Merge branch 'master' of ssh://git.ccc-ffm.de/memberdb
[memberdb.git] / include / members.php
1 <?php
2
3 $SQL_CREATE_MEMBERS = sprintf('
4     CREATE TABLE IF NOT EXISTS `%1$s` (
5       `id` int(10) unsigned NOT NULL auto_increment,
6       `number` int(10) unsigned NOT NULL,
7       `firstname` varchar(255) NOT NULL,
8       `lastname` varchar(255) NOT NULL,
9       `nickname` varchar(255) NOT NULL,
10       `accountholder` blob NOT NULL,
11       `accountnumber` blob NOT NULL,
12       `bankcode` blob NOT NULL,
13       `bankname` blob NOT NULL,
14       `directdebit` tinyint(1) NOT NULL,
15       `ddmandatesigdate` datetime NOT NULL,
16       `street` varchar(255) NOT NULL,
17       `housenumber` varchar(255) NOT NULL,
18       `postcode` varchar(255) NOT NULL,
19       `city` varchar(255) NOT NULL,
20       `country` varchar(255) NOT NULL,
21       `email` varchar(255) NOT NULL,
22       `phone` varchar(255) NOT NULL,
23       `fax` varchar(255) NOT NULL,
24       `mobile` varchar(255) NOT NULL,
25       `jabber` varchar(255) NOT NULL,
26       `icq` varchar(255) NOT NULL,
27       `msn` varchar(255) NOT NULL,
28       `aim` varchar(255) NOT NULL,
29       `skype` varchar(255) NOT NULL,
30       `url` varchar(255) NOT NULL,
31       `twitter` varchar(255) NOT NULL,
32       `created_at` datetime NOT NULL,
33       `modified_at` datetime NOT NULL,
34       PRIMARY KEY  (`id`),
35       UNIQUE KEY `number` (`number`)
36     ) ENGINE=InnoDB DEFAULT CHARSET=%2$s
37     ', DB_TABLE_MEMBERS, DB_CHARSET);
38
39 $DIRECTDEBIT_STATES = array(
40     '' => '- (Barzahler)',
41     1 => 'DTAUS',
42     2 => 'SEPA Ersteinzug',
43     3 => 'SEPA Folgeeinzug'
44 ); 
45     
46 /* DB functions {{{ */
47
48 function db_create_member($member) {
49     unset($member['id']);
50     $member['created_at']   = db_unixtime2datetime(time());
51     $member['modified_at']  = db_unixtime2datetime(time());
52     if (!db_insert_single(DB_TABLE_MEMBERS, $member)) return false;
53     return db_insert_id();
54 }
55
56 function db_change_member($member) {
57     $id = $member['id'];
58     unset($member['id']);
59     $member['modified_at']  = db_unixtime2datetime(time());
60     return db_update_single(DB_TABLE_MEMBERS, $member, sprintf('id=\'%1$d\'', db_escape($id)));
61 }
62
63 function db_get_members() {
64     $sql = 'SELECT * FROM %1$s ORDER BY number ASC';
65     return db_select_multi(sprintf($sql, DB_TABLE_MEMBERS));
66 }
67
68 function db_get_member_with_id($member_id) {
69     $sql = 'SELECT * FROM %1$s WHERE id=\'%2$d\' LIMIT 1';
70     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_id)));
71 }
72
73 function db_get_next_free_member_number() {/*{{{*/
74     $row = db_select_single(sprintf('SELECT MAX(number) AS number FROM %1$s', DB_TABLE_MEMBERS));
75     if (!isset($row)) return 2;
76
77     $number = $row['number'] + 1;
78     // Some numbers are reserved for honorary members
79     $number = (int) $number;
80     switch ($number) {
81         case 1:
82         case 23:
83         case 42:
84         case 666:
85         case 1337:
86         case 31337:
87             return $number + 1;
88     }
89     return $number;
90 };/*}}}*/
91
92
93 function db_get_member_with_number($member_number) {
94     $sql = 'SELECT * FROM %1$s WHERE number=\'%2$d\' LIMIT 1';
95     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_number)));
96 }
97
98 /* }}} */
99
100 function validate_member($userdata, &$dbdata, &$validation) {/*{{{*/
101     $fields = array(
102         'id'               => 'number',
103         'number'           => 'number',
104         'firstname'        => 'string',
105         'lastname'         => 'string',
106         'nickname'         => 'string',
107         'accountholder'    => 'string',
108         'accountnumber'    => 'string',
109         'bankcode'         => 'string',
110         'bankname'         => 'string',
111         'directdebit'      => 'number',
112         'ddmandatesigdate' => 'string',
113         'street'           => 'string',
114         'housenumber'      => 'string',
115         'postcode'         => 'string',
116         'city'             => 'string',
117         'country'          => 'string',
118         'email'            => 'string',
119         'phone'            => 'string',
120         'fax'              => 'string',
121         'mobile'           => 'string',
122         'jabber'           => 'string',
123         'icq'              => 'string',
124         'msn'              => 'string',
125         'aim'              => 'string',
126         'skype'            => 'string',
127         'url'              => 'string',
128         'twitter'          => 'string',
129     );
130     $orig = $dbdata;
131     foreach ($fields as $name => $type) {
132         if ($type == 'bool') {
133             $dbdata[$name] = !empty($userdata[$name]);
134             continue;
135         }
136         if (!isset($userdata[$name])) continue;
137         $dbdata[$name] = $userdata[$name];
138     }
139 //      ids must be equal
140 //      number must be equal. if changed - check if free and allowed
141     if (isset($orig['id'])) {
142         if ($dbdata['id'] != $orig['id']) {
143             $validation[] = 'Irgendwas ist sehr sehr komisch.';
144         }
145         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
146             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
147         }
148         return (count($validation) == 0);
149     }
150     if (!validate_member_number($dbdata['number'])) {
151         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
152     }
153     return (count($validation) == 0);
154 }/*}}}*/
155
156 function validate_member_number($member_number, $member_id = NULL) {/*{{{*/
157     $member = db_get_member_with_number($member_number);
158
159     // theres no member with this number
160     if (!isset($member)) return true;
161
162     // there is a member, but maybe its the one we got passed
163     if (isset($member_id) && $member_id == $member['id']) return true;
164
165     return false;
166 }/*}}}*/
167
168 function action_export_ibanhin() {/*{{{*/
169     $members = db_get_members();
170     if (empty($members)) return;
171     js_modal_windows();
172     js_get_master_key();
173 ?>
174     <noscript>
175         <p class="error">
176             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
177         </p>
178     </noscript>
179
180     <h2>IBAN-hin</h2>
181 <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()" id="btn_export_iban_hin"/>
182 <br/>
183 <br/>
184
185
186 <div id="password_popup" class="modal_window">
187     <fieldset>
188         <legend>Passwortabfrage</legend>
189         <?=html_password_field('Passwort', 'password')?>
190         <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen" onclick="export_ibanhin()"/>
191         <input class="submit" type="button" name="btn_cancel" value="Abbrechen" onclick="cancel_ask_for_password()"/>
192     </fieldset>
193 </div>
194 <div id="ibanhin_popup" class="modal_window">
195     <fieldset>
196         <legend>IBAN-hin</legend>
197             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
198             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
199     </fieldset>
200 </div>
201
202 <script type="text/javascript">
203
204   var members = new Array(<?=join(",\n", array_map('json_encode', $members)) ?>);
205
206
207
208 $(document).ready(function(){  
209     $('#password').keypress( function(event) { if (event.keyCode == '13') { export_ibanhin(); } });
210     $('#btn_ibanhin').focus();
211 });  
212
213
214 function ask_for_password() {/*{{{*/
215     modal_window_show($("#password_popup"));
216     $("#password").focus();
217     return;
218 }/*}}}*/
219
220 function cancel_ask_for_password() {/*{{{*/
221     modal_window_hide();
222     $("#btn_ibanhin").focus();
223     return;
224 }/*}}}*/
225
226
227 function export_ibanhin() {/*{{{*/
228     
229     var ibanhin_content = "";
230
231     var password = $('#password').val();
232     $("#password").val('');
233
234     // We pass a closure so that get_master_key may defer execution
235     get_master_key(password, function(masterkey) {
236
237     modal_window_replace($("#ibanhin_popup"));
238
239     for (var i = 0; i < members.length; i++) {
240       if (members[i]['directdebit'] == "1") {
241         var accountnumber = members[i]['accountnumber'];
242         var bankcode      = members[i]['bankcode'];
243         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
244         if (bankcode      != "") bankcode      = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode,      masterkey));
245         if (accountnumber != "" && bankcode != "") {
246           /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
247              01. Satzart
248              02. Anwender
249              03. Internes Kennzeichen des Anwenders
250              04. BIC-ALT
251              IBAN-ALT
252              05. LK/PZ-ALT
253              06. BLZ-ALT
254              07. KTONR-ALT
255              IBAN-NEU
256              08. LK/PZ-NEU
257              09. BLZ-NEU
258              10. KTONR-NEU
259              11. UMST-KZ
260            */
261           ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
262         }
263       }
264     }
265
266     $('#ibanhin_content').val(ibanhin_content);
267     $('#ibanhin_content').focus();
268     $('#ibanhin_content').select();
269     
270     });
271
272 }/*}}}*/
273
274 function ibanhin_close() {/*{{{*/
275     modal_window_hide();
276     $("#ibanhin_content").val('');
277 }/*}}}*/
278
279
280 </script>
281
282 <?php
283
284 }/*}}}*/
285
286
287 function action_list_members() {/*{{{*/
288     $members = db_get_members();
289     $count   = 0;
290     $regular = 0;
291     $patron = 0;
292     $honorary = 0;
293     ?>
294     <h2>Liste der Mitglieder</h2>
295     <?php if (isset($members)) : ?>
296         <table>
297             <tr>
298                 <th>Mitgliedsnummer</th>
299                 <th>Nickname</th>
300                 <th>Vorname</th>
301                 <th>Nachname</th>
302             </tr>
303         <?php foreach ($members as $member) : ?>
304             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
305             <?php 
306                 if (!empty($membership_info['is_member'])) {
307                     switch($membership_info['member_type']) {
308                         case 'regular': $regular++; break;
309                         case 'honorary': $honorary++; break;
310                         case 'patron': $patron++; break;
311                     }
312                 }
313             ?>
314             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
315                 <td><a href="<?=html_escape(link_to('view_member', array('id'=> $member['id'])))?>"><?=html_escape($member['number'])?></a></td>
316                 <td><?=html_escape($member['nickname'])?></td>
317                 <td><?=html_escape($member['firstname'])?></td>
318                 <td><?=html_escape($member['lastname'])?></td>
319             </tr>
320         <?php endforeach ?>
321         </table>
322     <?php else : ?>
323         <p>Bisher gibt es noch keine Mitglieder.</p>
324     <?php
325         endif;
326         $count = $regular + $honorary + $patron;
327     ?>
328         <p>Derzeit gibt es <?=$count?> Vereinsmitglieder. Davon:
329             <ul>
330                 <li><?=$regular?> ordentliche Mitglieder</li>
331                 <li><?=$honorary?> Ehrenmitglieder</li>
332                 <li style="font-weight: bold;"><?=$regular+$honorary?> stimmberechtigte Mitglieder</li>
333                 <li><?=$patron?> Fördermitglieder</li>
334             </ul>
335         </p>
336         <a href="<?=link_to('create_member')?>">Neues Mitglied</a>
337         <a href="<?=link_to('export_email')?>">E-Mail-Adressen</a>
338         <a href="<?=link_to('export_members')?>">XLS Export</a>
339     <?php
340 }/*}}}*/
341
342 function action_view_member() {/*{{{*/
343     if (!isset($_REQUEST['id'])) redirect(link_to());
344     $member = db_get_member_with_id($_REQUEST['id']);
345     if (!isset($member)) redirect(link_to());
346     form_member($member, true);
347     action_list_events($member);
348     action_create_event($member);
349 }/*}}}*/
350
351 function action_create_member() {/*{{{*/
352     $member = array();
353     $log_messages = array();
354     if (isset($_POST['submit'])) {
355         unset($_POST['id']);
356         
357         if (validate_member($_POST, $member, $log_messages)) {
358             if (empty($member['number'])) $member['number'] = db_get_next_free_member_number();
359             
360             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
361                 ($member['ddmandatesigdate'] == ''))
362             {
363               $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
364             } else {
365               $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
366             }
367             
368             if ($member_id = db_create_member($member)) {
369                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
370             }
371             echo db_error();
372         }
373     }
374     form_member($member, false, $log_messages);
375 }/*}}}*/
376
377 function action_change_member() {/*{{{*/
378     if (!isset($_REQUEST['id'])) redirect(link_to());
379     $member = db_get_member_with_id($_REQUEST['id']);
380     if (!isset($member)) redirect(link_to());
381     $log_messages = array();
382     if (isset($_POST['submit'])) {
383         if (validate_member($_POST, $member, $log_messages)) {
384             if (empty($member['number'])) $member['number'] = db_get_next_free_member_number();
385                         
386             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
387                 ($member['ddmandatesigdate'] == ''))
388             {
389               $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
390             } else {
391               $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
392             }
393
394             if (db_change_member($member)) {
395                 redirect(link_to('view_member', array('id' => $member['id'])));
396             }
397             echo db_error();
398         }
399     }
400     form_member($member, false, $log_messages);
401 }/*}}}*/
402
403
404 function action_export_email() {/*{{{*/
405     $members = db_get_members();
406     $first = true;
407     ?>
408     <h2>E-Mail-Adressen</h2>
409     <?php if (isset($members)) : ?>
410         <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'], time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) continue; ?><?php if ($first) : $first = false; else :?>,<?php endif ?> <?=$member['email']?><?php endif ?><?php endforeach ?>
411     <?php else : ?>
412         <p>Bisher gibt's noch keine Mitglieder.</p>
413     <?php endif ?>
414     <?php
415 }/*}}}*/
416
417
418 function html_member_list_box($label, $name, $selected, $readonly = false, $id = NULL, $tag_params = '') {
419     $list = array(0 => '-');
420     $members = db_get_members();
421     if (!empty($members)) {
422         foreach ($members as $member) {
423             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
424         }
425     }
426     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
427 }
428
429 function form_member($member = array(), $readonly = false, $log_messages = array()) {/*{{{*/
430     
431     global $DIRECTDEBIT_STATES;
432     
433     $keys = db_get_crypto_keys();
434     if (empty($keys)) {
435 ?>
436         <p class="error">
437             <strong>Achtung:</strong> Bitte zuerst <a href="<?=link_to('cryptography')?>">Kryptographie einrichten</a>.
438         </p>
439 <?php
440         return;
441     }
442
443     js_modal_windows();
444     js_get_master_key();
445
446     ?>
447     <noscript>
448         <p class="error">
449             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
450         </p>
451     </noscript>
452     <?php if (!isset($member['id'])) : ?>
453         <h2>Neues Mitglied</h2>
454     <?php elseif ($readonly) : ?>
455         <h2>Mitgliedsdetails</h2>
456     <?php else : ?>
457         <h2>Mitglied &auml;ndern</h2>
458     <?php endif ?>
459     <?php log_messages($log_messages); ?>
460     <form action="" method="post" class="clearfix">
461         <?php if (isset($member['id']) && !$readonly) : ?><?=html_hidden_field('id', $member)?><?php endif ?>
462         <fieldset>
463             <legend>Allgemein</legend>
464             <?=html_text_field('Mitgliedsnummer', 'number', $member, $readonly)?>
465             <?php if (!$readonly) : ?><small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
466             <?=html_text_field('Nickname', 'nickname', $member, $readonly)?>
467             <?=html_text_field('E-Mail', 'email', $member, $readonly)?>
468         </fieldset>
469         <fieldset id="bank_details">
470             <legend>Bankverbindung</legend>
471             <?=html_text_field('Kontoinhaber', 'accountholder', $member, true)?>
472             <?=html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true)?>
473             <?=html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true)?>
474             <?=html_text_field('Name der Bank', 'bankname', $member, true)?>
475             <?php if (!isset($member['id'])) : ?>
476                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
477             <?php elseif ($readonly) : ?>
478                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
479             <?php else : ?>
480                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
481             <?php endif ?>
482             <?=html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly)?>
483             <?php
484               if ((!isset($member['ddmandatesigdate'])) ||
485                   ($member['ddmandatesigdate'] == '') ||
486                   ($member['ddmandatesigdate'] == '0000-00-00 00:00:00'))
487               {
488                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
489               } else {              
490                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
491               }
492             ?>
493             <?=html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly)?>
494         </fieldset>
495         <fieldset style="clear: left;">
496             <legend>Anschrift</legend>
497             <?=html_text_field('Vorname', 'firstname', $member, $readonly)?>
498             <?=html_text_field('Nachname', 'lastname', $member, $readonly)?>
499             <?=html_text_field('Straße', 'street', $member, $readonly)?>
500             <?=html_text_field('Hausnummer', 'housenumber', $member, $readonly)?>
501             <?=html_text_field('PLZ', 'postcode', $member, $readonly)?>
502             <?=html_text_field('Ort', 'city', $member, $readonly)?>
503             <?=html_text_field('Land', 'country', $member, $readonly)?>
504         </fieldset>
505         <fieldset>
506             <legend>Sonstiges</legend>
507             <?=html_text_field('Telefon', 'phone', $member, $readonly)?>
508             <?=html_text_field('Fax', 'fax', $member, $readonly)?>
509             <?=html_text_field('Handy', 'mobile', $member, $readonly)?>
510             <?=html_text_field('Jabber', 'jabber', $member, $readonly)?>
511             <?=html_text_field('ICQ', 'icq', $member, $readonly)?>
512             <?=html_text_field('MSN', 'msn', $member, $readonly)?>
513             <?=html_text_field('AIM', 'aim', $member, $readonly)?>
514             <?=html_text_field('Skype', 'skype', $member, $readonly)?>
515             <?=html_text_field('Website', 'url', $member, $readonly)?>
516             <?=html_text_field('Twitter', 'twitter', $member, $readonly)?>
517         </fieldset>
518         <?php if (!$readonly) : ?>
519             <input class="submit" type="submit" name="submit" value="Speichern"/>
520         <?php else : ?>
521             <br style="clear: left;"/>
522             <a href="<?=html_escape(link_to('change_member', array('id' => $member['id'])))?>">Mitglied &auml;ndern</a>
523         <?php endif ?>
524     </form>
525     <?php if (!isset($member['id'])) : ?>
526     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren" onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
527     <div id="password_popup2" class="modal_window">
528         <fieldset>
529             <legend>Passwortabfrage</legend>
530             <?=html_password_field('Passwort', 'password2')?>
531             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren" onclick="import_qrcode()"/>
532         <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen" onclick="cancel_import_qrcode()"/>
533         </fieldset>
534     </div>
535     <div id="qrcode_popup" class="modal_window">
536         <fieldset>
537             <legend>QR-Code</legend>
538             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
539             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
540         </fieldset>
541     </div>
542     <?php endif ?>
543     
544     <div id="password_popup" class="modal_window">
545         <fieldset>
546             <legend>Passwortabfrage</legend>
547             <?=html_password_field('Passwort', 'password1')?>
548             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln" onclick="decrypt_bank_details()"/>
549         <input class="submit" type="button" name="btn_cancel" value="Abbrechen" onclick="cancel_change_bank_details()"/>
550         </fieldset>
551     </div>
552     <div id="bank_detail_popup" class="modal_window">
553         <fieldset>
554             <legend>Bankverbindung</legend>
555             <?=html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly)?>
556             <?=html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly)?>
557             <?=html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly)?>
558             <?=html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly)?>
559             <?php if (!isset($member['id'])) : ?>
560                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen" onclick="bank_details_save()"/>
561                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen" onclick="bank_details_cancel()"/>
562             <?php elseif ($readonly) : ?>
563                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck" onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
564             <?php else : ?>
565                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen" onclick="bank_details_save()"/>
566                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen" onclick="bank_details_cancel()"/>
567             <?php endif ?>
568         </fieldset>
569     </div>
570 <script type="text/javascript">
571
572
573 var the_masterkey;
574
575 $(document).ready(function(){  
576     $('#accountholder').focus( function() { $("#btn_bank_details").focus(); });
577 <?php if ($readonly) : ?>
578     $('#btn_bank_details_cancel').keypress( function(event) { if (event.keyCode == '13') { bank_details_cancel(); } });
579 <?php else : ?>
580     $('#tmp_bankname').keypress( function(event) { if (event.keyCode == '13') { bank_details_save(); } });
581 <?php endif ?>
582     $('#password1').keypress( function(event) { if (event.keyCode == '13') { decrypt_bank_details(); } });
583     <?php if (!isset($member['id'])) : ?>
584     $('#password2').keypress( function(event) { if (event.keyCode == '13') { import_qrcode(); } });
585 <?php endif ?>
586 });  
587
588 function bank_details_ask_pass() {/*{{{*/
589     modal_window_show($("#password_popup"));
590     $("#password1").focus();
591     return;
592 }/*}}}*/
593
594
595 function import_qrcode_ask_pass() {/*{{{*/
596     modal_window_show($("#password_popup2"));
597     $("#password2").focus();
598     return;
599 }/*}}}*/
600
601 function cancel_change_bank_details() {/*{{{*/
602     modal_window_hide();
603     $("#btn_bank_details").focus();
604     $("#password1").val('');
605     return;
606 }/*}}}*/
607
608 function cancel_import_qrcode() {/*{{{*/
609     modal_window_hide();
610     $("#password2").val('');
611     return;
612 }/*}}}*/
613
614 function decrypt_bank_details() {/*{{{*/
615
616     var password = $('#password1').val();
617     $("#password1").val('');
618
619     // We pass a closure so that get_master_key may defer execution
620     get_master_key(password, function(masterkey) {
621
622         modal_window_replace($("#bank_detail_popup"));
623 <?php if ($readonly) : ?>
624         $('#btn_bank_details_cancel').focus();
625 <?php else : ?>
626         $('#tmp_accountholder').focus();
627 <?php endif ?>
628
629         var accountholder = $('#accountholder').val();
630         var accountnumber = $('#accountnumber').val();
631         var bankcode      = $('#bankcode').val();
632         var bankname      = $('#bankname').val();
633
634         // Encrypt/Decrypt data using AES with masterkey
635         if (accountholder != "") { $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey))); }
636         if (accountnumber != "") { $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey))); }
637         if (bankcode      != "") { $('#tmp_bankcode'     ).val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode,      masterkey))); }
638         if (bankname      != "") { $('#tmp_bankname'     ).val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname,      masterkey))); }
639         the_masterkey = masterkey; // cache masterkey until popup is closed
640     });
641
642 }/*}}}*/
643
644 function import_qrcode() {/*{{{*/
645
646     var password = $('#password2').val();
647     $("#password2").val('');
648
649     // We pass a closure so that get_master_key may defer execution
650     get_master_key(password, function(masterkey) {
651
652         modal_window_replace($("#qrcode_popup"));
653         the_masterkey = masterkey; // cache masterkey until popup is closed
654     });
655
656 }/*}}}*/
657
658 function qrcode_close() {/*{{{*/
659
660     modal_window_hide();
661
662     var qrcode_content = $('#qrcode_content').val();
663     $("#qrcode_content").val('');
664     var qrcode = qrcode_content.split(';');
665     if (qrcode.length >= 17) { 
666         $("#nickname").val(qrcode[0]);
667         // XXX birthdate - unused
668         $("#email").val(qrcode[2]);
669         // XXX cccmember - unused
670         $("#firstname").val(qrcode[4]);
671         $("#lastname").val(qrcode[5]);
672         $("#street").val(qrcode[6]);
673         $("#housenumber").val(qrcode[7]);
674         $("#postcode").val(qrcode[8]);
675         $("#city").val(qrcode[9]);
676         $("#country").val(qrcode[10]);
677         // XXX fee unused
678         $("#paymentinterval").val(qrcode[12]);
679         var accountholder = qrcode[13];
680         var accountnumber = qrcode[14];
681         var bankcode = qrcode[15];
682         var bankname = qrcode[16];
683         // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
684     }
685
686
687     // 4.2 Encrypt/Decrypt data using AES with masterkey
688     if (accountholder != "") { $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey)); } else { $('#accountholder').val(''); }
689     if (accountnumber != "") { $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey)); } else { $('#accountnumber').val(''); }
690     if (bankcode      != "") { $('#bankcode'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode),      the_masterkey)); } else { $('#bankcode').val(''); }
691     if (bankname      != "") { $('#bankname'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname),      the_masterkey)); } else { $('#bankname').val(''); }
692     the_masterkey = '';
693
694 }/*}}}*/
695
696 function bank_details_save() {/*{{{*/
697
698     modal_window_hide();
699
700     var accountholder = $('#tmp_accountholder').val();
701     var accountnumber = $('#tmp_accountnumber').val();
702     var bankcode      = $('#tmp_bankcode').val();
703     var bankname      = $('#tmp_bankname').val();
704     $("#tmp_accountholder").val('');
705     $("#tmp_accountnumber").val('');
706     $("#tmp_bankcode").val('');
707     $("#tmp_bankname").val('');
708     
709     accountnumber = accountnumber.replace(/\s+/g, '');
710     bankcode = bankcode.replace(/\s+/g, '');
711     // 4.2 Encrypt/Decrypt data using AES with masterkey
712     if (accountholder != "") { $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey)); } else { $('#accountholder').val(''); }
713     if (accountnumber != "") { $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey)); } else { $('#accountnumber').val(''); }
714     if (bankcode      != "") { $('#bankcode'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode),      the_masterkey)); } else { $('#bankcode').val(''); }
715     if (bankname      != "") { $('#bankname'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname),      the_masterkey)); } else { $('#bankname').val(''); }
716     the_masterkey = '';
717
718 }/*}}}*/
719
720 function bank_details_cancel() {/*{{{*/
721
722     modal_window_hide();
723
724     $("#tmp_accountholder").val('');
725     $("#tmp_accountnumber").val('');
726     $("#tmp_bankcode").val('');
727     $("#tmp_bankname").val('');
728
729     the_masterkey = '';
730 }/*}}}*/
731
732 </script>
733     <?php
734 }/*}}}*/
735
736