diff($current_date); $birthday_content = $birthday->format("d.m.Y") . ", " . $years->y; } elseif ($contact['birthday_state'] == 1) { $birthday_content = $birthday->format("d.m"); } if (isset($_POST['input_submit'])) { $birthday = new DateTime($_POST['input_birthday']); if (!empty($_POST['input_password'])) { $password = password_hash($_POST['input_password'], PASSWORD_DEFAULT); $query = "UPDATE main_contact SET password = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $password) . "' WHERE id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact['id']) . "' LIMIT 1"; mysqli_query($GLOBALS['mysql_con'], $query); } $query = "UPDATE main_contact SET birthday = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $birthday->format('Y-m-d')) . "', birthday_state = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['input_birthday_state']) . "' WHERE id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id) . "' LIMIT 1"; mysqli_query($GLOBALS['mysql_con'], $query); if (isset($_FILES['input_image']) && $_FILES['input_image']['size'] != 0) { // Save uploaded image $fileName = saveImage('input_image', $contact_id); // Escape values $fileEsc = mysqli_real_escape_string($GLOBALS['mysql_con'], $fileName); $contactIdEsc = mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id); // UPDATE: set image_new and image_state for moderation $query = " UPDATE main_contact SET image_new = '{$fileEsc}', image_state = 'approve_required' WHERE id = '{$contactIdEsc}' LIMIT 1 "; mysqli_query($GLOBALS['mysql_con'], $query); sendPhotoApproveMail((int)$contact_id); } if (isset($_FILES['input_header_image']) && $_FILES['input_header_image']['size'] != 0) { $fileName = saveImage('input_header_image', $contact_id); // Check if the record exists $check_query = "SELECT * FROM main_contact_profile_content WHERE main_contact_id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id) . "'"; $check_result = mysqli_query($GLOBALS['mysql_con'], $check_query); if (mysqli_num_rows($check_result) > 0) { // Record exists, perform an update $query_image = "UPDATE main_contact_profile_content SET header_img = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $fileName) . "' WHERE main_contact_id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id) . "'"; mysqli_query($GLOBALS['mysql_con'], $query_image); } else { // No record exists, perform an insert $query_image = "INSERT INTO main_contact_profile_content (main_contact_id, header_img) VALUES ( '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id) . "', '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $fileName) . "' )"; mysqli_query($GLOBALS['mysql_con'], $query_image); } // Optional: Check for errors if (mysqli_error($GLOBALS['mysql_con'])) { echo "Error: " . mysqli_error($GLOBALS['mysql_con']); } } $query_content = "UPDATE main_contact_profile_content SET contact_description = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['input_contact_description']) . "' WHERE main_contact_id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id) . "' LIMIT 1"; mysqli_query($GLOBALS['mysql_con'], $query_content); save_contact_department($contact['id']); $skills = rtrim($_POST['input_tags_hidden'], ','); $skillArray = explode(',', $skills); if (!empty($skillArray) && is_array($skillArray)) { mysqli_query($GLOBALS['mysql_con'], "DELETE FROM main_contact_skills WHERE main_contact_id='" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact['id']) . "'"); foreach ($skillArray as $skill_value) { $query = "INSERT INTO main_contact_skills (main_contact_id, description) VALUES ('" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact['id']) . "', '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $skill_value) . "')"; mysqli_query($GLOBALS['mysql_con'], $query); } } $host = $_SERVER['HTTP_HOST']; $uri = $_SERVER['REDIRECT_URL']; echo ""; } function sendPhotoApproveMail(int $contactId) { if (empty($GLOBALS['mysql_con'])) { return; } $sql = "SELECT name, email FROM main_contact WHERE id = {$contactId} LIMIT 1"; $res = mysqli_query($GLOBALS['mysql_con'], $sql); $u = mysqli_fetch_assoc($res); $username = $u['name'] ?? 'Unbekannt'; $userEmail = $u['email'] ?? ''; $to = "help-intranet@awo-hamburg.de"; $subject = "Neue Foto-Anfrage zur Freigabe von {$username}"; $message = "Hallo,\n\n" . "Der Benutzer '{$username}' hat ein neues Profilfoto hochgeladen.\n" . "Bitte prüfen und freigeben oder ablehnen:\n" . "Benutzer Email: {$userEmail}\n" . "Viele Grüße\n" . "Intranet System"; // Headers $headers = "From: intranet@awo-hamburg.de\r\n"; $headers .= "Content-Type: text/plain; charset=utf-8\r\n"; @mail($to, $subject, $message, $headers); } function saveImage($filekey, $input_id) { $translation = \DynCom\mysyde\common\classes\Registry::get("translation"); $allowed_extensions = ['jpg', 'jpeg', 'gif', 'png']; $filename = strtolower($_FILES[$filekey]['name']); $filename_expl = pathinfo($filename); if (!in_array($filename_expl['extension'], $allowed_extensions)) { echo "
" . $translation->get("error_slideshow_line2") . "
\n"; return false; } // Generate a unique filename $saveFilename = $input_id . "_" . time() . "_" . cleanFilename($_FILES[$filekey]['name']); // Get image dimensions list($width, $height) = getimagesize($_FILES[$filekey]['tmp_name']); // Calculate new dimensions $max_size = 1000; if ($width > $max_size || $height > $max_size) { $ratio = $width / $height; if ($ratio > 1) { $new_width = $max_size; $new_height = $max_size / $ratio; } else { $new_width = $max_size * $ratio; $new_height = $max_size; } } else { $new_width = $width; $new_height = $height; } // Create a new image resource $src_image = null; switch ($filename_expl['extension']) { case 'jpg': case 'jpeg': $src_image = imagecreatefromjpeg($_FILES[$filekey]['tmp_name']); break; case 'png': $src_image = imagecreatefrompng($_FILES[$filekey]['tmp_name']); break; case 'gif': $src_image = imagecreatefromgif($_FILES[$filekey]['tmp_name']); break; } // Create a blank canvas for the resized image $dst_image = imagecreatetruecolor($new_width, $new_height); // Preserve transparency for PNG and GIF if ($filename_expl['extension'] == 'png' || $filename_expl['extension'] == 'gif') { imagealphablending($dst_image, false); imagesavealpha($dst_image, true); $transparent = imagecolorallocatealpha($dst_image, 255, 255, 255, 127); imagefilledrectangle($dst_image, 0, 0, $new_width, $new_height, $transparent); } // Resize the image imagecopyresampled($dst_image, $src_image, 0, 0, 0, 0, $new_width, $new_height, $width, $height); // Save the resized image require_once("../../mysyde/intranet/admin/intranet_config.inc.php"); if ($filename_expl['extension'] == 'jpg' || $filename_expl['extension'] == 'jpeg') { imagejpeg($dst_image, PATH_CONTACT . $saveFilename); } elseif ($filename_expl['extension'] == 'png') { imagepng($dst_image, PATH_CONTACT . $saveFilename); } elseif ($filename_expl['extension'] == 'gif') { imagegif($dst_image, PATH_CONTACT . $saveFilename); } // Free up memory imagedestroy($src_image); imagedestroy($dst_image); return $saveFilename; } function save_contact_department($contact_id) { $contact_id = mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id); $query = "SELECT * FROM main_contact_department LEFT JOIN main_mandant ON main_contact_department.main_mandant_id = main_mandant.id WHERE main_contact_id = '$contact_id' AND main_contact_department.active = 1"; $result = mysqli_query($GLOBALS['mysql_con'], $query); while ($contact = mysqli_fetch_array($result)) { $mandant_id = $contact['main_mandant_id']; $phone_no = mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['input_phone_no_' . $mandant_id]); $email = mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['input_email_' . $mandant_id]); $query_department = "UPDATE main_contact_department SET phone_no = '$phone_no', email = '$email' WHERE main_contact_id = '$contact_id' AND main_mandant_id = '$mandant_id' LIMIT 1"; mysqli_query($GLOBALS['mysql_con'], $query_department); } } function get_person_role($current_mandant, $contact_id) { $conn = $GLOBALS['mysql_con']; $current_mandant = (int)$current_mandant; $contact_id = (int)$contact_id; $query = "SELECT main_role_id FROM main_contact_department WHERE main_mandant_id = $current_mandant AND main_contact_id = $contact_id LIMIT 1"; $res = mysqli_query($conn, $query); if (!$res) { return ""; } $row = mysqli_fetch_array($res, MYSQLI_ASSOC); if (!$row || empty($row['main_role_id'])) { return ""; } $role_id = (int)$row['main_role_id']; $get_role = "SELECT description FROM main_role WHERE id = $role_id LIMIT 1"; $role_res = mysqli_query($conn, $get_role); if (!$role_res) { return ""; } $role_row = mysqli_fetch_array($role_res, MYSQLI_ASSOC); return $role_row['description'] ?? ""; } function get_person_einricht($current_mandant, $contact_id) { $conn = $GLOBALS['mysql_con']; $current_mandant = (int)$current_mandant; $contact_id = (int)$contact_id; $query = "SELECT main_einricht_id FROM main_contact_department WHERE main_mandant_id = $current_mandant AND main_contact_id = $contact_id LIMIT 1"; // var_dump($query); $res = mysqli_query($conn, $query); if (!$res) { return ""; } $row = mysqli_fetch_array($res, MYSQLI_ASSOC); if (!$row || empty($row['main_einricht_id'])) { return ""; } $role_id = (int)$row['main_einricht_id']; $get_role = "SELECT description FROM organigramm_einricht WHERE id = $role_id LIMIT 1"; $role_res = mysqli_query($conn, $get_role); if (!$role_res) { return ""; } $role_row = mysqli_fetch_array($role_res, MYSQLI_ASSOC); return $role_row['description'] ?? ""; } function get_person_space($current_mandant, $contact_id) { $conn = $GLOBALS['mysql_con']; $current_mandant = (int)$current_mandant; $contact_id = (int)$contact_id; $query = "SELECT main_bereich_id FROM main_contact_department WHERE main_mandant_id = $current_mandant AND main_contact_id = $contact_id LIMIT 1"; // var_dump($query); $res = mysqli_query($conn, $query); if (!$res) { return ""; } $row = mysqli_fetch_array($res, MYSQLI_ASSOC); if (!$row || empty($row['main_bereich_id'])) { return ""; } $role_id = (int)$row['main_bereich_id']; $get_role = "SELECT description FROM organogramm_space WHERE id = $role_id LIMIT 1"; $role_res = mysqli_query($conn, $get_role); if (!$role_res) { return ""; } $role_row = mysqli_fetch_array($role_res, MYSQLI_ASSOC); return $role_row['description'] ?? ""; } ?>

-

Kostenstelle:

Geburtstag: