Files

814 lines
34 KiB
PHP
Raw Permalink Normal View History

2026-02-17 14:56:23 +01:00
<?
switch ($_GET["action"]) {
case 'edit':
edit_contact();
break;
case 'delete':
delete_contact($contact['id']);
break;
// case 'updateFromJSON':
// updateFromJSON();
// break;
case 'new':
require_once("edit_contact_cardform.inc.php");
break;
case 'save':
save_contact();
break;
case 'report':
report_new_emp();
save_contact();
break;
case 'report_dismissal':
report_emp_dismissal();
save_contact();
break;
case 'hausausweis_request':
hausausweis_request();
save_contact();
break;
case 'delete_image':
delete_contact_image();
break;
case 'open_card':
open_card();
default:
require_once("edit_contact_listform.inc.php");
break;
}
function open_card()
{ ?>
2026-02-17 14:56:23 +01:00
<script type="text/javascript">
openCardOnStart = true;
openCardAction = 'new';
</script>
<?php }
function edit_contact($_id = "", $messages = array())
{
if ((int) $_id > 0) {
2026-02-17 14:56:23 +01:00
$input_id = $_id;
} else {
$input_id = $_POST["input_id"];
}
if ($input_id <> '') {
$pdoHost = getenv('MAIN_MYSQL_DB_HOST');
$pdoPort = getenv('MAIN_MYSQL_DB_PORT');
$pdoUser = getenv('MAIN_MYSQL_DB_USER');
$pdoPass = getenv('MAIN_MYSQL_DB_PASS');
$pdoSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($pdoHost, $pdoPort, $pdoSchema, $pdoUser, $pdoPass);
$prepStatement = " SELECT * FROM main_contact WHERE id = :id LIMIT 1 ";
$params = [
[':id', $input_id, PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
$result = $pdo->getResultArray();
if (count($result) == 1) {
$input_contact = $result[0];
2026-02-17 14:56:23 +01:00
$input_contact["password"] = "nochange";
echo "<script>console.log('" . $input_id . "')</script>";
2026-02-17 14:56:23 +01:00
require_once("edit_contact_cardform.inc.php");
}
} else {
$input_contact = array();
require_once("edit_contact_cardform.inc.php");
}
}
function delete_contact($curr_contact_id)
{
2026-02-17 14:56:23 +01:00
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
if ($_POST["input_id"] <> '') {
if ($_POST["input_id"] <> $curr_contact_id) {
$query = "DELETE FROM main_contact WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
2026-02-17 14:56:23 +01:00
@mysqli_query($GLOBALS['mysql_con'], $query);
$deleteDepartment = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_department WHERE main_contact_id=" . $_POST["input_id"]);
$deletePermission = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=" . $_POST["input_id"]);
$deleteProfileContent = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_profile_content WHERE main_contact_id=" . $_POST["input_id"]);
$deleteSkills = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_skills WHERE main_contact_id=" . $_POST["input_id"]);
2026-02-17 14:56:23 +01:00
} else {
header('EDIT_ERROR: 1');
$messages[] = "<div class=\"errorbox\">" . $translation->get("contact_error5") . "</div>";
edit_contact($_POST["input_id"], $messages);
}
}
require_once("edit_contact_listform.inc.php");
}
// Hinweis:
// Da die Mandanten-Auswahl im Frontend aktuell deaktiviert ist (kein change_mandant möglich),
// wird der current_mandant_id beim Speichern eines Kontakts immer auf den master_mandant_id gesetzt.
// Hintergrund: Ohne sichtbaren Mandantenwechsel bleibt der alte current_mandant bestehen,
// was zu falscher Darstellung im Profil (z.B. falsche Rolle/Bereich) führt.
// Durch diese Anpassung wird sichergestellt, dass der Benutzer immer im korrekten Mandanten geladen wird.
//
// -> Fix implementiert von FA Ticket T26-1218 ∙ Fehlerhafte Darstellung Intranet
function save_contact()
{
$messages = array();
$error = FALSE;
$input_id = "";
2026-02-17 14:56:23 +01:00
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
if ($_POST['input_password'] != "") {
2026-02-17 14:56:23 +01:00
$password = md5($_POST['input_password']);
$query = "UPDATE main_contact SET
password = '" . $password . "'
WHERE id = '" . $_POST['input_id'] . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
2026-02-17 14:56:23 +01:00
}
$birthday = new DateTime($_POST['input_birthday']);
if ($_POST["input_id"] <> '') {
$inserted = FALSE;
$input_id = $_POST["input_id"];
$query = "UPDATE main_contact
SET name = '" . $_POST['input_name'] . "',
email = '" . $_POST['input_email'] . "',
shortcut = '" . $_POST['input_shortcut'] . "',
address = '" . $_POST['input_address'] . "',
post_code = '" . $_POST['input_post_code'] . "',
city = '" . $_POST['input_city'] . "',
cost_center = '" . $_POST['input_cost_center'] . "',
birthday = '" . $birthday->format('Y-m-d') . "',
phone_no = '" . $_POST['input_phone_no'] . "',
birthday_state = '" . $_POST['input_birthday_state'] . "',
master_mandant_id = '" . $_POST['master_mandant_id'] . "',
current_mandant_id = '" . $_POST['master_mandant_id'] . "'
2026-02-17 14:56:23 +01:00
WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
} else {
$query = "INSERT INTO main_contact (id, name, email, shortcut, password, address, post_code, city, birthday, birthday_state, phone_no, cost_center, master_mandant_id, current_mandant_id, active) VALUES (
2026-02-17 14:56:23 +01:00
NULL,
'" . $_POST['input_name'] . "',
'" . $_POST['input_email'] . "',
'" . $_POST['input_shortcut'] . "',
'" . $password . "',
'" . $_POST['input_address'] . "',
'" . $_POST['input_post_code'] . "',
'" . $_POST['input_city'] . "',
'" . $birthday->format('Y-m-d') . "',
'" . $_POST['input_birthday_state'] . "',
'" . $_POST['input_phone_no'] . "',
'" . $_POST['input_cost_center'] . "',
'" . $_POST['master_mandant_id'] . "',
'" . $_POST['master_mandant_id'] . "',
'1'
)";
$inserted = TRUE;
}
2026-02-17 14:56:23 +01:00
// $query_shortcut = "SELECT * FROM main_contact WHERE shortcut = '".$_POST['input_shortcut']."'";
// $result_shortcut = @mysqli_query($GLOBALS['mysql_con'], $query_shortcut);
// if(@mysqli_num_rows($result_shortcut) >= 1 && $inserted == TRUE){
// $messages[] = "<div class=\"errorbox\">" . $translation->get("user_error4") . "</div>\n";
// $error = TRUE;
// }
if (!$error) {
@mysqli_query($GLOBALS['mysql_con'], $query);
if ($inserted == TRUE) {
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
$query2 = "INSERT INTO main_contact_profile_content (id, main_contact_id) VALUES (
2026-02-17 14:56:23 +01:00
NULL,
'" . $input_id . "'
2026-02-17 14:56:23 +01:00
)";
@mysqli_query($GLOBALS['mysql_con'], $query2);
$messages[] = '<div class="successbox">' . $translation->get("contact_msg_success1") . '</div>';
} else {
$messages[] = '<div class="successbox">' . $translation->get("contact_msg_success2") . '</div>';
}
if (isset($_FILES) && $_FILES['input_image']['size'] != 0) {
2026-02-17 14:56:23 +01:00
$fileName = saveImage('input_image', $input_id);
$query = "UPDATE main_contact SET
image = '" . $fileName . "'
2026-02-17 14:56:23 +01:00
WHERE id = '" . $input_id . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
2026-02-17 14:56:23 +01:00
}
save_mandant_link($_POST, $input_id);
save_permission($input_id);
echo "<script>console.log('" . $input_id . "')</script>";
2026-02-17 14:56:23 +01:00
edit_contact($input_id, $messages);
} else {
header('EDIT_ERROR: 1');
$input_contact["id"] = $_POST["input_id"];
$input_contact["name"] = $_POST["input_name"];
$input_contact["email"] = $_POST["input_email"];
$input_contact["login"] = $_POST["input_login"];
2026-02-17 14:56:23 +01:00
require_once("edit_contact_cardform.inc.php");
}
}
function report_new_emp()
{
2026-02-17 14:56:23 +01:00
$message = "Neuer Mitarbeiter wurde registriert!" .
"<br> Name:" . $_POST['input_name'] .
"<br> Email:" . $_POST['input_email'];
if (
mail_create(
"Neuer Mitarbeiter", // titel
$message,
"intranet@awo-hamburg.de", // wer send
"helpdesk@awo-hamburg.de", // wer kriegt
"AWO Hamburg", // name des senders
"AWO Hamburg IT", // name des empfängers
FALSE,
$file,
"",
"",
0,
"",
$spid
)
) {
2026-02-17 14:56:23 +01:00
mail_send();
}
}
function report_emp_dismissal()
{
2026-02-17 14:56:23 +01:00
$message = "Der Mitarbeiter muss entlassen werden!" .
"<br> Name:" . $_POST['input_name'] .
"<br> Email:" . $_POST['input_email'];
if (
mail_create(
"Mitarbeiter entlassen!", // titel
$message,
"intranet@awo-hamburg.de", // wer send
"helpdesk@awo-hamburg.de", // wer kriegt
"AWO Hamburg", // name des senders
"AWO Hamburg IT", // name des empfängers
FALSE,
$file,
"",
"",
0,
"",
$spid
)
) {
2026-02-17 14:56:23 +01:00
mail_send();
}
}
function hausausweis_request()
{
2026-02-17 14:56:23 +01:00
$message = "Der Mitarbeiter soll einen Hausausweis erhalten!" .
"<br> Name:" . $_POST['input_name'] .
"<br> Email:" . $_POST['input_email'];
if (
mail_create(
"Der Mitarbeiter soll einen Hausausweis erhalten!", // titel
$message,
"intranet@awo-hamburg.de", // wer send
"helpdesk@awo-hamburg.de", // wer kriegt
"AWO Hamburg", // name des senders
"AWO Hamburg IT", // name des empfängers
FALSE,
$file,
"",
"",
0,
"",
$spid
)
) {
2026-02-17 14:56:23 +01:00
mail_send();
}
}
function saveImage($filekey, $input_id)
{
2026-02-17 14:56:23 +01:00
$erlaubte_endungen = array("jpg", "jpeg", "gif", "png");
$filename = strtolower($_FILES[$filekey]['name']);
$filename_expl = explode(".", $filename);
if (!in_array($filename_expl[count($filename_expl) - 1], $erlaubte_endungen)) {
$messages = "<div class='errorbox'>" . $translation->get("error_slideshow_line2") . "</div>\n";
$error = TRUE;
}
2026-02-17 14:56:23 +01:00
$saveFilename = $input_id . "_" . time() . "_" . cleanFilename($_FILES[$filekey]['name']);
require_once("intranet_config.inc.php");
move_uploaded_file($_FILES[$filekey]['tmp_name'], PATH_CONTACT . $saveFilename);
return $saveFilename;
}
function delete_contact_image()
{
2026-02-17 14:56:23 +01:00
$contact_id = $_POST['input_id'];
$query = "SELECT * FROM main_contact WHERE id =" . $contact_id . " LIMIT 1";
2026-02-17 14:56:23 +01:00
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$contact = @mysqli_fetch_array($result);
if (!empty($contact)) {
2026-02-17 14:56:23 +01:00
$filename = $contact['image'];
require_once("intranet_config.inc.php");
2026-02-17 14:56:23 +01:00
if (file_exists(PATH_CONTACT . $filename)) {
unlink(PATH_CONTACT . $filename);
}
2026-02-17 14:56:23 +01:00
$query = "UPDATE main_contact SET
image = ''
WHERE id = '" . $contact_id . "' LIMIT 1";
2026-02-17 14:56:23 +01:00
@mysqli_query($GLOBALS['mysql_con'], $query);
}
edit_contact();
}
function save_mandant_link($contacts, $contact_id)
{
2026-02-17 14:56:23 +01:00
// $contact_id als Integer absichern
$contact_id = intval($contact_id);
2026-02-17 14:56:23 +01:00
// Vorherige Einträge löschen
$deleteQuery = "DELETE FROM main_contact_department WHERE main_contact_id='" . $contact_id . "'";
mysqli_query($GLOBALS["mysql_con"], $deleteQuery);
2026-02-17 14:56:23 +01:00
// Array initialisieren
$mandants = array();
2026-02-17 14:56:23 +01:00
// Mandant-Werte aus $contacts extrahieren
foreach ($contacts as $key => $value) {
if (strpos($key, needle: 'input_mandant_') === 0 && $value != 0) {
$mandants[] = $value;
} elseif (strpos($key, needle: 'input_mandant_') === 1 && $value == 0) {
2026-02-17 14:56:23 +01:00
$mandants[] = $value;
}
}
2026-02-17 14:56:23 +01:00
// Falls $mandants nicht leer ist, Einträge einfügen
for ($i = 0; $i < count($mandants); $i++) {
// Wert absichern
$mandantEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $mandants[$i]);
2026-02-17 14:56:23 +01:00
$query = "INSERT INTO main_contact_department
(main_contact_id, main_mandant_id, sorting)
VALUES (
" . $contact_id . ",
'" . $mandantEscaped . "',
'" . ($i + 1) . "'
)";
2026-02-17 14:56:23 +01:00
mysqli_query($GLOBALS['mysql_con'], $query);
// Falls du die eingefügte ID benötigst:
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
if ($i === 0) {
$query2 = "UPDATE main_contact
SET master_mandant_id = " . $mandantEscaped . ",
current_mandant_id = " . $mandantEscaped . "
WHERE id = " . $contact_id;
mysqli_query($GLOBALS['mysql_con'], $query2);
}
2026-02-17 14:56:23 +01:00
}
2026-02-17 14:56:23 +01:00
// Weitere Verarbeitung
save_contact_department($contacts, $contact_id);
}
function save_contact_department($contacts, $contact_id)
{
2026-02-17 14:56:23 +01:00
// Arrays initialisieren
$mandants = [];
$departments = [];
$roles = [];
$bereiches = [];
2026-02-17 14:56:23 +01:00
$einrichtungs = [];
$phone_numbers = [];
$emails = [];
2026-02-17 14:56:23 +01:00
// Durchlaufe alle Einträge in $contacts und fülle die jeweiligen Arrays
foreach ($contacts as $key => $value) {
if (strpos($key, 'input_mandant_') === 0) {
if ($value != 0) {
$mandants[] = $value;
2026-02-17 14:56:23 +01:00
}
} elseif (strpos($key, 'input_department_') === 0) {
$departments[] = $value;
2026-02-17 14:56:23 +01:00
} elseif (strpos($key, 'input_role_') === 0) {
$roles[] = $value;
2026-02-17 14:56:23 +01:00
} elseif (strpos($key, 'input_bereiche_') === 0) {
$bereiches[] = $value;
2026-02-17 14:56:23 +01:00
} elseif (strpos($key, 'input_einrichtung_') === 0) {
$einrichtungs[] = $value;
} elseif (strpos($key, 'input_phone_no_') === 0) {
$phone_numbers[] = $value;
2026-02-17 14:56:23 +01:00
} elseif (strpos($key, 'input_email_') === 0) {
$emails[] = $value;
2026-02-17 14:56:23 +01:00
}
}
// Nur fortfahren, wenn mindestens ein Mandant vorhanden ist
if (count($mandants) > 0) {
try {
for ($i = 0; $i < count($mandants); $i++) {
// Werte absichern
$departmentEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $departments[$i]);
$roleEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $roles[$i]);
$bereichEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $bereiches[$i]);
2026-02-17 14:56:23 +01:00
$einrichtungEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $einrichtungs[$i]);
$phoneEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $phone_numbers[$i]);
$emailEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $emails[$i]);
2026-02-17 14:56:23 +01:00
// SQL-Abfrage zum Update
$query = "UPDATE main_contact_department
SET
main_department_id = '$departmentEscaped',
main_role_id = '$roleEscaped',
main_bereich_id = '$bereichEscaped',
main_einricht_id = '$einrichtungEscaped',
phone_no = '$phoneEscaped',
email = '$emailEscaped'
WHERE
main_contact_id = '" . intval($contact_id) . "'
AND sorting = '" . ($i + 1) . "'
LIMIT 1";
2026-02-17 14:56:23 +01:00
mysqli_query($GLOBALS['mysql_con'], $query);
}
} catch (\Throwable $th) {
// Bei einem Fehler wird die Fehlermeldung ausgegeben.
echo $th->getMessage();
}
}
}
function load_mandant_list($contact)
{
2026-02-17 14:56:23 +01:00
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query = "SELECT * FROM main_mandant";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($mandant = @mysqli_fetch_array($result)) {
2026-02-17 14:56:23 +01:00
$mandant_id = $mandant['id'];
$check_master_mandant = ($contact['master_mandant_id'] == $mandant_id) ? 'checked' : '';
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '" . $contact['id'] . "' AND main_mandant_id = '" . $mandant_id . "'";
2026-02-17 14:56:23 +01:00
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$contact_link = @mysqli_fetch_array($result_contact);
$check_active = ($contact_link['active'] == 1) ? 'checked' : '';
// $query_department = "SELECT DISTINCT main_department.id, main_department.description AS name FROM main_department LEFT JOIN main_department_mandant_link ON main_department.id = main_department_mandant_link.main_department_id WHERE main_mandant_id = ".$mandant_id;
$query_department = "SELECT DISTINCT main_department.id, main_department.description AS name FROM main_department";
$query_role = "SELECT id,description AS name FROM main_role";
$query_bereich = "SELECT * FROM `organogramm_space`";
$query_einricht = "SELECT * FROM `organigramm_einricht`";
?>
<tr>
<td><?= $mandant['description'] ?></td>
<td><input class="checkbox_square" type="checkbox" name="active_<?= $mandant_id ?>" <?= $check_active ?>></td>
<td><input class="checkbox_square" type="radio" name="master_mandant_id" value='<?= $mandant_id ?>'
<?= $check_master_mandant ?>></td>
<td><?= input_select_from_sql("", "input_department_" . $mandant_id, $query_department, $contact_link['main_department_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_bereich("", "input_bereiche_" . $mandant_id, $query_bereich, $contact_link['main_bereich_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_ein("", "input_einrichtung_" . $mandant_id, $query_einricht, $contact_link['main_einricht_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql("", "input_role_" . $mandant_id, $query_role, $contact_link['main_role_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input("", "input_phone_no_" . $mandant_id, "text", $contact_link["phone_no"], 100); ?></td>
<td><?= input("", "input_email_" . $mandant_id, "text", $contact_link["email"], 100); ?></td>
<!-- <?php if ($GLOBALS['admin_user']['control_permissions'] == 1) { ?>
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant_id ?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
2026-02-17 14:56:23 +01:00
<path id="shield-security" d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z" transform="translate(0 -0.375)"/></svg>
</button>
</td>
<?php } ?> -->
</tr>
<?php }
load_absence_contact($contact);
}
function load_mandant_list_new($contact)
{
2026-02-17 14:56:23 +01:00
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '" . $contact['id'] . "'";
2026-02-17 14:56:23 +01:00
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$contacts = [];
2026-02-17 14:56:23 +01:00
while ($contact_link = @mysqli_fetch_assoc($result_contact)) {
$contacts[] = $contact_link;
2026-02-17 14:56:23 +01:00
}
for ($i = 1; $i < 10; $i++) {
2026-02-17 14:56:23 +01:00
// $check_active = ($contact_link['active'] == 1) ? 'checked' : '';
// $query_department = "SELECT DISTINCT main_department.id, main_department.description AS name FROM main_department LEFT JOIN main_department_mandant_link ON main_department.id = main_department_mandant_link.main_department_id WHERE main_mandant_id = ".$mandant_id;
$query_department = "SELECT DISTINCT main_department.id, main_department.description AS name FROM main_department";
$query_role = "SELECT id,description AS name FROM main_role";
$query_bereich = "SELECT * FROM `organogramm_space`";
$query_einricht = "SELECT * FROM `organigramm_einricht`";
$query_mandant = "SELECT * FROM `main_mandant`";
$found = false;
$mandant = "0";
$department = "0";
$bereich = "0";
$einricht = "0";
$role = "0";
$phone = "";
$email = "";
foreach ($contacts as $contact) {
if (isset($contact["sorting"]) && $contact["sorting"] == $i) {
$found = true;
$mandant = $contact["main_mandant_id"];
$department = $contact["main_department_id"];
$bereich = $contact["main_bereich_id"];
$einricht = $contact["main_einricht_id"];
$role = $contact["main_role_id"];
$phone = $contact["phone_no"];
$email = $contact["email"];
break;
}
}
?>
<tr>
<td><?= input_select_from_sql_mandant("", "input_mandant_" . $i, $query_mandant, $mandant, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql("", "input_department_" . $i, $query_department, $department, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_bereich("", "input_bereiche_" . $i, $query_bereich, $bereich, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_ein("", "input_einrichtung_" . $i, $query_einricht, $einricht, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql("", "input_role_" . $i, $query_role, $role, FALSE, FALSE, "", TRUE); ?></td>
<td style="display: none;"><?= input("", "input_phone_no_" . $i, "text", $phone, 100); ?></td>
<td style="display: none;"><?= input("", "input_email_" . $i, "text", $email, 100); ?></td>
<?php if ($GLOBALS['admin_user']['control_permissions'] == 1) { ?>
<td><button class="pop_up_button svg_button" title="Berechtigung ändern"
data-popup-id="popup-mandant-<?= $mandant ?>"><svg xmlns="http://www.w3.org/2000/svg" width="28.8"
height="35.25" viewBox="0 0 28.8 35.25">
<path id="shield-security"
d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z"
transform="translate(0 -0.375)" />
</svg>
2026-02-17 14:56:23 +01:00
</button>
</td>
2026-02-19 16:48:26 +01:00
<?php } ?>
2026-02-17 14:56:23 +01:00
</tr>
<?php
2026-02-17 14:56:23 +01:00
}
}
function load_permission($contact)
{
2026-02-17 14:56:23 +01:00
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query_mandant = "SELECT * FROM main_mandant";
$result_mandant = @mysqli_query($GLOBALS['mysql_con'], $query_mandant);
while ($mandant = @mysqli_fetch_array($result_mandant)) {
2026-02-17 14:56:23 +01:00
$mandant_id = $mandant['id'];
?>
<div class='pop_up_element' id='popup-mandant-<?= $mandant_id ?>'>
2026-02-17 14:56:23 +01:00
<table class="mandant_table">
<thead>
<tr>
<th>Berechtigungen für: <span style="font-weight: bold;"><?= $mandant['description'] ?></span></th>
2026-02-17 14:56:23 +01:00
<th style="text-align: right;">Status</th>
</tr>
</thead>
<tbody>
<?php
$query = "SELECT * FROM main_permission";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($permission = @mysqli_fetch_array($result)) {
$check_permission = ($permission['default_active'] == 1) ? 'checked' : '';
if (!empty($contact['id'])) {
$query_contact = "SELECT * FROM main_contact_permission WHERE main_contact_id = " . intval($contact['id']) . " AND main_mandant_id = " . intval($mandant_id) . " AND main_permission_id = " . intval($permission['id']);
2026-02-17 14:56:23 +01:00
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$row = @mysqli_fetch_array($result_contact);
} else {
$result_contact = false;
2026-02-17 14:56:23 +01:00
}
if ($result_contact && @mysqli_num_rows($result_contact) == 1) {
$check_permission = ($row['active'] == 1) ? 'checked' : '';
}
?>
<?php if ($permission['only_main_mandant'] == 1 && $mandant_id != $contact['master_mandant_id']) { ?>
<tr class='inactive' title='Dieses Berechtigung kann nur im Hauptmandanten geändert werden'>
<?php } else { ?>
<tr>
<?php } ?>
<td><?= $permission['description'] ?></td>
<td class="watch_state_td" style="text-align: right;"><input class="checkbox_square watch_state"
type="checkbox" name="active_<?= $mandant_id ?>_<?= $permission['id'] ?>" <?= $check_permission ?>>
</td>
</tr>
<?php
}
2026-02-17 14:56:23 +01:00
?>
</tbody>
</table>
</div>
<?php }
}
function save_permission($contact_id)
{
$deleteLink = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=" . $contact_id);
2026-02-17 14:56:23 +01:00
$query_mandant = "SELECT * FROM main_mandant";
$result_mandant = @mysqli_query($GLOBALS['mysql_con'], $query_mandant);
while ($mandant = @mysqli_fetch_array($result_mandant)) {
2026-02-17 14:56:23 +01:00
$query = "SELECT * FROM main_permission";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($permission = @mysqli_fetch_array($result)) {
$active = ($_POST["active_" . $mandant['id'] . "_" . $permission['id']] == "on") ? '1' : '0';
2026-02-17 14:56:23 +01:00
$query = "INSERT INTO main_contact_permission
(main_contact_id, main_mandant_id, main_permission_id, active)
VALUES (
" . $contact_id . ",
2026-02-17 14:56:23 +01:00
'" . $mandant['id'] . "',
'" . $permission['id'] . "',
'" . $active . "'
2026-02-17 14:56:23 +01:00
)";
@mysqli_query($GLOBALS['mysql_con'], $query);
}
}
}
?>
<script>
$(document).ready(function () {
// Funktion zur Aktualisierung des Status für eine einzelne Checkbox
function updateStatus(checkbox) {
if (checkbox.is(':checked')) {
// Wenn die Checkbox ausgewählt ist, entfernen Sie das vorherige "inactive" span und fügen Sie ein "active" span hinzu
checkbox.siblings('.inactive').remove();
checkbox.after('<span class="active_span">Aktiv</span>');
} else {
// Wenn die Checkbox nicht ausgewählt ist, entfernen Sie das vorherige "active" span und fügen Sie ein "inactive" span hinzu
checkbox.siblings('.active_span').remove();
checkbox.after('<span class="inactive">Inaktiv</span>');
}
2026-02-17 14:56:23 +01:00
}
// Überwachen Sie Änderungen am Status der Checkbox
$('.watch_state').change(function () {
// Rufen Sie die Funktion auf, um den Status nur für die angeklickte Checkbox zu aktualisieren
updateStatus($(this));
});
2026-02-17 14:56:23 +01:00
// Rufen Sie die Funktion zum ersten Mal auf, um den Anfangszustand festzulegen
$('.watch_state').each(function () {
updateStatus($(this));
});
2026-02-17 14:56:23 +01:00
});
</script>
<?php
function load_absence_contact($main_contact)
{
2026-02-17 14:56:23 +01:00
$query = "SELECT * FROM main_contact";
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query);
$preselect = array();
2026-02-17 14:56:23 +01:00
$contact_array = explode(",", $main_contact['absence_contact']);
foreach ($contact_array as $contact) {
array_push($preselect, $contact);
2026-02-17 14:56:23 +01:00
}
?>
<!-- <div class="label">Ansprechpartner Krankmeldung</div>
<div class="contacts bc-select-ui ui fluid multiple search selection dropdown" style="clear:both;display:inline-block;">
<input type="hidden" name="absence_contact">
<i class="dropdown icon"></i>
<div class="default text">Ansprechpartner Krankmeldung</div>
<div class="menu">
<?
while ($contacts = @mysqli_fetch_array($result_contact)) {
echo "<div class=\"item\" data-value=\"{$contacts['id']}\">" . $contacts["name"] . "</div>";
}
2026-02-17 14:56:23 +01:00
?>
</div>
</div> -->
<script type="text/javascript" src="/plugins/jquery/jquery-3.5.1.min.js"></script>
<script type="text/javascript" src="/plugins/Semantic-UI-master/semantic.min.js"></script>
<link rel="stylesheet" type="text/css"
href="/plugins/Semantic-UI-master/bc-semantic.css?time=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/plugins/Semantic-UI-master/bc-semantic.css') ?>">
2026-02-17 14:56:23 +01:00
<script>
var $y = jQuery.noConflict();
$y(document).ready(function () {
$y('.contacts.ui.fluid.multiple.dropdown').dropdown('set selected', <?= json_encode($preselect) ?>);
2026-02-17 14:56:23 +01:00
});
</script>
<?php
2026-02-17 14:56:23 +01:00
}
// function updateFromJSON() {
// // Alle Einträge aus main_contact abfragen
// $query = "SELECT * FROM main_contact";
// $result = @mysqli_query($GLOBALS['mysql_con'], $query);
// if ($result) {
// while ($row = mysqli_fetch_assoc($result)) {
// $contact_id = $row['id'];
// $email = $row['email'];
// // Überprüfen, ob ein Eintrag in main_contact_department existiert
// $checkQuery = "SELECT * FROM main_contact_department WHERE main_contact_id = '$contact_id'";
// $checkResult = @mysqli_query($GLOBALS['mysql_con'], $checkQuery);
// if ($checkResult->num_rows == 0) {
// // Eintrag existiert nicht, neuen Eintrag erstellen
// $insertQuery = "INSERT INTO main_contact_department
// (main_contact_id, main_mandant_id, main_department_id, main_role_id, main_bereich_id, main_einricht_id, phone_no, email, active)
// VALUES
// ('$contact_id', 1, 13, 13, 3, 1, '', '$email', 1)";
// if (@mysqli_query($GLOBALS['mysql_con'], $insertQuery)) {
// echo "Eintrag für Kontakt-ID $contact_id in main_contact_department erstellt.<br>";
// } else {
// echo "Fehler beim Erstellen des Eintrags für Kontakt-ID $contact_id: " . mysqli_error($GLOBALS['mysql_con']) . "<br>";
// }
// }
// }
// } else {
// echo "Fehler beim Abrufen der Kontakte: " . mysqli_error($GLOBALS['mysql_con']) . "<br>";
// }
// }
// function updateFromJSON() {
// // JSON-Daten laden
// $json_file_path = "https://awo-hamburg.breadcrumb-online.de/mysyde/intranet/admin/awo_hamburg_benutzer.json";
// $json_data = file_get_contents($json_file_path);
// // Überprüfen, ob die Daten erfolgreich geladen wurden
// if ($json_data === false) {
// die("Fehler beim Laden der JSON-Datei.");
// }
// // JSON-Daten parsen
// $data = json_decode($json_data, true);
// // Überprüfen, ob das Parsen erfolgreich war
// if ($data === null) {
// die("Fehler beim Parsen der JSON-Daten: " . json_last_error_msg());
// }
// $new_entries_count = 0;
// // Überprüfen, ob der 'users'-Schlüssel vorhanden ist
// if (!isset($data['users']) || !is_array($data['users'])) {
// die("Keine Benutzerdaten gefunden.");
// }
2026-02-17 14:56:23 +01:00
// // Durchlaufen der Benutzerdaten
// foreach ($data['users'] as $user) {
// $displayName = mysqli_real_escape_string($GLOBALS['mysql_con'], $user['displayName']);
// $mail = mysqli_real_escape_string($GLOBALS['mysql_con'], $user['mail']);
// $surname = mysqli_real_escape_string($GLOBALS['mysql_con'], $user['surname']);
// $telephoneNumber = mysqli_real_escape_string($GLOBALS['mysql_con'], $user['telephoneNumber']);
// $azureId = mysqli_real_escape_string($GLOBALS['mysql_con'], $user['id']); // Azure ID aus der JSON
// // Abfrage, ob der Eintrag bereits existiert
// $query = "SELECT * FROM main_contact WHERE azure_id = '$azureId'";
// $result = @mysqli_query($GLOBALS['mysql_con'], $query);
// if ($result->num_rows > 0) {
// // Eintrag existiert bereits
// //echo "Eintrag für $displayName existiert bereits. Keine Aktion erforderlich.<br>";
// } else {
// // Eintrag existiert nicht, neuen Eintrag erstellen
// $query = "INSERT INTO main_contact (name, email, shortcut, phone_no, master_mandant_id, current_mandant_id, active, azure_id)
// VALUES ('$displayName', '$mail', '$surname', '$telephoneNumber', 12, 12, 1, '$azureId')";
// if (@mysqli_query($GLOBALS['mysql_con'], $query)) {
// $new_entries_count++;
// }
// }
// }
// // Gesamtmeldung
// if ($new_entries_count > 0) {
// echo "Es wurden $new_entries_count neue Einträge erfolgreich hinzugefügt.";
// } else {
// echo "Keine neuen Einträge hinzugefügt.";
// }
// }