iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

replaced header with redirect function

This commit is contained in:
Philip Häusler 2012-12-30 18:27:45 +01:00
parent 8fd5ffb335
commit a573b4e325
11 changed files with 29 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
includes/pages/admin_faq.php
View File

@ -20,7 +20,7 @@ function admin_faq() {
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'"); sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'");
header("Location: " . page_link_to("admin_faq")); redirect(page_link_to("admin_faq"));
break; break;
case 'save' : case 'save' :
@ -40,7 +40,7 @@ function admin_faq() {
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("admin_faq")); redirect(page_link_to("admin_faq"));
} else } else
return error("No FAQ found.", true); return error("No FAQ found.", true);
break; break;
@ -78,7 +78,7 @@ function admin_faq() {
list ($faq) = $faq; list ($faq) = $faq;
sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("admin_faq")); redirect(page_link_to("admin_faq"));
} else } else
return error("No FAQ found.", true); return error("No FAQ found.", true);
break; break;

2
includes/pages/admin_groups.php
View File

@ -88,7 +88,7 @@ function admin_groups() {
} }
} }
engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names)); engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names));
header("Location: " . page_link_to("admin_groups")); redirect(page_link_to("admin_groups"));
} else } else
return error("No Group found.", true); return error("No Group found.", true);
break; break;

6
includes/pages/admin_import.php
View File

@ -104,7 +104,7 @@ function admin_import() {
} }
if ($ok) if ($ok)
header("Location: " . page_link_to('admin_import') . "&step=check"); redirect(page_link_to('admin_import') . "&step=check");
else else
$html .= template_render('../templates/admin_import_input.html', array ( $html .= template_render('../templates/admin_import_input.html', array (
'link' => page_link_to('admin_import'), 'link' => page_link_to('admin_import'),
@ -115,7 +115,7 @@ function admin_import() {
case "check" : case "check" :
if (!file_exists($import_file)) if (!file_exists($import_file))
header("Location: " . page_link_to('admin_import')); redirect(page_link_to('admin_import'));
list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file); list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file); list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
@ -132,7 +132,7 @@ function admin_import() {
case "import" : case "import" :
if (!file_exists($import_file)) if (!file_exists($import_file))
header("Location: " . page_link_to('admin_import')); redirect(page_link_to('admin_import'));
list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file); list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) { foreach ($rooms_new as $room) {

6
includes/pages/admin_news.php
View File

@ -3,7 +3,7 @@ function admin_news() {
global $user; global $user;
if (!isset ($_GET["action"])) { if (!isset ($_GET["action"])) {
header("Location: " . page_link_to("news")); redirect(page_link_to("news"));
} else { } else {
$html = ""; $html = "";
switch ($_GET["action"]) { switch ($_GET["action"]) {
@ -61,7 +61,7 @@ function admin_news() {
sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
"', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1"); "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
engelsystem_log("News updated: " . $_POST["eBetreff"]); engelsystem_log("News updated: " . $_POST["eBetreff"]);
header("Location: " . page_link_to("news")); redirect(page_link_to("news"));
} else } else
return error("No News found.", true); return error("No News found.", true);
break; break;
@ -78,7 +78,7 @@ function admin_news() {
sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
engelsystem_log("News deleted: " . $news['Betreff']); engelsystem_log("News deleted: " . $news['Betreff']);
header("Location: " . page_link_to("news")); redirect(page_link_to("news"));
} else } else
return error("No News found.", true); return error("No News found.", true);
break; break;

4
includes/pages/admin_questions.php
View File

@ -61,7 +61,7 @@ function admin_questions() {
if ($answer != "") { if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
header("Location: " . page_link_to("admin_questions")); redirect(page_link_to("admin_questions"));
} else } else
return error("Gib eine Antwort ein!", true); return error("Gib eine Antwort ein!", true);
} else } else
@ -77,7 +77,7 @@ function admin_questions() {
if (count($question) > 0) { if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']); engelsystem_log("Question deleted: " . $question[0]['Question']);
header("Location: " . page_link_to("admin_questions")); redirect(page_link_to("admin_questions"));
} else } else
return error("No question found.", true); return error("No question found.", true);
break; break;

6
includes/pages/admin_shifts.php
View File

@ -226,10 +226,8 @@ function admin_shifts() {
} }
elseif (isset ($_REQUEST['submit'])) { elseif (isset ($_REQUEST['submit'])) {
if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types'])) { if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types']))
header("Location: ?p=admin_shifts"); redirect(page_link_to('admin_shifts'));
die();
}
foreach ($_SESSION['admin_shifts_shifts'] as $shift) { foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
sql_query("INSERT INTO `Shifts` SET `start`=" . sql_escape($shift['start']) . ", `end`=" . sql_escape($shift['end']) . ", `RID`=" . sql_escape($shift['RID']) . ", `name`='" . sql_escape($shift['name']) . "'"); sql_query("INSERT INTO `Shifts` SET `start`=" . sql_escape($shift['start']) . ", `end`=" . sql_escape($shift['end']) . ", `RID`=" . sql_escape($shift['RID']) . ", `name`='" . sql_escape($shift['name']) . "'");

2
includes/pages/guest_login.php
View File

@ -158,7 +158,7 @@ function guest_register() {
function guest_logout() { function guest_logout() {
session_destroy(); session_destroy();
header("Location: " . page_link_to("start")); redirect(page_link_to("start"));
} }
function guest_login() { function guest_login() {

3
includes/pages/guest_start.php
View File

@ -1,6 +1,5 @@
<?php <?php
function guest_start() { function guest_start() {
header("Location: ?p=login"); redirect(page_link_to('login'));
die();
} }
?> ?>

6
includes/pages/user_messages.php
View File

@ -69,7 +69,7 @@ function user_messages() {
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else } else
return error("No Message found.", true); return error("No Message found.", true);
break; break;
@ -83,7 +83,7 @@ function user_messages() {
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else } else
return error("No Message found.", true); return error("No Message found.", true);
break; break;
@ -93,7 +93,7 @@ function user_messages() {
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to'])); $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
header("Location: " . page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else { } else {
return error(Get_Text("pub_messages_Send_Error"), true); return error(Get_Text("pub_messages_Send_Error"), true);
} }

4
includes/pages/user_questions.php
View File

@ -27,7 +27,7 @@ function user_questions() {
$question = strip_request_item_nl('question'); $question = strip_request_item_nl('question');
if ($question != "") { if ($question != "") {
sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'"); sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'");
header("Location: " . page_link_to("user_questions")); redirect(page_link_to("user_questions"));
} else } else
return error("Gib eine Frage ein!", true); return error("Gib eine Frage ein!", true);
break; break;
@ -40,7 +40,7 @@ function user_questions() {
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("user_questions")); redirect(page_link_to("user_questions"));
} else } else
return error("No question found.", true); return error("No question found.", true);
break; break;

16
includes/pages/user_shifts.php
View File

@ -157,11 +157,11 @@ function user_shifts() {
if (isset ($_REQUEST['delete_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['delete_shift'])) if (isset ($_REQUEST['delete_shift']) && preg_match("/^[0-9]*$/", $_REQUEST['delete_shift']))
$shift_id = $_REQUEST['delete_shift']; $shift_id = $_REQUEST['delete_shift'];
else else
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); $shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
if (count($shift) == 0) if (count($shift) == 0)
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$shift = $shift[0]; $shift = $shift[0];
// Schicht löschen bestätigt // Schicht löschen bestätigt
@ -186,28 +186,28 @@ function user_shifts() {
if (isset ($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) if (isset ($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id']))
$shift_id = $_REQUEST['shift_id']; $shift_id = $_REQUEST['shift_id'];
else else
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1"); $shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
if (count($shift) == 0) if (count($shift) == 0)
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$shift = $shift[0]; $shift = $shift[0];
if (isset ($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) if (isset ($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id']))
$type_id = $_REQUEST['type_id']; $type_id = $_REQUEST['type_id'];
else else
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
// Schicht läuft schon, Eintragen für Engel nicht mehr möglich // Schicht läuft schon, Eintragen für Engel nicht mehr möglich
if(!in_array('user_shifts_admin', $privileges) && time() > $shift['start']) { if(!in_array('user_shifts_admin', $privileges) && time() > $shift['start']) {
error("Diese Schicht läuft gerade oder ist bereits vorbei. Bitte kontaktiere den Schichtkoordinator um Dich eintragen zu lassen."); error("Diese Schicht läuft gerade oder ist bereits vorbei. Bitte kontaktiere den Schichtkoordinator um Dich eintragen zu lassen.");
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
// Another shift the user is signed up for collides with this one // Another shift the user is signed up for collides with this one
if(!in_array('user_shifts_admin', $privileges) && sql_num_query("SELECT `Shifts`.`SID` FROM `Shifts` INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = " . sql_escape($user['UID']) . ") WHERE `start` < '" . sql_escape($shift['end']) . "' AND `end` > '" . sql_escape($shift['start']) . "'") > 0) { if(!in_array('user_shifts_admin', $privileges) && sql_num_query("SELECT `Shifts`.`SID` FROM `Shifts` INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = " . sql_escape($user['UID']) . ") WHERE `start` < '" . sql_escape($shift['end']) . "' AND `end` > '" . sql_escape($shift['start']) . "'") > 0) {
error("Du bist bereits in einer parallelen Schicht eingetragen. Bitte kontaktiere den Schichtkoordinator, um dich eintragen zu lassen."); error("Du bist bereits in einer parallelen Schicht eingetragen. Bitte kontaktiere den Schichtkoordinator, um dich eintragen zu lassen.");
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
} }
if (in_array('user_shifts_admin', $privileges)) if (in_array('user_shifts_admin', $privileges))
@ -216,7 +216,7 @@ function user_shifts() {
$type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1"); $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
if (count($type) == 0) if (count($type) == 0)
header("Location: " . page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
$type = $type[0]; $type = $type[0];
if (isset ($_REQUEST['submit'])) { if (isset ($_REQUEST['submit'])) {