0) { $id = $_REQUEST['id']; } else { $id = $user['UID']; } list ($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); if ($id != $user['UID']) $msg .= info(sprintf("You are viewing %s's shifts.", $shifts_user['Nick']), true); if (isset ($_REQUEST['reset'])) { if ($_REQUEST['reset'] == "ack") { user_reset_ical_key($user); success("Key geƤndert."); redirect(page_link_to('user_myshifts')); } return template_render('../templates/user_myshifts_reset.html', array ()); } elseif (isset ($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { $id = $_REQUEST['edit']; $shift = sql_select("SELECT `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); if (count($shift) > 0) { $shift = $shift[0]; if (isset ($_REQUEST['submit'])) { $comment = strip_request_item_nl('comment'); $user_source = User($shift['UID']); sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($comment) . "' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); engelsystem_log("Updated " . $user_source['Nick'] . "'s shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']) . " with comment " . $comment); success("Schicht gespeichert."); redirect(page_link_to('user_myshifts')); } return template_render('../templates/user_shifts_add.html', array ( 'angel' => $shifts_user['Nick'], 'date' => date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), 'location' => $shift['Name'], 'title' => $shift['name'], 'type' => $shift['angel_type'], 'comment' => $shift['Comment'] )); } else redirect(page_link_to('user_myshifts')); } elseif (isset ($_REQUEST['cancel']) && preg_match("/^[0-9]*$/", $_REQUEST['cancel'])) { $id = $_REQUEST['cancel']; $shift = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); if (count($shift) > 0) { $shift = $shift[0]; if (($shift['start'] - time() < $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) { sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); $msg .= success(Get_Text("pub_myshifts_signed_off"), true); } else $msg .= error(Get_Text("pub_myshifts_too_late"), true); } else redirect(page_link_to('user_myshifts')); } $shifts = sql_select("SELECT * FROM `ShiftEntry` JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) WHERE `UID`=" . sql_escape($shifts_user['UID']) . " ORDER BY `start`"); $html = ""; foreach ($shifts as $shift) { if (time() > $shift['end']) $html .= '