Added Db class
[memberdb.git] / include / members.php
1 <?php
2
3 $DIRECTDEBIT_STATES = array(
4     '' => '- (Barzahler)',
5     1  => 'DTAUS',
6     2  => 'SEPA Ersteinzug',
7     3  => 'SEPA Folgeeinzug'
8 );
9
10 /* DB functions {{{ */
11
12 function db_create_member($member)
13 {
14     unset($member['id']);
15     $member['created_at'] = db_unixtime2datetime(time());
16     $member['modified_at'] = db_unixtime2datetime(time());
17     if (!db_insert('members', $member)) {
18         return false;
19     }
20     return db_insert_id();
21 }
22
23 function db_change_member($member)
24 {
25     $id = $member['id'];
26     unset($member['id']);
27     $member['modified_at'] = db_unixtime2datetime(time());
28     return db_update('members', $member, sprintf('id=%d', (int)$id));
29 }
30
31 function db_get_members()
32 {
33     return db_select_multi('SELECT * FROM `members` ORDER BY `number` ASC');
34 }
35
36 function db_get_member_with_id($member_id)
37 {
38     $sql = 'SELECT * FROM `m̀embers` WHERE id=? LIMIT 1';
39     return db_select_single($sql, [$member_id]);
40 }
41
42 function db_get_next_free_member_number()
43 {/*{{{*/
44     $row = db_select_single('SELECT MAX(number) AS number FROM `members`');
45     if (!isset($row)) {
46         return 2;
47     }
48
49     $number = $row['number'] + 1;
50     // Some numbers are reserved for honorary members
51     $number = (int)$number;
52     switch ($number) {
53         case 1:
54         case 23:
55         case 42:
56         case 666:
57         case 1337:
58         case 31337:
59             return $number + 1;
60     }
61     return $number;
62 }
63
64 ;/*}}}*/
65
66
67 function db_get_member_with_number($member_number)
68 {
69     return db_select_single('SELECT * FROM `members` WHERE NUMBER=? LIMIT 1', [$member_number]);
70 }
71
72 /* }}} */
73
74 function validate_member($userdata, &$dbdata, &$validation)
75 {/*{{{*/
76     $fields = array(
77         'id'               => 'number',
78         'number'           => 'number',
79         'firstname'        => 'string',
80         'lastname'         => 'string',
81         'nickname'         => 'string',
82         'accountholder'    => 'string',
83         'accountnumber'    => 'string',
84         'bankcode'         => 'string',
85         'bankname'         => 'string',
86         'directdebit'      => 'number',
87         'ddmandatesigdate' => 'string',
88         'street'           => 'string',
89         'housenumber'      => 'string',
90         'postcode'         => 'string',
91         'city'             => 'string',
92         'country'          => 'string',
93         'email'            => 'string',
94         'phone'            => 'string',
95         'fax'              => 'string',
96         'mobile'           => 'string',
97         'jabber'           => 'string',
98         'icq'              => 'string',
99         'msn'              => 'string',
100         'aim'              => 'string',
101         'skype'            => 'string',
102         'url'              => 'string',
103         'twitter'          => 'string',
104     );
105     $orig = $dbdata;
106     foreach ($fields as $name => $type) {
107         if ($type == 'bool') {
108             $dbdata[$name] = !empty($userdata[$name]);
109             continue;
110         }
111         if (!isset($userdata[$name])) {
112             continue;
113         }
114         $dbdata[$name] = $userdata[$name];
115     }
116 //      ids must be equal
117 //      number must be equal. if changed - check if free and allowed
118     if (isset($orig['id'])) {
119         if ($dbdata['id'] != $orig['id']) {
120             $validation[] = 'Irgendwas ist sehr sehr komisch.';
121         }
122         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
123             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
124         }
125         return (count($validation) == 0);
126     }
127     if (!validate_member_number($dbdata['number'])) {
128         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
129     }
130     return (count($validation) == 0);
131 }/*}}}*/
132
133 function validate_member_number($member_number, $member_id = null)
134 {/*{{{*/
135     $member = db_get_member_with_number($member_number);
136
137     // theres no member with this number
138     if (!isset($member)) {
139         return true;
140     }
141
142     // there is a member, but maybe its the one we got passed
143     if (isset($member_id) && $member_id == $member['id']) {
144         return true;
145     }
146
147     return false;
148 }/*}}}*/
149
150 function action_export_ibanhin()
151 {/*{{{*/
152     $members = db_get_members();
153     if (empty($members)) {
154         return;
155     }
156     js_modal_windows();
157     js_get_master_key();
158     ?>
159     <noscript>
160         <p class="error">
161             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
162         </p>
163     </noscript>
164
165     <h2>IBAN-hin</h2>
166     <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()"
167            id="btn_export_iban_hin"/>
168     <br/>
169     <br/>
170
171
172     <div id="password_popup" class="modal_window">
173         <fieldset>
174             <legend>Passwortabfrage</legend>
175             <?= html_password_field('Passwort', 'password') ?>
176             <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen"
177                    onclick="export_ibanhin()"/>
178             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
179                    onclick="cancel_ask_for_password()"/>
180         </fieldset>
181     </div>
182     <div id="ibanhin_popup" class="modal_window">
183         <fieldset>
184             <legend>IBAN-hin</legend>
185             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
186             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
187         </fieldset>
188     </div>
189
190     <script type="text/javascript">
191
192         var members = new Array(<?=join(",\n", array_map('json_encode', $members)) ?>);
193
194
195         $(document).ready(function () {
196             $('#password').keypress(function (event) {
197                 if (event.keyCode == '13') {
198                     export_ibanhin();
199                 }
200             });
201             $('#btn_ibanhin').focus();
202         });
203
204
205         function ask_for_password() {/*{{{*/
206             modal_window_show($("#password_popup"));
207             $("#password").focus();
208             return;
209         }
210
211         /*}}}*/
212
213         function cancel_ask_for_password() {/*{{{*/
214             modal_window_hide();
215             $("#btn_ibanhin").focus();
216             return;
217         }
218
219         /*}}}*/
220
221
222         function export_ibanhin() {/*{{{*/
223
224             var ibanhin_content = "";
225
226             var password = $('#password').val();
227             $("#password").val('');
228
229             // We pass a closure so that get_master_key may defer execution
230             get_master_key(password, function (masterkey) {
231
232                 modal_window_replace($("#ibanhin_popup"));
233
234                 for (var i = 0; i < members.length; i++) {
235                     if (members[i]['directdebit'] == "1") {
236                         var accountnumber = members[i]['accountnumber'];
237                         var bankcode = members[i]['bankcode'];
238                         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
239                         if (bankcode != "") bankcode = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey));
240                         if (accountnumber != "" && bankcode != "") {
241                             /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
242                                01. Satzart
243                                02. Anwender
244                                03. Internes Kennzeichen des Anwenders
245                                04. BIC-ALT
246                                IBAN-ALT
247                                05. LK/PZ-ALT
248                                06. BLZ-ALT
249                                07. KTONR-ALT
250                                IBAN-NEU
251                                08. LK/PZ-NEU
252                                09. BLZ-NEU
253                                10. KTONR-NEU
254                                11. UMST-KZ
255                              */
256                             ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
257                         }
258                     }
259                 }
260
261                 $('#ibanhin_content').val(ibanhin_content);
262                 $('#ibanhin_content').focus();
263                 $('#ibanhin_content').select();
264
265             });
266
267         }
268
269         /*}}}*/
270
271         function ibanhin_close() {/*{{{*/
272             modal_window_hide();
273             $("#ibanhin_content").val('');
274         }
275
276         /*}}}*/
277
278
279     </script>
280
281     <?php
282
283 }/*}}}*/
284
285
286 function action_list_members()
287 {/*{{{*/
288     $members = db_get_members();
289     $count = 0;
290     $regular = 0;
291     $patron = 0;
292     $honorary = 0;
293     ?>
294     <h2>Liste der Mitglieder</h2>
295     <?php if (isset($members)) : ?>
296     <table>
297         <tr>
298             <th>Mitgliedsnummer</th>
299             <th>Nickname</th>
300             <th>Vorname</th>
301             <th>Nachname</th>
302         </tr>
303         <?php foreach ($members as $member) : ?>
304             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
305             <?php
306             if (!empty($membership_info['is_member'])) {
307                 switch ($membership_info['member_type']) {
308                     case 'regular':
309                         $regular++;
310                         break;
311                     case 'honorary':
312                         $honorary++;
313                         break;
314                     case 'patron':
315                         $patron++;
316                         break;
317                 }
318             }
319             ?>
320             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
321                 <td><a href="<?= html_escape(link_to('view_member',
322                         array('id' => $member['id']))) ?>"><?= html_escape($member['number']) ?></a></td>
323                 <td><?= html_escape($member['nickname']) ?></td>
324                 <td><?= html_escape($member['firstname']) ?></td>
325                 <td><?= html_escape($member['lastname']) ?></td>
326             </tr>
327         <?php endforeach ?>
328     </table>
329 <?php else : ?>
330     <p>Bisher gibt es noch keine Mitglieder.</p>
331 <?php
332 endif;
333     $count = $regular + $honorary + $patron;
334     ?>
335     <p>Derzeit gibt es <?= $count ?> Vereinsmitglieder. Davon:
336     <ul>
337         <li><?= $regular ?> ordentliche Mitglieder</li>
338         <li><?= $honorary ?> Ehrenmitglieder</li>
339         <li style="font-weight: bold;"><?= $regular + $honorary ?> stimmberechtigte Mitglieder</li>
340         <li><?= $patron ?> Fördermitglieder</li>
341     </ul>
342     </p>
343     <a href="<?= link_to('create_member') ?>">Neues Mitglied</a>
344     <a href="<?= link_to('export_email') ?>">E-Mail-Adressen</a>
345     <a href="<?= link_to('export_members') ?>">XLS Export</a>
346     <?php
347 }/*}}}*/
348
349 function action_view_member()
350 {/*{{{*/
351     if (!isset($_REQUEST['id'])) {
352         redirect(link_to());
353     }
354     $member = db_get_member_with_id($_REQUEST['id']);
355     if (!isset($member)) {
356         redirect(link_to());
357     }
358     form_member($member, true);
359     action_list_events($member);
360     action_create_event($member);
361 }/*}}}*/
362
363 function action_create_member()
364 {/*{{{*/
365     $member = array();
366     $log_messages = array();
367     if (isset($_POST['submit'])) {
368         unset($_POST['id']);
369
370         if (validate_member($_POST, $member, $log_messages)) {
371             if (empty($member['number'])) {
372                 $member['number'] = db_get_next_free_member_number();
373             }
374
375             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
376                 ($member['ddmandatesigdate'] == '')) {
377                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
378             } else {
379                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
380             }
381
382             if ($member_id = db_create_member($member)) {
383                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
384             }
385             echo db_error();
386         }
387     }
388     form_member($member, false, $log_messages);
389 }/*}}}*/
390
391 function action_change_member()
392 {/*{{{*/
393     if (!isset($_REQUEST['id'])) {
394         redirect(link_to());
395     }
396     $member = db_get_member_with_id($_REQUEST['id']);
397     if (!isset($member)) {
398         redirect(link_to());
399     }
400     $log_messages = array();
401     if (isset($_POST['submit'])) {
402         if (validate_member($_POST, $member, $log_messages)) {
403             if (empty($member['number'])) {
404                 $member['number'] = db_get_next_free_member_number();
405             }
406
407             if (($member['ddmandatesigdate'] == 'TT.MM.JJJJ') ||
408                 ($member['ddmandatesigdate'] == '')) {
409                 $member['ddmandatesigdate'] = '0000-00-00 00:00:00';
410             } else {
411                 $member['ddmandatesigdate'] = db_unixtime2datetime(ui_date2unixtime($member['ddmandatesigdate']));
412             }
413
414             if (db_change_member($member)) {
415                 redirect(link_to('view_member', array('id' => $member['id'])));
416             }
417             echo db_error();
418         }
419     }
420     form_member($member, false, $log_messages);
421 }/*}}}*/
422
423
424 function action_export_email()
425 {/*{{{*/
426     $members = db_get_members();
427     $first = true;
428     ?>
429     <h2>E-Mail-Adressen</h2>
430     <?php if (isset($members)) : ?>
431     <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'],
432         time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) {
433         continue;
434     } ?><?php if ($first) : $first = false; else : ?>,<?php endif ?> <?= $member['email'] ?><?php endif ?><?php endforeach ?>
435 <?php else : ?>
436     <p>Bisher gibt's noch keine Mitglieder.</p>
437 <?php endif ?>
438     <?php
439 }/*}}}*/
440
441
442 function html_member_list_box($label, $name, $selected, $readonly = false, $id = null, $tag_params = '')
443 {
444     $list = array(0 => '-');
445     $members = db_get_members();
446     if (!empty($members)) {
447         foreach ($members as $member) {
448             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
449         }
450     }
451     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
452 }
453
454 function form_member($member = array(), $readonly = false, $log_messages = array())
455 {/*{{{*/
456
457     global $DIRECTDEBIT_STATES;
458
459     $keys = db_get_crypto_keys();
460     if (empty($keys)) {
461         ?>
462         <p class="error">
463             <strong>Achtung:</strong> Bitte zuerst <a href="<?= link_to('cryptography') ?>">Kryptographie einrichten</a>.
464         </p>
465         <?php
466         return;
467     }
468
469     js_modal_windows();
470     js_get_master_key();
471
472     ?>
473     <noscript>
474         <p class="error">
475             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
476         </p>
477     </noscript>
478     <?php if (!isset($member['id'])) : ?>
479     <h2>Neues Mitglied</h2>
480 <?php elseif ($readonly) : ?>
481     <h2>Mitgliedsdetails</h2>
482 <?php else : ?>
483     <h2>Mitglied &auml;ndern</h2>
484 <?php endif ?>
485     <?php log_messages($log_messages); ?>
486     <form action="" method="post" class="clearfix">
487         <?php if (isset($member['id']) && !$readonly) : ?><?= html_hidden_field('id', $member) ?><?php endif ?>
488         <fieldset>
489             <legend>Allgemein</legend>
490             <?= html_text_field('Mitgliedsnummer', 'number', $member, $readonly) ?>
491             <?php if (!$readonly) : ?>
492                 <small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
493             <?= html_text_field('Nickname', 'nickname', $member, $readonly) ?>
494             <?= html_text_field('E-Mail', 'email', $member, $readonly) ?>
495         </fieldset>
496         <fieldset id="bank_details">
497             <legend>Bankverbindung</legend>
498             <?= html_text_field('Kontoinhaber', 'accountholder', $member, true) ?>
499             <?= html_text_field('Kontonummer/IBAN', 'accountnumber', $member, true) ?>
500             <?= html_text_field('Bankleitzahl/BIC', 'bankcode', $member, true) ?>
501             <?= html_text_field('Name der Bank', 'bankname', $member, true) ?>
502             <?php if (!isset($member['id'])) : ?>
503                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen"
504                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
505             <?php elseif ($readonly) : ?>
506                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten"
507                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
508             <?php else : ?>
509                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern"
510                        onclick="bank_details_ask_pass()" id="btn_bank_details"/>
511             <?php endif ?>
512             <?= html_list_box('Beitragseinzug', 'directdebit', $DIRECTDEBIT_STATES, $member, $readonly) ?>
513             <?php
514             if ((!isset($member['ddmandatesigdate'])) ||
515                 ($member['ddmandatesigdate'] == '') ||
516                 ($member['ddmandatesigdate'] == '0000-00-00 00:00:00')) {
517                 $member['ddmandatesigdate'] = ($readonly) ? '' : html_escape('TT.MM.JJJJ');
518             } else {
519                 $member['ddmandatesigdate'] = html_escape(format_date(db_date2unixtime($member['ddmandatesigdate'])));
520             }
521             ?>
522             <?= html_text_field('Mandatsunterschrift', 'ddmandatesigdate', $member, $readonly) ?>
523         </fieldset>
524         <fieldset style="clear: left;">
525             <legend>Anschrift</legend>
526             <?= html_text_field('Vorname', 'firstname', $member, $readonly) ?>
527             <?= html_text_field('Nachname', 'lastname', $member, $readonly) ?>
528             <?= html_text_field('Straße', 'street', $member, $readonly) ?>
529             <?= html_text_field('Hausnummer', 'housenumber', $member, $readonly) ?>
530             <?= html_text_field('PLZ', 'postcode', $member, $readonly) ?>
531             <?= html_text_field('Ort', 'city', $member, $readonly) ?>
532             <?= html_text_field('Land', 'country', $member, $readonly) ?>
533         </fieldset>
534         <fieldset>
535             <legend>Sonstiges</legend>
536             <?= html_text_field('Telefon', 'phone', $member, $readonly) ?>
537             <?= html_text_field('Fax', 'fax', $member, $readonly) ?>
538             <?= html_text_field('Handy', 'mobile', $member, $readonly) ?>
539             <?= html_text_field('Jabber', 'jabber', $member, $readonly) ?>
540             <?= html_text_field('ICQ', 'icq', $member, $readonly) ?>
541             <?= html_text_field('MSN', 'msn', $member, $readonly) ?>
542             <?= html_text_field('AIM', 'aim', $member, $readonly) ?>
543             <?= html_text_field('Skype', 'skype', $member, $readonly) ?>
544             <?= html_text_field('Website', 'url', $member, $readonly) ?>
545             <?= html_text_field('Twitter', 'twitter', $member, $readonly) ?>
546         </fieldset>
547         <?php if (!$readonly) : ?>
548             <input class="submit" type="submit" name="submit" value="Speichern"/>
549         <?php else : ?>
550             <br style="clear: left;"/>
551             <a href="<?= html_escape(link_to('change_member', array('id' => $member['id']))) ?>">Mitglied
552                 &auml;ndern</a>
553         <?php endif ?>
554     </form>
555     <?php if (!isset($member['id'])) : ?>
556     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren"
557            onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
558     <div id="password_popup2" class="modal_window">
559         <fieldset>
560             <legend>Passwortabfrage</legend>
561             <?= html_password_field('Passwort', 'password2') ?>
562             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren"
563                    onclick="import_qrcode()"/>
564             <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen"
565                    onclick="cancel_import_qrcode()"/>
566         </fieldset>
567     </div>
568     <div id="qrcode_popup" class="modal_window">
569         <fieldset>
570             <legend>QR-Code</legend>
571             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
572             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
573         </fieldset>
574     </div>
575 <?php endif ?>
576
577     <div id="password_popup" class="modal_window">
578         <fieldset>
579             <legend>Passwortabfrage</legend>
580             <?= html_password_field('Passwort', 'password1') ?>
581             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln"
582                    onclick="decrypt_bank_details()"/>
583             <input class="submit" type="button" name="btn_cancel" value="Abbrechen"
584                    onclick="cancel_change_bank_details()"/>
585         </fieldset>
586     </div>
587     <div id="bank_detail_popup" class="modal_window">
588         <fieldset>
589             <legend>Bankverbindung</legend>
590             <?= html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly) ?>
591             <?= html_text_field('Kontonummer/IBAN', 'tmp_accountnumber', $member, $readonly) ?>
592             <?= html_text_field('Bankleitzahl/BIC', 'tmp_bankcode', $member, $readonly) ?>
593             <?= html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly) ?>
594             <?php if (!isset($member['id'])) : ?>
595                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
596                        onclick="bank_details_save()"/>
597                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
598                        onclick="bank_details_cancel()"/>
599             <?php elseif ($readonly) : ?>
600                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck"
601                        onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
602             <?php else : ?>
603                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen"
604                        onclick="bank_details_save()"/>
605                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen"
606                        onclick="bank_details_cancel()"/>
607             <?php endif ?>
608         </fieldset>
609     </div>
610     <script type="text/javascript">
611
612
613         var the_masterkey;
614
615         $(document).ready(function () {
616             $('#accountholder').focus(function () {
617                 $("#btn_bank_details").focus();
618             });
619             <?php if ($readonly) : ?>
620             $('#btn_bank_details_cancel').keypress(function (event) {
621                 if (event.keyCode == '13') {
622                     bank_details_cancel();
623                 }
624             });
625             <?php else : ?>
626             $('#tmp_bankname').keypress(function (event) {
627                 if (event.keyCode == '13') {
628                     bank_details_save();
629                 }
630             });
631             <?php endif ?>
632             $('#password1').keypress(function (event) {
633                 if (event.keyCode == '13') {
634                     decrypt_bank_details();
635                 }
636             });
637             <?php if (!isset($member['id'])) : ?>
638             $('#password2').keypress(function (event) {
639                 if (event.keyCode == '13') {
640                     import_qrcode();
641                 }
642             });
643             <?php endif ?>
644         });
645
646         function bank_details_ask_pass() {/*{{{*/
647             modal_window_show($("#password_popup"));
648             $("#password1").focus();
649             return;
650         }
651
652         /*}}}*/
653
654
655         function import_qrcode_ask_pass() {/*{{{*/
656             modal_window_show($("#password_popup2"));
657             $("#password2").focus();
658             return;
659         }
660
661         /*}}}*/
662
663         function cancel_change_bank_details() {/*{{{*/
664             modal_window_hide();
665             $("#btn_bank_details").focus();
666             $("#password1").val('');
667             return;
668         }
669
670         /*}}}*/
671
672         function cancel_import_qrcode() {/*{{{*/
673             modal_window_hide();
674             $("#password2").val('');
675             return;
676         }
677
678         /*}}}*/
679
680         function decrypt_bank_details() {/*{{{*/
681
682             var password = $('#password1').val();
683             $("#password1").val('');
684
685             // We pass a closure so that get_master_key may defer execution
686             get_master_key(password, function (masterkey) {
687
688                 modal_window_replace($("#bank_detail_popup"));
689                 <?php if ($readonly) : ?>
690                 $('#btn_bank_details_cancel').focus();
691                 <?php else : ?>
692                 $('#tmp_accountholder').focus();
693                 <?php endif ?>
694
695                 var accountholder = $('#accountholder').val();
696                 var accountnumber = $('#accountnumber').val();
697                 var bankcode = $('#bankcode').val();
698                 var bankname = $('#bankname').val();
699
700                 // Encrypt/Decrypt data using AES with masterkey
701                 if (accountholder != "") {
702                     $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey)));
703                 }
704                 if (accountnumber != "") {
705                     $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey)));
706                 }
707                 if (bankcode != "") {
708                     $('#tmp_bankcode').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode, masterkey)));
709                 }
710                 if (bankname != "") {
711                     $('#tmp_bankname').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname, masterkey)));
712                 }
713                 the_masterkey = masterkey; // cache masterkey until popup is closed
714             });
715
716         }
717
718         /*}}}*/
719
720         function import_qrcode() {/*{{{*/
721
722             var password = $('#password2').val();
723             $("#password2").val('');
724
725             // We pass a closure so that get_master_key may defer execution
726             get_master_key(password, function (masterkey) {
727
728                 modal_window_replace($("#qrcode_popup"));
729                 the_masterkey = masterkey; // cache masterkey until popup is closed
730             });
731
732         }
733
734         /*}}}*/
735
736         function qrcode_close() {/*{{{*/
737
738             modal_window_hide();
739
740             var qrcode_content = $('#qrcode_content').val();
741             $("#qrcode_content").val('');
742             var qrcode = qrcode_content.split(';');
743             if (qrcode.length >= 17) {
744                 $("#nickname").val(qrcode[0]);
745                 // XXX birthdate - unused
746                 $("#email").val(qrcode[2]);
747                 // XXX cccmember - unused
748                 $("#firstname").val(qrcode[4]);
749                 $("#lastname").val(qrcode[5]);
750                 $("#street").val(qrcode[6]);
751                 $("#housenumber").val(qrcode[7]);
752                 $("#postcode").val(qrcode[8]);
753                 $("#city").val(qrcode[9]);
754                 $("#country").val(qrcode[10]);
755                 // XXX fee unused
756                 $("#paymentinterval").val(qrcode[12]);
757                 var accountholder = qrcode[13];
758                 var accountnumber = qrcode[14];
759                 var bankcode = qrcode[15];
760                 var bankname = qrcode[16];
761                 // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
762             }
763
764
765             // 4.2 Encrypt/Decrypt data using AES with masterkey
766             if (accountholder != "") {
767                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
768             } else {
769                 $('#accountholder').val('');
770             }
771             if (accountnumber != "") {
772                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
773             } else {
774                 $('#accountnumber').val('');
775             }
776             if (bankcode != "") {
777                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
778             } else {
779                 $('#bankcode').val('');
780             }
781             if (bankname != "") {
782                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
783             } else {
784                 $('#bankname').val('');
785             }
786             the_masterkey = '';
787
788         }
789
790         /*}}}*/
791
792         function bank_details_save() {/*{{{*/
793
794             modal_window_hide();
795
796             var accountholder = $('#tmp_accountholder').val();
797             var accountnumber = $('#tmp_accountnumber').val();
798             var bankcode = $('#tmp_bankcode').val();
799             var bankname = $('#tmp_bankname').val();
800             $("#tmp_accountholder").val('');
801             $("#tmp_accountnumber").val('');
802             $("#tmp_bankcode").val('');
803             $("#tmp_bankname").val('');
804
805             accountnumber = accountnumber.replace(/\s+/g, '');
806             bankcode = bankcode.replace(/\s+/g, '');
807             // 4.2 Encrypt/Decrypt data using AES with masterkey
808             if (accountholder != "") {
809                 $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey));
810             } else {
811                 $('#accountholder').val('');
812             }
813             if (accountnumber != "") {
814                 $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey));
815             } else {
816                 $('#accountnumber').val('');
817             }
818             if (bankcode != "") {
819                 $('#bankcode').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode), the_masterkey));
820             } else {
821                 $('#bankcode').val('');
822             }
823             if (bankname != "") {
824                 $('#bankname').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname), the_masterkey));
825             } else {
826                 $('#bankname').val('');
827             }
828             the_masterkey = '';
829
830         }
831
832         /*}}}*/
833
834         function bank_details_cancel() {/*{{{*/
835
836             modal_window_hide();
837
838             $("#tmp_accountholder").val('');
839             $("#tmp_accountnumber").val('');
840             $("#tmp_bankcode").val('');
841             $("#tmp_bankname").val('');
842
843             the_masterkey = '';
844         }
845
846         /*}}}*/
847
848     </script>
849     <?php
850 }/*}}}*/