function resolveRequest($req)
{
$result = array();
foreach (dbConn::query("SELECT class " . "FROM :prefix:module AS m " . "INNER JOIN :prefix:request AS r " . "ON m.moduleId = r.moduleId " . "WHERE r.url = :0", $req) as $r) {
$result = array("file" => $r['class'], "module" => $r['class']);
}
return $result;
}
public function getOutput()
{
$tpl = new \template("mypatients/container");
// user data
$user = \dbConn::queryRow("SELECT userid, firstname, lastname, rfid, email, state \n FROM :prefix:user WHERE userId = :0", $_SESSION['userId']);
$tpl->insert("firstname", $user['firstname']);
$tpl->insert("lastname", $user['lastname']);
$tpl->insert("userid", $user['userid']);
$tpl->insert("rfid", $user['rfid']);
$tpl->insert("email", $user['email']);
foreach (\dbConn::query("SELECT * FROM :prefix:user_state") as $r) {
$tpl->insert("states", $r['name'] == $user['state'] ? "<option value=\"{$r['name']}\" selected>{$r['display']}</option>" : "<option value=\"{$r['name']}\">{$r['display']}</option>");
}
// insert patients
$hasPatients = false;
$visit = null;
foreach (\dbConn::query("\n SELECT firstname, lastname, patientId\n FROM :prefix:visit AS v\n INNER JOIN :prefix:patient AS p\n ON v.patient = p.patientId\n WHERE user = :0\n ORDER BY firstname", $_SESSION['userId']) as $r) {
$tpl->insert("patients", "<option value=\"{$r['patientId']}\">{$r['firstname']} {$r['lastname']}</option>");
if (!$hasPatients) {
$visit = \dbConn::queryRow("SELECT * FROM :prefix:visit WHERE user = :0 AND patient = :1", $_SESSION['userId'], $r['patientId']);
}
$hasPatients = true;
}
$visitTpl = new \template("visitors/edit.visit");
// relation
foreach (\dbConn::query("SELECT * FROM :prefix:relation ORDER BY name ASC") as $r) {
$visitTpl->insert("relations", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['relation'] ? " selected" : "") . ">{$r['name']}</option>");
}
// description
$visitTpl->insert("description", $visit['description']);
// scent
foreach (\dbConn::query("SELECT * FROM :prefix:scent ORDER BY name ASC") as $r) {
$visitTpl->insert("scents", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['scent'] ? " selected" : "") . ">{$r['name']}</option>");
}
// images
$imgCount = 0;
foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Image') as $img) {
$visitTpl->insert("image" . ($imgCount + 1), ROOT . "media/image/" . $img['path']);
$imgCount++;
}
for ($i = $imgCount + 1; $i <= 3; $i++) {
$visitTpl->insert("image" . $i, ROOT . "images/icons/image.png");
}
// audios
$audioCount = 0;
foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Audio') as $audio) {
$visitTpl->insert("audio" . ($audioCount + 1), ROOT . "images/icons/audio.png");
$audioCount++;
}
for ($i = $audioCount + 1; $i <= 3; $i++) {
$visitTpl->insert("audio" . $i, ROOT . "images/icons/plus.png");
}
$tpl->insert("visit", $visitTpl->getOutput());
return $tpl->getOutput();
}
/**
* Loads all (unloaded) frontend modules and returns an array with all loaded module names.
*
* @return array All loaded module names.
* @static
* @since Version 1.0
*/
public static function loadAllModules()
{
$modules = array();
foreach (dbConn::query("SELECT class FROM :prefix:module WHERE backendOnly = 0") as $r) {
if (!file_exists(BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php")) {
throw new Exception("Failed while loading installed module as the module file was not found: " . BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php");
}
require_once BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php";
array_push($modules, "\\frontend\\" . $r['class']);
}
return $modules;
}
function getHistory($limit)
{
if (!isset($limit) || $limit == 0 || $limit == null || !is_numeric($limit)) {
$limit = 9999999;
}
$changes = new template("admin/lastchanges.container");
foreach (dbConn::query("SELECT\n action, \n nameBefore, \n nameAfter, \n emailBefore, \n emailAfter, \n production, \n fromDate,\n toDate,\n mvoe_plan.name AS plan, \n mvoe_worker_history.created\n FROM :prefix:worker_history \n INNER JOIN :prefix:shift ON :prefix:shift.shiftId = :prefix:worker_history.shift\n INNER JOIN :prefix:plan ON :prefix:shift.plan = :prefix:plan.name\n ORDER BY :prefix:worker_history.created DESC LIMIT 0, " . $limit) as $r) {
$change = new template("admin/lastchanges.entry");
switch ($r['action']) {
case "insert":
$change->insert("action", "<span style=\"color:green;\"><small>\n <i class=\"fa fa-plus-square\"></i>\n </small></span> Hinzugefügt");
break;
case "update":
$change->insert("action", "<span style=\"color:orange;\"><small>\n <i class=\"fa fa-minus-square\"></i>\n </small></span> Bearbeitet");
break;
case "delete":
$change->insert("action", "<span style=\"color:red;\">\n <small><i class=\"fa fa-trash\"></i>\n </small></span> Gelöscht");
break;
default:
$change->insert("action", "Unbekannt");
break;
}
$change->insert("shift", "<small>{$r['plan']}, {$r['production']}</small><br />" . substr($r['fromDate'], 0, 5) . " - " . substr($r['toDate'], 0, 5));
if ($r['nameBefore'] == $r['nameAfter']) {
$change->insert("user", $r['nameAfter']);
} else {
$change->insert("user", "<small><span style=\"text-decoration:line-through;\">{$r['nameBefore']}</span></small>\n <br /><strong>{$r['nameAfter']}</strong>");
}
if ($r['emailBefore'] == $r['emailAfter']) {
$change->insert("email", $r['emailAfter']);
} else {
$change->insert("email", "<small><span style=\"text-decoration:line-through;\">{$r['emailBefore']}</span></small>\n <br /><strong>{$r['emailAfter']}</strong>");
}
$change->insert("date", (new DateTime($r['created']))->format("d.m.y H:i"));
$changes->insert("content", $change->getOutput());
}
$changes->removeVariables();
return $changes->getOutput();
}
public static function getOutput($par)
{
$nav = new template("navigation/container");
$public = !isset($_SESSION['user']);
foreach (dbConn::query("SELECT * FROM :prefix:navigation WHERE parent IS NULL AND public = :0 ORDER BY position", $public) as $r) {
if ($r['admin'] && !$_SESSION['isAdmin']) {
continue;
}
$link = new template("navigation/layer1");
$link->insert("caption", htmlspecialchars($r['caption']));
$link->insert("destination", ROOT . $r['destination'] . "/");
$requestUri = $_SERVER['REQUEST_URI'];
if (navigation::startsWith($_SERVER['REQUEST_URI'], ROOT)) {
$requestUri = urldecode(substr($_SERVER['REQUEST_URI'], strlen(ROOT)));
}
// check active
//$link->insert("active", $requestUri == $r['destination'] ? "active" : "");
$link->insert("active", navigation::startsWith($requestUri, $r['destination']) ? "active" : "");
foreach (dbConn::query("SELECT * FROM :prefix:navigation WHERE parent = :0 ORDER BY position", $r['linkId']) as $s) {
$sublink = new template("navigation/layer2");
$sublink->insert("caption", htmlspecialchars($s['caption']));
$sublink->insert("destination", ROOT . $s['destination'] . "/");
$requestUri = $_SERVER['REQUEST_URI'];
if ($requestUri[strlen($requestUri) - 1] == "/") {
$requestUri = substr($requestUri, 0, strlen($requestUri) - 1);
}
if (navigation::startsWith($requestUri, ROOT)) {
$requestUri = substr($requestUri, strlen(ROOT), strlen($requestUri) - strlen(ROOT));
}
$sublink->insert("active", $requestUri == $s['destination'] ? "active" : "");
$link->insert("links", $sublink->getOutput());
}
$nav->insert("links", $link->getOutput());
}
return $nav->getOutput();
}
<?php
require "../config.php";
require "../functions.php";
$tpl = new template("admin/index");
$tpl->insert("homeActive", isset($_GET['v']) ? "" : "active");
// plans in navigation
foreach (dbConn::query("SELECT * FROM :prefix:plan WHERE deleted = 0 ORDER BY created DESC") as $r) {
$t = new template("admin/nav.plan");
$t->insert("name", $r['name']);
if (isset($_GET['v']) && $_GET['v'] == "plan" && isset($_GET['p']) && $_GET['p'] == $r['name']) {
$t->insert("active", "active");
} else {
$t->insert("active", "");
}
$tpl->insert("navPlans", $t->getOutput());
}
$tpl->removeVariables();
echo $tpl->getOutput();
/**
* Gets the html output and handles form inputs.
*
* @return string Html output.
*/
public function getOutput()
{
switch ($this->viewpoint) {
// ######################################################################################################
case "overview":
$tpl = new \template("patients/container");
$query = "";
if ($_SESSION['isAdmin']) {
$query = "SELECT \n patientId,\n firstname, \n lastname,\n room\n FROM :prefix:patient\n ORDER BY lastname ASC";
} else {
$query = "SELECT \n patientId,\n firstname, \n lastname,\n room\n FROM :prefix:patient\n WHERE patientId IN (SELECT patientId FROM :prefix:visit WHERE user = "******")\n ORDER BY lastname ASC";
}
foreach (\dbConn::query($query) as $r) {
$p = new \template("patients/patient");
$p->insert("id", $r['patientId']);
$p->insert("firstname", $r['firstname']);
$p->insert("lastname", $r['lastname']);
$p->insert("room", $r['room']);
$p->insert("visitorcount", \dbConn::querySingle("SELECT COUNT(*) FROM :prefix:visit WHERE patient = :0", $r['patientId']));
$p->insert("destination", ROOT . "patients" . "/" . $r['patientId']);
$tpl->insert("patients", $p);
}
return $tpl->getOutput();
break;
// ######################################################################################################
// ######################################################################################################
case "edit":
$result = null;
$tpl = new \template("patients/edit");
$tpl->insert("id", $_GET['par2']);
if (isset($_POST['save'])) {
$error = "";
if (!$this->saveChanges($error)) {
$result = new \template("alerts/danger");
$result->insert("caption", "Fehler");
$result->insert("text", $error);
$tpl->insert("firstname", $_POST['firstname']);
$tpl->insert("lastname", $_POST['lastname']);
$tpl->insert("room", $_POST['room']);
$tpl->insert("birthday", (new \DateTime($_POST['birthday']))->format("d.m.Y"));
} else {
$result = new \template("alerts/success");
$result->insert("caption", "Erfolgreich");
$result->insert("text", "Änderungen wurden erfolgreich gespeichert.");
}
}
$data = \dbConn::queryRow("SELECT * FROM :prefix:patient WHERE patientId = :0", $_GET['par2']);
if (isset($result)) {
$tpl->insert("result", $result);
if ($error == "") {
$tpl->insert("firstname", $data['firstname']);
$tpl->insert("lastname", $data['lastname']);
$tpl->insert("room", $data['room']);
$tpl->insert("birthday", (new \DateTime($data['birth']))->format("d.m.Y"));
}
} else {
$tpl->insert("firstname", $data['firstname']);
$tpl->insert("lastname", $data['lastname']);
$tpl->insert("room", $data['room']);
$tpl->insert("birthday", (new \DateTime($data['birth']))->format("d.m.Y"));
}
foreach (\dbConn::query("\n SELECT firstname, lastname\n FROM :prefix:visit AS v\n INNER JOIN :prefix:user AS u\n ON v.user = u.userId\n WHERE v.patient = :0\n ", $_GET['par2']) as $r) {
$tpl->insert("visitors", "<option>" . $r['firstname'] . " " . $r['lastname'] . "</option>");
}
return $tpl->getOutput();
break;
// ######################################################################################################
// ######################################################################################################
case "new":
if (!$_SESSION['isAdmin']) {
return "<h1>Zugriff verweigert</h1>";
}
$tpl = new \template("patients/new");
return $tpl->getOutput();
break;
}
}
if (dbConn::querySingle("SELECT COUNT(*) FROM :prefix:user WHERE rfid = :0", $_GET['rfid']) < 1) {
array_push($errors, array(110 => "invalid rfid code. code not in use"));
}
if (dbConn::querySingle("SELECT COUNT(*) FROM :prefix:patient WHERE room = :0", $_GET['room']) < 1) {
array_push($errors, array(111 => "invalid room id. room not in use"));
}
dieOnErrors($errors);
// check if user account is in active state
if (dbConn::querySingle("SELECT state FROM :prefix:user WHERE rfid = :0", $_GET['rfid']) != "activated") {
array_push($errors, array(116 => "user disabled"));
dieOnErrors($errors);
}
// check if user is allowed to visit given room
if (dbConn::querySingle("\n SELECT COUNT(*)\n FROM :prefix:visit AS v\n INNER JOIN :prefix:patient AS p\n ON v.patient = p.patientId\n INNER JOIN :prefix:user AS u\n ON v.user = u.userId\n WHERE p.room = :0 AND u.rfid = :1\n ", $_GET['room'], $_GET['rfid']) < 1) {
array_push($errors, array(115 => "permission denied"));
}
dieOnErrors($errors);
// all data is valid and user has access
// now create the response
// collect required data
$user = dbConn::queryRow("SELECT * FROM :prefix:user WHERE rfid = :0", $_GET['rfid']);
$visit = dbConn::queryRow("\n SELECT * \n FROM :prefix:visit AS v\n INNER JOIN :prefix:patient AS p\n ON v.patient = p.patientId\n WHERE p.room = :0 AND user = :1\n ", $_GET['room'], $user['userId']);
$media = array();
foreach (dbConn::query("SELECT type, path FROM :prefix:visit_media WHERE visitId = :0", $visit['visitId']) as $r) {
$r['path'] = URL . "/media/" . strtolower($r['type']) . "/" . $r['path'];
array_push($media, $r);
}
$response = array("success" => array("firstname" => $user['firstname'], "lastname" => $user['lastname'], "email" => $user['email'], "relation" => $visit['relation'], "scent" => $visit['scent'], "description" => $visit['description'], "media" => $media, "lastvisit" => dbConn::querySingle("SELECT MAX(created) FROM :prefix:visit_history WHERE visitId = :0", $visit['visitId'])));
dbConn::execute("INSERT INTO :prefix:visit_history (visitId) VALUES (:0);", $visit['visitId']);
header('Content-type: application/json');
echo json_encode($response, JSON_PRETTY_PRINT);
/**
* Loads all (unloaded) frontend modules and returns an array with all loaded module names.
*
* @return array Names of all modules which were loaded.
* @static
* @since Version 1.0
*/
public static function loadAllModules()
{
frontend::getLogger()->debug("trying to load all installed modules");
$modules = array();
foreach (dbConn::query("SELECT class FROM :prefix:module WHERE backendOnly = 0") as $r) {
if (!file_exists(BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php")) {
frontend::getLogger()->error("module could not be loaded because file does not exist: " . BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php");
throw new Exception("Failed while loading installed module as the module file was not found: " . BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php");
}
require_once BASEDIR . "modules/" . $r['class'] . "/" . $r['class'] . ".php";
array_push($modules, "\\frontend\\" . $r['class']);
}
frontend::getLogger()->debug("following modules loaded successfully: " . implode(",", $modules));
return $modules;
}
$has = false;
$required = 0;
foreach (dbConn::query("SELECT * FROM :prefix:production_shift WHERE production = :0 AND shift = :1", $prod, $shiftId) as $r) {
$required = $r['required'];
$has = true;
}
$prodShift = new template("production_shift");
$prodShift->insert("shiftId", $shiftId);
$prodShift->insert("disabled", $has ? "" : "shift-disabled");
$prodShift->insert("unique", seoUrl("{$plan}-{$prod}-" . substr(str_replace(":00-", " - ", $sh), 0, 13)));
if ($has) {
// fill required number of workers, name
$prodShift->insert("required", $required);
$prodShift->insert("name", $prod);
// get workers of one shift in one production
foreach (dbConn::query("SELECT * FROM :prefix:worker WHERE production = :0 AND shift = :1", $prod, $shiftId) as $r) {
$worker = new template("worker");
$worker->insert("name", $r['name']);
$worker->insert("email", $r['email']);
$prodShift->insert("workers", $worker->getOutput());
}
}
$t->insert("shift_productions", $prodShift->getOutput());
}
$planTpl->insert("shifts", $t->getOutput());
}
$tabContent->insert("desktop", $planTpl->getOutput());
}
$tpl->insert("plansContent", $tabContent->getOutput());
}
// insert page request duration
$set->name = "' . $_POST['site_name'] . '"; // site name
$set->url = "' . $_POST['site_url'] . '"; // site url
$set->logo = "' . $_POST['site_logo'] . '"; // logo url (full url http://site.com/logo.png)
$set->perpage = "10"; // how many records per page
define("MAI_PREFIX","' . $_POST['prefix'] . '");
';
if (!fwrite($fp, trim($content))) {
$error = 1;
}
fclose($fp);
include "inc/settings.php";
include "lib/mysql.class.php";
$db = new dbConn($set->db_host, $set->db_user, $set->db_pass, $set->db_name);
if (!$db->query("CREATE TABLE IF NOT EXISTS `" . $_POST['prefix'] . "files` (\n `id` int(11) NOT NULL AUTO_INCREMENT,\n `name` varchar(200) NOT NULL,\n `path` text NOT NULL,\n `indir` int(11) NOT NULL DEFAULT '0',\n `views` int(11) NOT NULL,\n `dcount` int(11) NOT NULL,\n `time` int(11) NOT NULL,\n `size` int(11) NOT NULL,\n `icon` text NOT NULL,\n `description` text NOT NULL,\n `isdir` int(11) NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;")) {
$error = 1;
}
if (!$db->query("INSERT INTO `" . $_POST['prefix'] . "files` (`id`, `name`, `path`, `indir`, `views`, `dcount`, `time`, `size`, `icon`,`isdir`) VALUES\n(1, 'Games', '/files/Games', 0, 0, 0, 1348259936, 0, '', 1);")) {
$error = 1;
}
if (!$db->query("CREATE TABLE IF NOT EXISTS `" . $_POST['prefix'] . "plugins_settings` (\n `name` varchar(200) NOT NULL,\n `value` text NOT NULL,\n `title` text NOT NULL,\n `description` text NOT NULL,\n `type` text NOT NULL,\n `plugin` text NOT NULL,\n UNIQUE KEY `name` (`name`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1;")) {
$error = 1;
}
if (!$db->query("CREATE TABLE IF NOT EXISTS `" . $_POST['prefix'] . "request` (\n `id` int(11) NOT NULL AUTO_INCREMENT,\n `text` text NOT NULL,\n `reply` text NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;")) {
$error = 1;
}
if (!$db->query("CREATE TABLE IF NOT EXISTS `" . $_POST['prefix'] . "settings` (\n `admin_pass` varchar(100) NOT NULL,\n `main_msg` text NOT NULL,\n `active_plugins` text NOT NULL\n) ENGINE=MyISAM DEFAULT CHARSET=latin1;")) {
$error = 1;
}
if (!$db->query("INSERT INTO `" . $_POST['prefix'] . "settings` (`admin_pass`, `main_msg`, `active_plugins`) VALUES\n('" . sha1(trim($_POST['admin_pass'])) . "', 'Welcome to our site !\r\nHope you enjoy it :D', 'a:0:{}');")) {
<?php
session_start();
require "../../config.php";
if (!isset($_SESSION['user'])) {
header("location: " . ROOT . "login");
die;
}
if (!isset($_POST['userId'])) {
die("missing argument userId");
}
$tpl = new template("visitors/add.patient");
foreach (\dbConn::query("SELECT * FROM :prefix:patient") as $r) {
if (isset($_POST['remove'])) {
if (in_array($r['patientId'], $_POST['remove'])) {
continue;
}
}
$tpl->insert("patients", "<option value=\"{$r['patientId']}\">{$r['firstname']} {$r['lastname']}</option>");
}
echo $tpl->getOutput();
<?php
session_start();
require "../../config.php";
require BASEDIR . "core/functions.php";
require BASEDIR . "core/transaction.php";
// no user logged in
if (!isset($_SESSION['user'])) {
header("location: " . ROOT . "login");
die;
}
$errors = array();
$t = new transaction();
$_POST = $_POST['data'];
// delete patients which have been removed
foreach (dbConn::query("SELECT patient FROM :prefix:visit WHERE user = :0", $_POST['userid']) as $r) {
$contains = false;
if (isset($_POST['visits']) && is_array($_POST['visits'])) {
foreach ($_POST['visits'] as $v) {
if ($v['patientId'] == $r['patient']) {
$contains = true;
break;
}
}
}
if (!$contains) {
$t->addStatement("DELETE FROM :prefix:visit WHERE user = :0 AND patient = :1", $_POST['userid'], $r['patient']);
}
}
if (isset($_POST['visits']) && is_array($_POST['visits'])) {
foreach ($_POST['visits'] as $p) {
public function getOutput()
{
switch ($this->viewpoint) {
case "overview":
$tpl = new \template("visitors/container");
foreach (\dbConn::query("SELECT * FROM :prefix:user ORDER BY lastname ASC") as $r) {
$v = new \template("visitors/visitor");
$v->insert("firstname", $r['firstname']);
$v->insert("id", $r['userId']);
$v->insert("lastname", $r['lastname']);
$v->insert("rfid", $r['rfid']);
$v->insert("patients", \dbConn::querySingle("SELECT COUNT(*) FROM :prefix:visit WHERE user = :0", $r['userId']));
$v->insert("lastvisit", \dbConn::querySingle("\n SELECT DATE_FORMAT(MAX(h.created), '%d.%m.%y %H:%i')\n FROM :prefix:visit AS v\n INNER JOIN :prefix:visit_history AS h\n ON v.visitId = h.visitId\n WHERE v.user = :0\n ", $r['userId']));
$v->insert("destination", ROOT . "visitors/" . $r['userId']);
$tpl->insert("visitors", $v);
}
return $tpl->getOutput();
break;
// ######################################################################################################
// ######################################################################################################
case "new":
$tpl = new \template("visitors/new");
return $tpl;
break;
// ######################################################################################################
// ######################################################################################################
case "edit":
$hasPatients = false;
$visit = null;
$tpl = new \template("visitors/edit.container");
// user data
$user = \dbConn::queryRow("SELECT userid, firstname, lastname, rfid, email, state \n FROM :prefix:user WHERE userId = :0", $_GET['par2']);
$tpl->insert("firstname", $user['firstname']);
$tpl->insert("lastname", $user['lastname']);
$tpl->insert("userid", $user['userid']);
$tpl->insert("rfid", $user['rfid']);
$tpl->insert("email", $user['email']);
foreach (\dbConn::query("SELECT * FROM :prefix:user_state") as $r) {
$tpl->insert("states", $r['name'] == $user['state'] ? "<option value=\"{$r['name']}\" selected>{$r['display']}</option>" : "<option value=\"{$r['name']}\">{$r['display']}</option>");
}
// insert patients
foreach (\dbConn::query("\n SELECT firstname, lastname, patientId\n FROM :prefix:visit AS v\n INNER JOIN :prefix:patient AS p\n ON v.patient = p.patientId\n WHERE user = :0\n ORDER BY firstname", $_GET['par2']) as $r) {
$tpl->insert("patients", "<option value=\"{$r['patientId']}\">{$r['firstname']} {$r['lastname']}</option>");
if (!$hasPatients) {
$visit = \dbConn::queryRow("SELECT * FROM :prefix:visit WHERE user = :0 AND patient = :1", $_GET['par2'], $r['patientId']);
}
$hasPatients = true;
}
$visitTpl = new \template("visitors/edit.visit");
// relation
foreach (\dbConn::query("SELECT * FROM :prefix:relation ORDER BY name ASC") as $r) {
$visitTpl->insert("relations", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['relation'] ? " selected" : "") . ">{$r['name']}</option>");
}
// description
$visitTpl->insert("description", $visit['description']);
// scent
foreach (\dbConn::query("SELECT * FROM :prefix:scent ORDER BY name ASC") as $r) {
$visitTpl->insert("scents", "<option value=\"{$r['name']}\"" . ($r['name'] == $visit['scent'] ? " selected" : "") . ">{$r['name']}</option>");
}
// images
$imgCount = 0;
foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Image') as $img) {
$visitTpl->insert("image" . ($imgCount + 1), ROOT . "media/image/" . $img['path']);
$imgCount++;
}
for ($i = $imgCount + 1; $i <= 3; $i++) {
$visitTpl->insert("image" . $i, ROOT . "images/icons/image.png");
}
// audios
$audioCount = 0;
foreach (\dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $visit['visitId'], 'Audio') as $audio) {
$visitTpl->insert("audio" . ($audioCount + 1), ROOT . "images/icons/audio.png");
$audioCount++;
}
for ($i = $audioCount + 1; $i <= 3; $i++) {
$visitTpl->insert("audio" . $i, ROOT . "images/icons/plus.png");
}
$tpl->insert("visit", $visitTpl->getOutput());
return $tpl->getOutput();
break;
}
}
$change->insert("user", $r['nameAfter']);
} else {
$change->insert("user", "<small><span style=\"text-decoration:line-through;\">{$r['nameBefore']}</span></small>\n <br /><strong>{$r['nameAfter']}</strong>");
}
if ($r['emailBefore'] == $r['emailAfter']) {
$change->insert("email", $r['emailAfter']);
} else {
$change->insert("email", "<small><span style=\"text-decoration:line-through;\">{$r['emailBefore']}</span></small>\n <br /><strong>{$r['emailAfter']}</strong>");
}
$change->insert("hidden", "hidden");
$email->insert("content", $change->getOutput());
dbConn::execute("DELETE FROM :prefix:email_pending WHERE historyId = :0", $r['historyId']);
}
}
if ($emailRequired) {
$emailError = "";
$arr = array();
foreach (dbConn::query("SELECT email FROM :prefix:email_subscriber \n WHERE plan = :0", $_POST['plan']) as $r) {
$arr[] = $r['email'];
}
if (count($arr) > 0 && trim($arr[0]) != "") {
emailSettings::send($arr, "Änderungen am Schichtplan " . $_POST['plan'], $email->getOutput(), $emailError);
if ($emailError != "") {
throw new Exception($emailError);
}
}
}
echo "SUCCESS";
} catch (Exception $ex) {
echo $ex->getMessage();
}
[checked] => 'false'
)
)
)
)
[plan] => "Donnerstag"
)
*/
/*echo "<pre>" . json_encode($_POST, JSON_PRETTY_PRINT) . "</pre>";
die();*/
require "../config.php";
require "../transaction.php";
$t = new transaction();
try {
// delete removed productions
foreach (dbConn::query("SELECT * FROM :prefix:production WHERE plan = :0", $_POST['plan']) as $r) {
$deleted = true;
if (isset($_POST['data'])) {
foreach ($_POST['data'] as $key => $val) {
if ($r['name'] == $val['uid']) {
$deleted = false;
}
}
}
if ($deleted) {
$t->addStatement("DELETE FROM :prefix:production WHERE plan = :0 AND name = :1", $_POST['plan'], $r['name']);
}
}
// update existing productions
if (isset($_POST['data'])) {
foreach ($_POST['data'] as $key => $val) {
require "../../config.php";
// no user logged in
if (!isset($_SESSION['user'])) {
header("location: " . ROOT . "login");
die;
}
if (!isset($_POST['userid'])) {
die("no userid given");
}
$visits = array();
foreach (dbConn::query("SELECT * FROM :prefix:visit WHERE user = :0", $_POST['userid']) as $r) {
$v = array();
$v['patientId'] = $r['patient'];
$v['relation'] = $r['relation'];
$v['description'] = $r['description'];
$v['scent'] = $r['scent'];
// images
$images = array();
foreach (dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $r['visitId'], "Image") as $r) {
array_push($images, $r['path']);
}
$v['images'] = $images;
// audios
$audios = array();
foreach (dbConn::query("SELECT * FROM :prefix:visit_media WHERE visitId = :0 AND type = :1", $r['visitId'], "Audio") as $r) {
array_push($audios, $r['path']);
}
$v['audios'] = $audios;
array_push($visits, $v);
}
echo json_encode($visits);
$set->db_user = "******";
$set->db_host = "' . $_POST['host'] . '";
$set->db_pass = "******";
$set->url = "' . $_POST['site_url'] . '";
include "mysql.class.php";
$set = new stdClass(); //dont use "/" at the end
$db = new dbConn($set->db_host,$set->db_user,$set->db_pass,$set->db_name);
';
if (!fwrite($fp, trim($content))) {
$error = 1;
}
fclose($fp);
include "connect.php";
include "mysql.class.php";
$db = new dbConn($set->db_host, $set->db_user, $set->db_pass, $set->db_name);
if (!$db->query("CREATE TABLE IF NOT EXISTS `dl_links` (\n `id` int(11) NOT NULL AUTO_INCREMENT,\n `name` varchar(200) NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;")) {
$error = 1;
}
if (!$db->query("INSERT INTO `dl_links` (`id`, `links`) VALUES\n(1,http://syriasis.com);")) {
$error = 1;
}
if (!$db->query("CREATE TABLE IF NOT EXISTS `dl_set` (\n `func` int(11) NOT NULL,\n `c**t` int(11) NOT NULL,\n) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;")) {
$error = 1;
}
if (!$db->query("INSERT INTO `dl_set` (`func`, `count`) VALUES\n(views,1);")) {
$error = 1;
}
if (!$db->query("INSERT INTO `dl_set` (`func`, `count`) VALUES\n(lcount,1);")) {
$error = 1;
}
if ($error) {
$tpl->removeVariables();
echo $tpl->getOutput();
break;
case "history":
echo getHistory(0);
break;
case "newplan":
$tpl = new template("admin/plan.create");
echo $tpl->getOutput();
break;
case "email":
$tpl = new template("admin/mail.container");
foreach (dbConn::query("SELECT * FROM :prefix:plan ORDER BY created DESC") as $r) {
$tpl->insert("plans", template::create("admin/mail.plan", array("name" => $r['name'])));
}
foreach (dbConn::query("SELECT DISTINCT name, email FROM :prefix:worker ORDER BY name ASC") as $r) {
$rec = new template("admin/mail.recipient");
$rec->insert("name", $r['name']);
$rec->insert("address", $r['email']);
foreach (dbConn::query("SELECT DISTINCT name FROM :prefix:plan", $r['name'], $r['email']) as $s) {
$rec->insert("plans", template::create("admin/mail.recipient.plan", array("name" => $s['name'], "checked" => dbConn::querySingle("SELECT COUNT(*) FROM :prefix:worker \n WHERE name = :0 AND email = :1 AND plan = :2", $r['name'], $r['email'], $s['name']) > 0 ? "checked" : "")));
}
$tpl->insert("recipients", $rec);
}
$tpl->removeVariables();
echo $tpl->getOutput();
break;
default:
echo "\n <div class='alert alert-danger' role='alert'>\n <span class='sr-only'>Fehler:</span>\n Funktion nicht implementiert\n </div>";
break;
}
/**
* Loads all children of the current page.
*
* @return Array All children of the current page.
* @since Version 1.2
*/
private function getUrlChildren($parentId)
{
$children = array();
$query = $parentId == null ? "SELECT * FROM :prefix:content WHERE parentId IS NULL" : "SELECT * FROM :prefix:content WHERE parentId = :0";
foreach (\dbConn::query($query, $parentId) as $r) {
$children[] = array("url" => $r['url'], "identifier" => $r['contentId']);
if (\dbConn::querySingle("SELECT COUNT(*) FROM :prefix:content WHERE parentId = :0", $r['contentId']) > 0) {
$children[] = $this->getUrlChildren($r['contentId']);
}
}
return $children;
}
function groupShifts($plan)
{
// group shifts by same begin and end time
$shifts = array();
foreach (dbConn::query("SELECT * FROM :prefix:production WHERE plan = :0 ORDER BY position", $plan) as $r) {
// init with first production
if (count($shifts) == 0) {
$new = array();
$new['productions'] = array();
$new['productions'][] = $r['name'];
$new['shifts'] = array();
foreach (dbConn::query("SELECT * FROM :prefix:production_shift AS ps\n INNER JOIN :prefix:shift AS sh\n ON ps.shift = sh.shiftId\n WHERE production = :0 AND sh.plan = :1 \n ORDER BY fromDate ASC, toDate DESC", $r['name'], $plan) as $s) {
$new['shifts'][] = $s['fromDate'] . "-" . $s['toDate'];
}
$shifts[] = $new;
} else {
$c = 0;
$arr = array();
$collision = false;
$hasShifts = false;
foreach (dbConn::query("SELECT * FROM :prefix:production_shift AS ps\n INNER JOIN :prefix:shift AS sh\n ON ps.shift = sh.shiftId\n WHERE production = :0 AND sh.plan = :1\n ORDER BY fromDate ASC, toDate DESC", $r['name'], $plan) as $s) {
$arr[] = $s['fromDate'] . "-" . $s['toDate'];
$hasShifts = true;
}
if (!$hasShifts) {
continue;
}
// detect collision
$collisionFreeIndex = -1;
foreach ($shifts as $key1 => $entry) {
$collision = false;
foreach ($entry['shifts'] as $key2 => $val) {
$from1 = explode("-", str_replace(":", "", $val))[0];
$to1 = explode("-", str_replace(":", "", $val))[1];
foreach ($arr as $str) {
if ($val == $str) {
continue;
}
$from2 = explode("-", str_replace(":", "", $str))[0];
$to2 = explode("-", str_replace(":", "", $str))[1];
if ($from1 < $to2 && $from2 < $to1) {
$collision = true;
}
}
}
if (!$collision) {
$collisionFreeIndex = $c;
break;
}
$c++;
}
if ($collision) {
$new = array();
$new['productions'] = array();
$new['productions'][] = $r['name'];
$new['shifts'] = $arr;
$shifts[] = $new;
} else {
$shifts[$collisionFreeIndex]['productions'][] = $r['name'];
foreach ($arr as $a) {
$c = 0;
if (!in_array($a, $shifts[$collisionFreeIndex]['shifts'])) {
foreach ($shifts[$collisionFreeIndex]['shifts'] as $sh) {
if (explode("-", str_replace(":", "", $sh))[0] > explode("-", str_replace(":", "", $a))[0]) {
$newArr = array();
for ($i = 0; $i < $c; $i++) {
$newArr[] = $shifts[$collisionFreeIndex]['shifts'][$i];
}
$newArr[] = $a;
for ($i = $c; $i < count($shifts[$collisionFreeIndex]['shifts']); $i++) {
$newArr[] = $shifts[$collisionFreeIndex]['shifts'][$i];
}
$shifts[$collisionFreeIndex]['shifts'] = $newArr;
break;
}
$c++;
}
}
}
}
}
}
// caluclate columns
$maxProductionCount = 6;
// max productions per row
$productionTimeSize = 2;
// adds this value to every time plan
$counter = 0;
$rowCount = 0;
foreach ($shifts as $key => $value) {
if ($counter + count($value['productions']) > $maxProductionCount) {
$shifts[$key]['row'] = $rowCount;
$rowCount++;
$counter = count($value['productions']);
} else {
$counter += count($value['productions']);
}
if (!isset($shifts[$key]['row'])) {
$shifts[$key]['row'] = $rowCount;
}
$shifts[$key]['size'] = count($shifts[$key]['productions']);
}
//echo("<pre>" . json_encode($shifts, JSON_PRETTY_PRINT) . "</pre>");
return $shifts;
}
