$bugfixes
[memberdb.git] / include / members.php
1 <?php
2
3 $DIRECTDEBIT_STATES = array(
4     '' => '- (Barzahler)',
5     1  => 'DTAUS',
6     2  => 'SEPA Ersteinzug',
7     3  => 'SEPA Folgeeinzug'
8 );
9
10 // DB functions
11 function db_create_member($member)
12 {
13     unset($member['id']);
14     $member['created_at'] = db_unixtime2datetime(time());
15     $member['modified_at'] = db_unixtime2datetime(time());
16     if (!db_insert('members', $member)) {
17         return false;
18     }
19     return db_insert_id();
20 }
21
22 function db_change_member($member)
23 {
24     $id = $member['id'];
25     unset($member['id']);
26     $member['modified_at'] = db_unixtime2datetime(time());
27     return db_update('members', $member, sprintf('id=%d', (int)$id));
28 }
29
30 function db_get_members()
31 {
32     return db_select_multi('SELECT * FROM `members` ORDER BY `number` ASC');
33 }
34
35 function db_get_member_with_id($member_id)
36 {
37     $sql = 'SELECT * FROM `members` WHERE id=? LIMIT 1';
38     return db_select_single($sql, [$member_id]);
39 }
40
41 function db_get_next_free_member_number()
42 {
43     $row = db_select_single('SELECT MAX(number) AS number FROM `members`');
44     if (!isset($row)) {
45         return 2;
46     }
47
48     $number = $row['number'] + 1;
49     // Some numbers are reserved for honorary members
50     $number = (int)$number;
51     switch ($number) {
52         case 1:
53         case 23:
54         case 42:
55         case 666:
56         case 1337:
57         case 31337:
58             return $number + 1;
59     }
60     return $number;
61 }
62
63 function db_get_member_with_number($member_number)
64 {
65     return db_select_single('SELECT * FROM `members` WHERE `number`=? LIMIT 1', [$member_number]);
66 }
67
68 function validate_member($userdata, &$db_data, &$validation)
69 {
70     $fields = array(
71         'id'               => 'number',
72         'number'           => 'number',
73         'firstname'        => 'string',
74         'lastname'         => 'string',
75         'nickname'         => 'string',
76         'accountholder'    => 'string',
77         'accountnumber'    => 'string',
78         'bankcode'         => 'string',
79         'bankname'         => 'string',
80         'directdebit'      => 'number',
81         'ddmandatesigdate' => 'string',
82         'street'           => 'string',
83         'housenumber'      => 'string',
84         'postcode'         => 'string',
85         'city'             => 'string',
86         'country'          => 'string',
87         'email'            => 'string',
88         'phone'            => 'string',
89         'fax'              => 'string',
90         'mobile'           => 'string',
91         'jabber'           => 'string',
92         'icq'              => 'string',
93         'msn'              => 'string',
94         'aim'              => 'string',
95         'skype'            => 'string',
96         'url'              => 'string',
97         'twitter'          => 'string',
98     );
99     $orig = $db_data;
100     foreach ($fields as $name => $type) {
101         if ($type == 'bool') {
102             $db_data[$name] = !empty($userdata[$name]);
103             continue;
104         }
105         if (!isset($userdata[$name])) {
106             continue;
107         }
108         if ($type == 'number') {
109             $userdata[$name] = (int)$userdata[$name];
110         }
111
112         $db_data[$name] = $userdata[$name];
113     }
114     // ids must be equal
115     // number must be equal. if changed - check if free and allowed
116     if (isset($orig['id'])) {
117         if ($db_data['id'] != $orig['id']) {
118             $validation[] = 'Irgendwas ist sehr sehr komisch.';
119         }
120         if (!validate_member_number($db_data['number'], $db_data['id'])) {
121             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
122         }
123         return (count($validation) == 0);
124     }
125     if (!validate_member_number($db_data['number'])) {
126         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
127     }
128     return (count($validation) == 0);
129 }
130
131 function validate_member_number($member_number, $member_id = null)
132 {
133     $member = db_get_member_with_number($member_number);
134
135     // theres no member with this number
136     if (!isset($member)) {
137         return true;
138     }
139
140     // there is a member, but maybe its the one we got passed
141     if (isset($member_id) && $member_id == $member['id']) {
142         return true;
143     }
144
145     return false;
146 }
147
148 function action_export_ibanhin()
149 {
150     $members = db_get_members();
151     if (empty($members)) {
152         return;
153     }
154     js_modal_windows();
155     js_get_master_key();
156     ?>
157     <noscript>
158         <p class="error">
159             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
160         </p>
161     </noscript>
162
163     <h2>IBAN-hin</h2>
164     <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()"
165            id="btn_export_iban_hin"/>
166     <br/>
167     <br/>
168
169
170     <div id="password_popup" class="modal_window">
171         <fieldset>
172             <legend>Passwortabfrage</legend>
173             <?php echo html_password_field('Passwort', 'password') ?>
174             <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen"
175                    onclick="export_ibanhin()"/>
176             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
177                    onclick="cancel_ask_for_password()"/>
178         </fieldset>
179     </div>
180     <div id="ibanhin_popup" class="modal_window">
181         <fieldset>
182             <legend>IBAN-hin</legend>
183             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
184             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
185         </fieldset>
186     </div>
187
188     <script type="text/javascript">
189         var members = new Array(<?php echo join(",\n", array_map('json_encode', $members)) ?>);
190
191         $(document).ready(function () {
192             $('#password').keypress(function (event) {
193                 if (event.keyCode == '13') {
194                     export_ibanhin();
195                 }
196             });
197             $('#btn_ibanhin').focus();
198         });
199
200         function ask_for_password() {
201             modal_window_show($("#password_popup"));
202             $("#password").focus();
203             return;
204         }
205
206         function cancel_ask_for_password() {
207             modal_window_hide();
208             $("#btn_ibanhin").focus();
209             return;
210         }
211
212         function export_ibanhin() {
213             var ibanhin_content = "";
214
215             var password = $('#password').val();
216             $("#password").val('');
217
218             // We pass a closure so that get_master_key may defer execution
219             get_master_key(password, function (masterkey) {
220
221                 modal_window_replace($("#ibanhin_popup"));
222
223                 for (var i = 0; i < members.length; i++) {
224                     if (members[i]['directdebit'] == "1") {
225                         var accountnumber = members[i]['accountnumber'];
226                         var bankcode = members[i]['bankcode'];
227                         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
228                         if (bankcode != "") bankcode = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey));
229                         if (accountnumber != "" && bankcode != "") {
230                             /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
231                                01. Satzart
232                                02. Anwender
233                                03. Internes Kennzeichen des Anwenders
234                                04. BIC-ALT
235                                IBAN-ALT
236                                05. LK/PZ-ALT
237                                06. BLZ-ALT
238                                07. KTONR-ALT
239                                IBAN-NEU
240                                08. LK/PZ-NEU
241                                09. BLZ-NEU
242                                10. KTONR-NEU
243                                11. UMST-KZ
244                              */
245                             ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
246                         }
247                     }
248                 }
249
250                 var iban_hin_content = $('#ibanhin_content');
251                 iban_hin_content.val(ibanhin_content);
252                 iban_hin_content.focus();
253                 iban_hin_content.select();
254
255             });
256
257         }
258
259         function ibanhin_close() {
260             modal_window_hide();
261             $("#ibanhin_content").val('');
262         }
263     </script>
264     <?php
265 }
266
267 function action_list_members()
268 {
269     $members = db_get_members();
270     $regular = 0;
271     $patron = 0;
272     $honorary = 0;
273     ?>
274     <h2>Liste der Mitglieder</h2>
275     <?php if (isset($members)) : ?>
276     <table>
277         <tr>
278             <th>Mitgliedsnummer</th>
279             <th>Nickname</th>
280             <th>Vorname</th>
281             <th>Nachname</th>
282         </tr>
283         <?php foreach ($members as $member) : ?>
284             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
285             <?php
286             if (!empty($membership_info['is_member'])) {
287                 switch ($membership_info['member_type']) {
288                     case 'regular':
289                         $regular++;
290                         break;
291                     case 'honorary':
292                         $honorary++;
293                         break;
294                     case 'patron':
295                         $patron++;
296                         break;
297                 }
298             }
299             ?>
300             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
301                 <td><a href="<?php echo html_escape(link_to('view_member',
302                         array('id' => $member['id']))) ?>"><?php echo html_escape($member['number']) ?></a></td>
303                 <td><?php echo html_escape($member['nickname']) ?></td>
304                 <td><?php echo html_escape($member['firstname']) ?></td>
305                 <td><?php echo html_escape($member['lastname']) ?></td>
306             </tr>
307         <?php endforeach ?>
308     </table>
309 <?php else : ?>
310     <p>Bisher gibt es noch keine Mitglieder.</p>
311 <?php
312 endif;
313     $count = $regular + $honorary + $patron;
314     ?>
315     <p>Derzeit gibt es <?php echo $count ?> Vereinsmitglieder. Davon:
316     <ul>
317         <li><?php echo $regular ?> ordentliche Mitglieder</li>
318         <li><?php echo $honorary ?> Ehrenmitglieder</li>
319         <li style="font-weight: bold;"><?php echo $regular + $honorary ?> stimmberechtigte Mitglieder</li>
320         <li><?php echo $patron ?> Fördermitglieder</li>
321     </ul>
322     </p>
323     <a href="<?php echo link_to('create_member') ?>">Neues Mitglied</a>
324     <a href="<?php echo link_to('export_email') ?>">E-Mail-Adressen</a>
325     <a href="<?php echo link_to('export_members') ?>">XLS Export</a>
326     <?php
327 }
328
329 function action_view_member()
330 {
331     if (!isset($_REQUEST['id'])) {
332         redirect(link_to());
333     }
334     $member = db_get_member_with_id($_REQUEST['id']);
335     if (!isset($member)) {
336         redirect(link_to());
337     }
338     form_member($member, true);
339     action_list_events($member);
340     action_create_event($member);
341 }
342
343 function action_create_member()
344 {
345     $member = array();
346     $log_messages = array();
347     if (isset($_POST['submit'])) {
348         unset($_POST['id']);
349
350         if (validate_member($_POST, $member, $log_messages)) {
351             if (empty($member['number'])) {
352                 $member['number'] = db_get_next_free_member_number();
353             }
354
355             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
356                 ($member['ddmandatesigdate'] == '')) {
357                 $member['ddmandatesigdate'] = '1000-01-01 00:00:00';
358             } else {
359                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
360             }
361
362             if ($member_id = db_create_member($member)) {
363                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
364             }
365             echo db_error();
366         }
367     }
368     form_member($member, false, $log_messages);
369 }
370
371 function action_change_member()
372 {
373     if (!isset($_REQUEST['id'])) {
374         redirect(link_to());
375     }
376     $member = db_get_member_with_id($_REQUEST['id']);
377     if (!isset($member)) {
378         redirect(link_to());
379     }
380     $log_messages = array();
381     if (isset($_POST['submit'])) {
382         if (validate_member($_POST, $member, $log_messages)) {
383             if (empty($member['number'])) {
384                 $member['number'] = db_get_next_free_member_number();
385             }
386
387             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
388                 ($member['ddmandatesigdate'] == '')) {
389                 $member['ddmandatesigdate'] = '1000-01-01 00:00:00';
390             } else {
391                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
392             }
393
394             if (db_change_member($member)) {
395                 redirect(link_to('view_member', array('id' => $member['id'])));
396             }
397             echo db_error();
398         }
399     }
400     form_member($member, false, $log_messages);
401 }
402
403 function action_export_email()
404 {
405     $members = db_get_members();
406     $first = true;
407     ?>
408     <h2>E-Mail-Adressen</h2>
409     <?php if (isset($members)) : ?>
410     <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'],
411         time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) {
412         continue;
413     } ?><?php if ($first) : $first = false; else : ?>,<?php endif ?><?php echo $member['email'] ?><?php endif ?><?php endforeach ?>
414 <?php else : ?>
415     <p>Bisher gibt's noch keine Mitglieder.</p>
416 <?php endif ?>
417     <?php
418 }
419
420 function html_member_list_box($label, $name, $selected, $readonly = false, $id = null, $tag_params = '')
421 {
422     $list = array(0 => '-');
423     $members = db_get_members();
424     if (!empty($members)) {
425         foreach ($members as $member) {
426             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
427         }
428     }
429     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
430 }
431
432 function form_member($member = array(), $readonly = false, $log_messages = array())
433 {
434     global $DIRECTDEBIT_STATES;
435
436     $keys = db_get_crypto_keys();
437     if (empty($keys)) {
438         ?>
439         <p class="error">
440             <strong>Achtung:</strong> Bitte zuerst <a href="<?php echo link_to('cryptography') ?>">Kryptographie
441                 einrichten</a>.
442         </p>
443         <?php
444         return;
445     }
446
447     js_modal_windows();
448     js_get_master_key();
449
450     ?>
451     <noscript>
452         <p class="error">
453             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
454         </p>
455     </noscript>
456     <?php if (!isset($member['id'])) : ?>
457     <h2>Neues Mitglied</h2>
458 <?php elseif ($readonly) : ?>
459     <h2>Mitgliedsdetails</h2>
460 <?php else : ?>
461     <h2>Mitglied &auml;ndern</h2>
462 <?php endif ?>
463     <?php log_messages($log_messages); ?>
464     <form action="" method="post" class="clearfix">
465         <?php if (isset($member['id']) && !$readonly) : ?><?php echo html_hidden_field('id', $member) ?><?php endif ?>
466         <fieldset>
467             <legend>Allgemein</legend>
468             <?php echo html_text_field('Mitgliedsnummer', 'number', $member, $readonly) ?>
469             <?php if (!$readonly) : ?>
470                 <small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
471             <?php echo html_text_field('Nickname', 'nickname', $member, $readonly) ?>
472             <?php echo html_text_field('E-Mail', 'email', $member, $readonly) ?>
473         </fieldset>
474         <fieldset id="bank_details">
475             <legend>Bankverbindung</legend>
476             <?php echo html_text_field('Kontoinhaber', 'accountholder', $member, true) ?>
477             <?php echo html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true) ?>
478             <?php echo html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true) ?>
479             <?php echo html_text_field('Name der Bank', 'bankname', $member, true) ?>
480             <?php if (!isset($member['id'])) : ?>
481                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen"
482                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
483             <?php elseif ($readonly) : ?>
484                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten"
485                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
486             <?php else : ?>
487                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern"
488                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
489             <?php endif ?>
490             <?php echo html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly) ?>
491             <?php
492             if ((!isset($member['ddmandatesigdate'])) ||
493                 ($member['ddmandatesigdate'] == '') ||
494                 ($member['ddmandatesigdate'] == '1000-01-01 00:00:00')) {
495                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
496             } else {
497                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
498             }
499             ?>
500             <?php echo html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly) ?>
501         </fieldset>
502         <fieldset style="clear: left;">
503             <legend>Anschrift</legend>
504             <?php echo html_text_field('Vorname', 'firstname', $member, $readonly) ?>
505             <?php echo html_text_field('Nachname', 'lastname', $member, $readonly) ?>
506             <?php echo html_text_field('Straße', 'street', $member, $readonly) ?>
507             <?php echo html_text_field('Hausnummer', 'housenumber', $member, $readonly) ?>
508             <?php echo html_text_field('PLZ', 'postcode', $member, $readonly) ?>
509             <?php echo html_text_field('Ort', 'city', $member, $readonly) ?>
510             <?php echo html_text_field('Land', 'country', $member, $readonly) ?>
511         </fieldset>
512         <fieldset>
513             <legend>Sonstiges</legend>
514             <?php echo html_text_field('Telefon', 'phone', $member, $readonly) ?>
515             <?php echo html_text_field('Fax', 'fax', $member, $readonly) ?>
516             <?php echo html_text_field('Handy', 'mobile', $member, $readonly) ?>
517             <?php echo html_text_field('Jabber', 'jabber', $member, $readonly) ?>
518             <?php echo html_text_field('ICQ', 'icq', $member, $readonly) ?>
519             <?php echo html_text_field('MSN', 'msn', $member, $readonly) ?>
520             <?php echo html_text_field('AIM', 'aim', $member, $readonly) ?>
521             <?php echo html_text_field('Skype', 'skype', $member, $readonly) ?>
522             <?php echo html_text_field('Website', 'url', $member, $readonly) ?>
523             <?php echo html_text_field('Twitter', 'twitter', $member, $readonly) ?>
524         </fieldset>
525         <?php if (!$readonly) : ?>
526             <input class="submit" type="submit" name="submit" value="Speichern"/>
527         <?php else : ?>
528             <br style="clear: left;"/>
529             <a href="<?php echo html_escape(link_to('change_member', array('id' => $member['id']))) ?>">Mitglied
530                 &auml;ndern</a>
531         <?php endif ?>
532     </form>
533     <?php if (!isset($member['id'])) : ?>
534     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren"
535            onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
536     <div id="password_popup2" class="modal_window">
537         <fieldset>
538             <legend>Passwortabfrage</legend>
539             <?php echo html_password_field('Passwort', 'password2') ?>
540             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren"
541                    onclick="import_qrcode()"/>
542             <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen"
543                    onclick="cancel_import_qrcode()"/>
544         </fieldset>
545     </div>
546     <div id="qrcode_popup" class="modal_window">
547         <fieldset>
548             <legend>QR-Code</legend>
549             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
550             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
551         </fieldset>
552     </div>
553 <?php endif ?>
554
555     <div id="password_popup" class="modal_window">
556         <fieldset>
557             <legend>Passwortabfrage</legend>
558             <?php echo html_password_field('Passwort', 'password1') ?>
559             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln"
560                    onclick="decrypt_bank_details()"/>
561             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
562                    onclick="cancel_change_bank_details()"/>
563         </fieldset>
564     </div>
565     <div id="bank_detail_popup" class="modal_window">
566         <fieldset>
567             <legend>Bankverbindung</legend>
568             <?php echo html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly) ?>
569             <?php echo html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly) ?>
570             <?php echo html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly) ?>
571             <?php echo html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly) ?>
572             <?php if (!isset($member['id'])) : ?>
573                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
574                        onclick="bank_details_save()"/>
575                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
576                        onclick="bank_details_cancel()"/>
577             <?php elseif ($readonly) : ?>
578                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck"
579                        onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
580             <?php else : ?>
581                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
582                        onclick="bank_details_save()"/>
583                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
584                        onclick="bank_details_cancel()"/>
585             <?php endif ?>
586         </fieldset>
587     </div>
588     <script type="text/javascript">
589         var the_masterkey;
590
591         $(document).ready(function () {
592             $('#accountholder').focus(function () {
593                 $("#btn_bank_details").focus();
594             });
595             <?php if ($readonly) : ?>
596             $('#btn_bank_details_cancel').keypress(function (event) {
597                 if (event.keyCode == '13') {
598                     bank_details_cancel();
599                 }
600             });
601             <?php else : ?>
602             $('#tmp_bankname').keypress(function (event) {
603                 if (event.keyCode == '13') {
604                     bank_details_save();
605                 }
606             });
607             <?php endif ?>
608             $('#password1').keypress(function (event) {
609                 if (event.keyCode == '13') {
610                     decrypt_bank_details();
611                 }
612             });
613             <?php if (!isset($member['id'])) : ?>
614             $('#password2').keypress(function (event) {
615                 if (event.keyCode == '13') {
616                     import_qrcode();
617                 }
618             });
619             <?php endif ?>
620         });
621
622         function bank_details_ask_pass() {
623             modal_window_show($("#password_popup"));
624             $("#password1").focus();
625             return;
626         }
627
628         function import_qrcode_ask_pass() {
629             modal_window_show($("#password_popup2"));
630             $("#password2").focus();
631             return;
632         }
633
634         function cancel_change_bank_details() {
635             modal_window_hide();
636             $("#btn_bank_details").focus();
637             $("#password1").val('');
638             return;
639         }
640
641         function cancel_import_qrcode() {
642             modal_window_hide();
643             $("#password2").val('');
644             return;
645         }
646
647         function decrypt_bank_details() {
648             var password = $('#password1').val();
649             $("#password1").val('');
650
651             // We pass a closure so that get_master_key may defer execution
652             get_master_key(password, function (masterkey) {
653
654                 modal_window_replace($("#bank_detail_popup"));
655                 <?php if ($readonly) : ?>
656                 $('#btn_bank_details_cancel').focus();
657                 <?php else : ?>
658                 $('#tmp_accountholder').focus();
659                 <?php endif ?>
660
661                 var accountholder = $('#accountholder').val();
662                 var accountnumber = $('#accountnumber').val();
663                 var bankcode = $('#bankcode').val();
664                 var bankname = $('#bankname').val();
665
666                 // Encrypt/Decrypt data using AES with masterkey
667                 if (accountholder != "") {
668                     $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey)));
669                 }
670                 if (accountnumber != "") {
671                     $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey)));
672                 }
673                 if (bankcode != "") {
674                     $('#tmp_bankcode').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey)));
675                 }
676                 if (bankname != "") {
677                     $('#tmp_bankname').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname, masterkey)));
678                 }
679                 the_masterkey = masterkey; // cache masterkey until popup is closed
680             });
681         }
682
683         function import_qrcode() {
684             var password = $('#password2').val();
685             $("#password2").val('');
686
687             // We pass a closure so that get_master_key may defer execution
688             get_master_key(password, function (masterkey) {
689
690                 modal_window_replace($("#qrcode_popup"));
691                 the_masterkey = masterkey; // cache masterkey until popup is closed
692             });
693         }
694
695         function qrcode_close() {
696             modal_window_hide();
697
698             var qrcode_content = $('#qrcode_content').val();
699             $("#qrcode_content").val('');
700             var qrcode = qrcode_content.split(';');
701             if (qrcode.length >= 17) {
702                 $("#nickname").val(qrcode[0]);
703                 // XXX birthdate - unused
704                 $("#email").val(qrcode[2]);
705                 // XXX cccmember - unused
706                 $("#firstname").val(qrcode[4]);
707                 $("#lastname").val(qrcode[5]);
708                 $("#street").val(qrcode[6]);
709                 $("#housenumber").val(qrcode[7]);
710                 $("#postcode").val(qrcode[8]);
711                 $("#city").val(qrcode[9]);
712                 $("#country").val(qrcode[10]);
713                 // XXX fee unused
714                 $("#paymentinterval").val(qrcode[12]);
715                 var accountholder = qrcode[13];
716                 var accountnumber = qrcode[14];
717                 var bankcode = qrcode[15];
718                 var bankname = qrcode[16];
719                 // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
720             }
721
722             // 4.2 Encrypt/Decrypt data using AES with masterkey
723             if (accountholder != "") {
724                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
725             } else {
726                 $('#accountholder').val('');
727             }
728             if (accountnumber != "") {
729                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
730             } else {
731                 $('#accountnumber').val('');
732             }
733             if (bankcode != "") {
734                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
735             } else {
736                 $('#bankcode').val('');
737             }
738             if (bankname != "") {
739                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
740             } else {
741                 $('#bankname').val('');
742             }
743             the_masterkey = '';
744         }
745
746         function bank_details_save() {
747             modal_window_hide();
748
749             var accountholder = $('#tmp_accountholder').val();
750             var accountnumber = $('#tmp_accountnumber').val();
751             var bankcode = $('#tmp_bankcode').val();
752             var bankname = $('#tmp_bankname').val();
753             $("#tmp_accountholder").val('');
754             $("#tmp_accountnumber").val('');
755             $("#tmp_bankcode").val('');
756             $("#tmp_bankname").val('');
757
758             accountnumber = accountnumber.replace(/\s+/g, '');
759             bankcode = bankcode.replace(/\s+/g, '');
760             // 4.2 Encrypt/Decrypt data using AES with masterkey
761             if (accountholder != "") {
762                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
763             } else {
764                 $('#accountholder').val('');
765             }
766             if (accountnumber != "") {
767                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
768             } else {
769                 $('#accountnumber').val('');
770             }
771             if (bankcode != "") {
772                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
773             } else {
774                 $('#bankcode').val('');
775             }
776             if (bankname != "") {
777                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
778             } else {
779                 $('#bankname').val('');
780             }
781             the_masterkey = '';
782         }
783
784         function bank_details_cancel() {
785             modal_window_hide();
786
787             $("#tmp_accountholder").val('');
788             $("#tmp_accountnumber").val('');
789             $("#tmp_bankcode").val('');
790             $("#tmp_bankname").val('');
791
792             the_masterkey = '';
793         }
794     </script>
795     <?php
796 }