Fixed sql stuff...
[memberdb.git] / include / members.php
1 <?php
2
3 $DIRECTDEBIT_STATES = array(
4     '' => '- (Barzahler)',
5     1  => 'DTAUS',
6     2  => 'SEPA Ersteinzug',
7     3  => 'SEPA Folgeeinzug'
8 );
9
10 /* DB functions {{{ */
11
12 function db_create_member($member)
13 {
14     unset($member['id']);
15     $member['created_at'] = db_unixtime2datetime(time());
16     $member['modified_at'] = db_unixtime2datetime(time());
17     if (!db_insert_single('members', $member)) {
18         return false;
19     }
20     return db_insert_id();
21 }
22
23 function db_change_member($member)
24 {
25     $id = $member['id'];
26     unset($member['id']);
27     $member['modified_at'] = db_unixtime2datetime(time());
28     return db_update_single('members', $member, sprintf('id=\'%d\'', db_escape($id)));
29 }
30
31 function db_get_members()
32 {
33     return db_select_multi('SELECT * FROM `members` ORDER BY NUMBER ASC');
34 }
35
36 function db_get_member_with_id($member_id)
37 {
38     $sql = 'SELECT * FROM `m̀embers` WHERE id=\'%d\' LIMIT 1';
39     return db_select_single(sprintf($sql, db_escape($member_id)));
40 }
41
42 function db_get_next_free_member_number()
43 {/*{{{*/
44     $row = db_select_single('SELECT MAX(number) AS number FROM `members`');
45     if (!isset($row)) {
46         return 2;
47     }
48
49     $number = $row['number'] + 1;
50     // Some numbers are reserved for honorary members
51     $number = (int)$number;
52     switch ($number) {
53         case 1:
54         case 23:
55         case 42:
56         case 666:
57         case 1337:
58         case 31337:
59             return $number + 1;
60     }
61     return $number;
62 }
63
64 ;/*}}}*/
65
66
67 function db_get_member_with_number($member_number)
68 {
69     $sql = 'SELECT * FROM `members` WHERE NUMBER=\'%d\' LIMIT 1';
70     return db_select_single(sprintf($sql, db_escape($member_number)));
71 }
72
73 /* }}} */
74
75 function validate_member($userdata, &$dbdata, &$validation)
76 {/*{{{*/
77     $fields = array(
78         'id'               => 'number',
79         'number'           => 'number',
80         'firstname'        => 'string',
81         'lastname'         => 'string',
82         'nickname'         => 'string',
83         'accountholder'    => 'string',
84         'accountnumber'    => 'string',
85         'bankcode'         => 'string',
86         'bankname'         => 'string',
87         'directdebit'      => 'number',
88         'ddmandatesigdate' => 'string',
89         'street'           => 'string',
90         'housenumber'      => 'string',
91         'postcode'         => 'string',
92         'city'             => 'string',
93         'country'          => 'string',
94         'email'            => 'string',
95         'phone'            => 'string',
96         'fax'              => 'string',
97         'mobile'           => 'string',
98         'jabber'           => 'string',
99         'icq'              => 'string',
100         'msn'              => 'string',
101         'aim'              => 'string',
102         'skype'            => 'string',
103         'url'              => 'string',
104         'twitter'          => 'string',
105     );
106     $orig = $dbdata;
107     foreach ($fields as $name => $type) {
108         if ($type == 'bool') {
109             $dbdata[$name] = !empty($userdata[$name]);
110             continue;
111         }
112         if (!isset($userdata[$name])) {
113             continue;
114         }
115         $dbdata[$name] = $userdata[$name];
116     }
117 //      ids must be equal
118 //      number must be equal. if changed - check if free and allowed
119     if (isset($orig['id'])) {
120         if ($dbdata['id'] != $orig['id']) {
121             $validation[] = 'Irgendwas ist sehr sehr komisch.';
122         }
123         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
124             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
125         }
126         return (count($validation) == 0);
127     }
128     if (!validate_member_number($dbdata['number'])) {
129         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
130     }
131     return (count($validation) == 0);
132 }/*}}}*/
133
134 function validate_member_number($member_number, $member_id = null)
135 {/*{{{*/
136     $member = db_get_member_with_number($member_number);
137
138     // theres no member with this number
139     if (!isset($member)) {
140         return true;
141     }
142
143     // there is a member, but maybe its the one we got passed
144     if (isset($member_id) && $member_id == $member['id']) {
145         return true;
146     }
147
148     return false;
149 }/*}}}*/
150
151 function action_export_ibanhin()
152 {/*{{{*/
153     $members = db_get_members();
154     if (empty($members)) {
155         return;
156     }
157     js_modal_windows();
158     js_get_master_key();
159     ?>
160     <noscript>
161         <p class="error">
162             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
163         </p>
164     </noscript>
165
166     <h2>IBAN-hin</h2>
167     <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()"
168            id="btn_export_iban_hin"/>
169     <br/>
170     <br/>
171
172
173     <div id="password_popup" class="modal_window">
174         <fieldset>
175             <legend>Passwortabfrage</legend>
176             <?= html_password_field('Passwort', 'password') ?>
177             <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen"
178                    onclick="export_ibanhin()"/>
179             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
180                    onclick="cancel_ask_for_password()"/>
181         </fieldset>
182     </div>
183     <div id="ibanhin_popup" class="modal_window">
184         <fieldset>
185             <legend>IBAN-hin</legend>
186             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
187             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
188         </fieldset>
189     </div>
190
191     <script type="text/javascript">
192
193         var members = new Array(<?=join(",\n", array_map('json_encode', $members)) ?>);
194
195
196         $(document).ready(function () {
197             $('#password').keypress(function (event) {
198                 if (event.keyCode == '13') {
199                     export_ibanhin();
200                 }
201             });
202             $('#btn_ibanhin').focus();
203         });
204
205
206         function ask_for_password() {/*{{{*/
207             modal_window_show($("#password_popup"));
208             $("#password").focus();
209             return;
210         }
211
212         /*}}}*/
213
214         function cancel_ask_for_password() {/*{{{*/
215             modal_window_hide();
216             $("#btn_ibanhin").focus();
217             return;
218         }
219
220         /*}}}*/
221
222
223         function export_ibanhin() {/*{{{*/
224
225             var ibanhin_content = "";
226
227             var password = $('#password').val();
228             $("#password").val('');
229
230             // We pass a closure so that get_master_key may defer execution
231             get_master_key(password, function (masterkey) {
232
233                 modal_window_replace($("#ibanhin_popup"));
234
235                 for (var i = 0; i < members.length; i++) {
236                     if (members[i]['directdebit'] == "1") {
237                         var accountnumber = members[i]['accountnumber'];
238                         var bankcode = members[i]['bankcode'];
239                         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
240                         if (bankcode != "") bankcode = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey));
241                         if (accountnumber != "" && bankcode != "") {
242                             /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
243                                01. Satzart
244                                02. Anwender
245                                03. Internes Kennzeichen des Anwenders
246                                04. BIC-ALT
247                                IBAN-ALT
248                                05. LK/PZ-ALT
249                                06. BLZ-ALT
250                                07. KTONR-ALT
251                                IBAN-NEU
252                                08. LK/PZ-NEU
253                                09. BLZ-NEU
254                                10. KTONR-NEU
255                                11. UMST-KZ
256                              */
257                             ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
258                         }
259                     }
260                 }
261
262                 $('#ibanhin_content').val(ibanhin_content);
263                 $('#ibanhin_content').focus();
264                 $('#ibanhin_content').select();
265
266             });
267
268         }
269
270         /*}}}*/
271
272         function ibanhin_close() {/*{{{*/
273             modal_window_hide();
274             $("#ibanhin_content").val('');
275         }
276
277         /*}}}*/
278
279
280     </script>
281
282     <?php
283
284 }/*}}}*/
285
286
287 function action_list_members()
288 {/*{{{*/
289     $members = db_get_members();
290     $count = 0;
291     $regular = 0;
292     $patron = 0;
293     $honorary = 0;
294     ?>
295     <h2>Liste der Mitglieder</h2>
296     <?php if (isset($members)) : ?>
297     <table>
298         <tr>
299             <th>Mitgliedsnummer</th>
300             <th>Nickname</th>
301             <th>Vorname</th>
302             <th>Nachname</th>
303         </tr>
304         <?php foreach ($members as $member) : ?>
305             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
306             <?php
307             if (!empty($membership_info['is_member'])) {
308                 switch ($membership_info['member_type']) {
309                     case 'regular':
310                         $regular++;
311                         break;
312                     case 'honorary':
313                         $honorary++;
314                         break;
315                     case 'patron':
316                         $patron++;
317                         break;
318                 }
319             }
320             ?>
321             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
322                 <td><a href="<?= html_escape(link_to('view_member',
323                         array('id' => $member['id']))) ?>"><?= html_escape($member['number']) ?></a></td>
324                 <td><?= html_escape($member['nickname']) ?></td>
325                 <td><?= html_escape($member['firstname']) ?></td>
326                 <td><?= html_escape($member['lastname']) ?></td>
327             </tr>
328         <?php endforeach ?>
329     </table>
330 <?php else : ?>
331     <p>Bisher gibt es noch keine Mitglieder.</p>
332 <?php
333 endif;
334     $count = $regular + $honorary + $patron;
335     ?>
336     <p>Derzeit gibt es <?= $count ?> Vereinsmitglieder. Davon:
337     <ul>
338         <li><?= $regular ?> ordentliche Mitglieder</li>
339         <li><?= $honorary ?> Ehrenmitglieder</li>
340         <li style="font-weight: bold;"><?= $regular + $honorary ?> stimmberechtigte Mitglieder</li>
341         <li><?= $patron ?> Fördermitglieder</li>
342     </ul>
343     </p>
344     <a href="<?= link_to('create_member') ?>">Neues Mitglied</a>
345     <a href="<?= link_to('export_email') ?>">E-Mail-Adressen</a>
346     <a href="<?= link_to('export_members') ?>">XLS Export</a>
347     <?php
348 }/*}}}*/
349
350 function action_view_member()
351 {/*{{{*/
352     if (!isset($_REQUEST['id'])) {
353         redirect(link_to());
354     }
355     $member = db_get_member_with_id($_REQUEST['id']);
356     if (!isset($member)) {
357         redirect(link_to());
358     }
359     form_member($member, true);
360     action_list_events($member);
361     action_create_event($member);
362 }/*}}}*/
363
364 function action_create_member()
365 {/*{{{*/
366     $member = array();
367     $log_messages = array();
368     if (isset($_POST['submit'])) {
369         unset($_POST['id']);
370
371         if (validate_member($_POST, $member, $log_messages)) {
372             if (empty($member['number'])) {
373                 $member['number'] = db_get_next_free_member_number();
374             }
375
376             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
377                 ($member['ddmandatesigdate'] == '')) {
378                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
379             } else {
380                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
381             }
382
383             if ($member_id = db_create_member($member)) {
384                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
385             }
386             echo db_error();
387         }
388     }
389     form_member($member, false, $log_messages);
390 }/*}}}*/
391
392 function action_change_member()
393 {/*{{{*/
394     if (!isset($_REQUEST['id'])) {
395         redirect(link_to());
396     }
397     $member = db_get_member_with_id($_REQUEST['id']);
398     if (!isset($member)) {
399         redirect(link_to());
400     }
401     $log_messages = array();
402     if (isset($_POST['submit'])) {
403         if (validate_member($_POST, $member, $log_messages)) {
404             if (empty($member['number'])) {
405                 $member['number'] = db_get_next_free_member_number();
406             }
407
408             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
409                 ($member['ddmandatesigdate'] == '')) {
410                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
411             } else {
412                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
413             }
414
415             if (db_change_member($member)) {
416                 redirect(link_to('view_member', array('id' => $member['id'])));
417             }
418             echo db_error();
419         }
420     }
421     form_member($member, false, $log_messages);
422 }/*}}}*/
423
424
425 function action_export_email()
426 {/*{{{*/
427     $members = db_get_members();
428     $first = true;
429     ?>
430     <h2>E-Mail-Adressen</h2>
431     <?php if (isset($members)) : ?>
432     <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'],
433         time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) {
434         continue;
435     } ?><?php if ($first) : $first = false; else : ?>,<?php endif ?> <?= $member['email'] ?><?php endif ?><?php endforeach ?>
436 <?php else : ?>
437     <p>Bisher gibt's noch keine Mitglieder.</p>
438 <?php endif ?>
439     <?php
440 }/*}}}*/
441
442
443 function html_member_list_box($label, $name, $selected, $readonly = false, $id = null, $tag_params = '')
444 {
445     $list = array(0 => '-');
446     $members = db_get_members();
447     if (!empty($members)) {
448         foreach ($members as $member) {
449             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
450         }
451     }
452     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
453 }
454
455 function form_member($member = array(), $readonly = false, $log_messages = array())
456 {/*{{{*/
457
458     global $DIRECTDEBIT_STATES;
459
460     $keys = db_get_crypto_keys();
461     if (empty($keys)) {
462         ?>
463         <p class="error">
464             <strong>Achtung:</strong> Bitte zuerst <a href="<?= link_to('cryptography') ?>">Kryptographie einrichten</a>.
465         </p>
466         <?php
467         return;
468     }
469
470     js_modal_windows();
471     js_get_master_key();
472
473     ?>
474     <noscript>
475         <p class="error">
476             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
477         </p>
478     </noscript>
479     <?php if (!isset($member['id'])) : ?>
480     <h2>Neues Mitglied</h2>
481 <?php elseif ($readonly) : ?>
482     <h2>Mitgliedsdetails</h2>
483 <?php else : ?>
484     <h2>Mitglied &auml;ndern</h2>
485 <?php endif ?>
486     <?php log_messages($log_messages); ?>
487     <form action="" method="post" class="clearfix">
488         <?php if (isset($member['id']) && !$readonly) : ?><?= html_hidden_field('id', $member) ?><?php endif ?>
489         <fieldset>
490             <legend>Allgemein</legend>
491             <?= html_text_field('Mitgliedsnummer', 'number', $member, $readonly) ?>
492             <?php if (!$readonly) : ?>
493                 <small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
494             <?= html_text_field('Nickname', 'nickname', $member, $readonly) ?>
495             <?= html_text_field('E-Mail', 'email', $member, $readonly) ?>
496         </fieldset>
497         <fieldset id="bank_details">
498             <legend>Bankverbindung</legend>
499             <?= html_text_field('Kontoinhaber', 'accountholder', $member, true) ?>
500             <?= html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true) ?>
501             <?= html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true) ?>
502             <?= html_text_field('Name der Bank', 'bankname', $member, true) ?>
503             <?php if (!isset($member['id'])) : ?>
504                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen"
505                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
506             <?php elseif ($readonly) : ?>
507                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten"
508                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
509             <?php else : ?>
510                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern"
511                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
512             <?php endif ?>
513             <?= html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly) ?>
514             <?php
515             if ((!isset($member['ddmandatesigdate'])) ||
516                 ($member['ddmandatesigdate'] == '') ||
517                 ($member['ddmandatesigdate'] == '0000-00-00 00:00:00')) {
518                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
519             } else {
520                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
521             }
522             ?>
523             <?= html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly) ?>
524         </fieldset>
525         <fieldset style="clear: left;">
526             <legend>Anschrift</legend>
527             <?= html_text_field('Vorname', 'firstname', $member, $readonly) ?>
528             <?= html_text_field('Nachname', 'lastname', $member, $readonly) ?>
529             <?= html_text_field('Straße', 'street', $member, $readonly) ?>
530             <?= html_text_field('Hausnummer', 'housenumber', $member, $readonly) ?>
531             <?= html_text_field('PLZ', 'postcode', $member, $readonly) ?>
532             <?= html_text_field('Ort', 'city', $member, $readonly) ?>
533             <?= html_text_field('Land', 'country', $member, $readonly) ?>
534         </fieldset>
535         <fieldset>
536             <legend>Sonstiges</legend>
537             <?= html_text_field('Telefon', 'phone', $member, $readonly) ?>
538             <?= html_text_field('Fax', 'fax', $member, $readonly) ?>
539             <?= html_text_field('Handy', 'mobile', $member, $readonly) ?>
540             <?= html_text_field('Jabber', 'jabber', $member, $readonly) ?>
541             <?= html_text_field('ICQ', 'icq', $member, $readonly) ?>
542             <?= html_text_field('MSN', 'msn', $member, $readonly) ?>
543             <?= html_text_field('AIM', 'aim', $member, $readonly) ?>
544             <?= html_text_field('Skype', 'skype', $member, $readonly) ?>
545             <?= html_text_field('Website', 'url', $member, $readonly) ?>
546             <?= html_text_field('Twitter', 'twitter', $member, $readonly) ?>
547         </fieldset>
548         <?php if (!$readonly) : ?>
549             <input class="submit" type="submit" name="submit" value="Speichern"/>
550         <?php else : ?>
551             <br style="clear: left;"/>
552             <a href="<?= html_escape(link_to('change_member', array('id' => $member['id']))) ?>">Mitglied
553                 &auml;ndern</a>
554         <?php endif ?>
555     </form>
556     <?php if (!isset($member['id'])) : ?>
557     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren"
558            onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
559     <div id="password_popup2" class="modal_window">
560         <fieldset>
561             <legend>Passwortabfrage</legend>
562             <?= html_password_field('Passwort', 'password2') ?>
563             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren"
564                    onclick="import_qrcode()"/>
565             <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen"
566                    onclick="cancel_import_qrcode()"/>
567         </fieldset>
568     </div>
569     <div id="qrcode_popup" class="modal_window">
570         <fieldset>
571             <legend>QR-Code</legend>
572             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
573             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
574         </fieldset>
575     </div>
576 <?php endif ?>
577
578     <div id="password_popup" class="modal_window">
579         <fieldset>
580             <legend>Passwortabfrage</legend>
581             <?= html_password_field('Passwort', 'password1') ?>
582             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln"
583                    onclick="decrypt_bank_details()"/>
584             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
585                    onclick="cancel_change_bank_details()"/>
586         </fieldset>
587     </div>
588     <div id="bank_detail_popup" class="modal_window">
589         <fieldset>
590             <legend>Bankverbindung</legend>
591             <?= html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly) ?>
592             <?= html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly) ?>
593             <?= html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly) ?>
594             <?= html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly) ?>
595             <?php if (!isset($member['id'])) : ?>
596                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
597                        onclick="bank_details_save()"/>
598                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
599                        onclick="bank_details_cancel()"/>
600             <?php elseif ($readonly) : ?>
601                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck"
602                        onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
603             <?php else : ?>
604                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
605                        onclick="bank_details_save()"/>
606                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
607                        onclick="bank_details_cancel()"/>
608             <?php endif ?>
609         </fieldset>
610     </div>
611     <script type="text/javascript">
612
613
614         var the_masterkey;
615
616         $(document).ready(function () {
617             $('#accountholder').focus(function () {
618                 $("#btn_bank_details").focus();
619             });
620             <?php if ($readonly) : ?>
621             $('#btn_bank_details_cancel').keypress(function (event) {
622                 if (event.keyCode == '13') {
623                     bank_details_cancel();
624                 }
625             });
626             <?php else : ?>
627             $('#tmp_bankname').keypress(function (event) {
628                 if (event.keyCode == '13') {
629                     bank_details_save();
630                 }
631             });
632             <?php endif ?>
633             $('#password1').keypress(function (event) {
634                 if (event.keyCode == '13') {
635                     decrypt_bank_details();
636                 }
637             });
638             <?php if (!isset($member['id'])) : ?>
639             $('#password2').keypress(function (event) {
640                 if (event.keyCode == '13') {
641                     import_qrcode();
642                 }
643             });
644             <?php endif ?>
645         });
646
647         function bank_details_ask_pass() {/*{{{*/
648             modal_window_show($("#password_popup"));
649             $("#password1").focus();
650             return;
651         }
652
653         /*}}}*/
654
655
656         function import_qrcode_ask_pass() {/*{{{*/
657             modal_window_show($("#password_popup2"));
658             $("#password2").focus();
659             return;
660         }
661
662         /*}}}*/
663
664         function cancel_change_bank_details() {/*{{{*/
665             modal_window_hide();
666             $("#btn_bank_details").focus();
667             $("#password1").val('');
668             return;
669         }
670
671         /*}}}*/
672
673         function cancel_import_qrcode() {/*{{{*/
674             modal_window_hide();
675             $("#password2").val('');
676             return;
677         }
678
679         /*}}}*/
680
681         function decrypt_bank_details() {/*{{{*/
682
683             var password = $('#password1').val();
684             $("#password1").val('');
685
686             // We pass a closure so that get_master_key may defer execution
687             get_master_key(password, function (masterkey) {
688
689                 modal_window_replace($("#bank_detail_popup"));
690                 <?php if ($readonly) : ?>
691                 $('#btn_bank_details_cancel').focus();
692                 <?php else : ?>
693                 $('#tmp_accountholder').focus();
694                 <?php endif ?>
695
696                 var accountholder = $('#accountholder').val();
697                 var accountnumber = $('#accountnumber').val();
698                 var bankcode = $('#bankcode').val();
699                 var bankname = $('#bankname').val();
700
701                 // Encrypt/Decrypt data using AES with masterkey
702                 if (accountholder != "") {
703                     $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey)));
704                 }
705                 if (accountnumber != "") {
706                     $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey)));
707                 }
708                 if (bankcode != "") {
709                     $('#tmp_bankcode').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey)));
710                 }
711                 if (bankname != "") {
712                     $('#tmp_bankname').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname, masterkey)));
713                 }
714                 the_masterkey = masterkey; // cache masterkey until popup is closed
715             });
716
717         }
718
719         /*}}}*/
720
721         function import_qrcode() {/*{{{*/
722
723             var password = $('#password2').val();
724             $("#password2").val('');
725
726             // We pass a closure so that get_master_key may defer execution
727             get_master_key(password, function (masterkey) {
728
729                 modal_window_replace($("#qrcode_popup"));
730                 the_masterkey = masterkey; // cache masterkey until popup is closed
731             });
732
733         }
734
735         /*}}}*/
736
737         function qrcode_close() {/*{{{*/
738
739             modal_window_hide();
740
741             var qrcode_content = $('#qrcode_content').val();
742             $("#qrcode_content").val('');
743             var qrcode = qrcode_content.split(';');
744             if (qrcode.length >= 17) {
745                 $("#nickname").val(qrcode[0]);
746                 // XXX birthdate - unused
747                 $("#email").val(qrcode[2]);
748                 // XXX cccmember - unused
749                 $("#firstname").val(qrcode[4]);
750                 $("#lastname").val(qrcode[5]);
751                 $("#street").val(qrcode[6]);
752                 $("#housenumber").val(qrcode[7]);
753                 $("#postcode").val(qrcode[8]);
754                 $("#city").val(qrcode[9]);
755                 $("#country").val(qrcode[10]);
756                 // XXX fee unused
757                 $("#paymentinterval").val(qrcode[12]);
758                 var accountholder = qrcode[13];
759                 var accountnumber = qrcode[14];
760                 var bankcode = qrcode[15];
761                 var bankname = qrcode[16];
762                 // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
763             }
764
765
766             // 4.2 Encrypt/Decrypt data using AES with masterkey
767             if (accountholder != "") {
768                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
769             } else {
770                 $('#accountholder').val('');
771             }
772             if (accountnumber != "") {
773                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
774             } else {
775                 $('#accountnumber').val('');
776             }
777             if (bankcode != "") {
778                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
779             } else {
780                 $('#bankcode').val('');
781             }
782             if (bankname != "") {
783                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
784             } else {
785                 $('#bankname').val('');
786             }
787             the_masterkey = '';
788
789         }
790
791         /*}}}*/
792
793         function bank_details_save() {/*{{{*/
794
795             modal_window_hide();
796
797             var accountholder = $('#tmp_accountholder').val();
798             var accountnumber = $('#tmp_accountnumber').val();
799             var bankcode = $('#tmp_bankcode').val();
800             var bankname = $('#tmp_bankname').val();
801             $("#tmp_accountholder").val('');
802             $("#tmp_accountnumber").val('');
803             $("#tmp_bankcode").val('');
804             $("#tmp_bankname").val('');
805
806             accountnumber = accountnumber.replace(/\s+/g, '');
807             bankcode = bankcode.replace(/\s+/g, '');
808             // 4.2 Encrypt/Decrypt data using AES with masterkey
809             if (accountholder != "") {
810                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
811             } else {
812                 $('#accountholder').val('');
813             }
814             if (accountnumber != "") {
815                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
816             } else {
817                 $('#accountnumber').val('');
818             }
819             if (bankcode != "") {
820                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
821             } else {
822                 $('#bankcode').val('');
823             }
824             if (bankname != "") {
825                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
826             } else {
827                 $('#bankname').val('');
828             }
829             the_masterkey = '';
830
831         }
832
833         /*}}}*/
834
835         function bank_details_cancel() {/*{{{*/
836
837             modal_window_hide();
838
839             $("#tmp_accountholder").val('');
840             $("#tmp_accountnumber").val('');
841             $("#tmp_bankcode").val('');
842             $("#tmp_bankname").val('');
843
844             the_masterkey = '';
845         }
846
847         /*}}}*/
848
849     </script>
850     <?php
851 }/*}}}*/