diff --git a/config/config.default.php b/config/config.default.php index 0b268c12..a832c8aa 100644 --- a/config/config.default.php +++ b/config/config.default.php @@ -47,10 +47,10 @@ $shift_sum_formula = "SUM( ))*(`Shifts`.`end` - `Shifts`.`start`)*(1 - 3 * `ShiftEntry`.`freeloaded`) )"; -// voucher calculation +// voucher calculation $voucher_settings = [ - "initial_vouchers" => 2, - "shifts_per_voucher" => 1 + "initial_vouchers" => 2, + "shifts_per_voucher" => 1 ]; // weigh every shift the same @@ -66,4 +66,3 @@ $config = [ 'pw' => "", 'db' => "engelsystem" ]; -?> diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php index cd2aa3e4..26aaae71 100644 --- a/includes/controller/angeltypes_controller.php +++ b/includes/controller/angeltypes_controller.php @@ -3,17 +3,19 @@ /** * Text for Angeltype related links. */ -function angeltypes_title() { - return _("Angeltypes"); +function angeltypes_title() +{ + return _("Angeltypes"); } /** * Route angeltype actions. */ -function angeltypes_controller() { - $action = strip_request_item('action', 'list'); +function angeltypes_controller() +{ + $action = strip_request_item('action', 'list'); - switch ($action) { + switch ($action) { default: case 'list': return angeltypes_list_controller(); @@ -31,196 +33,202 @@ function angeltypes_controller() { /** * Path to angeltype view. * - * @param AngelType $angeltype_id + * @param AngelType $angeltype_id */ -function angeltype_link($angeltype_id) { - return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id; +function angeltype_link($angeltype_id) +{ + return page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype_id; } /** * Job description for all angeltypes (public to everyone) */ -function angeltypes_about_controller() { - global $user; +function angeltypes_about_controller() +{ + global $user; - if (isset($user)) { - $angeltypes = AngelTypes_with_user($user); - } else { - $angeltypes = AngelTypes(); - } + if (isset($user)) { + $angeltypes = AngelTypes_with_user($user); + } else { + $angeltypes = AngelTypes(); + } - return [ + return [ _("Teams/Job description"), - AngelTypes_about_view($angeltypes, isset($user)) + AngelTypes_about_view($angeltypes, isset($user)) ]; } /** * Delete an Angeltype. */ -function angeltype_delete_controller() { - global $privileges; +function angeltype_delete_controller() +{ + global $privileges; - if (! in_array('admin_angel_types', $privileges)) { - redirect(page_link_to('angeltypes')); - } + if (! in_array('admin_angel_types', $privileges)) { + redirect(page_link_to('angeltypes')); + } - $angeltype = load_angeltype(); + $angeltype = load_angeltype(); - if (isset($_REQUEST['confirmed'])) { - AngelType_delete($angeltype); - success(sprintf(_("Angeltype %s deleted."), AngelType_name_render($angeltype))); - redirect(page_link_to('angeltypes')); - } + if (isset($_REQUEST['confirmed'])) { + AngelType_delete($angeltype); + success(sprintf(_("Angeltype %s deleted."), AngelType_name_render($angeltype))); + redirect(page_link_to('angeltypes')); + } - return [ + return [ sprintf(_("Delete angeltype %s"), $angeltype['name']), - AngelType_delete_view($angeltype) + AngelType_delete_view($angeltype) ]; } /** * Change an Angeltype. */ -function angeltype_edit_controller() { - global $privileges, $user; +function angeltype_edit_controller() +{ + global $privileges, $user; // In supporter mode only allow to modify description $supporter_mode = ! in_array('admin_angel_types', $privileges); - if (isset($_REQUEST['angeltype_id'])) { - // Edit existing angeltype + if (isset($_REQUEST['angeltype_id'])) { + // Edit existing angeltype $angeltype = load_angeltype(); - if (! User_is_AngelType_supporter($user, $angeltype)) { - redirect(page_link_to('angeltypes')); - } - } else { - // New angeltype - if ($supporter_mode) { - // Supporters aren't allowed to create new angeltypes. - redirect(page_link_to('angeltypes')); - } - $angeltype = AngelType_new(); - } - - if (isset($_REQUEST['submit'])) { - $valid = true; - - if (! $supporter_mode) { - if (isset($_REQUEST['name'])) { - $result = AngelType_validate_name($_REQUEST['name'], $angeltype); - $angeltype['name'] = $result->getValue(); - if (! $result->isValid()) { - $valid = false; - error(_("Please check the name. Maybe it already exists.")); + if (! User_is_AngelType_supporter($user, $angeltype)) { + redirect(page_link_to('angeltypes')); } - } - - $angeltype['restricted'] = isset($_REQUEST['restricted']); - $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']); - - $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']); + } else { + // New angeltype + if ($supporter_mode) { + // Supporters aren't allowed to create new angeltypes. + redirect(page_link_to('angeltypes')); } - - $angeltype['description'] = strip_request_item_nl('description', $angeltype['description']); - - if ($valid) { - if ($angeltype['id'] != null) { - AngelType_update($angeltype); - } else { - $angeltype = AngelType_create($angeltype); - } - - success("Angel type saved."); - redirect(angeltype_link($angeltype['id'])); + $angeltype = AngelType_new(); } - } - return [ + if (isset($_REQUEST['submit'])) { + $valid = true; + + if (! $supporter_mode) { + if (isset($_REQUEST['name'])) { + $result = AngelType_validate_name($_REQUEST['name'], $angeltype); + $angeltype['name'] = $result->getValue(); + if (! $result->isValid()) { + $valid = false; + error(_("Please check the name. Maybe it already exists.")); + } + } + + $angeltype['restricted'] = isset($_REQUEST['restricted']); + $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']); + + $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']); + } + + $angeltype['description'] = strip_request_item_nl('description', $angeltype['description']); + + if ($valid) { + if ($angeltype['id'] != null) { + AngelType_update($angeltype); + } else { + $angeltype = AngelType_create($angeltype); + } + + success("Angel type saved."); + redirect(angeltype_link($angeltype['id'])); + } + } + + return [ sprintf(_("Edit %s"), $angeltype['name']), - AngelType_edit_view($angeltype, $supporter_mode) + AngelType_edit_view($angeltype, $supporter_mode) ]; } /** * View details of a given angeltype. */ -function angeltype_controller() { - global $privileges, $user; +function angeltype_controller() +{ + global $privileges, $user; - if (! in_array('angeltypes', $privileges)) { - redirect('?'); - } + if (! in_array('angeltypes', $privileges)) { + redirect('?'); + } - $angeltype = load_angeltype(); - $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype); - $user_driver_license = UserDriverLicense($user['UID']); - $members = Users_by_angeltype($angeltype); + $angeltype = load_angeltype(); + $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype); + $user_driver_license = UserDriverLicense($user['UID']); + $members = Users_by_angeltype($angeltype); - return [ + return [ sprintf(_("Team %s"), $angeltype['name']), - AngelType_view($angeltype, $members, $user_angeltype, in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'], in_array('admin_angel_types', $privileges), $user_angeltype['supporter'], $user_driver_license, $user) + AngelType_view($angeltype, $members, $user_angeltype, in_array('admin_user_angeltypes', $privileges) || $user_angeltype['supporter'], in_array('admin_angel_types', $privileges), $user_angeltype['supporter'], $user_driver_license, $user) ]; } /** * View a list of all angeltypes. */ -function angeltypes_list_controller() { - global $privileges, $user; +function angeltypes_list_controller() +{ + global $privileges, $user; - if (! in_array('angeltypes', $privileges)) { - redirect('?'); - } + if (! in_array('angeltypes', $privileges)) { + redirect('?'); + } - $angeltypes = AngelTypes_with_user($user); + $angeltypes = AngelTypes_with_user($user); - foreach ($angeltypes as &$angeltype) { - $actions = [ - button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("view"), "btn-xs") + foreach ($angeltypes as &$angeltype) { + $actions = [ + button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("view"), "btn-xs") ]; - if (in_array('admin_angel_types', $privileges)) { - $actions[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), "btn-xs"); - $actions[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), "btn-xs"); - } + if (in_array('admin_angel_types', $privileges)) { + $actions[] = button(page_link_to('angeltypes') . '&action=edit&angeltype_id=' . $angeltype['id'], _("edit"), "btn-xs"); + $actions[] = button(page_link_to('angeltypes') . '&action=delete&angeltype_id=' . $angeltype['id'], _("delete"), "btn-xs"); + } - $angeltype['membership'] = AngelType_render_membership($angeltype); - if ($angeltype['user_angeltype_id'] != null) { - $actions[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), "btn-xs"); - } else { - $actions[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), "btn-xs"); - } + $angeltype['membership'] = AngelType_render_membership($angeltype); + if ($angeltype['user_angeltype_id'] != null) { + $actions[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), "btn-xs"); + } else { + $actions[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), "btn-xs"); + } - $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : ''; - $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share'); + $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : ''; + $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share'); - $angeltype['name'] = '' . $angeltype['name'] . ''; + $angeltype['name'] = '' . $angeltype['name'] . ''; - $angeltype['actions'] = table_buttons($actions); - } + $angeltype['actions'] = table_buttons($actions); + } - return [ + return [ angeltypes_title(), - AngelTypes_list_view($angeltypes, in_array('admin_angel_types', $privileges)) + AngelTypes_list_view($angeltypes, in_array('admin_angel_types', $privileges)) ]; } /** * Loads an angeltype from given angeltype_id request param. */ -function load_angeltype() { - if (! isset($_REQUEST['angeltype_id'])) { - redirect(page_link_to('angeltypes')); - } +function load_angeltype() +{ + if (! isset($_REQUEST['angeltype_id'])) { + redirect(page_link_to('angeltypes')); + } - $angeltype = AngelType($_REQUEST['angeltype_id']); - if ($angeltype == null) { - error(_("Angeltype doesn't exist.")); - redirect(page_link_to('angeltypes')); - } + $angeltype = AngelType($_REQUEST['angeltype_id']); + if ($angeltype == null) { + error(_("Angeltype doesn't exist.")); + redirect(page_link_to('angeltypes')); + } - return $angeltype; + return $angeltype; } -?> diff --git a/includes/controller/event_config_controller.php b/includes/controller/event_config_controller.php index 4f07fe4c..c93f8d63 100644 --- a/includes/controller/event_config_controller.php +++ b/includes/controller/event_config_controller.php @@ -1,103 +1,103 @@ getValue(); - $valid &= $result->isValid(); + $result = check_request_date('buildup_start_date', _("Please enter buildup start date."), true); + $buildup_start_date = $result->getValue(); + $valid &= $result->isValid(); - $result = check_request_date('event_start_date', _("Please enter event start date."), true); - $event_start_date = $result->getValue(); - $valid &= $result->isValid(); + $result = check_request_date('event_start_date', _("Please enter event start date."), true); + $event_start_date = $result->getValue(); + $valid &= $result->isValid(); - $result = check_request_date('event_end_date', _("Please enter event end date."), true); - $event_end_date = $result->getValue(); - $valid &= $result->isValid(); + $result = check_request_date('event_end_date', _("Please enter event end date."), true); + $event_end_date = $result->getValue(); + $valid &= $result->isValid(); - $result = check_request_date('teardown_end_date', _("Please enter teardown end date."), true); - $teardown_end_date = $result->getValue(); - $valid &= $result->isValid(); + $result = check_request_date('teardown_end_date', _("Please enter teardown end date."), true); + $teardown_end_date = $result->getValue(); + $valid &= $result->isValid(); - if ($buildup_start_date != null && $event_start_date != null && $buildup_start_date > $event_start_date) { - $valid = false; - error(_("The buildup start date has to be before the event start date.")); - } + if ($buildup_start_date != null && $event_start_date != null && $buildup_start_date > $event_start_date) { + $valid = false; + error(_("The buildup start date has to be before the event start date.")); + } - if ($event_start_date != null && $event_end_date != null && $event_start_date > $event_end_date) { - $valid = false; - error(_("The event start date has to be before the event end date.")); - } + if ($event_start_date != null && $event_end_date != null && $event_start_date > $event_end_date) { + $valid = false; + error(_("The event start date has to be before the event end date.")); + } - if ($event_end_date != null && $teardown_end_date != null && $event_end_date > $teardown_end_date) { - $valid = false; - error(_("The event end date has to be before the teardown end date.")); - } + if ($event_end_date != null && $teardown_end_date != null && $event_end_date > $teardown_end_date) { + $valid = false; + error(_("The event end date has to be before the teardown end date.")); + } - if ($buildup_start_date != null && $teardown_end_date != null && $buildup_start_date > $teardown_end_date) { - $valid = false; - error(_("The buildup start date has to be before the teardown end date.")); - } + if ($buildup_start_date != null && $teardown_end_date != null && $buildup_start_date > $teardown_end_date) { + $valid = false; + error(_("The buildup start date has to be before the teardown end date.")); + } - if ($valid) { - $result = EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg); + if ($valid) { + $result = EventConfig_update($event_name, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date, $event_welcome_msg); - if ($result === false) { - engelsystem_error("Unable to update event config."); - } + if ($result === false) { + engelsystem_error("Unable to update event config."); + } - engelsystem_log("Changed event config: $event_name, $event_welcome_msg, " . date("Y-m-d", $buildup_start_date) . ", " . date("Y-m-d", $event_start_date) . ", " . date("Y-m-d", $event_end_date) . ", " . date("Y-m-d", $teardown_end_date)); - success(_("Settings saved.")); - redirect(page_link_to('admin_event_config')); + engelsystem_log("Changed event config: $event_name, $event_welcome_msg, " . date("Y-m-d", $buildup_start_date) . ", " . date("Y-m-d", $event_start_date) . ", " . date("Y-m-d", $event_end_date) . ", " . date("Y-m-d", $teardown_end_date)); + success(_("Settings saved.")); + redirect(page_link_to('admin_event_config')); + } } - } - return [ + return [ event_config_title(), - EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date) + EventConfig_edit_view($event_name, $event_welcome_msg, $buildup_start_date, $event_start_date, $event_end_date, $teardown_end_date) ]; } - -?> \ No newline at end of file diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php index a79034fb..2e45dead 100644 --- a/includes/controller/rooms_controller.php +++ b/includes/controller/rooms_controller.php @@ -10,56 +10,58 @@ use Engelsystem\ShiftCalendarRenderer; /** * View a room with its shifts. */ -function room_controller() { - global $privileges; +function room_controller() +{ + global $privileges; - if (! in_array('view_rooms', $privileges)) { - redirect(page_link_to()); - } - - $room = load_room(); - $all_shifts = Shifts_by_room($room); - $days = []; - foreach ($all_shifts as $shift) { - $day = date("Y-m-d", $shift['start']); - if (! in_array($day, $days)) { - $days[] = $day; + if (! in_array('view_rooms', $privileges)) { + redirect(page_link_to()); } - } - $shiftsFilter = new ShiftsFilter(true, [ - $room['RID'] + $room = load_room(); + $all_shifts = Shifts_by_room($room); + $days = []; + foreach ($all_shifts as $shift) { + $day = date("Y-m-d", $shift['start']); + if (! in_array($day, $days)) { + $days[] = $day; + } + } + + $shiftsFilter = new ShiftsFilter(true, [ + $room['RID'] ], AngelType_ids()); - $selected_day = date("Y-m-d"); - if (! empty($days)) { - $selected_day = $days[0]; - } - if (isset($_REQUEST['shifts_filter_day'])) { - $selected_day = $_REQUEST['shifts_filter_day']; - } - $shiftsFilter->setStartTime(parse_date("Y-m-d H:i", $selected_day . ' 00:00')); - $shiftsFilter->setEndTime(parse_date("Y-m-d H:i", $selected_day . ' 23:59')); + $selected_day = date("Y-m-d"); + if (! empty($days)) { + $selected_day = $days[0]; + } + if (isset($_REQUEST['shifts_filter_day'])) { + $selected_day = $_REQUEST['shifts_filter_day']; + } + $shiftsFilter->setStartTime(parse_date("Y-m-d H:i", $selected_day . ' 00:00')); + $shiftsFilter->setEndTime(parse_date("Y-m-d H:i", $selected_day . ' 23:59')); - $shiftsFilterRenderer = new ShiftsFilterRenderer($shiftsFilter); - $shiftsFilterRenderer->enableDaySelection($days); + $shiftsFilterRenderer = new ShiftsFilterRenderer($shiftsFilter); + $shiftsFilterRenderer->enableDaySelection($days); - $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter); + $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter); - return [ + return [ $room['Name'], - Room_view($room, $shiftsFilterRenderer, $shiftCalendarRenderer) + Room_view($room, $shiftsFilterRenderer, $shiftCalendarRenderer) ]; } /** * Dispatch different room actions. */ -function rooms_controller() { - if (! isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; - } +function rooms_controller() +{ + if (! isset($_REQUEST['action'])) { + $_REQUEST['action'] = 'list'; + } - switch ($_REQUEST['action']) { + switch ($_REQUEST['action']) { default: case 'list': redirect(page_link_to('admin_rooms')); @@ -68,28 +70,29 @@ function rooms_controller() { } } -function room_link($room) { - return page_link_to('rooms') . '&action=view&room_id=' . $room['RID']; +function room_link($room) +{ + return page_link_to('rooms') . '&action=view&room_id=' . $room['RID']; } -function room_edit_link($room) { - return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID']; +function room_edit_link($room) +{ + return page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID']; } /** * Loads room by request param room_id */ -function load_room() { - if (! test_request_int('room_id')) { - redirect(page_link_to()); - } +function load_room() +{ + if (! test_request_int('room_id')) { + redirect(page_link_to()); + } - $room = Room($_REQUEST['room_id']); - if ($room == null) { - redirect(page_link_to()); - } + $room = Room($_REQUEST['room_id']); + if ($room == null) { + redirect(page_link_to()); + } - return $room; + return $room; } - -?> \ No newline at end of file diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index d0a12288..7fce4626 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -3,159 +3,160 @@ /** * Sign up for a shift. */ -function shift_entry_add_controller() { - global $privileges, $user; +function shift_entry_add_controller() +{ + global $privileges, $user; - if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) { - $shift_id = $_REQUEST['shift_id']; - } else { - redirect(page_link_to('user_shifts')); - } + if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) { + $shift_id = $_REQUEST['shift_id']; + } else { + redirect(page_link_to('user_shifts')); + } // Locations laden $rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`"); - $room_array = []; - foreach ($rooms as $room) { - $room_array[$room['RID']] = $room['Name']; - } + $room_array = []; + foreach ($rooms as $room) { + $room_array[$room['RID']] = $room['Name']; + } - $shift = Shift($shift_id); - $shift['Name'] = $room_array[$shift['RID']]; - if ($shift == null) { - redirect(page_link_to('user_shifts')); - } - - if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) { - $type_id = $_REQUEST['type_id']; - } else { - redirect(page_link_to('user_shifts')); - } - - if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { - $type = AngelType($type_id); - } else { - $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL))"); - $type = $type[0]; - } - - if ($type == null) { - redirect(page_link_to('user_shifts')); - } - - if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges))) { - $user_id = $_REQUEST['user_id']; - } else { - $user_id = $user['UID']; - } - - $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type); - $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']); - - $shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type, null, null, $needed_angeltype, $shift_entries); - if (! $shift_signup_allowed->isSignupAllowed()) { - error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running.")); - redirect(shift_link($shift)); - } - - if (isset($_REQUEST['submit'])) { - $selected_type_id = $type_id; - if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { - - if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) { + $shift = Shift($shift_id); + $shift['Name'] = $room_array[$shift['RID']]; + if ($shift == null) { redirect(page_link_to('user_shifts')); - } + } + + if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) { + $type_id = $_REQUEST['type_id']; + } else { + redirect(page_link_to('user_shifts')); + } + + if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { + $type = AngelType($type_id); + } else { + $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL))"); + $type = $type[0]; + } + + if ($type == null) { + redirect(page_link_to('user_shifts')); + } + + if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges))) { + $user_id = $_REQUEST['user_id']; + } else { + $user_id = $user['UID']; + } + + $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type); + $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']); + + $shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type, null, null, $needed_angeltype, $shift_entries); + if (! $shift_signup_allowed->isSignupAllowed()) { + error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running.")); + redirect(shift_link($shift)); + } + + if (isset($_REQUEST['submit'])) { + $selected_type_id = $type_id; + if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { + if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) { + redirect(page_link_to('user_shifts')); + } - if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) { - $selected_type_id = $_REQUEST['angeltype_id']; - } - } + if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) { + $selected_type_id = $_REQUEST['angeltype_id']; + } + } - if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) { - return error("This angel does already have an entry for this shift.", true); - } + if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) { + return error("This angel does already have an entry for this shift.", true); + } - $freeloaded = $shift['freeloaded']; - $freeload_comment = $shift['freeload_comment']; - if (in_array("user_shifts_admin", $privileges)) { - $freeloaded = isset($_REQUEST['freeloaded']); - $freeload_comment = strip_request_item_nl('freeload_comment'); - } + $freeloaded = $shift['freeloaded']; + $freeload_comment = $shift['freeload_comment']; + if (in_array("user_shifts_admin", $privileges)) { + $freeloaded = isset($_REQUEST['freeloaded']); + $freeload_comment = strip_request_item_nl('freeload_comment'); + } - $comment = strip_request_item_nl('comment'); - $result = ShiftEntry_create([ + $comment = strip_request_item_nl('comment'); + $result = ShiftEntry_create([ 'SID' => $shift_id, 'TID' => $selected_type_id, 'UID' => $user_id, 'Comment' => $comment, 'freeloaded' => $freeloaded, - 'freeload_comment' => $freeload_comment + 'freeload_comment' => $freeload_comment ]); - if ($result === false) { - engelsystem_error('Unable to create shift entry.'); - } + if ($result === false) { + engelsystem_error('Unable to create shift entry.'); + } - if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "'") == 0) { - sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')"); - } + if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "'") == 0) { + sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')"); + } - $user_source = User($user_id); - engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); - success(_("You are subscribed. Thank you!") . ' ' . _("My shifts") . ' »'); - redirect(shift_link($shift)); - } + $user_source = User($user_id); + engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); + success(_("You are subscribed. Thank you!") . ' ' . _("My shifts") . ' »'); + redirect(shift_link($shift)); + } - if (in_array('user_shifts_admin', $privileges)) { - $users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`"); - $users_select = []; - foreach ($users as $usr) { - $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")"); - } - $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); + if (in_array('user_shifts_admin', $privileges)) { + $users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`"); + $users_select = []; + foreach ($users as $usr) { + $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")"); + } + $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); - $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); - $angeltypes = []; - foreach ($angeltypes_source as $angeltype) { - $angeltypes[$angeltype['id']] = $angeltype['name']; - } - $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); - } elseif (in_array('shiftentry_edit_angeltype_supporter', $privileges)) { - $users = Users_by_angeltype($type); - $users_select = []; - foreach ($users as $usr) { - if (! $type['restricted'] || $usr['confirm_user_id'] != null) { - $users_select[$usr['UID']] = $usr['Nick']; - } - } - $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); + $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); + $angeltypes = []; + foreach ($angeltypes_source as $angeltype) { + $angeltypes[$angeltype['id']] = $angeltype['name']; + } + $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); + } elseif (in_array('shiftentry_edit_angeltype_supporter', $privileges)) { + $users = Users_by_angeltype($type); + $users_select = []; + foreach ($users as $usr) { + if (! $type['restricted'] || $usr['confirm_user_id'] != null) { + $users_select[$usr['UID']] = $usr['Nick']; + } + } + $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); - $angeltypes_source = User_angeltypes($user); - $angeltypes = []; - foreach ($angeltypes_source as $angeltype) { - if ($angeltype['supporter']) { - $angeltypes[$angeltype['id']] = $angeltype['name']; - } - $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); + $angeltypes_source = User_angeltypes($user); + $angeltypes = []; + foreach ($angeltypes_source as $angeltype) { + if ($angeltype['supporter']) { + $angeltypes[$angeltype['id']] = $angeltype['name']; + } + $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); + } + } else { + $user_text = User_Nick_render($user); + $angeltype_select = $type['name']; } - } else { - $user_text = User_Nick_render($user); - $angeltype_select = $type['name']; - } - return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' – ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "", false, null, in_array('user_shifts_admin', $privileges)); + return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' – ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "", false, null, in_array('user_shifts_admin', $privileges)); } /** * Remove somebody from a shift. */ -function shift_entry_delete_controller() { - global $privileges, $user; +function shift_entry_delete_controller() +{ + global $privileges, $user; - if (! isset($_REQUEST['entry_id']) || ! test_request_int('entry_id')) { - redirect(page_link_to('user_shifts')); - } - $entry_id = $_REQUEST['entry_id']; + if (! isset($_REQUEST['entry_id']) || ! test_request_int('entry_id')) { + redirect(page_link_to('user_shifts')); + } + $entry_id = $_REQUEST['entry_id']; - $shift_entry_source = sql_select(" + $shift_entry_source = sql_select(" SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type`, `AngelTypes`.`id` as `angeltype_id` FROM `ShiftEntry` JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) @@ -164,24 +165,22 @@ function shift_entry_delete_controller() { JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'"); - if (count($shift_entry_source) > 0) { - $shift_entry_source = $shift_entry_source[0]; + if (count($shift_entry_source) > 0) { + $shift_entry_source = $shift_entry_source[0]; - if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) { - redirect(page_link_to('user_shifts')); + if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) { + redirect(page_link_to('user_shifts')); + } + + $result = ShiftEntry_delete($entry_id); + if ($result === false) { + engelsystem_error('Unable to delete shift entry.'); + } + + engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("Y-m-d H:i", $shift_entry_source['start']) . " to " . date("Y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']); + success(_("Shift entry deleted.")); + } else { + error(_("Entry not found.")); } - - $result = ShiftEntry_delete($entry_id); - if ($result === false) { - engelsystem_error('Unable to delete shift entry.'); - } - - engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("Y-m-d H:i", $shift_entry_source['start']) . " to " . date("Y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']); - success(_("Shift entry deleted.")); - } else { - error(_("Entry not found.")); - } - redirect(shift_link($shift_entry_source)); + redirect(shift_link($shift_entry_source)); } - -?> \ No newline at end of file diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index 9ac8a766..69d0de1f 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -1,136 +1,140 @@ = $end) { - $valid = false; - $msg .= error(_("The ending time has to be after the starting time."), true); - } - - foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) { - if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) { - $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]); - } else { $valid = false; - $msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $needed_angeltype_name), true); - } + $msg .= error(_("Please select a room."), true); } - if ($valid) { - $shift['shifttype_id'] = $shifttype_id; - $shift['title'] = $title; - $shift['RID'] = $rid; - $shift['start'] = $start; - $shift['end'] = $end; + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + $valid = false; + $msg .= error(_('Please select a shifttype.'), true); + } + + if (isset($_REQUEST['start']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['start'])) { + $start = $tmp; + } else { + $valid = false; + $msg .= error(_("Please enter a valid starting time for the shifts."), true); + } + + if (isset($_REQUEST['end']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['end'])) { + $end = $tmp; + } else { + $valid = false; + $msg .= error(_("Please enter a valid ending time for the shifts."), true); + } + + if ($start >= $end) { + $valid = false; + $msg .= error(_("The ending time has to be after the starting time."), true); + } + + foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) { + if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) { + $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]); + } else { + $valid = false; + $msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $needed_angeltype_name), true); + } + } + + if ($valid) { + $shift['shifttype_id'] = $shifttype_id; + $shift['title'] = $title; + $shift['RID'] = $rid; + $shift['start'] = $start; + $shift['end'] = $end; - $result = Shift_update($shift); - if ($result === false) { - engelsystem_error('Unable to update shift.'); - } - NeededAngelTypes_delete_by_shift($shift_id); - $needed_angel_types_info = []; - foreach ($needed_angel_types as $type_id => $count) { - NeededAngelType_add($shift_id, $type_id, null, $count); - $needed_angel_types_info[] = $angeltypes[$type_id] . ": " . $count; - } + $result = Shift_update($shift); + if ($result === false) { + engelsystem_error('Unable to update shift.'); + } + NeededAngelTypes_delete_by_shift($shift_id); + $needed_angel_types_info = []; + foreach ($needed_angel_types as $type_id => $count) { + NeededAngelType_add($shift_id, $type_id, null, $count); + $needed_angel_types_info[] = $angeltypes[$type_id] . ": " . $count; + } - engelsystem_log("Updated shift '" . $shifttypes[$shifttype_id] . ", " . $title . "' from " . date("Y-m-d H:i", $start) . " to " . date("Y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info)); - success(_("Shift updated.")); + engelsystem_log("Updated shift '" . $shifttypes[$shifttype_id] . ", " . $title . "' from " . date("Y-m-d H:i", $start) . " to " . date("Y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info)); + success(_("Shift updated.")); - redirect(shift_link([ - 'SID' => $shift_id + redirect(shift_link([ + 'SID' => $shift_id ])); + } } - } - $angel_types_spinner = ""; - foreach ($angeltypes as $angeltype_id => $angeltype_name) { - $angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name, $needed_angel_types[$angeltype_id]); - } + $angel_types_spinner = ""; + foreach ($angeltypes as $angeltype_id => $angeltype_name) { + $angel_types_spinner .= form_spinner('type_' . $angeltype_id, $angeltype_name, $needed_angel_types[$angeltype_id]); + } - return page_with_title(shifts_title(), [ + return page_with_title(shifts_title(), [ msg(), '', form([ @@ -141,92 +145,95 @@ function shift_edit_controller() { form_text('end', _("End:"), date("Y-m-d H:i", $end)), '
Passwort | " . " |
Wiederholung | " . " |
Passwort | " . " |
Wiederholung | " . " |
' . $group['Name'] . ' | |
' . $group['Name'] . ' |
' . _("Please read about the jobs you can do to help us.") . '
', buttons([ - button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' »') - ]) - ]) - ]) - ]) + button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' »') + ]) + ]) + ]) + ]) ]); } -function get_register_hint() { - global $privileges; +function get_register_hint() +{ + global $privileges; - if (in_array('register', $privileges)) { - return join('', [ + if (in_array('register', $privileges)) { + return join('', [ '' . _("Please sign up, if you want to help us!") . '
', buttons([ - button(page_link_to('register'), register_title() . ' »') - ]) + button(page_link_to('register'), register_title() . ' »') + ]) ]); - } + } //FIXME: return error(_("Registration is disabled."), true); return error("Registration is disabled.", true); } -?> diff --git a/includes/pages/guest_start.php b/includes/pages/guest_start.php index 8f008a8d..c89f680e 100644 --- a/includes/pages/guest_start.php +++ b/includes/pages/guest_start.php @@ -1,5 +1,5 @@ \ No newline at end of file diff --git a/includes/pages/guest_stats.php b/includes/pages/guest_stats.php index 71fde137..2559dd4d 100644 --- a/includes/pages/guest_stats.php +++ b/includes/pages/guest_stats.php @@ -1,35 +1,34 @@ "Wrong api_key." + ])); } raw_output(json_encode([ - 'error' => "Wrong api_key." - ])); - } - raw_output(json_encode([ - 'error' => "Missing parameter api_key." + 'error' => "Missing parameter api_key." ])); } - -?> diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index 9a765634..88e8f201 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -1,46 +1,49 @@ +function make_atom_entries_from_news($news_entries) +{ + $html = '' . sprintf(_("Export of shown shifts. iCal format or JSON format available (please keep secret, otherwise reset the api key)."), page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('user_myshifts') . '&reset') . '
', - 'filter' => _("Filter") - ]) - ]) + 'filter' => _("Filter") + ]) + ]) ]); } -function get_ids_from_array($array) { - return $array["id"]; +function get_ids_from_array($array) +{ + return $array["id"]; } -function make_select($items, $selected, $name, $title = null) { - $html_items = []; - if (isset($title)) { - $html_items[] = '$title | "; - } - $html .= "||
---|---|---|
'; +function form_multi_checkboxes($names, $label, $items, $selected, $disabled = []) +{ + $html = " |
$title | "; } - $html .= '
---|
' . $text . '
', ''); +function form_info($label, $text = "") +{ + if ($label == "") { + return '' . glyph('info-sign') . $text . ''; + } + if ($text == "") { + return '' . $text . '
', ''); } /** * Rendert den Absenden-Button eines Formulars */ -function form_submit($name, $label) { - return form_element('', ""); +function form_submit($name, $label) +{ + return form_element('', ""); } /** * Rendert ein Formular-Textfeld */ -function form_text($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_text($name, $label, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '', 'form_' . $name); } /** @@ -187,95 +197,104 @@ function form_text($name, $label, $value, $disabled = false) { * @param Boolean $disabled * Is the field enabled? */ -function form_text_placeholder($name, $placeholder, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element('', ''); +function form_text_placeholder($name, $placeholder, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element('', ''); } /** * Rendert ein Formular-Emailfeld */ -function form_email($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_email($name, $label, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '', 'form_' . $name); } /** * Rendert ein Formular-Dateifeld */ -function form_file($name, $label) { - return form_element($label, '', 'form_' . $name); +function form_file($name, $label) +{ + return form_element($label, '', 'form_' . $name); } /** * Rendert ein Formular-Passwortfeld */ -function form_password($name, $label, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_password($name, $label, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '', 'form_' . $name); } /** * Renders a password input with placeholder instead of label. */ -function form_password_placeholder($name, $placeholder, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element('', '', 'form_' . $name); +function form_password_placeholder($name, $placeholder, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element('', '', 'form_' . $name); } /** * Rendert ein Formular-Textfeld */ -function form_textarea($name, $label, $value, $disabled = false) { - $disabled = $disabled ? ' disabled="disabled"' : ''; - return form_element($label, '', 'form_' . $name); +function form_textarea($name, $label, $value, $disabled = false) +{ + $disabled = $disabled ? ' disabled="disabled"' : ''; + return form_element($label, '', 'form_' . $name); } /** * Rendert ein Formular-Auswahlfeld */ -function form_select($name, $label, $values, $selected) { - return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name); +function form_select($name, $label, $values, $selected) +{ + return form_element($label, html_select_key('form_' . $name, $name, $values, $selected), 'form_' . $name); } /** * Rendert ein Formular-Element */ -function form_element($label, $input, $for = "") { - if ($label == '') { - return '