function ShiftTypes_list_view($shifttypes)
{
foreach ($shifttypes as &$shifttype) {
$shifttype['name'] = '<a href="' . page_link_to('shifttypes') . '&action=view&shifttype_id=' . $shifttype['id'] . '">' . $shifttype['name'] . '</a>';
$shifttype['actions'] = table_buttons([button(page_link_to('shifttypes') . '&action=edit&shifttype_id=' . $shifttype['id'], _('edit'), 'btn-xs'), button(page_link_to('shifttypes') . '&action=delete&shifttype_id=' . $shifttype['id'], _('delete'), 'btn-xs')]);
}
return page_with_title(shifttypes_title(), [msg(), buttons([button(page_link_to('shifttypes') . '&action=edit', _('New shifttype'), 'add')]), table(['name' => _('Name'), 'actions' => ''], $shifttypes)]);
}
/**
* Display form for adding/editing a shift entry.
* @param string $angel
* @param string $date
* @param string $location
* @param string $title
* @param string $type
* @param string $comment
*
* @return string
*/
function ShiftEntry_edit_view($angel, $date, $location, $title, $type, $comment, $freeloaded, $freeload_comment, $user_admin_shifts = false)
{
if ($user_admin_shifts) {
$freeload_form = array(form_checkbox('freeloaded', _("Freeloaded"), $freeloaded), form_textarea('freeload_comment', _("Freeload comment (Only for shift coordination):"), $freeload_comment));
} else {
$freeload_form = array();
}
return page_with_title(_("Edit shift entry"), array(form(array(form_info(_("Angel:"), $angel), form_info(_("Date, Duration:"), $date), form_info(_("Location:"), $location), form_info(_("Title:"), $title), form_info(_("Type:"), $type), form_textarea('comment', _("Comment (for your eyes only):"), $comment), join("", $freeload_form), form_submit('submit', _("Save"))))));
}
function Questions_view($open_questions, $answered_questions, $ask_action)
{
foreach ($open_questions as &$question) {
$question['actions'] = '<a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">' . _("delete") . '</a>';
$question['Question'] = str_replace("\n", '<br />', $question['Question']);
}
foreach ($answered_questions as &$question) {
$question['Question'] = str_replace("\n", '<br />', $question['Question']);
$question['Answer'] = str_replace("\n", '<br />', $question['Answer']);
$question['actions'] = '<a href="' . page_link_to("user_questions") . '&action=delete&id=' . $question['QID'] . '">' . _("delete") . '</a>';
}
return page_with_title(questions_title(), array(msg(), '<h2>' . _("Open questions") . '</h2>', table(array('Question' => _("Question"), 'actions' => ""), $open_questions), '<h2>' . _("Answered questions") . '</h2>', table(array('Question' => _("Question"), 'answer_user' => _("Answered by"), 'Answer' => _("Answer"), 'actions' => ""), $answered_questions), '<h2>' . _("Ask an archangel") . '</h2>', form(array(form_textarea('question', _("Your Question:"), ""), form_submit('submit', _("Save"))), $ask_action)));
}
function admin_log()
{
if (isset($_POST['keyword'])) {
$filter = $_POST['keyword'];
$log_entries_source = LogEntries_filter($_POST['keyword']);
} else {
$filter = "";
$log_entries_source = LogEntries();
}
$log_entries = array();
foreach ($log_entries_source as $log_entry) {
$log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']);
$log_entries[] = $log_entry;
}
return page_with_title(admin_log_title(), array(msg(), form(array(form_text('keyword', _("Search"), $filter), form_submit(_("Search"), "Go"))), table(array('date' => "Time", 'nick' => "Angel", 'message' => "Log Entry"), $log_entries)));
}
function admin_free()
{
global $privileges;
$search = "";
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
$angeltypesearch = "";
if (empty($_REQUEST['angeltype'])) {
$_REQUEST['angeltype'] = '';
} else {
$angeltypesearch = " INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '" . sql_escape($_REQUEST['angeltype']) . "' AND `UserAngelTypes`.`user_id` = `User`.`UID`";
if (isset($_REQUEST['confirmed_only'])) {
$angeltypesearch .= " AND `UserAngelTypes`.`confirm_user_id`";
}
$angeltypesearch .= ") ";
}
$angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`");
$angel_types = array('' => 'alle Typen');
foreach ($angel_types_source as $angel_type) {
$angel_types[$angel_type['id']] = $angel_type['name'];
}
$users = sql_select("\n SELECT `User`.* \n FROM `User` \n {$angeltypesearch} \n LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` \n LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "') \n WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL \n GROUP BY `User`.`UID` \n ORDER BY `Nick`");
$free_users_table = array();
if ($search == "") {
$tokens = array();
} else {
$tokens = explode(" ", $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join("", $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
}
if (!$match) {
continue;
}
}
$free_users_table[] = array('name' => User_Nick_render($usr), 'shift_state' => User_shift_state_render($usr), 'handy' => $usr['Handy'], 'telefon' => $usr['Telefon'], 'email' => $usr['email'], 'kommentar' => $usr['kommentar'], 'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _("edit"), 'btn-xs') : '');
}
return page_with_title(admin_free_title(), array(form(array(div('row', array(div('col-md-4', array(form_text('search', _("Search"), $search))), div('col-md-4', array(form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']))), div('col-md-2', array(form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])))), div('col-md-2', array(form_submit('submit', _("Search")))))))), table(array('name' => _("Nick"), 'shift_state' => '', 'handy' => _("Mobile"), 'telefon' => _("Phone"), 'email' => _("E-Mail"), 'kommentar' => _("add. Info"), 'actions' => ''), $free_users_table)));
}
function user_questions()
{
global $user;
if (!isset($_REQUEST['action'])) {
$open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
foreach ($answered_questions as &$question) {
$answer_user_source = User($question['AID']);
if ($answer_user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$question['answer_user'] = User_Nick_render($answer_user_source);
}
return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask');
} else {
switch ($_REQUEST['action']) {
case 'ask':
$question = strip_request_item_nl('question');
if ($question != "") {
$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
if ($result === false) {
engelsystem_error(_("Unable to save question."));
}
success(_("You question was saved."));
redirect(page_link_to("user_questions"));
} else {
return page_with_title(questions_title(), array(error(_("Please enter a question!"), true)));
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error(_("Incomplete call, missing Question ID."), true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_questions"));
} else {
return page_with_title(questions_title(), array(error(_("No question found."), true)));
}
break;
}
}
}
function Shift_view($shift, $shifttype, $room, $shift_admin, $angeltypes_source, $user_shift_admin, $admin_rooms, $admin_shifttypes, $user_shifts, $signed_up)
{
$parsedown = new Parsedown();
$angeltypes = [];
foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype;
}
$needed_angels = '';
foreach ($shift['NeedAngels'] as $needed_angeltype) {
$class = 'progress-bar-warning';
if ($needed_angeltype['taken'] == 0) {
$class = 'progress-bar-danger';
}
if ($needed_angeltype['taken'] >= $needed_angeltype['count']) {
$class = 'progress-bar-success';
}
$needed_angels .= '<div class="list-group-item">';
$needed_angels .= '<div class="pull-right">' . Shift_signup_button_render($shift, $angeltypes[$needed_angeltype['TID']]) . '</div>';
$needed_angels .= '<h3>' . AngelType_name_render($angeltypes[$needed_angeltype['TID']]) . '</h3>';
$needed_angels .= progress_bar(0, $needed_angeltype['count'], min($needed_angeltype['taken'], $needed_angeltype['count']), $class, $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']);
$angels = [];
foreach ($shift['ShiftEntry'] as $shift_entry) {
if ($shift_entry['TID'] == $needed_angeltype['TID']) {
$entry = User_Nick_render(User($shift_entry['UID']));
if ($shift_entry['freeloaded']) {
$entry = '<strike>' . $entry . '</strike>';
}
if ($user_shift_admin) {
$entry .= ' <div class="btn-group">';
$entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs');
$entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
$entry .= '</div>';
}
$angels[] = $entry;
}
}
$needed_angels .= join(', ', $angels);
$needed_angels .= '</div>';
}
$shiftManagers = getShiftManagers($shift['SID']);
return page_with_title($shift['name'] . ' <small class="moment-countdown" data-timestamp="' . $shift['start'] . '">%c</small>', [msg(), Shift_collides($shift, $user_shifts) ? info(_('This shift collides with one of your shifts.'), true) : '', $signed_up ? info(_('You are signed up for this shift.'), true) : '', $shift_admin || $admin_shifttypes || $admin_rooms ? buttons([$shift_admin ? button(shift_edit_link($shift), glyph('pencil') . _('edit')) : '', $shift_admin ? button(shift_delete_link($shift), glyph('trash') . _('delete')) : '', $admin_shifttypes ? button(shifttype_link($shifttype), $shifttype['name']) : '', $admin_rooms ? button(room_link($room), glyph('map-marker') . $room['Name']) : '']) : '', div('row', [div('col-sm-3 col-xs-6', ['<h4>' . _('Title') . '</h4>', '<p class="lead">' . ($shift['URL'] != '' ? '<a href="' . $shift['URL'] . '">' . $shift['title'] . '</a>' : $shift['title']) . '</p>']), div('col-sm-3 col-xs-6', ['<h4>' . _('Start') . '</h4>', '<p class="lead' . (time() >= $shift['start'] ? ' text-success' : '') . '">', glyph('calendar') . date('Y-m-d', $shift['start']), '<br />', glyph('time') . date('H:i', $shift['start']), '</p>']), div('col-sm-3 col-xs-6', ['<h4>' . _('End') . '</h4>', '<p class="lead' . (time() >= $shift['end'] ? ' text-success' : '') . '">', glyph('calendar') . date('Y-m-d', $shift['end']), '<br />', glyph('time') . date('H:i', $shift['end']), '</p>']), div('col-sm-3 col-xs-6', ['<h4>' . _('Location') . '</h4>', '<p class="lead">' . glyph('map-marker') . $room['Name'] . '</p>'])]), div('row', [div('col-sm-6', ['<h2>' . _('Needed angels') . '</h2>', '<div class="list-group">' . $needed_angels . '</div>']), div('col-sm-6', [!empty($shiftManagers) ? '<h2>' . _('Shift Manager') . '</h2>' : '', !empty($shiftManagers) ? implode('<br>', array_map(function ($manager) {
return $manager['Vorname'] . ' ' . $manager['Name'];
}, $shiftManagers)) : '', '<h2>' . _('Description') . '</h2>', $parsedown->parse($shifttype['description'])])]), $shift_admin ? Shift_editor_info_render($shift) : '']);
}
/**
* Edit a user's driving license information.
* @param User $user_source
* @param bool $wants_to_drive
* @param bool $has_car
* @param bool $has_license_car
* @param bool $has_license_3_5t_transporter
* @param bool $has_license_7_5t_truck
* @param bool $has_license_12_5t_truck
* @param bool $has_license_forklift
*/
function UserDriverLicense_edit_view($user_source, $wants_to_drive, $has_car, $has_license_car, $has_license_3_5t_transporter, $has_license_7_5t_truck, $has_license_12_5t_truck, $has_license_forklift)
{
return page_with_title(sprintf(_("Edit %s driving license information"), User_Nick_render($user_source)), [buttons([button(user_link($user_source), _("Back to profile"), 'back')]), msg(), form([form_info(_("Privacy"), _("Your driving license information is only visible for coordinators and admins.")), form_checkbox('wants_to_drive', _("I am willing to operate cars for the PL"), $wants_to_drive), div('panel panel-default', [div('panel-body', [form_checkbox('has_car', _("I have my own car with me and am willing to use it for the PL (You'll get reimbursed for fuel)"), $has_car), heading(_("Driver license"), 3), form_checkbox('has_license_car', _("Car"), $has_license_car), form_checkbox('has_license_3_5t_transporter', _("Transporter 3,5t"), $has_license_3_5t_transporter), form_checkbox('has_license_7_5t_truck', _("Truck 7,5t"), $has_license_7_5t_truck), form_checkbox('has_license_12_5t_truck', _("Truck 12,5t"), $has_license_12_5t_truck), form_checkbox('has_license_forklift', _("Forklift"), $has_license_forklift)])], 'driving_license'), form_submit('submit', _("Save"))]), '<script type="text/javascript">
$(function() {
if($("#wants_to_drive").is(":checked"))
$("#driving_license").show();
else
$("#driving_license").hide();
$("#wants_to_drive").click(
function(e) {
if($("#wants_to_drive").is(":checked"))
$("#driving_license").show();
else
$("#driving_license").hide();
}
);
});
</script>']);
}
function admin_shifts()
{
$ok = true;
$rid = 0;
$start = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d") . " 00:00")->getTimestamp();
$end = $start + 24 * 60 * 60;
$mode = 'single';
$angelmode = 'manually';
$length = '';
$change_hours = array();
$title = "";
$shifttype_id = null;
// Locations laden (auch unsichtbare - fuer Erzengel ist das ok)
$rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$room_array = array();
foreach ($rooms as $room) {
$room_array[$room['RID']] = $room['Name'];
}
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$needed_angel_types = array();
foreach ($types as $type) {
$needed_angel_types[$type['id']] = 0;
}
// Load shift types
$shifttypes_source = ShiftTypes();
if ($shifttypes_source === false) {
engelsystem_error('Unable to load shift types.');
}
$shifttypes = [];
foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
if (isset($_REQUEST['shifttype_id'])) {
$shifttype = ShiftType($_REQUEST['shifttype_id']);
if ($shifttype === false) {
engelsystem_error('Unable to load shift type.');
}
if ($shifttype == null) {
$ok = false;
error(_('Please select a shift type.'));
} else {
$shifttype_id = $_REQUEST['shifttype_id'];
}
} else {
$ok = false;
error(_('Please select a shift type.'));
}
// Name/Bezeichnung der Schicht, darf leer sein
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+\$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
$rid = $_REQUEST['rid'];
} else {
$ok = false;
$rid = $rooms[0]['RID'];
error(_('Please select a location.'));
}
if (isset($_REQUEST['start']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))) {
$start = $tmp->getTimestamp();
} else {
$ok = false;
error(_('Please select a start time.'));
}
if (isset($_REQUEST['end']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))) {
$end = $tmp->getTimestamp();
} else {
$ok = false;
error(_('Please select an end time.'));
}
if ($start >= $end) {
$ok = false;
error(_('The shifts end has to be after its start.'));
}
if (isset($_REQUEST['mode'])) {
if ($_REQUEST['mode'] == 'single') {
$mode = 'single';
} elseif ($_REQUEST['mode'] == 'multi') {
if (isset($_REQUEST['length']) && preg_match("/^[0-9]+\$/", trim($_REQUEST['length']))) {
$mode = 'multi';
$length = trim($_REQUEST['length']);
} else {
$ok = false;
error(_('Please enter a shift duration in minutes.'));
}
} elseif ($_REQUEST['mode'] == 'variable') {
if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|\$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) {
$mode = 'variable';
$change_hours = array_map('trim', explode(",", $_REQUEST['change_hours']));
} else {
$ok = false;
error(_('Please split the shift-change hours by colons.'));
}
}
} else {
$ok = false;
error(_('Please select a mode.'));
}
if (isset($_REQUEST['angelmode'])) {
if ($_REQUEST['angelmode'] == 'location') {
$angelmode = 'location';
} elseif ($_REQUEST['angelmode'] == 'manually') {
$angelmode = 'manually';
foreach ($types as $type) {
if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+\$/", trim($_REQUEST['type_' . $type['id']]))) {
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
} else {
$ok = false;
error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
}
}
if (array_sum($needed_angel_types) == 0) {
$ok = false;
error(_('There are 0 angels needed. Please enter the amounts of needed angels.'));
}
} else {
$ok = false;
error(_('Please select a mode for needed angels.'));
}
} else {
$ok = false;
error(_('Please select needed angels.'));
}
// Beim Zurück-Knopf das Formular zeigen
if (isset($_REQUEST['back'])) {
$ok = false;
}
// Alle Eingaben in Ordnung
if ($ok) {
if ($angelmode == 'location') {
$needed_angel_types = array();
$needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
foreach ($needed_angel_types_location as $type) {
$needed_angel_types[$type['angel_type_id']] = $type['count'];
}
}
$shifts = array();
if ($mode == 'single') {
$shifts[] = array('start' => $start, 'end' => $end, 'RID' => $rid, 'title' => $title, 'shifttype_id' => $shifttype_id);
} elseif ($mode == 'multi') {
$shift_start = $start;
do {
$shift_end = $shift_start + $length * 60;
if ($shift_end > $end) {
$shift_end = $end;
}
if ($shift_start >= $shift_end) {
break;
}
$shifts[] = array('start' => $shift_start, 'end' => $shift_end, 'RID' => $rid, 'title' => $title, 'shifttype_id' => $shifttype_id);
$shift_start = $shift_end;
} while ($shift_end < $end);
} elseif ($mode == 'variable') {
rsort($change_hours);
$day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $start) . " 00:00")->getTimestamp();
$change_index = 0;
// Ersten/nächsten passenden Schichtwechsel suchen
foreach ($change_hours as $i => $change_hour) {
if ($start < $day + $change_hour * 60 * 60) {
$change_index = $i;
} elseif ($start == $day + $change_hour * 60 * 60) {
// Start trifft Schichtwechsel
$change_index = ($i + count($change_hours) - 1) % count($change_hours);
break;
} else {
break;
}
}
$shift_start = $start;
do {
$day = DateTime::createFromFormat("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00")->getTimestamp();
$shift_end = $day + $change_hours[$change_index] * 60 * 60;
if ($shift_end > $end) {
$shift_end = $end;
}
if ($shift_start >= $shift_end) {
$shift_end += 24 * 60 * 60;
}
$shifts[] = array('start' => $shift_start, 'end' => $shift_end, 'RID' => $rid, 'title' => $title, 'shifttype_id' => $shifttype_id);
$shift_start = $shift_end;
$change_index = ($change_index + count($change_hours) - 1) % count($change_hours);
} while ($shift_end < $end);
}
$shifts_table = array();
foreach ($shifts as $shift) {
$shifts_table_entry = ['timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])), 'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''), 'needed_angels' => ''];
foreach ($types as $type) {
if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) {
$shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />';
}
}
$shifts_table[] = $shifts_table_entry;
}
// Fürs Anlegen zwischenspeichern:
$_SESSION['admin_shifts_shifts'] = $shifts;
$_SESSION['admin_shifts_types'] = $needed_angel_types;
$hidden_types = "";
foreach ($needed_angel_types as $type_id => $count) {
$hidden_types .= form_hidden('type_' . $type_id, $count);
}
return page_with_title(_("Preview"), array(form(array($hidden_types, form_hidden('shifttype_id', $shifttype_id), form_hidden('title', $title), form_hidden('rid', $rid), form_hidden('start', date("Y-m-d H:i", $start)), form_hidden('end', date("Y-m-d H:i", $end)), form_hidden('mode', $mode), form_hidden('length', $length), form_hidden('change_hours', implode(', ', $change_hours)), form_hidden('angelmode', $angelmode), form_submit('back', _("back")), table(array('timeslot' => _('Time and location'), 'title' => _('Type and title'), 'needed_angels' => _('Needed angels')), $shifts_table), form_submit('submit', _("Save"))))));
}
} elseif (isset($_REQUEST['submit'])) {
if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types'])) {
redirect(page_link_to('admin_shifts'));
}
foreach ($_SESSION['admin_shifts_shifts'] as $shift) {
$shift['URL'] = null;
$shift['PSID'] = null;
$shift_id = Shift_create($shift);
if ($shift_id === false) {
engelsystem_error('Unable to create shift.');
}
engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
$needed_angel_types_info = array();
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
if (count($angel_type_source) > 0) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
$needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count;
}
}
}
engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info));
success("Schichten angelegt.");
redirect(page_link_to('admin_shifts'));
} else {
unset($_SESSION['admin_shifts_shifts']);
unset($_SESSION['admin_shifts_types']);
}
if (!isset($_REQUEST['rid'])) {
$_REQUEST['rid'] = null;
}
$room_select = html_select_key('rid', 'rid', $room_array, $_REQUEST['rid']);
$angel_types = "";
foreach ($types as $type) {
$angel_types .= form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]);
}
return page_with_title(admin_shifts_title(), array(msg(), form(array(form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_text('title', _("Title"), $title), form_select('rid', _("Room"), $room_array, $_REQUEST['rid']), '<div class="row">', '<div class="col-md-6">', form_text('start', _("Start"), date("Y-m-d H:i", $start)), form_text('end', _("End"), date("Y-m-d H:i", $end)), form_info(_("Mode"), ''), form_radio('mode', _("Create one shift"), $mode == 'single', 'single'), form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'), form_text('length', _("Length"), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'), form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'), form_text('change_hours', _("Shift change hours"), !empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'), '</div>', '<div class="col-md-6">', form_info(_("Needed angels"), ''), form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'), form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'), $angel_types, '</div>', '</div>', form_submit('preview', _("Preview"))))));
}
function admin_rooms()
{
global $user;
$rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = array();
foreach ($rooms_source as $room) {
$rooms[] = array('name' => $room['Name'], 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', 'public' => $room['show'] == 'Y' ? '✓' : '', 'actions' => buttons(array(button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs'))));
}
$room = null;
if (isset($_REQUEST['show'])) {
$msg = "";
$name = "";
$from_pentabarf = "";
$public = 'Y';
$number = "";
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes = array();
$angeltypes_count = array();
foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype['name'];
$angeltypes_count[$angeltype['id']] = 0;
}
if (test_request_int('id')) {
$room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'");
if (count($room) > 0) {
$id = $_REQUEST['id'];
$name = $room[0]['Name'];
$from_pentabarf = $room[0]['FromPentabarf'];
$public = $room[0]['show'];
$number = $room[0]['Number'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
foreach ($needed_angeltypes as $needed_angeltype) {
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
}
} else {
redirect(page_link_to('admin_rooms'));
}
}
if ($_REQUEST['show'] == 'edit') {
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
$name = strip_request_item('name');
if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($id)) > 0) {
$ok = false;
$msg .= error(_("This name is already in use."), true);
}
} else {
$ok = false;
$msg .= error(_("Please enter a name."), true);
}
if (isset($_REQUEST['from_pentabarf'])) {
$from_pentabarf = 'Y';
} else {
$from_pentabarf = '';
}
if (isset($_REQUEST['public'])) {
$public = 'Y';
} else {
$public = '';
}
if (isset($_REQUEST['number'])) {
$number = strip_request_item('number');
} else {
$ok = false;
}
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}\$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
} else {
$ok = false;
$msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
}
}
if ($ok) {
if (isset($id)) {
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
} else {
$id = Room_create($name, $from_pentabarf, $public, $number);
if ($id === false) {
engelsystem_error("Unable to create room.");
}
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
}
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
$needed_angeltype_info = array();
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
$angeltype = AngelType($angeltype_id);
if ($angeltype === false) {
engelsystem_error("Unable to load angeltype.");
}
if ($angeltype != null) {
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
}
}
engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info));
success(_("Room saved."));
redirect(page_link_to("admin_rooms"));
}
}
$angeltypes_count_form = array();
foreach ($angeltypes as $angeltype_id => $angeltype) {
$angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id])));
}
return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), $msg, form(array(div('row', array(div('col-md-6', array(form_text('name', _("Name"), $name), form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), form_checkbox('public', _("Public"), $public), form_text('number', _("Room number"), $number))), div('col-md-6', array(div('row', array(div('col-md-12', array(form_info(_("Needed angels:")))), join($angeltypes_count_form))))))), form_submit('submit', _("Save"))))));
} elseif ($_REQUEST['show'] == 'delete') {
if (isset($_REQUEST['ack'])) {
if (!Room_delete($id)) {
engelsystem_error("Unable to delete room.");
}
engelsystem_log("Room deleted: " . $name);
success(sprintf(_("Room %s deleted."), $name));
redirect(page_link_to('admin_rooms'));
}
return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), sprintf(_("Do you want to delete room %s?"), $name), buttons(array(button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete')))));
}
}
return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms') . '&show=edit', _("add")))), msg(), table(array('name' => _("Name"), 'from_pentabarf' => _("Frab import"), 'public' => _("Public"), 'actions' => ""), $rooms)));
}
function admin_user()
{
global $user, $privileges, $tshirt_sizes, $privileges;
$html = '';
if (!isset($_REQUEST['id'])) {
redirect(users_link());
}
$id = $_REQUEST['id'];
if (!isset($_REQUEST['action'])) {
$user_source = User($id);
if ($user_source === false) {
engelsystem_error('Unable to load user.');
}
if ($user_source == null) {
error(_('This user does not exist.'));
redirect(users_link());
}
$html .= "Hallo,<br />" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
$html .= "<form class=\"admin-user-form\" action=\"" . page_link_to("admin_user") . "&action=save&id={$id}\" method=\"post\">\n";
$html .= "<table border=\"0\">\n";
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
$SQL = "SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "'";
list($user_source) = sql_select($SQL);
$html .= "<tr><td>\n";
$html .= "<table>\n";
$html .= " <tr><td>Nick</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"eNick\" value=\"" . $user_source['Nick'] . "\"></td></tr>\n";
$html .= " <tr><td>lastLogIn</td><td>" . date("Y-m-d H:i", $user_source['lastLogIn']) . "</td></tr>\n";
$html .= " <tr><td>Name</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"eName\" value=\"" . $user_source['Name'] . "\"></td></tr>\n";
$html .= " <tr><td>Vorname</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"eVorname\" value=\"" . $user_source['Vorname'] . "\"></td></tr>\n";
$html .= " <tr><td>Alter</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"5\" name=\"eAlter\" value=\"" . $user_source['Alter'] . "\"></td></tr>\n";
$html .= " <tr><td>Telefon</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"eTelefon\" value=\"" . $user_source['Telefon'] . "\"></td></tr>\n";
$html .= " <tr><td>Handy</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"eHandy\" value=\"" . $user_source['Handy'] . "\"></td></tr>\n";
$html .= " <tr><td>DECT</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"4\" name=\"eDECT\" value=\"" . $user_source['DECT'] . "\"></td></tr>\n";
$html .= " <tr><td>email</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n";
$html .= " <tr><td>" . form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $user_source['email_shiftinfo']) . "</td></tr>\n";
$html .= " <tr><td>jabber</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n";
$html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n";
$options = array('1' => "Yes", '0' => "No");
// Gekommen?
$html .= " <tr><td>Gekommen</td><td>\n";
$html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n";
// Aktiv?
$html .= " <tr><td>Aktiv</td><td>\n";
$html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n";
// Aktiv erzwingen
if (in_array('admin_active', $privileges)) {
$html .= " <tr><td>" . _("Force active") . "</td><td>\n";
$html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n";
}
// T-Shirt bekommen?
$html .= " <tr><td>T-Shirt</td><td>\n";
$html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n";
$html .= " <tr><td>Hometown</td><td>" . "<input class=\"form-control\" type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n";
$html .= "</table>\n</td><td valign=\"top\"></td></tr>";
$html .= "</td></tr>\n";
$html .= "</table>\n<br />\n";
$html .= "<input class=\"btn btn-primary\" type=\"submit\" value=\"Speichern\">\n";
$html .= "</form>";
$html .= "<hr />";
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
$html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form class=\"admin-user-form\" action=\"" . page_link_to("admin_user") . "&action=change_pw&id={$id}\" method=\"post\">\n";
$html .= "<br /><table>\n";
$html .= " <tr><td width=\"30%\">Passwort </td><td>" . "<input class=\"form-control\" type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
$html .= " <tr><td width=\"30%\">Wiederholung </td><td>" . "<input class=\"form-control\" type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
$html .= "</table>";
$html .= "<div class=\"form-group\"><input class=\"btn btn-primary\" type=\"submit\" value=\"Speichern\"></div>\n";
$html .= "</form>";
$html .= "<hr />";
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
if (count($my_highest_group) > 0) {
$my_highest_group = $my_highest_group[0]['group_id'];
}
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1");
if (count($his_highest_group) > 0) {
$his_highest_group = $his_highest_group[0]['group_id'];
}
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form class=\"admin-user-form\" action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
$html .= '<table>';
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
foreach ($groups as $group) {
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
}
$html .= '</table>';
$html .= "<input class=\"btn btn-primary\" type=\"submit\" value=\"Speichern\">\n";
$html .= "</form>";
$html .= "<hr />";
}
$html .= "<form class=\"admin-user-form\" action=\"" . page_link_to("admin_user") . "&action=delete&id=" . $id . "\" method=\"post\">\n";
$html .= "<tr><td><input class=\"btn btn-primary\" type=\"submit\" value=\"Löschen\"></td></tr>\n";
$html .= "</form>";
$html .= "<hr />";
} else {
switch ($_REQUEST['action']) {
case 'save_groups':
if ($id != $user['UID']) {
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || $my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id'])) {
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
$groups = array();
$grouplist = array();
foreach ($groups_source as $group) {
$groups[$group['UID']] = $group;
$grouplist[] = $group['UID'];
}
if (!is_array($_REQUEST['groups'])) {
$_REQUEST['groups'] = array();
}
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
$user_groups_info = array();
foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) {
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
$user_groups_info[] = $groups[$group]['Name'];
}
}
$user_source = User($id);
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true);
} else {
$html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true);
}
} else {
$html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true);
}
break;
case 'delete':
if ($user['UID'] != $id) {
$user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
engelsystem_log("Deleted user " . User_Nick_render($user_source));
$html .= success("Benutzer gelöscht!", true);
} else {
$html .= error("Du kannst Dich nicht selber löschen!", true);
}
break;
case 'save':
$force_active = $user['force_active'];
if (in_array('admin_active', $privileges)) {
$force_active = $_REQUEST['force_active'];
}
$SQL = "UPDATE `User` SET \n `Nick` = '" . sql_escape($_POST["eNick"]) . "', \n `Name` = '" . sql_escape($_POST["eName"]) . "', \n `Vorname` = '" . sql_escape($_POST["eVorname"]) . "', \n `Telefon` = '" . sql_escape($_POST["eTelefon"]) . "', \n `Handy` = '" . sql_escape($_POST["eHandy"]) . "', \n `Alter` = '" . sql_escape($_POST["eAlter"]) . "', \n `DECT` = '" . sql_escape($_POST["eDECT"]) . "', \n `email` = '" . sql_escape($_POST["eemail"]) . "', \n `email_shiftinfo` = " . sql_bool(isset($_REQUEST['email_shiftinfo'])) . ", \n `jabber` = '" . sql_escape($_POST["ejabber"]) . "', \n `Size` = '" . sql_escape($_POST["eSize"]) . "', \n `Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "', \n `Aktiv`= '" . sql_escape($_POST["eAktiv"]) . "', \n `force_active`= " . sql_escape($force_active) . ", \n `Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "', \n `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' \n WHERE `UID` = '" . sql_escape($id) . "' \n LIMIT 1";
sql_query($SQL);
engelsystem_log("Updated user: "******"eNick"] . ", " . $_POST["eSize"] . ", available: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
$html .= success("Änderung wurde gespeichert...\n", true);
break;
case 'change_pw':
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($id, $_REQUEST['new_pw']);
$user_source = User($id);
engelsystem_log("Set new password for " . User_Nick_render($user_source));
$html .= success("Passwort neu gesetzt.", true);
} else {
$html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
}
break;
}
}
return page_with_title(_('Edit user'), array($html));
}
function guest_login()
{
global $user, $privileges;
$nick = "";
unset($_SESSION['uid']);
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
$nick = User_validate_Nick($_REQUEST['nick']);
$login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "'");
if (count($login_user) > 0) {
$login_user = $login_user[0];
if (isset($_REQUEST['password'])) {
if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
$ok = false;
error(_("Your password is incorrect. Please try it again."));
}
} else {
$ok = false;
error(_("Please enter a password."));
}
} else {
$ok = false;
error(_("No user was found with that Nickname. Please try again. If you are still having problems, ask an Dispatcher."));
}
} else {
$ok = false;
error(_("Please enter a nickname."));
}
if ($ok) {
$_SESSION['uid'] = $login_user['UID'];
$_SESSION['locale'] = $login_user['Sprache'];
redirect(page_link_to('news'));
}
}
if (in_array('register', $privileges)) {
$register_hint = join('', array('<p>' . _("Please sign up, if you want to help us!") . '</p>', buttons(array(button(page_link_to('register'), register_title() . ' »')))));
} else {
$register_hint = join('', array(error(_('Registration is disabled.'), true)));
}
return page_with_title(login_title(), array(msg(), '<div class="row"><div class="col-md-6">', form(array(form_text('nick', _("Nick"), $nick), form_password('password', _("Password")), form_submit('submit', _("Login")), buttons(array(button(page_link_to('user_password_recovery'), _("I forgot my password")))), info(_("Please note: You have to activate cookies!"), true))), '</div>', '<div class="col-md-6">', '<h2>' . register_title() . '</h2>', $register_hint, '<h2>' . _("What can I do?") . '</h2>', '<p>' . _("Please read about the jobs you can do to help us.") . '</p>', buttons(array(button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' »'))), '</div></div>'));
}
function user_myshifts()
{
global $LETZTES_AUSTRAGEN;
global $user, $privileges;
$msg = "";
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}\$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
$id = $_REQUEST['id'];
} else {
$id = $user['UID'];
}
list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (isset($_REQUEST['reset'])) {
if ($_REQUEST['reset'] == "ack") {
User_reset_api_key($user);
success(_("Key changed."));
redirect(page_link_to('user_myshifts'));
}
return page_with_title(_("Reset API key"), array(error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true), button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger')));
} elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*\$/", $_REQUEST['edit'])) {
$id = $_REQUEST['edit'];
$shift = sql_select("SELECT\n `ShiftEntry`.`freeloaded`,\n `ShiftEntry`.`freeload_comment`,\n `ShiftEntry`.`Comment`,\n `ShiftEntry`.`UID`,\n `ShiftTypes`.`name`,\n `Shifts`.*,\n `Room`.`Name`,\n `AngelTypes`.`name` as `angel_type`\n FROM `ShiftEntry`\n JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)\n JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)\n JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)\n JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)\n WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "'\n AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
if (count($shift) > 0) {
$shift = $shift[0];
if (isset($_REQUEST['submit'])) {
$freeloaded = $shift['freeloaded'];
$freeload_comment = $shift['freeload_comment'];
if (in_array("user_shifts_admin", $privileges)) {
$freeloaded = isset($_REQUEST['freeloaded']);
$freeload_comment = strip_request_item_nl('freeload_comment');
}
$comment = strip_request_item_nl('comment');
$user_source = User($shift['UID']);
$result = ShiftEntry_update(array('id' => $id, 'Comment' => $comment, 'freeloaded' => $freeloaded, 'freeload_comment' => $freeload_comment));
if ($result === false) {
engelsystem_error('Unable to update shift entr.');
}
engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO"));
success(_("Shift saved."));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
}
return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges));
} else {
redirect(page_link_to('user_myshifts'));
}
} elseif (isset($_REQUEST['cancel']) && preg_match("/^[0-9]*\$/", $_REQUEST['cancel'])) {
$id = $_REQUEST['cancel'];
$shift = sql_select("\n SELECT *\n FROM `Shifts` \n INNER JOIN `ShiftEntry` USING (`SID`) \n WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
if (count($shift) > 0) {
$shift = $shift[0];
if ($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600 || in_array('user_shifts_admin', $privileges)) {
$result = ShiftEntry_delete($id);
if ($result === false) {
engelsystem_error('Unable to delete shift entry.');
}
$room = Room($shift['RID']);
$angeltype = AngelType($shift['TID']);
$shifttype = ShiftType($shift['shifttype_id']);
engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']);
success(_("You have been signed off from the shift."));
} else {
error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so."));
}
} else {
redirect(user_link($shifts_user));
}
}
redirect(page_link_to('users') . '&action=view');
}
function admin_rooms()
{
global $user;
global $user, $enable_frab_import;
$rooms_source = sql_select("SELECT * FROM `Room` ORDER BY `Name`");
$rooms = array();
foreach ($rooms_source as $room) {
$rooms[] = array('name' => $room['Name'], 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', 'public' => $room['show'] == 'Y' ? '✓' : '', 'actions' => buttons(array(button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs'))));
}
if (isset($_REQUEST['show'])) {
$msg = "";
$name = "";
$location = "";
$lat = "";
$long = "";
$from_pentabarf = "";
$public = 'Y';
$number = "";
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes = array();
$angeltypes_count = array();
foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype['name'];
$angeltypes_count[$angeltype['id']] = 0;
}
if (test_request_int('id')) {
$room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'");
if (count($room) > 0) {
$id = $_REQUEST['id'];
$name = $room[0]['Name'];
$location = $room[0]['Location'];
$lat = $room[0]['Lat'];
$long = $room[0]['Long'];
$from_pentabarf = $room[0]['FromPentabarf'];
$public = $room[0]['show'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
foreach ($needed_angeltypes as $needed_angeltype) {
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
}
} else {
redirect(page_link_to('admin_rooms'));
}
}
if ($_REQUEST['show'] == 'edit') {
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
$name = strip_request_item('name');
} else {
$ok = false;
$msg .= error(_("Please enter a name."), true);
}
if (isset($_REQUEST['location']) && strlen(strip_request_item('location')) > 0) {
$location = strip_request_item('location');
} else {
$ok = false;
$msg .= error(_("Please enter a location."));
}
if (isset($_REQUEST['Lat']) && isset($_REQUEST['Long'])) {
$lat = $_REQUEST['Lat'];
$long = $_REQUEST['Long'];
} else {
$ok = false;
$msg .= error(_("Please enter a location - no lat long values found."));
}
$from_pentabarf = isset($_REQUEST['from_pentabarf']) ? 'Y' : '';
$public = isset($_REQUEST['public']) ? 'Y' : '';
if (isset($_REQUEST['number'])) {
$number = strip_request_item('number');
} else {
$ok = false;
}
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}\$/", $_REQUEST['angeltype_count_' . $angeltype_id])) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
} else {
$ok = false;
$msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true);
}
}
if ($ok) {
if (isset($id)) {
sql_query(sprintf("UPDATE `Room` SET `Name`='%s', `FromPentabarf`='%s', `show`='%s', `Number`='%s', `location` = '%s', `lat` = '%s', `long` = '%s' WHERE `RID`='%s' LIMIT 1", sql_escape($name), sql_escape($from_pentabarf), sql_escape($public), sql_escape($number), sql_escape($location), sql_escape($lat), sql_escape($long), sql_escape($id)));
engelsystem_log("Location updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
} else {
$id = Room_create($name, $from_pentabarf, $public, $location, $lat, $long);
if ($id === false) {
engelsystem_error("Unable to create location.");
}
engelsystem_log("Location created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
}
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
$needed_angeltype_info = array();
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
$angeltype = AngelType($angeltype_id);
if ($angeltype === false) {
engelsystem_error("Unable to load angeltype.");
}
if ($angeltype != null) {
sql_query(sprintf("INSERT INTO `NeededAngelTypes` SET `room_id`='%s', `angel_type_id`='%s', `count`='%s'", sql_escape($id), sql_escape($angeltype_id), sql_escape($angeltype_count)));
$needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count;
}
}
engelsystem_log("Set needed angeltypes of location " . $name . " to: " . join(", ", $needed_angeltype_info));
success(_("Location saved."));
redirect(page_link_to("admin_rooms"));
}
}
$angeltypes_count_form = array();
foreach ($angeltypes as $angeltype_id => $angeltype) {
$angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', array(form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id])));
}
$form_elements = [];
$form_elements[] = form_text('name', _("Name"), $name);
$form_elements[] = form_text('location', _("Location"), $location);
$form_elements[] = form_text('Lat', _("Latitude"), $lat, false, false);
$form_elements[] = form_text('Long', _("Longitude"), $long, false, false);
if ($enable_frab_import) {
$form_elements[] = form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf);
}
$form_elements[] = form_checkbox('public', _("Public"), $public);
$form_elements[] = form_text('number', _("Room number"), $number);
return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), $msg, form(array(div('row', array(div('col-md-6', $form_elements), div('col-md-6', array(div('row', array(div('col-md-12', array(form_info(_("Needed angels:")))), join($angeltypes_count_form))))), script("\n jQuery(function (\$) {\n var input = \$(\"input[id='form_location']\");\n var inputElement = document.getElementById(input.attr('id'));\n var searchBox = new google.maps.places.SearchBox(inputElement);\n searchBox.addListener('places_changed', function() {\n var places = searchBox.getPlaces();\n if (places.length == 0) {\n return;\n }\n\n var place = places.pop();\n var lat = place.geometry.location.lat();\n var long = place.geometry.location.lng();\n\n \$(\"input[id='form_lat']\").val(lat);\n \$(\"input[id='form_long']\").val(long);\n });\n\n // suppress form submit on enter\n input.keypress(function (event) {\n if (event.keyCode === 13) {\n return false;\n }\n });\n });\n "))), form_submit('submit', _("Save"))))));
} elseif ($_REQUEST['show'] == 'delete') {
if (isset($_REQUEST['ack'])) {
sql_query("DELETE FROM `Room` WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Location deleted: " . $name);
success(sprintf(_("Location %s deleted."), $name));
redirect(page_link_to('admin_rooms'));
}
return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms'), _("back"), 'back'))), sprintf(_("Do you want to delete location %s?"), $name), buttons(array(button(page_link_to('admin_rooms') . '&show=delete&id=' . $id . '&ack', _("Delete"), 'delete')))));
}
}
$table_columns = array('name' => _("Name"), 'from_pentabarf' => _("Frab import"), 'public' => _("Public"), 'actions' => "");
if (!$enable_frab_import) {
unset($table_columns['from_pentabarf']);
}
return page_with_title(admin_rooms_title(), array(buttons(array(button(page_link_to('admin_rooms') . '&show=edit', _("add")))), msg(), table($table_columns, $rooms)));
}
/**
* View for requesting another eMail verification token
*/
function User_request_verification_token_view()
{
return page_with_title(user_request_verification_token_title(), array(msg(), _("We will resend an e-mail including the verification link. Please use the email address you used for registration."), form(array(form_text('email', _("E-Mail"), ""), form_submit('submit', _("Resend"))))));
}
function user_messages()
{
global $user;
if (!isset($_REQUEST['action'])) {
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
$to_select_data = array("" => _("Select recipient..."));
foreach ($users as $u) {
$to_select_data[$u['UID']] = $u['Nick'];
}
$to_select = html_select_key('to', 'to', $to_select_data, '');
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");
$messages_table = [['news' => '', 'timestamp' => date("Y-m-d H:i"), 'from' => User_Nick_render($user), 'to' => $to_select, 'text' => form_textarea('text', '', ''), 'actions' => form_submit('submit', _("Save"))]];
foreach ($messages as $message) {
$sender_user_source = User($message['SUID']);
if ($sender_user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$receiver_user_source = User($message['RUID']);
if ($receiver_user_source === false) {
engelsystem_error(_("Unable to load user."));
}
$messages_table_entry = array('new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '', 'timestamp' => date("Y-m-d H:i", $message['Datum']), 'from' => User_Nick_render($sender_user_source), 'to' => User_Nick_render($receiver_user_source), 'text' => str_replace("\n", '<br />', $message['Text']));
if ($message['RUID'] == $user['UID']) {
if ($message['isRead'] == 'N') {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs');
}
} else {
$messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs');
}
$messages_table[] = $messages_table_entry;
}
return page_with_title(messages_title(), array(msg(), sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)), form(array(table(array('new' => _("New"), 'timestamp' => _("Date"), 'from' => _("Transmitted"), 'to' => _("Recipient"), 'text' => _("Message"), 'actions' => ''), $messages_table)), page_link_to('user_messages') . '&action=send')));
} else {
switch ($_REQUEST['action']) {
case "read":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error(_("Incomplete call, missing Message ID."), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
} else {
return error(_("No Message found."), true);
}
break;
case "delete":
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error(_("Incomplete call, missing Message ID."), true);
}
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
} else {
return error(_("No Message found."), true);
}
break;
case "send":
if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
redirect(page_link_to("user_messages"));
} else {
return error(_("Transmitting was terminated with an Error."), true);
}
break;
default:
return error(_("Wrong action."), true);
}
}
}
function user_shifts()
{
global $user, $privileges, $max_freeloadable_shifts;
if (User_is_freeloader($user)) {
redirect(page_link_to('user_myshifts'));
}
// Locations laden
$rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`");
$room_array = array();
foreach ($rooms as $room) {
$room_array[$room['RID']] = $room['Name'];
}
// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
if (isset($_REQUEST['entry_id']) && in_array('user_shifts_admin', $privileges)) {
if (isset($_REQUEST['entry_id']) && test_request_int('entry_id')) {
$entry_id = $_REQUEST['entry_id'];
} else {
redirect(page_link_to('user_shifts'));
}
$shift_entry_source = sql_select("\n SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` \n FROM `ShiftEntry` \n JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) \n JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) \n JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) \n JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)\n JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) \n WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'");
if (count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0];
$result = ShiftEntry_delete($entry_id);
if ($result === false) {
engelsystem_error('Unable to delete shift entry.');
}
engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("y-m-d H:i", $shift_entry_source['start']) . " to " . date("y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']);
success(_("Shift entry deleted."));
} else {
error(_("Entry not found."));
}
redirect(page_link_to('user_shifts'));
} elseif (isset($_REQUEST['edit_shift']) && in_array('admin_shifts', $privileges)) {
$msg = "";
$ok = true;
if (isset($_REQUEST['edit_shift']) && test_request_int('edit_shift')) {
$shift_id = $_REQUEST['edit_shift'];
} else {
redirect(page_link_to('user_shifts'));
}
$shift = sql_select("\n SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.* FROM `Shifts` \n JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) \n JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)\n WHERE `SID`='" . sql_escape($shift_id) . "'");
if (count($shift) == 0) {
redirect(page_link_to('user_shifts'));
}
$shift = $shift[0];
// Engeltypen laden
$types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angel_types = array();
$needed_angel_types = array();
foreach ($types as $type) {
$angel_types[$type['id']] = $type;
$needed_angel_types[$type['id']] = 0;
}
$shifttypes_source = ShiftTypes();
$shifttypes = [];
foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
// Benötigte Engeltypen vom Raum
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`='" . sql_escape($shift['RID']) . "') ORDER BY `AngelTypes`.`name`");
foreach ($needed_angel_types_source as $type) {
if ($type['count'] != "") {
$needed_angel_types[$type['id']] = $type['count'];
}
}
// Benötigte Engeltypen von der Schicht
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`='" . sql_escape($shift_id) . "') ORDER BY `AngelTypes`.`name`");
foreach ($needed_angel_types_source as $type) {
if ($type['count'] != "") {
$needed_angel_types[$type['id']] = $type['count'];
}
}
$shifttype_id = $shift['shifttype_id'];
$title = $shift['title'];
$rid = $shift['RID'];
$start = $shift['start'];
$end = $shift['end'];
if (isset($_REQUEST['submit'])) {
// Name/Bezeichnung der Schicht, darf leer sein
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+\$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) {
$rid = $_REQUEST['rid'];
} else {
$ok = false;
$rid = $rooms[0]['RID'];
$msg .= error(_("Please select a room."), true);
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
$ok = false;
$msg .= error(_('Please select a shifttype.'), true);
}
if (isset($_REQUEST['start']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['start'])))) {
$start = $tmp->getTimestamp();
} else {
$ok = false;
$msg .= error(_("Please enter a valid starting time for the shifts."), true);
}
if (isset($_REQUEST['end']) && ($tmp = DateTime::createFromFormat("Y-m-d H:i", trim($_REQUEST['end'])))) {
$end = $tmp->getTimestamp();
} else {
$ok = false;
$msg .= error(_("Please enter a valid ending time for the shifts."), true);
}
if ($start >= $end) {
$ok = false;
$msg .= error(_("The ending time has to be after the starting time."), true);
}
foreach ($needed_angel_types_source as $type) {
if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+\$/", trim($_REQUEST['type_' . $type['id']]))) {
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
} else {
$ok = false;
$msg .= error(sprintf(_("Please check your input for needed angels of type %s."), $type['name']), true);
}
}
if ($ok) {
$shift['shifttype_id'] = $shifttype_id;
$shift['title'] = $title;
$shift['RID'] = $rid;
$shift['start'] = $start;
$shift['end'] = $end;
$result = Shift_update($shift);
if ($result === false) {
engelsystem_error('Unable to update shift.');
}
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'");
$needed_angel_types_info = array();
foreach ($needed_angel_types as $type_id => $count) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
$needed_angel_types_info[] = $angel_types[$type_id]['name'] . ": " . $count;
}
engelsystem_log("Updated shift '" . $name . "' from " . date("y-m-d H:i", $start) . " to " . date("y-m-d H:i", $end) . " with angel types " . join(", ", $needed_angel_types_info));
success(_("Shift updated."));
redirect(shift_link(['SID' => $shift_id]));
}
}
$room_select = html_select_key('rid', 'rid', $room_array, $rid);
$angel_types = "";
foreach ($types as $type) {
$angel_types .= form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]);
}
return page_with_title(shifts_title(), array(msg(), '<noscript>' . info(_("This page is much more comfortable with javascript."), true) . '</noscript>', form(array(form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_text('title', _("Title"), $title), form_select('rid', _("Room:"), $room_array, $rid), form_text('start', _("Start:"), date("Y-m-d H:i", $start)), form_text('end', _("End:"), date("Y-m-d H:i", $end)), '<h2>' . _("Needed angels") . '</h2>', $angel_types, form_submit('submit', _("Save"))))));
} elseif (isset($_REQUEST['delete_shift']) && in_array('user_shifts_admin', $privileges)) {
if (isset($_REQUEST['delete_shift']) && preg_match("/^[0-9]*\$/", $_REQUEST['delete_shift'])) {
$shift_id = $_REQUEST['delete_shift'];
} else {
redirect(page_link_to('user_shifts'));
}
$shift = Shift($shift_id);
if ($shift === false) {
engelsystem_error('Unable to load shift.');
}
if ($shift == null) {
redirect(page_link_to('user_shifts'));
}
// Schicht löschen bestätigt
if (isset($_REQUEST['delete'])) {
$result = Shift_delete($shift_id);
if ($result === false) {
engelsystem_error('Unable to delete shift.');
}
engelsystem_log("Deleted shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success(_("Shift deleted."));
redirect(page_link_to('user_shifts'));
}
return page_with_title(shifts_title(), array(error(sprintf(_("Do you want to delete the shift %s from %s to %s?"), $shift['name'], date("Y-m-d H:i", $shift['start']), date("H:i", $shift['end'])), true), '<a class="button" href="?p=user_shifts&delete_shift=' . $shift_id . '&delete">' . _("delete") . '</a>'));
} elseif (isset($_REQUEST['shift_id'])) {
if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*\$/", $_REQUEST['shift_id'])) {
$shift_id = $_REQUEST['shift_id'];
} else {
redirect(page_link_to('user_shifts'));
}
$shift = Shift($shift_id);
$room;
$shift['Name'] = $room_array[$shift['RID']];
if ($shift === false) {
engelsystem_error('Unable to load shift.');
}
if ($shift == null) {
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*\$/", $_REQUEST['type_id'])) {
$type_id = $_REQUEST['type_id'];
} else {
redirect(page_link_to('user_shifts'));
}
if (in_array('user_shifts_admin', $privileges)) {
$type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
} else {
$type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
}
if (count($type) == 0) {
redirect(page_link_to('user_shifts'));
}
$type = $type[0];
if (!Shift_signup_allowed($shift, $type)) {
error(_('You are not allowed to sign up for this shift. Maybe shift is full or already running.'));
redirect(shift_link($shift));
}
if (isset($_REQUEST['submit'])) {
$selected_type_id = $type_id;
if (in_array('user_shifts_admin', $privileges)) {
if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*\$/", $_REQUEST['user_id'])) {
$user_id = $_REQUEST['user_id'];
} else {
$user_id = $user['UID'];
}
if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) {
redirect(page_link_to('user_shifts'));
}
if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) {
$selected_type_id = $_REQUEST['angeltype_id'];
}
} else {
$user_id = $user['UID'];
}
if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) {
return error("This angel does already have an entry for this shift.", true);
}
$freeloaded = $shift['freeloaded'];
$freeload_comment = $shift['freeload_comment'];
if (in_array("user_shifts_admin", $privileges)) {
$freeloaded = isset($_REQUEST['freeloaded']);
$freeload_comment = strip_request_item_nl('freeload_comment');
}
$comment = strip_request_item_nl('comment');
$result = ShiftEntry_create(array('SID' => $shift_id, 'TID' => $selected_type_id, 'UID' => $user_id, 'Comment' => $comment, 'freeloaded' => $freeloaded, 'freeload_comment' => $freeload_comment));
if ($result === false) {
engelsystem_error('Unable to create shift entry.');
}
if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "' ") == 0) {
sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')");
}
$user_source = User($user_id);
engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("y-m-d H:i", $shift['start']) . " to " . date("y-m-d H:i", $shift['end']));
success(_("You are subscribed. Thank you!") . ' <a href="' . page_link_to('user_myshifts') . '">' . _("My shifts") . ' »</a>');
redirect(shift_link($shift));
}
if (in_array('user_shifts_admin', $privileges)) {
$users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`");
$users_select = array();
foreach ($users as $usr) {
$users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")");
}
$user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']);
$angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
$angeltypes = array();
foreach ($angeltypes_source as $angeltype) {
$angeltypes[$angeltype['id']] = $angeltype['name'];
}
$angeltyppe_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']);
} else {
$user_text = User_Nick_render($user);
$angeltyppe_select = $type['name'];
}
return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' – ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltyppe_select, "", false, null, in_array('user_shifts_admin', $privileges));
} else {
return view_user_shifts();
}
}
function admin_active()
{
global $tshirt_sizes, $shift_sum_formula;
$msg = "";
$search = "";
$forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1");
$count = $forced_count;
$limit = "";
$set_active = "";
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
if (isset($_REQUEST['set_active'])) {
$ok = true;
if (isset($_REQUEST['count']) && preg_match("/^[0-9]+\$/", $_REQUEST['count'])) {
$count = strip_request_item('count');
if ($count < $forced_count) {
error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count));
redirect(page_link_to('admin_active'));
}
} else {
$ok = false;
$msg .= error(_("Please enter a number of angels to be marked as active."), true);
}
if ($ok) {
$limit = " LIMIT " . $count;
}
if (isset($_REQUEST['ack'])) {
sql_query("UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0");
$users = sql_select("\n SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, {$shift_sum_formula} as `shift_length` \n FROM `User` \n LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` \n LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` \n WHERE `User`.`Gekommen` = 1 AND `User`.`force_active`=0 \n GROUP BY `User`.`UID` \n ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
$user_nicks = array();
foreach ($users as $usr) {
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'");
$user_nicks[] = User_Nick_render($usr);
}
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE");
engelsystem_log("These angels are active now: " . join(", ", $user_nicks));
$limit = "";
$msg = success(_("Marked angels."), true);
} else {
$set_active = '<a href="' . page_link_to('admin_active') . '&serach=' . $search . '">« ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&search=' . $search . '&count=' . $count . '&set_active&ack">' . _("apply") . '</a>';
}
}
if (isset($_REQUEST['active']) && preg_match("/^[0-9]+\$/", $_REQUEST['active'])) {
$id = $_REQUEST['active'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
$msg = success(_("Angel has been marked as active."), true);
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['not_active']) && preg_match("/^[0-9]+\$/", $_REQUEST['not_active'])) {
$id = $_REQUEST['not_active'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
$msg = success(_("Angel has been marked as not active."), true);
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['tshirt']) && preg_match("/^[0-9]+\$/", $_REQUEST['tshirt'])) {
$id = $_REQUEST['tshirt'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
$msg = success(_("Angel has got a t-shirt."), true);
} else {
$msg = error("Angel not found.", true);
}
} elseif (isset($_REQUEST['not_tshirt']) && preg_match("/^[0-9]+\$/", $_REQUEST['not_tshirt'])) {
$id = $_REQUEST['not_tshirt'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
$msg = success(_("Angel has got no t-shirt."), true);
} else {
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("\n SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, {$shift_sum_formula} as `shift_length` \n FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` \n LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` \n WHERE `User`.`Gekommen` = 1 \n GROUP BY `User`.`UID` \n ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
$matched_users = array();
if ($search == "") {
$tokens = array();
} else {
$tokens = explode(" ", $search);
}
foreach ($users as &$usr) {
if (count($tokens) > 0) {
$match = false;
$index = join("", $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
}
if (!$match) {
continue;
}
}
$usr['nick'] = User_Nick_render($usr);
$usr['shirt_size'] = $tshirt_sizes[$usr['Size']];
$usr['work_time'] = round($usr['shift_length'] / 60) . ' min (' . round($usr['shift_length'] / 3600) . ' h)';
$usr['active'] = glyph_bool($usr['Aktiv'] == 1);
$usr['force_active'] = glyph_bool($usr['force_active'] == 1);
$usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1);
$actions = array();
if ($usr['Aktiv'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&active=' . $usr['UID'] . '&search=' . $search . '">' . _("set active") . '</a>';
}
if ($usr['Aktiv'] == 1 && $usr['Tshirt'] == 0) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&not_active=' . $usr['UID'] . '&search=' . $search . '">' . _("remove active") . '</a>';
$actions[] = '<a href="' . page_link_to('admin_active') . '&tshirt=' . $usr['UID'] . '&search=' . $search . '">' . _("got t-shirt") . '</a>';
}
if ($usr['Tshirt'] == 1) {
$actions[] = '<a href="' . page_link_to('admin_active') . '&not_tshirt=' . $usr['UID'] . '&search=' . $search . '">' . _("remove t-shirt") . '</a>';
}
$usr['actions'] = join(' ', $actions);
$matched_users[] = $usr;
}
$shirt_statistics = sql_select("\n SELECT `Size`, count(`Size`) AS `count`\n FROM `User`\n WHERE `Tshirt`=1\n GROUP BY `Size`\n ORDER BY `count` DESC");
$shirt_statistics[] = array('Size' => '<b>' . _("Sum") . '</b>', 'count' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>');
return page_with_title(admin_active_title(), array(form(array(form_text('search', _("Search angel:"), $search), form_submit('submit', _("Search")))), $set_active == "" ? form(array(form_text('count', _("How much angels should be active?"), $count), form_submit('set_active', _("Preview")))) : $set_active, msg(), table(array('nick' => _("Nickname"), 'shirt_size' => _("Size"), 'shift_count' => _("Shifts"), 'work_time' => _("Length"), 'active' => _("Active?"), 'force_active' => _("Forced"), 'tshirt' => _("T-shirt?"), 'actions' => ""), $matched_users), '<h2>' . _("Given shirts") . '</h2>', table(array('Size' => _("Size"), 'count' => _("Count")), $shirt_statistics)));
}
function UserAngelType_join_view($user, $angeltype)
{
return page_with_title(sprintf(_("Become a %s"), $angeltype['name']), array(msg(), info(sprintf(_("Do you really want to add %s to %s?"), User_Nick_render($user), $angeltype['name']), true), buttons(array(button(page_link_to('angeltypes') . '&action=view&angeltype_id=' . $angeltype['id'], _("cancel"), 'cancel'), button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'] . '&user_id=' . $user['UID'] . '&confirmed', _("save"), 'ok')))));
}
function admin_arrive()
{
$msg = "";
$search = "";
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*\$/", $_REQUEST['reset'])) {
$id = $_REQUEST['reset'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
$msg = success(_("Reset done. Angel has not arrived."), true);
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*\$/", $_REQUEST['arrived'])) {
$id = $_REQUEST['arrived'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
$msg = success(_("Angel has been marked as arrived."), true);
} else {
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
$arrival_count_at_day = array();
$table = "";
$users_matched = array();
if ($search == "") {
$tokens = array();
} else {
$tokens = explode(" ", $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join(" ", $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
}
if (!$match) {
continue;
}
}
$usr['nick'] = User_Nick_render($usr);
$usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
$usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
$usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>';
$day = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : date('Y-m-d', $usr['planned_arrival_date']);
if (!isset($arrival_count_at_day[$day])) {
$arrival_count_at_day[$day] = 0;
}
$arrival_count_at_day[$day]++;
$users_matched[] = $usr;
}
ksort($arrival_count_at_day);
$arrival_count = array();
$arrival_sums = array();
$arrival_sum = 0;
foreach ($arrival_count_at_day as $day => $count) {
$arrival_sum += $count;
$arrival_sums[$day] = $arrival_sum;
$arrival_count[] = array('day' => $day, 'count' => $count, 'sum' => $arrival_sum);
}
return page_with_title(admin_arrive_title(), array(msg(), form(array(form_text('search', _("Search"), $search), form_submit('submit', _("Search")))), table(array('nick' => _("Nickname"), 'rendered_planned_arrival_date' => _("Planned date"), 'arrived' => _("Arrived?"), 'rendered_arrival_date' => _("Arrival date"), 'actions' => ""), $users_matched), heading(_("Arrival statistics"), 2), '<canvas id="daily_arrives" style="width: 100%; height: 300px;"></canvas>
<script type="text/javascript">
$(function(){
var ctx = $("#daily_arrives").get(0).getContext("2d");
var chart = new Chart(ctx).Bar(' . json_encode(array('labels' => array_keys($arrival_count_at_day), 'datasets' => array(array('label' => _("arrived"), 'fillColor' => "#444", 'data' => array_values($arrival_count_at_day)), array('label' => _("arrived sum"), 'fillColor' => "#888", 'data' => array_values($arrival_sums))))) . ');
});
</script>', table(array('day' => _("Date"), 'count' => _("arrived"), 'sum' => _("arrived sum")), $arrival_count)));
}
function admin_arrive()
{
$msg = "";
$search = "";
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*\$/", $_REQUEST['reset'])) {
$id = $_REQUEST['reset'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
$msg = success(_("Reset done. Angel has not arrived."), true);
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*\$/", $_REQUEST['arrived'])) {
$id = $_REQUEST['arrived'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
$msg = success(_("Angel has been marked as arrived."), true);
} else {
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
$table = "";
$users_matched = array();
if ($search == "") {
$tokens = array();
} else {
$tokens = explode(" ", $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join(" ", $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
}
if (!$match) {
continue;
}
}
$table .= '<tr>';
$table .= '<td>' . User_Nick_render($usr) . '</td>';
$usr['nick'] = User_Nick_render($usr);
$usr['planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
$usr['arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
$usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
$usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>';
if ($usr['Gekommen'] == 1) {
$table .= '<td>yes</td><td><a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">reset</a></td>';
} else {
$table .= '<td></td><td><a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">arrived</a></td>';
}
$table .= '</tr>';
$users_matched[] = $usr;
}
return page_with_title(admin_arrive_title(), array(msg(), form(array(form_text('search', _("Search"), $search), form_submit('submit', _("Search")))), table(array('nick' => _("Nickname"), 'planned_arrival_date' => _("Planned date"), 'arrived' => _("Arrived?"), 'arrival_date' => _("Arrival date"), 'actions' => ""), $users_matched)));
}
function admin_groups()
{
global $user;
$html = "";
$groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
if (!isset($_REQUEST["action"])) {
$groups_table = array();
foreach ($groups as $group) {
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
$privileges_html = array();
foreach ($privileges as $priv) {
$privileges_html[] = $priv['name'];
}
$groups_table[] = array('name' => $group['Name'], 'privileges' => join(', ', $privileges_html), 'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs'));
}
return page_with_title(admin_groups_title(), array(table(array('name' => _("Name"), 'privileges' => _("Privileges"), 'actions' => ''), $groups_table)));
} else {
switch ($_REQUEST["action"]) {
case 'edit':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Groups ID.", true);
}
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (count($room) > 0) {
list($room) = $room;
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`");
$privileges_html = "";
$privileges_form = array();
foreach ($privileges as $priv) {
$privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']);
$privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], $priv['group_id'] != "" ? 'checked="checked"' : '', $priv['name'], $priv['desc']);
}
$privileges_form[] = form_submit('submit', _("Save"));
$html .= page_with_title(_("Edit group"), array(form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $id)));
} else {
return error("No Group found.", true);
}
break;
case 'save':
if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Groups ID.", true);
}
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (!is_array($_REQUEST['privileges'])) {
$_REQUEST['privileges'] = array();
}
if (count($room) > 0) {
list($room) = $room;
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'");
$privilege_names = array();
foreach ($_REQUEST['privileges'] as $priv) {
if (preg_match("/^[0-9]{1,}\$/", $priv)) {
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
if (count($group_privileges_source) > 0) {
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($id) . "', `privilege_id`='" . sql_escape($priv) . "'");
$privilege_names[] = $group_privileges_source[0]['name'];
}
}
}
engelsystem_log("Group privileges of group " . $room['Name'] . " edited: " . join(", ", $privilege_names));
redirect(page_link_to("admin_groups"));
} else {
return error("No Group found.", true);
}
break;
}
}
return $html;
}
function admin_import()
{
global $rooms_import;
global $user;
$html = "";
$step = "input";
if (isset($_REQUEST['step']) && in_array($step, ['input', 'check', 'import'])) {
$step = $_REQUEST['step'];
}
if ($test_handle = fopen('../import/tmp', 'w')) {
fclose($test_handle);
unlink('../import/tmp');
} else {
error(_('Webserver has no write-permission on import directory.'));
}
$import_file = '../import/import_' . $user['UID'] . '.xml';
$shifttype_id = null;
$shifttypes_source = ShiftTypes();
if ($shifttypes_source === false) {
engelsystem_error('Unable to load shifttypes.');
}
$shifttypes = [];
foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
switch ($step) {
case 'input':
$ok = false;
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
$ok = false;
error(_('Please select a shift type.'));
}
if (isset($_FILES['xcal_file']) && $_FILES['xcal_file']['error'] == 0) {
if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
libxml_use_internal_errors(true);
if (simplexml_load_file($import_file) === false) {
$ok = false;
error(_('No valid xml/xcal file provided.'));
unlink($import_file);
}
} else {
$ok = false;
error(_('File upload went wrong.'));
}
} else {
$ok = false;
error(_('Please provide some data.'));
}
}
if ($ok) {
redirect(page_link_to('admin_import') . "&step=check&shifttype_id=" . $shifttype_id);
} else {
$html .= div('well well-sm text-center', [_('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import'))]) . div('row', [div('col-md-offset-3 col-md-6', [form(array(form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")), form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_file('xcal_file', _("xcal-File (.xcal)")), form_submit('submit', _("Import"))))])]);
}
break;
case 'check':
if (!file_exists($import_file)) {
error(_('Missing import file.'));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id);
$html .= div('well well-sm text-center', ['<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import'))]) . form([div('row', [div('col-sm-6', ['<h3>' . _("Rooms to create") . '</h3>', table(_("Name"), $rooms_new)]), div('col-sm-6', ['<h3>' . _("Rooms to delete") . '</h3>', table(_("Name"), $rooms_deleted)])]), '<h3>' . _("Shifts to create") . '</h3>', table(array('day' => _("Day"), 'start' => _("Start"), 'end' => _("End"), 'shifttype' => _('Shift type'), 'title' => _("Title"), 'room' => _("Room")), shifts_printable($events_new, $shifttypes)), '<h3>' . _("Shifts to update") . '</h3>', table(array('day' => _("Day"), 'start' => _("Start"), 'end' => _("End"), 'shifttype' => _('Shift type'), 'title' => _("Title"), 'room' => _("Room")), shifts_printable($events_updated, $shifttypes)), '<h3>' . _("Shifts to delete") . '</h3>', table(array('day' => _("Day"), 'start' => _("Start"), 'end' => _("End"), 'shifttype' => _('Shift type'), 'title' => _("Title"), 'room' => _("Room")), shifts_printable($events_deleted, $shifttypes)), form_submit('submit', _("Import"))], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id);
break;
case 'import':
if (!file_exists($import_file)) {
error(_('Missing import file.'));
redirect(page_link_to('admin_import'));
}
if (!file_exists($import_file)) {
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) {
$result = Room_create($room, true, true);
if ($result === false) {
engelsystem_error('Unable to create room.');
}
$rooms_import[trim($room)] = sql_id();
}
foreach ($rooms_deleted as $room) {
sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
}
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id);
foreach ($events_new as $event) {
$result = Shift_create($event);
if ($result === false) {
engelsystem_error('Unable to create shift.');
}
}
foreach ($events_updated as $event) {
$result = Shift_update_by_psid($event);
if ($result === false) {
engelsystem_error('Unable to update shift.');
}
}
foreach ($events_deleted as $event) {
$result = Shift_delete_by_psid($event['PSID']);
if ($result === false) {
engelsystem_error('Unable to delete shift.');
}
}
engelsystem_log("Pentabarf import done");
unlink($import_file);
$html .= div('well well-sm text-center', ['<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>']) . success(_("It's done!"), true);
break;
default:
redirect(page_link_to('admin_import'));
}
return page_with_title(admin_import_title(), [msg(), $html]);
}
function user_settings()
{
global $enable_tshirt_size, $tshirt_sizes, $themes, $locales;
global $user;
$msg = "";
$nick = $user['Nick'];
$lastname = $user['Name'];
$prename = $user['Vorname'];
$age = $user['Alter'];
$tel = $user['Telefon'];
$dect = $user['DECT'];
$mobile = $user['Handy'];
$mail = $user['email'];
$email_shiftinfo = $user['email_shiftinfo'];
$jabber = $user['jabber'];
$hometown = $user['Hometown'];
$tshirt_size = $user['Size'];
$password_hash = "";
$selected_theme = $user['color'];
$selected_language = $user['Sprache'];
$planned_arrival_date = $user['planned_arrival_date'];
$planned_departure_date = $user['planned_departure_date'];
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
$mail = strip_request_item('mail');
if (!check_email($mail)) {
$ok = false;
$msg .= error(_("E-mail address is not correct."), true);
}
} else {
$ok = false;
$msg .= error(_("Please enter your e-mail."), true);
}
$email_shiftinfo = isset($_REQUEST['email_shiftinfo']);
if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
$jabber = strip_request_item('jabber');
if (!check_email($jabber)) {
$ok = false;
$msg .= error(_("Please check your jabber account information."), true);
}
}
if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
$tshirt_size = $_REQUEST['tshirt_size'];
} elseif ($enable_tshirt_size) {
$ok = false;
}
if (isset($_REQUEST['planned_arrival_date']) && DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))) {
$planned_arrival_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_arrival_date']))->getTimestamp();
} else {
$ok = false;
$msg .= error(_("Please enter your planned date of arrival."), true);
}
if (isset($_REQUEST['planned_departure_date']) && $_REQUEST['planned_departure_date'] != '') {
if (DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))) {
$planned_departure_date = DateTime::createFromFormat("Y-m-d", trim($_REQUEST['planned_departure_date']))->getTimestamp();
} else {
$ok = false;
$msg .= error(_("Please enter your planned date of departure."), true);
}
} else {
$planned_departure_date = null;
}
// Trivia
if (isset($_REQUEST['lastname'])) {
$lastname = strip_request_item('lastname');
}
if (isset($_REQUEST['prename'])) {
$prename = strip_request_item('prename');
}
if (isset($_REQUEST['age']) && preg_match("/^[0-9]{0,4}\$/", $_REQUEST['age'])) {
$age = strip_request_item('age');
}
if (isset($_REQUEST['tel'])) {
$tel = strip_request_item('tel');
}
if (isset($_REQUEST['dect'])) {
$dect = strip_request_item('dect');
}
if (isset($_REQUEST['mobile'])) {
$mobile = strip_request_item('mobile');
}
if (isset($_REQUEST['hometown'])) {
$hometown = strip_request_item('hometown');
}
if ($ok) {
sql_query("\n UPDATE `User` SET\n `Nick`='" . sql_escape($nick) . "',\n `Vorname`='" . sql_escape($prename) . "',\n `Name`='" . sql_escape($lastname) . "',\n `Alter`='" . sql_escape($age) . "',\n `Telefon`='" . sql_escape($tel) . "',\n `DECT`='" . sql_escape($dect) . "',\n `Handy`='" . sql_escape($mobile) . "',\n `email`='" . sql_escape($mail) . "',\n `email_shiftinfo`=" . sql_bool($email_shiftinfo) . ",\n `jabber`='" . sql_escape($jabber) . "',\n `Size`='" . sql_escape($tshirt_size) . "',\n `Hometown`='" . sql_escape($hometown) . "',\n `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "',\n `planned_departure_date`=" . sql_null($planned_departure_date) . "\n WHERE `UID`='" . sql_escape($user['UID']) . "'");
success(_("Settings saved."));
redirect(page_link_to('user_settings'));
}
} elseif (isset($_REQUEST['submit_password'])) {
$ok = true;
if (!isset($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) {
$msg .= error(_("-> not OK. Please try again."), true);
} elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) {
$msg .= error(_("Your password is to short (please use at least 6 characters)."), true);
} elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
$msg .= error(_("Your passwords don't match."), true);
} elseif (set_password($user['UID'], $_REQUEST['new_password'])) {
success(_("Password saved."));
} else {
error(_("Failed setting password."));
}
redirect(page_link_to('user_settings'));
} elseif (isset($_REQUEST['submit_theme'])) {
$ok = true;
if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
$selected_theme = $_REQUEST['theme'];
} else {
$ok = false;
}
if ($ok) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
success(_("Theme changed."));
redirect(page_link_to('user_settings'));
}
} elseif (isset($_REQUEST['submit_language'])) {
$ok = true;
if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
$selected_language = $_REQUEST['language'];
} else {
$ok = false;
}
if ($ok) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
$_SESSION['locale'] = $selected_language;
success("Language changed.");
redirect(page_link_to('user_settings'));
}
}
return page_with_title(settings_title(), array($msg, msg(), div('row', array(div('col-md-6', array(form(array(form_info('', _("Here you can change your user details.")), form_info(entry_required() . ' = ' . _("Entry required!")), form_text('nick', _("Nick"), $nick, true), form_text('lastname', _("Last name"), $lastname), form_text('prename', _("First name"), $prename), form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, time()), form_date('planned_departure_date', _("Planned date of departure"), $planned_departure_date, time()), form_text('age', _("Age"), $age), form_text('tel', _("Phone"), $tel), form_text('dect', _("DECT"), $dect), form_text('mobile', _("Mobile"), $mobile), form_text('mail', _("E-Mail") . ' ' . entry_required(), $mail), form_checkbox('email_shiftinfo', _("Please send me an email if my shifts change"), $email_shiftinfo), form_text('jabber', _("Jabber"), $jabber), form_text('hometown', _("Hometown"), $hometown), $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size"), $tshirt_sizes, $tshirt_size) : '', form_info('', _('Please visit the angeltypes page to manage your angeltypes.')), form_submit('submit', _("Save")))))), div('col-md-6', array(form(array(form_info(_("Here you can change your password.")), form_password('password', _("Old password:"******"New password:"******"Password confirmation:")), form_submit('submit_password', _("Save")))), form(array(form_info(_("Here you can choose your color settings:")), form_select('theme', _("Color settings:"), $themes, $selected_theme), form_submit('submit_theme', _("Save")))), form(array(form_info(_("Here you can choose your language:")), form_select('language', _("Language:"), $locales, $selected_language), form_submit('submit_language', _("Save"))))))))));
}
function admin_questions()
{
global $user;
if (!isset($_REQUEST['action'])) {
$unanswered_questions_table = array();
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
$unanswered_questions_table[] = array('from' => User_Nick_render($user_source), 'question' => str_replace("\n", "<br />", $question['Question']), 'answer' => form(array(form_textarea('answer', '', ''), form_submit('submit', _("Save"))), page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs'));
}
$answered_questions_table = array();
$questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
$answer_user_source = User($question['AID']);
if ($answer_user_source === false) {
engelsystem_error("Unable to load user.");
}
$answered_questions_table[] = array('from' => User_Nick_render($user_source), 'question' => str_replace("\n", "<br />", $question['Question']), 'answered_by' => User_Nick_render($answer_user_source), 'answer' => str_replace("\n", "<br />", $question['Answer']), 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs'));
}
return page_with_title(admin_questions_title(), array('<h2>' . _("Unanswered questions") . '</h2>', table(array('from' => _("From"), 'question' => _("Question"), 'answer' => _("Answer"), 'actions' => ''), $unanswered_questions_table), '<h2>' . _("Answered questions") . '</h2>', table(array('from' => _("From"), 'question' => _("Question"), 'answered_by' => _("Answered by"), 'answer' => _("Answer"), 'actions' => ''), $answered_questions_table)));
} else {
switch ($_REQUEST['action']) {
case 'answer':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\\p{L}\\p{P}\\p{Z}\\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions"));
} else {
return error("Gib eine Antwort ein!", true);
}
} else {
return error("No question found.", true);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']);
redirect(page_link_to("admin_questions"));
} else {
return error("No question found.", true);
}
break;
}
}
}
function admin_arrive()
{
$msg = "";
$search = "";
if (isset($_REQUEST['search'])) {
$search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*\$/", $_REQUEST['reset'])) {
$id = $_REQUEST['reset'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=0, `arrival_date` = NULL WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set to not available: " . User_Nick_render($user_source));
$msg = success(_("Reset done. Angel is not available."), true);
} else {
$msg = error(_("Angel not found."), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match("/^[0-9]*\$/", $_REQUEST['arrived'])) {
$id = $_REQUEST['arrived'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=1, `arrival_date`='" . time() . "' WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User is available: " . User_Nick_render($user_source));
$msg = success(_("Angel has been marked as available."), true);
} else {
$msg = error(_("Angel not found."), true);
}
}
$users = sql_select("SELECT * FROM `User` ORDER BY `Nick`");
$arrival_count_at_day = [];
$planned_arrival_count_at_day = [];
$planned_departure_count_at_day = [];
$table = "";
$users_matched = [];
if ($search == "") {
$tokens = [];
} else {
$tokens = explode(" ", $search);
}
foreach ($users as $usr) {
if (count($tokens) > 0) {
$match = false;
$index = join(" ", $usr);
foreach ($tokens as $t) {
if (stristr($index, trim($t))) {
$match = true;
break;
}
}
if (!$match) {
continue;
}
}
$usr['nick'] = User_Nick_render($usr);
if ($usr['planned_departure_date'] != null) {
$usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']);
} else {
$usr['rendered_planned_departure_date'] = '-';
}
$usr['rendered_planned_arrival_date'] = date('Y-m-d', $usr['planned_arrival_date']);
$usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-";
$usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : "";
$usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("available") . '</a>';
if ($usr['arrival_date'] > 0) {
$day = date('Y-m-d', $usr['arrival_date']);
if (!isset($arrival_count_at_day[$day])) {
$arrival_count_at_day[$day] = 0;
}
$arrival_count_at_day[$day]++;
}
if ($usr['planned_arrival_date'] != null) {
$day = date('Y-m-d', $usr['planned_arrival_date']);
if (!isset($planned_arrival_count_at_day[$day])) {
$planned_arrival_count_at_day[$day] = 0;
}
$planned_arrival_count_at_day[$day]++;
}
if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) {
$day = date('Y-m-d', $usr['planned_departure_date']);
if (!isset($planned_departure_count_at_day[$day])) {
$planned_departure_count_at_day[$day] = 0;
}
$planned_departure_count_at_day[$day]++;
}
$users_matched[] = $usr;
}
ksort($arrival_count_at_day);
ksort($planned_arrival_count_at_day);
ksort($planned_departure_count_at_day);
$arrival_at_day = [];
$arrival_sum = 0;
foreach ($arrival_count_at_day as $day => $count) {
$arrival_sum += $count;
$arrival_at_day[$day] = ['day' => $day, 'count' => $count, 'sum' => $arrival_sum];
}
$planned_arrival_sum_at_day = [];
$planned_arrival_sum = 0;
foreach ($planned_arrival_count_at_day as $day => $count) {
$planned_arrival_sum += $count;
$planned_arrival_at_day[$day] = ['day' => $day, 'count' => $count, 'sum' => $planned_arrival_sum];
}
$planned_departure_at_day = [];
$planned_departure_sum = 0;
foreach ($planned_departure_count_at_day as $day => $count) {
$planned_departure_sum += $count;
$planned_departure_at_day[$day] = ['day' => $day, 'count' => $count, 'sum' => $planned_departure_sum];
}
return page_with_title(admin_arrive_title(), array(msg(), form(array(form_text('search', _("Search"), $search), form_submit('submit', _("Search")))), table(array('nick' => _("Nickname"), 'rendered_planned_arrival_date' => _("Planned start of availability"), 'arrived' => _("Available?"), 'rendered_arrival_date' => _("Start of availability"), 'rendered_planned_departure_date' => _("Planned end of availability"), 'actions' => ""), $users_matched), div('row', [div('col-md-4', [heading(_("Planned start of availability statistics"), 2), bargraph('planned_arrives', 'day', ['count' => _("available"), 'sum' => _("available sum")], ['count' => '#090', 'sum' => '#888'], $planned_arrival_at_day), table(['day' => _("Date"), 'count' => _("Count"), 'sum' => _("Sum")], $planned_arrival_at_day)]), div('col-md-4', [heading(_("Availability statistics"), 2), bargraph('arrives', 'day', ['count' => _("available"), 'sum' => _("available sum")], ['count' => '#090', 'sum' => '#888'], $arrival_at_day), table(['day' => _("Date"), 'count' => _("Count"), 'sum' => _("Sum")], $arrival_at_day)]), div('col-md-4', [heading(_("Planned end of availability statistics"), 2), bargraph('planned_departures', 'day', ['count' => _("available"), 'sum' => _("available sum")], ['count' => '#090', 'sum' => '#888'], $planned_departure_at_day), table(['day' => _("Date"), 'count' => _("Count"), 'sum' => _("Sum")], $planned_departure_at_day)])])));
}
function AngelTypes_about_view($angeltypes, $user_logged_in)
{
global $faq_url;
$content = array(buttons(array(!$user_logged_in ? button(page_link_to('register'), register_title()) : '', !$user_logged_in ? button(page_link_to('login'), login_title()) : '', $user_logged_in ? button(page_link_to('angeltypes'), angeltypes_title(), 'back') : '', button($faq_url, _("FAQ"), "btn-primary"))), '<p>' . _("Here is the list of teams and their tasks. If you have questions, read the FAQ.") . '</p>', '<hr />');
$parsedown = new Parsedown();
foreach ($angeltypes as $angeltype) {
$content[] = '<h2>' . $angeltype['name'] . '</h2>';
if (isset($angeltype['user_angeltype_id'])) {
$buttons = array();
if ($angeltype['user_angeltype_id'] != null) {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=delete&user_angeltype_id=' . $angeltype['user_angeltype_id'], _("leave"), 'cancel');
} else {
$buttons[] = button(page_link_to('user_angeltypes') . '&action=add&angeltype_id=' . $angeltype['id'], _("join"), 'add');
}
$content[] = buttons($buttons);
}
if ($angeltype['restricted']) {
$content[] = info(_("This angeltype is restricted by double-opt-in by a team coordinator. Please show up at the according introduction meetings."), true);
}
if ($angeltype['description'] != "") {
$content[] = '<div class="well">' . $parsedown->parse($angeltype['description']) . '</div>';
}
$content[] = '<hr />';
}
return page_with_title(_("Teams/Job description"), $content);
}
/**
* View for password recovery step 2: New password
*/
function User_password_set_view()
{
return page_with_title(user_password_recovery_title(), array(msg(), _("Please enter a new password."), form(array(form_password('password', _("Password")), form_password('password2', _("Confirm password")), form_submit('submit', _("Save"))))));
}
function guest_login()
{
global $user, $privileges;
$nick = "";
unset($_SESSION['uid']);
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
$nick = User_validate_Nick($_REQUEST['nick']);
$login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "'");
if (count($login_user) > 0) {
$login_user = $login_user[0];
if (isset($_REQUEST['password'])) {
if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
$ok = false;
error(_("Your password is incorrect. Please try it again."));
} else {
//password is okay, check confirmaiton
if ($login_user['user_account_approved'] !== '1') {
$ok = false;
error(_("Your account is not confirmed yet. Please click the link in the mail we sent you. If you didn't get an eMail, ask a dispatcher."));
}
}
} else {
$ok = false;
error(_("Please enter a password."));
}
} else {
$ok = false;
error(_("No user was found with that Nickname. Please try again. If you are still having problems, ask an Dispatcher."));
}
} else {
$ok = false;
error(_("Please enter a nickname."));
}
if ($ok) {
$_SESSION['uid'] = $login_user['UID'];
$_SESSION['locale'] = $login_user['Sprache'];
redirect(page_link_to('shifts'));
}
}
if (in_array('register', $privileges)) {
$register_hint = join('', array('<p>' . _("Please sign up, if you want to help us!") . '</p>', buttons(array(button(page_link_to('register'), register_title() . ' »')))));
} else {
$register_hint = join('', array(error(_('Registration is disabled.'), true)));
}
return page_with_title(login_title(), array(msg(), '<div class="row"><div class="col-md-6">', form(array(form_text('nick', _("Nick"), $nick), form_password('password', _("Password")), form_submit('submit', _("Login")), buttons(array(button(page_link_to('user_password_recovery'), _("I forgot my password")))), info(_("Please note: You have to activate cookies!"), true))), '</div></div>'));
}
