#6 edit my shift comment

This commit is contained in:
Philip Häusler 2011-07-19 19:56:15 +02:00
parent 3add966f23
commit e8c035e166
4 changed files with 33 additions and 122 deletions

View File

@ -7,9 +7,32 @@ function user_myshifts() {
global $user, $privileges; global $user, $privileges;
$msg = ""; $msg = "";
if (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { if (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit'];
$shift = sql_select("SELECT `ShiftEntry`.`Comment`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`Name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`TID`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
if (count($shift) > 0) {
$shift = $shift[0];
if (isset ($_REQUEST['submit'])) {
$comment = strip_request_item_nl('comment');
sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to('user_myshifts'));
}
return template_render('../templates/user_shifts_add.html', array (
'angel' => $user['Nick'],
'date' => date("Y-m-d H:i", $shift['start']) . ', ' . date("H", $shift['end'] - $shift['start']) . ' h',
'location' => $shift['Name'],
'title' => $shift['name'],
'type' => $shift['angel_type'],
'comment' => $shift['Comment']
));
} else
header("Location: " . page_link_to('user_myshifts'));
}
elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) {
$id = $_REQUEST['cancel']; $id = $_REQUEST['cancel'];
$shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
if (count($shift) > 0) { if (count($shift) > 0) {
$shift = $shift[0]; $shift = $shift[0];
if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 60) || in_array('user_shifts_admin', $privileges)) { if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 60) || in_array('user_shifts_admin', $privileges)) {
@ -32,10 +55,11 @@ function user_myshifts() {
$html .= '<td>' . $shift['Name'] . '</td>'; $html .= '<td>' . $shift['Name'] . '</td>';
$html .= '<td>' . $shift['name'] . '</td>'; $html .= '<td>' . $shift['name'] . '</td>';
$html .= '<td>' . $shift['Comment'] . '</td>'; $html .= '<td>' . $shift['Comment'] . '</td>';
$html .= '<td>';
$html .= '<a href="' . page_link_to('user_myshifts') . '&edit=' . $shift['id'] . '">edit</a>';
if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 60) if ($shift['start'] - time() > $LETZTES_AUSTRAGEN * 60)
$html .= '<td><a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">Cancel</a></td>'; $html .= ' | <a href="' . page_link_to('user_myshifts') . '&cancel=' . $shift['id'] . '">cancel</a>';
else $html .= '</td>';
$html .= '<td></td>';
$html .= '</tr>'; $html .= '</tr>';
} }
if ($html == "") if ($html == "")

View File

@ -69,7 +69,8 @@ function user_shifts() {
'title' => $shift['name'], 'title' => $shift['name'],
'location' => $shift['Name'], 'location' => $shift['Name'],
'angel' => $user_text, 'angel' => $user_text,
'type' => $type['Name'] 'type' => $type['Name'],
'comment' => ""
)); ));
} else { } else {
$shifts = sql_select("SELECT * FROM `Shifts` ORDER BY `start`"); $shifts = sql_select("SELECT * FROM `Shifts` ORDER BY `start`");

View File

@ -36,7 +36,7 @@
<br/> <br/>
(For your eyes only) (For your eyes only)
</label> </label>
<textarea name="comment"></textarea> <textarea name="comment">%comment%</textarea>
</p> </p>
<p> <p>
<input type="submit" name="submit" value="Send" /> <input type="submit" name="submit" value="Send" />

View File

@ -1,114 +0,0 @@
<?php
require_once ('../bootstrap.php');
$title = "Himmel";
$header = "Schichtpl&auml;ne";
include "includes/header.php";
include "includes/funktion_schichtplan.php";
include "includes/funktion_schichtplan_aray.php";
include "includes/funktionen.php";
if (isset ($_POST["newtext"]) && isset ($_POST["SID"]) && isset ($_POST["TID"])) {
SetHeaderGo2Back();
// datum der einzutragenden Schicht heraussuhen...
$ShiftSQL = "SELECT `DateS`, `DateE` FROM `Shifts` WHERE `SID`='" . $_POST["SID"] . ".'";
$ShiftErg = mysql_query($ShiftSQL, $con);
$beginSchicht = mysql_result($ShiftErg, 0, "DateS");
$endSchicht = mysql_result($ShiftErg, 0, "DateE");
// wenn keien rechte definiert sind
if (!isset ($_SESSION['CVS'][$TID2Name[$_POST["TID"]]]))
$_SESSION['CVS'][$TID2Name[$_POST["TID"]]] = "Y";
if ($_SESSION['CVS'][$TID2Name[$_POST["TID"]]] == "Y") {
// Ueberpruefung, ob der Engel bereits fuer eine Schicht zu dieser Zeit eingetragen ist
$SSQL = "SELECT * FROM `Shifts`" .
" INNER JOIN `ShiftEntry` ON `ShiftEntry`.`SID` = `Shifts`.`SID`" .
" WHERE ((" .
" ((`Shifts`.`DateS` >= '$beginSchicht') and " .
" (`Shifts`.`DateS` < '$endSchicht'))" .
" OR " .
" ((`Shifts`.`DateE` > '$beginSchicht') and " .
" (`Shifts`.`DateE` <= '$endSchicht')) " .
") and " .
"(`ShiftEntry`.`UID` = '" . $_SESSION['UID'] . "'));";
$bErg = mysql_query($SSQL, $con);
if (mysql_num_rows($bErg) != 0)
echo Get_Text("pub_schichtplan_add_AllreadyinShift");
else {
// ermitteln der noch gesuchten
$SQL3 = "SELECT * FROM `ShiftEntry`" .
" WHERE ((`SID` = '" . $_POST["SID"] . "') AND (`TID` = '" . $_POST["TID"] . "') AND (`UID` = '0'));";
$Erg3 = mysql_query($SQL3, $con);
if (mysql_num_rows($Erg3) <= 0)
echo Get_Text("pub_schichtplan_add_ToManyYousers");
else {
//write shift
$SQL = "UPDATE `ShiftEntry` SET " .
"`UID` = '" . $_SESSION['UID'] . "', " .
"`Comment` = '" . $_POST["newtext"] . "' " .
"WHERE ( (`SID` = '" . $_POST["SID"] . "') and " .
"(`TID` = '" . $_POST["TID"] . "') and " .
"(`UID` = '0')) LIMIT 1;";
$Erg = mysql_query($SQL, $con);
if ($Erg != 1)
echo Get_Text("pub_schichtplan_add_Error");
else
echo Get_Text("pub_schichtplan_add_WriteOK");
}
}
} else {
echo "<h1>:-(</h1>";
array_push($error_messages, "Hack atteck\n");
}
}
elseif (isset ($_GET["SID"]) && isset ($_GET["TID"])) {
//wenn keine Rechte definiert sind
if (!isset ($_SESSION['CVS'][$TID2Name[$_GET["TID"]]]))
$_SESSION['CVS'][$TID2Name[$_GET["TID"]]] = "Y";
if ($_SESSION['CVS'][$TID2Name[$_GET["TID"]]] == "Y") {
echo Get_Text("pub_schichtplan_add_Text1") . "<br /><br />\n\n" .
"<form action=\"./schichtplan_add.php\" method=\"post\">\n" .
"<table border=\"0\">\n";
$SQL = "SELECT * FROM `Shifts` WHERE ";
$SQL .= "(`SID` = '" . $_GET["SID"] . "')";
$Erg = mysql_query($SQL, $con);
echo "<tr><td>" . Get_Text("pub_schichtplan_add_Date") . ":</td> <td>" .
mysql_result($Erg, 0, "DateS") . "</td></tr>\n";
echo "<tr><td>" . Get_Text("pub_schichtplan_add_Place") . ":</td> <td>" .
$RoomID[mysql_result($Erg, 0, "RID")] . "</td></tr>\n";
echo "<tr><td>" . Get_Text("pub_schichtplan_add_Job") . ":</td> <td>" .
$EngelTypeID[$_GET["TID"]] . "</td></tr>\n";
echo "<tr><td>" . Get_Text("pub_schichtplan_add_Len") . ":</td> <td>" .
mysql_result($Erg, 0, "Len") . "h</td></tr>\n";
echo "<tr><td>" . Get_Text("pub_schichtplan_add_TextFor") . ":</td> <td>" .
mysql_result($Erg, 0, "Man") . "</td></tr>\n";
echo "<tr><td valign='top'>" . Get_Text("pub_schichtplan_add_Comment") . ":</td>\n <td>" .
"<textarea name='newtext' cols='50' rows='10'></textarea> </td></tr>\n";
echo "<tr><td>&nbsp;</td>\n" .
"<td><input type=\"submit\" value=\"" . Get_Text("pub_schichtplan_add_submit") . "\"> </td></tr>\n" .
"</table>\n" .
"<input type=\"hidden\" name=\"SID\" value=\"" . $_GET["SID"] . "\">\n" .
"<input type=\"hidden\" name=\"TID\" value=\"" . $_GET["TID"] . "\">\n" .
"</form>";
} else {
echo "<h1>:-(</h1>";
array_push($error_messages, "Hack atteck\n");
}
}
include "includes/footer.php";
?>