439 lines
16 KiB
PHP
Executable File
439 lines
16 KiB
PHP
Executable File
<?php
|
||
|
||
/*
|
||
* PHP Frontend for pocsag monitor
|
||
*
|
||
* Copyright (C) 2004-2005
|
||
* Manuel Weiser (manuelw@fire-devils.org)
|
||
*
|
||
* This program is free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* This program is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* You should have received a copy of the GNU General Public License
|
||
* along with this program; if not, write to the Free Software
|
||
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||
*/
|
||
|
||
require('config.inc.php');
|
||
|
||
$_SESSION["load_complete"] = "";
|
||
$_SESSION["lastupdate"] = "";
|
||
$_SESSION["online_users"] = "";
|
||
|
||
// Prüfen ob admin
|
||
if( $_SESSION["admin"] != 1 ) exit;
|
||
|
||
/**************************/
|
||
// Seite zusammenstellen
|
||
//
|
||
|
||
//
|
||
// Wenn dme ohne Org anzuschauen ist
|
||
if( isset($_GET["show"]) && $_GET["show"] == 'dme' && !isset($_GET["do"]) )
|
||
{
|
||
// Alle DME ohne Organisation holen
|
||
$result = mysqli_query($dbconn, "SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE org_id = '0' ORDER BY bezeichnung ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
$show_all .= '
|
||
<tr bgcolor="#FFFFFF">
|
||
<td align="center">'.$row["rec_typ"].'</td>
|
||
<td> <b>'.$row["adresse"].'</b> / '.$row["bezeichnung"].'</td>
|
||
<td align="center"> <a href="'.$_SERVER["PHP_SELF"].'?show=dme&do=update&id='.$row["id"].'">zuordnen</a> </td>
|
||
<td align="center"> <a href="'.$_SERVER["PHP_SELF"].'?show=dme&do=delete&id='.$row["id"].'">löschen</a> </td>
|
||
</tr>
|
||
';
|
||
}
|
||
|
||
// Seiteninhalt ausgeben
|
||
eval ("\$page_middle .= \"".gettemplate($template_dir."body_admin_dme-kfz_update")."\";");
|
||
}
|
||
|
||
//
|
||
// Wenn dme updaten
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'dme' && $_GET["do"] && $_GET["do"] == 'update' )
|
||
{
|
||
// Zusammenstellung bekannter Organisationen
|
||
$result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation ORDER BY org ASC, org_name ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
if( $_REQUEST["org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
|
||
$option_org .= '<option value="'.$row["id"].'" '.$selected.'>'.$row["org"].' '.$row["org_name"].'</option>';
|
||
}
|
||
|
||
// Zusammenstellung der Formatierungen
|
||
$result = mysqli_query($dbconn, "SELECT id, beschreibung FROM formatierung ORDER BY beschreibung ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
if( $_REQUEST["form"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
|
||
$option_format .= '<option value="'.$row["id"].'" '.$selected.'>'.$row["beschreibung"].'</option>';
|
||
}
|
||
|
||
// Abfrage des verlangten Datensatzes
|
||
$result = mysqli_query($dbconn, "SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE id = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
// Seiteninhalt ausgeben
|
||
eval ("\$page_middle .= \"".gettemplate($template_dir."body_admin_dme2org")."\";");
|
||
}
|
||
|
||
//
|
||
// Wenn dme l<>schen
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'dme' && $_GET["do"] && $_GET["do"] == 'delete' )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM ric_zvei WHERE id = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
$result = mysqli_query($dbconn, "DELETE FROM alarm2mail WHERE adresse = '$_GET[adresse]'") or die (mysqli_error($dbconn));
|
||
|
||
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
|
||
if( $_GET["org"] )
|
||
{
|
||
$result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
|
||
FROM ric_zvei a
|
||
LEFT JOIN kfz_fms b ON b.org_id = $_GET[org]
|
||
WHERE a.org_id = '$_GET[org]' OR b.org_id = '$_GET[org]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
if( !$row["dme_id"] && !$row["kfz_id"] )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_GET[org]'") or die (mysqli_error($dbconn));
|
||
}
|
||
}
|
||
|
||
// Wohin gehen nach Aktion
|
||
if( !isset($_GET["org"]) )
|
||
{
|
||
echo gohome($_SERVER["PHP_SELF"].'?show=dme&org=0');
|
||
}
|
||
else
|
||
{
|
||
echo gohome($_SERVER["PHP_SELF"]);
|
||
}
|
||
}
|
||
|
||
//
|
||
// dme Update ausf<73>hren
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'dme' && isset($_GET["do"]) && $_GET["do"] == 'setupdate' )
|
||
{
|
||
// Schauen ob neue oder bestehende Organistaion gew<65>hlt wurde
|
||
if( isset($_REQUEST["new_org"]) )
|
||
{
|
||
/////////////////$organisation = $_REQUEST["new_org"];
|
||
|
||
// Pr<50>fen ob die Org schon existiert, wenn ja update kein eintrag
|
||
$result = mysqli_query($dbconn, "SELECT id FROM organisation WHERE org_name = '$_REQUEST[new_org]' AND org = '$_REQUEST[new_org_typ]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
if( $row["id"] )
|
||
{
|
||
$org_id = $row["id"];
|
||
}
|
||
|
||
if( !$org_id )
|
||
{
|
||
$result = mysqli_query($dbconn, "INSERT INTO organisation (org_name, org) VALUES ('$_REQUEST[new_org]', '$_REQUEST[new_org_typ]')");
|
||
|
||
$result = mysqli_query($dbconn, "SELECT MAX(id) as new_id FROM organisation");
|
||
$row = mysqli_fetch_row($result);
|
||
$org_id = $row[0];
|
||
}
|
||
}
|
||
else
|
||
{
|
||
$org_id = $_REQUEST["select_org"];
|
||
}
|
||
|
||
$result = mysqli_query($dbconn, "UPDATE ric_zvei SET bezeichnung = '$_REQUEST[bezeichnung]', formatierung_id = '$_REQUEST[formatierung]', org_id = '$org_id' WHERE id='$_REQUEST[id]'") or die (mysqli_error($dbconn));
|
||
|
||
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
|
||
if( isset($_REQUEST["old_org"]) )
|
||
{
|
||
$result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
|
||
FROM ric_zvei a
|
||
LEFT JOIN kfz_fms b ON b.org_id = $_REQUEST[old_org]
|
||
WHERE a.org_id = '$_REQUEST[old_org]' OR b.org_id = '$_REQUEST[old_org]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
if( !$row["dme_id"] && !$row["kfz_id"] )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_REQUEST[old_org]'") or die (mysqli_error($dbconn));
|
||
}
|
||
}
|
||
|
||
echo gohome($_SERVER["PHP_SELF"]);
|
||
}
|
||
|
||
//
|
||
// Wenn kfz ohne org anzusehen ist
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'kfz' && !isset($_GET["do"]) )
|
||
{
|
||
// Alle DME ohne Organisation holen
|
||
$result = mysqli_query($dbconn, "SELECT id, bezeichnung FROM kfz_fms WHERE org_id = '0' ORDER BY bezeichnung ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
$show_all .= '
|
||
<tr bgcolor="#FFFFFF">
|
||
<td> '.$row["bezeichnung"].'</td>
|
||
<td align="center"> <a href="'.$_SERVER["PHP_SELF"].'?show=kfz&do=update&id='.$row["id"].'">zuordnen</a> </td>
|
||
<td align="center"> <a href="'.$_SERVER["PHP_SELF"].'?show=kfz&do=delete&id='.$row["id"].'">löschen</a> </td>
|
||
</tr>
|
||
';
|
||
}
|
||
|
||
// Seiteninhalt ausgeben
|
||
eval ("\$page_middle .= \"".gettemplate($template_dir."body_admin_dme-kfz_update")."\";");
|
||
}
|
||
|
||
//
|
||
// Wenn kfz updaten
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'kfz' && isset($_GET["do"]) && $_GET["do"] == 'update' )
|
||
{
|
||
// Zusammenstellung bekannter Organisationen
|
||
$result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation ORDER BY org ASC, org_name ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
if( $_REQUEST["org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
|
||
$option_org .= '<option value="'.$row["id"].'" '.$selected.'>'.$row["org"].' '.$row["org_name"].'</option>';
|
||
}
|
||
|
||
// Abfrage des verlangten Datensatzes
|
||
$result = mysqli_query($dbconn, "SELECT id, bezeichnung FROM kfz_fms WHERE id = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
// Seiteninhalt ausgeben
|
||
eval ("\$page_middle .= \"".gettemplate($template_dir."body_admin_kfz2org")."\";");
|
||
}
|
||
|
||
//
|
||
// Wenn kfz l<>schen
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'kfz' && isset($_GET["do"]) && $_GET["do"] == 'delete' )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM kfz_fms WHERE id = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
|
||
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
|
||
if( isset($_GET["org"]) )
|
||
{
|
||
$result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
|
||
FROM ric_zvei a
|
||
LEFT JOIN kfz_fms b ON b.org_id = $_GET[org]
|
||
WHERE a.org_id = '$_GET[org]' OR b.org_id = '$_GET[org]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
if( !$row["dme_id"] && !$row["kfz_id"] )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_GET[org]'") or die (mysqli_error($dbconn));
|
||
}
|
||
}
|
||
|
||
// Wohin gehen nach Aktion
|
||
if( !isset($_GET["org"]) )
|
||
{
|
||
echo gohome($_SERVER["PHP_SELF"].'?show=kfz&org=0');
|
||
}
|
||
else
|
||
{
|
||
echo gohome($_SERVER["PHP_SELF"]);
|
||
}
|
||
}
|
||
|
||
//
|
||
// kfz Update ausfhren
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'kfz' && isset($_GET["do"]) && $_GET["do"] == 'setupdate' )
|
||
{
|
||
// Schauen ob neue oder bestehende Organistaion gewhlt wurde
|
||
if( isset($_REQUEST["new_org"]) )
|
||
{
|
||
$organisation = $_REQUEST["new_org"];
|
||
$result = mysqli_query($dbconn, "INSERT INTO organisation (org_name, org) VALUES ('$organisation', '$_REQUEST[new_org_typ]')");
|
||
|
||
$result = mysqli_query($dbconn, "SELECT MAX(id) as new_id FROM organisation");
|
||
$row = mysqli_fetch_row($result);
|
||
$organisation = $row[0];
|
||
}
|
||
else
|
||
{
|
||
$organisation = $_REQUEST["select_org"];
|
||
}
|
||
|
||
$result = mysqli_query($dbconn, "UPDATE kfz_fms SET bezeichnung = '$_REQUEST[bezeichnung]', org_id = '$organisation' WHERE id='$_REQUEST[id]'") or die (mysqli_error($dbconn));
|
||
|
||
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
|
||
if( isset($_REQUEST["old_org"]) )
|
||
{
|
||
$result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
|
||
FROM ric_zvei a
|
||
LEFT JOIN kfz_fms b ON b.org_id = $_REQUEST[old_org]
|
||
WHERE a.org_id = '$_REQUEST[old_org]' OR b.org_id = '$_REQUEST[old_org]'") or die (mysqli_error($dbconn));
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
if( !$row["dme_id"] && !$row["kfz_id"] )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_REQUEST[old_org]'") or die (mysqli_error($dbconn));
|
||
}
|
||
}
|
||
|
||
echo gohome($_SERVER["PHP_SELF"]);
|
||
}
|
||
|
||
//
|
||
// Wenn Userliste anzeigen
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'user' && !isset($_GET["do"]) )
|
||
{
|
||
// Alle DME ohne Organisation holen
|
||
$result = mysqli_query($dbconn, "SELECT id, a_name, real_name, a_admin, a_mail FROM admin_users ORDER BY a_admin DESC, a_name ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
if( $row["a_admin"] == '0' ) $status = '<b>(User)</b> ';
|
||
elseif( $row["a_admin"] == '1' ) $status = '<b>(Admin)</b> ';
|
||
elseif( $row["a_admin"] == '2' ) $status = '<b>(New)</b> ';
|
||
elseif( $row["a_admin"] == '3' ) $status = '<b>(Closed)</b> ';
|
||
|
||
if( $row["a_admin"] != '1') {
|
||
$show_del_button = '<a href="'.$_SERVER["PHP_SELF"].'?show=user&do=delete&id='.$row["id"].'">löschen</a>';
|
||
} else {
|
||
$show_del_button = "";
|
||
}
|
||
|
||
$show_all .= '
|
||
<tr bgcolor="#FFFFFF">
|
||
<td> '.$status.$row["real_name"].'</td>
|
||
<td><font size="2"> '.$row["a_mail"].'</font></td>
|
||
<!--<td align="center"> <a href="'.$_SERVER["PHP_SELF"].'?show=user&do=update&id='.$row["id"].'">ändern</a> </td>-->
|
||
<td>'.$row["a_name"].'</td>
|
||
<td align="center"> '.$show_del_button.' </td>
|
||
</tr>
|
||
';
|
||
}
|
||
|
||
// Benutzer eintragen
|
||
$show_all .= '
|
||
<tr bgcolor="#FFFFFF">
|
||
<td colspan="4"><br><br>Neuer User</td>
|
||
</tr>
|
||
<tr bgcolor="#FFFFFF">
|
||
<td>Vorname / Name</td>
|
||
<td>EMail</td>
|
||
<td colspan="2"></td>
|
||
</tr>
|
||
<form name="form999" method="post" action="'.$_SERVER["PHP_SELF"].'?show=user&do=insert">
|
||
<tr bgcolor="#FFFFFF">
|
||
<td><input name="ins_name" id="ins_name" type="text" size="30"> </td>
|
||
<td><input name="ins_mail" id="ins_mail" type="text" size="30"> </td>
|
||
<td colspan="2"><input type="submit" name="Submit" value="Eintragen"></td>
|
||
</tr>
|
||
</form>
|
||
';
|
||
|
||
// Seiteninhalt ausgeben
|
||
eval ("\$page_middle .= \"".gettemplate($template_dir."body_admin_dme-kfz_update")."\";");
|
||
}
|
||
|
||
// User eintragen
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'user' && isset($_GET["do"]) && $_GET["do"] == 'insert' )
|
||
{
|
||
list($vorname, $nachname) = explode(" ", trim($_REQUEST["ins_name"]));
|
||
$ins_user_name = trim($vorname) .".". substr(trim($nachname),0,1);
|
||
|
||
$result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE a_name = '$ins_user_name'");
|
||
$row = mysqli_fetch_array($result);
|
||
|
||
if (!empty($row["id"])) $ins_user_name = trim($vorname) .".". substr(trim($nachname),0,1) ."". rand(1,99);
|
||
|
||
$result = mysqli_query($dbconn, "INSERT INTO admin_users (a_name, real_name, a_mail, pm_allow) VALUES ('$ins_user_name', '$_REQUEST[ins_name]', '$_REQUEST[ins_mail]', '1')") or die(mysqli_error);
|
||
|
||
echo gohome($_SERVER["PHP_SELF"].'?show=user');
|
||
}
|
||
|
||
//
|
||
// Wenn user l<>schen
|
||
elseif( isset($_GET["show"]) && $_GET["show"] == 'user' && isset($_GET["do"]) && $_GET["do"] == 'delete' )
|
||
{
|
||
$result = mysqli_query($dbconn, "DELETE FROM messages WHERE userid_to = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
$result = mysqli_query($dbconn, "DELETE FROM alarm2mail WHERE userid = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
$result = mysqli_query($dbconn, "DELETE FROM admin_users WHERE id = '$_GET[id]'") or die (mysqli_error($dbconn));
|
||
|
||
echo gohome($_SERVER["PHP_SELF"].'?show=user');
|
||
}
|
||
|
||
//
|
||
// Wenn nichts vorgegeben
|
||
else
|
||
{
|
||
// Wir schauen nach dme die keiner Org zugeordnet sind
|
||
$result = mysqli_query($dbconn, "SELECT id FROM ric_zvei WHERE org_id = '0'") or die (mysqli_error($dbconn));
|
||
$num_dme = mysqli_num_rows($result);
|
||
|
||
// Wir schauen nach kfz die keiner Org zugeordnet sind
|
||
$result = mysqli_query($dbconn, "SELECT id FROM kfz_fms WHERE org_id = '0'") or die (mysqli_error($dbconn));
|
||
$num_kfz = mysqli_num_rows($result);
|
||
|
||
// Wir schauen nach der Userzahl
|
||
$result = mysqli_query($dbconn, "SELECT id FROM admin_users") or die (mysqli_error($dbconn));
|
||
$num_user = mysqli_num_rows($result);
|
||
|
||
$result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE a_admin = '2'") or die (mysqli_error($dbconn));
|
||
$num_new_user = mysqli_num_rows($result);
|
||
|
||
// Ausklappmenu erstellen
|
||
$select_search_org = '
|
||
<select name="search_org" id="search_org">
|
||
<option value="">--- wähle Org. zum bearbeiten ---</option>';
|
||
|
||
$result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
if( isset($_REQUEST["search_org"]) && $_REQUEST["search_org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
|
||
$select_search_org .= '
|
||
<option value="'.$row["id"].'" '.$selected.'>'.$row["org"].' '.$row["org_name"].'</option>
|
||
';
|
||
}
|
||
|
||
$select_search_org .= '
|
||
</select>
|
||
';
|
||
|
||
// Ausgabe zusammenstellen wenn org zum bearbeiten gew<65>hlt
|
||
if( isset($_REQUEST["search_org"]) )
|
||
{
|
||
$show_ric = '--- <b>RIC/ZVEI</b> ----------<br>';
|
||
|
||
$result = mysqli_query("SELECT id, adresse, bezeichnung, rec_typ, org_id, formatierung_id FROM ric_zvei WHERE org_id = '$_REQUEST[search_org]' ORDER BY rec_typ ASC, adresse ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
$show_ric .= ' <a href="'.$_SERVER["PHP_SELF"].'?do=update&id='.$row["id"].'&show=dme&org='.$row["org_id"].'&form='.$row["formatierung_id"].'">'.$row["adresse"].'</a> | '.$row["rec_typ"].' | '.$row["bezeichnung"].'<br>';
|
||
}
|
||
|
||
$show_ric .= '<br>--- <b>KFZ/FMS</b> ----------<br>';
|
||
|
||
$result = mysqli_query($dbconn, "SELECT id, kennung, bezeichnung, org_id FROM kfz_fms WHERE org_id = '$_REQUEST[search_org]' ORDER BY kennung ASC") or die (mysqli_error($dbconn));
|
||
while($row = mysqli_fetch_array($result))
|
||
{
|
||
$show_ric .= ' <a href="'.$_SERVER["PHP_SELF"].'?do=update&id='.$row["id"].'&show=kfz&org='.$row["org_id"].'">'.$row["kennung"].'</a> | '.$row["bezeichnung"].'<br>';
|
||
}
|
||
|
||
$show_to_edit = '<tr bgcolor="#FFFFFF">
|
||
<td>'.$show_ric.'</td>
|
||
</tr>';
|
||
}
|
||
|
||
// Seiteninhalt ausgeben
|
||
eval ("\$page_middle .= \"".gettemplate($template_dir."body_admin_index")."\";");
|
||
}
|
||
|
||
/**************************/
|
||
// Ausgabe Rahmen
|
||
//
|
||
eval ("dooutput(\"".gettemplate($template_dir."rahmen")."\");");
|
||
|
||
/**************************/
|
||
// Datenbank schliessen
|
||
//
|
||
mysqli_close($dbconn);
|
||
?>
|