Refactor contact management functions and remove phpinfo.php
- Updated formatting and structure of functions in edit_contact.inc.php for better readability and consistency. - Added comments to clarify the purpose of certain code sections, especially regarding mandant handling. - Removed the deprecated phpinfo.php file to clean up the codebase.
This commit is contained in:
@@ -564,18 +564,24 @@ function getFormData(_form) {
|
||||
* @param _confirmtext
|
||||
* @returns {Boolean}
|
||||
*/
|
||||
function sendRequest(_action, _load_without_check, _confirmtext) {
|
||||
function sendRequest(_action, _load_without_check, _confirmtext, sub_get = "") {
|
||||
// variable zum pruefen ob in einer linkliste ein element markiert wurde
|
||||
var load_without_check = _load_without_check || false;
|
||||
|
||||
if (load_without_check === false) {
|
||||
var currentMarkedLinklistRow = jQuery('.linklist_active', jQuery('#' + dc.current_formname));
|
||||
var currentMarkedLinklistRow = jQuery(
|
||||
".linklist_active",
|
||||
jQuery("#" + dc.current_formname)
|
||||
);
|
||||
|
||||
if (dc.current_linklist === null || currentMarkedLinklistRow.length <= 0) {
|
||||
return;
|
||||
}
|
||||
var input_id = currentMarkedLinklistRow.data('inputid');
|
||||
jQuery('input.selected_linklist_row', jQuery('#' + dc.current_formname)).val(input_id);
|
||||
var input_id = currentMarkedLinklistRow.data("inputid");
|
||||
jQuery(
|
||||
"input.selected_linklist_row",
|
||||
jQuery("#" + dc.current_formname)
|
||||
).val(input_id);
|
||||
}
|
||||
|
||||
var confirmtext = _confirmtext || false;
|
||||
@@ -585,14 +591,21 @@ function sendRequest(_action, _load_without_check, _confirmtext) {
|
||||
}
|
||||
}
|
||||
|
||||
if (dc.overlay_mode === true) {
|
||||
jQuery('#overlayLoader').show();
|
||||
} else {
|
||||
jQuery('#mainContent').find('.requestLoader').show();
|
||||
// Проверка обязательных полей
|
||||
var form = document.getElementById(dc.current_formname);
|
||||
if (!form.checkValidity()) {
|
||||
form.reportValidity();
|
||||
return false;
|
||||
}
|
||||
|
||||
jQuery('#' + dc.current_formname).attr("action", "?action=" + _action);
|
||||
jQuery('#' + dc.current_formname).submit();
|
||||
if (dc.overlay_mode === true) {
|
||||
jQuery("#overlayLoader").show();
|
||||
} else {
|
||||
jQuery("#mainContent").find(".requestLoader").show();
|
||||
}
|
||||
|
||||
jQuery('#' + dc.current_formname).attr("action", "?action=" + _action + "&sub_get=" + sub_get);
|
||||
jQuery("#" + dc.current_formname).submit();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -832,11 +845,16 @@ function myFunction(counter) {
|
||||
console.log("myDropdown" + counter);
|
||||
}
|
||||
|
||||
function openGallery(input_id, image_id, type){
|
||||
function openGallery(input_id, image_id, type, select_mode){
|
||||
var currentDate = new Date();
|
||||
var unixTimestamp = Math.floor(currentDate.getTime() / 1000);
|
||||
var selectionMode = select_mode || '';
|
||||
|
||||
var popupURL = '/components/files/filegallery_content.inc.php?input_id='+input_id+'&image_id='+image_id+'&type='+type+'&time='+unixTimestamp;
|
||||
if (selectionMode !== 'single' && selectionMode !== 'multi') {
|
||||
selectionMode = (type === 'filegallery') ? 'single' : 'multi';
|
||||
}
|
||||
|
||||
var popupURL = '/components/files/filegallery_content.inc.php?input_id='+input_id+'&image_id='+image_id+'&type='+type+'&select_mode='+selectionMode+'&time='+unixTimestamp;
|
||||
var popup = window.open(popupURL, 'Popup-Fenster', 'width=1080,height=720');
|
||||
}
|
||||
|
||||
|
||||
@@ -46,6 +46,21 @@ function mysqli_result( $res, $row = 0, $col = 0 ) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
function encryptId($id)
|
||||
{
|
||||
$encryptedId = base64_encode($id . "EC1ibm38FI53cxmSnQUi");
|
||||
return $encryptedId;
|
||||
}
|
||||
|
||||
// Entschlüsselt eine zuvor verschlüsselte ID, um ihre ursprüngliche Form wiederherzustellen.
|
||||
function decryptId($encryptedId)
|
||||
{
|
||||
$decryptedId = base64_decode($encryptedId);
|
||||
$id = str_replace("EC1ibm38FI53cxmSnQUi", "", $decryptedId);
|
||||
return $id;
|
||||
}
|
||||
|
||||
|
||||
// Verbindung mir der Datenbank herstellen
|
||||
function db_connect() {
|
||||
$servername = $GLOBALS['myservername'];
|
||||
@@ -57,6 +72,9 @@ function db_connect() {
|
||||
@mysqli_select_db($GLOBALS['mysql_con'], $db) or die (mysqli_error($GLOBALS['mysql_con']) . " - Keine Verbindung hergestellt!");
|
||||
@mysqli_query($GLOBALS['mysql_con'], "set character set 'utf8';");
|
||||
@mysqli_query($GLOBALS['mysql_con'], "set names 'utf8';");
|
||||
|
||||
$pdo = new PDO('mysql:host='.$servername.';dbname='.$db, $login, $pass);
|
||||
$GLOBALS['pdo_conn'] = $pdo;
|
||||
}
|
||||
|
||||
// Globales führen der Reihenfolge in der Felder angewählt werden
|
||||
|
||||
@@ -59,7 +59,7 @@ function listUsers(){
|
||||
}
|
||||
echo "<div class='user-wrapper'>";
|
||||
if($main_contact['image'] == ""){
|
||||
echo "<td><div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/platzhalter-mann-compressor.jpg'></div></td>";
|
||||
echo "<td><div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/platzhalter.png'></div></td>";
|
||||
}else{
|
||||
echo "<td><div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/".$main_contact['image']."'></div></td>";
|
||||
}
|
||||
|
||||
@@ -1,14 +1,15 @@
|
||||
<?php
|
||||
$translation = \DynCom\mysyde\common\classes\Registry::get('translation');
|
||||
$adminMenu = \DynCom\mysyde\common\classes\Adminmenu::get(0);
|
||||
$adminMenu = \DynCom\mysyde\common\classes\Adminmenu::get(0);
|
||||
|
||||
function check_if_betriebsrat_role($admin_user) {
|
||||
function check_if_betriebsrat_role($admin_user)
|
||||
{
|
||||
// Angepasste SQL-Abfrage, um nach is_betriebsrat = 1 zu filtern
|
||||
$query = "SELECT * FROM main_admin_user WHERE is_betriebsrat = 1 AND id = " . $admin_user;
|
||||
|
||||
$query = "SELECT * FROM main_admin_user WHERE is_betriebsrat = 1 AND id = " . $admin_user;
|
||||
|
||||
// Führe die Abfrage aus
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
|
||||
|
||||
// Prüfe, ob das Ergebnis mindestens eine Zeile hat
|
||||
if (@mysqli_num_rows($result) > 0) {
|
||||
// Wenn mindestens ein Eintrag gefunden wurde, gibt die Funktion 1 zurück
|
||||
@@ -21,9 +22,10 @@ function check_if_betriebsrat_role($admin_user) {
|
||||
|
||||
$is_betriebsrat = check_if_betriebsrat_role($admin_user['id']);
|
||||
|
||||
|
||||
|
||||
function create_collections_menu($site, $language, $translation) {
|
||||
|
||||
function create_collections_menu($site, $language, $translation)
|
||||
{
|
||||
// Greife auf die globale Variable $is_betriebsrat zu
|
||||
global $is_betriebsrat;
|
||||
|
||||
@@ -31,17 +33,20 @@ function create_collections_menu($site, $language, $translation) {
|
||||
if ($is_betriebsrat == 1) {
|
||||
?>
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="/mysyde/awo/de/collections/17/">Aktuelles</a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="/mysyde/awo/de/knowledge/category/">Wiki Kategorien</a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="/mysyde/awo/de/collections/3/">Wiki Beiträge</a>
|
||||
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
|
||||
href="/mysyde/awo/de/collections/17/">Aktuelles</a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
|
||||
href="/mysyde/awo/de/knowledge/category/">Wiki Kategorien</a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
|
||||
href="/mysyde/awo/de/collections/3/">Wiki Beiträge</a>
|
||||
|
||||
</li>
|
||||
<?php
|
||||
return; // Beende die Funktion
|
||||
}
|
||||
|
||||
// Andernfalls, führe die normale Logik zur Menüerstellung aus
|
||||
$query = "SELECT * FROM main_collection_setup WHERE (main_language_id = " . (int)$GLOBALS["language"]['id'] . " OR all_languages = 1) AND show_in_menu = 1";
|
||||
$query = "SELECT * FROM main_collection_setup WHERE (main_language_id = " . (int) $GLOBALS["language"]['id'] . " OR all_languages = 1) AND show_in_menu = 1";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
|
||||
// Prüfe, ob das Ergebnis mindestens eine Zeile hat
|
||||
@@ -50,12 +55,13 @@ function create_collections_menu($site, $language, $translation) {
|
||||
}
|
||||
|
||||
// Schleife durch die Ergebnisse und erstelle das Menü
|
||||
while ($row = @mysqli_fetch_assoc($result)) {
|
||||
while ($row = @mysqli_fetch_assoc($result)) {
|
||||
?>
|
||||
<li class='structure_nav'>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="<?php echo get_menu_link('collections/'.$row['id'], $site, $language); ?>"><?php echo $row['description'] ?></a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('collections/' . $row['id'], $site, $language); ?>"><?php echo $row['description'] ?></a>
|
||||
</li>
|
||||
<?php
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
@@ -64,7 +70,8 @@ function create_collections_menu($site, $language, $translation) {
|
||||
|
||||
|
||||
|
||||
function create_module_menu($site, $language, $translation, $adminMenu){
|
||||
function create_module_menu($site, $language, $translation, $adminMenu)
|
||||
{
|
||||
global $is_betriebsrat;
|
||||
|
||||
// Wenn $is_betriebsrat gleich 1 ist, gib "Test" aus und beende die Funktion
|
||||
@@ -72,7 +79,7 @@ function create_module_menu($site, $language, $translation, $adminMenu){
|
||||
return; // Beende die Funktion
|
||||
}
|
||||
|
||||
$query = "SELECT * FROM main_module WHERE active = 1 AND code != 'basic'";
|
||||
$query = "SELECT * FROM main_module WHERE active = 1 AND code != 'basic'";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
if (@mysqli_num_rows($result) == 0) {
|
||||
return;
|
||||
@@ -83,40 +90,44 @@ function create_module_menu($site, $language, $translation, $adminMenu){
|
||||
while ($i <= $count) {
|
||||
$row = @mysqli_fetch_assoc($result);
|
||||
$second_menu = FALSE;
|
||||
if(isset($adminMenu[$row['code']])){
|
||||
if(isset($adminMenu[$row['code']]['subsites'])){
|
||||
if (isset($adminMenu[$row['code']])) {
|
||||
if (isset($adminMenu[$row['code']]['subsites'])) {
|
||||
$second_menu = TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
$href = '#';
|
||||
|
||||
if($second_menu == TRUE){?>
|
||||
if ($second_menu == TRUE) { ?>
|
||||
<li class='structure_nav toggle_li parent_dropdown'>
|
||||
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>" href="<?= $href?>"><?php echo $row['title'] ?></a>
|
||||
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>"
|
||||
href="<?= $href ?>"><?php echo $row['title'] ?></a>
|
||||
<ul class='site_dropdown_new'>
|
||||
<?php
|
||||
$x = 0;
|
||||
foreach ($adminMenu[$row['code']]['subsites'] as $subsite) {
|
||||
$key = array_keys($adminMenu[$row['code']]['subsites']);
|
||||
?>
|
||||
<li class=''>
|
||||
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>" href="<?php echo get_menu_link($row['code']."/".$key[$x], $site, $language); ?>"><?php echo $subsite['name'] ?></a>
|
||||
</li>
|
||||
$x = 0;
|
||||
foreach ($adminMenu[$row['code']]['subsites'] as $subsite) {
|
||||
$key = array_keys($adminMenu[$row['code']]['subsites']);
|
||||
?>
|
||||
<li class=''>
|
||||
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link($row['code'] . "/" . $key[$x], $site, $language); ?>"><?php echo $subsite['name'] ?></a>
|
||||
</li>
|
||||
<?php
|
||||
if($adminMenu[$row['code']]['name'] == 'Firmenwiki'){?>
|
||||
if ($adminMenu[$row['code']]['name'] == 'Firmenwiki') { ?>
|
||||
<li class=''>
|
||||
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>" href="<?php echo get_menu_link('collections/3', $site, $language); ?>">Beiträge</a>
|
||||
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('collections/3', $site, $language); ?>">Beiträge</a>
|
||||
</li>
|
||||
<?php }
|
||||
$x++;
|
||||
}
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
</li>
|
||||
<?php }else{ ?>
|
||||
<?php } else { ?>
|
||||
<li class='structure_nav toggle_li'>
|
||||
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>" href="<?php echo get_menu_link($row['code'], $site, $language); ?>"><?php echo $row['title'] ?></a>
|
||||
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link($row['code'], $site, $language); ?>"><?php echo $row['title'] ?></a>
|
||||
</li>
|
||||
<?php }
|
||||
$i++;
|
||||
@@ -131,99 +142,117 @@ function create_module_menu($site, $language, $translation, $adminMenu){
|
||||
|
||||
<!-- Kollektionen -->
|
||||
<div class="group-wrapper collections ">
|
||||
<?php
|
||||
<?php
|
||||
if ($is_betriebsrat == 0) {
|
||||
?>
|
||||
<li class="structure_nav group small">
|
||||
<a href="<?= get_menu_link('collections', $site, $language);?>" class="<?= (isset($_GET["level_1"]) && $_GET["level_1"] == "collections") ? 'active' : ''; ?>"><svg
|
||||
xmlns="http://www.w3.org/2000/svg" width="14.701" height="20.582" viewBox="0 0 14.701 20.582">
|
||||
<g id="kollektion" transform="translate(2139 296)">
|
||||
<path id="Pfad_1" data-name="Pfad 1"
|
||||
d="M21.23,7.617,16.085,2.471a.667.667,0,0,0-.514-.22H8.22a1.474,1.474,0,0,0-1.47,1.47V21.363a1.474,1.474,0,0,0,1.47,1.47H19.981a1.474,1.474,0,0,0,1.47-1.47V8.131a.668.668,0,0,0-.22-.514Zm-5.66-3.6,4.116,4.116H15.571Zm4.41,17.347H8.22V3.72H14.1v4.41a1.474,1.474,0,0,0,1.47,1.47h4.41Z"
|
||||
transform="translate(-2145.75 -298.251)" fill="#fff" />
|
||||
<path id="Pfad_2" data-name="Pfad 2" d="M11.25,24.75h8.821v1.47H11.25Z"
|
||||
transform="translate(-2147.31 -306.049)" fill="#fff" />
|
||||
<path id="Pfad_3" data-name="Pfad 3" d="M11.25,18h8.821v1.47H11.25Z"
|
||||
transform="translate(-2147.31 -303.71)" fill="#fff" />
|
||||
</g>
|
||||
</svg><?php echo $translation->get("intranet_posts"); ?>
|
||||
</a>
|
||||
</li>
|
||||
<?php
|
||||
?>
|
||||
<li class="structure_nav group small">
|
||||
<a href="<?= get_menu_link('collections', $site, $language); ?>"
|
||||
class="<?= (isset($_GET["level_1"]) && $_GET["level_1"] == "collections") ? 'active' : ''; ?>"><svg
|
||||
xmlns="http://www.w3.org/2000/svg" width="14.701" height="20.582"
|
||||
viewBox="0 0 14.701 20.582">
|
||||
<g id="kollektion" transform="translate(2139 296)">
|
||||
<path id="Pfad_1" data-name="Pfad 1"
|
||||
d="M21.23,7.617,16.085,2.471a.667.667,0,0,0-.514-.22H8.22a1.474,1.474,0,0,0-1.47,1.47V21.363a1.474,1.474,0,0,0,1.47,1.47H19.981a1.474,1.474,0,0,0,1.47-1.47V8.131a.668.668,0,0,0-.22-.514Zm-5.66-3.6,4.116,4.116H15.571Zm4.41,17.347H8.22V3.72H14.1v4.41a1.474,1.474,0,0,0,1.47,1.47h4.41Z"
|
||||
transform="translate(-2145.75 -298.251)" fill="#fff" />
|
||||
<path id="Pfad_2" data-name="Pfad 2" d="M11.25,24.75h8.821v1.47H11.25Z"
|
||||
transform="translate(-2147.31 -306.049)" fill="#fff" />
|
||||
<path id="Pfad_3" data-name="Pfad 3" d="M11.25,18h8.821v1.47H11.25Z"
|
||||
transform="translate(-2147.31 -303.71)" fill="#fff" />
|
||||
</g>
|
||||
</svg><?php echo $translation->get("intranet_posts"); ?>
|
||||
</a>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<?php create_collections_menu($site, $language, $translation); ?>
|
||||
?>
|
||||
<?php create_collections_menu($site, $language, $translation); ?>
|
||||
</div>
|
||||
|
||||
<!-- Module -->
|
||||
<div class="group-wrapper module">
|
||||
<li class="structure_nav group small toggle_trigger">
|
||||
<a href="#" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "module") ? 'active' : ''; ?>"><svg xmlns="http://www.w3.org/2000/svg" width="36" height="35.827" viewBox="0 0 36 35.827">
|
||||
<g id="box-seam" transform="translate(0 -0.173)">
|
||||
<path id="Pfad_26" data-name="Pfad 26" d="M18.419,2.5a1.125,1.125,0,0,0-.837,0L4.154,7.875l5.409,2.162L23.409,4.5Zm8.019,3.208L12.591,11.25,18,13.412,31.846,7.875,26.437,5.713Zm7.313,3.825-14.625,5.85V33.212l14.625-5.85V9.54ZM16.875,33.215V15.386L2.25,9.538V27.365ZM16.747.414a3.375,3.375,0,0,1,2.507,0l16.04,6.417A1.125,1.125,0,0,1,36,7.875v19.49a2.25,2.25,0,0,1-1.415,2.088L18.419,35.919a1.125,1.125,0,0,1-.837,0L1.417,29.453A2.25,2.25,0,0,1,0,27.365V7.875A1.125,1.125,0,0,1,.707,6.831Z" fill-rule="evenodd"/>
|
||||
</g>
|
||||
</svg>
|
||||
<?php echo $adminMenu['module']['name']; ?></a>
|
||||
<a href="#"
|
||||
class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "module") ? 'active' : ''; ?>"><svg
|
||||
xmlns="http://www.w3.org/2000/svg" width="36" height="35.827" viewBox="0 0 36 35.827">
|
||||
<g id="box-seam" transform="translate(0 -0.173)">
|
||||
<path id="Pfad_26" data-name="Pfad 26"
|
||||
d="M18.419,2.5a1.125,1.125,0,0,0-.837,0L4.154,7.875l5.409,2.162L23.409,4.5Zm8.019,3.208L12.591,11.25,18,13.412,31.846,7.875,26.437,5.713Zm7.313,3.825-14.625,5.85V33.212l14.625-5.85V9.54ZM16.875,33.215V15.386L2.25,9.538V27.365ZM16.747.414a3.375,3.375,0,0,1,2.507,0l16.04,6.417A1.125,1.125,0,0,1,36,7.875v19.49a2.25,2.25,0,0,1-1.415,2.088L18.419,35.919a1.125,1.125,0,0,1-.837,0L1.417,29.453A2.25,2.25,0,0,1,0,27.365V7.875A1.125,1.125,0,0,1,.707,6.831Z"
|
||||
fill-rule="evenodd" />
|
||||
</g>
|
||||
</svg>
|
||||
<?php echo $adminMenu['module']['name']; ?></a>
|
||||
</li>
|
||||
<div class="toggle_menu">
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "contactform") ? 'active' : ''; ?>" href="<?php echo get_menu_link('contactform', $site, $language); ?>"><?php echo $translation->get('left_contactforms'); ?></a>
|
||||
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "contactform") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('contactform', $site, $language); ?>"><?php echo $translation->get('left_contactforms'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "photo_approve") ? 'active' : ''; ?>" href="<?php echo get_menu_link('photo_approve', $site, $language); ?>"><?php echo $translation->get('photo_approve'); ?></a>
|
||||
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "photo_approve") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('photo_approve', $site, $language); ?>"><?php echo $translation->get('photo_approve'); ?></a>
|
||||
</li>
|
||||
<?php create_module_menu($site, $language, $translation, $adminMenu); ?>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<?php
|
||||
if ($is_betriebsrat == 0) {
|
||||
?>
|
||||
<div class='group-wrapper module'>
|
||||
<li class="structure_nav group small">
|
||||
<a class='cms' href="#" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "intranet") ? 'active' : ''; ?>">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="31.5" height="31.5" viewBox="0 0 31.5 31.5">
|
||||
<g id="dashboard" transform="translate(-2.25 -2.25)">
|
||||
<path id="Pfad_135" data-name="Pfad 135" d="M27,23.625h2.25V29.25H27Z"/>
|
||||
<path id="Pfad_136" data-name="Pfad 136" d="M22.5,18h2.25V29.25H22.5Z"/>
|
||||
<path id="Pfad_137" data-name="Pfad 137" d="M12.375,29.25A5.632,5.632,0,0,1,6.75,23.625H9a3.375,3.375,0,1,0,3.375-3.375V18a5.625,5.625,0,0,1,0,11.25Z"/>
|
||||
<path id="Pfad_138" data-name="Pfad 138" d="M31.5,2.25H4.5A2.252,2.252,0,0,0,2.25,4.5v27A2.252,2.252,0,0,0,4.5,33.75h27a2.253,2.253,0,0,0,2.25-2.25V4.5A2.252,2.252,0,0,0,31.5,2.25Zm0,10.125H15.75V4.5H31.5ZM13.5,4.5v7.875h-9V4.5Zm-9,27V14.625h27l0,16.875Z"/>
|
||||
</g>
|
||||
</svg>
|
||||
<?php echo $translation->get("intranet_basics") ?></a>
|
||||
if ($is_betriebsrat == 0) {
|
||||
?>
|
||||
<div class='group-wrapper module'>
|
||||
<li class="structure_nav group small toggle_trigger">
|
||||
<a class='cms' href="#"
|
||||
class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "intranet") ? 'active' : ''; ?>">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="31.5" height="31.5" viewBox="0 0 31.5 31.5">
|
||||
<g id="dashboard" transform="translate(-2.25 -2.25)">
|
||||
<path id="Pfad_135" data-name="Pfad 135" d="M27,23.625h2.25V29.25H27Z" />
|
||||
<path id="Pfad_136" data-name="Pfad 136" d="M22.5,18h2.25V29.25H22.5Z" />
|
||||
<path id="Pfad_137" data-name="Pfad 137"
|
||||
d="M12.375,29.25A5.632,5.632,0,0,1,6.75,23.625H9a3.375,3.375,0,1,0,3.375-3.375V18a5.625,5.625,0,0,1,0,11.25Z" />
|
||||
<path id="Pfad_138" data-name="Pfad 138"
|
||||
d="M31.5,2.25H4.5A2.252,2.252,0,0,0,2.25,4.5v27A2.252,2.252,0,0,0,4.5,33.75h27a2.253,2.253,0,0,0,2.25-2.25V4.5A2.252,2.252,0,0,0,31.5,2.25Zm0,10.125H15.75V4.5H31.5ZM13.5,4.5v7.875h-9V4.5Zm-9,27V14.625h27l0,16.875Z" />
|
||||
</g>
|
||||
</svg>
|
||||
<?php echo $translation->get("intranet_basics") ?></a>
|
||||
</li>
|
||||
<div class="toggle_menu">
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_contact") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('intranet/config_contact', $site, $language); ?>"><?php echo $translation->get('top_contact'); ?></a>
|
||||
</li>
|
||||
<div class="toggle_menu">
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_contact") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_contact', $site, $language); ?>"><?php echo $translation->get('top_contact'); ?></a>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_mandant") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('intranet/config_mandant', $site, $language); ?>"><?php echo $translation->get('top_mandant'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_mandant") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_mandant', $site, $language); ?>"><?php echo $translation->get('top_mandant'); ?></a>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_department") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('intranet/config_department', $site, $language); ?>"><?php echo $translation->get('top_department'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_department") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_department', $site, $language); ?>"><?php echo $translation->get('top_department'); ?></a>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_space") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('intranet/config_space', $site, $language); ?>"><?php echo $translation->get('top_space'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_space") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_space', $site, $language); ?>"><?php echo $translation->get('top_space'); ?></a>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_facility") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('intranet/config_facility', $site, $language); ?>"><?php echo $translation->get('Einrichtungen'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_facility") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_facility', $site, $language); ?>"><?php echo $translation->get('Einrichtungen'); ?></a>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_role") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('intranet/config_role', $site, $language); ?>"><?php echo $translation->get('top_role'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_role") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_role', $site, $language); ?>"><?php echo $translation->get('top_role'); ?></a>
|
||||
</li>
|
||||
|
||||
|
||||
|
||||
</div>
|
||||
</li>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
|
||||
|
||||
</div>
|
||||
</li>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<!-- CMS-System -->
|
||||
<li class="structure_nav group small toggle_trigger">
|
||||
<a class="cms" href="#" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "structure") ? 'active' : ''; ?>"> <svg
|
||||
xmlns="http://www.w3.org/2000/svg" width="19.548" height="19.557" viewBox="0 0 19.548 19.557">
|
||||
<a class="cms" href="#"
|
||||
class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "structure") ? 'active' : ''; ?>">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="19.548" height="19.557" viewBox="0 0 19.548 19.557">
|
||||
<g id="struktur" transform="translate(2141 225)">
|
||||
<path id="Pfad_4" data-name="Pfad 4" d="M10.4,7.448a.7.7,0,1,1-.7-.7A.7.7,0,0,1,10.4,7.448Z"
|
||||
transform="translate(-2145.811 -228.957)" fill="#fff" />
|
||||
@@ -231,110 +260,125 @@ function create_module_menu($site, $language, $translation, $adminMenu){
|
||||
d="M19.7,16.31V13.42a1.4,1.4,0,0,0-1.4-1.4H12.722V9.231h6.283a1.4,1.4,0,0,0,1.4-1.4V3.646a1.4,1.4,0,0,0-1.4-1.4H5.042a1.4,1.4,0,0,0-1.4,1.4V7.835a1.4,1.4,0,0,0,1.4,1.4h6.283v2.793H5.741a1.4,1.4,0,0,0-1.4,1.4v2.89a2.793,2.793,0,1,0,1.4,0V13.42h5.585v2.793H9.231V21.8h5.585V16.213H12.722V13.42h5.585v2.89a2.793,2.793,0,1,0,1.4,0Zm-13.265,2.7a1.4,1.4,0,1,1-1.4-1.4A1.4,1.4,0,0,1,6.439,19.005Zm6.981-1.4V20.4H10.627V17.609ZM5.042,7.835V3.646H19.005V7.835ZM19.005,20.4a1.4,1.4,0,1,1,1.4-1.4A1.4,1.4,0,0,1,19.005,20.4Z"
|
||||
transform="translate(-2143.25 -227.25)" fill="#fff" />
|
||||
</g>
|
||||
</svg>
|
||||
<?php echo $translation->get("cms") ?></a>
|
||||
</svg>
|
||||
<?php echo $translation->get("cms") ?></a>
|
||||
</li>
|
||||
<div class="toggle_menu">
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "sites") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('structure/sites', $site, $language); ?>"><?php echo $translation->get('left_sites'); ?></a>
|
||||
</li>
|
||||
<div class="toggle_menu">
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "sites") ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/sites', $site, $language); ?>"><?php echo $translation->get('left_sites'); ?></a>
|
||||
</li>
|
||||
<?php
|
||||
<?php
|
||||
if ($is_betriebsrat == 0) {
|
||||
?>
|
||||
?>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "navigation") ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/navigation', $site, $language); ?>"><?php echo $translation->get('left_navigation'); ?></a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "navigation") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('structure/navigation', $site, $language); ?>"><?php echo $translation->get('left_navigation'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "components") ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/components', $site, $language); ?>"><?php echo $translation->get('left_components'); ?></a>
|
||||
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "components") ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('structure/components', $site, $language); ?>"><?php echo $translation->get('left_components'); ?></a>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/files', $site, $language); ?>"><?php echo $translation->get('left_files'); ?></a>
|
||||
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('structure/files', $site, $language); ?>"><?php echo $translation->get('left_files'); ?></a>
|
||||
</li>
|
||||
<li class="structure_nav toggle_li">
|
||||
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/video_uploud', $site, $language); ?>"><?php echo $translation->get('video_uploud'); ?></a>
|
||||
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>"
|
||||
href="<?php echo get_menu_link('structure/video_uploud', $site, $language); ?>"><?php echo $translation->get('video_uploud'); ?></a>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class='main_menu'>
|
||||
<div class="sitelanguage-version"><?php echo current_website_language($site, $language); ?><div class="version">v.23.1</div></div>
|
||||
<div class="sitelanguage-version"><?php echo current_website_language($site, $language); ?>
|
||||
<div class="version">v.23.1</div>
|
||||
</div>
|
||||
<div class="theme-switch">
|
||||
<div>
|
||||
<input type="checkbox" class="checkbox" id="theme-toggle" />
|
||||
<label for="theme-toggle"></label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
</div>
|
||||
<?php
|
||||
if ($is_betriebsrat == 0) {
|
||||
if ($is_betriebsrat == 0) {
|
||||
?>
|
||||
<div class="menu-wrapper">
|
||||
<div class="menu-wrapper">
|
||||
|
||||
<li class="topmenu gray_arrow" id="user_menu">
|
||||
<a href="#"><?php echo $translation->get("signed_user") . ": " . $admin_user["name"]; ?></i></a>
|
||||
<ul>
|
||||
<li class="menu_userdata">
|
||||
<a href="<?php echo get_menu_link('config/config_users', $site, $language, "?action=open_card&input_id=" . $admin_user['id']); ?>"><?php echo $translation->get('my_account'); ?></a>
|
||||
</li>
|
||||
<li class="topmenu gray_arrow" id="user_menu">
|
||||
<a href="#"><?php echo $translation->get("signed_user") . ": " . $admin_user["name"]; ?></i></a>
|
||||
<ul>
|
||||
<li class="menu_userdata">
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_users', $site, $language, "?action=open_card&input_id=" . $admin_user['id']); ?>"><?php echo $translation->get('my_account'); ?></a>
|
||||
</li>
|
||||
|
||||
<li class="spacer"> </li>
|
||||
<li class="spacer"> </li>
|
||||
|
||||
<li class="menu_link_logout">
|
||||
<a href="?action=admin_logout"><?php echo $translation->get('top_logout'); ?></a>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
<li class="menu_link_logout">
|
||||
<a href="?action=admin_logout"><?php echo $translation->get('top_logout'); ?></a>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
|
||||
<li class="topmenu" id="settings_menu">
|
||||
<a href="#"><i class="bi bi-sliders"></i></a>
|
||||
<ul>
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/config_websites', $site, $language); ?>"><?php echo $translation->get('top_websites'); ?></a>
|
||||
</li>
|
||||
<li class="topmenu" id="settings_menu">
|
||||
<a href="#"><i class="bi bi-sliders"></i></a>
|
||||
<ul>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_websites', $site, $language); ?>"><?php echo $translation->get('top_websites'); ?></a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/config_language', $site, $language); ?>"><?php echo $translation->get('top_languages'); ?></a>
|
||||
</li>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_language', $site, $language); ?>"><?php echo $translation->get('top_languages'); ?></a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/config_users', $site, $language); ?>"><?php echo $translation->get('top_users'); ?></a>
|
||||
</li>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_users', $site, $language); ?>"><?php echo $translation->get('top_users'); ?></a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/config_layouts', $site, $language); ?>"><?php echo $translation->get('top_layouts'); ?></a>
|
||||
</li>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_layouts', $site, $language); ?>"><?php echo $translation->get('top_layouts'); ?></a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/config_collections', $site, $language); ?>"><?php echo $translation->get('top_collections_config'); ?></a>
|
||||
</li>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_collections', $site, $language); ?>"><?php echo $translation->get('top_collections_config'); ?></a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/config_url_management', $site, $language); ?>"><?php echo $translation->get('url_management'); ?></a>
|
||||
</li>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/config_url_management', $site, $language); ?>"><?php echo $translation->get('url_management'); ?></a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="<?php echo get_menu_link('config/sitemap', $site, $language); ?>"><?php echo $translation->get('sitemap'); ?></a>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
<li>
|
||||
<a
|
||||
href="<?php echo get_menu_link('config/sitemap', $site, $language); ?>"><?php echo $translation->get('sitemap'); ?></a>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
|
||||
<li class="topmenu" id="site_language_menu">
|
||||
<?php echo $translation->get("top_config_websites") ?>
|
||||
<ul class="site_dropdown">
|
||||
<li>
|
||||
<?php $siteLanguage = get_site_language_menu($site, $language); ?>
|
||||
</li>
|
||||
<li>
|
||||
<?php echo $siteLanguage['siteLanguageMenu']; ?>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<li class="topmenu" id="site_language_menu">
|
||||
<?php echo $translation->get("top_config_websites") ?>
|
||||
<ul class="site_dropdown">
|
||||
<li>
|
||||
<?php $siteLanguage = get_site_language_menu($site, $language); ?>
|
||||
</li>
|
||||
<li>
|
||||
<?php echo $siteLanguage['siteLanguageMenu']; ?>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
|
||||
<!-- <li class="topmenu stats">
|
||||
<a href="<?php echo get_menu_link('statistics', $site, $language); ?>" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "statistics") ? 'active' : ''; ?>">
|
||||
@@ -353,46 +397,113 @@ function create_module_menu($site, $language, $translation, $adminMenu){
|
||||
</nav>
|
||||
|
||||
<script>
|
||||
//Dark Mode Light Mode Switch Header
|
||||
var toggle = document.getElementById("theme-toggle");
|
||||
// Dark Mode Light Mode Switch Header
|
||||
var toggle = document.getElementById("theme-toggle");
|
||||
|
||||
var storedTheme = localStorage.getItem('theme') || (window.matchMedia("(prefers-color-scheme: light)").matches ? "dark" : "light");
|
||||
if (storedTheme)
|
||||
document.documentElement.setAttribute('data-theme', storedTheme)
|
||||
var storedTheme = localStorage.getItem('theme') || (window.matchMedia("(prefers-color-scheme: light)").matches ? "dark" : "light");
|
||||
if (storedTheme)
|
||||
document.documentElement.setAttribute('data-theme', storedTheme)
|
||||
|
||||
toggle.onclick = function () {
|
||||
var currentTheme = document.documentElement.getAttribute("data-theme");
|
||||
var targetTheme = "light";
|
||||
|
||||
toggle.onclick = function() {
|
||||
var currentTheme = document.documentElement.getAttribute("data-theme");
|
||||
var targetTheme = "light";
|
||||
if (currentTheme === "light") {
|
||||
targetTheme = "dark";
|
||||
}
|
||||
|
||||
if (currentTheme === "light") {
|
||||
targetTheme = "dark";
|
||||
document.documentElement.setAttribute('data-theme', targetTheme)
|
||||
localStorage.setItem('theme', targetTheme);
|
||||
};
|
||||
|
||||
const menuToggle = document.querySelector('.menu-toggle');
|
||||
|
||||
menuToggle.addEventListener('click', () => {
|
||||
const isOpened = menuToggle.getAttribute('aria-expanded') === "true";
|
||||
isOpened ? closeMenu() : openMenu();
|
||||
});
|
||||
|
||||
function openMenu() {
|
||||
menuToggle.setAttribute('aria-expanded', "true");
|
||||
}
|
||||
function closeMenu() {
|
||||
menuToggle.setAttribute('aria-expanded', "false");
|
||||
}
|
||||
|
||||
document.documentElement.setAttribute('data-theme', targetTheme)
|
||||
localStorage.setItem('theme', targetTheme);
|
||||
};
|
||||
function saveMenuState() {
|
||||
const openMenus = [];
|
||||
document.querySelectorAll('li.structure_nav.group.small').forEach((el, index) => {
|
||||
if (el.classList.contains('rotate_chevron')) {
|
||||
openMenus.push(index);
|
||||
}
|
||||
});
|
||||
localStorage.setItem('openMenus', JSON.stringify(openMenus));
|
||||
}
|
||||
|
||||
const menuToggle = document.querySelector('.menu-toggle');
|
||||
function restoreMenuState() {
|
||||
const saved = localStorage.getItem('openMenus');
|
||||
let openMenus;
|
||||
|
||||
if (saved === null) {
|
||||
openMenus = [];
|
||||
document.querySelectorAll('li.structure_nav.group.small').forEach((el, index) => {
|
||||
openMenus.push(index);
|
||||
});
|
||||
localStorage.setItem('openMenus', JSON.stringify(openMenus));
|
||||
} else {
|
||||
openMenus = JSON.parse(saved);
|
||||
}
|
||||
|
||||
menuToggle.addEventListener('click', () => {
|
||||
const isOpened = menuToggle.getAttribute('aria-expanded') === "true";
|
||||
isOpened ? closeMenu() : openMenu();
|
||||
});
|
||||
|
||||
function openMenu() {
|
||||
menuToggle.setAttribute('aria-expanded', "true");
|
||||
}
|
||||
function closeMenu() {
|
||||
menuToggle.setAttribute('aria-expanded', "false");
|
||||
document.querySelectorAll('li.structure_nav.group.small').forEach((el, index) => {
|
||||
if (openMenus.includes(index)) {
|
||||
el.classList.add('rotate_chevron');
|
||||
$(el).next().children(".toggle_li").show();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
$(".parent_dropdown").click(function(){
|
||||
$(this).children(".site_dropdown_new").toggle();
|
||||
});
|
||||
restoreMenuState();
|
||||
|
||||
$("li.structure_nav.group.small").click(function(){
|
||||
$(this).toggleClass("rotate_chevron");
|
||||
$(this).next().children(".toggle_li").toggle();
|
||||
});
|
||||
$("li.structure_nav.group.small").click(function () {
|
||||
$(this).toggleClass("rotate_chevron");
|
||||
$(this).next().children(".toggle_li").toggle();
|
||||
saveMenuState();
|
||||
});
|
||||
|
||||
function saveDropdownState() {
|
||||
const openDropdowns = [];
|
||||
document.querySelectorAll('.parent_dropdown').forEach((el, index) => {
|
||||
if ($(el).children(".site_dropdown_new").is(":visible")) {
|
||||
openDropdowns.push(index);
|
||||
}
|
||||
});
|
||||
localStorage.setItem('openDropdowns', JSON.stringify(openDropdowns));
|
||||
}
|
||||
|
||||
function restoreDropdownState() {
|
||||
const openDropdowns = JSON.parse(localStorage.getItem('openDropdowns') || '[]');
|
||||
document.querySelectorAll('.parent_dropdown').forEach((el, index) => {
|
||||
if (openDropdowns.includes(index)) {
|
||||
$(el).children(".site_dropdown_new").show();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
restoreDropdownState();
|
||||
|
||||
$(".parent_dropdown").click(function () {
|
||||
$(this).children(".site_dropdown_new").toggle();
|
||||
saveDropdownState();
|
||||
});
|
||||
|
||||
function fixNavHeight() {
|
||||
const nav = document.querySelector('.main_navigation');
|
||||
const bottomBar = document.querySelector('.main_menu:nth-child(2)');
|
||||
if (!nav || !bottomBar) return;
|
||||
const bottomBarHeight = bottomBar.offsetHeight;
|
||||
nav.style.height = (window.innerHeight - 160 - bottomBarHeight) + 'px';
|
||||
}
|
||||
|
||||
fixNavHeight();
|
||||
window.addEventListener('resize', fixNavHeight);
|
||||
</script>
|
||||
@@ -244,6 +244,12 @@ class Adminmenu {
|
||||
'include' => MODULE_PATH . "ticketcenter/ticketcenter.inc.php",
|
||||
'linklistmenu' => TRUE,
|
||||
'subsites' => array(
|
||||
// 'settings' => array(
|
||||
// 'name' => $translation->get('Einstelungen'),
|
||||
// 'include' => MODULE_PATH . "ticketcenter/views/settings/settings.inc.php",
|
||||
// 'admin_start_parameter' => "",
|
||||
// 'linklistmenu' => TRUE
|
||||
// ),
|
||||
'category' => array(
|
||||
'name' => $translation->get('category'),
|
||||
'include' => MODULE_PATH . "ticketcenter/views/category/category.inc.php",
|
||||
|
||||
@@ -38,7 +38,19 @@ function showBasicAuth($realm): void
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
die();
|
||||
}
|
||||
function encryptId($id)
|
||||
{
|
||||
$encryptedId = base64_encode($id . "EC1ibm38FI53cxmSnQUi");
|
||||
return $encryptedId;
|
||||
}
|
||||
|
||||
// Entschlüsselt eine zuvor verschlüsselte ID, um ihre ursprüngliche Form wiederherzustellen.
|
||||
function decryptId($encryptedId)
|
||||
{
|
||||
$decryptedId = base64_decode($encryptedId);
|
||||
$id = str_replace("EC1ibm38FI53cxmSnQUi", "", $decryptedId);
|
||||
return $id;
|
||||
}
|
||||
//mysqli_result analog zu mysql_result
|
||||
function mysqli_result( $res, $row = 0, $col = 0 ) {
|
||||
if ($row >= 0 && @mysqli_num_rows($res) > $row) {
|
||||
@@ -1239,6 +1251,7 @@ function navigation_fullmenu_rek( $site, $language, $navigation, $parent_id, $le
|
||||
if( $nav["code"] == '404' ){
|
||||
$display = " style='display:none;' ";
|
||||
}
|
||||
|
||||
if($nav["code"] == 'home' || $nav["code"] == 'startseite' || $nav["is_home_page"] == 1){
|
||||
$addr = '/';
|
||||
}
|
||||
@@ -1249,6 +1262,9 @@ function navigation_fullmenu_rek( $site, $language, $navigation, $parent_id, $le
|
||||
if($nav['forward_type'] == 4){
|
||||
$link = "";
|
||||
}
|
||||
if( $nav["code"] == 'ticketcenter' and (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) != 1 and get_permission_state('show_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) != 1)){
|
||||
continue;
|
||||
}
|
||||
$if_query = "(content_id IS NOT NULL AND content_type != 'collection') OR content_id IS NULL OR (content_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id']." AND content_type = 'collection')";
|
||||
// $if_query = "main_collection_mandant_link.main_collection_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id'];
|
||||
$query2 = "SELECT * FROM main_page_link LEFT JOIN main_collection ON main_collection.main_collection_setup_id = main_page_link.main_collection_setup_id LEFT JOIN intranet_mandant_link ON main_collection.id = intranet_mandant_link.content_id WHERE (".$if_query.") AND main_page_id = ".$nav['forward_page_id']." AND main_collection_list = 1 AND main_collection.id NOT IN (SELECT main_collection_id FROM main_collection_read WHERE main_contact_id = ".$GLOBALS['main_contact']['id'].") AND main_collection.readable = 1";
|
||||
@@ -3143,7 +3159,7 @@ function update_sitepart_changes( $sitepartId, $headerId, $delete = FALSE ) {
|
||||
// }
|
||||
//}
|
||||
|
||||
function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disabled = FALSE, $evaluate = FALSE, $script = "", $idSuffix = '' ) {
|
||||
function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disabled = FALSE, $evaluate = FALSE, $script = "", $idSuffix = '', $required = FALSE ) {
|
||||
if ($evaluate && $value == "") {
|
||||
//$eval_string = "<font color=\"red\">Bitte füllen Sie dieses Feld aus</font>";
|
||||
$typ = $typ . "_error";
|
||||
@@ -3151,6 +3167,8 @@ function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disa
|
||||
//$eval_string = "";
|
||||
}
|
||||
$eval_string = "";
|
||||
$required_text = ($required) ? " required=\"required\"" : "";
|
||||
|
||||
if ($typ != "smalltext_cc_2_error" && $typ != "hidden") {
|
||||
echo "<div class=\"label " . $inputname . "\"><label for=\"" . $inputname . "\" >" . $name . "</label></div>";
|
||||
}
|
||||
@@ -3168,63 +3186,62 @@ function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disa
|
||||
|
||||
switch ($typ) {
|
||||
case "smalltextarea":
|
||||
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"small\"" . $disabled_text . $maxlength_text . ">" . $value . "</textarea></div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"small\"" . $disabled_text . $maxlength_text . $required_text . ">" . $value . "</textarea></div>\n";
|
||||
break;
|
||||
case "textarea":
|
||||
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"normal\"" . $disabled_text . $maxlength_text . ">" . $value . "</textarea></div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"normal\"" . $disabled_text . $maxlength_text . $required_text . ">" . $value . "</textarea></div>\n";
|
||||
break;
|
||||
case "smalltext_cn_1_error":
|
||||
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
break;
|
||||
case "smalltext_cn_1":
|
||||
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
break;
|
||||
case "smalltext_cn_2_error":
|
||||
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
break;
|
||||
case "smalltext_cn_2":
|
||||
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
|
||||
break;
|
||||
case "file":
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"file\" /></div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"file\"" . $required_text . " /></div>\n";
|
||||
break;
|
||||
case "checkbox":
|
||||
$checked_text = ($value == "on") ? "checked=\"checked\"" : "";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname.$idSuffix . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . " " . $script . "/>" . $eval_string . "</div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname.$idSuffix . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " " . $script . "/>" . $eval_string . "</div>\n";
|
||||
break;
|
||||
case "checkbox_shop":
|
||||
$checked_text = ($value == "on") ? "checked=\"checked\"" : "";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox_shop\" type=\"checkbox\"" . $disabled_text . $checked_text . " " . $script . "/>" . $eval_string . "</div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox_shop\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " " . $script . "/>" . $eval_string . "</div>\n";
|
||||
break;
|
||||
case "checkbox_with_formreload":
|
||||
$checked_text = ($value) ? "checked=\"checked\"" : "";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . " onclick=\"this.form.submit();\"/>" . $eval_string . "</div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " onclick=\"this.form.submit();\"/>" . $eval_string . "</div>\n";
|
||||
break;
|
||||
case "checkbox_with_formreload_checked":
|
||||
$checked_text = ($value) ? "checked=\"checked\"" : "";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . " onclick=\"this.form.submit();\"/></div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " onclick=\"this.form.submit();\"/></div>\n";
|
||||
break;
|
||||
case "password":
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"password\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" /></div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"password\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" /></div>\n";
|
||||
break;
|
||||
case "date":
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"date\" type=\"date\"" . $script . $disabled_text . $maxlength_text . " value=\"" . $value . "\" /></div> \n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"date\" type=\"date\"" . $script . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" /></div> \n";
|
||||
break;
|
||||
case "input_pref_delivery_date":
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " readonly /></div> \n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " readonly /></div> \n";
|
||||
break;
|
||||
//case "input_pref_delivery_date": echo "<div class=\"input\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" /><img src=\"/layout/frontend/haendler/img/calendar_icon.png\" width=\"15\" height=\"16\" onclick='fPopCalendar(\"date\")' /></div> \n"; break;
|
||||
case "hidden":
|
||||
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"hidden\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />\n";
|
||||
break;
|
||||
case "number":
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"number\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"number\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
|
||||
break;
|
||||
case "color":
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"color\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
|
||||
break;
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"color\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
|
||||
break;
|
||||
default:
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "</div>\n";
|
||||
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "</div>\n";
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -138,7 +138,7 @@
|
||||
<? get_content("horizontal_nav_bar",null,$IOCContainer); ?>
|
||||
<a href="/awo/de/profil/">
|
||||
<?php
|
||||
$profile_image = 'platzhalter-mann-compressor.jpg';
|
||||
$profile_image = 'platzhalter.png';
|
||||
if($GLOBALS['main_contact']['image'] != ""){
|
||||
$profile_image = $GLOBALS['main_contact']['image'];
|
||||
}
|
||||
|
||||
682
mysyde/frontend/frontend_userdata_controller.php
Normal file
682
mysyde/frontend/frontend_userdata_controller.php
Normal file
@@ -0,0 +1,682 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
const SESSION_COOKIE_CANDIDATES = ['sidintranet', 'sidcms', 'mysyde', 'PHPSESSID', 'sidawo'];
|
||||
const LOGIN_REDIRECT = '/';
|
||||
const USERDATA_BASE_DIR = __DIR__ . '/../../userdata';
|
||||
const USE_X_SENDFILE = true;
|
||||
const ALLOW_PHP_STREAM_FALLBACK = true;
|
||||
const MEDIA_CACHE_MAX_AGE = 3600;
|
||||
const TRUSTED_PROXY_HEADER = true;
|
||||
const STREAM_CHUNK_SIZE = 1048576;
|
||||
const ENABLE_INLINE_SVG_FOR_IMAGE_REQUESTS = true;
|
||||
const ENABLE_TEMP_SESSION_DEBUG = false;
|
||||
// Optional hardening: e.g. ['icons/', 'logos/']; empty array allows all paths.
|
||||
const INLINE_SVG_ALLOWED_PATH_PREFIXES = [];
|
||||
|
||||
// Main flow:
|
||||
// 1. Start session (cookie hardening)
|
||||
// 2. Enforce authentication
|
||||
// 3. Validate + deliver requested file (X-Sendfile preferred, PHP fallback)
|
||||
bootstrapSession();
|
||||
maybeOutputSessionDebug();
|
||||
requireAuthenticatedUser();
|
||||
serveRequestedFile();
|
||||
|
||||
function bootstrapSession(): void
|
||||
{
|
||||
ini_set('session.use_only_cookies', '1');
|
||||
ini_set('session.use_strict_mode', '1');
|
||||
|
||||
session_set_cookie_params([
|
||||
'lifetime' => 0,
|
||||
'path' => '/',
|
||||
'secure' => isSecureConnection(),
|
||||
'httponly' => true,
|
||||
'samesite' => 'Lax',
|
||||
]);
|
||||
|
||||
$availableCookies = [];
|
||||
foreach (SESSION_COOKIE_CANDIDATES as $cookieName) {
|
||||
if (isset($_COOKIE[$cookieName]) && $_COOKIE[$cookieName] !== '') {
|
||||
$availableCookies[] = $cookieName;
|
||||
}
|
||||
}
|
||||
|
||||
if ($availableCookies === []) {
|
||||
session_start();
|
||||
return;
|
||||
}
|
||||
|
||||
foreach ($availableCookies as $cookieName) {
|
||||
if (session_name() !== $cookieName) {
|
||||
session_name($cookieName);
|
||||
}
|
||||
session_id((string)$_COOKIE[$cookieName]);
|
||||
session_start();
|
||||
|
||||
if (isCurrentSessionAuthenticated()) {
|
||||
return;
|
||||
}
|
||||
|
||||
session_write_close();
|
||||
}
|
||||
|
||||
// No authenticated session found: reopen the first available session.
|
||||
$fallbackCookie = $availableCookies[0];
|
||||
if (session_name() !== $fallbackCookie) {
|
||||
session_name($fallbackCookie);
|
||||
}
|
||||
session_id((string)$_COOKIE[$fallbackCookie]);
|
||||
|
||||
session_start();
|
||||
}
|
||||
|
||||
function requireAuthenticatedUser(): void
|
||||
{
|
||||
$loginId = (int)($_SESSION['login_id'] ?? 0);
|
||||
$adminId = (int)(
|
||||
$_SESSION['id']
|
||||
?? $_SESSION['main_admin_user_id']
|
||||
?? $_SESSION['admin_user_id']
|
||||
?? 0
|
||||
);
|
||||
$sidCmsCookie = (string)($_COOKIE['sidcms'] ?? '');
|
||||
$hasAdminSid = (
|
||||
session_name() === 'sidcms'
|
||||
&& $sidCmsCookie !== ''
|
||||
&& (
|
||||
hash_equals($sidCmsCookie, session_id())
|
||||
|| hash_equals($sidCmsCookie, (string)($_SESSION['sidcms'] ?? ''))
|
||||
)
|
||||
);
|
||||
$hasAdminAuthFlags = isAdminSessionFlagSet();
|
||||
|
||||
if ($loginId <= 0 && !($hasAdminSid && ($adminId > 0 || $hasAdminAuthFlags))) {
|
||||
header('Location: ' . LOGIN_REDIRECT, true, 302);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Release session lock early so parallel media requests do not block.
|
||||
session_write_close();
|
||||
}
|
||||
|
||||
function maybeOutputSessionDebug(): void
|
||||
{
|
||||
if (!ENABLE_TEMP_SESSION_DEBUG) {
|
||||
return;
|
||||
}
|
||||
|
||||
$debugFlag = strtolower(trim((string)($_GET['__debug_session'] ?? '0')));
|
||||
if (!in_array($debugFlag, ['1', 'true', 'yes'], true)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$sessionId = session_id();
|
||||
$sidCmsCookie = (string)($_COOKIE['sidcms'] ?? '');
|
||||
$loginId = (int)($_SESSION['login_id'] ?? 0);
|
||||
$adminId = (int)(
|
||||
$_SESSION['id']
|
||||
?? $_SESSION['main_admin_user_id']
|
||||
?? $_SESSION['admin_user_id']
|
||||
?? 0
|
||||
);
|
||||
|
||||
$hasAdminSid = (
|
||||
session_name() === 'sidcms'
|
||||
&& $sidCmsCookie !== ''
|
||||
&& (
|
||||
hash_equals($sidCmsCookie, $sessionId)
|
||||
|| hash_equals($sidCmsCookie, (string)($_SESSION['sidcms'] ?? ''))
|
||||
)
|
||||
);
|
||||
$hasAdminAuthFlags = isAdminSessionFlagSet();
|
||||
|
||||
$payload = [
|
||||
'debug' => true,
|
||||
'session_name' => session_name(),
|
||||
'session_id' => $sessionId,
|
||||
'cookie_candidates_present' => array_values(array_filter(
|
||||
SESSION_COOKIE_CANDIDATES,
|
||||
static fn(string $name): bool => !empty($_COOKIE[$name])
|
||||
)),
|
||||
'auth_evaluation' => [
|
||||
'login_id' => $loginId,
|
||||
'admin_id' => $adminId,
|
||||
'has_admin_sid' => $hasAdminSid,
|
||||
'has_admin_auth_flags' => $hasAdminAuthFlags,
|
||||
'would_pass_auth' => ($loginId > 0) || ($hasAdminSid && ($adminId > 0 || $hasAdminAuthFlags)),
|
||||
],
|
||||
'session' => $_SESSION,
|
||||
'cookies' => $_COOKIE,
|
||||
'request' => [
|
||||
'method' => (string)($_SERVER['REQUEST_METHOD'] ?? ''),
|
||||
'uri' => (string)($_SERVER['REQUEST_URI'] ?? ''),
|
||||
'remote_addr' => (string)($_SERVER['REMOTE_ADDR'] ?? ''),
|
||||
],
|
||||
];
|
||||
|
||||
while (ob_get_level() > 0) {
|
||||
ob_end_clean();
|
||||
}
|
||||
|
||||
header('Content-Type: application/json; charset=UTF-8');
|
||||
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
|
||||
header('Pragma: no-cache');
|
||||
echo json_encode($payload, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
|
||||
exit;
|
||||
}
|
||||
|
||||
function isCurrentSessionAuthenticated(): bool
|
||||
{
|
||||
$loginId = (int)($_SESSION['login_id'] ?? 0);
|
||||
if ($loginId > 0) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (session_name() !== 'sidcms') {
|
||||
return false;
|
||||
}
|
||||
|
||||
$adminId = (int)(
|
||||
$_SESSION['id']
|
||||
?? $_SESSION['main_admin_user_id']
|
||||
?? $_SESSION['admin_user_id']
|
||||
?? 0
|
||||
);
|
||||
if ($adminId <= 0 && !isAdminSessionFlagSet()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$sidCmsCookie = (string)($_COOKIE['sidcms'] ?? '');
|
||||
if ($sidCmsCookie === '') {
|
||||
return false;
|
||||
}
|
||||
|
||||
return hash_equals($sidCmsCookie, session_id())
|
||||
|| hash_equals($sidCmsCookie, (string)($_SESSION['sidcms'] ?? ''));
|
||||
}
|
||||
|
||||
function isAdminSessionFlagSet(): bool
|
||||
{
|
||||
if (!empty($_SESSION['IsAuthorized'])) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ((int)($_SESSION['session_login'] ?? 0) > 0) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ((int)($_SESSION['admin_login'] ?? 0) > 0) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
function serveRequestedFile(): void
|
||||
{
|
||||
$requestMethod = strtoupper((string)($_SERVER['REQUEST_METHOD'] ?? 'GET'));
|
||||
if (!in_array($requestMethod, ['GET', 'HEAD'], true)) {
|
||||
header('Allow: GET, HEAD', true, 405);
|
||||
exit;
|
||||
}
|
||||
|
||||
$relativePath = requestedRelativePath();
|
||||
if ($relativePath === '') {
|
||||
http_response_code(400);
|
||||
echo 'Bad Request';
|
||||
exit;
|
||||
}
|
||||
|
||||
$baseDir = realpath(USERDATA_BASE_DIR);
|
||||
if ($baseDir === false || !is_dir($baseDir)) {
|
||||
http_response_code(500);
|
||||
echo 'Storage Not Configured';
|
||||
exit;
|
||||
}
|
||||
|
||||
$resolvedPath = realpath($baseDir . DIRECTORY_SEPARATOR . $relativePath);
|
||||
if ($resolvedPath === false || !is_file($resolvedPath) || !is_readable($resolvedPath)) {
|
||||
http_response_code(404);
|
||||
echo 'Not Found';
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isInsideBasePath($resolvedPath, $baseDir)) {
|
||||
http_response_code(403);
|
||||
echo 'Forbidden';
|
||||
exit;
|
||||
}
|
||||
|
||||
deliverFile($resolvedPath, $relativePath, $requestMethod === 'HEAD');
|
||||
}
|
||||
|
||||
function requestedRelativePath(): string
|
||||
{
|
||||
// PHP already decodes $_GET values; do not decode again.
|
||||
$rawPath = (string)($_GET['file'] ?? '');
|
||||
$rawPath = trim(str_replace('\\', '/', $rawPath));
|
||||
$rawPath = ltrim($rawPath, '/');
|
||||
$rawPath = preg_replace('#/+#', '/', $rawPath) ?? '';
|
||||
|
||||
if ($rawPath === '' || str_contains($rawPath, "\0")) {
|
||||
return '';
|
||||
}
|
||||
|
||||
$segments = explode('/', $rawPath);
|
||||
foreach ($segments as $segment) {
|
||||
if ($segment === '' || $segment === '.' || $segment === '..') {
|
||||
return '';
|
||||
}
|
||||
}
|
||||
|
||||
return $rawPath;
|
||||
}
|
||||
|
||||
function isInsideBasePath(string $resolvedPath, string $baseDir): bool
|
||||
{
|
||||
$base = rtrim($baseDir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
|
||||
return strncmp($resolvedPath, $base, strlen($base)) === 0;
|
||||
}
|
||||
|
||||
function deliverFile(string $absolutePath, string $relativePath, bool $headOnly): void
|
||||
{
|
||||
$fileSize = filesize($absolutePath);
|
||||
if ($fileSize === false || $fileSize < 0) {
|
||||
http_response_code(500);
|
||||
echo 'Unable to read file metadata';
|
||||
exit;
|
||||
}
|
||||
|
||||
$lastModifiedTs = filemtime($absolutePath);
|
||||
if ($lastModifiedTs === false) {
|
||||
$lastModifiedTs = time();
|
||||
}
|
||||
|
||||
$mimeType = detectSafeMimeType($absolutePath, $relativePath);
|
||||
$isInlineSvg = ($mimeType === 'image/svg+xml');
|
||||
$isMedia = isMediaMimeType($mimeType);
|
||||
$etag = buildEtag($absolutePath, $fileSize, $lastModifiedTs);
|
||||
|
||||
$ifNoneMatch = trim((string)($_SERVER['HTTP_IF_NONE_MATCH'] ?? ''));
|
||||
if ($ifNoneMatch !== '' && requestEtagMatches($ifNoneMatch, $etag)) {
|
||||
sendNotModified($etag, $lastModifiedTs, $isMedia, $isInlineSvg);
|
||||
}
|
||||
|
||||
$ifModifiedSince = trim((string)($_SERVER['HTTP_IF_MODIFIED_SINCE'] ?? ''));
|
||||
if ($ifNoneMatch === '' && $ifModifiedSince !== '' && requestNotModifiedSince($ifModifiedSince, $lastModifiedTs)) {
|
||||
sendNotModified($etag, $lastModifiedTs, $isMedia, $isInlineSvg);
|
||||
}
|
||||
|
||||
$useXSendfile = shouldUseXSendfile();
|
||||
|
||||
$rangeRequest = ['status' => 'none'];
|
||||
if ($isMedia && !$useXSendfile) {
|
||||
$rangeRequest = parseRangeHeader((string)($_SERVER['HTTP_RANGE'] ?? ''), $fileSize);
|
||||
if ($rangeRequest['status'] === 'invalid') {
|
||||
sendRangeNotSatisfiable($fileSize, $etag, $lastModifiedTs, $isMedia);
|
||||
}
|
||||
}
|
||||
|
||||
sendSharedSecurityHeaders($isInlineSvg);
|
||||
sendCacheHeaders($isMedia);
|
||||
|
||||
header('Content-Type: ' . $mimeType);
|
||||
header('ETag: "' . $etag . '"');
|
||||
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModifiedTs) . ' GMT');
|
||||
header('Content-Disposition: inline; filename="' . sanitizeFilenameForHeader(basename($absolutePath)) . '"');
|
||||
|
||||
if ($isMedia) {
|
||||
header('Accept-Ranges: bytes');
|
||||
}
|
||||
|
||||
if ($useXSendfile) {
|
||||
header('X-Sendfile: ' . $absolutePath);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($rangeRequest['status'] !== 'none' || ALLOW_PHP_STREAM_FALLBACK || !USE_X_SENDFILE) {
|
||||
streamFileWithPhp($absolutePath, $fileSize, $headOnly, $rangeRequest);
|
||||
}
|
||||
|
||||
// X-Sendfile requested, but not available and fallback disabled.
|
||||
http_response_code(503);
|
||||
echo 'File delivery backend unavailable';
|
||||
exit;
|
||||
}
|
||||
|
||||
function sendSharedSecurityHeaders(bool $isInlineSvg = false): void
|
||||
{
|
||||
if ($isInlineSvg) {
|
||||
// Inline SVG only for image requests with a strict CSP.
|
||||
header("Content-Security-Policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'; script-src 'none'; object-src 'none'; base-uri 'none'; sandbox");
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
return;
|
||||
}
|
||||
|
||||
header("Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; sandbox");
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
}
|
||||
|
||||
function sendCacheHeaders(bool $isMedia): void
|
||||
{
|
||||
if ($isMedia) {
|
||||
header('Cache-Control: private, max-age=' . (string)MEDIA_CACHE_MAX_AGE . ', must-revalidate');
|
||||
return;
|
||||
}
|
||||
|
||||
header('Cache-Control: private, no-store, no-cache, must-revalidate, max-age=0');
|
||||
header('Pragma: no-cache');
|
||||
header('Expires: 0');
|
||||
}
|
||||
|
||||
function sendNotModified(string $etag, int $lastModifiedTs, bool $isMedia, bool $isInlineSvg = false): void
|
||||
{
|
||||
http_response_code(304);
|
||||
sendSharedSecurityHeaders($isInlineSvg);
|
||||
sendCacheHeaders($isMedia);
|
||||
header('ETag: "' . $etag . '"');
|
||||
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModifiedTs) . ' GMT');
|
||||
exit;
|
||||
}
|
||||
|
||||
function sendRangeNotSatisfiable(int $fileSize, string $etag, int $lastModifiedTs, bool $isMedia): void
|
||||
{
|
||||
http_response_code(416);
|
||||
sendSharedSecurityHeaders();
|
||||
sendCacheHeaders($isMedia);
|
||||
header('ETag: "' . $etag . '"');
|
||||
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModifiedTs) . ' GMT');
|
||||
header('Content-Range: bytes */' . (string)$fileSize);
|
||||
exit;
|
||||
}
|
||||
|
||||
function shouldUseXSendfile(): bool
|
||||
{
|
||||
if (!USE_X_SENDFILE) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!function_exists('apache_get_modules')) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$modules = apache_get_modules();
|
||||
return in_array('mod_xsendfile', $modules, true) || in_array('mod_xsendfile.c', $modules, true);
|
||||
}
|
||||
|
||||
function streamFileWithPhp(string $absolutePath, int $fileSize, bool $headOnly, array $rangeRequest): void
|
||||
{
|
||||
$start = 0;
|
||||
$end = $fileSize > 0 ? $fileSize - 1 : 0;
|
||||
$statusCode = 200;
|
||||
|
||||
if ($rangeRequest['status'] === 'range') {
|
||||
$start = $rangeRequest['start'];
|
||||
$end = $rangeRequest['end'];
|
||||
$statusCode = 206;
|
||||
header('Content-Range: bytes ' . $start . '-' . $end . '/' . $fileSize);
|
||||
}
|
||||
|
||||
$length = ($fileSize > 0) ? ($end - $start + 1) : 0;
|
||||
|
||||
http_response_code($statusCode);
|
||||
header('Content-Length: ' . (string)$length);
|
||||
|
||||
if ($headOnly || $length <= 0) {
|
||||
exit;
|
||||
}
|
||||
|
||||
$handle = fopen($absolutePath, 'rb');
|
||||
if ($handle === false) {
|
||||
http_response_code(500);
|
||||
echo 'Unable to open file stream';
|
||||
exit;
|
||||
}
|
||||
|
||||
while (ob_get_level() > 0) {
|
||||
ob_end_clean();
|
||||
}
|
||||
|
||||
if ($start > 0) {
|
||||
fseek($handle, $start);
|
||||
}
|
||||
|
||||
$bytesRemaining = $length;
|
||||
while ($bytesRemaining > 0 && !feof($handle)) {
|
||||
$chunkSize = (int)min(STREAM_CHUNK_SIZE, $bytesRemaining);
|
||||
$buffer = fread($handle, $chunkSize);
|
||||
if ($buffer === false || $buffer === '') {
|
||||
break;
|
||||
}
|
||||
|
||||
echo $buffer;
|
||||
flush();
|
||||
$bytesRemaining -= strlen($buffer);
|
||||
}
|
||||
|
||||
fclose($handle);
|
||||
exit;
|
||||
}
|
||||
|
||||
function parseRangeHeader(string $rangeHeader, int $fileSize): array
|
||||
{
|
||||
$rangeHeader = trim($rangeHeader);
|
||||
if ($rangeHeader === '') {
|
||||
return ['status' => 'none'];
|
||||
}
|
||||
|
||||
if ($fileSize <= 0 || !str_starts_with($rangeHeader, 'bytes=')) {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
|
||||
$rangeValue = trim(substr($rangeHeader, 6));
|
||||
if ($rangeValue === '' || str_contains($rangeValue, ',')) {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
|
||||
if (!preg_match('/^(\d*)-(\d*)$/', $rangeValue, $matches)) {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
|
||||
$startRaw = $matches[1];
|
||||
$endRaw = $matches[2];
|
||||
|
||||
if ($startRaw === '' && $endRaw === '') {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
|
||||
if ($startRaw === '') {
|
||||
$suffixLength = (int)$endRaw;
|
||||
if ($suffixLength <= 0) {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
|
||||
$suffixLength = min($suffixLength, $fileSize);
|
||||
$start = $fileSize - $suffixLength;
|
||||
$end = $fileSize - 1;
|
||||
|
||||
return ['status' => 'range', 'start' => $start, 'end' => $end];
|
||||
}
|
||||
|
||||
$start = (int)$startRaw;
|
||||
if ($start >= $fileSize) {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
|
||||
if ($endRaw === '') {
|
||||
$end = $fileSize - 1;
|
||||
} else {
|
||||
$end = (int)$endRaw;
|
||||
if ($end < $start) {
|
||||
return ['status' => 'invalid'];
|
||||
}
|
||||
$end = min($end, $fileSize - 1);
|
||||
}
|
||||
|
||||
return ['status' => 'range', 'start' => $start, 'end' => $end];
|
||||
}
|
||||
|
||||
function requestEtagMatches(string $ifNoneMatchHeader, string $etag): bool
|
||||
{
|
||||
$ifNoneMatchHeader = trim($ifNoneMatchHeader);
|
||||
if ($ifNoneMatchHeader === '*') {
|
||||
return true;
|
||||
}
|
||||
|
||||
$parts = explode(',', $ifNoneMatchHeader);
|
||||
foreach ($parts as $part) {
|
||||
$candidate = trim($part);
|
||||
if ($candidate === '') {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (str_starts_with($candidate, 'W/')) {
|
||||
$candidate = substr($candidate, 2);
|
||||
}
|
||||
|
||||
$candidate = trim($candidate, " \t\n\r\0\x0B\"");
|
||||
if ($candidate === $etag) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
function requestNotModifiedSince(string $ifModifiedSinceHeader, int $lastModifiedTs): bool
|
||||
{
|
||||
$requestTs = strtotime($ifModifiedSinceHeader);
|
||||
if ($requestTs === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $lastModifiedTs <= $requestTs;
|
||||
}
|
||||
|
||||
function buildEtag(string $absolutePath, int $fileSize, int $lastModifiedTs): string
|
||||
{
|
||||
return sha1($absolutePath . '|' . $fileSize . '|' . $lastModifiedTs);
|
||||
}
|
||||
|
||||
function isMediaMimeType(string $mimeType): bool
|
||||
{
|
||||
$normalized = strtolower(trim($mimeType));
|
||||
if ($normalized === '') {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (str_starts_with($normalized, 'image/') || str_starts_with($normalized, 'video/') || str_starts_with($normalized, 'audio/')) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return in_array($normalized, [
|
||||
'application/dash+xml',
|
||||
'application/x-mpegurl',
|
||||
'application/vnd.apple.mpegurl',
|
||||
'vnd.apple.mpegurl',
|
||||
], true);
|
||||
}
|
||||
|
||||
function detectSafeMimeType(string $absolutePath, string $relativePath): string
|
||||
{
|
||||
$mimeType = 'application/octet-stream';
|
||||
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
if ($finfo !== false) {
|
||||
$detected = finfo_file($finfo, $absolutePath);
|
||||
finfo_close($finfo);
|
||||
|
||||
if (is_string($detected) && $detected !== '') {
|
||||
$mimeType = $detected;
|
||||
}
|
||||
}
|
||||
|
||||
$dangerousMimeTypes = [
|
||||
'text/html',
|
||||
'application/xhtml+xml',
|
||||
'image/svg+xml',
|
||||
'text/xml',
|
||||
'application/xml',
|
||||
'text/xsl',
|
||||
'application/javascript',
|
||||
'text/javascript',
|
||||
];
|
||||
|
||||
if ($mimeType === 'image/svg+xml' && shouldServeSvgInline($relativePath)) {
|
||||
return $mimeType;
|
||||
}
|
||||
|
||||
if (in_array($mimeType, $dangerousMimeTypes, true)) {
|
||||
return 'application/octet-stream';
|
||||
}
|
||||
|
||||
return $mimeType;
|
||||
}
|
||||
|
||||
function shouldServeSvgInline(string $relativePath): bool
|
||||
{
|
||||
if (!ENABLE_INLINE_SVG_FOR_IMAGE_REQUESTS) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$fetchDest = strtolower(trim((string)($_SERVER['HTTP_SEC_FETCH_DEST'] ?? '')));
|
||||
if ($fetchDest !== '' && $fetchDest !== 'image') {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($fetchDest === '') {
|
||||
$accept = strtolower(trim((string)($_SERVER['HTTP_ACCEPT'] ?? '')));
|
||||
if ($accept === '' || !str_contains($accept, 'image/')) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$normalizedPath = strtolower(ltrim(str_replace('\\', '/', $relativePath), '/'));
|
||||
if ($normalizedPath === '') {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (INLINE_SVG_ALLOWED_PATH_PREFIXES === []) {
|
||||
return true;
|
||||
}
|
||||
|
||||
foreach (INLINE_SVG_ALLOWED_PATH_PREFIXES as $prefix) {
|
||||
$normalizedPrefix = strtolower(ltrim(str_replace('\\', '/', (string)$prefix), '/'));
|
||||
if ($normalizedPrefix === '') {
|
||||
continue;
|
||||
}
|
||||
|
||||
$normalizedPrefix = rtrim($normalizedPrefix, '/') . '/';
|
||||
if (str_starts_with($normalizedPath, $normalizedPrefix)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
function sanitizeFilenameForHeader(string $filename): string
|
||||
{
|
||||
return preg_replace('/[^A-Za-z0-9._-]/', '_', $filename) ?? 'download';
|
||||
}
|
||||
|
||||
function isSecureConnection(): bool
|
||||
{
|
||||
$https = strtolower((string)($_SERVER['HTTPS'] ?? ''));
|
||||
if ($https !== '' && $https !== 'off') {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ((int)($_SERVER['SERVER_PORT'] ?? 80) === 443) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (TRUSTED_PROXY_HEADER) {
|
||||
$forwardedProto = strtolower((string)($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? ''));
|
||||
return $forwardedProto === 'https';
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
@@ -237,6 +237,15 @@ if ($GLOBALS["site"]["use_session_id"]) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
// // Temporary debug switch for test environment
|
||||
// if (isset($_SESSION['login_id']) && (int)$_SESSION['login_id'] === 827) {
|
||||
// $_SESSION['login_id'] = 1054; // Rainer Braun
|
||||
|
||||
// // Clear stale user-related globals
|
||||
// unset($GLOBALS['main_contact']);
|
||||
// unset($GLOBALS['admin_user_frontend']);
|
||||
// }
|
||||
|
||||
if (!$GLOBALS["site"]["use_session_id"]) {
|
||||
|
||||
}
|
||||
|
||||
@@ -37,15 +37,17 @@ switch ($_GET["action"]) {
|
||||
break;
|
||||
}
|
||||
|
||||
function open_card() {?>
|
||||
function open_card()
|
||||
{ ?>
|
||||
<script type="text/javascript">
|
||||
openCardOnStart = true;
|
||||
openCardAction = 'new';
|
||||
</script>
|
||||
<?php }
|
||||
|
||||
function edit_contact( $_id = "", $messages = array() ) {
|
||||
if ((int)$_id > 0) {
|
||||
function edit_contact($_id = "", $messages = array())
|
||||
{
|
||||
if ((int) $_id > 0) {
|
||||
$input_id = $_id;
|
||||
} else {
|
||||
$input_id = $_POST["input_id"];
|
||||
@@ -72,9 +74,9 @@ function edit_contact( $_id = "", $messages = array() ) {
|
||||
$result = $pdo->getResultArray();
|
||||
|
||||
if (count($result) == 1) {
|
||||
$input_contact = $result[0];
|
||||
$input_contact = $result[0];
|
||||
$input_contact["password"] = "nochange";
|
||||
echo "<script>console.log('".$input_id."')</script>";
|
||||
echo "<script>console.log('" . $input_id . "')</script>";
|
||||
require_once("edit_contact_cardform.inc.php");
|
||||
}
|
||||
} else {
|
||||
@@ -83,16 +85,17 @@ function edit_contact( $_id = "", $messages = array() ) {
|
||||
}
|
||||
}
|
||||
|
||||
function delete_contact($curr_contact_id) {
|
||||
function delete_contact($curr_contact_id)
|
||||
{
|
||||
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
||||
if ($_POST["input_id"] <> '') {
|
||||
if ($_POST["input_id"] <> $curr_contact_id) {
|
||||
$query = "DELETE FROM main_contact WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
|
||||
$query = "DELETE FROM main_contact WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
$deleteDepartment = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_department WHERE main_contact_id=".$_POST["input_id"]);
|
||||
$deletePermission = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=".$_POST["input_id"]);
|
||||
$deleteProfileContent = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_profile_content WHERE main_contact_id=".$_POST["input_id"]);
|
||||
$deleteSkills = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_skills WHERE main_contact_id=".$_POST["input_id"]);
|
||||
$deleteDepartment = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_department WHERE main_contact_id=" . $_POST["input_id"]);
|
||||
$deletePermission = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=" . $_POST["input_id"]);
|
||||
$deleteProfileContent = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_profile_content WHERE main_contact_id=" . $_POST["input_id"]);
|
||||
$deleteSkills = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_skills WHERE main_contact_id=" . $_POST["input_id"]);
|
||||
} else {
|
||||
header('EDIT_ERROR: 1');
|
||||
$messages[] = "<div class=\"errorbox\">" . $translation->get("contact_error5") . "</div>";
|
||||
@@ -102,17 +105,27 @@ function delete_contact($curr_contact_id) {
|
||||
require_once("edit_contact_listform.inc.php");
|
||||
}
|
||||
|
||||
function save_contact() {
|
||||
$messages = array();
|
||||
$error = FALSE;
|
||||
$input_id = "";
|
||||
|
||||
// Hinweis:
|
||||
// Da die Mandanten-Auswahl im Frontend aktuell deaktiviert ist (kein change_mandant möglich),
|
||||
// wird der current_mandant_id beim Speichern eines Kontakts immer auf den master_mandant_id gesetzt.
|
||||
// Hintergrund: Ohne sichtbaren Mandantenwechsel bleibt der alte current_mandant bestehen,
|
||||
// was zu falscher Darstellung im Profil (z.B. falsche Rolle/Bereich) führt.
|
||||
// Durch diese Anpassung wird sichergestellt, dass der Benutzer immer im korrekten Mandanten geladen wird.
|
||||
//
|
||||
// -> Fix implementiert von FA Ticket T26-1218 ∙ Fehlerhafte Darstellung Intranet
|
||||
function save_contact()
|
||||
{
|
||||
$messages = array();
|
||||
$error = FALSE;
|
||||
$input_id = "";
|
||||
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
||||
if($_POST['input_password'] != ""){
|
||||
if ($_POST['input_password'] != "") {
|
||||
$password = md5($_POST['input_password']);
|
||||
$query = "UPDATE main_contact SET
|
||||
password = '".$password."'
|
||||
WHERE id = '".$_POST['input_id']."' LIMIT 1";
|
||||
@mysqli_query($GLOBALS['mysql_con'],$query);
|
||||
password = '" . $password . "'
|
||||
WHERE id = '" . $_POST['input_id'] . "' LIMIT 1";
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
}
|
||||
$birthday = new DateTime($_POST['input_birthday']);
|
||||
|
||||
@@ -130,10 +143,11 @@ function save_contact() {
|
||||
birthday = '" . $birthday->format('Y-m-d') . "',
|
||||
phone_no = '" . $_POST['input_phone_no'] . "',
|
||||
birthday_state = '" . $_POST['input_birthday_state'] . "',
|
||||
master_mandant_id = '" . $_POST['master_mandant_id'] . "'
|
||||
master_mandant_id = '" . $_POST['master_mandant_id'] . "',
|
||||
current_mandant_id = '" . $_POST['master_mandant_id'] . "'
|
||||
WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
|
||||
} else {
|
||||
$query = "INSERT INTO main_contact (id, name, email, shortcut, password, address, post_code, city, birthday, birthday_state, phone_no, cost_center, master_mandant_id, current_mandant_id, active) VALUES (
|
||||
$query = "INSERT INTO main_contact (id, name, email, shortcut, password, address, post_code, city, birthday, birthday_state, phone_no, cost_center, master_mandant_id, current_mandant_id, active) VALUES (
|
||||
NULL,
|
||||
'" . $_POST['input_name'] . "',
|
||||
'" . $_POST['input_email'] . "',
|
||||
@@ -152,7 +166,7 @@ function save_contact() {
|
||||
)";
|
||||
$inserted = TRUE;
|
||||
}
|
||||
|
||||
|
||||
// $query_shortcut = "SELECT * FROM main_contact WHERE shortcut = '".$_POST['input_shortcut']."'";
|
||||
// $result_shortcut = @mysqli_query($GLOBALS['mysql_con'], $query_shortcut);
|
||||
// if(@mysqli_num_rows($result_shortcut) >= 1 && $inserted == TRUE){
|
||||
@@ -163,90 +177,121 @@ function save_contact() {
|
||||
if (!$error) {
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
if ($inserted == TRUE) {
|
||||
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
|
||||
$query2 = "INSERT INTO main_contact_profile_content (id, main_contact_id) VALUES (
|
||||
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
|
||||
$query2 = "INSERT INTO main_contact_profile_content (id, main_contact_id) VALUES (
|
||||
NULL,
|
||||
'" . $input_id. "'
|
||||
'" . $input_id . "'
|
||||
)";
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query2);
|
||||
$messages[] = '<div class="successbox">' . $translation->get("contact_msg_success1") . '</div>';
|
||||
} else {
|
||||
$messages[] = '<div class="successbox">' . $translation->get("contact_msg_success2") . '</div>';
|
||||
}
|
||||
if(isset($_FILES) && $_FILES['input_image']['size'] != 0 ){
|
||||
}
|
||||
if (isset($_FILES) && $_FILES['input_image']['size'] != 0) {
|
||||
$fileName = saveImage('input_image', $input_id);
|
||||
$query = "UPDATE main_contact SET
|
||||
image = '" . $fileName. "'
|
||||
image = '" . $fileName . "'
|
||||
WHERE id = '" . $input_id . "' LIMIT 1";
|
||||
@mysqli_query($GLOBALS['mysql_con'],$query);
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
}
|
||||
save_mandant_link($_POST, $input_id);
|
||||
save_permission($input_id);
|
||||
echo "<script>console.log('".$input_id."')</script>";
|
||||
echo "<script>console.log('" . $input_id . "')</script>";
|
||||
edit_contact($input_id, $messages);
|
||||
} else {
|
||||
header('EDIT_ERROR: 1');
|
||||
$input_contact["id"] = $_POST["input_id"];
|
||||
$input_contact["name"] = $_POST["input_name"];
|
||||
$input_contact["email"] = $_POST["input_email"];
|
||||
$input_contact["login"] = $_POST["input_login"];
|
||||
$input_contact["id"] = $_POST["input_id"];
|
||||
$input_contact["name"] = $_POST["input_name"];
|
||||
$input_contact["email"] = $_POST["input_email"];
|
||||
$input_contact["login"] = $_POST["input_login"];
|
||||
require_once("edit_contact_cardform.inc.php");
|
||||
}
|
||||
}
|
||||
|
||||
function report_new_emp() {
|
||||
function report_new_emp()
|
||||
{
|
||||
|
||||
$message = "Neuer Mitarbeiter wurde registriert!" .
|
||||
"<br> Name:" . $_POST['input_name'] .
|
||||
"<br> Email:" . $_POST['input_email'];
|
||||
"<br> Name:" . $_POST['input_name'] .
|
||||
"<br> Email:" . $_POST['input_email'];
|
||||
|
||||
if (mail_create("Neuer Mitarbeiter", // titel
|
||||
$message,
|
||||
"intranet@awo-hamburg.de", // wer send
|
||||
"helpdesk@awo-hamburg.de", // wer kriegt
|
||||
"AWO Hamburg", // name des senders
|
||||
"AWO Hamburg IT", // name des empfängers
|
||||
FALSE,
|
||||
$file, "", "", 0, "", $spid)) {
|
||||
if (
|
||||
mail_create(
|
||||
"Neuer Mitarbeiter", // titel
|
||||
$message,
|
||||
"intranet@awo-hamburg.de", // wer send
|
||||
"helpdesk@awo-hamburg.de", // wer kriegt
|
||||
"AWO Hamburg", // name des senders
|
||||
"AWO Hamburg IT", // name des empfängers
|
||||
FALSE,
|
||||
$file,
|
||||
"",
|
||||
"",
|
||||
0,
|
||||
"",
|
||||
$spid
|
||||
)
|
||||
) {
|
||||
mail_send();
|
||||
}
|
||||
}
|
||||
function report_emp_dismissal() {
|
||||
function report_emp_dismissal()
|
||||
{
|
||||
|
||||
$message = "Der Mitarbeiter muss entlassen werden!" .
|
||||
"<br> Name:" . $_POST['input_name'] .
|
||||
"<br> Email:" . $_POST['input_email'];
|
||||
"<br> Name:" . $_POST['input_name'] .
|
||||
"<br> Email:" . $_POST['input_email'];
|
||||
|
||||
if (mail_create("Mitarbeiter entlassen!", // titel
|
||||
$message,
|
||||
"intranet@awo-hamburg.de", // wer send
|
||||
"helpdesk@awo-hamburg.de", // wer kriegt
|
||||
"AWO Hamburg", // name des senders
|
||||
"AWO Hamburg IT", // name des empfängers
|
||||
FALSE,
|
||||
$file, "", "", 0, "", $spid)) {
|
||||
if (
|
||||
mail_create(
|
||||
"Mitarbeiter entlassen!", // titel
|
||||
$message,
|
||||
"intranet@awo-hamburg.de", // wer send
|
||||
"helpdesk@awo-hamburg.de", // wer kriegt
|
||||
"AWO Hamburg", // name des senders
|
||||
"AWO Hamburg IT", // name des empfängers
|
||||
FALSE,
|
||||
$file,
|
||||
"",
|
||||
"",
|
||||
0,
|
||||
"",
|
||||
$spid
|
||||
)
|
||||
) {
|
||||
mail_send();
|
||||
}
|
||||
}
|
||||
function hausausweis_request() {
|
||||
function hausausweis_request()
|
||||
{
|
||||
|
||||
$message = "Der Mitarbeiter soll einen Hausausweis erhalten!" .
|
||||
"<br> Name:" . $_POST['input_name'] .
|
||||
"<br> Email:" . $_POST['input_email'];
|
||||
"<br> Name:" . $_POST['input_name'] .
|
||||
"<br> Email:" . $_POST['input_email'];
|
||||
|
||||
if (mail_create("Der Mitarbeiter soll einen Hausausweis erhalten!", // titel
|
||||
$message,
|
||||
"intranet@awo-hamburg.de", // wer send
|
||||
"helpdesk@awo-hamburg.de", // wer kriegt
|
||||
"AWO Hamburg", // name des senders
|
||||
"AWO Hamburg IT", // name des empfängers
|
||||
FALSE,
|
||||
$file, "", "", 0, "", $spid)) {
|
||||
if (
|
||||
mail_create(
|
||||
"Der Mitarbeiter soll einen Hausausweis erhalten!", // titel
|
||||
$message,
|
||||
"intranet@awo-hamburg.de", // wer send
|
||||
"helpdesk@awo-hamburg.de", // wer kriegt
|
||||
"AWO Hamburg", // name des senders
|
||||
"AWO Hamburg IT", // name des empfängers
|
||||
FALSE,
|
||||
$file,
|
||||
"",
|
||||
"",
|
||||
0,
|
||||
"",
|
||||
$spid
|
||||
)
|
||||
) {
|
||||
mail_send();
|
||||
}
|
||||
}
|
||||
|
||||
function saveImage($filekey, $input_id){
|
||||
function saveImage($filekey, $input_id)
|
||||
{
|
||||
$erlaubte_endungen = array("jpg", "jpeg", "gif", "png");
|
||||
$filename = strtolower($_FILES[$filekey]['name']);
|
||||
$filename_expl = explode(".", $filename);
|
||||
@@ -254,7 +299,7 @@ function saveImage($filekey, $input_id){
|
||||
$messages = "<div class='errorbox'>" . $translation->get("error_slideshow_line2") . "</div>\n";
|
||||
$error = TRUE;
|
||||
}
|
||||
|
||||
|
||||
$saveFilename = $input_id . "_" . time() . "_" . cleanFilename($_FILES[$filekey]['name']);
|
||||
|
||||
require_once("intranet_config.inc.php");
|
||||
@@ -262,53 +307,55 @@ function saveImage($filekey, $input_id){
|
||||
|
||||
return $saveFilename;
|
||||
}
|
||||
function delete_contact_image(){
|
||||
function delete_contact_image()
|
||||
{
|
||||
$contact_id = $_POST['input_id'];
|
||||
$query = "SELECT * FROM main_contact WHERE id =".$contact_id." LIMIT 1";
|
||||
$query = "SELECT * FROM main_contact WHERE id =" . $contact_id . " LIMIT 1";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
$contact = @mysqli_fetch_array($result);
|
||||
|
||||
if(!empty($contact)){
|
||||
if (!empty($contact)) {
|
||||
$filename = $contact['image'];
|
||||
require_once("intranet_config.inc.php");
|
||||
|
||||
|
||||
if (file_exists(PATH_CONTACT . $filename)) {
|
||||
unlink(PATH_CONTACT . $filename);
|
||||
}
|
||||
}
|
||||
$query = "UPDATE main_contact SET
|
||||
image = ''
|
||||
WHERE id = '" . $contact_id . "' LIMIT 1";
|
||||
WHERE id = '" . $contact_id . "' LIMIT 1";
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
}
|
||||
edit_contact();
|
||||
}
|
||||
|
||||
|
||||
function save_mandant_link($contacts, $contact_id) {
|
||||
function save_mandant_link($contacts, $contact_id)
|
||||
{
|
||||
// $contact_id als Integer absichern
|
||||
$contact_id = intval($contact_id);
|
||||
|
||||
|
||||
// Vorherige Einträge löschen
|
||||
$deleteQuery = "DELETE FROM main_contact_department WHERE main_contact_id='" . $contact_id . "'";
|
||||
mysqli_query($GLOBALS["mysql_con"], $deleteQuery);
|
||||
|
||||
mysqli_query($GLOBALS["mysql_con"], $deleteQuery);
|
||||
|
||||
// Array initialisieren
|
||||
$mandants = array();
|
||||
|
||||
|
||||
// Mandant-Werte aus $contacts extrahieren
|
||||
foreach ($contacts as $key => $value) {
|
||||
if (strpos($key, needle: 'input_mandant_') === 0 && $value != 0) {
|
||||
$mandants[] = $value;
|
||||
} elseif (strpos($key, needle: 'input_mandant_') === 1 && $value == 0 ) {
|
||||
$mandants[] = $value;
|
||||
} elseif (strpos($key, needle: 'input_mandant_') === 1 && $value == 0) {
|
||||
$mandants[] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Falls $mandants nicht leer ist, Einträge einfügen
|
||||
for ($i = 0; $i < count($mandants); $i++) {
|
||||
// Wert absichern
|
||||
$mandantEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $mandants[$i]);
|
||||
|
||||
|
||||
$query = "INSERT INTO main_contact_department
|
||||
(main_contact_id, main_mandant_id, sorting)
|
||||
VALUES (
|
||||
@@ -316,49 +363,53 @@ function save_mandant_link($contacts, $contact_id) {
|
||||
'" . $mandantEscaped . "',
|
||||
'" . ($i + 1) . "'
|
||||
)";
|
||||
|
||||
|
||||
mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
// Falls du die eingefügte ID benötigst:
|
||||
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
|
||||
|
||||
if ($i === 0) {
|
||||
$query2 = "UPDATE main_contact SET master_mandant_id = " . $mandantEscaped . " WHERE id = " . $contact_id;
|
||||
mysqli_query($GLOBALS['mysql_con'], $query2);
|
||||
}
|
||||
if ($i === 0) {
|
||||
$query2 = "UPDATE main_contact
|
||||
SET master_mandant_id = " . $mandantEscaped . ",
|
||||
current_mandant_id = " . $mandantEscaped . "
|
||||
WHERE id = " . $contact_id;
|
||||
mysqli_query($GLOBALS['mysql_con'], $query2);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Weitere Verarbeitung
|
||||
save_contact_department($contacts, $contact_id);
|
||||
}
|
||||
|
||||
function save_contact_department($contacts, $contact_id) {
|
||||
function save_contact_department($contacts, $contact_id)
|
||||
{
|
||||
// Arrays initialisieren
|
||||
$mandants = [];
|
||||
$departments = [];
|
||||
$roles = [];
|
||||
$bereiches = [];
|
||||
$mandants = [];
|
||||
$departments = [];
|
||||
$roles = [];
|
||||
$bereiches = [];
|
||||
$einrichtungs = [];
|
||||
$phone_numbers = [];
|
||||
$emails = [];
|
||||
$emails = [];
|
||||
|
||||
// Durchlaufe alle Einträge in $contacts und fülle die jeweiligen Arrays
|
||||
foreach ($contacts as $key => $value) {
|
||||
if (strpos($key, 'input_mandant_') === 0) {
|
||||
if ($value != 0) {
|
||||
$mandants[] = $value;
|
||||
$mandants[] = $value;
|
||||
}
|
||||
} elseif (strpos($key, 'input_department_') === 0) {
|
||||
$departments[] = $value;
|
||||
$departments[] = $value;
|
||||
} elseif (strpos($key, 'input_role_') === 0) {
|
||||
$roles[] = $value;
|
||||
$roles[] = $value;
|
||||
} elseif (strpos($key, 'input_bereiche_') === 0) {
|
||||
$bereiches[] = $value;
|
||||
$bereiches[] = $value;
|
||||
} elseif (strpos($key, 'input_einrichtung_') === 0) {
|
||||
$einrichtungs[] = $value;
|
||||
} elseif (strpos($key, 'input_phone_no_') === 0) {
|
||||
$phone_numbers[] = $value;
|
||||
$phone_numbers[] = $value;
|
||||
} elseif (strpos($key, 'input_email_') === 0) {
|
||||
$emails[] = $value;
|
||||
$emails[] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -367,13 +418,13 @@ function save_contact_department($contacts, $contact_id) {
|
||||
try {
|
||||
for ($i = 0; $i < count($mandants); $i++) {
|
||||
// Werte absichern
|
||||
$departmentEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $departments[$i]);
|
||||
$roleEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $roles[$i]);
|
||||
$bereichEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $bereiches[$i]);
|
||||
$departmentEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $departments[$i]);
|
||||
$roleEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $roles[$i]);
|
||||
$bereichEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $bereiches[$i]);
|
||||
$einrichtungEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $einrichtungs[$i]);
|
||||
$phoneEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $phone_numbers[$i]);
|
||||
$emailEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $emails[$i]);
|
||||
|
||||
$phoneEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $phone_numbers[$i]);
|
||||
$emailEscaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $emails[$i]);
|
||||
|
||||
// SQL-Abfrage zum Update
|
||||
$query = "UPDATE main_contact_department
|
||||
SET
|
||||
@@ -387,7 +438,7 @@ function save_contact_department($contacts, $contact_id) {
|
||||
main_contact_id = '" . intval($contact_id) . "'
|
||||
AND sorting = '" . ($i + 1) . "'
|
||||
LIMIT 1";
|
||||
|
||||
|
||||
mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
}
|
||||
} catch (\Throwable $th) {
|
||||
@@ -397,17 +448,18 @@ function save_contact_department($contacts, $contact_id) {
|
||||
}
|
||||
}
|
||||
|
||||
function load_mandant_list($contact){
|
||||
function load_mandant_list($contact)
|
||||
{
|
||||
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
||||
|
||||
$query = "SELECT * FROM main_mandant";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
while($mandant = @mysqli_fetch_array($result)) {
|
||||
while ($mandant = @mysqli_fetch_array($result)) {
|
||||
$mandant_id = $mandant['id'];
|
||||
|
||||
$check_master_mandant = ($contact['master_mandant_id'] == $mandant_id) ? 'checked' : '';
|
||||
|
||||
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '".$contact['id']."' AND main_mandant_id = '".$mandant_id."'";
|
||||
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '" . $contact['id'] . "' AND main_mandant_id = '" . $mandant_id . "'";
|
||||
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
|
||||
$contact_link = @mysqli_fetch_array($result_contact);
|
||||
|
||||
@@ -422,16 +474,21 @@ function load_mandant_list($contact){
|
||||
?>
|
||||
<tr>
|
||||
<td><?= $mandant['description'] ?></td>
|
||||
<td><input class="checkbox_square" type="checkbox" name="active_<?= $mandant_id?>" <?= $check_active ?>></td>
|
||||
<td><input class="checkbox_square" type="radio" name="master_mandant_id" value='<?= $mandant_id?>' <?= $check_master_mandant ?>></td>
|
||||
<td><?= input_select_from_sql("", "input_department_".$mandant_id, $query_department, $contact_link['main_department_id'], FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input_select_from_sql_bereich("", "input_bereiche_".$mandant_id, $query_bereich, $contact_link['main_bereich_id'], FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input_select_from_sql_ein("", "input_einrichtung_".$mandant_id, $query_einricht, $contact_link['main_einricht_id'], FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input_select_from_sql("", "input_role_".$mandant_id, $query_role, $contact_link['main_role_id'], FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input("", "input_phone_no_".$mandant_id, "text", $contact_link["phone_no"], 100); ?></td>
|
||||
<td><?= input("", "input_email_".$mandant_id, "text", $contact_link["email"], 100); ?></td>
|
||||
<!-- <?php if ($GLOBALS['admin_user']['control_permissions'] == 1){?>
|
||||
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant_id?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
|
||||
<td><input class="checkbox_square" type="checkbox" name="active_<?= $mandant_id ?>" <?= $check_active ?>></td>
|
||||
<td><input class="checkbox_square" type="radio" name="master_mandant_id" value='<?= $mandant_id ?>'
|
||||
<?= $check_master_mandant ?>></td>
|
||||
<td><?= input_select_from_sql("", "input_department_" . $mandant_id, $query_department, $contact_link['main_department_id'], FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql_bereich("", "input_bereiche_" . $mandant_id, $query_bereich, $contact_link['main_bereich_id'], FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql_ein("", "input_einrichtung_" . $mandant_id, $query_einricht, $contact_link['main_einricht_id'], FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql("", "input_role_" . $mandant_id, $query_role, $contact_link['main_role_id'], FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input("", "input_phone_no_" . $mandant_id, "text", $contact_link["phone_no"], 100); ?></td>
|
||||
<td><?= input("", "input_email_" . $mandant_id, "text", $contact_link["email"], 100); ?></td>
|
||||
<!-- <?php if ($GLOBALS['admin_user']['control_permissions'] == 1) { ?>
|
||||
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant_id ?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
|
||||
<path id="shield-security" d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z" transform="translate(0 -0.375)"/></svg>
|
||||
</button>
|
||||
</td>
|
||||
@@ -443,17 +500,18 @@ function load_mandant_list($contact){
|
||||
|
||||
|
||||
|
||||
function load_mandant_list_new($contact){
|
||||
function load_mandant_list_new($contact)
|
||||
{
|
||||
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
||||
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '".$contact['id']."'";
|
||||
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '" . $contact['id'] . "'";
|
||||
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
|
||||
$contacts = [];
|
||||
$contacts = [];
|
||||
while ($contact_link = @mysqli_fetch_assoc($result_contact)) {
|
||||
$contacts[] = $contact_link;
|
||||
$contacts[] = $contact_link;
|
||||
}
|
||||
for ($i=1; $i < 10; $i++) {
|
||||
for ($i = 1; $i < 10; $i++) {
|
||||
|
||||
|
||||
|
||||
|
||||
// $check_active = ($contact_link['active'] == 1) ? 'checked' : '';
|
||||
|
||||
@@ -487,64 +545,80 @@ function load_mandant_list_new($contact){
|
||||
}
|
||||
?>
|
||||
<tr>
|
||||
<td><?= input_select_from_sql_mandant("", "input_mandant_".$i, $query_mandant, $mandant, FALSE, FALSE, "", TRUE);?></td>
|
||||
<td><?= input_select_from_sql("", "input_department_".$i, $query_department, $department, FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input_select_from_sql_bereich("", "input_bereiche_".$i, $query_bereich, $bereich, FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input_select_from_sql_ein("", "input_einrichtung_".$i, $query_einricht, $einricht, FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td><?= input_select_from_sql("", "input_role_".$i, $query_role, $role, FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td style="display: none;"><?= input("", "input_phone_no_".$i, "text", $phone, 100); ?></td>
|
||||
<td style="display: none;"><?= input("", "input_email_".$i, "text", $email, 100); ?></td>
|
||||
<?php if ($GLOBALS['admin_user']['control_permissions'] == 1){?>
|
||||
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
|
||||
<path id="shield-security" d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z" transform="translate(0 -0.375)"/></svg>
|
||||
<td><?= input_select_from_sql_mandant("", "input_mandant_" . $i, $query_mandant, $mandant, FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql("", "input_department_" . $i, $query_department, $department, FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql_bereich("", "input_bereiche_" . $i, $query_bereich, $bereich, FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql_ein("", "input_einrichtung_" . $i, $query_einricht, $einricht, FALSE, FALSE, "", TRUE); ?>
|
||||
</td>
|
||||
<td><?= input_select_from_sql("", "input_role_" . $i, $query_role, $role, FALSE, FALSE, "", TRUE); ?></td>
|
||||
<td style="display: none;"><?= input("", "input_phone_no_" . $i, "text", $phone, 100); ?></td>
|
||||
<td style="display: none;"><?= input("", "input_email_" . $i, "text", $email, 100); ?></td>
|
||||
<?php if ($GLOBALS['admin_user']['control_permissions'] == 1) { ?>
|
||||
<td><button class="pop_up_button svg_button" title="Berechtigung ändern"
|
||||
data-popup-id="popup-mandant-<?= $mandant ?>"><svg xmlns="http://www.w3.org/2000/svg" width="28.8"
|
||||
height="35.25" viewBox="0 0 28.8 35.25">
|
||||
<path id="shield-security"
|
||||
d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z"
|
||||
transform="translate(0 -0.375)" />
|
||||
</svg>
|
||||
</button>
|
||||
</td>
|
||||
<?php } ?>
|
||||
</tr>
|
||||
<?php
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function load_permission($contact){
|
||||
function load_permission($contact)
|
||||
{
|
||||
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
|
||||
|
||||
$query_mandant = "SELECT * FROM main_mandant";
|
||||
$result_mandant = @mysqli_query($GLOBALS['mysql_con'], $query_mandant);
|
||||
while($mandant = @mysqli_fetch_array($result_mandant)) {
|
||||
while ($mandant = @mysqli_fetch_array($result_mandant)) {
|
||||
$mandant_id = $mandant['id'];
|
||||
?>
|
||||
<div class='pop_up_element' id='popup-mandant-<?= $mandant_id?>'>
|
||||
<div class='pop_up_element' id='popup-mandant-<?= $mandant_id ?>'>
|
||||
<table class="mandant_table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Berechtigungen für: <span style="font-weight: bold;"><?= $mandant['description']?></span></th>
|
||||
<th>Berechtigungen für: <span style="font-weight: bold;"><?= $mandant['description'] ?></span></th>
|
||||
<th style="text-align: right;">Status</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
$query = "SELECT * FROM main_permission";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
while($permission = @mysqli_fetch_array($result)) {
|
||||
$query_contact = "SELECT * FROM main_contact_permission WHERE main_contact_id = ".$contact['id']." AND main_mandant_id = ".$mandant_id." AND main_permission_id = ".$permission['id'];
|
||||
$query = "SELECT * FROM main_permission";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
while ($permission = @mysqli_fetch_array($result)) {
|
||||
$check_permission = ($permission['default_active'] == 1) ? 'checked' : '';
|
||||
if (!empty($contact['id'])) {
|
||||
$query_contact = "SELECT * FROM main_contact_permission WHERE main_contact_id = " . intval($contact['id']) . " AND main_mandant_id = " . intval($mandant_id) . " AND main_permission_id = " . intval($permission['id']);
|
||||
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
|
||||
$row = @mysqli_fetch_array($result_contact);
|
||||
$check_permission = ($permission['default_active'] == 1) ? 'checked' : '';
|
||||
if(@mysqli_num_rows($result_contact) == 1){
|
||||
$check_permission = ($row['active'] == 1) ? 'checked' : '';
|
||||
}
|
||||
?>
|
||||
<?php if($permission['only_main_mandant'] == 1 && $mandant_id != $contact['master_mandant_id']){ ?>
|
||||
<tr class='inactive' title='Dieses Berechtigung kann nur im Hauptmandanten geändert werden'>
|
||||
<?php }else{ ?>
|
||||
<tr>
|
||||
<?php } ?>
|
||||
<td><?= $permission['description']?></td>
|
||||
<td class="watch_state_td" style="text-align: right;"><input class="checkbox_square watch_state" type="checkbox" name="active_<?= $mandant_id?>_<?= $permission['id']?>" <?= $check_permission ?>></td>
|
||||
</tr>
|
||||
<?php
|
||||
} else {
|
||||
$result_contact = false;
|
||||
}
|
||||
if ($result_contact && @mysqli_num_rows($result_contact) == 1) {
|
||||
$check_permission = ($row['active'] == 1) ? 'checked' : '';
|
||||
}
|
||||
?>
|
||||
<?php if ($permission['only_main_mandant'] == 1 && $mandant_id != $contact['master_mandant_id']) { ?>
|
||||
<tr class='inactive' title='Dieses Berechtigung kann nur im Hauptmandanten geändert werden'>
|
||||
<?php } else { ?>
|
||||
<tr>
|
||||
<?php } ?>
|
||||
<td><?= $permission['description'] ?></td>
|
||||
<td class="watch_state_td" style="text-align: right;"><input class="checkbox_square watch_state"
|
||||
type="checkbox" name="active_<?= $mandant_id ?>_<?= $permission['id'] ?>" <?= $check_permission ?>>
|
||||
</td>
|
||||
</tr>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</tbody>
|
||||
</table>
|
||||
@@ -552,23 +626,24 @@ function load_permission($contact){
|
||||
<?php }
|
||||
}
|
||||
|
||||
function save_permission($contact_id){
|
||||
$deleteLink = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=".$contact_id);
|
||||
function save_permission($contact_id)
|
||||
{
|
||||
$deleteLink = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=" . $contact_id);
|
||||
|
||||
$query_mandant = "SELECT * FROM main_mandant";
|
||||
$result_mandant = @mysqli_query($GLOBALS['mysql_con'], $query_mandant);
|
||||
while($mandant = @mysqli_fetch_array($result_mandant)) {
|
||||
while ($mandant = @mysqli_fetch_array($result_mandant)) {
|
||||
$query = "SELECT * FROM main_permission";
|
||||
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
while($permission = @mysqli_fetch_array($result)) {
|
||||
$active = ($_POST["active_".$mandant['id']."_".$permission['id']] == "on") ? '1' : '0';
|
||||
while ($permission = @mysqli_fetch_array($result)) {
|
||||
$active = ($_POST["active_" . $mandant['id'] . "_" . $permission['id']] == "on") ? '1' : '0';
|
||||
$query = "INSERT INTO main_contact_permission
|
||||
(main_contact_id, main_mandant_id, main_permission_id, active)
|
||||
VALUES (
|
||||
" . $contact_id . ",
|
||||
" . $contact_id . ",
|
||||
'" . $mandant['id'] . "',
|
||||
'" . $permission['id'] . "',
|
||||
'" . $active. "'
|
||||
'" . $active . "'
|
||||
)";
|
||||
@mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
}
|
||||
@@ -577,45 +652,46 @@ function save_permission($contact_id){
|
||||
?>
|
||||
|
||||
<script>
|
||||
$(document).ready(function() {
|
||||
// Funktion zur Aktualisierung des Status für eine einzelne Checkbox
|
||||
function updateStatus(checkbox) {
|
||||
if (checkbox.is(':checked')) {
|
||||
// Wenn die Checkbox ausgewählt ist, entfernen Sie das vorherige "inactive" span und fügen Sie ein "active" span hinzu
|
||||
checkbox.siblings('.inactive').remove();
|
||||
checkbox.after('<span class="active_span">Aktiv</span>');
|
||||
} else {
|
||||
// Wenn die Checkbox nicht ausgewählt ist, entfernen Sie das vorherige "active" span und fügen Sie ein "inactive" span hinzu
|
||||
checkbox.siblings('.active_span').remove();
|
||||
checkbox.after('<span class="inactive">Inaktiv</span>');
|
||||
$(document).ready(function () {
|
||||
// Funktion zur Aktualisierung des Status für eine einzelne Checkbox
|
||||
function updateStatus(checkbox) {
|
||||
if (checkbox.is(':checked')) {
|
||||
// Wenn die Checkbox ausgewählt ist, entfernen Sie das vorherige "inactive" span und fügen Sie ein "active" span hinzu
|
||||
checkbox.siblings('.inactive').remove();
|
||||
checkbox.after('<span class="active_span">Aktiv</span>');
|
||||
} else {
|
||||
// Wenn die Checkbox nicht ausgewählt ist, entfernen Sie das vorherige "active" span und fügen Sie ein "inactive" span hinzu
|
||||
checkbox.siblings('.active_span').remove();
|
||||
checkbox.after('<span class="inactive">Inaktiv</span>');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Überwachen Sie Änderungen am Status der Checkbox
|
||||
$('.watch_state').change(function() {
|
||||
// Rufen Sie die Funktion auf, um den Status nur für die angeklickte Checkbox zu aktualisieren
|
||||
updateStatus($(this));
|
||||
});
|
||||
// Überwachen Sie Änderungen am Status der Checkbox
|
||||
$('.watch_state').change(function () {
|
||||
// Rufen Sie die Funktion auf, um den Status nur für die angeklickte Checkbox zu aktualisieren
|
||||
updateStatus($(this));
|
||||
});
|
||||
|
||||
// Rufen Sie die Funktion zum ersten Mal auf, um den Anfangszustand festzulegen
|
||||
$('.watch_state').each(function() {
|
||||
updateStatus($(this));
|
||||
// Rufen Sie die Funktion zum ersten Mal auf, um den Anfangszustand festzulegen
|
||||
$('.watch_state').each(function () {
|
||||
updateStatus($(this));
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
|
||||
<?php
|
||||
function load_absence_contact($main_contact){
|
||||
function load_absence_contact($main_contact)
|
||||
{
|
||||
$query = "SELECT * FROM main_contact";
|
||||
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query);
|
||||
|
||||
$preselect = array();
|
||||
|
||||
|
||||
$contact_array = explode(",", $main_contact['absence_contact']);
|
||||
|
||||
foreach ($contact_array as $contact) {
|
||||
array_push($preselect,$contact);
|
||||
array_push($preselect, $contact);
|
||||
}
|
||||
?>
|
||||
<!-- <div class="label">Ansprechpartner Krankmeldung</div>
|
||||
@@ -624,23 +700,24 @@ function load_absence_contact($main_contact){
|
||||
<i class="dropdown icon"></i>
|
||||
<div class="default text">Ansprechpartner Krankmeldung</div>
|
||||
<div class="menu">
|
||||
<?
|
||||
while($contacts = @mysqli_fetch_array($result_contact)) {
|
||||
echo "<div class=\"item\" data-value=\"{$contacts['id']}\">".$contacts["name"]."</div>";
|
||||
}
|
||||
<?
|
||||
while ($contacts = @mysqli_fetch_array($result_contact)) {
|
||||
echo "<div class=\"item\" data-value=\"{$contacts['id']}\">" . $contacts["name"] . "</div>";
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div> -->
|
||||
<script type="text/javascript" src="/plugins/jquery/jquery-3.5.1.min.js"></script>
|
||||
<script type="text/javascript" src="/plugins/Semantic-UI-master/semantic.min.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/plugins/Semantic-UI-master/bc-semantic.css?time=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/plugins/Semantic-UI-master/bc-semantic.css')?>">
|
||||
<link rel="stylesheet" type="text/css"
|
||||
href="/plugins/Semantic-UI-master/bc-semantic.css?time=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/plugins/Semantic-UI-master/bc-semantic.css') ?>">
|
||||
<script>
|
||||
var $y = jQuery.noConflict();
|
||||
$y( document ).ready(function() {
|
||||
$y('.contacts.ui.fluid.multiple.dropdown').dropdown('set selected', <?= json_encode($preselect) ?>);
|
||||
$y(document).ready(function () {
|
||||
$y('.contacts.ui.fluid.multiple.dropdown').dropdown('set selected', <?= json_encode($preselect) ?>);
|
||||
});
|
||||
</script>
|
||||
<?php
|
||||
<?php
|
||||
}
|
||||
|
||||
// function updateFromJSON() {
|
||||
@@ -699,7 +776,7 @@ function load_absence_contact($main_contact){
|
||||
// if (!isset($data['users']) || !is_array($data['users'])) {
|
||||
// die("Keine Benutzerdaten gefunden.");
|
||||
// }
|
||||
|
||||
|
||||
// // Durchlaufen der Benutzerdaten
|
||||
// foreach ($data['users'] as $user) {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user