92fcffc36d45029b10ed9168d3c1674cbcaa50e9
[memberdb.git] / include / members.php
1 <?php
2
3 $DIRECTDEBIT_STATES = array(
4     '' => '- (Barzahler)',
5     1  => 'DTAUS',
6     2  => 'SEPA Ersteinzug',
7     3  => 'SEPA Folgeeinzug'
8 );
9
10 // DB functions
11 function db_create_member($member)
12 {
13     unset($member['id']);
14     $member['created_at'] = db_unixtime2datetime(time());
15     $member['modified_at'] = db_unixtime2datetime(time());
16     if (!db_insert('members', $member)) {
17         return false;
18     }
19     return db_insert_id();
20 }
21
22 function db_change_member($member)
23 {
24     $id = $member['id'];
25     unset($member['id']);
26     $member['modified_at'] = db_unixtime2datetime(time());
27     return db_update('members', $member, sprintf('id=%d', (int)$id));
28 }
29
30 function db_get_members()
31 {
32     return db_select_multi('SELECT * FROM `members` ORDER BY `number` ASC');
33 }
34
35 function db_get_member_with_id($member_id)
36 {
37     $sql = 'SELECT * FROM `m̀embers` WHERE id=? LIMIT 1';
38     return db_select_single($sql, [$member_id]);
39 }
40
41 function db_get_next_free_member_number()
42 {
43     $row = db_select_single('SELECT MAX(number) AS number FROM `members`');
44     if (!isset($row)) {
45         return 2;
46     }
47
48     $number = $row['number'] + 1;
49     // Some numbers are reserved for honorary members
50     $number = (int)$number;
51     switch ($number) {
52         case 1:
53         case 23:
54         case 42:
55         case 666:
56         case 1337:
57         case 31337:
58             return $number + 1;
59     }
60     return $number;
61 }
62
63 function db_get_member_with_number($member_number)
64 {
65     return db_select_single('SELECT * FROM `members` WHERE NUMBER=? LIMIT 1', [$member_number]);
66 }
67
68 function validate_member($userdata, &$dbdata, &$validation)
69 {
70     $fields = array(
71         'id'               => 'number',
72         'number'           => 'number',
73         'firstname'        => 'string',
74         'lastname'         => 'string',
75         'nickname'         => 'string',
76         'accountholder'    => 'string',
77         'accountnumber'    => 'string',
78         'bankcode'         => 'string',
79         'bankname'         => 'string',
80         'directdebit'      => 'number',
81         'ddmandatesigdate' => 'string',
82         'street'           => 'string',
83         'housenumber'      => 'string',
84         'postcode'         => 'string',
85         'city'             => 'string',
86         'country'          => 'string',
87         'email'            => 'string',
88         'phone'            => 'string',
89         'fax'              => 'string',
90         'mobile'           => 'string',
91         'jabber'           => 'string',
92         'icq'              => 'string',
93         'msn'              => 'string',
94         'aim'              => 'string',
95         'skype'            => 'string',
96         'url'              => 'string',
97         'twitter'          => 'string',
98     );
99     $orig = $dbdata;
100     foreach ($fields as $name => $type) {
101         if ($type == 'bool') {
102             $dbdata[$name] = !empty($userdata[$name]);
103             continue;
104         }
105         if (!isset($userdata[$name])) {
106             continue;
107         }
108         $dbdata[$name] = $userdata[$name];
109     }
110     // ids must be equal
111     // number must be equal. if changed - check if free and allowed
112     if (isset($orig['id'])) {
113         if ($dbdata['id'] != $orig['id']) {
114             $validation[] = 'Irgendwas ist sehr sehr komisch.';
115         }
116         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
117             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
118         }
119         return (count($validation) == 0);
120     }
121     if (!validate_member_number($dbdata['number'])) {
122         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
123     }
124     return (count($validation) == 0);
125 }
126
127 function validate_member_number($member_number, $member_id = null)
128 {
129     $member = db_get_member_with_number($member_number);
130
131     // theres no member with this number
132     if (!isset($member)) {
133         return true;
134     }
135
136     // there is a member, but maybe its the one we got passed
137     if (isset($member_id) && $member_id == $member['id']) {
138         return true;
139     }
140
141     return false;
142 }
143
144 function action_export_ibanhin()
145 {
146     $members = db_get_members();
147     if (empty($members)) {
148         return;
149     }
150     js_modal_windows();
151     js_get_master_key();
152     ?>
153     <noscript>
154         <p class="error">
155             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
156         </p>
157     </noscript>
158
159     <h2>IBAN-hin</h2>
160     <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()"
161            id="btn_export_iban_hin"/>
162     <br/>
163     <br/>
164
165
166     <div id="password_popup" class="modal_window">
167         <fieldset>
168             <legend>Passwortabfrage</legend>
169             <?php echo html_password_field('Passwort', 'password') ?>
170             <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen"
171                    onclick="export_ibanhin()"/>
172             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
173                    onclick="cancel_ask_for_password()"/>
174         </fieldset>
175     </div>
176     <div id="ibanhin_popup" class="modal_window">
177         <fieldset>
178             <legend>IBAN-hin</legend>
179             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
180             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
181         </fieldset>
182     </div>
183
184     <script type="text/javascript">
185         var members = new Array(<?php echo join(",\n", array_map('json_encode', $members)) ?>);
186
187         $(document).ready(function () {
188             $('#password').keypress(function (event) {
189                 if (event.keyCode == '13') {
190                     export_ibanhin();
191                 }
192             });
193             $('#btn_ibanhin').focus();
194         });
195
196         function ask_for_password() {
197             modal_window_show($("#password_popup"));
198             $("#password").focus();
199             return;
200         }
201
202         function cancel_ask_for_password() {
203             modal_window_hide();
204             $("#btn_ibanhin").focus();
205             return;
206         }
207
208         function export_ibanhin() {
209             var ibanhin_content = "";
210
211             var password = $('#password').val();
212             $("#password").val('');
213
214             // We pass a closure so that get_master_key may defer execution
215             get_master_key(password, function (masterkey) {
216
217                 modal_window_replace($("#ibanhin_popup"));
218
219                 for (var i = 0; i < members.length; i++) {
220                     if (members[i]['directdebit'] == "1") {
221                         var accountnumber = members[i]['accountnumber'];
222                         var bankcode = members[i]['bankcode'];
223                         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
224                         if (bankcode != "") bankcode = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey));
225                         if (accountnumber != "" && bankcode != "") {
226                             /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
227                                01. Satzart
228                                02. Anwender
229                                03. Internes Kennzeichen des Anwenders
230                                04. BIC-ALT
231                                IBAN-ALT
232                                05. LK/PZ-ALT
233                                06. BLZ-ALT
234                                07. KTONR-ALT
235                                IBAN-NEU
236                                08. LK/PZ-NEU
237                                09. BLZ-NEU
238                                10. KTONR-NEU
239                                11. UMST-KZ
240                              */
241                             ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
242                         }
243                     }
244                 }
245
246                 var iban_hin_content = $('#ibanhin_content');
247                 iban_hin_content.val(ibanhin_content);
248                 iban_hin_content.focus();
249                 iban_hin_content.select();
250
251             });
252
253         }
254
255         function ibanhin_close() {
256             modal_window_hide();
257             $("#ibanhin_content").val('');
258         }
259     </script>
260     <?php
261 }
262
263 function action_list_members()
264 {
265     $members = db_get_members();
266     $regular = 0;
267     $patron = 0;
268     $honorary = 0;
269     ?>
270     <h2>Liste der Mitglieder</h2>
271     <?php if (isset($members)) : ?>
272     <table>
273         <tr>
274             <th>Mitgliedsnummer</th>
275             <th>Nickname</th>
276             <th>Vorname</th>
277             <th>Nachname</th>
278         </tr>
279         <?php foreach ($members as $member) : ?>
280             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
281             <?php
282             if (!empty($membership_info['is_member'])) {
283                 switch ($membership_info['member_type']) {
284                     case 'regular':
285                         $regular++;
286                         break;
287                     case 'honorary':
288                         $honorary++;
289                         break;
290                     case 'patron':
291                         $patron++;
292                         break;
293                 }
294             }
295             ?>
296             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
297                 <td><a href="<?php echo html_escape(link_to('view_member',
298                         array('id' => $member['id']))) ?>"><?php echo html_escape($member['number']) ?></a></td>
299                 <td><?php echo html_escape($member['nickname']) ?></td>
300                 <td><?php echo html_escape($member['firstname']) ?></td>
301                 <td><?php echo html_escape($member['lastname']) ?></td>
302             </tr>
303         <?php endforeach ?>
304     </table>
305 <?php else : ?>
306     <p>Bisher gibt es noch keine Mitglieder.</p>
307 <?php
308 endif;
309     $count = $regular + $honorary + $patron;
310     ?>
311     <p>Derzeit gibt es <?php echo $count ?> Vereinsmitglieder. Davon:
312     <ul>
313         <li><?php echo $regular ?> ordentliche Mitglieder</li>
314         <li><?php echo $honorary ?> Ehrenmitglieder</li>
315         <li style="font-weight: bold;"><?php echo $regular + $honorary ?> stimmberechtigte Mitglieder</li>
316         <li><?php echo $patron ?> Fördermitglieder</li>
317     </ul>
318     </p>
319     <a href="<?php echo link_to('create_member') ?>">Neues Mitglied</a>
320     <a href="<?php echo link_to('export_email') ?>">E-Mail-Adressen</a>
321     <a href="<?php echo link_to('export_members') ?>">XLS Export</a>
322     <?php
323 }
324
325 function action_view_member()
326 {
327     if (!isset($_REQUEST['id'])) {
328         redirect(link_to());
329     }
330     $member = db_get_member_with_id($_REQUEST['id']);
331     if (!isset($member)) {
332         redirect(link_to());
333     }
334     form_member($member, true);
335     action_list_events($member);
336     action_create_event($member);
337 }
338
339 function action_create_member()
340 {
341     $member = array();
342     $log_messages = array();
343     if (isset($_POST['submit'])) {
344         unset($_POST['id']);
345
346         if (validate_member($_POST, $member, $log_messages)) {
347             if (empty($member['number'])) {
348                 $member['number'] = db_get_next_free_member_number();
349             }
350
351             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
352                 ($member['ddmandatesigdate'] == '')) {
353                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
354             } else {
355                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
356             }
357
358             if ($member_id = db_create_member($member)) {
359                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
360             }
361             echo db_error();
362         }
363     }
364     form_member($member, false, $log_messages);
365 }
366
367 function action_change_member()
368 {
369     if (!isset($_REQUEST['id'])) {
370         redirect(link_to());
371     }
372     $member = db_get_member_with_id($_REQUEST['id']);
373     if (!isset($member)) {
374         redirect(link_to());
375     }
376     $log_messages = array();
377     if (isset($_POST['submit'])) {
378         if (validate_member($_POST, $member, $log_messages)) {
379             if (empty($member['number'])) {
380                 $member['number'] = db_get_next_free_member_number();
381             }
382
383             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
384                 ($member['ddmandatesigdate'] == '')) {
385                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
386             } else {
387                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
388             }
389
390             if (db_change_member($member)) {
391                 redirect(link_to('view_member', array('id' => $member['id'])));
392             }
393             echo db_error();
394         }
395     }
396     form_member($member, false, $log_messages);
397 }
398
399 function action_export_email()
400 {
401     $members = db_get_members();
402     $first = true;
403     ?>
404     <h2>E-Mail-Adressen</h2>
405     <?php if (isset($members)) : ?>
406     <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'],
407         time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) {
408         continue;
409     } ?><?php if ($first) : $first = false; else : ?>,<?php endif ?><?php echo $member['email'] ?><?php endif ?><?php endforeach ?>
410 <?php else : ?>
411     <p>Bisher gibt's noch keine Mitglieder.</p>
412 <?php endif ?>
413     <?php
414 }
415
416 function html_member_list_box($label, $name, $selected, $readonly = false, $id = null, $tag_params = '')
417 {
418     $list = array(0 => '-');
419     $members = db_get_members();
420     if (!empty($members)) {
421         foreach ($members as $member) {
422             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
423         }
424     }
425     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
426 }
427
428 function form_member($member = array(), $readonly = false, $log_messages = array())
429 {
430     global $DIRECTDEBIT_STATES;
431
432     $keys = db_get_crypto_keys();
433     if (empty($keys)) {
434         ?>
435         <p class="error">
436             <strong>Achtung:</strong> Bitte zuerst <a href="<?php echo link_to('cryptography') ?>">Kryptographie
437                 einrichten</a>.
438         </p>
439         <?php
440         return;
441     }
442
443     js_modal_windows();
444     js_get_master_key();
445
446     ?>
447     <noscript>
448         <p class="error">
449             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
450         </p>
451     </noscript>
452     <?php if (!isset($member['id'])) : ?>
453     <h2>Neues Mitglied</h2>
454 <?php elseif ($readonly) : ?>
455     <h2>Mitgliedsdetails</h2>
456 <?php else : ?>
457     <h2>Mitglied &auml;ndern</h2>
458 <?php endif ?>
459     <?php log_messages($log_messages); ?>
460     <form action="" method="post" class="clearfix">
461         <?php if (isset($member['id']) && !$readonly) : ?><?php echo html_hidden_field('id', $member) ?><?php endif ?>
462         <fieldset>
463             <legend>Allgemein</legend>
464             <?php echo html_text_field('Mitgliedsnummer', 'number', $member, $readonly) ?>
465             <?php if (!$readonly) : ?>
466                 <small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
467             <?php echo html_text_field('Nickname', 'nickname', $member, $readonly) ?>
468             <?php echo html_text_field('E-Mail', 'email', $member, $readonly) ?>
469         </fieldset>
470         <fieldset id="bank_details">
471             <legend>Bankverbindung</legend>
472             <?php echo html_text_field('Kontoinhaber', 'accountholder', $member, true) ?>
473             <?php echo html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true) ?>
474             <?php echo html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true) ?>
475             <?php echo html_text_field('Name der Bank', 'bankname', $member, true) ?>
476             <?php if (!isset($member['id'])) : ?>
477                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen"
478                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
479             <?php elseif ($readonly) : ?>
480                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten"
481                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
482             <?php else : ?>
483                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern"
484                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
485             <?php endif ?>
486             <?php echo html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly) ?>
487             <?php
488             if ((!isset($member['ddmandatesigdate'])) ||
489                 ($member['ddmandatesigdate'] == '') ||
490                 ($member['ddmandatesigdate'] == '0000-00-00 00:00:00')) {
491                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
492             } else {
493                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
494             }
495             ?>
496             <?php echo html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly) ?>
497         </fieldset>
498         <fieldset style="clear: left;">
499             <legend>Anschrift</legend>
500             <?php echo html_text_field('Vorname', 'firstname', $member, $readonly) ?>
501             <?php echo html_text_field('Nachname', 'lastname', $member, $readonly) ?>
502             <?php echo html_text_field('Straße', 'street', $member, $readonly) ?>
503             <?php echo html_text_field('Hausnummer', 'housenumber', $member, $readonly) ?>
504             <?php echo html_text_field('PLZ', 'postcode', $member, $readonly) ?>
505             <?php echo html_text_field('Ort', 'city', $member, $readonly) ?>
506             <?php echo html_text_field('Land', 'country', $member, $readonly) ?>
507         </fieldset>
508         <fieldset>
509             <legend>Sonstiges</legend>
510             <?php echo html_text_field('Telefon', 'phone', $member, $readonly) ?>
511             <?php echo html_text_field('Fax', 'fax', $member, $readonly) ?>
512             <?php echo html_text_field('Handy', 'mobile', $member, $readonly) ?>
513             <?php echo html_text_field('Jabber', 'jabber', $member, $readonly) ?>
514             <?php echo html_text_field('ICQ', 'icq', $member, $readonly) ?>
515             <?php echo html_text_field('MSN', 'msn', $member, $readonly) ?>
516             <?php echo html_text_field('AIM', 'aim', $member, $readonly) ?>
517             <?php echo html_text_field('Skype', 'skype', $member, $readonly) ?>
518             <?php echo html_text_field('Website', 'url', $member, $readonly) ?>
519             <?php echo html_text_field('Twitter', 'twitter', $member, $readonly) ?>
520         </fieldset>
521         <?php if (!$readonly) : ?>
522             <input class="submit" type="submit" name="submit" value="Speichern"/>
523         <?php else : ?>
524             <br style="clear: left;"/>
525             <a href="<?php echo html_escape(link_to('change_member', array('id' => $member['id']))) ?>">Mitglied
526                 &auml;ndern</a>
527         <?php endif ?>
528     </form>
529     <?php if (!isset($member['id'])) : ?>
530     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren"
531            onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
532     <div id="password_popup2" class="modal_window">
533         <fieldset>
534             <legend>Passwortabfrage</legend>
535             <?php echo html_password_field('Passwort', 'password2') ?>
536             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren"
537                    onclick="import_qrcode()"/>
538             <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen"
539                    onclick="cancel_import_qrcode()"/>
540         </fieldset>
541     </div>
542     <div id="qrcode_popup" class="modal_window">
543         <fieldset>
544             <legend>QR-Code</legend>
545             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
546             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
547         </fieldset>
548     </div>
549 <?php endif ?>
550
551     <div id="password_popup" class="modal_window">
552         <fieldset>
553             <legend>Passwortabfrage</legend>
554             <?php echo html_password_field('Passwort', 'password1') ?>
555             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln"
556                    onclick="decrypt_bank_details()"/>
557             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
558                    onclick="cancel_change_bank_details()"/>
559         </fieldset>
560     </div>
561     <div id="bank_detail_popup" class="modal_window">
562         <fieldset>
563             <legend>Bankverbindung</legend>
564             <?php echo html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly) ?>
565             <?php echo html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly) ?>
566             <?php echo html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly) ?>
567             <?php echo html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly) ?>
568             <?php if (!isset($member['id'])) : ?>
569                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
570                        onclick="bank_details_save()"/>
571                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
572                        onclick="bank_details_cancel()"/>
573             <?php elseif ($readonly) : ?>
574                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck"
575                        onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
576             <?php else : ?>
577                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
578                        onclick="bank_details_save()"/>
579                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
580                        onclick="bank_details_cancel()"/>
581             <?php endif ?>
582         </fieldset>
583     </div>
584     <script type="text/javascript">
585         var the_masterkey;
586
587         $(document).ready(function () {
588             $('#accountholder').focus(function () {
589                 $("#btn_bank_details").focus();
590             });
591             <?php if ($readonly) : ?>
592             $('#btn_bank_details_cancel').keypress(function (event) {
593                 if (event.keyCode == '13') {
594                     bank_details_cancel();
595                 }
596             });
597             <?php else : ?>
598             $('#tmp_bankname').keypress(function (event) {
599                 if (event.keyCode == '13') {
600                     bank_details_save();
601                 }
602             });
603             <?php endif ?>
604             $('#password1').keypress(function (event) {
605                 if (event.keyCode == '13') {
606                     decrypt_bank_details();
607                 }
608             });
609             <?php if (!isset($member['id'])) : ?>
610             $('#password2').keypress(function (event) {
611                 if (event.keyCode == '13') {
612                     import_qrcode();
613                 }
614             });
615             <?php endif ?>
616         });
617
618         function bank_details_ask_pass() {
619             modal_window_show($("#password_popup"));
620             $("#password1").focus();
621             return;
622         }
623
624         function import_qrcode_ask_pass() {
625             modal_window_show($("#password_popup2"));
626             $("#password2").focus();
627             return;
628         }
629
630         function cancel_change_bank_details() {
631             modal_window_hide();
632             $("#btn_bank_details").focus();
633             $("#password1").val('');
634             return;
635         }
636
637         function cancel_import_qrcode() {
638             modal_window_hide();
639             $("#password2").val('');
640             return;
641         }
642
643         function decrypt_bank_details() {
644             var password = $('#password1').val();
645             $("#password1").val('');
646
647             // We pass a closure so that get_master_key may defer execution
648             get_master_key(password, function (masterkey) {
649
650                 modal_window_replace($("#bank_detail_popup"));
651                 <?php if ($readonly) : ?>
652                 $('#btn_bank_details_cancel').focus();
653                 <?php else : ?>
654                 $('#tmp_accountholder').focus();
655                 <?php endif ?>
656
657                 var accountholder = $('#accountholder').val();
658                 var accountnumber = $('#accountnumber').val();
659                 var bankcode = $('#bankcode').val();
660                 var bankname = $('#bankname').val();
661
662                 // Encrypt/Decrypt data using AES with masterkey
663                 if (accountholder != "") {
664                     $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey)));
665                 }
666                 if (accountnumber != "") {
667                     $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey)));
668                 }
669                 if (bankcode != "") {
670                     $('#tmp_bankcode').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey)));
671                 }
672                 if (bankname != "") {
673                     $('#tmp_bankname').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname, masterkey)));
674                 }
675                 the_masterkey = masterkey; // cache masterkey until popup is closed
676             });
677         }
678
679         function import_qrcode() {
680             var password = $('#password2').val();
681             $("#password2").val('');
682
683             // We pass a closure so that get_master_key may defer execution
684             get_master_key(password, function (masterkey) {
685
686                 modal_window_replace($("#qrcode_popup"));
687                 the_masterkey = masterkey; // cache masterkey until popup is closed
688             });
689         }
690
691         function qrcode_close() {
692             modal_window_hide();
693
694             var qrcode_content = $('#qrcode_content').val();
695             $("#qrcode_content").val('');
696             var qrcode = qrcode_content.split(';');
697             if (qrcode.length >= 17) {
698                 $("#nickname").val(qrcode[0]);
699                 // XXX birthdate - unused
700                 $("#email").val(qrcode[2]);
701                 // XXX cccmember - unused
702                 $("#firstname").val(qrcode[4]);
703                 $("#lastname").val(qrcode[5]);
704                 $("#street").val(qrcode[6]);
705                 $("#housenumber").val(qrcode[7]);
706                 $("#postcode").val(qrcode[8]);
707                 $("#city").val(qrcode[9]);
708                 $("#country").val(qrcode[10]);
709                 // XXX fee unused
710                 $("#paymentinterval").val(qrcode[12]);
711                 var accountholder = qrcode[13];
712                 var accountnumber = qrcode[14];
713                 var bankcode = qrcode[15];
714                 var bankname = qrcode[16];
715                 // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
716             }
717
718             // 4.2 Encrypt/Decrypt data using AES with masterkey
719             if (accountholder != "") {
720                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
721             } else {
722                 $('#accountholder').val('');
723             }
724             if (accountnumber != "") {
725                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
726             } else {
727                 $('#accountnumber').val('');
728             }
729             if (bankcode != "") {
730                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
731             } else {
732                 $('#bankcode').val('');
733             }
734             if (bankname != "") {
735                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
736             } else {
737                 $('#bankname').val('');
738             }
739             the_masterkey = '';
740         }
741
742         function bank_details_save() {
743             modal_window_hide();
744
745             var accountholder = $('#tmp_accountholder').val();
746             var accountnumber = $('#tmp_accountnumber').val();
747             var bankcode = $('#tmp_bankcode').val();
748             var bankname = $('#tmp_bankname').val();
749             $("#tmp_accountholder").val('');
750             $("#tmp_accountnumber").val('');
751             $("#tmp_bankcode").val('');
752             $("#tmp_bankname").val('');
753
754             accountnumber = accountnumber.replace(/\s+/g, '');
755             bankcode = bankcode.replace(/\s+/g, '');
756             // 4.2 Encrypt/Decrypt data using AES with masterkey
757             if (accountholder != "") {
758                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
759             } else {
760                 $('#accountholder').val('');
761             }
762             if (accountnumber != "") {
763                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
764             } else {
765                 $('#accountnumber').val('');
766             }
767             if (bankcode != "") {
768                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
769             } else {
770                 $('#bankcode').val('');
771             }
772             if (bankname != "") {
773                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
774             } else {
775                 $('#bankname').val('');
776             }
777             the_masterkey = '';
778         }
779
780         function bank_details_cancel() {
781             modal_window_hide();
782
783             $("#tmp_accountholder").val('');
784             $("#tmp_accountnumber").val('');
785             $("#tmp_bankcode").val('');
786             $("#tmp_bankname").val('');
787
788             the_masterkey = '';
789         }
790     </script>
791     <?php
792 }