diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index 88d78254..9d5b25d6 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -7,9 +7,32 @@ function user_myshifts() { global $user, $privileges; $msg = ""; - if (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { + if (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { + $id = $_REQUEST['edit']; + $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`Name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`TID`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); + if (count($shift) > 0) { + $shift = $shift[0]; + + if (isset ($_REQUEST['submit'])) { + $comment = strip_request_item_nl('comment'); + sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + header("Location: " . page_link_to('user_myshifts')); + } + + return template_render('../templates/user_shifts_add.html', array ( + 'angel' => $user['Nick'], + 'date' => date("Y-m-d H:i", $shift['start']) . ', ' . date("H", $shift['end'] - $shift['start']) . ' h', + 'location' => $shift['Name'], + 'title' => $shift['name'], + 'type' => $shift['angel_type'], + 'comment' => $shift['Comment'] + )); + } else + header("Location: " . page_link_to('user_myshifts')); + } + elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { $id = $_REQUEST['cancel']; - $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1"); if (count($shift) > 0) { $shift = $shift[0]; if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 60) || in_array('user_shifts_admin', $privileges)) { @@ -20,7 +43,7 @@ function user_myshifts() { } else header("Location: " . page_link_to('user_myshifts')); } - $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($user['UID'])." ORDER BY `start`"); + $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($user['UID']) . " ORDER BY `start`"); $html = ""; foreach ($shifts as $shift) { if (time() > $shift['end']) @@ -32,10 +55,11 @@ function user_myshifts() { $html .= '' . $shift['Name'] . ''; $html .= '' . $shift['name'] . ''; $html .= '' . $shift['Comment'] . ''; + $html .= ''; + $html .= 'edit'; if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 60) - $html .= 'Cancel'; - else - $html .= ''; + $html .= ' | cancel'; + $html .= ''; $html .= ''; } if ($html == "") diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 64fcbac5..f4542703 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -69,7 +69,8 @@ function user_shifts() { 'title' => $shift['name'], 'location' => $shift['Name'], 'angel' => $user_text, - 'type' => $type['Name'] + 'type' => $type['Name'], + 'comment' => "" )); } else { $shifts = sql_select("SELECT * FROM `Shifts` ORDER BY `start`"); diff --git a/templates/user_shifts_add.html b/templates/user_shifts_add.html index a8218120..52245790 100644 --- a/templates/user_shifts_add.html +++ b/templates/user_shifts_add.html @@ -36,7 +36,7 @@
(For your eyes only) - +

diff --git a/www-ssl_old/nonpublic/schichtplan_add.php b/www-ssl_old/nonpublic/schichtplan_add.php deleted file mode 100644 index 1bbcdc4b..00000000 --- a/www-ssl_old/nonpublic/schichtplan_add.php +++ /dev/null @@ -1,114 +0,0 @@ -= '$beginSchicht') and " . - " (`Shifts`.`DateS` < '$endSchicht'))" . - " OR " . - " ((`Shifts`.`DateE` > '$beginSchicht') and " . - " (`Shifts`.`DateE` <= '$endSchicht')) " . - ") and " . - "(`ShiftEntry`.`UID` = '" . $_SESSION['UID'] . "'));"; - $bErg = mysql_query($SSQL, $con); - - if (mysql_num_rows($bErg) != 0) - echo Get_Text("pub_schichtplan_add_AllreadyinShift"); - else { - // ermitteln der noch gesuchten - $SQL3 = "SELECT * FROM `ShiftEntry`" . - " WHERE ((`SID` = '" . $_POST["SID"] . "') AND (`TID` = '" . $_POST["TID"] . "') AND (`UID` = '0'));"; - $Erg3 = mysql_query($SQL3, $con); - - if (mysql_num_rows($Erg3) <= 0) - echo Get_Text("pub_schichtplan_add_ToManyYousers"); - else { - //write shift - $SQL = "UPDATE `ShiftEntry` SET " . - "`UID` = '" . $_SESSION['UID'] . "', " . - "`Comment` = '" . $_POST["newtext"] . "' " . - "WHERE ( (`SID` = '" . $_POST["SID"] . "') and " . - "(`TID` = '" . $_POST["TID"] . "') and " . - "(`UID` = '0')) LIMIT 1;"; - $Erg = mysql_query($SQL, $con); - - if ($Erg != 1) - echo Get_Text("pub_schichtplan_add_Error"); - else - echo Get_Text("pub_schichtplan_add_WriteOK"); - } - } - } else { - echo "

:-(

"; - array_push($error_messages, "Hack atteck\n"); - } -} -elseif (isset ($_GET["SID"]) && isset ($_GET["TID"])) { - //wenn keine Rechte definiert sind - if (!isset ($_SESSION['CVS'][$TID2Name[$_GET["TID"]]])) - $_SESSION['CVS'][$TID2Name[$_GET["TID"]]] = "Y"; - - if ($_SESSION['CVS'][$TID2Name[$_GET["TID"]]] == "Y") { - echo Get_Text("pub_schichtplan_add_Text1") . "

\n\n" . - "
\n" . - "\n"; - - $SQL = "SELECT * FROM `Shifts` WHERE "; - $SQL .= "(`SID` = '" . $_GET["SID"] . "')"; - $Erg = mysql_query($SQL, $con); - - echo "\n"; - - echo "\n"; - - echo "\n"; - - echo "\n"; - - echo "\n"; - - echo "\n \n"; - - echo "\n" . - "\n" . - "
" . Get_Text("pub_schichtplan_add_Date") . ": " . - mysql_result($Erg, 0, "DateS") . "
" . Get_Text("pub_schichtplan_add_Place") . ": " . - $RoomID[mysql_result($Erg, 0, "RID")] . "
" . Get_Text("pub_schichtplan_add_Job") . ": " . - $EngelTypeID[$_GET["TID"]] . "
" . Get_Text("pub_schichtplan_add_Len") . ": " . - mysql_result($Erg, 0, "Len") . "h
" . Get_Text("pub_schichtplan_add_TextFor") . ": " . - mysql_result($Erg, 0, "Man") . "
" . Get_Text("pub_schichtplan_add_Comment") . ":" . - "
 
\n" . - "\n" . - "\n" . - "
"; - } else { - echo "

:-(

"; - array_push($error_messages, "Hack atteck\n"); - } -} - -include "includes/footer.php"; -?>