/**
  * return_all_users returns all users from db as array containing
  * user-objects
  * 
  * @param array $exclude array containing usernames not to include in list
  * @return array array containing all user-objects
  */
 public function return_all_users($exclude = array())
 {
     // prepare return
     $users = array();
     // get db-object
     $db = Db::newDb();
     // prepare sql-statement
     $sql = "SELECT u.username\n\t\t\t\tFROM user AS u";
     // execute statement
     $result = $db->query($sql);
     //fetch result
     while (list($username) = $result->fetch_array(MYSQL_NUM)) {
         // safe object in array
         $user = new User();
         $user->change_user($username, false);
         // exclude
         if (!in_array($username, $exclude)) {
             $users[] = $user;
         }
     }
     // return
     return $users;
 }
 /**
  * correct handles the corrections of the protocol
  * 
  * @param int $pid entry-id for protocol
  * @return string html of the correction page
  */
 private function correct($pid)
 {
     // pagecaption
     $this->tpl->assign('pagecaption', parent::lang('class.ProtocolView#page#caption#correct'));
     // get protocol object
     $protocol = new Protocol($pid);
     $correctable = $protocol->get_correctable(false);
     // js tiny_mce
     $tmce = array('element' => 'protocol-0', 'css' => 'templates/protocols/tmce_' . $protocol->get_preset()->get_path() . '.css', 'transitem' => parent::lang('class.ProtocolView#new_entry#tmce#item'), 'transdecision' => parent::lang('class.ProtocolView#new_entry#tmce#decision'));
     // smarty
     $this->tpl->assign('tmce', $tmce);
     // check rights
     if (Rights::check_rights($pid, 'protocol', true) && (in_array($_SESSION['user']->get_id(), $correctable['correctors']) || $_SESSION['user']->get_userinfo('name') == $protocol->get_owner())) {
         // check owner
         if ($_SESSION['user']->get_userinfo('name') == $protocol->get_owner()) {
             // smarty
             $sPCo = new JudoIntranetSmarty();
             // check action
             if ($this->get('action') == 'diff' && $this->get('uid') !== false) {
                 // diff correction of $uid
                 // get correction
                 $correction = new ProtocolCorrection($protocol, $this->get('uid'));
                 // clean protocols for diff
                 $diffBase = html_entity_decode(preg_replace('/<.*>/U', '', $protocol->get_protocol()));
                 $diffNew = html_entity_decode(preg_replace('/<.*>/U', '', $correction->get_protocol()));
                 // smarty
                 $sJsDL = new JudoIntranetSmarty();
                 // activate difflib js-files
                 $this->tpl->assign('jsdifflib', true);
                 // set values for difflib
                 $difflib = array('protDiffBase' => 'protDiffBase-0', 'protDiffNew' => 'protDiffNew-0', 'protDiffOut' => 'diffOut', 'protDiffBaseCaption' => parent::lang('class.ProtocolView#correct#diff#baseCaption'), 'protDiffNewCaption' => parent::lang('class.ProtocolView#correct#diff#newCaption'));
                 // add difflib values to js-template
                 $sJsDL->assign('dl', $difflib);
                 $this->add_jquery($sJsDL->fetch('smarty.js-jsdifflib.tpl'));
                 // add diffOut to template
                 $sPCo->assign('diffOut', 'diffOut');
                 // build form
                 $form = new HTML_QuickForm2('diffCorrection', 'post', array('name' => 'diffCorrection', 'action' => 'protocol.php?id=correct&pid=' . $pid . '&action=diff&uid=' . $this->get('uid')));
                 $datasource = array('protocol' => $protocol->get_protocol(), 'protDiffBase' => $diffBase, 'protDiffNew' => $diffNew);
                 // add datasource
                 $form->addDataSource(new HTML_QuickForm2_DataSource_Array($datasource));
                 // renderer
                 $renderer = HTML_QuickForm2_Renderer::factory('default');
                 $renderer->setOption('required_note', parent::lang('class.ProtocolView#entry#form#requiredNote'));
                 // elements
                 // protocol text
                 $protocolTA = $form->addElement('textarea', 'protocol');
                 $protocolTA->setLabel(parent::lang('class.ProtocolView#entry#form#protocol') . ':');
                 $protocolTA->addRule('regex', parent::lang('class.ProtocolView#entry#rule#regexp.allowedChars') . ' [' . $_SESSION['GC']->get_config('textarea.desc') . ']', $_SESSION['GC']->get_config('textarea.regexp'));
                 // checkbox to mark correction as finished
                 $finished = $form->addElement('checkbox', 'finished');
                 $finished->setLabel(parent::lang('class.ProtocolView#entry#form#finished') . ':');
                 // hidden textareas for texts to diff
                 $protocolBase = $form->addElement('textarea', 'protDiffBase');
                 $protocolNew = $form->addElement('textarea', 'protDiffNew');
                 // submit-button
                 $form->addElement('submit', 'submit', array('value' => parent::lang('class.ProtocolView#entry#form#submitButton')));
                 // add form to template
                 $sPCo->assign('c', true);
                 $sPCo->assign('form', $form->render($renderer));
                 // validate
                 if ($form->validate()) {
                     // get form data
                     $data = $form->getValue();
                     // check finished
                     if (!isset($data['finished'])) {
                         $data['finished'] = 0;
                     }
                     $correctionUpdate = array('finished' => $data['finished']);
                     $protocolUpdate = array('protocol' => $data['protocol']);
                     // update
                     $protocol->update($protocolUpdate);
                     $correction->update($correctionUpdate);
                     $protocol->writeDb('update');
                     $correction->writeDb('update');
                     // message
                     $message = array('message' => parent::lang('class.ProtocolView#correct#message#corrected'), 'href' => 'protocol.php?id=correct&pid=' . $pid . '&action=diff&uid=' . $this->get('uid'), 'title' => parent::lang('class.ProtocolView#correct#message#back'), 'text' => parent::lang('class.ProtocolView#correct#message#back'));
                     // assign to template
                     $sPCo->assign('c', false);
                     $sPCo->assign('message', $message);
                 }
             } else {
                 // list all corrections
                 // get corrections
                 $corrections = ProtocolCorrection::listCorrections($pid);
                 // put information together
                 $list = array();
                 $user = new User();
                 foreach ($corrections as $correction) {
                     // change user
                     $user->change_user($correction['uid'], false, 'id');
                     // fill list
                     $img = false;
                     if ($correction['finished'] == 1) {
                         $img = array('src' => 'img/done.png', 'alt' => parent::lang('class.ProtocolView#correct#difflist#imgDone'), 'title' => parent::lang('class.ProtocolView#correct#difflist#imgDone'));
                     }
                     $list[] = array('href' => 'protocol.php?id=correct&pid=' . $pid . '&action=diff&uid=' . $correction['uid'], 'title' => parent::lang('class.ProtocolView#correct#difflist#correctedBy') . ': ' . $user->get_userinfo('name'), 'text' => $user->get_userinfo('name') . ' (' . date('d.m.Y', strtotime($correction['modified'])) . ')', 'img' => $img);
                 }
                 // smarty
                 $sPCo->assign('caption', parent::lang('class.ProtocolView#correct#difflist#caption'));
                 $sPCo->assign('list', $list);
             }
             // return
             return $sPCo->fetch('smarty.protocolcorrection.owner.tpl');
         } else {
             // get ProtocolCorretion object
             $correction = new ProtocolCorrection($protocol);
             // formular
             $form = new HTML_QuickForm2('correctProtocol', 'post', array('name' => 'correctProtocol', 'action' => 'protocol.php?id=correct&pid=' . $pid));
             $datasource = array('protocol' => $correction->get_protocol());
             // add datasource
             $form->addDataSource(new HTML_QuickForm2_DataSource_Array($datasource));
             // renderer
             $renderer = HTML_QuickForm2_Renderer::factory('default');
             $renderer->setOption('required_note', parent::lang('class.ProtocolView#entry#form#requiredNote'));
             // elements
             // protocol text
             $protocolTA = $form->addElement('textarea', 'protocol');
             $protocolTA->setLabel(parent::lang('class.ProtocolView#entry#form#protocol') . ':');
             $protocolTA->addRule('regex', parent::lang('class.ProtocolView#entry#rule#regexp.allowedChars') . ' [' . $_SESSION['GC']->get_config('textarea.desc') . ']', $_SESSION['GC']->get_config('textarea.regexp'));
             // submit-button
             $form->addElement('submit', 'submit', array('value' => parent::lang('class.ProtocolView#entry#form#submitButton')));
             // validate
             if ($form->validate()) {
                 // get form data
                 $data = $form->getValue();
                 $correctionUpdate = array('protocol' => $data['protocol'], 'modified' => date('U'), 'pid' => $pid);
                 // update protocol
                 $correction->update($correctionUpdate);
                 // write to db
                 $action = 'new';
                 if (ProtocolCorrection::hasCorrected($pid) === true) {
                     $action = 'update';
                 }
                 $correction->writeDb($action);
                 return parent::lang('class.ProtocolView#correct#message#done');
             } else {
                 return $form->render($renderer);
             }
         }
     } else {
         // error
         $errno = $GLOBALS['Error']->error_raised('NotAuthorized', 'entry:' . $this->get('id'), $this->get('id'));
         $GLOBALS['Error']->handle_error($errno);
         return $GLOBALS['Error']->to_html($errno);
     }
 }
 /**
  * movement returns the details of a movement-entry as html
  * 
  * @param int $mid entry-id for the movement
  * @return string html-string with the details of the movement entry
  */
 private function movement($mid)
 {
     // get db-object
     $db = Db::newDb();
     // get movement details
     // prepare sql-statement
     $sql = "SELECT m.inventory_id\n\t\t\t\tFROM inventory_movement AS m\n\t\t\t\tWHERE m.id = {$mid}";
     // execute
     $result = $db->query($sql);
     // fetch result
     list($inventory_id) = $result->fetch_array(MYSQL_NUM);
     // get invetory-object
     $inventory = new Inventory($inventory_id);
     // get preset
     $preset = $inventory->get_preset();
     // get fields
     $fields = $preset->get_fields();
     // check rights
     if (Rights::check_rights($inventory->get_id(), 'inventory')) {
         //smarty-template
         $sM = new JudoIntranetSmarty();
         // prepare sql
         $sql = "SELECT m.id,m.user_id,m.action,m.date_time\n\t\t\t\t\tFROM inventory_movement AS m\n\t\t\t\t\tWHERE m.inventory_id=" . $inventory->get_id() . "\n\t\t\t\t\tORDER BY m.date_time ASC";
         // execute
         $result = $db->query($sql);
         // fetch result
         $i = 0;
         $movements_data = array();
         while (list($m_id, $m_user_id, $m_action, $m_date_time) = $result->fetch_array(MYSQL_NUM)) {
             $movements_data[$i]['id'] = $m_id;
             $movements_data[$i]['user_id'] = $m_user_id;
             $movements_data[$i]['action'] = $m_action;
             $movements_data[$i]['date_time'] = $m_date_time;
             $i++;
         }
         // get actual movement data
         $data = array();
         for ($i = 0; $i < count($movements_data); $i++) {
             // check actual mid and previous
             if ($movements_data[$i]['id'] == $mid) {
                 $data[0]['id'] = $movements_data[$i]['id'];
                 $data[0]['user_id'] = $movements_data[$i]['user_id'];
                 $data[0]['action'] = $movements_data[$i]['action'];
                 $data[0]['date_time'] = $movements_data[$i]['date_time'];
                 // check first
                 if ($i != 0) {
                     $data[1]['id'] = $movements_data[$i - 1]['id'];
                     $data[1]['user_id'] = $movements_data[$i - 2]['user_id'];
                     $data[1]['action'] = $movements_data[$i - 1]['action'];
                 }
             }
         }
         $sM->assign('inventory', parent::lang('class.InventoryView#movement#hx#movement') . $inventory->get_name() . ' (' . $inventory->get_inventory_no() . ')');
         $sM->assign('date', parent::lang('class.InventoryView#movement#hx#at') . date('d.m.Y', strtotime($data[0]['date_time'])));
         $back = array('href' => 'javascript:history.back(1)', 'title' => parent::lang('class.InventoryView#movement#back#title'), 'content' => parent::lang('class.InventoryView#movement#back#name'));
         $sM->assign('back', $back);
         foreach ($data as $movement) {
             // get user
             $user = new User();
             $user->change_user($movement['user_id'], false, 'id');
             // prepare fields
             $fields_out = array();
             foreach ($fields as $field) {
                 // get values
                 $data = array('table' => 'inventory_movement', 'table_id' => $movement['id'], 'field_id' => $field->get_id());
                 $field->read_value($data);
                 $fields_out[] = $field->value_to_html();
             }
             $sM->assign('data', $fields_out);
             $sM->assign('user', parent::lang('class.InventoryView#movement#fields#' . $movement['action']) . ' ' . $user->get_userinfo('name'));
         }
         // return
         return $sM->fetch('smarty.inventory.movement.tpl');
     } else {
         // error
         $errno = $GLOBALS['Error']->error_raised('NotAuthorized', $this->get('id'), $mid);
         $GLOBALS['Error']->handle_error($errno);
         return $GLOBALS['Error']->to_html($errno);
     }
 }