Fixed various details.
[memberdb.git] / include / members.php
1 <?php
2
3 $SQL_CREATE_MEMBERS = sprintf('
4     CREATE TABLE IF NOT EXISTS `%1$s` (
5       `id` int(10) unsigned NOT NULL auto_increment,
6       `number` int(10) unsigned NOT NULL,
7       `firstname` varchar(255) NOT NULL,
8       `lastname` varchar(255) NOT NULL,
9       `nickname` varchar(255) NOT NULL,
10       `accountholder` blob NOT NULL,
11       `accountnumber` blob NOT NULL,
12       `bankcode` blob NOT NULL,
13       `bankname` blob NOT NULL,
14       `directdebit` tinyint(1) NOT NULL,
15       `ddmandatesigdate` datetime NOT NULL,
16       `street` varchar(255) NOT NULL,
17       `housenumber` varchar(255) NOT NULL,
18       `postcode` varchar(255) NOT NULL,
19       `city` varchar(255) NOT NULL,
20       `country` varchar(255) NOT NULL,
21       `email` varchar(255) NOT NULL,
22       `phone` varchar(255) NOT NULL,
23       `fax` varchar(255) NOT NULL,
24       `mobile` varchar(255) NOT NULL,
25       `jabber` varchar(255) NOT NULL,
26       `icq` varchar(255) NOT NULL,
27       `msn` varchar(255) NOT NULL,
28       `aim` varchar(255) NOT NULL,
29       `skype` varchar(255) NOT NULL,
30       `url` varchar(255) NOT NULL,
31       `twitter` varchar(255) NOT NULL,
32       `created_at` datetime NOT NULL,
33       `modified_at` datetime NOT NULL,
34       PRIMARY KEY  (`id`),
35       UNIQUE KEY `number` (`number`)
36     ) ENGINE=InnoDB DEFAULT CHARSET=%2$s
37     ', DB_TABLE_MEMBERS, DB_CHARSET);
38
39 $DIRECTDEBIT_STATES = array(
40     '' => '- (Barzahler)',
41     1 => 'DTAUS',
42     2 => 'SEPA Ersteinzug',
43     3 => 'SEPA Folgeeinzug'
44 ); 
45     
46 /* DB functions {{{ */
47
48 function db_create_member($member) {
49     unset($member['id']);
50     $member['created_at']   = db_unixtime2datetime(time());
51     $member['modified_at']  = db_unixtime2datetime(time());
52     if (!db_insert_single(DB_TABLE_MEMBERS, $member)) return false;
53     return db_insert_id();
54 }
55
56 function db_change_member($member) {
57     $id = $member['id'];
58     unset($member['id']);
59     $member['modified_at']  = db_unixtime2datetime(time());
60     return db_update_single(DB_TABLE_MEMBERS, $member, sprintf('id=\'%1$d\'', db_escape($id)));
61 }
62
63 function db_get_members() {
64     $sql = 'SELECT * FROM %1$s ORDER BY number ASC';
65     return db_select_multi(sprintf($sql, DB_TABLE_MEMBERS));
66 }
67
68 function db_get_member_with_id($member_id) {
69     $sql = 'SELECT * FROM %1$s WHERE id=\'%2$d\' LIMIT 1';
70     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_id)));
71 }
72
73 function db_get_next_free_member_number() {/*{{{*/
74     $row = db_select_single(sprintf('SELECT MAX(number) AS number FROM %1$s', DB_TABLE_MEMBERS));
75     if (!isset($row)) return 2;
76
77     $number = $row['number'] + 1;
78     // Some numbers are reserved for honorary members
79     $number = (int) $number;
80     switch ($number) {
81         case 1:
82         case 23:
83         case 42:
84         case 666:
85         case 1337:
86         case 31337:
87             return $number + 1;
88     }
89     return $number;
90 };/*}}}*/
91
92
93 function db_get_member_with_number($member_number) {
94     $sql = 'SELECT * FROM %1$s WHERE number=\'%2$d\' LIMIT 1';
95     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_number)));
96 }
97
98 /* }}} */
99
100 function validate_member($userdata, &$dbdata, &$validation) {/*{{{*/
101     $fields = array(
102         'id'               => 'number',
103         'number'           => 'number',
104         'firstname'        => 'string',
105         'lastname'         => 'string',
106         'nickname'         => 'string',
107         'accountholder'    => 'string',
108         'accountnumber'    => 'string',
109         'bankcode'         => 'string',
110         'bankname'         => 'string',
111         'directdebit'      => 'number',
112         'ddmandatesigdate' => 'string',
113         'street'           => 'string',
114         'housenumber'      => 'string',
115         'postcode'         => 'string',
116         'city'             => 'string',
117         'country'          => 'string',
118         'email'            => 'string',
119         'phone'            => 'string',
120         'fax'              => 'string',
121         'mobile'           => 'string',
122         'jabber'           => 'string',
123         'icq'              => 'string',
124         'msn'              => 'string',
125         'aim'              => 'string',
126         'skype'            => 'string',
127         'url'              => 'string',
128         'twitter'          => 'string',
129     );
130     $orig = $dbdata;
131     foreach ($fields as $name => $type) {
132         if ($type == 'bool') {
133             $dbdata[$name] = !empty($userdata[$name]);
134             continue;
135         }
136         if (!isset($userdata[$name])) continue;
137         $dbdata[$name] = $userdata[$name];
138     }
139 //      ids must be equal
140 //      number must be equal. if changed - check if free and allowed
141     if (isset($orig['id'])) {
142         if ($dbdata['id'] != $orig['id']) {
143             $validation[] = 'Irgendwas ist sehr sehr komisch.';
144         }
145         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
146             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
147         }
148         return (count($validation) == 0);
149     }
150     if (!validate_member_number($dbdata['number'])) {
151         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
152     }
153     return (count($validation) == 0);
154 }/*}}}*/
155
156 function validate_member_number($member_number, $member_id = NULL) {/*{{{*/
157     $member = db_get_member_with_number($member_number);
158
159     // theres no member with this number
160     if (!isset($member)) return true;
161
162     // there is a member, but maybe its the one we got passed
163     if (isset($member_id) && $member_id == $member['id']) return true;
164
165     return false;
166 }/*}}}*/
167
168 function action_export_ibanhin() {/*{{{*/
169     $members = db_get_members();
170     if (empty($members)) return;
171     js_modal_windows();
172     js_get_master_key();
173 ?>
174     <noscript>
175         <p class="error">
176             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
177         </p>
178     </noscript>
179
180     <h2>IBAN-hin</h2>
181 <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()" id="btn_export_iban_hin"/>
182 <br/>
183 <br/>
184
185
186 <div id="password_popup" class="modal_window">
187     <fieldset>
188         <legend>Passwortabfrage</legend>
189         <?=html_password_field('Passwort', 'password')?>
190         <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen" onclick="export_ibanhin()"/>
191         <input class="submit" type="button" name="btn_cancel" value="Abbrechen" onclick="cancel_ask_for_password()"/>
192     </fieldset>
193 </div>
194 <div id="ibanhin_popup" class="modal_window">
195     <fieldset>
196         <legend>IBAN-hin</legend>
197             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
198             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
199     </fieldset>
200 </div>
201
202 <script type="text/javascript">
203
204   var members = new Array(<?=join(",\n", array_map('json_encode', $members)) ?>);
205
206
207
208 $(document).ready(function(){  
209     $('#password').keypress( function(event) { if (event.keyCode == '13') { export_ibanhin(); } });
210     $('#btn_ibanhin').focus();
211 });  
212
213
214 function ask_for_password() {/*{{{*/
215     modal_window_show($("#password_popup"));
216     $("#password").focus();
217     return;
218 }/*}}}*/
219
220 function cancel_ask_for_password() {/*{{{*/
221     modal_window_hide();
222     $("#btn_ibanhin").focus();
223     return;
224 }/*}}}*/
225
226
227 function export_ibanhin() {/*{{{*/
228     
229     var ibanhin_content = "";
230
231     var password = $('#password').val();
232     $("#password").val('');
233
234     // We pass a closure so that get_master_key may defer execution
235     get_master_key(password, function(masterkey) {
236
237     modal_window_replace($("#ibanhin_popup"));
238
239     for (var i = 0; i < members.length; i++) {
240       if (members[i]['directdebit'] == "1") {
241         var accountnumber = members[i]['accountnumber'];
242         var bankcode      = members[i]['bankcode'];
243         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
244         if (bankcode      != "") bankcode      = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode,      masterkey));
245         if (accountnumber != "" && bankcode != "") {
246           /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
247              01. Satzart
248              02. Anwender
249              03. Internes Kennzeichen des Anwenders
250              04. BIC-ALT
251              IBAN-ALT
252              05. LK/PZ-ALT
253              06. BLZ-ALT
254              07. KTONR-ALT
255              IBAN-NEU
256              08. LK/PZ-NEU
257              09. BLZ-NEU
258              10. KTONR-NEU
259              11. UMST-KZ
260            */
261           ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
262         }
263       }
264     }
265
266     $('#ibanhin_content').val(ibanhin_content);
267     $('#ibanhin_content').focus();
268     $('#ibanhin_content').select();
269     
270     });
271
272 }/*}}}*/
273
274 function ibanhin_close() {/*{{{*/
275     modal_window_hide();
276     $("#ibanhin_content").val('');
277 }/*}}}*/
278
279
280 </script>
281
282 <?php
283
284 }/*}}}*/
285
286
287 function action_list_members() {/*{{{*/
288     $members = db_get_members();
289     $count   = 0;
290     ?>
291     <h2>Liste der Mitglieder</h2>
292     <?php if (isset($members)) : ?>
293         <table>
294             <tr>
295                 <th>Mitgliedsnummer</th>
296                 <th>Nickname</th>
297                 <th>Vorname</th>
298                 <th>Nachname</th>
299             </tr>
300         <?php foreach ($members as $member) : ?>
301             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
302                         <?php if (!empty($membership_info['is_member'])) $count++; ?>
303             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
304                 <td><a href="<?=html_escape(link_to('view_member', array('id'=> $member['id'])))?>"><?=html_escape($member['number'])?></a></td>
305                 <td><?=html_escape($member['nickname'])?></td>
306                 <td><?=html_escape($member['firstname'])?></td>
307                 <td><?=html_escape($member['lastname'])?></td>
308             </tr>
309         <?php endforeach ?>
310         </table>
311     <?php else : ?>
312         <p>Bisher gibt es noch keine Mitglieder.</p>
313     <?php endif ?>
314         <p>Derzeit gibt es <?=$count?> aktive Mitglieder.</p>
315         <a href="<?=link_to('create_member')?>">Neues Mitglied</a>
316         <a href="<?=link_to('export_email')?>">E-Mail-Adressen</a>
317         <a href="<?=link_to('export_members')?>">XLS Export</a>
318     <?php
319 }/*}}}*/
320
321 function action_view_member() {/*{{{*/
322     if (!isset($_REQUEST['id'])) redirect(link_to());
323     $member = db_get_member_with_id($_REQUEST['id']);
324     if (!isset($member)) redirect(link_to());
325     form_member($member, true);
326     action_list_events($member);
327     action_create_event($member);
328 }/*}}}*/
329
330 function action_create_member() {/*{{{*/
331     $member = array();
332     $log_messages = array();
333     if (isset($_POST['submit'])) {
334         unset($_POST['id']);
335         
336         if (validate_member($_POST, $member, $log_messages)) {
337             if (empty($member['number'])) $member['number'] = db_get_next_free_member_number();
338             
339             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
340                 ($member['ddmandatesigdate'] == ''))
341             {
342               $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
343             } else {
344               $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
345             }
346             
347             if ($member_id = db_create_member($member)) {
348                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
349             }
350             echo db_error();
351         }
352     }
353     form_member($member, false, $log_messages);
354 }/*}}}*/
355
356 function action_change_member() {/*{{{*/
357     if (!isset($_REQUEST['id'])) redirect(link_to());
358     $member = db_get_member_with_id($_REQUEST['id']);
359     if (!isset($member)) redirect(link_to());
360     $log_messages = array();
361     if (isset($_POST['submit'])) {
362         if (validate_member($_POST, $member, $log_messages)) {
363             if (empty($member['number'])) $member['number'] = db_get_next_free_member_number();
364                         
365             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
366                 ($member['ddmandatesigdate'] == ''))
367             {
368               $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
369             } else {
370               $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
371             }
372
373             if (db_change_member($member)) {
374                 redirect(link_to('view_member', array('id' => $member['id'])));
375             }
376             echo db_error();
377         }
378     }
379     form_member($member, false, $log_messages);
380 }/*}}}*/
381
382
383 function action_export_email() {/*{{{*/
384     $members = db_get_members();
385     $first = true;
386     ?>
387     <h2>E-Mail-Adressen</h2>
388     <?php if (isset($members)) : ?>
389         <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'], time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) continue; ?><?php if ($first) : $first = false; else :?>,<?php endif ?> <?=$member['email']?><?php endif ?><?php endforeach ?>
390     <?php else : ?>
391         <p>Bisher gibt's noch keine Mitglieder.</p>
392     <?php endif ?>
393     <?php
394 }/*}}}*/
395
396
397 function html_member_list_box($label, $name, $selected, $readonly = false, $id = NULL, $tag_params = '') {
398     $list = array(0 => '-');
399     $members = db_get_members();
400     if (!empty($members)) {
401         foreach ($members as $member) {
402             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
403         }
404     }
405     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
406 }
407
408 function form_member($member = array(), $readonly = false, $log_messages = array()) {/*{{{*/
409     
410     global $DIRECTDEBIT_STATES;
411     
412     $keys = db_get_crypto_keys();
413     if (empty($keys)) {
414 ?>
415         <p class="error">
416             <strong>Achtung:</strong> Bitte zuerst <a href="<?=link_to('cryptography')?>">Kryptographie einrichten</a>.
417         </p>
418 <?php
419         return;
420     }
421
422     js_modal_windows();
423     js_get_master_key();
424
425     ?>
426     <noscript>
427         <p class="error">
428             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
429         </p>
430     </noscript>
431     <?php if (!isset($member['id'])) : ?>
432         <h2>Neues Mitglied</h2>
433     <?php elseif ($readonly) : ?>
434         <h2>Mitgliedsdetails</h2>
435     <?php else : ?>
436         <h2>Mitglied &auml;ndern</h2>
437     <?php endif ?>
438     <?php log_messages($log_messages); ?>
439     <form action="" method="post" class="clearfix">
440         <?php if (isset($member['id']) && !$readonly) : ?><?=html_hidden_field('id', $member)?><?php endif ?>
441         <fieldset>
442             <legend>Allgemein</legend>
443             <?=html_text_field('Mitgliedsnummer', 'number', $member, $readonly)?>
444             <?php if (!$readonly) : ?><small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
445             <?=html_text_field('Nickname', 'nickname', $member, $readonly)?>
446             <?=html_text_field('E-Mail', 'email', $member, $readonly)?>
447         </fieldset>
448         <fieldset id="bank_details">
449             <legend>Bankverbindung</legend>
450             <?=html_text_field('Kontoinhaber', 'accountholder', $member, true)?>
451             <?=html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true)?>
452             <?=html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true)?>
453             <?=html_text_field('Name der Bank', 'bankname', $member, true)?>
454             <?php if (!isset($member['id'])) : ?>
455                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
456             <?php elseif ($readonly) : ?>
457                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
458             <?php else : ?>
459                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
460             <?php endif ?>
461             <?=html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly)?>
462             <?php
463               if ((!isset($member['ddmandatesigdate'])) ||
464                   ($member['ddmandatesigdate'] == '') ||
465                   ($member['ddmandatesigdate'] == '0000-00-00 00:00:00'))
466               {
467                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
468               } else {              
469                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
470               }
471             ?>
472             <?=html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly)?>
473         </fieldset>
474         <fieldset style="clear: left;">
475             <legend>Anschrift</legend>
476             <?=html_text_field('Vorname', 'firstname', $member, $readonly)?>
477             <?=html_text_field('Nachname', 'lastname', $member, $readonly)?>
478             <?=html_text_field('Straße', 'street', $member, $readonly)?>
479             <?=html_text_field('Hausnummer', 'housenumber', $member, $readonly)?>
480             <?=html_text_field('PLZ', 'postcode', $member, $readonly)?>
481             <?=html_text_field('Ort', 'city', $member, $readonly)?>
482             <?=html_text_field('Land', 'country', $member, $readonly)?>
483         </fieldset>
484         <fieldset>
485             <legend>Sonstiges</legend>
486             <?=html_text_field('Telefon', 'phone', $member, $readonly)?>
487             <?=html_text_field('Fax', 'fax', $member, $readonly)?>
488             <?=html_text_field('Handy', 'mobile', $member, $readonly)?>
489             <?=html_text_field('Jabber', 'jabber', $member, $readonly)?>
490             <?=html_text_field('ICQ', 'icq', $member, $readonly)?>
491             <?=html_text_field('MSN', 'msn', $member, $readonly)?>
492             <?=html_text_field('AIM', 'aim', $member, $readonly)?>
493             <?=html_text_field('Skype', 'skype', $member, $readonly)?>
494             <?=html_text_field('Website', 'url', $member, $readonly)?>
495             <?=html_text_field('Twitter', 'twitter', $member, $readonly)?>
496         </fieldset>
497         <?php if (!$readonly) : ?>
498             <input class="submit" type="submit" name="submit" value="Speichern"/>
499         <?php else : ?>
500             <br style="clear: left;"/>
501             <a href="<?=html_escape(link_to('change_member', array('id' => $member['id'])))?>">Mitglied &auml;ndern</a>
502         <?php endif ?>
503     </form>
504     <?php if (!isset($member['id'])) : ?>
505     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren" onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
506     <div id="password_popup2" class="modal_window">
507         <fieldset>
508             <legend>Passwortabfrage</legend>
509             <?=html_password_field('Passwort', 'password2')?>
510             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren" onclick="import_qrcode()"/>
511         <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen" onclick="cancel_import_qrcode()"/>
512         </fieldset>
513     </div>
514     <div id="qrcode_popup" class="modal_window">
515         <fieldset>
516             <legend>QR-Code</legend>
517             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
518             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
519         </fieldset>
520     </div>
521     <?php endif ?>
522     
523     <div id="password_popup" class="modal_window">
524         <fieldset>
525             <legend>Passwortabfrage</legend>
526             <?=html_password_field('Passwort', 'password1')?>
527             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln" onclick="decrypt_bank_details()"/>
528         <input class="submit" type="button" name="btn_cancel" value="Abbrechen" onclick="cancel_change_bank_details()"/>
529         </fieldset>
530     </div>
531     <div id="bank_detail_popup" class="modal_window">
532         <fieldset>
533             <legend>Bankverbindung</legend>
534             <?=html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly)?>
535             <?=html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly)?>
536             <?=html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly)?>
537             <?=html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly)?>
538             <?php if (!isset($member['id'])) : ?>
539                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen" onclick="bank_details_save()"/>
540                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen" onclick="bank_details_cancel()"/>
541             <?php elseif ($readonly) : ?>
542                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck" onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
543             <?php else : ?>
544                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen" onclick="bank_details_save()"/>
545                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen" onclick="bank_details_cancel()"/>
546             <?php endif ?>
547         </fieldset>
548     </div>
549 <script type="text/javascript">
550
551
552 var the_masterkey;
553
554 $(document).ready(function(){  
555     $('#accountholder').focus( function() { $("#btn_bank_details").focus(); });
556 <?php if ($readonly) : ?>
557     $('#btn_bank_details_cancel').keypress( function(event) { if (event.keyCode == '13') { bank_details_cancel(); } });
558 <?php else : ?>
559     $('#tmp_bankname').keypress( function(event) { if (event.keyCode == '13') { bank_details_save(); } });
560 <?php endif ?>
561     $('#password1').keypress( function(event) { if (event.keyCode == '13') { decrypt_bank_details(); } });
562     <?php if (!isset($member['id'])) : ?>
563     $('#password2').keypress( function(event) { if (event.keyCode == '13') { import_qrcode(); } });
564 <?php endif ?>
565 });  
566
567 function bank_details_ask_pass() {/*{{{*/
568     modal_window_show($("#password_popup"));
569     $("#password1").focus();
570     return;
571 }/*}}}*/
572
573
574 function import_qrcode_ask_pass() {/*{{{*/
575     modal_window_show($("#password_popup2"));
576     $("#password2").focus();
577     return;
578 }/*}}}*/
579
580 function cancel_change_bank_details() {/*{{{*/
581     modal_window_hide();
582     $("#btn_bank_details").focus();
583     $("#password1").val('');
584     return;
585 }/*}}}*/
586
587 function cancel_import_qrcode() {/*{{{*/
588     modal_window_hide();
589     $("#password2").val('');
590     return;
591 }/*}}}*/
592
593 function decrypt_bank_details() {/*{{{*/
594
595     var password = $('#password1').val();
596     $("#password1").val('');
597
598     // We pass a closure so that get_master_key may defer execution
599     get_master_key(password, function(masterkey) {
600
601         modal_window_replace($("#bank_detail_popup"));
602 <?php if ($readonly) : ?>
603         $('#btn_bank_details_cancel').focus();
604 <?php else : ?>
605         $('#tmp_accountholder').focus();
606 <?php endif ?>
607
608         var accountholder = $('#accountholder').val();
609         var accountnumber = $('#accountnumber').val();
610         var bankcode      = $('#bankcode').val();
611         var bankname      = $('#bankname').val();
612
613         // Encrypt/Decrypt data using AES with masterkey
614         if (accountholder != "") { $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey))); }
615         if (accountnumber != "") { $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey))); }
616         if (bankcode      != "") { $('#tmp_bankcode'     ).val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode,      masterkey))); }
617         if (bankname      != "") { $('#tmp_bankname'     ).val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname,      masterkey))); }
618         the_masterkey = masterkey; // cache masterkey until popup is closed
619     });
620
621 }/*}}}*/
622
623 function import_qrcode() {/*{{{*/
624
625     var password = $('#password2').val();
626     $("#password2").val('');
627
628     // We pass a closure so that get_master_key may defer execution
629     get_master_key(password, function(masterkey) {
630
631         modal_window_replace($("#qrcode_popup"));
632         the_masterkey = masterkey; // cache masterkey until popup is closed
633     });
634
635 }/*}}}*/
636
637 function qrcode_close() {/*{{{*/
638
639     modal_window_hide();
640
641     var qrcode_content = $('#qrcode_content').val();
642     $("#qrcode_content").val('');
643     var qrcode = qrcode_content.split(';');
644     if (qrcode.length >= 17) { 
645         $("#nickname").val(qrcode[0]);
646         // XXX birthdate - unused
647         $("#email").val(qrcode[2]);
648         // XXX cccmember - unused
649         $("#firstname").val(qrcode[4]);
650         $("#lastname").val(qrcode[5]);
651         $("#street").val(qrcode[6]);
652         $("#housenumber").val(qrcode[7]);
653         $("#postcode").val(qrcode[8]);
654         $("#city").val(qrcode[9]);
655         $("#country").val(qrcode[10]);
656         // XXX fee unused
657         $("#paymentinterval").val(qrcode[12]);
658         var accountholder = qrcode[13];
659         var accountnumber = qrcode[14];
660         var bankcode = qrcode[15];
661         var bankname = qrcode[16];
662         // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
663     }
664
665
666     // 4.2 Encrypt/Decrypt data using AES with masterkey
667     if (accountholder != "") { $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey)); } else { $('#accountholder').val(''); }
668     if (accountnumber != "") { $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey)); } else { $('#accountnumber').val(''); }
669     if (bankcode      != "") { $('#bankcode'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode),      the_masterkey)); } else { $('#bankcode').val(''); }
670     if (bankname      != "") { $('#bankname'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname),      the_masterkey)); } else { $('#bankname').val(''); }
671     the_masterkey = '';
672
673 }/*}}}*/
674
675 function bank_details_save() {/*{{{*/
676
677     modal_window_hide();
678
679     var accountholder = $('#tmp_accountholder').val();
680     var accountnumber = $('#tmp_accountnumber').val().replace(/\s/g, '');
681     var bankcode      = $('#tmp_bankcode').val();
682     var bankname      = $('#tmp_bankname').val();
683     $("#tmp_accountholder").val('');
684     $("#tmp_accountnumber").val('');
685     $("#tmp_bankcode").val('');
686     $("#tmp_bankname").val('');
687
688     // 4.2 Encrypt/Decrypt data using AES with masterkey
689     if (accountholder != "") { $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey)); } else { $('#accountholder').val(''); }
690     if (accountnumber != "") { $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey)); } else { $('#accountnumber').val(''); }
691     if (bankcode      != "") { $('#bankcode'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode),      the_masterkey)); } else { $('#bankcode').val(''); }
692     if (bankname      != "") { $('#bankname'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname),      the_masterkey)); } else { $('#bankname').val(''); }
693     the_masterkey = '';
694
695 }/*}}}*/
696
697 function bank_details_cancel() {/*{{{*/
698
699     modal_window_hide();
700
701     $("#tmp_accountholder").val('');
702     $("#tmp_accountnumber").val('');
703     $("#tmp_bankcode").val('');
704     $("#tmp_bankname").val('');
705
706     the_masterkey = '';
707 }/*}}}*/
708
709 </script>
710     <?php
711 }/*}}}*/
712
713