function admin_free() { global $privileges; $search = ""; if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } $angeltypesearch = ""; if (empty($_REQUEST['angeltype'])) { $_REQUEST['angeltype'] = ''; } else { $angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`"; if (isset($_REQUEST['confirmed_only'])) { $angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`"; } $angeltypesearch .= ") "; } $angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`"); $angel_types = array('' => 'alle Typen'); foreach ($angel_types_source as $angel_type) { $angel_types[$angel_type['id']] = $angel_type['name']; } $users = sql_select("\n SELECT `User`.* \n FROM `User` \n {$angeltypesearch} \n LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` \n LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "') \n WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL \n GROUP BY `User`.`UID` \n ORDER BY `Nick`"); $free_users_table = array(); if ($search == "") { $tokens = array(); } else { $tokens = explode(" ", $search); } foreach ($users as $usr) { if (count($tokens) > 0) { $match = false; $index = join("", $usr); foreach ($tokens as $t) { if (stristr($index, trim($t))) { $match = true; break; } } if (!$match) { continue; } } $free_users_table[] = array('name' => User_Nick_render($usr), 'shift_state' => User_shift_state_render($usr), 'handy' => $usr['Handy'], 'telefon' => $usr['Telefon'], 'email' => $usr['email'], 'kommentar' => $usr['kommentar'], 'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _("edit"), 'btn-xs') : ''); } return page_with_title(admin_free_title(), array(form(array(div('row', array(div('col-md-4', array(form_text('search', _("Search"), $search))), div('col-md-4', array(form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']))), div('col-md-2', array(form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])))), div('col-md-2', array(form_submit('submit', _("Search")))))))), table(array('name' => _("Nick"), 'shift_state' => '', 'handy' => _("Mobile"), 'telefon' => _("Phone"), 'email' => _("E-Mail"), 'kommentar' => _("add. Info"), 'actions' => ''), $free_users_table))); }
function admin_arrive() { $msg = ""; $search = ""; if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*\$/", $_REQUEST['reset'])) { $id = $_REQUEST['reset']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set to not available: " . User_Nick_render($user_source)); $msg = success(_("Reset done. Angel is not available."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*\$/", $_REQUEST['arrived'])) { $id = $_REQUEST['arrived']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User is available: " . User_Nick_render($user_source)); $msg = success(_("Angel has been marked as available."), true); } else { $msg = error(_("Angel not found."), true); } } $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`"); $arrival_count_at_day = []; $planned_arrival_count_at_day = []; $planned_departure_count_at_day = []; $table = ""; $users_matched = []; if ($search == "") { $tokens = []; } else { $tokens = explode(" ", $search); } foreach ($users as $usr) { if (count($tokens) > 0) { $match = false; $index = join(" ", $usr); foreach ($tokens as $t) { if (stristr($index, trim($t))) { $match = true; break; } } if (!$match) { continue; } } $usr['nick'] = User_Nick_render($usr); if ($usr['planned_departure_date'] != null) { $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']); } else { $usr['rendered_planned_departure_date'] = '-'; } $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("available") . '</a>'; if ($usr['arrival_date'] > 0) { $day = date('Y-m-d', $usr['arrival_date']); if (!isset($arrival_count_at_day[$day])) { $arrival_count_at_day[$day] = 0; } $arrival_count_at_day[$day]++; } if ($usr['planned_arrival_date'] != null) { $day = date('Y-m-d', $usr['planned_arrival_date']); if (!isset($planned_arrival_count_at_day[$day])) { $planned_arrival_count_at_day[$day] = 0; } $planned_arrival_count_at_day[$day]++; } if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) { $day = date('Y-m-d', $usr['planned_departure_date']); if (!isset($planned_departure_count_at_day[$day])) { $planned_departure_count_at_day[$day] = 0; } $planned_departure_count_at_day[$day]++; } $users_matched[] = $usr; } ksort($arrival_count_at_day); ksort($planned_arrival_count_at_day); ksort($planned_departure_count_at_day); $arrival_at_day = []; $arrival_sum = 0; foreach ($arrival_count_at_day as $day => $count) { $arrival_sum += $count; $arrival_at_day[$day] = ['day' => $day, 'count' => $count, 'sum' => $arrival_sum]; } $planned_arrival_sum_at_day = []; $planned_arrival_sum = 0; foreach ($planned_arrival_count_at_day as $day => $count) { $planned_arrival_sum += $count; $planned_arrival_at_day[$day] = ['day' => $day, 'count' => $count, 'sum' => $planned_arrival_sum]; } $planned_departure_at_day = []; $planned_departure_sum = 0; foreach ($planned_departure_count_at_day as $day => $count) { $planned_departure_sum += $count; $planned_departure_at_day[$day] = ['day' => $day, 'count' => $count, 'sum' => $planned_departure_sum]; } return page_with_title(admin_arrive_title(), array(msg(), form(array(form_text('search', _("Search"), $search), form_submit('submit', _("Search")))), table(array('nick' => _("Nickname"), 'rendered_planned_arrival_date' => _("Planned start of availability"), 'arrived' => _("Available?"), 'rendered_arrival_date' => _("Start of availability"), 'rendered_planned_departure_date' => _("Planned end of availability"), 'actions' => ""), $users_matched), div('row', [div('col-md-4', [heading(_("Planned start of availability statistics"), 2), bargraph('planned_arrives', 'day', ['count' => _("available"), 'sum' => _("available sum")], ['count' => '#090', 'sum' => '#888'], $planned_arrival_at_day), table(['day' => _("Date"), 'count' => _("Count"), 'sum' => _("Sum")], $planned_arrival_at_day)]), div('col-md-4', [heading(_("Availability statistics"), 2), bargraph('arrives', 'day', ['count' => _("available"), 'sum' => _("available sum")], ['count' => '#090', 'sum' => '#888'], $arrival_at_day), table(['day' => _("Date"), 'count' => _("Count"), 'sum' => _("Sum")], $arrival_at_day)]), div('col-md-4', [heading(_("Planned end of availability statistics"), 2), bargraph('planned_departures', 'day', ['count' => _("available"), 'sum' => _("available sum")], ['count' => '#090', 'sum' => '#888'], $planned_departure_at_day), table(['day' => _("Date"), 'count' => _("Count"), 'sum' => _("Sum")], $planned_departure_at_day)])]))); }
function admin_rooms() { global $user; $rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $rooms = array(); foreach ($rooms_source as $room) { $rooms[] = array('name' => $room['Name'], 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', 'public' => $room['show'] == 'Y' ? '✓' : '', 'actions' => buttons(array(button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs')))); } $room = null; if (isset($_REQUEST['show'])) { $msg = ""; $name = ""; $from_pentabarf = ""; $public = 'Y'; $number = ""; $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angeltypes = array(); $angeltypes_count = array(); foreach ($angeltypes_source as $angeltype) { $angeltypes[$angeltype['id']] = $angeltype['name']; $angeltypes_count[$angeltype['id']] = 0; } if (test_request_int('id')) { $room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'"); if (count($room) > 0) { $id = $_REQUEST['id']; $name = $room[0]['Name']; $from_pentabarf = $room[0]['FromPentabarf']; $public = $room[0]['show']; $number = $room[0]['Number']; $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); foreach ($needed_angeltypes as $needed_angeltype) { $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; } } else { redirect(page_link_to('admin_rooms')); } } if ($_REQUEST['show'] == 'edit') { if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { $name = strip_request_item('name'); if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($id)) > 0) { $ok = false; $msg .= error(_("This name is already in use."), true); } } else { $ok = false; $msg .= error(_("Please enter a name."), true); } if (isset($_REQUEST['from_pentabarf'])) { $from_pentabarf = 'Y'; } else { $from_pentabarf = ''; } if (isset($_REQUEST['public'])) { $public = 'Y'; } else { $public = ''; } if (isset($_REQUEST['number'])) { $number = strip_request_item('number'); } else { $ok = false; } foreach ($angeltypes as $angeltype_id => $angeltype) { if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}\$/", $_REQUEST['angeltype_count_' . $angeltype_id])) { $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; } else { $ok = false; $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true); } } if ($ok) { if (isset($id)) { sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } else { $id = Room_create($name, $from_pentabarf, $public, $number); if ($id === false) { engelsystem_error("Unable to create room."); } engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); $needed_angeltype_info = array(); foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { $angeltype = AngelType($angeltype_id); if ($angeltype === false) { engelsystem_error("Unable to load angeltype."); } if ($angeltype != null) { sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'"); $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; } } engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info)); success(_("Room saved.")); redirect(page_link_to("admin_rooms")); } } $angeltypes_count_form = array(); foreach ($angeltypes as $angeltype_id => $angeltype) { $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]))); } return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), $msg, form(array(div('row', array(div('col-md-6', array(form_text('name', _("Name"), $name), form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), form_checkbox('public', _("Public"), $public), form_text('number', _("Room number"), $number))), div('col-md-6', array(div('row', array(div('col-md-12', array(form_info(_("Needed angels:")))), join($angeltypes_count_form))))))), form_submit('submit', _("Save")))))); } elseif ($_REQUEST['show'] == 'delete') { if (isset($_REQUEST['ack'])) { if (!Room_delete($id)) { engelsystem_error("Unable to delete room."); } engelsystem_log("Room deleted: " . $name); success(sprintf(_("Room %s deleted."), $name)); redirect(page_link_to('admin_rooms')); } return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), sprintf(_("Do you want to delete room %s?"), $name), buttons(array(button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete'))))); } } return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms') . '&show=edit', _("add")))), msg(), table(array('name' => _("Name"), 'from_pentabarf' => _("Frab import"), 'public' => _("Public"), 'actions' => ""), $rooms))); }
function user_settings() { global $enable_tshirt_size, $tshirt_sizes, $themes, $locales; global $user; $msg = ""; $nick = $user['Nick']; $lastname = $user['Name']; $prename = $user['Vorname']; $age = $user['Alter']; $tel = $user['Telefon']; $dect = $user['DECT']; $mobile = $user['Handy']; $mail = $user['email']; $email_shiftinfo = $user['email_shiftinfo']; $jabber = $user['jabber']; $hometown = $user['Hometown']; $tshirt_size = $user['Size']; $password_hash = ""; $selected_theme = $user['color']; $selected_language = $user['Sprache']; $planned_arrival_date = $user['planned_arrival_date']; $planned_departure_date = $user['planned_departure_date']; if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { $mail = strip_request_item('mail'); if (!check_email($mail)) { $ok = false; $msg .= error(_("E-mail address is not correct."), true); } } else { $ok = false; $msg .= error(_("Please enter your e-mail."), true); } $email_shiftinfo = isset($_REQUEST['email_shiftinfo']); if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { $jabber = strip_request_item('jabber'); if (!check_email($jabber)) { $ok = false; $msg .= error(_("Please check your jabber account information."), true); } } if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) { $tshirt_size = $_REQUEST['tshirt_size']; } elseif ($enable_tshirt_size) { $ok = false; } if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) { $planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp(); } else { $ok = false; $msg .= error(_("Please enter your planned date of arrival."), true); } if (isset($_REQUEST['planned_departure_date']) && $_REQUEST['planned_departure_date'] != '') { if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))) { $planned_departure_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))->getTimestamp(); } else { $ok = false; $msg .= error(_("Please enter your planned date of departure."), true); } } else { $planned_departure_date = null; } // Trivia if (isset($_REQUEST['lastname'])) { $lastname = strip_request_item('lastname'); } if (isset($_REQUEST['prename'])) { $prename = strip_request_item('prename'); } if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}\$/", $_REQUEST['age'])) { $age = strip_request_item('age'); } if (isset($_REQUEST['tel'])) { $tel = strip_request_item('tel'); } if (isset($_REQUEST['dect'])) { $dect = strip_request_item('dect'); } if (isset($_REQUEST['mobile'])) { $mobile = strip_request_item('mobile'); } if (isset($_REQUEST['hometown'])) { $hometown = strip_request_item('hometown'); } if ($ok) { sql_query("\n UPDATE `User` SET\n `Nick`='" . sql_escape($nick) . "',\n `Vorname`='" . sql_escape($prename) . "',\n `Name`='" . sql_escape($lastname) . "',\n `Alter`='" . sql_escape($age) . "',\n `Telefon`='" . sql_escape($tel) . "',\n `DECT`='" . sql_escape($dect) . "',\n `Handy`='" . sql_escape($mobile) . "',\n `email`='" . sql_escape($mail) . "',\n `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ",\n `jabber`='" . sql_escape($jabber) . "',\n `Size`='" . sql_escape($tshirt_size) . "',\n `Hometown`='" . sql_escape($hometown) . "',\n `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "',\n `planned_departure_date`=" . sql_null($planned_departure_date) . "\n WHERE `UID`='" . sql_escape($user['UID']) . "'"); success(_("Settings saved.")); redirect(page_link_to('user_settings')); } } elseif (isset($_REQUEST['submit_password'])) { $ok = true; if (!isset($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) { $msg .= error(_("-> not OK. Please try again."), true); } elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) { $msg .= error(_("Your password is to short (please use at least 6 characters)."), true); } elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) { $msg .= error(_("Your passwords don't match."), true); } elseif (set_password($user['UID'], $_REQUEST['new_password'])) { success(_("Password saved.")); } else { error(_("Failed setting password.")); } redirect(page_link_to('user_settings')); } elseif (isset($_REQUEST['submit_theme'])) { $ok = true; if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) { $selected_theme = $_REQUEST['theme']; } else { $ok = false; } if ($ok) { sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'"); success(_("Theme changed.")); redirect(page_link_to('user_settings')); } } elseif (isset($_REQUEST['submit_language'])) { $ok = true; if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) { $selected_language = $_REQUEST['language']; } else { $ok = false; } if ($ok) { sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'"); $_SESSION['locale'] = $selected_language; success("Language changed."); redirect(page_link_to('user_settings')); } } return page_with_title(settings_title(), array($msg, msg(), div('row', array(div('col-md-6', array(form(array(form_info('', _("Here you can change your user details.")), form_info(entry_required() . ' = ' . _("Entry required!")), form_text('nick', _("Nick"), $nick, true), form_text('lastname', _("Last name"), $lastname), form_text('prename', _("First name"), $prename), form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()), form_date('planned_departure_date', _("Planned date of departure"), $planned_departure_date, time()), form_text('age', _("Age"), $age), form_text('tel', _("Phone"), $tel), form_text('dect', _("DECT"), $dect), form_text('mobile', _("Mobile"), $mobile), form_text('mail', _("E-Mail") . ' ' . entry_required(), $mail), form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo), form_text('jabber', _("Jabber"), $jabber), form_text('hometown', _("Hometown"), $hometown), $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '', form_info('', _('Please visit the angeltypes page to manage your angeltypes.')), form_submit('submit', _("Save")))))), div('col-md-6', array(form(array(form_info(_("Here you can change your password.")), form_password('password', _("Old password:"******"New password:"******"Password confirmation:")), form_submit('submit_password', _("Save")))), form(array(form_info(_("Here you can choose your color settings:")), form_select('theme', _("Color settings:"), $themes, $selected_theme), form_submit('submit_theme', _("Save")))), form(array(form_info(_("Here you can choose your language:")), form_select('language', _("Language:"), $locales, $selected_language), form_submit('submit_language', _("Save")))))))))); }
function user_shifts() { global $user, $privileges, $max_freeloadable_shifts; if (User_is_freeloader($user)) { redirect(page_link_to('user_myshifts')); } // Locations laden $rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`"); $room_array = array(); foreach ($rooms as $room) { $room_array[$room['RID']] = $room['Name']; } // Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins if (isset($_REQUEST['entry_id']) && in_array('user_shifts_admin', $privileges)) { if (isset($_REQUEST['entry_id']) && test_request_int('entry_id')) { $entry_id = $_REQUEST['entry_id']; } else { redirect(page_link_to('user_shifts')); } $shift_entry_source = sql_select("\n SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` \n FROM `ShiftEntry` \n JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) \n JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) \n JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) \n JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)\n JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) \n WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'"); if (count($shift_entry_source) > 0) { $shift_entry_source = $shift_entry_source[0]; $result = ShiftEntry_delete($entry_id); if ($result === false) { engelsystem_error('Unable to delete shift entry.'); } engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("y-m-d H:i", $shift_entry_source['start']) . " to " . date("y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']); success(_("Shift entry deleted.")); } else { error(_("Entry not found.")); } redirect(page_link_to('user_shifts')); } elseif (isset($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) { $msg = ""; $ok = true; if (isset($_REQUEST['edit_shift']) && test_request_int('edit_shift')) { $shift_id = $_REQUEST['edit_shift']; } else { redirect(page_link_to('user_shifts')); } $shift = sql_select("\n SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.* FROM `Shifts` \n JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) \n JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)\n WHERE `SID`='" . sql_escape($shift_id) . "'"); if (count($shift) == 0) { redirect(page_link_to('user_shifts')); } $shift = $shift[0]; // Engeltypen laden $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angel_types = array(); $needed_angel_types = array(); foreach ($types as $type) { $angel_types[$type['id']] = $type; $needed_angel_types[$type['id']] = 0; } $shifttypes_source = ShiftTypes(); $shifttypes = []; foreach ($shifttypes_source as $shifttype) { $shifttypes[$shifttype['id']] = $shifttype['name']; } // Benötigte Engeltypen vom Raum $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`='" . sql_escape($shift['RID']) . "') ORDER BY `AngelTypes`.`name`"); foreach ($needed_angel_types_source as $type) { if ($type['count'] != "") { $needed_angel_types[$type['id']] = $type['count']; } } // Benötigte Engeltypen von der Schicht $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`='" . sql_escape($shift_id) . "') ORDER BY `AngelTypes`.`name`"); foreach ($needed_angel_types_source as $type) { if ($type['count'] != "") { $needed_angel_types[$type['id']] = $type['count']; } } $shifttype_id = $shift['shifttype_id']; $title = $shift['title']; $rid = $shift['RID']; $start = $shift['start']; $end = $shift['end']; if (isset($_REQUEST['submit'])) { // Name/Bezeichnung der Schicht, darf leer sein $title = strip_request_item('title'); // Auswahl der sichtbaren Locations für die Schichten if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+\$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) { $rid = $_REQUEST['rid']; } else { $ok = false; $rid = $rooms[0]['RID']; $msg .= error(_("Please select a room."), true); } if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { $shifttype_id = $_REQUEST['shifttype_id']; } else { $ok = false; $msg .= error(_('Please select a shifttype.'), true); } if (isset($_REQUEST['start']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))) { $start = $tmp->getTimestamp(); } else { $ok = false; $msg .= error(_("Please enter a valid starting time for the shifts."), true); } if (isset($_REQUEST['end']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))) { $end = $tmp->getTimestamp(); } else { $ok = false; $msg .= error(_("Please enter a valid ending time for the shifts."), true); } if ($start >= $end) { $ok = false; $msg .= error(_("The ending time has to be after the starting time."), true); } foreach ($needed_angel_types_source as $type) { if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+\$/", trim($_REQUEST['type_' . $type['id']]))) { $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]); } else { $ok = false; $msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $type['name']), true); } } if ($ok) { $shift['shifttype_id'] = $shifttype_id; $shift['title'] = $title; $shift['RID'] = $rid; $shift['start'] = $start; $shift['end'] = $end; $result = Shift_update($shift); if ($result === false) { engelsystem_error('Unable to update shift.'); } sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'"); $needed_angel_types_info = array(); foreach ($needed_angel_types as $type_id => $count) { sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'"); $needed_angel_types_info[] = $angel_types[$type_id]['name'] . ": " . $count; } engelsystem_log("Updated shift '" . $name . "' from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info)); success(_("Shift updated.")); redirect(shift_link(['SID' => $shift_id])); } } $room_select = html_select_key('rid', 'rid', $room_array, $rid); $angel_types = ""; foreach ($types as $type) { $angel_types .= form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]); } return page_with_title(shifts_title(), array(msg(), '<noscript>' . info(_("This page is much more comfortable with javascript."), true) . '</noscript>', form(array(form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_text('title', _("Title"), $title), form_select('rid', _("Room:"), $room_array, $rid), form_text('start', _("Start:"), date("Y-m-d H:i", $start)), form_text('end', _("End:"), date("Y-m-d H:i", $end)), '<h2>' . _("Needed angels") . '</h2>', $angel_types, form_submit('submit', _("Save")))))); } elseif (isset($_REQUEST['delete_shift']) && in_array('user_shifts_admin', $privileges)) { if (isset($_REQUEST['delete_shift']) && preg_match("/^[0-9]*\$/", $_REQUEST['delete_shift'])) { $shift_id = $_REQUEST['delete_shift']; } else { redirect(page_link_to('user_shifts')); } $shift = Shift($shift_id); if ($shift === false) { engelsystem_error('Unable to load shift.'); } if ($shift == null) { redirect(page_link_to('user_shifts')); } // Schicht löschen bestätigt if (isset($_REQUEST['delete'])) { $result = Shift_delete($shift_id); if ($result === false) { engelsystem_error('Unable to delete shift.'); } engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end'])); success(_("Shift deleted.")); redirect(page_link_to('user_shifts')); } return page_with_title(shifts_title(), array(error(sprintf(_("Do you want to delete the shift %s from %s to %s?"), $shift['name'], date("Y-m-d H:i", $shift['start']), date("H:i", $shift['end'])), true), '<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _("delete") . '</a>')); } elseif (isset($_REQUEST['shift_id'])) { if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*\$/", $_REQUEST['shift_id'])) { $shift_id = $_REQUEST['shift_id']; } else { redirect(page_link_to('user_shifts')); } $shift = Shift($shift_id); $room; $shift['Name'] = $room_array[$shift['RID']]; if ($shift === false) { engelsystem_error('Unable to load shift.'); } if ($shift == null) { redirect(page_link_to('user_shifts')); } if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*\$/", $_REQUEST['type_id'])) { $type_id = $_REQUEST['type_id']; } else { redirect(page_link_to('user_shifts')); } if (in_array('user_shifts_admin', $privileges)) { $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); } else { $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1"); } if (count($type) == 0) { redirect(page_link_to('user_shifts')); } $type = $type[0]; if (!Shift_signup_allowed($shift, $type)) { error(_('You are not allowed to sign up for this shift. Maybe shift is full or already running.')); redirect(shift_link($shift)); } if (isset($_REQUEST['submit'])) { $selected_type_id = $type_id; if (in_array('user_shifts_admin', $privileges)) { if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*\$/", $_REQUEST['user_id'])) { $user_id = $_REQUEST['user_id']; } else { $user_id = $user['UID']; } if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) { redirect(page_link_to('user_shifts')); } if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) { $selected_type_id = $_REQUEST['angeltype_id']; } } else { $user_id = $user['UID']; } if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) { return error("This angel does already have an entry for this shift.", true); } $freeloaded = $shift['freeloaded']; $freeload_comment = $shift['freeload_comment']; if (in_array("user_shifts_admin", $privileges)) { $freeloaded = isset($_REQUEST['freeloaded']); $freeload_comment = strip_request_item_nl('freeload_comment'); } $comment = strip_request_item_nl('comment'); $result = ShiftEntry_create(array('SID' => $shift_id, 'TID' => $selected_type_id, 'UID' => $user_id, 'Comment' => $comment, 'freeloaded' => $freeloaded, 'freeload_comment' => $freeload_comment)); if ($result === false) { engelsystem_error('Unable to create shift entry.'); } if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "' ") == 0) { sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')"); } $user_source = User($user_id); engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end'])); success(_("You are subscribed. Thank you!") . ' <a href="' . page_link_to('user_myshifts') . '">' . _("My shifts") . ' »</a>'); redirect(shift_link($shift)); } if (in_array('user_shifts_admin', $privileges)) { $users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`"); $users_select = array(); foreach ($users as $usr) { $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")"); } $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angeltypes = array(); foreach ($angeltypes_source as $angeltype) { $angeltypes[$angeltype['id']] = $angeltype['name']; } $angeltyppe_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); } else { $user_text = User_Nick_render($user); $angeltyppe_select = $type['name']; } return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' – ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltyppe_select, "", false, null, in_array('user_shifts_admin', $privileges)); } else { return view_user_shifts(); } }
function admin_active() { global $tshirt_sizes, $shift_sum_formula; $msg = ""; $search = ""; $forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1"); $count = $forced_count; $limit = ""; $set_active = ""; if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } if (isset($_REQUEST['set_active'])) { $ok = true; if (isset($_REQUEST['count']) && preg_match("/^[0-9]+\$/", $_REQUEST['count'])) { $count = strip_request_item('count'); if ($count < $forced_count) { error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count)); redirect(page_link_to('admin_active')); } } else { $ok = false; $msg .= error(_("Please enter a number of angels to be marked as active."), true); } if ($ok) { $limit = " LIMIT " . $count; } if (isset($_REQUEST['ack'])) { sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0"); $users = sql_select("\n SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, {$shift_sum_formula} as `shift_length` \n FROM `User` \n LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` \n LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` \n WHERE `User`.`Gekommen` = 1 AND `User`.`force_active`=0 \n GROUP BY `User`.`UID` \n ORDER BY `force_active` DESC, `shift_length` DESC" . $limit); $user_nicks = array(); foreach ($users as $usr) { sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'"); $user_nicks[] = User_Nick_render($usr); } sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE"); engelsystem_log("These angels are active now: " . join(", ", $user_nicks)); $limit = ""; $msg = success(_("Marked angels."), true); } else { $set_active = '<a href="' . page_link_to('admin_active') . '&serach=' . $search . '">« ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&search=' . $search . '&count=' . $count . '&set_active&ack">' . _("apply") . '</a>'; } } if (isset($_REQUEST['active']) && preg_match("/^[0-9]+\$/", $_REQUEST['active'])) { $id = $_REQUEST['active']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " is active now."); $msg = success(_("Angel has been marked as active."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+\$/", $_REQUEST['not_active'])) { $id = $_REQUEST['not_active']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now."); $msg = success(_("Angel has been marked as not active."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+\$/", $_REQUEST['tshirt'])) { $id = $_REQUEST['tshirt']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now."); $msg = success(_("Angel has got a t-shirt."), true); } else { $msg = error("Angel not found.", true); } } elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+\$/", $_REQUEST['not_tshirt'])) { $id = $_REQUEST['not_tshirt']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt."); $msg = success(_("Angel has got no t-shirt."), true); } else { $msg = error(_("Angel not found."), true); } } $users = sql_select("\n SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, {$shift_sum_formula} as `shift_length` \n FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` \n LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` \n WHERE `User`.`Gekommen` = 1 \n GROUP BY `User`.`UID` \n ORDER BY `force_active` DESC, `shift_length` DESC" . $limit); $matched_users = array(); if ($search == "") { $tokens = array(); } else { $tokens = explode(" ", $search); } foreach ($users as &$usr) { if (count($tokens) > 0) { $match = false; $index = join("", $usr); foreach ($tokens as $t) { if (stristr($index, trim($t))) { $match = true; break; } } if (!$match) { continue; } } $usr['nick'] = User_Nick_render($usr); $usr['shirt_size'] = $tshirt_sizes[$usr['Size']]; $usr['work_time'] = round($usr['shift_length'] / 60) . ' min (' . round($usr['shift_length'] / 3600) . ' h)'; $usr['active'] = glyph_bool($usr['Aktiv'] == 1); $usr['force_active'] = glyph_bool($usr['force_active'] == 1); $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1); $actions = array(); if ($usr['Aktiv'] == 0) { $actions[] = '<a href="' . page_link_to('admin_active') . '&active=' . $usr['UID'] . '&search=' . $search . '">' . _("set active") . '</a>'; } if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) { $actions[] = '<a href="' . page_link_to('admin_active') . '&not_active=' . $usr['UID'] . '&search=' . $search . '">' . _("remove active") . '</a>'; $actions[] = '<a href="' . page_link_to('admin_active') . '&tshirt=' . $usr['UID'] . '&search=' . $search . '">' . _("got t-shirt") . '</a>'; } if ($usr['Tshirt'] == 1) { $actions[] = '<a href="' . page_link_to('admin_active') . '&not_tshirt=' . $usr['UID'] . '&search=' . $search . '">' . _("remove t-shirt") . '</a>'; } $usr['actions'] = join(' ', $actions); $matched_users[] = $usr; } $shirt_statistics = sql_select("\n SELECT `Size`, count(`Size`) AS `count`\n FROM `User`\n WHERE `Tshirt`=1\n GROUP BY `Size`\n ORDER BY `count` DESC"); $shirt_statistics[] = array('Size' => '<b>' . _("Sum") . '</b>', 'count' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>'); return page_with_title(admin_active_title(), array(form(array(form_text('search', _("Search angel:"), $search), form_submit('submit', _("Search")))), $set_active == "" ? form(array(form_text('count', _("How much angels should be active?"), $count), form_submit('set_active', _("Preview")))) : $set_active, msg(), table(array('nick' => _("Nickname"), 'shirt_size' => _("Size"), 'shift_count' => _("Shifts"), 'work_time' => _("Length"), 'active' => _("Active?"), 'force_active' => _("Forced"), 'tshirt' => _("T-shirt?"), 'actions' => ""), $matched_users), '<h2>' . _("Given shirts") . '</h2>', table(array('Size' => _("Size"), 'count' => _("Count")), $shirt_statistics))); }
function admin_shifts() { $ok = true; $rid = 0; $start = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d") . " 00:00")->getTimestamp(); $end = $start + 24 * 60 * 60; $mode = 'single'; $angelmode = 'manually'; $length = ''; $change_hours = array(); $title = ""; $shifttype_id = null; // Locations laden (auch unsichtbare - fuer Erzengel ist das ok) $rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $room_array = array(); foreach ($rooms as $room) { $room_array[$room['RID']] = $room['Name']; } // Engeltypen laden $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $needed_angel_types = array(); foreach ($types as $type) { $needed_angel_types[$type['id']] = 0; } // Load shift types $shifttypes_source = ShiftTypes(); if ($shifttypes_source === false) { engelsystem_error('Unable to load shift types.'); } $shifttypes = []; foreach ($shifttypes_source as $shifttype) { $shifttypes[$shifttype['id']] = $shifttype['name']; } if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) { if (isset($_REQUEST['shifttype_id'])) { $shifttype = ShiftType($_REQUEST['shifttype_id']); if ($shifttype === false) { engelsystem_error('Unable to load shift type.'); } if ($shifttype == null) { $ok = false; error(_('Please select a shift type.')); } else { $shifttype_id = $_REQUEST['shifttype_id']; } } else { $ok = false; error(_('Please select a shift type.')); } // Name/Bezeichnung der Schicht, darf leer sein $title = strip_request_item('title'); // Auswahl der sichtbaren Locations für die Schichten if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+\$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) { $rid = $_REQUEST['rid']; } else { $ok = false; $rid = $rooms[0]['RID']; error(_('Please select a location.')); } if (isset($_REQUEST['start']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))) { $start = $tmp->getTimestamp(); } else { $ok = false; error(_('Please select a start time.')); } if (isset($_REQUEST['end']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))) { $end = $tmp->getTimestamp(); } else { $ok = false; error(_('Please select an end time.')); } if ($start >= $end) { $ok = false; error(_('The shifts end has to be after its start.')); } if (isset($_REQUEST['mode'])) { if ($_REQUEST['mode'] == 'single') { $mode = 'single'; } elseif ($_REQUEST['mode'] == 'multi') { if (isset($_REQUEST['length']) && preg_match("/^[0-9]+\$/", trim($_REQUEST['length']))) { $mode = 'multi'; $length = trim($_REQUEST['length']); } else { $ok = false; error(_('Please enter a shift duration in minutes.')); } } elseif ($_REQUEST['mode'] == 'variable') { if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|\$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) { $mode = 'variable'; $change_hours = array_map('trim', explode(",", $_REQUEST['change_hours'])); } else { $ok = false; error(_('Please split the shift-change hours by colons.')); } } } else { $ok = false; error(_('Please select a mode.')); } if (isset($_REQUEST['angelmode'])) { if ($_REQUEST['angelmode'] == 'location') { $angelmode = 'location'; } elseif ($_REQUEST['angelmode'] == 'manually') { $angelmode = 'manually'; foreach ($types as $type) { if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+\$/", trim($_REQUEST['type_' . $type['id']]))) { $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]); } else { $ok = false; error(sprintf(_('Please check the needed angels for team %s.'), $type['name'])); } } if (array_sum($needed_angel_types) == 0) { $ok = false; error(_('There are 0 angels needed. Please enter the amounts of needed angels.')); } } else { $ok = false; error(_('Please select a mode for needed angels.')); } } else { $ok = false; error(_('Please select needed angels.')); } // Beim Zurück-Knopf das Formular zeigen if (isset($_REQUEST['back'])) { $ok = false; } // Alle Eingaben in Ordnung if ($ok) { if ($angelmode == 'location') { $needed_angel_types = array(); $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'"); foreach ($needed_angel_types_location as $type) { $needed_angel_types[$type['angel_type_id']] = $type['count']; } } $shifts = array(); if ($mode == 'single') { $shifts[] = array('start' => $start, 'end' => $end, 'RID' => $rid, 'title' => $title, 'shifttype_id' => $shifttype_id); } elseif ($mode == 'multi') { $shift_start = $start; do { $shift_end = $shift_start + $length * 60; if ($shift_end > $end) { $shift_end = $end; } if ($shift_start >= $shift_end) { break; } $shifts[] = array('start' => $shift_start, 'end' => $shift_end, 'RID' => $rid, 'title' => $title, 'shifttype_id' => $shifttype_id); $shift_start = $shift_end; } while ($shift_end < $end); } elseif ($mode == 'variable') { rsort($change_hours); $day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $start) . " 00:00")->getTimestamp(); $change_index = 0; // Ersten/nächsten passenden Schichtwechsel suchen foreach ($change_hours as $i => $change_hour) { if ($start < $day + $change_hour * 60 * 60) { $change_index = $i; } elseif ($start == $day + $change_hour * 60 * 60) { // Start trifft Schichtwechsel $change_index = ($i + count($change_hours) - 1) % count($change_hours); break; } else { break; } } $shift_start = $start; do { $day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00")->getTimestamp(); $shift_end = $day + $change_hours[$change_index] * 60 * 60; if ($shift_end > $end) { $shift_end = $end; } if ($shift_start >= $shift_end) { $shift_end += 24 * 60 * 60; } $shifts[] = array('start' => $shift_start, 'end' => $shift_end, 'RID' => $rid, 'title' => $title, 'shifttype_id' => $shifttype_id); $shift_start = $shift_end; $change_index = ($change_index + count($change_hours) - 1) % count($change_hours); } while ($shift_end < $end); } $shifts_table = array(); foreach ($shifts as $shift) { $shifts_table_entry = ['timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])), 'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''), 'needed_angels' => '']; foreach ($types as $type) { if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) { $shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />'; } } $shifts_table[] = $shifts_table_entry; } // Fürs Anlegen zwischenspeichern: $_SESSION['admin_shifts_shifts'] = $shifts; $_SESSION['admin_shifts_types'] = $needed_angel_types; $hidden_types = ""; foreach ($needed_angel_types as $type_id => $count) { $hidden_types .= form_hidden('type_' . $type_id, $count); } return page_with_title(_("Preview"), array(form(array($hidden_types, form_hidden('shifttype_id', $shifttype_id), form_hidden('title', $title), form_hidden('rid', $rid), form_hidden('start', date("Y-m-d H:i", $start)), form_hidden('end', date("Y-m-d H:i", $end)), form_hidden('mode', $mode), form_hidden('length', $length), form_hidden('change_hours', implode(', ', $change_hours)), form_hidden('angelmode', $angelmode), form_submit('back', _("back")), table(array('timeslot' => _('Time and location'), 'title' => _('Type and title'), 'needed_angels' => _('Needed angels')), $shifts_table), form_submit('submit', _("Save")))))); } } elseif (isset($_REQUEST['submit'])) { if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types'])) { redirect(page_link_to('admin_shifts')); } foreach ($_SESSION['admin_shifts_shifts'] as $shift) { $shift['URL'] = null; $shift['PSID'] = null; $shift_id = Shift_create($shift); if ($shift_id === false) { engelsystem_error('Unable to create shift.'); } engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); $needed_angel_types_info = array(); foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); if (count($angel_type_source) > 0) { sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'"); $needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count; } } } engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info)); success("Schichten angelegt."); redirect(page_link_to('admin_shifts')); } else { unset($_SESSION['admin_shifts_shifts']); unset($_SESSION['admin_shifts_types']); } if (!isset($_REQUEST['rid'])) { $_REQUEST['rid'] = null; } $room_select = html_select_key('rid', 'rid', $room_array, $_REQUEST['rid']); $angel_types = ""; foreach ($types as $type) { $angel_types .= form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]); } return page_with_title(admin_shifts_title(), array(msg(), form(array(form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_text('title', _("Title"), $title), form_select('rid', _("Room"), $room_array, $_REQUEST['rid']), '<div class="row">', '<div class="col-md-6">', form_text('start', _("Start"), date("Y-m-d H:i", $start)), form_text('end', _("End"), date("Y-m-d H:i", $end)), form_info(_("Mode"), ''), form_radio('mode', _("Create one shift"), $mode == 'single', 'single'), form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'), form_text('length', _("Length"), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'), form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'), form_text('change_hours', _("Shift change hours"), !empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'), '</div>', '<div class="col-md-6">', form_info(_("Needed angels"), ''), form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'), form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'), $angel_types, '</div>', '</div>', form_submit('preview', _("Preview")))))); }
function guest_register() { global $tshirt_sizes, $enable_tshirt_size, $default_theme; $msg = ""; $nick = ""; $lastname = ""; $prename = ""; $age = ""; $tel = ""; $dect = ""; $mobile = ""; $mail = ""; $email_shiftinfo = false; $jabber = ""; $hometown = ""; $comment = ""; $tshirt_size = ''; $password_hash = ""; $selected_angel_types = array(); $planned_arrival_date = null; $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angel_types = array(); foreach ($angel_types_source as $angel_type) { $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); if (!$angel_type['restricted']) { $selected_angel_types[] = $angel_type['id']; } } if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) { $nick = User_validate_Nick($_REQUEST['nick']); if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' LIMIT 1") > 0) { $ok = false; $msg .= error(sprintf(_("Your nick "%s" already exists."), $nick), true); } } else { $ok = false; $msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true); } if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { $mail = strip_request_item('mail'); if (!check_email($mail)) { $ok = false; $msg .= error(_("E-mail address is not correct."), true); } } else { $ok = false; $msg .= error(_("Please enter your e-mail."), true); } if (isset($_REQUEST['email_shiftinfo'])) { $email_shiftinfo = true; } if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { $jabber = strip_request_item('jabber'); if (!check_email($jabber)) { $ok = false; $msg .= error(_("Please check your jabber account information."), true); } } if ($enable_tshirt_size) { if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') { $tshirt_size = $_REQUEST['tshirt_size']; } else { $ok = false; $msg .= error(_("Please select your shirt size."), true); } } if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= MIN_PASSWORD_LENGTH) { if ($_REQUEST['password'] != $_REQUEST['password2']) { $ok = false; $msg .= error(_("Your passwords don't match."), true); } } else { $ok = false; $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), MIN_PASSWORD_LENGTH), true); } if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) { $planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp(); } else { $ok = false; $msg .= error(_("Please enter your planned date of arrival."), true); } $selected_angel_types = array(); foreach ($angel_types as $angel_type_id => $angel_type_name) { if (isset($_REQUEST['angel_types_' . $angel_type_id])) { $selected_angel_types[] = $angel_type_id; } } // Trivia if (isset($_REQUEST['lastname'])) { $lastname = strip_request_item('lastname'); } if (isset($_REQUEST['prename'])) { $prename = strip_request_item('prename'); } if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}\$/", $_REQUEST['age'])) { $age = strip_request_item('age'); } if (isset($_REQUEST['tel'])) { $tel = strip_request_item('tel'); } if (isset($_REQUEST['dect'])) { $dect = strip_request_item('dect'); } if (isset($_REQUEST['mobile'])) { $mobile = strip_request_item('mobile'); } if (isset($_REQUEST['hometown'])) { $hometown = strip_request_item('hometown'); } if (isset($_REQUEST['comment'])) { $comment = strip_request_item_nl('comment'); } if ($ok) { sql_query("\n INSERT INTO `User` SET \n `color`='" . sql_escape($default_theme) . "', \n `Nick`='" . sql_escape($nick) . "', \n `Vorname`='" . sql_escape($prename) . "', \n `Name`='" . sql_escape($lastname) . "', \n `Alter`='" . sql_escape($age) . "', \n `Telefon`='" . sql_escape($tel) . "', \n `DECT`='" . sql_escape($dect) . "', \n `Handy`='" . sql_escape($mobile) . "', \n `email`='" . sql_escape($mail) . "', \n `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", \n `jabber`='" . sql_escape($jabber) . "',\n `Size`='" . sql_escape($tshirt_size) . "', \n `Passwort`='" . sql_escape($password_hash) . "', \n `kommentar`='" . sql_escape($comment) . "', \n `Hometown`='" . sql_escape($hometown) . "', \n `CreateDate`=NOW(), \n `Sprache`='" . sql_escape($_SESSION["locale"]) . "',\n `arrival_date`=NULL,\n `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'"); // Assign user-group and set password $user_id = sql_id(); sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2"); set_password($user_id, $_REQUEST['password']); // Assign angel-types $user_angel_types_info = array(); foreach ($selected_angel_types as $selected_angel_type_id) { sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'"); $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; } engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info)); success(_("Angel registration successful!")); redirect('?'); } } return page_with_title(register_title(), array(_("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task sheduler."), $msg, msg(), form(array(div('row', array(div('col-md-6', array(div('row', array(div('col-sm-4', array(form_text('nick', _("Nick") . ' ' . entry_required(), $nick))), div('col-sm-8', array(form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo))))), div('row', array(div('col-sm-6', array(form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()))), div('col-sm-6', array($enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '')))), div('row', array(div('col-sm-6', array(form_password('password', _("Password") . ' ' . entry_required()))), div('col-sm-6', array(form_password('password2', _("Confirm password") . ' ' . entry_required()))))), form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types), form_info("", _("Restricted angel types need will be confirmed later by an archangel. You can change your selection in the options section.")))), div('col-md-6', array(div('row', array(div('col-sm-4', array(form_text('dect', _("DECT"), $dect))), div('col-sm-4', array(form_text('mobile', _("Mobile"), $mobile))), div('col-sm-4', array(form_text('tel', _("Phone"), $tel))))), form_text('jabber', _("Jabber"), $jabber), div('row', array(div('col-sm-6', array(form_text('prename', _("First name"), $prename))), div('col-sm-6', array(form_text('lastname', _("Last name"), $lastname))))), div('row', array(div('col-sm-3', array(form_text('age', _("Age"), $age))), div('col-sm-9', array(form_text('hometown', _("Hometown"), $hometown))))), form_info(entry_required() . ' = ' . _("Entry required!")))))), form_submit('submit', _("Register")))))); }
function user_resend_verification_token() { global $user, $privileges; $success = false; if (isset($_GET['uid'])) { $uid = $_GET['uid']; if (is_numeric($uid)) { $user = User($uid); if ($user != null && $user['user_account_approved'] == 0) { // found user entry, check verification bit set? and send email user_send_verification_email($user['email'], $user['mailaddress_verification_token']); success(_("Verification E-Mail was send again to your E-Mail address. If you still don't receive it, please check your spam folder and ask a Dispatcher.")); $success = true; } } } elseif (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) { $email = strip_request_item('email'); if (check_email($email)) { $user = User_by_email($email); if ($user != null && $user['user_account_approved'] == 0) { user_send_verification_email($user['email'], $user['mailaddress_verification_token']); success(_("Verification E-Mail was send again to your E-Mail address. If you still don't receive it, please check your spam folder and ask a Dispatcher.")); $success = true; } } } else { // show page to input E-Mail return User_request_verification_token_view(); } $admin_priv = in_array('admin_user', $privileges); if ($success == false) { // failure, couldn't find user or something went wrong error(_("Verification E-Mail Could not be send. Please ask a Dispatcher.")); } if ($admin_priv && $success == true && isset($user) && isset($user['UID'])) { redirect(user_link($user)); } else { redirect('?'); } }
/** * Edit or create shift type. */ function shifttype_edit_controller() { $shifttype_id = null; $name = ""; $angeltype_id = null; $description = ""; $angeltypes = AngelTypes(); if ($angeltypes === false) { engelsystem_error("Unable to load angel types."); } if (isset($_REQUEST['shifttype_id'])) { $shifttype = ShiftType($_REQUEST['shifttype_id']); if ($shifttype === false) { engelsystem_error('Unable to load shifttype.'); } if ($shifttype == null) { error(_('Shifttype not found.')); redirect(page_link_to('shifttypes')); } $shifttype_id = $shifttype['id']; $name = $shifttype['name']; $angeltype_id = $shifttype['angeltype_id']; $description = $shifttype['description']; } if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') { $name = strip_request_item('name'); } else { $ok = false; error(_('Please enter a name.')); } if (isset($_REQUEST['angeltype_id']) && preg_match("/^[0-9]+\$/", $_REQUEST['angeltype_id'])) { $angeltype_id = $_REQUEST['angeltype_id']; } else { $angeltype_id = null; } if (isset($_REQUEST['description'])) { $description = strip_request_item_nl('description'); } if ($ok) { if ($shifttype_id) { $result = ShiftType_update($shifttype_id, $name, $angeltype_id, $description); if ($result === false) { engelsystem_error('Unable to update shifttype.'); } engelsystem_log('Updated shifttype ' . $name); success(_('Updated shifttype.')); } else { $shifttype_id = ShiftType_create($name, $angeltype_id, $description); if ($shifttype_id === false) { engelsystem_error('Unable to create shifttype.'); } engelsystem_log('Created shifttype ' . $name); success(_('Created shifttype.')); } redirect(page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype_id); } } return [shifttypes_title(), ShiftType_edit_view($name, $angeltype_id, $angeltypes, $description, $shifttype_id)]; }
function guest_register() { global $default_theme, $genders; $msg = ""; $nick = ""; $lastname = ""; $prename = ""; $age = ""; $tel = ""; $mobile = ""; $mail = ""; $email_shiftinfo = false; $hometown = ""; $comment = ""; $password_hash = ""; $selected_angel_types = array(); $gender = "none"; $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angel_types = array(); foreach ($angel_types_source as $angel_type) { $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); if (!$angel_type['restricted']) { $selected_angel_types[] = $angel_type['id']; } } if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) { $nick = User_validate_Nick($_REQUEST['nick']); if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' LIMIT 1") > 0) { $ok = false; $msg .= error(sprintf(_("Your nick "%s" already exists."), $nick), true); } } else { $ok = false; $msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true); } if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { $mail = strip_request_item('mail'); if (!check_email($mail)) { $ok = false; $msg .= error(_("E-mail address is not correct."), true); } } else { $ok = false; $msg .= error(_("Please enter your e-mail."), true); } if (isset($_REQUEST['email_shiftinfo'])) { $email_shiftinfo = true; } if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= MIN_PASSWORD_LENGTH) { if ($_REQUEST['password'] != $_REQUEST['password2']) { $ok = false; $msg .= error(_("Your passwords don't match."), true); } } else { $ok = false; $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), MIN_PASSWORD_LENGTH), true); } $selected_angel_types = array(); foreach ($angel_types as $angel_type_id => $angel_type_name) { if (isset($_REQUEST['angel_types_' . $angel_type_id])) { $selected_angel_types[] = $angel_type_id; } } // Trivia if (isset($_REQUEST['lastname'])) { $lastname = strip_request_item('lastname'); } if (isset($_REQUEST['prename'])) { $prename = strip_request_item('prename'); } if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}\$/", $_REQUEST['age'])) { $age = strip_request_item('age'); } if (isset($_REQUEST['tel'])) { $tel = strip_request_item('tel'); } if (isset($_REQUEST['mobile'])) { $mobile = strip_request_item('mobile'); } if (isset($_REQUEST['hometown'])) { $hometown = strip_request_item('hometown'); } if (isset($_REQUEST['comment'])) { $comment = strip_request_item_nl('comment'); } if (isset($_REQUEST['gender']) && array_key_exists($_REQUEST['gender'], $genders)) { $gender = $_REQUEST['gender']; } if ($ok) { $confirmationToken = bin2hex(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)); $confirmationTokenUrl = page_link_to_absolute('user_activate_account') . '&token=' . $confirmationToken; sql_query("\n INSERT INTO `User` SET \n `color`='" . sql_escape($default_theme) . "', \n `Nick`='" . sql_escape($nick) . "', \n `Vorname`='" . sql_escape($prename) . "', \n `Name`='" . sql_escape($lastname) . "', \n `Alter`='" . sql_escape($age) . "', \n `gender`='" . sql_escape($gender) . "',\n `Telefon`='" . sql_escape($tel) . "', \n `Handy`='" . sql_escape($mobile) . "', \n `email`='" . sql_escape($mail) . "', \n `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ", \n `Passwort`='" . sql_escape($password_hash) . "', \n `kommentar`='" . sql_escape($comment) . "', \n `Hometown`='" . sql_escape($hometown) . "', \n `CreateDate`=NOW(), \n `Sprache`='" . sql_escape($_SESSION["locale"]) . "',\n `arrival_date`=NULL,\n `planned_arrival_date`= 0,\n `mailaddress_verification_token` = '" . sql_escape($confirmationToken) . "',\n `user_account_approved` = 0"); // Assign user-group and set password $user_id = sql_id(); sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2"); set_password($user_id, $_REQUEST['password']); // Assign angel-types $user_angel_types_info = array(); foreach ($selected_angel_types as $selected_angel_type_id) { sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'"); $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; } engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info)); engelsystem_email($mail, _('Please confirm your eMail-address'), sprintf(_('Hello %1$s! Thanks for signing up at Engelsystem. Please confirm your eMail-address by clicking the following link: %2$s'), $mail, $confirmationTokenUrl)); success(_("Angel registration successful! Please click the confirmation link in the eMail we sent you to activate your account.")); redirect('?'); } } return page_with_title(register_title(), array(_("By completing this form you're registering as an helper. Please enter a username/nick of your choice, your e-mail adress and your full name. Only your nick will be shown to other users."), $msg, msg(), form(array(div('row', array(div('col-md-6', array(div('row', array(div('col-sm-4', array(form_text('nick', _("Nick") . ' ' . entry_required(), $nick))), div('col-sm-8', array(form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), form_checkbox('email_shiftinfo', _("Please keep me informed by e-mail, e.g. if my shifts change"), $email_shiftinfo))), div('col-sm-4', array(form_text('prename', _("First name") . ' ' . entry_required(), $prename))), div('col-sm-4', array(form_text('lastname', _("Last name") . ' ' . entry_required(), $lastname))))), div('row', array(div('col-sm-6', array()), div('col-sm-6', array()))), div('row', array(div('col-sm-6', array(form_password('password', _("Password") . ' ' . entry_required()))), div('col-sm-6', array(form_password('password2', _("Confirm password") . ' ' . entry_required()))))))), div('col-md-6', array(div('row', array(div('col-sm-4', array(form_text('mobile', _("Mobile"), $mobile))), div('col-sm-4', array(form_text('tel', _("Phone"), $tel))))), div('row', array(div('col-sm-3', array(form_text('age', _("Age"), $age))), div('col-sm-6', array(form_text('comment', _("Additional Information(Language / Profession)"), $comment))))), form_info(entry_required() . ' = ' . _("Entry required!")))))), form_submit('submit', _("Register")))))); }
/** * User password recovery. * (By email) */ function user_password_recovery_controller() { if (isset($_REQUEST['token'])) { $user_source = User_by_password_recovery_token($_REQUEST['token']); if ($user_source === false) { engelsystem_error("Unable to load user."); } if ($user_source == null) { error(_("Token is not correct.")); redirect(page_link_to('login')); } if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= MIN_PASSWORD_LENGTH) { if ($_REQUEST['password'] != $_REQUEST['password2']) { $ok = false; error(_("Your passwords don't match.")); } } else { $ok = false; error(_("Your password is to short (please use at least 6 characters).")); } if ($ok) { $result = set_password($user_source['UID'], $_REQUEST['password']); if ($result === false) { engelsystem_error(_("Password could not be updated.")); } success(_("Password saved.")); redirect(page_link_to('login')); } } return User_password_set_view(); } else { if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) { $email = strip_request_item('email'); if (check_email($email)) { $user_source = User_by_email($email); if ($user_source === false) { engelsystem_error("Unable to load user."); } if ($user_source == null) { $ok = false; error(_("E-mail address is not correct.")); } } else { $ok = false; error(_("E-mail address is not correct.")); } } else { $ok = false; error(_("Please enter your e-mail.")); } if ($ok) { $token = User_generate_password_recovery_token($user_source); if ($token === false) { engelsystem_error("Unable to generate password recovery token."); } $result = engelsystem_email_to_user($user_source, _("Password recovery"), sprintf(_("Please visit %s to recover your password."), page_link_to_absolute('user_password_recovery') . '&token=' . $token)); if ($result === false) { engelsystem_error("Unable to send password recovery email."); } success(_("We sent an email containing your password recovery link.")); redirect(page_link_to('login')); } } return User_password_recovery_view(); } }
function admin_arrive() { $msg = ""; $search = ""; if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*\$/", $_REQUEST['reset'])) { $id = $_REQUEST['reset']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set to not arrived: " . User_Nick_render($user_source)); $msg = success(_("Reset done. Angel has not arrived."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*\$/", $_REQUEST['arrived'])) { $id = $_REQUEST['arrived']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set has arrived: " . User_Nick_render($user_source)); $msg = success(_("Angel has been marked as arrived."), true); } else { $msg = error(_("Angel not found."), true); } } $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`"); $arrival_count_at_day = array(); $table = ""; $users_matched = array(); if ($search == "") { $tokens = array(); } else { $tokens = explode(" ", $search); } foreach ($users as $usr) { if (count($tokens) > 0) { $match = false; $index = join(" ", $usr); foreach ($tokens as $t) { if (stristr($index, trim($t))) { $match = true; break; } } if (!$match) { continue; } } $usr['nick'] = User_Nick_render($usr); $usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>'; $day = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : date('Y-m-d', $usr['planned_arrival_date']); if (!isset($arrival_count_at_day[$day])) { $arrival_count_at_day[$day] = 0; } $arrival_count_at_day[$day]++; $users_matched[] = $usr; } ksort($arrival_count_at_day); $arrival_count = array(); $arrival_sums = array(); $arrival_sum = 0; foreach ($arrival_count_at_day as $day => $count) { $arrival_sum += $count; $arrival_sums[$day] = $arrival_sum; $arrival_count[] = array('day' => $day, 'count' => $count, 'sum' => $arrival_sum); } return page_with_title(admin_arrive_title(), array(msg(), form(array(form_text('search', _("Search"), $search), form_submit('submit', _("Search")))), table(array('nick' => _("Nickname"), 'rendered_planned_arrival_date' => _("Planned date"), 'arrived' => _("Arrived?"), 'rendered_arrival_date' => _("Arrival date"), 'actions' => ""), $users_matched), heading(_("Arrival statistics"), 2), '<canvas id="daily_arrives" style="width: 100%; height: 300px;"></canvas> <script type="text/javascript"> $(function(){ var ctx = $("#daily_arrives").get(0).getContext("2d"); var chart = new Chart(ctx).Bar(' . json_encode(array('labels' => array_keys($arrival_count_at_day), 'datasets' => array(array('label' => _("arrived"), 'fillColor' => "#444", 'data' => array_values($arrival_count_at_day)), array('label' => _("arrived sum"), 'fillColor' => "#888", 'data' => array_values($arrival_sums))))) . '); }); </script>', table(array('day' => _("Date"), 'count' => _("arrived"), 'sum' => _("arrived sum")), $arrival_count))); }
function admin_arrive() { $msg = ""; $search = ""; if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*\$/", $_REQUEST['reset'])) { $id = $_REQUEST['reset']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set to not arrived: " . User_Nick_render($user_source)); $msg = success(_("Reset done. Angel has not arrived."), true); } else { $msg = error(_("Angel not found."), true); } } elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*\$/", $_REQUEST['arrived'])) { $id = $_REQUEST['arrived']; $user_source = User($id); if ($user_source != null) { sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set has arrived: " . User_Nick_render($user_source)); $msg = success(_("Angel has been marked as arrived."), true); } else { $msg = error(_("Angel not found."), true); } } $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`"); $table = ""; $users_matched = array(); if ($search == "") { $tokens = array(); } else { $tokens = explode(" ", $search); } foreach ($users as $usr) { if (count($tokens) > 0) { $match = false; $index = join(" ", $usr); foreach ($tokens as $t) { if (stristr($index, trim($t))) { $match = true; break; } } if (!$match) { continue; } } $table .= '<tr>'; $table .= '<td>' . User_Nick_render($usr) . '</td>'; $usr['nick'] = User_Nick_render($usr); $usr['planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']); $usr['arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>'; if ($usr['Gekommen'] == 1) { $table .= '<td>yes</td><td><a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">reset</a></td>'; } else { $table .= '<td></td><td><a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">arrived</a></td>'; } $table .= '</tr>'; $users_matched[] = $usr; } return page_with_title(admin_arrive_title(), array(msg(), form(array(form_text('search', _("Search"), $search), form_submit('submit', _("Search")))), table(array('nick' => _("Nickname"), 'planned_arrival_date' => _("Planned date"), 'arrived' => _("Arrived?"), 'arrival_date' => _("Arrival date"), 'actions' => ""), $users_matched))); }
function admin_rooms() { global $user; global $user, $enable_frab_import; $rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $rooms = array(); foreach ($rooms_source as $room) { $rooms[] = array('name' => $room['Name'], 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', 'public' => $room['show'] == 'Y' ? '✓' : '', 'actions' => buttons(array(button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs')))); } if (isset($_REQUEST['show'])) { $msg = ""; $name = ""; $location = ""; $lat = ""; $long = ""; $from_pentabarf = ""; $public = 'Y'; $number = ""; $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angeltypes = array(); $angeltypes_count = array(); foreach ($angeltypes_source as $angeltype) { $angeltypes[$angeltype['id']] = $angeltype['name']; $angeltypes_count[$angeltype['id']] = 0; } if (test_request_int('id')) { $room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'"); if (count($room) > 0) { $id = $_REQUEST['id']; $name = $room[0]['Name']; $location = $room[0]['Location']; $lat = $room[0]['Lat']; $long = $room[0]['Long']; $from_pentabarf = $room[0]['FromPentabarf']; $public = $room[0]['show']; $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); foreach ($needed_angeltypes as $needed_angeltype) { $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; } } else { redirect(page_link_to('admin_rooms')); } } if ($_REQUEST['show'] == 'edit') { if (isset($_REQUEST['submit'])) { $ok = true; if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { $name = strip_request_item('name'); } else { $ok = false; $msg .= error(_("Please enter a name."), true); } if (isset($_REQUEST['location']) && strlen(strip_request_item('location')) > 0) { $location = strip_request_item('location'); } else { $ok = false; $msg .= error(_("Please enter a location.")); } if (isset($_REQUEST['Lat']) && isset($_REQUEST['Long'])) { $lat = $_REQUEST['Lat']; $long = $_REQUEST['Long']; } else { $ok = false; $msg .= error(_("Please enter a location - no lat long values found.")); } $from_pentabarf = isset($_REQUEST['from_pentabarf']) ? 'Y' : ''; $public = isset($_REQUEST['public']) ? 'Y' : ''; if (isset($_REQUEST['number'])) { $number = strip_request_item('number'); } else { $ok = false; } foreach ($angeltypes as $angeltype_id => $angeltype) { if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}\$/", $_REQUEST['angeltype_count_' . $angeltype_id])) { $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; } else { $ok = false; $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true); } } if ($ok) { if (isset($id)) { sql_query(sprintf("UPDATE `Room` SET `Name`='%s', `FromPentabarf`='%s', `show`='%s', `Number`='%s', `location` = '%s', `lat` = '%s', `long` = '%s' WHERE `RID`='%s' LIMIT 1", sql_escape($name), sql_escape($from_pentabarf), sql_escape($public), sql_escape($number), sql_escape($location), sql_escape($lat), sql_escape($long), sql_escape($id))); engelsystem_log("Location updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } else { $id = Room_create($name, $from_pentabarf, $public, $location, $lat, $long); if ($id === false) { engelsystem_error("Unable to create location."); } engelsystem_log("Location created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); $needed_angeltype_info = array(); foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { $angeltype = AngelType($angeltype_id); if ($angeltype === false) { engelsystem_error("Unable to load angeltype."); } if ($angeltype != null) { sql_query(sprintf("INSERT INTO `NeededAngelTypes` SET `room_id`='%s', `angel_type_id`='%s', `count`='%s'", sql_escape($id), sql_escape($angeltype_id), sql_escape($angeltype_count))); $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; } } engelsystem_log("Set needed angeltypes of location " . $name . " to: " . join(", ", $needed_angeltype_info)); success(_("Location saved.")); redirect(page_link_to("admin_rooms")); } } $angeltypes_count_form = array(); foreach ($angeltypes as $angeltype_id => $angeltype) { $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]))); } $form_elements = []; $form_elements[] = form_text('name', _("Name"), $name); $form_elements[] = form_text('location', _("Location"), $location); $form_elements[] = form_text('Lat', _("Latitude"), $lat, false, false); $form_elements[] = form_text('Long', _("Longitude"), $long, false, false); if ($enable_frab_import) { $form_elements[] = form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf); } $form_elements[] = form_checkbox('public', _("Public"), $public); $form_elements[] = form_text('number', _("Room number"), $number); return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), $msg, form(array(div('row', array(div('col-md-6', $form_elements), div('col-md-6', array(div('row', array(div('col-md-12', array(form_info(_("Needed angels:")))), join($angeltypes_count_form))))), script("\n jQuery(function (\$) {\n var input = \$(\"input[id='form_location']\");\n var inputElement = document.getElementById(input.attr('id'));\n var searchBox = new google.maps.places.SearchBox(inputElement);\n searchBox.addListener('places_changed', function() {\n var places = searchBox.getPlaces();\n if (places.length == 0) {\n return;\n }\n\n var place = places.pop();\n var lat = place.geometry.location.lat();\n var long = place.geometry.location.lng();\n\n \$(\"input[id='form_lat']\").val(lat);\n \$(\"input[id='form_long']\").val(long);\n });\n\n // suppress form submit on enter\n input.keypress(function (event) {\n if (event.keyCode === 13) {\n return false;\n }\n });\n });\n "))), form_submit('submit', _("Save")))))); } elseif ($_REQUEST['show'] == 'delete') { if (isset($_REQUEST['ack'])) { sql_query("DELETE FROM `Room` WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Location deleted: " . $name); success(sprintf(_("Location %s deleted."), $name)); redirect(page_link_to('admin_rooms')); } return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), sprintf(_("Do you want to delete location %s?"), $name), buttons(array(button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete'))))); } } $table_columns = array('name' => _("Name"), 'from_pentabarf' => _("Frab import"), 'public' => _("Public"), 'actions' => ""); if (!$enable_frab_import) { unset($table_columns['from_pentabarf']); } return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms') . '&show=edit', _("add")))), msg(), table($table_columns, $rooms))); }