function make_navigation()
{
global $p, $privileges;
$menu = array();
$pages = array("news" => news_title(), "user_meetings" => meetings_title(), "user_shifts" => shifts_title(), "angeltypes" => angeltypes_title(), "user_questions" => questions_title());
foreach ($pages as $page => $title) {
if (in_array($page, $privileges)) {
$menu[] = toolbar_item_link(page_link_to($page), '', $title, $page == $p);
}
}
$admin_menu = array();
$admin_pages = array("admin_arrive" => admin_arrive_title(), "admin_active" => admin_active_title(), "admin_user" => admin_user_title(), "admin_free" => admin_free_title(), "admin_questions" => admin_questions_title(), "shifttypes" => shifttypes_title(), "admin_shifts" => admin_shifts_title(), "admin_rooms" => admin_rooms_title(), "admin_groups" => admin_groups_title(), "admin_import" => admin_import_title(), "admin_log" => admin_log_title());
foreach ($admin_pages as $page => $title) {
if (in_array($page, $privileges)) {
$admin_menu[] = toolbar_item_link(page_link_to($page), '', $title, $page == $p);
}
}
if (count($admin_menu) > 0) {
$menu[] = toolbar_dropdown('', _("Admin"), $admin_menu);
}
return toolbar($menu);
}
$title = questions_title();
$content = user_questions();
} elseif ($p == "user_settings") {
$title = settings_title();
$content = user_settings();
} elseif ($p == "login") {
$title = login_title();
$content = guest_login();
} elseif ($p == "register") {
$title = register_title();
$content = guest_register();
} elseif ($p == "logout") {
$title = logout_title();
$content = guest_logout();
} elseif ($p == "admin_questions") {
$title = admin_questions_title();
$content = admin_questions();
} elseif ($p == "admin_user") {
$title = admin_user_title();
$content = admin_user();
} elseif ($p == "admin_arrive") {
$title = admin_arrive_title();
$content = admin_arrive();
} elseif ($p == "admin_active") {
$title = admin_active_title();
$content = admin_active();
} elseif ($p == "admin_free") {
$title = admin_free_title();
$content = admin_free();
} elseif ($p == "admin_news") {
require_once realpath(__DIR__ . '/../includes/pages/admin_news.php');
function admin_questions()
{
global $user;
if (!isset($_REQUEST['action'])) {
$unanswered_questions_table = array();
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
$unanswered_questions_table[] = array('from' => User_Nick_render($user_source), 'question' => str_replace("\n", "<br />", $question['Question']), 'answer' => form(array(form_textarea('answer', '', ''), form_submit('submit', _("Save"))), page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs'));
}
$answered_questions_table = array();
$questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
if ($user_source === false) {
engelsystem_error("Unable to load user.");
}
$answer_user_source = User($question['AID']);
if ($answer_user_source === false) {
engelsystem_error("Unable to load user.");
}
$answered_questions_table[] = array('from' => User_Nick_render($user_source), 'question' => str_replace("\n", "<br />", $question['Question']), 'answered_by' => User_Nick_render($answer_user_source), 'answer' => str_replace("\n", "<br />", $question['Answer']), 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs'));
}
return page_with_title(admin_questions_title(), array('<h2>' . _("Unanswered questions") . '</h2>', table(array('from' => _("From"), 'question' => _("Question"), 'answer' => _("Answer"), 'actions' => ''), $unanswered_questions_table), '<h2>' . _("Answered questions") . '</h2>', table(array('from' => _("From"), 'question' => _("Question"), 'answered_by' => _("Answered by"), 'answer' => _("Answer"), 'actions' => ''), $answered_questions_table)));
} else {
switch ($_REQUEST['action']) {
case 'answer':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\\p{L}\\p{P}\\p{Z}\\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions"));
} else {
return error("Gib eine Antwort ein!", true);
}
} else {
return error("No question found.", true);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}\$/", $_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
return error("Incomplete call, missing Question ID.", true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']);
redirect(page_link_to("admin_questions"));
} else {
return error("No question found.", true);
}
break;
}
}
}