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = AngelType($user_angeltype['angeltype_id']);
-  if ($angeltype == null) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (! User_is_AngelType_supporter($user, $angeltype)) {
-    error(_("You are not allowed to confirm this users angeltype."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_source = User($user_angeltype['user_id']);
-  if ($user_source == null) {
-    error(_("User doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    $result = UserAngelType_confirm($user_angeltype['id'], $user);
-    if ($result === false) {
-      engelsystem_error("Unable to confirm user angeltype.");
+function user_angeltype_confirm_controller()
+{
+    global $user;
+
+    if (!isset($_REQUEST['user_angeltype_id'])) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
     }
-    
-    engelsystem_log(sprintf("%s confirmed for angeltype %s", User_Nick_render($user_source), AngelType_name_render($angeltype)));
-    success(sprintf(_("%s confirmed for angeltype %s."), User_Nick_render($user_source), AngelType_name_render($angeltype)));
-    redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
-  }
-  
-  return [
-      _("Confirm angeltype for user"),
-      UserAngelType_confirm_view($user_angeltype, $user_source, $angeltype) 
-  ];
+
+    $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
+    if ($user_angeltype == null) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = AngelType($user_angeltype['angeltype_id']);
+    if ($angeltype == null) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (!User_is_AngelType_supporter($user, $angeltype)) {
+        error(_('You are not allowed to confirm this users angeltype.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $user_source = User($user_angeltype['user_id']);
+    if ($user_source == null) {
+        error(_('User doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (isset($_REQUEST['confirmed'])) {
+        UserAngelType_confirm($user_angeltype['id'], $user);
+
+        engelsystem_log(sprintf(
+            '%s confirmed for angeltype %s',
+            User_Nick_render($user_source),
+            AngelType_name_render($angeltype)
+        ));
+        success(sprintf(
+            _('%s confirmed for angeltype %s.'),
+            User_Nick_render($user_source),
+            AngelType_name_render($angeltype)
+        ));
+        redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+    }
+
+    return [
+        _('Confirm angeltype for user'),
+        UserAngelType_confirm_view($user_angeltype, $user_source, $angeltype)
+    ];
 }
 
 /**
  * Remove a user from an Angeltype.
+ *
+ * @return array
  */
-function user_angeltype_delete_controller() {
-  global $user;
-  
-  if (! isset($_REQUEST['user_angeltype_id'])) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
-  if ($user_angeltype == null) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = AngelType($user_angeltype['angeltype_id']);
-  if ($angeltype == null) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_source = User($user_angeltype['user_id']);
-  if ($user_source == null) {
-    error(_("User doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if ($user['UID'] != $user_angeltype['user_id'] && ! User_is_AngelType_supporter($user, $angeltype)) {
-    error(_("You are not allowed to delete this users angeltype."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    $result = UserAngelType_delete($user_angeltype);
-    if ($result === false) {
-      engelsystem_error("Unable to delete user angeltype.");
+function user_angeltype_delete_controller()
+{
+    global $user;
+
+    if (!isset($_REQUEST['user_angeltype_id'])) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
     }
-    
-    $success_message = sprintf(_("User %s removed from %s."), User_Nick_render($user_source), $angeltype['name']);
-    engelsystem_log($success_message);
-    success($success_message);
-    
-    redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
-  }
-  
-  return [
-      _("Remove angeltype"),
-      UserAngelType_delete_view($user_angeltype, $user_source, $angeltype) 
-  ];
+
+    $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
+    if ($user_angeltype == null) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = AngelType($user_angeltype['angeltype_id']);
+    if ($angeltype == null) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $user_source = User($user_angeltype['user_id']);
+    if ($user_source == null) {
+        error(_('User doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if ($user['UID'] != $user_angeltype['user_id'] && !User_is_AngelType_supporter($user, $angeltype)) {
+        error(_('You are not allowed to delete this users angeltype.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (isset($_REQUEST['confirmed'])) {
+        $result = UserAngelType_delete($user_angeltype);
+        if ($result === false) {
+            engelsystem_error('Unable to delete user angeltype.');
+        }
+
+        $success_message = sprintf(_('User %s removed from %s.'), User_Nick_render($user_source), $angeltype['name']);
+        engelsystem_log($success_message);
+        success($success_message);
+
+        redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+    }
+
+    return [
+        _('Remove angeltype'),
+        UserAngelType_delete_view($user_angeltype, $user_source, $angeltype)
+    ];
 }
 
 /**
  * Update an UserAngelType.
+ *
+ * @return array
  */
-function user_angeltype_update_controller() {
-  global $privileges;
-  
-  if (! in_array('admin_angel_types', $privileges)) {
-    error(_("You are not allowed to set supporter rights."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (! isset($_REQUEST['user_angeltype_id'])) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['supporter']) && preg_match("/^[01]$/", $_REQUEST['supporter'])) {
-    $supporter = $_REQUEST['supporter'] == "1";
-  } else {
-    error(_("No supporter update given."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
-  if ($user_angeltype == null) {
-    error(_("User angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $angeltype = AngelType($user_angeltype['angeltype_id']);
-  if ($angeltype == null) {
-    error(_("Angeltype doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  $user_source = User($user_angeltype['user_id']);
-  if ($user_source == null) {
-    error(_("User doesn't exist."));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    UserAngelType_update($user_angeltype['id'], $supporter);
-    
-    $success_message = sprintf($supporter ? _("Added supporter rights for %s to %s.") : _("Removed supporter rights for %s from %s."), AngelType_name_render($angeltype), User_Nick_render($user_source));
-    engelsystem_log($success_message);
-    success($success_message);
-    
-    redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
-  }
-  
-  return [
-      $supporter ? _("Add supporter rights") : _("Remove supporter rights"),
-      UserAngelType_update_view($user_angeltype, $user_source, $angeltype, $supporter) 
-  ];
+function user_angeltype_update_controller()
+{
+    global $privileges;
+    $supporter = false;
+
+    if (!in_array('admin_angel_types', $privileges)) {
+        error(_('You are not allowed to set supporter rights.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (!isset($_REQUEST['user_angeltype_id'])) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (isset($_REQUEST['supporter']) && preg_match('/^[01]$/', $_REQUEST['supporter'])) {
+        $supporter = $_REQUEST['supporter'] == '1';
+    } else {
+        error(_('No supporter update given.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
+    if ($user_angeltype == null) {
+        error(_('User angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $angeltype = AngelType($user_angeltype['angeltype_id']);
+    if ($angeltype == null) {
+        error(_('Angeltype doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    $user_source = User($user_angeltype['user_id']);
+    if ($user_source == null) {
+        error(_('User doesn\'t exist.'));
+        redirect(page_link_to('angeltypes'));
+    }
+
+    if (isset($_REQUEST['confirmed'])) {
+        UserAngelType_update($user_angeltype['id'], $supporter);
+
+        $success_message = sprintf(
+            $supporter ? _('Added supporter rights for %s to %s.') : _('Removed supporter rights for %s from %s.'),
+            AngelType_name_render($angeltype),
+            User_Nick_render($user_source)
+        );
+        engelsystem_log($success_message);
+        success($success_message);
+
+        redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+    }
+
+    return [
+        $supporter ? _('Add supporter rights') : _('Remove supporter rights'),
+        UserAngelType_update_view($user_angeltype, $user_source, $angeltype, $supporter)
+    ];
 }
 
 /**
  * User joining an Angeltype (Or supporter doing this for him).
  */
-function user_angeltype_add_controller() {
-  global $user;
-  
-  $angeltype = load_angeltype();
-  
-  // User is joining by itself
-  if (! User_is_AngelType_supporter($user, $angeltype)) {
-    return user_angeltype_join_controller($angeltype);
-  }
-  
-  // Allow to add any user
-  
-  // Default selection
-  $user_source = $user;
-  
-  // Load possible users, that are not in the angeltype already
-  $users_source = Users_by_angeltype_inverted($angeltype);
-  
-  if (isset($_REQUEST['submit'])) {
-    $user_source = load_user();
-    
-    if (! UserAngelType_exists($user_source, $angeltype)) {
-      $user_angeltype_id = UserAngelType_create($user_source, $angeltype);
-      
-      engelsystem_log(sprintf("User %s added to %s.", User_Nick_render($user_source), AngelType_name_render($angeltype)));
-      success(sprintf(_("User %s added to %s."), User_Nick_render($user_source), AngelType_name_render($angeltype)));
-      
-      UserAngelType_confirm($user_angeltype_id, $user_source);
-      engelsystem_log(sprintf("User %s confirmed as %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
-      
-      redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+function user_angeltype_add_controller()
+{
+    global $user;
+
+    $angeltype = load_angeltype();
+
+    // User is joining by itself
+    if (!User_is_AngelType_supporter($user, $angeltype)) {
+        return user_angeltype_join_controller($angeltype);
     }
-  }
-  
-  return [
-      _("Add user to angeltype"),
-      UserAngelType_add_view($angeltype, $users_source, $user_source['UID']) 
-  ];
+
+    // Allow to add any user
+
+    // Default selection
+    $user_source = $user;
+
+    // Load possible users, that are not in the angeltype already
+    $users_source = Users_by_angeltype_inverted($angeltype);
+
+    if (isset($_REQUEST['submit'])) {
+        $user_source = load_user();
+
+        if (!UserAngelType_exists($user_source, $angeltype)) {
+            $user_angeltype_id = UserAngelType_create($user_source, $angeltype);
+
+            engelsystem_log(sprintf(
+                'User %s added to %s.',
+                User_Nick_render($user_source),
+                AngelType_name_render($angeltype)
+            ));
+            success(sprintf(
+                _('User %s added to %s.'),
+                User_Nick_render($user_source),
+                AngelType_name_render($angeltype)
+            ));
+
+            UserAngelType_confirm($user_angeltype_id, $user_source);
+            engelsystem_log(sprintf(
+                'User %s confirmed as %s.',
+                User_Nick_render($user),
+                AngelType_name_render($angeltype)
+            ));
+
+            redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+        }
+    }
+
+    return [
+        _('Add user to angeltype'),
+        UserAngelType_add_view($angeltype, $users_source, $user_source['UID'])
+    ];
 }
 
 /**
  * A user joins an angeltype.
+ *
+ * @param array $angeltype
+ * @return array
  */
-function user_angeltype_join_controller($angeltype) {
-  global $user, $privileges;
-  
-  $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
-  if ($user_angeltype != null) {
-    error(sprintf(_("You are already a %s."), $angeltype['name']));
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  if (isset($_REQUEST['confirmed'])) {
-    $user_angeltype_id = UserAngelType_create($user, $angeltype);
-    
-    $success_message = sprintf(_("You joined %s."), $angeltype['name']);
-    engelsystem_log(sprintf("User %s joined %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
-    success($success_message);
-    
-    if (in_array('admin_user_angeltypes', $privileges)) {
-      UserAngelType_confirm($user_angeltype_id, $user);
-      engelsystem_log(sprintf("User %s confirmed as %s.", User_Nick_render($user), AngelType_name_render($angeltype)));
+function user_angeltype_join_controller($angeltype)
+{
+    global $user, $privileges;
+
+    $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
+    if ($user_angeltype != null) {
+        error(sprintf(_('You are already a %s.'), $angeltype['name']));
+        redirect(page_link_to('angeltypes'));
     }
-    
-    redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
-  }
-  
-  return [
-      sprintf(_("Become a %s"), $angeltype['name']),
-      UserAngelType_join_view($user, $angeltype) 
-  ];
+
+    if (isset($_REQUEST['confirmed'])) {
+        $user_angeltype_id = UserAngelType_create($user, $angeltype);
+
+        $success_message = sprintf(_('You joined %s.'), $angeltype['name']);
+        engelsystem_log(sprintf('User %s joined %s.', User_Nick_render($user), AngelType_name_render($angeltype)));
+        success($success_message);
+
+        if (in_array('admin_user_angeltypes', $privileges)) {
+            UserAngelType_confirm($user_angeltype_id, $user);
+            engelsystem_log(sprintf(
+                'User %s confirmed as %s.',
+                User_Nick_render($user),
+                AngelType_name_render($angeltype)
+            ));
+        }
+
+        redirect(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id']);
+    }
+
+    return [
+        sprintf(_('Become a %s'), $angeltype['name']),
+        UserAngelType_join_view($user, $angeltype)
+    ];
 }
 
 /**
  * Route UserAngelType actions.
+ *
+ * @return array
  */
-function user_angeltypes_controller() {
-  if (! isset($_REQUEST['action'])) {
-    redirect(page_link_to('angeltypes'));
-  }
-  
-  switch ($_REQUEST['action']) {
-    case 'delete_all':
-      return user_angeltypes_delete_all_controller();
-    case 'confirm_all':
-      return user_angeltypes_confirm_all_controller();
-    case 'confirm':
-      return user_angeltype_confirm_controller();
-    case 'delete':
-      return user_angeltype_delete_controller();
-    case 'update':
-      return user_angeltype_update_controller();
-    case 'add':
-      return user_angeltype_add_controller();
-    default:
-      redirect(page_link_to('angeltypes'));
-  }
-}
+function user_angeltypes_controller()
+{
+    if (!isset($_REQUEST['action'])) {
+        redirect(page_link_to('angeltypes'));
+    }
 
-?>
+    switch ($_REQUEST['action']) {
+        case 'delete_all':
+            return user_angeltypes_delete_all_controller();
+        case 'confirm_all':
+            return user_angeltypes_confirm_all_controller();
+        case 'confirm':
+            return user_angeltype_confirm_controller();
+        case 'delete':
+            return user_angeltype_delete_controller();
+        case 'update':
+            return user_angeltype_update_controller();
+        case 'add':
+            return user_angeltype_add_controller();
+        default:
+            redirect(page_link_to('angeltypes'));
+            exit;
+    }
+}

includes/controller/user_driver_licenses_controller.php

@@ -1,132 +1,148 @@
 <?php
 
 /**
- * Generates a hint, if user joined angeltypes that require a driving license and the user has no driver license information provided.
+ * Generates a hint, if user joined angeltypes that require a driving license and the user has no driver license
+ * information provided.
+ *
+ * @return string|null
  */
-function user_driver_license_required_hint() {
-  global $user;
-  
-  $angeltypes = User_angeltypes($user);
-  $user_driver_license = UserDriverLicense($user['UID']);
-  
-  // User has already entered data, no hint needed.
-  if ($user_driver_license != null) {
-    return null;
-  }
-  
-  foreach ($angeltypes as $angeltype) {
-    if ($angeltype['requires_driver_license']) {
-      return sprintf(_("You joined an angeltype which requires a driving license. Please edit your driving license information here: %s."), '<a href="' . user_driver_license_edit_link() . '">' . _("driving license information") . '</a>');
+function user_driver_license_required_hint()
+{
+    global $user;
+
+    $angeltypes = User_angeltypes($user);
+    $user_driver_license = UserDriverLicense($user['UID']);
+
+    // User has already entered data, no hint needed.
+    if ($user_driver_license != null) {
+        return null;
     }
-  }
-  
-  return null;
+
+    foreach ($angeltypes as $angeltype) {
+        if ($angeltype['requires_driver_license']) {
+            return sprintf(
+                _('You joined an angeltype which requires a driving license. Please edit your driving license information here: %s.'),
+                '<a href="' . user_driver_license_edit_link() . '">' . _('driving license information') . '</a>'
+            );
+        }
+    }
+
+    return null;
 }
 
 /**
  * Route user driver licenses actions.
+ *
+ * @return array
  */
-function user_driver_licenses_controller() {
-  global $user;
-  
-  if (! isset($user)) {
-    redirect(page_link_to(''));
-  }
-  
-  $action = strip_request_item('action', 'edit');
-  
-  switch ($action) {
-    default:
-    case 'edit':
-      return user_driver_license_edit_controller();
-  }
+function user_driver_licenses_controller()
+{
+    global $user;
+
+    if (!isset($user)) {
+        redirect(page_link_to(''));
+    }
+
+    $action = strip_request_item('action', 'edit');
+
+    switch ($action) {
+        default:
+        case 'edit':
+            return user_driver_license_edit_controller();
+    }
 }
 
 /**
  * Link to user driver license edit page for given user.
  *
- * @param User $user          
+ * @param array $user
+ * @return string
  */
-function user_driver_license_edit_link($user = null) {
-  if ($user == null) {
-    return page_link_to('user_driver_licenses');
-  }
-  return page_link_to('user_driver_licenses') . '&user_id=' . $user['UID'];
+function user_driver_license_edit_link($user = null)
+{
+    if ($user == null) {
+        return page_link_to('user_driver_licenses');
+    }
+    return page_link_to('user_driver_licenses') . '&user_id=' . $user['UID'];
 }
 
 /**
  * Loads the user for the driver license.
+ *
+ * @return array
  */
-function user_driver_license_load_user() {
-  global $user;
-  
-  $user_source = $user;
-  
-  if (isset($_REQUEST['user_id'])) {
-    $user_source = User($_REQUEST['user_id']);
-    if ($user_source == null) {
-      redirect(user_driver_license_edit_link());
+function user_driver_license_load_user()
+{
+    global $user;
+
+    $user_source = $user;
+
+    if (isset($_REQUEST['user_id'])) {
+        $user_source = User($_REQUEST['user_id']);
+        if ($user_source == null) {
+            redirect(user_driver_license_edit_link());
+        }
     }
-  }
-  
-  return $user_source;
+
+    return $user_source;
 }
 
 /**
  * Edit a users driver license information.
+ *
+ * @return array
  */
-function user_driver_license_edit_controller() {
-  global $privileges, $user;
-  
-  $user_source = user_driver_license_load_user();
-  
-  // only privilege admin_user can edit other users driver license information
-  if ($user['UID'] != $user_source['UID'] && ! in_array('admin_user', $privileges)) {
-    redirect(user_driver_license_edit_link());
-  }
-  
-  $user_driver_license = UserDriverLicense($user_source['UID']);
-  if ($user_driver_license == null) {
-    $wants_to_drive = false;
-    $user_driver_license = UserDriverLicense_new();
-  } else {
-    $wants_to_drive = true;
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $wants_to_drive = isset($_REQUEST['wants_to_drive']);
-    if ($wants_to_drive) {
-      $user_driver_license['has_car'] = isset($_REQUEST['has_car']);
-      $user_driver_license['has_license_car'] = isset($_REQUEST['has_license_car']);
-      $user_driver_license['has_license_3_5t_transporter'] = isset($_REQUEST['has_license_3_5t_transporter']);
-      $user_driver_license['has_license_7_5t_truck'] = isset($_REQUEST['has_license_7_5t_truck']);
-      $user_driver_license['has_license_12_5t_truck'] = isset($_REQUEST['has_license_12_5t_truck']);
-      $user_driver_license['has_license_forklift'] = isset($_REQUEST['has_license_forklift']);
-      
-      if (UserDriverLicense_valid($user_driver_license)) {
-        if ($user_driver_license['user_id'] == null) {
-          $user_driver_license = UserDriverLicenses_create($user_driver_license, $user);
-        } else {
-          UserDriverLicenses_update($user_driver_license);
-        }
-        engelsystem_log("Driver license information updated.");
-        success(_("Your driver license information has been saved."));
-        redirect(user_link($user_source));
-      } else {
-        error(_("Please select at least one driving license."));
-      }
-    } elseif ($user_driver_license['id'] != null) {
-      UserDriverLicenses_delete($user_source['UID']);
-      engelsystem_log("Driver license information removed.");
-      success(_("Your driver license information has been removed."));
-      redirect(user_link($user_source));
-    }
-  }
-  
-  return [
-      sprintf(_("Edit %s driving license information"), $user_source['Nick']),
-      UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license) 
-  ];
-}
+function user_driver_license_edit_controller()
+{
+    global $privileges, $user;
 
-?>
+    $user_source = user_driver_license_load_user();
+
+    // only privilege admin_user can edit other users driver license information
+    if ($user['UID'] != $user_source['UID'] && !in_array('admin_user', $privileges)) {
+        redirect(user_driver_license_edit_link());
+    }
+
+    $user_driver_license = UserDriverLicense($user_source['UID']);
+    if ($user_driver_license == null) {
+        $wants_to_drive = false;
+        $user_driver_license = UserDriverLicense_new();
+    } else {
+        $wants_to_drive = true;
+    }
+
+    if (isset($_REQUEST['submit'])) {
+        $wants_to_drive = isset($_REQUEST['wants_to_drive']);
+        if ($wants_to_drive) {
+            $user_driver_license['has_car'] = isset($_REQUEST['has_car']);
+            $user_driver_license['has_license_car'] = isset($_REQUEST['has_license_car']);
+            $user_driver_license['has_license_3_5t_transporter'] = isset($_REQUEST['has_license_3_5t_transporter']);
+            $user_driver_license['has_license_7_5t_truck'] = isset($_REQUEST['has_license_7_5t_truck']);
+            $user_driver_license['has_license_12_5t_truck'] = isset($_REQUEST['has_license_12_5t_truck']);
+            $user_driver_license['has_license_forklift'] = isset($_REQUEST['has_license_forklift']);
+
+            if (UserDriverLicense_valid($user_driver_license)) {
+                if ($user_driver_license['user_id'] == null) {
+                    $user_driver_license = UserDriverLicenses_create($user_driver_license, $user_source);
+                } else {
+                    UserDriverLicenses_update($user_driver_license);
+                }
+                engelsystem_log('Driver license information updated.');
+                success(_('Your driver license information has been saved.'));
+                redirect(user_link($user_source));
+            } else {
+                error(_('Please select at least one driving license.'));
+            }
+        } elseif ($user_driver_license['user_id'] != null) {
+            UserDriverLicenses_delete($user_source['UID']);
+            engelsystem_log('Driver license information removed.');
+            success(_('Your driver license information has been removed.'));
+            redirect(user_link($user_source));
+        }
+    }
+
+    return [
+        sprintf(_('Edit %s driving license information'), $user_source['Nick']),
+        UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license)
+    ];
+}

includes/controller/users_controller.php

@@ -1,371 +1,467 @@
 <?php
-use Engelsystem\ShiftsFilter;
+
+use Engelsystem\Database\DB;
 use Engelsystem\ShiftCalendarRenderer;
+use Engelsystem\ShiftsFilter;
 
 /**
  * Route user actions.
+ *
+ * @return array
  */
-function users_controller() {
-  global $user;
-  
-  if (! isset($user)) {
-    redirect(page_link_to(''));
-  }
-  
-  if (! isset($_REQUEST['action'])) {
-    $_REQUEST['action'] = 'list';
-  }
-  
-  switch ($_REQUEST['action']) {
-    default:
-    case 'list':
-      return users_list_controller();
-    case 'view':
-      return user_controller();
-    case 'edit':
-      return user_edit_controller();
-    case 'delete':
-      return user_delete_controller();
-    case 'edit_vouchers':
-      return user_edit_vouchers_controller();
-  }
+function users_controller()
+{
+    global $user;
+
+    if (!isset($user)) {
+        redirect(page_link_to(''));
+    }
+
+    if (!isset($_REQUEST['action'])) {
+        $_REQUEST['action'] = 'list';
+    }
+
+    switch ($_REQUEST['action']) {
+        case 'view':
+            return user_controller();
+        case 'delete':
+            return user_delete_controller();
+        case 'edit_vouchers':
+            return user_edit_vouchers_controller();
+        case 'list':
+        default:
+            return users_list_controller();
+    }
 }
 
 /**
  * Delete a user, requires to enter own password for reasons.
+ *
+ * @return array
  */
-function user_delete_controller() {
-  global $privileges, $user;
-  
-  if (isset($_REQUEST['user_id'])) {
-    $user_source = User($_REQUEST['user_id']);
-  } else {
-    $user_source = $user;
-  }
-  
-  if (! in_array('admin_user', $privileges)) {
-    redirect(page_link_to(''));
-  }
-  
-  // You cannot delete yourself
-  if ($user['UID'] == $user_source['UID']) {
-    error(_("You cannot delete yourself."));
-    redirect(user_link($user));
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (! (isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))) {
-      $valid = false;
-      error(_("Your password is incorrect.  Please try it again."));
-    }
-    
-    if ($valid) {
-      $result = User_delete($user_source['UID']);
-      if ($result === false) {
-        engelsystem_error('Unable to delete user.');
-      }
-      
-      mail_user_delete($user_source);
-      success(_("User deleted."));
-      engelsystem_log(sprintf("Deleted %s", User_Nick_render($user_source)));
-      
-      redirect(users_link());
-    }
-  }
-  
-  return [
-      sprintf(_("Delete %s"), $user_source['Nick']),
-      User_delete_view($user_source) 
-  ];
-}
+function user_delete_controller()
+{
+    global $privileges, $user;
 
-function users_link() {
-  return page_link_to('users');
-}
-
-function user_edit_link($user) {
-  return page_link_to('admin_user') . '&user_id=' . $user['UID'];
-}
-
-function user_delete_link($user) {
-  return page_link_to('users') . '&action=delete&user_id=' . $user['UID'];
-}
-
-function user_link($user) {
-  return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
-}
-
-function user_edit_vouchers_controller() {
-  global $privileges, $user;
-  
-  if (isset($_REQUEST['user_id'])) {
-    $user_source = User($_REQUEST['user_id']);
-  } else {
-    $user_source = $user;
-  }
-  
-  if (! in_array('admin_user', $privileges)) {
-    redirect(page_link_to(''));
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {
-      $vouchers = trim($_REQUEST['vouchers']);
+    if (isset($_REQUEST['user_id'])) {
+        $user_source = User($_REQUEST['user_id']);
     } else {
-      $valid = false;
-      error(_("Please enter a valid number of vouchers."));
+        $user_source = $user;
     }
-    
-    if ($valid) {
-      $user_source['got_voucher'] = $vouchers;
-      
-      $result = User_update($user_source);
-      if ($result === false) {
-        engelsystem_error('Unable to update user.');
-      }
-      
-      success(_("Saved the number of vouchers."));
-      engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf("Got %s vouchers", $user_source['got_voucher']));
-      
-      redirect(user_link($user_source));
+
+    if (!in_array('admin_user', $privileges)) {
+        redirect(page_link_to(''));
     }
-  }
-  
-  return [
-      sprintf(_("%s's vouchers"), $user_source['Nick']),
-      User_edit_vouchers_view($user_source) 
-  ];
+
+    // You cannot delete yourself
+    if ($user['UID'] == $user_source['UID']) {
+        error(_('You cannot delete yourself.'));
+        redirect(user_link($user));
+    }
+
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],
+                $user['UID']))
+        ) {
+            $valid = false;
+            error(_('Your password is incorrect.  Please try it again.'));
+        }
+
+        if ($valid) {
+            $result = User_delete($user_source['UID']);
+            if ($result === false) {
+                engelsystem_error('Unable to delete user.');
+            }
+
+            mail_user_delete($user_source);
+            success(_('User deleted.'));
+            engelsystem_log(sprintf('Deleted %s', User_Nick_render($user_source)));
+
+            redirect(users_link());
+        }
+    }
+
+    return [
+        sprintf(_('Delete %s'), $user_source['Nick']),
+        User_delete_view($user_source)
+    ];
 }
 
-function user_controller() {
-  global $privileges, $user;
-  
-  $user_source = $user;
-  if (isset($_REQUEST['user_id'])) {
-    $user_source = User($_REQUEST['user_id']);
-    if ($user_source == null) {
-      error(_("User not found."));
-      redirect('?');
+/**
+ * @return string
+ */
+function users_link()
+{
+    return page_link_to('users');
+}
+
+/**
+ * @param array $user
+ * @return string
+ */
+function user_edit_link($user)
+{
+    return page_link_to('admin_user') . '&user_id=' . $user['UID'];
+}
+
+/**
+ * @param array $user
+ * @return string
+ */
+function user_delete_link($user)
+{
+    return page_link_to('users') . '&action=delete&user_id=' . $user['UID'];
+}
+
+/**
+ * @param array $user
+ * @return string
+ */
+function user_link($user)
+{
+    return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
+}
+
+/**
+ * @return array
+ */
+function user_edit_vouchers_controller()
+{
+    global $privileges, $user;
+
+    if (isset($_REQUEST['user_id'])) {
+        $user_source = User($_REQUEST['user_id']);
+    } else {
+        $user_source = $user;
     }
-  }
-  
-  $shifts = Shifts_by_user($user_source, in_array("user_shifts_admin", $privileges));
-  foreach ($shifts as &$shift) {
-    // TODO: Move queries to model
-    $shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "'  ORDER BY `AngelTypes`.`name`");
-    foreach ($shift['needed_angeltypes'] as &$needed_angeltype) {
-      $needed_angeltype['users'] = sql_select("
-          SELECT `ShiftEntry`.`freeloaded`, `User`.*
-          FROM `ShiftEntry`
-          JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
-          WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "'
-          AND `ShiftEntry`.`TID`='" . sql_escape($needed_angeltype['id']) . "'");
+
+    if (!in_array('admin_user', $privileges)) {
+        redirect(page_link_to(''));
     }
-  }
-  
-  if ($user_source['api_key'] == "") {
-    User_reset_api_key($user_source, false);
-  }
-  
-  return [
-      $user_source['Nick'],
-      User_view($user_source, in_array('admin_user', $privileges), User_is_freeloader($user_source), User_angeltypes($user_source), User_groups($user_source), $shifts, $user['UID'] == $user_source['UID']) 
-  ];
+
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        $vouchers = '';
+        if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {
+            $vouchers = trim($_REQUEST['vouchers']);
+        } else {
+            $valid = false;
+            error(_('Please enter a valid number of vouchers.'));
+        }
+
+        if ($valid) {
+            $user_source['got_voucher'] = $vouchers;
+
+            $result = User_update($user_source);
+            if ($result === false) {
+                engelsystem_error('Unable to update user.');
+            }
+
+            success(_('Saved the number of vouchers.'));
+            engelsystem_log(User_Nick_render($user_source) . ': ' . sprintf('Got %s vouchers',
+                    $user_source['got_voucher']));
+
+            redirect(user_link($user_source));
+        }
+    }
+
+    return [
+        sprintf(_('%s\'s vouchers'), $user_source['Nick']),
+        User_edit_vouchers_view($user_source)
+    ];
+}
+
+/**
+ * @return array
+ */
+function user_controller()
+{
+    global $privileges, $user;
+
+    $user_source = $user;
+    if (isset($_REQUEST['user_id'])) {
+        $user_source = User($_REQUEST['user_id']);
+        if ($user_source == null) {
+            error(_('User not found.'));
+            redirect('?');
+        }
+    }
+
+    $shifts = Shifts_by_user($user_source, in_array('user_shifts_admin', $privileges));
+    foreach ($shifts as &$shift) {
+        // TODO: Move queries to model
+        $shift['needed_angeltypes'] = DB::select('
+            SELECT DISTINCT `AngelTypes`.*
+            FROM `ShiftEntry`
+            JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
+            WHERE `ShiftEntry`.`SID` = ?
+            ORDER BY `AngelTypes`.`name`
+            ',
+            [$shift['SID']]
+        );
+        foreach ($shift['needed_angeltypes'] as &$needed_angeltype) {
+            $needed_angeltype['users'] = DB::select('
+                  SELECT `ShiftEntry`.`freeloaded`, `User`.*
+                  FROM `ShiftEntry`
+                  JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
+                  WHERE `ShiftEntry`.`SID` = ?
+                  AND `ShiftEntry`.`TID` = ?
+                ',
+                [$shift['SID'], $needed_angeltype['id']]
+            );
+        }
+    }
+
+    if ($user_source['api_key'] == '') {
+        User_reset_api_key($user_source, false);
+    }
+
+    return [
+        $user_source['Nick'],
+        User_view(
+            $user_source,
+            in_array('admin_user', $privileges),
+            User_is_freeloader($user_source),
+            User_angeltypes($user_source),
+            User_groups($user_source),
+            $shifts,
+            $user['UID'] == $user_source['UID']
+        )
+    ];
 }
 
 /**
  * List all users.
+ *
+ * @return array
  */
-function users_list_controller() {
-  global $privileges;
-  
-  if (! in_array('admin_user', $privileges)) {
-    redirect(page_link_to(''));
-  }
-  
-  $order_by = 'Nick';
-  if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) {
-    $order_by = $_REQUEST['OrderBy'];
-  }
-  
-  $users = Users($order_by);
-  if ($users === false) {
-    engelsystem_error('Unable to load users.');
-  }
-  
-  foreach ($users as &$user) {
-    $user['freeloads'] = count(ShiftEntries_freeloaded_by_user($user));
-  }
-  
-  return [
-      _('All users'),
-      Users_view($users, $order_by, User_arrived_count(), User_active_count(), User_force_active_count(), ShiftEntries_freeleaded_count(), User_tshirts_count(), User_got_voucher_count()) 
-  ];
+function users_list_controller()
+{
+    global $privileges;
+
+    if (!in_array('admin_user', $privileges)) {
+        redirect(page_link_to(''));
+    }
+
+    $order_by = 'Nick';
+    if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) {
+        $order_by = $_REQUEST['OrderBy'];
+    }
+
+    $users = Users($order_by);
+    if ($users === false) {
+        engelsystem_error('Unable to load users.');
+    }
+
+    foreach ($users as &$user) {
+        $user['freeloads'] = count(ShiftEntries_freeloaded_by_user($user));
+    }
+
+    return [
+        _('All users'),
+        Users_view(
+            $users,
+            $order_by,
+            User_arrived_count(),
+            User_active_count(),
+            User_force_active_count(),
+            ShiftEntries_freeleaded_count(),
+            User_tshirts_count(),
+            User_got_voucher_count()
+        )
+    ];
 }
 
 /**
  * Second step of password recovery: set a new password using the token link from email
+ *
+ * @return string
  */
-function user_password_recovery_set_new_controller() {
-  global $min_password_length;
-  $user_source = User_by_password_recovery_token($_REQUEST['token']);
-  if ($user_source == null) {
-    error(_("Token is not correct."));
-    redirect(page_link_to('login'));
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
+function user_password_recovery_set_new_controller()
+{
+    $user_source = User_by_password_recovery_token($_REQUEST['token']);
+    if ($user_source == null) {
+        error(_('Token is not correct.'));
+        redirect(page_link_to('login'));
+    }
 
-    if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
-      if ($_REQUEST['password'] != $_REQUEST['password2']) {
-        $valid = false;
-        error(_("Your passwords don't match."));
-      }
-    } else {
-      $valid = false;
-      error(_("Your password is to short (please use at least 6 characters)."));
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (
+            isset($_REQUEST['password'])
+            && strlen($_REQUEST['password']) >= config('min_password_length')
+        ) {
+            if ($_REQUEST['password'] != $_REQUEST['password2']) {
+                $valid = false;
+                error(_('Your passwords don\'t match.'));
+            }
+        } else {
+            $valid = false;
+            error(_('Your password is to short (please use at least 6 characters).'));
+        }
+
+        if ($valid) {
+            set_password($user_source['UID'], $_REQUEST['password']);
+            success(_('Password saved.'));
+            redirect(page_link_to('login'));
+        }
     }
-    
-    if ($valid) {
-      set_password($user_source['UID'], $_REQUEST['password']);
-      success(_("Password saved."));
-      redirect(page_link_to('login'));
-    }
-  }
-  
-  return User_password_set_view();
+
+    return User_password_set_view();
 }
 
 /**
  * First step of password recovery: display a form that asks for your email and send email with recovery link
+ *
+ * @return string
  */
-function user_password_recovery_start_controller() {
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) {
-      $email = strip_request_item('email');
-      if (check_email($email)) {
-        $user_source = User_by_email($email);
-        if ($user_source == null) {
-          $valid = false;
-          error(_("E-mail address is not correct."));
+function user_password_recovery_start_controller()
+{
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) {
+            $email = strip_request_item('email');
+            if (check_email($email)) {
+                $user_source = User_by_email($email);
+                if ($user_source == null) {
+                    $valid = false;
+                    error(_('E-mail address is not correct.'));
+                }
+            } else {
+                $valid = false;
+                error(_('E-mail address is not correct.'));
+            }
+        } else {
+            $valid = false;
+            error(_('Please enter your e-mail.'));
+        }
+
+        if ($valid) {
+            $token = User_generate_password_recovery_token($user_source);
+            engelsystem_email_to_user(
+                $user_source,
+                _('Password recovery'),
+                sprintf(
+                    _('Please visit %s to recover your password.'),
+                    page_link_to_absolute('user_password_recovery') . '&token=' . $token
+                )
+            );
+            success(_('We sent an email containing your password recovery link.'));
+            redirect(page_link_to('login'));
         }
-      } else {
-        $valid = false;
-        error(_("E-mail address is not correct."));
-      }
-    } else {
-      $valid = false;
-      error(_("Please enter your e-mail."));
     }
-    
-    if ($valid) {
-      $token = User_generate_password_recovery_token($user_source);
-      engelsystem_email_to_user($user_source, _("Password recovery"), sprintf(_("Please visit %s to recover your password."), page_link_to_absolute('user_password_recovery') . '&token=' . $token));
-      success(_("We sent an email containing your password recovery link."));
-      redirect(page_link_to('login'));
-    }
-  }
-  
-  return User_password_recovery_view();
+
+    return User_password_recovery_view();
 }
 
 /**
  * User password recovery in 2 steps.
  * (By email)
+ *
+ * @return string
  */
-function user_password_recovery_controller() {
-  if (isset($_REQUEST['token'])) {
-    return user_password_recovery_set_new_controller();
-  } else {
+function user_password_recovery_controller()
+{
+    if (isset($_REQUEST['token'])) {
+        return user_password_recovery_set_new_controller();
+    }
+
     return user_password_recovery_start_controller();
-  }
 }
 
 /**
  * Menu title for password recovery.
+ *
+ * @return string
  */
-function user_password_recovery_title() {
-  return _("Password recovery");
+function user_password_recovery_title()
+{
+    return _('Password recovery');
 }
 
 /**
  * Loads a user from param user_id.
+ *
+ * return array
  */
-function load_user() {
-  if (! isset($_REQUEST['user_id'])) {
-    redirect(page_link_to());
-  }
-  
-  $user = User($_REQUEST['user_id']);
-  if ($user === false) {
-    engelsystem_error("Unable to load user.");
-  }
-  
-  if ($user == null) {
-    error(_("User doesn't exist."));
-    redirect(page_link_to());
-  }
-  
-  return $user;
+function load_user()
+{
+    if (!isset($_REQUEST['user_id'])) {
+        redirect(page_link_to());
+    }
+
+    $user = User($_REQUEST['user_id']);
+
+    if ($user == null) {
+        error(_('User doesn\'t exist.'));
+        redirect(page_link_to());
+    }
+
+    return $user;
 }
 
-function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter) {
-  $shifts = Shifts_by_ShiftsFilter($shiftsFilter);
-  $needed_angeltypes_source = NeededAngeltypes_by_ShiftsFilter($shiftsFilter);
-  $shift_entries_source = ShiftEntries_by_ShiftsFilter($shiftsFilter);
-  
-  $needed_angeltypes = [];
-  $shift_entries = [];
-  foreach ($shifts as $shift) {
-    $needed_angeltypes[$shift['SID']] = [];
-    $shift_entries[$shift['SID']] = [];
-  }
-  foreach ($shift_entries_source as $shift_entry) {
-    if (isset($shift_entries[$shift_entry['SID']])) {
-      $shift_entries[$shift_entry['SID']][] = $shift_entry;
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return ShiftCalendarRenderer
+ */
+function shiftCalendarRendererByShiftFilter(ShiftsFilter $shiftsFilter)
+{
+    $shifts = Shifts_by_ShiftsFilter($shiftsFilter);
+    $needed_angeltypes_source = NeededAngeltypes_by_ShiftsFilter($shiftsFilter);
+    $shift_entries_source = ShiftEntries_by_ShiftsFilter($shiftsFilter);
+
+    $needed_angeltypes = [];
+    $shift_entries = [];
+    foreach ($shifts as $shift) {
+        $needed_angeltypes[$shift['SID']] = [];
+        $shift_entries[$shift['SID']] = [];
     }
-  }
-  foreach ($needed_angeltypes_source as $needed_angeltype) {
-    if (isset($needed_angeltypes[$needed_angeltype['SID']])) {
-      $needed_angeltypes[$needed_angeltype['SID']][] = $needed_angeltype;
-    }
-  }
-  unset($needed_angeltypes_source);
-  unset($shift_entries_source);
-  
-  if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())) {
-    return new ShiftCalendarRenderer($shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
-  }
-  
-  $filtered_shifts = [];
-  foreach ($shifts as $shift) {
-    $needed_angels_count = 0;
-    foreach ($needed_angeltypes[$shift['SID']] as $needed_angeltype) {
-      $taken = 0;
-      foreach ($shift_entries[$shift['SID']] as $shift_entry) {
-        if ($needed_angeltype['angel_type_id'] == $shift_entry['TID'] && $shift_entry['freeloaded'] == 0) {
-          $taken ++;
+    foreach ($shift_entries_source as $shift_entry) {
+        if (isset($shift_entries[$shift_entry['SID']])) {
+            $shift_entries[$shift_entry['SID']][] = $shift_entry;
         }
-      }
-      
-      $needed_angels_count += max(0, $needed_angeltype['count'] - $taken);
     }
-    if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && $taken < $needed_angels_count) {
-      $filtered_shifts[] = $shift;
+    foreach ($needed_angeltypes_source as $needed_angeltype) {
+        if (isset($needed_angeltypes[$needed_angeltype['SID']])) {
+            $needed_angeltypes[$needed_angeltype['SID']][] = $needed_angeltype;
+        }
     }
-    if (in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled()) && $taken >= $needed_angels_count) {
-      $filtered_shifts[] = $shift;
-    }
-  }
-  
-  return new ShiftCalendarRenderer($filtered_shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
-}
+    unset($needed_angeltypes_source);
+    unset($shift_entries_source);
 
-?>
+    if (
+        in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled())
+        && in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled())
+    ) {
+        return new ShiftCalendarRenderer($shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
+    }
+
+    $filtered_shifts = [];
+    foreach ($shifts as $shift) {
+        $needed_angels_count = 0;
+        $taken = 0;
+        foreach ($needed_angeltypes[$shift['SID']] as $needed_angeltype) {
+            $taken = 0;
+            foreach ($shift_entries[$shift['SID']] as $shift_entry) {
+                if ($needed_angeltype['angel_type_id'] == $shift_entry['TID'] && $shift_entry['freeloaded'] == 0) {
+                    $taken++;
+                }
+            }
+
+            $needed_angels_count += max(0, $needed_angeltype['count'] - $taken);
+        }
+        if (in_array(ShiftsFilter::FILLED_FREE, $shiftsFilter->getFilled()) && $taken < $needed_angels_count) {
+            $filtered_shifts[] = $shift;
+        }
+        if (in_array(ShiftsFilter::FILLED_FILLED, $shiftsFilter->getFilled()) && $taken >= $needed_angels_count) {
+            $filtered_shifts[] = $shift;
+        }
+    }
+
+    return new ShiftCalendarRenderer($filtered_shifts, $needed_angeltypes, $shift_entries, $shiftsFilter);
+}

includes/engelsystem_provider.php

@@ -1,9 +1,73 @@
 <?php
+
+use Engelsystem\Config\Config;
+use Engelsystem\Database\Db;
+use Engelsystem\Exceptions\Handler as ExceptionHandler;
+
 /**
  * This file includes all needed functions, connects to the db etc.
  */
-require_once realpath(__DIR__ . '/../includes/mysqli_provider.php');
 
+if (!is_readable(__DIR__ . '/../vendor/autoload.php')) {
+    die('Please run composer.phar install');
+}
+require __DIR__ . '/../vendor/autoload.php';
+
+
+/**
+ * Load configuration
+ */
+$config = new Config();
+Config::setInstance($config);
+$config->set(require __DIR__ . '/../config/config.default.php');
+
+if (file_exists(__DIR__ . '/../config/config.php')) {
+    $config->set(array_replace_recursive(
+        $config->get(null),
+        require __DIR__ . '/../config/config.php'
+    ));
+}
+
+date_default_timezone_set($config->get('timezone'));
+
+
+/**
+ * Check for maintenance
+ */
+if ($config->get('maintenance')) {
+    echo file_get_contents(__DIR__ . '/../public/maintenance.html');
+    die();
+}
+
+
+/**
+ * Register error handler
+ */
+$errorHandler = new ExceptionHandler();
+if (config('environment') == 'development') {
+    $errorHandler->setEnvironment(ExceptionHandler::ENV_DEVELOPMENT);
+    ini_set('display_errors', true);
+    error_reporting(E_ALL);
+} else {
+    ini_set('display_errors', false);
+}
+
+
+/**
+ * Connect to database
+ */
+Db::connect(
+    'mysql:host=' . config('database')['host'] . ';dbname=' . config('database')['db'] . ';charset=utf8',
+    config('database')['user'],
+    config('database')['pw']
+) || die('Error: Unable to connect to database');
+Db::getPdo()->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+Db::getPdo()->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
+
+
+/**
+ * Include legacy code
+ */
 require_once realpath(__DIR__ . '/../includes/sys_auth.php');
 require_once realpath(__DIR__ . '/../includes/sys_form.php');
 require_once realpath(__DIR__ . '/../includes/sys_log.php');
@@ -63,16 +127,6 @@ require_once realpath(__DIR__ . '/../includes/helper/email_helper.php');
 require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php');
 require_once realpath(__DIR__ . '/../includes/mailer/users_mailer.php');
 
-require_once realpath(__DIR__ . '/../config/config.default.php');
-if (file_exists(realpath(__DIR__ . '/../config/config.php'))) {
-  require_once realpath(__DIR__ . '/../config/config.php');
-}
-
-if ($maintenance_mode) {
-  echo file_get_contents(__DIR__ . '/../public/maintenance.html');
-  die();
-}
-
 require_once realpath(__DIR__ . '/../includes/pages/admin_active.php');
 require_once realpath(__DIR__ . '/../includes/pages/admin_arrive.php');
 require_once realpath(__DIR__ . '/../includes/pages/admin_free.php');
@@ -91,14 +145,12 @@ require_once realpath(__DIR__ . '/../includes/pages/user_questions.php');
 require_once realpath(__DIR__ . '/../includes/pages/user_settings.php');
 require_once realpath(__DIR__ . '/../includes/pages/user_shifts.php');
 
-require_once realpath(__DIR__ . '/../vendor/parsedown/Parsedown.php');
 
+/**
+ * Init application
+ */
 session_start();
 
 gettext_init();
 
-sql_connect($config['host'], $config['user'], $config['pw'], $config['db']);
-
 load_auth();
-
-?>

includes/helper/email_helper.php

@@ -1,26 +1,50 @@
 <?php
 
-function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_its_me = false) {
-  global $user;
-  
-  if ($not_if_its_me && $user['UID'] == $recipient_user['UID']) {
+/**
+ * @param array  $recipient_user
+ * @param string $title
+ * @param string $message
+ * @param bool   $not_if_its_me
+ * @return bool
+ */
+function engelsystem_email_to_user($recipient_user, $title, $message, $not_if_its_me = false)
+{
+    global $user;
+
+    if ($not_if_its_me && $user['UID'] == $recipient_user['UID']) {
+        return true;
+    }
+
+    gettext_locale($recipient_user['Sprache']);
+
+    $message = sprintf(_('Hi %s,'), $recipient_user['Nick']) . "\n\n"
+        . _('here is a message for you from the engelsystem:') . "\n\n"
+        . $message . "\n\n"
+        . _('This email is autogenerated and has not to be signed. You got this email because you are registered in the engelsystem.');
+
+    gettext_locale();
+
+    return engelsystem_email($recipient_user['email'], $title, $message);
+}
+
+/**
+ * @param string $address
+ * @param string $title
+ * @param string $message
+ * @return bool
+ */
+function engelsystem_email($address, $title, $message)
+{
+    $result = mail(
+        $address,
+        $title,
+        $message,
+        "Content-Type: text/plain; charset=UTF-8\r\nFrom: Engelsystem <noreply@engelsystem.de>"
+    );
+
+    if ($result === false) {
+        engelsystem_error('Unable to send email.');
+    }
+
     return true;
-  }
-  
-  gettext_locale($recipient_user['Sprache']);
-  
-  $message = sprintf(_("Hi %s,"), $recipient_user['Nick']) . "\n\n" . _("here is a message for you from the engelsystem:") . "\n\n" . $message . "\n\n" . _("This email is autogenerated and has not to be signed. You got this email because you are registered in the engelsystem.");
-  
-  gettext_locale();
-  return engelsystem_email($recipient_user['email'], $title, $message);
 }
-
-function engelsystem_email($address, $title, $message) {
-  global $no_reply_email;
-  $result = mail($address, $title, $message, sprintf("Content-Type: text/plain; charset=UTF-8\r\nFrom: Engelsystem <%s>", $no_reply_email));
-  if ($result === false) {
-    engelsystem_error('Unable to send email.');
-  }
-}
-
-?>

includes/helper/error_helper.php

@@ -5,8 +5,7 @@
  *
  * @param string $message
  */
-function engelsystem_error($message) {
-  raw_output($message);
+function engelsystem_error($message)
+{
+    raw_output($message);
 }
-
-?>

includes/helper/graph_helper.php

@@ -2,40 +2,42 @@
 
 /**
  * Renders a bargraph
- * @param string $key keyname of the x-axis
- * @param array $row_names keynames for the data rows
- * @param unknown $colors colors for the data rows
- * @param unknown $data the data
+ *
+ * @param string $dom_id
+ * @param string $key       key name of the x-axis
+ * @param array  $row_names key names for the data rows
+ * @param array  $colors    colors for the data rows
+ * @param array  $data      the data
+ * @return string
  */
-function bargraph($dom_id, $key, $row_names, $colors, $data) {
-  $labels = [];
-  foreach ($data as $dataset) {
-    $labels[] = $dataset[$key];
-  }
-  
-  $datasets = [];
-  foreach ($row_names as $row_key => $name) {
-    $values = [];
+function bargraph($dom_id, $key, $row_names, $colors, $data)
+{
+    $labels = [];
     foreach ($data as $dataset) {
-      $values[] = $dataset[$row_key];
+        $labels[] = $dataset[$key];
     }
-    $datasets[] = [
-        'label' => $name,
-        'fillColor' => $colors[$row_key],
-        'data' => $values 
-    ];
-  }
-  
-  return '<canvas id="' . $dom_id . '" style="width: 100%; height: 300px;"></canvas>
+
+    $datasets = [];
+    foreach ($row_names as $row_key => $name) {
+        $values = [];
+        foreach ($data as $dataset) {
+            $values[] = $dataset[$row_key];
+        }
+        $datasets[] = [
+            'label'     => $name,
+            'fillColor' => $colors[$row_key],
+            'data'      => $values
+        ];
+    }
+
+    return '<canvas id="' . $dom_id . '" style="width: 100%; height: 300px;"></canvas>
       <script type="text/javascript">
       $(function(){
         var ctx = $("#' . $dom_id . '").get(0).getContext("2d");
         var chart = new Chart(ctx).Bar(' . json_encode([
-      'labels' => $labels,
-      'datasets' => $datasets 
-  ]) . ');
+            'labels'   => $labels,
+            'datasets' => $datasets
+        ]) . ');
       });
       </script>';
 }
-
-?>

includes/helper/internationalization_helper.php

@@ -1,71 +1,76 @@
 <?php
-$locales = [
-    'de_DE.UTF-8' => "Deutsch",
-    'en_US.UTF-8' => "English" 
-];
-
-$default_locale = 'en_US.UTF-8';
 
 /**
  * Return currently active locale
+ *
+ * @return string
  */
-function locale() {
-  return $_SESSION['locale'];
+function locale()
+{
+    return $_SESSION['locale'];
 }
 
 /**
  * Returns two letter language code from currently active locale
+ *
+ * @return string
  */
-function locale_short() {
-  return substr(locale(), 0, 2);
+function locale_short()
+{
+    return substr(locale(), 0, 2);
 }
 
 /**
  * Initializes gettext for internationalization and updates the sessions locale to use for translation.
  */
-function gettext_init() {
-  global $locales, $default_locale;
+function gettext_init()
+{
+    $locales = config('locales');
+    $default_locale = config('default_locale');
 
-  if (isset($_REQUEST['set_locale']) && isset($locales[$_REQUEST['set_locale']])) {
-    $_SESSION['locale'] = $_REQUEST['set_locale'];
-  } elseif (! isset($_SESSION['locale'])) {
-    $_SESSION['locale'] = $default_locale;
-  }
+    if (isset($_REQUEST['set_locale']) && isset($locales[$_REQUEST['set_locale']])) {
+        $_SESSION['locale'] = $_REQUEST['set_locale'];
+    } elseif (!isset($_SESSION['locale'])) {
+        $_SESSION['locale'] = $default_locale;
+    }
 
-  gettext_locale();
-  bindtextdomain('default', realpath(__DIR__ . '/../../locale'));
-  bind_textdomain_codeset('default', 'UTF-8');
-  textdomain('default');
+    gettext_locale();
+    bindtextdomain('default', realpath(__DIR__ . '/../../locale'));
+    bind_textdomain_codeset('default', 'UTF-8');
+    textdomain('default');
 }
 
 /**
  * Swich gettext locale.
  *
- * @param string $locale          
+ * @param string $locale
  */
-function gettext_locale($locale = null) {
-  if ($locale == null) {
-    $locale = $_SESSION['locale'];
-  }
-  
-  putenv('LC_ALL=' . $locale);
-  setlocale(LC_ALL, $locale);
+function gettext_locale($locale = null)
+{
+    if ($locale == null) {
+        $locale = $_SESSION['locale'];
+    }
+
+    putenv('LC_ALL=' . $locale);
+    setlocale(LC_ALL, $locale);
 }
 
 /**
  * Renders language selection.
  *
- * @return string
+ * @return array
  */
-function make_langselect() {
-  global $locales;
-  $URL = $_SERVER["REQUEST_URI"] . (strpos($_SERVER["REQUEST_URI"], "?") > 0 ? '&' : '?') . "set_locale=";
-  
-  $items = [];
-  foreach ($locales as $locale => $name) {
-    $items[] = toolbar_item_link(htmlspecialchars($URL) . $locale, '', '<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name);
-  }
-  return $items;
-}
+function make_langselect()
+{
+    $url = $_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') > 0 ? '&' : '?') . 'set_locale=';
 
-?>
+    $items = [];
+    foreach (config('locales') as $locale => $name) {
+        $items[] = toolbar_item_link(
+            htmlspecialchars($url) . $locale,
+            '',
+            '<img src="pic/flag/' . $locale . '.png" alt="' . $name . '" title="' . $name . '"> ' . $name
+        );
+    }
+    return $items;
+}

includes/helper/message_helper.php

@@ -2,52 +2,76 @@
 
 /**
  * Gibt zwischengespeicherte Fehlermeldungen zurück und löscht den Zwischenspeicher
+ *
+ * @return string
  */
-function msg() {
-  if (! isset($_SESSION['msg'])) {
-    return "";
-  }
-  $msg = $_SESSION['msg'];
-  $_SESSION['msg'] = "";
-  return $msg;
+function msg()
+{
+    if (!isset($_SESSION['msg'])) {
+        return '';
+    }
+    $msg = $_SESSION['msg'];
+    $_SESSION['msg'] = '';
+    return $msg;
 }
 
 /**
  * Rendert eine Information
+ *
+ * @param string $msg
+ * @param bool   $immediately
+ * @return string
  */
-function info($msg, $immediatly = false) {
-  return alert('info', $msg, $immediatly);
+function info($msg, $immediately = false)
+{
+    return alert('info', $msg, $immediately);
 }
 
 /**
  * Rendert eine Fehlermeldung
+ *
+ * @param string $msg
+ * @param bool   $immediately
+ * @return string
  */
-function error($msg, $immediatly = false) {
-  return alert('danger', $msg, $immediatly);
+function error($msg, $immediately = false)
+{
+    return alert('danger', $msg, $immediately);
 }
 
 /**
  * Rendert eine Erfolgsmeldung
+ *
+ * @param string $msg
+ * @param bool   $immediately
+ * @return string
  */
-function success($msg, $immediatly = false) {
-  return alert('success', $msg, $immediatly);
+function success($msg, $immediately = false)
+{
+    return alert('success', $msg, $immediately);
 }
 
 /**
  * Renders an alert with given alert-* class.
+ *
+ * @param string $class
+ * @param string $msg
+ * @param bool   $immediately
+ * @return string|null
  */
-function alert($class, $msg, $immediatly = false) {
-  if ($immediatly) {
-    if ($msg == "") {
-      return "";
+function alert($class, $msg, $immediately = false)
+{
+    if ($immediately) {
+        if ($msg == '') {
+            return '';
+        }
+        return '<div class="alert alert-' . $class . '">' . $msg . '</div>';
     }
-    return '<div class="alert alert-' . $class . '">' . $msg . '</div>';
-  }
-  
-  if (! isset($_SESSION['msg'])) {
-    $_SESSION['msg'] = "";
-  }
-  $_SESSION['msg'] .= alert($class, $msg, true);
-}
 
-?>
+    if (!isset($_SESSION['msg'])) {
+        $_SESSION['msg'] = '';
+    }
+    $_SESSION['msg'] .= alert($class, $msg, true);
+
+    return null;
+}

includes/mailer/shifts_mailer.php

@@ -1,104 +1,129 @@
 <?php
 
-function mail_shift_change($old_shift, $new_shift) {
-  $users = ShiftEntries_by_shift($old_shift["SID"]);
-  $old_room = Room($old_shift["RID"]);
-  $new_room = Room($new_shift["RID"]);
-  
-  $noticable_changes = false;
-  
-  $message = _("A Shift you are registered on has changed:");
-  $message .= "\n";
-  
-  if ($old_shift["name"] != $new_shift["name"]) {
-    $message .= sprintf(_("* Shift type changed from %s to %s"), $old_shift["name"], $new_shift["name"]) . "\n";
-    $noticable_changes = true;
-  }
-  
-  if ($old_shift["title"] != $new_shift["title"]) {
-    $message .= sprintf(_("* Shift title changed from %s to %s"), $old_shift["title"], $new_shift["title"]) . "\n";
-    $noticable_changes = true;
-  }
-  
-  if ($old_shift["start"] != $new_shift["start"]) {
-    $message .= sprintf(_("* Shift Start changed from %s to %s"), date("Y-m-d H:i", $old_shift["start"]), date("Y-m-d H:i", $new_shift["start"])) . "\n";
-    $noticable_changes = true;
-  }
-  
-  if ($old_shift["end"] != $new_shift["end"]) {
-    $message .= sprintf(_("* Shift End changed from %s to %s"), date("Y-m-d H:i", $old_shift["end"]), date("Y-m-d H:i", $new_shift["end"])) . "\n";
-    $noticable_changes = true;
-  }
-  
-  if ($old_shift["RID"] != $new_shift["RID"]) {
-    $message .= sprintf(_("* Shift Location changed from %s to %s"), $old_room["Name"], $new_room["Name"]) . "\n";
-    $noticable_changes = true;
-  }
-  
-  if (! $noticable_changes) {
-    // There are no changes worth sending an E-Mail
-    return;
-  }
-  
-  $message .= "\n";
-  $message .= _("The updated Shift:") . "\n";
-  
-  $message .= $new_shift["name"] . "\n";
-  $message .= $new_shift["title"] . "\n";
-  $message .= date("Y-m-d H:i", $new_shift["start"]) . " - " . date("H:i", $new_shift["end"]) . "\n";
-  $message .= $new_room["Name"] . "\n";
-  
-  foreach ($users as $user) {
-    if ($user["email_shiftinfo"]) {
-      engelsystem_email_to_user($user, '[engelsystem] ' . _("Your Shift has changed"), $message, true);
+/**
+ * @param array $old_shift
+ * @param array $new_shift
+ */
+function mail_shift_change($old_shift, $new_shift)
+{
+    $users = ShiftEntries_by_shift($old_shift['SID']);
+    $old_room = Room($old_shift['RID']);
+    $new_room = Room($new_shift['RID']);
+
+    $noticeable_changes = false;
+
+    $message = _('A Shift you are registered on has changed:');
+    $message .= "\n";
+
+    if ($old_shift['name'] != $new_shift['name']) {
+        $message .= sprintf(_('* Shift type changed from %s to %s'), $old_shift['name'], $new_shift['name']) . "\n";
+        $noticeable_changes = true;
     }
-  }
-}
 
-function mail_shift_delete($shift) {
-  $users = ShiftEntries_by_shift($shift["SID"]);
-  $room = Room($shift["RID"]);
-  
-  $message = _("A Shift you are registered on was deleted:") . "\n";
-  
-  $message .= $shift["name"] . "\n";
-  $message .= $shift["title"] . "\n";
-  $message .= date("Y-m-d H:i", $shift["start"]) . " - " . date("H:i", $shift["end"]) . "\n";
-  $message .= $room["Name"] . "\n";
-  
-  foreach ($users as $user) {
-    if ($user["email_shiftinfo"]) {
-      engelsystem_email_to_user($user, '[engelsystem] ' . _("Your Shift was deleted"), $message, true);
+    if ($old_shift['title'] != $new_shift['title']) {
+        $message .= sprintf(_('* Shift title changed from %s to %s'), $old_shift['title'], $new_shift['title']) . "\n";
+        $noticeable_changes = true;
+    }
+
+    if ($old_shift['start'] != $new_shift['start']) {
+        $message .= sprintf(
+                _('* Shift Start changed from %s to %s'),
+                date('Y-m-d H:i', $old_shift['start']),
+                date('Y-m-d H:i', $new_shift['start'])
+            ) . "\n";
+        $noticeable_changes = true;
+    }
+
+    if ($old_shift['end'] != $new_shift['end']) {
+        $message .= sprintf(
+                _('* Shift End changed from %s to %s'),
+                date('Y-m-d H:i', $old_shift['end']),
+                date('Y-m-d H:i', $new_shift['end'])
+            ) . "\n";
+        $noticeable_changes = true;
+    }
+
+    if ($old_shift['RID'] != $new_shift['RID']) {
+        $message .= sprintf(_('* Shift Location changed from %s to %s'), $old_room['Name'], $new_room['Name']) . "\n";
+        $noticeable_changes = true;
+    }
+
+    if (!$noticeable_changes) {
+        // There are no changes worth sending an E-Mail
+        return;
+    }
+
+    $message .= "\n";
+    $message .= _('The updated Shift:') . "\n";
+
+    $message .= $new_shift['name'] . "\n";
+    $message .= $new_shift['title'] . "\n";
+    $message .= date('Y-m-d H:i', $new_shift['start']) . ' - ' . date('H:i', $new_shift['end']) . "\n";
+    $message .= $new_room['Name'] . "\n";
+
+    foreach ($users as $user) {
+        if ($user['email_shiftinfo']) {
+            engelsystem_email_to_user($user, '[engelsystem] ' . _('Your Shift has changed'), $message, true);
+        }
     }
-  }
 }
 
-function mail_shift_assign($user, $shift) {
-  if ($user["email_shiftinfo"]) {
-    $room = Room($shift["RID"]);
-    
-    $message = _("You have been assigned to a Shift:") . "\n";
-    $message .= $shift["name"] . "\n";
-    $message .= $shift["title"] . "\n";
-    $message .= date("Y-m-d H:i", $shift["start"]) . " - " . date("H:i", $shift["end"]) . "\n";
-    $message .= $room["Name"] . "\n";
-    
-    engelsystem_email_to_user($user, '[engelsystem] ' . _("Assigned to Shift"), $message, true);
-  }
+/**
+ * @param array $shift
+ */
+function mail_shift_delete($shift)
+{
+    $users = ShiftEntries_by_shift($shift['SID']);
+    $room = Room($shift['RID']);
+
+    $message = _('A Shift you are registered on was deleted:') . "\n";
+
+    $message .= $shift['name'] . "\n";
+    $message .= $shift['title'] . "\n";
+    $message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
+    $message .= $room['Name'] . "\n";
+
+    foreach ($users as $user) {
+        if ($user['email_shiftinfo']) {
+            engelsystem_email_to_user($user, '[engelsystem] ' . _('Your Shift was deleted'), $message, true);
+        }
+    }
 }
 
-function mail_shift_removed($user, $shift) {
-  if ($user["email_shiftinfo"]) {
-    $room = Room($shift["RID"]);
-    
-    $message = _("You have been removed from a Shift:") . "\n";
-    $message .= $shift["name"] . "\n";
-    $message .= $shift["title"] . "\n";
-    $message .= date("Y-m-d H:i", $shift["start"]) . " - " . date("H:i", $shift["end"]) . "\n";
-    $message .= $room["Name"] . "\n";
-    
-    engelsystem_email_to_user($user, '[engelsystem] ' . _("Removed from Shift"), $message, true);
-  }
+/**
+ * @param array $user
+ * @param array $shift
+ */
+function mail_shift_assign($user, $shift)
+{
+    if (!$user['email_shiftinfo']) {
+        return;
+    }
+
+    $room = Room($shift['RID']);
+
+    $message = _('You have been assigned to a Shift:') . "\n";
+    $message .= $shift['name'] . "\n";
+    $message .= $shift['title'] . "\n";
+    $message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
+    $message .= $room['Name'] . "\n";
+
+    engelsystem_email_to_user($user, '[engelsystem] ' . _('Assigned to Shift'), $message, true);
 }
 
-?>
+function mail_shift_removed($user, $shift)
+{
+    if (!$user['email_shiftinfo']) {
+        return;
+    }
+
+    $room = Room($shift['RID']);
+
+    $message = _('You have been removed from a Shift:') . "\n";
+    $message .= $shift['name'] . "\n";
+    $message .= $shift['title'] . "\n";
+    $message .= date('Y-m-d H:i', $shift['start']) . ' - ' . date('H:i', $shift['end']) . "\n";
+    $message .= $room['Name'] . "\n";
+
+    engelsystem_email_to_user($user, '[engelsystem] ' . _('Removed from Shift'), $message, true);
+}

includes/mailer/users_mailer.php

@@ -1,9 +1,14 @@
 <?php
 
 /**
- * @param User $user_source
+ * @param array $user
+ * @return bool
  */
-function mail_user_delete($user) {
-  engelsystem_email_to_user($user, '[engelsystem] ' . _("Your account has been deleted"), _("Your angelsystem account has been deleted. If you have any questions regarding your account deletion, please contact heaven."));
+function mail_user_delete($user)
+{
+    return engelsystem_email_to_user(
+        $user,
+        '[engelsystem] ' . _('Your account has been deleted'),
+        _('Your angelsystem account has been deleted. If you have any questions regarding your account deletion, please contact heaven.')
+    );
 }
-?>

includes/model/AngelType_model.php

@@ -1,236 +1,298 @@
 <?php
+
+use Engelsystem\Database\DB;
 use Engelsystem\ValidationResult;
 
 /**
  * Returns an array containing the basic attributes of angeltypes.
  * FIXME! This is the big sign for needing entity objects
  */
-function AngelType_new() {
-  return [
-      'id' => null,
-      'name' => "",
-      'restricted' => false,
-      'no_self_signup' => false,
-      'description' => '',
-      'requires_driver_license' => false,
-      'contact_user_id' => null,
-      'contact_name' => null,
-      'contact_dect' => null,
-      'contact_email' => null 
-  ];
+function AngelType_new()
+{
+    return [
+        'id'                      => null,
+        'name'                    => '',
+        'restricted'              => false,
+        'no_self_signup'          => false,
+        'description'             => '',
+        'requires_driver_license' => false,
+        'contact_user_id'         => null,
+        'contact_name'            => null,
+        'contact_dect'            => null,
+        'contact_email'           => null
+    ];
 }
 
 /**
  * Validates the contact user
  *
- * @param Angeltype $angeltype
- *          The angeltype
+ * @param array $angeltype The angeltype
  * @return ValidationResult
  */
-function AngelType_validate_contact_user_id($angeltype) {
-  if (! isset($angeltype['contact_user_id'])) {
-    return new ValidationResult(true, null);
-  }
-  if (isset($angeltype['contact_name']) || isset($angeltype['contact_dect']) || isset($angeltype['contact_email'])) {
-    return new ValidationResult(false, $angeltype['contact_user_id']);
-  }
-  if (User($angeltype['contact_user_id']) == null) {
-    return new ValidationResult(false, $angeltype['contact_user_id']);
-  }
-  return new ValidationResult(true, $angeltype['contact_user_id']);
+function AngelType_validate_contact_user_id($angeltype)
+{
+    if (!isset($angeltype['contact_user_id'])) {
+        return new ValidationResult(true, null);
+    }
+    if (isset($angeltype['contact_name']) || isset($angeltype['contact_dect']) || isset($angeltype['contact_email'])) {
+        return new ValidationResult(false, $angeltype['contact_user_id']);
+    }
+    if (User($angeltype['contact_user_id']) == null) {
+        return new ValidationResult(false, $angeltype['contact_user_id']);
+    }
+    return new ValidationResult(true, $angeltype['contact_user_id']);
 }
 
 /**
  * Returns contact data (name, dect, email) for given angeltype or null
  *
- * @param Angeltype $angeltype
- *          The angeltype
+ * @param array $angeltype The angeltype
+ * @return array|null
  */
-function AngelType_contact_info($angeltype) {
-  if (isset($angeltype['contact_user_id'])) {
-    $contact_user = User($angeltype['contact_user_id']);
-    $contact_data = [
-        'contact_name' => $contact_user['Nick'],
-        'contact_dect' => $contact_user['DECT'] 
-    ];
-    if ($contact_user['email_by_human_allowed']) {
-      $contact_data['contact_email'] = $contact_user['email'];
+function AngelType_contact_info($angeltype)
+{
+    if (isset($angeltype['contact_user_id'])) {
+        $contact_user = User($angeltype['contact_user_id']);
+        $contact_data = [
+            'contact_name' => $contact_user['Nick'],
+            'contact_dect' => $contact_user['DECT']
+        ];
+        if ($contact_user['email_by_human_allowed']) {
+            $contact_data['contact_email'] = $contact_user['email'];
+        }
+        return $contact_data;
     }
-    return $contact_data;
-  }
-  if (isset($angeltype['contact_name'])) {
-    return [
-        'contact_name' => $angeltype['contact_name'],
-        'contact_dect' => $angeltype['contact_dect'],
-        'contact_email' => $angeltype['contact_email'] 
-    ];
-  }
-  return null;
+    if (isset($angeltype['contact_name'])) {
+        return [
+            'contact_name'  => $angeltype['contact_name'],
+            'contact_dect'  => $angeltype['contact_dect'],
+            'contact_email' => $angeltype['contact_email']
+        ];
+    }
+
+    return null;
 }
 
 /**
  * Delete an Angeltype.
  *
- * @param Angeltype $angeltype          
+ * @param array $angeltype
+ * @return bool
  */
-function AngelType_delete($angeltype) {
-  $result = sql_query("
-      DELETE FROM `AngelTypes` 
-      WHERE `id`='" . sql_escape($angeltype['id']) . "' 
-      LIMIT 1");
-  if ($result === false) {
-    engelsystem_error("Unable to delete angeltype.");
-  }
-  engelsystem_log("Deleted angeltype: " . AngelType_name_render($angeltype));
-  return $result;
+function AngelType_delete($angeltype)
+{
+    $result = DB::delete('
+      DELETE FROM `AngelTypes`
+      WHERE `id`=?
+      LIMIT 1
+    ', [$angeltype['id']]);
+    if (is_null($result)) {
+        engelsystem_error('Unable to delete angeltype.');
+    }
+    engelsystem_log('Deleted angeltype: ' . AngelType_name_render($angeltype));
+    return true;
 }
 
 /**
  * Update Angeltype.
  *
- * @param Angeltype $angeltype
- *          The angeltype
+ * @param array $angeltype The angeltype
+ * @return bool
  */
-function AngelType_update($angeltype) {
-  $result = sql_query("
-      UPDATE `AngelTypes` SET 
-      `name`='" . sql_escape($angeltype['name']) . "', 
-      `restricted`=" . sql_bool($angeltype['restricted']) . ",
-      `description`='" . sql_escape($angeltype['description']) . "',
-      `requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ",
-      `no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . ",
-      `contact_user_id`=" . sql_null($angeltype['contact_user_id']) . ",
-      `contact_name`=" . sql_null($angeltype['contact_name']) . ",
-      `contact_dect`=" . sql_null($angeltype['contact_dect']) . ",
-      `contact_email`=" . sql_null($angeltype['contact_email']) . "
-      WHERE `id`='" . sql_escape($angeltype['id']) . "'");
-  if ($result === false) {
-    engelsystem_error("Unable to update angeltype.");
-  }
-  engelsystem_log("Updated angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['no_self_signup'] ? ", no_self_signup" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : ""));
-  return $result;
+function AngelType_update($angeltype)
+{
+    $result = DB::update('
+          UPDATE `AngelTypes` SET
+          `name` = ?,
+          `restricted` = ?,
+          `description` = ?,
+          `requires_driver_license` = ?,
+          `no_self_signup` = ?,
+          `contact_user_id` = ?,
+          `contact_name` = ?,
+          `contact_dect` = ?,
+          `contact_email` = ?
+          WHERE `id` = ?',
+        [
+            $angeltype['name'],
+            $angeltype['restricted'],
+            $angeltype['description'],
+            $angeltype['requires_driver_license'],
+            $angeltype['no_self_signup'],
+            $angeltype['contact_user_id'],
+            $angeltype['contact_name'],
+            $angeltype['contact_dect'],
+            $angeltype['contact_email'],
+            $angeltype['id'],
+        ]
+    );
+    if (is_null($result)) {
+        engelsystem_error('Unable to update angeltype.');
+    }
+    engelsystem_log(
+        'Updated angeltype: ' . $angeltype['name'] . ($angeltype['restricted'] ? ', restricted' : '')
+        . ($angeltype['no_self_signup'] ? ', no_self_signup' : '')
+        . ($angeltype['requires_driver_license'] ? ', requires driver license' : '')
+    );
+    return true;
 }
 
 /**
  * Create an Angeltype.
  *
- * @param Angeltype $angeltype
- *          The angeltype
- * @return the created angeltype
+ * @param array $angeltype The angeltype
+ * @return array the created angeltype
  */
-function AngelType_create($angeltype) {
-  $result = sql_query("
-      INSERT INTO `AngelTypes` SET 
-      `name`='" . sql_escape($angeltype['name']) . "', 
-      `restricted`=" . sql_bool($angeltype['restricted']) . ",
-      `description`='" . sql_escape($angeltype['description']) . "',
-			`requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ",
-			`no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . ",
-      `contact_user_id`=" . sql_null($angeltype['contact_user_id']) . ",
-      `contact_name`=" . sql_null($angeltype['contact_name']) . ",
-      `contact_dect`=" . sql_null($angeltype['contact_dect']) . ",
-      `contact_email`=" . sql_null($angeltype['contact_email']));
-  if ($result === false) {
-    engelsystem_error("Unable to create angeltype.");
-  }
-  $angeltype['id'] = sql_id();
-  engelsystem_log("Created angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : ""));
-  return $angeltype;
+function AngelType_create($angeltype)
+{
+    $result = DB::insert('
+          INSERT INTO `AngelTypes` (
+              `name`,
+              `restricted`,
+              `description`,
+              `requires_driver_license`,
+              `no_self_signup`,
+              `contact_user_id`,
+              `contact_name`,
+              `contact_dect`,
+              `contact_email`
+          )
+          VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+        ',
+        [
+            $angeltype['name'],
+            (bool)$angeltype['restricted'],
+            $angeltype['description'],
+            (bool)$angeltype['requires_driver_license'],
+            (bool)$angeltype['no_self_signup'],
+            $angeltype['contact_user_id'],
+            $angeltype['contact_name'],
+            $angeltype['contact_dect'],
+            $angeltype['contact_email'],
+        ]
+    );
+    if (is_null($result)) {
+        engelsystem_error('Unable to create angeltype.');
+    }
+    $angeltype['id'] = DB::getPdo()->lastInsertId();
+    engelsystem_log(
+        'Created angeltype: ' . $angeltype['name']
+        . ($angeltype['restricted'] ? ', restricted' : '')
+        . ($angeltype['requires_driver_license'] ? ', requires driver license' : '')
+    );
+    return $angeltype;
 }
 
 /**
  * Validates a name for angeltypes.
  * Returns ValidationResult containing validation success and validated name.
  *
- * @param string $name
- *          Wanted name for the angeltype
- * @param AngelType $angeltype
- *          The angeltype the name is for
+ * @param string $name      Wanted name for the angeltype
+ * @param array  $angeltype The angeltype the name is for
+ *
  * @return ValidationResult result and validated name
  */
-function AngelType_validate_name($name, $angeltype) {
-  $name = strip_item($name);
-  if ($name == "") {
-    return new ValidationResult(false, "");
-  }
-  if ($angeltype != null && isset($angeltype['id'])) {
-    $valid = sql_num_query("
-        SELECT * 
-        FROM `AngelTypes` 
-        WHERE `name`='" . sql_escape($name) . "' 
-        AND NOT `id`='" . sql_escape($angeltype['id']) . "'
-        LIMIT 1") == 0;
+function AngelType_validate_name($name, $angeltype)
+{
+    $name = strip_item($name);
+    if ($name == '') {
+        return new ValidationResult(false, '');
+    }
+    if ($angeltype != null && isset($angeltype['id'])) {
+        $valid = (count(DB::select('
+            SELECT `id`
+            FROM `AngelTypes`
+            WHERE `name`=?
+            AND NOT `id`=?
+            LIMIT 1
+        ', [$name, $angeltype['id']])) == 0);
+        return new ValidationResult($valid, $name);
+    }
+    $valid = (count(DB::select('
+        SELECT `id`
+        FROM `AngelTypes`
+        WHERE `name`=?
+        LIMIT 1', [$name])) == 0);
     return new ValidationResult($valid, $name);
-  }
-  $valid = sql_num_query("
-        SELECT `id` 
-        FROM `AngelTypes` 
-        WHERE `name`='" . sql_escape($name) . "' 
-        LIMIT 1") == 0;
-  return new ValidationResult($valid, $name);
 }
 
 /**
  * Returns all angeltypes and subscription state to each of them for given user.
  *
- * @param User $user          
+ * @param array $user
+ * @return array
  */
-function AngelTypes_with_user($user) {
-  $result = sql_select("
-      SELECT `AngelTypes`.*, 
-      `UserAngelTypes`.`id` as `user_angeltype_id`,
+function AngelTypes_with_user($user)
+{
+    $result = DB::select('
+      SELECT `AngelTypes`.*,
+      `UserAngelTypes`.`id` AS `user_angeltype_id`,
       `UserAngelTypes`.`confirm_user_id`,
       `UserAngelTypes`.`supporter`
-      FROM `AngelTypes` 
-      LEFT JOIN `UserAngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id` 
-      AND `UserAngelTypes`.`user_id`=" . $user['UID'] . "
-      ORDER BY `name`");
-  if ($result === false) {
-    engelsystem_error("Unable to load angeltypes.");
-  }
-  return $result;
+      FROM `AngelTypes`
+      LEFT JOIN `UserAngelTypes` ON `AngelTypes`.`id`=`UserAngelTypes`.`angeltype_id`
+      AND `UserAngelTypes`.`user_id` = ?
+      ORDER BY `name`', [$user['UID']]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load angeltypes.');
+    }
+    return $result;
 }
 
 /**
  * Returns all angeltypes.
+ *
+ * @return array
  */
-function AngelTypes() {
-  $result = sql_select("
-      SELECT * 
-      FROM `AngelTypes` 
-      ORDER BY `name`");
-  if ($result === false) {
-    engelsystem_error("Unable to load angeltypes.");
-  }
-  return $result;
+function AngelTypes()
+{
+    $result = DB::select('
+      SELECT *
+      FROM `AngelTypes`
+      ORDER BY `name`');
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load angeltypes.');
+    }
+    return $result;
 }
 
 /**
  * Returns AngelType id array
+ *
+ * @return array
  */
-function AngelType_ids() {
-  $result = sql_select("SELECT `id` FROM `AngelTypes`");
-  if ($result === false) {
-    engelsystem_error("Unable to load angeltypes.");
-  }
-  return select_array($result, 'id', 'id');
+function AngelType_ids()
+{
+    $result = DB::select('SELECT `id` FROM `AngelTypes`');
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load angeltypes.');
+    }
+    return select_array($result, 'id', 'id');
 }
 
 /**
  * Returns angelType by id.
  *
- * @param $angeltype_id angelType
- *          ID
+ * @param int $angeltype_id angelType ID
+ * @return array|null
  */
-function AngelType($angeltype_id) {
-  $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "'");
-  if ($angelType_source === false) {
-    engelsystem_error("Unable to load angeltype.");
-  }
-  if (count($angelType_source) > 0) {
-    return $angelType_source[0];
-  }
-  return null;
-}
+function AngelType($angeltype_id)
+{
+    $angelType_source = DB::select(
+        'SELECT * FROM `AngelTypes` WHERE `id`=?',
+        [$angeltype_id]
+    );
 
-?>
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load angeltype.');
+    }
+
+    if (empty($angelType_source)) {
+        return null;
+    }
+
+    return array_shift($angelType_source);
+}

includes/model/EventConfig_model.php

@@ -1,46 +1,85 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Get event config.
+ *
+ * @return array|null
  */
-function EventConfig() {
-  $event_config = sql_select("SELECT * FROM `EventConfig` LIMIT 1");
-  if ($event_config === false) {
-    engelsystem_error("Unable to load event config.");
-    return false;
-  }
-  if (count($event_config) > 0) {
-    return $event_config[0];
-  }
-  return null;
+function EventConfig()
+{
+    $event_config = DB::select('SELECT * FROM `EventConfig` LIMIT 1');
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load event config.');
+        return null;
+    }
+
+    if (empty($event_config)) {
+        return null;
+    }
+
+    return array_shift($event_config);
 }
 
 /**
  * Update event config.
  *
- * @param string $event_name          
- * @param int $buildup_start_date          
- * @param int $event_start_date          
- * @param int $event_end_date          
- * @param int $teardown_end_date          
- * @param string $event_welcome_msg          
+ * @param string $event_name
+ * @param int    $buildup_start_date
+ * @param int    $event_start_date
+ * @param int    $event_end_date
+ * @param int    $teardown_end_date
+ * @param string $event_welcome_msg
+ * @return bool
  */
-function EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg) {
-  if (EventConfig() == null) {
-    return sql_query("INSERT INTO `EventConfig` SET
-      `event_name`=" . sql_null($event_name) . ",
-      `buildup_start_date`=" . sql_null($buildup_start_date) . ",
-      `event_start_date`=" . sql_null($event_start_date) . ",
-      `event_end_date`=" . sql_null($event_end_date) . ",
-      `teardown_end_date`=" . sql_null($teardown_end_date) . ",
-      `event_welcome_msg`=" . sql_null($event_welcome_msg));
-  }
-  return sql_query("UPDATE `EventConfig` SET
-      `event_name`=" . sql_null($event_name) . ", 
-      `buildup_start_date`=" . sql_null($buildup_start_date) . ",
-      `event_start_date`=" . sql_null($event_start_date) . ",
-      `event_end_date`=" . sql_null($event_end_date) . ",
-      `teardown_end_date`=" . sql_null($teardown_end_date) . ",        
-      `event_welcome_msg`=" . sql_null($event_welcome_msg));
+function EventConfig_update(
+    $event_name,
+    $buildup_start_date,
+    $event_start_date,
+    $event_end_date,
+    $teardown_end_date,
+    $event_welcome_msg
+) {
+    if (EventConfig() == null) {
+        return DB::insert('
+              INSERT INTO `EventConfig` (
+                  `event_name`,
+                  `buildup_start_date`,
+                  `event_start_date`,
+                  `event_end_date`,
+                  `teardown_end_date`,
+                  `event_welcome_msg`
+              )
+              VALUES (?, ?, ?, ?, ?, ?)
+            ',
+            [
+                $event_name,
+                $buildup_start_date,
+                $event_start_date,
+                $event_end_date,
+                $teardown_end_date,
+                $event_welcome_msg
+            ]
+        );
+    }
+
+    return (bool)DB::update('
+          UPDATE `EventConfig` SET
+          `event_name` = ?,
+          `buildup_start_date` = ?,
+          `event_start_date` = ?,
+          `event_end_date` = ?,
+          `teardown_end_date` = ?,
+          `event_welcome_msg` = ?
+        ',
+        [
+            $event_name,
+            $buildup_start_date,
+            $event_start_date,
+            $event_end_date,
+            $teardown_end_date,
+            $event_welcome_msg,
+        ]
+    );
 }
-?>

includes/model/LogEntries_model.php

@@ -1,38 +1,62 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Creates a log entry.
  *
- * @param $nick Username
- * @param $message Log
- *          Message
+ * @param string $nick    Username
+ * @param string $message Log  Message
+ * @return bool
  */
-function LogEntry_create($nick, $message) {
-  return sql_query("INSERT INTO `LogEntries` SET `timestamp`='" . sql_escape(time()) . "', `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
+function LogEntry_create($nick, $message)
+{
+    return DB::insert('
+        INSERT INTO `LogEntries` (`timestamp`, `nick`, `message`)
+        VALUES(?, ?, ?)
+    ', [time(), $nick, $message]);
 }
 
 /**
  * Returns log entries with maximum count of 10000.
+ *
+ * @return array
  */
-function LogEntries() {
-  return sql_select("SELECT * FROM `LogEntries` ORDER BY `timestamp` DESC LIMIT 10000");
+function LogEntries()
+{
+    return DB::select('SELECT * FROM `LogEntries` ORDER BY `timestamp` DESC LIMIT 10000');
 }
 
 /**
  * Returns log entries filtered by a keyword
+ *
+ * @param string $keyword
+ * @return array
  */
-function LogEntries_filter($keyword) {
-  if ($keyword == "") {
-    return LogEntries();
-  }
-  return sql_select("SELECT * FROM `LogEntries` WHERE `nick` LIKE '%" . sql_escape($keyword) . "%' OR `message` LIKE '%" . sql_escape($keyword) . "%' ORDER BY `timestamp` DESC");
+function LogEntries_filter($keyword)
+{
+    if ($keyword == '') {
+        return LogEntries();
+    }
+
+    $keyword = '%' . $keyword . '%';
+    return DB::select('
+            SELECT *
+            FROM `LogEntries`
+            WHERE `nick` LIKE ?
+            OR `message` LIKE ?
+            ORDER BY `timestamp` DESC
+        ',
+        [$keyword, $keyword]
+    );
 }
 
 /**
  * Delete all log entries.
+ *
+ * @return bool
  */
-function LogEntries_clear_all() {
-  return sql_query("TRUNCATE `LogEntries`");
+function LogEntries_clear_all()
+{
+    return DB::statement('TRUNCATE `LogEntries`');
 }
-
-?>

includes/model/Message_model.php

@@ -1,27 +1,30 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Returns Message id array
+ *
+ * @return array
  */
-function Message_ids() {
-  return sql_select("SELECT `id` FROM `Messages`");
+function Message_ids()
+{
+    return DB::select('SELECT `id` FROM `Messages`');
 }
 
 /**
  * Returns message by id.
  *
- * @param $message_id message
- *          ID
+ * @param int $message_id message ID
+ * @return array|null
  */
-function Message($message_id) {
-  $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
-  if ($message_source === false) {
-    return false;
-  }
-  if (count($message_source) > 0) {
-    return $message_source[0];
-  }
-  return null;
+function Message($message_id)
+{
+    $message_source = DB::select('SELECT * FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]);
+    if (empty($message_source)) {
+        return null;
+    }
+    return array_shift($message_source);
 }
 
 /**
@@ -29,23 +32,39 @@ function Message($message_id) {
  * TODO: global $user con not be used in model!
  * send message
  *
- * @param $receiver_user_id User
- *          ID of Reciever
- * @param $text Text
- *          of Message
+ * @param int    $receiver_user_id User ID of Reciever
+ * @param string $text             Text of Message
+ * @return bool
  */
-function Message_send($receiver_user_id, $text) {
-  global $user;
-  
-  $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
-  $receiver_user_id = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($receiver_user_id));
-  
-  if (($text != "" && is_numeric($receiver_user_id)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($receiver_user_id) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
-    sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($receiver_user_id) . "', `Text`='" . sql_escape($text) . "'");
-    return true;
-  }
-  
-  return false;
-}
+function Message_send($receiver_user_id, $text)
+{
+    global $user;
 
-?>
+    $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
+    $receiver_user_id = preg_replace('/([^\d]{1,})/ui', '', strip_tags($receiver_user_id));
+
+    if (
+        ($text != '' && is_numeric($receiver_user_id))
+        && count(DB::select('
+            SELECT `UID`
+            FROM `User`
+            WHERE `UID` = ?
+            AND NOT `UID` = ?
+            LIMIT 1
+        ', [$receiver_user_id, $user['UID']])) > 0
+    ) {
+        return DB::insert('
+            INSERT INTO `Messages` (`Datum`, `SUID`, `RUID`, `Text`)
+            VALUES(?, ?, ?, ?)
+            ',
+            [
+                time(),
+                $user['UID'],
+                $receiver_user_id,
+                $text
+            ]
+        );
+    }
+
+    return false;
+}

includes/model/NeededAngelTypes_model.php

@@ -1,5 +1,7 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Entity needed angeltypes describes how many angels of given type are needed for a shift or in a room.
  */
@@ -7,99 +9,107 @@
 /**
  * Insert a new needed angel type.
  *
- * @param int $shift_id
- *          The shift. Can be null, but then a room_id must be given.
- * @param int $angeltype_id
- *          The angeltype
- * @param int $room_id
- *          The room. Can be null, but then a shift_id must be given.
- * @param int $count
- *          How many angels are needed?
+ * @param int $shift_id     The shift. Can be null, but then a room_id must be given.
+ * @param int $angeltype_id The angeltype
+ * @param int $room_id      The room. Can be null, but then a shift_id must be given.
+ * @param int $count        How many angels are needed?
+ * @return int|false
  */
-function NeededAngelType_add($shift_id, $angeltype_id, $room_id, $count) {
-  $result = sql_query("
-      INSERT INTO `NeededAngelTypes` SET 
-      `shift_id`=" . sql_null($shift_id) . ", 
-      `angel_type_id`='" . sql_escape($angeltype_id) . "', 
-      `room_id`=" . sql_null($room_id) . ",
-      `count`='" . sql_escape($count) . "'");
-  if ($result === false) {
-    return false;
-  }
-  return sql_id();
+function NeededAngelType_add($shift_id, $angeltype_id, $room_id, $count)
+{
+    $result = DB::insert('
+          INSERT INTO `NeededAngelTypes` ( `shift_id`, `angel_type_id`, `room_id`, `count`)
+           VALUES (?, ?, ?, ?)
+        ',
+        [
+            $shift_id,
+            $angeltype_id,
+            $room_id,
+            $count,
+        ]);
+    if ($result === false) {
+        return false;
+    }
+
+    return DB::getPdo()->lastInsertId();
 }
 
 /**
  * Deletes all needed angel types from given shift.
  *
- * @param int $shift_id
- *          id of the shift
+ * @param int $shift_id id of the shift
+ * @return int count of affected rows
  */
-function NeededAngelTypes_delete_by_shift($shift_id) {
-  return sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'");
+function NeededAngelTypes_delete_by_shift($shift_id)
+{
+    return (int)DB::delete('DELETE FROM `NeededAngelTypes` WHERE `shift_id` = ?', [$shift_id]);
 }
 
 /**
  * Deletes all needed angel types from given room.
  *
- * @param int $room_id
- *          id of the room
+ * @param int $room_id id of the room
+ * @return int count of affected rows
  */
-function NeededAngelTypes_delete_by_room($room_id) {
-  return sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
+function NeededAngelTypes_delete_by_room($room_id)
+{
+    return (int)DB::delete(
+        'DELETE FROM `NeededAngelTypes` WHERE `room_id` = ?',
+        [$room_id]
+    );
 }
 
 /**
  * Returns all needed angeltypes and already taken needs.
  *
- * @param int $shiftID
- *          id of shift
+ * @param int $shiftId id of shift
+ * @return array
  */
-function NeededAngelTypes_by_shift($shiftId) {
-  $needed_angeltypes_source = sql_select("
+function NeededAngelTypes_by_shift($shiftId)
+{
+    $needed_angeltypes_source = DB::select('
         SELECT `NeededAngelTypes`.*, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
         FROM `NeededAngelTypes`
         JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
-        WHERE `shift_id`='" . sql_escape($shiftId) . "'
+        WHERE `shift_id` = ?
         AND `count` > 0
-        ORDER BY `room_id` DESC
-        ");
-  if ($needed_angeltypes_source === false) {
-    engelsystem_error("Unable to load needed angeltypes.");
-  }
-  
-  // Use settings from room
-  if (count($needed_angeltypes_source) == 0) {
-    $needed_angeltypes_source = sql_select("
+        ORDER BY `room_id` DESC',
+        [$shiftId]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load needed angeltypes.');
+    }
+
+    // Use settings from room
+    if (count($needed_angeltypes_source) == 0) {
+        $needed_angeltypes_source = DB::select('
         SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
         FROM `NeededAngelTypes`
         JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
         JOIN `Shifts` ON `Shifts`.`RID` = `NeededAngelTypes`.`room_id`
-        WHERE `Shifts`.`SID`='" . sql_escape($shiftId) . "'
+        WHERE `Shifts`.`SID` = ?
         AND `count` > 0
         ORDER BY `room_id` DESC
-        ");
-    if ($needed_angeltypes_source === false) {
-      engelsystem_error("Unable to load needed angeltypes.");
+        ', [$shiftId]);
+        if (DB::getStm()->errorCode() != '00000') {
+            engelsystem_error('Unable to load needed angeltypes.');
+        }
     }
-  }
-  
-  $shift_entries = ShiftEntries_by_shift($shiftId);
-  $needed_angeltypes = [];
-  foreach ($needed_angeltypes_source as $angeltype) {
-    $angeltype['shift_entries'] = [];
-    $angeltype['taken'] = 0;
-    foreach ($shift_entries as $shift_entry) {
-      if ($shift_entry['TID'] == $angeltype['angel_type_id'] && $shift_entry['freeloaded'] == 0) {
-        $angeltype['taken'] ++;
-        $angeltype['shift_entries'][] = $shift_entry;
-      }
-    }
-    
-    $needed_angeltypes[] = $angeltype;
-  }
-  
-  return $needed_angeltypes;
-}
 
-?>
+    $shift_entries = ShiftEntries_by_shift($shiftId);
+    $needed_angeltypes = [];
+    foreach ($needed_angeltypes_source as $angeltype) {
+        $angeltype['shift_entries'] = [];
+        $angeltype['taken'] = 0;
+        foreach ($shift_entries as $shift_entry) {
+            if ($shift_entry['TID'] == $angeltype['angel_type_id'] && $shift_entry['freeloaded'] == 0) {
+                $angeltype['taken']++;
+                $angeltype['shift_entries'][] = $shift_entry;
+            }
+        }
+
+        $needed_angeltypes[] = $angeltype;
+    }
+
+    return $needed_angeltypes;
+}

includes/model/Room_model.php

@@ -1,60 +1,82 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * returns a list of rooms.
+ *
  * @param boolean $show_all returns also hidden rooms when true
+ * @return array
  */
-function Rooms($show_all = false) {
-  return sql_select("SELECT * FROM `Room`" . ($show_all ? "" : " WHERE `show`='Y'") . " ORDER BY `Name`");
+function Rooms($show_all = false)
+{
+    return DB::select('SELECT * FROM `Room`' . ($show_all ? '' : ' WHERE `show`=\'Y\'') . ' ORDER BY `Name`');
 }
 
 /**
  * Delete a room
  *
- * @param int $room_id          
+ * @param int $room_id
+ * @return bool
  */
-function Room_delete($room_id) {
-  return sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($room_id));
+function Room_delete($room_id)
+{
+    return DB::delete('DELETE FROM `Room` WHERE `RID` = ?', [$room_id]);
 }
 
 /**
  * Create a new room
  *
- * @param string $name
- *          Name of the room
- * @param boolean $from_frab
- *          Is this a frab imported room?
- * @param boolean $public
- *          Is the room visible for angels?
+ * @param string  $name      Name of the room
+ * @param boolean $from_frab Is this a frab imported room?
+ * @param boolean $public    Is the room visible for angels?
+ * @param int     $number    Room number
+ * @return false|int
  */
-function Room_create($name, $from_frab, $public) {
-  $result = sql_query("
-      INSERT INTO `Room` SET 
-      `Name`='" . sql_escape($name) . "', 
-      `FromPentabarf`='" . sql_escape($from_frab ? 'Y' : '') . "', 
-      `show`='" . sql_escape($public ? 'Y' : '') . "', 
-      `Number`=0");
-  if ($result === false) {
-    return false;
-  }
-  return sql_id();
+function Room_create($name, $from_frab, $public, $number = null)
+{
+    $result = DB::insert('
+          INSERT INTO `Room` (`Name`, `FromPentabarf`, `show`, `Number`)
+           VALUES (?, ?, ?, ?)
+        ',
+        [
+            $name,
+            $from_frab ? 'Y' : '',
+            $public ? 'Y' : '',
+            (int)$number,
+        ]
+    );
+    if (!$result) {
+        return false;
+    }
+
+    return DB::getPdo()->lastInsertId();
 }
 
 /**
  * Returns room by id.
  *
- * @param $room_id RID          
+ * @param int  $room_id RID
+ * @param bool $show_only
+ * @return array|false
  */
-function Room($room_id) {
-  $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($room_id) . "'");
-  
-  if ($room_source === false) {
-    return false;
-  }
-  if (count($room_source) > 0) {
-    return $room_source[0];
-  }
-  return null;
-}
+function Room($room_id, $show_only = true)
+{
+    $room_source = DB::select('
+        SELECT *
+        FROM `Room`
+        WHERE `RID` = ?
+        ' . ($show_only ? 'AND `show` = \'Y\'' : ''),
+        [$room_id]
+    );
 
-?>
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    if (empty($room_source)) {
+        return null;
+    }
+
+    return array_shift($room_source);
+}

includes/model/ShiftEntry_model.php

@@ -1,152 +1,251 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Returns an array with the attributes of shift entries.
  * FIXME! Needs entity object.
+ *
+ * @return array
  */
-function ShiftEntry_new() {
-  return [
-      'id' => null,
-      'SID' => null,
-      'TID' => null,
-      'UID' => null,
-      'Comment' => null,
-      'freeloaded_comment' => null,
-      'freeloaded' => false 
-  ];
+function ShiftEntry_new()
+{
+    return [
+        'id'                 => null,
+        'SID'                => null,
+        'TID'                => null,
+        'UID'                => null,
+        'Comment'            => null,
+        'freeloaded_comment' => null,
+        'freeloaded'         => false
+    ];
 }
 
 /**
  * Counts all freeloaded shifts.
+ *
+ * @return int
  */
-function ShiftEntries_freeleaded_count() {
-  return sql_select_single_cell("SELECT COUNT(*) FROM `ShiftEntry` WHERE `freeloaded` = 1");
+function ShiftEntries_freeleaded_count()
+{
+    $result = DB::select('SELECT COUNT(*) FROM `ShiftEntry` WHERE `freeloaded` = 1');
+    $result = array_shift($result);
+
+    if (!is_array($result)) {
+        return 0;
+    }
+
+    return (int)array_shift($result);
 }
 
 /**
  * List users subsribed to a given shift.
+ *
+ * @param int $shift_id
+ * @return array
  */
-function ShiftEntries_by_shift($shift_id) {
-  return sql_select("
-      SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `AngelTypes`.`name` as `angel_type_name`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
-      FROM `ShiftEntry`
-      JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
-      JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
-      WHERE `ShiftEntry`.`SID`='" . sql_escape($shift_id) . "'");
+function ShiftEntries_by_shift($shift_id)
+{
+    return DB::select('
+          SELECT
+              `User`.`Nick`,
+              `User`.`email`,
+              `User`.`email_shiftinfo`,
+              `User`.`Sprache`,
+              `User`.`Gekommen`,
+              `ShiftEntry`.`UID`,
+              `ShiftEntry`.`TID`,
+              `ShiftEntry`.`SID`,
+              `AngelTypes`.`name` AS `angel_type_name`,
+              `ShiftEntry`.`Comment`,
+              `ShiftEntry`.`freeloaded`
+          FROM `ShiftEntry`
+          JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
+          JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
+          WHERE `ShiftEntry`.`SID` = ?',
+        [$shift_id]
+    );
 }
 
 /**
  * Create a new shift entry.
  *
- * @param ShiftEntry $shift_entry          
+ * @param array $shift_entry
+ * @return bool
  */
-function ShiftEntry_create($shift_entry) {
-  mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID']));
-  return sql_query("INSERT INTO `ShiftEntry` SET
-      `SID`='" . sql_escape($shift_entry['SID']) . "',
-      `TID`='" . sql_escape($shift_entry['TID']) . "',
-      `UID`='" . sql_escape($shift_entry['UID']) . "',
-      `Comment`='" . sql_escape($shift_entry['Comment']) . "',
-      `freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
-      `freeloaded`=" . sql_bool($shift_entry['freeloaded']));
+function ShiftEntry_create($shift_entry)
+{
+    mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID']));
+    return DB::insert('
+          INSERT INTO `ShiftEntry` (
+              `SID`,
+              `TID`,
+              `UID`,
+              `Comment`,
+              `freeload_comment`,
+              `freeloaded`
+          )
+          VALUES(?, ?, ?, ?, ?, ?)
+        ',
+        [
+            $shift_entry['SID'],
+            $shift_entry['TID'],
+            $shift_entry['UID'],
+            $shift_entry['Comment'],
+            $shift_entry['freeload_comment'],
+            $shift_entry['freeloaded'],
+        ]
+    );
 }
 
 /**
  * Update a shift entry.
+ *
+ * @param array $shift_entry
+ * @return bool
  */
-function ShiftEntry_update($shift_entry) {
-  return sql_query("UPDATE `ShiftEntry` SET
-      `Comment`='" . sql_escape($shift_entry['Comment']) . "',
-      `freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
-      `freeloaded`=" . sql_bool($shift_entry['freeloaded']) . "
-      WHERE `id`='" . sql_escape($shift_entry['id']) . "'");
+function ShiftEntry_update($shift_entry)
+{
+    DB::update('
+      UPDATE `ShiftEntry`
+      SET
+          `Comment` = ?,
+          `freeload_comment` = ?,
+          `freeloaded` = ?
+      WHERE `id` = ?',
+        [
+            $shift_entry['Comment'],
+            $shift_entry['freeload_comment'],
+            $shift_entry['freeloaded'],
+            $shift_entry['id']
+        ]
+    );
+
+    return (DB::getStm()->errorCode() == '00000');
 }
 
 /**
  * Get a shift entry.
+ *
+ * @param int $shift_entry_id
+ * @return array|false|null
  */
-function ShiftEntry($shift_entry_id) {
-  $shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
-  if ($shift_entry === false) {
-    return false;
-  }
-  if (count($shift_entry) == 0) {
-    return null;
-  }
-  return $shift_entry[0];
+function ShiftEntry($shift_entry_id)
+{
+    $shift_entry = DB::select('SELECT * FROM `ShiftEntry` WHERE `id` = ?', [$shift_entry_id]);
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+    if (empty($shift_entry)) {
+        return null;
+    }
+    return $shift_entry[0];
 }
 
 /**
  * Delete a shift entry.
+ *
+ * @param int $shift_entry_id
+ * @return bool
  */
-function ShiftEntry_delete($shift_entry_id) {
-  $shift_entry = ShiftEntry($shift_entry_id);
-  mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID']));
-  return sql_query("DELETE FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
+function ShiftEntry_delete($shift_entry_id)
+{
+    $shift_entry = ShiftEntry($shift_entry_id);
+    mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID']));
+    return DB::delete('DELETE FROM `ShiftEntry` WHERE `id` = ?', [$shift_entry_id]);
 }
 
 /**
  * Returns next (or current) shifts of given user.
  *
- * @param User $user          
+ * @param array $user
+ * @return array
  */
-function ShiftEntries_upcoming_for_user($user) {
-  return sql_select("
-      SELECT *
-      FROM `ShiftEntry`
-      JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
-      JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
-      WHERE `ShiftEntry`.`UID`=" . sql_escape($user['UID']) . "
-      AND `Shifts`.`end` > " . sql_escape(time()) . "
-      ORDER BY `Shifts`.`end`
-      ");
+function ShiftEntries_upcoming_for_user($user)
+{
+    return DB::select('
+        SELECT *
+        FROM `ShiftEntry`
+        JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
+        JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
+        WHERE `ShiftEntry`.`UID` = ?
+        AND `Shifts`.`end` > ?
+        ORDER BY `Shifts`.`end`
+      ',
+        [
+            $user['UID'],
+            time(),
+        ]
+    );
 }
 
 /**
  * Returns shifts completed by the given user.
  *
- * @param User $user          
+ * @param array $user
+ * @return array
  */
-function ShiftEntries_finished_by_user($user) {
-  return sql_select("
-      SELECT *
-      FROM `ShiftEntry`
-      JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
-      JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
-      WHERE `ShiftEntry`.`UID`=" . sql_escape($user['UID']) . "
-      AND `Shifts`.`end` < " . sql_escape(time()) . "
-      AND `ShiftEntry`.`freeloaded` = 0
-      ORDER BY `Shifts`.`end`
-      ");
+function ShiftEntries_finished_by_user($user)
+{
+    return DB::select('
+          SELECT *
+          FROM `ShiftEntry`
+          JOIN `Shifts` ON (`Shifts`.`SID` = `ShiftEntry`.`SID`)
+          JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
+          WHERE `ShiftEntry`.`UID` = ?
+          AND `Shifts`.`end` < ?
+          AND `ShiftEntry`.`freeloaded` = 0
+          ORDER BY `Shifts`.`end`
+      ',
+        [
+            $user['UID'],
+            time(),
+        ]
+    );
 }
 
 /**
  * Returns all shift entries in given shift for given angeltype.
  *
- * @param int $shift_id          
- * @param int $angeltype_id          
+ * @param int $shift_id
+ * @param int $angeltype_id
+ * @return array
  */
-function ShiftEntries_by_shift_and_angeltype($shift_id, $angeltype_id) {
-  $result = sql_select("
-      SELECT *
-      FROM `ShiftEntry`
-      WHERE `SID`=" . sql_escape($shift_id) . "
-      AND `TID`=" . sql_escape($angeltype_id) . "
-      ");
-  if ($result === false) {
-    engelsystem_error("Unable to load shift entries.");
-  }
-  return $result;
+function ShiftEntries_by_shift_and_angeltype($shift_id, $angeltype_id)
+{
+    $result = DB::select('
+            SELECT *
+            FROM `ShiftEntry`
+            WHERE `SID` = ?
+            AND `TID` = ?
+        ',
+        [
+            $shift_id,
+            $angeltype_id,
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load shift entries.');
+    }
+    return $result;
 }
 
 /**
  * Returns all freeloaded shifts for given user.
+ *
+ * @param array $user
+ * @return array
  */
-function ShiftEntries_freeloaded_by_user($user) {
-  return sql_select("SELECT *
-      FROM `ShiftEntry`
-      WHERE `freeloaded` = 1
-      AND `UID`=" . sql_escape($user['UID']));
+function ShiftEntries_freeloaded_by_user($user)
+{
+    return DB::select('
+          SELECT *
+          FROM `ShiftEntry`
+          WHERE `freeloaded` = 1
+          AND `UID` = ?
+          ',
+        [
+            $user['UID']
+        ]
+    );
 }
-
-?>

includes/model/ShiftSignupState.php

@@ -6,112 +6,136 @@ namespace Engelsystem;
  * BO to represent if there are free slots on a shift for a given angeltype
  * and if signup for a given user is possible (or not, because of collisions, etc.)
  */
-class ShiftSignupState {
+class ShiftSignupState
+{
+    /**
+     * Shift has free places
+     */
+    const FREE = 'FREE';
 
-  /**
-   * Shift has free places
-   */
-  const FREE = 'FREE';
+    /**
+     * Shift collides with users shifts
+     */
+    const COLLIDES = 'COLLIDES';
 
-  /**
-   * Shift collides with users shifts
-   */
-  const COLLIDES = 'COLLIDES';
+    /**
+     * User cannot join because of a restricted angeltype or user is not in the angeltype
+     */
+    const ANGELTYPE = 'ANGELTYPE';
 
-  /**
-   * User cannot join because of a restricted angeltype or user is not in the angeltype
-   */
-  const ANGELTYPE = 'ANGELTYPE';
+    /**
+     * Shift is full
+     */
+    const OCCUPIED = 'OCCUPIED';
 
-  /**
-   * Shift is full
-   */
-  const OCCUPIED = 'OCCUPIED';
+    /**
+     * User is admin and can do what he wants.
+     */
+    const ADMIN = 'ADMIN';
 
-  /**
-   * User is admin and can do what he wants.
-   */
-  const ADMIN = 'ADMIN';
+    /**
+     * Shift has already ended, no signup
+     */
+    const SHIFT_ENDED = 'SHIFT_ENDED';
 
-  /**
-   * Shift has already ended, no signup
-   */
-  const SHIFT_ENDED = 'SHIFT_ENDED';
+    /**
+     * User is already signed up
+     */
+    const SIGNED_UP = 'SIGNED_UP';
 
-  /**
-   * User is already signed up
-   */
-  const SIGNED_UP = 'SIGNED_UP';
+    /** @var string */
+    private $state;
 
-  private $state;
+    /** @var int */
+    private $freeEntries;
 
-  private $freeEntries;
-
-  public function __construct($state, $free_entries) {
-    $this->state = $state;
-    $this->freeEntries = $free_entries;
-  }
-
-  /**
-   * Combine this state with another state from the same shift.
-   *
-   * @param ShiftSignupState $shiftSignupState
-   *          The other state to combine
-   */
-  public function combineWith(ShiftSignupState $shiftSignupState) {
-    $this->freeEntries += $shiftSignupState->getFreeEntries();
-    
-    if ($this->valueForState($shiftSignupState->state) > $this->valueForState($this->state)) {
-      $this->state = $shiftSignupState->state;
+    /**
+     * ShiftSignupState constructor.
+     *
+     * @param string $state
+     * @param int    $free_entries
+     */
+    public function __construct($state, $free_entries)
+    {
+        $this->state = $state;
+        $this->freeEntries = $free_entries;
     }
-  }
 
-  private function valueForState($state) {
-    switch ($state) {
-      case ShiftSignupState::SHIFT_ENDED:
-        return 100;
-      
-      case ShiftSignupState::SIGNED_UP:
-        return 90;
-      
-      case ShiftSignupState::FREE:
-        return 80;
-      
-      case ShiftSignupState::ANGELTYPE:
-      case ShiftSignupState::COLLIDES:
-        return 70;
-      
-      case ShiftSignupState::OCCUPIED:
-      case ShiftSignupState::ADMIN:
-        return 60;
+    /**
+     * Combine this state with another state from the same shift.
+     *
+     * @param ShiftSignupState $shiftSignupState
+     *          The other state to combine
+     */
+    public function combineWith(ShiftSignupState $shiftSignupState)
+    {
+        $this->freeEntries += $shiftSignupState->getFreeEntries();
+
+        if ($this->valueForState($shiftSignupState->state) > $this->valueForState($this->state)) {
+            $this->state = $shiftSignupState->state;
+        }
     }
-  }
 
-  /**
-   * Returns true, if signup is allowed
-   */
-  public function isSignupAllowed() {
-    switch ($this->state) {
-      case ShiftSignupState::FREE:
-      case ShiftSignupState::ADMIN:
-        return true;
+    /**
+     * @param string $state
+     * @return int
+     */
+    private function valueForState($state)
+    {
+        switch ($state) {
+            case ShiftSignupState::SHIFT_ENDED:
+                return 100;
+
+            case ShiftSignupState::SIGNED_UP:
+                return 90;
+
+            case ShiftSignupState::FREE:
+                return 80;
+
+            case ShiftSignupState::ANGELTYPE:
+            case ShiftSignupState::COLLIDES:
+                return 70;
+
+            case ShiftSignupState::OCCUPIED:
+            case ShiftSignupState::ADMIN:
+                return 60;
+            default:
+                return 0;
+        }
     }
-    return false;
-  }
 
-  /**
-   * Return the shift signup state
-   */
-  public function getState() {
-    return $this->state;
-  }
+    /**
+     * Returns true, if signup is allowed
+     *
+     * @return bool
+     */
+    public function isSignupAllowed()
+    {
+        switch ($this->state) {
+            case ShiftSignupState::FREE:
+            case ShiftSignupState::ADMIN:
+                return true;
+        }
+        return false;
+    }
 
-  /**
-   * How many places are free in this shift for the angeltype?
-   */
-  public function getFreeEntries() {
-    return $this->freeEntries;
-  }
+    /**
+     * Return the shift signup state
+     *
+     * @return string
+     */
+    public function getState()
+    {
+        return $this->state;
+    }
+
+    /**
+     * How many places are free in this shift for the angeltype?
+     *
+     * @return int
+     */
+    public function getFreeEntries()
+    {
+        return $this->freeEntries;
+    }
 }
-
-?>

includes/model/ShiftTypes_model.php

@@ -1,69 +1,105 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Delete a shift type.
+ *
  * @param int $shifttype_id
+ * @return bool
  */
-function ShiftType_delete($shifttype_id) {
-  return sql_query("DELETE FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
+function ShiftType_delete($shifttype_id)
+{
+    return DB::delete('DELETE FROM `ShiftTypes` WHERE `id`=?', [$shifttype_id]);
 }
 
 /**
  * Update a shift type.
  *
- * @param int $shifttype_id          
- * @param string $name          
- * @param int $angeltype_id          
- * @param string $description          
+ * @param int    $shifttype_id
+ * @param string $name
+ * @param int    $angeltype_id
+ * @param string $description
+ * @return bool
  */
-function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) {
-  return sql_query("UPDATE `ShiftTypes` SET
-      `name`='" . sql_escape($name) . "', 
-      `angeltype_id`=" . sql_null($angeltype_id) . ",
-      `description`='" . sql_escape($description) . "'
-      WHERE `id`='" . sql_escape($shifttype_id) . "'");
+function ShiftType_update($shifttype_id, $name, $angeltype_id, $description)
+{
+    DB::update('
+      UPDATE `ShiftTypes` SET
+      `name`=?,
+      `angeltype_id`=?,
+      `description`=?
+      WHERE `id`=?
+    ',
+        [
+            $name,
+            $angeltype_id,
+            $description,
+            $shifttype_id,
+        ]
+    );
+
+    return DB::getStm()->errorCode() == '00000';
 }
 
 /**
  * Create a shift type.
  *
- * @param string $name          
- * @param int $angeltype_id          
- * @param string $description          
- * @return new shifttype id
+ * @param string $name
+ * @param int    $angeltype_id
+ * @param string $description
+ * @return int|false new shifttype id
  */
-function ShiftType_create($name, $angeltype_id, $description) {
-  $result = sql_query("INSERT INTO `ShiftTypes` SET
-      `name`='" . sql_escape($name) . "', 
-      `angeltype_id`=" . sql_null($angeltype_id) . ",
-      `description`='" . sql_escape($description) . "'");
-  if ($result === false) {
-    return false;
-  }
-  return sql_id();
+function ShiftType_create($name, $angeltype_id, $description)
+{
+    $result = DB::insert('
+        INSERT INTO `ShiftTypes` (`name`, `angeltype_id`, `description`)
+        VALUES(?, ?, ?)
+        ',
+        [
+            $name,
+            $angeltype_id,
+            $description
+        ]
+    );
+
+    if ($result === false) {
+        return false;
+    }
+
+    return DB::getPdo()->lastInsertId();
 }
 
 /**
  * Get a shift type by id.
  *
- * @param int $shifttype_id          
+ * @param int $shifttype_id
+ * @return array|null
  */
-function ShiftType($shifttype_id) {
-  $shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
-  if ($shifttype === false) {
-    engelsystem_error('Unable to load shift type.');
-  }
-  if ($shifttype == null) {
-    return null;
-  }
-  return $shifttype[0];
+function ShiftType($shifttype_id)
+{
+    $shifttype = DB::select('SELECT * FROM `ShiftTypes` WHERE `id`=?', [$shifttype_id]);
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load shift type.');
+    }
+    if (empty($shifttype)) {
+        return null;
+    }
+    return array_shift($shifttype);
 }
 
 /**
  * Get all shift types.
+ *
+ * @return array|false
  */
-function ShiftTypes() {
-  return sql_select("SELECT * FROM `ShiftTypes` ORDER BY `name`");
-}
+function ShiftTypes()
+{
+    $result = DB::select('SELECT * FROM `ShiftTypes` ORDER BY `name`');
 
-?>
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    return $result;
+}

includes/model/ShiftsFilter.php

@@ -7,115 +7,170 @@ namespace Engelsystem;
  *
  * @author msquare
  */
-class ShiftsFilter {
+class ShiftsFilter
+{
+    /**
+     * How long can the time interval be?
+     * 86400 = one day
+     */
+    const MAX_DURATION = 86400;
 
-  /**
-   * How long can the time interval be?
-   */
-  const MAX_DURATION = 86400;
- // one day
-  
-  /**
-   * Shift is completely full.
-   */
-  const FILLED_FILLED = 1;
+    /**
+     * Shift is completely full.
+     */
+    const FILLED_FILLED = 1;
 
-  /**
-   * Shift has some free slots.
-   */
-  const FILLED_FREE = 0;
+    /**
+     * Shift has some free slots.
+     */
+    const FILLED_FREE = 0;
 
-  /**
-   * Has the user "user shifts admin" privilege?
-   *
-   * @var boolean
-   */
-  private $userShiftsAdmin;
+    /**
+     * Has the user "user shifts admin" privilege?
+     *
+     * @var boolean
+     */
+    private $userShiftsAdmin;
 
-  private $filled = [];
+    /** @var int[] */
+    private $filled = [];
 
-  private $rooms = [];
+    /** @var int[] */
+    private $rooms = [];
 
-  private $types = [];
+    /** @var int[] */
+    private $types = [];
 
-  private $startTime = null;
+    /** @var int unix timestamp */
+    private $startTime = null;
 
-  private $endTime = null;
+    /** @var int unix timestamp */
+    private $endTime = null;
 
-  public function __construct($user_shifts_admin, $rooms, $types) {
-    $this->user_shifts_admin = $user_shifts_admin;
-    $this->rooms = $rooms;
-    $this->types = $types;
-    
-    $this->filled = [
-        ShiftsFilter::FILLED_FREE 
-    ];
-    
-    if ($user_shifts_admin) {
-      $this->filled[] = ShiftsFilter::FILLED_FILLED;
+    /**
+     * ShiftsFilter constructor.
+     *
+     * @param bool  $user_shifts_admin
+     * @param int[] $rooms
+     * @param int[] $types
+     */
+    public function __construct($user_shifts_admin, $rooms, $types)
+    {
+        $this->user_shifts_admin = $user_shifts_admin;
+        $this->rooms = $rooms;
+        $this->types = $types;
+
+        $this->filled = [
+            ShiftsFilter::FILLED_FREE
+        ];
+
+        if ($user_shifts_admin) {
+            $this->filled[] = ShiftsFilter::FILLED_FILLED;
+        }
     }
-  }
 
-  public function getStartTime() {
-    return $this->startTime;
-  }
-
-  public function setStartTime($startTime) {
-    $this->startTime = $startTime;
-  }
-
-  public function getEndTime() {
-    return $this->endTime;
-  }
-
-  public function setEndTime($endTime) {
-    if ($endTime - $this->startTime > ShiftsFilter::MAX_DURATION) {
-      $endTime = $this->startTime + ShiftsFilter::MAX_DURATION;
+    /**
+     * @return int unix timestamp
+     */
+    public function getStartTime()
+    {
+        return $this->startTime;
     }
-    $this->endTime = $endTime;
-  }
 
-  public function getTypes() {
-    if (count($this->types) == 0) {
-      return [
-          0 
-      ];
+    /**
+     * @param int $startTime unix timestamp
+     */
+    public function setStartTime($startTime)
+    {
+        $this->startTime = $startTime;
     }
-    return $this->types;
-  }
 
-  public function setTypes($types) {
-    $this->types = $types;
-  }
-
-  public function getRooms() {
-    if (count($this->rooms) == 0) {
-      return [
-          0 
-      ];
+    /**
+     * @return int unix timestamp
+     */
+    public function getEndTime()
+    {
+        return $this->endTime;
     }
-    return $this->rooms;
-  }
 
-  public function setRooms($rooms) {
-    $this->rooms = $rooms;
-  }
+    /**
+     * @param int $endTime unix timestamp
+     */
+    public function setEndTime($endTime)
+    {
+        if ($endTime - $this->startTime > ShiftsFilter::MAX_DURATION) {
+            $endTime = $this->startTime + ShiftsFilter::MAX_DURATION;
+        }
+        $this->endTime = $endTime;
+    }
 
-  public function isUserShiftsAdmin() {
-    return $this->userShiftsAdmin;
-  }
+    /**
+     * @return int[]
+     */
+    public function getTypes()
+    {
+        if (count($this->types) == 0) {
+            return [0];
+        }
+        return $this->types;
+    }
 
-  public function setUserShiftsAdmin($userShiftsAdmin) {
-    $this->userShiftsAdmin = $userShiftsAdmin;
-  }
+    /**
+     * @param int[] $types
+     */
+    public function setTypes($types)
+    {
+        $this->types = $types;
+    }
 
-  public function getFilled() {
-    return $this->filled;
-  }
+    /**
+     * @return int[]
+     */
+    public function getRooms()
+    {
+        if (count($this->rooms) == 0) {
+            return [0];
+        }
+        return $this->rooms;
+    }
 
-  public function setFilled($filled) {
-    $this->filled = $filled;
-  }
+    /**
+     * @param int[] $rooms
+     */
+    public function setRooms($rooms)
+    {
+        $this->rooms = $rooms;
+    }
+
+    /**
+     * @return bool
+     */
+    public function isUserShiftsAdmin()
+    {
+        return $this->userShiftsAdmin;
+    }
+
+    /**
+     * @param bool $userShiftsAdmin
+     */
+    public function setUserShiftsAdmin($userShiftsAdmin)
+    {
+        $this->userShiftsAdmin = $userShiftsAdmin;
+    }
+
+    /**
+     * @return int[]
+     */
+    public function getFilled()
+    {
+        return $this->filled;
+    }
+
+    /**
+     * @param int[] $filled
+     */
+    public function setFilled($filled)
+    {
+        $this->filled = $filled;
+    }
 }
-
-?>

includes/model/Shifts_model.php

@@ -1,432 +1,641 @@
 <?php
+
+use Engelsystem\Database\DB;
 use Engelsystem\ShiftsFilter;
 use Engelsystem\ShiftSignupState;
 
-function Shifts_by_room($room) {
-  $result = sql_select("SELECT * FROM `Shifts` WHERE `RID`=" . sql_escape($room['RID']) . " ORDER BY `start`");
-  if ($result === false) {
-    engelsystem_error("Unable to load shifts.");
-  }
-  return $result;
+/**
+ * @param array $room
+ * @return array
+ */
+function Shifts_by_room($room)
+{
+    $result = DB::select('SELECT * FROM `Shifts` WHERE `RID`=? ORDER BY `start`', [$room['RID']]);
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load shifts.');
+    }
+    return $result;
 }
 
-function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
-  $SQL = "SELECT * FROM (
-      SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return array[]
+ */
+function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
+{
+    $sql = 'SELECT * FROM (
+      SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
       FROM `Shifts`
       JOIN `Room` USING (`RID`)
       JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
       JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
-      WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
-      AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
-      AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
+      WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+      AND `start` BETWEEN ? AND ?
+      AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ')
       AND `NeededAngelTypes`.`count` > 0
       AND `Shifts`.`PSID` IS NULL
-      
+
       UNION
-      
-      SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` as `room_name`
+
+      SELECT DISTINCT `Shifts`.*, `ShiftTypes`.`name`, `Room`.`Name` AS `room_name`
       FROM `Shifts`
       JOIN `Room` USING (`RID`)
       JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id`
       JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
-      WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
-      AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
-      AND `NeededAngelTypes`.`angel_type_id` IN (" . implode(',', $shiftsFilter->getTypes()) . ")
+      WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+      AND `start` BETWEEN ? AND ?
+      AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ')
       AND `NeededAngelTypes`.`count` > 0
-      AND NOT `Shifts`.`PSID` IS NULL) as tmp_shifts
-          
-      ORDER BY `start`";
-  $result = sql_select($SQL);
-  if ($result === false) {
-    engelsystem_error("Unable to load shifts by filter.");
-  }
-  return $result;
+      AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts
+
+      ORDER BY `start`';
+    $result = DB::select(
+        $sql,
+        [
+            $shiftsFilter->getStartTime(),
+            $shiftsFilter->getEndTime(),
+            $shiftsFilter->getStartTime(),
+            $shiftsFilter->getEndTime(),
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load shifts by filter.');
+    }
+    return $result;
 }
 
-function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
-  $SQL = "SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return array[]
+ */
+function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
+{
+    $sql = '
+      SELECT
+          `NeededAngelTypes`.*,
+          `Shifts`.`SID`,
+          `AngelTypes`.`id`,
+          `AngelTypes`.`name`,
+          `AngelTypes`.`restricted`,
+          `AngelTypes`.`no_self_signup`
       FROM `Shifts`
       JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
       JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
-      WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
-      AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
+      WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+      AND `start` BETWEEN ? AND ?
       AND `Shifts`.`PSID` IS NULL
 
       UNION
 
-      SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
+      SELECT
+            `NeededAngelTypes`.*,
+            `Shifts`.`SID`,
+            `AngelTypes`.`id`,
+            `AngelTypes`.`name`,
+            `AngelTypes`.`restricted`,
+            `AngelTypes`.`no_self_signup`
       FROM `Shifts`
       JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
       JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
-      WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
-      AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
-      AND NOT `Shifts`.`PSID` IS NULL";
-  $result = sql_select($SQL);
-  if ($result === false) {
-    engelsystem_error("Unable to load needed angeltypes by filter.");
-  }
-  return $result;
+      WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+      AND `start` BETWEEN ? AND ?
+      AND NOT `Shifts`.`PSID` IS NULL';
+    $result = DB::select(
+        $sql,
+        [
+            $shiftsFilter->getStartTime(),
+            $shiftsFilter->getEndTime(),
+            $shiftsFilter->getStartTime(),
+            $shiftsFilter->getEndTime(),
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load needed angeltypes by filter.');
+    }
+    return $result;
 }
 
-function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype) {
-  $result = sql_select("SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
-      FROM `Shifts`
-      JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
-      JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
-      WHERE `Shifts`.`SID`=" . sql_escape($shift['SID']) . "
-      AND `AngelTypes`.`id`=" . sql_escape($angeltype['id']) . "
-      AND `Shifts`.`PSID` IS NULL
-          
-      UNION
-          
-      SELECT `NeededAngelTypes`.*, `Shifts`.`SID`, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
-      FROM `Shifts`
-      JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
-      JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
-      WHERE `Shifts`.`SID`=" . sql_escape($shift['SID']) . "
-      AND `AngelTypes`.`id`=" . sql_escape($angeltype['id']) . "
-      AND NOT `Shifts`.`PSID` IS NULL");
-  if ($result === false) {
-    engelsystem_error("Unable to load needed angeltypes by filter.");
-  }
-  if (count($result) == 0) {
-    return null;
-  }
-  return $result[0];
+/**
+ * @param array $shift
+ * @param array $angeltype
+ * @return array|null
+ */
+function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype)
+{
+    $result = DB::select('
+          SELECT
+              `NeededAngelTypes`.*,
+              `Shifts`.`SID`,
+              `AngelTypes`.`id`,
+              `AngelTypes`.`name`,
+              `AngelTypes`.`restricted`,
+              `AngelTypes`.`no_self_signup`
+          FROM `Shifts`
+          JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`
+          JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
+          WHERE `Shifts`.`SID`=?
+          AND `AngelTypes`.`id`=?
+          AND `Shifts`.`PSID` IS NULL
+
+          UNION
+
+          SELECT
+                `NeededAngelTypes`.*,
+                `Shifts`.`SID`,
+                `AngelTypes`.`id`,
+                `AngelTypes`.`name`,
+                `AngelTypes`.`restricted`,
+                `AngelTypes`.`no_self_signup`
+          FROM `Shifts`
+          JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID`
+          JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id`
+          WHERE `Shifts`.`SID`=?
+          AND `AngelTypes`.`id`=?
+          AND NOT `Shifts`.`PSID` IS NULL
+      ',
+        [
+            $shift['SID'],
+            $angeltype['id'],
+            $shift['SID'],
+            $angeltype['id']
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load needed angeltypes by filter.');
+    }
+    if (empty($result)) {
+        return null;
+    }
+    return $result[0];
 }
 
-function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter) {
-  $SQL = "SELECT `User`.`Nick`, `User`.`email`, `User`.`email_shiftinfo`, `User`.`Sprache`, `User`.`Gekommen`, `ShiftEntry`.`UID`, `ShiftEntry`.`TID`, `ShiftEntry`.`SID`, `ShiftEntry`.`Comment`, `ShiftEntry`.`freeloaded`
+/**
+ * @param ShiftsFilter $shiftsFilter
+ * @return array
+ */
+function ShiftEntries_by_ShiftsFilter(ShiftsFilter $shiftsFilter)
+{
+    $sql = '
+      SELECT
+          `User`.`Nick`,
+          `User`.`email`,
+          `User`.`email_shiftinfo`,
+          `User`.`Sprache`,
+          `User`.`Gekommen`,
+          `ShiftEntry`.`UID`,
+          `ShiftEntry`.`TID`,
+          `ShiftEntry`.`SID`,
+          `ShiftEntry`.`Comment`,
+          `ShiftEntry`.`freeloaded`
       FROM `Shifts`
       JOIN `ShiftEntry` ON `ShiftEntry`.`SID`=`Shifts`.`SID`
       JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
-      WHERE `Shifts`.`RID` IN (" . implode(',', $shiftsFilter->getRooms()) . ")
-      AND `start` BETWEEN " . $shiftsFilter->getStartTime() . " AND " . $shiftsFilter->getEndTime() . "
-      ORDER BY `Shifts`.`start`";
-  $result = sql_select($SQL);
-  if ($result === false) {
-    engelsystem_error("Unable to load shift entries by filter.");
-  }
-  return $result;
+      WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ')
+      AND `start` BETWEEN ? AND ?
+      ORDER BY `Shifts`.`start`';
+    $result = DB::select(
+        $sql,
+        [
+            $shiftsFilter->getStartTime(),
+            $shiftsFilter->getEndTime(),
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load shift entries by filter.');
+    }
+    return $result;
 }
 
 /**
  * Check if a shift collides with other shifts (in time).
  *
- * @param Shift $shift          
- * @param array<Shift> $shifts          
+ * @param array $shift
+ * @param array $shifts
+ * @return bool
  */
-function Shift_collides($shift, $shifts) {
-  foreach ($shifts as $other_shift) {
-    if ($shift['SID'] != $other_shift['SID']) {
-      if (! ($shift['start'] >= $other_shift['end'] || $shift['end'] <= $other_shift['start'])) {
-        return true;
-      }
+function Shift_collides($shift, $shifts)
+{
+    foreach ($shifts as $other_shift) {
+        if ($shift['SID'] != $other_shift['SID']) {
+            if (!($shift['start'] >= $other_shift['end'] || $shift['end'] <= $other_shift['start'])) {
+                return true;
+            }
+        }
     }
-  }
-  return false;
+    return false;
 }
 
 /**
  * Returns the number of needed angels/free shift entries for an angeltype.
+ *
+ * @param array   $needed_angeltype
+ * @param array[] $shift_entries
+ * @return int
  */
-function Shift_free_entries($needed_angeltype, $shift_entries) {
-  $taken = 0;
-  foreach ($shift_entries as $shift_entry) {
-    if ($shift_entry['freeloaded'] == 0) {
-      $taken ++;
+function Shift_free_entries($needed_angeltype, $shift_entries)
+{
+    $taken = 0;
+    foreach ($shift_entries as $shift_entry) {
+        if ($shift_entry['freeloaded'] == 0) {
+            $taken++;
+        }
     }
-  }
-  return max(0, $needed_angeltype['count'] - $taken);
+    return max(0, $needed_angeltype['count'] - $taken);
 }
 
 /**
  * Check if shift signup is allowed from the end users point of view (no admin like privileges)
  *
- * @param Shift $shift
- *          The shift
- * @param AngelType $angeltype
- *          The angeltype to which the user wants to sign up
- * @param array<Shift> $user_shifts
- *          List of the users shifts
- * @param boolean $angeltype_supporter
- *          True, if the user has angeltype supporter rights for the angeltype, which enables him to sign somebody up for the shift.
+ * @param array      $user
+ * @param array      $shift       The shift
+ * @param array      $angeltype   The angeltype to which the user wants to sign up
+ * @param array|null $user_angeltype
+ * @param array|null $user_shifts List of the users shifts
+ * @param array      $needed_angeltype
+ * @param array[]    $shift_entries
+ * @return ShiftSignupState
  */
-function Shift_signup_allowed_angel($user, $shift, $angeltype, $user_angeltype, $user_shifts, $needed_angeltype, $shift_entries) {
-  $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
-  
-  if ($user['Gekommen'] == 0) {
-    return new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, $free_entries);
-  }
-  
-  if ($user_shifts == null) {
-    $user_shifts = Shifts_by_user($user);
-  }
-  
-  $signed_up = false;
-  foreach ($user_shifts as $user_shift) {
-    if ($user_shift['SID'] == $shift['SID']) {
-      $signed_up = true;
-      break;
+function Shift_signup_allowed_angel(
+    $user,
+    $shift,
+    $angeltype,
+    $user_angeltype,
+    $user_shifts,
+    $needed_angeltype,
+    $shift_entries
+) {
+    $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
+
+    if ($user['Gekommen'] == 0) {
+        return new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, $free_entries);
     }
-  }
-  
-  if ($signed_up) {
-    // you cannot join if you already singed up for this shift
-    return new ShiftSignupState(ShiftSignupState::SIGNED_UP, $free_entries);
-  }
-  
-  if (time() > $shift['start']) {
-    // you can only join if the shift is in future
-    return new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, $free_entries);
-  }
-  if ($free_entries == 0) {
-    // you cannot join if shift is full
-    return new ShiftSignupState(ShiftSignupState::OCCUPIED, $free_entries);
-  }
-  
-  if ($user_angeltype == null) {
-    $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
-  }
-  
-  if ($user_angeltype == null || ($angeltype['no_self_signup'] == 1 && $user_angeltype != null) || ($angeltype['restricted'] == 1 && $user_angeltype != null && ! isset($user_angeltype['confirm_user_id']))) {
-    // you cannot join if user is not of this angel type
-    // you cannot join if you are not confirmed
-    // you cannot join if angeltype has no self signup
-    
-    return new ShiftSignupState(ShiftSignupState::ANGELTYPE, $free_entries);
-  }
-  
-  if (Shift_collides($shift, $user_shifts)) {
-    // you cannot join if user alread joined a parallel or this shift
-    return new ShiftSignupState(ShiftSignupState::COLLIDES, $free_entries);
-  }
-  
-  // Hooray, shift is free for you!
-  return new ShiftSignupState(ShiftSignupState::FREE, $free_entries);
+
+    if ($user_shifts == null) {
+        $user_shifts = Shifts_by_user($user);
+    }
+
+    $signed_up = false;
+    foreach ($user_shifts as $user_shift) {
+        if ($user_shift['SID'] == $shift['SID']) {
+            $signed_up = true;
+            break;
+        }
+    }
+
+    if ($signed_up) {
+        // you cannot join if you already singed up for this shift
+        return new ShiftSignupState(ShiftSignupState::SIGNED_UP, $free_entries);
+    }
+
+    if (time() > $shift['start']) {
+        // you can only join if the shift is in future
+        return new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, $free_entries);
+    }
+    if ($free_entries == 0) {
+        // you cannot join if shift is full
+        return new ShiftSignupState(ShiftSignupState::OCCUPIED, $free_entries);
+    }
+
+    if ($user_angeltype == null) {
+        $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
+    }
+
+    if (
+        $user_angeltype == null
+        || ($angeltype['no_self_signup'] == 1 && $user_angeltype != null)
+        || ($angeltype['restricted'] == 1 && $user_angeltype != null && !isset($user_angeltype['confirm_user_id']))
+    ) {
+        // you cannot join if user is not of this angel type
+        // you cannot join if you are not confirmed
+        // you cannot join if angeltype has no self signup
+
+        return new ShiftSignupState(ShiftSignupState::ANGELTYPE, $free_entries);
+    }
+
+    if (Shift_collides($shift, $user_shifts)) {
+        // you cannot join if user alread joined a parallel or this shift
+        return new ShiftSignupState(ShiftSignupState::COLLIDES, $free_entries);
+    }
+
+    // Hooray, shift is free for you!
+    return new ShiftSignupState(ShiftSignupState::FREE, $free_entries);
 }
 
 /**
  * Check if an angeltype supporter can sign up a user to a shift.
+ *
+ * @param array   $needed_angeltype
+ * @param array[] $shift_entries
+ * @return ShiftSignupState
  */
-function Shift_signup_allowed_angeltype_supporter($angeltype, $needed_angeltype, $shift_entries) {
-  $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
-  if ($free_entries == 0) {
-    return new ShiftSignupState(ShiftSignupState::OCCUPIED, $free_entries);
-  }
-  
-  return new ShiftSignupState(ShiftSignupState::FREE, $free_entries);
+function Shift_signup_allowed_angeltype_supporter($needed_angeltype, $shift_entries)
+{
+    $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
+    if ($free_entries == 0) {
+        return new ShiftSignupState(ShiftSignupState::OCCUPIED, $free_entries);
+    }
+
+    return new ShiftSignupState(ShiftSignupState::FREE, $free_entries);
 }
 
 /**
  * Check if an admin can sign up a user to a shift.
  *
- * @param Shift $shift
- *          The shift
- * @param AngelType $angeltype
- *          The angeltype to which the user wants to sign up
+ * @param array   $needed_angeltype
+ * @param array[] $shift_entries
+ * @return ShiftSignupState
  */
-function Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entries) {
-  $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
-  
-  if ($free_entries == 0) {
-    // User shift admins may join anybody in every shift
-    return new ShiftSignupState(ShiftSignupState::ADMIN, $free_entries);
-  }
-  
-  return new ShiftSignupState(ShiftSignupState::FREE, $free_entries);
+function Shift_signup_allowed_admin($needed_angeltype, $shift_entries)
+{
+    $free_entries = Shift_free_entries($needed_angeltype, $shift_entries);
+
+    if ($free_entries == 0) {
+        // User shift admins may join anybody in every shift
+        return new ShiftSignupState(ShiftSignupState::ADMIN, $free_entries);
+    }
+
+    return new ShiftSignupState(ShiftSignupState::FREE, $free_entries);
 }
 
 /**
  * Check if an angel can sign up for given shift.
  *
- * @param Shift $shift
- *          The shift
- * @param AngelType $angeltype
- *          The angeltype to which the user wants to sign up
- * @param array<Shift> $user_shifts
- *          List of the users shifts
+ * @param array      $signup_user
+ * @param array      $shift       The shift
+ * @param array      $angeltype   The angeltype to which the user wants to sign up
+ * @param array|null $user_angeltype
+ * @param array|null $user_shifts List of the users shifts
+ * @param array      $needed_angeltype
+ * @param array[]    $shift_entries
+ * @return ShiftSignupState
  */
-function Shift_signup_allowed($signup_user, $shift, $angeltype, $user_angeltype = null, $user_shifts = null, $needed_angeltype, $shift_entries) {
-  global $user, $privileges;
-  
-  if (in_array('user_shifts_admin', $privileges)) {
-    return Shift_signup_allowed_admin($angeltype, $needed_angeltype, $shift_entries);
-  }
-  
-  if (in_array('shiftentry_edit_angeltype_supporter', $privileges) && User_is_AngelType_supporter($user, $angeltype)) {
-    return Shift_signup_allowed_angeltype_supporter($angeltype, $needed_angeltype, $shift_entries);
-  }
-  
-  return Shift_signup_allowed_angel($signup_user, $shift, $angeltype, $user_angeltype, $user_shifts, $needed_angeltype, $shift_entries);
+function Shift_signup_allowed(
+    $signup_user,
+    $shift,
+    $angeltype,
+    $user_angeltype,
+    $user_shifts,
+    $needed_angeltype,
+    $shift_entries
+) {
+    global $user, $privileges;
+
+    if (in_array('user_shifts_admin', $privileges)) {
+        return Shift_signup_allowed_admin($needed_angeltype, $shift_entries);
+    }
+
+    if (
+        in_array('shiftentry_edit_angeltype_supporter', $privileges)
+        && User_is_AngelType_supporter($user, $angeltype)
+    ) {
+        return Shift_signup_allowed_angeltype_supporter($needed_angeltype, $shift_entries);
+    }
+
+    return Shift_signup_allowed_angel(
+        $signup_user,
+        $shift,
+        $angeltype,
+        $user_angeltype,
+        $user_shifts,
+        $needed_angeltype,
+        $shift_entries
+    );
 }
 
 /**
  * Delete a shift by its external id.
+ *
+ * @param int $shift_psid
+ * @return bool
  */
-function Shift_delete_by_psid($shift_psid) {
-  return sql_query("DELETE FROM `Shifts` WHERE `PSID`='" . sql_escape($shift_psid) . "'");
+function Shift_delete_by_psid($shift_psid)
+{
+    DB::delete('DELETE FROM `Shifts` WHERE `PSID`=?', [$shift_psid]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    return true;
 }
 
 /**
  * Delete a shift.
+ *
+ * @param int $shift_id
+ * @return bool
  */
-function Shift_delete($shift_id) {
-  mail_shift_delete(Shift($shift_id));
-  
-  $result = sql_query("DELETE FROM `Shifts` WHERE `SID`='" . sql_escape($shift_id) . "'");
-  if ($result === false) {
-    engelsystem_error('Unable to delete shift.');
-  }
-  return $result;
+function Shift_delete($shift_id)
+{
+    mail_shift_delete(Shift($shift_id));
+
+    $result = DB::delete('DELETE FROM `Shifts` WHERE `SID`=?', [$shift_id]);
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to delete shift.');
+    }
+    return $result;
 }
 
 /**
  * Update a shift.
+ *
+ * @param array $shift
+ * @return bool
  */
-function Shift_update($shift) {
-  global $user;
-  $shift['name'] = ShiftType($shift['shifttype_id'])['name'];
-  mail_shift_change(Shift($shift['SID']), $shift);
-  
-  return sql_query("UPDATE `Shifts` SET
-      `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
-      `start`='" . sql_escape($shift['start']) . "',
-      `end`='" . sql_escape($shift['end']) . "',
-      `RID`='" . sql_escape($shift['RID']) . "',
-      `title`=" . sql_null($shift['title']) . ",
-      `URL`=" . sql_null($shift['URL']) . ",
-      `PSID`=" . sql_null($shift['PSID']) . ",
-      `edited_by_user_id`='" . sql_escape($user['UID']) . "',
-      `edited_at_timestamp`=" . time() . "
-      WHERE `SID`='" . sql_escape($shift['SID']) . "'");
+function Shift_update($shift)
+{
+    global $user;
+    $shift['name'] = ShiftType($shift['shifttype_id'])['name'];
+    mail_shift_change(Shift($shift['SID']), $shift);
+
+    return (bool)DB::update('
+      UPDATE `Shifts` SET
+      `shifttype_id` = ?,
+      `start` = ?,
+      `end` = ?,
+      `RID` = ?,
+      `title` = ?,
+      `URL` = ?,
+      `PSID` = ?,
+      `edited_by_user_id` = ?,
+      `edited_at_timestamp` = ?
+      WHERE `SID` = ?
+    ',
+        [
+            $shift['shifttype_id'],
+            $shift['start'],
+            $shift['end'],
+            $shift['RID'],
+            $shift['title'],
+            $shift['URL'],
+            $shift['PSID'],
+            $user['UID'],
+            time(),
+            $shift['SID']
+        ]
+    );
 }
 
 /**
  * Update a shift by its external id.
+ *
+ * @param array $shift
+ * @return bool|null
  */
-function Shift_update_by_psid($shift) {
-  $shift_source = sql_select("SELECT `SID` FROM `Shifts` WHERE `PSID`=" . $shift['PSID']);
-  if ($shift_source === false) {
-    return false;
-  }
-  if (count($shift_source) == 0) {
-    return null;
-  }
-  $shift['SID'] = $shift_source[0]['SID'];
-  return Shift_update($shift);
+function Shift_update_by_psid($shift)
+{
+    $shift_source = DB::select('SELECT `SID` FROM `Shifts` WHERE `PSID`=?', [$shift['PSID']]);
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    if (empty($shift_source)) {
+        return null;
+    }
+
+    $shift['SID'] = $shift_source[0]['SID'];
+    return Shift_update($shift);
 }
 
 /**
  * Create a new shift.
  *
- * @return new shift id or false
+ * @param array $shift
+ * @return int|false shift id or false
  */
-function Shift_create($shift) {
-  global $user;
-  $result = sql_query("INSERT INTO `Shifts` SET
-      `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
-      `start`='" . sql_escape($shift['start']) . "',
-      `end`='" . sql_escape($shift['end']) . "',
-      `RID`='" . sql_escape($shift['RID']) . "',
-      `title`=" . sql_null($shift['title']) . ",
-      `URL`=" . sql_null($shift['URL']) . ",
-      `PSID`=" . sql_null($shift['PSID']) . ",
-      `created_by_user_id`='" . sql_escape($user['UID']) . "',
-      `created_at_timestamp`=" . time());
-  if ($result === false) {
-    return false;
-  }
-  return sql_id();
+function Shift_create($shift)
+{
+    global $user;
+    DB::insert('
+          INSERT INTO `Shifts` (
+              `shifttype_id`,
+              `start`,
+              `end`,
+              `RID`,
+              `title`,
+              `URL`,
+              `PSID`,
+              `created_by_user_id`,
+              `created_at_timestamp`
+          )
+           VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+        ',
+        [
+            $shift['shifttype_id'],
+            $shift['start'],
+            $shift['end'],
+            $shift['RID'],
+            $shift['title'],
+            $shift['URL'],
+            $shift['PSID'],
+            $user['UID'],
+            time(),
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+    return DB::getPdo()->lastInsertId();
 }
 
 /**
  * Return users shifts.
+ *
+ * @param array $user
+ * @param bool  $include_freeload_comments
+ * @return array
  */
-function Shifts_by_user($user, $include_freeload_comments = false) {
-  $result = sql_select("
-      SELECT `ShiftTypes`.`id` as `shifttype_id`, `ShiftTypes`.`name`,
-      `ShiftEntry`.`id`, `ShiftEntry`.`SID`, `ShiftEntry`.`TID`, `ShiftEntry`.`UID`, `ShiftEntry`.`freeloaded`, `ShiftEntry`.`Comment`,
-      " . ($include_freeload_comments ? "`ShiftEntry`.`freeload_comment`, " : "") . "
-      `Shifts`.*, `Room`.* 
-      FROM `ShiftEntry` 
-      JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) 
-      JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
-      JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) 
-      WHERE `UID`='" . sql_escape($user['UID']) . "' 
-      ORDER BY `start`
-      ");
-  if ($result === false) {
-    engelsystem_error('Unable to load users shifts.');
-  }
-  return $result;
+function Shifts_by_user($user, $include_freeload_comments = false)
+{
+    $result = DB::select('
+          SELECT `ShiftTypes`.`id` AS `shifttype_id`, `ShiftTypes`.`name`,
+          `ShiftEntry`.`id`, `ShiftEntry`.`SID`, `ShiftEntry`.`TID`, `ShiftEntry`.`UID`, `ShiftEntry`.`freeloaded`, `ShiftEntry`.`Comment`,
+          ' . ($include_freeload_comments ? '`ShiftEntry`.`freeload_comment`, ' : '') . '
+          `Shifts`.*, `Room`.*
+          FROM `ShiftEntry`
+          JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
+          JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
+          JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
+          WHERE `UID` = ?
+          ORDER BY `start`
+      ',
+        [
+            $user['UID']
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load users shifts.');
+    }
+    return $result;
 }
 
 /**
  * Returns Shift by id.
  *
- * @param $shift_id Shift
- *          ID
+ * @param int $shift_id Shift  ID
+ * @return array|null
  */
-function Shift($shift_id) {
-  $shifts_source = sql_select("
+function Shift($shift_id)
+{
+    $shifts_source = DB::select('
       SELECT `Shifts`.*, `ShiftTypes`.`name`
-      FROM `Shifts` 
+      FROM `Shifts`
       JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
-      WHERE `SID`='" . sql_escape($shift_id) . "'");
-  $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift_id) . "'");
-  
-  if ($shifts_source === false) {
-    engelsystem_error('Unable to load shift.');
-  }
-  
-  if (empty($shifts_source)) {
-    return null;
-  }
-  
-  $result = $shifts_source[0];
-  
-  $result['ShiftEntry'] = $shiftsEntry_source;
-  $result['NeedAngels'] = [];
-  
-  $temp = NeededAngelTypes_by_shift($shift_id);
-  foreach ($temp as $e) {
-    $result['NeedAngels'][] = [
-        'TID' => $e['angel_type_id'],
-        'count' => $e['count'],
-        'restricted' => $e['restricted'],
-        'taken' => $e['taken'] 
-    ];
-  }
-  
-  return $result;
+      WHERE `SID`=?', [$shift_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load shift.');
+    }
+
+    if (empty($shifts_source)) {
+        return null;
+    }
+
+    $result = $shifts_source[0];
+
+    $shiftsEntry_source = DB::select('
+        SELECT `id`, `TID` , `UID` , `freeloaded`
+        FROM `ShiftEntry`
+        WHERE `SID`=?', [$shift_id]);
+
+    $result['ShiftEntry'] = $shiftsEntry_source;
+    $result['NeedAngels'] = [];
+
+    $angelTypes = NeededAngelTypes_by_shift($shift_id);
+    foreach ($angelTypes as $type) {
+        $result['NeedAngels'][] = [
+            'TID'        => $type['angel_type_id'],
+            'count'      => $type['count'],
+            'restricted' => $type['restricted'],
+            'taken'      => $type['taken']
+        ];
+    }
+
+    return $result;
 }
 
 /**
  * Returns all shifts with needed angeltypes and count of subscribed jobs.
+ *
+ * @return array|false
  */
-function Shifts() {
-  $shifts_source = sql_select("
-    SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`RID`, `Room`.`Name` as `room_name` 
-    FROM `Shifts`
-    JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
-    JOIN `Room` ON `Room`.`RID` = `Shifts`.`RID`
-    ");
-  if ($shifts_source === false) {
-    return false;
-  }
-  
-  foreach ($shifts_source as &$shift) {
-    $needed_angeltypes = NeededAngelTypes_by_shift($shift['SID']);
-    if ($needed_angeltypes === false) {
-      return false;
-    }
-    
-    $shift['angeltypes'] = $needed_angeltypes;
-  }
-  
-  return $shifts_source;
-}
+function Shifts()
+{
+    $shifts_source = DB::select('
+        SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`RID`, `Room`.`Name` AS `room_name`
+        FROM `Shifts`
+        JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
+        JOIN `Room` ON `Room`.`RID` = `Shifts`.`RID`
+    ');
 
-?>
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    foreach ($shifts_source as &$shift) {
+        $needed_angeltypes = NeededAngelTypes_by_shift($shift['SID']);
+        $shift['angeltypes'] = $needed_angeltypes;
+    }
+
+    return $shifts_source;
+}

includes/model/UserAngelTypes_model.php

@@ -1,5 +1,7 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * User angeltypes model
  */
@@ -7,223 +9,283 @@
 /**
  * Checks if a user joined an angeltype.
  *
- * @param User $user
- *          The user to be checked
- * @param Angeltype $angeltype
- *          The angeltype to be checked
+ * @param array $user      The user to be checked
+ * @param array $angeltype The angeltype to be checked
  * @return boolean
  */
-function UserAngelType_exists($user, $angeltype) {
-  return sql_num_query("
-      SELECT `id` 
+function UserAngelType_exists($user, $angeltype)
+{
+    return count(DB::select('
+      SELECT `id`
       FROM `UserAngelTypes`
-      WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
-      AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
-      ") > 0;
+      WHERE `UserAngelTypes`.`user_id`=?
+      AND `angeltype_id`=?
+      ', [$user['UID'], $angeltype['id']])) > 0;
 }
 
 /**
  * List users angeltypes.
  *
- * @param User $user          
+ * @param array $user
+ * @return array|false
  */
-function User_angeltypes($user) {
-  $result = sql_select("
+function User_angeltypes($user)
+{
+    $result = DB::select('
       SELECT `AngelTypes`.*, `UserAngelTypes`.`confirm_user_id`, `UserAngelTypes`.`supporter`
       FROM `UserAngelTypes`
       JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`
-      WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
-      ");
-  if ($result === false) {
-    engelsystem_error("Unable to load user angeltypes.");
-    return false;
-  }
-  return $result;
+      WHERE `UserAngelTypes`.`user_id`=?
+      ', [$user['UID']]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user angeltypes.');
+        return false;
+    }
+
+    return $result;
 }
 
 /**
  * Gets unconfirmed user angeltypes for angeltypes of which the given user is a supporter.
  *
- * @param User $user          
+ * @param array $user
+ * @return array
  */
-function User_unconfirmed_AngelTypes($user) {
-  $result = sql_select("
-    SELECT 
-      `UserAngelTypes`.*, 
-      `AngelTypes`.`name`, 
-      count(`UnconfirmedMembers`.`user_id`) as `count` 
-    FROM `UserAngelTypes`
-    JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
-    JOIN `UserAngelTypes` as `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
-    WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
-      AND `UserAngelTypes`.`supporter`=TRUE
-      AND `AngelTypes`.`restricted`=TRUE
-      AND `UnconfirmedMembers`.`confirm_user_id` IS NULL
-    GROUP BY `UserAngelTypes`.`angeltype_id`
-    ORDER BY `AngelTypes`.`name`");
-  if ($result === false) {
-    engelsystem_error("Unable to load user angeltypes.");
-  }
-  return $result;
+function User_unconfirmed_AngelTypes($user)
+{
+    $result = DB::select('
+        SELECT
+          `UserAngelTypes`.*,
+          `AngelTypes`.`name`,
+          count(`UnconfirmedMembers`.`user_id`) AS `count`
+        FROM `UserAngelTypes`
+        JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
+        JOIN `UserAngelTypes` AS `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
+        WHERE `UserAngelTypes`.`user_id`=?
+          AND `UserAngelTypes`.`supporter`=TRUE
+          AND `AngelTypes`.`restricted`=TRUE
+          AND `UnconfirmedMembers`.`confirm_user_id` IS NULL
+        GROUP BY `UserAngelTypes`.`angeltype_id`
+        ORDER BY `AngelTypes`.`name`
+    ', [$user['UID']]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user angeltypes.');
+    }
+
+    return $result;
 }
 
 /**
  * Returns true if user is angeltype supporter or has privilege admin_user_angeltypes.
  *
- * @param User $user          
- * @param AngelType $angeltype          
+ * @param array $user
+ * @param array $angeltype
+ * @return bool
  */
-function User_is_AngelType_supporter(&$user, $angeltype) {
-  if(!isset($user['privileges'])) {
-    $user['privileges'] = privileges_for_user($user['UID']);
-  }
-  return (sql_num_query("
-      SELECT `id` 
-      FROM `UserAngelTypes` 
-      WHERE `user_id`='" . sql_escape($user['UID']) . "'
-      AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
-      AND `supporter`=TRUE
-      LIMIT 1") > 0) || in_array('admin_user_angeltypes', $user['privileges']);
+function User_is_AngelType_supporter(&$user, $angeltype)
+{
+    if (!isset($user['privileges'])) {
+        $user['privileges'] = privileges_for_user($user['UID']);
+    }
+    return (count(DB::select('
+                      SELECT `id`
+                      FROM `UserAngelTypes`
+                      WHERE `user_id`=?
+                      AND `angeltype_id`=?
+                      AND `supporter`=TRUE
+                      LIMIT 1
+                ',
+                [
+                    $user['UID'],
+                    $angeltype['id']
+                ]
+            )) > 0)
+        || in_array('admin_user_angeltypes', $user['privileges']);
 }
 
 /**
  * Add or remove supporter rights.
  *
- * @param int $user_angeltype_id          
- * @param bool $supporter          
+ * @param int  $user_angeltype_id
+ * @param bool $supporter
+ * @return int
  */
-function UserAngelType_update($user_angeltype_id, $supporter) {
-  $result = sql_query("
+function UserAngelType_update($user_angeltype_id, $supporter)
+{
+    $result = DB::update('
       UPDATE `UserAngelTypes`
-      SET `supporter`=" . sql_bool($supporter) . "
-      WHERE `id`='" . sql_escape($user_angeltype_id) . "'
-      LIMIT 1");
-  if ($result === false) {
-    engelsystem_error("Unable to update supporter rights.");
-  }
-  return $result;
+      SET `supporter`=?
+      WHERE `id`=?
+      LIMIT 1
+    ', [$supporter, $user_angeltype_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to update supporter rights.');
+    }
+
+    return $result;
 }
 
 /**
  * Delete all unconfirmed UserAngelTypes for given Angeltype.
  *
- * @param int $angeltype_id          
+ * @param int $angeltype_id
+ * @return bool
  */
-function UserAngelTypes_delete_all($angeltype_id) {
-  $result = sql_query("
+function UserAngelTypes_delete_all($angeltype_id)
+{
+    DB::delete('
       DELETE FROM `UserAngelTypes`
-      WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
-      AND `confirm_user_id` IS NULL");
-  if ($result === false) {
-    engelsystem_error("Unable to delete all unconfirmed users.");
-  }
-  return $result;
+      WHERE `angeltype_id`=?
+      AND `confirm_user_id` IS NULL
+    ', [$angeltype_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to delete all unconfirmed users.');
+    }
+
+    return true;
 }
 
 /**
  * Confirm all unconfirmed UserAngelTypes for given Angeltype.
  *
- * @param int $angeltype_id          
- * @param User $confirm_user          
+ * @param int   $angeltype_id
+ * @param array $confirm_user
+ * @return bool
  */
-function UserAngelTypes_confirm_all($angeltype_id, $confirm_user) {
-  $result = sql_query("
+function UserAngelTypes_confirm_all($angeltype_id, $confirm_user)
+{
+    $result = DB::update('
       UPDATE `UserAngelTypes`
-      SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
-      WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
-      AND `confirm_user_id` IS NULL");
-  if ($result === false) {
-    engelsystem_error("Unable to confirm all users.");
-  }
-  return $result;
+      SET `confirm_user_id`=?
+      WHERE `angeltype_id`=?
+      AND `confirm_user_id` IS NULL
+    ', [$confirm_user['UID'], $angeltype_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to confirm all users.');
+    }
+
+    return (bool)$result;
 }
 
 /**
  * Confirm an UserAngelType with confirming user.
  *
- * @param int $user_angeltype_id          
- * @param User $confirm_user          
+ * @param int   $user_angeltype_id
+ * @param array $confirm_user
+ * @return bool
  */
-function UserAngelType_confirm($user_angeltype_id, $confirm_user) {
-  $result = sql_query("
+function UserAngelType_confirm($user_angeltype_id, $confirm_user)
+{
+    $result = DB::update('
       UPDATE `UserAngelTypes`
-      SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
-      WHERE `id`='" . sql_escape($user_angeltype_id) . "'
-      LIMIT 1");
-  if ($result === false) {
-    engelsystem_error("Unable to confirm user angeltype.");
-  }
-  return $result;
+      SET `confirm_user_id`=?
+      WHERE `id`=?
+      LIMIT 1', [$confirm_user['UID'], $user_angeltype_id]);
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to confirm user angeltype.');
+    }
+    return (bool)$result;
 }
 
 /**
  * Delete an UserAngelType.
  *
- * @param UserAngelType $user_angeltype          
+ * @param array $user_angeltype
+ * @return bool
  */
-function UserAngelType_delete($user_angeltype) {
-  return sql_query("
-      DELETE FROM `UserAngelTypes` 
-      WHERE `id`='" . sql_escape($user_angeltype['id']) . "' 
-      LIMIT 1");
+function UserAngelType_delete($user_angeltype)
+{
+    return (bool)DB::delete('
+      DELETE FROM `UserAngelTypes`
+      WHERE `id`=?
+      LIMIT 1', [$user_angeltype['id']]);
 }
 
 /**
  * Create an UserAngelType.
  *
- * @param User $user          
- * @param Angeltype $angeltype          
+ * @param array $user
+ * @param array $angeltype
+ * @return int
  */
-function UserAngelType_create($user, $angeltype) {
-  $result = sql_query("
-    INSERT INTO `UserAngelTypes` SET
-    `user_id`='" . sql_escape($user['UID']) . "',
-    `angeltype_id`='" . sql_escape($angeltype['id']) . "'");
-  if ($result === false) {
-    engelsystem_error("Unable to create user angeltype.");
-  }
-  return sql_id();
+function UserAngelType_create($user, $angeltype)
+{
+    DB::insert('
+            INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`)
+            VALUES (?, ?)
+        ',
+        [
+            $user['UID'],
+            $angeltype['id']
+        ]
+    );
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to create user angeltype.');
+    }
+
+    return DB::getPdo()->lastInsertId();
 }
 
 /**
  * Get an UserAngelType by its id.
  *
- * @param int $user_angeltype_id          
+ * @param int $user_angeltype_id
+ * @return array|null
  */
-function UserAngelType($user_angeltype_id) {
-  $angeltype = sql_select("
+function UserAngelType($user_angeltype_id)
+{
+    $angeltype = DB::select('
       SELECT *
       FROM `UserAngelTypes`
-      WHERE `id`='" . sql_escape($user_angeltype_id) . "'
-      LIMIT 1");
-  if ($angeltype === false) {
-    engelsystem_error("Unable to load user angeltype.");
-  }
-  if (count($angeltype) == 0) {
-    return null;
-  }
-  return $angeltype[0];
+      WHERE `id`=?
+      LIMIT 1', [$user_angeltype_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user angeltype.');
+    }
+
+    if (empty($angeltype)) {
+        return null;
+    }
+
+    return $angeltype[0];
 }
 
 /**
  * Get an UserAngelType by user and angeltype.
  *
- * @param User $user          
- * @param Angeltype $angeltype          
+ * @param array $user
+ * @param array $angeltype
+ * @return array|null
  */
-function UserAngelType_by_User_and_AngelType($user, $angeltype) {
-  $angeltype = sql_select("
-      SELECT * 
-      FROM `UserAngelTypes` 
-      WHERE `user_id`='" . sql_escape($user['UID']) . "'
-      AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
-      LIMIT 1");
-  if ($angeltype === false) {
-    engelsystem_error("Unable to load user angeltype.");
-  }
-  if (count($angeltype) == 0) {
-    return null;
-  }
-  return $angeltype[0];
+function UserAngelType_by_User_and_AngelType($user, $angeltype)
+{
+    $angeltype = DB::select('
+          SELECT *
+          FROM `UserAngelTypes`
+          WHERE `user_id`=?
+          AND `angeltype_id`=?
+          LIMIT 1
+        ',
+        [
+            $user['UID'],
+            $angeltype['id']
+        ]
+    );
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user angeltype.');
+    }
+
+    if (empty($angeltype)) {
+        return null;
+    }
+
+    return array_shift($angeltype);
 }
-?>

includes/model/UserDriverLicenses_model.php

@@ -1,104 +1,152 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Returns a new empty UserDriverLicense
  * FIXME entity object needed
+ *
+ * @return array
  */
-function UserDriverLicense_new() {
-  return [
-      'user_id' => null,
-      'has_car' => false,
-      'has_license_car' => false,
-      'has_license_3_5t_transporter' => false,
-      'has_license_7_5t_truck' => false,
-      'has_license_12_5t_truck' => false,
-      'has_license_forklift' => false 
-  ];
+function UserDriverLicense_new()
+{
+    return [
+        'user_id'                      => null,
+        'has_car'                      => false,
+        'has_license_car'              => false,
+        'has_license_3_5t_transporter' => false,
+        'has_license_7_5t_truck'       => false,
+        'has_license_12_5t_truck'      => false,
+        'has_license_forklift'         => false
+    ];
 }
 
 /**
  * Is it valid?
  *
- * @param UserDriverLicense $user_driver_license
- *          The UserDriverLicense to check
+ * @param array $user_driver_license The UserDriverLicense to check
  * @return boolean
  */
-function UserDriverLicense_valid($user_driver_license) {
-  return $user_driver_license['has_license_car'] || $user_driver_license['has_license_3_5t_transporter'] || $user_driver_license['has_license_7_5t_truck'] || $user_driver_license['has_license_12_5t_truck'] || $user_driver_license['has_license_forklift'];
+function UserDriverLicense_valid($user_driver_license)
+{
+    return $user_driver_license['has_car']
+        || $user_driver_license['has_license_car']
+        || $user_driver_license['has_license_3_5t_transporter']
+        || $user_driver_license['has_license_7_5t_truck']
+        || $user_driver_license['has_license_12_5t_truck']
+        || $user_driver_license['has_license_forklift'];
 }
 
 /**
  * Get a users driver license information
  *
- * @param int $user_id
- *          The users id
+ * @param int $user_id The users id
+ * @return array|false|null
  */
-function UserDriverLicense($user_id) {
-  $user_driver_license = sql_select("SELECT * FROM `UserDriverLicenses` WHERE `user_id`='" . sql_escape($user_id) . "'");
-  if ($user_driver_license === false) {
-    engelsystem_error('Unable to load user driver license.');
-    return false;
-  }
-  if (count($user_driver_license) > 0) {
-    return $user_driver_license[0];
-  }
-  return null;
+function UserDriverLicense($user_id)
+{
+    $user_driver_license = DB::select('
+        SELECT *
+        FROM `UserDriverLicenses`
+        WHERE `user_id`=?', [$user_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user driver license.');
+        return false;
+    }
+
+    if (empty($user_driver_license)) {
+        return null;
+    }
+
+    return array_shift($user_driver_license);
 }
 
 /**
  * Create a user's driver license entry
  *
- * @param UserDriverLicense $user_driver_license
- *          The UserDriverLicense to create
+ * @param array $user_driver_license The UserDriverLicense to create
+ * @param array $user
+ * @return array
  */
-function UserDriverLicenses_create($user_driver_license, $user) {
-  $user_driver_license['user_id'] = $user['UID'];
-  $result = sql_query("
-      INSERT INTO `UserDriverLicenses` SET
-      `user_id`=" . sql_escape($user_driver_license['user_id']) . ",
-      `has_car`=" . sql_bool($user_driver_license['has_car']) . ",
-      `has_license_car`=" . sql_bool($user_driver_license['has_license_car']) . ",
-      `has_license_3_5t_transporter`=" . sql_bool($user_driver_license['has_license_3_5t_transporter']) . ",
-      `has_license_7_5t_truck`=" . sql_bool($user_driver_license['has_license_7_5t_truck']) . ",
-      `has_license_12_5t_truck`=" . sql_bool($user_driver_license['has_license_12_5t_truck']) . ",
-      `has_license_forklift`=" . sql_bool($user_driver_license['has_license_forklift']));
-  if ($result === false) {
-    engelsystem_error('Unable to create user driver license');
-  }
-  return $user_driver_license;
+function UserDriverLicenses_create($user_driver_license, $user)
+{
+    $user_driver_license['user_id'] = $user['UID'];
+    DB::insert('
+          INSERT INTO `UserDriverLicenses` (
+              `user_id`,
+              `has_car`,
+              `has_license_car`,
+              `has_license_3_5t_transporter`,
+              `has_license_7_5t_truck`,
+              `has_license_12_5t_truck`,
+              `has_license_forklift`
+          )
+          VALUES (?, ?, ?, ?, ?, ?, ?)
+        ',
+        [
+            $user_driver_license['user_id'],
+            (bool)$user_driver_license['has_car'],
+            (bool)$user_driver_license['has_license_car'],
+            (bool)$user_driver_license['has_license_3_5t_transporter'],
+            (bool)$user_driver_license['has_license_7_5t_truck'],
+            (bool)$user_driver_license['has_license_12_5t_truck'],
+            (bool)$user_driver_license['has_license_forklift'],
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to create user driver license');
+    }
+
+    return $user_driver_license;
 }
 
 /**
  * Update a user's driver license entry
  *
- * @param UserDriverLicense $user_driver_license
- *          The UserDriverLicense to update
+ * @param array $user_driver_license The UserDriverLicense to update
+ * @return bool
  */
-function UserDriverLicenses_update($user_driver_license) {
-  $result = sql_query("UPDATE `UserDriverLicenses` SET
-      `has_car`=" . sql_bool($user_driver_license['has_car']) . ",
-      `has_license_car`=" . sql_bool($user_driver_license['has_license_car']) . ",
-      `has_license_3_5t_transporter`=" . sql_bool($user_driver_license['has_license_3_5t_transporter']) . ",
-      `has_license_7_5t_truck`=" . sql_bool($user_driver_license['has_license_7_5t_truck']) . ",
-      `has_license_12_5t_truck`=" . sql_bool($user_driver_license['has_license_12_5t_truck']) . ",
-      `has_license_forklift`=" . sql_bool($user_driver_license['has_license_forklift']) . "
-      WHERE `user_id`='" . sql_escape($user_driver_license['user_id']) . "'");
-  if ($result === false) {
-    engelsystem_error("Unable to update user driver license information");
-  }
-  return $result;
+function UserDriverLicenses_update($user_driver_license)
+{
+    $result = DB::update('
+          UPDATE `UserDriverLicenses`
+          SET
+              `has_car`=?,
+              `has_license_car`=?,
+              `has_license_3_5t_transporter`=?,
+              `has_license_7_5t_truck`=?,
+              `has_license_12_5t_truck`=?,
+              `has_license_forklift`=?
+          WHERE `user_id`=?
+       ',
+        [
+            (bool)$user_driver_license['has_car'],
+            (bool)$user_driver_license['has_license_car'],
+            (bool)$user_driver_license['has_license_3_5t_transporter'],
+            (bool)$user_driver_license['has_license_7_5t_truck'],
+            (bool)$user_driver_license['has_license_12_5t_truck'],
+            (bool)$user_driver_license['has_license_forklift'],
+            $user_driver_license['user_id'],
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to update user driver license information');
+    }
+    return $result;
 }
 
 /**
  * Delete a user's driver license entry
  *
- * @param int $user_id          
+ * @param int $user_id
+ * @return bool
  */
-function UserDriverLicenses_delete($user_id) {
-  $result = sql_query("DELETE FROM `UserDriverLicenses` WHERE `user_id`=" . sql_escape($user_id));
-  if ($result === false) {
-    engelsystem_error("Unable to remove user driver license information");
-  }
-  return $result;
+function UserDriverLicenses_delete($user_id)
+{
+    $result = DB::delete('DELETE FROM `UserDriverLicenses` WHERE `user_id`=?', [$user_id]);
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to remove user driver license information');
+    }
+    return $result;
 }
-?>

includes/model/UserGroups_model.php

@@ -1,17 +1,22 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  * Returns users groups
- * @param User $user
+ *
+ * @param array $user
+ * @return array
  */
-function User_groups($user) {
-  return sql_select("
-      SELECT `Groups`.*
-      FROM `UserGroups`
-      JOIN `Groups` ON `Groups`.`UID`=`UserGroups`.`group_id`
-      WHERE `UserGroups`.`uid`='" . sql_escape($user['UID']) . "'
-      ORDER BY `UserGroups`.`group_id`
-      ");
+function User_groups($user)
+{
+    return DB::select('
+          SELECT `Groups`.*
+          FROM `UserGroups`
+          JOIN `Groups` ON `Groups`.`UID`=`UserGroups`.`group_id`
+          WHERE `UserGroups`.`uid`=?
+          ORDER BY `UserGroups`.`group_id`
+       ',
+        [$user['UID']]
+    );
 }
-
-?>

includes/model/User_model.php

@@ -1,4 +1,6 @@
 <?php
+
+use Engelsystem\Database\DB;
 use Engelsystem\ValidationResult;
 
 /**
@@ -8,164 +10,292 @@ use Engelsystem\ValidationResult;
 /**
  * Delete a user
  *
- * @param int $user_id          
+ * @param int $user_id
+ * @return bool
  */
-function User_delete($user_id) {
-  return sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($user_id) . "'");
+function User_delete($user_id)
+{
+    DB::delete('DELETE FROM `User` WHERE `UID`=?', [$user_id]);
+
+    return DB::getStm()->errorCode() == '00000';
 }
 
 /**
  * Update user.
  *
- * @param User $user          
+ * @param array $user
+ * @return bool
  */
-function User_update($user) {
-  return sql_query("UPDATE `User` SET
-      `Nick`='" . sql_escape($user['Nick']) . "',
-      `Name`='" . sql_escape($user['Name']) . "',
-      `Vorname`='" . sql_escape($user['Vorname']) . "',
-      `Alter`='" . sql_escape($user['Alter']) . "',
-      `Telefon`='" . sql_escape($user['Telefon']) . "',
-      `DECT`='" . sql_escape($user['DECT']) . "',
-      `Handy`='" . sql_escape($user['Handy']) . "',
-      `email`='" . sql_escape($user['email']) . "',
-      `email_shiftinfo`=" . sql_bool($user['email_shiftinfo']) . ",
-      `email_by_human_allowed`=" . sql_bool($user['email_by_human_allowed']) . ",
-      `jabber`='" . sql_escape($user['jabber']) . "',
-      `Size`='" . sql_escape($user['Size']) . "',
-      `Gekommen`='" . sql_escape($user['Gekommen']) . "',
-      `Aktiv`='" . sql_escape($user['Aktiv']) . "',
-      `force_active`=" . sql_bool($user['force_active']) . ",
-      `Tshirt`='" . sql_escape($user['Tshirt']) . "',
-      `color`='" . sql_escape($user['color']) . "',
-      `Sprache`='" . sql_escape($user['Sprache']) . "',
-      `Hometown`='" . sql_escape($user['Hometown']) . "',
-      `got_voucher`='" . sql_escape($user['got_voucher']) . "',
-      `arrival_date`='" . sql_escape($user['arrival_date']) . "',
-      `planned_arrival_date`='" . sql_escape($user['planned_arrival_date']) . "',
-      `planned_departure_date`=" . sql_null($user['planned_departure_date']) . "
-      WHERE `UID`='" . sql_escape($user['UID']) . "'");
+function User_update($user)
+{
+    return (bool)DB::update('
+          UPDATE `User` SET
+          `Nick`=?,
+          `Name`=?,
+          `Vorname`=?,
+          `Alter`=?,
+          `Telefon`=?,
+          `DECT`=?,
+          `Handy`=?,
+          `email`=?,
+          `email_shiftinfo`=?,
+          `email_by_human_allowed`=?,
+          `jabber`=?,
+          `Size`=?,
+          `Gekommen`=?,
+          `Aktiv`=?,
+          `force_active`=?,
+          `Tshirt`=?,
+          `color`=?,
+          `Sprache`=?,
+          `Hometown`=?,
+          `got_voucher`=?,
+          `arrival_date`=?,
+          `planned_arrival_date`=?,
+          `planned_departure_date`=?
+          WHERE `UID`=?
+        ',
+        [
+            $user['Nick'],
+            $user['Name'],
+            $user['Vorname'],
+            $user['Alter'],
+            $user['Telefon'],
+            $user['DECT'],
+            $user['Handy'],
+            $user['email'],
+            (bool)$user['email_shiftinfo'],
+            (bool)$user['email_by_human_allowed'],
+            $user['jabber'],
+            $user['Size'],
+            $user['Gekommen'],
+            $user['Aktiv'],
+            (bool)$user['force_active'],
+            $user['Tshirt'],
+            $user['color'],
+            $user['Sprache'],
+            $user['Hometown'],
+            $user['got_voucher'],
+            $user['arrival_date'],
+            $user['planned_arrival_date'],
+            $user['planned_departure_date'],
+            $user['UID'],
+        ]
+    );
 }
 
 /**
  * Counts all forced active users.
+ *
+ * @return int
  */
-function User_force_active_count() {
-  return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `force_active` = 1");
+function User_force_active_count()
+{
+    $result = DB::select('SELECT COUNT(*) FROM `User` WHERE `force_active` = 1');
+    $result = array_shift($result);
+
+    if (empty($result)) {
+        return 0;
+    }
+
+    return (int)array_shift($result);
 }
 
-function User_active_count() {
-  return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Aktiv` = 1");
+/**
+ * @return int
+ */
+function User_active_count()
+{
+    $result = DB::select('SELECT COUNT(*) FROM `User` WHERE `Aktiv` = 1');
+    $result = array_shift($result);
+
+    if (empty($result)) {
+        return 0;
+    }
+
+    return (int)array_shift($result);
 }
 
-function User_got_voucher_count() {
-  return sql_select_single_cell("SELECT SUM(`got_voucher`) FROM `User`");
+/**
+ * @return int
+ */
+function User_got_voucher_count()
+{
+    $result = DB::select('SELECT SUM(`got_voucher`) FROM `User`');
+    $result = array_shift($result);
+
+    if (empty($result)) {
+        return 0;
+    }
+
+    return (int)array_shift($result);
 }
 
-function User_arrived_count() {
-  return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Gekommen` = 1");
+/**
+ * @return int
+ */
+function User_arrived_count()
+{
+    $result = DB::select('SELECT COUNT(*) FROM `User` WHERE `Gekommen` = 1');
+    $result = array_shift($result);
+
+    if (empty($result)) {
+        return 0;
+    }
+
+    return (int)array_shift($result);
 }
 
-function User_tshirts_count() {
-  return sql_select_single_cell("SELECT COUNT(*) FROM `User` WHERE `Tshirt` = 1");
+/**
+ * @return int
+ */
+function User_tshirts_count()
+{
+    $result = DB::select('SELECT COUNT(*) FROM `User` WHERE `Tshirt` = 1');
+    $result = array_shift($result);
+
+    if (empty($result)) {
+        return 0;
+    }
+
+    return (int)array_shift($result);
 }
 
 /**
  * Returns all column names for sorting in an array.
+ *
+ * @return array
  */
-function User_sortable_columns() {
-  return [
-      'Nick',
-      'Name',
-      'Vorname',
-      'Alter',
-      'DECT',
-      'email',
-      'Size',
-      'Gekommen',
-      'Aktiv',
-      'force_active',
-      'Tshirt',
-      'lastLogIn' 
-  ];
+function User_sortable_columns()
+{
+    return [
+        'Nick',
+        'Name',
+        'Vorname',
+        'Alter',
+        'DECT',
+        'email',
+        'Size',
+        'Gekommen',
+        'Aktiv',
+        'force_active',
+        'Tshirt',
+        'lastLogIn'
+    ];
 }
 
 /**
  * Get all users, ordered by Nick by default or by given param.
  *
- * @param string $order_by          
+ * @param string $order_by
+ * @return array|false
  */
-function Users($order_by = 'Nick') {
-  return sql_select("SELECT * FROM `User` ORDER BY `" . sql_escape($order_by) . "` ASC");
+function Users($order_by = 'Nick')
+{
+    $result = DB::select(sprintf('
+            SELECT *
+            FROM `User`
+            ORDER BY `%s` ASC
+        ',
+        trim(DB::getPdo()->quote($order_by), '\'')
+    ));
+
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    return $result;
 }
 
 /**
  * Returns true if user is freeloader
  *
- * @param User $user          
+ * @param array $user
+ * @return bool
  */
-function User_is_freeloader($user) {
-  global $max_freeloadable_shifts, $user;
-  
-  return count(ShiftEntries_freeloaded_by_user($user)) >= $max_freeloadable_shifts;
+function User_is_freeloader($user)
+{
+    global $user;
+
+    return count(ShiftEntries_freeloaded_by_user($user)) >= config('max_freeloadable_shifts');
 }
 
 /**
  * Returns all users that are not member of given angeltype.
  *
- * @param Angeltype $angeltype          
+ * @param array $angeltype Angeltype
+ * @return array
  */
-function Users_by_angeltype_inverted($angeltype) {
-  $result = sql_select("
-      SELECT `User`.*
-      FROM `User`
-      LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "')
-      WHERE `UserAngelTypes`.`id` IS NULL
-      ORDER BY `Nick`");
-  if ($result === false) {
-    engelsystem_error("Unable to load users.");
-  }
-  return $result;
+function Users_by_angeltype_inverted($angeltype)
+{
+    $result = DB::select('
+            SELECT `User`.*
+            FROM `User`
+            LEFT JOIN `UserAngelTypes`
+            ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`=?)
+            WHERE `UserAngelTypes`.`id` IS NULL
+            ORDER BY `Nick`
+        ',
+        [
+            $angeltype['id']
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load users.');
+    }
+    return $result;
 }
 
 /**
  * Returns all members of given angeltype.
  *
- * @param Angeltype $angeltype          
+ * @param array $angeltype
+ * @return array
  */
-function Users_by_angeltype($angeltype) {
-  $result = sql_select("
-      SELECT
-      `User`.*,
-      `UserAngelTypes`.`id` as `user_angeltype_id`,
-      `UserAngelTypes`.`confirm_user_id`,
-      `UserAngelTypes`.`supporter`,
-      `UserDriverLicenses`.*
-      FROM `User`
-      JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`
-      LEFT JOIN `UserDriverLicenses` ON `User`.`UID`=`UserDriverLicenses`.`user_id`
-      WHERE `UserAngelTypes`.`angeltype_id`='" . sql_escape($angeltype['id']) . "'
-      ORDER BY `Nick`");
-  if ($result === false) {
-    engelsystem_error("Unable to load members.");
-  }
-  return $result;
+function Users_by_angeltype($angeltype)
+{
+    $result = DB::select('
+            SELECT
+            `User`.*,
+            `UserAngelTypes`.`id` AS `user_angeltype_id`,
+            `UserAngelTypes`.`confirm_user_id`,
+            `UserAngelTypes`.`supporter`,
+            `UserDriverLicenses`.*
+            FROM `User`
+            JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`
+            LEFT JOIN `UserDriverLicenses` ON `User`.`UID`=`UserDriverLicenses`.`user_id`
+            WHERE `UserAngelTypes`.`angeltype_id`=?
+            ORDER BY `Nick`
+        ',
+        [
+            $angeltype['id']
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load members.');
+    }
+    return $result;
 }
 
 /**
  * Returns User id array
+ *
+ * @return array
  */
-function User_ids() {
-  return sql_select("SELECT `UID` FROM `User`");
+function User_ids()
+{
+    return DB::select('SELECT `UID` FROM `User`');
 }
 
 /**
  * Strip unwanted characters from a users nick.
  *
- * @param string $nick          
+ * @param string $nick
+ * @return string
  */
-function User_validate_Nick($nick) {
-  return preg_replace("/([^a-z0-9üöäß. _+*-]{1,})/ui", '', $nick);
+function User_validate_Nick($nick)
+{
+    return preg_replace('/([^\wüöäß. +*-]{1,})/ui', '', $nick);
 }
 
 /**
@@ -175,9 +305,10 @@ function User_validate_Nick($nick) {
  *          The email address to validate
  * @return ValidationResult
  */
-function User_validate_mail($mail) {
-  $mail = strip_item($mail);
-  return new ValidationResult(check_email($mail), $mail);
+function User_validate_mail($mail)
+{
+    $mail = strip_item($mail);
+    return new ValidationResult(check_email($mail), $mail);
 }
 
 /**
@@ -187,41 +318,42 @@ function User_validate_mail($mail) {
  *          Jabber-ID to validate
  * @return ValidationResult
  */
-function User_validate_jabber($jabber) {
-  $jabber = strip_item($jabber);
-  if ($jabber == '') {
-    // Empty is ok
-    return new ValidationResult(true, '');
-  }
-  return new ValidationResult(check_email($jabber), $jabber);
+function User_validate_jabber($jabber)
+{
+    $jabber = strip_item($jabber);
+    if ($jabber == '') {
+        // Empty is ok
+        return new ValidationResult(true, '');
+    }
+    return new ValidationResult(check_email($jabber), $jabber);
 }
 
 /**
  * Validate the planned arrival date
  *
- * @param int $planned_arrival_date
- *          Unix timestamp
+ * @param int $planned_arrival_date Unix timestamp
  * @return ValidationResult
  */
-function User_validate_planned_arrival_date($planned_arrival_date) {
-  if ($planned_arrival_date == null) {
-    // null is not okay
-    return new ValidationResult(false, time());
-  }
-  $event_config = EventConfig();
-  if ($event_config == null) {
-    // Nothing to validate against
+function User_validate_planned_arrival_date($planned_arrival_date)
+{
+    if ($planned_arrival_date == null) {
+        // null is not okay
+        return new ValidationResult(false, time());
+    }
+    $event_config = EventConfig();
+    if ($event_config == null) {
+        // Nothing to validate against
+        return new ValidationResult(true, $planned_arrival_date);
+    }
+    if (isset($event_config['buildup_start_date']) && $planned_arrival_date < $event_config['buildup_start_date']) {
+        // Planned arrival can not be before buildup start date
+        return new ValidationResult(false, $event_config['buildup_start_date']);
+    }
+    if (isset($event_config['teardown_end_date']) && $planned_arrival_date > $event_config['teardown_end_date']) {
+        // Planned arrival can not be after teardown end date
+        return new ValidationResult(false, $event_config['teardown_end_date']);
+    }
     return new ValidationResult(true, $planned_arrival_date);
-  }
-  if (isset($event_config['buildup_start_date']) && $planned_arrival_date < $event_config['buildup_start_date']) {
-    // Planned arrival can not be before buildup start date
-    return new ValidationResult(false, $event_config['buildup_start_date']);
-  }
-  if (isset($event_config['teardown_end_date']) && $planned_arrival_date > $event_config['teardown_end_date']) {
-    // Planned arrival can not be after teardown end date
-    return new ValidationResult(false, $event_config['teardown_end_date']);
-  }
-  return new ValidationResult(true, $planned_arrival_date);
 }
 
 /**
@@ -233,45 +365,51 @@ function User_validate_planned_arrival_date($planned_arrival_date) {
  *          Unix timestamp
  * @return ValidationResult
  */
-function User_validate_planned_departure_date($planned_arrival_date, $planned_departure_date) {
-  if ($planned_departure_date == null) {
-    // null is okay
-    return new ValidationResult(true, null);
-  }
-  if ($planned_arrival_date > $planned_departure_date) {
-    // departure cannot be before arrival
-    return new ValidationResult(false, $planned_arrival_date);
-  }
-  $event_config = EventConfig();
-  if ($event_config == null) {
-    // Nothing to validate against
+function User_validate_planned_departure_date($planned_arrival_date, $planned_departure_date)
+{
+    if ($planned_departure_date == null) {
+        // null is okay
+        return new ValidationResult(true, null);
+    }
+    if ($planned_arrival_date > $planned_departure_date) {
+        // departure cannot be before arrival
+        return new ValidationResult(false, $planned_arrival_date);
+    }
+    $event_config = EventConfig();
+    if ($event_config == null) {
+        // Nothing to validate against
+        return new ValidationResult(true, $planned_departure_date);
+    }
+    if (isset($event_config['buildup_start_date']) && $planned_departure_date < $event_config['buildup_start_date']) {
+        // Planned arrival can not be before buildup start date
+        return new ValidationResult(false, $event_config['buildup_start_date']);
+    }
+    if (isset($event_config['teardown_end_date']) && $planned_departure_date > $event_config['teardown_end_date']) {
+        // Planned arrival can not be after teardown end date
+        return new ValidationResult(false, $event_config['teardown_end_date']);
+    }
     return new ValidationResult(true, $planned_departure_date);
-  }
-  if (isset($event_config['buildup_start_date']) && $planned_departure_date < $event_config['buildup_start_date']) {
-    // Planned arrival can not be before buildup start date
-    return new ValidationResult(false, $event_config['buildup_start_date']);
-  }
-  if (isset($event_config['teardown_end_date']) && $planned_departure_date > $event_config['teardown_end_date']) {
-    // Planned arrival can not be after teardown end date
-    return new ValidationResult(false, $event_config['teardown_end_date']);
-  }
-  return new ValidationResult(true, $planned_departure_date);
 }
 
 /**
  * Returns user by id.
  *
- * @param $user_id UID          
+ * @param int $user_id UID
+ * @return array|null
  */
-function User($user_id) {
-  $user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-  if ($user_source === false) {
-    engelsystem_error("Unable to load user.");
-  }
-  if (count($user_source) > 0) {
-    return $user_source[0];
-  }
-  return null;
+function User($user_id)
+{
+    $user_source = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user.');
+    }
+
+    if (empty($user_source)) {
+        return null;
+    }
+
+    return array_shift($user_source);
 }
 
 /**
@@ -279,96 +417,138 @@ function User($user_id) {
  *
  * @param string $api_key
  *          User api key
- * @return Matching user, null or false on error
+ * @return array|null Matching user, null on error
  */
-function User_by_api_key($api_key) {
-  $user = sql_select("SELECT * FROM `User` WHERE `api_key`='" . sql_escape($api_key) . "' LIMIT 1");
-  if ($user === false) {
-    engelsystem_error("Unable to find user by api key.");
-  }
-  if (count($user) == 0) {
-    return null;
-  }
-  return $user[0];
+function User_by_api_key($api_key)
+{
+    $user = DB::select('SELECT * FROM `User` WHERE `api_key`=? LIMIT 1', [$api_key]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to find user by api key.');
+    }
+
+    if (empty($user)) {
+        return null;
+    }
+
+    return $user[0];
 }
 
 /**
  * Returns User by email.
  *
- * @param string $email          
- * @return Matching user, null or false on error
+ * @param string $email
+ * @return array|null Matching user, null or false on error
  */
-function User_by_email($email) {
-  $user = sql_select("SELECT * FROM `User` WHERE `email`='" . sql_escape($email) . "' LIMIT 1");
-  if ($user === false) {
-    engelsystem_error("Unable to load user.");
-  }
-  if (count($user) == 0) {
-    return null;
-  }
-  return $user[0];
+function User_by_email($email)
+{
+    $user = DB::select('SELECT * FROM `User` WHERE `email`=? LIMIT 1', [$email]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user.');
+    }
+
+    if (empty($user)) {
+        return null;
+    }
+
+    return array_shift($user);
 }
 
 /**
  * Returns User by password token.
  *
- * @param string $token          
- * @return Matching user, null or false on error
+ * @param string $token
+ * @return array|null Matching user, null or false on error
  */
-function User_by_password_recovery_token($token) {
-  $user = sql_select("SELECT * FROM `User` WHERE `password_recovery_token`='" . sql_escape($token) . "' LIMIT 1");
-  if ($user === false) {
-    engelsystem_error("Unable to load user.");
-  }
-  if (count($user) == 0) {
-    return null;
-  }
-  return $user[0];
+function User_by_password_recovery_token($token)
+{
+    $user = DB::select('SELECT * FROM `User` WHERE `password_recovery_token`=? LIMIT 1', [$token]);
+
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to load user.');
+    }
+
+    if (empty($user)) {
+        return null;
+    }
+
+    return array_shift($user);
 }
 
 /**
  * Generates a new api key for given user.
  *
- * @param User $user          
+ * @param array $user
+ * @param bool  $log
+ * @return bool
  */
-function User_reset_api_key(&$user, $log = true) {
-  $user['api_key'] = md5($user['Nick'] . time() . rand());
-  $result = sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
-  if ($result === false) {
-    return false;
-  }
-  if ($log) {
-    engelsystem_log(sprintf("API key resetted (%s).", User_Nick_render($user)));
-  }
+function User_reset_api_key(&$user, $log = true)
+{
+    $user['api_key'] = md5($user['Nick'] . time() . rand());
+    DB::update('
+            UPDATE `User`
+            SET `api_key`=?
+            WHERE `UID`=?
+            LIMIT 1
+        ',
+        [
+            $user['api_key'],
+            $user['UID']
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        return false;
+    }
+
+    if ($log) {
+        engelsystem_log(sprintf('API key resetted (%s).', User_Nick_render($user)));
+    }
+
+    return true;
 }
 
 /**
  * Generates a new password recovery token for given user.
  *
- * @param User $user          
+ * @param array $user
+ * @return string
  */
-function User_generate_password_recovery_token(&$user) {
-  $user['password_recovery_token'] = md5($user['Nick'] . time() . rand());
-  $result = sql_query("UPDATE `User` SET `password_recovery_token`='" . sql_escape($user['password_recovery_token']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
-  if ($result === false) {
-    engelsystem_error("Unable to generate password recovery token.");
-  }
-  engelsystem_log("Password recovery for " . User_Nick_render($user) . " started.");
-  return $user['password_recovery_token'];
+function User_generate_password_recovery_token(&$user)
+{
+    $user['password_recovery_token'] = md5($user['Nick'] . time() . rand());
+    DB::update('
+            UPDATE `User`
+            SET `password_recovery_token`=?
+            WHERE `UID`=?
+            LIMIT 1
+        ',
+        [
+            $user['password_recovery_token'],
+            $user['UID'],
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to generate password recovery token.');
+    }
+    engelsystem_log('Password recovery for ' . User_Nick_render($user) . ' started.');
+    return $user['password_recovery_token'];
 }
 
-function User_get_eligable_voucher_count(&$user) {
-  global $voucher_settings;
-  
-  $shifts_done = count(ShiftEntries_finished_by_user($user));
-  
-  $earned_vouchers = $user['got_voucher'] - $voucher_settings['initial_vouchers'];
-  $elegible_vouchers = $shifts_done / $voucher_settings['shifts_per_voucher'] - $earned_vouchers;
-  if ($elegible_vouchers < 0) {
-    return 0;
-  }
-  
-  return $elegible_vouchers;
-}
+/**
+ * @param array $user
+ * @return float
+ */
+function User_get_eligable_voucher_count(&$user)
+{
+    $voucher_settings = config('voucher_settings');
+    $shifts_done = count(ShiftEntries_finished_by_user($user));
 
-?>
+    $earned_vouchers = $user['got_voucher'] - $voucher_settings['initial_vouchers'];
+    $elegible_vouchers = $shifts_done / $voucher_settings['shifts_per_voucher'] - $earned_vouchers;
+    if ($elegible_vouchers < 0) {
+        return 0;
+    }
+
+    return $elegible_vouchers;
+}

includes/model/ValidationResult.php

@@ -6,37 +6,41 @@ namespace Engelsystem;
  * BO that represents the result of an entity attribute validation.
  * It contains the validated value and a bool for validation success.
  */
-class ValidationResult {
+class ValidationResult
+{
+    /** @var bool */
+    private $valid;
 
-  private $valid;
+    /** @var mixed */
+    private $value;
 
-  private $value;
+    /**
+     * @param boolean $valid Is the value valid?
+     * @param mixed   $value The validated value
+     */
+    public function __construct($valid, $value)
+    {
+        $this->valid = $valid;
+        $this->value = $value;
+    }
 
-  /**
-   * Constructor.
-   *
-   * @param boolean $valid
-   *          Is the value valid?
-   * @param * $value
-   *          The validated value
-   */
-  public function __construct($valid, $value) {
-    $this->valid = $valid;
-    $this->value = $value;
-  }
+    /**
+     * Is the value valid?
+     *
+     * @return bool
+     */
+    public function isValid()
+    {
+        return $this->valid;
+    }
 
-  /**
-   * Is the value valid?
-   */
-  public function isValid() {
-    return $this->valid;
-  }
-
-  /**
-   * The parsed/validated value.
-   */
-  public function getValue() {
-    return $this->value;
-  }
+    /**
+     * The parsed/validated value.
+     *
+     * @return mixed
+     */
+    public function getValue()
+    {
+        return $this->value;
+    }
 }
-?>

includes/mysqli_provider.php

@@ -1,216 +0,0 @@
-<?php
-
-/**
- * Close connection.
- */
-function sql_close() {
-  global $sql_connection;
-  
-  return $sql_connection->close();
-}
-
-/**
- * Return NULL if given value is null.
- */
-function sql_null($value = null) {
-  return $value == null ? 'NULL' : ("'" . sql_escape($value) . "'");
-}
-
-/**
- * Start new transaction.
- */
-function sql_transaction_start() {
-  global $sql_nested_transaction_level;
-  
-  if ($sql_nested_transaction_level ++ == 0) {
-    return sql_query("BEGIN");
-  }
-  
-  return true;
-}
-
-/**
- * Commit transaction.
- */
-function sql_transaction_commit() {
-  global $sql_nested_transaction_level;
-  
-  if (-- $sql_nested_transaction_level == 0) {
-    return sql_query("COMMIT");
-  }
-  
-  return true;
-}
-
-/**
- * Stop transaction, revert database.
- */
-function sql_transaction_rollback() {
-  global $sql_nested_transaction_level;
-  
-  if (-- $sql_nested_transaction_level == 0) {
-    return sql_query("ROLLBACK");
-  }
-  
-  return true;
-}
-
-/**
- * Logs an sql error.
- *
- * @param string $message          
- * @return false
- */
-function sql_error($message) {
-  sql_close();
-  
-  $message = trim($message) . "\n";
-  $message .= debug_string_backtrace() . "\n";
-  
-  error_log('mysql_provider error: ' . $message);
-  
-  return false;
-}
-
-/**
- * Connect to mysql server.
- *
- * @param string $host
- *          Host
- * @param string $user
- *          Username
- * @param string $pass
- *          Password
- * @param string $db_name
- *          DB to select
- * @return mysqli The connection handler
- */
-function sql_connect($host, $user, $pass, $db_name) {
-  global $sql_connection;
-  
-  $sql_connection = new mysqli($host, $user, $pass, $db_name);
-  if ($sql_connection->connect_errno) {
-    error("Unable to connect to MySQL: " . $sql_connection->connect_error);
-    return sql_error("Unable to connect to MySQL: " . $sql_connection->connect_error);
-  }
-  
-  $result = $sql_connection->query("SET CHARACTER SET utf8;");
-  if (! $result) {
-    return sql_error("Unable to set utf8 character set (" . $sql_connection->errno . ") " . $sql_connection->error);
-  }
-  
-  $result = $sql_connection->set_charset('utf8');
-  if (! $result) {
-    return sql_error("Unable to set utf8 names (" . $sql_connection->errno . ") " . $sql_connection->error);
-  }
-  
-  return $sql_connection;
-}
-
-/**
- * Change the selected db in current mysql-connection.
- *
- * @param
- *          $db_name
- * @return bool true on success, false on error
- */
-function sql_select_db($db_name) {
-  global $sql_connection;
-  if (! $sql_connection->select_db($db_name)) {
-    return sql_error("No database selected.");
-  }
-  return true;
-}
-
-/**
- * MySQL SELECT query
- *
- * @param string $query          
- * @return Result array or false on error
- */
-function sql_select($query) {
-  global $sql_connection;
-  
-//   echo $query . ";\n";
-//   echo debug_string_backtrace() . "\n";
-  
-  $result = $sql_connection->query($query);
-  if ($result) {
-    $data = [];
-    while ($line = $result->fetch_assoc()) {
-      array_push($data, $line);
-    }
-    return $data;
-  }
-  
-  return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
-}
-
-/**
- * MySQL execute a query
- *
- * @param string $query          
- * @return mysqli_result boolean resource or false on error
- */
-function sql_query($query) {
-  global $sql_connection;
-  
-  $result = $sql_connection->query($query);
-  if ($result) {
-    return $result;
-  }
-  
-  return sql_error("MySQL-query error: " . $query . " (" . $sql_connection->errno . ") " . $sql_connection->error);
-}
-
-/**
- * Returns last inserted id.
- *
- * @return int
- */
-function sql_id() {
-  global $sql_connection;
-  return $sql_connection->insert_id;
-}
-
-/**
- * Escape a string for a sql query.
- *
- * @param string $query          
- * @return string
- */
-function sql_escape($query) {
-  global $sql_connection;
-  return $sql_connection->real_escape_string($query);
-}
-
-/**
- * Convert a boolean for mysql-queries.
- *
- * @param boolean $boolean          
- * @return string
- */
-function sql_bool($boolean) {
-  return $boolean == true ? 'TRUE' : 'FALSE';
-}
-
-/**
- * Count query result lines.
- *
- * @param string $query          
- * @return int Count of result lines
- */
-function sql_num_query($query) {
-  return sql_query($query)->num_rows;
-}
-
-function sql_select_single_col($query) {
-  $result = sql_select($query);
-  return array_map('array_shift', $result);
-}
-
-function sql_select_single_cell($query) {
-  return array_shift(array_shift(sql_select($query)));
-}
-
-?>

includes/pages/admin_active.php

@@ -1,202 +1,272 @@
 <?php
 
-function admin_active_title() {
-  return _("Active angels");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_active_title()
+{
+    return _('Active angels');
 }
 
-function admin_active() {
-  global $tshirt_sizes, $shift_sum_formula;
-  
-  $msg = "";
-  $search = "";
-  $forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1");
-  $count = $forced_count;
-  $limit = "";
-  $set_active = "";
-  
-  if (isset($_REQUEST['search'])) {
-    $search = strip_request_item('search');
-  }
-  
-  $show_all_shifts = isset($_REQUEST['show_all_shifts']);
-  
-  if (isset($_REQUEST['set_active'])) {
-    $valid = true;
-    
-    if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) {
-      $count = strip_request_item('count');
-      if ($count < $forced_count) {
-        error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count));
-        redirect(page_link_to('admin_active'));
-      }
-    } else {
-      $valid = false;
-      $msg .= error(_("Please enter a number of angels to be marked as active."), true);
+/**
+ * @return string
+ */
+function admin_active()
+{
+    $tshirt_sizes = config('tshirt_sizes');
+    $shift_sum_formula = config('shift_sum_formula');
+
+    $msg = '';
+    $search = '';
+    $forced_count = count(DB::select('SELECT `UID` FROM `User` WHERE `force_active`=1'));
+    $count = $forced_count;
+    $limit = '';
+    $set_active = '';
+
+    if (isset($_REQUEST['search'])) {
+        $search = strip_request_item('search');
     }
-    
-    if ($valid) {
-      $limit = " LIMIT " . $count;
-    }
-    if (isset($_REQUEST['ack'])) {
-      sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
-      $users = sql_select("
-          SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, $shift_sum_formula as `shift_length` 
-          FROM `User` 
-          LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` 
-          LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` 
-          WHERE `User`.`Gekommen` = 1 AND `User`.`force_active`=0 
-          GROUP BY `User`.`UID` 
-          ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
-      $user_nicks = [];
-      foreach ($users as $usr) {
-        sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'");
-        $user_nicks[] = User_Nick_render($usr);
-      }
-      sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE");
-      engelsystem_log("These angels are active now: " . join(", ", $user_nicks));
-      
-      $limit = "";
-      $msg = success(_("Marked angels."), true);
-    } else {
-      $set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">' . _("apply") . '</a>';
-    }
-  }
-  
-  if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
-    $user_id = $_REQUEST['active'];
-    $user_source = User($user_id);
-    if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-      engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
-      $msg = success(_("Angel has been marked as active."), true);
-    } else {
-      $msg = error(_("Angel not found."), true);
-    }
-  } elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
-    $user_id = $_REQUEST['not_active'];
-    $user_source = User($user_id);
-    if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-      engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
-      $msg = success(_("Angel has been marked as not active."), true);
-    } else {
-      $msg = error(_("Angel not found."), true);
-    }
-  } elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
-    $user_id = $_REQUEST['tshirt'];
-    $user_source = User($user_id);
-    if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-      engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
-      $msg = success(_("Angel has got a t-shirt."), true);
-    } else {
-      $msg = error("Angel not found.", true);
-    }
-  } elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
-    $user_id = $_REQUEST['not_tshirt'];
-    $user_source = User($user_id);
-    if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-      engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
-      $msg = success(_("Angel has got no t-shirt."), true);
-    } else {
-      $msg = error(_("Angel not found."), true);
-    }
-  }
-  
-  $users = sql_select("
-      SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` 
-      FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` 
-      LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` " . ($show_all_shifts ? "" : "AND (`Shifts`.`end` < " . time() . " OR `Shifts`.`end` IS NULL)") . "
-      WHERE `User`.`Gekommen` = 1
-      GROUP BY `User`.`UID` 
-      ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
-  $matched_users = [];
-  if ($search == "") {
-    $tokens = [];
-  } else {
-    $tokens = explode(" ", $search);
-  }
-  foreach ($users as &$usr) {
-    if (count($tokens) > 0) {
-      $match = false;
-      foreach ($tokens as $t) {
-        if (stristr($usr['Nick'], trim($t))) {
-          $match = true;
-          break;
+
+    $show_all_shifts = isset($_REQUEST['show_all_shifts']);
+
+    if (isset($_REQUEST['set_active'])) {
+        $valid = true;
+
+        if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) {
+            $count = strip_request_item('count');
+            if ($count < $forced_count) {
+                error(sprintf(
+                    _('At least %s angels are forced to be active. The number has to be greater.'),
+                    $forced_count
+                ));
+                redirect(page_link_to('admin_active'));
+            }
+        } else {
+            $valid = false;
+            $msg .= error(_('Please enter a number of angels to be marked as active.'), true);
+        }
+
+        if ($valid) {
+            $limit = ' LIMIT ' . $count;
+        }
+        if (isset($_REQUEST['ack'])) {
+            DB::update('UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0');
+            $users = DB::select(sprintf('
+                  SELECT
+                      `User`.*,
+                      COUNT(`ShiftEntry`.`id`) AS `shift_count`,
+                      %s AS `shift_length`
+                  FROM `User`
+                  LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
+                  LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID`
+                  WHERE `User`.`Gekommen` = 1
+                  AND `User`.`force_active`=0
+                  GROUP BY `User`.`UID`
+                  ORDER BY `force_active` DESC, `shift_length` DESC
+                  %s
+                ',
+                $shift_sum_formula,
+                $limit
+            ));
+            $user_nicks = [];
+            foreach ($users as $usr) {
+                DB::update('UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=?', [$usr['UID']]);
+                $user_nicks[] = User_Nick_render($usr);
+            }
+            DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE');
+            engelsystem_log('These angels are active now: ' . join(', ', $user_nicks));
+
+            $limit = '';
+            $msg = success(_('Marked angels.'), true);
+        } else {
+            $set_active = '<a href="' . page_link_to('admin_active') . '&amp;serach=' . $search . '">&laquo; '
+                . _('back') . '</a> | <a href="'
+                . page_link_to('admin_active') . '&amp;search=' . $search . '&amp;count=' . $count . '&amp;set_active&amp;ack">'
+                . _('apply')
+                . '</a>';
         }
-      }
-      if (! $match) {
-        continue;
-      }
     }
-    $usr['nick'] = User_Nick_render($usr);
-    $usr['shirt_size'] = $tshirt_sizes[$usr['Size']];
-    $usr['work_time'] = round($usr['shift_length'] / 60) . ' min (' . round($usr['shift_length'] / 3600) . ' h)';
-    $usr['active'] = glyph_bool($usr['Aktiv'] == 1);
-    $usr['force_active'] = glyph_bool($usr['force_active'] == 1);
-    $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1);
-    
-    $actions = [];
-    if ($usr['Aktiv'] == 0) {
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("set active") . '</a>';
+
+    if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) {
+        $user_id = $_REQUEST['active'];
+        $user_source = User($user_id);
+        if ($user_source != null) {
+            DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
+            engelsystem_log('User ' . User_Nick_render($user_source) . ' is active now.');
+            $msg = success(_('Angel has been marked as active.'), true);
+        } else {
+            $msg = error(_('Angel not found.'), true);
+        }
+    } elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) {
+        $user_id = $_REQUEST['not_active'];
+        $user_source = User($user_id);
+        if ($user_source != null) {
+            DB::update('UPDATE `User` SET `Aktiv`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
+            engelsystem_log('User ' . User_Nick_render($user_source) . ' is NOT active now.');
+            $msg = success(_('Angel has been marked as not active.'), true);
+        } else {
+            $msg = error(_('Angel not found.'), true);
+        }
+    } elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) {
+        $user_id = $_REQUEST['tshirt'];
+        $user_source = User($user_id);
+        if ($user_source != null) {
+            DB::update('UPDATE `User` SET `Tshirt`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
+            engelsystem_log('User ' . User_Nick_render($user_source) . ' has tshirt now.');
+            $msg = success(_('Angel has got a t-shirt.'), true);
+        } else {
+            $msg = error('Angel not found.', true);
+        }
+    } elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) {
+        $user_id = $_REQUEST['not_tshirt'];
+        $user_source = User($user_id);
+        if ($user_source != null) {
+            DB::update('UPDATE `User` SET `Tshirt`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
+            engelsystem_log('User ' . User_Nick_render($user_source) . ' has NO tshirt.');
+            $msg = success(_('Angel has got no t-shirt.'), true);
+        } else {
+            $msg = error(_('Angel not found.'), true);
+        }
     }
-    if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove active") . '</a>';
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("got t-shirt") . '</a>';
+
+    $users = DB::select(sprintf('
+            SELECT
+                `User`.*,
+                COUNT(`ShiftEntry`.`id`) AS `shift_count`,
+                %s AS `shift_length`
+            FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
+            LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` '
+        . ($show_all_shifts ? '' : 'AND (`Shifts`.`end` < ' . time() . " OR `Shifts`.`end` IS NULL)") . '
+            WHERE `User`.`Gekommen` = 1
+            GROUP BY `User`.`UID`
+            ORDER BY `force_active` DESC, `shift_length` DESC
+            %s
+        ',
+        $shift_sum_formula,
+        $limit
+    ));
+    $matched_users = [];
+    if ($search == '') {
+        $tokens = [];
+    } else {
+        $tokens = explode(' ', $search);
     }
-    if ($usr['Tshirt'] == 1) {
-      $actions[] = '<a href="' . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">' . _("remove t-shirt") . '</a>';
+    foreach ($users as &$usr) {
+        if (count($tokens) > 0) {
+            $match = false;
+            foreach ($tokens as $t) {
+                if (stristr($usr['Nick'], trim($t))) {
+                    $match = true;
+                    break;
+                }
+            }
+            if (!$match) {
+                continue;
+            }
+        }
+        $usr['nick'] = User_Nick_render($usr);
+        $usr['shirt_size'] = $tshirt_sizes[$usr['Size']];
+        $usr['work_time'] = round($usr['shift_length'] / 60) . ' min (' . round($usr['shift_length'] / 3600) . ' h)';
+        $usr['active'] = glyph_bool($usr['Aktiv'] == 1);
+        $usr['force_active'] = glyph_bool($usr['force_active'] == 1);
+        $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1);
+
+        $actions = [];
+        if ($usr['Aktiv'] == 0) {
+            $actions[] = '<a href="'
+                . page_link_to('admin_active') . '&amp;active=' . $usr['UID']
+                . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
+                . _('set active')
+                . '</a>';
+        }
+        if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
+            $actions[] = '<a href="'
+                . page_link_to('admin_active') . '&amp;not_active=' . $usr['UID']
+                . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
+                . _('remove active')
+                . '</a>';
+            $actions[] = '<a href="'
+                . page_link_to('admin_active') . '&amp;tshirt=' . $usr['UID']
+                . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
+                . _('got t-shirt')
+                . '</a>';
+        }
+        if ($usr['Tshirt'] == 1) {
+            $actions[] = '<a href="'
+                . page_link_to('admin_active') . '&amp;not_tshirt=' . $usr['UID']
+                . ($show_all_shifts ? '&amp;show_all_shifts=' : '') . '&amp;search=' . $search . '">'
+                . _('remove t-shirt')
+                . '</a>';
+        }
+
+        $usr['actions'] = join(' ', $actions);
+
+        $matched_users[] = $usr;
     }
-    
-    $usr['actions'] = join(' ', $actions);
-    
-    $matched_users[] = $usr;
-  }
-  
-  $shirt_statistics = [];
-  foreach (array_keys($tshirt_sizes) as $size) {
-    if ($size != '') {
-      $shirt_statistics[] = [
-          'size' => $size,
-          'needed' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Gekommen`=1"),
-          'given' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Tshirt`=1") 
-      ];
+
+    $shirt_statistics = [];
+    foreach (array_keys($tshirt_sizes) as $size) {
+        if (!empty($size)) {
+            $sc = DB::select(
+                'SELECT count(*) FROM `User` WHERE `Size`=? AND `Gekommen`=1',
+                [$size]
+            );
+            $sc = array_shift($sc);
+            $sc = array_shift($sc);
+
+            $gc = DB::select(
+                'SELECT count(*) FROM `User` WHERE `Size`=? AND `Tshirt`=1',
+                [$size]
+            );
+            $gc = array_shift($gc);
+            $gc = array_shift($gc);
+
+            $shirt_statistics[] = [
+                'size'   => $size,
+                'needed' => (int)$sc,
+                'given'  => (int)$gc
+            ];
+        }
     }
-  }
-  $shirt_statistics[] = [
-      'size' => '<b>' . _("Sum") . '</b>',
-      'needed' => '<b>' . User_arrived_count() . '</b>',
-      'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' 
-  ];
-  
-  return page_with_title(admin_active_title(), [
-      form([
-          form_text('search', _("Search angel:"), $search),
-          form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts),
-          form_submit('submit', _("Search")) 
-      ], page_link_to('admin_active')),
-      $set_active == "" ? form([
-          form_text('count', _("How much angels should be active?"), $count),
-          form_submit('set_active', _("Preview")) 
-      ]) : $set_active,
-      msg(),
-      table([
-          'nick' => _("Nickname"),
-          'shirt_size' => _("Size"),
-          'shift_count' => _("Shifts"),
-          'work_time' => _("Length"),
-          'active' => _("Active?"),
-          'force_active' => _("Forced"),
-          'tshirt' => _("T-shirt?"),
-          'actions' => "" 
-      ], $matched_users),
-      '<h2>' . _("Shirt statistics") . '</h2>',
-      table([
-          'size' => _("Size"),
-          'needed' => _("Needed shirts"),
-          'given' => _("Given shirts") 
-      ], $shirt_statistics) 
-  ]);
+
+    $uc = DB::select('SELECT count(*) FROM `User` WHERE `Tshirt`=1');
+    $uc = array_shift($uc);
+    $uc = array_shift($uc);
+
+    $shirt_statistics[] = [
+        'size'   => '<b>' . _('Sum') . '</b>',
+        'needed' => '<b>' . User_arrived_count() . '</b>',
+        'given'  => '<b>' . (int)$uc . '</b>'
+    ];
+
+    return page_with_title(admin_active_title(), [
+        form([
+            form_text('search', _('Search angel:'), $search),
+            form_checkbox('show_all_shifts', _('Show all shifts'), $show_all_shifts),
+            form_submit('submit', _('Search'))
+        ], page_link_to('admin_active')),
+        $set_active == '' ? form([
+            form_text('count', _('How much angels should be active?'), $count),
+            form_submit('set_active', _('Preview'))
+        ]) : $set_active,
+        $msg . msg(),
+        table([
+            'nick'         => _('Nickname'),
+            'shirt_size'   => _('Size'),
+            'shift_count'  => _('Shifts'),
+            'work_time'    => _('Length'),
+            'active'       => _('Active?'),
+            'force_active' => _('Forced'),
+            'tshirt'       => _('T-shirt?'),
+            'actions'      => ''
+        ], $matched_users),
+        '<h2>' . _('Shirt statistics') . '</h2>',
+        table([
+            'size'   => _('Size'),
+            'needed' => _('Needed shirts'),
+            'given'  => _('Given shirts')
+        ], $shirt_statistics)
+    ]);
 }
-?>

includes/pages/admin_arrive.php

@@ -1,201 +1,222 @@
 <?php
 
-function admin_arrive_title() {
-  return _("Arrived angels");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_arrive_title()
+{
+    return _('Arrived angels');
 }
 
-function admin_arrive() {
-  $msg = "";
-  $search = "";
-  if (isset($_REQUEST['search'])) {
-    $search = strip_request_item('search');
-  }
-  
-  if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
-    $user_id = $_REQUEST['reset'];
-    $user_source = User($user_id);
-    if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-      engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
-      success(_("Reset done. Angel has not arrived."));
-      redirect(user_link($user_source));
-    } else {
-      $msg = error(_("Angel not found."), true);
+/**
+ * @return string
+ */
+function admin_arrive()
+{
+    $msg = '';
+    $search = '';
+    if (isset($_REQUEST['search'])) {
+        $search = strip_request_item('search');
     }
-  } elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
-    $user_id = $_REQUEST['arrived'];
-    $user_source = User($user_id);
-    if ($user_source != null) {
-      sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-      engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
-      success(_("Angel has been marked as arrived."));
-      redirect(user_link($user_source));
-    } else {
-      $msg = error(_("Angel not found."), true);
-    }
-  }
-  
-  $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
-  $arrival_count_at_day = [];
-  $planned_arrival_count_at_day = [];
-  $planned_departure_count_at_day = [];
-  $users_matched = [];
-  if ($search == "") {
-    $tokens = [];
-  } else {
-    $tokens = explode(" ", $search);
-  }
-  foreach ($users as $usr) {
-    if (count($tokens) > 0) {
-      $match = false;
-      $index = join(" ", $usr);
-      foreach ($tokens as $t) {
-        if (stristr($index, trim($t))) {
-          $match = true;
-          break;
+
+    if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) {
+        $user_id = $_REQUEST['reset'];
+        $user_source = User($user_id);
+        if ($user_source != null) {
+            DB::update('
+                UPDATE `User`
+                SET `Gekommen`=0, `arrival_date` = NULL
+                WHERE `UID`=?
+                LIMIT 1
+            ', [$user_id]);
+            engelsystem_log('User set to not arrived: ' . User_Nick_render($user_source));
+            success(_('Reset done. Angel has not arrived.'));
+            redirect(user_link($user_source));
+        } else {
+            $msg = error(_('Angel not found.'), true);
+        }
+    } elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) {
+        $user_id = $_REQUEST['arrived'];
+        $user_source = User($user_id);
+        if ($user_source != null) {
+            DB::update('
+                UPDATE `User`
+                SET `Gekommen`=1, `arrival_date`=?
+                WHERE `UID`=?
+                LIMIT 1
+            ', [time(), $user_id]);
+            engelsystem_log('User set has arrived: ' . User_Nick_render($user_source));
+            success(_('Angel has been marked as arrived.'));
+            redirect(user_link($user_source));
+        } else {
+            $msg = error(_('Angel not found.'), true);
         }
-      }
-      if (! $match) {
-        continue;
-      }
     }
-    
-    $usr['nick'] = User_Nick_render($usr);
-    if ($usr['planned_departure_date'] != null) {
-      $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']);
+
+    $users = DB::select('SELECT * FROM `User` ORDER BY `Nick`');
+    $arrival_count_at_day = [];
+    $planned_arrival_count_at_day = [];
+    $planned_departure_count_at_day = [];
+    $users_matched = [];
+    if ($search == '') {
+        $tokens = [];
     } else {
-      $usr['rendered_planned_departure_date'] = '-';
+        $tokens = explode(' ', $search);
     }
-    $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
-    $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
-    $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
-    $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>';
-    
-    if ($usr['arrival_date'] > 0) {
-      $day = date('Y-m-d', $usr['arrival_date']);
-      if (! isset($arrival_count_at_day[$day])) {
-        $arrival_count_at_day[$day] = 0;
-      }
-      $arrival_count_at_day[$day] ++;
+    foreach ($users as $usr) {
+        if (count($tokens) > 0) {
+            $match = false;
+            $index = join(' ', $usr);
+            foreach ($tokens as $t) {
+                if (stristr($index, trim($t))) {
+                    $match = true;
+                    break;
+                }
+            }
+            if (!$match) {
+                continue;
+            }
+        }
+
+        $usr['nick'] = User_Nick_render($usr);
+        if ($usr['planned_departure_date'] != null) {
+            $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']);
+        } else {
+            $usr['rendered_planned_departure_date'] = '-';
+        }
+        $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
+        $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : '-';
+        $usr['arrived'] = $usr['Gekommen'] == 1 ? _('yes') : '';
+        $usr['actions'] = $usr['Gekommen'] == 1
+            ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _('reset') . '</a>'
+            : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _('arrived') . '</a>';
+
+        if ($usr['arrival_date'] > 0) {
+            $day = date('Y-m-d', $usr['arrival_date']);
+            if (!isset($arrival_count_at_day[$day])) {
+                $arrival_count_at_day[$day] = 0;
+            }
+            $arrival_count_at_day[$day]++;
+        }
+
+        if ($usr['planned_arrival_date'] != null) {
+            $day = date('Y-m-d', $usr['planned_arrival_date']);
+            if (!isset($planned_arrival_count_at_day[$day])) {
+                $planned_arrival_count_at_day[$day] = 0;
+            }
+            $planned_arrival_count_at_day[$day]++;
+        }
+
+        if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) {
+            $day = date('Y-m-d', $usr['planned_departure_date']);
+            if (!isset($planned_departure_count_at_day[$day])) {
+                $planned_departure_count_at_day[$day] = 0;
+            }
+            $planned_departure_count_at_day[$day]++;
+        }
+
+        $users_matched[] = $usr;
     }
-    
-    if ($usr['planned_arrival_date'] != null) {
-      $day = date('Y-m-d', $usr['planned_arrival_date']);
-      if (! isset($planned_arrival_count_at_day[$day])) {
-        $planned_arrival_count_at_day[$day] = 0;
-      }
-      $planned_arrival_count_at_day[$day] ++;
+
+    ksort($arrival_count_at_day);
+    ksort($planned_arrival_count_at_day);
+    ksort($planned_departure_count_at_day);
+
+    $arrival_at_day = [];
+    $arrival_sum = 0;
+    foreach ($arrival_count_at_day as $day => $count) {
+        $arrival_sum += $count;
+        $arrival_at_day[$day] = [
+            'day'   => $day,
+            'count' => $count,
+            'sum'   => $arrival_sum
+        ];
     }
-    
-    if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) {
-      $day = date('Y-m-d', $usr['planned_departure_date']);
-      if (! isset($planned_departure_count_at_day[$day])) {
-        $planned_departure_count_at_day[$day] = 0;
-      }
-      $planned_departure_count_at_day[$day] ++;
+
+    $planned_arrival_at_day = [];
+    $planned_arrival_sum = 0;
+    foreach ($planned_arrival_count_at_day as $day => $count) {
+        $planned_arrival_sum += $count;
+        $planned_arrival_at_day[$day] = [
+            'day'   => $day,
+            'count' => $count,
+            'sum'   => $planned_arrival_sum
+        ];
     }
-    
-    $users_matched[] = $usr;
-  }
-  
-  ksort($arrival_count_at_day);
-  ksort($planned_arrival_count_at_day);
-  ksort($planned_departure_count_at_day);
-  
-  $arrival_at_day = [];
-  $arrival_sum = 0;
-  foreach ($arrival_count_at_day as $day => $count) {
-    $arrival_sum += $count;
-    $arrival_at_day[$day] = [
-        'day' => $day,
-        'count' => $count,
-        'sum' => $arrival_sum 
-    ];
-  }
-  
-  $planned_arrival_at_day = [];
-  $planned_arrival_sum = 0;
-  foreach ($planned_arrival_count_at_day as $day => $count) {
-    $planned_arrival_sum += $count;
-    $planned_arrival_at_day[$day] = [
-        'day' => $day,
-        'count' => $count,
-        'sum' => $planned_arrival_sum 
-    ];
-  }
-  
-  $planned_departure_at_day = [];
-  $planned_departure_sum = 0;
-  foreach ($planned_departure_count_at_day as $day => $count) {
-    $planned_departure_sum += $count;
-    $planned_departure_at_day[$day] = [
-        'day' => $day,
-        'count' => $count,
-        'sum' => $planned_departure_sum 
-    ];
-  }
-  
-  return page_with_title(admin_arrive_title(), [
-      msg(),
-      form([
-          form_text('search', _("Search"), $search),
-          form_submit('submit', _("Search")) 
-      ]),
-      table([
-          'nick' => _("Nickname"),
-          'rendered_planned_arrival_date' => _("Planned arrival"),
-          'arrived' => _("Arrived?"),
-          'rendered_arrival_date' => _("Arrival date"),
-          'rendered_planned_departure_date' => _("Planned departure"),
-          'actions' => "" 
-      ], $users_matched),
-      div('row', [
-          div('col-md-4', [
-              heading(_("Planned arrival statistics"), 2),
-              bargraph('planned_arrives', 'day', [
-                  'count' => _("arrived"),
-                  'sum' => _("arrived sum") 
-              ], [
-                  'count' => '#090',
-                  'sum' => '#888' 
-              ], $planned_arrival_at_day),
-              table([
-                  'day' => _("Date"),
-                  'count' => _("Count"),
-                  'sum' => _("Sum") 
-              ], $planned_arrival_at_day) 
-          ]),
-          div('col-md-4', [
-              heading(_("Arrival statistics"), 2),
-              bargraph('arrives', 'day', [
-                  'count' => _("arrived"),
-                  'sum' => _("arrived sum") 
-              ], [
-                  'count' => '#090',
-                  'sum' => '#888' 
-              ], $arrival_at_day),
-              table([
-                  'day' => _("Date"),
-                  'count' => _("Count"),
-                  'sum' => _("Sum") 
-              ], $arrival_at_day) 
-          ]),
-          div('col-md-4', [
-              heading(_("Planned departure statistics"), 2),
-              bargraph('planned_departures', 'day', [
-                  'count' => _("arrived"),
-                  'sum' => _("arrived sum") 
-              ], [
-                  'count' => '#090',
-                  'sum' => '#888' 
-              ], $planned_departure_at_day),
-              table([
-                  'day' => _("Date"),
-                  'count' => _("Count"),
-                  'sum' => _("Sum") 
-              ], $planned_departure_at_day) 
-          ]) 
-      ]) 
-  ]);
+
+    $planned_departure_at_day = [];
+    $planned_departure_sum = 0;
+    foreach ($planned_departure_count_at_day as $day => $count) {
+        $planned_departure_sum += $count;
+        $planned_departure_at_day[$day] = [
+            'day'   => $day,
+            'count' => $count,
+            'sum'   => $planned_departure_sum
+        ];
+    }
+
+    return page_with_title(admin_arrive_title(), [
+        $msg . msg(),
+        form([
+            form_text('search', _('Search'), $search),
+            form_submit('submit', _('Search'))
+        ]),
+        table([
+            'nick'                            => _('Nickname'),
+            'rendered_planned_arrival_date'   => _('Planned arrival'),
+            'arrived'                         => _('Arrived?'),
+            'rendered_arrival_date'           => _('Arrival date'),
+            'rendered_planned_departure_date' => _('Planned departure'),
+            'actions'                         => ''
+        ], $users_matched),
+        div('row', [
+            div('col-md-4', [
+                heading(_('Planned arrival statistics'), 2),
+                bargraph('planned_arrives', 'day', [
+                    'count' => _('arrived'),
+                    'sum'   => _('arrived sum')
+                ], [
+                    'count' => '#090',
+                    'sum'   => '#888'
+                ], $planned_arrival_at_day),
+                table([
+                    'day'   => _('Date'),
+                    'count' => _('Count'),
+                    'sum'   => _('Sum')
+                ], $planned_arrival_at_day)
+            ]),
+            div('col-md-4', [
+                heading(_('Arrival statistics'), 2),
+                bargraph('arrives', 'day', [
+                    'count' => _('arrived'),
+                    'sum'   => _('arrived sum')
+                ], [
+                    'count' => '#090',
+                    'sum'   => '#888'
+                ], $arrival_at_day),
+                table([
+                    'day'   => _('Date'),
+                    'count' => _('Count'),
+                    'sum'   => _('Sum')
+                ], $arrival_at_day)
+            ]),
+            div('col-md-4', [
+                heading(_('Planned departure statistics'), 2),
+                bargraph('planned_departures', 'day', [
+                    'count' => _('arrived'),
+                    'sum'   => _('arrived sum')
+                ], [
+                    'count' => '#090',
+                    'sum'   => '#888'
+                ], $planned_departure_at_day),
+                table([
+                    'day'   => _('Date'),
+                    'count' => _('Count'),
+                    'sum'   => _('Sum')
+                ], $planned_departure_at_day)
+            ])
+        ])
+    ]);
 }
-?>

includes/pages/admin_free.php

@@ -1,101 +1,127 @@
 <?php
 
-function admin_free_title() {
-  return _("Free angels");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_free_title()
+{
+    return _('Free angels');
 }
 
-function admin_free() {
-  global $privileges;
-  
-  $search = "";
-  if (isset($_REQUEST['search'])) {
-    $search = strip_request_item('search');
-  }
-  
-  $angeltypesearch = "";
-  if (empty($_REQUEST['angeltype'])) {
-    $_REQUEST['angeltype'] = '';
-  } else {
-    $angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`";
-    if (isset($_REQUEST['confirmed_only'])) {
-      $angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`";
+/**
+ * @return string
+ */
+function admin_free()
+{
+    global $privileges;
+
+    $search = '';
+    if (isset($_REQUEST['search'])) {
+        $search = strip_request_item('search');
     }
-    $angeltypesearch .= ") ";
-  }
-  
-  $angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
-  $angel_types = [
-      '' => 'alle Typen' 
-  ];
-  foreach ($angel_types_source as $angel_type) {
-    $angel_types[$angel_type['id']] = $angel_type['name'];
-  }
-  
-  $users = sql_select("
-      SELECT `User`.* 
-      FROM `User` 
-      ${angeltypesearch} 
-      LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` 
-      LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "') 
-      WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL 
-      GROUP BY `User`.`UID` 
-      ORDER BY `Nick`");
-  
-  $free_users_table = [];
-  if ($search == "") {
-    $tokens = [];
-  } else {
-    $tokens = explode(" ", $search);
-  }
-  foreach ($users as $usr) {
-    if (count($tokens) > 0) {
-      $match = false;
-      $index = join("", $usr);
-      foreach ($tokens as $t) {
-        if (stristr($index, trim($t))) {
-          $match = true;
-          break;
+
+    $angelTypeSearch = '';
+    if (empty($_REQUEST['angeltype'])) {
+        $_REQUEST['angeltype'] = '';
+    } else {
+        $angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '
+            . DB::getPdo()->quote($_REQUEST['angeltype'])
+            . ' AND `UserAngelTypes`.`user_id` = `User`.`UID`';
+        if (isset($_REQUEST['confirmed_only'])) {
+            $angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`';
         }
-      }
-      if (! $match) {
-        continue;
-      }
+        $angelTypeSearch .= ') ';
     }
-    
-    $free_users_table[] = [
-        'name' => User_Nick_render($usr),
-        'shift_state' => User_shift_state_render($usr),
-        'dect' => $usr['DECT'],
-        'jabber' => $usr['jabber'],
-        'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'),
-        'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _("edit"), 'btn-xs') : '' 
+
+    $angel_types_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`');
+    $angel_types = [
+        '' => 'alle Typen'
     ];
-  }
-  return page_with_title(admin_free_title(), [
-      form([
-          div('row', [
-              div('col-md-4', [
-                  form_text('search', _("Search"), $search) 
-              ]),
-              div('col-md-4', [
-                  form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']) 
-              ]),
-              div('col-md-2', [
-                  form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])) 
-              ]),
-              div('col-md-2', [
-                  form_submit('submit', _("Search")) 
-              ]) 
-          ]) 
-      ]),
-      table([
-          'name' => _("Nick"),
-          'shift_state' => '',
-          'dect' => _("DECT"),
-          'jabber' => _("Jabber"),
-          'email' => _("E-Mail"),
-          'actions' => '' 
-      ], $free_users_table) 
-  ]);
+    foreach ($angel_types_source as $angel_type) {
+        $angel_types[$angel_type['id']] = $angel_type['name'];
+    }
+
+    $users = DB::select('
+          SELECT `User`.*
+          FROM `User`
+          ' . $angelTypeSearch . '
+          LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
+          LEFT JOIN `Shifts`
+              ON (
+                  `ShiftEntry`.`SID` = `Shifts`.`SID`
+                  AND `Shifts`.`start` < ?
+                  AND `Shifts`.`end` > ?
+              )
+          WHERE `User`.`Gekommen` = 1
+          AND `Shifts`.`SID` IS NULL
+          GROUP BY `User`.`UID`
+          ORDER BY `Nick`
+        ',
+        [
+            time(),
+            time(),
+        ]
+    );
+
+    $free_users_table = [];
+    if ($search == '') {
+        $tokens = [];
+    } else {
+        $tokens = explode(' ', $search);
+    }
+    foreach ($users as $usr) {
+        if (count($tokens) > 0) {
+            $match = false;
+            $index = join('', $usr);
+            foreach ($tokens as $t) {
+                if (stristr($index, trim($t))) {
+                    $match = true;
+                    break;
+                }
+            }
+            if (!$match) {
+                continue;
+            }
+        }
+
+        $free_users_table[] = [
+            'name'        => User_Nick_render($usr),
+            'shift_state' => User_shift_state_render($usr),
+            'dect'        => $usr['DECT'],
+            'jabber'      => $usr['jabber'],
+            'email'       => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'),
+            'actions'     =>
+                in_array('admin_user', $privileges)
+                    ? button(page_link_to('admin_user') . '&amp;id=' . $usr['UID'], _('edit'), 'btn-xs')
+                    : ''
+        ];
+    }
+    return page_with_title(admin_free_title(), [
+        form([
+            div('row', [
+                div('col-md-4', [
+                    form_text('search', _('Search'), $search)
+                ]),
+                div('col-md-4', [
+                    form_select('angeltype', _('Angeltype'), $angel_types, $_REQUEST['angeltype'])
+                ]),
+                div('col-md-2', [
+                    form_checkbox('confirmed_only', _('Only confirmed'), isset($_REQUEST['confirmed_only']))
+                ]),
+                div('col-md-2', [
+                    form_submit('submit', _('Search'))
+                ])
+            ])
+        ]),
+        table([
+            'name'        => _('Nick'),
+            'shift_state' => '',
+            'dect'        => _('DECT'),
+            'jabber'      => _('Jabber'),
+            'email'       => _('E-Mail'),
+            'actions'     => ''
+        ], $free_users_table)
+    ]);
 }
-?>

includes/pages/admin_groups.php

@@ -1,97 +1,144 @@
 <?php
 
-function admin_groups_title() {
-  return _("Grouprights");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_groups_title()
+{
+    return _('Grouprights');
 }
 
-function admin_groups() {
-  $html = "";
-  $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
-  if (! isset($_REQUEST["action"])) {
-    $groups_table = [];
-    foreach ($groups as $group) {
-      $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
-      $privileges_html = [];
-      
-      foreach ($privileges as $priv) {
-        $privileges_html[] = $priv['name'];
-      }
-      
-      $groups_table[] = [
-          'name' => $group['Name'],
-          'privileges' => join(', ', $privileges_html),
-          'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs') 
-      ];
-    }
-    
-    return page_with_title(admin_groups_title(), [
-        table([
-            'name' => _("Name"),
-            'privileges' => _("Privileges"),
-            'actions' => '' 
-        ], $groups_table) 
-    ]);
-  } else {
-    switch ($_REQUEST["action"]) {
-      case 'edit':
-        if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $group_id = $_REQUEST['id'];
-        } else {
-          return error("Incomplete call, missing Groups ID.", true);
-        }
-        
-        $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
-        if (count($group) > 0) {
-          list($group) = $group;
-          $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`");
-          $privileges_html = "";
-          $privileges_form = [];
-          foreach ($privileges as $priv) {
-            $privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']);
-            $privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']);
-          }
-          
-          $privileges_form[] = form_submit('submit', _("Save"));
-          $html .= page_with_title(_("Edit group"), [
-              form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) 
-          ]);
-        } else {
-          return error("No Group found.", true);
-        }
-        break;
-      
-      case 'save':
-        if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $group_id = $_REQUEST['id'];
-        } else {
-          return error("Incomplete call, missing Groups ID.", true);
-        }
-        
-        $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1");
-        if (! is_array($_REQUEST['privileges'])) {
-          $_REQUEST['privileges'] = [];
-        }
-        if (count($group) > 0) {
-          list($group) = $group;
-          sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'");
-          $privilege_names = [];
-          foreach ($_REQUEST['privileges'] as $priv) {
-            if (preg_match("/^[0-9]{1,}$/", $priv)) {
-              $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
-              if (count($group_privileges_source) > 0) {
-                sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'");
-                $privilege_names[] = $group_privileges_source[0]['name'];
-              }
+/**
+ * @return string
+ */
+function admin_groups()
+{
+    $html = '';
+    $groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`');
+    if (!isset($_REQUEST['action'])) {
+        $groups_table = [];
+        foreach ($groups as $group) {
+            $privileges = DB::select('
+                SELECT `name`
+                FROM `GroupPrivileges`
+                JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
+                WHERE `group_id`=?
+            ', [$group['UID']]);
+            $privileges_html = [];
+
+            foreach ($privileges as $privilege) {
+                $privileges_html[] = $privilege['name'];
             }
-          }
-          engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names));
-          redirect(page_link_to("admin_groups"));
-        } else {
-          return error("No Group found.", true);
+
+            $groups_table[] = [
+                'name'       => $group['Name'],
+                'privileges' => join(', ', $privileges_html),
+                'actions'    => button(
+                    page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'],
+                    _('edit'),
+                    'btn-xs'
+                )
+            ];
+        }
+
+        return page_with_title(admin_groups_title(), [
+            table([
+                'name'       => _('Name'),
+                'privileges' => _('Privileges'),
+                'actions'    => ''
+            ], $groups_table)
+        ]);
+    } else {
+        switch ($_REQUEST['action']) {
+            case 'edit':
+                if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
+                    $group_id = $_REQUEST['id'];
+                } else {
+                    return error('Incomplete call, missing Groups ID.', true);
+                }
+
+                $group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
+                if (!empty($group)) {
+                    $privileges = DB::select('
+                        SELECT `Privileges`.*, `GroupPrivileges`.`group_id`
+                        FROM `Privileges`
+                        LEFT OUTER JOIN `GroupPrivileges`
+                            ON (
+                                `Privileges`.`id` = `GroupPrivileges`.`privilege_id`
+                                AND `GroupPrivileges`.`group_id`=?
+                            )
+                        ORDER BY `Privileges`.`name`
+                    ', [$group_id]);
+                    $privileges_html = '';
+                    $privileges_form = [];
+                    foreach ($privileges as $privilege) {
+                        $privileges_form[] = form_checkbox(
+                            'privileges[]',
+                            $privilege['desc'] . ' (' . $privilege['name'] . ')',
+                            $privilege['group_id'] != '',
+                            $privilege['id']
+                        );
+                        $privileges_html .= sprintf(
+                            '<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>',
+                            $privilege['id'],
+                            ($privilege['group_id'] != '' ? 'checked="checked"' : ''),
+                            $privilege['name'],
+                            $privilege['desc']
+                        );
+                    }
+
+                    $privileges_form[] = form_submit('submit', _('Save'));
+                    $html .= page_with_title(_('Edit group'), [
+                        form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id)
+                    ]);
+                } else {
+                    return error('No Group found.', true);
+                }
+                break;
+
+            case 'save':
+                if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
+                    $group_id = $_REQUEST['id'];
+                } else {
+                    return error('Incomplete call, missing Groups ID.', true);
+                }
+
+                $group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
+                if (!is_array($_REQUEST['privileges'])) {
+                    $_REQUEST['privileges'] = [];
+                }
+                if (!empty($group)) {
+                    $group = array_shift($group);
+                    DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
+                    $privilege_names = [];
+                    foreach ($_REQUEST['privileges'] as $privilege) {
+                        if (preg_match('/^\d{1,}$/', $privilege)) {
+                            $group_privileges_source = DB::select(
+                                'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
+                                [$privilege]
+                            );
+                            if (!empty($group_privileges_source)) {
+                                $group_privileges_source = array_shift($group_privileges_source);
+                                DB::insert(
+                                    'INSERT INTO `GroupPrivileges` (`group_id`, `privilege_id`) VALUES (?, ?)',
+                                    [$group_id, $privilege]
+                                );
+                                $privilege_names[] = $group_privileges_source['name'];
+                            }
+                        }
+                    }
+                    engelsystem_log(
+                        'Group privileges of group ' . $group['Name']
+                        . ' edited: ' . join(', ', $privilege_names)
+                    );
+                    redirect(page_link_to('admin_groups'));
+                } else {
+                    return error('No Group found.', true);
+                }
+                break;
         }
-        break;
     }
-  }
-  return $html;
+    return $html;
 }
-?>

includes/pages/admin_import.php

@@ -1,392 +1,473 @@
 <?php
 
-function admin_import_title() {
-  return _("Frab import");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_import_title()
+{
+    return _('Frab import');
 }
 
-function admin_import() {
-  global $rooms_import;
-  global $user;
-  $html = "";
-  $import_dir = __DIR__ . '/../../import';
-  
-  $step = "input";
-  if (isset($_REQUEST['step']) && in_array($step, [
-      'input',
-      'check',
-      'import' 
-  ])) {
-    $step = $_REQUEST['step'];
-  }
-  
-  if ($test_handle = @fopen($import_dir . '/tmp', 'w')) {
-    fclose($test_handle);
-    @unlink($import_dir . '/tmp');
-  } else {
-    error(_('Webserver has no write-permission on import directory.'));
-  }
-  
-  $import_file = $import_dir . '/import_' . $user['UID'] . '.xml';
-  $shifttype_id = null;
-  $add_minutes_start = 15;
-  $add_minutes_end = 15;
-  
-  $shifttypes_source = ShiftTypes();
-  if ($shifttypes_source === false) {
-    engelsystem_error('Unable to load shifttypes.');
-  }
-  $shifttypes = [];
-  foreach ($shifttypes_source as $shifttype) {
-    $shifttypes[$shifttype['id']] = $shifttype['name'];
-  }
-  
-  switch ($step) {
-    case 'input':
-      $valid = false;
-      
-      if (isset($_REQUEST['submit'])) {
-        $valid = true;
-        
-        if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
-          $shifttype_id = $_REQUEST['shifttype_id'];
-        } else {
-          $valid = false;
-          error(_('Please select a shift type.'));
-        }
-        
-        if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
-          $add_minutes_start = trim($_REQUEST['add_minutes_start']);
-        } else {
-          $valid = false;
-          error(_("Please enter an amount of minutes to add to a talk's begin."));
-        }
-        
-        if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
-          $add_minutes_end = trim($_REQUEST['add_minutes_end']);
-        } else {
-          $valid = false;
-          error(_("Please enter an amount of minutes to add to a talk's end."));
-        }
-        
-        if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
-          if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
-            libxml_use_internal_errors(true);
-            if (simplexml_load_file($import_file) === false) {
-              $valid = false;
-              error(_('No valid xml/xcal file provided.'));
-              unlink($import_file);
-            }
-          } else {
-            $valid = false;
-            error(_('File upload went wrong.'));
-          }
-        } else {
-          $valid = false;
-          error(_('Please provide some data.'));
-        }
-      }
-      
-      if ($valid) {
-        redirect(page_link_to('admin_import') . "&step=check&shifttype_id=" . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
-      } else {
-        $html .= div('well well-sm text-center', [
-            _('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import')) 
-        ]) . div('row', [
-            div('col-md-offset-3 col-md-6', [
-                form([
-                    form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")),
-                    form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
-                    form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start),
-                    form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end),
-                    form_file('xcal_file', _("xcal-File (.xcal)")),
-                    form_submit('submit', _("Import")) 
-                ]) 
-            ]) 
-        ]);
-      }
-      break;
-    
-    case 'check':
-      if (! file_exists($import_file)) {
-        error(_('Missing import file.'));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
-        $shifttype_id = $_REQUEST['shifttype_id'];
-      } else {
-        error(_('Please select a shift type.'));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
-        $add_minutes_start = trim($_REQUEST['add_minutes_start']);
-      } else {
-        error(_("Please enter an amount of minutes to add to a talk's begin."));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
-        $add_minutes_end = trim($_REQUEST['add_minutes_end']);
-      } else {
-        error(_("Please enter an amount of minutes to add to a talk's end."));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
-      list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
-      
-      $html .= div('well well-sm text-center', [
-          '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import')) 
-      ]) . form([
-          div('row', [
-              div('col-sm-6', [
-                  '<h3>' . _("Rooms to create") . '</h3>',
-                  table(_("Name"), $rooms_new) 
-              ]),
-              div('col-sm-6', [
-                  '<h3>' . _("Rooms to delete") . '</h3>',
-                  table(_("Name"), $rooms_deleted) 
-              ]) 
-          ]),
-          '<h3>' . _("Shifts to create") . '</h3>',
-          table([
-              'day' => _("Day"),
-              'start' => _("Start"),
-              'end' => _("End"),
-              'shifttype' => _('Shift type'),
-              'title' => _("Title"),
-              'room' => _("Room") 
-          ], shifts_printable($events_new, $shifttypes)),
-          '<h3>' . _("Shifts to update") . '</h3>',
-          table([
-              'day' => _("Day"),
-              'start' => _("Start"),
-              'end' => _("End"),
-              'shifttype' => _('Shift type'),
-              'title' => _("Title"),
-              'room' => _("Room") 
-          ], shifts_printable($events_updated, $shifttypes)),
-          '<h3>' . _("Shifts to delete") . '</h3>',
-          table([
-              'day' => _("Day"),
-              'start' => _("Start"),
-              'end' => _("End"),
-              'shifttype' => _('Shift type'),
-              'title' => _("Title"),
-              'room' => _("Room") 
-          ], shifts_printable($events_deleted, $shifttypes)),
-          form_submit('submit', _("Import")) 
-      ], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start);
-      break;
-    
-    case 'import':
-      if (! file_exists($import_file)) {
-        error(_('Missing import file.'));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (! file_exists($import_file)) {
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
-        $shifttype_id = $_REQUEST['shifttype_id'];
-      } else {
-        error(_('Please select a shift type.'));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
-        $add_minutes_start = trim($_REQUEST['add_minutes_start']);
-      } else {
-        error(_("Please enter an amount of minutes to add to a talk's begin."));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
-        $add_minutes_end = trim($_REQUEST['add_minutes_end']);
-      } else {
-        error(_("Please enter an amount of minutes to add to a talk's end."));
-        redirect(page_link_to('admin_import'));
-      }
-      
-      list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
-      foreach ($rooms_new as $room) {
-        $result = Room_create($room, true, true);
-        if ($result === false) {
-          engelsystem_error('Unable to create room.');
-        }
-        $rooms_import[trim($room)] = sql_id();
-      }
-      foreach ($rooms_deleted as $room) {
-        sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
-      }
-      
-      list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end);
-      foreach ($events_new as $event) {
-        $result = Shift_create($event);
-        if ($result === false) {
-          engelsystem_error('Unable to create shift.');
-        }
-      }
-      
-      foreach ($events_updated as $event) {
-        $result = Shift_update_by_psid($event);
-        if ($result === false) {
-          engelsystem_error('Unable to update shift.');
-        }
-      }
-      
-      foreach ($events_deleted as $event) {
-        $result = Shift_delete_by_psid($event['PSID']);
-        if ($result === false) {
-          engelsystem_error('Unable to delete shift.');
-        }
-      }
-      
-      engelsystem_log("Frab import done");
-      
-      unlink($import_file);
-      
-      $html .= div('well well-sm text-center', [
-          '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>' 
-      ]) . success(_("It's done!"), true);
-      break;
-    default:
-      redirect(page_link_to('admin_import'));
-  }
-  
-  return page_with_title(admin_import_title(), [
-      msg(),
-      $html 
-  ]);
-}
+/**
+ * @return string
+ */
+function admin_import()
+{
+    global $rooms_import;
+    global $user;
+    $html = '';
+    $import_dir = __DIR__ . '/../../import';
 
-function prepare_rooms($file) {
-  global $rooms_import;
-  $data = read_xml($file);
-  
-  // Load rooms from db for compare with input
-  $rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'");
-  $rooms_db = [];
-  $rooms_import = [];
-  foreach ($rooms as $room) {
-    $rooms_db[] = (string) $room['Name'];
-    $rooms_import[$room['Name']] = $room['RID'];
-  }
-  
-  $events = $data->vcalendar->vevent;
-  $rooms_pb = [];
-  foreach ($events as $event) {
-    $rooms_pb[] = (string) $event->location;
-    if (! isset($rooms_import[trim($event->location)])) {
-      $rooms_import[trim($event->location)] = trim($event->location);
+    $step = 'input';
+    if (
+        isset($_REQUEST['step'])
+        && in_array($step, [
+            'input',
+            'check',
+            'import'
+        ])
+    ) {
+        $step = $_REQUEST['step'];
     }
-  }
-  $rooms_pb = array_unique($rooms_pb);
-  
-  $rooms_new = array_diff($rooms_pb, $rooms_db);
-  $rooms_deleted = array_diff($rooms_db, $rooms_pb);
-  
-  return [
-      $rooms_new,
-      $rooms_deleted 
-  ];
-}
 
-function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) {
-  global $rooms_import;
-  $data = read_xml($file);
-  
-  $rooms = sql_select("SELECT * FROM `Room`");
-  $rooms_db = [];
-  foreach ($rooms as $room) {
-    $rooms_db[$room['Name']] = $room['RID'];
-  }
-  
-  $events = $data->vcalendar->vevent;
-  $shifts_pb = [];
-  foreach ($events as $event) {
-    $event_pb = $event->children("http://pentabarf.org");
-    $event_id = trim($event_pb->{
-      'event-id' });
-    $shifts_pb[$event_id] = [
-        'shifttype_id' => $shifttype_id,
-        'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60,
-        'end' => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60,
-        'RID' => $rooms_import[trim($event->location)],
-        'title' => trim($event->summary),
-        'URL' => trim($event->url),
-        'PSID' => $event_id 
-    ];
-  }
-  
-  $shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`");
-  $shifts_db = [];
-  foreach ($shifts as $shift) {
-    $shifts_db[$shift['PSID']] = $shift;
-  }
-  
-  $shifts_new = [];
-  $shifts_updated = [];
-  foreach ($shifts_pb as $shift) {
-    if (! isset($shifts_db[$shift['PSID']])) {
-      $shifts_new[] = $shift;
+    if ($test_handle = @fopen($import_dir . '/tmp', 'w')) {
+        fclose($test_handle);
+        @unlink($import_dir . '/tmp');
     } else {
-      $tmp = $shifts_db[$shift['PSID']];
-      if ($shift['shifttype_id'] != $tmp['shifttype_id'] || $shift['title'] != $tmp['title'] || $shift['start'] != $tmp['start'] || $shift['end'] != $tmp['end'] || $shift['RID'] != $tmp['RID'] || $shift['URL'] != $tmp['URL']) {
-        $shifts_updated[] = $shift;
-      }
+        error(_('Webserver has no write-permission on import directory.'));
     }
-  }
-  
-  $shifts_deleted = [];
-  foreach ($shifts_db as $shift) {
-    if (! isset($shifts_pb[$shift['PSID']])) {
-      $shifts_deleted[] = $shift;
+
+    $import_file = $import_dir . '/import_' . $user['UID'] . '.xml';
+    $shifttype_id = null;
+    $add_minutes_start = 15;
+    $add_minutes_end = 15;
+
+    $shifttypes_source = ShiftTypes();
+    if ($shifttypes_source === false) {
+        engelsystem_error('Unable to load shifttypes.');
     }
-  }
-  
-  return [
-      $shifts_new,
-      $shifts_updated,
-      $shifts_deleted 
-  ];
+    $shifttypes = [];
+    foreach ($shifttypes_source as $shifttype) {
+        $shifttypes[$shifttype['id']] = $shifttype['name'];
+    }
+
+    switch ($step) {
+        case 'input':
+            $valid = false;
+
+            if (isset($_REQUEST['submit'])) {
+                $valid = true;
+
+                if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
+                    $shifttype_id = $_REQUEST['shifttype_id'];
+                } else {
+                    $valid = false;
+                    error(_('Please select a shift type.'));
+                }
+
+                if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
+                    $add_minutes_start = trim($_REQUEST['add_minutes_start']);
+                } else {
+                    $valid = false;
+                    error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
+                }
+
+                if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
+                    $add_minutes_end = trim($_REQUEST['add_minutes_end']);
+                } else {
+                    $valid = false;
+                    error(_('Please enter an amount of minutes to add to a talk\'s end.'));
+                }
+
+                if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
+                    if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
+                        libxml_use_internal_errors(true);
+                        if (simplexml_load_file($import_file) === false) {
+                            $valid = false;
+                            error(_('No valid xml/xcal file provided.'));
+                            unlink($import_file);
+                        }
+                    } else {
+                        $valid = false;
+                        error(_('File upload went wrong.'));
+                    }
+                } else {
+                    $valid = false;
+                    error(_('Please provide some data.'));
+                }
+            }
+
+            if ($valid) {
+                redirect(
+                    page_link_to('admin_import')
+                    . '&step=check&shifttype_id=' . $shifttype_id
+                    . '&add_minutes_end=' . $add_minutes_end
+                    . '&add_minutes_start=' . $add_minutes_start
+                );
+            } else {
+                $html .= div('well well-sm text-center', [
+                        _('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import'))
+                    ]) . div('row', [
+                        div('col-md-offset-3 col-md-6', [
+                            form([
+                                form_info(
+                                    '',
+                                    _('This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.')
+                                ),
+                                form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
+                                form_spinner('add_minutes_start', _('Add minutes to start'), $add_minutes_start),
+                                form_spinner('add_minutes_end', _('Add minutes to end'), $add_minutes_end),
+                                form_file('xcal_file', _('xcal-File (.xcal)')),
+                                form_submit('submit', _('Import'))
+                            ])
+                        ])
+                    ]);
+            }
+            break;
+
+        case 'check':
+            if (!file_exists($import_file)) {
+                error(_('Missing import file.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
+                $shifttype_id = $_REQUEST['shifttype_id'];
+            } else {
+                error(_('Please select a shift type.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
+                $add_minutes_start = trim($_REQUEST['add_minutes_start']);
+            } else {
+                error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
+                $add_minutes_end = trim($_REQUEST['add_minutes_end']);
+            } else {
+                error(_('Please enter an amount of minutes to add to a talk\'s end.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
+            list($events_new, $events_updated, $events_deleted) = prepare_events(
+                $import_file,
+                $shifttype_id,
+                $add_minutes_start,
+                $add_minutes_end
+            );
+
+            $html .= div(
+                    'well well-sm text-center',
+                    [
+                        '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>'
+                        . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import'))
+                    ]
+                )
+                . form(
+                    [
+                        div('row', [
+                            div('col-sm-6', [
+                                '<h3>' . _('Rooms to create') . '</h3>',
+                                table(_('Name'), $rooms_new)
+                            ]),
+                            div('col-sm-6', [
+                                '<h3>' . _('Rooms to delete') . '</h3>',
+                                table(_('Name'), $rooms_deleted)
+                            ])
+                        ]),
+                        '<h3>' . _('Shifts to create') . '</h3>',
+                        table([
+                            'day'       => _('Day'),
+                            'start'     => _('Start'),
+                            'end'       => _('End'),
+                            'shifttype' => _('Shift type'),
+                            'title'     => _('Title'),
+                            'room'      => _('Room')
+                        ], shifts_printable($events_new, $shifttypes)),
+                        '<h3>' . _('Shifts to update') . '</h3>',
+                        table([
+                            'day'       => _('Day'),
+                            'start'     => _('Start'),
+                            'end'       => _('End'),
+                            'shifttype' => _('Shift type'),
+                            'title'     => _('Title'),
+                            'room'      => _('Room')
+                        ], shifts_printable($events_updated, $shifttypes)),
+                        '<h3>' . _('Shifts to delete') . '</h3>',
+                        table([
+                            'day'       => _('Day'),
+                            'start'     => _('Start'),
+                            'end'       => _('End'),
+                            'shifttype' => _('Shift type'),
+                            'title'     => _('Title'),
+                            'room'      => _('Room')
+                        ], shifts_printable($events_deleted, $shifttypes)),
+                        form_submit('submit', _('Import'))
+                    ],
+                    page_link_to('admin_import')
+                    . '&step=import&shifttype_id=' . $shifttype_id
+                    . '&add_minutes_end=' . $add_minutes_end
+                    . '&add_minutes_start=' . $add_minutes_start
+                );
+            break;
+
+        case 'import':
+            if (!file_exists($import_file)) {
+                error(_('Missing import file.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (!file_exists($import_file)) {
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
+                $shifttype_id = $_REQUEST['shifttype_id'];
+            } else {
+                error(_('Please select a shift type.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
+                $add_minutes_start = trim($_REQUEST['add_minutes_start']);
+            } else {
+                error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
+                $add_minutes_end = trim($_REQUEST['add_minutes_end']);
+            } else {
+                error(_('Please enter an amount of minutes to add to a talk\'s end.'));
+                redirect(page_link_to('admin_import'));
+            }
+
+            list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
+            foreach ($rooms_new as $room) {
+                $result = Room_create($room, true, true);
+                if ($result === false) {
+                    engelsystem_error('Unable to create room.');
+                }
+                $rooms_import[trim($room)] = $result;
+            }
+            foreach ($rooms_deleted as $room) {
+                DB::delete('DELETE FROM `Room` WHERE `Name`=? LIMIT 1', [$room]);
+            }
+
+            list($events_new, $events_updated, $events_deleted) = prepare_events(
+                $import_file,
+                $shifttype_id,
+                $add_minutes_start,
+                $add_minutes_end
+            );
+            foreach ($events_new as $event) {
+                $result = Shift_create($event);
+                if ($result === false) {
+                    engelsystem_error('Unable to create shift.');
+                }
+            }
+
+            foreach ($events_updated as $event) {
+                $result = Shift_update_by_psid($event);
+                if ($result === false) {
+                    engelsystem_error('Unable to update shift.');
+                }
+            }
+
+            foreach ($events_deleted as $event) {
+                $result = Shift_delete_by_psid($event['PSID']);
+                if ($result === false) {
+                    engelsystem_error('Unable to delete shift.');
+                }
+            }
+
+            engelsystem_log('Frab import done');
+
+            unlink($import_file);
+
+            $html .= div('well well-sm text-center', [
+                    '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>'
+                    . mute(glyph('arrow-right'))
+                    . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>'
+                    . mute(glyph('arrow-right'))
+                    . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>'
+                ]) . success(_('It\'s done!'), true);
+            break;
+        default:
+            redirect(page_link_to('admin_import'));
+    }
+
+    return page_with_title(admin_import_title(), [
+        msg(),
+        $html
+    ]);
 }
 
-function read_xml($file) {
-  global $xml_import;
-  if (! isset($xml_import)) {
-    $xml_import = simplexml_load_file($file);
-  }
-  return $xml_import;
-}
+/**
+ * @param string $file
+ * @return array
+ */
+function prepare_rooms($file)
+{
+    global $rooms_import;
+    $data = read_xml($file);
 
-function shifts_printable($shifts, $shifttypes) {
-  global $rooms_import;
-  $rooms = array_flip($rooms_import);
-  
-  uasort($shifts, 'shift_sort');
-  
-  $shifts_printable = [];
-  foreach ($shifts as $shift) {
-    $shifts_printable[] = [
-        'day' => date("l, Y-m-d", $shift['start']),
-        'start' => date("H:i", $shift['start']),
-        'shifttype' => ShiftType_name_render([
-            'id' => $shift['shifttype_id'],
-            'name' => $shifttypes[$shift['shifttype_id']] 
-        ]),
-        'title' => shorten($shift['title']),
-        'end' => date("H:i", $shift['end']),
-        'room' => $rooms[$shift['RID']] 
+    // Load rooms from db for compare with input
+    $rooms = DB::select('SELECT `Name`, `RID` FROM `Room` WHERE `FromPentabarf`=\'Y\'');
+    $rooms_db = [];
+    $rooms_import = [];
+    foreach ($rooms as $room) {
+        $rooms_db[] = $room['Name'];
+        $rooms_import[$room['Name']] = $room['RID'];
+    }
+
+    $events = $data->vcalendar->vevent;
+    $rooms_pb = [];
+    foreach ($events as $event) {
+        $rooms_pb[] = (string)$event->location;
+        if (!isset($rooms_import[trim($event->location)])) {
+            $rooms_import[trim($event->location)] = trim($event->location);
+        }
+    }
+    $rooms_pb = array_unique($rooms_pb);
+
+    $rooms_new = array_diff($rooms_pb, $rooms_db);
+    $rooms_deleted = array_diff($rooms_db, $rooms_pb);
+
+    return [
+        $rooms_new,
+        $rooms_deleted
     ];
-  }
-  return $shifts_printable;
 }
 
-function shift_sort($shift_a, $shift_b) {
-  return ($shift_a['start'] < $shift_b['start']) ? - 1 : 1;
+/**
+ * @param string $file
+ * @param int    $shifttype_id
+ * @param int    $add_minutes_start
+ * @param int    $add_minutes_end
+ * @return array
+ */
+function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end)
+{
+    global $rooms_import;
+    $data = read_xml($file);
+
+    $rooms = Rooms(true);
+    $rooms_db = [];
+    foreach ($rooms as $room) {
+        $rooms_db[$room['Name']] = $room['RID'];
+    }
+
+    $events = $data->vcalendar->vevent;
+    $shifts_pb = [];
+    foreach ($events as $event) {
+        $event_pb = $event->children('http://pentabarf.org');
+        $event_id = trim($event_pb->{'event-id'});
+        $shifts_pb[$event_id] = [
+            'shifttype_id' => $shifttype_id,
+            'start'        => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60,
+            'end'          => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60,
+            'RID'          => $rooms_import[trim($event->location)],
+            'title'        => trim($event->summary),
+            'URL'          => trim($event->url),
+            'PSID'         => $event_id
+        ];
+    }
+
+    $shifts = DB::select('SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`');
+    $shifts_db = [];
+    foreach ($shifts as $shift) {
+        $shifts_db[$shift['PSID']] = $shift;
+    }
+
+    $shifts_new = [];
+    $shifts_updated = [];
+    foreach ($shifts_pb as $shift) {
+        if (!isset($shifts_db[$shift['PSID']])) {
+            $shifts_new[] = $shift;
+        } else {
+            $tmp = $shifts_db[$shift['PSID']];
+            if (
+                $shift['shifttype_id'] != $tmp['shifttype_id']
+                || $shift['title'] != $tmp['title']
+                || $shift['start'] != $tmp['start']
+                || $shift['end'] != $tmp['end']
+                || $shift['RID'] != $tmp['RID']
+                || $shift['URL'] != $tmp['URL']
+            ) {
+                $shifts_updated[] = $shift;
+            }
+        }
+    }
+
+    $shifts_deleted = [];
+    foreach ($shifts_db as $shift) {
+        if (!isset($shifts_pb[$shift['PSID']])) {
+            $shifts_deleted[] = $shift;
+        }
+    }
+
+    return [
+        $shifts_new,
+        $shifts_updated,
+        $shifts_deleted
+    ];
+}
+
+/**
+ * @param string $file
+ * @return SimpleXMLElement
+ */
+function read_xml($file)
+{
+    global $xml_import;
+    if (!isset($xml_import)) {
+        $xml_import = simplexml_load_file($file);
+    }
+    return $xml_import;
+}
+
+/**
+ * @param array $shifts
+ * @param array $shifttypes
+ * @return array
+ */
+function shifts_printable($shifts, $shifttypes)
+{
+    global $rooms_import;
+    $rooms = array_flip($rooms_import);
+
+    uasort($shifts, 'shift_sort');
+
+    $shifts_printable = [];
+    foreach ($shifts as $shift) {
+        $shifts_printable[] = [
+            'day'       => date('l, Y-m-d', $shift['start']),
+            'start'     => date('H:i', $shift['start']),
+            'shifttype' => ShiftType_name_render([
+                'id'   => $shift['shifttype_id'],
+                'name' => $shifttypes[$shift['shifttype_id']]
+            ]),
+            'title'     => shorten($shift['title']),
+            'end'       => date('H:i', $shift['end']),
+            'room'      => $rooms[$shift['RID']]
+        ];
+    }
+    return $shifts_printable;
+}
+
+/**
+ * @param array $shift_a
+ * @param array $shift_b
+ * @return int
+ */
+function shift_sort($shift_a, $shift_b)
+{
+    return ($shift_a['start'] < $shift_b['start']) ? -1 : 1;
 }
-?>

includes/pages/admin_log.php

@@ -1,33 +1,40 @@
 <?php
 
-function admin_log_title() {
-  return _("Log");
+/**
+ * @return string
+ */
+function admin_log_title()
+{
+    return _('Log');
 }
 
-function admin_log() {
-  $filter = "";
-  if (isset($_REQUEST['keyword'])) {
-    $filter = strip_request_item('keyword');
-  }
-  $log_entries_source = LogEntries_filter($filter);
-  
-  $log_entries = [];
-  foreach ($log_entries_source as $log_entry) {
-    $log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']);
-    $log_entries[] = $log_entry;
-  }
-  
-  return page_with_title(admin_log_title(), [
-      msg(),
-      form([
-          form_text('keyword', _("Search"), $filter),
-          form_submit(_("Search"), "Go") 
-      ]),
-      table([
-          'date' => "Time",
-          'nick' => "Angel",
-          'message' => "Log Entry" 
-      ], $log_entries) 
-  ]);
+/**
+ * @return string
+ */
+function admin_log()
+{
+    $filter = '';
+    if (isset($_REQUEST['keyword'])) {
+        $filter = strip_request_item('keyword');
+    }
+    $log_entries_source = LogEntries_filter($filter);
+
+    $log_entries = [];
+    foreach ($log_entries_source as $log_entry) {
+        $log_entry['date'] = date('d.m.Y H:i', $log_entry['timestamp']);
+        $log_entries[] = $log_entry;
+    }
+
+    return page_with_title(admin_log_title(), [
+        msg(),
+        form([
+            form_text('keyword', _('Search'), $filter),
+            form_submit(_('Search'), 'Go')
+        ]),
+        table([
+            'date'    => 'Time',
+            'nick'    => 'Angel',
+            'message' => 'Log Entry'
+        ], $log_entries)
+    ]);
 }
-?>

includes/pages/admin_news.php

@@ -1,67 +1,82 @@
 <?php
 
-function admin_news() {
-  global $user;
-  
-  if (! isset($_GET["action"])) {
-    redirect(page_link_to("news"));
-  }
-  
-  $html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg();
-  if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
-    $news_id = $_REQUEST['id'];
-  } else {
-    return error("Incomplete call, missing News ID.", true);
-  }
-  
-  $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1");
-  if (empty($news)) {
-    return error("No News found.", true);
-  }
-  switch ($_REQUEST["action"]) {
-    default:
-      redirect(page_link_to('news'));
-    case 'edit':
-      list($news) = $news;
-      
-      $user_source = User($news['UID']);
-      
-      $html .= form([
-          form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])),
-          form_info(_("Author"), User_Nick_render($user_source)),
-          form_text('eBetreff', _("Subject"), $news['Betreff']),
-          form_textarea('eText', _("Message"), $news['Text']),
-          form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1),
-          form_submit('submit', _("Save")) 
-      ], page_link_to('admin_news&action=save&id=' . $news_id));
-      
-      $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>';
-      break;
-    
-    case 'save':
-      list($news) = $news;
-      
-      sql_query("UPDATE `News` SET 
-              `Datum`='" . sql_escape(time()) . "', 
-              `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', 
-              `Text`='" . sql_escape($_POST["eText"]) . "', 
-              `UID`='" . sql_escape($user['UID']) . "', 
-              `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' 
-              WHERE `ID`='" . sql_escape($news_id) . "'");
-      engelsystem_log("News updated: " . $_POST["eBetreff"]);
-      success(_("News entry updated."));
-      redirect(page_link_to("news"));
-      break;
-    
-    case 'delete':
-      list($news) = $news;
-      
-      sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1");
-      engelsystem_log("News deleted: " . $news['Betreff']);
-      success(_("News entry deleted."));
-      redirect(page_link_to("news"));
-      break;
-  }
-  return $html . '</div>';
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_news()
+{
+    global $user;
+
+    if (!isset($_GET['action'])) {
+        redirect(page_link_to('news'));
+    }
+
+    $html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
+    if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
+        $news_id = $_REQUEST['id'];
+    } else {
+        return error('Incomplete call, missing News ID.', true);
+    }
+
+    $news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$news_id]);
+    if (empty($news)) {
+        return error('No News found.', true);
+    }
+
+    switch ($_REQUEST['action']) {
+        case 'edit':
+            $news = array_shift($news);
+            $user_source = User($news['UID']);
+
+            $html .= form([
+                form_info(_('Date'), date('Y-m-d H:i', $news['Datum'])),
+                form_info(_('Author'), User_Nick_render($user_source)),
+                form_text('eBetreff', _('Subject'), $news['Betreff']),
+                form_textarea('eText', _('Message'), $news['Text']),
+                form_checkbox('eTreffen', _('Meeting'), $news['Treffen'] == 1, 1),
+                form_submit('submit', _('Save'))
+            ], page_link_to('admin_news&action=save&id=' . $news_id));
+
+            $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">'
+                . '<span class="glyphicon glyphicon-trash"></span> ' . _('Delete')
+                . '</a>';
+            break;
+
+        case 'save':
+            DB::update('
+                UPDATE `News` SET
+                    `Datum`=?,
+                    `Betreff`=?,
+                    `Text`=?,
+                    `UID`=?,
+                    `Treffen`=?
+                WHERE `ID`=?
+                ',
+                [
+                    time(),
+                    $_POST["eBetreff"],
+                    $_POST["eText"],
+                    $user['UID'],
+                    isset($_POST["eTreffen"]) ? 1 : 0,
+                    $news_id
+                ]
+            );
+            engelsystem_log('News updated: ' . $_POST['eBetreff']);
+            success(_('News entry updated.'));
+            redirect(page_link_to('news'));
+            break;
+
+        case 'delete':
+            $news = array_shift($news);
+            DB::delete('DELETE FROM `News` WHERE `ID`=? LIMIT 1', [$news_id]);
+            engelsystem_log('News deleted: ' . $news['Betreff']);
+            success(_('News entry deleted.'));
+            redirect(page_link_to('news'));
+            break;
+        default:
+            redirect(page_link_to('news'));
+    }
+    return $html . '</div>';
 }
-?>

includes/pages/admin_questions.php

@@ -1,120 +1,163 @@
 <?php
 
-function admin_questions_title() {
-  return _("Answer questions");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_questions_title()
+{
+    return _('Answer questions');
 }
 
 /**
  * Renders a hint for new questions to answer.
+ *
+ * @return string|null
  */
-function admin_new_questions() {
-  global $privileges, $page;
-  
-  if ($page != "admin_questions") {
-    if (in_array("admin_questions", $privileges)) {
-      $new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID` IS NULL");
-      
-      if ($new_messages > 0) {
-        return '<a href="' . page_link_to("admin_questions") . '">' . _('There are unanswered questions!') . '</a>';
-      }
+function admin_new_questions()
+{
+    global $privileges, $page;
+
+    if ($page != 'admin_questions') {
+        if (in_array('admin_questions', $privileges)) {
+            $new_messages = count(DB::select('SELECT `QID` FROM `Questions` WHERE `AID` IS NULL'));
+
+            if ($new_messages > 0) {
+                return '<a href="' . page_link_to('admin_questions') . '">' . _('There are unanswered questions!') . '</a>';
+            }
+        }
     }
-  }
-  
-  return null;
+
+    return null;
 }
 
-function admin_questions() {
-  global $user;
-  
-  if (! isset($_REQUEST['action'])) {
-    $unanswered_questions_table = [];
-    $questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
-    foreach ($questions as $question) {
-      $user_source = User($question['UID']);
-      
-      $unanswered_questions_table[] = [
-          'from' => User_Nick_render($user_source),
-          'question' => str_replace("\n", "<br />", $question['Question']),
-          'answer' => form([
-              form_textarea('answer', '', ''),
-              form_submit('submit', _("Save")) 
-          ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
-          'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') 
-      ];
+/**
+ * @return string
+ */
+function admin_questions()
+{
+    global $user;
+
+    if (!isset($_REQUEST['action'])) {
+        $unanswered_questions_table = [];
+        $questions = DB::select('SELECT * FROM `Questions` WHERE `AID` IS NULL');
+        foreach ($questions as $question) {
+            $user_source = User($question['UID']);
+
+            $unanswered_questions_table[] = [
+                'from'     => User_Nick_render($user_source),
+                'question' => str_replace("\n", '<br />', $question['Question']),
+                'answer'   => form([
+                    form_textarea('answer', '', ''),
+                    form_submit('submit', _('Save'))
+                ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
+                'actions'  => button(
+                    page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
+                    _('delete'),
+                    'btn-xs'
+                )
+            ];
+        }
+
+        $answered_questions_table = [];
+        $questions = DB::select('SELECT * FROM `Questions` WHERE NOT `AID` IS NULL');
+        foreach ($questions as $question) {
+            $user_source = User($question['UID']);
+            $answer_user_source = User($question['AID']);
+            $answered_questions_table[] = [
+                'from'        => User_Nick_render($user_source),
+                'question'    => str_replace("\n", '<br />', $question['Question']),
+                'answered_by' => User_Nick_render($answer_user_source),
+                'answer'      => str_replace("\n", '<br />', $question['Answer']),
+                'actions'     => button(
+                    page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
+                    _('delete'),
+                    'btn-xs'
+                )
+            ];
+        }
+
+        return page_with_title(admin_questions_title(), [
+            '<h2>' . _('Unanswered questions') . '</h2>',
+            table([
+                'from'     => _('From'),
+                'question' => _('Question'),
+                'answer'   => _('Answer'),
+                'actions'  => ''
+            ], $unanswered_questions_table),
+            '<h2>' . _('Answered questions') . '</h2>',
+            table([
+                'from'        => _('From'),
+                'question'    => _('Question'),
+                'answered_by' => _('Answered by'),
+                'answer'      => _('Answer'),
+                'actions'     => ''
+            ], $answered_questions_table)
+        ]);
+    } else {
+        switch ($_REQUEST['action']) {
+            case 'answer':
+                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
+                    $question_id = $_REQUEST['id'];
+                } else {
+                    return error('Incomplete call, missing Question ID.', true);
+                }
+
+                $question = DB::select(
+                    'SELECT * FROM `Questions` WHERE `QID`=? LIMIT 1',
+                    [$question_id]
+                );
+                if (count($question) > 0 && $question[0]['AID'] == null) {
+                    $answer = trim(
+                        preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
+                            '',
+                            strip_tags($_REQUEST['answer'])
+                        ));
+
+                    if ($answer != '') {
+                        DB::update('
+                                UPDATE `Questions`
+                                SET `AID`=?, `Answer`=?
+                                WHERE `QID`=?
+                                LIMIT 1
+                            ',
+                            [
+                                $user['UID'],
+                                $answer,
+                                $question_id,
+                            ]
+                        );
+                        engelsystem_log('Question ' . $question[0]['Question'] . ' answered: ' . $answer);
+                        redirect(page_link_to('admin_questions'));
+                    } else {
+                        return error('Enter an answer!', true);
+                    }
+                } else {
+                    return error('No question found.', true);
+                }
+                break;
+            case 'delete':
+                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
+                    $question_id = $_REQUEST['id'];
+                } else {
+                    return error('Incomplete call, missing Question ID.', true);
+                }
+
+                $question = DB::select(
+                    'SELECT * FROM `Questions` WHERE `QID`=? LIMIT 1',
+                    [$question_id]
+                );
+                if (count($question) > 0) {
+                    DB::delete('DELETE FROM `Questions` WHERE `QID`=? LIMIT 1', [$question_id]);
+                    engelsystem_log('Question deleted: ' . $question[0]['Question']);
+                    redirect(page_link_to('admin_questions'));
+                } else {
+                    return error('No question found.', true);
+                }
+                break;
+        }
     }
-    
-    $answered_questions_table = [];
-    $questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
-    foreach ($questions as $question) {
-      $user_source = User($question['UID']);
-      $answer_user_source = User($question['AID']);
-      $answered_questions_table[] = [
-          'from' => User_Nick_render($user_source),
-          'question' => str_replace("\n", "<br />", $question['Question']),
-          'answered_by' => User_Nick_render($answer_user_source),
-          'answer' => str_replace("\n", "<br />", $question['Answer']),
-          'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') 
-      ];
-    }
-    
-    return page_with_title(admin_questions_title(), [
-        '<h2>' . _("Unanswered questions") . '</h2>',
-        table([
-            'from' => _("From"),
-            'question' => _("Question"),
-            'answer' => _("Answer"),
-            'actions' => '' 
-        ], $unanswered_questions_table),
-        '<h2>' . _("Answered questions") . '</h2>',
-        table([
-            'from' => _("From"),
-            'question' => _("Question"),
-            'answered_by' => _("Answered by"),
-            'answer' => _("Answer"),
-            'actions' => '' 
-        ], $answered_questions_table) 
-    ]);
-  } else {
-    switch ($_REQUEST['action']) {
-      case 'answer':
-        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $question_id = $_REQUEST['id'];
-        } else {
-          return error("Incomplete call, missing Question ID.", true);
-        }
-        
-        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
-        if (count($question) > 0 && $question[0]['AID'] == null) {
-          $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
-          
-          if ($answer != "") {
-            sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
-            engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
-            redirect(page_link_to("admin_questions"));
-          } else {
-            return error("Enter an answer!", true);
-          }
-        } else {
-          return error("No question found.", true);
-        }
-        break;
-      case 'delete':
-        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $question_id = $_REQUEST['id'];
-        } else {
-          return error("Incomplete call, missing Question ID.", true);
-        }
-        
-        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
-        if (count($question) > 0) {
-          sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
-          engelsystem_log("Question deleted: " . $question[0]['Question']);
-          redirect(page_link_to("admin_questions"));
-        } else {
-          return error("No question found.", true);
-        }
-        break;
-    }
-  }
+
+    return '';
 }
-?>

includes/pages/admin_rooms.php

@@ -1,196 +1,251 @@
 <?php
 
-function admin_rooms_title() {
-  return _("Rooms");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_rooms_title()
+{
+    return _('Rooms');
 }
 
-function admin_rooms() {
-  $rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
-  $rooms = [];
-  foreach ($rooms_source as $room) {
-    $rooms[] = [
-        'name' => Room_name_render($room),
-        'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '&#10003;' : '',
-        'public' => $room['show'] == 'Y' ? '&#10003;' : '',
-        'actions' => table_buttons([
-            button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'),
-            button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') 
-        ]) 
-    ];
-  }
-  $room = null;
-  
-  if (isset($_REQUEST['show'])) {
-    $msg = "";
-    $name = "";
-    $from_pentabarf = "";
-    $public = 'Y';
-    $number = "";
-    
-    $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
-    $angeltypes = [];
-    $angeltypes_count = [];
-    foreach ($angeltypes_source as $angeltype) {
-      $angeltypes[$angeltype['id']] = $angeltype['name'];
-      $angeltypes_count[$angeltype['id']] = 0;
+/**
+ * @return string
+ */
+function admin_rooms()
+{
+    $rooms_source = DB::select('SELECT * FROM `Room` ORDER BY `Name`');
+    $rooms = [];
+    foreach ($rooms_source as $room) {
+        $rooms[] = [
+            'name'           => Room_name_render($room),
+            'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '&#10003;' : '',
+            'public'         => $room['show'] == 'Y' ? '&#10003;' : '',
+            'actions'        => table_buttons([
+                button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _('edit'), 'btn-xs'),
+                button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _('delete'), 'btn-xs')
+            ])
+        ];
     }
-    
-    if (test_request_int('id')) {
-      $room = Room($_REQUEST['id']);
-      if ($room === false) {
-        engelsystem_error("Unable to load room.");
-      }
-      if ($room == null) {
-        redirect(page_link_to('admin_rooms'));
-      }
-      
-      $room_id = $_REQUEST['id'];
-      $name = $room['Name'];
-      $from_pentabarf = $room['FromPentabarf'];
-      $public = $room['show'];
-      $number = $room['Number'];
-      
-      $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'");
-      foreach ($needed_angeltypes as $needed_angeltype) {
-        $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
-      }
-    }
-    
-    if ($_REQUEST['show'] == 'edit') {
-      if (isset($_REQUEST['submit'])) {
-        $valid = true;
-        
-        if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
-          $name = strip_request_item('name');
-          if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($room_id)) > 0) {
-            $valid = false;
-            $msg .= error(_("This name is already in use."), true);
-          }
-        } else {
-          $valid = false;
-          $msg .= error(_("Please enter a name."), true);
+    $room = null;
+
+    if (isset($_REQUEST['show'])) {
+        $msg = '';
+        $name = '';
+        $from_pentabarf = '';
+        $public = 'Y';
+        $number = '';
+        $room_id = 0;
+
+        $angeltypes_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`');
+        $angeltypes = [];
+        $angeltypes_count = [];
+        foreach ($angeltypes_source as $angeltype) {
+            $angeltypes[$angeltype['id']] = $angeltype['name'];
+            $angeltypes_count[$angeltype['id']] = 0;
         }
-        
-        if (isset($_REQUEST['from_pentabarf'])) {
-          $from_pentabarf = 'Y';
-        } else {
-          $from_pentabarf = '';
-        }
-        
-        if (isset($_REQUEST['public'])) {
-          $public = 'Y';
-        } else {
-          $public = '';
-        }
-        
-        if (isset($_REQUEST['number'])) {
-          $number = strip_request_item('number');
-        } else {
-          $valid = false;
-        }
-        
-        foreach ($angeltypes as $angeltype_id => $angeltype) {
-          if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
-            $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
-          } else {
-            $valid = false;
-            $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
-          }
-        }
-        
-        if ($valid) {
-          if (isset($room_id)) {
-            sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($room_id) . "' LIMIT 1");
-            engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
-          } else {
-            $room_id = Room_create($name, $from_pentabarf, $public, $number);
-            if ($room_id === false) {
-              engelsystem_error("Unable to create room.");
+
+        if (test_request_int('id')) {
+            $room = Room($_REQUEST['id'], false);
+            if ($room === false) {
+                engelsystem_error('Unable to load room.');
             }
-            engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
-          }
-          
-          NeededAngelTypes_delete_by_room($room_id);
-          $needed_angeltype_info = [];
-          foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
-            $angeltype = AngelType($angeltype_id);
-            if ($angeltype != null) {
-              NeededAngelType_add(null, $angeltype_id, $room_id, $angeltype_count);
-              $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
+            if ($room == null) {
+                redirect(page_link_to('admin_rooms'));
+            }
+
+            $room_id = $_REQUEST['id'];
+            $name = $room['Name'];
+            $from_pentabarf = $room['FromPentabarf'];
+            $public = $room['show'];
+            $number = $room['Number'];
+
+            $needed_angeltypes = DB::select(
+                'SELECT `angel_type_id`, `count` FROM `NeededAngelTypes` WHERE `room_id`=?',
+                [$room_id]
+            );
+            foreach ($needed_angeltypes as $needed_angeltype) {
+                $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
             }
-          }
-          
-          engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info));
-          success(_("Room saved."));
-          redirect(page_link_to("admin_rooms"));
         }
-      }
-      $angeltypes_count_form = [];
-      foreach ($angeltypes as $angeltype_id => $angeltype) {
-        $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [
-            form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) 
-        ]);
-      }
-      
-      return page_with_title(admin_rooms_title(), [
-          buttons([
-              button(page_link_to('admin_rooms'), _("back"), 'back') 
-          ]),
-          $msg,
-          form([
-              div('row', [
-                  div('col-md-6', [
-                      form_text('name', _("Name"), $name),
-                      form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf),
-                      form_checkbox('public', _("Public"), $public),
-                      form_text('number', _("Room number"), $number) 
-                  ]),
-                  div('col-md-6', [
-                      div('row', [
-                          div('col-md-12', [
-                              form_info(_("Needed angels:")) 
-                          ]),
-                          join($angeltypes_count_form) 
-                      ]) 
-                  ]) 
-              ]),
-              form_submit('submit', _("Save")) 
-          ]) 
-      ]);
-    } elseif ($_REQUEST['show'] == 'delete') {
-      if (isset($_REQUEST['ack'])) {
-        if (! Room_delete($room_id)) {
-          engelsystem_error("Unable to delete room.");
+
+        if ($_REQUEST['show'] == 'edit') {
+            if (isset($_REQUEST['submit'])) {
+                $valid = true;
+
+                if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
+                    $name = strip_request_item('name');
+                    if (
+                        isset($room)
+                        && count(DB::select(
+                            'SELECT RID FROM `Room` WHERE `Name`=? AND NOT `RID`=?',
+                            [$name, $room_id]
+                        )) > 0
+                    ) {
+                        $valid = false;
+                        $msg .= error(_('This name is already in use.'), true);
+                    }
+                } else {
+                    $valid = false;
+                    $msg .= error(_('Please enter a name.'), true);
+                }
+
+                if (isset($_REQUEST['from_pentabarf'])) {
+                    $from_pentabarf = 'Y';
+                } else {
+                    $from_pentabarf = '';
+                }
+
+                if (isset($_REQUEST['public'])) {
+                    $public = 'Y';
+                } else {
+                    $public = '';
+                }
+
+                if (isset($_REQUEST['number'])) {
+                    $number = strip_request_item('number');
+                } else {
+                    $valid = false;
+                }
+
+                foreach ($angeltypes as $angeltype_id => $angeltype) {
+                    if (
+                        isset($_REQUEST['angeltype_count_' . $angeltype_id])
+                        && preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
+                    ) {
+                        $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
+                    } else {
+                        $valid = false;
+                        $msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
+                    }
+                }
+
+                if ($valid) {
+                    if (!empty($room_id)) {
+                        DB::update('
+                            UPDATE `Room`
+                            SET
+                                `Name`=?,
+                                `FromPentabarf`=?,
+                                `show`=?,
+                                `Number`=?
+                            WHERE `RID`=?
+                            LIMIT 1
+                        ', [
+                            $name,
+                            $from_pentabarf,
+                            $public,
+                            $number,
+                            $room_id,
+                        ]);
+                        engelsystem_log(
+                            'Room updated: ' . $name
+                            . ', pentabarf import: ' . $from_pentabarf
+                            . ', public: ' . $public
+                            . ', number: ' . $number
+                        );
+                    } else {
+                        $room_id = Room_create($name, $from_pentabarf, $public, $number);
+                        if ($room_id === false) {
+                            engelsystem_error('Unable to create room.');
+                        }
+                        engelsystem_log(
+                            'Room created: ' . $name
+                            . ', pentabarf import: '
+                            . $from_pentabarf
+                            . ', public: ' . $public
+                            . ', number: ' . $number
+                        );
+                    }
+
+                    NeededAngelTypes_delete_by_room($room_id);
+                    $needed_angeltype_info = [];
+                    foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
+                        $angeltype = AngelType($angeltype_id);
+                        if ($angeltype != null) {
+                            NeededAngelType_add(null, $angeltype_id, $room_id, $angeltype_count);
+                            $needed_angeltype_info[] = $angeltype['name'] . ': ' . $angeltype_count;
+                        }
+                    }
+
+                    engelsystem_log(
+                        'Set needed angeltypes of room ' . $name
+                        . ' to: ' . join(', ', $needed_angeltype_info)
+                    );
+                    success(_('Room saved.'));
+                    redirect(page_link_to('admin_rooms'));
+                }
+            }
+            $angeltypes_count_form = [];
+            foreach ($angeltypes as $angeltype_id => $angeltype) {
+                $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [
+                    form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id])
+                ]);
+            }
+
+            return page_with_title(admin_rooms_title(), [
+                buttons([
+                    button(page_link_to('admin_rooms'), _('back'), 'back')
+                ]),
+                $msg,
+                form([
+                    div('row', [
+                        div('col-md-6', [
+                            form_text('name', _('Name'), $name),
+                            form_checkbox('from_pentabarf', _('Frab import'), $from_pentabarf),
+                            form_checkbox('public', _('Public'), $public),
+                            form_text('number', _('Room number'), $number)
+                        ]),
+                        div('col-md-6', [
+                            div('row', [
+                                div('col-md-12', [
+                                    form_info(_('Needed angels:'))
+                                ]),
+                                join($angeltypes_count_form)
+                            ])
+                        ])
+                    ]),
+                    form_submit('submit', _('Save'))
+                ])
+            ]);
+        } elseif ($_REQUEST['show'] == 'delete') {
+            if (isset($_REQUEST['ack'])) {
+                if (!Room_delete($room_id)) {
+                    engelsystem_error('Unable to delete room.');
+                }
+
+                engelsystem_log('Room deleted: ' . $name);
+                success(sprintf(_('Room %s deleted.'), $name));
+                redirect(page_link_to('admin_rooms'));
+            }
+
+            return page_with_title(admin_rooms_title(), [
+                buttons([
+                    button(page_link_to('admin_rooms'), _('back'), 'back')
+                ]),
+                sprintf(_('Do you want to delete room %s?'), $name),
+                buttons([
+                    button(
+                        page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack',
+                        _('Delete'),
+                        'delete btn-danger'
+                    )
+                ])
+            ]);
         }
-        
-        engelsystem_log("Room deleted: " . $name);
-        success(sprintf(_("Room %s deleted."), $name));
-        redirect(page_link_to('admin_rooms'));
-      }
-      
-      return page_with_title(admin_rooms_title(), [
-          buttons([
-              button(page_link_to('admin_rooms'), _("back"), 'back') 
-          ]),
-          sprintf(_("Do you want to delete room %s?"), $name),
-          buttons([
-              button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete') 
-          ]) 
-      ]);
     }
-  }
-  
-  return page_with_title(admin_rooms_title(), [
-      buttons([
-          button(page_link_to('admin_rooms') . '&show=edit', _("add")) 
-      ]),
-      msg(),
-      table([
-          'name' => _("Name"),
-          'from_pentabarf' => _("Frab import"),
-          'public' => _("Public"),
-          'actions' => "" 
-      ], $rooms) 
-  ]);
+
+    return page_with_title(admin_rooms_title(), [
+        buttons([
+            button(page_link_to('admin_rooms') . '&show=edit', _('add'))
+        ]),
+        msg(),
+        table([
+            'name'           => _('Name'),
+            'from_pentabarf' => _('Frab import'),
+            'public'         => _('Public'),
+            'actions'        => ''
+        ], $rooms)
+    ]);
 }
-?>

includes/pages/admin_shifts.php

@@ -1,346 +1,419 @@
 <?php
 
-function admin_shifts_title() {
-  return _("Create shifts");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_shifts_title()
+{
+    return _('Create shifts');
 }
 
-// Assistent zum Anlegen mehrerer neuer Schichten
-function admin_shifts() {
-  $valid = true;
-  
-  $rid = 0;
-  $start = parse_date("Y-m-d H:i", date("Y-m-d") . " 00:00");
-  $end = $start;
-  $mode = 'single';
-  $angelmode = 'manually';
-  $length = '';
-  $change_hours = [];
-  $title = "";
-  $shifttype_id = null;
-  
-  // Locations laden (auch unsichtbare - fuer Erzengel ist das ok)
-  $rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
-  $room_array = [];
-  foreach ($rooms as $room) {
-    $room_array[$room['RID']] = $room['Name'];
-  }
-  
-  // Engeltypen laden
-  $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
-  $needed_angel_types = [];
-  foreach ($types as $type) {
-    $needed_angel_types[$type['id']] = 0;
-  }
-  
-  // Load shift types
-  $shifttypes_source = ShiftTypes();
-  if ($shifttypes_source === false) {
-    engelsystem_error('Unable to load shift types.');
-  }
-  $shifttypes = [];
-  foreach ($shifttypes_source as $shifttype) {
-    $shifttypes[$shifttype['id']] = $shifttype['name'];
-  }
-  
-  if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
-    if (isset($_REQUEST['shifttype_id'])) {
-      $shifttype = ShiftType($_REQUEST['shifttype_id']);
-      if ($shifttype === false) {
-        engelsystem_error('Unable to load shift type.');
-      }
-      if ($shifttype == null) {
-        $valid = false;
-        error(_('Please select a shift type.'));
-      } else {
-        $shifttype_id = $_REQUEST['shifttype_id'];
-      }
-    } else {
-      $valid = false;
-      error(_('Please select a shift type.'));
+/**
+ * Assistent zum Anlegen mehrerer neuer Schichten
+ *
+ * @return string
+ */
+function admin_shifts()
+{
+    $valid = true;
+
+    $start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
+    $end = $start;
+    $mode = 'single';
+    $angelmode = 'manually';
+    $length = '';
+    $change_hours = [];
+    $title = '';
+    $shifttype_id = null;
+
+    // Locations laden (auch unsichtbare - fuer Erzengel ist das ok)
+    $rooms = DB::select('SELECT `RID`, `Name` FROM `Room` ORDER BY `Name`');
+    $room_array = [];
+    foreach ($rooms as $room) {
+        $room_array[$room['RID']] = $room['Name'];
     }
-    
-    // Name/Bezeichnung der Schicht, darf leer sein
-    $title = strip_request_item('title');
-    
-    // Auswahl der sichtbaren Locations für die Schichten
-    if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
-      $rid = $_REQUEST['rid'];
-    } else {
-      $valid = false;
-      $rid = $rooms[0]['RID'];
-      error(_('Please select a location.'));
+
+    // Engeltypen laden
+    $types = DB::select('SELECT * FROM `AngelTypes` ORDER BY `name`');
+    $needed_angel_types = [];
+    foreach ($types as $type) {
+        $needed_angel_types[$type['id']] = 0;
     }
-    
-    if (isset($_REQUEST['start']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['start'])) {
-      $start = $tmp;
-    } else {
-      $valid = false;
-      error(_('Please select a start time.'));
+
+    // Load shift types
+    $shifttypes_source = ShiftTypes();
+    if ($shifttypes_source === false) {
+        engelsystem_error('Unable to load shift types.');
     }
-    
-    if (isset($_REQUEST['end']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['end'])) {
-      $end = $tmp;
-    } else {
-      $valid = false;
-      error(_('Please select an end time.'));
+    $shifttypes = [];
+    foreach ($shifttypes_source as $shifttype) {
+        $shifttypes[$shifttype['id']] = $shifttype['name'];
     }
-    
-    if ($start >= $end) {
-      $valid = false;
-      error(_('The shifts end has to be after its start.'));
-    }
-    
-    if (isset($_REQUEST['mode'])) {
-      if ($_REQUEST['mode'] == 'single') {
-        $mode = 'single';
-      } elseif ($_REQUEST['mode'] == 'multi') {
-        if (isset($_REQUEST['length']) && preg_match("/^[0-9]+$/", trim($_REQUEST['length']))) {
-          $mode = 'multi';
-          $length = trim($_REQUEST['length']);
+
+    if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
+        if (isset($_REQUEST['shifttype_id'])) {
+            $shifttype = ShiftType($_REQUEST['shifttype_id']);
+            if ($shifttype == null) {
+                $valid = false;
+                error(_('Please select a shift type.'));
+            } else {
+                $shifttype_id = $_REQUEST['shifttype_id'];
+            }
         } else {
-          $valid = false;
-          error(_('Please enter a shift duration in minutes.'));
-        }
-      } elseif ($_REQUEST['mode'] == 'variable') {
-        if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) {
-          $mode = 'variable';
-          $change_hours = array_map('trim', explode(",", $_REQUEST['change_hours']));
-        } else {
-          $valid = false;
-          error(_('Please split the shift-change hours by colons.'));
-        }
-      }
-    } else {
-      $valid = false;
-      error(_('Please select a mode.'));
-    }
-    
-    if (isset($_REQUEST['angelmode'])) {
-      if ($_REQUEST['angelmode'] == 'location') {
-        $angelmode = 'location';
-      } elseif ($_REQUEST['angelmode'] == 'manually') {
-        $angelmode = 'manually';
-        foreach ($types as $type) {
-          if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) {
-            $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
-          } else {
             $valid = false;
-            error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
-          }
+            error(_('Please select a shift type.'));
         }
-        if (array_sum($needed_angel_types) == 0) {
-          $valid = false;
-          error(_('There are 0 angels needed. Please enter the amounts of needed angels.'));
+
+        // Name/Bezeichnung der Schicht, darf leer sein
+        $title = strip_request_item('title');
+
+        // Auswahl der sichtbaren Locations für die Schichten
+        if (
+            isset($_REQUEST['rid'])
+            && preg_match('/^\d+$/', $_REQUEST['rid'])
+            && isset($room_array[$_REQUEST['rid']])
+        ) {
+            $rid = $_REQUEST['rid'];
+        } else {
+            $valid = false;
+            $rid = $rooms[0]['RID'];
+            error(_('Please select a location.'));
         }
-      } else {
-        $valid = false;
-        error(_('Please select a mode for needed angels.'));
-      }
+
+        if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
+            $start = $tmp;
+        } else {
+            $valid = false;
+            error(_('Please select a start time.'));
+        }
+
+        if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
+            $end = $tmp;
+        } else {
+            $valid = false;
+            error(_('Please select an end time.'));
+        }
+
+        if ($start >= $end) {
+            $valid = false;
+            error(_('The shifts end has to be after its start.'));
+        }
+
+        if (isset($_REQUEST['mode'])) {
+            if ($_REQUEST['mode'] == 'single') {
+                $mode = 'single';
+            } elseif ($_REQUEST['mode'] == 'multi') {
+                if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) {
+                    $mode = 'multi';
+                    $length = trim($_REQUEST['length']);
+                } else {
+                    $valid = false;
+                    error(_('Please enter a shift duration in minutes.'));
+                }
+            } elseif ($_REQUEST['mode'] == 'variable') {
+                if (
+                    isset($_REQUEST['change_hours'])
+                    && preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
+                ) {
+                    $mode = 'variable';
+                    $change_hours = array_map('trim', explode(',', $_REQUEST['change_hours']));
+                } else {
+                    $valid = false;
+                    error(_('Please split the shift-change hours by colons.'));
+                }
+            }
+        } else {
+            $valid = false;
+            error(_('Please select a mode.'));
+        }
+
+        if (isset($_REQUEST['angelmode'])) {
+            if ($_REQUEST['angelmode'] == 'location') {
+                $angelmode = 'location';
+            } elseif ($_REQUEST['angelmode'] == 'manually') {
+                $angelmode = 'manually';
+                foreach ($types as $type) {
+                    if (
+                        isset($_REQUEST['type_' . $type['id']])
+                        && preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']]))
+                    ) {
+                        $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
+                    } else {
+                        $valid = false;
+                        error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
+                    }
+                }
+                if (array_sum($needed_angel_types) == 0) {
+                    $valid = false;
+                    error(_('There are 0 angels needed. Please enter the amounts of needed angels.'));
+                }
+            } else {
+                $valid = false;
+                error(_('Please select a mode for needed angels.'));
+            }
+        } else {
+            $valid = false;
+            error(_('Please select needed angels.'));
+        }
+
+        // Beim Zurück-Knopf das Formular zeigen
+        if (isset($_REQUEST['back'])) {
+            $valid = false;
+        }
+
+        // Alle Eingaben in Ordnung
+        if ($valid) {
+            if ($angelmode == 'location') {
+                $needed_angel_types = [];
+                $needed_angel_types_location = DB::select('
+                        SELECT `angel_type_id`, `count`
+                        FROM `NeededAngelTypes`
+                        WHERE `room_id`=?
+                    ',
+                    [$rid]
+                );
+                foreach ($needed_angel_types_location as $type) {
+                    $needed_angel_types[$type['angel_type_id']] = $type['count'];
+                }
+            }
+            $shifts = [];
+            if ($mode == 'single') {
+                $shifts[] = [
+                    'start'        => $start,
+                    'end'          => $end,
+                    'RID'          => $rid,
+                    'title'        => $title,
+                    'shifttype_id' => $shifttype_id
+                ];
+            } elseif ($mode == 'multi') {
+                $shift_start = (int)$start;
+                do {
+                    $shift_end = $shift_start + (int)$length * 60;
+
+                    if ($shift_end > $end) {
+                        $shift_end = $end;
+                    }
+                    if ($shift_start >= $shift_end) {
+                        break;
+                    }
+
+                    $shifts[] = [
+                        'start'        => $shift_start,
+                        'end'          => $shift_end,
+                        'RID'          => $rid,
+                        'title'        => $title,
+                        'shifttype_id' => $shifttype_id
+                    ];
+
+                    $shift_start = $shift_end;
+                } while ($shift_end < $end);
+            } elseif ($mode == 'variable') {
+                rsort($change_hours);
+                $day = parse_date('Y-m-d H:i', date('Y-m-d', $start) . ' 00:00');
+                $change_index = 0;
+                // Ersten/nächsten passenden Schichtwechsel suchen
+                foreach ($change_hours as $i => $change_hour) {
+                    if ($start < $day + $change_hour * 60 * 60) {
+                        $change_index = $i;
+                    } elseif ($start == $day + $change_hour * 60 * 60) {
+                        // Start trifft Schichtwechsel
+                        $change_index = ($i + count($change_hours) - 1) % count($change_hours);
+                        break;
+                    } else {
+                        break;
+                    }
+                }
+
+                $shift_start = $start;
+                do {
+                    $day = parse_date('Y-m-d H:i', date('Y-m-d', $shift_start) . ' 00:00');
+                    $shift_end = $day + $change_hours[$change_index] * 60 * 60;
+
+                    if ($shift_end > $end) {
+                        $shift_end = $end;
+                    }
+                    if ($shift_start >= $shift_end) {
+                        $shift_end += 24 * 60 * 60;
+                    }
+
+                    $shifts[] = [
+                        'start'        => $shift_start,
+                        'end'          => $shift_end,
+                        'RID'          => $rid,
+                        'title'        => $title,
+                        'shifttype_id' => $shifttype_id
+                    ];
+
+                    $shift_start = $shift_end;
+                    $change_index = ($change_index + count($change_hours) - 1) % count($change_hours);
+                } while ($shift_end < $end);
+            }
+
+            $shifts_table = [];
+            foreach ($shifts as $shift) {
+                $shifts_table_entry = [
+                    'timeslot'      =>
+                        '<span class="glyphicon glyphicon-time"></span> '
+                        . date('Y-m-d H:i', $shift['start'])
+                        . ' - '
+                        . date('H:i', $shift['end'])
+                        . '<br />'
+                        . Room_name_render(Room($shift['RID'])),
+                    'title'         =>
+                        ShiftType_name_render(ShiftType($shifttype_id))
+                        . ($shift['title'] ? '<br />' . $shift['title'] : ''),
+                    'needed_angels' => ''
+                ];
+                foreach ($types as $type) {
+                    if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) {
+                        $shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />';
+                    }
+                }
+                $shifts_table[] = $shifts_table_entry;
+            }
+
+            // Fürs Anlegen zwischenspeichern:
+            $_SESSION['admin_shifts_shifts'] = $shifts;
+            $_SESSION['admin_shifts_types'] = $needed_angel_types;
+
+            $hidden_types = '';
+            foreach ($needed_angel_types as $type_id => $count) {
+                $hidden_types .= form_hidden('type_' . $type_id, $count);
+            }
+            return page_with_title(_('Preview'), [
+                form([
+                    $hidden_types,
+                    form_hidden('shifttype_id', $shifttype_id),
+                    form_hidden('title', $title),
+                    form_hidden('rid', $rid),
+                    form_hidden('start', date('Y-m-d H:i', $start)),
+                    form_hidden('end', date('Y-m-d H:i', $end)),
+                    form_hidden('mode', $mode),
+                    form_hidden('length', $length),
+                    form_hidden('change_hours', implode(', ', $change_hours)),
+                    form_hidden('angelmode', $angelmode),
+                    form_submit('back', _('back')),
+                    table([
+                        'timeslot'      => _('Time and location'),
+                        'title'         => _('Type and title'),
+                        'needed_angels' => _('Needed angels')
+                    ], $shifts_table),
+                    form_submit('submit', _('Save'))
+                ])
+            ]);
+        }
+    } elseif (isset($_REQUEST['submit'])) {
+        if (
+            !isset($_SESSION['admin_shifts_shifts'])
+            || !isset($_SESSION['admin_shifts_types'])
+            || !is_array($_SESSION['admin_shifts_shifts'])
+            || !is_array($_SESSION['admin_shifts_types'])
+        ) {
+            redirect(page_link_to('admin_shifts'));
+        }
+
+        $needed_angel_types_info = [];
+        foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
+            $shift['URL'] = null;
+            $shift['PSID'] = null;
+            $shift_id = Shift_create($shift);
+            if ($shift_id === false) {
+                engelsystem_error('Unable to create shift.');
+            }
+
+            engelsystem_log(
+                'Shift created: ' . $shifttypes[$shift['shifttype_id']]
+                . ' with title ' . $shift['title']
+                . ' from ' . date('Y-m-d H:i', $shift['start'])
+                . ' to ' . date('Y-m-d H:i', $shift['end'])
+            );
+
+            foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
+                $angel_type_source = DB::select('
+                      SELECT *
+                      FROM `AngelTypes`
+                      WHERE `id` = ?
+                      LIMIT 1', [$type_id]);
+                if (!empty($angel_type_source)) {
+                    DB::insert('
+                        INSERT INTO `NeededAngelTypes` (`shift_id`, `angel_type_id`, `count`)
+                        VALUES (?, ?, ?)
+                      ',
+                        [
+                            $shift_id,
+                            $type_id,
+                            $count
+                        ]
+                    );
+                    $needed_angel_types_info[] = $angel_type_source[0]['name'] . ': ' . $count;
+                }
+            }
+        }
+
+        engelsystem_log('Shift needs following angel types: ' . join(', ', $needed_angel_types_info));
+        success('Schichten angelegt.');
+        redirect(page_link_to('admin_shifts'));
     } else {
-      $valid = false;
-      error(_('Please select needed angels.'));
+        unset($_SESSION['admin_shifts_shifts']);
+        unset($_SESSION['admin_shifts_types']);
     }
-    
-    // Beim Zurück-Knopf das Formular zeigen
-    if (isset($_REQUEST['back'])) {
-      $valid = false;
+
+    if (!isset($_REQUEST['rid'])) {
+        $_REQUEST['rid'] = null;
     }
-    
-    // Alle Eingaben in Ordnung
-    if ($valid) {
-      if ($angelmode == 'location') {
-        $needed_angel_types = [];
-        $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
-        foreach ($needed_angel_types_location as $type) {
-          $needed_angel_types[$type['angel_type_id']] = $type['count'];
-        }
-      }
-      $shifts = [];
-      if ($mode == 'single') {
-        $shifts[] = [
-            'start' => $start,
-            'end' => $end,
-            'RID' => $rid,
-            'title' => $title,
-            'shifttype_id' => $shifttype_id 
-        ];
-      } elseif ($mode == 'multi') {
-        $shift_start = $start;
-        do {
-          $shift_end = $shift_start + $length * 60;
-          
-          if ($shift_end > $end) {
-            $shift_end = $end;
-          }
-          if ($shift_start >= $shift_end) {
-            break;
-          }
-          
-          $shifts[] = [
-              'start' => $shift_start,
-              'end' => $shift_end,
-              'RID' => $rid,
-              'title' => $title,
-              'shifttype_id' => $shifttype_id 
-          ];
-          
-          $shift_start = $shift_end;
-        } while ($shift_end < $end);
-      } elseif ($mode == 'variable') {
-        rsort($change_hours);
-        $day = parse_date("Y-m-d H:i", date("Y-m-d", $start) . " 00:00");
-        $change_index = 0;
-        // Ersten/nächsten passenden Schichtwechsel suchen
-        foreach ($change_hours as $i => $change_hour) {
-          if ($start < $day + $change_hour * 60 * 60) {
-            $change_index = $i;
-          } elseif ($start == $day + $change_hour * 60 * 60) {
-            // Start trifft Schichtwechsel
-            $change_index = ($i + count($change_hours) - 1) % count($change_hours);
-            break;
-          } else {
-            break;
-          }
-        }
-        
-        $shift_start = $start;
-        do {
-          $day = parse_date("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00");
-          $shift_end = $day + $change_hours[$change_index] * 60 * 60;
-          
-          if ($shift_end > $end) {
-            $shift_end = $end;
-          }
-          if ($shift_start >= $shift_end) {
-            $shift_end += 24 * 60 * 60;
-          }
-          
-          $shifts[] = [
-              'start' => $shift_start,
-              'end' => $shift_end,
-              'RID' => $rid,
-              'title' => $title,
-              'shifttype_id' => $shifttype_id 
-          ];
-          
-          $shift_start = $shift_end;
-          $change_index = ($change_index + count($change_hours) - 1) % count($change_hours);
-        } while ($shift_end < $end);
-      }
-      
-      $shifts_table = [];
-      foreach ($shifts as $shift) {
-        $shifts_table_entry = [
-            'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])),
-            'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''),
-            'needed_angels' => '' 
-        ];
-        foreach ($types as $type) {
-          if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) {
-            $shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />';
-          }
-        }
-        $shifts_table[] = $shifts_table_entry;
-      }
-      
-      // Fürs Anlegen zwischenspeichern:
-      $_SESSION['admin_shifts_shifts'] = $shifts;
-      $_SESSION['admin_shifts_types'] = $needed_angel_types;
-      
-      $hidden_types = "";
-      foreach ($needed_angel_types as $type_id => $count) {
-        $hidden_types .= form_hidden('type_' . $type_id, $count);
-      }
-      return page_with_title(_("Preview"), [
-          form([
-              $hidden_types,
-              form_hidden('shifttype_id', $shifttype_id),
-              form_hidden('title', $title),
-              form_hidden('rid', $rid),
-              form_hidden('start', date("Y-m-d H:i", $start)),
-              form_hidden('end', date("Y-m-d H:i", $end)),
-              form_hidden('mode', $mode),
-              form_hidden('length', $length),
-              form_hidden('change_hours', implode(', ', $change_hours)),
-              form_hidden('angelmode', $angelmode),
-              form_submit('back', _("back")),
-              table([
-                  'timeslot' => _('Time and location'),
-                  'title' => _('Type and title'),
-                  'needed_angels' => _('Needed angels') 
-              ], $shifts_table),
-              form_submit('submit', _("Save")) 
-          ]) 
-      ]);
+    $angel_types = '';
+    foreach ($types as $type) {
+        $angel_types .= '<div class="col-md-4">' . form_spinner(
+                'type_' . $type['id'],
+                $type['name'],
+                $needed_angel_types[$type['id']]
+            )
+            . '</div>';
     }
-  } elseif (isset($_REQUEST['submit'])) {
-    if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) {
-      redirect(page_link_to('admin_shifts'));
-    }
-    
-    foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
-      $shift['URL'] = null;
-      $shift['PSID'] = null;
-      $shift_id = Shift_create($shift);
-      if ($shift_id === false) {
-        engelsystem_error('Unable to create shift.');
-      }
-      
-      engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
-      $needed_angel_types_info = [];
-      foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
-        $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
-        if (count($angel_type_source) > 0) {
-          sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
-          $needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count;
-        }
-      }
-    }
-    
-    engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info));
-    success("Schichten angelegt.");
-    redirect(page_link_to('admin_shifts'));
-  } else {
-    unset($_SESSION['admin_shifts_shifts']);
-    unset($_SESSION['admin_shifts_types']);
-  }
-  
-  if (! isset($_REQUEST['rid'])) {
-    $_REQUEST['rid'] = null;
-  }
-  $angel_types = "";
-  foreach ($types as $type) {
-    $angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>';
-  }
-  
-  return page_with_title(admin_shifts_title(), [
-      msg(),
-      form([
-          form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
-          form_text('title', _("Title"), $title),
-          form_select('rid', _("Room"), $room_array, $_REQUEST['rid']),
-          div('row', [
-              div('col-md-6', [
-                  form_text('start', _("Start"), date("Y-m-d H:i", $start)),
-                  form_text('end', _("End"), date("Y-m-d H:i", $end)),
-                  form_info(_("Mode"), ''),
-                  form_radio('mode', _("Create one shift"), $mode == 'single', 'single'),
-                  form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'),
-                  form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
-                  form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'),
-                  form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22') 
-              ]),
-              div('col-md-6', [
-                  form_info(_("Needed angels"), ''),
-                  form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'),
-                  form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'),
-                  div('row', [
-                      $angel_types 
-                  ]) 
-              ]) 
-          ]),
-          form_submit('preview', _("Preview")) 
-      ]) 
-  ]);
+
+    return page_with_title(admin_shifts_title(), [
+        msg(),
+        form([
+            form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
+            form_text('title', _('Title'), $title),
+            form_select('rid', _('Room'), $room_array, $_REQUEST['rid']),
+            div('row', [
+                div('col-md-6', [
+                    form_text('start', _('Start'), date('Y-m-d H:i', $start)),
+                    form_text('end', _('End'), date('Y-m-d H:i', $end)),
+                    form_info(_('Mode'), ''),
+                    form_radio('mode', _('Create one shift'), $mode == 'single', 'single'),
+                    form_radio('mode', _('Create multiple shifts'), $mode == 'multi', 'multi'),
+                    form_text('length', _('Length'), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
+                    form_radio(
+                        'mode',
+                        _('Create multiple shifts with variable length'),
+                        $mode == 'variable',
+                        'variable'
+                    ),
+                    form_text(
+                        'change_hours',
+                        _('Shift change hours'),
+                        !empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
+                    )
+                ]),
+                div('col-md-6', [
+                    form_info(_('Needed angels'), ''),
+                    form_radio(
+                        'angelmode',
+                        _('Take needed angels from room settings'),
+                        $angelmode == 'location',
+                        'location'
+                    ),
+                    form_radio('angelmode', _('The following angels are needed'), $angelmode == 'manually', 'manually'),
+                    div('row', [
+                        $angel_types
+                    ])
+                ])
+            ]),
+            form_submit('preview', _('Preview'))
+        ])
+    ]);
 }
-?>

includes/pages/admin_user.php

@@ -1,208 +1,310 @@
 <?php
 
-function admin_user_title() {
-  return _("All Angels");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function admin_user_title()
+{
+    return _('All Angels');
 }
 
-function admin_user() {
-  global $user, $privileges, $tshirt_sizes, $privileges;
-  
-  $html = '';
-  
-  if (! isset($_REQUEST['id'])) {
-    redirect(users_link());
-  }
-  
-  $user_id = $_REQUEST['id'];
-  if (! isset($_REQUEST['action'])) {
-    $user_source = User($user_id);
-    if ($user_source == null) {
-      error(_('This user does not exist.'));
-      redirect(users_link());
-    }
-    
-    $html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
-    
-    $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$user_id\" method=\"post\">\n";
-    $html .= "<table border=\"0\">\n";
-    $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
-    $html .= "<tr><td>\n";
-    $html .= "<table>\n";
-    $html .= "  <tr><td>Nick</td><td>" . "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" . $user_source['Nick'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>lastLogIn</td><td>" . date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
-    $html .= "  <tr><td>Name</td><td>" . "<input type=\"text\" size=\"40\" name=\"eName\" value=\"" . $user_source['Name'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>Vorname</td><td>" . "<input type=\"text\" size=\"40\" name=\"eVorname\" value=\"" . $user_source['Vorname'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>Alter</td><td>" . "<input type=\"text\" size=\"5\" name=\"eAlter\" value=\"" . $user_source['Alter'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>Telefon</td><td>" . "<input type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" . $user_source['Telefon'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>Handy</td><td>" . "<input type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>DECT</td><td>" . "<input type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n";
-    if ($user_source['email_by_human_allowed']) {
-      $html .= "  <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
-    }
-    $html .= "  <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
-    $html .= "  <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
-    
-    $options = [
-        '1' => _("Yes"),
-        '0' => _("No") 
-    ];
-    
-    // Gekommen?
-    $html .= "  <tr><td>Gekommen</td><td>\n";
-    $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
-    
-    // Aktiv?
-    $html .= "  <tr><td>Aktiv</td><td>\n";
-    $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
-    
-    // Aktiv erzwingen
-    if (in_array('admin_active', $privileges)) {
-      $html .= "  <tr><td>" . _("Force active") . "</td><td>\n";
-      $html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n";
-    }
-    
-    // T-Shirt bekommen?
-    $html .= "  <tr><td>T-Shirt</td><td>\n";
-    $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
-    
-    $html .= "  <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n";
-    
-    $html .= "</table>\n</td><td valign=\"top\"></td></tr>";
-    
-    $html .= "</td></tr>\n";
-    $html .= "</table>\n<br />\n";
-    $html .= "<input type=\"submit\" value=\"Speichern\">\n";
-    $html .= "</form>";
-    
-    $html .= "<hr />";
-    
-    $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
-    
-    $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$user_id\" method=\"post\">\n";
-    $html .= "<table>\n";
-    $html .= "  <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
-    $html .= "  <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
-    
-    $html .= "</table>";
-    $html .= "<input type=\"submit\" value=\"Speichern\">\n";
-    $html .= "</form>";
-    
-    $html .= "<hr />";
-    
-    $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
-    if (count($my_highest_group) > 0) {
-      $my_highest_group = $my_highest_group[0]['group_id'];
-    }
-    
-    $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1");
-    if (count($his_highest_group) > 0) {
-      $his_highest_group = $his_highest_group[0]['group_id'];
-    }
-    
-    if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
-      $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $user_id . "\" method=\"post\">\n";
-      $html .= '<table>';
-      
-      $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
-      foreach ($groups as $group) {
-        $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
-      }
-      
-      $html .= '</table>';
-      
-      $html .= "<input type=\"submit\" value=\"Speichern\">\n";
-      $html .= "</form>";
-      
-      $html .= "<hr />";
-    }
-    
-    $html .= buttons([
-        button(user_delete_link($user_source), glyph('lock') . _("delete"), 'btn-danger') 
-    ]);
-    
-    $html .= "<hr />";
-  } else {
-    switch ($_REQUEST['action']) {
-      case 'save_groups':
-        if ($user_id != $user['UID']) {
-          $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
-          $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`");
-          
-          if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
-            $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
-            $groups = [];
-            $grouplist = [];
-            foreach ($groups_source as $group) {
-              $groups[$group['UID']] = $group;
-              $grouplist[] = $group['UID'];
-            }
-            
-            if (! is_array($_REQUEST['groups'])) {
-              $_REQUEST['groups'] = [];
-            }
-            
-            sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'");
-            $user_groups_info = [];
-            foreach ($_REQUEST['groups'] as $group) {
-              if (in_array($group, $grouplist)) {
-                sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'");
-                $user_groups_info[] = $groups[$group]['Name'];
-              }
-            }
-            $user_source = User($user_id);
-            engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
-            $html .= success("Benutzergruppen gespeichert.", true);
-          } else {
-            $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
-          }
-        } else {
-          $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
+/**
+ * @return string
+ */
+function admin_user()
+{
+    global $user, $privileges;
+    $tshirt_sizes = config('tshirt_sizes');
+
+    foreach ($tshirt_sizes as $key => $size) {
+        if (empty($size)) {
+            unset($tshirt_sizes[$key]);
         }
-        break;
-      
-      case 'save':
-        $force_active = $user['force_active'];
+    }
+
+    $html = '';
+
+    if (!isset($_REQUEST['id'])) {
+        redirect(users_link());
+    }
+
+    $user_id = $_REQUEST['id'];
+    if (!isset($_REQUEST['action'])) {
+        $user_source = User($user_id);
+        if ($user_source == null) {
+            error(_('This user does not exist.'));
+            redirect(users_link());
+        }
+
+        $html .= 'Hallo,<br />'
+            . 'hier kannst du den Eintrag &auml;ndern. Unter dem Punkt \'Gekommen\' '
+            . 'wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, '
+            . 'dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. '
+            . 'Wenn T-Shirt ein \'Ja\' enth&auml;lt, bedeutet dies, dass der Engel '
+            . 'bereits sein T-Shirt erhalten hat.<br /><br />' . "\n";
+
+        $html .= '<form action="' . page_link_to('admin_user') . '&action=save&id=' . $user_id . '" method="post">' . "\n";
+        $html .= '<table border="0">' . "\n";
+        $html .= '<input type="hidden" name="Type" value="Normal">' . "\n";
+        $html .= '<tr><td>' . "\n";
+        $html .= '<table>' . "\n";
+        $html .= '  <tr><td>Nick</td><td>' . '<input type="text" size="40" name="eNick" value="' . $user_source['Nick'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Last login</td><td><p class="help-block">'
+            . date('Y-m-d H:i', $user_source['lastLogIn'])
+            . '</p></td></tr>' . "\n";
+        $html .= '  <tr><td>Name</td><td>' . '<input type="text" size="40" name="eName" value="' . $user_source['Name'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Vorname</td><td>' . '<input type="text" size="40" name="eVorname" value="' . $user_source['Vorname'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Alter</td><td>' . '<input type="text" size="5" name="eAlter" value="' . $user_source['Alter'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Telefon</td><td>' . '<input type="text" size="40" name="eTelefon" value="' . $user_source['Telefon'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Handy</td><td>' . '<input type="text" size="40" name="eHandy" value="' . $user_source['Handy'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>DECT</td><td>' . '<input type="text" size="4" name="eDECT" value="' . $user_source['DECT'] . '" class="form-control"></td></tr>' . "\n";
+        if ($user_source['email_by_human_allowed']) {
+            $html .= "  <tr><td>email</td><td>" . '<input type="text" size="40" name="eemail" value="' . $user_source['email'] . '" class="form-control"></td></tr>' . "\n";
+        }
+        $html .= "  <tr><td>jabber</td><td>" . '<input type="text" size="40" name="ejabber" value="' . $user_source['jabber'] . '" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Size</td><td>'
+            . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . '</td></tr>' . "\n";
+
+        $options = [
+            '1' => _('Yes'),
+            '0' => _('No')
+        ];
+
+        // Gekommen?
+        $html .= '  <tr><td>Gekommen</td><td>' . "\n";
+        $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . '</td></tr>' . "\n";
+
+        // Aktiv?
+        $html .= '  <tr><td>Aktiv</td><td>' . "\n";
+        $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . '</td></tr>' . "\n";
+
+        // Aktiv erzwingen
         if (in_array('admin_active', $privileges)) {
-          $force_active = $_REQUEST['force_active'];
+            $html .= '  <tr><td>' . _('Force active') . '</td><td>' . "\n";
+            $html .= html_options('force_active', $options, $user_source['force_active']) . '</td></tr>' . "\n";
         }
-        $SQL = "UPDATE `User` SET 
-              `Nick` = '" . sql_escape($_POST["eNick"]) . "', 
-              `Name` = '" . sql_escape($_POST["eName"]) . "', 
-              `Vorname` = '" . sql_escape($_POST["eVorname"]) . "', 
-              `Telefon` = '" . sql_escape($_POST["eTelefon"]) . "', 
-              `Handy` = '" . sql_escape($_POST["eHandy"]) . "', 
-              `Alter` = '" . sql_escape($_POST["eAlter"]) . "', 
-              `DECT` = '" . sql_escape($_POST["eDECT"]) . "', 
-              " . ($user_source['email_by_human_allowed'] ? "`email` = '" . sql_escape($_POST["eemail"]) . "'" : "") . "
-              `jabber` = '" . sql_escape($_POST["ejabber"]) . "', 
-              `Size` = '" . sql_escape($_POST["eSize"]) . "', 
-              `Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "', 
-              `Aktiv`= '" . sql_escape($_POST["eAktiv"]) . "', 
-              `force_active`= " . sql_escape($force_active) . ", 
-              `Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "', 
-              `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' 
-              WHERE `UID` = '" . sql_escape($user_id) . "' 
-              LIMIT 1";
-        sql_query($SQL);
-        engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
-        $html .= success("Änderung wurde gespeichert...\n", true);
-        break;
-      
-      case 'change_pw':
-        if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
-          set_password($user_id, $_REQUEST['new_pw']);
-          $user_source = User($user_id);
-          engelsystem_log("Set new password for " . User_Nick_render($user_source));
-          $html .= success("Passwort neu gesetzt.", true);
-        } else {
-          $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
+
+        // T-Shirt bekommen?
+        $html .= '  <tr><td>T-Shirt</td><td>' . "\n";
+        $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . '</td></tr>' . "\n";
+
+        $html .= '  <tr><td>Hometown</td><td>' . '<input type="text" size="40" name="Hometown" value="' . $user_source['Hometown'] . '" class="form-control"></td></tr>' . "\n";
+
+        $html .= '</table>' . "\n" . '</td><td valign="top"></td></tr>';
+
+        $html .= '</td></tr>' . "\n";
+        $html .= '</table>' . "\n" . '<br />' . "\n";
+        $html .= '<input type="submit" value="Speichern" class="btn btn-primary">';
+        $html .= '</form>';
+
+        $html .= '<hr />';
+
+        $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
+
+        $html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:<form action="'
+            . page_link_to('admin_user') . '&action=change_pw&id=' . $user_id . '" method="post">' . "\n";
+        $html .= '<table>' . "\n";
+        $html .= '  <tr><td>Passwort</td><td>' . '<input type="password" size="40" name="new_pw" value="" class="form-control"></td></tr>' . "\n";
+        $html .= '  <tr><td>Wiederholung</td><td>' . '<input type="password" size="40" name="new_pw2" value="" class="form-control"></td></tr>' . "\n";
+
+        $html .= '</table>' . "\n" . '<br />' . "\n";
+        $html .= '<input type="submit" value="Speichern" class="btn btn-primary">' . "\n";
+        $html .= '</form>';
+
+        $html .= '<hr />';
+
+        $my_highest_group = DB::select(
+            'SELECT group_id FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id` LIMIT 1',
+            [$user['UID']]
+        );
+        if (count($my_highest_group) > 0) {
+            $my_highest_group = $my_highest_group[0]['group_id'];
+        }
+
+        $his_highest_group = DB::select(
+            'SELECT `group_id` FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id` LIMIT 1',
+            [$user_id]
+        );
+        if (count($his_highest_group) > 0) {
+            $his_highest_group = $his_highest_group[0]['group_id'];
+        }
+
+        if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
+            $html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:<form action="'
+                . page_link_to('admin_user') . '&action=save_groups&id=' . $user_id . '" method="post">' . "\n";
+            $html .= '<table>';
+
+            $groups = DB::select('
+                    SELECT *
+                    FROM `Groups`
+                    LEFT OUTER JOIN `UserGroups` ON (
+                        `UserGroups`.`group_id` = `Groups`.`UID`
+                        AND `UserGroups`.`uid` = ?
+                    )
+                    WHERE `Groups`.`UID` >= ?
+                    ORDER BY `Groups`.`Name`
+                ',
+                [
+                    $user_id,
+                    $my_highest_group,
+                ]
+            );
+            foreach ($groups as $group) {
+                $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '" '
+                    . ($group['group_id'] != '' ? ' checked="checked"' : '')
+                    . ' /></td><td>' . $group['Name'] . '</td></tr>';
+            }
+
+            $html .= '</table><br>';
+
+            $html .= '<input type="submit" value="Speichern" class="btn btn-primary">' . "\n";
+            $html .= '</form>';
+
+            $html .= '<hr />';
+        }
+
+        $html .= buttons([
+            button(user_delete_link($user_source), glyph('lock') . _('delete'), 'btn-danger')
+        ]);
+
+        $html .= "<hr />";
+    } else {
+        switch ($_REQUEST['action']) {
+            case 'save_groups':
+                if ($user_id != $user['UID']) {
+                    $my_highest_group = DB::select(
+                        'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
+                        [$user['UID']]
+                    );
+                    $his_highest_group = DB::select(
+                        'SELECT * FROM `UserGroups` WHERE `uid`=? ORDER BY `group_id`',
+                        [$user_id]
+                    );
+
+                    if (
+                        count($my_highest_group) > 0
+                        && (
+                            count($his_highest_group) == 0
+                            || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id'])
+                        )
+                    ) {
+                        $groups_source = DB::select('
+                                SELECT *
+                                FROM `Groups`
+                                LEFT OUTER JOIN `UserGroups` ON (
+                                    `UserGroups`.`group_id` = `Groups`.`UID`
+                                    AND `UserGroups`.`uid` = ?
+                                )
+                                WHERE `Groups`.`UID` >= ?
+                                ORDER BY `Groups`.`Name`
+                            ',
+                            [
+                                $user_id,
+                                $my_highest_group[0]['group_id'],
+                            ]
+                        );
+                        $groups = [];
+                        $grouplist = [];
+                        foreach ($groups_source as $group) {
+                            $groups[$group['UID']] = $group;
+                            $grouplist[] = $group['UID'];
+                        }
+
+                        if (!is_array($_REQUEST['groups'])) {
+                            $_REQUEST['groups'] = [];
+                        }
+
+                        DB::delete('DELETE FROM `UserGroups` WHERE `uid`=?', [$user_id]);
+                        $user_groups_info = [];
+                        foreach ($_REQUEST['groups'] as $group) {
+                            if (in_array($group, $grouplist)) {
+                                DB::insert(
+                                    'INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, ?)',
+                                    [$user_id, $group]
+                                );
+                                $user_groups_info[] = $groups[$group]['Name'];
+                            }
+                        }
+                        $user_source = User($user_id);
+                        engelsystem_log(
+                            'Set groups of ' . User_Nick_render($user_source) . ' to: ' . join(', ', $user_groups_info)
+                        );
+                        $html .= success('Benutzergruppen gespeichert.', true);
+                    } else {
+                        $html .= error('Du kannst keine Engel mit mehr Rechten bearbeiten.', true);
+                    }
+                } else {
+                    $html .= error('Du kannst Deine eigenen Rechte nicht bearbeiten.', true);
+                }
+                break;
+
+            case 'save':
+                $force_active = $user['force_active'];
+                $user_source = User($user_id);
+                if (in_array('admin_active', $privileges)) {
+                    $force_active = $_REQUEST['force_active'];
+                }
+                $sql = '
+                    UPDATE `User` SET
+                      `Nick` = ?,
+                      `Name` = ?,
+                      `Vorname` = ?,
+                      `Telefon` = ?,
+                      `Handy` = ?,
+                      `Alter` =?,
+                      `DECT` = ?,
+                      ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($_POST["eemail"]) . ',' : '') . '
+                      `jabber` = ?,
+                      `Size` = ?,
+                      `Gekommen`= ?,
+                      `Aktiv`= ?,
+                      `force_active`= ?,
+                      `Tshirt` = ?,
+                      `Hometown` = ?
+                      WHERE `UID` = ?
+                      LIMIT 1';
+                DB::update($sql, [
+                    $_POST['eNick'],
+                    $_POST['eName'],
+                    $_POST['eVorname'],
+                    $_POST['eTelefon'],
+                    $_POST['eHandy'],
+                    $_POST['eAlter'],
+                    $_POST['eDECT'],
+                    $_POST['ejabber'],
+                    $_POST['eSize'],
+                    $_POST['eGekommen'],
+                    $_POST['eAktiv'],
+                    $force_active,
+                    $_POST['eTshirt'],
+                    $_POST['Hometown'],
+                    $user_id,
+                ]);
+                engelsystem_log(
+                    'Updated user: ' . $_POST['eNick'] . ', ' . $_POST['eSize']
+                    . ', arrived: ' . $_POST['eGekommen']
+                    . ', active: ' . $_POST['eAktiv']
+                    . ', tshirt: ' . $_POST['eTshirt']
+                );
+                $html .= success('Änderung wurde gespeichert...' . "\n", true);
+                break;
+
+            case 'change_pw':
+                if ($_REQUEST['new_pw'] != '' && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
+                    set_password($user_id, $_REQUEST['new_pw']);
+                    $user_source = User($user_id);
+                    engelsystem_log('Set new password for ' . User_Nick_render($user_source));
+                    $html .= success('Passwort neu gesetzt.', true);
+                } else {
+                    $html .= error('Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!', true);
+                }
+                break;
         }
-        break;
     }
-  }
-  
-  return page_with_title(_("Edit user"), [
-      $html 
-  ]);
+
+    return page_with_title(_('Edit user'), [
+        $html
+    ]);
 }
-?>

includes/pages/guest_credits.php

@@ -1,9 +1,17 @@
 <?php
-function credits_title() {
-  return _("Credits");
+
+/**
+ * @return string
+ */
+function credits_title()
+{
+    return _('Credits');
 }
 
-function guest_credits() {
-  return template_render(__DIR__ . '/../../templates/guest_credits.html', []);
+/**
+ * @return string
+ */
+function guest_credits()
+{
+    return template_render(__DIR__ . '/../../templates/guest_credits.html', []);
 }
-?>

includes/pages/guest_login.php

@@ -1,400 +1,492 @@
 <?php
 
-function login_title() {
-  return _("Login");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function login_title()
+{
+    return _('Login');
 }
 
-function register_title() {
-  return _("Register");
+/**
+ * @return string
+ */
+function register_title()
+{
+    return _('Register');
 }
 
-function logout_title() {
-  return _("Logout");
+/**
+ * @return string
+ */
+function logout_title()
+{
+    return _('Logout');
 }
 
-// Engel registrieren
-function guest_register() {
-  global $tshirt_sizes, $enable_tshirt_size, $default_theme, $user, $min_password_length;
-  
-  $event_config = EventConfig();
-  
-  $msg = "";
-  $nick = "";
-  $lastname = "";
-  $prename = "";
-  $age = "";
-  $tel = "";
-  $dect = "";
-  $mobile = "";
-  $mail = "";
-  $email_shiftinfo = false;
-  $email_by_human_allowed = false;
-  $jabber = "";
-  $hometown = "";
-  $comment = "";
-  $tshirt_size = '';
-  $password_hash = "";
-  $selected_angel_types = [];
-  $planned_arrival_date = null;
-  
-  $angel_types_source = AngelTypes();
-  $angel_types = [];
-  foreach ($angel_types_source as $angel_type) {
-    $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
-    if (! $angel_type['restricted']) {
-      $selected_angel_types[] = $angel_type['id'];
-    }
-  }
-  
-  if (isset($_REQUEST['submit'])) {
-    $valid = true;
-    
-    if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) {
-      $nick = User_validate_Nick($_REQUEST['nick']);
-      if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' LIMIT 1") > 0) {
-        $valid = false;
-        $msg .= error(sprintf(_("Your nick &quot;%s&quot; already exists."), $nick), true);
-      }
-    } else {
-      $valid = false;
-      $msg .= error(sprintf(_("Your nick &quot;%s&quot; is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true);
-    }
-    
-    if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
-      $mail = strip_request_item('mail');
-      if (! check_email($mail)) {
-        $valid = false;
-        $msg .= error(_("E-mail address is not correct."), true);
-      }
-    } else {
-      $valid = false;
-      $msg .= error(_("Please enter your e-mail."), true);
-    }
-    
-    if (isset($_REQUEST['email_shiftinfo'])) {
-      $email_shiftinfo = true;
-    }
-    
-    if (isset($_REQUEST['email_by_human_allowed'])) {
-      $email_by_human_allowed = true;
-    }
-    
-    if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
-      $jabber = strip_request_item('jabber');
-      if (! check_email($jabber)) {
-        $valid = false;
-        $msg .= error(_("Please check your jabber account information."), true);
-      }
-    }
-    
-    if ($enable_tshirt_size) {
-      if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') {
-        $tshirt_size = $_REQUEST['tshirt_size'];
-      } else {
-        $valid = false;
-        $msg .= error(_("Please select your shirt size."), true);
-      }
-    }
-    
-    if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
-      if ($_REQUEST['password'] != $_REQUEST['password2']) {
-        $valid = false;
-        $msg .= error(_("Your passwords don't match."), true);
-      }
-    } else {
-      $valid = false;
-      $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), $min_password_length), true);
-    }
-    
-    if (isset($_REQUEST['planned_arrival_date'])) {
-      $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00");
-      $result = User_validate_planned_arrival_date($tmp);
-      $planned_arrival_date = $result->getValue();
-      if (! $result->isValid()) {
-        $valid = false;
-        error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date."));
-      }
-    }
-    
+/**
+ * Engel registrieren
+ *
+ * @return string
+ */
+function guest_register()
+{
+    global $user;
+    $tshirt_sizes = config('tshirt_sizes');
+    $enable_tshirt_size = config('enable_tshirt_size');
+    $min_password_length = config('min_password_length');
+    $event_config = EventConfig();
+
+    $msg = '';
+    $nick = '';
+    $lastName = '';
+    $preName = '';
+    $age = '';
+    $tel = '';
+    $dect = '';
+    $mobile = '';
+    $mail = '';
+    $email_shiftinfo = false;
+    $email_by_human_allowed = false;
+    $jabber = '';
+    $hometown = '';
+    $comment = '';
+    $tshirt_size = '';
+    $password_hash = '';
     $selected_angel_types = [];
-    foreach (array_keys($angel_types) as $angel_type_id) {
-      if (isset($_REQUEST['angel_types_' . $angel_type_id])) {
-        $selected_angel_types[] = $angel_type_id;
-      }
-    }
-    
-    // Trivia
-    if (isset($_REQUEST['lastname'])) {
-      $lastname = strip_request_item('lastname');
-    }
-    if (isset($_REQUEST['prename'])) {
-      $prename = strip_request_item('prename');
-    }
-    if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) {
-      $age = strip_request_item('age');
-    }
-    if (isset($_REQUEST['tel'])) {
-      $tel = strip_request_item('tel');
-    }
-    if (isset($_REQUEST['dect'])) {
-      $dect = strip_request_item('dect');
-    }
-    if (isset($_REQUEST['mobile'])) {
-      $mobile = strip_request_item('mobile');
-    }
-    if (isset($_REQUEST['hometown'])) {
-      $hometown = strip_request_item('hometown');
-    }
-    if (isset($_REQUEST['comment'])) {
-      $comment = strip_request_item_nl('comment');
-    }
-    
-    if ($valid) {
-      sql_query("
-          INSERT INTO `User` SET 
-          `color`='" . sql_escape($default_theme) . "', 
-          `Nick`='" . sql_escape($nick) . "', 
-          `Vorname`='" . sql_escape($prename) . "', 
-          `Name`='" . sql_escape($lastname) . "', 
-          `Alter`='" . sql_escape($age) . "', 
-          `Telefon`='" . sql_escape($tel) . "', 
-          `DECT`='" . sql_escape($dect) . "', 
-          `Handy`='" . sql_escape($mobile) . "', 
-          `email`='" . sql_escape($mail) . "', 
-          `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", 
-          `email_by_human_allowed`=" . sql_bool($email_by_human_allowed) . ",
-          `jabber`='" . sql_escape($jabber) . "',
-          `Size`='" . sql_escape($tshirt_size) . "', 
-          `Passwort`='" . sql_escape($password_hash) . "', 
-          `kommentar`='" . sql_escape($comment) . "', 
-          `Hometown`='" . sql_escape($hometown) . "', 
-          `CreateDate`=NOW(), 
-          `Sprache`='" . sql_escape($_SESSION["locale"]) . "',
-          `arrival_date`=NULL,
-          `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'");
-      
-      // Assign user-group and set password
-      $user_id = sql_id();
-      sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2");
-      set_password($user_id, $_REQUEST['password']);
-      
-      // Assign angel-types
-      $user_angel_types_info = [];
-      foreach ($selected_angel_types as $selected_angel_type_id) {
-        sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'");
-        $user_angel_types_info[] = $angel_types[$selected_angel_type_id];
-      }
-      
-      engelsystem_log("User " . User_Nick_render(User($user_id)) . " signed up as: " . join(", ", $user_angel_types_info));
-      success(_("Angel registration successful!"));
-      
-      // User is already logged in - that means a supporter has registered an angel. Return to register page.
-      if (isset($user)) {
-        redirect(page_link_to('register'));
-      }
-      
-      // If a welcome message is present, display registration success page.
-      if ($event_config != null && $event_config['event_welcome_msg'] != null) {
-        return User_registration_success_view($event_config['event_welcome_msg']);
-      }
-      
-      redirect('?');
-    }
-  }
-  
-  $buildup_start_date = time();
-  $teardown_end_date = null;
-  if ($event_config != null) {
-    if (isset($event_config['buildup_start_date'])) {
-      $buildup_start_date = $event_config['buildup_start_date'];
-    }
-    if(isset($event_config['teardown_end_date'])) {
-      $teardown_end_date = $event_config['teardown_end_date'];
-    }
-  }
-  
-  return page_with_title(register_title(), [
-      _("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task scheduler."),
-      $msg,
-      msg(),
-      form([
-          div('row', [
-              div('col-md-6', [
-                  div('row', [
-                      div('col-sm-4', [
-                          form_text('nick', _("Nick") . ' ' . entry_required(), $nick) 
-                      ]),
-                      div('col-sm-8', [
-                          form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail),
-                          form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $email_shiftinfo),
-                          form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $email_by_human_allowed) 
-                      ]) 
-                  ]),
-                  div('row', [
-                      div('col-sm-6', [
-                          form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, $buildup_start_date, $teardown_end_date) 
-                      ]),
-                      div('col-sm-6', [
-                          $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '' 
-                      ]) 
-                  ]),
-                  div('row', [
-                      div('col-sm-6', [
-                          form_password('password', _("Password") . ' ' . entry_required()) 
-                      ]),
-                      div('col-sm-6', [
-                          form_password('password2', _("Confirm password") . ' ' . entry_required()) 
-                      ]) 
-                  ]),
-                  form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types),
-                  form_info("", _("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.")) 
-              ]),
-              div('col-md-6', [
-                  div('row', [
-                      div('col-sm-4', [
-                          form_text('dect', _("DECT"), $dect) 
-                      ]),
-                      div('col-sm-4', [
-                          form_text('mobile', _("Mobile"), $mobile) 
-                      ]),
-                      div('col-sm-4', [
-                          form_text('tel', _("Phone"), $tel) 
-                      ]) 
-                  ]),
-                  form_text('jabber', _("Jabber"), $jabber),
-                  div('row', [
-                      div('col-sm-6', [
-                          form_text('prename', _("First name"), $prename) 
-                      ]),
-                      div('col-sm-6', [
-                          form_text('lastname', _("Last name"), $lastname) 
-                      ]) 
-                  ]),
-                  div('row', [
-                      div('col-sm-3', [
-                          form_text('age', _("Age"), $age) 
-                      ]),
-                      div('col-sm-9', [
-                          form_text('hometown', _("Hometown"), $hometown) 
-                      ]) 
-                  ]),
-                  form_info(entry_required() . ' = ' . _("Entry required!")) 
-              ]) 
-          ]),
-          // form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment),
-          form_submit('submit', _("Register")) 
-      ]) 
-  ]);
-}
+    $planned_arrival_date = null;
 
-function entry_required() {
-  return '<span class="text-info glyphicon glyphicon-warning-sign"></span>';
-}
-
-function guest_logout() {
-  session_destroy();
-  redirect(page_link_to("start"));
-}
-
-function guest_login() {
-  $nick = "";
-  
-  unset($_SESSION['uid']);
-  $valid = true;
-  
-  if (isset($_REQUEST['submit'])) {
-    
-    if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
-      $nick = User_validate_Nick($_REQUEST['nick']);
-      $login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "'");
-      if (count($login_user) > 0) {
-        $login_user = $login_user[0];
-        if (isset($_REQUEST['password'])) {
-          if (! verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
-            $valid = false;
-            error(_("Your password is incorrect.  Please try it again."));
-          }
-        } else {
-          $valid = false;
-          error(_("Please enter a password."));
+    $angel_types_source = AngelTypes();
+    $angel_types = [];
+    foreach ($angel_types_source as $angel_type) {
+        $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? ' (restricted)' : '');
+        if (!$angel_type['restricted']) {
+            $selected_angel_types[] = $angel_type['id'];
         }
-      } else {
-        $valid = false;
-        error(_("No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher."));
-      }
-    } else {
-      $valid = false;
-      error(_("Please enter a nickname."));
     }
-    
-    if ($valid) {
-      $_SESSION['uid'] = $login_user['UID'];
-      $_SESSION['locale'] = $login_user['Sprache'];
-      
-      redirect(page_link_to('news'));
+
+    foreach ($tshirt_sizes as $key => $size) {
+        if (empty($size)) {
+            unset($tshirt_sizes[$key]);
+        }
     }
-  }
-  
-  $event_config = EventConfig();
-  
-  return page([
-      div('col-md-12', [
-          div('row', [
-              EventConfig_countdown_page($event_config) 
-          ]),
-          div('row', [
-              div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [
-                  div('panel panel-primary first', [
-                      div('panel-heading', [
-                          '<span class="icon-icon_angel"></span> ' . _("Login") 
-                      ]),
-                      div('panel-body', [
-                          msg(),
-                          form([
-                              form_text_placeholder('nick', _("Nick"), $nick),
-                              form_password_placeholder('password', _("Password")),
-                              form_submit('submit', _("Login")),
-                              ! $valid ? buttons([
-                                  button(page_link_to('user_password_recovery'), _("I forgot my password")) 
-                              ]) : '' 
-                          ]) 
-                      ]),
-                      div('panel-footer', [
-                          glyph('info-sign') . _("Please note: You have to activate cookies!") 
-                      ]) 
-                  ]) 
-              ]) 
-          ]),
-          div('row', [
-              div('col-sm-6 text-center', [
-                  heading(register_title(), 2),
-                  get_register_hint() 
-              ]),
-              div('col-sm-6 text-center', [
-                  heading(_("What can I do?"), 2),
-                  '<p>' . _("Please read about the jobs you can do to help us.") . '</p>',
-                  buttons([
-                      button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' &raquo;') 
-                  ]) 
-              ]) 
-          ]) 
-      ]) 
-  ]);
+
+    if (isset($_REQUEST['submit'])) {
+        $valid = true;
+
+        if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) {
+            $nick = User_validate_Nick($_REQUEST['nick']);
+            if (count(DB::select('SELECT `UID` FROM `User` WHERE `Nick`=? LIMIT 1', [$nick])) > 0) {
+                $valid = false;
+                $msg .= error(sprintf(_('Your nick &quot;%s&quot; already exists.'), $nick), true);
+            }
+        } else {
+            $valid = false;
+            $msg .= error(sprintf(
+                _('Your nick &quot;%s&quot; is too short (min. 2 characters).'),
+                User_validate_Nick($_REQUEST['nick'])
+            ), true);
+        }
+
+        if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
+            $mail = strip_request_item('mail');
+            if (!check_email($mail)) {
+                $valid = false;
+                $msg .= error(_('E-mail address is not correct.'), true);
+            }
+        } else {
+            $valid = false;
+            $msg .= error(_('Please enter your e-mail.'), true);
+        }
+
+        if (isset($_REQUEST['email_shiftinfo'])) {
+            $email_shiftinfo = true;
+        }
+
+        if (isset($_REQUEST['email_by_human_allowed'])) {
+            $email_by_human_allowed = true;
+        }
+
+        if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
+            $jabber = strip_request_item('jabber');
+            if (!check_email($jabber)) {
+                $valid = false;
+                $msg .= error(_('Please check your jabber account information.'), true);
+            }
+        }
+
+        if ($enable_tshirt_size) {
+            if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') {
+                $tshirt_size = $_REQUEST['tshirt_size'];
+            } else {
+                $valid = false;
+                $msg .= error(_('Please select your shirt size.'), true);
+            }
+        }
+
+        if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
+            if ($_REQUEST['password'] != $_REQUEST['password2']) {
+                $valid = false;
+                $msg .= error(_('Your passwords don\'t match.'), true);
+            }
+        } else {
+            $valid = false;
+            $msg .= error(sprintf(
+                _('Your password is too short (please use at least %s characters).'),
+                $min_password_length
+            ), true);
+        }
+
+        if (isset($_REQUEST['planned_arrival_date'])) {
+            $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
+            $result = User_validate_planned_arrival_date($tmp);
+            $planned_arrival_date = $result->getValue();
+            if (!$result->isValid()) {
+                $valid = false;
+                error(_('Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.'));
+            }
+        }
+
+        $selected_angel_types = [];
+        foreach (array_keys($angel_types) as $angel_type_id) {
+            if (isset($_REQUEST['angel_types_' . $angel_type_id])) {
+                $selected_angel_types[] = $angel_type_id;
+            }
+        }
+
+        // Trivia
+        if (isset($_REQUEST['lastname'])) {
+            $lastName = strip_request_item('lastname');
+        }
+        if (isset($_REQUEST['prename'])) {
+            $preName = strip_request_item('prename');
+        }
+        if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) {
+            $age = strip_request_item('age');
+        }
+        if (isset($_REQUEST['tel'])) {
+            $tel = strip_request_item('tel');
+        }
+        if (isset($_REQUEST['dect'])) {
+            $dect = strip_request_item('dect');
+        }
+        if (isset($_REQUEST['mobile'])) {
+            $mobile = strip_request_item('mobile');
+        }
+        if (isset($_REQUEST['hometown'])) {
+            $hometown = strip_request_item('hometown');
+        }
+        if (isset($_REQUEST['comment'])) {
+            $comment = strip_request_item_nl('comment');
+        }
+
+        if ($valid) {
+            DB::insert('
+                    INSERT INTO `User` (
+                        `color`,
+                        `Nick`,
+                        `Vorname`,
+                        `Name`,
+                        `Alter`,
+                        `Telefon`,
+                        `DECT`,
+                        `Handy`,
+                        `email`,
+                        `email_shiftinfo`,
+                        `email_by_human_allowed`,
+                        `jabber`,
+                        `Size`,
+                        `Passwort`,
+                        `kommentar`,
+                        `Hometown`,
+                        `CreateDate`,
+                        `Sprache`,
+                        `arrival_date`,
+                        `planned_arrival_date`
+                    )
+                    VALUES  (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, NULL, ?)
+                ',
+                [
+                    config('theme'),
+                    $nick,
+                    $preName,
+                    $lastName,
+                    $age,
+                    $tel,
+                    $dect,
+                    $mobile,
+                    $mail,
+                    (bool)$email_shiftinfo,
+                    (bool)$email_by_human_allowed,
+                    $jabber,
+                    $tshirt_size,
+                    $password_hash,
+                    $comment,
+                    $hometown,
+                    $_SESSION['locale'],
+                    $planned_arrival_date,
+                ]
+            );
+
+            // Assign user-group and set password
+            $user_id = DB::getPdo()->lastInsertId();
+            DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]);
+            set_password($user_id, $_REQUEST['password']);
+
+            // Assign angel-types
+            $user_angel_types_info = [];
+            foreach ($selected_angel_types as $selected_angel_type_id) {
+                DB::insert(
+                    'INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES (?, ?)',
+                    [$user_id, $selected_angel_type_id]
+                );
+                $user_angel_types_info[] = $angel_types[$selected_angel_type_id];
+            }
+
+            engelsystem_log(
+                'User ' . User_Nick_render(User($user_id))
+                . ' signed up as: ' . join(', ', $user_angel_types_info)
+            );
+            success(_('Angel registration successful!'));
+
+            // User is already logged in - that means a supporter has registered an angel. Return to register page.
+            if (isset($user)) {
+                redirect(page_link_to('register'));
+            }
+
+            // If a welcome message is present, display registration success page.
+            if ($event_config != null && $event_config['event_welcome_msg'] != null) {
+                return User_registration_success_view($event_config['event_welcome_msg']);
+            }
+
+            redirect('?');
+        }
+    }
+
+    $buildup_start_date = time();
+    $teardown_end_date = null;
+    if ($event_config != null) {
+        if (isset($event_config['buildup_start_date'])) {
+            $buildup_start_date = $event_config['buildup_start_date'];
+        }
+        if (isset($event_config['teardown_end_date'])) {
+            $teardown_end_date = $event_config['teardown_end_date'];
+        }
+    }
+
+    return page_with_title(register_title(), [
+        _('By completing this form you\'re registering as a Chaos-Angel. This script will create you an account in the angel task scheduler.'),
+        $msg,
+        msg(),
+        form([
+            div('row', [
+                div('col-md-6', [
+                    div('row', [
+                        div('col-sm-4', [
+                            form_text('nick', _('Nick') . ' ' . entry_required(), $nick)
+                        ]),
+                        div('col-sm-8', [
+                            form_email('mail', _('E-Mail') . ' ' . entry_required(), $mail),
+                            form_checkbox(
+                                'email_shiftinfo',
+                                _('The engelsystem is allowed to send me an email (e.g. when my shifts change)'),
+                                $email_shiftinfo
+                            ),
+                            form_checkbox(
+                                'email_by_human_allowed',
+                                _('Humans are allowed to send me an email (e.g. for ticket vouchers)'),
+                                $email_by_human_allowed
+                            )
+                        ])
+                    ]),
+                    div('row', [
+                        div('col-sm-6', [
+                            form_date(
+                                'planned_arrival_date',
+                                _('Planned date of arrival') . ' ' . entry_required(),
+                                $planned_arrival_date, $buildup_start_date, $teardown_end_date
+                            )
+                        ]),
+                        div('col-sm-6', [
+                            $enable_tshirt_size ? form_select('tshirt_size',
+                                _('Shirt size') . ' ' . entry_required(),
+                                $tshirt_sizes, $tshirt_size) : ''
+                        ])
+                    ]),
+                    div('row', [
+                        div('col-sm-6', [
+                            form_password('password', _('Password') . ' ' . entry_required())
+                        ]),
+                        div('col-sm-6', [
+                            form_password('password2', _('Confirm password') . ' ' . entry_required())
+                        ])
+                    ]),
+                    form_checkboxes(
+                        'angel_types',
+                        _('What do you want to do?') . sprintf(
+                            ' (<a href="%s">%s</a>)',
+                            page_link_to('angeltypes') . '&action=about',
+                            _('Description of job types')
+                        ),
+                        $angel_types,
+                        $selected_angel_types
+                    ),
+                    form_info(
+                        '',
+                        _('Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.')
+                    )
+                ]),
+                div('col-md-6', [
+                    div('row', [
+                        div('col-sm-4', [
+                            form_text('dect', _('DECT'), $dect)
+                        ]),
+                        div('col-sm-4', [
+                            form_text('mobile', _('Mobile'), $mobile)
+                        ]),
+                        div('col-sm-4', [
+                            form_text('tel', _('Phone'), $tel)
+                        ])
+                    ]),
+                    form_text('jabber', _('Jabber'), $jabber),
+                    div('row', [
+                        div('col-sm-6', [
+                            form_text('prename', _('First name'), $preName)
+                        ]),
+                        div('col-sm-6', [
+                            form_text('lastname', _('Last name'), $lastName)
+                        ])
+                    ]),
+                    div('row', [
+                        div('col-sm-3', [
+                            form_text('age', _('Age'), $age)
+                        ]),
+                        div('col-sm-9', [
+                            form_text('hometown', _('Hometown'), $hometown)
+                        ])
+                    ]),
+                    form_info(entry_required() . ' = ' . _('Entry required!'))
+                ])
+            ]),
+            // form_textarea('comment', _('Did you help at former CCC events and which tasks have you performed then?'), $comment),
+            form_submit('submit', _('Register'))
+        ])
+    ]);
 }
 
-function get_register_hint() {
-  global $privileges;
-  
-  if (in_array('register', $privileges)) {
-    return join('', [
-        '<p>' . _("Please sign up, if you want to help us!") . '</p>',
-        buttons([
-            button(page_link_to('register'), register_title() . ' &raquo;') 
-        ]) 
-    ]);
-  }
-  
-  //FIXME: return error(_("Registration is disabled."), true);
-  return error("Registration is <a href='https://engelsystem.de/33c3/overwhelmed.html'>disabled</a>.", true);
+function entry_required()
+{
+    return '<span class="text-info glyphicon glyphicon-warning-sign"></span>';
+}
+
+function guest_logout()
+{
+    session_destroy();
+    redirect(page_link_to('start'));
+    return true;
+}
+
+function guest_login()
+{
+    $nick = '';
+
+    unset($_SESSION['uid']);
+    $valid = true;
+
+    if (isset($_REQUEST['submit'])) {
+        if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
+            $nick = User_validate_Nick($_REQUEST['nick']);
+            $login_user = DB::select('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
+            if (count($login_user) > 0) {
+                $login_user = $login_user[0];
+                if (isset($_REQUEST['password'])) {
+                    if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
+                        $valid = false;
+                        error(_('Your password is incorrect.  Please try it again.'));
+                    }
+                } else {
+                    $valid = false;
+                    error(_('Please enter a password.'));
+                }
+            } else {
+                $valid = false;
+                error(_('No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher.'));
+            }
+        } else {
+            $valid = false;
+            error(_('Please enter a nickname.'));
+        }
+
+        if ($valid && !empty($login_user)) {
+            $_SESSION['uid'] = $login_user['UID'];
+            $_SESSION['locale'] = $login_user['Sprache'];
+
+            redirect(page_link_to('news'));
+        }
+    }
+
+    $event_config = EventConfig();
+
+    return page([
+        div('col-md-12', [
+            div('row', [
+                EventConfig_countdown_page($event_config)
+            ]),
+            div('row', [
+                div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [
+                    div('panel panel-primary first', [
+                        div('panel-heading', [
+                            '<span class="icon-icon_angel"></span> ' . _('Login')
+                        ]),
+                        div('panel-body', [
+                            msg(),
+                            form([
+                                form_text_placeholder('nick', _('Nick'), $nick),
+                                form_password_placeholder('password', _('Password')),
+                                form_submit('submit', _('Login')),
+                                !$valid ? buttons([
+                                    button(page_link_to('user_password_recovery'), _('I forgot my password'))
+                                ]) : ''
+                            ])
+                        ]),
+                        div('panel-footer', [
+                            glyph('info-sign') . _('Please note: You have to activate cookies!')
+                        ])
+                    ])
+                ])
+            ]),
+            div('row', [
+                div('col-sm-6 text-center', [
+                    heading(register_title(), 2),
+                    get_register_hint()
+                ]),
+                div('col-sm-6 text-center', [
+                    heading(_('What can I do?'), 2),
+                    '<p>' . _('Please read about the jobs you can do to help us.') . '</p>',
+                    buttons([
+                        button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description') . ' &raquo;')
+                    ])
+                ])
+            ])
+        ])
+    ]);
+}
+
+function get_register_hint()
+{
+    global $privileges;
+
+    if (in_array('register', $privileges)) {
+        return join('', [
+            '<p>' . _('Please sign up, if you want to help us!') . '</p>',
+            buttons([
+                button(page_link_to('register'), register_title() . ' &raquo;')
+            ])
+        ]);
+    }
+
+    //FIXME: return error(_('Registration is disabled.'), true);
+    return error('Registration is <a href="https://engelsystem.de/33c3/overwhelmed.html">disabled</a>.', true);
 }
-?>

includes/pages/guest_start.php

@@ -1,5 +1,6 @@
 <?php
-function guest_start() {
-  redirect(page_link_to('login'));
+function guest_start()
+{
+    redirect(page_link_to('login'));
+    return true;
 }
-?>

includes/pages/guest_stats.php

@@ -1,35 +1,48 @@
 <?php
 
-function guest_stats() {
-  global $api_key;
-  
-  if (isset($_REQUEST['api_key'])) {
-    if ($_REQUEST['api_key'] == $api_key) {
-      $stats = [];
-      
-      list($user_count) = sql_select("SELECT count(*) as `user_count` FROM `User`");
-      $stats['user_count'] = $user_count['user_count'];
-      
-      list($arrived_user_count) = sql_select("SELECT count(*) as `user_count` FROM `User` WHERE `Gekommen`=1");
-      $stats['arrived_user_count'] = $arrived_user_count['user_count'];
-      
-      $done_shifts_seconds = sql_select_single_cell("SELECT SUM(`Shifts`.`end` - `Shifts`.`start`) FROM `ShiftEntry` JOIN `Shifts` USING (`SID`) WHERE `Shifts`.`end` < UNIX_TIMESTAMP()");
-      $stats['done_work_hours'] = round($done_shifts_seconds / (60 * 60), 0);
-      
-      $users_in_action = sql_select("SELECT `Shifts`.`start`, `Shifts`.`end` FROM `ShiftEntry` JOIN `Shifts` ON `Shifts`.`SID`=`ShiftEntry`.`SID` WHERE UNIX_TIMESTAMP() BETWEEN `Shifts`.`start` AND `Shifts`.`end`");
-      $stats['users_in_action'] = count($users_in_action);
-      
-      header("Content-Type: application/json");
-      raw_output(json_encode($stats));
-      return;
+use Engelsystem\Database\DB;
+
+function guest_stats()
+{
+    $apiKey = config('api_key');
+
+    if (isset($_REQUEST['api_key'])) {
+        if ($_REQUEST['api_key'] == $apiKey && !empty($apiKey)) {
+            $stats = [];
+
+            list($user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User`');
+            $stats['user_count'] = $user_count['user_count'];
+
+            list($arrived_user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User` WHERE `Gekommen`=1');
+            $stats['arrived_user_count'] = $arrived_user_count['user_count'];
+
+            $done_shifts_seconds = DB::select('
+                SELECT SUM(`Shifts`.`end` - `Shifts`.`start`)
+                FROM `ShiftEntry`
+                JOIN `Shifts` USING (`SID`)
+                WHERE `Shifts`.`end` < UNIX_TIMESTAMP()
+            ');
+            $done_shifts_seconds = array_shift($done_shifts_seconds);
+            $done_shifts_seconds = (int)array_shift($done_shifts_seconds);
+            $stats['done_work_hours'] = round($done_shifts_seconds / (60 * 60), 0);
+
+            $users_in_action = DB::select('
+                SELECT `Shifts`.`start`, `Shifts`.`end`
+                FROM `ShiftEntry`
+                JOIN `Shifts` ON `Shifts`.`SID`=`ShiftEntry`.`SID`
+                WHERE UNIX_TIMESTAMP() BETWEEN `Shifts`.`start` AND `Shifts`.`end`
+            ');
+            $stats['users_in_action'] = count($users_in_action);
+
+            header('Content-Type: application/json');
+            raw_output(json_encode($stats));
+            return;
+        }
+        raw_output(json_encode([
+            'error' => 'Wrong api_key.'
+        ]));
     }
     raw_output(json_encode([
-        'error' => "Wrong api_key." 
+        'error' => 'Missing parameter api_key.'
     ]));
-  }
-  raw_output(json_encode([
-      'error' => "Missing parameter api_key." 
-  ]));
 }
-
-?>

includes/pages/user_atom.php

@@ -1,51 +1,73 @@
 <?php
 
-// publically available page to feed the news to feedreaders
-function user_atom() {
-  global $user, $DISPLAY_NEWS;
-  
-  if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) {
-    engelsystem_error("Missing key.");
-  }
-  $key = $_REQUEST['key'];
-  
-  $user = User_by_api_key($key);
-  if ($user == null) {
-    engelsystem_error("Key invalid.");
-  }
-  if (! in_array('atom', privileges_for_user($user['UID']))) {
-    engelsystem_error("No privilege for atom.");
-  }
-  
-  $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS));
-  
-  $output = make_atom_entries_from_news($news);
-  
-  header('Content-Type: application/atom+xml; charset=utf-8');
-  header("Content-Length: " . strlen($output));
-  raw_output($output);
+use Engelsystem\Database\DB;
+
+/**
+ * Publically available page to feed the news to feedreaders
+ */
+function user_atom()
+{
+    global $user;
+
+    if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
+        engelsystem_error('Missing key.');
+    }
+    $key = $_REQUEST['key'];
+
+    $user = User_by_api_key($key);
+    if ($user == null) {
+        engelsystem_error('Key invalid.');
+    }
+    if (!in_array('atom', privileges_for_user($user['UID']))) {
+        engelsystem_error('No privilege for atom.');
+    }
+
+    $news = DB::select('
+        SELECT *
+        FROM `News`
+        ' . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . '
+        ORDER BY `ID`
+        DESC LIMIT ' . (int)config('display_news')
+    );
+
+    $output = make_atom_entries_from_news($news);
+
+    header('Content-Type: application/atom+xml; charset=utf-8');
+    header('Content-Length: ' . strlen($output));
+    raw_output($output);
 }
 
-function make_atom_entries_from_news($news_entries) {
-  $html = '<?xml version="1.0" encoding="utf-8"?>
+/**
+ * @param array[] $news_entries
+ * @return string
+ */
+function make_atom_entries_from_news($news_entries)
+{
+    $html = '<?xml version="1.0" encoding="utf-8"?>
   <feed xmlns="http://www.w3.org/2005/Atom">
   <title>Engelsystem</title>
-  <id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id>
-  <updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . "</updated>\n";
-  foreach ($news_entries as $news_entry) {
-    $html .= make_atom_entry_from_news($news_entry);
-  }
-  $html .= "</feed>";
-  return $html;
+  <id>' . $_SERVER['HTTP_HOST']
+        . htmlspecialchars(preg_replace(
+            '#[&?]key=[a-f\d]{32}#',
+            '',
+            $_SERVER['REQUEST_URI']
+        ))
+        . '</id>
+  <updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . '</updated>' . "\n";
+    foreach ($news_entries as $news_entry) {
+        $html .= make_atom_entry_from_news($news_entry);
+    }
+    $html .= '</feed>';
+    return $html;
 }
 
-function make_atom_entry_from_news($news_entry) {
-  return "  <entry>
-    <title>" . htmlspecialchars($news_entry['Betreff']) . "</title>
-    <link href=\"" . page_link_to_absolute("news_comments&amp;nid=") . "${news_entry['ID']}\"/>
-      <id>" . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-${news_entry['ID']}</id>
-      <updated>" . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . "</updated>
-    <summary type=\"html\">" . htmlspecialchars($news_entry['Text']) . "</summary>
-    </entry>\n";
+function make_atom_entry_from_news($news_entry)
+{
+    return '  <entry>
+    <title>' . htmlspecialchars($news_entry['Betreff']) . '</title>
+    <link href="' . page_link_to_absolute('news_comments&amp;nid=') . $news_entry['ID'] . '"/>
+      <id>' . preg_replace('#^https?://#', '', page_link_to_absolute('news')) . '-' . $news_entry['ID'] . '</id>
+      <updated>' . date('Y-m-d\TH:i:sP', $news_entry['Datum']) . '</updated>
+    <summary type="html">' . htmlspecialchars($news_entry['Text']) . '</summary>
+    </entry>' . "\n";
 }
-?>

includes/pages/user_ical.php

@@ -3,61 +3,66 @@
 /**
  * Controller for ical output of users own shifts or any user_shifts filter.
  */
-function user_ical() {
-  global $user;
-  
-  if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) {
-    engelsystem_error("Missing key.");
-  }
-  $key = $_REQUEST['key'];
-  
-  $user = User_by_api_key($key);
-  if ($user == null) {
-    engelsystem_error("Key invalid.");
-  }
-  
-  if (! in_array('ical', privileges_for_user($user['UID']))) {
-    engelsystem_error("No privilege for ical.");
-  }
-  
-  $ical_shifts = load_ical_shifts();
-  
-  send_ical_from_shifts($ical_shifts);
+function user_ical()
+{
+    global $user;
+
+    if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
+        engelsystem_error('Missing key.');
+    }
+    $key = $_REQUEST['key'];
+
+    $user = User_by_api_key($key);
+    if ($user == null) {
+        engelsystem_error('Key invalid.');
+    }
+
+    if (!in_array('ical', privileges_for_user($user['UID']))) {
+        engelsystem_error('No privilege for ical.');
+    }
+
+    $ical_shifts = load_ical_shifts();
+
+    send_ical_from_shifts($ical_shifts);
 }
 
 /**
  * Renders an ical calender from given shifts array.
  *
- * @param array<Shift> $shifts          
+ * @param array <Shift> $shifts
  */
-function send_ical_from_shifts($shifts) {
-  header("Content-Type: text/calendar; charset=utf-8");
-  $output = "BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:-//-//Engelsystem//DE\r\nCALSCALE:GREGORIAN\r\n";
-  foreach ($shifts as $shift) {
-    $output .= make_ical_entry_from_shift($shift);
-  }
-  $output .= "END:VCALENDAR\r\n";
-  $output = trim($output, "\x0A");
-  header("Content-Length: " . strlen($output));
-  raw_output($output);
+function send_ical_from_shifts($shifts)
+{
+    header('Content-Type: text/calendar; charset=utf-8');
+    header('Content-Disposition: attachment; filename=shifts.ics');
+    $output = "BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:-//-//Engelsystem//DE\r\nCALSCALE:GREGORIAN\r\n";
+    foreach ($shifts as $shift) {
+        $output .= make_ical_entry_from_shift($shift);
+    }
+    $output .= "END:VCALENDAR\r\n";
+    $output = trim($output, "\x0A");
+    header('Content-Length: ' . strlen($output));
+    raw_output($output);
 }
 
 /**
  * Renders an ical vevent from given shift.
  *
- * @param Shift $shift          
+ * @param array $shift
+ * @return string
  */
-function make_ical_entry_from_shift($shift) {
-  $output = "BEGIN:VEVENT\r\n";
-  $output .= "UID:" . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n";
-  $output .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name']) . " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n";
-  if (isset($shift['Comment'])) {
-    $output .= "DESCRIPTION:" . str_replace("\n", "\\n", $shift['Comment']) . "\r\n";
-  }
-  $output .= "DTSTART;TZID=Europe/Berlin:" . date("Ymd\THis", $shift['start']) . "\r\n";
-  $output .= "DTEND;TZID=Europe/Berlin:" . date("Ymd\THis", $shift['end']) . "\r\n";
-  $output .= "LOCATION:" . $shift['Name'] . "\r\n";
-  $output .= "END:VEVENT\r\n";
-  return $output;
+function make_ical_entry_from_shift($shift)
+{
+    $output = "BEGIN:VEVENT\r\n";
+    $output .= 'UID:' . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n";
+    $output .= 'SUMMARY:' . str_replace("\n", "\\n", $shift['name'])
+        . ' (' . str_replace("\n", "\\n", $shift['title']) . ")\r\n";
+    if (isset($shift['Comment'])) {
+        $output .= 'DESCRIPTION:' . str_replace("\n", "\\n", $shift['Comment']) . "\r\n";
+    }
+    $output .= 'DTSTART;TZID=Europe/Berlin:' . date("Ymd\THis", $shift['start']) . "\r\n";
+    $output .= 'DTEND;TZID=Europe/Berlin:' . date("Ymd\THis", $shift['end']) . "\r\n";
+    $output .= 'LOCATION:' . $shift['Name'] . "\r\n";
+    $output .= "END:VEVENT\r\n";
+    return $output;
 }
-?>

includes/pages/user_messages.php

@@ -1,131 +1,180 @@
 <?php
 
-function messages_title() {
-  return _("Messages");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function messages_title()
+{
+    return _('Messages');
 }
 
-function user_unread_messages() {
-  global $user;
-  
-  if (isset($user)) {
-    $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
-    if ($new_messages > 0) {
-      return ' <span class="badge danger">' . $new_messages . '</span>';
+/**
+ * @return string
+ */
+function user_unread_messages()
+{
+    global $user;
+
+    if (isset($user)) {
+        $new_messages = count(DB::select(
+            'SELECT `id` FROM `Messages` WHERE isRead=\'N\' AND `RUID`=?',
+            [$user['UID']]
+        ));
+        if ($new_messages > 0) {
+            return ' <span class="badge danger">' . $new_messages . '</span>';
+        }
     }
-  }
-  return '';
+    return '';
 }
 
-function user_messages() {
-  global $user;
-  
-  if (! isset($_REQUEST['action'])) {
-    $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
-    
-    $to_select_data = [
-        "" => _("Select recipient...") 
-    ];
-    
-    foreach ($users as $u) {
-      $to_select_data[$u['UID']] = $u['Nick'];
+/**
+ * @return string
+ */
+function user_messages()
+{
+    global $user;
+
+    if (!isset($_REQUEST['action'])) {
+        $users = DB::select(
+            'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`',
+            [$user['UID']]
+        );
+
+        $to_select_data = [
+            '' => _('Select recipient...')
+        ];
+
+        foreach ($users as $u) {
+            $to_select_data[$u['UID']] = $u['Nick'];
+        }
+
+        $to_select = html_select_key('to', 'to', $to_select_data, '');
+
+        $messages = DB::select('
+            SELECT *
+            FROM `Messages`
+            WHERE `SUID`=?
+            OR `RUID`=?
+            ORDER BY `isRead`,`Datum` DESC
+        ',
+            [
+                $user['UID'],
+                $user['UID'],
+            ]
+        );
+
+        $messages_table = [
+            [
+                'news'      => '',
+                'timestamp' => date('Y-m-d H:i'),
+                'from'      => User_Nick_render($user),
+                'to'        => $to_select,
+                'text'      => form_textarea('text', '', ''),
+                'actions'   => form_submit('submit', _('Save'))
+            ]
+        ];
+
+        foreach ($messages as $message) {
+            $sender_user_source = User($message['SUID']);
+            $receiver_user_source = User($message['RUID']);
+
+            $messages_table_entry = [
+                'new'       => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',
+                'timestamp' => date('Y-m-d H:i', $message['Datum']),
+                'from'      => User_Nick_render($sender_user_source),
+                'to'        => User_Nick_render($receiver_user_source),
+                'text'      => str_replace("\n", '<br />', $message['Text'])
+            ];
+
+            if ($message['RUID'] == $user['UID']) {
+                if ($message['isRead'] == 'N') {
+                    $messages_table_entry['actions'] = button(
+                        page_link_to('user_messages') . '&action=read&id=' . $message['id'],
+                        _('mark as read'),
+                        'btn-xs'
+                    );
+                }
+            } else {
+                $messages_table_entry['actions'] = button(
+                    page_link_to('user_messages') . '&action=delete&id=' . $message['id'],
+                    _('delete message'),
+                    'btn-xs'
+                );
+            }
+            $messages_table[] = $messages_table_entry;
+        }
+
+        return page_with_title(messages_title(), [
+            msg(),
+            sprintf(_('Hello %s, here can you leave messages for other angels'), User_Nick_render($user)),
+            form([
+                table([
+                    'new'       => _('New'),
+                    'timestamp' => _('Date'),
+                    'from'      => _('Transmitted'),
+                    'to'        => _('Recipient'),
+                    'text'      => _('Message'),
+                    'actions'   => ''
+                ], $messages_table)
+            ], page_link_to('user_messages') . '&action=send')
+        ]);
+    } else {
+        switch ($_REQUEST['action']) {
+            case 'read':
+                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
+                    $message_id = $_REQUEST['id'];
+                } else {
+                    return error(_('Incomplete call, missing Message ID.'), true);
+                }
+
+                $message = DB::select(
+                    'SELECT `RUID` FROM `Messages` WHERE `id`=? LIMIT 1',
+                    [$message_id]
+                );
+                if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
+                    DB::update(
+                        'UPDATE `Messages` SET `isRead`=\'Y\' WHERE `id`=? LIMIT 1',
+                        [$message_id]
+                    );
+                    redirect(page_link_to('user_messages'));
+                } else {
+                    return error(_('No Message found.'), true);
+                }
+                break;
+
+            case 'delete':
+                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
+                    $message_id = $_REQUEST['id'];
+                } else {
+                    return error(_('Incomplete call, missing Message ID.'), true);
+                }
+
+                $message = DB::select(
+                    'SELECT `SUID` FROM `Messages` WHERE `id`=? LIMIT 1',
+                    [$message_id]
+                );
+                if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
+                    DB::delete('DELETE FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]);
+                    redirect(page_link_to('user_messages'));
+                } else {
+                    return error(_('No Message found.'), true);
+                }
+                break;
+
+            case 'send':
+                if (Message_send($_REQUEST['to'], $_REQUEST['text'])) {
+                    redirect(page_link_to('user_messages'));
+                } else {
+                    return error(_('Transmitting was terminated with an Error.'), true);
+                }
+                break;
+
+            default:
+                return error(_('Wrong action.'), true);
+        }
     }
-    
-    $to_select = html_select_key('to', 'to', $to_select_data, '');
-    
-    $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");
-    
-    $messages_table = [
-        [
-            'news' => '',
-            'timestamp' => date("Y-m-d H:i"),
-            'from' => User_Nick_render($user),
-            'to' => $to_select,
-            'text' => form_textarea('text', '', ''),
-            'actions' => form_submit('submit', _("Save")) 
-        ] 
-    ];
-    
-    foreach ($messages as $message) {
-      $sender_user_source = User($message['SUID']);
-      $receiver_user_source = User($message['RUID']);
-      
-      $messages_table_entry = [
-          'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',
-          'timestamp' => date("Y-m-d H:i", $message['Datum']),
-          'from' => User_Nick_render($sender_user_source),
-          'to' => User_Nick_render($receiver_user_source),
-          'text' => str_replace("\n", '<br />', $message['Text']) 
-      ];
-      
-      if ($message['RUID'] == $user['UID']) {
-        if ($message['isRead'] == 'N') {
-          $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs');
-        }
-      } else {
-        $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs');
-      }
-      $messages_table[] = $messages_table_entry;
-    }
-    
-    return page_with_title(messages_title(), [
-        msg(),
-        sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)),
-        form([
-            table([
-                'new' => _("New"),
-                'timestamp' => _("Date"),
-                'from' => _("Transmitted"),
-                'to' => _("Recipient"),
-                'text' => _("Message"),
-                'actions' => '' 
-            ], $messages_table) 
-        ], page_link_to('user_messages') . '&action=send') 
-    ]);
-  } else {
-    switch ($_REQUEST['action']) {
-      case "read":
-        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $message_id = $_REQUEST['id'];
-        } else {
-          return error(_("Incomplete call, missing Message ID."), true);
-        }
-        
-        $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
-        if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
-          sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
-          redirect(page_link_to("user_messages"));
-        } else {
-          return error(_("No Message found."), true);
-        }
-        break;
-      
-      case "delete":
-        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $message_id = $_REQUEST['id'];
-        } else {
-          return error(_("Incomplete call, missing Message ID."), true);
-        }
-        
-        $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
-        if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
-          sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
-          redirect(page_link_to("user_messages"));
-        } else {
-          return error(_("No Message found."), true);
-        }
-        break;
-      
-      case "send":
-        if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
-          redirect(page_link_to("user_messages"));
-        } else {
-          return error(_("Transmitting was terminated with an Error."), true);
-        }
-        break;
-      
-      default:
-        return error(_("Wrong action."), true);
-    }
-  }
+
+    return '';
 }
-?>

includes/pages/user_myshifts.php

@@ -1,118 +1,176 @@
 <?php
 
-function myshifts_title() {
-  return _("My shifts");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function myshifts_title()
+{
+    return _('My shifts');
 }
 
-// Zeigt die Schichten an, die ein Benutzer belegt
-function user_myshifts() {
-  global $LETZTES_AUSTRAGEN;
-  global $user, $privileges;
-  
-  if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
-    $user_id = $_REQUEST['id'];
-  } else {
-    $user_id = $user['UID'];
-  }
-  
-  list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
-  
-  if (isset($_REQUEST['reset'])) {
-    if ($_REQUEST['reset'] == "ack") {
-      User_reset_api_key($user);
-      success(_("Key changed."));
-      redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
-    }
-    return page_with_title(_("Reset API key"), [
-        error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true),
-        button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') 
-    ]);
-  } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
-    $user_id = $_REQUEST['edit'];
-    $shift = sql_select("SELECT
-        `ShiftEntry`.`freeloaded`,
-        `ShiftEntry`.`freeload_comment`,
-        `ShiftEntry`.`Comment`,
-        `ShiftEntry`.`UID`,
-        `ShiftTypes`.`name`,
-        `Shifts`.*,
-        `Room`.`Name`,
-        `AngelTypes`.`name` as `angel_type`
-        FROM `ShiftEntry`
-        JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
-        JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
-        JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
-        JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
-        WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "'
-        AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
-    if (count($shift) > 0) {
-      $shift = $shift[0];
-      $freeloaded = $shift['freeloaded'];
-      $freeload_comment = $shift['freeload_comment'];
-      
-      if (isset($_REQUEST['submit'])) {
-        $valid = true;
-        if (in_array("user_shifts_admin", $privileges)) {
-          $freeloaded = isset($_REQUEST['freeloaded']);
-          $freeload_comment = strip_request_item_nl('freeload_comment');
-          if ($freeloaded && $freeload_comment == '') {
-            $valid = false;
-            error(_("Please enter a freeload comment!"));
-          }
-        }
-        
-        $comment = strip_request_item_nl('comment');
-        $user_source = User($shift['UID']);
-        
-        if ($valid) {
-          $result = ShiftEntry_update([
-              'id' => $user_id,
-              'Comment' => $comment,
-              'freeloaded' => $freeloaded,
-              'freeload_comment' => $freeload_comment 
-          ]);
-          if ($result === false) {
-            engelsystem_error('Unable to update shift entry.');
-          }
-          
-          engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
-          success(_("Shift saved."));
-          redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
-        }
-      }
-      
-      return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges));
+/**
+ * Zeigt die Schichten an, die ein Benutzer belegt
+ *
+ * @return string
+ */
+function user_myshifts()
+{
+    global $user, $privileges;
+
+    if (
+        isset($_REQUEST['id'])
+        && in_array('user_shifts_admin', $privileges)
+        && preg_match('/^\d{1,}$/', $_REQUEST['id'])
+        && count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0
+    ) {
+        $user_id = $_REQUEST['id'];
     } else {
-      redirect(page_link_to('user_myshifts'));
+        $user_id = $user['UID'];
     }
-  } elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
-    $user_id = $_REQUEST['cancel'];
-    $shift = sql_select("
-        SELECT *
-        FROM `Shifts` 
-        INNER JOIN `ShiftEntry` USING (`SID`) 
-        WHERE `ShiftEntry`.`id`='" . sql_escape($user_id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
-    if (count($shift) > 0) {
-      $shift = $shift[0];
-      if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {
-        $result = ShiftEntry_delete($user_id);
-        if ($result === false) {
-          engelsystem_error('Unable to delete shift entry.');
+
+    $shifts_user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
+    $shifts_user = array_shift($shifts_user);
+
+    if (isset($_REQUEST['reset'])) {
+        if ($_REQUEST['reset'] == 'ack') {
+            User_reset_api_key($user);
+            success(_('Key changed.'));
+            redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
+        }
+        return page_with_title(_('Reset API key'), [
+            error(
+                _('If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports.'),
+                true
+            ),
+            button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
+        ]);
+    } elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) {
+        $user_id = $_REQUEST['edit'];
+        $shift = DB::select('
+                SELECT
+                    `ShiftEntry`.`freeloaded`,
+                    `ShiftEntry`.`freeload_comment`,
+                    `ShiftEntry`.`Comment`,
+                    `ShiftEntry`.`UID`,
+                    `ShiftTypes`.`name`,
+                    `Shifts`.*,
+                    `Room`.`Name`,
+                    `AngelTypes`.`name` AS `angel_type`
+                FROM `ShiftEntry`
+                JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
+                JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
+                JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
+                JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
+                WHERE `ShiftEntry`.`id`=?
+                AND `UID`=?
+                LIMIT 1
+            ',
+            [
+                $user_id,
+                $shifts_user['UID'],
+            ]
+        );
+        if (count($shift) > 0) {
+            $shift = array_shift($shift);
+            $freeloaded = $shift['freeloaded'];
+            $freeload_comment = $shift['freeload_comment'];
+
+            if (isset($_REQUEST['submit'])) {
+                $valid = true;
+                if (in_array('user_shifts_admin', $privileges)) {
+                    $freeloaded = isset($_REQUEST['freeloaded']);
+                    $freeload_comment = strip_request_item_nl('freeload_comment');
+                    if ($freeloaded && $freeload_comment == '') {
+                        $valid = false;
+                        error(_('Please enter a freeload comment!'));
+                    }
+                }
+
+                $comment = strip_request_item_nl('comment');
+                $user_source = User($shift['UID']);
+
+                if ($valid) {
+                    $result = ShiftEntry_update([
+                        'id'               => $user_id,
+                        'Comment'          => $comment,
+                        'freeloaded'       => $freeloaded,
+                        'freeload_comment' => $freeload_comment
+                    ]);
+                    if ($result === false) {
+                        engelsystem_error('Unable to update shift entry.');
+                    }
+
+                    engelsystem_log(
+                        'Updated ' . User_Nick_render($user_source) . '\'s shift ' . $shift['name']
+                        . ' from ' . date('Y-m-d H:i', $shift['start'])
+                        . ' to ' . date('Y-m-d H:i', $shift['end'])
+                        . ' with comment ' . $comment
+                        . '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO')
+                    );
+                    success(_('Shift saved.'));
+                    redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
+                }
+            }
+
+            return ShiftEntry_edit_view(
+                User_Nick_render($shifts_user),
+                date('Y-m-d H:i', $shift['start']) . ', ' . shift_length($shift),
+                $shift['Name'],
+                $shift['name'],
+                $shift['angel_type'],
+                $shift['Comment'],
+                $shift['freeloaded'],
+                $shift['freeload_comment'],
+                in_array('user_shifts_admin', $privileges)
+            );
+        } else {
+            redirect(page_link_to('user_myshifts'));
+        }
+    } elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) {
+        $user_id = $_REQUEST['cancel'];
+        $shift = DB::select('
+                SELECT *
+                FROM `Shifts`
+                INNER JOIN `ShiftEntry` USING (`SID`)
+                WHERE `ShiftEntry`.`id`=? AND `UID`=?
+            ',
+            [
+                $user_id,
+                $shifts_user['UID'],
+            ]
+        );
+        if (count($shift) > 0) {
+            $shift = array_shift($shift);
+            if (
+                ($shift['start'] > time() + config('last_unsubscribe') * 3600)
+                || in_array('user_shifts_admin', $privileges)
+            ) {
+                $result = ShiftEntry_delete($user_id);
+                if ($result === false) {
+                    engelsystem_error('Unable to delete shift entry.');
+                }
+                $room = Room($shift['RID']);
+                $angeltype = AngelType($shift['TID']);
+                $shifttype = ShiftType($shift['shifttype_id']);
+
+                engelsystem_log(
+                    'Deleted own shift: ' . $shifttype['name']
+                    . ' at ' . $room['Name']
+                    . ' from ' . date('Y-m-d H:i', $shift['start'])
+                    . ' to ' . date('Y-m-d H:i', $shift['end'])
+                    . ' as ' . $angeltype['name']
+                );
+                success(_('Shift canceled.'));
+            } else {
+                error(_('It\'s too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.'));
+            }
+        } else {
+            redirect(user_link($shifts_user));
         }
-        $room = Room($shift['RID']);
-        $angeltype = AngelType($shift['TID']);
-        $shifttype = ShiftType($shift['shifttype_id']);
-        
-        engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
-        success(_("Shift canceled."));
-      } else {
-        error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
-      }
-    } else {
-      redirect(user_link($shifts_user));
     }
-  }
-  
-  redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
+
+    redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
+    return '';
 }
-?>

includes/pages/user_news.php

@@ -1,169 +1,251 @@
 <?php
 
-function user_news_comments_title() {
-  return _("News comments");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function user_news_comments_title()
+{
+    return _('News comments');
 }
 
-function news_title() {
-  return _("News");
+/**
+ * @return string
+ */
+function news_title()
+{
+    return _('News');
 }
 
-function meetings_title() {
-  return _("Meetings");
+/**
+ * @return string
+ */
+function meetings_title()
+{
+    return _('Meetings');
 }
 
-function user_meetings() {
-  global $DISPLAY_NEWS;
-  
-  $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
-  
-  if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
-    $page = $_REQUEST['page'];
-  } else {
-    $page = 0;
-  }
-  
-  $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
-  foreach ($news as $entry) {
-    $html .= display_news($entry);
-  }
-  
-  $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
-  $html .= '<div class="text-center">' . '<ul class="pagination">';
-  for ($i = 0; $i < $dis_rows; $i ++) {
-    if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
-      $html .= '<li class="active">';
-    } elseif (! isset($_REQUEST['page']) && $i == 0) {
-      $html .= '<li class="active">';
+/**
+ * @return string
+ */
+function user_meetings()
+{
+    $display_news = config('display_news');
+    $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
+
+    if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
+        $page = $_REQUEST['page'];
     } else {
-      $html .= '<li>';
+        $page = 0;
     }
-    $html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
-  }
-  $html .= '</ul></div></div>';
-  
-  return $html;
+
+    $news = DB::select(sprintf('
+        SELECT *
+        FROM `News`
+        WHERE `Treffen`=1
+        ORDER BY `Datum`DESC
+        LIMIT %u, %u',
+        $page * $display_news,
+        $display_news
+    ));
+    foreach ($news as $entry) {
+        $html .= display_news($entry);
+    }
+
+    $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
+    $html .= '<div class="text-center">' . '<ul class="pagination">';
+    for ($i = 0; $i < $dis_rows; $i++) {
+        if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
+            $html .= '<li class="active">';
+        } elseif (!isset($_REQUEST['page']) && $i == 0) {
+            $html .= '<li class="active">';
+        } else {
+            $html .= '<li>';
+        }
+        $html .= '<a href="' . page_link_to('user_meetings') . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
+    }
+    $html .= '</ul></div></div>';
+
+    return $html;
 }
 
-function display_news($news) {
-  global $privileges, $page;
-  
-  $html = '';
-  $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">';
-  $html .= '<div class="panel-heading">';
-  $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
-  $html .= '</div>';
-  $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';
-  
-  $html .= '<div class="panel-footer text-muted">';
-  if (in_array("admin_news", $privileges)) {
-    $html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>';
-  }
-  $html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';
-  
-  $user_source = User($news['UID']);
-  
-  $html .= User_Nick_render($user_source);
-  if ($page != "news_comments") {
-    $html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' &raquo;</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>';
-  }
-  $html .= '</div>';
-  $html .= '</div>';
-  return $html;
+/**
+ * @param array $news
+ * @return string
+ */
+function display_news($news)
+{
+    global $privileges, $page;
+
+    $html = '';
+    $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">';
+    $html .= '<div class="panel-heading">';
+    $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
+    $html .= '</div>';
+    $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';
+
+    $html .= '<div class="panel-footer text-muted">';
+    if (in_array('admin_news', $privileges)) {
+        $html .= '<div class="pull-right">'
+            . button_glyph(page_link_to('admin_news') . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs')
+            . '</div>';
+    }
+    $html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . '&emsp;';
+
+    $user_source = User($news['UID']);
+
+    $html .= User_Nick_render($user_source);
+    if ($page != 'news_comments') {
+        $html .= '&emsp;<a href="' . page_link_to('news_comments') . '&nid=' . $news['ID'] . '">'
+            . '<span class="glyphicon glyphicon-comment"></span> '
+            . _('Comments') . ' &raquo;</a> '
+            . '<span class="badge">'
+            . count(DB::select('SELECT `ID` FROM `NewsComments` WHERE `Refid`=?', [$news['ID']]))
+            . '</span>';
+    }
+    $html .= '</div>';
+    $html .= '</div>';
+    return $html;
 }
 
-function user_news_comments() {
-  global $user;
-  
-  $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
-  if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
-    $nid = $_REQUEST["nid"];
-    list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
-    if (isset($_REQUEST["text"])) {
-      $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
-      sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
-      engelsystem_log("Created news_comment: " . $text);
-      $html .= success(_("Entry saved."), true);
-    }
-    
-    $html .= display_news($news);
-    
-    $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
-    foreach ($comments as $comment) {
-      $user_source = User($comment['UID']);
-      
-      $html .= '<div class="panel panel-default">';
-      $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';
-      $html .= '<div class="panel-footer text-muted">';
-      $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;';
-      $html .= User_Nick_render($user_source);
-      $html .= '</div>';
-      $html .= '</div>';
-    }
-    
-    $html .= '<hr /><h2>' . _("New Comment:") . '</h2>';
-    $html .= form([
-        form_textarea('text', _("Message"), ''),
-        form_submit('submit', _("Save")) 
-    ], page_link_to('news_comments') . '&nid=' . $news['ID']);
-  } else {
-    $html .= _("Invalid request.");
-  }
-  
-  return $html . '</div>';
-}
+/**
+ * @return string
+ */
+function user_news_comments()
+{
+    global $user;
 
-function user_news() {
-  global $DISPLAY_NEWS, $privileges, $user;
-  
-  $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
-  
-  if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) {
-    if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) {
-      $_POST["treffen"] = 0;
-    }
-    sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');");
-    engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
-    success(_("Entry saved."));
-    redirect(page_link_to('news'));
-  }
-  
-  if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
-    $page = $_REQUEST['page'];
-  } else {
-    $page = 0;
-  }
-  
-  $news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS));
-  foreach ($news as $entry) {
-    $html .= display_news($entry);
-  }
-  
-  $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
-  $html .= '<div class="text-center">' . '<ul class="pagination">';
-  for ($i = 0; $i < $dis_rows; $i ++) {
-    if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
-      $html .= '<li class="active">';
-    } elseif (! isset($_REQUEST['page']) && $i == 0) {
-      $html .= '<li class="active">';
+    $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
+    if (
+        isset($_REQUEST['nid'])
+        && preg_match('/^\d{1,}$/', $_REQUEST['nid'])
+        && count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0
+    ) {
+        $nid = $_REQUEST['nid'];
+        $news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]);
+        $news = array_shift($news);
+        if (isset($_REQUEST['text'])) {
+            $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
+            DB::insert('
+                    INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
+                    VALUES (?, ?, ?, ?)
+                ',
+                [
+                    $nid,
+                    date('Y-m-d H:i:s'),
+                    $text,
+                    $user["UID"],
+                ]
+            );
+            engelsystem_log('Created news_comment: ' . $text);
+            $html .= success(_('Entry saved.'), true);
+        }
+
+        $html .= display_news($news);
+
+        $comments = DB::select(
+            'SELECT * FROM `NewsComments` WHERE `Refid`=? ORDER BY \'ID\'',
+            [$nid]
+        );
+        foreach ($comments as $comment) {
+            $user_source = User($comment['UID']);
+
+            $html .= '<div class="panel panel-default">';
+            $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';
+            $html .= '<div class="panel-footer text-muted">';
+            $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;';
+            $html .= User_Nick_render($user_source);
+            $html .= '</div>';
+            $html .= '</div>';
+        }
+
+        $html .= '<hr /><h2>' . _('New Comment:') . '</h2>';
+        $html .= form([
+            form_textarea('text', _('Message'), ''),
+            form_submit('submit', _('Save'))
+        ], page_link_to('news_comments') . '&nid=' . $news['ID']);
     } else {
-      $html .= '<li>';
+        $html .= _('Invalid request.');
     }
-    $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
-  }
-  $html .= '</ul></div>';
-  
-  if (in_array("admin_news", $privileges)) {
-    $html .= '<hr />';
-    $html .= '<h2>' . _("Create news:") . '</h2>';
-    
-    $html .= form([
-        form_text('betreff', _("Subject"), ''),
-        form_textarea('text', _("Message"), ''),
-        form_checkbox('treffen', _("Meeting"), false, 1),
-        form_submit('submit', _("Save")) 
-    ]);
-  }
-  return $html . '</div>';
+
+    return $html . '</div>';
+}
+
+/**
+ * @return string
+ */
+function user_news()
+{
+    global $privileges, $user;
+    $display_news = config('display_news');
+
+    $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
+
+    if (isset($_POST['text']) && isset($_POST['betreff']) && in_array('admin_news', $privileges)) {
+        if (!isset($_POST['treffen']) || !in_array('admin_news', $privileges)) {
+            $_POST['treffen'] = 0;
+        }
+        DB::insert('
+            INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
+            VALUES (?, ?, ?, ?, ?)
+            ',
+            [
+                time(),
+                $_POST['betreff'],
+                $_POST['text'],
+                $user['UID'],
+                $_POST['treffen'],
+            ]
+        );
+        engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $_POST['treffen']);
+        success(_('Entry saved.'));
+        redirect(page_link_to('news'));
+    }
+
+    if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
+        $page = $_REQUEST['page'];
+    } else {
+        $page = 0;
+    }
+
+    $news = DB::select(sprintf('
+            SELECT *
+            FROM `News`
+            ORDER BY `Datum`
+            DESC LIMIT %u, %u
+        ',
+        $page * $display_news,
+        $display_news
+    ));
+    foreach ($news as $entry) {
+        $html .= display_news($entry);
+    }
+
+    $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
+    $html .= '<div class="text-center">' . '<ul class="pagination">';
+    for ($i = 0; $i < $dis_rows; $i++) {
+        if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
+            $html .= '<li class="active">';
+        } elseif (!isset($_REQUEST['page']) && $i == 0) {
+            $html .= '<li class="active">';
+        } else {
+            $html .= '<li>';
+        }
+        $html .= '<a href="' . page_link_to('news') . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
+    }
+    $html .= '</ul></div>';
+
+    if (in_array('admin_news', $privileges)) {
+        $html .= '<hr />';
+        $html .= '<h2>' . _('Create news:') . '</h2>';
+
+        $html .= form([
+            form_text('betreff', _('Subject'), ''),
+            form_textarea('text', _('Message'), ''),
+            form_checkbox('treffen', _('Meeting'), false, 1),
+            form_submit('submit', _('Save'))
+        ]);
+    }
+    return $html . '</div>';
 }
-?>

includes/pages/user_questions.php

@@ -1,57 +1,85 @@
 <?php
 
-function questions_title() {
-  return _("Ask the Heaven");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function questions_title()
+{
+    return _('Ask the Heaven');
 }
 
-function user_questions() {
-  global $user;
-  
-  if (! isset($_REQUEST['action'])) {
-    $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
-    
-    $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
-    foreach ($answered_questions as &$question) {
-      $answer_user_source = User($question['AID']);
-      $question['answer_user'] = User_Nick_render($answer_user_source);
+/**
+ * @return string
+ */
+function user_questions()
+{
+    global $user;
+
+    if (!isset($_REQUEST['action'])) {
+        $open_questions = DB::select(
+            'SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=?',
+            [$user['UID']]
+        );
+
+        $answered_questions = DB::select(
+            'SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=?',
+            [$user['UID']]
+        );
+        foreach ($answered_questions as &$question) {
+            $answer_user_source = User($question['AID']);
+            $question['answer_user'] = User_Nick_render($answer_user_source);
+        }
+
+        return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask');
+    } else {
+        switch ($_REQUEST['action']) {
+            case 'ask':
+                $question = strip_request_item_nl('question');
+                if ($question != '') {
+                    $result = DB::insert('
+                        INSERT INTO `Questions` (`UID`, `Question`)
+                        VALUES (?, ?)
+                        ',
+                        [$user['UID'], $question]
+                    );
+                    if (!$result) {
+                        engelsystem_error(_('Unable to save question.'));
+                    }
+                    success(_('You question was saved.'));
+                    redirect(page_link_to('user_questions'));
+                } else {
+                    return page_with_title(questions_title(), [
+                        error(_('Please enter a question!'), true)
+                    ]);
+                }
+                break;
+            case 'delete':
+                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
+                    $question_id = $_REQUEST['id'];
+                } else {
+                    return error(_('Incomplete call, missing Question ID.'), true);
+                }
+
+                $question = DB::select(
+                    'SELECT `UID` FROM `Questions` WHERE `QID`=? LIMIT 1',
+                    [$question_id]
+                );
+                if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
+                    DB::delete(
+                        'DELETE FROM `Questions` WHERE `QID`=? LIMIT 1',
+                        [$question_id]
+                    );
+                    redirect(page_link_to('user_questions'));
+                } else {
+                    return page_with_title(questions_title(), [
+                        error(_('No question found.'), true)
+                    ]);
+                }
+                break;
+        }
     }
-    
-    return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask');
-  } else {
-    switch ($_REQUEST['action']) {
-      case 'ask':
-        $question = strip_request_item_nl('question');
-        if ($question != "") {
-          $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
-          if ($result === false) {
-            engelsystem_error(_("Unable to save question."));
-          }
-          success(_("You question was saved."));
-          redirect(page_link_to("user_questions"));
-        } else {
-          return page_with_title(questions_title(), [
-              error(_("Please enter a question!"), true) 
-          ]);
-        }
-        break;
-      case 'delete':
-        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
-          $question_id = $_REQUEST['id'];
-        } else {
-          return error(_("Incomplete call, missing Question ID."), true);
-        }
-        
-        $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
-        if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
-          sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
-          redirect(page_link_to("user_questions"));
-        } else {
-          return page_with_title(questions_title(), [
-              error(_("No question found."), true) 
-          ]);
-        }
-        break;
-    }
-  }
+
+    return '';
 }
-?>

includes/pages/user_settings.php

@@ -1,194 +1,242 @@
 <?php
 
-function settings_title() {
-  return _("Settings");
+use Engelsystem\Database\DB;
+
+/**
+ * @return string
+ */
+function settings_title()
+{
+    return _('Settings');
 }
 
 /**
  * Change user main attributes (name, dates, etc.)
  *
- * @param User $user_source
- *          The user
+ * @param array $user_source The user
+ * @param bool  $enable_tshirt_size
+ * @param array $tshirt_sizes
+ * @return array
  */
-function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) {
-  $valid = true;
-  
-  if (isset($_REQUEST['mail'])) {
-    $result = User_validate_mail($_REQUEST['mail']);
-    $user_source['email'] = $result->getValue();
-    if (! $result->isValid()) {
-      $valid = false;
-      error(_("E-mail address is not correct."));
+function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
+{
+    $valid = true;
+
+    if (isset($_REQUEST['mail'])) {
+        $result = User_validate_mail($_REQUEST['mail']);
+        $user_source['email'] = $result->getValue();
+        if (!$result->isValid()) {
+            $valid = false;
+            error(_('E-mail address is not correct.'));
+        }
+    } else {
+        $valid = false;
+        error(_('Please enter your e-mail.'));
     }
-  } else {
-    $valid = false;
-    error(_("Please enter your e-mail."));
-  }
-  
-  $user_source['email_shiftinfo'] = isset($_REQUEST['email_shiftinfo']);
-  $user_source['email_by_human_allowed'] = isset($_REQUEST['email_by_human_allowed']);
-  
-  if (isset($_REQUEST['jabber'])) {
-    $result = User_validate_jabber($_REQUEST['jabber']);
-    $user_source['jabber'] = $result->getValue();
-    if (! $result->isValid()) {
-      $valid = false;
-      error(_("Please check your jabber account information."));
+
+    $user_source['email_shiftinfo'] = isset($_REQUEST['email_shiftinfo']);
+    $user_source['email_by_human_allowed'] = isset($_REQUEST['email_by_human_allowed']);
+
+    if (isset($_REQUEST['jabber'])) {
+        $result = User_validate_jabber($_REQUEST['jabber']);
+        $user_source['jabber'] = $result->getValue();
+        if (!$result->isValid()) {
+            $valid = false;
+            error(_('Please check your jabber account information.'));
+        }
     }
-  }
-  
-  if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
-    $user_source['Size'] = $_REQUEST['tshirt_size'];
-  } elseif ($enable_tshirt_size) {
-    $valid = false;
-  }
-  
-  if (isset($_REQUEST['planned_arrival_date'])) {
-    $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00");
-    $result = User_validate_planned_arrival_date($tmp);
-    $user_source['planned_arrival_date'] = $result->getValue();
-    if (! $result->isValid()) {
-      $valid = false;
-      error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date."));
+
+    if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
+        $user_source['Size'] = $_REQUEST['tshirt_size'];
+    } elseif ($enable_tshirt_size) {
+        $valid = false;
     }
-  }
-  
-  if (isset($_REQUEST['planned_departure_date'])) {
-    $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_departure_date'] . " 00:00");
-    $result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp);
-    $user_source['planned_departure_date'] = $result->getValue();
-    if (! $result->isValid()) {
-      $valid = false;
-      error(_("Please enter your planned date of departure. It should be after your planned arrival date and after buildup start date and before teardown end date."));
+
+    if (isset($_REQUEST['planned_arrival_date'])) {
+        $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
+        $result = User_validate_planned_arrival_date($tmp);
+        $user_source['planned_arrival_date'] = $result->getValue();
+        if (!$result->isValid()) {
+            $valid = false;
+            error(_('Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.'));
+        }
     }
-  }
-  
-  // Trivia
-  $user_source['Name'] = strip_request_item('lastname', $user_source['Name']);
-  $user_source['Vorname'] = strip_request_item('prename', $user_source['Vorname']);
-  $user_source['Alter'] = strip_request_item('age', $user_source['Alter']);
-  $user_source['Telefon'] = strip_request_item('tel', $user_source['Telefon']);
-  $user_source['DECT'] = strip_request_item('dect', $user_source['DECT']);
-  $user_source['Handy'] = strip_request_item('mobile', $user_source['Handy']);
-  $user_source['Hometown'] = strip_request_item('hometown', $user_source['Hometown']);
-  
-  if ($valid) {
-    User_update($user_source);
-    success(_("Settings saved."));
-    redirect(page_link_to('user_settings'));
-  }
-  
-  return $user_source;
+
+    if (isset($_REQUEST['planned_departure_date'])) {
+        $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_departure_date'] . ' 00:00');
+        $result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp);
+        $user_source['planned_departure_date'] = $result->getValue();
+        if (!$result->isValid()) {
+            $valid = false;
+            error(_('Please enter your planned date of departure. It should be after your planned arrival date and after buildup start date and before teardown end date.'));
+        }
+    }
+
+    // Trivia
+    $user_source['Name'] = strip_request_item('lastname', $user_source['Name']);
+    $user_source['Vorname'] = strip_request_item('prename', $user_source['Vorname']);
+    $user_source['Alter'] = strip_request_item('age', $user_source['Alter']);
+    $user_source['Telefon'] = strip_request_item('tel', $user_source['Telefon']);
+    $user_source['DECT'] = strip_request_item('dect', $user_source['DECT']);
+    $user_source['Handy'] = strip_request_item('mobile', $user_source['Handy']);
+    $user_source['Hometown'] = strip_request_item('hometown', $user_source['Hometown']);
+
+    if ($valid) {
+        User_update($user_source);
+        success(_('Settings saved.'));
+        redirect(page_link_to('user_settings'));
+    }
+
+    return $user_source;
 }
 
 /**
  * Change user password.
  *
- * @param User $user_source
- *          The user
+ * @param array $user_source The user
  */
-function user_settings_password($user_source) {
-  global $min_password_length;
-  if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])) {
-    error(_("-> not OK. Please try again."));
-  } elseif (strlen($_REQUEST['new_password']) < $min_password_length) {
-    error(_("Your password is to short (please use at least 6 characters)."));
-  } elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
-    error(_("Your passwords don't match."));
-  } elseif (set_password($user_source['UID'], $_REQUEST['new_password'])) {
-    success(_("Password saved."));
-  } else {
-    error(_("Failed setting password."));
-  }
-  redirect(page_link_to('user_settings'));
+function user_settings_password($user_source)
+{
+    if (
+        !isset($_REQUEST['password'])
+        || !verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])
+    ) {
+        error(_('-> not OK. Please try again.'));
+    } elseif (strlen($_REQUEST['new_password']) < config('min_password_length')) {
+        error(_('Your password is to short (please use at least 6 characters).'));
+    } elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
+        error(_('Your passwords don\'t match.'));
+    } elseif (set_password($user_source['UID'], $_REQUEST['new_password'])) {
+        success(_('Password saved.'));
+    } else {
+        error(_('Failed setting password.'));
+    }
+    redirect(page_link_to('user_settings'));
 }
 
 /**
  * Change user theme
  *
- * @param User $user_sources
- *          The user
- * @param array<String> $themes
- *          List of available themes
+ * @param array $user_source The user
+ * @param array $themes      List of available themes
+ * @return mixed
  */
-function user_settings_theme($user_source, $themes) {
-  $valid = true;
-  
-  if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
-    $user_source['color'] = $_REQUEST['theme'];
-  } else {
-    $valid = false;
-  }
-  
-  if ($valid) {
-    sql_query("UPDATE `User` SET `color`='" . sql_escape($user_source['color']) . "' WHERE `UID`='" . sql_escape($user_source['UID']) . "'");
-    
-    success(_("Theme changed."));
-    redirect(page_link_to('user_settings'));
-  }
-  
-  return $user_source;
+function user_settings_theme($user_source, $themes)
+{
+    $valid = true;
+
+    if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
+        $user_source['color'] = $_REQUEST['theme'];
+    } else {
+        $valid = false;
+    }
+
+    if ($valid) {
+        DB::update('
+            UPDATE `User`
+            SET `color`=?
+            WHERE `UID`=?
+            ',
+            [
+                $user_source['color'],
+                $user_source['UID'],
+            ]
+        );
+
+        success(_('Theme changed.'));
+        redirect(page_link_to('user_settings'));
+    }
+
+    return $user_source;
 }
 
 /**
  * Change use locale
  *
- * @param User $user_source
- *          The user
- * @param array<String> $locales
- *          List of available locales
+ * @param array $user_source The user
+ * @param array $locales     List of available locales
+ * @return array
  */
-function user_settings_locale($user_source, $locales) {
-  $valid = true;
-  
-  if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
-    $user_source['Sprache'] = $_REQUEST['language'];
-  } else {
-    $valid = false;
-  }
-  
-  if ($valid) {
-    sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($user_source['Sprache']) . "' WHERE `UID`='" . sql_escape($user_source['UID']) . "'");
-    $_SESSION['locale'] = $user_source['Sprache'];
-    
-    success("Language changed.");
-    redirect(page_link_to('user_settings'));
-  }
-  
-  return $user_source;
+function user_settings_locale($user_source, $locales)
+{
+    $valid = true;
+
+    if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
+        $user_source['Sprache'] = $_REQUEST['language'];
+    } else {
+        $valid = false;
+    }
+
+    if ($valid) {
+        DB::update('
+            UPDATE `User`
+            SET `Sprache`=?
+            WHERE `UID`=?
+        ',
+            [
+                $user_source['Sprache'],
+                $user_source['UID'],
+            ]
+        );
+        $_SESSION['locale'] = $user_source['Sprache'];
+
+        success('Language changed.');
+        redirect(page_link_to('user_settings'));
+    }
+
+    return $user_source;
 }
 
 /**
  * Main user settings page/controller
+ *
+ * @return string
  */
-function user_settings() {
-  global $enable_tshirt_size, $tshirt_sizes, $themes, $locales;
-  global $user;
-  
-  $buildup_start_date = null;
-  $teardown_end_date = null;
-  $event_config = EventConfig();
-  if ($event_config != null) {
-    if (isset($event_config['buildup_start_date'])) {
-      $buildup_start_date = $event_config['buildup_start_date'];
+function user_settings()
+{
+    global $themes, $user;
+
+    $enable_tshirt_size = config('enable_tshirt_size');
+    $tshirt_sizes = config('tshirt_sizes');
+    $locales = config('locales');
+
+    $buildup_start_date = null;
+    $teardown_end_date = null;
+    $event_config = EventConfig();
+    if ($event_config != null) {
+        if (isset($event_config['buildup_start_date'])) {
+            $buildup_start_date = $event_config['buildup_start_date'];
+        }
+        if (isset($event_config['teardown_end_date'])) {
+            $teardown_end_date = $event_config['teardown_end_date'];
+        }
     }
-    if (isset($event_config['teardown_end_date'])) {
-      $teardown_end_date = $event_config['teardown_end_date'];
+
+    foreach ($tshirt_sizes as $key => $size) {
+        if (empty($size)) {
+            unset($tshirt_sizes[$key]);
+        }
     }
-  }
-  
-  $user_source = $user;
-  
-  if (isset($_REQUEST['submit'])) {
-    $user_source = user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes);
-  } elseif (isset($_REQUEST['submit_password'])) {
-    user_settings_password($user_source);
-  } elseif (isset($_REQUEST['submit_theme'])) {
-    $user_source = user_settings_theme($user_source, $themes);
-  } elseif (isset($_REQUEST['submit_language'])) {
-    $user_source = user_settings_locale($user_source, $locales);
-  }
-  
-  return User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, $enable_tshirt_size, $tshirt_sizes);
+
+    $user_source = $user;
+
+    if (isset($_REQUEST['submit'])) {
+        $user_source = user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes);
+    } elseif (isset($_REQUEST['submit_password'])) {
+        user_settings_password($user_source);
+    } elseif (isset($_REQUEST['submit_theme'])) {
+        $user_source = user_settings_theme($user_source, $themes);
+    } elseif (isset($_REQUEST['submit_language'])) {
+        $user_source = user_settings_locale($user_source, $locales);
+    }
+
+    return User_settings_view(
+        $user_source,
+        $locales,
+        $themes,
+        $buildup_start_date,
+        $teardown_end_date,
+        $enable_tshirt_size,
+        $tshirt_sizes
+    );
 }
-?>

includes/pages/user_shifts.php

@@ -1,8 +1,14 @@
 <?php
+
+use Engelsystem\Database\DB;
 use Engelsystem\ShiftsFilter;
 
-function shifts_title() {
-  return _("Shifts");
+/**
+ * @return string
+ */
+function shifts_title()
+{
+    return _('Shifts');
 }
 
 /**
@@ -11,187 +17,257 @@ function shifts_title() {
  * Transform into shift controller and shift entry controller.
  * Split actions into shift edit, shift delete, shift entry edit, shift entry delete
  * Introduce simpler and beautiful actions for shift entry join/leave for users
+ *
+ * @return string
  */
-function user_shifts() {
-  global $user;
-  
-  if (User_is_freeloader($user)) {
-    redirect(page_link_to('user_myshifts'));
-  }
-  
-  // Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
-  if (isset($_REQUEST['entry_id'])) {
-    return shift_entry_delete_controller();
-  } elseif (isset($_REQUEST['edit_shift'])) {
-    return shift_edit_controller();
-  } elseif (isset($_REQUEST['delete_shift'])) {
-    return shift_delete_controller();
-  } elseif (isset($_REQUEST['shift_id'])) {
-    return shift_entry_add_controller();
-  }
-  return view_user_shifts();
+function user_shifts()
+{
+    global $user;
+
+    if (User_is_freeloader($user)) {
+        redirect(page_link_to('user_myshifts'));
+    }
+
+    // Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
+    if (isset($_REQUEST['entry_id'])) {
+        shift_entry_delete_controller();
+        return '';
+    } elseif (isset($_REQUEST['edit_shift'])) {
+        return shift_edit_controller();
+    } elseif (isset($_REQUEST['delete_shift'])) {
+        return shift_delete_controller();
+    } elseif (isset($_REQUEST['shift_id'])) {
+        return shift_entry_add_controller();
+    }
+    return view_user_shifts();
 }
 
 /**
  * Helper function that updates the start and end time from request data.
  * Use update_ShiftsFilter().
  *
- * @param ShiftsFilter $shiftsFilter
- *          The shiftfilter to update.
+ * @param ShiftsFilter $shiftsFilter The shiftfilter to update.
+ * @param string[]     $days
  */
-function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days) {
-  $start_time = $shiftsFilter->getStartTime();
-  if ($start_time == null) {
-    $start_time = time();
-  }
-  
-  $end_time = $shiftsFilter->getEndTime();
-  if ($end_time == null) {
-    $end_time = $start_time + 24 * 60 * 60;
-  }
-  
-  $shiftsFilter->setStartTime(check_request_datetime('start_day', 'start_time', $days, $start_time));
-  $shiftsFilter->setEndTime(check_request_datetime('end_day', 'end_time', $days, $end_time));
-  
-  if ($shiftsFilter->getStartTime() > $shiftsFilter->getEndTime()) {
-    $shiftsFilter->setEndTime($shiftsFilter->getStartTime() + 24 * 60 * 60);
-  }
+function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days)
+{
+    $start_time = $shiftsFilter->getStartTime();
+    if ($start_time == null) {
+        $start_time = time();
+    }
+
+    $end_time = $shiftsFilter->getEndTime();
+    if ($end_time == null) {
+        $end_time = $start_time + 24 * 60 * 60;
+    }
+
+    $shiftsFilter->setStartTime(check_request_datetime('start_day', 'start_time', $days, $start_time));
+    $shiftsFilter->setEndTime(check_request_datetime('end_day', 'end_time', $days, $end_time));
+
+    if ($shiftsFilter->getStartTime() > $shiftsFilter->getEndTime()) {
+        $shiftsFilter->setEndTime($shiftsFilter->getStartTime() + 24 * 60 * 60);
+    }
 }
 
 /**
  * Update given ShiftsFilter with filter params from user input
  *
- * @param ShiftsFilter $shiftsFilter
- *          The shifts filter to update from request data
- * @param boolean $user_shifts_admin
- *          Has the user user_shift_admin privilege?
- * @param string[] $days
- *          An array of available filter days
+ * @param ShiftsFilter $shiftsFilter      The shifts filter to update from request data
+ * @param boolean      $user_shifts_admin Has the user user_shift_admin privilege?
+ * @param string[]     $days              An array of available filter days
  */
-function update_ShiftsFilter(ShiftsFilter $shiftsFilter, $user_shifts_admin, $days) {
-  $shiftsFilter->setUserShiftsAdmin($user_shifts_admin);
-  $shiftsFilter->setFilled(check_request_int_array('filled', $shiftsFilter->getFilled()));
-  $shiftsFilter->setRooms(check_request_int_array('rooms', $shiftsFilter->getRooms()));
-  $shiftsFilter->setTypes(check_request_int_array('types', $shiftsFilter->getTypes()));
-  update_ShiftsFilter_timerange($shiftsFilter, $days);
+function update_ShiftsFilter(ShiftsFilter $shiftsFilter, $user_shifts_admin, $days)
+{
+    $shiftsFilter->setUserShiftsAdmin($user_shifts_admin);
+    $shiftsFilter->setFilled(check_request_int_array('filled', $shiftsFilter->getFilled()));
+    $shiftsFilter->setRooms(check_request_int_array('rooms', $shiftsFilter->getRooms()));
+    $shiftsFilter->setTypes(check_request_int_array('types', $shiftsFilter->getTypes()));
+    update_ShiftsFilter_timerange($shiftsFilter, $days);
 }
 
-function load_rooms() {
-  $rooms = sql_select("SELECT `RID` AS `id`, `Name` AS `name` FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
-  if (count($rooms) == 0) {
-    error(_("The administration has not configured any rooms yet."));
-    redirect('?');
-  }
-  return $rooms;
+/**
+ * @return array
+ */
+function load_rooms()
+{
+    $rooms = DB::select(
+        'SELECT `RID` AS `id`, `Name` AS `name` FROM `Room` WHERE `show`=\'Y\' ORDER BY `Name`'
+    );
+    if (empty($rooms)) {
+        error(_('The administration has not configured any rooms yet.'));
+        redirect('?');
+    }
+    return $rooms;
 }
 
-function load_days() {
-  $days = sql_select_single_col("
+/**
+ * @return array
+ */
+function load_days()
+{
+    $days = DB::select('
       SELECT DISTINCT DATE(FROM_UNIXTIME(`start`)) AS `id`, DATE(FROM_UNIXTIME(`start`)) AS `name`
       FROM `Shifts`
-      ORDER BY `start`");
-  if (count($days) == 0) {
-    error(_("The administration has not configured any shifts yet."));
-    redirect('?');
-  }
-  return $days;
+      ORDER BY `start`
+    ');
+    $days = array_map('array_shift', $days);
+
+    if (empty($days)) {
+        error(_('The administration has not configured any shifts yet.'));
+        redirect('?');
+    }
+    return $days;
 }
 
-function load_types() {
-  global $user;
-  
-  if (sql_num_query("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0") == 0) {
-    error(_("The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype."));
-    redirect('?');
-  }
-  $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`");
-  if (empty($types)) {
-    return sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0");
-  }
-  return $types;
+/**
+ * @return array|false
+ */
+function load_types()
+{
+    global $user;
+
+    if (!count(DB::select('SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0'))) {
+        error(_('The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype.'));
+        redirect('?');
+    }
+    $types = DB::select('
+            SELECT
+                `AngelTypes`.`id`,
+                `AngelTypes`.`name`,
+                (
+                    `AngelTypes`.`restricted`=0
+                    OR (
+                        NOT `UserAngelTypes`.`confirm_user_id` IS NULL
+                        OR `UserAngelTypes`.`id` IS NULL
+                    )
+                ) AS `enabled`
+            FROM `AngelTypes`
+            LEFT JOIN `UserAngelTypes`
+                ON (
+                    `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
+                    AND `UserAngelTypes`.`user_id`=?
+                )
+            ORDER BY `AngelTypes`.`name`
+        ',
+        [
+            $user['UID'],
+        ]
+    );
+    if (empty($types)) {
+        return DB::select('SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0');
+    }
+    return $types;
 }
 
-function view_user_shifts() {
-  global $user, $privileges;
-  global $ical_shifts;
-  
-  $ical_shifts = [];
-  $days = load_days();
-  $rooms = load_rooms();
-  $types = load_types();
-  
-  if (! isset($_SESSION['ShiftsFilter'])) {
-    $room_ids = [
-        $rooms[0]['id'] 
+/**
+ * @return string
+ */
+function view_user_shifts()
+{
+    global $user, $privileges, $ical_shifts;
+
+    $ical_shifts = [];
+    $days = load_days();
+    $rooms = load_rooms();
+    $types = load_types();
+
+    if (!isset($_SESSION['ShiftsFilter'])) {
+        $room_ids = [
+            $rooms[0]['id']
+        ];
+        $type_ids = array_map('get_ids_from_array', $types);
+        $_SESSION['ShiftsFilter'] = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids);
+    }
+    update_ShiftsFilter($_SESSION['ShiftsFilter'], in_array('user_shifts_admin', $privileges), $days);
+    $shiftsFilter = $_SESSION['ShiftsFilter'];
+
+    $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
+
+    if ($user['api_key'] == '') {
+        User_reset_api_key($user, false);
+    }
+
+    $filled = [
+        [
+            'id'   => '1',
+            'name' => _('occupied')
+        ],
+        [
+            'id'   => '0',
+            'name' => _('free')
+        ]
     ];
-    $type_ids = array_map('get_ids_from_array', $types);
-    $_SESSION['ShiftsFilter'] = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids);
-  }
-  update_ShiftsFilter($_SESSION['ShiftsFilter'], in_array('user_shifts_admin', $privileges), $days);
-  $shiftsFilter = $_SESSION['ShiftsFilter'];
-  
-  $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);
-  
-  if ($user['api_key'] == "") {
-    User_reset_api_key($user, false);
-  }
-  
-  $filled = [
-      [
-          'id' => '1',
-          'name' => _("occupied") 
-      ],
-      [
-          'id' => '0',
-          'name' => _("free") 
-      ] 
-  ];
-  $start_day = date("Y-m-d", $shiftsFilter->getStartTime());
-  $start_time = date("H:i", $shiftsFilter->getStartTime());
-  $end_day = date("Y-m-d", $shiftsFilter->getEndTime());
-  $end_time = date("H:i", $shiftsFilter->getEndTime());
-  
-  return page([
-      div('col-md-12', [
-          msg(),
-          template_render(__DIR__ . '/../../templates/user_shifts.html', [
-              'title' => shifts_title(),
-              'room_select' => make_select($rooms, $shiftsFilter->getRooms(), "rooms", _("Rooms")),
-              'start_select' => html_select_key("start_day", "start_day", array_combine($days, $days), $start_day),
-              'start_time' => $start_time,
-              'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $end_day),
-              'end_time' => $end_time,
-              'type_select' => make_select($types, $shiftsFilter->getTypes(), "types", _("Angeltypes") . '<sup>1</sup>'),
-              'filled_select' => make_select($filled, $shiftsFilter->getFilled(), "filled", _("Occupancy")),
-              'task_notice' => '<sup>1</sup>' . _("The tasks shown here are influenced by the angeltypes you joined already!") . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" . _("Description of the jobs.") . "</a>",
-              'shifts_table' => msg() . $shiftCalendarRenderer->render(),
-              'ical_text' => '<h2>' . _("iCal export") . '</h2><p>' . sprintf(_("Export of shown shifts. <a href=\"%s\">iCal format</a> or <a href=\"%s\">JSON format</a> available (please keep secret, otherwise <a href=\"%s\">reset the api key</a>)."), page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('user_myshifts') . '&reset') . '</p>',
-              'filter' => _("Filter") 
-          ]) 
-      ]) 
-  ]);
+    $start_day = date('Y-m-d', $shiftsFilter->getStartTime());
+    $start_time = date('H:i', $shiftsFilter->getStartTime());
+    $end_day = date('Y-m-d', $shiftsFilter->getEndTime());
+    $end_time = date('H:i', $shiftsFilter->getEndTime());
+
+    return page([
+        div('col-md-12', [
+            msg(),
+            template_render(__DIR__ . '/../../templates/user_shifts.html', [
+                'title'         => shifts_title(),
+                'room_select'   => make_select($rooms, $shiftsFilter->getRooms(), 'rooms', _('Rooms')),
+                'start_select'  => html_select_key('start_day', 'start_day', array_combine($days, $days), $start_day),
+                'start_time'    => $start_time,
+                'end_select'    => html_select_key('end_day', 'end_day', array_combine($days, $days), $end_day),
+                'end_time'      => $end_time,
+                'type_select'   => make_select(
+                    $types,
+                    $shiftsFilter->getTypes(),
+                    'types',
+                    _('Angeltypes') . '<sup>1</sup>'
+                ),
+                'filled_select' => make_select($filled, $shiftsFilter->getFilled(), 'filled', _('Occupancy')),
+                'task_notice'   =>
+                    '<sup>1</sup>'
+                    . _('The tasks shown here are influenced by the angeltypes you joined already!')
+                    . ' <a href="' . page_link_to('angeltypes') . '&action=about' . '">'
+                    . _('Description of the jobs.')
+                    . '</a>',
+                'shifts_table'  => msg() . $shiftCalendarRenderer->render(),
+                'ical_text'     => '<h2>' . _('iCal export') . '</h2><p>' . sprintf(
+                        _('Export of shown shifts. <a href="%s">iCal format</a> or <a href="%s">JSON format</a> available (please keep secret, otherwise <a href="%s">reset the api key</a>).'),
+                        page_link_to_absolute('ical') . '&key=' . $user['api_key'],
+                        page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'],
+                        page_link_to('user_myshifts') . '&reset'
+                    ) . '</p>',
+                'filter'        => _('Filter')
+            ])
+        ])
+    ]);
 }
 
-function get_ids_from_array($array) {
-  return $array["id"];
+/**
+ * @param array $array
+ * @return array
+ */
+function get_ids_from_array($array)
+{
+    return $array['id'];
 }
 
-function make_select($items, $selected, $name, $title = null) {
-  $html_items = [];
-  if (isset($title)) {
-    $html_items[] = '<h4>' . $title . '</h4>' . "\n";
-  }
-  
-  foreach ($items as $i) {
-    $html_items[] = '<div class="checkbox"><label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '"' . (in_array($i['id'], $selected) ? ' checked="checked"' : '') . '> ' . $i['name'] . '</label>' . (! isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock")) . '</div><br />';
-  }
-  $html = '<div id="selection_' . $name . '" class="selection ' . $name . '">' . "\n";
-  $html .= implode("\n", $html_items);
-  $html .= buttons([
-      button("javascript: checkAll('selection_" . $name . "', true)", _("All"), ""),
-      button("javascript: checkAll('selection_" . $name . "', false)", _("None"), "") 
-  ]);
-  $html .= '</div>' . "\n";
-  return $html;
+function make_select($items, $selected, $name, $title = null)
+{
+    $html_items = [];
+    if (isset($title)) {
+        $html_items[] = '<h4>' . $title . '</h4>' . "\n";
+    }
+
+    foreach ($items as $i) {
+        $html_items[] = '<div class="checkbox">'
+            . '<label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '" '
+            . (in_array($i['id'], $selected) ? ' checked="checked"' : '')
+            . ' > ' . $i['name'] . '</label>'
+            . (!isset($i['enabled']) || $i['enabled'] ? '' : glyph('lock'))
+            . '</div><br />';
+    }
+    $html = '<div id="selection_' . $name . '" class="selection ' . $name . '">' . "\n";
+    $html .= implode("\n", $html_items);
+    $html .= buttons([
+        button('javascript: checkAll(\'selection_' . $name . '\', true)', _('All'), ''),
+        button('javascript: checkAll(\'selection_' . $name . '\', false)', _('None'), '')
+    ]);
+    $html .= '</div>' . "\n";
+    return $html;
 }
-?>

includes/sys_auth.php

@@ -1,91 +1,160 @@
 <?php
 
+use Engelsystem\Database\DB;
+
 /**
  *  Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
  */
-function load_auth() {
-  global $user, $privileges;
-  
-  $user = null;
-  if (isset($_SESSION['uid'])) {
-    $user = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_SESSION['uid']) . "' LIMIT 1");
-    if (count($user) > 0) {
-      // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
-      list($user) = $user;
-      sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
-      $privileges = privileges_for_user($user['UID']);
-      return;
+function load_auth()
+{
+    global $user, $privileges;
+
+    $user = null;
+    if (isset($_SESSION['uid'])) {
+        $user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$_SESSION['uid']]);
+        if (count($user) > 0) {
+            // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
+            $user = array_shift($user);
+            DB::update('
+                UPDATE `User`
+                SET `lastLogIn` = ?
+                WHERE `UID` = ?
+                LIMIT 1
+            ', [
+                time(),
+                $_SESSION['uid'],
+            ]);
+            $privileges = privileges_for_user($user['UID']);
+            return;
+        }
+        unset($_SESSION['uid']);
     }
-    unset($_SESSION['uid']);
-  }
-  
-  // guest privileges
-  $privileges = privileges_for_group(- 1);
+
+    // guest privileges
+    $privileges = privileges_for_group(-1);
 }
 
 /**
  * generate a salt (random string) of arbitrary length suitable for the use with crypt()
+ *
+ * @param int $length
+ * @return string
  */
-function generate_salt($length = 16) {
-  $alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-  $salt = "";
-  for ($i = 0; $i < $length; $i ++) {
-    $salt .= $alphabet[rand(0, strlen($alphabet) - 1)];
-  }
-  return $salt;
+function generate_salt($length = 16)
+{
+    $alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+    $salt = '';
+    for ($i = 0; $i < $length; $i++) {
+        $salt .= $alphabet[rand(0, strlen($alphabet) - 1)];
+    }
+    return $salt;
 }
 
 /**
  * set the password of a user
+ *
+ * @param int    $uid
+ * @param string $password
+ * @return bool
  */
-function set_password($uid, $password) {
-  global $crypt_alg;
-  $result = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt(16) . '$')) . "', `password_recovery_token`=NULL WHERE `UID` = " . intval($uid) . " LIMIT 1");
-  if ($result === false) {
-    engelsystem_error('Unable to update password.');
-  }
-  return $result;
+function set_password($uid, $password)
+{
+    $result = DB::update('
+        UPDATE `User`
+        SET `Passwort` = ?,
+        `password_recovery_token`=NULL
+        WHERE `UID` = ?
+        LIMIT 1
+        ',
+        [
+            crypt($password, config('crypt_alg') . '$' . generate_salt(16) . '$'),
+            $uid
+        ]
+    );
+    if (DB::getStm()->errorCode() != '00000') {
+        engelsystem_error('Unable to update password.');
+    }
+    return $result;
 }
 
 /**
  * verify a password given a precomputed salt.
  * if $uid is given and $salt is an old-style salt (plain md5), we convert it automatically
+ *
+ * @param string $password
+ * @param string $salt
+ * @param int    $uid
+ * @return bool
  */
-function verify_password($password, $salt, $uid = false) {
-  global $crypt_alg;
-  $correct = false;
-  if (substr($salt, 0, 1) == '$') { // new-style crypt()
-    $correct = crypt($password, $salt) == $salt;
-  } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore
-    $correct = crypt($password, '77') == $salt;
-  } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore
-    $correct = md5($password) == $salt;
-  }
+function verify_password($password, $salt, $uid = null)
+{
+    $crypt_alg = config('crypt_alg');
+    $correct = false;
+    if (substr($salt, 0, 1) == '$') { // new-style crypt()
+        $correct = crypt($password, $salt) == $salt;
+    } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore
+        $correct = crypt($password, '77') == $salt;
+    } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore
+        $correct = md5($password) == $salt;
+    }
 
-  if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && $uid) {
-    // this password is stored in another format than we want it to be.
-    // let's update it!
-    // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash
-    sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, $crypt_alg . '$' . generate_salt() . '$')) . "' WHERE `UID` = " . intval($uid) . " AND `Passwort` = '" . sql_escape($salt) . "' LIMIT 1");
-  }
-  return $correct;
+    if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && intval($uid)) {
+        // this password is stored in another format than we want it to be.
+        // let's update it!
+        // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash
+        DB::update('
+                UPDATE `User`
+                SET `Passwort` = ?
+                WHERE `UID` = ?
+                AND `Passwort` = ?
+                LIMIT 1
+            ',
+            [
+                crypt($password, $crypt_alg . '$' . generate_salt() . '$'),
+                $uid,
+                $salt,
+            ]
+        );
+    }
+    return $correct;
 }
 
-function privileges_for_user($user_id) {
-  $privileges = [];
-  $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'");
-  foreach ($user_privs as $user_priv) {
-    $privileges[] = $user_priv['name'];
-  }
-  return $privileges;
+/**
+ * @param int $user_id
+ * @return array
+ */
+function privileges_for_user($user_id)
+{
+    $privileges = [];
+    $user_privileges = DB::select('
+        SELECT `Privileges`.`name`
+        FROM `User`
+        JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`)
+        JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`)
+        JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
+        WHERE `User`.`UID`=?
+    ', [$user_id]);
+    foreach ($user_privileges as $user_privilege) {
+        $privileges[] = $user_privilege['name'];
+    }
+    return $privileges;
 }
 
-function privileges_for_group($group_id) {
-  $privileges = [];
-  $groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group_id) . "'");
-  foreach ($groups_privs as $guest_priv) {
-    $privileges[] = $guest_priv['name'];
-  }
-  return $privileges;
+/**
+ * @param int $group_id
+ * @return array
+ */
+function privileges_for_group($group_id)
+{
+    $privileges = [];
+    $groups_privileges = DB::select('
+        SELECT `name`
+        FROM `GroupPrivileges`
+        JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
+        WHERE `group_id`=?
+    ', [$group_id]);
+    foreach ($groups_privileges as $guest_privilege) {
+        $privileges[] = $guest_privilege['name'];
+    }
+    return $privileges;
 }
-?>

includes/sys_form.php

@@ -4,21 +4,26 @@
 /**
  * Renders a hidden input
  *
- * @param string $name
- *          Name of the input
- * @param string $value
- *          The value
+ * @param string $name  Name of the input
+ * @param string $value The value
  * @return string rendered html
  */
-function form_hidden($name, $value) {
-  return '<input type="hidden" name="' . $name . '" value="' . $value . '" />';
+function form_hidden($name, $value)
+{
+    return '<input type="hidden" name="' . $name . '" value="' . $value . '" />';
 }
 
 /**
  * Rendert ein Zahlenfeld mit Buttons zum verstellen
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $value
+ * @return string
  */
-function form_spinner($name, $label, $value) {
-  return form_element($label, '
+function form_spinner($name, $label, $value)
+{
+    return form_element($label, '
       <div class="input-group">
         <input id="spinner-' . $name . '" class="form-control" type="text" name="' . $name . '" value="' . $value . '" />
         <div class="input-group-btn">
@@ -31,11 +36,13 @@ function form_spinner($name, $label, $value) {
         </div>
       </div>
       <script type="text/javascript">
-        $("#spinner-' . $name . '-down").click(function(e) {
-          $("#spinner-' . $name . '").val(parseInt($("#spinner-' . $name . '").val()) - 1);
+        $("#spinner-' . $name . '-down").click(function() {
+          var spinner = $("#spinner-' . $name . '");
+          spinner.val(parseInt(spinner.val()) - 1);
         });
-        $("#spinner-' . $name . '-up").click(function(e) {
-          $("#spinner-' . $name . '").val(parseInt($("#spinner-' . $name . '").val()) + 1);
+        $("#spinner-' . $name . '-up").click(function() {
+          var spinner = $("#spinner-' . $name . '");
+          spinner.val(parseInt(spinner.val()) + 1);
         });
       </script>
       ');
@@ -44,22 +51,20 @@ function form_spinner($name, $label, $value) {
 /**
  * Render a bootstrap datepicker
  *
- * @param string $name
- *          Name of the parameter
- * @param string $label
- *          Label
- * @param int $value
- *          Unix Timestamp
- * @param int $min_date
- *          Earliest possible date
- * @return HTML
+ * @param string $name       Name of the parameter
+ * @param string $label      Label
+ * @param int    $value      Unix Timestamp
+ * @param string $start_date Earliest possible date
+ * @param string $end_date
+ * @return string HTML
  */
-function form_date($name, $label, $value, $start_date = '', $end_date = '') {
-  $dom_id = $name . '-date';
-  $value = is_numeric($value) ? date('Y-m-d', $value) : '';
-  $start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : '';
-  $end_date = is_numeric($end_date) ? date('Y-m-d', $end_date) : '';
-  return form_element($label, '
+function form_date($name, $label, $value, $start_date = '', $end_date = '')
+{
+    $dom_id = $name . '-date';
+    $value = is_numeric($value) ? date('Y-m-d', $value) : '';
+    $start_date = is_numeric($start_date) ? date('Y-m-d', $start_date) : '';
+    $end_date = is_numeric($end_date) ? date('Y-m-d', $end_date) : '';
+    return form_element($label, '
     <div class="input-group date" id="' . $dom_id . '">
       <input type="text" name="' . $name . '" class="form-control" value="' . $value . '"><span class="input-group-addon">' . glyph('th') . '</span>
     </div>
@@ -80,202 +85,332 @@ function form_date($name, $label, $value, $start_date = '', $end_date = '') {
 /**
  * Rendert eine Liste von Checkboxen für ein Formular
  *
- * @param
- *          name Die Namen der Checkboxen werden aus name_key gebildet
- * @param
- *          label Die Beschriftung der Liste
- * @param
- *          items Array mit den einzelnen Checkboxen
- * @param
- *          selected Array mit den Keys, die ausgewählt sind
+ * @param string $name     Die Namen der Checkboxen werden aus name_key gebildet
+ * @param string $label    Die Beschriftung der Liste
+ * @param array  $items    Array mit den einzelnen Checkboxen
+ * @param array  $selected Array mit den Keys, die ausgewählt sind
+ * @return string
  */
-function form_checkboxes($name, $label, $items, $selected) {
-  $html = form_element($label, '');
-  foreach ($items as $key => $item) {
-    $html .= form_checkbox($name . '_' . $key, $item, array_search($key, $selected) !== false);
-  }
-  return $html;
+function form_checkboxes($name, $label, $items, $selected)
+{
+    $html = form_element($label, '');
+    foreach ($items as $key => $item) {
+        $html .= form_checkbox($name . '_' . $key, $item, array_search($key, $selected) !== false);
+    }
+    return $html;
 }
 
 /**
  * Rendert eine Tabelle von Checkboxen für ein Formular
  *
- * @param
- *          names Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
- * @param
- *          label Die Beschriftung der gesamten Tabelle
- * @param
- *          items Array mit den Beschriftungen der Zeilen
- * @param
- *          selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo markierten Checkboxen ist
- * @param
- *          disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
+ * @param string[] $names    Assoziatives Array mit Namen der Checkboxen als Keys und Überschriften als Values
+ * @param string   $label    Die Beschriftung der gesamten Tabelle
+ * @param string[] $items    Array mit den Beschriftungen der Zeilen
+ * @param array[]  $selected Mehrdimensionales Array, wobei $selected[foo] ein Array der in der Datenreihe foo
+ *                           markierten Checkboxen ist
+ * @param array    $disabled Wie selected, nur dass die entsprechenden Checkboxen deaktiviert statt markiert sind
+ * @return string
  */
-function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []) {
-  $html = "<table><thead><tr>";
-  foreach ($names as $title) {
-    $html .= "<th>$title</th>";
-  }
-  $html .= "</tr></thead><tbody>";
-  foreach ($items as $key => $item) {
-    $html .= "<tr>";
-    foreach ($names as $name => $title) {
-      $dom_id = $name . '_' . $key;
-      $sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : "";
-      if (! empty($disabled) && ! empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) {
-        $sel .= ' disabled="disabled"';
-      }
-      $html .= '<td style="text-align: center;"><input type="checkbox" id="' . $dom_id . '" name="' . $name . '[]" value="' . $key . '"' . $sel . ' /></td>';
+function form_multi_checkboxes($names, $label, $items, $selected, $disabled = [])
+{
+    $html = '<table><thead><tr>';
+    foreach ($names as $title) {
+        $html .= '<th>' . $title . '</th>';
     }
-    $html .= '<td><label for="' . $dom_id . '">' . $item . '</label></td></tr>';
-  }
-  $html .= "</tbody></table>";
-  return form_element($label, $html);
+    $html .= '</tr></thead><tbody>';
+    foreach ($items as $key => $item) {
+        $html .= '<tr>';
+        $dom_id = '';
+        foreach ($names as $name => $title) {
+            $dom_id = $name . '_' . $key;
+            $sel = array_search($key, $selected[$name]) !== false ? ' checked="checked"' : '';
+            if (!empty($disabled) && !empty($disabled[$name]) && array_search($key, $disabled[$name]) !== false) {
+                $sel .= ' disabled="disabled"';
+            }
+            $html .= '<td style="text-align: center;">'
+                . '<input type="checkbox" id="' . $dom_id . '" name="' . $name . '[]" value="' . $key . '" ' . $sel . ' />'
+                . '</td>';
+        }
+        $html .= '<td><label for="' . $dom_id . '">' . $item . '</label></td></tr>';
+    }
+    $html .= '</tbody></table>';
+    return form_element($label, $html);
 }
 
 /**
  * Rendert eine Checkbox
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $selected
+ * @param string $value
+ * @return string
  */
-function form_checkbox($name, $label, $selected, $value = 'checked') {
-  return '<div class="checkbox"><label><input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /> ' . $label . '</label></div>';
+function form_checkbox($name, $label, $selected, $value = 'checked')
+{
+    return '<div class="checkbox"><label>'
+        . '<input type="checkbox" id="' . $name . '" name="' . $name . '" value="' . $value . '" '
+        . ($selected ? ' checked="checked"' : '') . ' /> '
+        . $label
+        . '</label></div>';
 }
 
 /**
  * Rendert einen Radio
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $selected
+ * @param string $value
+ * @return string
  */
-function form_radio($name, $label, $selected, $value) {
-  return '<div class="radio"><label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . $value . '"' . ($selected ? ' checked="checked"' : '') . ' /> ' . $label . '</label></div>';
+function form_radio($name, $label, $selected, $value)
+{
+    return '<div class="radio">'
+        . '<label><input type="radio" id="' . $name . '" name="' . $name . '" value="' . $value . '" '
+        . ($selected ? ' checked="checked"' : '') . ' /> '
+        . $label
+        . '</label></div>';
 }
 
 /**
  * Rendert einen Infotext in das Formular
+ *
+ * @param string $label
+ * @param string $text
+ * @return string
  */
-function form_info($label, $text = "") {
-  if ($label == "") {
-    return '<span class="help-block">' . glyph('info-sign') . $text . '</span>';
-  }
-  if ($text == "") {
-    return '<h4>' . $label . '</h4>';
-  }
-  return form_element($label, '<p class="form-control-static">' . $text . '</p>', '');
+function form_info($label, $text = '')
+{
+    if ($label == '') {
+        return '<span class="help-block">' . glyph('info-sign') . $text . '</span>';
+    }
+    if ($text == '') {
+        return '<h4>' . $label . '</h4>';
+    }
+    return form_element($label, '<p class="form-control-static">' . $text . '</p>', '');
 }
 
 /**
  * Rendert den Absenden-Button eines Formulars
+ *
+ * @param string $name
+ * @param string $label
+ * @return string
  */
-function form_submit($name, $label) {
-  return form_element('<input class="btn btn-primary" type="submit" name="' . $name . '" value="' . $label . '" />', "");
+function form_submit($name, $label)
+{
+    return form_element(
+        '<input class="btn btn-primary" type="submit" name="' . $name . '" value="' . $label . '" />',
+        ''
+    );
 }
 
 /**
  * Rendert ein Formular-Textfeld
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $value
+ * @param bool   $disabled
+ * @return string
  */
-function form_text($name, $label, $value, $disabled = false) {
-  $disabled = $disabled ? ' disabled="disabled"' : '';
-  return form_element($label, '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
+function form_text($name, $label, $value, $disabled = false)
+{
+    $disabled = $disabled ? ' disabled="disabled"' : '';
+    return form_element(
+        $label,
+        '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name
+        . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>',
+        'form_' . $name
+    );
 }
 
 /**
  * Renders a text input with placeholder instead of label.
  *
- * @param String $name
- *          Input name
- * @param String $placeholder
- *          Placeholder
- * @param String $value
- *          The value
- * @param Boolean $disabled
- *          Is the field enabled?
+ * @param String  $name        Input name
+ * @param String  $placeholder Placeholder
+ * @param String  $value       The value
+ * @param Boolean $disabled    Is the field enabled?
+ * @return string
  */
-function form_text_placeholder($name, $placeholder, $value, $disabled = false) {
-  $disabled = $disabled ? ' disabled="disabled"' : '';
-  return form_element('', '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" placeholder="' . $placeholder . '" ' . $disabled . '/>');
+function form_text_placeholder($name, $placeholder, $value, $disabled = false)
+{
+    $disabled = $disabled ? ' disabled="disabled"' : '';
+    return form_element('',
+        '<input class="form-control" id="form_' . $name . '" type="text" name="' . $name
+        . '" value="' . htmlspecialchars($value) . '" placeholder="' . $placeholder
+        . '" ' . $disabled . '/>'
+    );
 }
 
 /**
  * Rendert ein Formular-Emailfeld
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $value
+ * @param bool   $disabled
+ * @return string
  */
-function form_email($name, $label, $value, $disabled = false) {
-  $disabled = $disabled ? ' disabled="disabled"' : '';
-  return form_element($label, '<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
+function form_email($name, $label, $value, $disabled = false)
+{
+    $disabled = $disabled ? ' disabled="disabled"' : '';
+    return form_element(
+        $label,
+        '<input class="form-control" id="form_' . $name . '" type="email" name="' . $name . '" value="'
+        . htmlspecialchars($value) . '" ' . $disabled . '/>',
+        'form_' . $name
+    );
 }
 
 /**
  * Rendert ein Formular-Dateifeld
+ *
+ * @param string $name
+ * @param string $label
+ * @return string
  */
-function form_file($name, $label) {
-  return form_element($label, '<input id="form_' . $name . '" type="file" name="' . $name . '" />', 'form_' . $name);
+function form_file($name, $label)
+{
+    return form_element($label, '<input id="form_' . $name . '" type="file" name="' . $name . '" />', 'form_' . $name);
 }
 
 /**
  * Rendert ein Formular-Passwortfeld
+ *
+ * @param string $name
+ * @param string $label
+ * @param bool   $disabled
+ * @return string
  */
-function form_password($name, $label, $disabled = false) {
-  $disabled = $disabled ? ' disabled="disabled"' : '';
-  return form_element($label, '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>', 'form_' . $name);
+function form_password($name, $label, $disabled = false)
+{
+    $disabled = $disabled ? ' disabled="disabled"' : '';
+    return form_element(
+        $label,
+        '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" ' . $disabled . '/>',
+        'form_' . $name
+    );
 }
 
 /**
  * Renders a password input with placeholder instead of label.
+ *
+ * @param string $name
+ * @param string $placeholder
+ * @param bool   $disabled
+ * @return string
  */
-function form_password_placeholder($name, $placeholder, $disabled = false) {
-  $disabled = $disabled ? ' disabled="disabled"' : '';
-  return form_element('', '<input class="form-control" id="form_' . $name . '" type="password" name="' . $name . '" value="" placeholder="' . $placeholder . '" ' . $disabled . '/>', 'form_' . $name);
+function form_password_placeholder($name, $placeholder, $disabled = false)
+{
+    $disabled = $disabled ? ' disabled="disabled"' : '';
+    return form_element(
+        '',
+        '<input class="form-control" id="form_' . $name . '" type="password" name="'
+        . $name . '" value="" placeholder="' . $placeholder . '" ' . $disabled . '/>',
+        'form_' . $name
+    );
 }
 
 /**
  * Rendert ein Formular-Textfeld
+ *
+ * @param string $name
+ * @param string $label
+ * @param string $value
+ * @param bool   $disabled
+ * @return string
  */
-function form_textarea($name, $label, $value, $disabled = false) {
-  $disabled = $disabled ? ' disabled="disabled"' : '';
-  return form_element($label, '<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="' . $name . '" ' . $disabled . '>' . $value . '</textarea>', 'form_' . $name);
+function form_textarea($name, $label, $value, $disabled = false)
+{
+    $disabled = $disabled ? ' disabled="disabled"' : '';
+    return form_element(
+        $label,
+        '<textarea rows="5" class="form-control" id="form_' . $name . '" type="text" name="'
+        . $name . '" ' . $disabled . '>' . $value . '</textarea>',
+        'form_' . $name
+    );
 }
 
 /**
  * Rendert ein Formular-Auswahlfeld
+ *
+ * @param string   $name
+ * @param string   $label
+ * @param string[] $values
+ * @param string   $selected
+ * @return string
  */
-function form_select($name, $label, $values, $selected) {
-  return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name);
+function form_select($name, $label, $values, $selected)
+{
+    return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name);
 }
 
 /**
  * Rendert ein Formular-Element
+ *
+ * @param string $label
+ * @param string $input
+ * @param string $for
+ * @return string
  */
-function form_element($label, $input, $for = "") {
-  if ($label == '') {
-    return '<div class="form-group">' . $input . '</div>';
-  }
-  
-  return '<div class="form-group">' . '<label for="' . $for . '">' . $label . '</label>' . $input . '</div>';
+function form_element($label, $input, $for = '')
+{
+    if ($label == '') {
+        return '<div class="form-group">' . $input . '</div>';
+    }
+
+    return '<div class="form-group">' . '<label for="' . $for . '">' . $label . '</label>' . $input . '</div>';
 }
 
 /**
  * Rendert ein Formular
+ *
+ * @param string[] $elements
+ * @param string   $action
+ * @return string
  */
-function form($elements, $action = "") {
-  return '<form role="form" action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
+function form($elements, $action = '')
+{
+    return '<form role="form" action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
 }
 
-function html_options($name, $options, $selected = "") {
-  $html = "";
-  foreach ($options as $value => $label) {
-    $html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="' . $name . '" value="' . $value . '"> ' . $label;
-  }
-  
-  return $html;
-}
-
-function html_select_key($dom_id, $name, $rows, $selected) {
-  $html = '<select class="form-control" id="' . $dom_id . '" name="' . $name . '">';
-  foreach ($rows as $key => $row) {
-    if (($key == $selected) || ($row == $selected)) {
-      $html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
-    } else {
-      $html .= '<option value="' . $key . '">' . $row . '</option>';
+/**
+ * @param string   $name
+ * @param String[] $options
+ * @param string   $selected
+ * @return string
+ */
+function html_options($name, $options, $selected = '')
+{
+    $html = '';
+    foreach ($options as $value => $label) {
+        $html .= '<input type="radio"' . ($value == $selected ? ' checked="checked"' : '') . ' name="'
+            . $name . '" value="' . $value . '"> ' . $label;
     }
-  }
-  $html .= '</select>';
-  return $html;
+
+    return $html;
 }
 
-?>
+/**
+ * @param string   $dom_id
+ * @param string   $name
+ * @param string[] $rows
+ * @param string   $selected
+ * @return string
+ */
+function html_select_key($dom_id, $name, $rows, $selected)
+{
+    $html = '<select class="form-control" id="' . $dom_id . '" name="' . $name . '">';
+    foreach ($rows as $key => $row) {
+        if (($key == $selected) || ($row == $selected)) {
+            $html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
+        } else {
+            $html .= '<option value="' . $key . '">' . $row . '</option>';
+        }
+    }
+    $html .= '</select>';
+    return $html;
+}

includes/sys_log.php

@@ -4,36 +4,15 @@
  * Write a log entry.
  * This should be used to log user's activity.
  *
- * @param
- *          $message
+ * @param string $message
  */
-function engelsystem_log($message) {
-  global $user;
-  
-  $nick = "Guest";
-  if (isset($user)) {
-    $nick = User_Nick_render($user);
-  }
-  LogEntry_create($nick, $message);
-}
+function engelsystem_log($message)
+{
+    global $user;
 
-/**
- * Generates a PHP Stacktrace.
- */
-function debug_string_backtrace() {
-  ob_start();
-  debug_print_backtrace();
-  $trace = ob_get_contents();
-  ob_end_clean();
-  
-  // Remove first item from backtrace as it's this function which
-  // is redundant.
-  $trace = preg_replace('/^#0\s+' . __FUNCTION__ . "[^\n]*\n/", '', $trace, 1);
-  
-  // Renumber backtrace items.
-  // $trace = preg_replace('/^#(\d+)/me', '\'#\' . ($1 - 1)', $trace);
-  
-  return $trace;
+    $nick = "Guest";
+    if (isset($user)) {
+        $nick = User_Nick_render($user);
+    }
+    LogEntry_create($nick, $message);
 }
-
-?>

includes/sys_menu.php

@@ -1,185 +1,223 @@
 <?php
 use Engelsystem\UserHintsRenderer;
 
-function page_link_to($page = "") {
-  if ($page == "") {
-    return '?';
-  }
-  return '?p=' . $page;
+/**
+ * @param string $page
+ * @return string
+ */
+function page_link_to($page = '')
+{
+    if ($page == '') {
+        return '?';
+    }
+    return '?p=' . $page;
 }
 
-function page_link_to_absolute($page) {
-  return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI']) . page_link_to($page);
+/**
+ * @param string $page
+ * @return string
+ */
+function page_link_to_absolute($page)
+{
+    return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
+        . $_SERVER['HTTP_HOST']
+        . preg_replace("/\?.*$/", '', $_SERVER['REQUEST_URI'])
+        . page_link_to($page);
 }
 
 /**
  * Render the user hints
+ *
+ * @return string
  */
-function header_render_hints() {
-  global $user;
-  
-  $hints_renderer = new UserHintsRenderer();
-  
-  if (isset($user)) {
-    $hints_renderer->addHint(admin_new_questions());
-    $hints_renderer->addHint(user_angeltypes_unconfirmed_hint());
-    $hints_renderer->addHint(render_user_departure_date_hint());
-    $hints_renderer->addHint(user_driver_license_required_hint());
-    
-    // Important hints:
-    $hints_renderer->addHint(render_user_freeloader_hint(), true);
-    $hints_renderer->addHint(render_user_arrived_hint(), true);
-    $hints_renderer->addHint(render_user_tshirt_hint(), true);
-    $hints_renderer->addHint(render_user_dect_hint(), true);
-  }
-  
-  return $hints_renderer->render();
+function header_render_hints()
+{
+    global $user;
+
+    $hints_renderer = new UserHintsRenderer();
+
+    if (isset($user)) {
+        $hints_renderer->addHint(admin_new_questions());
+        $hints_renderer->addHint(user_angeltypes_unconfirmed_hint());
+        $hints_renderer->addHint(render_user_departure_date_hint());
+        $hints_renderer->addHint(user_driver_license_required_hint());
+
+        // Important hints:
+        $hints_renderer->addHint(render_user_freeloader_hint(), true);
+        $hints_renderer->addHint(render_user_arrived_hint(), true);
+        $hints_renderer->addHint(render_user_tshirt_hint(), true);
+        $hints_renderer->addHint(render_user_dect_hint(), true);
+    }
+
+    return $hints_renderer->render();
 }
 
 /**
  * Renders the header toolbar containing search, login/logout, user and settings links.
+ *
+ * @return string
  */
-function header_toolbar() {
-  global $page, $privileges, $user;
-  
-  $toolbar_items = [];
-  
-  if (isset($user)) {
-    $toolbar_items[] = toolbar_item_link(page_link_to('shifts') . '&amp;action=next', 'time', User_shift_state_render($user));
-  }
-  
-  if (! isset($user) && in_array('register', $privileges)) {
-    $toolbar_items[] = toolbar_item_link(page_link_to('register'), 'plus', register_title(), $page == 'register');
-  }
-  
-  if (in_array('login', $privileges)) {
-    $toolbar_items[] = toolbar_item_link(page_link_to('login'), 'log-in', login_title(), $page == 'login');
-  }
-  
-  if (isset($user) && in_array('user_messages', $privileges)) {
-    $toolbar_items[] = toolbar_item_link(page_link_to('user_messages'), 'envelope', user_unread_messages());
-  }
-  
-  $toolbar_items[] = header_render_hints();
-  if (in_array('user_myshifts', $privileges)) {
-    $toolbar_items[] = toolbar_item_link(page_link_to('users') . '&amp;action=view', ' icon-icon_angel', $user['Nick'], $page == 'users');
-  }
-  
-  $user_submenu = make_user_submenu();
-  if (count($user_submenu) > 0) {
-    $toolbar_items[] = toolbar_dropdown('', '', $user_submenu);
-  }
-  
-  return toolbar($toolbar_items, true);
+function header_toolbar()
+{
+    global $page, $privileges, $user;
+
+    $toolbar_items = [];
+
+    if (isset($user)) {
+        $toolbar_items[] = toolbar_item_link(
+            page_link_to('shifts') . '&amp;action=next',
+            'time',
+            User_shift_state_render($user)
+        );
+    }
+
+    if (!isset($user) && in_array('register', $privileges)) {
+        $toolbar_items[] = toolbar_item_link(page_link_to('register'), 'plus', register_title(), $page == 'register');
+    }
+
+    if (in_array('login', $privileges)) {
+        $toolbar_items[] = toolbar_item_link(page_link_to('login'), 'log-in', login_title(), $page == 'login');
+    }
+
+    if (isset($user) && in_array('user_messages', $privileges)) {
+        $toolbar_items[] = toolbar_item_link(page_link_to('user_messages'), 'envelope', user_unread_messages());
+    }
+
+    $toolbar_items[] = header_render_hints();
+    if (in_array('user_myshifts', $privileges)) {
+        $toolbar_items[] = toolbar_item_link(
+            page_link_to('users') . '&amp;action=view',
+            ' icon-icon_angel',
+            $user['Nick'],
+            $page == 'users'
+        );
+    }
+
+    $user_submenu = make_user_submenu();
+    if (count($user_submenu) > 0) {
+        $toolbar_items[] = toolbar_dropdown('', '', $user_submenu);
+    }
+
+    return toolbar($toolbar_items, true);
 }
 
-function make_user_submenu() {
-  global $privileges, $page;
-  
-  $user_submenu = make_langselect();
-  
-  if (in_array('user_settings', $privileges) || in_array('logout', $privileges)) {
-    $user_submenu[] = toolbar_item_divider();
-  }
-  
-  if (in_array('user_settings', $privileges)) {
-    $user_submenu[] = toolbar_item_link(page_link_to('user_settings'), 'list-alt', settings_title(), $page == 'user_settings');
-  }
-  
-  if (in_array('logout', $privileges)) {
-    $user_submenu[] = toolbar_item_link(page_link_to('logout'), 'log-out', logout_title(), $page == 'logout');
-  }
-  
-  return $user_submenu;
+/**
+ * @return array
+ */
+function make_user_submenu()
+{
+    global $privileges, $page;
+
+    $user_submenu = make_langselect();
+
+    if (in_array('user_settings', $privileges) || in_array('logout', $privileges)) {
+        $user_submenu[] = toolbar_item_divider();
+    }
+
+    if (in_array('user_settings', $privileges)) {
+        $user_submenu[] = toolbar_item_link(
+            page_link_to('user_settings'),
+            'list-alt',
+            settings_title(),
+            $page == 'user_settings'
+        );
+    }
+
+    if (in_array('logout', $privileges)) {
+        $user_submenu[] = toolbar_item_link(page_link_to('logout'), 'log-out', logout_title(), $page == 'logout');
+    }
+
+    return $user_submenu;
 }
 
-function make_navigation() {
-  global $page, $privileges;
-  
-  $menu = [];
-  $pages = [
-      "news" => news_title(),
-      "user_meetings" => meetings_title(),
-      "user_shifts" => shifts_title(),
-      "angeltypes" => angeltypes_title(),
-      "user_questions" => questions_title() 
-  ];
-  
-  foreach ($pages as $menu_page => $title) {
-    if (in_array($menu_page, $privileges)) {
-      $menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
+/**
+ * @return string
+ */
+function make_navigation()
+{
+    global $page, $privileges;
+
+    $menu = [];
+    $pages = [
+        'news'           => news_title(),
+        'user_meetings'  => meetings_title(),
+        'user_shifts'    => shifts_title(),
+        'angeltypes'     => angeltypes_title(),
+        'user_questions' => questions_title()
+    ];
+
+    foreach ($pages as $menu_page => $title) {
+        if (in_array($menu_page, $privileges)) {
+            $menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
+        }
     }
-  }
-  
-  $menu = make_room_navigation($menu);
-  
-  $admin_menu = [];
-  $admin_pages = [
-      "admin_arrive" => admin_arrive_title(),
-      "admin_active" => admin_active_title(),
-      "admin_user" => admin_user_title(),
-      "admin_free" => admin_free_title(),
-      "admin_questions" => admin_questions_title(),
-      "shifttypes" => shifttypes_title(),
-      "admin_shifts" => admin_shifts_title(),
-      "admin_rooms" => admin_rooms_title(),
-      "admin_groups" => admin_groups_title(),
-      "admin_import" => admin_import_title(),
-      "admin_log" => admin_log_title(),
-      "admin_event_config" => event_config_title() 
-  ];
-  
-  foreach ($admin_pages as $menu_page => $title) {
-    if (in_array($menu_page, $privileges)) {
-      $admin_menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
+
+    $menu = make_room_navigation($menu);
+
+    $admin_menu = [];
+    $admin_pages = [
+        'admin_arrive'       => admin_arrive_title(),
+        'admin_active'       => admin_active_title(),
+        'admin_user'         => admin_user_title(),
+        'admin_free'         => admin_free_title(),
+        'admin_questions'    => admin_questions_title(),
+        'shifttypes'         => shifttypes_title(),
+        'admin_shifts'       => admin_shifts_title(),
+        'admin_rooms'        => admin_rooms_title(),
+        'admin_groups'       => admin_groups_title(),
+        'admin_import'       => admin_import_title(),
+        'admin_log'          => admin_log_title(),
+        'admin_event_config' => event_config_title()
+    ];
+
+    foreach ($admin_pages as $menu_page => $title) {
+        if (in_array($menu_page, $privileges)) {
+            $admin_menu[] = toolbar_item_link(page_link_to($menu_page), '', $title, $menu_page == $page);
+        }
     }
-  }
-  
-  if (count($admin_menu) > 0) {
-    $menu[] = toolbar_dropdown('', _("Admin"), $admin_menu);
-  }
-  
-  return toolbar($menu);
+
+    if (count($admin_menu) > 0) {
+        $menu[] = toolbar_dropdown('', _('Admin'), $admin_menu);
+    }
+
+    return toolbar($menu);
 }
 
 /**
  * Adds room navigation to the given menu.
  *
- * @param string[] $menu
- *          Rendered menu
+ * @param string[] $menu Rendered menu
+ * @return string[]
  */
-function make_room_navigation($menu) {
-  global $privileges;
-  
-  if (! in_array('view_rooms', $privileges)) {
-    return $menu;
-  }
+function make_room_navigation($menu)
+{
+    global $privileges;
 
-  //get a list of all rooms
-  $rooms = Rooms(true);
-
-  $room_menu = [];
-  if (in_array('admin_rooms', $privileges)) {
-    $room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _("Manage rooms"));
-  }
-  if (count($room_menu) > 0) {
-    $room_menu[] = toolbar_item_divider();
-  }
-  foreach ($rooms as $room) {
-    if($room['show'] == 'Y' || // room is public
-        ($room['show'] != 'Y' && in_array('admin_rooms', $privileges)) // room is not public, but user can admin_rooms
-     ) {
-      $room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']);
+    if (!in_array('view_rooms', $privileges)) {
+        return $menu;
     }
-  }
-  if (count($room_menu > 0)) {
-    $menu[] = toolbar_dropdown('map-marker', _("Rooms"), $room_menu);
-  }
-  return $menu;
+
+    $rooms = Rooms();
+    $room_menu = [];
+    if (in_array('admin_rooms', $privileges)) {
+        $room_menu[] = toolbar_item_link(page_link_to('admin_rooms'), 'list', _('Manage rooms'));
+    }
+    if (count($room_menu) > 0) {
+        $room_menu[] = toolbar_item_divider();
+    }
+    foreach ($rooms as $room) {
+        $room_menu[] = toolbar_item_link(room_link($room), 'map-marker', $room['Name']);
+    }
+    if (count($room_menu) > 0) {
+        $menu[] = toolbar_dropdown('map-marker', _('Rooms'), $room_menu);
+    }
+    return $menu;
 }
 
-function make_menu() {
-  return make_navigation();
+/**
+ * @return string
+ */
+function make_menu()
+{
+    return make_navigation();
 }
-
-?>

includes/sys_page.php

@@ -8,184 +8,200 @@ use Engelsystem\ValidationResult;
 /**
  * Parse a date from da day and a time textfield.
  *
- * @param string $date_name
- *          Name of the textfield containing the day (format Y-m-d)
- * @param string $time_name
- *          Name of the textfield containing the time (format H:i)
- * @param string[] $allowed_days
- *          List of allowed days in format Y-m-d
- * @param int $default_value
- *          Default value unix timestamp
+ * @param string   $date_name     Name of the textfield containing the day (format Y-m-d)
+ * @param string   $time_name     Name of the textfield containing the time (format H:i)
+ * @param string[] $allowed_days  List of allowed days in format Y-m-d
+ * @param int      $default_value Default value unix timestamp
+ * @return int|null
  */
-function check_request_datetime($date_name, $time_name, $allowed_days, $default_value) {
-  $time = date("H:i", $default_value);
-  $day = date("Y-m-d", $default_value);
-  
-  if (isset($_REQUEST[$time_name]) && preg_match('#^\d{1,2}:\d\d$#', trim($_REQUEST[$time_name]))) {
-    $time = trim($_REQUEST[$time_name]);
-  }
-  if (isset($_REQUEST[$date_name]) && in_array($_REQUEST[$date_name], $allowed_days)) {
-    $day = $_REQUEST[$date_name];
-  }
-  
-  return parse_date("Y-m-d H:i", $day . " " . $time);
+function check_request_datetime($date_name, $time_name, $allowed_days, $default_value)
+{
+    $time = date('H:i', $default_value);
+    $day = date('Y-m-d', $default_value);
+
+    if (isset($_REQUEST[$time_name]) && preg_match('#^\d{1,2}:\d\d$#', trim($_REQUEST[$time_name]))) {
+        $time = trim($_REQUEST[$time_name]);
+    }
+    if (isset($_REQUEST[$date_name]) && in_array($_REQUEST[$date_name], $allowed_days)) {
+        $day = $_REQUEST[$date_name];
+    }
+
+    return parse_date('Y-m-d H:i', $day . ' ' . $time);
 }
 
 /**
  * Parse a date into unix timestamp
  *
- * @param string $pattern
- *          The date pattern (i.e. Y-m-d H:i)
- * @param string $value
- *          The string to parse
- * @return The parsed unix timestamp
+ * @param string $pattern The date pattern (i.e. Y-m-d H:i)
+ * @param string $value   The string to parse
+ * @return int|null The parsed unix timestamp
  */
-function parse_date($pattern, $value) {
-  $datetime = DateTime::createFromFormat($pattern, trim($value));
-  if ($datetime == null) {
-    return null;
-  }
-  return $datetime->getTimestamp();
+function parse_date($pattern, $value)
+{
+    $datetime = DateTime::createFromFormat($pattern, trim($value));
+    if ($datetime == null) {
+        return null;
+    }
+    return $datetime->getTimestamp();
 }
 
 /**
  * Leitet den Browser an die übergebene URL weiter und hält das Script an.
+ *
+ * @param string $url
  */
-function redirect($url) {
-  header("Location: " . $url, true, 302);
-  raw_output("");
+function redirect($url)
+{
+    header('Location: ' . $url, true, 302);
+    raw_output('');
 }
 
 /**
  * Echoes given output and dies.
  *
- * @param String $output
- *          String to display
+ * @param String $output String to display
  */
-function raw_output($output) {
-  echo $output;
-  die();
+function raw_output($output = '')
+{
+    echo $output;
+    die();
 }
 
 /**
  * Helper function for transforming list of entities into array for select boxes.
  *
- * @param array $data
- *          The data array
- * @param string $key_name
- *          name of the column to use as id/key
- * @param string $value_name
- *          name of the column to use as displayed value
+ * @param array  $data       The data array
+ * @param string $key_name   name of the column to use as id/key
+ * @param string $value_name name of the column to use as displayed value
+ *
+ * @return array
  */
-function select_array($data, $key_name, $value_name) {
-  $ret = [];
-  foreach ($data as $value) {
-    $ret[$value[$key_name]] = $value[$value_name];
-  }
-  return $ret;
+function select_array($data, $key_name, $value_name)
+{
+    $return = [];
+    foreach ($data as $value) {
+        $return[$value[$key_name]] = $value[$value_name];
+    }
+    return $return;
 }
 
 /**
  * Returns an int[] from given request param name.
  *
- * @param String $name
- *          Name of the request param
- * @param array<int> $default
- *          Default return value, if param is not set
+ * @param string $name    Name of the request param
+ * @param array  $default Default return value, if param is not set
+ * @return array
  */
-function check_request_int_array($name, $default = []) {
-  if (isset($_REQUEST[$name]) && is_array($_REQUEST[$name])) {
-    return array_filter($_REQUEST[$name], 'is_numeric');
-  }
-  return $default;
+function check_request_int_array($name, $default = [])
+{
+    if (isset($_REQUEST[$name]) && is_array($_REQUEST[$name])) {
+        return array_filter($_REQUEST[$name], 'is_numeric');
+    }
+    return $default;
 }
 
 /**
  * Checks if given request item (name) can be parsed to a date.
  * If not parsable, given error message is put into msg() and null is returned.
  *
- * @param string $input
- *          String to be parsed into a date.
- * @param string $error_message
- *          the error message displayed if $input is not parsable
- * @param boolean $null_allowed
- *          is a null value allowed?
+ * @param string  $name          to be parsed into a date.
+ * @param string  $error_message the error message displayed if $input is not parsable
+ * @param boolean $null_allowed  is a null value allowed?
  * @return ValidationResult containing the parsed date
  */
-function check_request_date($name, $error_message = null, $null_allowed = false) {
-  if (! isset($_REQUEST[$name])) {
-    return new ValidationResult($null_allowed, null);
-  }
-  return check_date($_REQUEST[$name], $error_message, $null_allowed);
+function check_request_date($name, $error_message = null, $null_allowed = false)
+{
+    if (!isset($_REQUEST[$name])) {
+        return new ValidationResult($null_allowed, null);
+    }
+    return check_date($_REQUEST[$name], $error_message, $null_allowed);
 }
 
 /**
  * Checks if given string can be parsed to a date.
  * If not parsable, given error message is put into msg() and null is returned.
  *
- * @param string $input
- *          String to be parsed into a date.
- * @param string $error_message
- *          the error message displayed if $input is not parsable
- * @param boolean $null_allowed
- *          is a null value allowed?
+ * @param string  $input         String to be parsed into a date.
+ * @param string  $error_message the error message displayed if $input is not parsable
+ * @param boolean $null_allowed  is a null value allowed?
  * @return ValidationResult containing the parsed date
  */
-function check_date($input, $error_message = null, $null_allowed = false) {
-  if ($tmp = parse_date("Y-m-d H:i", trim($input) . " 00:00")) {
-    return new ValidationResult(true, $tmp);
-  }
-  if ($null_allowed) {
-    return new ValidationResult(true, null);
-  }
-  
-  error($error_message);
-  return new ValidationResult(false, null);
+function check_date($input, $error_message = null, $null_allowed = false)
+{
+    if ($tmp = parse_date('Y-m-d H:i', trim($input) . ' 00:00')) {
+        return new ValidationResult(true, $tmp);
+    }
+    if ($null_allowed) {
+        return new ValidationResult(true, null);
+    }
+
+    error($error_message);
+    return new ValidationResult(false, null);
 }
 
 /**
  * Returns REQUEST value filtered or default value (null) if not set.
+ *
+ * @param string $name
+ * @param string $default_value
+ * @return mixed|null
  */
-function strip_request_item($name, $default_value = null) {
-  if (isset($_REQUEST[$name])) {
-    return strip_item($_REQUEST[$name]);
-  }
-  return $default_value;
+function strip_request_item($name, $default_value = null)
+{
+    if (isset($_REQUEST[$name])) {
+        return strip_item($_REQUEST[$name]);
+    }
+    return $default_value;
 }
 
 /**
  * Testet, ob der angegebene REQUEST Wert ein Integer ist, bzw.
  * eine ID sein könnte.
+ *
+ * @param string $name
+ * @return int|false
  */
-function test_request_int($name) {
-  if (isset($_REQUEST[$name])) {
-    return preg_match("/^[0-9]*$/", $_REQUEST[$name]);
-  }
-  return false;
+function test_request_int($name)
+{
+    if (isset($_REQUEST[$name])) {
+        return preg_match('/^\d*$/', $_REQUEST[$name]);
+    }
+    return false;
 }
 
 /**
  * Gibt den gefilterten REQUEST Wert mit Zeilenumbrüchen zurück
+ *
+ * @param string $name
+ * @param mixed  $default_value
+ * @return mixed
  */
-function strip_request_item_nl($name, $default_value = null) {
-  if (isset($_REQUEST[$name])) {
-    return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($_REQUEST[$name]));
-  }
-  return $default_value;
+function strip_request_item_nl($name, $default_value = null)
+{
+    if (isset($_REQUEST[$name])) {
+        return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+\n]{1,})/ui", '', strip_tags($_REQUEST[$name]));
+    }
+    return $default_value;
 }
 
 /**
  * Entfernt unerwünschte Zeichen
+ *
+ * @param string $item
+ * @return string
  */
-function strip_item($item) {
-  return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+]{1,})/ui", '', strip_tags($item));
+function strip_item($item)
+{
+    return preg_replace("/([^\p{L}\p{S}\p{P}\p{Z}\p{N}+]{1,})/ui", '', strip_tags($item));
 }
 
 /**
  * Überprüft eine E-Mail-Adresse.
+ *
+ * @param string $email
+ * @return bool
  */
-function check_email($email) {
-  return (bool) filter_var($email, FILTER_VALIDATE_EMAIL);
+function check_email($email)
+{
+    return (bool)filter_var($email, FILTER_VALIDATE_EMAIL);
 }
-
-?>

includes/sys_template.php

@@ -4,116 +4,192 @@
  * Liste der verfügbaren Themes
  */
 $themes = [
-    '4' => "Engelsystem 33c3 (2016)",
-    '3' => "Engelsystem 32c3 (2015)",
-    "2" => "Engelsystem cccamp15",
-    "0" => "Engelsystem light",
-    "1" => "Engelsystem dark" 
+    '4' => 'Engelsystem 33c3 (2016)',
+    '3' => 'Engelsystem 32c3 (2015)',
+    '2' => 'Engelsystem cccamp15',
+    '0' => 'Engelsystem light',
+    '1' => 'Engelsystem dark'
 ];
 
 /**
  * Display muted (grey) text.
  *
- * @param string $text          
+ * @param string $text
+ * @return string
  */
-function mute($text) {
-  return '<span class="text-muted">' . $text . '</span>';
+function mute($text)
+{
+    return '<span class="text-muted">' . $text . '</span>';
 }
 
 /**
  * Renders a bootstrap label with given content and class.
  *
- * @param string $content
- *          The text
- * @param string $class
- *          default, primary, info, success, warning, danger
+ * @param string $content The text
+ * @param string $class   default, primary, info, success, warning, danger
+ * @return string
  */
-function label($content, $class = 'default') {
-  return '<span class="label label-' . $class . '">' . $content . '</span>';
+function label($content, $class = 'default')
+{
+    return '<span class="label label-' . $class . '">' . $content . '</span>';
 }
 
-function progress_bar($valuemin, $valuemax, $valuenow, $class = '', $content = '') {
-  return '<div class="progress"><div class="progress-bar ' . $class . '" role="progressbar" aria-valuenow="' . $valuenow . '" aria-valuemin="' . $valuemin . '" aria-valuemax="' . $valuemax . '" style="width: ' . floor(($valuenow - $valuemin) * 100 / ($valuemax - $valuemin)) . '%">' . $content . '</div></div>';
+/**
+ * @param int    $valuemin
+ * @param int    $valuemax
+ * @param int    $valuenow
+ * @param string $class
+ * @param string $content
+ * @return string
+ */
+function progress_bar($valuemin, $valuemax, $valuenow, $class = '', $content = '')
+{
+    return '<div class="progress">'
+        . '<div class="progress-bar ' . $class . '" role="progressbar" '
+        . 'aria-valuenow="' . $valuenow . '" aria-valuemin="' . $valuemin . '" aria-valuemax="' . $valuemax . '" '
+        . 'style="width: ' . floor(($valuenow - $valuemin) * 100 / ($valuemax - $valuemin)) . '%"'
+        . '>'
+        . $content . ''
+        . '</div>'
+        . '</div>';
 }
 
 /**
  * Render glyphicon
  *
- * @param string $glyph_name          
+ * @param string $glyph_name
+ * @return string
  */
-function glyph($glyph_name) {
-  return ' <span class="glyphicon glyphicon-' . $glyph_name . '"></span> ';
+function glyph($glyph_name)
+{
+    return ' <span class="glyphicon glyphicon-' . $glyph_name . '"></span> ';
 }
 
 /**
  * Renders a tick or a cross by given boolean
  *
- * @param boolean $boolean          
+ * @param boolean $boolean
+ * @return string
  */
-function glyph_bool($boolean) {
-  return '<span class="text-' . ($boolean ? 'success' : 'danger') . '">' . glyph($boolean ? 'ok' : 'remove') . '</span>';
+function glyph_bool($boolean)
+{
+    return '<span class="text-' . ($boolean ? 'success' : 'danger') . '">' . glyph($boolean ? 'ok' : 'remove') . '</span>';
 }
 
-function div($class, $content = [], $dom_id = "") {
-  if (is_array($content)) {
-    $content = join("\n", $content);
-  }
-  $dom_id = $dom_id != '' ? ' id="' . $dom_id . '"' : '';
-  return '<div' . $dom_id . ' class="' . $class . '">' . $content . '</div>';
+/**
+ * @param string $class
+ * @param array  $content
+ * @param string $dom_id
+ * @return string
+ */
+function div($class, $content = [], $dom_id = '')
+{
+    if (is_array($content)) {
+        $content = join("\n", $content);
+    }
+    $dom_id = $dom_id != '' ? ' id="' . $dom_id . '"' : '';
+    return '<div' . $dom_id . ' class="' . $class . '">' . $content . '</div>';
 }
 
-function heading($content, $number = 1) {
-  return "<h" . $number . ">" . $content . "</h" . $number . ">";
+/**
+ * @param string $content
+ * @param int    $number
+ * @return string
+ */
+function heading($content, $number = 1)
+{
+    return '<h' . $number . '>' . $content . '</h' . $number . '>';
 }
 
 /**
  * Render a toolbar.
  *
- * @param array $items          
+ * @param array $items
+ * @param bool  $right
  * @return string
  */
-function toolbar($items = [], $right = false) {
-  return '<ul class="nav navbar-nav' . ($right ? ' navbar-right' : '') . '">' . join("\n", $items) . '</ul>';
+function toolbar($items = [], $right = false)
+{
+    return '<ul class="nav navbar-nav' . ($right ? ' navbar-right' : '') . '">' . join("\n", $items) . '</ul>';
 }
 
-function toolbar_pills($items) {
-  return '<ul class="nav nav-pills">' . join("\n", $items) . '</ul>';
+/**
+ * @param string[] $items
+ * @return string
+ */
+function toolbar_pills($items)
+{
+    return '<ul class="nav nav-pills">' . join("\n", $items) . '</ul>';
 }
 
 /**
  * Render a link for a toolbar.
  *
- * @param string $href          
- * @param string $glyphicon          
- * @param string $label          
- * @param bool $selected          
+ * @param string $href
+ * @param string $glyphicon
+ * @param string $label
+ * @param bool   $selected
  * @return string
  */
-function toolbar_item_link($href, $glyphicon, $label, $selected = false) {
-  return '<li class="' . ($selected ? 'active' : '') . '"><a href="' . $href . '">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . '</a></li>';
+function toolbar_item_link($href, $glyphicon, $label, $selected = false)
+{
+    return '<li class="' . ($selected ? 'active' : '') . '">'
+        . '<a href="' . $href . '">'
+        . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '')
+        . $label
+        . '</a>'
+        . '</li>';
 }
 
-function toolbar_item_divider() {
-  return '<li class="divider"></li>';
+/**
+ * @return string
+ */
+function toolbar_item_divider()
+{
+    return '<li class="divider"></li>';
 }
 
-function toolbar_dropdown($glyphicon, $label, $submenu, $class = '') {
-  return '<li class="dropdown ' . $class . '">
-          <a href="#" class="dropdown-toggle" data-toggle="dropdown">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a>
-          <ul class="dropdown-menu" role="menu">' . join("\n", $submenu) . '</ul></li>';
+/**
+ * @param string $glyphicon
+ * @param string $label
+ * @param array  $submenu
+ * @param string $class
+ * @return string
+ */
+function toolbar_dropdown($glyphicon, $label, $submenu, $class = '')
+{
+    return '<li class="dropdown ' . $class . '">
+          <a href="#" class="dropdown-toggle" data-toggle="dropdown">'
+        . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '')
+        . $label
+        . ' <span class="caret"></span></a>
+          <ul class="dropdown-menu" role="menu">'
+        . join("\n", $submenu)
+        . '</ul></li>';
 }
 
-function toolbar_popover($glyphicon, $label, $content, $class = '') {
-  $dom_id = md5(microtime() . $glyphicon . $label);
-  return '<li class="dropdown messages ' . $class . '">
-          <a id="' . $dom_id . '" href="#" tabindex="0">' . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '') . $label . ' <span class="caret"></span></a>
+/**
+ * @param string   $glyphicon
+ * @param string   $label
+ * @param string[] $content
+ * @param string   $class
+ * @return string
+ */
+function toolbar_popover($glyphicon, $label, $content, $class = '')
+{
+    $dom_id = md5(microtime() . $glyphicon . $label);
+    return '<li class="dropdown messages ' . $class . '">
+          <a id="' . $dom_id . '" href="#" tabindex="0">'
+        . ($glyphicon != '' ? '<span class="glyphicon glyphicon-' . $glyphicon . '"></span> ' : '')
+        . $label
+        . ' <span class="caret"></span></a>
           <script type="text/javascript">
           $(function(){
               $("#' . $dom_id . '").popover({
-                  trigger: "focus", 
-                  html: true, 
-                  content: "' . addslashes(join('', $content)) . '", 
-                  placement: "bottom", 
+                  trigger: "focus",
+                  html: true,
+                  content: "' . addslashes(join('', $content)) . '",
+                  placement: "bottom",
                   container: "#navbar-collapse-1"
               })
           });
@@ -124,155 +200,222 @@ function toolbar_popover($glyphicon, $label, $content, $class = '') {
 /**
  * Generiert HTML Code für eine "Seite".
  * Fügt dazu die übergebenen Elemente zusammen.
+ *
+ * @param string[] $elements
+ * @return string
  */
-function page($elements) {
-  return join($elements);
+function page($elements)
+{
+    return join($elements);
 }
 
 /**
  * Generiert HTML Code für eine "Seite" mit zentraler Überschrift
  * Fügt dazu die übergebenen Elemente zusammen.
+ *
+ * @param string   $title
+ * @param string[] $elements
+ * @return string
  */
-function page_with_title($title, $elements) {
-  return '<div class="col-md-12"><h1>' . $title . '</h1>' . join($elements) . '</div>';
+function page_with_title($title, $elements)
+{
+    return '<div class="col-md-12"><h1>' . $title . '</h1>' . join($elements) . '</div>';
 }
 
 /**
  * Rendert eine Datentabelle
+ *
+ * @param array|string $columns
+ * @param array[]      $rows_raw
+ * @param bool         $data
+ * @return string
  */
-function table($columns, $rows_raw, $data = true) {
-  // If only one column is given
-  if (! is_array($columns)) {
-    $rows = [];
-    foreach ($rows_raw as $row) {
-      $rows[] = [
-          'col' => $row 
-      ];
+function table($columns, $rows_raw, $data = true)
+{
+    // If only one column is given
+    if (!is_array($columns)) {
+        $rows = [];
+        foreach ($rows_raw as $row) {
+            $rows[] = [
+                'col' => $row
+            ];
+        }
+        return render_table([
+            'col' => $columns
+        ], $rows, $data);
     }
-    return render_table([
-        'col' => $columns 
-    ], $rows, $data);
-  }
-  
-  return render_table($columns, $rows_raw, $data);
+
+    return render_table($columns, $rows_raw, $data);
 }
 
 /**
  * Helper for rendering a html-table.
  * use table()
+ *
+ * @param string[] $columns
+ * @param array[]  $rows
+ * @param bool     $data
+ * @return string
  */
-function render_table($columns, $rows, $data = true) {
-  if (count($rows) == 0) {
-    return info(_("No data found."), true);
-  }
-  
-  $html = '<table class="table table-striped' . ($data ? ' data' : '') . '">';
-  $html .= '<thead><tr>';
-  foreach ($columns as $key => $column) {
-    $html .= '<th class="column_' . $key . '">' . $column . '</th>';
-  }
-  $html .= '</tr></thead>';
-  $html .= '<tbody>';
-  foreach ($rows as $row) {
-    $html .= '<tr>';
-    foreach ($columns as $key => $column) {
-      $value = "&nbsp;";
-      if (isset($row[$key])) {
-        $value = $row[$key];
-      }
-      $html .= '<td class="column_' . $key . '">' . $value . '</td>';
+function render_table($columns, $rows, $data = true)
+{
+    if (count($rows) == 0) {
+        return info(_('No data found.'), true);
     }
-    $html .= '</tr>';
-  }
-  $html .= '</tbody>';
-  $html .= '</table>';
-  return $html;
+
+    $html = '<table class="table table-striped' . ($data ? ' data' : '') . '">';
+    $html .= '<thead><tr>';
+    foreach ($columns as $key => $column) {
+        $html .= '<th class="column_' . $key . '">' . $column . '</th>';
+    }
+    $html .= '</tr></thead>';
+    $html .= '<tbody>';
+    foreach ($rows as $row) {
+        $html .= '<tr>';
+        foreach ($columns as $key => $column) {
+            $value = "&nbsp;";
+            if (isset($row[$key])) {
+                $value = $row[$key];
+            }
+            $html .= '<td class="column_' . $key . '">' . $value . '</td>';
+        }
+        $html .= '</tr>';
+    }
+    $html .= '</tbody>';
+    $html .= '</table>';
+    return $html;
 }
 
 /**
  * Rendert einen Knopf
+ *
+ * @param string $href
+ * @param string $label
+ * @param string $class
+ * @return string
  */
-function button($href, $label, $class = "") {
-  return '<a href="' . $href . '" class="btn btn-default ' . $class . '">' . $label . '</a>';
+function button($href, $label, $class = '')
+{
+    return '<a href="' . $href . '" class="btn btn-default ' . $class . '">' . $label . '</a>';
 }
 
 /**
  * Rendert einen Knopf mit Glyph
+ *
+ * @param string $href
+ * @param string $glyph
+ * @param string $class
+ * @return string
  */
-function button_glyph($href, $glyph, $class = "") {
-  return button($href, glyph($glyph), $class);
+function button_glyph($href, $glyph, $class = '')
+{
+    return button($href, glyph($glyph), $class);
 }
 
 /**
  * Rendert eine Toolbar mit Knöpfen
+ *
+ * @param array $buttons
+ * @return string
  */
-function buttons($buttons = []) {
-  return '<div class="form-group">' . table_buttons($buttons) . '</div>';
+function buttons($buttons = [])
+{
+    return '<div class="form-group">' . table_buttons($buttons) . '</div>';
 }
 
-function table_buttons($buttons = []) {
-  return '<div class="btn-group">' . join(' ', $buttons) . '</div>';
+/**
+ * @param array $buttons
+ * @return string
+ */
+function table_buttons($buttons = [])
+{
+    return '<div class="btn-group">' . join(' ', $buttons) . '</div>';
 }
 
-// Load and render template
-function template_render($file, $data) {
-  if (file_exists($file)) {
-    $template = file_get_contents($file);
-    if (is_array($data)) {
-      foreach ($data as $name => $content) {
-        $template = str_replace("%" . $name . "%", $content, $template);
-      }
+/**
+ * Load and render template
+ *
+ * @param string $file
+ * @param string $data
+ * @return string
+ */
+function template_render($file, $data)
+{
+    if (file_exists($file)) {
+        $template = file_get_contents($file);
+        if (is_array($data)) {
+            foreach ($data as $name => $content) {
+                $template = str_replace('%' . $name . '%', $content, $template);
+            }
+        }
+        return $template;
     }
-    return $template;
-  }
-  engelsystem_error("Cannot find template file &laquo;" . $file . "&raquo;.");
+    engelsystem_error('Cannot find template file &laquo;' . $file . '&raquo;.');
+    return '';
 }
 
-function shorten($str, $length = 50) {
-  if (strlen($str) < $length) {
-    return $str;
-  }
-  return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">' . substr($str, 0, $length - 3) . '...</span>';
-}
-
-function table_body($array) {
-  $html = "";
-  foreach ($array as $line) {
-    $html .= "<tr>";
-    if (is_array($line)) {
-      foreach ($line as $td) {
-        $html .= "<td>" . $td . "</td>";
-      }
-    } else {
-      $html .= "<td>" . $line . "</td>";
+/**
+ * @param string $str
+ * @param int    $length
+ * @return string
+ */
+function shorten($str, $length = 50)
+{
+    if (strlen($str) < $length) {
+        return $str;
     }
-    $html .= "</tr>";
-  }
-  return $html;
+    return '<span title="' . htmlentities($str, ENT_COMPAT, 'UTF-8') . '">'
+        . substr($str, 0, $length - 3)
+        . '...</span>';
 }
 
-function ReplaceSmilies($neueckig) {
-  $neueckig = str_replace(";o))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
-  $neueckig = str_replace(":-))", "<img src=\"pic/smiles/icon_redface.gif\">", $neueckig);
-  $neueckig = str_replace(";o)", "<img src=\"pic/smiles/icon_wind.gif\">", $neueckig);
-  $neueckig = str_replace(":)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
-  $neueckig = str_replace(":-)", "<img src=\"pic/smiles/icon_smile.gif\">", $neueckig);
-  $neueckig = str_replace(":(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-  $neueckig = str_replace(":-(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-  $neueckig = str_replace(":o(", "<img src=\"pic/smiles/icon_sad.gif\">", $neueckig);
-  $neueckig = str_replace(":o)", "<img src=\"pic/smiles/icon_lol.gif\">", $neueckig);
-  $neueckig = str_replace(";o(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-  $neueckig = str_replace(";(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-  $neueckig = str_replace(";-(", "<img src=\"pic/smiles/icon_cry.gif\">", $neueckig);
-  $neueckig = str_replace("8)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
-  $neueckig = str_replace("8o)", "<img src=\"pic/smiles/icon_rolleyes.gif\">", $neueckig);
-  $neueckig = str_replace(":P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-  $neueckig = str_replace(":-P", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-  $neueckig = str_replace(":oP", "<img src=\"pic/smiles/icon_evil.gif\">", $neueckig);
-  $neueckig = str_replace(";P", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
-  $neueckig = str_replace(";oP", "<img src=\"pic/smiles/icon_mad.gif\">", $neueckig);
-  $neueckig = str_replace("?)", "<img src=\"pic/smiles/icon_question.gif\">", $neueckig);
-  
-  return $neueckig;
+/**
+ * @param array[] $array
+ * @return string
+ */
+function table_body($array)
+{
+    $html = '';
+    foreach ($array as $line) {
+        $html .= '<tr>';
+        if (is_array($line)) {
+            foreach ($line as $td) {
+                $html .= '<td>' . $td . '</td>';
+            }
+        } else {
+            $html .= '<td>' . $line . '</td>';
+        }
+        $html .= '</tr>';
+    }
+    return $html;
+}
+
+/**
+ * @param string $msg
+ * @return mixed
+ */
+function ReplaceSmilies($msg)
+{
+    $msg = str_replace(';o))', '<img src="pic/smiles/icon_redface.gif">', $msg);
+    $msg = str_replace(':-))', '<img src="pic/smiles/icon_redface.gif">', $msg);
+    $msg = str_replace(';o)', '<img src="pic/smiles/icon_wind.gif">', $msg);
+    $msg = str_replace(':)', '<img src="pic/smiles/icon_smile.gif">', $msg);
+    $msg = str_replace(':-)', '<img src="pic/smiles/icon_smile.gif">', $msg);
+    $msg = str_replace(':(', '<img src="pic/smiles/icon_sad.gif">', $msg);
+    $msg = str_replace(':-(', '<img src="pic/smiles/icon_sad.gif">', $msg);
+    $msg = str_replace(':o(', '<img src="pic/smiles/icon_sad.gif">', $msg);
+    $msg = str_replace(':o)', '<img src="pic/smiles/icon_lol.gif">', $msg);
+    $msg = str_replace(';o(', '<img src="pic/smiles/icon_cry.gif">', $msg);
+    $msg = str_replace(';(', '<img src="pic/smiles/icon_cry.gif">', $msg);
+    $msg = str_replace(';-(', '<img src="pic/smiles/icon_cry.gif">', $msg);
+    $msg = str_replace('8)', '<img src="pic/smiles/icon_rolleyes.gif">', $msg);
+    $msg = str_replace('8o)', '<img src="pic/smiles/icon_rolleyes.gif">', $msg);
+    $msg = str_replace(':P', '<img src="pic/smiles/icon_evil.gif">', $msg);
+    $msg = str_replace(':-P', '<img src="pic/smiles/icon_evil.gif">', $msg);
+    $msg = str_replace(':oP', '<img src="pic/smiles/icon_evil.gif">', $msg);
+    $msg = str_replace(';P', '<img src="pic/smiles/icon_mad.gif">', $msg);
+    $msg = str_replace(';oP', '<img src="pic/smiles/icon_mad.gif">', $msg);
+    $msg = str_replace('?)', '<img src="pic/smiles/icon_question.gif">', $msg);
+
+    return $msg;
 }
-?>

includes/view/AngelTypes_view.php

@@ -7,323 +7,455 @@
 /**
  * Renders the angeltypes name as link.
  *
- * @param AngelType $angeltype          
+ * @param array $angeltype
+ * @return string
  */
-function AngelType_name_render($angeltype) {
-  return '<a href="' . angeltype_link($angeltype['id']) . '">' . ($angeltype['restricted'] ? glyph('lock') : '') . $angeltype['name'] . '</a>';
+function AngelType_name_render($angeltype)
+{
+    return '<a href="' . angeltype_link($angeltype['id']) . '">' . ($angeltype['restricted'] ? glyph('lock') : '') . $angeltype['name'] . '</a>';
 }
 
 /**
  * Render angeltype membership state
  *
- * @param UserAngelType $user_angeltype
- *          UserAngelType and AngelType
+ * @param array $user_angeltype UserAngelType and AngelType
  * @return string
  */
-function AngelType_render_membership($user_angeltype) {
-  if ($user_angeltype['user_angeltype_id'] != null) {
-    if ($user_angeltype['restricted']) {
-      if ($user_angeltype['confirm_user_id'] == null) {
-        return glyph('lock') . _("Unconfirmed");
-      } elseif ($user_angeltype['supporter']) {
-        return glyph_bool(true) . _("supporter");
-      }
-      return glyph_bool(true) . _("Member");
-    } elseif ($user_angeltype['supporter']) {
-      return glyph_bool(true) . _("supporter");
+function AngelType_render_membership($user_angeltype)
+{
+    if ($user_angeltype['user_angeltype_id'] != null) {
+        if ($user_angeltype['restricted']) {
+            if ($user_angeltype['confirm_user_id'] == null) {
+                return glyph('lock') . _('Unconfirmed');
+            } elseif ($user_angeltype['supporter']) {
+                return glyph_bool(true) . _('supporter');
+            }
+            return glyph_bool(true) . _('Member');
+        } elseif ($user_angeltype['supporter']) {
+            return glyph_bool(true) . _('supporter');
+        }
+        return glyph_bool(true) . _('Member');
     }
-    return glyph_bool(true) . _("Member");
-  }
-  return glyph_bool(false);
+    return glyph_bool(false);
 }
 
-function AngelType_delete_view($angeltype) {
-  return page_with_title(sprintf(_("Delete angeltype %s"), $angeltype['name']), [
-      info(sprintf(_("Do you want to delete angeltype %s?"), $angeltype['name']), true),
-      buttons([
-          button(page_link_to('angeltypes'), _("cancel"), 'cancel'),
-          button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed', _("delete"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $angeltype
+ * @return string
+ */
+function AngelType_delete_view($angeltype)
+{
+    return page_with_title(sprintf(_('Delete angeltype %s'), $angeltype['name']), [
+        info(sprintf(_('Do you want to delete angeltype %s?'), $angeltype['name']), true),
+        buttons([
+            button(page_link_to('angeltypes'), _('cancel'), 'cancel'),
+            button(
+                page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'] . '&confirmed',
+                _('delete'),
+                'ok'
+            )
+        ])
+    ]);
 }
 
 /**
  * Render angeltype edit form.
  *
- * @param Angeltype $angeltype
- *          The angeltype to edit
- * @param boolean $supporter_mode
- *          Is the user a supporter of this angeltype?
+ * @param array   $angeltype      The angeltype to edit
+ * @param boolean $supporter_mode Is the user a supporter of this angeltype?
+ * @return string
  */
-function AngelType_edit_view($angeltype, $supporter_mode) {
-  $contact_info = AngelType_contact_info($angeltype);
-  return page_with_title(sprintf(_("Edit %s"), $angeltype['name']), [
-      buttons([
-          button(page_link_to('angeltypes'), _("Angeltypes"), 'back') 
-      ]),
-      msg(),
-      form([
-          $supporter_mode ? form_info(_("Name"), $angeltype['name']) : form_text('name', _("Name"), $angeltype['name']),
-          $supporter_mode ? form_info(_("Restricted"), $angeltype['restricted'] ? _("Yes") : _("No")) : form_checkbox('restricted', _("Restricted"), $angeltype['restricted']),
-          $supporter_mode ? form_info(_("No Self Sign Up"), $angeltype['no_self_signup'] ? _("Yes") : _("No")) : form_checkbox('no_self_signup', _("No Self Sign Up"), $angeltype['no_self_signup']),
-          $supporter_mode ? form_info(_("Requires driver license"), $angeltype['requires_driver_license'] ? _("Yes") : _("No")) : form_checkbox('requires_driver_license', _("Requires driver license"), $angeltype['requires_driver_license']),
-          //form_text('contact_name', _("Name"), $angeltype['contact_name']),
-          //form_text('contact_dect', _("DECT"), $angeltype['contact_dect']),
-          //form_text('contact_email', _("E-Mail"), $angeltype['contact_email']),
-          form_info("", _("Restricted angel types can only be used by an angel if enabled by a supporter (double opt-in).")),
-          form_textarea('description', _("Description"), $angeltype['description']),
-          form_info("", _("Please use markdown for the description.")),
-          form_submit('submit', _("Save")) 
-      ]) 
-  ]);
+function AngelType_edit_view($angeltype, $supporter_mode)
+{
+    $contact_info = AngelType_contact_info($angeltype);
+    return page_with_title(sprintf(_('Edit %s'), $angeltype['name']), [
+        buttons([
+            button(page_link_to('angeltypes'), _('Angeltypes'), 'back')
+        ]),
+        msg(),
+        form([
+            $supporter_mode
+                ? form_info(_('Name'), $angeltype['name'])
+                : form_text('name', _('Name'), $angeltype['name']),
+            $supporter_mode
+                ? form_info(_('Restricted'), $angeltype['restricted'] ? _('Yes') : _('No'))
+                : form_checkbox('restricted', _('Restricted'), $angeltype['restricted']),
+            $supporter_mode
+                ? form_info(_('No Self Sign Up'), $angeltype['no_self_signup'] ? _('Yes') : _('No'))
+                : form_checkbox('no_self_signup', _('No Self Sign Up'), $angeltype['no_self_signup']),
+            $supporter_mode
+                ? form_info(_('Requires driver license'), $angeltype['requires_driver_license'] ? _('Yes') : _('No'))
+                : form_checkbox(
+                'requires_driver_license',
+                _('Requires driver license'),
+                $angeltype['requires_driver_license']
+            ),
+            //form_text('contact_name', _('Name'), $angeltype['contact_name']),
+            //form_text('contact_dect', _('DECT'), $angeltype['contact_dect']),
+            //form_text('contact_email', _('E-Mail'), $angeltype['contact_email']),
+            form_info(
+                '',
+                _('Restricted angel types can only be used by an angel if enabled by a supporter (double opt-in).')
+            ),
+            form_textarea('description', _('Description'), $angeltype['description']),
+            form_info('', _('Please use markdown for the description.')),
+            form_submit('submit', _('Save'))
+        ])
+    ]);
 }
 
 /**
  * Renders the buttons for the angeltype view.
+ *
+ * @param array      $angeltype
+ * @param array|null $user_angeltype
+ * @param bool       $admin_angeltypes
+ * @param bool       $supporter
+ * @param array|null $user_driver_license
+ * @param array|null $user
+ * @return string
  */
-function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user) {
-  $buttons = [
-      button(page_link_to('angeltypes'), _("Angeltypes"), 'back') 
-  ];
-  
-  if ($angeltype['requires_driver_license']) {
-    $buttons[] = button(user_driver_license_edit_link($user), glyph("road") . _("my driving license"));
-  }
-  
-  if ($user_angeltype == null) {
-    $buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
-  } else {
-    if ($angeltype['requires_driver_license'] && $user_driver_license == null) {
-      error(_("This angeltype requires a driver license. Please enter your driver license information!"));
+function AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user)
+{
+    $buttons = [
+        button(page_link_to('angeltypes'), _('Angeltypes'), 'back')
+    ];
+
+    if ($angeltype['requires_driver_license']) {
+        $buttons[] = button(user_driver_license_edit_link($user), glyph('road') . _('my driving license'));
     }
-    
-    if ($angeltype['restricted'] && $user_angeltype['confirm_user_id'] == null) {
-      error(sprintf(_("You are unconfirmed for this angeltype. Please go to the introduction for %s to get confirmed."), $angeltype['name']));
+
+    if ($user_angeltype == null) {
+        $buttons[] = button(
+            page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
+            _('join'),
+            'add'
+        );
+    } else {
+        if ($angeltype['requires_driver_license'] && $user_driver_license == null) {
+            error(_('This angeltype requires a driver license. Please enter your driver license information!'));
+        }
+
+        if ($angeltype['restricted'] && $user_angeltype['confirm_user_id'] == null) {
+            error(sprintf(
+                _('You are unconfirmed for this angeltype. Please go to the introduction for %s to get confirmed.'),
+                $angeltype['name']
+            ));
+        }
+        $buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'],
+            _('leave'), 'cancel');
     }
-    $buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'], _("leave"), 'cancel');
-  }
-  
-  if ($admin_angeltypes || $supporter) {
-    $buttons[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), 'edit');
-  }
-  if ($admin_angeltypes) {
-    $buttons[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), 'delete');
-  }
-  
-  return buttons($buttons);
+
+    if ($admin_angeltypes || $supporter) {
+        $buttons[] = button(
+            page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'],
+            _('edit'),
+            'edit'
+        );
+    }
+    if ($admin_angeltypes) {
+        $buttons[] = button(
+            page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'],
+            _('delete'),
+            'delete'
+        );
+    }
+
+    return buttons($buttons);
 }
 
 /**
  * Renders and sorts the members of an angeltype into supporters, members and unconfirmed members.
  *
- * @return [supporters, members, unconfirmed members]
+ * @param array $angeltype
+ * @param array $members
+ * @param bool  $admin_user_angeltypes
+ * @param bool  $admin_angeltypes
+ * @return array [supporters, members, unconfirmed members]
  */
-function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes) {
-  $supporters = [];
-  $members_confirmed = [];
-  $members_unconfirmed = [];
-  foreach ($members as $member) {
-    $member['Nick'] = User_Nick_render($member);
+function AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes)
+{
+    $supporters = [];
+    $members_confirmed = [];
+    $members_unconfirmed = [];
+    foreach ($members as $member) {
+        $member['Nick'] = User_Nick_render($member);
 
-    if ($angeltype['requires_driver_license']) {
-      $member['wants_to_drive'] = glyph_bool($member['wants_to_drive']);
-      $member['has_car'] = glyph_bool($member['has_car']);
-      $member['has_license_car'] = glyph_bool($member['has_license_car']);
-      $member['has_license_3_5t_transporter'] = glyph_bool($member['has_license_3_5t_transporter']);
-      $member['has_license_7_5t_truck'] = glyph_bool($member['has_license_7_5t_truck']);
-      $member['has_license_12_5t_truck'] = glyph_bool($member['has_license_12_5t_truck']);
-      $member['has_license_forklift'] = glyph_bool($member['has_license_forklift']);
+        if ($angeltype['requires_driver_license']) {
+            $member['wants_to_drive'] = glyph_bool($member['user_id']);
+            $member['has_car'] = glyph_bool($member['has_car']);
+            $member['has_license_car'] = glyph_bool($member['has_license_car']);
+            $member['has_license_3_5t_transporter'] = glyph_bool($member['has_license_3_5t_transporter']);
+            $member['has_license_7_5t_truck'] = glyph_bool($member['has_license_7_5t_truck']);
+            $member['has_license_12_5t_truck'] = glyph_bool($member['has_license_12_5t_truck']);
+            $member['has_license_forklift'] = glyph_bool($member['has_license_forklift']);
+        }
+
+        if ($angeltype['restricted'] && $member['confirm_user_id'] == null) {
+            $member['actions'] = table_buttons([
+                button(
+                    page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'],
+                    _('confirm'),
+                    'btn-xs'
+                ),
+                button(
+                    page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
+                    _('deny'),
+                    'btn-xs'
+                )
+            ]);
+            $members_unconfirmed[] = $member;
+        } elseif ($member['supporter']) {
+            if ($admin_angeltypes) {
+                $member['actions'] = table_buttons([
+                    button(
+                        page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0',
+                        _('Remove supporter rights'),
+                        'btn-xs'
+                    )
+                ]);
+            } else {
+                $member['actions'] = '';
+            }
+            $supporters[] = $member;
+        } else {
+            if ($admin_user_angeltypes) {
+                $member['actions'] = table_buttons([
+                    $admin_angeltypes
+                        ? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1',
+                        _('Add supporter rights'), 'btn-xs')
+                        : '',
+                    button(
+                        page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'],
+                        _('remove'),
+                        'btn-xs'
+                    )
+                ]);
+            }
+            $members_confirmed[] = $member;
+        }
     }
-    
-    if ($angeltype['restricted'] && $member['confirm_user_id'] == null) {
-      $member['actions'] = table_buttons([
-          button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $member['user_angeltype_id'], _("confirm"), 'btn-xs'),
-          button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("deny"), 'btn-xs') 
-      ]);
-      $members_unconfirmed[] = $member;
-    } elseif ($member['supporter']) {
-      if ($admin_angeltypes) {
-        $member['actions'] = table_buttons([
-            button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=0', _("Remove supporter rights"), 'btn-xs') 
-        ]);
-      } else {
-        $member['actions'] = '';
-      }
-      $supporters[] = $member;
-    } else {
-      if ($admin_user_angeltypes) {
-        $member['actions'] = table_buttons([
-            $admin_angeltypes ? button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $member['user_angeltype_id'] . '&supporter=1', _("Add supporter rights"), 'btn-xs') : '',
-            button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $member['user_angeltype_id'], _("remove"), 'btn-xs') 
-        ]);
-      }
-      $members_confirmed[] = $member;
-    }
-  }
-  
-  return [
-      $supporters,
-      $members_confirmed,
-      $members_unconfirmed 
-  ];
+
+    return [
+        $supporters,
+        $members_confirmed,
+        $members_unconfirmed
+    ];
 }
 
 /**
  * Creates the needed member table headers according to given rights and settings from the angeltype.
+ *
+ * @param array $angeltype
+ * @param bool  $supporter
+ * @param bool  $admin_angeltypes
+ * @return array
  */
-function AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes) {
-  if ($angeltype['requires_driver_license'] && ($supporter || $admin_angeltypes)) {
+function AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes)
+{
+    if ($angeltype['requires_driver_license'] && ($supporter || $admin_angeltypes)) {
+        return [
+            'Nick'                         => _('Nick'),
+            'DECT'                         => _('DECT'),
+            'wants_to_drive'               => _('Driver'),
+            'has_car'                      => _('Has car'),
+            'has_license_car'              => _('Car'),
+            'has_license_3_5t_transporter' => _('3,5t Transporter'),
+            'has_license_7_5t_truck'       => _('7,5t Truck'),
+            'has_license_12_5t_truck'      => _('12,5t Truck'),
+            'has_license_forklift'         => _('Forklift'),
+            'actions'                      => ''
+        ];
+    }
     return [
-        'Nick' => _("Nick"),
-        'DECT' => _("DECT"),
-        'wants_to_drive' => _("Driver"),
-        'has_car' => _("Has car"),
-        'has_license_car' => _("Car"),
-        'has_license_3_5t_transporter' => _("3,5t Transporter"),
-        'has_license_7_5t_truck' => _("7,5t Truck"),
-        'has_license_12_5t_truck' => _("12,5t Truck"),
-        'has_license_forklift' => _("Forklift"),
-        'actions' => '' 
+        'Nick'    => _('Nick'),
+        'DECT'    => _('DECT'),
+        'actions' => ''
     ];
-  }
-  return [
-      'Nick' => _("Nick"),
-      'DECT' => _("DECT"),
-      'actions' => '' 
-  ];
 }
 
 /**
  * Render an angeltype page containing the member lists.
+ *
+ * @param array   $angeltype
+ * @param array[] $members
+ * @param array   $user_angeltype
+ * @param bool    $admin_user_angeltypes
+ * @param bool    $admin_angeltypes
+ * @param bool    $supporter
+ * @param array   $user_driver_license
+ * @param array   $user
+ * @return string
  */
-function AngelType_view($angeltype, $members, $user_angeltype, $admin_user_angeltypes, $admin_angeltypes, $supporter, $user_driver_license, $user) {
-  $page = [
-      AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user),
-      msg() 
-  ];
-  
-  $page[] = '<h3>' . _("Description") . '</h3>';
-  $parsedown = new Parsedown();
-  if ($angeltype['description'] != "") {
-    $page[] = '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
-  }
-  
-  list($supporters, $members_confirmed, $members_unconfirmed) = AngelType_view_members($angeltype, $members, $admin_user_angeltypes, $admin_angeltypes);
-  $table_headers = AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes);
-  
-  if (count($supporters) > 0) {
-    $page[] = '<h3>' . _("supporters") . '</h3>';
-    $page[] = table($table_headers, $supporters);
-  }
-  
-  if (count($members_confirmed) > 0) {
-    $members_confirmed[] = [
-        'Nick' => _('Sum'),
-        'DECT' => count($members_confirmed),
-        'actions' => '' 
+function AngelType_view(
+    $angeltype,
+    $members,
+    $user_angeltype,
+    $admin_user_angeltypes,
+    $admin_angeltypes,
+    $supporter,
+    $user_driver_license,
+    $user
+) {
+    $page = [
+        AngelType_view_buttons($angeltype, $user_angeltype, $admin_angeltypes, $supporter, $user_driver_license, $user),
+        msg()
     ];
-  }
-  
-  if (count($members_unconfirmed) > 0) {
-    $members_unconfirmed[] = [
-        'Nick' => _('Sum'),
-        'DECT' => count($members_unconfirmed),
-        'actions' => '' 
-    ];
-  }
-  
-  $page[] = '<h3>' . _("Members") . '</h3>';
-  if ($admin_user_angeltypes) {
-    $page[] = buttons([
-        button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("Add"), 'add') 
-    ]);
-  }
-  $page[] = table($table_headers, $members_confirmed);
-  
-  if ($admin_user_angeltypes && $angeltype['restricted'] && count($members_unconfirmed) > 0) {
-    $page[] = '<h3>' . _("Unconfirmed") . '</h3>';
-    $page[] = buttons([
-        button(page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'], _("confirm all"), 'ok'),
-        button(page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'], _("deny all"), 'cancel') 
-    ]);
-    $page[] = table($table_headers, $members_unconfirmed);
-  }
-  
-  return page_with_title(sprintf(_("Team %s"), $angeltype['name']), $page);
+
+    $page[] = '<h3>' . _('Description') . '</h3>';
+    $parsedown = new Parsedown();
+    if ($angeltype['description'] != '') {
+        $page[] = '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
+    }
+
+    list($supporters, $members_confirmed, $members_unconfirmed) = AngelType_view_members(
+        $angeltype,
+        $members,
+        $admin_user_angeltypes,
+        $admin_angeltypes
+    );
+    $table_headers = AngelType_view_table_headers($angeltype, $supporter, $admin_angeltypes);
+
+    if (count($supporters) > 0) {
+        $page[] = '<h3>' . _('supporters') . '</h3>';
+        $page[] = table($table_headers, $supporters);
+    }
+
+    if (count($members_confirmed) > 0) {
+        $members_confirmed[] = [
+            'Nick'    => _('Sum'),
+            'DECT'    => count($members_confirmed),
+            'actions' => ''
+        ];
+    }
+
+    if (count($members_unconfirmed) > 0) {
+        $members_unconfirmed[] = [
+            'Nick'    => _('Sum'),
+            'DECT'    => count($members_unconfirmed),
+            'actions' => ''
+        ];
+    }
+
+    $page[] = '<h3>' . _('Members') . '</h3>';
+    if ($admin_user_angeltypes) {
+        $page[] = buttons([
+            button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _('Add'), 'add')
+        ]);
+    }
+    $page[] = table($table_headers, $members_confirmed);
+
+    if ($admin_user_angeltypes && $angeltype['restricted'] && count($members_unconfirmed) > 0) {
+        $page[] = '<h3>' . _('Unconfirmed') . '</h3>';
+        $page[] = buttons([
+            button(
+                page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'],
+                _('confirm all'),
+                'ok'
+            ),
+            button(
+                page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'],
+                _('deny all'),
+                'cancel'
+            )
+        ]);
+        $page[] = table($table_headers, $members_unconfirmed);
+    }
+
+    return page_with_title(sprintf(_('Team %s'), $angeltype['name']), $page);
 }
 
 /**
  * Display the list of angeltypes.
  *
- * @param array $angeltypes          
+ * @param array $angeltypes
+ * @param bool  $admin_angeltypes
+ * @return string
  */
-function AngelTypes_list_view($angeltypes, $admin_angeltypes) {
-  return page_with_title(angeltypes_title(), [
-      msg(),
-      buttons([
-          $admin_angeltypes ? button(page_link_to('angeltypes') . '&action=edit', _("New angeltype"), 'add') : '',
-          button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description")) 
-      ]),
-      table([
-          'name' => _("Name"),
-          'restricted' => glyph('lock') . _("Restricted"),
-          'no_self_signup' => glyph('share') . _("Self Sign Up Allowed"),
-          'membership' => _("Membership"),
-          'actions' => "" 
-      ], $angeltypes) 
-  ]);
+function AngelTypes_list_view($angeltypes, $admin_angeltypes)
+{
+    return page_with_title(angeltypes_title(), [
+        msg(),
+        buttons([
+            $admin_angeltypes ? button(page_link_to('angeltypes') . '&action=edit', _('New angeltype'), 'add') : '',
+            button(page_link_to('angeltypes') . '&action=about', _('Teams/Job description'))
+        ]),
+        table([
+            'name'           => _('Name'),
+            'restricted'     => glyph('lock') . _('Restricted'),
+            'no_self_signup' => glyph('share') . _('Self Sign Up Allowed'),
+            'membership'     => _('Membership'),
+            'actions'        => ''
+        ], $angeltypes)
+    ]);
 }
 
 /**
  * Renders the about info for an angeltype.
+ *
+ * @param array $angeltype
+ * @return string
  */
-function AngelTypes_about_view_angeltype($angeltype) {
-  $parsedown = new Parsedown();
-  
-  $html = '<h2>' . $angeltype['name'] . '</h2>';
-  
-  if (isset($angeltype['user_angeltype_id'])) {
-    $buttons = [];
-    if ($angeltype['user_angeltype_id'] != null) {
-      $buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), 'cancel');
-    } else {
-      $buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
+function AngelTypes_about_view_angeltype($angeltype)
+{
+    $parsedown = new Parsedown();
+
+    $html = '<h2>' . $angeltype['name'] . '</h2>';
+
+    if (isset($angeltype['user_angeltype_id'])) {
+        $buttons = [];
+        if ($angeltype['user_angeltype_id'] != null) {
+            $buttons[] = button(
+                page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'],
+                _('leave'),
+                'cancel'
+            );
+        } else {
+            $buttons[] = button(
+                page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
+                _('join'),
+                'add'
+            );
+        }
+        $html .= buttons($buttons);
     }
-    $html .= buttons($buttons);
-  }
-  
-  if ($angeltype['restricted']) {
-    $html .= info(_("This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings."), true);
-  }
-  if ($angeltype['description'] != "") {
-    $html .= '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
-  }
-  $html .= '<hr />';
-  
-  return $html;
+
+    if ($angeltype['restricted']) {
+        $html .= info(
+            _('This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings.'),
+            true
+        );
+    }
+    if ($angeltype['description'] != '') {
+        $html .= '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
+    }
+    $html .= '<hr />';
+
+    return $html;
 }
 
 /**
  * Renders a site that contains every angeltype and its description, basically as an overview of the needed help types.
+ *
+ * @param array[] $angeltypes
+ * @param bool    $user_logged_in
+ * @return string
  */
-function AngelTypes_about_view($angeltypes, $user_logged_in) {
-  global $faq_url;
-  
-  $content = [
-      buttons([
-          ! $user_logged_in ? button(page_link_to('register'), register_title()) : '',
-          ! $user_logged_in ? button(page_link_to('login'), login_title()) : '',
-          $user_logged_in ? button(page_link_to('angeltypes'), angeltypes_title(), 'back') : '',
-          button($faq_url, _("FAQ"), "btn-primary") 
-      ]),
-      '<p>' . _("Here is the list of teams and their tasks. If you have questions, read the FAQ.") . '</p>',
-      '<hr />' 
-  ];
-  foreach ($angeltypes as $angeltype) {
-    $content[] = AngelTypes_about_view_angeltype($angeltype);
-  }
-  
-  return page_with_title(_("Teams/Job description"), $content);
-}
+function AngelTypes_about_view($angeltypes, $user_logged_in)
+{
+    $content = [
+        buttons([
+            !$user_logged_in ? button(page_link_to('register'), register_title()) : '',
+            !$user_logged_in ? button(page_link_to('login'), login_title()) : '',
+            $user_logged_in ? button(page_link_to('angeltypes'), angeltypes_title(), 'back') : '',
+            button(config('faq_url'), _('FAQ'), 'btn-primary')
+        ]),
+        '<p>' . _('Here is the list of teams and their tasks. If you have questions, read the FAQ.') . '</p>',
+        '<hr />'
+    ];
+    foreach ($angeltypes as $angeltype) {
+        $content[] = AngelTypes_about_view_angeltype($angeltype);
+    }
 
-?>
+    return page_with_title(_('Teams/Job description'), $content);
+}

includes/view/EventConfig_view.php

@@ -2,128 +2,154 @@
 
 /**
  * Shows basic event infos and countdowns.
- * @param EventConfig $event_config The event configuration
+ *
+ * @param array $event_config The event configuration
+ * @return string
  */
-function EventConfig_countdown_page($event_config) {
-  if ($event_config == null) {
-    return div('col-md-12 text-center', [
-        heading(sprintf(_("Welcome to the %s!"), '<span class="icon-icon_angel"></span> ENGELSYSTEM'), 2) 
-    ]);
-  }
-  
-  $elements = [];
-  
-  if ($event_config['event_name'] != null) {
-    $elements[] = div('col-sm-12 text-center', [
-        heading(sprintf(_("Welcome to the %s!"), $event_config['event_name'] . ' <span class="icon-icon_angel"></span> ENGELSYSTEM'), 2) 
-    ]);
-  }
-  
-  if ($event_config['buildup_start_date'] != null && time() < $event_config['buildup_start_date']) {
-    $elements[] = div('col-sm-3 text-center hidden-xs', [
-        heading(_("Buildup starts"), 4),
-        '<span class="moment-countdown text-big" data-timestamp="' . $event_config['buildup_start_date'] . '">%c</span>',
-        '<small>' . date(_("Y-m-d"), $event_config['buildup_start_date']) . '</small>' 
-    ]);
-  }
-  
-  if ($event_config['event_start_date'] != null && time() < $event_config['event_start_date']) {
-    $elements[] = div('col-sm-3 text-center hidden-xs', [
-        heading(_("Event starts"), 4),
-        '<span class="moment-countdown text-big" data-timestamp="' . $event_config['event_start_date'] . '">%c</span>',
-        '<small>' . date(_("Y-m-d"), $event_config['event_start_date']) . '</small>' 
-    ]);
-  }
-  
-  if ($event_config['event_end_date'] != null && time() < $event_config['event_end_date']) {
-    $elements[] = div('col-sm-3 text-center hidden-xs', [
-        heading(_("Event ends"), 4),
-        '<span class="moment-countdown text-big" data-timestamp="' . $event_config['event_end_date'] . '">%c</span>',
-        '<small>' . date(_("Y-m-d"), $event_config['event_end_date']) . '</small>' 
-    ]);
-  }
-  
-  if ($event_config['teardown_end_date'] != null && time() < $event_config['teardown_end_date']) {
-    $elements[] = div('col-sm-3 text-center hidden-xs', [
-        heading(_("Teardown ends"), 4),
-        '<span class="moment-countdown text-big" data-timestamp="' . $event_config['teardown_end_date'] . '">%c</span>',
-        '<small>' . date(_("Y-m-d"), $event_config['teardown_end_date']) . '</small>' 
-    ]);
-  }
-  
-  return join("", $elements);
+function EventConfig_countdown_page($event_config)
+{
+    if ($event_config == null) {
+        return div('col-md-12 text-center', [
+            heading(sprintf(_('Welcome to the %s!'), '<span class="icon-icon_angel"></span> ENGELSYSTEM'), 2)
+        ]);
+    }
+
+    $elements = [];
+
+    if ($event_config['event_name'] != null) {
+        $elements[] = div('col-sm-12 text-center', [
+            heading(sprintf(
+                _('Welcome to the %s!'),
+                $event_config['event_name'] . ' <span class="icon-icon_angel"></span> ENGELSYSTEM'
+            ), 2)
+        ]);
+    }
+
+    if ($event_config['buildup_start_date'] != null && time() < $event_config['buildup_start_date']) {
+        $elements[] = div('col-sm-3 text-center hidden-xs', [
+            heading(_('Buildup starts'), 4),
+            '<span class="moment-countdown text-big" data-timestamp="' . $event_config['buildup_start_date'] . '">%c</span>',
+            '<small>' . date(_('Y-m-d'), $event_config['buildup_start_date']) . '</small>'
+        ]);
+    }
+
+    if ($event_config['event_start_date'] != null && time() < $event_config['event_start_date']) {
+        $elements[] = div('col-sm-3 text-center hidden-xs', [
+            heading(_('Event starts'), 4),
+            '<span class="moment-countdown text-big" data-timestamp="' . $event_config['event_start_date'] . '">%c</span>',
+            '<small>' . date(_('Y-m-d'), $event_config['event_start_date']) . '</small>'
+        ]);
+    }
+
+    if ($event_config['event_end_date'] != null && time() < $event_config['event_end_date']) {
+        $elements[] = div('col-sm-3 text-center hidden-xs', [
+            heading(_('Event ends'), 4),
+            '<span class="moment-countdown text-big" data-timestamp="' . $event_config['event_end_date'] . '">%c</span>',
+            '<small>' . date(_('Y-m-d'), $event_config['event_end_date']) . '</small>'
+        ]);
+    }
+
+    if ($event_config['teardown_end_date'] != null && time() < $event_config['teardown_end_date']) {
+        $elements[] = div('col-sm-3 text-center hidden-xs', [
+            heading(_('Teardown ends'), 4),
+            '<span class="moment-countdown text-big" data-timestamp="' . $event_config['teardown_end_date'] . '">%c</span>',
+            '<small>' . date(_('Y-m-d'), $event_config['teardown_end_date']) . '</small>'
+        ]);
+    }
+
+    return join('', $elements);
 }
 
 /**
  * Converts event name and start+end date into a line of text.
+ *
+ * @param array $event_config
+ * @return string
  */
-function EventConfig_info($event_config) {
-  if ($event_config == null) {
-    return "";
-  }
-  
-  // Event name, start+end date are set
-  if ($event_config['event_name'] != null && $event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
-    return sprintf(_("%s, from %s to %s"), $event_config['event_name'], date(_("Y-m-d"), $event_config['event_start_date']), date(_("Y-m-d"), $event_config['event_end_date']));
-  }
-  
-  // Event name, start date are set
-  if ($event_config['event_name'] != null && $event_config['event_start_date'] != null) {
-    return sprintf(_("%s, starting %s"), $event_config['event_name'], date(_("Y-m-d"), $event_config['event_start_date']));
-  }
-  
-  // Event start+end date are set
-  if ($event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
-    return sprintf(_("Event from %s to %s"), date(_("Y-m-d"), $event_config['event_start_date']), date(_("Y-m-d"), $event_config['event_end_date']));
-  }
-  
-  // Only event name is set
-  if ($event_config['event_name'] != null) {
-    return sprintf($event_config['event_name']);
-  }
-  
-  return "";
+function EventConfig_info($event_config)
+{
+    if ($event_config == null) {
+        return '';
+    }
+
+    // Event name, start+end date are set
+    if ($event_config['event_name'] != null && $event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
+        return sprintf(
+            _('%s, from %s to %s'),
+            $event_config['event_name'],
+            date(_('Y-m-d'), $event_config['event_start_date']),
+            date(_('Y-m-d'), $event_config['event_end_date'])
+        );
+    }
+
+    // Event name, start date are set
+    if ($event_config['event_name'] != null && $event_config['event_start_date'] != null) {
+        return sprintf(
+            _('%s, starting %s'), $event_config['event_name'],
+            date(_('Y-m-d'), $event_config['event_start_date'])
+        );
+    }
+
+    // Event start+end date are set
+    if ($event_config['event_start_date'] != null && $event_config['event_end_date'] != null) {
+        return sprintf(
+            _('Event from %s to %s'),
+            date(_('Y-m-d'), $event_config['event_start_date']),
+            date(_('Y-m-d'), $event_config['event_end_date'])
+        );
+    }
+
+    // Only event name is set
+    if ($event_config['event_name'] != null) {
+        return sprintf($event_config['event_name']);
+    }
+
+    return '';
 }
 
 /**
  * Render edit page for event config.
  *
- * @param string $event_name
- *          The event name
- * @param string $event_welcome_msg
- *          The welcome message
- * @param date $buildup_start_date          
- * @param date $event_start_date          
- * @param date $event_end_date          
- * @param date $teardown_end_date          
+ * @param string $event_name         The event name
+ * @param string $event_welcome_msg  The welcome message
+ * @param int    $buildup_start_date unix time stamp
+ * @param int    $event_start_date   unix time stamp
+ * @param int    $event_end_date     unix time stamp
+ * @param int    $teardown_end_date  unix time stamp
+ * @return string
  */
-function EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date) {
-  return page_with_title(event_config_title(), [
-      msg(),
-      form([
-          div('row', [
-              div('col-md-6', [
-                  form_text('event_name', _("Event Name"), $event_name),
-                  form_info('', _("Event Name is shown on the start page.")),
-                  form_textarea('event_welcome_msg', _("Event Welcome Message"), $event_welcome_msg),
-                  form_info('', _("Welcome message is shown after successful registration. You can use markdown.")) 
-              ]),
-              div('col-md-3 col-xs-6', [
-                  form_date('buildup_start_date', _("Buildup date"), $buildup_start_date),
-                  form_date('event_start_date', _("Event start date"), $event_start_date) 
-              ]),
-              div('col-md-3 col-xs-6', [
-                  form_date('teardown_end_date', _("Teardown end date"), $teardown_end_date),
-                  form_date('event_end_date', _("Event end date"), $event_end_date) 
-              ]) 
-          ]),
-          div('row', [
-              div('col-md-6', [
-                  form_submit('submit', _("Save")) 
-              ]) 
-          ]) 
-      ]) 
-  ]);
+function EventConfig_edit_view(
+    $event_name,
+    $event_welcome_msg,
+    $buildup_start_date,
+    $event_start_date,
+    $event_end_date,
+    $teardown_end_date
+) {
+    return page_with_title(event_config_title(), [
+        msg(),
+        form([
+            div('row', [
+                div('col-md-6', [
+                    form_text('event_name', _('Event Name'), $event_name),
+                    form_info('', _('Event Name is shown on the start page.')),
+                    form_textarea('event_welcome_msg', _('Event Welcome Message'), $event_welcome_msg),
+                    form_info('', _('Welcome message is shown after successful registration. You can use markdown.'))
+                ]),
+                div('col-md-3 col-xs-6', [
+                    form_date('buildup_start_date', _('Buildup date'), $buildup_start_date),
+                    form_date('event_start_date', _('Event start date'), $event_start_date)
+                ]),
+                div('col-md-3 col-xs-6', [
+                    form_date('teardown_end_date', _('Teardown end date'), $teardown_end_date),
+                    form_date('event_end_date', _('Event end date'), $event_end_date)
+                ])
+            ]),
+            div('row', [
+                div('col-md-6', [
+                    form_submit('submit', _('Save'))
+                ])
+            ])
+        ])
+    ]);
 }
-
-?>

includes/view/Questions_view.php

@@ -1,37 +1,42 @@
 <?php
 
-function Questions_view($open_questions, $answered_questions, $ask_action) {
-  foreach ($open_questions as &$question) {
-    $question['actions'] = '<a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">' . _("delete") . '</a>';
-    $question['Question'] = str_replace("\n", '<br />', $question['Question']);
-  }
-  
-  foreach ($answered_questions as &$question) {
-    $question['Question'] = str_replace("\n", '<br />', $question['Question']);
-    $question['Answer'] = str_replace("\n", '<br />', $question['Answer']);
-    $question['actions'] = '<a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">' . _("delete") . '</a>';
-  }
-  
-  return page_with_title(questions_title(), [
-      msg(),
-      heading(_("Open questions"), 2),
-      table([
-          'Question' => _("Question"),
-          'actions' => "" 
-      ], $open_questions),
-      heading(_("Answered questions"), 2),
-      table([
-          'Question' => _("Question"),
-          'answer_user' => _("Answered by"),
-          'Answer' => _("Answer"),
-          'actions' => "" 
-      ], $answered_questions),
-      heading(_("Ask the Heaven"), 2),
-      form([
-          form_textarea('question', _("Your Question:"), ""),
-          form_submit('submit', _("Save")) 
-      ], $ask_action) 
-  ]);
-}
+/**
+ * @param array[] $open_questions
+ * @param array[] $answered_questions
+ * @param string  $ask_action
+ * @return string
+ */
+function Questions_view($open_questions, $answered_questions, $ask_action)
+{
+    foreach ($open_questions as &$question) {
+        $question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>';
+        $question['Question'] = str_replace("\n", '<br />', $question['Question']);
+    }
 
-?>
+    foreach ($answered_questions as &$question) {
+        $question['Question'] = str_replace("\n", '<br />', $question['Question']);
+        $question['Answer'] = str_replace("\n", '<br />', $question['Answer']);
+        $question['actions'] = '<a href="' . page_link_to('user_questions') . '&action=delete&id=' . $question['QID'] . '">' . _('delete') . '</a>';
+    }
+
+    return page_with_title(questions_title(), [
+        msg(),
+        heading(_('Open questions'), 2),
+        table([
+            'Question' => _('Question'),
+            'actions'  => ''
+        ], $open_questions),
+        heading(_('Answered questions'), 2),
+        table([
+            'Question'    => _('Question'),
+            'answer_user' => _('Answered by'),
+            'Answer'      => _('Answer'),
+            'actions'     => ''
+        ], $answered_questions),
+        heading(_('Ask the Heaven'), 2),
+        form([
+            form_textarea('question', _('Your Question:'), ''),
+            form_submit('submit', _('Save'))
+        ], $ask_action)
+    ]);
+}

includes/view/Rooms_view.php

@@ -1,20 +1,30 @@
 <?php
-use Engelsystem\ShiftsFilterRenderer;
 use Engelsystem\ShiftCalendarRenderer;
+use Engelsystem\ShiftsFilterRenderer;
 
-function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer) {
-  return page_with_title(glyph('map-marker') . $room['Name'], [
-      $shiftsFilterRenderer->render(room_link($room)) ,
-      $shiftCalendarRenderer->render()
-  ]);
+/**
+ * @param array                 $room
+ * @param ShiftsFilterRenderer  $shiftsFilterRenderer
+ * @param ShiftCalendarRenderer $shiftCalendarRenderer
+ * @return string
+ */
+function Room_view($room, ShiftsFilterRenderer $shiftsFilterRenderer, ShiftCalendarRenderer $shiftCalendarRenderer)
+{
+    return page_with_title(glyph('map-marker') . $room['Name'], [
+        $shiftsFilterRenderer->render(room_link($room)),
+        $shiftCalendarRenderer->render()
+    ]);
 }
 
-function Room_name_render($room) {
-  global $privileges;
-  if (in_array('view_rooms', $privileges)) {
-    return '<a href="' . room_link($room) . '">' . glyph('map-marker') . $room['Name'] . '</a>';
-  }
-  return glyph('map-marker') . $room['Name'];
+/**
+ * @param array $room
+ * @return string
+ */
+function Room_name_render($room)
+{
+    global $privileges;
+    if (in_array('view_rooms', $privileges)) {
+        return '<a href="' . room_link($room) . '">' . glyph('map-marker') . $room['Name'] . '</a>';
+    }
+    return glyph('map-marker') . $room['Name'];
 }
-
-?>

includes/view/ShiftCalendarLane.php

@@ -5,59 +5,80 @@ namespace Engelsystem;
 /**
  * Represents a single lane in a shifts calendar.
  */
-class ShiftCalendarLane {
+class ShiftCalendarLane
+{
+    /** @var int */
+    private $firstBlockStartTime;
 
-  private $firstBlockStartTime;
+    /** @var int */
+    private $blockCount;
 
-  private $blockCount;
+    /** @var string */
+    private $header;
 
-  private $header;
+    /** @var array[] */
+    private $shifts = [];
 
-  private $shifts = [];
-
-  public function __construct($header, $firstBlockStartTime, $blockCount) {
-    $this->header = $header;
-    $this->firstBlockStartTime = $firstBlockStartTime;
-    $this->blockCount = $blockCount;
-  }
-
-  /**
-   * Adds a shift to the lane, but only if it fits.
-   * Returns true on success.
-   *
-   * @param Shift $shift
-   *          The shift to add
-   * @return boolean true on success
-   */
-  public function addShift($shift) {
-    if ($this->shiftFits($shift)) {
-      $this->shifts[] = $shift;
-      return true;
+    /**
+     * ShiftCalendarLane constructor.
+     *
+     * @param string $header
+     * @param int    $firstBlockStartTime Unix timestamp
+     * @param int    $blockCount
+     */
+    public function __construct($header, $firstBlockStartTime, $blockCount)
+    {
+        $this->header = $header;
+        $this->firstBlockStartTime = $firstBlockStartTime;
+        $this->blockCount = $blockCount;
     }
-    return false;
-  }
 
-  /**
-   * Returns true if given shift fits into this lane.
-   *
-   * @param Shift $shift
-   *          The shift to fit into this lane
-   */
-  public function shiftFits($newShift) {
-    foreach ($this->shifts as $laneShift) {
-      if (! ($newShift['start'] >= $laneShift['end'] || $newShift['end'] <= $laneShift['start'])) {
+    /**
+     * Adds a shift to the lane, but only if it fits.
+     * Returns true on success.
+     *
+     * @param array $shift The shift to add
+     * @return boolean true on success
+     */
+    public function addShift($shift)
+    {
+        if ($this->shiftFits($shift)) {
+            $this->shifts[] = $shift;
+            return true;
+        }
         return false;
-      }
     }
-    return true;
-  }
 
-  public function getHeader() {
-    return $this->header;
-  }
+    /**
+     * Returns true if given shift fits into this lane.
+     *
+     * @param array $newShift
+     * @return bool
+     * @internal param array $shift The shift to fit into this lane
+     */
+    public function shiftFits($newShift)
+    {
+        foreach ($this->shifts as $laneShift) {
+            if (!($newShift['start'] >= $laneShift['end'] || $newShift['end'] <= $laneShift['start'])) {
+                return false;
+            }
+        }
+        return true;
+    }
 
-  public function getShifts() {
-    return $this->shifts;
-  }
+    /**
+     * @return string
+     */
+    public function getHeader()
+    {
+        return $this->header;
+    }
+
+    /**
+     * @return array[]
+     */
+    public function getShifts()
+    {
+        return $this->shifts;
+    }
 }
-?>

includes/view/ShiftCalendarRenderer.php

@@ -2,256 +2,312 @@
 
 namespace Engelsystem;
 
-class ShiftCalendarRenderer {
+class ShiftCalendarRenderer
+{
+    /**
+     * 15m * 60s/m = 900s
+     */
+    const SECONDS_PER_ROW = 900;
 
-  /**
-   * 15m * 60s/m = 900s
-   */
-  const SECONDS_PER_ROW = 900;
+    /**
+     * Height of a block in pixel.
+     * Do not change - corresponds with theme/css
+     */
+    const BLOCK_HEIGHT = 30;
 
-  /**
-   * Height of a block in pixel.
-   * Do not change - corresponds with theme/css
-   */
-  const BLOCK_HEIGHT = 30;
+    /**
+     * Distance between two shifts in pixels
+     */
+    const MARGIN = 5;
 
-  /**
-   * Distance between two shifts in pixels
-   */
-  const MARGIN = 5;
+    /**
+     * Seconds added to the start and end time
+     */
+    const TIME_MARGIN = 1800;
 
-  /**
-   * Seconds added to the start and end time
-   */
-  const TIME_MARGIN = 1800;
+    /** @var array */
+    private $lanes;
 
-  private $lanes;
+    /** @var ShiftsFilter */
+    private $shiftsFilter;
 
-  private $shiftsFilter;
+    /** @var int */
+    private $firstBlockStartTime = 0;
 
-  private $firstBlockStartTime = null;
+    /** @var int */
+    private $lastBlockEndTime = 0;
 
-  private $lastBlockEndTime = null;
+    /** @var int */
+    private $blocksPerSlot = null;
 
-  private $blocksPerSlot = null;
+    /** @var array[] */
+    private $needed_angeltypes = [];
 
-  private $needed_angeltypes = null;
+    /** @var array[] */
+    private $shift_entries = [];
 
-  private $shift_entries = null;
+    /**
+     * ShiftCalendarRenderer constructor.
+     *
+     * @param array[]      $shifts
+     * @param array[]      $needed_angeltypes
+     * @param array[]      $shift_entries
+     * @param ShiftsFilter $shiftsFilter
+     */
+    public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter)
+    {
+        $this->shiftsFilter = $shiftsFilter;
+        $this->firstBlockStartTime = $this->calcFirstBlockStartTime($shifts);
+        $this->lastBlockEndTime = $this->calcLastBlockEndTime($shifts);
+        $this->lanes = $this->assignShiftsToLanes($shifts);
+        $this->needed_angeltypes = $needed_angeltypes;
+        $this->shift_entries = $shift_entries;
+    }
 
-  public function __construct($shifts, $needed_angeltypes, $shift_entries, ShiftsFilter $shiftsFilter) {
-    $this->shiftsFilter = $shiftsFilter;
-    $this->firstBlockStartTime = $this->calcFirstBlockStartTime($shifts);
-    $this->lastBlockEndTime = $this->calcLastBlockEndTime($shifts);
-    $this->lanes = $this->assignShiftsToLanes($shifts);
-    $this->needed_angeltypes = $needed_angeltypes;
-    $this->shift_entries = $shift_entries;
-  }
+    /**
+     * Assigns the shifts to different lanes per room if they collide
+     *
+     * @param array[] $shifts The shifts to assign
+     *
+     * @return array Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts
+     */
+    private function assignShiftsToLanes($shifts)
+    {
+        // array that assigns a room id to a list of lanes (per room)
+        $lanes = [];
 
-  /**
-   * Assigns the shifts to different lanes per room if they collide
-   *
-   * @param Shift[] $shifts
-   *          The shifts to assign
-   *          
-   * @return Returns an array that assigns a room_id to an array of ShiftCalendarLane containing the shifts
-   */
-  private function assignShiftsToLanes($shifts) {
-    // array that assigns a room id to a list of lanes (per room)
-    $lanes = [];
-    
-    foreach ($shifts as $shift) {
-      $room_id = $shift['RID'];
-      $header = Room_name_render([
-          'RID' => $room_id,
-          'Name' => $shift['room_name'] 
-      ]);
-      if (! isset($lanes[$room_id])) {
-        // initialize room with one lane
-        $lanes[$room_id] = [
-            new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot()) 
+        foreach ($shifts as $shift) {
+            $room_id = $shift['RID'];
+            $header = Room_name_render([
+                'RID'  => $room_id,
+                'Name' => $shift['room_name']
+            ]);
+            if (!isset($lanes[$room_id])) {
+                // initialize room with one lane
+                $lanes[$room_id] = [
+                    new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot())
+                ];
+            }
+            // Try to add the shift to the existing lanes for this room
+            $shift_added = false;
+            foreach ($lanes[$room_id] as $lane) {
+                /** @var ShiftCalendarLane $lane */
+                $shift_added = $lane->addShift($shift);
+                if ($shift_added == true) {
+                    break;
+                }
+            }
+            // If all lanes for this room are busy, create a new lane and add shift to it
+            if ($shift_added == false) {
+                $newLane = new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot());
+                if (!$newLane->addShift($shift)) {
+                    engelsystem_error('Unable to add shift to new lane.');
+                }
+                $lanes[$room_id][] = $newLane;
+            }
+        }
+
+        return $lanes;
+    }
+
+    /**
+     * @return int
+     */
+    public function getFirstBlockStartTime()
+    {
+        return $this->firstBlockStartTime;
+    }
+
+    /**
+     * @return int
+     */
+    public function getLastBlockEndTime()
+    {
+        return $this->lastBlockEndTime;
+    }
+
+    /**
+     * @return float
+     */
+    public function getBlocksPerSlot()
+    {
+        if ($this->blocksPerSlot == null) {
+            $this->blocksPerSlot = $this->calcBlocksPerSlot();
+        }
+        return $this->blocksPerSlot;
+    }
+
+    /**
+     * Renders the whole calendar
+     *
+     * @return string the generated html
+     */
+    public function render()
+    {
+        if (count($this->lanes) == 0) {
+            return '';
+        }
+        return div('shift-calendar', [
+                $this->renderTimeLane(),
+                $this->renderShiftLanes()
+            ]) . $this->renderLegend();
+    }
+
+    /**
+     * Renders the lanes containing the shifts
+     *
+     * @return string
+     */
+    private function renderShiftLanes()
+    {
+        $html = '';
+        foreach ($this->lanes as $room_lanes) {
+            foreach ($room_lanes as $lane) {
+                $html .= $this->renderLane($lane);
+            }
+        }
+
+        return $html;
+    }
+
+    /**
+     * Renders a single lane
+     *
+     * @param ShiftCalendarLane $lane The lane to render
+     * @return string
+     */
+    private function renderLane(ShiftCalendarLane $lane)
+    {
+        global $user;
+
+        $shift_renderer = new ShiftCalendarShiftRenderer();
+        $html = '';
+        $rendered_until = $this->getFirstBlockStartTime();
+
+        foreach ($lane->getShifts() as $shift) {
+            while ($rendered_until + ShiftCalendarRenderer::SECONDS_PER_ROW <= $shift['start']) {
+                $html .= $this->renderTick($rendered_until);
+                $rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
+            }
+
+            list($shift_height, $shift_html) = $shift_renderer->render(
+                $shift,
+                $this->needed_angeltypes[$shift['SID']],
+                $this->shift_entries[$shift['SID']],
+                $user
+            );
+            $html .= $shift_html;
+            $rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW;
+        }
+
+        while ($rendered_until < $this->getLastBlockEndTime()) {
+            $html .= $this->renderTick($rendered_until);
+            $rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
+        }
+
+        return div('lane', [
+            div('header', $lane->getHeader()),
+            $html
+        ]);
+    }
+
+    /**
+     * Renders a tick/block for given time
+     *
+     * @param int     $time  unix timestamp
+     * @param boolean $label Should time labels be generated?
+     * @return string rendered tick html
+     */
+    private function renderTick($time, $label = false)
+    {
+        if ($time % (24 * 60 * 60) == 23 * 60 * 60) {
+            if (!$label) {
+                return div('tick day');
+            }
+            return div('tick day', [
+                date('m-d<b\r />H:i', $time)
+            ]);
+        } elseif ($time % (60 * 60) == 0) {
+            if (!$label) {
+                return div('tick hour');
+            }
+            return div('tick hour', [
+                date('m-d<b\r />H:i', $time)
+            ]);
+        }
+        return div('tick');
+    }
+
+    /**
+     * Renders the left time lane including hour/day ticks
+     *
+     * @return string
+     */
+    private function renderTimeLane()
+    {
+        $time_slot = [
+            div('header', [
+                _('Time')
+            ])
         ];
-      }
-      // Try to add the shift to the existing lanes for this room
-      $shift_added = false;
-      foreach ($lanes[$room_id] as $lane) {
-        $shift_added = $lane->addShift($shift);
-        if ($shift_added == true) {
-          break;
+        for ($block = 0; $block < $this->getBlocksPerSlot(); $block++) {
+            $thistime = $this->getFirstBlockStartTime() + ($block * ShiftCalendarRenderer::SECONDS_PER_ROW);
+            $time_slot[] = $this->renderTick($thistime, true);
         }
-      }
-      // If all lanes for this room are busy, create a new lane and add shift to it
-      if ($shift_added == false) {
-        $newLane = new ShiftCalendarLane($header, $this->getFirstBlockStartTime(), $this->getBlocksPerSlot());
-        if (! $newLane->addShift($shift)) {
-          engelsystem_error("Unable to add shift to new lane.");
+        return div('lane time', $time_slot);
+    }
+
+    /**
+     * @param array[] $shifts
+     * @return int
+     */
+    private function calcFirstBlockStartTime($shifts)
+    {
+        $start_time = $this->shiftsFilter->getEndTime();
+        foreach ($shifts as $shift) {
+            if ($shift['start'] < $start_time) {
+                $start_time = $shift['start'];
+            }
         }
-        $lanes[$room_id][] = $newLane;
-      }
+        return ShiftCalendarRenderer::SECONDS_PER_ROW * floor(($start_time - ShiftCalendarRenderer::TIME_MARGIN) / ShiftCalendarRenderer::SECONDS_PER_ROW);
     }
-    
-    return $lanes;
-  }
 
-  public function getFirstBlockStartTime() {
-    return $this->firstBlockStartTime;
-  }
-
-  public function getLastBlockEndTime() {
-    return $this->lastBlockEndTime;
-  }
-
-  public function getBlocksPerSlot() {
-    if ($this->blocksPerSlot == null) {
-      $this->blocksPerSlot = $this->calcBlocksPerSlot();
+    /**
+     * @param array[] $shifts
+     * @return int
+     */
+    private function calcLastBlockEndTime($shifts)
+    {
+        $end_time = $this->shiftsFilter->getStartTime();
+        foreach ($shifts as $shift) {
+            if ($shift['end'] > $end_time) {
+                $end_time = $shift['end'];
+            }
+        }
+        return ShiftCalendarRenderer::SECONDS_PER_ROW * ceil(($end_time + ShiftCalendarRenderer::TIME_MARGIN) / ShiftCalendarRenderer::SECONDS_PER_ROW);
     }
-    return $this->blocksPerSlot;
-  }
 
-  /**
-   * Renders the whole calendar
-   *
-   * @return the generated html
-   */
-  public function render() {
-    if (count($this->lanes) == 0) {
-      return '';
+    /**
+     * @return int
+     */
+    private function calcBlocksPerSlot()
+    {
+        return ceil(($this->getLastBlockEndTime() - $this->getFirstBlockStartTime()) / ShiftCalendarRenderer::SECONDS_PER_ROW);
     }
-    return div('shift-calendar', [
-        $this->renderTimeLane(),
-        $this->renderShiftLanes() 
-    ]) . $this->renderLegend();
-  }
 
-  /**
-   * Renders the lanes containing the shifts
-   */
-  private function renderShiftLanes() {
-    $html = "";
-    foreach ($this->lanes as $room_lanes) {
-      foreach ($room_lanes as $lane) {
-        $html .= $this->renderLane($lane);
-      }
+    /**
+     * Renders a legend explaining the shift coloring
+     *
+     * @return string
+     */
+    private function renderLegend()
+    {
+        return div('legend', [
+            label(_('Your shift'), 'primary'),
+            label(_('Help needed'), 'danger'),
+            label(_('Other angeltype needed / collides with my shifts'), 'warning'),
+            label(_('Shift is full'), 'success'),
+            label(_('Shift running/ended'), 'default')
+        ]);
     }
-    
-    return $html;
-  }
-
-  /**
-   * Renders a single lane
-   *
-   * @param ShiftCalendarLane $lane
-   *          The lane to render
-   */
-  private function renderLane(ShiftCalendarLane $lane) {
-    global $user;
-    
-    $shift_renderer = new ShiftCalendarShiftRenderer();
-    $html = "";
-    $rendered_until = $this->getFirstBlockStartTime();
-    
-    foreach ($lane->getShifts() as $shift) {
-      while ($rendered_until + ShiftCalendarRenderer::SECONDS_PER_ROW <= $shift['start']) {
-        $html .= $this->renderTick($rendered_until);
-        $rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
-      }
-      
-      list($shift_height, $shift_html) = $shift_renderer->render($shift, $this->needed_angeltypes[$shift['SID']], $this->shift_entries[$shift['SID']], $user);
-      $html .= $shift_html;
-      $rendered_until += $shift_height * ShiftCalendarRenderer::SECONDS_PER_ROW;
-    }
-    
-    while ($rendered_until < $this->getLastBlockEndTime()) {
-      $html .= $this->renderTick($rendered_until);
-      $rendered_until += ShiftCalendarRenderer::SECONDS_PER_ROW;
-    }
-    
-    return div('lane', [
-        div('header', $lane->getHeader()),
-        $html 
-    ]);
-  }
-
-  /**
-   * Renders a tick/block for given time
-   *
-   * @param int $time
-   *          unix timestamp
-   * @param boolean $label
-   *          Should time labels be generated?
-   * @return rendered tick html
-   */
-  private function renderTick($time, $label = false) {
-    if ($time % (24 * 60 * 60) == 23 * 60 * 60) {
-      if (! $label) {
-        return div('tick day');
-      }
-      return div('tick day', [
-          date('m-d<b\r />H:i', $time) 
-      ]);
-    } elseif ($time % (60 * 60) == 0) {
-      if (! $label) {
-        return div('tick hour');
-      }
-      return div('tick hour', [
-          date('m-d<b\r />H:i', $time) 
-      ]);
-    }
-    return div('tick');
-  }
-
-  /**
-   * Renders the left time lane including hour/day ticks
-   */
-  private function renderTimeLane() {
-    $time_slot = [
-        div('header', [
-            _("Time") 
-        ]) 
-    ];
-    for ($block = 0; $block < $this->getBlocksPerSlot(); $block ++) {
-      $thistime = $this->getFirstBlockStartTime() + ($block * ShiftCalendarRenderer::SECONDS_PER_ROW);
-      $time_slot[] = $this->renderTick($thistime, true);
-    }
-    return div('lane time', $time_slot);
-  }
-
-  private function calcFirstBlockStartTime($shifts) {
-    $start_time = $this->shiftsFilter->getEndTime();
-    foreach ($shifts as $shift) {
-      if ($shift['start'] < $start_time) {
-        $start_time = $shift['start'];
-      }
-    }
-    return ShiftCalendarRenderer::SECONDS_PER_ROW * floor(($start_time - ShiftCalendarRenderer::TIME_MARGIN) / ShiftCalendarRenderer::SECONDS_PER_ROW);
-  }
-
-  private function calcLastBlockEndTime($shifts) {
-    $end_time = $this->shiftsFilter->getStartTime();
-    foreach ($shifts as $shift) {
-      if ($shift['end'] > $end_time) {
-        $end_time = $shift['end'];
-      }
-    }
-    return ShiftCalendarRenderer::SECONDS_PER_ROW * ceil(($end_time + ShiftCalendarRenderer::TIME_MARGIN) / ShiftCalendarRenderer::SECONDS_PER_ROW);
-  }
-
-  private function calcBlocksPerSlot() {
-    return ceil(($this->getLastBlockEndTime() - $this->getFirstBlockStartTime()) / ShiftCalendarRenderer::SECONDS_PER_ROW);
-  }
-
-  /**
-   * Renders a legend explaining the shift coloring
-   */
-  private function renderLegend() {
-    return div('legend', [
-        label(_('Your shift'), 'primary'),
-        label(_('Help needed'), 'danger'),
-        label(_('Other angeltype needed / collides with my shifts'), 'warning'),
-        label(_('Shift is full'), 'success'),
-        label(_('Shift running/ended'), 'default') 
-    ]);
-  }
 }
-
-?>

includes/view/ShiftCalendarShiftRenderer.php

@@ -5,191 +5,243 @@ namespace Engelsystem;
 /**
  * Renders a single shift for the shift calendar
  */
-class ShiftCalendarShiftRenderer {
+class ShiftCalendarShiftRenderer
+{
+    /**
+     * Renders a shift
+     *
+     * @param array $shift The shift to render
+     * @param array $needed_angeltypes
+     * @param array $shift_entries
+     * @param array $user  The user who is viewing the shift calendar
+     * @return array
+     */
+    public function render($shift, $needed_angeltypes, $shift_entries, $user)
+    {
+        $info_text = '';
+        if ($shift['title'] != '') {
+            $info_text = glyph('info-sign') . $shift['title'] . '<br>';
+        }
+        list($shift_signup_state, $shifts_row) = $this->renderShiftNeededAngeltypes(
+            $shift,
+            $needed_angeltypes,
+            $shift_entries,
+            $user
+        );
 
-  /**
-   * Renders a shift
-   *
-   * @param Shift $shift
-   *          The shift to render
-   * @param User $user
-   *          The user who is viewing the shift calendar
-   */
-  public function render($shift, $needed_angeltypes, $shift_entries, $user) {
-    $info_text = "";
-    if ($shift['title'] != '') {
-      $info_text = glyph('info-sign') . $shift['title'] . '<br>';
-    }
-    list($shift_signup_state, $shifts_row) = $this->renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user);
-    
-    $class = $this->classForSignupState($shift_signup_state);
-    
-    $blocks = ceil(($shift["end"] - $shift["start"]) / ShiftCalendarRenderer::SECONDS_PER_ROW);
-    $blocks = max(1, $blocks);
-    return [
-        $blocks,
-        div('shift panel panel-' . $class . '" style="height: ' . ($blocks * ShiftCalendarRenderer::BLOCK_HEIGHT - ShiftCalendarRenderer::MARGIN) . 'px"', [
-            $this->renderShiftHead($shift),
-            div('panel-body', [
-                $info_text,
-                Room_name_render([
-                    'RID' => $shift['RID'],
-                    'Name' => $shift['room_name'] 
-                ]) 
-            ]),
-            $shifts_row,
-            div('shift-spacer') 
-        ])
-    ];
-  }
+        $class = $this->classForSignupState($shift_signup_state);
 
-  private function classForSignupState(ShiftSignupState $shiftSignupState) {
-    switch ($shiftSignupState->getState()) {
-      case ShiftSignupState::ADMIN:
-      case ShiftSignupState::OCCUPIED:
-        return 'success';
-      
-      case ShiftSignupState::SIGNED_UP:
-        return 'primary';
-      
-      case ShiftSignupState::SHIFT_ENDED:
-        return 'default';
-      
-      case ShiftSignupState::ANGELTYPE:
-      case ShiftSignupState::COLLIDES:
-        return 'warning';
-      
-      case ShiftSignupState::FREE:
-        return 'danger';
+        $blocks = ceil(($shift['end'] - $shift['start']) / ShiftCalendarRenderer::SECONDS_PER_ROW);
+        $blocks = max(1, $blocks);
+        return [
+            $blocks,
+            div(
+                'shift panel panel-' . $class . '" style="height: ' . ($blocks * ShiftCalendarRenderer::BLOCK_HEIGHT - ShiftCalendarRenderer::MARGIN) . 'px"',
+                [
+                    $this->renderShiftHead($shift),
+                    div('panel-body', [
+                        $info_text,
+                        Room_name_render([
+                            'RID'  => $shift['RID'],
+                            'Name' => $shift['room_name']
+                        ])
+                    ]),
+                    $shifts_row,
+                    div('shift-spacer')
+                ]
+            )
+        ];
     }
-  }
 
-  private function renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user) {
-    global $privileges;
-    
-    $shift_entries_filtered = [];
-    foreach ($needed_angeltypes as $needed_angeltype) {
-      $shift_entries_filtered[$needed_angeltype['id']] = [];
+    /**
+     * @param ShiftSignupState $shiftSignupState
+     * @return string
+     */
+    private function classForSignupState(ShiftSignupState $shiftSignupState)
+    {
+        switch ($shiftSignupState->getState()) {
+            case ShiftSignupState::ADMIN:
+            case ShiftSignupState::OCCUPIED:
+                return 'success';
+
+            case ShiftSignupState::SIGNED_UP:
+                return 'primary';
+
+            case ShiftSignupState::SHIFT_ENDED:
+                return 'default';
+
+            case ShiftSignupState::ANGELTYPE:
+            case ShiftSignupState::COLLIDES:
+                return 'warning';
+
+            case ShiftSignupState::FREE:
+                return 'danger';
+            default:
+                return '';
+        }
     }
-    foreach ($shift_entries as $shift_entry) {
-      $shift_entries_filtered[$shift_entry['TID']][] = $shift_entry;
-    }
-    
-    $html = "";
-    $shift_signup_state = null;
-    foreach ($needed_angeltypes as $angeltype) {
-      if ($angeltype['count'] > 0 || count($shift_entries_filtered[$angeltype['id']]) > 0) {
-        list($angeltype_signup_state, $angeltype_html) = $this->renderShiftNeededAngeltype($shift, $shift_entries_filtered[$angeltype['id']], $angeltype, $user);
+
+    /**
+     * @param array   $shift
+     * @param array[] $needed_angeltypes
+     * @param array[] $shift_entries
+     * @param array   $user
+     * @return array
+     */
+    private function renderShiftNeededAngeltypes($shift, $needed_angeltypes, $shift_entries, $user)
+    {
+        global $privileges;
+
+        $shift_entries_filtered = [];
+        foreach ($needed_angeltypes as $needed_angeltype) {
+            $shift_entries_filtered[$needed_angeltype['id']] = [];
+        }
+        foreach ($shift_entries as $shift_entry) {
+            $shift_entries_filtered[$shift_entry['TID']][] = $shift_entry;
+        }
+
+        $html = '';
+        /** @var ShiftSignupState $shift_signup_state */
+        $shift_signup_state = null;
+        foreach ($needed_angeltypes as $angeltype) {
+            if ($angeltype['count'] > 0 || count($shift_entries_filtered[$angeltype['id']]) > 0) {
+                list($angeltype_signup_state, $angeltype_html) = $this->renderShiftNeededAngeltype(
+                    $shift,
+                    $shift_entries_filtered[$angeltype['id']],
+                    $angeltype,
+                    $user
+                );
+                if ($shift_signup_state == null) {
+                    $shift_signup_state = $angeltype_signup_state;
+                } else {
+                    $shift_signup_state->combineWith($angeltype_signup_state);
+                }
+                $html .= $angeltype_html;
+            }
+        }
         if ($shift_signup_state == null) {
-          $shift_signup_state = $angeltype_signup_state;
-        } else {
-          $shift_signup_state->combineWith($angeltype_signup_state);
+            $shift_signup_state = new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, 0);
         }
-        $html .= $angeltype_html;
-      }
-    }
-    if ($shift_signup_state == null) {
-      $shift_signup_state = new ShiftSignupState(ShiftSignupState::SHIFT_ENDED, 0);
-    }
-    
-    if (in_array('user_shifts_admin', $privileges)) {
-      $html .= '<li class="list-group-item">' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'], _("Add more angels"), 'btn-xs') . '</li>';
-    }
-    if ($html != '') {
-      return [
-          $shift_signup_state,
-          '<ul class="list-group">' . $html . '</ul>' 
-      ];
-    }
-    return [
-        $shift_signup_state,
-        "" 
-    ];
-  }
 
-  /**
-   * Renders a list entry containing the needed angels for an angeltype
-   *
-   * @param Shift $shift
-   *          The shift which is rendered
-   * @param Angeltype $angeltype
-   *          The angeltype, containing informations about needed angeltypes and already signed up angels
-   * @param User $user
-   *          The user who is viewing the shift calendar
-   */
-  private function renderShiftNeededAngeltype($shift, $shift_entries, $angeltype, $user) {
-    $entry_list = [];
-    foreach ($shift_entries as $entry) {
-      $style = $entry['freeloaded'] ? " text-decoration: line-through;" : '';
-      $entry_list[] = "<span style=\"$style\">" . User_Nick_render($entry) . "</span>";
-    }
-    $shift_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, null, $angeltype, $shift_entries);
-    $inner_text = sprintf(ngettext("%d helper needed", "%d helpers needed", $shift_signup_state->getFreeEntries()), $shift_signup_state->getFreeEntries());
-    switch ($shift_signup_state->getState()) {
-      case ShiftSignupState::ADMIN:
-      case ShiftSignupState::FREE:
-        // When admin or free display a link + button for sign up
-        $entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">' . $inner_text . '</a> ' . button(page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'], _('Sign up'), 'btn-xs btn-primary');
-        break;
-      
-      case ShiftSignupState::SHIFT_ENDED:
-        // No link and add a text hint, when the shift ended
-        $entry_list[] = $inner_text . ' (' . _('ended') . ')';
-        break;
-      
-      case ShiftSignupState::ANGELTYPE:
-        if ($angeltype['restricted'] == 1) {
-          // User has to be confirmed on the angeltype first
-          $entry_list[] = $inner_text . glyph('lock');
-        } else {
-          // Add link to join the angeltype first
-          $entry_list[] = $inner_text . '<br />' . button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']), 'btn-xs');
+        if (in_array('user_shifts_admin', $privileges)) {
+            $html .= '<li class="list-group-item">' . button(
+                    page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'],
+                    _('Add more angels'),
+                    'btn-xs'
+                ) . '</li>';
         }
-        break;
-      
-      case ShiftSignupState::COLLIDES:
-      case ShiftSignupState::SIGNED_UP:
-        // Shift collides or user is already signed up: No signup allowed
-        $entry_list[] = $inner_text;
-        break;
-      
-      case ShiftSignupState::OCCUPIED:
-        // Shift is full
-        break;
+        if ($html != '') {
+            return [
+                $shift_signup_state,
+                '<ul class="list-group">' . $html . '</ul>'
+            ];
+        }
+        return [
+            $shift_signup_state,
+            ''
+        ];
     }
-    
-    $shifts_row = '<li class="list-group-item">';
-    $shifts_row .= '<strong>' . AngelType_name_render($angeltype) . ':</strong> ';
-    $shifts_row .= join(", ", $entry_list);
-    $shifts_row .= '</li>';
-    return [
-        $shift_signup_state,
-        $shifts_row 
-    ];
-  }
 
-  /**
-   * Renders the shift header
-   *
-   * @param Shift $shift
-   *          The shift
-   */
-  private function renderShiftHead($shift) {
-    global $privileges;
-    
-    $header_buttons = "";
-    if (in_array('admin_shifts', $privileges)) {
-      $header_buttons = '<div class="pull-right">' . table_buttons([
-          button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'),
-          button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs') 
-      ]) . '</div>';
+    /**
+     * Renders a list entry containing the needed angels for an angeltype
+     *
+     * @param array   $shift     The shift which is rendered
+     * @param array[] $shift_entries
+     * @param array[] $angeltype The angeltype, containing informations about needed angeltypes
+     *                           and already signed up angels
+     * @param array   $user      The user who is viewing the shift calendar
+     * @return array
+     */
+    private function renderShiftNeededAngeltype($shift, $shift_entries, $angeltype, $user)
+    {
+        $entry_list = [];
+        foreach ($shift_entries as $entry) {
+            $style = $entry['freeloaded'] ? ' text-decoration: line-through;' : '';
+            $entry_list[] = '<span style="' . $style . '">' . User_Nick_render($entry) . '</span>';
+        }
+        $shift_signup_state = Shift_signup_allowed($user, $shift, $angeltype, null, null, $angeltype, $shift_entries);
+        $inner_text = sprintf(
+            ngettext('%d helper needed', '%d helpers needed', $shift_signup_state->getFreeEntries()),
+            $shift_signup_state->getFreeEntries()
+        );
+
+        switch ($shift_signup_state->getState()) {
+            case ShiftSignupState::ADMIN:
+            case ShiftSignupState::FREE:
+                // When admin or free display a link + button for sign up
+                $entry_list[] = '<a href="' . page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'] . '">'
+                    . $inner_text
+                    . '</a> '
+                    . button(
+                        page_link_to('user_shifts') . '&amp;shift_id=' . $shift['SID'] . '&amp;type_id=' . $angeltype['id'],
+                        _('Sign up'), 'btn-xs btn-primary'
+                    );
+                break;
+
+            case ShiftSignupState::SHIFT_ENDED:
+                // No link and add a text hint, when the shift ended
+                $entry_list[] = $inner_text . ' (' . _('ended') . ')';
+                break;
+
+            case ShiftSignupState::ANGELTYPE:
+                if ($angeltype['restricted'] == 1) {
+                    // User has to be confirmed on the angeltype first
+                    $entry_list[] = $inner_text . glyph('lock');
+                } else {
+                    // Add link to join the angeltype first
+                    $entry_list[] = $inner_text . '<br />'
+                        . button(
+                            page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'],
+                            sprintf(_('Become %s'), $angeltype['name']),
+                            'btn-xs'
+                        );
+                }
+                break;
+
+            case ShiftSignupState::COLLIDES:
+            case ShiftSignupState::SIGNED_UP:
+                // Shift collides or user is already signed up: No signup allowed
+                $entry_list[] = $inner_text;
+                break;
+
+            case ShiftSignupState::OCCUPIED:
+                // Shift is full
+                break;
+        }
+
+        $shifts_row = '<li class="list-group-item">';
+        $shifts_row .= '<strong>' . AngelType_name_render($angeltype) . ':</strong> ';
+        $shifts_row .= join(', ', $entry_list);
+        $shifts_row .= '</li>';
+        return [
+            $shift_signup_state,
+            $shifts_row
+        ];
+    }
+
+    /**
+     * Renders the shift header
+     *
+     * @param array $shift The shift
+     * @return string
+     */
+    private function renderShiftHead($shift)
+    {
+        global $privileges;
+
+        $header_buttons = '';
+        if (in_array('admin_shifts', $privileges)) {
+            $header_buttons = '<div class="pull-right">' . table_buttons([
+                    button(page_link_to('user_shifts') . '&edit_shift=' . $shift['SID'], glyph('edit'), 'btn-xs'),
+                    button(page_link_to('user_shifts') . '&delete_shift=' . $shift['SID'], glyph('trash'), 'btn-xs')
+                ]) . '</div>';
+        }
+        $shift_heading = date('H:i', $shift['start']) . ' &dash; '
+            . date('H:i', $shift['end']) . ' &mdash; '
+            . $shift['name'];
+        return div('panel-heading', [
+            '<a href="' . shift_link($shift) . '">' . $shift_heading . '</a>',
+            $header_buttons
+        ]);
     }
-    $shift_heading = date('H:i', $shift['start']) . ' &dash; ' . date('H:i', $shift['end']) . ' &mdash; ' . $shift['name'];
-    return div('panel-heading', [
-        '<a href="' . shift_link($shift) . '">' . $shift_heading . '</a>',
-        $header_buttons 
-    ]);
-  }
 }
-
-?>

includes/view/ShiftEntry_view.php

@@ -2,36 +2,47 @@
 
 /**
  * Display form for adding/editing a shift entry.
+ *
  * @param string $angel
  * @param string $date
  * @param string $location
  * @param string $title
  * @param string $type
  * @param string $comment
- * 
+ * @param bool   $freeloaded
+ * @param string $freeload_comment
+ * @param bool   $user_admin_shifts
  * @return string
  */
-function ShiftEntry_edit_view($angel, $date, $location, $title, $type, $comment, $freeloaded, $freeload_comment, $user_admin_shifts = false) {
-  $freeload_form = [];
-  if ($user_admin_shifts) {
-    $freeload_form = [
-        form_checkbox('freeloaded', _("Freeloaded"), $freeloaded),
-        form_textarea('freeload_comment', _("Freeload comment (Only for shift coordination):"), $freeload_comment) 
-    ];
-  }
-  return page_with_title(_("Edit shift entry"), [
-      msg(),
-      form([
-          form_info(_("Angel:"), $angel),
-          form_info(_("Date, Duration:"), $date),
-          form_info(_("Location:"), $location),
-          form_info(_("Title:"), $title),
-          form_info(_("Type:"), $type),
-          form_textarea('comment', _("Comment (for your eyes only):"), $comment),
-          join("", $freeload_form),
-          form_submit('submit', _("Save")) 
-      ]) 
-  ]);
+function ShiftEntry_edit_view(
+    $angel,
+    $date,
+    $location,
+    $title,
+    $type,
+    $comment,
+    $freeloaded,
+    $freeload_comment,
+    $user_admin_shifts = false
+) {
+    $freeload_form = [];
+    if ($user_admin_shifts) {
+        $freeload_form = [
+            form_checkbox('freeloaded', _('Freeloaded'), $freeloaded),
+            form_textarea('freeload_comment', _('Freeload comment (Only for shift coordination):'), $freeload_comment)
+        ];
+    }
+    return page_with_title(_('Edit shift entry'), [
+        msg(),
+        form([
+            form_info(_('Angel:'), $angel),
+            form_info(_('Date, Duration:'), $date),
+            form_info(_('Location:'), $location),
+            form_info(_('Title:'), $title),
+            form_info(_('Type:'), $type),
+            form_textarea('comment', _('Comment (for your eyes only):'), $comment),
+            join('', $freeload_form),
+            form_submit('submit', _('Save'))
+        ])
+    ]);
 }
-
-?>

includes/view/ShiftTypes_view.php

@@ -1,84 +1,127 @@
 <?php
 
-function ShiftType_name_render($shifttype) {
-  global $privileges;
-  if (in_array('shifttypes', $privileges)) {
-    return '<a href="' . shifttype_link($shifttype) . '">' . $shifttype['name'] . '</a>';
-  }
-  return $shifttype['name'];
+/**
+ * @param array $shifttype
+ * @return string
+ */
+function ShiftType_name_render($shifttype)
+{
+    global $privileges;
+    if (in_array('shifttypes', $privileges)) {
+        return '<a href="' . shifttype_link($shifttype) . '">' . $shifttype['name'] . '</a>';
+    }
+    return $shifttype['name'];
 }
 
-function ShiftType_delete_view($shifttype) {
-  return page_with_title(sprintf(_("Delete shifttype %s"), $shifttype['name']), [
-      info(sprintf(_("Do you want to delete shifttype %s?"), $shifttype['name']), true),
-      buttons([
-          button(page_link_to('shifttypes'), _("cancel"), 'cancel'),
-          button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed', _("delete"), 'ok') 
-      ]) 
-  ]);
-}
-
-function ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id) {
-  $angeltypes_select = [
-      '' => _('All') 
-  ];
-  foreach ($angeltypes as $angeltype) {
-    $angeltypes_select[$angeltype['id']] = $angeltype['name'];
-  }
-  
-  return page_with_title($shifttype_id ? _('Edit shifttype') : _('Create shifttype'), [
-      msg(),
-      buttons([
-          button(page_link_to('shifttypes'), shifttypes_title(), 'back') 
-      ]),
-      form([
-          form_text('name', _('Name'), $name),
-          form_select('angeltype_id', _('Angeltype'), $angeltypes_select, $angeltype_id),
-          form_textarea('description', _('Description'), $description),
-          form_info('', _('Please use markdown for the description.')),
-          form_submit('submit', _('Save')) 
-      ]) 
-  ]);
-}
-
-function ShiftType_view($shifttype, $angeltype) {
-  $parsedown = new Parsedown();
-  $title = $shifttype['name'];
-  if ($angeltype) {
-    $title .= ' <small>' . sprintf(_('for team %s'), $angeltype['name']) . '</small>';
-  }
-  return page_with_title($title, [
-      msg(),
-      buttons([
-          button(page_link_to('shifttypes'), shifttypes_title(), 'back'),
-          $angeltype ? button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], $angeltype['name']) : '',
-          button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'edit'),
-          button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'delete') 
-      ]),
-      heading(_("Description"), 2),
-      $parsedown->parse($shifttype['description']) 
-  ]);
-}
-
-function ShiftTypes_list_view($shifttypes) {
-  foreach ($shifttypes as &$shifttype) {
-    $shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>';
-    $shifttype['actions'] = table_buttons([
-        button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'),
-        button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'btn-xs') 
+/**
+ * @param array $shifttype
+ * @return string
+ */
+function ShiftType_delete_view($shifttype)
+{
+    return page_with_title(sprintf(_('Delete shifttype %s'), $shifttype['name']), [
+        info(sprintf(_('Do you want to delete shifttype %s?'), $shifttype['name']), true),
+        buttons([
+            button(page_link_to('shifttypes'), _('cancel'), 'cancel'),
+            button(
+                page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'] . '&confirmed',
+                _('delete'),
+                'ok btn-danger'
+            )
+        ])
     ]);
-  }
-  
-  return page_with_title(shifttypes_title(), [
-      msg(),
-      buttons([
-          button(page_link_to('shifttypes') . '&action=edit', _('New shifttype'), 'add') 
-      ]),
-      table([
-          'name' => _('Name'),
-          'actions' => '' 
-      ], $shifttypes) 
-  ]);
 }
 
-?>
+/**
+ * @param string   $name
+ * @param int      $angeltype_id
+ * @param array[]  $angeltypes
+ * @param string   $description
+ * @param int|bool $shifttype_id
+ * @return string
+ */
+function ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id)
+{
+    $angeltypes_select = [
+        '' => _('All')
+    ];
+    foreach ($angeltypes as $angeltype) {
+        $angeltypes_select[$angeltype['id']] = $angeltype['name'];
+    }
+
+    return page_with_title($shifttype_id ? _('Edit shifttype') : _('Create shifttype'), [
+        msg(),
+        buttons([
+            button(page_link_to('shifttypes'), shifttypes_title(), 'back')
+        ]),
+        form([
+            form_text('name', _('Name'), $name),
+            form_select('angeltype_id', _('Angeltype'), $angeltypes_select, $angeltype_id),
+            form_textarea('description', _('Description'), $description),
+            form_info('', _('Please use markdown for the description.')),
+            form_submit('submit', _('Save'))
+        ])
+    ]);
+}
+
+/**
+ * @param array $shifttype
+ * @param array $angeltype
+ * @return string
+ */
+function ShiftType_view($shifttype, $angeltype)
+{
+    $parsedown = new Parsedown();
+    $title = $shifttype['name'];
+    if ($angeltype) {
+        $title .= ' <small>' . sprintf(_('for team %s'), $angeltype['name']) . '</small>';
+    }
+    return page_with_title($title, [
+        msg(),
+        buttons([
+            button(page_link_to('shifttypes'), shifttypes_title(), 'back'),
+            $angeltype ? button(
+                page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
+                $angeltype['name']
+            ) : '',
+            button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'edit'),
+            button(
+                page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
+                _('delete'),
+                'delete'
+            )
+        ]),
+        heading(_('Description'), 2),
+        $parsedown->parse($shifttype['description'])
+    ]);
+}
+
+/**
+ * @param array[] $shifttypes
+ * @return string
+ */
+function ShiftTypes_list_view($shifttypes)
+{
+    foreach ($shifttypes as &$shifttype) {
+        $shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>';
+        $shifttype['actions'] = table_buttons([
+            button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'),
+            button(
+                page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'],
+                _('delete'),
+                'btn-xs'
+            )
+        ]);
+    }
+
+    return page_with_title(shifttypes_title(), [
+        msg(),
+        buttons([
+            button(page_link_to('shifttypes') . '&action=edit', _('New shifttype'), 'add')
+        ]),
+        table([
+            'name'    => _('Name'),
+            'actions' => ''
+        ], $shifttypes)
+    ]);
+}

includes/view/ShiftsFilterRenderer.php

@@ -2,68 +2,80 @@
 
 namespace Engelsystem;
 
-class ShiftsFilterRenderer {
+class ShiftsFilterRenderer
+{
+    /**
+     * The shiftFilter to render.
+     *
+     * @var ShiftsFilter
+     */
+    private $shiftsFilter;
 
-  /**
-   * The shiftFilter to render.
-   *
-   * @var ShiftsFilter
-   */
-  private $shiftsFilter;
+    /**
+     * Should the filter display a day selection.
+     *
+     * @var boolean
+     */
+    private $daySelectionEnabled = false;
 
-  /**
-   * Should the filter display a day selection.
-   *
-   * @var boolean
-   */
-  private $daySelectionEnabled = false;
+    /**
+     * Days that can be selected.
+     * Format Y-m-d
+     *
+     * @var string[]
+     */
+    private $days = [];
 
-  /**
-   * Days that can be selected.
-   * Format Y-m-d
-   *
-   * @var string[]
-   */
-  private $days = [];
-
-  public function __construct(ShiftsFilter $shiftsFilter) {
-    $this->shiftsFilter = $shiftsFilter;
-  }
-
-  /**
-   * Renders the filter.
-   *
-   * @return Generated HTML
-   */
-  public function render($link_base) {
-    $toolbar = [];
-    if ($this->daySelectionEnabled && ! empty($this->days)) {
-      $selected_day = date("Y-m-d", $this->shiftsFilter->getStartTime());
-      $day_dropdown_items = [];
-      foreach ($this->days as $day) {
-        $day_dropdown_items[] = toolbar_item_link($link_base . '&shifts_filter_day=' . $day, '', $day);
-      }
-      $toolbar[] = toolbar_dropdown('', $selected_day, $day_dropdown_items, 'active');
+    /**
+     * ShiftsFilterRenderer constructor.
+     *
+     * @param ShiftsFilter $shiftsFilter
+     */
+    public function __construct(ShiftsFilter $shiftsFilter)
+    {
+        $this->shiftsFilter = $shiftsFilter;
     }
-    return div('form-group', [
-        toolbar_pills($toolbar) 
-    ]);
-  }
 
-  /**
-   * Should the filter display a day selection.
-   */
-  public function enableDaySelection($days) {
-    $this->daySelectionEnabled = true;
-    $this->days = $days;
-  }
+    /**
+     * Renders the filter.
+     *
+     * @param string $link_base
+     * @return string Generated HTML
+     */
+    public function render($link_base)
+    {
+        $toolbar = [];
+        if ($this->daySelectionEnabled && !empty($this->days)) {
+            $selected_day = date('Y-m-d', $this->shiftsFilter->getStartTime());
+            $day_dropdown_items = [];
+            foreach ($this->days as $day) {
+                $day_dropdown_items[] = toolbar_item_link($link_base . '&shifts_filter_day=' . $day, '', $day);
+            }
+            $toolbar[] = toolbar_dropdown('', $selected_day, $day_dropdown_items, 'active');
+        }
+        return div('form-group', [
+            toolbar_pills($toolbar)
+        ]);
+    }
 
-  /**
-   * Should the filter display a day selection.
-   */
-  public function isDaySelectionEnabled() {
-    return $this->daySelectionEnabled;
-  }
+    /**
+     * Should the filter display a day selection.
+     *
+     * @param string[] $days
+     */
+    public function enableDaySelection($days)
+    {
+        $this->daySelectionEnabled = true;
+        $this->days = $days;
+    }
+
+    /**
+     * Should the filter display a day selection.
+     *
+     * @return bool
+     */
+    public function isDaySelectionEnabled()
+    {
+        return $this->daySelectionEnabled;
+    }
 }
-
-?>

includes/view/Shifts_view.php

@@ -1,163 +1,232 @@
 <?php
 use Engelsystem\ShiftSignupState;
 
-function Shift_editor_info_render($shift) {
-  $info = [];
-  if ($shift['created_by_user_id'] != null) {
-    $info[] = sprintf(glyph('plus') . _("created at %s by %s"), date('Y-m-d H:i', $shift['created_at_timestamp']), User_Nick_render(User($shift['created_by_user_id'])));
-  }
-  if ($shift['edited_by_user_id'] != null) {
-    $info[] = sprintf(glyph('pencil') . _("edited at %s by %s"), date('Y-m-d H:i', $shift['edited_at_timestamp']), User_Nick_render(User($shift['edited_by_user_id'])));
-  }
-  return join('<br />', $info);
-}
-
-function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null) {
-  global $user;
-  
-  if ($user_angeltype == null) {
-    $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
-  }
-  
-  if ($angeltype['shift_signup_state']->isSignupAllowed()) {
-    return button(page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'], _('Sign up'));
-  } elseif ($user_angeltype == null) {
-    return button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], sprintf(_('Become %s'), $angeltype['name']));
-  }
-  return '';
-}
-
-function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupState $shift_signup_state) {
-  global $privileges;
-  
-  $shift_admin = in_array('admin_shifts', $privileges);
-  $user_shift_admin = in_array('user_shifts_admin', $privileges);
-  $admin_rooms = in_array('admin_rooms', $privileges);
-  $admin_shifttypes = in_array('shifttypes', $privileges);
-  
-  $parsedown = new Parsedown();
-  
-  $angeltypes = [];
-  foreach ($angeltypes_source as $angeltype) {
-    $angeltypes[$angeltype['id']] = $angeltype;
-  }
-  
-  $needed_angels = '';
-  foreach ($shift['NeedAngels'] as $needed_angeltype) {
-    $needed_angels .= Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin);
-  }
-  
-  return page_with_title($shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>', [
-      msg(),
-      $shift_signup_state->getState() == ShiftSignupState::COLLIDES ? info(_('This shift collides with one of your shifts.'), true) : '',
-      $shift_signup_state->getState() == ShiftSignupState::SIGNED_UP ? info(_('You are signed up for this shift.'), true) : '',
-      ($shift_admin || $admin_shifttypes || $admin_rooms) ? buttons([
-          $shift_admin ? button(shift_edit_link($shift), glyph('pencil') . _('edit')) : '',
-          $shift_admin ? button(shift_delete_link($shift), glyph('trash') . _('delete')) : '',
-          $admin_shifttypes ? button(shifttype_link($shifttype), $shifttype['name']) : '',
-          $admin_rooms ? button(room_link($room), glyph('map-marker') . $room['Name']) : '' 
-      ]) : '',
-      div('row', [
-          div('col-sm-3 col-xs-6', [
-              '<h4>' . _('Title') . '</h4>',
-              '<p class="lead">' . ($shift['URL'] != '' ? '<a href="' . $shift['URL'] . '">' . $shift['title'] . '</a>' : $shift['title']) . '</p>' 
-          ]),
-          div('col-sm-3 col-xs-6', [
-              '<h4>' . _('Start') . '</h4>',
-              '<p class="lead' . (time() >= $shift['start'] ? ' text-success' : '') . '">',
-              glyph('calendar') . date(_('Y-m-d'), $shift['start']),
-              '<br />',
-              glyph('time') . date('H:i', $shift['start']),
-              '</p>' 
-          ]),
-          div('col-sm-3 col-xs-6', [
-              '<h4>' . _('End') . '</h4>',
-              '<p class="lead' . (time() >= $shift['end'] ? ' text-success' : '') . '">',
-              glyph('calendar') . date(_('Y-m-d'), $shift['end']),
-              '<br />',
-              glyph('time') . date('H:i', $shift['end']),
-              '</p>' 
-          ]),
-          div('col-sm-3 col-xs-6', [
-              '<h4>' . _('Location') . '</h4>',
-              '<p class="lead">' . Room_name_render($room) . '</p>' 
-          ]) 
-      ]),
-      div('row', [
-          div('col-sm-6', [
-              '<h2>' . _('Needed angels') . '</h2>',
-              '<div class="list-group">' . $needed_angels . '</div>' 
-          ]),
-          div('col-sm-6', [
-              '<h2>' . _('Description') . '</h2>',
-              $parsedown->parse($shifttype['description']) 
-          ]) 
-      ]),
-      $shift_admin ? Shift_editor_info_render($shift) : '' 
-  ]);
-}
-
-function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin) {
-  global $user;
-  
-  $angeltype = $angeltypes[$needed_angeltype['TID']];
-  $angeltype_supporter = User_is_AngelType_supporter($user, $angeltype);
-  
-  $needed_angels = '';
-  
-  $class = 'progress-bar-warning';
-  if ($needed_angeltype['taken'] == 0) {
-    $class = 'progress-bar-danger';
-  }
-  if ($needed_angeltype['taken'] >= $needed_angeltype['count']) {
-    $class = 'progress-bar-success';
-  }
-  $needed_angels .= '<div class="list-group-item">';
-  
-  $needed_angels .= '<div class="pull-right">' . Shift_signup_button_render($shift, $angeltype) . '</div>';
-  
-  $needed_angels .= '<h3>' . AngelType_name_render($angeltype) . '</h3>';
-  $bar_max = max($needed_angeltype['count'] * 10, $needed_angeltype['taken'] * 10, 10);
-  $bar_value = max(1, $needed_angeltype['taken'] * 10);
-  $needed_angels .= progress_bar(0, $bar_max, $bar_value, $class, $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']);
-  
-  $angels = [];
-  foreach ($shift['ShiftEntry'] as $shift_entry) {
-    if ($shift_entry['TID'] == $needed_angeltype['TID']) {
-      $angels[] = Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter);
+/**
+ * @param array $shift
+ * @return string
+ */
+function Shift_editor_info_render($shift)
+{
+    $info = [];
+    if ($shift['created_by_user_id'] != null) {
+        $info[] = sprintf(
+            glyph('plus') . _('created at %s by %s'),
+            date('Y-m-d H:i', $shift['created_at_timestamp']),
+            User_Nick_render(User($shift['created_by_user_id']))
+        );
     }
-  }
-  
-  $needed_angels .= join(', ', $angels);
-  $needed_angels .= '</div>';
-  
-  return $needed_angels;
+    if ($shift['edited_by_user_id'] != null) {
+        $info[] = sprintf(
+            glyph('pencil') . _('edited at %s by %s'),
+            date('Y-m-d H:i', $shift['edited_at_timestamp']),
+            User_Nick_render(User($shift['edited_by_user_id']))
+        );
+    }
+    return join('<br />', $info);
 }
 
-function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter) {
-  $entry = User_Nick_render(User($shift_entry['UID']));
-  if ($shift_entry['freeloaded']) {
-    $entry = '<strike>' . $entry . '</strike>';
-  }
-  if ($user_shift_admin || $angeltype_supporter) {
-    $entry .= ' <div class="btn-group">';
-    if ($user_shift_admin) {
-      $entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs');
+/**
+ * @param array $shift
+ * @param array $angeltype
+ * @param array $user_angeltype
+ * @return string
+ */
+function Shift_signup_button_render($shift, $angeltype, $user_angeltype = null)
+{
+    global $user;
+
+    if ($user_angeltype == null) {
+        $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype);
     }
-    $entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
-    $entry .= '</div>';
-  }
-  return $entry;
+
+    if ($angeltype['shift_signup_state']->isSignupAllowed()) {
+        return button(
+            page_link_to('user_shifts') . '&shift_id=' . $shift['SID'] . '&type_id=' . $angeltype['id'],
+            _('Sign up')
+        );
+    } elseif ($user_angeltype == null) {
+        return button(
+            page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'],
+            sprintf(_('Become %s'),
+                $angeltype['name'])
+        );
+    }
+    return '';
+}
+
+/**
+ * @param array            $shift
+ * @param array            $shifttype
+ * @param array            $room
+ * @param array[]          $angeltypes_source
+ * @param ShiftSignupState $shift_signup_state
+ * @return string
+ */
+function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupState $shift_signup_state)
+{
+    global $privileges;
+
+    $shift_admin = in_array('admin_shifts', $privileges);
+    $user_shift_admin = in_array('user_shifts_admin', $privileges);
+    $admin_rooms = in_array('admin_rooms', $privileges);
+    $admin_shifttypes = in_array('shifttypes', $privileges);
+
+    $parsedown = new Parsedown();
+
+    $angeltypes = [];
+    foreach ($angeltypes_source as $angeltype) {
+        $angeltypes[$angeltype['id']] = $angeltype;
+    }
+
+    $needed_angels = '';
+    foreach ($shift['NeedAngels'] as $needed_angeltype) {
+        $needed_angels .= Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin);
+    }
+
+    return page_with_title(
+        $shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>',
+        [
+            msg(),
+            $shift_signup_state->getState() == ShiftSignupState::COLLIDES
+                ? info(_('This shift collides with one of your shifts.'), true)
+                : '',
+            $shift_signup_state->getState() == ShiftSignupState::SIGNED_UP
+                ? info(_('You are signed up for this shift.'), true)
+                : '',
+            ($shift_admin || $admin_shifttypes || $admin_rooms) ? buttons([
+                $shift_admin ? button(shift_edit_link($shift), glyph('pencil') . _('edit')) : '',
+                $shift_admin ? button(shift_delete_link($shift), glyph('trash') . _('delete')) : '',
+                $admin_shifttypes ? button(shifttype_link($shifttype), $shifttype['name']) : '',
+                $admin_rooms ? button(room_link($room), glyph('map-marker') . $room['Name']) : ''
+            ]) : '',
+            div('row', [
+                div('col-sm-3 col-xs-6', [
+                    '<h4>' . _('Title') . '</h4>',
+                    '<p class="lead">' . ($shift['URL'] != '' ? '<a href="' . $shift['URL'] . '">' . $shift['title'] . '</a>' : $shift['title']) . '</p>'
+                ]),
+                div('col-sm-3 col-xs-6', [
+                    '<h4>' . _('Start') . '</h4>',
+                    '<p class="lead' . (time() >= $shift['start'] ? ' text-success' : '') . '">',
+                    glyph('calendar') . date(_('Y-m-d'), $shift['start']),
+                    '<br />',
+                    glyph('time') . date('H:i', $shift['start']),
+                    '</p>'
+                ]),
+                div('col-sm-3 col-xs-6', [
+                    '<h4>' . _('End') . '</h4>',
+                    '<p class="lead' . (time() >= $shift['end'] ? ' text-success' : '') . '">',
+                    glyph('calendar') . date(_('Y-m-d'), $shift['end']),
+                    '<br />',
+                    glyph('time') . date('H:i', $shift['end']),
+                    '</p>'
+                ]),
+                div('col-sm-3 col-xs-6', [
+                    '<h4>' . _('Location') . '</h4>',
+                    '<p class="lead">' . Room_name_render($room) . '</p>'
+                ])
+            ]),
+            div('row', [
+                div('col-sm-6', [
+                    '<h2>' . _('Needed angels') . '</h2>',
+                    '<div class="list-group">' . $needed_angels . '</div>'
+                ]),
+                div('col-sm-6', [
+                    '<h2>' . _('Description') . '</h2>',
+                    $parsedown->parse($shifttype['description'])
+                ])
+            ]),
+            $shift_admin ? Shift_editor_info_render($shift) : ''
+        ]
+    );
+}
+
+/**
+ * @param array   $needed_angeltype
+ * @param array   $angeltypes
+ * @param array[] $shift
+ * @param bool    $user_shift_admin
+ * @return string
+ */
+function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin)
+{
+    global $user;
+
+    $angeltype = $angeltypes[$needed_angeltype['TID']];
+    $angeltype_supporter = User_is_AngelType_supporter($user, $angeltype);
+
+    $needed_angels = '';
+
+    $class = 'progress-bar-warning';
+    if ($needed_angeltype['taken'] == 0) {
+        $class = 'progress-bar-danger';
+    }
+    if ($needed_angeltype['taken'] >= $needed_angeltype['count']) {
+        $class = 'progress-bar-success';
+    }
+    $needed_angels .= '<div class="list-group-item">';
+
+    $needed_angels .= '<div class="pull-right">' . Shift_signup_button_render($shift, $angeltype) . '</div>';
+
+    $needed_angels .= '<h3>' . AngelType_name_render($angeltype) . '</h3>';
+    $bar_max = max($needed_angeltype['count'] * 10, $needed_angeltype['taken'] * 10, 10);
+    $bar_value = max(1, $needed_angeltype['taken'] * 10);
+    $needed_angels .= progress_bar(
+        0,
+        $bar_max,
+        $bar_value,
+        $class,
+        $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']
+    );
+
+    $angels = [];
+    foreach ($shift['ShiftEntry'] as $shift_entry) {
+        if ($shift_entry['TID'] == $needed_angeltype['TID']) {
+            $angels[] = Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter);
+        }
+    }
+
+    $needed_angels .= join(', ', $angels);
+    $needed_angels .= '</div>';
+
+    return $needed_angels;
+}
+
+/**
+ * @param array $shift_entry
+ * @param bool  $user_shift_admin
+ * @param bool  $angeltype_supporter
+ * @return string
+ */
+function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter)
+{
+    $entry = User_Nick_render(User($shift_entry['UID']));
+    if ($shift_entry['freeloaded']) {
+        $entry = '<del>' . $entry . '</del>';
+    }
+    if ($user_shift_admin || $angeltype_supporter) {
+        $entry .= ' <div class="btn-group">';
+        if ($user_shift_admin) {
+            $entry .= button_glyph(
+                page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'],
+                'pencil',
+                'btn-xs'
+            );
+        }
+        $entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
+        $entry .= '</div>';
+    }
+    return $entry;
 }
 
 /**
  * Calc shift length in format 12:23h.
  *
- * @param Shift $shift          
+ * @param array $shift
+ * @return string
  */
-function shift_length($shift) {
-  $length = floor(($shift['end'] - $shift['start']) / (60 * 60)) . ":";
-  $length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, "0", STR_PAD_LEFT) . "h";
-  return $length;
+function shift_length($shift)
+{
+    $length = floor(($shift['end'] - $shift['start']) / (60 * 60)) . ':';
+    $length .= str_pad((($shift['end'] - $shift['start']) % (60 * 60)) / 60, 2, '0', STR_PAD_LEFT) . 'h';
+    return $length;
 }
-?>

includes/view/UserAngelTypes_view.php

@@ -1,88 +1,164 @@
 <?php
 
-function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporter) {
-  return page_with_title($supporter ? _("Add supporter rights") : _("Remove supporter rights"), [
-      msg(),
-      info(sprintf($supporter ? _("Do you really want to add supporter rights for %s to %s?") : _("Do you really want to remove supporter rights for %s from %s?"), $angeltype['name'], User_Nick_render($user)), true),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
-          button(page_link_to('user_angeltypes') . '&action=update&user_angeltype_id=' . $user_angeltype['id'] . '&supporter=' . ($supporter ? '1' : '0') . '&confirmed', _("yes"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $user_angeltype
+ * @param array $user
+ * @param array $angeltype
+ * @param bool  $supporter
+ * @return string
+ */
+function UserAngelType_update_view($user_angeltype, $user, $angeltype, $supporter)
+{
+    return page_with_title($supporter ? _('Add supporter rights') : _('Remove supporter rights'), [
+        msg(),
+        info(sprintf(
+            $supporter
+                ? _('Do you really want to add supporter rights for %s to %s?')
+                : _('Do you really want to remove supporter rights for %s from %s?'),
+            $angeltype['name'],
+            User_Nick_render($user)
+        ), true),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
+            button(
+                page_link_to('user_angeltypes')
+                . '&action=update&user_angeltype_id=' . $user_angeltype['id']
+                . '&supporter=' . ($supporter ? '1' : '0')
+                . '&confirmed',
+                _('yes'),
+                'ok'
+            )
+        ])
+    ]);
 }
 
-function UserAngelTypes_delete_all_view($angeltype) {
-  return page_with_title(_("Deny all users"), [
-      msg(),
-      info(sprintf(_("Do you really want to deny all users for %s?"), $angeltype['name']), true),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
-          button(page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed', _("yes"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $angeltype
+ * @return string
+ */
+function UserAngelTypes_delete_all_view($angeltype)
+{
+    return page_with_title(_('Deny all users'), [
+        msg(),
+        info(sprintf(_('Do you really want to deny all users for %s?'), $angeltype['name']), true),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
+            button(
+                page_link_to('user_angeltypes') . '&action=delete_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
+                _('yes'),
+                'ok'
+            )
+        ])
+    ]);
 }
 
-function UserAngelTypes_confirm_all_view($angeltype) {
-  return page_with_title(_("Confirm all users"), [
-      msg(),
-      info(sprintf(_("Do you really want to confirm all users for %s?"), $angeltype['name']), true),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
-          button(page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed', _("yes"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $angeltype
+ * @return string
+ */
+function UserAngelTypes_confirm_all_view($angeltype)
+{
+    return page_with_title(_('Confirm all users'), [
+        msg(),
+        info(sprintf(_('Do you really want to confirm all users for %s?'), $angeltype['name']), true),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
+            button(
+                page_link_to('user_angeltypes') . '&action=confirm_all&angeltype_id=' . $angeltype['id'] . '&confirmed',
+                _('yes'),
+                'ok'
+            )
+        ])
+    ]);
 }
 
-function UserAngelType_confirm_view($user_angeltype, $user, $angeltype) {
-  return page_with_title(_("Confirm angeltype for user"), [
-      msg(),
-      info(sprintf(_("Do you really want to confirm %s for %s?"), User_Nick_render($user), $angeltype['name']), true),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
-          button(page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', _("yes"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $user_angeltype
+ * @param array $user
+ * @param array $angeltype
+ * @return string
+ */
+function UserAngelType_confirm_view($user_angeltype, $user, $angeltype)
+{
+    return page_with_title(_('Confirm angeltype for user'), [
+        msg(),
+        info(sprintf(_('Do you really want to confirm %s for %s?'), User_Nick_render($user), $angeltype['name']), true),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
+            button(
+                page_link_to('user_angeltypes') . '&action=confirm&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
+                _('yes'),
+                'ok'
+            )
+        ])
+    ]);
 }
 
-function UserAngelType_delete_view($user_angeltype, $user, $angeltype) {
-  return page_with_title(_("Remove angeltype"), [
-      msg(),
-      info(sprintf(_("Do you really want to delete %s from %s?"), User_Nick_render($user), $angeltype['name']), true),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
-          button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed', _("yes"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $user_angeltype
+ * @param array $user
+ * @param array $angeltype
+ * @return string
+ */
+function UserAngelType_delete_view($user_angeltype, $user, $angeltype)
+{
+    return page_with_title(_('Remove angeltype'), [
+        msg(),
+        info(sprintf(_('Do you really want to delete %s from %s?'), User_Nick_render($user), $angeltype['name']), true),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
+            button(
+                page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $user_angeltype['id'] . '&confirmed',
+                _('yes'),
+                'ok'
+            )
+        ])
+    ]);
 }
 
-function UserAngelType_add_view($angeltype, $users_source, $user_id) {
-  $users = [];
-  foreach ($users_source as $user_source) {
-    $users[$user_source['UID']] = User_Nick_render($user_source);
-  }
-  
-  return page_with_title(_("Add user to angeltype"), [
-      msg(),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("back"), 'back') 
-      ]),
-      form([
-          form_info(_("Angeltype"), $angeltype['name']),
-          form_select('user_id', _("User"), $users, $user_id),
-          form_submit('submit', _("Add")) 
-      ]) 
-  ]);
+/**
+ * @param array   $angeltype
+ * @param array[] $users_source
+ * @param int     $user_id
+ * @return string
+ */
+function UserAngelType_add_view($angeltype, $users_source, $user_id)
+{
+    $users = [];
+    foreach ($users_source as $user_source) {
+        $users[$user_source['UID']] = User_Nick_render($user_source);
+    }
+
+    return page_with_title(_('Add user to angeltype'), [
+        msg(),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('back'), 'back')
+        ]),
+        form([
+            form_info(_('Angeltype'), $angeltype['name']),
+            form_select('user_id', _('User'), $users, $user_id),
+            form_submit('submit', _('Add'))
+        ])
+    ]);
 }
 
-function UserAngelType_join_view($user, $angeltype) {
-  return page_with_title(sprintf(_("Become a %s"), $angeltype['name']), [
-      msg(),
-      info(sprintf(_("Do you really want to add %s to %s?"), User_Nick_render($user), $angeltype['name']), true),
-      buttons([
-          button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'),
-          button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed', _("save"), 'ok') 
-      ]) 
-  ]);
+/**
+ * @param array $user
+ * @param array $angeltype
+ * @return string
+ */
+function UserAngelType_join_view($user, $angeltype)
+{
+    return page_with_title(sprintf(_('Become a %s'), $angeltype['name']), [
+        msg(),
+        info(sprintf(_('Do you really want to add %s to %s?'), User_Nick_render($user), $angeltype['name']), true),
+        buttons([
+            button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _('cancel'), 'cancel'),
+            button(
+                page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed',
+                _('save'),
+                'ok'
+            )
+        ])
+    ]);
 }
-
-?>

includes/view/UserDriverLicenses_view.php

@@ -3,45 +3,60 @@
 /**
  * Edit a user's driving license information.
  *
- * @param User $user_source
- *          The user
- * @param bool $wants_to_drive
- *          true, if the user wants to drive
- * @param UserDriverLicense $user_driver_license
- *          The user driver license
+ * @param array $user_source         The user
+ * @param bool  $wants_to_drive      true, if the user wants to drive
+ * @param array $user_driver_license The user driver license
  * @return string
  */
-function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license) {
-  return page_with_title(sprintf(_("Edit %s driving license information"), User_Nick_render($user_source)), [
-      buttons([
-          button(user_link($user_source), _("Back to profile"), 'back') 
-      ]),
-      msg(),
-      form([
-          form_info(_("Privacy"), _("Your driving license information is only visible for supporters and admins.")),
-          form_checkbox('wants_to_drive', _("I am willing to drive a car for the event"), $wants_to_drive),
-          div('panel panel-default', [
-              div('panel-body', [
-                  form_checkbox('has_car', _("I have my own car with me and am willing to use it for the event (You'll get reimbursed for fuel)"), $user_driver_license['has_car']),
-                  heading(_("Driver license"), 3),
-                  form_checkbox('has_license_car', _("Car"), $user_driver_license['has_license_car']),
-                  form_checkbox('has_license_3_5t_transporter', _("Transporter 3,5t"), $user_driver_license['has_license_3_5t_transporter']),
-                  form_checkbox('has_license_7_5t_truck', _("Truck 7,5t"), $user_driver_license['has_license_7_5t_truck']),
-                  form_checkbox('has_license_12_5t_truck', _("Truck 12,5t"), $user_driver_license['has_license_12_5t_truck']),
-                  form_checkbox('has_license_forklift', _("Forklift"), $user_driver_license['has_license_forklift']) 
-              ]) 
-          ], 'driving_license'),
-          form_submit('submit', _("Save")) 
-      ]),
-      '<script type="text/javascript">
+function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver_license)
+{
+    return page_with_title(sprintf(_('Edit %s driving license information'), User_Nick_render($user_source)), [
+        buttons([
+            button(user_link($user_source), _('Back to profile'), 'back')
+        ]),
+        msg(),
+        form([
+            form_info(_('Privacy'), _('Your driving license information is only visible for supporters and admins.')),
+            form_checkbox('wants_to_drive', _('I am willing to operate cars for the PL'), $wants_to_drive),
+            div('panel panel-default', [
+                div('panel-body', [
+                    form_checkbox(
+                        'has_car',
+                        _('I have my own car with me and am willing to use it for the PL (You\'ll get reimbursed for fuel)'),
+                        $user_driver_license['has_car']
+                    ),
+                    heading(_('Driver license'), 3),
+                    form_checkbox('has_license_car', _('Car'), $user_driver_license['has_license_car']),
+                    form_checkbox(
+                        'has_license_3_5t_transporter',
+                        _('Transporter 3,5t'),
+                        $user_driver_license['has_license_3_5t_transporter']
+                    ),
+                    form_checkbox(
+                        'has_license_7_5t_truck',
+                        _('Truck 7,5t'),
+                        $user_driver_license['has_license_7_5t_truck']
+                    ),
+                    form_checkbox(
+                        'has_license_12_5t_truck',
+                        _('Truck 12,5t'),
+                        $user_driver_license['has_license_12_5t_truck']
+                    ),
+                    form_checkbox('has_license_forklift', _('Forklift'), $user_driver_license['has_license_forklift'])
+                ])
+            ], 'driving_license'),
+            form_submit('submit', _('Save'))
+        ]),
+        '<script type="text/javascript">
         $(function() {
-          if($("#wants_to_drive").is(":checked"))
+          var checkbox = $("#wants_to_drive");
+          if(checkbox.is(":checked"))
             $("#driving_license").show();
           else
             $("#driving_license").hide();
-        
-          $("#wants_to_drive").click(
-            function(e) {
+
+          checkbox.click(
+            function() {
               if($("#wants_to_drive").is(":checked"))
                 $("#driving_license").show();
               else
@@ -49,8 +64,6 @@ function UserDriverLicense_edit_view($user_source, $wants_to_drive, $user_driver
             }
           );
         });
-      </script>' 
-  ]);
+      </script>'
+    ]);
 }
-
-?>

includes/view/UserHintsRenderer.php

@@ -2,58 +2,65 @@
 
 namespace Engelsystem;
 
-class UserHintsRenderer {
+class UserHintsRenderer
+{
+    /** @var string[] */
+    private $hints = [];
 
-  private $hints = [];
+    private $important = false;
 
-  private $important = false;
+    /**
+     * Render the added hints to a popover for the toolbar.
+     *
+     * @return string
+     */
+    public function render()
+    {
+        if (count($this->hints) > 0) {
+            $hint_class = $this->important ? 'danger' : 'info';
+            $glyphicon = $this->important ? 'warning-sign' : 'info-sign';
 
-  /**
-   * Render the added hints to a popover for the toolbar.
-   */
-  public function render() {
-    if (count($this->hints) > 0) {
-      $hint_class = $this->important ? 'danger' : 'info';
-      $glyphicon = $this->important ? 'warning-sign' : 'info-sign';
-      
-      return toolbar_popover($glyphicon . ' text-' . $hint_class, '', $this->hints, 'bg-' . $hint_class);
+            return toolbar_popover($glyphicon . ' text-' . $hint_class, '', $this->hints, 'bg-' . $hint_class);
+        }
+
+        return '';
     }
-    
-    return '';
-  }
 
-  /**
-   * Add a hint to the list, if its not null and a not empty string.
-   *
-   * @param string $hint
-   *          The hint
-   * @param boolean $important
-   *          Is the hint important?
-   */
-  public function addHint($hint, $important = false) {
-    if ($hint != null && $hint != '') {
-      if ($important) {
-        $this->important = true;
-        $this->hints[] = error($hint, true);
-      } else {
-        $this->hints[] = info($hint, true);
-      }
+    /**
+     * Add a hint to the list, if its not null and a not empty string.
+     *
+     * @param string  $hint      The hint
+     * @param boolean $important Is the hint important?
+     */
+    public function addHint($hint, $important = false)
+    {
+        if ($hint != null && $hint != '') {
+            if ($important) {
+                $this->important = true;
+                $this->hints[] = error($hint, true);
+            } else {
+                $this->hints[] = info($hint, true);
+            }
+        }
     }
-  }
 
-  /**
-   * Get all hints.
-   */
-  public function getHints() {
-    return $this->hints;
-  }
+    /**
+     * Get all hints.
+     *
+     * @return string[]
+     */
+    public function getHints()
+    {
+        return $this->hints;
+    }
 
-  /**
-   * Are there important hints? This leads to a more intensive icon.
-   */
-  public function isImportant() {
-    return $this->important;
-  }
+    /**
+     * Are there important hints? This leads to a more intensive icon.
+     *
+     * @return bool
+     */
+    public function isImportant()
+    {
+        return $this->important;
+    }
 }
-
-?>

phpunit.xml

@@ -1,24 +1,24 @@
 <phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.5/phpunit.xsd"
-	backupGlobals="false"
-	bootstrap="./includes/engelsystem_provider.php"
-	colors="true"
-	convertErrorsToExceptions="true" 
-	convertNoticesToExceptions="true"
-	convertWarningsToExceptions="true"
-	processIsolation="false">
-	<testsuites>
-		<testsuite name="Models">
-			<directory>./test/model/</directory>
-		</testsuite>
-	</testsuites>
-	<filter>
-		<whitelist>
-			<directory>./include/</directory>
-			<directory>./public/</directory>
-		</whitelist>
-	</filter>
-	<php>
-		<const name="PHPUNIT_TESTSUITE" value="true" />
-	</php>
+         xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.5/phpunit.xsd"
+         backupGlobals="false"
+         bootstrap="./includes/engelsystem_provider.php"
+         colors="true"
+         convertErrorsToExceptions="true"
+         convertNoticesToExceptions="true"
+         convertWarningsToExceptions="true"
+         processIsolation="false">
+    <testsuites>
+        <testsuite name="Models">
+            <directory>./test/model/</directory>
+        </testsuite>
+    </testsuites>
+    <filter>
+        <whitelist>
+            <directory>./include/</directory>
+            <directory>./public/</directory>
+        </whitelist>
+    </filter>
+    <php>
+        <const name="PHPUNIT_TESTSUITE" value="true"/>
+    </php>
 </phpunit>

public/index.php

@@ -16,163 +16,171 @@ $free_pages = [
     'stats',
     'users',
     'user_driver_licenses',
-    'user_password_recovery' 
+    'user_password_recovery'
 ];
 
 // Gewünschte Seite/Funktion
-$page = "";
-if (! isset($_REQUEST['p'])) {
-  $_REQUEST['p'] = isset($user) ? "news" : "login";
+$page = '';
+$title = '';
+$content = '';
+
+if (!isset($_REQUEST['p'])) {
+    $_REQUEST['p'] = isset($user) ? 'news' : 'login';
 }
 
-if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (in_array($_REQUEST['p'], $free_pages) || in_array($_REQUEST['p'], $privileges))) {
-  $page = $_REQUEST['p'];
-  
-  $title = $page;
-  $content = "";
-  
-  if ($page == "api") {
-    require_once realpath(__DIR__ . '/../includes/controller/api.php');
-    error("Api disabled temporily.");
-    redirect(page_link_to('login'));
-    api_controller();
-  } elseif ($page == "ical") {
-    require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
-    user_ical();
-  } elseif ($page == "atom") {
-    require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
-    user_atom();
-  } elseif ($page == "shifts_json_export") {
-    require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
-    shifts_json_export_controller();
-  } elseif ($page == "shifts_json_export_all") {
-    require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
-    shifts_json_export_all_controller();
-  } elseif ($page == "stats") {
-    require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
-    guest_stats();
-  } elseif ($page == "user_password_recovery") {
-    require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
-    $title = user_password_recovery_title();
-    $content = user_password_recovery_controller();
-  } elseif ($page == "angeltypes") {
-    list($title, $content) = angeltypes_controller();
-  } elseif ($page == "shifts") {
-    list($title, $content) = shifts_controller();
-  } elseif ($page == "users") {
-    list($title, $content) = users_controller();
-  } elseif ($page == "user_angeltypes") {
-    list($title, $content) = user_angeltypes_controller();
-  } elseif ($page == "user_driver_licenses") {
-    list($title, $content) = user_driver_licenses_controller();
-  } elseif ($page == "shifttypes") {
-    list($title, $content) = shifttypes_controller();
-  } elseif ($page == "admin_event_config") {
-    list($title, $content) = event_config_edit_controller();
-  } elseif ($page == "rooms") {
-    list($title, $content) = rooms_controller();
-  } elseif ($page == "news") {
-    $title = news_title();
-    $content = user_news();
-  } elseif ($page == "news_comments") {
-    require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
-    $title = user_news_comments_title();
-    $content = user_news_comments();
-  } elseif ($page == "user_meetings") {
-    $title = meetings_title();
-    $content = user_meetings();
-  } elseif ($page == "user_myshifts") {
-    $title = myshifts_title();
-    $content = user_myshifts();
-  } elseif ($page == "user_shifts") {
-    $title = shifts_title();
-    $content = user_shifts();
-  } elseif ($page == "user_messages") {
-    $title = messages_title();
-    $content = user_messages();
-  } elseif ($page == "user_questions") {
-    $title = questions_title();
-    $content = user_questions();
-  } elseif ($page == "user_settings") {
-    $title = settings_title();
-    $content = user_settings();
-  } elseif ($page == "login") {
-    $title = login_title();
-    $content = guest_login();
-  } elseif ($page == "register") {
-    $title = register_title();
-    $content = guest_register();
-  } elseif ($page == "logout") {
-    $title = logout_title();
-    $content = guest_logout();
-  } elseif ($page == "admin_questions") {
-    $title = admin_questions_title();
-    $content = admin_questions();
-  } elseif ($page == "admin_user") {
-    $title = admin_user_title();
-    $content = admin_user();
-  } elseif ($page == "admin_arrive") {
-    $title = admin_arrive_title();
-    $content = admin_arrive();
-  } elseif ($page == "admin_active") {
-    $title = admin_active_title();
-    $content = admin_active();
-  } elseif ($page == "admin_free") {
-    $title = admin_free_title();
-    $content = admin_free();
-  } elseif ($page == "admin_news") {
-    require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
-    $content = admin_news();
-  } elseif ($page == "admin_rooms") {
-    $title = admin_rooms_title();
-    $content = admin_rooms();
-  } elseif ($page == "admin_groups") {
-    $title = admin_groups_title();
-    $content = admin_groups();
-  } elseif ($page == "admin_language") {
-    require_once realpath(__DIR__ . '/../includes/pages/admin_language.php');
-    $content = admin_language();
-  } elseif ($page == "admin_import") {
-    $title = admin_import_title();
-    $content = admin_import();
-  } elseif ($page == "admin_shifts") {
-    $title = admin_shifts_title();
-    $content = admin_shifts();
-  } elseif ($page == "admin_log") {
-    $title = admin_log_title();
-    $content = admin_log();
-  } elseif ($page == "credits") {
-    require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
-    $title = credits_title();
-    $content = guest_credits();
-  } else {
-    require_once realpath(__DIR__ . '/../includes/pages/guest_start.php');
-    $content = guest_start();
-  }
+if (
+    isset($_REQUEST['p'])
+    && preg_match('/^\w*$/i', $_REQUEST['p'])
+    && (
+        in_array($_REQUEST['p'], $free_pages)
+        || (isset($privileges) && in_array($_REQUEST['p'], $privileges))
+    )
+) {
+    $page = $_REQUEST['p'];
+
+    $title = $page;
+
+    if ($page == 'api') {
+        error('Api disabled temporily.');
+        redirect(page_link_to());
+        require_once realpath(__DIR__ . '/../includes/controller/api.php');
+        api_controller();
+    } elseif ($page == 'ical') {
+        require_once realpath(__DIR__ . '/../includes/pages/user_ical.php');
+        user_ical();
+    } elseif ($page == 'atom') {
+        require_once realpath(__DIR__ . '/../includes/pages/user_atom.php');
+        user_atom();
+    } elseif ($page == 'shifts_json_export') {
+        require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
+        shifts_json_export_controller();
+    } elseif ($page == 'shifts_json_export_all') {
+        require_once realpath(__DIR__ . '/../includes/controller/shifts_controller.php');
+        shifts_json_export_all_controller();
+    } elseif ($page == 'stats') {
+        require_once realpath(__DIR__ . '/../includes/pages/guest_stats.php');
+        guest_stats();
+    } elseif ($page == 'user_password_recovery') {
+        require_once realpath(__DIR__ . '/../includes/controller/users_controller.php');
+        $title = user_password_recovery_title();
+        $content = user_password_recovery_controller();
+    } elseif ($page == 'angeltypes') {
+        list($title, $content) = angeltypes_controller();
+    } elseif ($page == 'shifts') {
+        list($title, $content) = shifts_controller();
+    } elseif ($page == 'users') {
+        list($title, $content) = users_controller();
+    } elseif ($page == 'user_angeltypes') {
+        list($title, $content) = user_angeltypes_controller();
+    } elseif ($page == 'user_driver_licenses') {
+        list($title, $content) = user_driver_licenses_controller();
+    } elseif ($page == 'shifttypes') {
+        list($title, $content) = shifttypes_controller();
+    } elseif ($page == 'admin_event_config') {
+        list($title, $content) = event_config_edit_controller();
+    } elseif ($page == 'rooms') {
+        list($title, $content) = rooms_controller();
+    } elseif ($page == 'news') {
+        $title = news_title();
+        $content = user_news();
+    } elseif ($page == 'news_comments') {
+        require_once realpath(__DIR__ . '/../includes/pages/user_news.php');
+        $title = user_news_comments_title();
+        $content = user_news_comments();
+    } elseif ($page == 'user_meetings') {
+        $title = meetings_title();
+        $content = user_meetings();
+    } elseif ($page == 'user_myshifts') {
+        $title = myshifts_title();
+        $content = user_myshifts();
+    } elseif ($page == 'user_shifts') {
+        $title = shifts_title();
+        $content = user_shifts();
+    } elseif ($page == 'user_messages') {
+        $title = messages_title();
+        $content = user_messages();
+    } elseif ($page == 'user_questions') {
+        $title = questions_title();
+        $content = user_questions();
+    } elseif ($page == 'user_settings') {
+        $title = settings_title();
+        $content = user_settings();
+    } elseif ($page == 'login') {
+        $title = login_title();
+        $content = guest_login();
+    } elseif ($page == 'register') {
+        $title = register_title();
+        $content = guest_register();
+    } elseif ($page == 'logout') {
+        $title = logout_title();
+        $content = guest_logout();
+    } elseif ($page == 'admin_questions') {
+        $title = admin_questions_title();
+        $content = admin_questions();
+    } elseif ($page == 'admin_user') {
+        $title = admin_user_title();
+        $content = admin_user();
+    } elseif ($page == 'admin_arrive') {
+        $title = admin_arrive_title();
+        $content = admin_arrive();
+    } elseif ($page == 'admin_active') {
+        $title = admin_active_title();
+        $content = admin_active();
+    } elseif ($page == 'admin_free') {
+        $title = admin_free_title();
+        $content = admin_free();
+    } elseif ($page == 'admin_news') {
+        require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
+        $content = admin_news();
+    } elseif ($page == 'admin_rooms') {
+        $title = admin_rooms_title();
+        $content = admin_rooms();
+    } elseif ($page == 'admin_groups') {
+        $title = admin_groups_title();
+        $content = admin_groups();
+    } elseif ($page == 'admin_import') {
+        $title = admin_import_title();
+        $content = admin_import();
+    } elseif ($page == 'admin_shifts') {
+        $title = admin_shifts_title();
+        $content = admin_shifts();
+    } elseif ($page == 'admin_log') {
+        $title = admin_log_title();
+        $content = admin_log();
+    } elseif ($page == 'credits') {
+        require_once realpath(__DIR__ . '/../includes/pages/guest_credits.php');
+        $title = credits_title();
+        $content = guest_credits();
+    } else {
+        require_once realpath(__DIR__ . '/../includes/pages/guest_start.php');
+        $content = guest_start();
+    }
 } else {
-  // Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
-  if (isset($user)) {
-    $title = _("No Access");
-    $content = _("You don't have permission to view this page. You probably have to sign in or register in order to gain access!");
-  } else {
-    // Sonst zur Loginseite leiten
-    redirect(page_link_to("login"));
-  }
+    // Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
+    if (isset($user)) {
+        $title = _('No Access');
+        $content = _('You don\'t have permission to view this page . You probably have to sign in or register in order to gain access!');
+    } else {
+        // Sonst zur Loginseite leiten
+        redirect(page_link_to('login'));
+    }
 }
 
 $event_config = EventConfig();
 
 echo template_render(__DIR__ . '/../templates/layout.html', [
-    'theme' => isset($user) ? $user['color'] : $default_theme,
-    'title' => $title,
-    'atom_link' => ($page == 'news' || $page == 'user_meetings') ? '<link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&amp;meetings=1' : '') . '&amp;key=' . $user['api_key'] . '" type="application/atom+xml" rel="alternate" title="Atom Feed">' : '',
-    'menu' => make_menu(),
-    'content' => msg() . $content,
+    'theme'          => isset($user) ? $user['color'] : config('theme'),
+    'title'          => $title,
+    'atom_link'      => ($page == 'news' || $page == 'user_meetings')
+        ? ' <link href="' . page_link_to('atom') . (($page == 'user_meetings') ? '&meetings=1' : '')
+        . '&amp;key=' . (isset($user) ? $user['api_key'] : '')
+        . '" type = "application/atom+xml" rel = "alternate" title = "Atom Feed">'
+        : '',
+    'menu'           => make_menu(),
+    'content'        => msg() . $content,
     'header_toolbar' => header_toolbar(),
-    'faq_url' => $faq_url,
-    'contact_email' => $contact_email,
-    'locale' => locale(),
-    'event_info' => EventConfig_info($event_config) . '<br />' 
+    'faq_url'        => config('faq_url'),
+    'contact_email'  => config('contact_email'),
+    'locale'         => locale(),
+    'event_info'     => EventConfig_info($event_config) . ' <br />'
 ]);
-
-?>

public/js/forms.js

@@ -1,28 +1,28 @@
 /**
  * Runs through the DOM under the element with the given id, finds all
  * checkboxes and sets them to the wanted state.
- * 
+ *
  * @param String
  *            id Id of the element containing all the checkboxes
  * @param Boolean
  *            checked True if the checkboxes should be checked
  */
 function checkAll(id, checked) {
-	var obj = document.getElementById(id);
-	var boxes = obj.getElementsByTagName("input");
-	for (var i = 0; i < boxes.length; i++) {
-		if (boxes[i].type === "checkbox" && !boxes[i].disabled) {
-			boxes[i].checked = checked;
-		}
-	}
+    var obj = document.getElementById(id);
+    var boxes = obj.getElementsByTagName("input");
+    for (var i = 0; i < boxes.length; i++) {
+        if (boxes[i].type === "checkbox" && !boxes[i].disabled) {
+            boxes[i].checked = checked;
+        }
+    }
 }
 
-$(function() {
-	/**
-	 * Disable every submit button after clicking (to prevent double-clicking)
-	 */
-	$("form").submit(function(ev) {
-		$("input[type='submit']").prop("readonly", true).addClass("disabled");
-		return true;
-	});
+$(function () {
+    /**
+     * Disable every submit button after clicking (to prevent double-clicking)
+     */
+    $("form").submit(function (ev) {
+        $("input[type='submit']").prop("readonly", true).addClass("disabled");
+        return true;
+    });
 });

public/js/moment-countdown.js

@@ -3,17 +3,17 @@
  * class "moment-countdown" and the attribute "data-timestamp" which defines the
  * countdown's time goal.
  */
-$(document).ready(function() {
-  if (typeof moment !== "undefined") {
-    $.each($(".moment-countdown"), function(i, e) {
-      var span = $(e);
-      var text = span.html();
-      /* global moment */
-      var timestamp = moment(parseInt(span.attr("data-timestamp") * 1000));
-      span.html(text.replace("%c", timestamp.fromNow()));
-      setInterval(function() {
-        span.html(text.replace("%c", timestamp.fromNow()));
-      }, 1000);
-    });
-  }
-});
+$(document).ready(function () {
+    if (typeof moment !== "undefined") {
+        $.each($(".moment-countdown"), function (i, e) {
+            var span = $(e);
+            var text = span.html();
+            /* global moment */
+            var timestamp = moment(parseInt(span.attr("data-timestamp") * 1000));
+            span.html(text.replace("%c", timestamp.fromNow()));
+            setInterval(function () {
+                span.html(text.replace("%c", timestamp.fromNow()));
+            }, 1000);
+        });
+    }
+});

public/js/sticky-headers.js

@@ -1,32 +1,31 @@
 /**
  * Enables the fixed headers and time lane for the shift-calendar and datatables
  */
-$(document).ready(
-    function() {
-      if ($(".shift-calendar").length) {
+$(document).ready(function () {
+    if ($(".shift-calendar").length) {
         var timeLanes = $(".shift-calendar .time");
         var headers = $(".shift-calendar .header");
         var topReference = $(".container-fluid .row");
         var top = headers.offset().top;
         var left = 15;
         timeLanes.css({
-          "position" : "relative",
-          "z-index" : 999
+            "position": "relative",
+            "z-index": 999
         });
         headers.css({
-          "position" : "relative",
-          "z-index" : 900
+            "position": "relative",
+            "z-index": 900
         });
         $(window).scroll(
-            function() {
-              timeLanes.css({
-                "left" : Math.max(0, $(window).scrollLeft() - left) + "px"
-              });
-              headers.css({
-                "top" : Math.max(0, $(window).scrollTop() - top
-                    + topReference.offset().top)
+            function () {
+                timeLanes.css({
+                    "left": Math.max(0, $(window).scrollLeft() - left) + "px"
+                });
+                headers.css({
+                    "top": Math.max(0, $(window).scrollTop() - top
+                        + topReference.offset().top)
                     + "px"
-              });
+                });
             });
-      }
-    });
+    }
+});

public/maintenance.html

@@ -1,72 +1,86 @@
 <!DOCTYPE html>
 <html>
 <head>
-<title>Maintenance - Engelsystem</title>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width, initial-scale=1">
-<link rel="stylesheet" type="text/css" href="css/theme0.css" />
-<link rel="stylesheet" type="text/css" href="vendor/icomoon/style.css" />
-<link rel="stylesheet" type="text/css" href="vendor/bootstrap-datepicker-1.4.0/css/bootstrap-datepicker3.min.css" />
-<script type="text/javascript" src="vendor/jquery-2.1.1.min.js"></script>
-<script type="text/javascript" src="vendor/jquery-ui.min.js"></script>
+    <title>Maintenance - Engelsystem</title>
+    <meta charset="UTF-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" type="text/css" href="css/theme0.css"/>
+    <link rel="stylesheet" type="text/css" href="vendor/icomoon/style.css"/>
+    <link rel="stylesheet" type="text/css" href="vendor/bootstrap-datepicker-1.4.0/css/bootstrap-datepicker3.min.css"/>
+    <script type="text/javascript" src="vendor/jquery-2.1.1.min.js"></script>
+    <script type="text/javascript" src="vendor/jquery-ui.min.js"></script>
 </head>
 <body>
-  <div class="navbar navbar-default navbar-fixed-top">
+<div class="navbar navbar-default navbar-fixed-top">
     <div class="container-fluid">
-      <div class="navbar-header">
-        <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
-          <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
-        </button>
-        <a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
-      </div>
-      <div class="collapse navbar-collapse" id="navbar-collapse-1">
-        <ul class="nav navbar-nav"></ul>
-        <ul class="nav navbar-nav navbar-right">
-        </ul>
-      </div>
-    </div>
-  </div>
-  <div class="container-fluid">
-    <div class="row">
-      <div class="jumbotron">
-        <div class="container text-center">
-          <h1>
-            <span class="glyphicon glyphicon-scissors"></span> <span class="glyphicon glyphicon-wrench"></span> <span class="glyphicon glyphicon-fire"></span>
-          </h1>
-          <div class="col-md-6">
-            <h2>
-              The <span class="icon-icon_angel"></span> <strong>ENGELSYSTEM</strong> is in maintenance mode.
-            </h2>
-            <p>This may be due to...</p>
-            <p>
-              ...archangels closing the gates of heaven. <br>...somebody's stolen the power chord and now the battery is empty. <br>...DHCP decided to give me another ip address.
-            </p>
-          </div>
-          <div class="col-md-6">
-            <iframe width="560" height="315" src="https://www.youtube.com/embed/0aV_vHcunSQ?rel=0" frameborder="0" allowfullscreen></iframe>
-          </div>
+        <div class="navbar-header">
+            <button type="button" class="navbar-toggle collapsed"
+                    data-toggle="collapse" data-target="#navbar-collapse-1">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a class="navbar-brand" href="?">
+                <span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong>
+            </a>
+        </div>
+        <div class="collapse navbar-collapse" id="navbar-collapse-1">
+            <ul class="nav navbar-nav"></ul>
+            <ul class="nav navbar-nav navbar-right">
+            </ul>
+        </div>
+    </div>
+</div>
+<div class="container-fluid">
+    <div class="row">
+        <div class="jumbotron">
+            <div class="container text-center">
+                <h1>
+                    <span class="glyphicon glyphicon-scissors"></span>
+                    <span class="glyphicon glyphicon-wrench"></span>
+                    <span class="glyphicon glyphicon-fire"></span>
+                </h1>
+                <div class="col-md-6">
+                    <h2>
+                        The <span class="icon-icon_angel"></span> <strong>ENGELSYSTEM</strong> is in maintenance mode.
+                    </h2>
+                    <p>This may be due to...</p>
+                    <p>
+                        ...archangels closing the gates of heaven. <br>
+                        ...somebody's stolen the power chord and now the battery is empty. <br>
+                        ...DHCP decided to give me another ip address.
+                    </p>
+                </div>
+                <div class="col-md-6">
+                    <iframe width="560" height="315"
+                            src="https://www.youtube.com/embed/0aV_vHcunSQ?rel=0"
+                            frameborder="0" allowfullscreen>
+                    </iframe>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
     <div class="row">
-      <div class="col-md-12">
-        <div class="text-center footer">
-          <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
+        <div class="col-md-12">
+            <div class="text-center footer">
+                <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
+                · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
-  <script type="text/javascript" src="vendor/bootstrap/js/bootstrap.min.js"></script>
-  <script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/js/bootstrap-datepicker.min.js"></script>
-  <script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/locales/bootstrap-datepicker.de.min.js"></script>
-  <script type="text/javascript" src="vendor/Chart.min.js"></script>
-  <script type="text/javascript" src="js/forms.js"></script>
-  <script type="text/javascript" src="vendor/moment-with-locales.min.js"></script>
-  <script type="text/javascript">
-			$(function() {
-				moment.locale("en_US.UTF-8");
-			});
-		</script>
-  <script type="text/javascript" src="js/moment-countdown.js"></script>
+</div>
+<script type="text/javascript" src="vendor/bootstrap/js/bootstrap.min.js"></script>
+<script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/js/bootstrap-datepicker.min.js"></script>
+<script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/locales/bootstrap-datepicker.de.min.js"></script>
+<script type="text/javascript" src="vendor/Chart.min.js"></script>
+<script type="text/javascript" src="js/forms.js"></script>
+<script type="text/javascript" src="vendor/moment-with-locales.min.js"></script>
+<script type="text/javascript">
+    $(function () {
+        moment.locale("en_US.UTF-8");
+    });
+</script>
+<script type="text/javascript" src="js/moment-countdown.js"></script>
 </body>
 </html>

public/overwhelmed.html

@@ -1,57 +1,77 @@
 <!DOCTYPE html>
 <html>
 <head>
-<title>Engelsystem</title>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width, initial-scale=1">
-<link rel="stylesheet" type="text/css" href="css/theme0.css" />
-<link rel="stylesheet" type="text/css" href="vendor/icomoon/style.css" />
-<link rel="stylesheet" type="text/css" href="vendor/bootstrap-datepicker-1.4.0/css/bootstrap-datepicker3.min.css" />
-<script type="text/javascript" src="vendor/jquery-2.1.1.min.js"></script>
-<script type="text/javascript" src="vendor/jquery-ui.min.js"></script>
+    <title>Engelsystem</title>
+    <meta charset="UTF-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" type="text/css" href="css/theme0.css"/>
+    <link rel="stylesheet" type="text/css" href="vendor/icomoon/style.css"/>
+    <link rel="stylesheet" type="text/css" href="vendor/bootstrap-datepicker-1.4.0/css/bootstrap-datepicker3.min.css"/>
+    <script type="text/javascript" src="vendor/jquery-2.1.1.min.js"></script>
+    <script type="text/javascript" src="vendor/jquery-ui.min.js"></script>
 </head>
 <body>
-  <div class="navbar navbar-default navbar-fixed-top">
+<div class="navbar navbar-default navbar-fixed-top">
     <div class="container-fluid">
-      <div class="navbar-header">
-        <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
-          <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
-        </button>
-        <a class="navbar-brand" href="https://engelsystem.de"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
-      </div>
-      <div class="collapse navbar-collapse" id="navbar-collapse-1">
-        <ul class="nav navbar-nav"></ul>
-        <ul class="nav navbar-nav navbar-right">
-        </ul>
-      </div>
-    </div>
-  </div>
-  <div class="container-fluid">
-    <div class="row">
-      <div class="jumbotron">
-        <div class="container text-center">
-          <div class="col-md-6 col-md-offset-3">
-            <h2>Dear Angels,</h2>
-            <p>The great interest in becoming an angel and participating at 33C3 is is something we are grateful for every time. There is a record number of angels and helping volunteers this year.</p>
-            <p>We did anticipate a great number but we are overwhelmed by this endless wave of support. We do want to enable each and every one of you to be an angel at the congress, but sadly our resources and capacities at Heaven are limited. The amount of angels at this point is beyond our
-              planing and to ensure we can support the angels already checked in. We did make a choice never thought possible on a chaos event:</p>
-            <p>We closed the registration in the Engelsystem and at Heaven Desk at 19:00 27. Dec. 2016.</p>
-            <p>Everyone of us works for you to support you in being an angel, but the Heaven Desk and the Kitchen among others are limited and so we decided to focus our effort to support those of you already arrived to the best of our abilities.</p>
-            <p>
-              For the Heaven Team<br /> Agnes, Jen, LLF and Knuth
-            </p>
-          </div>
+        <div class="navbar-header">
+            <button type="button" class="navbar-toggle collapsed"
+                    data-toggle="collapse" data-target="#navbar-collapse-1">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a class="navbar-brand" href="https://engelsystem.de"><span class="icon-icon_angel"></span> <strong
+                    class="visible-lg-inline">ENGELSYSTEM</strong></a>
+        </div>
+        <div class="collapse navbar-collapse" id="navbar-collapse-1">
+            <ul class="nav navbar-nav"></ul>
+            <ul class="nav navbar-nav navbar-right"></ul>
+        </div>
+    </div>
+</div>
+<div class="container-fluid">
+    <div class="row">
+        <div class="jumbotron">
+            <div class="container text-center">
+                <div class="col-md-6 col-md-offset-3">
+                    <h2>Dear Angels,</h2>
+                    <p>
+                        The great interest in becoming an angel and participating at 33C3 is is something we are
+                        grateful for every time. There is a record number of angels and helping volunteers this year.
+                    </p>
+                    <p>
+                        We did anticipate a great number but we are overwhelmed by this endless wave of support. We do
+                        want to enable each and every one of you to be an angel at the congress, but sadly our resources
+                        and capacities at Heaven are limited. The amount of angels at this point is beyond our
+                        planing and to ensure we can support the angels already checked in. We did make a choice never
+                        thought possible on a chaos event:
+                    </p>
+                    <p>
+                        We closed the registration in the Engelsystem and at Heaven Desk at 19:00 27. Dec. 2016.
+                    </p>
+                    <p>
+                        Everyone of us works for you to support you in being an angel, but the Heaven Desk and the
+                        Kitchen among others are limited and so we decided to focus our effort to support those of you
+                        already arrived to the best of our abilities.
+                    </p>
+                    <p>
+                        For the Heaven Team<br/>
+                        Agnes, Jen, LLF and Knuth
+                    </p>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
     <div class="row">
-      <div class="col-md-12">
-        <div class="text-center footer">
-          <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
+        <div class="col-md-12">
+            <div class="text-center footer">
+                <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
+                · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
-  <script type="text/javascript" src="vendor/bootstrap/js/bootstrap.min.js"></script>
+</div>
+<script type="text/javascript" src="vendor/bootstrap/js/bootstrap.min.js"></script>
 </body>
 </html>

public/vendor/bootstrap

@@ -1 +1 @@
-../../themes/assets/bootstrap/dist
+../../vendor/twbs/bootstrap/dist

shift_markup.html

@@ -1,86 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<meta charset="UTF-8" />
-<link rel="stylesheet" type="text/css" href="public/css/theme3.css" />
-<style>
-</style>
-</head>
-<body>
-  <div class="shift-calendar">
-    <div class="lane time">
-      <div class="header">Time</div>
-      <div class="tick day">2016-12-27 00:00</div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick hour">11:00</div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick hour">12:00</div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick hour">13:00</div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-    </div>
-    <div class="lane">
-      <div class="header">
-        <span class="glyphicon glyphicon-map-marker"></span> Bottle Sorting (Hall H)
-      </div>
-      <div class="tick day"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="shift panel panel-success" style="height: 160px;">
-        <div class="panel-heading">
-          <a href="?p=shifts&amp;action=view&amp;shift_id=2696">00:00 ‐ 02:00 — Bottle Collection</a>
-          <div class="pull-right">
-            <div class="btn-group">
-              <a href="?p=user_shifts&amp;edit_shift=2696" class="btn btn-default btn-xs"> <span class="glyphicon glyphicon-edit"></span>
-              </a> <a href="?p=user_shifts&amp;delete_shift=2696" class="btn btn-default btn-xs"> <span class="glyphicon glyphicon-trash"></span>
-              </a>
-            </div>
-          </div>
-        </div>
-        <div class="panel-body">
-          <span class="glyphicon glyphicon-info-sign"></span> Bottle Collection Quick Response Team<br> <a href="?p=rooms&amp;action=view&amp;room_id=42"> <span class="glyphicon glyphicon-map-marker"></span> Bottle Sorting (Hall H)
-          </a>
-        </div>
-        <ul class="list-group">
-          <li class="list-group-item"><strong><a href="?p=angeltypes&amp;action=view&amp;angeltype_id=104575">Angel</a>:</strong> <span style=""><a class="" href="?p=users&amp;action=view&amp;user_id=1755"><span class="icon-icon_angel"></span> Pantomime</a></span>, <span style=""><a
-              class="" href="?p=users&amp;action=view&amp;user_id=50"><span class="icon-icon_angel"></span> sandzwerg</a></span></li>
-          <li class="list-group-item"><a href="?p=user_shifts&amp;shift_id=2696&amp;type_id=104575" class="btn btn-default btn-xs">Neue Engel hinzufügen</a></li>
-        </ul>
-        <div class="shift-spacer"></div>
-      </div>
-      <div class="tick hour"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-    </div>
-    <div class="lane">
-      <div class="header"></div>
-      <div class="tick day"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick hour"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick hour"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick hour"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-      <div class="tick"></div>
-    </div>
-  </div>
-</body>
-</html>

src/Config/Config.php

@@ -0,0 +1,128 @@
+<?php
+
+namespace Engelsystem\Config;
+
+use ErrorException;
+
+class Config
+{
+    /**
+     * @var self
+     */
+    protected static $instance;
+
+    /**
+     * The config values
+     *
+     * @var array
+     */
+    protected $data = [];
+
+    /**
+     * @param string|null $key
+     * @param mixed       $default
+     * @return mixed
+     */
+    public function get($key, $default = null)
+    {
+        if (is_null($key)) {
+            return $this->data;
+        }
+
+        if ($this->has($key)) {
+            return $this->data[$key];
+        }
+
+        return $default;
+    }
+
+    /**
+     * @param string|array $key
+     * @param mixed        $value
+     */
+    public function set($key, $value = null)
+    {
+        if (is_array($key)) {
+            foreach ($key as $configKey => $configValue) {
+                $this->set($configKey, $configValue);
+            }
+
+            return;
+        }
+
+        $this->data[$key] = $value;
+    }
+
+    /**
+     * @param string $key
+     * @return bool
+     */
+    public function has($key)
+    {
+        return isset($this->data[$key]);
+    }
+
+    /**
+     * @param string $key
+     */
+    public function remove($key)
+    {
+        unset($this->data[$key]);
+    }
+
+    /**
+     * @param string $key
+     * @return mixed
+     */
+    public function __get($key)
+    {
+        return $this->get($key);
+    }
+
+    /**
+     * @param string $key
+     * @param mixed  $value
+     */
+    public function __set($key, $value)
+    {
+        $this->set($key, $value);
+    }
+
+    /**
+     * @param string $key
+     * @return bool
+     */
+    public function __isset($key)
+    {
+        return $this->has($key);
+    }
+
+    /**
+     * @param string $key
+     */
+    public function __unset($key)
+    {
+        $this->remove($key);
+    }
+
+    /**
+     * @return Config
+     * @throws ErrorException
+     */
+    public static function getInstance()
+    {
+        if (!self::$instance instanceof self) {
+            throw new ErrorException('Config not initialized');
+        }
+
+        return self::$instance;
+    }
+
+    /**
+     * @param self $instance
+     */
+    public static function setInstance($instance)
+    {
+        self::$instance = $instance;
+    }
+}

src/Database/Db.php

@@ -0,0 +1,170 @@
+<?php
+
+namespace Engelsystem\Database;
+
+use PDO;
+use PDOException;
+use PDOStatement;
+
+class Db
+{
+    /** @var PDO */
+    protected static $db;
+
+    /** @var PDOStatement */
+    protected static $stm = null;
+
+    /** @var bool */
+    protected static $lastStatus = true;
+
+    /**
+     * Connect to database
+     *
+     * @param string $dsn
+     * @param string $username
+     * @param string $password
+     * @param array  $options
+     * @return bool
+     */
+    public static function connect($dsn, $username = null, $password = null, $options = [])
+    {
+        try {
+            self::$db = new PDO($dsn, $username, $password, $options);
+        } catch (PDOException $e) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Run a prepared query
+     *
+     * @param string $query
+     * @param array  $bindings
+     * @return PDOStatement
+     */
+    public static function query($query, array $bindings = [])
+    {
+        self::$stm = self::$db->prepare($query);
+        self::$lastStatus = self::$stm->execute($bindings);
+
+        return self::$stm;
+    }
+
+    /**
+     * Run a sql query
+     *
+     * @param string $query
+     * @return bool
+     */
+    public static function unprepared($query)
+    {
+        self::$stm = self::$db->query($query);
+        self::$lastStatus = (self::$stm instanceof PDOStatement);
+
+        return self::$lastStatus;
+    }
+
+    /**
+     * Run a select query
+     *
+     * @param string $query
+     * @param array  $bindings
+     * @return array
+     */
+    public static function select($query, array $bindings = [])
+    {
+        self::query($query, $bindings);
+
+        return self::$stm->fetchAll(PDO::FETCH_ASSOC);
+    }
+
+    /**
+     * Run a insert query
+     *
+     * @param string $query
+     * @param array  $bindings
+     * @return bool
+     */
+    public static function insert($query, array $bindings = [])
+    {
+        self::query($query, $bindings);
+
+        return self::$lastStatus;
+    }
+
+    /**
+     * Run a update query
+     *
+     * @param string $query
+     * @param array  $bindings
+     * @return int|null
+     */
+    public static function update($query, array $bindings = [])
+    {
+        self::query($query, $bindings);
+
+        return (self::$lastStatus ? self::$stm->rowCount() : null);
+    }
+
+    /**
+     * Run a delete query
+     *
+     * @param string $query
+     * @param array  $bindings
+     * @return int|null
+     */
+    public static function delete($query, array $bindings = [])
+    {
+        self::query($query, $bindings);
+
+        return (self::$lastStatus ? self::$stm->rowCount() : null);
+    }
+
+    /**
+     * Run a single statement
+     *
+     * @param string $query
+     * @param array  $bindings
+     * @return bool
+     */
+    public static function statement($query, array $bindings = [])
+    {
+        self::query($query, $bindings);
+
+        return self::$lastStatus;
+    }
+
+    /**
+     * Returns the last error
+     *
+     * @return array
+     */
+    public static function getError()
+    {
+        if (!self::$stm instanceof PDOStatement) {
+            return [-1, null, null];
+        }
+
+        return self::$stm->errorInfo();
+    }
+
+    /**
+     * Get the PDO instance
+     *
+     * @return PDO
+     */
+    public static function getPdo()
+    {
+        return self::$db;
+    }
+
+    /**
+     * @return PDOStatement|false|null
+     */
+    public static function getStm()
+    {
+        return self::$stm;
+    }
+}

src/Exceptions/Handler.php

@@ -0,0 +1,97 @@
+<?php
+
+namespace Engelsystem\Exceptions;
+
+use Exception;
+
+class Handler
+{
+    /** @var string */
+    protected $environment;
+
+    const ENV_PRODUCTION = 'prod';
+    const ENV_DEVELOPMENT = 'dev';
+
+    /**
+     * Handler constructor.
+     *
+     * @param string $environment production|development
+     */
+    public function __construct($environment = self::ENV_PRODUCTION)
+    {
+        $this->environment = $environment;
+
+        set_error_handler([$this, 'errorHandler']);
+        set_exception_handler([$this, 'exceptionHandler']);
+    }
+
+    /**
+     * @param int    $number
+     * @param string $string
+     * @param string $file
+     * @param int    $line
+     * @param array  $context
+     */
+    public function errorHandler($number, $string, $file, $line, $context)
+    {
+        $this->handle('error', $number, $string, $file, $line, $context);
+    }
+
+    /**
+     * @param Exception $e
+     */
+    public function exceptionHandler(Exception $e)
+    {
+        $this->handle(
+            'exception',
+            $e->getCode(),
+            get_class($e) . ': ' . $e->getMessage(),
+            $e->getFile(),
+            $e->getLine(),
+            ['exception' => $e]
+        );
+    }
+
+    /**
+     * @param string $type
+     * @param int    $number
+     * @param string $string
+     * @param string $file
+     * @param int    $line
+     * @param array  $context
+     */
+    protected function handle($type, $number, $string, $file, $line, $context = [])
+    {
+        error_log(sprintf('%s: Number: %s, String: %s, File: %s:%u, Context: %s',
+            $type,
+            $number,
+            $string,
+            $file,
+            $line,
+            json_encode($context)
+        ));
+
+        if ($this->environment == self::ENV_DEVELOPMENT) {
+            echo '<pre style="background-color:#333;color:#ccc;z-index:1000;position:fixed;bottom:1em;padding:1em;width:97%;overflow-y:auto;">';
+            echo sprintf('%s: (%s)' . PHP_EOL, ucfirst($type), $number);
+            var_export([
+                'string'  => $string,
+                'file'    => $file . ':' . $line,
+                'context' => ($this->environment == self::ENV_DEVELOPMENT ? $context : null),
+            ]);
+            echo '</pre>';
+            die();
+        }
+
+        echo 'An <del>un</del>expected error occurred, a team of untrained monkeys has been dispatched to deal with it.';
+        die();
+    }
+
+    /**
+     * @param string $environment
+     */
+    public function setEnvironment($environment)
+    {
+        $this->environment = $environment;
+    }
+}

src/helpers.php

@@ -0,0 +1,24 @@
+<?php
+// Some useful functions
+
+use Engelsystem\Config\Config;
+
+/**
+ * Get or set config values
+ *
+ * @param string|array $key
+ * @param mixed        $default
+ * @return mixed|Config
+ */
+function config($key = null, $default = null)
+{
+    if (empty($key)) {
+        return Config::getInstance();
+    }
+
+    if (is_array($key)) {
+        Config::getInstance()->set($key);
+    }
+
+    return Config::getInstance()->get($key, $default);
+}

templates/guest_credits.html

@@ -1,27 +1,35 @@
 <div class="container">
-<h1>Credits</h1>
-  <div class="row">
-    <div class="col-md-4">
-      <h2>Source code</h2>
-      <p>
-        The original system was written by <a href="https://github.com/cookieBerlin/engelsystem">cookie</a>. It was then completely rewritten and greatly enhanced by <a href="http://notrademark.de/">msquare</a> and <a href="http://mortzu.de/">mortzu</a> of <a href="http://planetcyborg.de">planet
-          cyborg</a>, <a href="http://jplitza.de/">jplitza</a> and gnomus.
-      </p>
-      <p>
-        Please look at the <a href="https://github.com/engelsystem/engelsystem/graphs/contributors">contributor list on github</a> for a more complete version.
-      </p>
+    <h1>Credits</h1>
+    <div class="row">
+        <div class="col-md-4">
+            <h2>Source code</h2>
+            <p>
+                The original system was written by <a href="https://github.com/cookieBerlin/engelsystem">cookie</a>.
+                It was then completely rewritten and greatly enhanced by <a href="http://notrademark.de/">msquare</a>
+                and <a href="http://myigel.name/">MyIgel</a>,
+                <a href="http://mortzu.de/">mortzu</a> of <a href="http://planetcyborg.de">planet cyborg</a>,
+                <a href="http://jplitza.de/">jplitza</a> and gnomus.
+            </p>
+            <p>
+                Please look at the <a href="https://github.com/engelsystem/engelsystem/graphs/contributors">contributor
+                list on github</a> for a more complete version.
+            </p>
+        </div>
+        <div class="col-md-4">
+            <h2>Hosting</h2>
+            <p>
+                Webspace, development platform and domain is currently provided by
+                <a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)<br/>
+                and adminstrated by <a href="http://mortzu.de/">mortzu</a>,
+                <a href="http://derf.homelinux.org/">derf</a>
+                and ichdasich.
+            </p>
+        </div>
+        <div class="col-md-4">
+            <h2>Translation</h2>
+            <p>
+                Many thanks for the german translation: <a href="http://e7p.de">e7p</a>
+            </p>
+        </div>
     </div>
-    <div class="col-md-4">
-      <h2>Hosting</h2>
-      <p>
-        Webspace, development platform and domain is currently provided by <a href="https://www.wybt.net/">would you buy this?</a> (ichdasich)<br /> and adminstrated by <a href="http://mortzu.de/">mortzu</a>, <a href="http://derf.homelinux.org/">derf</a> and ichdasich.
-      </p>
-    </div>
-    <div class="col-md-4">
-      <h2>Translation</h2>
-      <p>
-        Many thanks for the german translation: <a href="http://e7p.de">e7p</a>
-      </p>
-    </div>
-  </div>
-</div>
+</div>

templates/layout.html

@@ -1,53 +1,60 @@
 <!DOCTYPE html>
 <html>
 <head>
-<title>%title% - Engelsystem</title>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width, initial-scale=1">
-<link rel="stylesheet" type="text/css" href="css/theme%theme%.css" />
-<link rel="stylesheet" type="text/css" href="vendor/icomoon/style.css" />
-<link rel="stylesheet" type="text/css" href="vendor/bootstrap-datepicker-1.4.0/css/bootstrap-datepicker3.min.css" />
-<script type="text/javascript" src="vendor/jquery-2.1.1.min.js"></script>
-<script type="text/javascript" src="vendor/jquery-ui.min.js"></script>
-%atom_link%
+    <title>%title% - Engelsystem</title>
+    <meta charset="UTF-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" type="text/css" href="css/theme%theme%.css"/>
+    <link rel="stylesheet" type="text/css" href="vendor/icomoon/style.css"/>
+    <link rel="stylesheet" type="text/css" href="vendor/bootstrap-datepicker-1.4.0/css/bootstrap-datepicker3.min.css"/>
+    <script type="text/javascript" src="vendor/jquery-2.1.1.min.js"></script>
+    <script type="text/javascript" src="vendor/jquery-ui.min.js"></script>
+    %atom_link%
 </head>
 <body>
-  <div class="navbar navbar-default navbar-fixed-top">
+<div class="navbar navbar-default navbar-fixed-top">
     <div class="container-fluid">
-      <div class="navbar-header">
-        <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse-1">
-          <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span>
-        </button>
-        <a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
-      </div>
-      <div class="collapse navbar-collapse" id="navbar-collapse-1">%menu% %header_toolbar%</div>
+        <div class="navbar-header">
+            <button type="button" class="navbar-toggle collapsed"
+                    data-toggle="collapse" data-target="#navbar-collapse-1">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a class="navbar-brand" href="?"><span class="icon-icon_angel"></span> <strong class="visible-lg-inline">ENGELSYSTEM</strong></a>
+        </div>
+        <div class="collapse navbar-collapse" id="navbar-collapse-1">%menu% %header_toolbar%</div>
     </div>
-  </div>
-  <div class="container-fluid">
+</div>
+<div class="container-fluid">
     <div class="row">%content%</div>
     <div class="row">
-      <div class="col-md-12">
-        <hr />
-        <div class="text-center footer" style="margin-bottom: 10px;">
-          %event_info%
-          <a href="%faq_url%">FAQ</a> · <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a> · <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a> · <a href="https://github.com/engelsystem/engelsystem/">Development
-            Platform</a> · <a href="?p=credits">Credits</a>
+        <div class="col-md-12">
+            <hr/>
+            <div class="text-center footer" style="margin-bottom: 10px;">
+                %event_info%
+                <a href="%faq_url%">FAQ</a>
+                · <a href="%contact_email%"><span class="glyphicon glyphicon-envelope"></span> Contact</a>
+                · <a href="https://github.com/engelsystem/engelsystem/issues">Bugs / Features</a>
+                · <a href="https://github.com/engelsystem/engelsystem/">Development Platform</a>
+                · <a href="?p=credits">Credits</a>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
-  <script type="text/javascript" src="vendor/bootstrap/js/bootstrap.min.js"></script>
-  <script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/js/bootstrap-datepicker.min.js"></script>
-  <script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/locales/bootstrap-datepicker.de.min.js"></script>
-  <script type="text/javascript" src="vendor/Chart.min.js"></script>
-  <script type="text/javascript" src="js/forms.js"></script>
-  <script type="text/javascript" src="vendor/moment-with-locales.min.js"></script>
-  <script type="text/javascript">
-			$(function() {
-				moment.locale("%locale%");
-			});
-		</script>
-  <script type="text/javascript" src="js/moment-countdown.js"></script>
-  <script type="text/javascript" src="js/sticky-headers.js"></script>
+</div>
+<script type="text/javascript" src="vendor/bootstrap/js/bootstrap.min.js"></script>
+<script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/js/bootstrap-datepicker.min.js"></script>
+<script type="text/javascript" src="vendor/bootstrap-datepicker-1.4.0/locales/bootstrap-datepicker.de.min.js"></script>
+<script type="text/javascript" src="vendor/Chart.min.js"></script>
+<script type="text/javascript" src="js/forms.js"></script>
+<script type="text/javascript" src="vendor/moment-with-locales.min.js"></script>
+<script type="text/javascript">
+    $(function () {
+        moment.locale("%locale%");
+    });
+</script>
+<script type="text/javascript" src="js/moment-countdown.js"></script>
+<script type="text/javascript" src="js/sticky-headers.js"></script>
 </body>
 </html>

templates/user_shifts.html

@@ -1,52 +1,54 @@
 <script type="text/javascript">
-	function set_to_now(id) {
-		document.getElementById(id + '_time').value = moment().format('HH:mm');
-		var days = document.getElementById(id + '_day').getElementsByTagName(
-				'option');
-		for ( var i = 0; i < days.length; i++) {
-			if (days[i].value == moment().format('YYYY-MM-DD'))
-				days[i].selected = true;
-		}
-	}
+    function set_to_now(id) {
+        document.getElementById(id + '_time').value = moment().format('HH:mm');
+        var days = document.getElementById(id + '_day').getElementsByTagName(
+            'option');
+        for (var i = 0; i < days.length; i++) {
+            if (days[i].value == moment().format('YYYY-MM-DD'))
+                days[i].selected = true;
+        }
+    }
 </script>
 <form class="form-inline" action="" method="get">
-  <input type="hidden" name="p" value="user_shifts">
-  <div class="row">
-    <div class="col-md-6">
-      <h1>%title%</h1>
-      <div class="form-group">%start_select%</div>
-      <div class="form-group">
-        <div class="input-group">
-          <input class="form-control" type="text" id="start_time" name="start_time" size="5" pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
-          <div class="input-group-btn">
-            <button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');">
-              <span class="glyphicon glyphicon-time"></span>
-            </button>
-          </div>
+    <input type="hidden" name="p" value="user_shifts">
+    <div class="row">
+        <div class="col-md-6">
+            <h1>%title%</h1>
+            <div class="form-group">%start_select%</div>
+            <div class="form-group">
+                <div class="input-group">
+                    <input class="form-control" type="text" id="start_time" name="start_time" size="5"
+                           pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%start_time%">
+                    <div class="input-group-btn">
+                        <button class="btn btn-default" title="Now" type="button" onclick="set_to_now('start');">
+                            <span class="glyphicon glyphicon-time"></span>
+                        </button>
+                    </div>
+                </div>
+            </div>
+            &#8211;
+            <div class="form-group">%end_select%</div>
+            <div class="form-group">
+                <div class="input-group">
+                    <input class="form-control" type="text" id="end_time" name="end_time" size="5"
+                           pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
+                    <div class="input-group-btn">
+                        <button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');">
+                            <span class="glyphicon glyphicon-time"></span>
+                        </button>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <div class="col-md-2">%room_select%</div>
+        <div class="col-md-2">%type_select%</div>
+        <div class="col-md-2">%filled_select%</div>
+    </div>
+    <div class="row">
+        <div class="col-md-6">
+            <div>%task_notice%</div>
+            <input class="btn btn-primary" type="submit" style="width: 75%; margin-bottom: 20px" value="%filter%">
         </div>
-      </div>
-      &#8211;
-      <div class="form-group">%end_select%</div>
-      <div class="form-group">
-        <div class="input-group">
-          <input class="form-control" type="text" id="end_time" name="end_time" size="5" pattern="^\d{1,2}:\d{2}$" placeholder="HH:MM" maxlength="5" value="%end_time%">
-          <div class="input-group-btn">
-            <button class="btn btn-default" title="Now" type="button" onclick="set_to_now('end');">
-              <span class="glyphicon glyphicon-time"></span>
-            </button>
-          </div>
-        </div>
-      </div>
     </div>
-    <div class="col-md-2">%room_select%</div>
-    <div class="col-md-2">%type_select%</div>
-    <div class="col-md-2">%filled_select%</div>
-  </div>
-	<div class="row">
-		<div class="col-md-6">
-  		<div>%task_notice%</div>
-  		<input class="btn btn-primary" type="submit" style="width: 75%; margin-bottom: 20px" value="%filter%">
-		</div>
-	</div>
 </form>
 %shifts_table% %ical_text%