#44 angeltypes recreated
This commit is contained in:
parent
def9532d6b
commit
ce7f071c38
|
@ -15,7 +15,7 @@ function admin_active() {
|
|||
$count = strip_request_item('count');
|
||||
else {
|
||||
$ok = false;
|
||||
$msg .= error("Please enter a number of angels to be marked as active.");
|
||||
$msg .= error("Please enter a number of angels to be marked as active.", true);
|
||||
}
|
||||
|
||||
if ($ok)
|
||||
|
@ -27,7 +27,7 @@ function admin_active() {
|
|||
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
|
||||
|
||||
$limit = "";
|
||||
$msg = success("Marked angels.");
|
||||
$msg = success("Marked angels.", true);
|
||||
} else {
|
||||
$set_active = '<a href="' . page_link_to('admin_active') . '&serach=' . $search . '">« back</a> | <a href="' . page_link_to('admin_active') . '&search=' . $search . '&count=' . $count . '&set_active&ack">apply</a>';
|
||||
}
|
||||
|
@ -36,22 +36,22 @@ function admin_active() {
|
|||
if (isset ($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) {
|
||||
$id = $_REQUEST['active'];
|
||||
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg = success("Angel has been marked as active.");
|
||||
$msg = success("Angel has been marked as active.", true);
|
||||
}
|
||||
elseif (isset ($_REQUEST['not_active']) && preg_match("/^[0-9]+$/", $_REQUEST['not_active'])) {
|
||||
$id = $_REQUEST['not_active'];
|
||||
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg = success("Angel has been marked as not active.");
|
||||
$msg = success("Angel has been marked as not active.", true);
|
||||
}
|
||||
elseif (isset ($_REQUEST['tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['tshirt'])) {
|
||||
$id = $_REQUEST['tshirt'];
|
||||
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg = success("Angel has got a t-shirt.");
|
||||
$msg = success("Angel has got a t-shirt.", true);
|
||||
}
|
||||
elseif (isset ($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+$/", $_REQUEST['not_tshirt'])) {
|
||||
$id = $_REQUEST['not_tshirt'];
|
||||
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg = success("Angel has got no t-shirt.");
|
||||
$msg = success("Angel has got no t-shirt.", true);
|
||||
}
|
||||
|
||||
$users = sql_select("SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, SUM(`end`-`start`) as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` ORDER BY `shift_length` DESC" . $limit);
|
||||
|
|
|
@ -8,12 +8,12 @@ function admin_arrive() {
|
|||
if (isset ($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) {
|
||||
$id = $_REQUEST['reset'];
|
||||
sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg = success("Reset done. Angel has not arrived.");
|
||||
$msg = success("Reset done. Angel has not arrived.", true);
|
||||
}
|
||||
elseif (isset ($_REQUEST['arrived']) && preg_match("/^[0-9]*$/", $_REQUEST['arrived'])) {
|
||||
$id = $_REQUEST['arrived'];
|
||||
sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg = success("Angel has been marked as arrived.");
|
||||
$msg = success("Angel has been marked as arrived.", true);
|
||||
}
|
||||
|
||||
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
|
||||
|
|
|
@ -4,14 +4,7 @@ function admin_faq() {
|
|||
$faqs_html = "";
|
||||
$faqs = sql_select("SELECT * FROM `FAQ`");
|
||||
foreach ($faqs as $faq) {
|
||||
$faqs_html .= sprintf(
|
||||
'<tr><td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||
. '<td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||
. '<td><a href="%s&action=edit&id=%s">Edit</a></td></tr>',
|
||||
$faq['Frage_de'], $faq['Antwort_de'],
|
||||
$faq['Frage_en'], $faq['Antwort_en'],
|
||||
page_link_to('admin_faq'), $faq['FID']
|
||||
);
|
||||
$faqs_html .= sprintf('<tr><td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>' . '<td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>' . '<td><a href="%s&action=edit&id=%s">Edit</a></td></tr>', $faq['Frage_de'], $faq['Antwort_de'], $faq['Frage_en'], $faq['Antwort_en'], page_link_to('admin_faq'), $faq['FID']);
|
||||
}
|
||||
return template_render('../templates/admin_faq.html', array (
|
||||
'link' => page_link_to("admin_faq"),
|
||||
|
@ -25,12 +18,7 @@ function admin_faq() {
|
|||
$question = strip_request_item_nl('question');
|
||||
$answer = strip_request_item_nl('answer');
|
||||
|
||||
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||
. "', `Frage_en`='" . sql_escape($question)
|
||||
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||
. "', `Antwort_en`='" . sql_escape($answer)
|
||||
. "'"
|
||||
);
|
||||
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'");
|
||||
|
||||
header("Location: " . page_link_to("admin_faq"));
|
||||
break;
|
||||
|
@ -39,7 +27,7 @@ function admin_faq() {
|
|||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing FAQ ID.");
|
||||
return error("Incomplete call, missing FAQ ID.", true);
|
||||
|
||||
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($faq) > 0) {
|
||||
|
@ -50,23 +38,18 @@ function admin_faq() {
|
|||
$question = strip_request_item_nl('question');
|
||||
$answer = strip_request_item_nl('answer');
|
||||
|
||||
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||
. "', `Frage_en`='" . sql_escape($question)
|
||||
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||
. "', `Antwort_en`='" . sql_escape($answer)
|
||||
. "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"
|
||||
);
|
||||
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
|
||||
header("Location: " . page_link_to("admin_faq"));
|
||||
} else
|
||||
return error("No FAQ found.");
|
||||
return error("No FAQ found.", true);
|
||||
break;
|
||||
|
||||
case 'edit' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing FAQ ID.");
|
||||
return error("Incomplete call, missing FAQ ID.", true);
|
||||
|
||||
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($faq) > 0) {
|
||||
|
@ -81,14 +64,14 @@ function admin_faq() {
|
|||
'answer' => $faq['Antwort_en']
|
||||
));
|
||||
} else
|
||||
return error("No FAQ found.");
|
||||
return error("No FAQ found.", true);
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing FAQ ID.");
|
||||
return error("Incomplete call, missing FAQ ID.", true);
|
||||
|
||||
$faq = sql_select("SELECT * FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($faq) > 0) {
|
||||
|
@ -97,7 +80,7 @@ function admin_faq() {
|
|||
sql_query("DELETE FROM `FAQ` WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_faq"));
|
||||
} else
|
||||
return error("No FAQ found.");
|
||||
return error("No FAQ found.", true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -36,7 +36,7 @@ function admin_groups() {
|
|||
if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Groups ID.");
|
||||
return error("Incomplete call, missing Groups ID.", true);
|
||||
|
||||
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($room) > 0) {
|
||||
|
@ -62,14 +62,14 @@ function admin_groups() {
|
|||
'privileges' => $privileges_html
|
||||
));
|
||||
} else
|
||||
return error("No Group found.");
|
||||
return error("No Group found.", true);
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Groups ID.");
|
||||
return error("Incomplete call, missing Groups ID.", true);
|
||||
|
||||
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (!is_array($_REQUEST['privileges']))
|
||||
|
@ -82,7 +82,7 @@ function admin_groups() {
|
|||
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
|
||||
header("Location: " . page_link_to("admin_groups"));
|
||||
} else
|
||||
return error("No Group found.");
|
||||
return error("No Group found.", true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -26,7 +26,7 @@ function admin_import() {
|
|||
fclose($test_handle);
|
||||
unlink('../import/tmp');
|
||||
} else {
|
||||
$msg = error("Webserver has no write-permission on import directory.");
|
||||
$msg = error("Webserver has no write-permission on import directory.", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['submit'])) {
|
||||
|
@ -36,7 +36,7 @@ function admin_import() {
|
|||
|
||||
if (!$fp) {
|
||||
$ok = false;
|
||||
$msg = error("File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_REQUEST["url"] . "' not readable!" . "[$errstr ($errno)]");
|
||||
$msg = error("File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_REQUEST["url"] . "' not readable!" . "[$errstr ($errno)]", true);
|
||||
} else {
|
||||
$fileOut = fopen($import_file, "w");
|
||||
$head = 'GET /' . $PentabarfXMLpath . $_REQUEST["url"] . ' HTTP/1.1' . "\r\n" .
|
||||
|
@ -75,7 +75,7 @@ function admin_import() {
|
|||
}
|
||||
fclose($fileOut);
|
||||
fclose($fp);
|
||||
$msg .= success("Es wurden $Zeilen Zeilen eingelesen.");
|
||||
$msg .= success("Es wurden $Zeilen Zeilen eingelesen.", true);
|
||||
}
|
||||
}
|
||||
elseif (isset ($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
|
||||
|
@ -83,16 +83,16 @@ function admin_import() {
|
|||
libxml_use_internal_errors(true);
|
||||
if (simplexml_load_file($import_file) === false) {
|
||||
$ok = false;
|
||||
$msg = error("No valid xml/xcal file provided.");
|
||||
$msg = error("No valid xml/xcal file provided.", true);
|
||||
unlink($import_file);
|
||||
}
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg = error("File upload went wrong.");
|
||||
$msg = error("File upload went wrong.", true);
|
||||
}
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg = error("Please provide some data.");
|
||||
$msg = error("Please provide some data.", true);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ function admin_language() {
|
|||
|
||||
$html .= $sql_save . "<br />";
|
||||
$Erg = sql_query($sql_save);
|
||||
$html .= success("$k Save: OK<br />\n");
|
||||
$html .= success("$k Save: OK<br />\n", true);
|
||||
} else
|
||||
if (mysql_result($erg_test, 0, "Text") != $v) {
|
||||
$sql_save = "UPDATE `Sprache` SET `Text`='"
|
||||
|
@ -97,7 +97,7 @@ function admin_language() {
|
|||
|
||||
$html .= $sql_save . "<br />";
|
||||
$Erg = sql_query($sql_save);
|
||||
$html .= success(" $k Update: OK<br />\n");
|
||||
$html .= success(" $k Update: OK<br />\n", true);
|
||||
} else
|
||||
$html .= "\t $k no changes<br />\n";
|
||||
}
|
||||
|
|
|
@ -11,7 +11,7 @@ function admin_news() {
|
|||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing News ID.");
|
||||
return error("Incomplete call, missing News ID.", true);
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($news) > 0) {
|
||||
|
@ -45,14 +45,14 @@ function admin_news() {
|
|||
$html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
|
||||
$html .= "</form>";
|
||||
} else
|
||||
return error("No News found.");
|
||||
return error("No News found.", true);
|
||||
break;
|
||||
|
||||
case 'save' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing News ID.");
|
||||
return error("Incomplete call, missing News ID.", true);
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($news) > 0) {
|
||||
|
@ -62,14 +62,14 @@ function admin_news() {
|
|||
"', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
|
||||
header("Location: " . page_link_to("news"));
|
||||
} else
|
||||
return error("No News found.");
|
||||
return error("No News found.", true);
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing News ID.");
|
||||
return error("Incomplete call, missing News ID.", true);
|
||||
|
||||
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($news) > 0) {
|
||||
|
@ -78,7 +78,7 @@ function admin_news() {
|
|||
sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("news"));
|
||||
} else
|
||||
return error("No News found.");
|
||||
return error("No News found.", true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -52,7 +52,7 @@ function admin_questions() {
|
|||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Question ID.");
|
||||
return error("Incomplete call, missing Question ID.", true);
|
||||
|
||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($question) > 0 && $question[0]['AID'] == "0") {
|
||||
|
@ -62,22 +62,22 @@ function admin_questions() {
|
|||
sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_questions"));
|
||||
} else
|
||||
return error("Gib eine Antwort ein!");
|
||||
return error("Gib eine Antwort ein!", true);
|
||||
} else
|
||||
return error("No question found.");
|
||||
return error("No question found.", true);
|
||||
break;
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Question ID.");
|
||||
return error("Incomplete call, missing Question ID.", true);
|
||||
|
||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($question) > 0) {
|
||||
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_questions"));
|
||||
} else
|
||||
return error("No question found.");
|
||||
return error("No question found.", true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -58,7 +58,7 @@ function admin_rooms() {
|
|||
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||
$rid = $_REQUEST['RID'];
|
||||
else
|
||||
return error("Incomplete call, missing Room ID.");
|
||||
return error("Incomplete call, missing Room ID.", true);
|
||||
|
||||
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
if (count($room) > 0) {
|
||||
|
@ -89,14 +89,14 @@ function admin_rooms() {
|
|||
'angel_types' => $angel_types
|
||||
));
|
||||
} else
|
||||
return error("No Room found.");
|
||||
return error("No Room found.", true);
|
||||
break;
|
||||
|
||||
case 'changesave' :
|
||||
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||
$rid = $_REQUEST['RID'];
|
||||
else
|
||||
return error("Incomplete call, missing Room ID.");
|
||||
return error("Incomplete call, missing Room ID.", true);
|
||||
|
||||
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
if (count($room) > 0) {
|
||||
|
@ -119,21 +119,21 @@ function admin_rooms() {
|
|||
}
|
||||
header("Location: " . page_link_to("admin_rooms"));
|
||||
} else
|
||||
return error("No Room found.");
|
||||
return error("No Room found.", true);
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['RID']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['RID']))
|
||||
$rid = $_REQUEST['RID'];
|
||||
else
|
||||
return error("Incomplete call, missing Room ID.");
|
||||
return error("Incomplete call, missing Room ID.", true);
|
||||
|
||||
if (sql_num_query("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1") > 0) {
|
||||
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($rid) . " LIMIT 1");
|
||||
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("admin_rooms"));
|
||||
} else
|
||||
return error("No Room found.");
|
||||
return error("No Room found.", true);
|
||||
break;
|
||||
|
||||
}
|
||||
|
|
|
@ -36,26 +36,26 @@ function admin_shifts() {
|
|||
else {
|
||||
$ok = false;
|
||||
$rid = $rooms[0]['RID'];
|
||||
$msg .= error("Wähle bitte einen Raum aus.");
|
||||
$msg .= error("Wähle bitte einen Raum aus.", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['start']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
|
||||
$start = $tmp->getTimestamp();
|
||||
else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.");
|
||||
$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['end']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))
|
||||
$end = $tmp->getTimestamp();
|
||||
else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.");
|
||||
$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.", true);
|
||||
}
|
||||
|
||||
if ($start >= $end) {
|
||||
$ok = false;
|
||||
$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!");
|
||||
$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['mode'])) {
|
||||
|
@ -68,7 +68,7 @@ function admin_shifts() {
|
|||
$length = trim($_REQUEST['length']);
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte gib eine Schichtlänge in Minuten an.");
|
||||
$msg .= error("Bitte gib eine Schichtlänge in Minuten an.", true);
|
||||
}
|
||||
}
|
||||
elseif ($_REQUEST['mode'] == 'variable') {
|
||||
|
@ -77,12 +77,12 @@ function admin_shifts() {
|
|||
$change_hours = explode(",", $_REQUEST['change_hours']);
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte gib die Schichtwechsel-Stunden kommagetrennt ein.");
|
||||
$msg .= error("Bitte gib die Schichtwechsel-Stunden kommagetrennt ein.", true);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte wähle einen Modus.");
|
||||
$msg .= error("Bitte wähle einen Modus.", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['angelmode'])) {
|
||||
|
@ -96,20 +96,20 @@ function admin_shifts() {
|
|||
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['name'] . ".");
|
||||
$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['name'] . ".", true);
|
||||
}
|
||||
}
|
||||
if (array_sum($needed_angel_types) == 0) {
|
||||
$ok = false;
|
||||
$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.");
|
||||
$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.", true);
|
||||
}
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte Wähle einen Modus für die benötigten Engel.");
|
||||
$msg .= error("Bitte Wähle einen Modus für die benötigten Engel.", true);
|
||||
}
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte wähle benötigte Engel.");
|
||||
$msg .= error("Bitte wähle benötigte Engel.", true);
|
||||
}
|
||||
|
||||
// Beim Zurück-Knopf das Formular zeigen
|
||||
|
@ -238,7 +238,7 @@ function admin_shifts() {
|
|||
}
|
||||
}
|
||||
|
||||
$msg = success("Schichten angelegt.");
|
||||
$msg = success("Schichten angelegt.", true);
|
||||
} else {
|
||||
unset ($_SESSION['admin_shifts_shifts']);
|
||||
unset ($_SESSION['admin_shifts_types']);
|
||||
|
|
|
@ -165,12 +165,12 @@ function admin_user() {
|
|||
if (in_array($group, $grouplist))
|
||||
sql_query("INSERT INTO `UserGroups` SET `uid`=" .
|
||||
sql_escape($id) . ", `group_id`=" . sql_escape($group));
|
||||
$html .= success("Benutzergruppen gespeichert.");
|
||||
$html .= success("Benutzergruppen gespeichert.", true);
|
||||
} else {
|
||||
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.");
|
||||
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
|
||||
}
|
||||
} else {
|
||||
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.");
|
||||
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
|
||||
}
|
||||
break;
|
||||
|
||||
|
@ -179,9 +179,9 @@ function admin_user() {
|
|||
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
|
||||
sql_query("UPDATE `ShiftEntry` SET `UID`=0, `Comment`=NULL WHERE `UID`=" . sql_escape($id));
|
||||
$html .= success("Benutzer gelöscht!");
|
||||
$html .= success("Benutzer gelöscht!", true);
|
||||
} else {
|
||||
$html .= error("Du kannst Dich nicht selber löschen!");
|
||||
$html .= error("Du kannst Dich nicht selber löschen!", true);
|
||||
}
|
||||
break;
|
||||
|
||||
|
@ -204,15 +204,15 @@ function admin_user() {
|
|||
"WHERE `UID` = '" . sql_escape($id) .
|
||||
"' LIMIT 1;";
|
||||
sql_query($SQL);
|
||||
$html .= success("Änderung wurde gespeichert...\n");
|
||||
$html .= success("Änderung wurde gespeichert...\n", true);
|
||||
break;
|
||||
|
||||
case 'change_pw' :
|
||||
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
|
||||
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$html .= success("Passwort neu gesetzt.");
|
||||
$html .= success("Passwort neu gesetzt.", true);
|
||||
} else {
|
||||
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!");
|
||||
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
|
||||
// Engel registrieren
|
||||
function guest_register() {
|
||||
/*
|
||||
$nick = "";
|
||||
$lastname = "";
|
||||
$prename = "";
|
||||
|
@ -27,7 +28,7 @@ function guest_register() {
|
|||
form_submit('submit', Get_Text("makeuser_Anmelden"))
|
||||
))
|
||||
));
|
||||
|
||||
*/
|
||||
global $SubscribeMailinglist, $enable_tshirt_size;
|
||||
|
||||
$html = "";
|
||||
|
@ -96,7 +97,7 @@ function guest_register() {
|
|||
}
|
||||
|
||||
if (isset ($error))
|
||||
$html .= error($error);
|
||||
$html .= error($error, true);
|
||||
} else {
|
||||
// init vars
|
||||
$_POST["Nick"] = "";
|
||||
|
@ -252,7 +253,7 @@ function guest_login() {
|
|||
} // Ende Check, ob User angemeldet wurde}
|
||||
}
|
||||
if (isset ($ErrorText))
|
||||
$html .= error(Get_Text($ErrorText));
|
||||
$html .= error(Get_Text($ErrorText), true);
|
||||
$html .= guest_login_form();
|
||||
return $html;
|
||||
}
|
||||
|
|
|
@ -64,28 +64,28 @@ function user_messages() {
|
|||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Message ID.");
|
||||
return error("Incomplete call, missing Message ID.", true);
|
||||
|
||||
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
|
||||
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_messages"));
|
||||
} else
|
||||
return error("No Message found.");
|
||||
return error("No Message found.", true);
|
||||
break;
|
||||
|
||||
case "delete" :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Message ID.");
|
||||
return error("Incomplete call, missing Message ID.", true);
|
||||
|
||||
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
|
||||
sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_messages"));
|
||||
} else
|
||||
return error("No Message found.");
|
||||
return error("No Message found.", true);
|
||||
break;
|
||||
|
||||
case "send" :
|
||||
|
@ -95,12 +95,12 @@ function user_messages() {
|
|||
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
|
||||
header("Location: " . page_link_to("user_messages"));
|
||||
} else {
|
||||
return error(Get_Text("pub_messages_Send_Error"));
|
||||
return error(Get_Text("pub_messages_Send_Error"), true);
|
||||
}
|
||||
break;
|
||||
|
||||
default :
|
||||
return error("Wrong action.");
|
||||
return error("Wrong action.", true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,12 +16,12 @@ function user_myshifts() {
|
|||
list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
|
||||
|
||||
if ($id != $user['UID'])
|
||||
$msg .= error("Du betrachtest die Schichten von " . $shifts_user['Nick'] . ".");
|
||||
$msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true);
|
||||
|
||||
if (isset ($_REQUEST['reset'])) {
|
||||
if ($_REQUEST['reset'] == "ack") {
|
||||
user_reset_ical_key();
|
||||
return success("Key geändert.");
|
||||
return success("Key geändert.", true);
|
||||
}
|
||||
return template_render('../templates/user_myshifts_reset.html', array ());
|
||||
}
|
||||
|
@ -55,9 +55,9 @@ function user_myshifts() {
|
|||
$shift = $shift[0];
|
||||
if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 60) || in_array('user_shifts_admin', $privileges)) {
|
||||
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||
$msg .= success("Du wurdest aus der Schicht ausgetragen.");
|
||||
$msg .= success("Du wurdest aus der Schicht ausgetragen.", true);
|
||||
} else
|
||||
$msg .= error("Es ist zu spät um sich aus der Schicht auszutragen. Frage ggf. einen Orga.'");
|
||||
$msg .= error("Es ist zu spät um sich aus der Schicht auszutragen. Frage ggf. einen Orga.", true);
|
||||
} else
|
||||
header("Location: " . page_link_to('user_myshifts'));
|
||||
}
|
||||
|
|
|
@ -58,7 +58,7 @@ function user_news_comments() {
|
|||
if (isset ($_REQUEST["text"])) {
|
||||
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
||||
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
|
||||
$html .= success("Eintrag wurde gespeichert");
|
||||
$html .= success("Eintrag wurde gespeichert", true);
|
||||
}
|
||||
|
||||
$html .= '<a href="' . page_link_to("news") . '">« Back</a>';
|
||||
|
@ -114,7 +114,7 @@ function user_news() {
|
|||
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
|
||||
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
|
||||
"', '" . sql_escape($_POST["treffen"]) . "');");
|
||||
$html .= success(Get_Text(4));
|
||||
$html .= success(Get_Text(4), true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
|
||||
|
|
|
@ -29,20 +29,20 @@ function user_questions() {
|
|||
sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'");
|
||||
header("Location: " . page_link_to("user_questions"));
|
||||
} else
|
||||
return error("Gib eine Frage ein!");
|
||||
return error("Gib eine Frage ein!", true);
|
||||
break;
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing Question ID.");
|
||||
return error("Incomplete call, missing Question ID.", true);
|
||||
|
||||
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
|
||||
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_questions"));
|
||||
} else
|
||||
return error("No question found.");
|
||||
return error("No question found.", true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -101,10 +101,10 @@ function user_settings() {
|
|||
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
|
||||
header("Location: " . page_link_to("user_settings"));
|
||||
} else {
|
||||
$html .= error(Get_Text(30));
|
||||
$html .= error(Get_Text(30), true);
|
||||
}
|
||||
} else {
|
||||
$html .= error(Get_Text(31));
|
||||
$html .= error(Get_Text(31), true);
|
||||
}
|
||||
return $html;
|
||||
break;
|
||||
|
|
|
@ -9,7 +9,7 @@ function user_shifts() {
|
|||
header("Location: " . page_link_to('user_shifts'));
|
||||
|
||||
sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($entry_id) . " LIMIT 1");
|
||||
return success("Der Schicht-Eintrag wurde gelöscht..");
|
||||
return success("Der Schicht-Eintrag wurde gelöscht..", true);
|
||||
}
|
||||
// Schicht bearbeiten
|
||||
elseif (isset ($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) {
|
||||
|
@ -22,7 +22,7 @@ function user_shifts() {
|
|||
header("Location: " . page_link_to('user_shifts'));
|
||||
|
||||
if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1") > 0)
|
||||
return error("Du kannst nur Schichten bearbeiten, bei denen niemand eingetragen ist.");
|
||||
return error("Du kannst nur Schichten bearbeiten, bei denen niemand eingetragen ist.", true);
|
||||
|
||||
$shift = sql_select("SELECT * FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
|
||||
if (count($shift) == 0)
|
||||
|
@ -56,26 +56,26 @@ function user_shifts() {
|
|||
else {
|
||||
$ok = false;
|
||||
$rid = $rooms[0]['RID'];
|
||||
$msg .= error("Wähle bitte einen Raum aus.");
|
||||
$msg .= error("Wähle bitte einen Raum aus.", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['start']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))
|
||||
$start = $tmp->getTimestamp();
|
||||
else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.");
|
||||
$msg .= error("Bitte gib einen Startzeitpunkt für die Schichten an.", true);
|
||||
}
|
||||
|
||||
if (isset ($_REQUEST['end']) && $tmp = DateTime :: createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))
|
||||
$end = $tmp->getTimestamp();
|
||||
else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.");
|
||||
$msg .= error("Bitte gib einen Endzeitpunkt für die Schichten an.", true);
|
||||
}
|
||||
|
||||
if ($start >= $end) {
|
||||
$ok = false;
|
||||
$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!");
|
||||
$msg .= error("Das Ende muss nach dem Startzeitpunkt liegen!", true);
|
||||
}
|
||||
|
||||
foreach ($types as $type) {
|
||||
|
@ -83,12 +83,12 @@ function user_shifts() {
|
|||
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
|
||||
} else {
|
||||
$ok = false;
|
||||
$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['name'] . ".");
|
||||
$msg .= error("Bitte überprüfe die Eingaben für die benötigten Engel des Typs " . $type['name'] . ".", true);
|
||||
}
|
||||
}
|
||||
if (array_sum($needed_angel_types) == 0) {
|
||||
$ok = false;
|
||||
$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.");
|
||||
$msg .= error("Es werden 0 Engel benötigt. Bitte wähle benötigte Engel.", true);
|
||||
}
|
||||
|
||||
if ($ok) {
|
||||
|
@ -96,7 +96,7 @@ function user_shifts() {
|
|||
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
|
||||
foreach ($needed_angel_types as $type_id => $count)
|
||||
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
|
||||
return success("Schicht gespeichert.");
|
||||
return success("Schicht gespeichert.", true);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -136,7 +136,7 @@ function user_shifts() {
|
|||
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
|
||||
sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id) . " LIMIT 1");
|
||||
|
||||
return success("Die Schicht wurde gelöscht.");
|
||||
return success("Die Schicht wurde gelöscht.", true);
|
||||
}
|
||||
|
||||
return template_render('../templates/user_shifts_admin_delete.html', array (
|
||||
|
@ -184,11 +184,11 @@ function user_shifts() {
|
|||
$entries = sql_select("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']));
|
||||
foreach ($entries as $entry)
|
||||
if ($entry['UID'] == $user_id)
|
||||
return error("This angel does already have an entry for this shift.");
|
||||
return error("This angel does already have an entry for this shift.", true);
|
||||
|
||||
$comment = strip_request_item_nl('comment');
|
||||
sql_query("INSERT INTO `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "', `UID`=" . sql_escape($user_id) . ", `TID`=" . sql_escape($type_id) . ", `SID`=" . sql_escape($shift_id));
|
||||
return success("Du bist eingetragen. Danke!") . '<a href="' . page_link_to('user_myshifts') . '">Meine Schichten »</a>';
|
||||
return success("Du bist eingetragen. Danke!", true) . '<a href="' . page_link_to('user_myshifts') . '">Meine Schichten »</a>';
|
||||
}
|
||||
|
||||
if (in_array('user_shifts_admin', $privileges)) {
|
||||
|
|
|
@ -17,23 +17,23 @@ function user_wakeup() {
|
|||
. sql_escape($date) . "', '" . sql_escape($ort) . "', " . "'"
|
||||
. sql_escape($bemerkung) . "')";
|
||||
sql_query($SQL);
|
||||
$html .= success(Get_Text(4));
|
||||
$html .= success(Get_Text(4), true);
|
||||
} else
|
||||
$html .= error("Broken date!");
|
||||
$html .= error("Broken date!", true);
|
||||
break;
|
||||
|
||||
case 'delete' :
|
||||
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||
$id = $_REQUEST['id'];
|
||||
else
|
||||
return error("Incomplete call, missing wake-up ID.");
|
||||
return error("Incomplete call, missing wake-up ID.", true);
|
||||
|
||||
$wakeup = sql_select("SELECT * FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
if (count($wakeup) > 0 && $wakeup[0]['UID'] == $user['UID']) {
|
||||
sql_query("DELETE FROM `Wecken` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
|
||||
$html .= success("Wake-up call deleted.");
|
||||
$html .= success("Wake-up call deleted.", true);
|
||||
} else
|
||||
return error("No wake-up found.");
|
||||
return error("No wake-up found.", true);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue