diff --git a/includes/pages/admin_faq.php b/includes/pages/admin_faq.php index 2cd75955..05731296 100644 --- a/includes/pages/admin_faq.php +++ b/includes/pages/admin_faq.php @@ -20,7 +20,7 @@ function admin_faq() { sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'"); - header("Location: " . page_link_to("admin_faq")); + redirect(page_link_to("admin_faq")); break; case 'save' : @@ -40,7 +40,7 @@ function admin_faq() { sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("admin_faq")); + redirect(page_link_to("admin_faq")); } else return error("No FAQ found.", true); break; @@ -78,7 +78,7 @@ function admin_faq() { list ($faq) = $faq; sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("admin_faq")); + redirect(page_link_to("admin_faq")); } else return error("No FAQ found.", true); break; diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index dbcd5797..adcabd6e 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -88,7 +88,7 @@ function admin_groups() { } } engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names)); - header("Location: " . page_link_to("admin_groups")); + redirect(page_link_to("admin_groups")); } else return error("No Group found.", true); break; diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index 9a31d5cd..bbfb9c6d 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -104,7 +104,7 @@ function admin_import() { } if ($ok) - header("Location: " . page_link_to('admin_import') . "&step=check"); + redirect(page_link_to('admin_import') . "&step=check"); else $html .= template_render('../templates/admin_import_input.html', array ( 'link' => page_link_to('admin_import'), @@ -115,7 +115,7 @@ function admin_import() { case "check" : if (!file_exists($import_file)) - header("Location: " . page_link_to('admin_import')); + redirect(page_link_to('admin_import')); list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file); list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file); @@ -132,7 +132,7 @@ function admin_import() { case "import" : if (!file_exists($import_file)) - header("Location: " . page_link_to('admin_import')); + redirect(page_link_to('admin_import')); list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file); foreach ($rooms_new as $room) { diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index f6c06001..661aa511 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -3,7 +3,7 @@ function admin_news() { global $user; if (!isset ($_GET["action"])) { - header("Location: " . page_link_to("news")); + redirect(page_link_to("news")); } else { $html = ""; switch ($_GET["action"]) { @@ -61,7 +61,7 @@ function admin_news() { sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1"); engelsystem_log("News updated: " . $_POST["eBetreff"]); - header("Location: " . page_link_to("news")); + redirect(page_link_to("news")); } else return error("No News found.", true); break; @@ -78,7 +78,7 @@ function admin_news() { sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); engelsystem_log("News deleted: " . $news['Betreff']); - header("Location: " . page_link_to("news")); + redirect(page_link_to("news")); } else return error("No News found.", true); break; diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index a85c8c0f..1e410f07 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -61,7 +61,7 @@ function admin_questions() { if ($answer != "") { sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); - header("Location: " . page_link_to("admin_questions")); + redirect(page_link_to("admin_questions")); } else return error("Gib eine Antwort ein!", true); } else @@ -77,7 +77,7 @@ function admin_questions() { if (count($question) > 0) { sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); engelsystem_log("Question deleted: " . $question[0]['Question']); - header("Location: " . page_link_to("admin_questions")); + redirect(page_link_to("admin_questions")); } else return error("No question found.", true); break; diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index ce94e376..9a0dde35 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -226,10 +226,8 @@ function admin_shifts() { } elseif (isset ($_REQUEST['submit'])) { - if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types'])) { - header("Location: ?p=admin_shifts"); - die(); - } + if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types'])) + redirect(page_link_to('admin_shifts')); foreach ($_SESSION['admin_shifts_shifts'] as $shift) { sql_query("INSERT INTO `Shifts` SET `start`=" . sql_escape($shift['start']) . ", `end`=" . sql_escape($shift['end']) . ", `RID`=" . sql_escape($shift['RID']) . ", `name`='" . sql_escape($shift['name']) . "'"); diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index aaf7b0f1..bdd98d33 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -158,7 +158,7 @@ function guest_register() { function guest_logout() { session_destroy(); - header("Location: " . page_link_to("start")); + redirect(page_link_to("start")); } function guest_login() { diff --git a/includes/pages/guest_start.php b/includes/pages/guest_start.php index efad0a24..8f008a8d 100644 --- a/includes/pages/guest_start.php +++ b/includes/pages/guest_start.php @@ -1,6 +1,5 @@ \ No newline at end of file diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index 922997c1..ed736cc7 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -69,7 +69,7 @@ function user_messages() { $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("user_messages")); + redirect(page_link_to("user_messages")); } else return error("No Message found.", true); break; @@ -83,7 +83,7 @@ function user_messages() { $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("user_messages")); + redirect(page_link_to("user_messages")); } else return error("No Message found.", true); break; @@ -93,7 +93,7 @@ function user_messages() { $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to'])); if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); - header("Location: " . page_link_to("user_messages")); + redirect(page_link_to("user_messages")); } else { return error(Get_Text("pub_messages_Send_Error"), true); } diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index d23b4e96..5d55f647 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -27,7 +27,7 @@ function user_questions() { $question = strip_request_item_nl('question'); if ($question != "") { sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'"); - header("Location: " . page_link_to("user_questions")); + redirect(page_link_to("user_questions")); } else return error("Gib eine Frage ein!", true); break; @@ -40,7 +40,7 @@ function user_questions() { $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); - header("Location: " . page_link_to("user_questions")); + redirect(page_link_to("user_questions")); } else return error("No question found.", true); break; diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index b3d50a70..727bd696 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -157,11 +157,11 @@ function user_shifts() { if (isset ($_REQUEST['delete_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['delete_shift'])) $shift_id = $_REQUEST['delete_shift']; else - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); $shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); if (count($shift) == 0) - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); $shift = $shift[0]; // Schicht löschen bestätigt @@ -186,28 +186,28 @@ function user_shifts() { if (isset ($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) $shift_id = $_REQUEST['shift_id']; else - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); $shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); if (count($shift) == 0) - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); $shift = $shift[0]; if (isset ($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) $type_id = $_REQUEST['type_id']; else - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); // Schicht läuft schon, Eintragen für Engel nicht mehr möglich if(!in_array('user_shifts_admin', $privileges) && time() > $shift['start']) { error("Diese Schicht läuft gerade oder ist bereits vorbei. Bitte kontaktiere den Schichtkoordinator um Dich eintragen zu lassen."); - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); } // Another shift the user is signed up for collides with this one if(!in_array('user_shifts_admin', $privileges) && sql_num_query("SELECT `Shifts`.`SID` FROM `Shifts` INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = " . sql_escape($user['UID']) . ") WHERE `start` < '" . sql_escape($shift['end']) . "' AND `end` > '" . sql_escape($shift['start']) . "'") > 0) { error("Du bist bereits in einer parallelen Schicht eingetragen. Bitte kontaktiere den Schichtkoordinator, um dich eintragen zu lassen."); - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); } if (in_array('user_shifts_admin', $privileges)) @@ -216,7 +216,7 @@ function user_shifts() { $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1"); if (count($type) == 0) - header("Location: " . page_link_to('user_shifts')); + redirect(page_link_to('user_shifts')); $type = $type[0]; if (isset ($_REQUEST['submit'])) {