Added IBAN-hin export
[memberdb.git] / include / members.php
1 <?php
2
3 $SQL_CREATE_MEMBERS = sprintf('
4     CREATE TABLE IF NOT EXISTS `%1$s` (
5       `id` int(10) unsigned NOT NULL auto_increment,
6       `number` int(10) unsigned NOT NULL,
7       `firstname` varchar(255) NOT NULL,
8       `lastname` varchar(255) NOT NULL,
9       `nickname` varchar(255) NOT NULL,
10       `accountholder` blob NOT NULL,
11       `accountnumber` blob NOT NULL,
12       `bankcode` blob NOT NULL,
13       `bankname` blob NOT NULL,
14       `directdebit` tinyint(1) NOT NULL,
15       `street` varchar(255) NOT NULL,
16       `housenumber` varchar(255) NOT NULL,
17       `postcode` varchar(255) NOT NULL,
18       `city` varchar(255) NOT NULL,
19       `country` varchar(255) NOT NULL,
20       `email` varchar(255) NOT NULL,
21       `phone` varchar(255) NOT NULL,
22       `fax` varchar(255) NOT NULL,
23       `mobile` varchar(255) NOT NULL,
24       `jabber` varchar(255) NOT NULL,
25       `icq` varchar(255) NOT NULL,
26       `msn` varchar(255) NOT NULL,
27       `aim` varchar(255) NOT NULL,
28       `skype` varchar(255) NOT NULL,
29       `url` varchar(255) NOT NULL,
30       `twitter` varchar(255) NOT NULL,
31       `created_at` datetime NOT NULL,
32       `modified_at` datetime NOT NULL,
33       PRIMARY KEY  (`id`),
34       UNIQUE KEY `number` (`number`)
35     ) ENGINE=InnoDB DEFAULT CHARSET=%2$s
36     ', DB_TABLE_MEMBERS, DB_CHARSET);
37
38 /* DB functions {{{ */
39
40 function db_create_member($member) {
41     unset($member['id']);
42     $member['created_at']   = db_unixtime2datetime(time());
43     $member['modified_at']  = db_unixtime2datetime(time());
44     if (!db_insert_single(DB_TABLE_MEMBERS, $member)) return false;
45     return db_insert_id();
46 }
47
48 function db_change_member($member) {
49     $id = $member['id'];
50     unset($member['id']);
51     $member['modified_at']  = db_unixtime2datetime(time());
52     return db_update_single(DB_TABLE_MEMBERS, $member, sprintf('id=\'%1$d\'', db_escape($id)));
53 }
54
55 function db_get_members() {
56     $sql = 'SELECT * FROM %1$s ORDER BY number ASC';
57     return db_select_multi(sprintf($sql, DB_TABLE_MEMBERS));
58 }
59
60 function db_get_member_with_id($member_id) {
61     $sql = 'SELECT * FROM %1$s WHERE id=\'%2$d\' LIMIT 1';
62     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_id)));
63 }
64
65 function db_get_next_free_member_number() {/*{{{*/
66     $row = db_select_single(sprintf('SELECT MAX(number) AS number FROM %1$s', DB_TABLE_MEMBERS));
67     if (!isset($row)) return 2;
68
69     $number = $row['number'] + 1;
70     // Some numbers are reserved for honorary members
71     $number = (int) $number;
72     switch ($number) {
73         case 1:
74         case 23:
75         case 42:
76         case 666:
77         case 1337:
78         case 31337:
79             return $number + 1;
80     }
81     return $number;
82 };/*}}}*/
83
84
85 function db_get_member_with_number($member_number) {
86     $sql = 'SELECT * FROM %1$s WHERE number=\'%2$d\' LIMIT 1';
87     return db_select_single(sprintf($sql, DB_TABLE_MEMBERS, db_escape($member_number)));
88 }
89
90 /* }}} */
91
92 function validate_member($userdata, &$dbdata, &$validation) {/*{{{*/
93     $fields = array(
94         'id'            => 'number',
95         'number'        => 'number',
96         'firstname'     => 'string',
97         'lastname'      => 'string',
98         'nickname'      => 'string',
99         'accountholder' => 'string',
100         'accountnumber' => 'string',
101         'bankcode'      => 'string',
102         'bankname'      => 'string',
103         'directdebit'   => 'bool',
104         'street'        => 'string',
105         'housenumber'   => 'string',
106         'postcode'      => 'string',
107         'city'          => 'string',
108         'country'       => 'string',
109         'email'         => 'string',
110         'phone'         => 'string',
111         'fax'           => 'string',
112         'mobile'        => 'string',
113         'jabber'        => 'string',
114         'icq'           => 'string',
115         'msn'           => 'string',
116         'aim'           => 'string',
117         'skype'         => 'string',
118         'url'           => 'string',
119         'twitter'       => 'string',
120     );
121     $orig = $dbdata;
122     foreach ($fields as $name => $type) {
123         if ($type == 'bool') {
124             $dbdata[$name] = !empty($userdata[$name]);
125             continue;
126         }
127         if (!isset($userdata[$name])) continue;
128         $dbdata[$name] = $userdata[$name];
129     }
130 //      ids must be equal
131 //      number must be equal. if changed - check if free and allowed
132     if (isset($orig['id'])) {
133         if ($dbdata['id'] != $orig['id']) {
134             $validation[] = 'Irgendwas ist sehr sehr komisch.';
135         }
136         if (!validate_member_number($dbdata['number'], $dbdata['id'])) {
137             $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
138         }
139         return (count($validation) == 0);
140     }
141     if (!validate_member_number($dbdata['number'])) {
142         $validation[] = 'Die Mitgliedsnummer ist schon vergeben.';
143     }
144     return (count($validation) == 0);
145 }/*}}}*/
146
147 function validate_member_number($member_number, $member_id = NULL) {/*{{{*/
148     $member = db_get_member_with_number($member_number);
149
150     // theres no member with this number
151     if (!isset($member)) return true;
152
153     // there is a member, but maybe its the one we got passed
154     if (isset($member_id) && $member_id == $member['id']) return true;
155
156     return false;
157 }/*}}}*/
158
159 function action_export_ibanhin() {/*{{{*/
160     $members = db_get_members();
161     if (empty($members)) return;
162     js_modal_windows();
163     js_get_master_key();
164 ?>
165     <noscript>
166         <p class="error">
167             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
168         </p>
169     </noscript>
170
171     <h2>IBAN-hin</h2>
172 <input class="submit" type="button" name="btn_ibanhin" value="IBAN-hin erzeugen" onclick="ask_for_password()" id="btn_export_iban_hin"/>
173 <br/>
174 <br/>
175
176
177 <div id="password_popup" class="modal_window">
178     <fieldset>
179         <legend>Passwortabfrage</legend>
180         <?=html_password_field('Passwort', 'password')?>
181         <input class="submit" type="button" name="btn_export_ibanhin" value="IBAN-hin erzeugen" onclick="export_ibanhin()"/>
182         <input class="submit" type="button" name="btn_cancel" value="Abbrechen" onclick="cancel_ask_for_password()"/>
183     </fieldset>
184 </div>
185 <div id="ibanhin_popup" class="modal_window">
186     <fieldset>
187         <legend>IBAN-hin</legend>
188             <textarea id="ibanhin_content" style="width: 100%" rows="30" readonly="readonly"></textarea>
189             <input class="submit" type="button" name="btn_ibanhin_close" value="Schließen" onclick="ibanhin_close()"/>
190     </fieldset>
191 </div>
192
193 <script type="text/javascript">
194
195   var members = new Array(<?=join(",\n", array_map('json_encode', $members)) ?>);
196
197
198
199 $(document).ready(function(){  
200     $('#password').keypress( function(event) { if (event.keyCode == '13') { export_ibanhin(); } });
201     $('#btn_ibanhin').focus();
202 });  
203
204
205 function ask_for_password() {/*{{{*/
206     modal_window_show($("#password_popup"));
207     $("#password").focus();
208     return;
209 }/*}}}*/
210
211 function cancel_ask_for_password() {/*{{{*/
212     modal_window_hide();
213     $("#btn_ibanhin").focus();
214     return;
215 }/*}}}*/
216
217
218 function export_ibanhin() {/*{{{*/
219     
220     var ibanhin_content = "";
221
222     var password = $('#password').val();
223     $("#password").val('');
224
225     // We pass a closure so that get_master_key may defer execution
226     get_master_key(password, function(masterkey) {
227
228     modal_window_replace($("#ibanhin_popup"));
229
230     for (var i = 0; i < members.length; i++) {
231       if (members[i]['directdebit'] = "1") {
232         var accountnumber = members[i]['accountnumber'];
233         var bankcode      = members[i]['bankcode'];
234         if (accountnumber != "") accountnumber = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey));
235         if (bankcode      != "") bankcode      = Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode,      masterkey));
236         if (accountnumber != "" && bankcode != "") {
237           /* ZKA-Spezifikation-IBAN-hin-IBAN-rueck
238              01. Satzart
239              02. Anwender
240              03. Internes Kennzeichen des Anwenders
241              04. BIC-ALT
242              IBAN-ALT
243              05. LK/PZ-ALT
244              06. BLZ-ALT
245              07. KTONR-ALT
246              IBAN-NEU
247              08. LK/PZ-NEU
248              09. BLZ-NEU
249              10. KTONR-NEU
250              11. UMST-KZ
251            */
252           ibanhin_content += '"DE";;"' + members[i]['number'] + '";;;"' + bankcode + '";"' + accountnumber + '";;;;;' + "\n";
253         }
254       }
255     }
256
257     $('#ibanhin_content').val(ibanhin_content);
258     $('#ibanhin_content').focus();
259     $('#ibanhin_content').select();
260     
261     });
262
263 }/*}}}*/
264
265 function ibanhin_close() {/*{{{*/
266     modal_window_hide();
267     $("#ibanhin_content").val('');
268 }/*}}}*/
269
270
271 </script>
272
273 <?php
274
275 }/*}}}*/
276
277
278 function action_list_members() {/*{{{*/
279     $members = db_get_members();
280     $count   = 0;
281     ?>
282     <h2>Liste der Mitglieder</h2>
283     <?php if (isset($members)) : ?>
284         <table>
285             <tr>
286                 <th>Mitgliedsnummer</th>
287                 <th>Nickname</th>
288                 <th>Vorname</th>
289                 <th>Nachname</th>
290             </tr>
291         <?php foreach ($members as $member) : ?>
292             <?php $membership_info = fees_info_for_member($member['id'], time()); ?>
293                         <?php if (!empty($membership_info['is_member'])) $count++; ?>
294             <tr <?php if (empty($membership_info['is_member'])) : ?>class="inactive"<?php endif ?>>
295                 <td><a href="<?=html_escape(link_to('view_member', array('id'=> $member['id'])))?>"><?=html_escape($member['number'])?></a></td>
296                 <td><?=html_escape($member['nickname'])?></td>
297                 <td><?=html_escape($member['firstname'])?></td>
298                 <td><?=html_escape($member['lastname'])?></td>
299             </tr>
300         <?php endforeach ?>
301         </table>
302     <?php else : ?>
303         <p>Bisher gibt es noch keine Mitglieder.</p>
304     <?php endif ?>
305         <p>Derzeit gibt es <?=$count?> aktive Mitglieder.</p>
306         <a href="<?=link_to('create_member')?>">Neues Mitglied</a>
307         <a href="<?=link_to('export_email')?>">E-Mail-Adressen</a>
308     <?php
309 }/*}}}*/
310
311 function action_view_member() {/*{{{*/
312     if (!isset($_REQUEST['id'])) redirect(link_to());
313     $member = db_get_member_with_id($_REQUEST['id']);
314     if (!isset($member)) redirect(link_to());
315
316     form_member($member, true);
317     action_list_events($member);
318     action_create_event($member);
319 }/*}}}*/
320
321 function action_create_member() {/*{{{*/
322     $member = array();
323     $log_messages = array();
324     if (isset($_POST['submit'])) {
325         unset($_POST['id']);
326         if (validate_member($_POST, $member, $log_messages)) {
327             if (empty($member['number'])) $member['number'] = db_get_next_free_member_number();
328             if ($member_id = db_create_member($member)) {
329                 redirect(link_to('view_member', array('id' => $member_id)) . '#events');
330             }
331             echo db_error();
332         }
333     }
334     form_member($member, false, $log_messages);
335 }/*}}}*/
336
337 function action_change_member() {/*{{{*/
338     if (!isset($_REQUEST['id'])) redirect(link_to());
339     $member = db_get_member_with_id($_REQUEST['id']);
340     if (!isset($member)) redirect(link_to());
341     $log_messages = array();
342     if (isset($_POST['submit'])) {
343         if (validate_member($_POST, $member, $log_messages)) {
344             if (empty($member['number'])) $member['number'] = db_get_next_free_member_number();
345             if (db_change_member($member)) {
346                 redirect(link_to('view_member', array('id' => $member['id'])));
347             }
348             echo db_error();
349         }
350     }
351     form_member($member, false, $log_messages);
352 }/*}}}*/
353
354
355 function action_export_email() {/*{{{*/
356     $members = db_get_members();
357     $first = true;
358     ?>
359     <h2>E-Mail-Adressen</h2>
360     <?php if (isset($members)) : ?>
361         <?php foreach ($members as $member) : ?><?php $membership_info = fees_info_for_member($member['id'], time()); ?><?php if (!empty($membership_info['is_member'])) : ?><?php if (empty($member['email'])) continue; ?><?php if ($first) : $first = false; else :?>,<?php endif ?> <?=$member['email']?><?php endif ?><?php endforeach ?>
362     <?php else : ?>
363         <p>Bisher gibt's noch keine Mitglieder.</p>
364     <?php endif ?>
365     <?php
366 }/*}}}*/
367
368
369 function html_member_list_box($label, $name, $selected, $readonly = false, $id = NULL, $tag_params = '') {
370     $list = array(0 => '-');
371     $members = db_get_members();
372     if (!empty($members)) {
373         foreach ($members as $member) {
374             $list[$member['id']] = $member['number'] . ' ' . $member['nickname'];
375         }
376     }
377     return html_list_box($label, $name, $list, $selected, $readonly, $id, $tag_params);
378 }
379
380 function form_member($member = array(), $readonly = false, $log_messages = array()) {/*{{{*/
381     
382     $keys = db_get_crypto_keys();
383     if (empty($keys)) {
384 ?>
385         <p class="error">
386             <strong>Achtung:</strong> Bitte zuerst <a href="<?=link_to('cryptography')?>">Kryptographie einrichten</a>.
387         </p>
388 <?php
389         return;
390     }
391
392     js_modal_windows();
393     js_get_master_key();
394
395     ?>
396     <noscript>
397         <p class="error">
398             <strong>Achtung:</strong> Ohne JavaScript geht hier gar nichts. Bitte aktivieren!
399         </p>
400     </noscript>
401     <?php if (!isset($member['id'])) : ?>
402         <h2>Neues Mitglied</h2>
403     <?php elseif ($readonly) : ?>
404         <h2>Mitgliedsdetails</h2>
405     <?php else : ?>
406         <h2>Mitglied &auml;ndern</h2>
407     <?php endif ?>
408     <?php log_messages($log_messages); ?>
409     <form action="" method="post" class="clearfix">
410         <?php if (isset($member['id']) && !$readonly) : ?><?=html_hidden_field('id', $member)?><?php endif ?>
411         <fieldset>
412             <legend>Allgemein</legend>
413             <?=html_text_field('Mitgliedsnummer', 'number', $member, $readonly)?>
414             <?php if (!$readonly) : ?><small>Wird automatisch vergeben wenn leer.</small><?php endif ?>
415             <?=html_text_field('Nickname', 'nickname', $member, $readonly)?>
416             <?=html_text_field('E-Mail', 'email', $member, $readonly)?>
417         </fieldset>
418         <fieldset id="bank_details">
419             <legend>Bankverbindung</legend>
420             <?=html_text_field('Kontoinhaber', 'accountholder', $member, true)?>
421             <?=html_text_field('Kontonummer', 'accountnumber', $member, true)?>
422             <?=html_text_field('Bankleitzahl', 'bankcode', $member, true)?>
423             <?=html_text_field('Name der Bank', 'bankname', $member, true)?>
424             <?=html_checkbox('Lastschrifteinzug', 'directdebit', $member, 1, $readonly)?>
425             <?php if (!isset($member['id'])) : ?>
426                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung erfassen" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
427             <?php elseif ($readonly) : ?>
428                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung betrachten" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
429             <?php else : ?>
430                 <input class="submit" type="button" name="btn_bank_details" value="Bankverbindung &auml;ndern" onclick="bank_details_ask_pass()" id="btn_bank_details"/>
431             <?php endif ?>
432         </fieldset>
433         <fieldset style="clear: left;">
434             <legend>Anschrift</legend>
435             <?=html_text_field('Vorname', 'firstname', $member, $readonly)?>
436             <?=html_text_field('Nachname', 'lastname', $member, $readonly)?>
437             <?=html_text_field('Straße', 'street', $member, $readonly)?>
438             <?=html_text_field('Hausnummer', 'housenumber', $member, $readonly)?>
439             <?=html_text_field('PLZ', 'postcode', $member, $readonly)?>
440             <?=html_text_field('Ort', 'city', $member, $readonly)?>
441             <?=html_text_field('Land', 'country', $member, $readonly)?>
442         </fieldset>
443         <fieldset>
444             <legend>Sonstiges</legend>
445             <?=html_text_field('Telefon', 'phone', $member, $readonly)?>
446             <?=html_text_field('Fax', 'fax', $member, $readonly)?>
447             <?=html_text_field('Handy', 'mobile', $member, $readonly)?>
448             <?=html_text_field('Jabber', 'jabber', $member, $readonly)?>
449             <?=html_text_field('ICQ', 'icq', $member, $readonly)?>
450             <?=html_text_field('MSN', 'msn', $member, $readonly)?>
451             <?=html_text_field('AIM', 'aim', $member, $readonly)?>
452             <?=html_text_field('Skype', 'skype', $member, $readonly)?>
453             <?=html_text_field('Website', 'url', $member, $readonly)?>
454             <?=html_text_field('Twitter', 'twitter', $member, $readonly)?>
455         </fieldset>
456         <?php if (!$readonly) : ?>
457             <input class="submit" type="submit" name="submit" value="Speichern"/>
458         <?php else : ?>
459             <br style="clear: left;"/>
460             <a href="<?=html_escape(link_to('change_member', array('id' => $member['id'])))?>">Mitglied &auml;ndern</a>
461         <?php endif ?>
462     </form>
463     <?php if (!isset($member['id'])) : ?>
464     <input class="submit" type="button" name="btn_import_qrcode1" value="QR-Code importieren" onclick="import_qrcode_ask_pass()" id="btn_import_qrcode1"/>
465     <div id="password_popup2" class="modal_window">
466         <fieldset>
467             <legend>Passwortabfrage</legend>
468             <?=html_password_field('Passwort', 'password2')?>
469             <input class="submit" type="button" name="btn_import_qrcode2" value="QR-Code importieren" onclick="import_qrcode()"/>
470         <input class="submit" type="button" name="btn_cancel_import_qrcode" value="Abbrechen" onclick="cancel_import_qrcode()"/>
471         </fieldset>
472     </div>
473     <div id="qrcode_popup" class="modal_window">
474         <fieldset>
475             <legend>QR-Code</legend>
476             <textarea id="qrcode_content" style="width: 100%" rows="30"></textarea>
477             <input class="submit" type="button" name="btn_qrcode_close" value="Importieren" onclick="qrcode_close()"/>
478         </fieldset>
479     </div>
480     <?php endif ?>
481     
482     <div id="password_popup" class="modal_window">
483         <fieldset>
484             <legend>Passwortabfrage</legend>
485             <?=html_password_field('Passwort', 'password1')?>
486             <input class="submit" type="button" name="btn_decrypt_bank_details" value="Bankdaten entschl&uuml;sseln" onclick="decrypt_bank_details()"/>
487         <input class="submit" type="button" name="btn_cancel" value="Abbrechen" onclick="cancel_change_bank_details()"/>
488         </fieldset>
489     </div>
490     <div id="bank_detail_popup" class="modal_window">
491         <fieldset>
492             <legend>Bankverbindung</legend>
493             <?=html_text_field('Kontoinhaber', 'tmp_accountholder', $member, $readonly)?>
494             <?=html_text_field('Kontonummer', 'tmp_accountnumber', $member, $readonly)?>
495             <?=html_text_field('Bankleitzahl', 'tmp_bankcode', $member, $readonly)?>
496             <?=html_text_field('Name der Bank', 'tmp_bankname', $member, $readonly)?>
497             <?php if (!isset($member['id'])) : ?>
498                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen" onclick="bank_details_save()"/>
499                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen" onclick="bank_details_cancel()"/>
500             <?php elseif ($readonly) : ?>
501                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Zur&uuml;ck" onclick="bank_details_cancel()" id="btn_bank_details_cancel"/>
502             <?php else : ?>
503                 <input class="submit" type="button" name="btn_bank_details_save" value="&Uuml;bernehmen" onclick="bank_details_save()"/>
504                 <input class="submit" type="button" name="btn_bank_details_cancel" value="Abbrechen" onclick="bank_details_cancel()"/>
505             <?php endif ?>
506         </fieldset>
507     </div>
508 <script type="text/javascript">
509
510
511 var the_masterkey;
512
513 $(document).ready(function(){  
514     $('#accountholder').focus( function() { $("#btn_bank_details").focus(); });
515 <?php if ($readonly) : ?>
516     $('#btn_bank_details_cancel').keypress( function(event) { if (event.keyCode == '13') { bank_details_cancel(); } });
517 <?php else : ?>
518     $('#tmp_bankname').keypress( function(event) { if (event.keyCode == '13') { bank_details_save(); } });
519 <?php endif ?>
520     $('#password1').keypress( function(event) { if (event.keyCode == '13') { decrypt_bank_details(); } });
521     <?php if (!isset($member['id'])) : ?>
522     $('#password2').keypress( function(event) { if (event.keyCode == '13') { import_qrcode(); } });
523 <?php endif ?>
524 });  
525
526 function bank_details_ask_pass() {/*{{{*/
527     modal_window_show($("#password_popup"));
528     $("#password1").focus();
529     return;
530 }/*}}}*/
531
532
533 function import_qrcode_ask_pass() {/*{{{*/
534     modal_window_show($("#password_popup2"));
535     $("#password2").focus();
536     return;
537 }/*}}}*/
538
539 function cancel_change_bank_details() {/*{{{*/
540     modal_window_hide();
541     $("#btn_bank_details").focus();
542     $("#password1").val('');
543     return;
544 }/*}}}*/
545
546 function cancel_import_qrcode() {/*{{{*/
547     modal_window_hide();
548     $("#password2").val('');
549     return;
550 }/*}}}*/
551
552 function decrypt_bank_details() {/*{{{*/
553
554     var password = $('#password1').val();
555     $("#password1").val('');
556
557     // We pass a closure so that get_master_key may defer execution
558     get_master_key(password, function(masterkey) {
559
560         modal_window_replace($("#bank_detail_popup"));
561 <?php if ($readonly) : ?>
562         $('#btn_bank_details_cancel').focus();
563 <?php else : ?>
564         $('#tmp_accountholder').focus();
565 <?php endif ?>
566
567         var accountholder = $('#accountholder').val();
568         var accountnumber = $('#accountnumber').val();
569         var bankcode      = $('#bankcode').val();
570         var bankname      = $('#bankname').val();
571
572         // Encrypt/Decrypt data using AES with masterkey
573         if (accountholder != "") { $('#tmp_accountholder').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountholder, masterkey))); }
574         if (accountnumber != "") { $('#tmp_accountnumber').val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(accountnumber, masterkey))); }
575         if (bankcode      != "") { $('#tmp_bankcode'     ).val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankcode,      masterkey))); }
576         if (bankname      != "") { $('#tmp_bankname'     ).val(Crypto.charenc.UTF8.bytesToString(Crypto.AES.decrypt(bankname,      masterkey))); }
577         the_masterkey = masterkey; // cache masterkey until popup is closed
578     });
579
580 }/*}}}*/
581
582 function import_qrcode() {/*{{{*/
583
584     var password = $('#password2').val();
585     $("#password2").val('');
586
587     // We pass a closure so that get_master_key may defer execution
588     get_master_key(password, function(masterkey) {
589
590         modal_window_replace($("#qrcode_popup"));
591         the_masterkey = masterkey; // cache masterkey until popup is closed
592     });
593
594 }/*}}}*/
595
596 function qrcode_close() {/*{{{*/
597
598     modal_window_hide();
599
600     var qrcode_content = $('#qrcode_content').val();
601     $("#qrcode_content").val('');
602     var qrcode = qrcode_content.split(';');
603     if (qrcode.length >= 17) { 
604         $("#nickname").val(qrcode[0]);
605         // XXX birthdate - unused
606         $("#email").val(qrcode[2]);
607         // XXX cccmember - unused
608         $("#firstname").val(qrcode[4]);
609         $("#lastname").val(qrcode[5]);
610         $("#street").val(qrcode[6]);
611         $("#housenumber").val(qrcode[7]);
612         $("#postcode").val(qrcode[8]);
613         $("#city").val(qrcode[9]);
614         $("#country").val(qrcode[10]);
615         // XXX fee unused
616         $("#paymentinterval").val(qrcode[12]);
617         var accountholder = qrcode[13];
618         var accountnumber = qrcode[14];
619         var bankcode = qrcode[15];
620         var bankname = qrcode[16];
621         // XXX amount unused - wurde erst am 4.5. ergänzt, war vorher leer.
622     }
623
624
625     // 4.2 Encrypt/Decrypt data using AES with masterkey
626     if (accountholder != "") { $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey)); } else { $('#accountholder').val(''); }
627     if (accountnumber != "") { $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey)); } else { $('#accountnumber').val(''); }
628     if (bankcode      != "") { $('#bankcode'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode),      the_masterkey)); } else { $('#bankcode').val(''); }
629     if (bankname      != "") { $('#bankname'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname),      the_masterkey)); } else { $('#bankname').val(''); }
630     the_masterkey = '';
631
632 }/*}}}*/
633
634 function bank_details_save() {/*{{{*/
635
636     modal_window_hide();
637
638     var accountholder = $('#tmp_accountholder').val();
639     var accountnumber = $('#tmp_accountnumber').val();
640     var bankcode      = $('#tmp_bankcode').val();
641     var bankname      = $('#tmp_bankname').val();
642     $("#tmp_accountholder").val('');
643     $("#tmp_accountnumber").val('');
644     $("#tmp_bankcode").val('');
645     $("#tmp_bankname").val('');
646
647     // 4.2 Encrypt/Decrypt data using AES with masterkey
648     if (accountholder != "") { $('#accountholder').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountholder), the_masterkey)); } else { $('#accountholder').val(''); }
649     if (accountnumber != "") { $('#accountnumber').val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(accountnumber), the_masterkey)); } else { $('#accountnumber').val(''); }
650     if (bankcode      != "") { $('#bankcode'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankcode),      the_masterkey)); } else { $('#bankcode').val(''); }
651     if (bankname      != "") { $('#bankname'     ).val(Crypto.AES.encrypt(Crypto.charenc.UTF8.stringToBytes(bankname),      the_masterkey)); } else { $('#bankname').val(''); }
652     the_masterkey = '';
653
654 }/*}}}*/
655
656 function bank_details_cancel() {/*{{{*/
657
658     modal_window_hide();
659
660     $("#tmp_accountholder").val('');
661     $("#tmp_accountnumber").val('');
662     $("#tmp_bankcode").val('');
663     $("#tmp_bankname").val('');
664
665     the_masterkey = '';
666 }/*}}}*/
667
668 </script>
669     <?php
670 }/*}}}*/
671
672