Igor Scheller
944c29b964
Require POST for sending forms
...
* Ensure that the form is submitted with a post request
* Replaced several links with forms
Closes #494 (Security Vulnerability)
2018-11-21 19:24:36 +01:00
Igor Scheller
88f3bafa5e
Replaced `Auth()` with `auth()`
2018-10-31 13:43:23 +01:00
Igor Scheller
a2aaba9cab
User: Bugfixes & code cleanup
2018-10-31 13:43:23 +01:00
Igor Scheller
4e09ee3eb2
Replaced more user related stuff
...
(Contains some buggy stuff too...)
2018-10-31 13:43:23 +01:00
Igor Scheller
7c6afc2bfe
Removed `User($id)` function 🎉
2018-10-31 13:43:23 +01:00
Igor Scheller
89e62c95a7
Changed more functions 🎉
2018-10-31 13:43:23 +01:00
Igor Scheller
b069a938c6
Changed user_link and some other user functions to use the user id
2018-10-31 13:43:23 +01:00
Igor Scheller
2dcb7cc2de
Replaced some global `$user` variables
2018-10-31 13:43:23 +01:00
Bot
e8f8fc7f5f
Replaced gettext translation `_()` with `__()` that uses the Translator class
2018-08-29 23:46:32 +02:00
Igor Scheller
fe58e4f422
database: updated checks for selectOne
2018-01-14 17:47:26 +01:00
Bot
b00743d6d3
Formatting
2017-12-27 13:50:53 +01:00
msquare
abf4b1da30
check if logged in before sign up
2017-12-27 11:35:26 +01:00
Igor Scheller
f8d0a7c5b0
Updated translation / Formatting / Test
2017-12-26 00:21:44 +01:00
Igor Scheller
75eea1681e
Removed dead function call
2017-12-25 23:51:15 +01:00
Bot
952c7892f3
Formatting & Docstrings
2017-12-25 23:51:15 +01:00
klemens
a6cf4c9ce9
spelling fixes
2017-12-25 21:29:00 +01:00
msquare
2c04e35bed
introduce new shift signup state for not arrived angels
2017-12-20 23:05:46 +01:00
msquare
7a3bdda483
rewrite controller for creating shift entries
2017-12-20 00:54:57 +01:00
msquare
1289101f6e
rewrite controller for creating shift entries
2017-12-20 00:42:58 +01:00
msquare
afd7c59d1d
fix shift entry delete
2017-12-19 22:24:06 +01:00
msquare
fd85034e7f
redo shift signoff and icons for delete/confirm/acknowledgment questions
2017-12-19 20:58:01 +01:00
msquare
567ed9ebd2
remove flags since they do not belong to language selection
2017-12-19 19:17:50 +01:00
MichiK
32d14f493b
Fix sign-up to shifts by supporter
...
Any user with the `shiftentry_edit_angeltype_supporter` privilege was
able to sign up any users of the correct angeltype to any shift that
they could sign up themselves because the shift entry controller only
checks for the global privilege an not the fact that the user is indeed
supporter for the angeltype in question.
2017-12-07 18:52:07 +01:00
msquare
deae2a1721
fix removing users from shift, fixes #359
2017-11-19 14:52:55 +01:00
msquare
db8b6b2520
change shift renderer global add user link
2017-09-16 17:14:45 +02:00
Igor Scheller
96f1d9fd54
Bugfixes
2017-08-30 15:35:12 +02:00
Igor Scheller
d0074cf006
Merge remote-tracking branch 'engelsystem/feature-igel-rewrite'
...
# Conflicts:
# includes/controller/angeltypes_controller.php
# includes/pages/admin_groups.php
# includes/pages/user_settings.php
# includes/sys_page.php
# src/Exceptions/Handler.php
# src/Http/Request.php
2017-08-29 23:16:41 +02:00
Igor Scheller
cc01c906ba
#336 : Integration of symfony/http-foundation request
2017-08-29 21:52:07 +02:00
msquare
f82e5456d2
dried code by introducing selectOne for select queries with only one result line expected
2017-07-28 20:11:09 +02:00
msquare
5794c4cab8
clear delete queries from false resuls
2017-07-28 18:50:00 +02:00
msquare
a157004f4a
handle failed db queries in Db class
2017-07-23 11:46:54 +02:00
Igor Scheller
3a1e460249
Changed $_GET, $_POST and $_REQUEST to use the Request object
2017-07-19 11:44:16 +02:00
Bot
740026a9de
Replaced [0-9] with \d
2017-01-21 20:12:48 +01:00
Bot
915ce28fee
Replaced " with '
2017-01-21 20:12:35 +01:00
Igor Scheller
9a3ad88834
Changed from mysqli to PDO, some refactorings, faster sql queries
2017-01-21 13:58:53 +01:00
Bot
55141154c0
Replaced " with '
2017-01-03 15:32:59 +01:00
Bot
356b2582f3
PPHDoc, formatting, fixes, cleanup
2017-01-03 03:22:48 +01:00
Bot
d71e7bbfad
Formatting
2017-01-02 15:49:53 +01:00
Bot
7313e15ce8
PSR-2 formatting
2017-01-02 03:57:23 +01:00
msquare
46528fe1d8
shift view performance improvements
2016-12-27 23:02:05 +01:00
msquare
2f2d08c574
fix edit user bug deleting emails
2016-12-27 13:05:30 +01:00
msquare
99c7e8ce1a
fixes #298 allow a shift supporter to remove a user from shift
2016-12-24 17:29:12 +01:00
msquare
0c15964e6b
#298 hide freeload form from angeltype supporters
2016-12-24 17:02:34 +01:00
msquare
e86d75b4d9
begin #298 add privilege and add users to shifts by angeltype supporter
2016-12-24 17:00:03 +01:00
jwacalex
1324260e0f
forgot to remove if-statement -.-
2016-11-30 16:17:52 +01:00
jwacalex
f4f6dfefcb
fixed broken logic in controller (cf. to mail to @msquare)
2016-11-30 15:53:47 +01:00
msquare
1a3b4e2a33
redone shift coloring and shift signup state
2016-11-12 23:00:46 +01:00
msquare
27c9650dc4
reduce complexity of shifts controller
2016-10-04 21:20:38 +02:00
msquare
09c931dcf5
fix missing variables
2016-10-03 17:55:49 +02:00
msquare
6c8a113383
introduce ShiftsFilter
2016-10-03 17:41:14 +02:00