Formatting
[memberdb.git] / include / members.php
1 <?php
2
3 $SQL_CREATE_MEMBERS = sprintf('
4     CREATE TABLE IF NOT EXISTS `%1$s` (
5       `id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
6       `number` INT(10) UNSIGNED NOT NULL,
7       `firstname` VARCHAR(255) NOT NULL,
8       `lastname` VARCHAR(255) NOT NULL,
9       `nickname` VARCHAR(255) NOT NULL,
10       `accountholder` BLOB NOT NULL,
11       `accountnumber` BLOB NOT NULL,
12       `bankcode` BLOB NOT NULL,
13       `bankname` BLOB NOT NULL,
14       `directdebit` TINYINT(1) NOT NULL,
15       `ddmandatesigdate` DATETIME NOT NULL,
16       `street` VARCHAR(255) NOT NULL,
17       `housenumber` VARCHAR(255) NOT NULL,
18       `postcode` VARCHAR(255) NOT NULL,
19       `city` VARCHAR(255) NOT NULL,
20       `country` VARCHAR(255) NOT NULL,
21       `email` VARCHAR(255) NOT NULL,
22       `phone` VARCHAR(255) NOT NULL,
23       `fax` VARCHAR(255) NOT NULL,
24       `mobile` VARCHAR(255) NOT NULL,
25       `jabber` VARCHAR(255) NOT NULL,
26       `icq` VARCHAR(255) NOT NULL,
27       `msn` VARCHAR(255) NOT NULL,
28       `aim` VARCHAR(255) NOT NULL,
29       `skype` VARCHAR(255) NOT NULL,
30       `url` VARCHAR(255) NOT NULL,
31       `twitter` VARCHAR(255) NOT NULL,
32       `created_at` DATETIME NOT NULL,
33       `modified_at` DATETIME NOT NULL,
34       PRIMARY KEY  (`id`),
35       UNIQUE KEY `number` (`number`)
36     ) ENGINE=InnoDB DEFAULT CHARSET=%2$s
37     ', DB_TABLE_MEMBERS, DB_CHARSET);
38
39 $DIRECTDEBIT_STATES = array(
40     '' => '- (Barzahler)',
41     1  => 'DTAUS',
42     2  => 'SEPA Ersteinzug',
43     3  => 'SEPA Folgeeinzug'
44 );
45
46 /* DB functions {{{ */
47
48 function db_create_member($member)
49 {
50     unset($member['id']);
51     $member['created_at'] = db_unixtime2datetime(time());
52     $member['modified_at'] = db_unixtime2datetime(time());
53     if (!db_insert_single(DB_TABLE_MEMBERS, $member)) {
54         return false;
55     }
56     return db_insert_id();
57 }
58
59 function db_change_member($member)
60 {
61     $id = $member['id'];
62     unset($member['id']);
63     $member['modified_at'] = db_unixtime2datetime(time());
64     return db_update_single(DB_TABLE_MEMBERS, $member, sprintf('id=\'%1$d\'', db_escape($id)));
65 }
66
67 function db_get_members()
68 {
69     $sql = 'SELECT * FROM %1$s ORDER BY NUMBER ASC';
70     return db_select_multi(sprintf($sql, DB_TABLE_MEMBERS));
71 }
72
73 function db_get_member_with_id($member_id)
74 {
75     $sql = 'SELECT * FROM %1$s WHERE id=\'%2$d\' LIMIT 1';
76     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_id)));
77 }
78
79 function db_get_next_free_member_number()
80 {/*{{{*/
81     $row = db_select_single(sprintf('SELECT MAX(number) AS number FROM %1$s', DB_TABLE_MEMBERS));
82     if (!isset($row)) {
83         return 2;
84     }
85
86     $number = $row['number'] + 1;
87     // Some numbers are reserved for honorary members
88     $number = (int)$number;
89     switch ($number) {
90         case 1:
91         case 23:
92         case 42:
93         case 666:
94         case 1337:
95         case 31337:
96             return $number + 1;
97     }
98     return $number;
99 }
100
101 ;/*}}}*/
102
103
104 function db_get_member_with_number($member_number)
105 {
106     $sql = 'SELECT * FROM %1$s WHERE NUMBER=\'%2$d\' LIMIT 1';
107     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_number)));
108 }
109
110 /* }}} */
111
112 function validate_member($userdata, &$dbdata, &$validation)
113 {/*{{{*/
114     $fields = array(
115         'id'               => 'number',
116         'number'           => 'number',
117         'firstname'        => 'string',
118         'lastname'         => 'string',
119         'nickname'         => 'string',
120         'accountholder'    => 'string',
121         'accountnumber'    => 'string',
122         'bankcode'         => 'string',
123         'bankname'         => 'string',
124         'directdebit'      => 'number',
125         'ddmandatesigdate' => 'string',
126         'street'           => 'string',
127         'housenumber'      => 'string',
128         'postcode'         => 'string',
129         'city'             => 'string',
130         'country'          => 'string',
131         'email'            => 'string',
132         'phone'            => 'string',
133         'fax'              => 'string',
134         'mobile'           => 'string',
135         'jabber'           => 'string',
136         'icq'              => 'string',
137         'msn'              => 'string',
138         'aim'              => 'string',
139         'skype'            => 'string',
140         'url'              => 'string',
141         'twitter'          => 'string',
142     );
143     $orig = $dbdata;
144     foreach ($fields as $name => $type) {
145         if ($type == 'bool') {
146             $dbdata[$name] = !empty($userdata[$name]);
147             continue;
148         }
149         if (!isset($userdata[$name])) {
150             continue;
151         }
152         $dbdata[$name] = $userdata[$name];
153     }
154 //      ids must be equal
155 //      number must be equal. if changed - check if free and allowed
156     if (isset($orig['id'])) {
157         if ($dbdata['id'] != $orig['id']) {
158             $validation[] = 'Irgendwas ist sehr sehr komisch.';
159         }
160         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
161             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
162         }
163         return (count($validation) == 0);
164     }
165     if (!validate_member_number($dbdata['number'])) {
166         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
167     }
168     return (count($validation) == 0);
169 }/*}}}*/
170
171 function validate_member_number($member_number, $member_id = null)
172 {/*{{{*/
173     $member = db_get_member_with_number($member_number);
174
175     // theres no member with this number
176     if (!isset($member)) {
177         return true;
178     }
179
180     // there is a member, but maybe its the one we got passed
181     if (isset($member_id) && $member_id == $member['id']) {
182         return true;
183     }
184
185     return false;
186 }/*}}}*/
187
188 function action_export_ibanhin()
189 {/*{{{*/
190     $members = db_get_members();
191     if (empty($members)) {
192         return;
193     }
194     js_modal_windows();
195     js_get_master_key();
196     ?>
197     <noscript>
198         <p class="error">
199             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
200         </p>
201     </noscript>
202
203     <h2>IBAN-hin</h2>
204     <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()"
205            id="btn_export_iban_hin"/>
206     <br/>
207     <br/>
208
209
210     <div id="password_popup" class="modal_window">
211         <fieldset>
212             <legend>Passwortabfrage</legend>
213             <?= html_password_field('Passwort', 'password') ?>
214             <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen"
215                    onclick="export_ibanhin()"/>
216             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
217                    onclick="cancel_ask_for_password()"/>
218         </fieldset>
219     </div>
220     <div id="ibanhin_popup" class="modal_window">
221         <fieldset>
222             <legend>IBAN-hin</legend>
223             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
224             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
225         </fieldset>
226     </div>
227
228     <script type="text/javascript">
229
230         var members = new Array(<?=join(",\n", array_map('json_encode', $members)) ?>);
231
232
233         $(document).ready(function () {
234             $('#password').keypress(function (event) {
235                 if (event.keyCode == '13') {
236                     export_ibanhin();
237                 }
238             });
239             $('#btn_ibanhin').focus();
240         });
241
242
243         function ask_for_password() {/*{{{*/
244             modal_window_show($("#password_popup"));
245             $("#password").focus();
246             return;
247         }
248
249         /*}}}*/
250
251         function cancel_ask_for_password() {/*{{{*/
252             modal_window_hide();
253             $("#btn_ibanhin").focus();
254             return;
255         }
256
257         /*}}}*/
258
259
260         function export_ibanhin() {/*{{{*/
261
262             var ibanhin_content = "";
263
264             var password = $('#password').val();
265             $("#password").val('');
266
267             // We pass a closure so that get_master_key may defer execution
268             get_master_key(password, function (masterkey) {
269
270                 modal_window_replace($("#ibanhin_popup"));
271
272                 for (var i = 0; i < members.length; i++) {
273                     if (members[i]['directdebit'] == "1") {
274                         var accountnumber = members[i]['accountnumber'];
275                         var bankcode = members[i]['bankcode'];
276                         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
277                         if (bankcode != "") bankcode = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey));
278                         if (accountnumber != "" && bankcode != "") {
279                             /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
280                                01. Satzart
281                                02. Anwender
282                                03. Internes Kennzeichen des Anwenders
283                                04. BIC-ALT
284                                IBAN-ALT
285                                05. LK/PZ-ALT
286                                06. BLZ-ALT
287                                07. KTONR-ALT
288                                IBAN-NEU
289                                08. LK/PZ-NEU
290                                09. BLZ-NEU
291                                10. KTONR-NEU
292                                11. UMST-KZ
293                              */
294                             ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
295                         }
296                     }
297                 }
298
299                 $('#ibanhin_content').val(ibanhin_content);
300                 $('#ibanhin_content').focus();
301                 $('#ibanhin_content').select();
302
303             });
304
305         }
306
307         /*}}}*/
308
309         function ibanhin_close() {/*{{{*/
310             modal_window_hide();
311             $("#ibanhin_content").val('');
312         }
313
314         /*}}}*/
315
316
317     </script>
318
319     <?php
320
321 }/*}}}*/
322
323
324 function action_list_members()
325 {/*{{{*/
326     $members = db_get_members();
327     $count = 0;
328     $regular = 0;
329     $patron = 0;
330     $honorary = 0;
331     ?>
332     <h2>Liste der Mitglieder</h2>
333     <?php if (isset($members)) : ?>
334     <table>
335         <tr>
336             <th>Mitgliedsnummer</th>
337             <th>Nickname</th>
338             <th>Vorname</th>
339             <th>Nachname</th>
340         </tr>
341         <?php foreach ($members as $member) : ?>
342             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
343             <?php
344             if (!empty($membership_info['is_member'])) {
345                 switch ($membership_info['member_type']) {
346                     case 'regular':
347                         $regular++;
348                         break;
349                     case 'honorary':
350                         $honorary++;
351                         break;
352                     case 'patron':
353                         $patron++;
354                         break;
355                 }
356             }
357             ?>
358             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
359                 <td><a href="<?= html_escape(link_to('view_member',
360                         array('id' => $member['id']))) ?>"><?= html_escape($member['number']) ?></a></td>
361                 <td><?= html_escape($member['nickname']) ?></td>
362                 <td><?= html_escape($member['firstname']) ?></td>
363                 <td><?= html_escape($member['lastname']) ?></td>
364             </tr>
365         <?php endforeach ?>
366     </table>
367 <?php else : ?>
368     <p>Bisher gibt es noch keine Mitglieder.</p>
369     <?php
370 endif;
371     $count = $regular + $honorary + $patron;
372     ?>
373     <p>Derzeit gibt es <?= $count ?> Vereinsmitglieder. Davon:
374     <ul>
375         <li><?= $regular ?> ordentliche Mitglieder</li>
376         <li><?= $honorary ?> Ehrenmitglieder</li>
377         <li style="font-weight: bold;"><?= $regular + $honorary ?> stimmberechtigte Mitglieder</li>
378         <li><?= $patron ?> Fördermitglieder</li>
379     </ul>
380     </p>
381     <a href="<?= link_to('create_member') ?>">Neues Mitglied</a>
382     <a href="<?= link_to('export_email') ?>">E-Mail-Adressen</a>
383     <a href="<?= link_to('export_members') ?>">XLS Export</a>
384     <?php
385 }/*}}}*/
386
387 function action_view_member()
388 {/*{{{*/
389     if (!isset($_REQUEST['id'])) {
390         redirect(link_to());
391     }
392     $member = db_get_member_with_id($_REQUEST['id']);
393     if (!isset($member)) {
394         redirect(link_to());
395     }
396     form_member($member, true);
397     action_list_events($member);
398     action_create_event($member);
399 }/*}}}*/
400
401 function action_create_member()
402 {/*{{{*/
403     $member = array();
404     $log_messages = array();
405     if (isset($_POST['submit'])) {
406         unset($_POST['id']);
407
408         if (validate_member($_POST, $member, $log_messages)) {
409             if (empty($member['number'])) {
410                 $member['number'] = db_get_next_free_member_number();
411             }
412
413             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
414                 ($member['ddmandatesigdate'] == '')) {
415                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
416             } else {
417                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
418             }
419
420             if ($member_id = db_create_member($member)) {
421                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
422             }
423             echo db_error();
424         }
425     }
426     form_member($member, false, $log_messages);
427 }/*}}}*/
428
429 function action_change_member()
430 {/*{{{*/
431     if (!isset($_REQUEST['id'])) {
432         redirect(link_to());
433     }
434     $member = db_get_member_with_id($_REQUEST['id']);
435     if (!isset($member)) {
436         redirect(link_to());
437     }
438     $log_messages = array();
439     if (isset($_POST['submit'])) {
440         if (validate_member($_POST, $member, $log_messages)) {
441             if (empty($member['number'])) {
442                 $member['number'] = db_get_next_free_member_number();
443             }
444
445             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
446                 ($member['ddmandatesigdate'] == '')) {
447                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
448             } else {
449                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
450             }
451
452             if (db_change_member($member)) {
453                 redirect(link_to('view_member', array('id' => $member['id'])));
454             }
455             echo db_error();
456         }
457     }
458     form_member($member, false, $log_messages);
459 }/*}}}*/
460
461
462 function action_export_email()
463 {/*{{{*/
464     $members = db_get_members();
465     $first = true;
466     ?>
467     <h2>E-Mail-Adressen</h2>
468     <?php if (isset($members)) : ?>
469     <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'],
470         time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) {
471         continue;
472     } ?><?php if ($first) : $first = false; else : ?>,<?php endif ?> <?= $member['email'] ?><?php endif ?><?php endforeach ?>
473 <?php else : ?>
474     <p>Bisher gibt's noch keine Mitglieder.</p>
475 <?php endif ?>
476     <?php
477 }/*}}}*/
478
479
480 function html_member_list_box($label, $name, $selected, $readonly = false, $id = null, $tag_params = '')
481 {
482     $list = array(0 => '-');
483     $members = db_get_members();
484     if (!empty($members)) {
485         foreach ($members as $member) {
486             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
487         }
488     }
489     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
490 }
491
492 function form_member($member = array(), $readonly = false, $log_messages = array())
493 {/*{{{*/
494
495     global $DIRECTDEBIT_STATES;
496
497     $keys = db_get_crypto_keys();
498     if (empty($keys)) {
499         ?>
500         <p class="error">
501             <strong>Achtung:</strong> Bitte zuerst <a href="<?= link_to('cryptography') ?>">Kryptographie einrichten</a>.
502         </p>
503         <?php
504         return;
505     }
506
507     js_modal_windows();
508     js_get_master_key();
509
510     ?>
511     <noscript>
512         <p class="error">
513             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
514         </p>
515     </noscript>
516     <?php if (!isset($member['id'])) : ?>
517     <h2>Neues Mitglied</h2>
518 <?php elseif ($readonly) : ?>
519     <h2>Mitgliedsdetails</h2>
520 <?php else : ?>
521     <h2>Mitglied &auml;ndern</h2>
522 <?php endif ?>
523     <?php log_messages($log_messages); ?>
524     <form action="" method="post" class="clearfix">
525         <?php if (isset($member['id']) && !$readonly) : ?><?= html_hidden_field('id', $member) ?><?php endif ?>
526         <fieldset>
527             <legend>Allgemein</legend>
528             <?= html_text_field('Mitgliedsnummer', 'number', $member, $readonly) ?>
529             <?php if (!$readonly) : ?>
530                 <small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
531             <?= html_text_field('Nickname', 'nickname', $member, $readonly) ?>
532             <?= html_text_field('E-Mail', 'email', $member, $readonly) ?>
533         </fieldset>
534         <fieldset id="bank_details">
535             <legend>Bankverbindung</legend>
536             <?= html_text_field('Kontoinhaber', 'accountholder', $member, true) ?>
537             <?= html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true) ?>
538             <?= html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true) ?>
539             <?= html_text_field('Name der Bank', 'bankname', $member, true) ?>
540             <?php if (!isset($member['id'])) : ?>
541                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen"
542                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
543             <?php elseif ($readonly) : ?>
544                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten"
545                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
546             <?php else : ?>
547                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern"
548                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
549             <?php endif ?>
550             <?= html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly) ?>
551             <?php
552             if ((!isset($member['ddmandatesigdate'])) ||
553                 ($member['ddmandatesigdate'] == '') ||
554                 ($member['ddmandatesigdate'] == '0000-00-00 00:00:00')) {
555                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
556             } else {
557                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
558             }
559             ?>
560             <?= html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly) ?>
561         </fieldset>
562         <fieldset style="clear: left;">
563             <legend>Anschrift</legend>
564             <?= html_text_field('Vorname', 'firstname', $member, $readonly) ?>
565             <?= html_text_field('Nachname', 'lastname', $member, $readonly) ?>
566             <?= html_text_field('Straße', 'street', $member, $readonly) ?>
567             <?= html_text_field('Hausnummer', 'housenumber', $member, $readonly) ?>
568             <?= html_text_field('PLZ', 'postcode', $member, $readonly) ?>
569             <?= html_text_field('Ort', 'city', $member, $readonly) ?>
570             <?= html_text_field('Land', 'country', $member, $readonly) ?>
571         </fieldset>
572         <fieldset>
573             <legend>Sonstiges</legend>
574             <?= html_text_field('Telefon', 'phone', $member, $readonly) ?>
575             <?= html_text_field('Fax', 'fax', $member, $readonly) ?>
576             <?= html_text_field('Handy', 'mobile', $member, $readonly) ?>
577             <?= html_text_field('Jabber', 'jabber', $member, $readonly) ?>
578             <?= html_text_field('ICQ', 'icq', $member, $readonly) ?>
579             <?= html_text_field('MSN', 'msn', $member, $readonly) ?>
580             <?= html_text_field('AIM', 'aim', $member, $readonly) ?>
581             <?= html_text_field('Skype', 'skype', $member, $readonly) ?>
582             <?= html_text_field('Website', 'url', $member, $readonly) ?>
583             <?= html_text_field('Twitter', 'twitter', $member, $readonly) ?>
584         </fieldset>
585         <?php if (!$readonly) : ?>
586             <input class="submit" type="submit" name="submit" value="Speichern"/>
587         <?php else : ?>
588             <br style="clear: left;"/>
589             <a href="<?= html_escape(link_to('change_member', array('id' => $member['id']))) ?>">Mitglied
590                 &auml;ndern</a>
591         <?php endif ?>
592     </form>
593     <?php if (!isset($member['id'])) : ?>
594     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren"
595            onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
596     <div id="password_popup2" class="modal_window">
597         <fieldset>
598             <legend>Passwortabfrage</legend>
599             <?= html_password_field('Passwort', 'password2') ?>
600             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren"
601                    onclick="import_qrcode()"/>
602             <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen"
603                    onclick="cancel_import_qrcode()"/>
604         </fieldset>
605     </div>
606     <div id="qrcode_popup" class="modal_window">
607         <fieldset>
608             <legend>QR-Code</legend>
609             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
610             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
611         </fieldset>
612     </div>
613 <?php endif ?>
614
615     <div id="password_popup" class="modal_window">
616         <fieldset>
617             <legend>Passwortabfrage</legend>
618             <?= html_password_field('Passwort', 'password1') ?>
619             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln"
620                    onclick="decrypt_bank_details()"/>
621             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
622                    onclick="cancel_change_bank_details()"/>
623         </fieldset>
624     </div>
625     <div id="bank_detail_popup" class="modal_window">
626         <fieldset>
627             <legend>Bankverbindung</legend>
628             <?= html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly) ?>
629             <?= html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly) ?>
630             <?= html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly) ?>
631             <?= html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly) ?>
632             <?php if (!isset($member['id'])) : ?>
633                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
634                        onclick="bank_details_save()"/>
635                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
636                        onclick="bank_details_cancel()"/>
637             <?php elseif ($readonly) : ?>
638                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck"
639                        onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
640             <?php else : ?>
641                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
642                        onclick="bank_details_save()"/>
643                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
644                        onclick="bank_details_cancel()"/>
645             <?php endif ?>
646         </fieldset>
647     </div>
648     <script type="text/javascript">
649
650
651         var the_masterkey;
652
653         $(document).ready(function () {
654             $('#accountholder').focus(function () {
655                 $("#btn_bank_details").focus();
656             });
657             <?php if ($readonly) : ?>
658             $('#btn_bank_details_cancel').keypress(function (event) {
659                 if (event.keyCode == '13') {
660                     bank_details_cancel();
661                 }
662             });
663             <?php else : ?>
664             $('#tmp_bankname').keypress(function (event) {
665                 if (event.keyCode == '13') {
666                     bank_details_save();
667                 }
668             });
669             <?php endif ?>
670             $('#password1').keypress(function (event) {
671                 if (event.keyCode == '13') {
672                     decrypt_bank_details();
673                 }
674             });
675             <?php if (!isset($member['id'])) : ?>
676             $('#password2').keypress(function (event) {
677                 if (event.keyCode == '13') {
678                     import_qrcode();
679                 }
680             });
681             <?php endif ?>
682         });
683
684         function bank_details_ask_pass() {/*{{{*/
685             modal_window_show($("#password_popup"));
686             $("#password1").focus();
687             return;
688         }
689
690         /*}}}*/
691
692
693         function import_qrcode_ask_pass() {/*{{{*/
694             modal_window_show($("#password_popup2"));
695             $("#password2").focus();
696             return;
697         }
698
699         /*}}}*/
700
701         function cancel_change_bank_details() {/*{{{*/
702             modal_window_hide();
703             $("#btn_bank_details").focus();
704             $("#password1").val('');
705             return;
706         }
707
708         /*}}}*/
709
710         function cancel_import_qrcode() {/*{{{*/
711             modal_window_hide();
712             $("#password2").val('');
713             return;
714         }
715
716         /*}}}*/
717
718         function decrypt_bank_details() {/*{{{*/
719
720             var password = $('#password1').val();
721             $("#password1").val('');
722
723             // We pass a closure so that get_master_key may defer execution
724             get_master_key(password, function (masterkey) {
725
726                 modal_window_replace($("#bank_detail_popup"));
727                 <?php if ($readonly) : ?>
728                 $('#btn_bank_details_cancel').focus();
729                 <?php else : ?>
730                 $('#tmp_accountholder').focus();
731                 <?php endif ?>
732
733                 var accountholder = $('#accountholder').val();
734                 var accountnumber = $('#accountnumber').val();
735                 var bankcode = $('#bankcode').val();
736                 var bankname = $('#bankname').val();
737
738                 // Encrypt/Decrypt data using AES with masterkey
739                 if (accountholder != "") {
740                     $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey)));
741                 }
742                 if (accountnumber != "") {
743                     $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey)));
744                 }
745                 if (bankcode != "") {
746                     $('#tmp_bankcode').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey)));
747                 }
748                 if (bankname != "") {
749                     $('#tmp_bankname').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname, masterkey)));
750                 }
751                 the_masterkey = masterkey; // cache masterkey until popup is closed
752             });
753
754         }
755
756         /*}}}*/
757
758         function import_qrcode() {/*{{{*/
759
760             var password = $('#password2').val();
761             $("#password2").val('');
762
763             // We pass a closure so that get_master_key may defer execution
764             get_master_key(password, function (masterkey) {
765
766                 modal_window_replace($("#qrcode_popup"));
767                 the_masterkey = masterkey; // cache masterkey until popup is closed
768             });
769
770         }
771
772         /*}}}*/
773
774         function qrcode_close() {/*{{{*/
775
776             modal_window_hide();
777
778             var qrcode_content = $('#qrcode_content').val();
779             $("#qrcode_content").val('');
780             var qrcode = qrcode_content.split(';');
781             if (qrcode.length >= 17) {
782                 $("#nickname").val(qrcode[0]);
783                 // XXX birthdate - unused
784                 $("#email").val(qrcode[2]);
785                 // XXX cccmember - unused
786                 $("#firstname").val(qrcode[4]);
787                 $("#lastname").val(qrcode[5]);
788                 $("#street").val(qrcode[6]);
789                 $("#housenumber").val(qrcode[7]);
790                 $("#postcode").val(qrcode[8]);
791                 $("#city").val(qrcode[9]);
792                 $("#country").val(qrcode[10]);
793                 // XXX fee unused
794                 $("#paymentinterval").val(qrcode[12]);
795                 var accountholder = qrcode[13];
796                 var accountnumber = qrcode[14];
797                 var bankcode = qrcode[15];
798                 var bankname = qrcode[16];
799                 // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
800             }
801
802
803             // 4.2 Encrypt/Decrypt data using AES with masterkey
804             if (accountholder != "") {
805                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
806             } else {
807                 $('#accountholder').val('');
808             }
809             if (accountnumber != "") {
810                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
811             } else {
812                 $('#accountnumber').val('');
813             }
814             if (bankcode != "") {
815                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
816             } else {
817                 $('#bankcode').val('');
818             }
819             if (bankname != "") {
820                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
821             } else {
822                 $('#bankname').val('');
823             }
824             the_masterkey = '';
825
826         }
827
828         /*}}}*/
829
830         function bank_details_save() {/*{{{*/
831
832             modal_window_hide();
833
834             var accountholder = $('#tmp_accountholder').val();
835             var accountnumber = $('#tmp_accountnumber').val();
836             var bankcode = $('#tmp_bankcode').val();
837             var bankname = $('#tmp_bankname').val();
838             $("#tmp_accountholder").val('');
839             $("#tmp_accountnumber").val('');
840             $("#tmp_bankcode").val('');
841             $("#tmp_bankname").val('');
842
843             accountnumber = accountnumber.replace(/\s+/g, '');
844             bankcode = bankcode.replace(/\s+/g, '');
845             // 4.2 Encrypt/Decrypt data using AES with masterkey
846             if (accountholder != "") {
847                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
848             } else {
849                 $('#accountholder').val('');
850             }
851             if (accountnumber != "") {
852                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
853             } else {
854                 $('#accountnumber').val('');
855             }
856             if (bankcode != "") {
857                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
858             } else {
859                 $('#bankcode').val('');
860             }
861             if (bankname != "") {
862                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
863             } else {
864                 $('#bankname').val('');
865             }
866             the_masterkey = '';
867
868         }
869
870         /*}}}*/
871
872         function bank_details_cancel() {/*{{{*/
873
874             modal_window_hide();
875
876             $("#tmp_accountholder").val('');
877             $("#tmp_accountnumber").val('');
878             $("#tmp_bankcode").val('');
879             $("#tmp_bankname").val('');
880
881             the_masterkey = '';
882         }
883
884         /*}}}*/
885
886     </script>
887     <?php
888 }/*}}}*/