コード例 #1
0
ファイル: functions.php プロジェクト: ratbird/hope
/**
 * searches
 *
 * @global array $perm
 * @global object $user
 * @global array $_fullname_sql
 *
 * @param string $search_str  optional search-string
 * @param string $search_user optional user to search for
 * @param bool   $show_sem    if true, the seminar is added to the result
 *
 * @return array
 */
function search_range($search_str = false, $search_user = false, $show_sem = true)
{
    global $perm, $user, $_fullname_sql;
    // Helper function that obtains the correct name for an entity taking
    // in account whether the semesters should be displayed or not
    $formatName = function ($row) use($show_sem) {
        $name = $row['Name'];
        if ($show_sem) {
            $name = sprintf('%s (%s%s)', $name, $row['startsem'], $row['startsem'] != $row['endsem'] ? ' - ' . $row['endsem'] : '');
        }
        return $name;
    };
    $search_result = array();
    $show_sem_sql1 = ",s.start_time,sd1.name AS startsem,IF(s.duration_time=-1, '" . _("unbegrenzt") . "', sd2.name) AS endsem ";
    $show_sem_sql2 = "LEFT JOIN semester_data sd1 ON (start_time BETWEEN sd1.beginn AND sd1.ende)\n                      LEFT JOIN semester_data sd2 ON (start_time + duration_time BETWEEN sd2.beginn AND sd2.ende)";
    if ($search_str && $perm->have_perm('root')) {
        if ($search_user) {
            $query = "SELECT user_id, CONCAT({$_fullname_sql['full']}, ' (', username, ')') AS name\n                      FROM auth_user_md5 AS a\n                      LEFT JOIN user_info USING (user_id)\n                      WHERE CONCAT(Vorname, ' ', Nachname, ' ', username) LIKE CONCAT('%', ?, '%')\n                      ORDER BY Nachname, Vorname";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($search_str));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $search_result[$row['user_id']] = array('type' => 'user', 'name' => $row['name']);
            }
        }
        $_hidden = _('(versteckt)');
        $query = "SELECT Seminar_id, IF(s.visible = 0, CONCAT(s.Name, ' {$_hidden}'), s.Name) AS Name %s\n                  FROM seminare AS s %s\n                  WHERE s.Name LIKE CONCAT('%%', ?, '%%')\n                  ORDER BY start_time DESC, Name";
        $query = $show_sem ? sprintf($query, $show_sem_sql1, $show_sem_sql2) : sprintf($query, '', '');
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($search_str));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Seminar_id']] = array('type' => 'sem', 'name' => $formatName($row), 'starttime' => $row['start_time'], 'startsem' => $row['startsem']);
        }
        $query = "SELECT Institut_id, Name, IF(Institut_id = fakultaets_id, 'fak', 'inst') AS type\n                  FROM Institute\n                  WHERE Name LIKE CONCAT('%', ?, '%')\n                  ORDER BY Name";
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($search_str));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Institut_id']] = array('type' => $row['type'], 'name' => $row['Name']);
        }
    } elseif ($search_str && $perm->have_perm('admin')) {
        $_hidden = _('(versteckt)');
        $query = "SELECT s.Seminar_id, IF(s.visible = 0, CONCAT(s.Name, ' {$_hidden}'), s.Name) AS Name %s\n                  FROM user_inst AS a\n                  LEFT JOIN seminare AS s USING (Institut_id) %s\n                  WHERE a.user_id = ? AND a.inst_perms = 'admin' AND s.Name LIKE CONCAT('%%', ?, '%%')\n                  ORDER BY start_time";
        $query = $show_sem ? sprintf($query, $show_sem_sql1, $show_sem_sql2) : sprintf($query, '', '');
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($user->id, $search_str));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Seminar_id']] = array('type' => 'sem', 'name' => $formatName($row), 'starttime' => $row['start_time'], 'startsem' => $row['startsem']);
        }
        $query = "SELECT b.Institut_id, b.Name\n                  FROM user_inst AS a\n                  LEFT JOIN Institute AS b USING (Institut_id)\n                  WHERE a.user_id = ? AND a.inst_perms = 'admin'\n                    AND a.institut_id != b.fakultaets_id AND b.Name LIKE CONCAT('%', ?, '%')\n                  ORDER BY Name";
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($user->id, $search_str));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Institut_id']] = array('type' => 'inst', 'name' => $row['Name']);
        }
        if ($perm->is_fak_admin()) {
            $_hidden = _('(versteckt)');
            $query = "SELECT s.Seminar_id, IF(s.visible = 0, CONCAT(s.Name, ' {$_hidden}'), s.Name) AS Name %s\n                      FROM user_inst AS a\n                      LEFT JOIN Institute AS b ON (a.Institut_id = b.Institut_id AND b.Institut_id = b.fakultaets_id)\n                      LEFT JOIN Institute AS c ON (c.fakultaets_id = b.Institut_id AND c.fakultaets_id != c.Institut_id)\n                      LEFT JOIN seminare AS s ON (s.Institut_id = c.Institut_id) %s\n                      WHERE a.user_id = ? AND a.inst_perms = 'admin'\n                        AND NOT ISNULL(b.Institut_id) AND s.Name LIKE CONCAT('%%', ?, '%%')\n                      ORDER BY start_time DESC, Name";
            $query = $show_sem ? sprintf($query, $show_sem_sql1, $show_sem_sql2) : sprintf($query, '', '');
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($user->id, $search_str));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $search_result[$row['Seminar_id']] = array('type' => 'sem', 'name' => $formatName($row), 'starttime' => $row['start_time'], 'startsem' => $row['startsem']);
            }
            $query = "SELECT c.Institut_id, c.Name\n                      FROM user_inst AS a\n                      LEFT JOIN Institute AS b ON (a.Institut_id = b.Institut_id AND b.Institut_id = b.fakultaets_id)\n                      LEFT JOIN Institute AS c ON (c.fakultaets_id = b.institut_id AND c.fakultaets_id != c.institut_id)\n                      WHERE a.user_id = ? AND a.inst_perms = 'admin'\n                        AND NOT ISNULL(b.Institut_id) AND c.Name LIKE CONCAT('%', ?, '%')\n                      ORDER BY Name";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($user->id, $search_str));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $search_result[$row['Institut_id']] = array('type' => 'inst', 'name' => $row['Name']);
            }
            $query = "SELECT b.Institut_id, b.Name\n                      FROM user_inst AS a\n                      LEFT JOIN Institute AS b ON (a.Institut_id = b.Institut_id AND b.Institut_id = b.fakultaets_id)\n                      WHERE a.user_id = ? AND a.inst_perms = 'admin'\n                        AND NOT ISNULL(b.Institut_id) AND b.Name LIKE CONCAT('%', ?, '%')\n                      ORDER BY Name";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($user->id, $search_str));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $search_result[$row['Institut_id']] = array('type' => 'inst', 'name' => $row['Name']);
            }
        }
    } elseif ($perm->have_perm('tutor') || $perm->have_perm('autor')) {
        // autors my also have evaluations and news in studygroups with proper rights
        $_hidden = _('(versteckt)');
        $query = "SELECT s.Seminar_id, IF(s.visible = 0, CONCAT(s.Name, ' {$_hidden}'), s.Name) AS Name %s\n                  FROM seminar_user AS a\n                  LEFT JOIN seminare AS s USING (Seminar_id) %s\n                  WHERE a.user_id = ? AND a.status IN ('tutor', 'dozent')\n                  ORDER BY start_time DESC, Name";
        $query = $show_sem ? sprintf($query, $show_sem_sql1, $show_sem_sql2) : sprintf($query, '', '');
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($user->id));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Seminar_id']] = array('type' => 'sem', 'name' => $formatName($row), 'starttime' => $row['start_time'], 'startsem' => $row['startsem']);
        }
        $query = "SELECT Institut_id, b.Name,\n                         IF (Institut_id = fakultaets_id, 'fak', 'inst') AS type\n                  FROM user_inst AS a\n                  LEFT JOIN Institute AS b USING (Institut_id)\n                  WHERE a.user_id = ? AND a.inst_perms IN ('dozent','tutor')\n                  ORDER BY Name";
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($user->id));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Institut_id']] = array('name' => $row['Name'], 'type' => $row['type']);
        }
    }
    if (get_config('DEPUTIES_ENABLE')) {
        $_hidden = _('(versteckt)');
        $_deputy = _('Vertretung');
        $query = "SELECT s.Seminar_id,\n                         CONCAT(IF(s.visible = 0, CONCAT(s.Name, ' {$_hidden}'), s.Name), ' [{$_deputy}]') AS Name %s\n                  FROM seminare AS s\n                  JOIN deputies AS d ON (s.Seminar_id = d.range_id) %s\n                  WHERE d.user_id = ?\n                  ORDER BY s.start_time DESC, Name";
        $query = $show_sem ? sprintf($query, $show_sem_sql1, $show_sem_sql2) : sprintf($query, '', '');
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($user->id));
        while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
            $search_result[$row['Seminar_id']] = array('type' => 'sem', 'name' => $formatName($row), 'starttime' => $row['start_time'], 'startsem' => $row['startsem']);
        }
        if (isDeputyEditAboutActivated()) {
            $query = "SELECT a.user_id, a.username, 'user' AS type,\n                             CONCAT({$_fullname_sql['full']}, ' (', username, ')') AS name\n                      FROM auth_user_md5 AS a\n                      JOIN user_info USING (user_id)\n                      JOIN deputies AS d ON (a.user_id = d.range_id)\n                      WHERE d.user_id = ?\n                      ORDER BY name ASC";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($user->id));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $search_result[$row['user_id']] = $row;
            }
        }
    }
    return $search_result ?: null;
}
コード例 #2
0
ファイル: Seminar_Perm.class.php プロジェクト: ratbird/hope
 /**
  * @param $range_id
  * @param $user_id
  * @return bool|string
  */
 function get_uncached_profile_perm($range_id, $user_id)
 {
     $status = false;
     if ($range_id == $user_id && $this->have_perm('autor', $user_id)) {
         // user on his own profile
         $status = 'user';
     } else {
         if (isDeputyEditAboutActivated() && isDeputy($user_id, $range_id, true)) {
             // user is an assigned deputy
             $status = 'user';
         } else {
             if ($this->have_perm('root', $user_id)) {
                 // respect root's authority
                 $status = 'admin';
             } else {
                 if ($this->have_perm('admin', $user_id)) {
                     // institute admin may have permission
                     $db = DBManager::get();
                     $stmt = $db->prepare("SELECT a.inst_perms FROM user_inst AS a " . "LEFT JOIN user_inst AS b USING (Institut_id) " . "WHERE a.user_id = ? AND a.inst_perms = 'admin' " . "  AND b.user_id = ? AND b.inst_perms IN ('autor', 'tutor', 'dozent')");
                     $stmt->execute(array($user_id, $range_id));
                     if ($stmt->fetchColumn()) {
                         $status = 'admin';
                     } else {
                         if ($this->is_fak_admin($user_id)) {
                             $stmt = $db->prepare("SELECT a.inst_perms FROM user_inst a " . "LEFT JOIN Institute i ON a.Institut_id = i.fakultaets_id " . "LEFT JOIN user_inst b ON b.Institut_id = i.Institut_id " . "WHERE a.user_id = ? AND a.inst_perms = 'admin' " . "  AND b.user_id = ? AND b.inst_perms != 'user'");
                             $stmt->execute(array($user_id, $range_id));
                             if ($stmt->fetchColumn()) {
                                 $status = 'admin';
                             }
                         }
                     }
                 }
             }
         }
     }
     return $status;
 }
コード例 #3
0
 function callSafeguard($evalAction, $evalID = "", $showrangeID = NULL, $search = NULL, $referer = NULL)
 {
     global $perm, $auth, $user;
     if (!($evalAction || $evalAction == "search")) {
         return " ";
     }
     if (!$perm->have_studip_perm("tutor", $showrangeID) && $user->id != $showrangeID && !(isDeputyEditAboutActivated() && isDeputy($user->id, $showrangeID, true))) {
         return $this->createSafeguard("ausruf", sprintf(_("Sie haben keinen Zugriff auf diesen Bereich.")));
     }
     $evalDB = new EvaluationDB();
     $evalChanged = NULL;
     $safeguard = " ";
     /* Actions without any permissions ---------------------------------- */
     switch ($evalAction) {
         case "search_template":
             $search = trim($search);
             $templates = $evalDB->getPublicTemplateIDs($search);
             if (strlen($search) < EVAL_MIN_SEARCHLEN) {
                 $report = EvalCommon::createReportMessage(sprintf(_("Bitte einen Suchbegriff mit mindestens %d Buchstaben eingeben."), EVAL_MIN_SEARCHLEN), EVAL_PIC_ERROR, EVAL_CSS_ERROR);
             } elseif (count($templates) == 0) {
                 $report = EvalCommon::createReportMessage(_("Es wurden keine passenden öffentlichen Evaluationsvorlagen gefunden."), EVAL_PIC_ERROR, EVAL_CSS_ERROR);
             } else {
                 $report = EvalCommon::createReportMessage(sprintf(_("Es wurde(n) %d passende öffentliche Evaluationsvorlagen gefunden."), count($templates)), EVAL_PIC_SUCCESS, EVAL_CSS_SUCCESS);
             }
             $safeguard .= $report->createContent();
             return $safeguard;
         case "export_request":
             /* Check permissions ------------------------------------------- */
             $haveNoPerm = YES;
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_NO_CHILDREN);
             $haveNoPerm = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval);
             if ($haveNoPerm == YES) {
                 $report = EvalCommon::createReportMessage(_("Sie haben nicht die Berechtigung diese Evaluation zu exportieren."), EVAL_PIC_ERROR, EVAL_CSS_ERROR);
                 return $report->createContent();
             }
             /* -------------------------------------- end: check permissions */
             /* Export evaluation ------------------------------------------- */
             $exportManager = new EvaluationExportManagerCSV($evalID);
             $exportManager->export();
             /* -------------------------------------- end: export evaluation */
             /* Create link ------------------------------------------------- */
             $link = new HTML("a");
             $link->addAttr('href', GetDownloadLink($exportManager->getTempFilename(), $exportManager->getFilename(), 2));
             $link->addHTMLContent(GetFileIcon('csv')->asImg());
             $link->addContent(_("auf diese Verknüpfung"));
             /* -------------------------------------------- end: create link */
             /* Create report ----------------------------------------------- */
             if ($exportManager->isError()) {
                 $report = EvalCommon::createErrorReport($exportManager, _("Fehler beim Exportieren"));
             } else {
                 $report = EvalCommon::createReportMessage(_("Die Daten wurden erfolgreich exportiert. Sie können die Ausgabedatei jetzt herunterladen."), EVAL_PIC_SUCCESS, EVAL_CSS_SUCCESS);
                 $report = $report->createContent();
                 $report .= sprintf(_("Bitte klicken Sie %s um die Datei herunter zu laden.") . "<br><br>", $link->createContent());
             }
             $safeguard .= $report;
             /* ------------------------------------------ end: create report */
             return $safeguard;
     }
     /* ----------------------------------- end: actions without permissions */
     $eval = new Evaluation($evalID, NULL, EVAL_LOAD_NO_CHILDREN);
     $evalName = htmlready($eval->getTitle());
     /* Check for errors while loading ------------------------------------- */
     if ($eval->isError()) {
         EvalCommon::createErrorReport($eval);
         return $this->createSafeguard("", EvalCommon::createErrorReport($eval));
     }
     /* -------------------------------------- end: errorcheck while loading */
     /* Check for permissions in all ranges of the evaluation -------------- */
     if (!$eval->isTemplate() && $user->id != $eval->getAuthorID()) {
         $no_permisson = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval);
         if ($no_permisson > 0) {
             if ($no_permisson == 1) {
                 $no_permission_msg .= sprintf(_("Die Evaluation <b>%s</b> ist einem Bereich zugeordnet, für den Sie keine Veränderungsrechte besitzen."), $evalName);
             } else {
                 $no_permission_msg .= sprintf(_("Die Evaluation <b>%s</b> ist %s Bereichen zugeordnet, für die Sie keine Veränderungsrechte besitzen."), $evalName, $no_permisson);
             }
             if ($evalAction != "save") {
                 $no_permission_msg .= " " . _("Der Besitzer wurde durch eine systeminterne Nachricht informiert.");
                 $sms = new messaging();
                 $sms->insert_message(sprintf(_("Benutzer **%s** hat versucht eine unzulässige Änderung an Ihrer Evaluation **%s** vorzunehmen."), get_username($auth->auth["uid"]), $eval->getTitle()), get_username($eval->getAuthorID()), "____%system%____", FALSE, FALSE, "1", FALSE, _("Versuchte Änderung an Ihrer Evaluation"));
             }
         }
     } else {
         if ($eval->isTemplate() && $user->id != $eval->getAuthorID() && $evalAction != "copy_public_template" && $evalAction != "search_showrange") {
             $sms = new messaging();
             $sms->insert_message(sprintf(_("Benutzer **%s** hat versucht eine unzulässige Änderung an Ihrem Template **%s** vorzunehmen."), get_username($auth->auth["uid"]), $eval->getTitle()), get_username($eval->getAuthorID()), "____%system%____", FALSE, FALSE, "1", FALSE, _("Versuchte Änderung an Ihrem Template"));
             return $this->createSafeguard("ausruf", sprintf(_("Sie besitzen keine Rechte für das Tempate <b>%s</b>. Der Besitzer wurde durch eine systeminterne Nachricht informiert."), $evalName));
         }
     }
     /* ----------------------------------------- end: check for permissions */
     switch ($evalAction) {
         case "share_template":
             if ($eval->isShared()) {
                 $eval->setShared(NO);
                 $eval->save();
                 if ($eval->isError()) {
                     $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                     return $safeguard;
                 }
                 $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluationsvorlage <b>%s</b> kann jetzt nicht mehr von anderen Benutzern gefunden werden."), $evalName));
             } else {
                 $eval->setShared(YES);
                 $eval->save();
                 if ($eval->isError()) {
                     $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                     return $safeguard;
                 }
                 $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluationsvorlage <b>%s</b> kann jetzt von anderen Benutzern gefunden werden."), $evalName));
             }
             break;
         case "copy_public_template":
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $newEval = $eval->duplicate();
             $newEval->setAuthorID($auth->auth["uid"]);
             $newEval->setShared(NO);
             $newEval->setStartdate(NULL);
             $newEval->setStopdate(NULL);
             $newEval->setTimespan(NULL);
             $newEval->removeRangeIDs();
             $newEval->save();
             if ($newEval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($newEval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die öffentliche Evaluationsvorlage <b>%s</b> wurde zu den eigenen Evaluationsvorlagen kopiert."), $evalName));
             break;
         case "start":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht gestartet."));
             }
             $eval->setStartdate(time() - 500);
             $eval->save();
             if ($eval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde gestartet."), $evalName));
             $evalChanged = YES;
             break;
         case "stop":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht beendet."));
             }
             $eval->setStopdate(time());
             $eval->save();
             if ($eval->isError()) {
                 EvalCommon::createErrorReport($eval);
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde beendet."), $evalName));
             $evalChanged = YES;
             break;
         case "continue":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht fortgesetzt."));
             }
             $eval->setStopdate(NULL);
             $eval->setStartdate(time() - 500);
             $eval->save();
             if ($eval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde fortgesetzt."), $evalName));
             $evalChanged = YES;
             break;
         case "restart_request":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht zurücksetzen."));
             }
             $safeguard .= $this->createSafeguard("ausruf", sprintf(_("Die Evaluation <b>%s</b> wirklich zurücksetzen? Dabei werden alle bisher abgegebenen Antworten gelöscht!"), $evalName), "restart_request", $evalID, $showrangeID, $referer);
             break;
         case "restart_confirmed":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht zurücksetzen."));
             }
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $eval->resetAnswers();
             $evalDB->removeUser($eval->getObjectID());
             $eval->setStartdate(NULL);
             $eval->setStopdate(NULL);
             $eval->save();
             if ($eval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde zurückgesetzt."), $evalName));
             $evalChanged = YES;
             break;
         case "restart_aborted":
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde nicht zurückgesetzt."), $evalName), "", "", "", $referer);
             break;
         case "copy_own_template":
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $newEval = $eval->duplicate();
             $newEval->setShared(NO);
             $newEval->save();
             if ($newEval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($newEval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluationsvorlage <b>%s</b> wurde kopiert."), $evalName));
             break;
         case "delete_request":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht gelöscht."));
             }
             $text = $eval->isTemplate() ? sprintf(_("Die Evaluationsvorlage <b>%s </b>wirklich löschen?"), $evalName) : sprintf(_("Die Evaluation <b>%s </b>wirklich löschen?"), $evalName);
             $safeguard .= $this->createSafeguard("ausruf", $text, "delete_request", $evalID, $showrangeID, $referer);
             break;
         case "delete_confirmed":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht gelöscht."));
             }
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $eval->delete();
             if ($eval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $text = $eval->isTemplate() ? _("Die Evaluationsvorlage <b>%s</b> wurde gelöscht.") : _("Die Evaluation <b>%s</b> wurde gelöscht.");
             $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer);
             $evalChanged = YES;
             break;
         case "delete_aborted":
             $text = $eval->isTemplate() ? _("Die Evaluationsvorlage <b>%s</b> wurde nicht gelöscht.") : _("Die Evaluation <b>%s</b> wurde nicht gelöscht.");
             $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer);
             break;
         case "unlink_delete_aborted":
             $text = _("Die Evaluation <b>%s</b> wurde nicht verändert.");
             $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer);
             break;
         case "unlink_and_move":
             if ($no_permission_msg) {
                 return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht ausgehängt und zu den eigenen Evaluationsvorlagen verschoben."));
             }
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $eval->removeRangeIDs();
             $eval->setAuthorID($auth->auth["uid"]);
             $eval->resetAnswers();
             $evalDB->removeUser($eval->getObjectID());
             $eval->setStartdate(NULL);
             $eval->setStopdate(NULL);
             $eval->save();
             if ($eval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $text = _("Die Evaluation <b>%s</b> wurde aus allen Bereichen ausgehängt und zu den eigenen Evaluationsvorlagen verschoben.");
             $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer);
             break;
         case "created":
             $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde angelegt."), $evalName));
             break;
         case "save2":
         case "save":
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $update_message = sprintf(_("Die Evaluation <b>%s</b> wurde mit den Veränderungen gespeichert."), $evalName);
             /* Timesettings ---------------------------------------------------- */
             if (Request::option("startMode")) {
                 switch (Request::option("startMode")) {
                     case "manual":
                         $startDate = NULL;
                         break;
                     case "timeBased":
                         $startDate = EvalCommon::date2timestamp(Request::int("startDay"), Request::int("startMonth"), Request::int("startYear"), Request::int("startHour"), Request::int("startMinute"));
                         break;
                     case "immediate":
                         $startDate = time() - 1;
                         break;
                 }
                 if ($no_permission_msg && $eval->getStartdate != $startDate) {
                     $time_msg = $no_permission_msg . "<br>" . _("Die Einstellungen zur Startzeit wurden nicht verändert.");
                 }
             }
             if (Request::option("stopMode")) {
                 switch (Request::option("stopMode")) {
                     case "manual":
                         $stopDate = NULL;
                         $timeSpan = NULL;
                         break;
                     case "timeBased":
                         $stopDate = EvalCommon::date2timestamp(Request::int("stopDay"), Request::int("stopMonth"), Request::int("stopYear"), Request::int("stopHour"), Request::int("stopMinute"));
                         $timeSpan = NULL;
                         break;
                     case "timeSpanBased":
                         $stopDate = NULL;
                         $timeSpan = Request::get("timeSpan");
                         break;
                 }
                 if ($no_permission_msg && ($eval->getStopdate != $stopDate && $eval->getTimespan != $timeSpan)) {
                     $time_msg = $time_msg ? $time_msg . "<br>" : $no_permission_msg;
                     $time_msg .= _("Die Einstellungen zur Endzeit wurden nicht verändert.");
                 }
             }
             /* ----------------------------------------------- end: timesettings */
             /* link eval to ranges --------------------------------------------- */
             $link_range_Array = Request::optionArray("link_range");
             if ($link_range_Array) {
                 $isTemplate = $eval->isTemplate();
                 if ($isTemplate) {
                     $newEval = $eval->duplicate();
                     if ($newEval->isError()) {
                         $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($newEval));
                         return $safeguard;
                     }
                     $update_message = sprintf(_("Die Evaluationsvorlage <b>%s</b> wurde als Evaluation angelegt."), $evalName);
                     $newEval->setStartdate($startDate);
                     $newEval->setStopdate($stopDate);
                     $newEval->setTimespan($timeSpan);
                     $newEval->setShared(NO);
                 } else {
                     $newEval =& $eval;
                 }
                 $counter_linked = 0;
                 foreach ($link_range_Array as $link_rangeID => $v) {
                     if ($userid = get_userid($link_rangeID)) {
                         $link_rangeID = $userid;
                     }
                     $newEval->addRangeID($link_rangeID);
                     $counter_linked++;
                 }
                 if ($isTemplate) {
                     $newEval->save();
                 }
                 if ($newEval->isError()) {
                     $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Einhängen von Bereichen.") . EvalCommon::createErrorReport($newEval));
                     return $safeguard;
                 }
                 $message .= $message ? "<br>" : " ";
                 $message .= $counter_linked > 1 ? sprintf(_("Die Evaluation wurde in %s Bereiche eingehängt."), $counter_linked) : sprintf(_("Die Evaluation wurde in einen Bereich eingehängt."), $counter_linked);
             }
             /* ---------------------------------------- end: link eval to ranges */
             /* copy eval to ranges --------------------------------------------- */
             $copy_range_Array = Request::optionArray("copy_range");
             if (!empty($copy_range_Array)) {
                 $counter_copy = 0;
                 foreach ($copy_range_Array as $copy_rangeID => $v) {
                     if ($userid = get_userid($copy_rangeID)) {
                         $copy_rangeID = $userid;
                     }
                     $newEval = $eval->duplicate();
                     if (Request::option("startMode")) {
                         $newEval->setStartdate($startDate);
                     }
                     if (Request::get("stopMode")) {
                         $newEval->setStopdate($stopDate);
                         $newEval->setTimespan($timeSpan);
                     }
                     $newEval->setShared(NO);
                     $newEval->removeRangeIDs();
                     $evalDB->removeUser($newEval->getObjectID());
                     $newEval->addRangeID($copy_rangeID);
                     $newEval->save();
                     $counter_copy++;
                     if ($newEval->isError()) {
                         $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Kopieren von Evaluationen in Bereiche.") . EvalCommon::createErrorReport($newEval));
                         return $safeguard;
                     }
                 }
                 $message .= $message ? "<br>" : " ";
                 $message .= $counter_copy > 1 ? sprintf(_("Die Evaluation wurde in %s Bereiche kopiert."), $counter_copy) : sprintf(_("Die Evaluation wurde in einen Bereich kopiert."), $counter_copy);
             }
             /* ------------------------------------------- end: copy eval to ranges */
             /* unlink ranges ------------------------------------------------------- */
             $remove_range_Array = Request::optionArray("remove_range");
             if (!empty($remove_range_Array)) {
                 /* if all rangeIDs will be removed, so ask if it should be deleted -- */
                 if (sizeof($remove_range_Array) == $eval->getNumberRanges()) {
                     $text = _("Sie wollen die Evaluation <b>%s</b> aus allen ihr zugeordneten Bereichen aushängen.<br>Soll die Evaluation gelöscht oder zu Ihren eigenen Evaluationsvorlagen verschoben werden?");
                     $safeguard .= $this->createSafeguard("ausruf", sprintf($text, $evalName), "unlink_delete_request", $evalID, $showrangeID, $referer);
                     $update_message = NULL;
                     return $safeguard;
                 }
                 /* -------------------------------- end: ask if it should be deleted */
                 $no_permission_ranges = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval, YES);
                 $counter_no_permisson = 0;
                 if (is_array($no_permission_ranges)) {
                     foreach ($remove_range_Array as $remove_rangeID => $v) {
                         if ($userid = get_userid($remove_rangeID)) {
                             $remove_rangeID = $userid;
                         }
                         // no permisson to unlink this range
                         if (in_array($remove_rangeID, $no_permission_ranges)) {
                             $counter_no_permisson++;
                         }
                     }
                 }
                 // if there are no_permisson_ranges to unlink, return
                 if ($counter_no_permisson > 0) {
                     if ($counter_no_permisson == 1) {
                         $safeguard .= $this->createSafeguard("ausruf", _("Sie wollen die Evaluation aus einem Bereich aushängen, für den Sie keine Berechtigung besitzten.<br> Die Aktion wurde nicht ausgeführt."));
                     } else {
                         $safeguard .= $this->createSafeguard("ausruf", sprintf(_("Sie wollen die Evaluation aus %d Bereichen aushängen, für die Sie keine Berechtigung besitzten.<br> Die Aktion wurde nicht ausgeführt."), $counter_no_permisson));
                     }
                     return $safeguard;
                 }
                 reset($remove_range_Array);
                 $counter_copy = 0;
                 foreach ($remove_range_Array as $remove_rangeID => $v) {
                     if ($userid = get_userid($remove_rangeID)) {
                         $remove_rangeID = $userid;
                     }
                     // the current range will be removed
                     if ($showrangeID == $remove_rangeID) {
                         $current_range_removed = 1;
                     }
                     $eval->removeRangeID($remove_rangeID);
                     $counter_copy++;
                 }
                 if ($eval->isError()) {
                     $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Aushängen von Bereichen.") . EvalCommon::createErrorReport($eval));
                     return $safeguard;
                 }
                 $message .= $message ? "<br>" : " ";
                 $message .= $counter_copy > 1 ? sprintf(_("Die Evaluation wurde aus %s Bereichen ausgehängt."), $counter_copy) : sprintf(_("Die Evaluation wurde aus einem Bereich ausgehängt."), $counter_copy);
                 if ($eval->getNumberRanges() == 0) {
                     $message .= $message ? "<br>" : "";
                     $message .= _("Sie ist nun keinem Bereich mehr zugeordnet und wurde zu den eigenen Evaluationsvorlagen verschoben.");
                     $eval->setStartdate(NULL);
                     $eval->setStopdate(NULL);
                     $evalDB->removeUser($eval->getObjectID());
                     if ($eval->isError()) {
                         $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Kopieren von Evaluationen in Bereiche.") . EvalCommon::createErrorReport($newEval));
                         return $safeguard;
                     }
                 } else {
                     $no_permission_ranges = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval);
                     $number_of_ranges = $eval->getNumberRanges();
                     if ($number_of_ranges == $no_permission_ranges) {
                         $return["msg"] = $this->createSafeguard("ausruf", $message . "<br>" . sprintf(_("Sie haben die Evaluation <b>%s</b> aus allen ihren Bereichen ausgehängt."), $evalName));
                         $return["option"] = DISCARD_OPENID;
                         $eval->save();
                         if ($eval->isError()) {
                             $safeguard = $this->createSafeguard("ausruf", _("Fehler beim Aushängen einer Evaluationen aus allen Bereichen auf die Sie Zugriff haben.") . EvalCommon::createErrorReport($newEval));
                             return $safeguard;
                         }
                         return $return;
                     }
                 }
             }
             if ($eval->isTemplate()) {
                 if (empty($link_range) && empty($copy_range) && empty($remove_range)) {
                     $update_message = sprintf(_("Es wurden keine Veränderungen an der Evaluationsvorlage <b>%s</b> gespeichert."), $evalName);
                 }
             } else {
                 // nothing changed
                 if (!Request::option('startMode') && !Request::option('stopMode') && empty($link_range) && empty($copy_range) && empty($remove_range)) {
                     $update_message = _("Es wurden keine Veränderungen gespeichert.");
                 }
                 // set new start date
                 if (Request::option("startMode") && !$time_msg) {
                     $eval->setStartDate($startDate);
                     if ($startDate != NULL && $startDate <= time() - 1) {
                         $message .= $message ? "<br>" : " ";
                         $message .= _("Die Evaluation wurde gestartet.");
                     }
                 }
                 // set new stop date
                 if (Request::get("stopMode") && !$time_msg) {
                     $eval->setStopDate($stopDate);
                     $eval->setTimeSpan($timeSpan);
                     if ($stopDate != NULL && $stopDate <= time() - 1 || $timeSpan != NULL && $eval->getStartdate() != NULL && $eval->getStartdate() + $timeSpan <= time() - 1) {
                         $message .= $message ? "<br>" : " ";
                         $message .= _("Die Evaluation wurde beendet.");
                     }
                 }
                 if ($eval->isError()) {
                     $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                     return $safeguard;
                 }
                 $eval->save();
             }
             $evalChanged = YES;
             // start/endtime aren't saved, because of ranges with no permisson
             if ($time_msg) {
                 $safeguard .= $this->createSafeguard("ausruf", $time_msg);
             }
             // everything is just fine so print the all messages
             if ($update_message && !$time_msg) {
                 $safeguard .= $this->createSafeguard("ok", $update_message . "<br>" . $message);
             } elseif ($time_msg && $message) {
                 $safeguard .= $this->createSafeguard("ok", $message);
             }
             break;
         case "search_showrange":
         case "search_range":
             $search = Request::get("search");
             if (EvaluationObjectDB::getGlobalPerm(YES) < 31) {
                 $safeguard = $this->createSafeguard("ausruf", _("Sie besitzen keine Berechtigung eine Suche durchzuführen."));
                 return $safeguard;
             }
             $results = $evalDB->search_range($search);
             if (empty($search)) {
                 $safeguard .= $this->createSafeguard("ausruf", _("Bitte einen Suchbegriff eingeben."), $search);
             } elseif (sizeof($results) == 0) {
                 $safeguard .= $this->createSafeguard("ausruf", sprintf(_("Es wurde kein Bereich gefunden, der den Suchbegriff <b>%s</b> enthält."), htmlReady($search)), $search);
             } else {
                 $safeguard .= $this->createSafeguard("ok", sprintf(_("Es wurden %s Bereiche gefunden, die den Suchbegriff <b>%s</b> enthalten."), sizeof($results), htmlReady($search)), $search);
             }
             break;
         case "check_abort_creation":
             # check if the evaluation is new and not yet edited
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_NO_CHILDREN);
             $abort_creation = false;
             if ($eval->getTitle() == _("Neue Evaluation") && $eval->getText() == "") {
                 # the evaluationen may be not edited yet ... so continue checking
                 $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
                 $number_of_childs = $eval->getNumberChildren();
                 $child = $eval->getNextChild();
                 if ($number_of_childs == 1 && $child && $child->getTitle() == _("Erster Gruppierungsblock") && $child->getChildren() == NULL && $child->getText() == "") {
                     $abort_creation = true;
                 }
             }
             if ($abort_creation != true) {
                 break;
             }
             # continue abort_creation
         # continue abort_creation
         case "abort_creation":
             $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN);
             $eval->delete();
             // error_ausgabe
             if ($eval->isError()) {
                 $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval));
                 return $safeguard;
             }
             $safeguard .= $this->createSafeguard("ok", _("Die Erstellung einer Evaluation wurde abgebrochen."), "", "", "", $referer);
             break;
         case "nothing":
             break;
         default:
             $safeguard .= $this->createSafeguard("ausruf", _("Fehler! Es wurde versucht, eine nicht vorhandene Aktion auszuführen."));
             break;
     }
     /* Send SMS when eval has been modified by admin/root ----------------- */
     if ($evalChanged && $eval->getAuthorID() != $auth->auth["uid"]) {
         $sms = new messaging();
         $sms->insert_message(sprintf(_("An Ihrer Evaluation \"%s\" wurden von %s Änderungen vorgenommen."), $eval->getTitle(), get_username($auth->auth["uid"])), get_username($eval->getAuthorID()), "____%system%____", FALSE, FALSE, "1");
     }
     /* ------------------------------------------------------ end: send SMS */
     // the current range has been removed from the eval
     if ($current_range_removed) {
         $return["msg"] = $safeguard;
         $return["option"] = DISCARD_OPENID;
         return $return;
     } else {
         return $safeguard;
     }
 }
コード例 #4
0
ファイル: StudipNews.class.php プロジェクト: ratbird/hope
 /**
  * checks, if user has permission to perform given operation on news object
  *
  * @param string $operation       delete, unassign, edit, copy, or view
  * @param string $check_range_id  specified range-id, used only for unassign-operation
  * @param string $user_id         optional; check permission for
  *                                given user ID; otherwise for the
  *                                global $user's ID
  * @return boolean true or false
  */
 function havePermission($operation, $check_range_id = '', $user_id = null)
 {
     if (!$user_id) {
         $user_id = $GLOBALS['auth']->auth['uid'];
     }
     if (!in_array($operation, array('delete', 'unassign', 'edit', 'copy', 'view'))) {
         return false;
     }
     // in order to unassign, there must be more than one range assigned; $check_range_id must be specified.
     if ($operation == 'unassign' and count($this->getRanges()) < 2) {
         return false;
     }
     // root, owner, and owner's deputy have full permission
     if ($GLOBALS['perm']->have_perm('root', $user_id) or $user_id == $this->user_id and $GLOBALS['perm']->have_perm('autor') or isDeputyEditAboutActivated() and isDeputy($user_id, $this->user_id, true)) {
         return true;
     }
     // check news' ranges for edit, copy or view permission
     if ($operation == 'unassign' or $operation == 'delete') {
         $range_operation = 'edit';
     } else {
         $range_operation = $operation;
     }
     foreach ($this->getRanges() as $range_id) {
         if (StudipNews::haveRangePermission($range_operation, $range_id, $user_id)) {
             // in order to view, edit, copy, or unassign, access to one of the ranges is sufficient
             if ($operation == 'view' or $operation == 'edit' or $operation == 'copy') {
                 return true;
                 // in order to unassign, access to the specified range is needed
             } elseif ($operation == 'unassign' and $range_id == $check_range_id) {
                 return true;
             }
             // in order to delete, access to all ranges is necessary
             $permission_ranges++;
         } elseif ($operation == 'delete') {
             return false;
         }
     }
     if ($operation == 'delete' and count($this->getRanges()) == $permission_ranges) {
         return true;
     }
     return false;
 }
コード例 #5
0
ファイル: news.php プロジェクト: ratbird/hope
 /**
  * Searchs for studip areas using given search term
  *
  * @param string $term search term
  * @return array area data
  */
 function search_area($term)
 {
     global $perm;
     $result = array();
     if (strlen($term) < 3) {
         PageLayout::postMessage(MessageBox::error(_('Der Suchbegriff muss mindestens drei Zeichen lang sein.')));
         return $result;
     } elseif ($term == '__THIS_SEMESTER__') {
         $nr = 0;
         $current_semester = Semester::findCurrent();
         $query = "SELECT seminare.Name AS sem_name, seminare.Seminar_id, seminare.visible\n                      FROM seminar_user LEFT JOIN seminare  USING (Seminar_id)\n                      WHERE seminar_user.user_id = :user_id AND seminar_user.status IN('tutor', 'dozent')\n                      AND seminare.start_time <= :start\n                      AND (:start <= (seminare.start_time + seminare.duration_time)\n                      OR seminare.duration_time = -1)";
         if (get_config('DEPUTIES_ENABLE')) {
             $query .= " UNION SELECT CONCAT(seminare.Name, ' [" . _("Vertretung") . "]') AS sem_name, seminare.Seminar_id,\n                            seminare.visible\n                            FROM deputies JOIN seminare ON (deputies.range_id=seminare.Seminar_id)\n                            WHERE deputies.user_id = :user_id\n                            AND seminare.start_time <= :start\n                            AND (:start <= (seminare.start_time + seminare.duration_time)\n                            OR seminare.duration_time = -1)";
         }
         $query .= " ORDER BY sem_name ASC";
         $statement = DBManager::get()->prepare($query);
         $statement->bindValue(':user_id', $GLOBALS['auth']->auth['uid']);
         $statement->bindValue(':start', $current_semester["beginn"]);
         $statement->execute();
         $seminars = $statement->fetchAll(PDO::FETCH_ASSOC);
         foreach ($seminars as $key => $sem) {
             $tmp_result[$sem['Seminar_id']] = array('name' => $sem['sem_name'], 'type' => 'sem');
         }
         $term = '';
     } elseif ($term == '__MY_INSTITUTES__') {
         $term = '';
         if ($perm->have_perm('root')) {
             $tmp_result['studip'] = array('name' => 'Stud.IP', 'type' => 'global');
         }
         $inst_list = Institute::getMyInstitutes();
         if (count($inst_list)) {
             foreach ($inst_list as $data) {
                 $tmp_result[$data['Institut_id']] = array('name' => $data['Name'], 'type' => $data['is_fak'] ? 'fak' : 'inst');
             }
         }
     } else {
         $tmp_result = search_range($term, true);
         // add users
         if (stripos(get_fullname(), $term) !== false) {
             $tmp_result[$GLOBALS['auth']->auth['uid']] = array('name' => get_fullname(), 'type' => 'user');
         }
         if (isDeputyEditAboutActivated()) {
             $query = "SELECT DISTINCT a.user_id " . "FROM deputies d " . "JOIN auth_user_md5 a ON (d.range_id = a.user_id) " . "JOIN user_info u ON (a.user_id=u.user_id) " . "WHERE d.user_id = ? " . "AND CONCAT(u.title_front, ' ', a.Vorname, ' ', a.Nachname, ', ', u.title_rear) LIKE CONCAT('%',?,'%')";
             $statement = DBManager::get()->prepare($query);
             $statement->execute(array($GLOBALS['auth']->auth['uid'], $term));
             while ($data = $statement->fetch(PDO::FETCH_ASSOC)) {
                 $tmp_result[$data['user_id']] = array('name' => get_fullname($data['user_id']), 'type' => 'user');
             }
         }
     }
     // workaround: apply search term (ignored by search_range below admin)
     if (count($tmp_result) and !$GLOBALS['perm']->have_perm('admin') and $term) {
         foreach ($tmp_result as $id => $data) {
             if (stripos($data['name'], $term) === false) {
                 unset($tmp_result[$id]);
             }
         }
     }
     // prepare result
     if (count($tmp_result)) {
         foreach ($tmp_result as $id => $data) {
             $result[$data['type'] == 'fak' ? 'inst' : $data['type']][$id] = $data['name'];
         }
     } elseif ($term) {
         PageLayout::postMessage(MessageBox::error(_('Zu diesem Suchbegriff wurden keine Bereiche gefunden.')));
     }
     return $result;
 }
コード例 #6
0
ファイル: profile.php プロジェクト: ratbird/hope
 /**
  * Entry point of the controller that displays all the information of the selected or current user
  * @return void
  */
 public function index_action()
 {
     // Template Index_Box for render-partials
     $layout = $GLOBALS['template_factory']->open('shared/content_box');
     $this->shared_box = $layout;
     // if he has not yet stored into user_info, he comes in with no values
     if ($this->current_user->mkdate === null) {
         $this->current_user->store();
     }
     if (get_config('NEWS_RSS_EXPORT_ENABLE')) {
         $news_author_id = StudipNews::GetRssIdFromUserId($this->current_user->user_id);
         if ($news_author_id) {
             PageLayout::addHeadElement('link', array('rel' => 'alternate', 'type' => 'application/rss+xml', 'title' => 'RSS', 'href' => 'rss.php?id=' . $news_author_id));
         }
     }
     // Get Avatar
     $this->avatar = Avatar::getAvatar($this->current_user->user_id)->getImageTag(Avatar::NORMAL);
     // GetScroreList
     if (get_config('SCORE_ENABLE')) {
         if ($this->current_user->user_id === $GLOBALS['user']->id || $this->current_user->score) {
             $this->score = Score::GetMyScore($this->current_user);
             $this->score_title = Score::getTitel($this->score, $this->current_user->geschlecht);
         }
     }
     // Additional user information
     $this->public_email = get_visible_email($this->current_user->user_id);
     $this->motto = $this->profile->getVisibilityValue('motto');
     $this->private_nr = $this->profile->getVisibilityValue('privatnr', 'private_phone');
     $this->private_cell = $this->profile->getVisibilityValue('privatcell', 'private_cell');
     $this->privadr = $this->profile->getVisibilityValue('privadr', 'privadr');
     $this->homepage = $this->profile->getVisibilityValue('Home', 'homepage');
     // skype informations
     if (get_config('ENABLE_SKYPE_INFO') && $this->profile->checkVisibility('skype_name')) {
         $this->skype_name = UserConfig::get($this->current_user->user_id)->SKYPE_NAME;
         $this->skype_status = UserConfig::get($this->current_user->user_id)->SKYPE_ONLINE_STATUS && $this->profile->checkVisibility('skype_online_status');
     }
     // get generic datafield entries
     $this->shortDatafields = $this->profile->getShortDatafields();
     $this->longDatafields = $this->profile->getLongDatafields();
     // get working station of an user (institutes)
     $this->institutes = $this->profile->getInstitutInformations();
     // get studying informations of an user
     if ($this->current_user->perms != 'dozent') {
         $study_institutes = UserModel::getUserInstitute($this->current_user->user_id, true);
         if (count($study_institutes) > 0 && $this->profile->checkVisibility('studying')) {
             $this->study_institutes = $study_institutes;
         }
     }
     if ($this->current_user->user_id == $this->user->user_id && $GLOBALS['has_denoted_fields']) {
         $this->has_denoted_fields = true;
     }
     // get kings informations
     if (Config::Get()->SCORE_ENABLE) {
         if ($this->current_user->user_id === $GLOBALS['user']->id || $this->current_user->score) {
             $kings = $this->profile->getKingsInformations();
             if ($kings != null) {
                 $this->kings = $kings;
             }
         }
     }
     $show_admin = $this->perm->have_perm('autor') && $this->user->user_id == $this->current_user->user_id || isDeputyEditAboutActivated() && isDeputy($this->user->user_id, $this->current_user->user_id, true);
     if ($this->profile->checkVisibility('news') or $show_admin === true) {
         $response = $this->relay('news/display/' . $this->current_user->user_id);
         $this->news = $response->body;
     }
     // calendar
     if (get_config('CALENDAR_ENABLE')) {
         if (!in_array($this->current_user->perms, words('admin root'))) {
             if ($this->profile->checkVisibility('termine')) {
                 $response = $this->relay('calendar/contentbox/display/' . $this->current_user->user_id);
                 $this->dates = $response->body;
             }
         }
     }
     // include and show votes and tests
     if (get_config('VOTE_ENABLE') && $this->profile->checkVisibility('votes')) {
         $response = $this->relay('questionnaire/widget/' . $this->current_user->user_id . "/user");
         $this->votes = $response->body;
     }
     // Hier werden Lebenslauf, Hobbys, Publikationen und Arbeitsschwerpunkte ausgegeben:
     $ausgabe_felder = array('lebenslauf' => _('Lebenslauf'), 'hobby' => _('Hobbys'), 'publi' => _('Publikationen'), 'schwerp' => _('Arbeitsschwerpunkte'));
     $ausgabe_inhalt = array();
     foreach ($ausgabe_felder as $key => $value) {
         if ($this->profile->checkVisibility($key)) {
             $ausgabe_inhalt[$value] = $this->current_user[$key];
         }
     }
     $this->ausgabe_inhalt = array_filter($ausgabe_inhalt);
     // Anzeige der Seminare, falls User = dozent
     if ($this->current_user['perms'] == 'dozent') {
         $this->seminare = array_filter($this->profile->getDozentSeminars());
     }
     // Hompageplugins
     $homepageplugins = PluginEngine::getPlugins('HomepagePlugin');
     foreach ($homepageplugins as $homepageplugin) {
         if ($homepageplugin->isActivated($this->current_user->user_id, 'user')) {
             // get homepageplugin tempaltes
             $template = $homepageplugin->getHomepageTemplate($this->current_user->user_id);
             // create output of the plugins
             if (!empty($template)) {
                 $render .= $template->render(null, $layout);
             }
             $layout->clear_attributes();
         }
     }
     $this->hompage_plugin = $render;
     // show literature info
     if (get_config('LITERATURE_ENABLE')) {
         $lit_list = StudipLitList::GetFormattedListsByRange($this->current_user->user_id);
         if ($this->current_user->user_id == $this->user->user_id) {
             $this->admin_url = 'dispatch.php/literature/edit_list.php?_range_id=self';
             $this->admin_title = _('Literaturlisten bearbeiten');
         }
         if ($this->profile->checkVisibility('literature')) {
             $this->show_lit = true;
             $this->lit_list = $lit_list;
         }
     }
     // get categories
     $category = Kategorie::findByUserId($this->current_user->user_id);
     foreach ($category as $cat) {
         $head = $cat->name;
         $body = $cat->content;
         unset($vis_text);
         if ($this->user->user_id == $this->current_user->user_id) {
             $vis_text .= ' ( ' . Visibility::getStateDescription('kat_' . $cat->kategorie_id) . ' )';
         }
         if ($this->profile->checkVisibility('kat_' . $cat->kategorie_id)) {
             $categories[$cat->kategorie_id]['head'] = $head;
             $categories[$cat->kategorie_id]['zusatz'] = $vis_text;
             $categories[$cat->kategorie_id]['content'] = $body;
         }
     }
     if (!empty($categories)) {
         $this->categories = array_filter($categories, function ($item) {
             return !empty($item['content']);
         });
     }
 }