diff --git a/application/core/APIv1_Controller.php b/application/core/APIv1_Controller.php
index 9dd7b4ae8..6432c87db 100644
--- a/application/core/APIv1_Controller.php
+++ b/application/core/APIv1_Controller.php
@@ -5,6 +5,8 @@
*/
class APIv1_Controller extends REST_Controller
{
+ private $_requiredPermissions;
+
/**
* Standard constructor for all the RESTful resources
*/
@@ -12,24 +14,35 @@ class APIv1_Controller extends REST_Controller
{
parent::__construct();
- // Loads permission lib
- $this->load->library('PermissionLib');
+ $this->_requiredPermissions = $requiredPermissions;
log_message('debug', 'Called API: '.$_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']);
-
- $this->_isAllowed($requiredPermissions);
}
/**
- * Checks if the caller is allowed to access to this content with the given permissions
- * If it is not allowed will set the HTTP header with code 401
- * Wrapper for permissionlib->isEntitled
+ * This method is automatically called by CodeIgniter after the execution of the constructor is completed
+ * - Cheks if the AuthLib was loaded, if not it means that the authentication failed
+ * - Loads the permsission lib and calls permissionlib->isEntitled
+ * - Checks if the caller is allowed to access to this content with the given permissions
+ * if it is not allowed will set the HTTP header with code 401
+ * - Calls the parent (REST_Controller) _remap method to performs other checks
*/
- private function _isAllowed($requiredPermissions)
+ public function _remap($object_called, $arguments)
{
- if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method))
+ if (isset($this->authlib)) // if set then the authentication is ok
{
- $this->response(error('You are not allowed to access to this content'), REST_Controller::HTTP_UNAUTHORIZED);
+ // Loads permission lib
+ $this->load->library('PermissionLib');
+
+ // Cheks if the user has the permission to call a method
+ if (!$this->permissionlib->isEntitled($this->_requiredPermissions, $this->router->method))
+ {
+ // If not...
+ $this->response(error('You are not allowed to access to this content'), REST_Controller::HTTP_UNAUTHORIZED);
+ }
}
+
+ // Finally calls the parent _remap to perform other checks
+ parent::_remap($object_called, $arguments);
}
}
diff --git a/application/core/REST_Controller.php b/application/core/REST_Controller.php
index 38eda47f7..9cd276556 100644
--- a/application/core/REST_Controller.php
+++ b/application/core/REST_Controller.php
@@ -630,7 +630,7 @@ abstract class REST_Controller extends CI_Controller {
{
$this->_log_request();
}
-//echo 'RestKey: '.$this->rest->key;
+
$this->response([
$this->config->item('rest_status_field_name') => FALSE,
$this->config->item('rest_message_field_name') => sprintf($this->lang->line('text_rest_invalid_api_key'), $this->rest->key)
diff --git a/application/libraries/AuthLib.php b/application/libraries/AuthLib.php
index fe6261106..43b8bd2d6 100644
--- a/application/libraries/AuthLib.php
+++ b/application/libraries/AuthLib.php
@@ -237,7 +237,7 @@ class AuthLib
*/
public function basicAuthentication($username, $password)
{
- return isSuccess($this->_checkLDAPAuthentication($username, $password));
+ return isSuccess($this->loginLDAP($username, $password));
}
/**
diff --git a/content/statistik/lehrauftragsliste_mail.xls.php b/content/statistik/lehrauftragsliste_mail.xls.php
index e2a7000cf..40ec7a616 100644
--- a/content/statistik/lehrauftragsliste_mail.xls.php
+++ b/content/statistik/lehrauftragsliste_mail.xls.php
@@ -552,8 +552,8 @@ if($result_stg = $db->db_query($qry_stg))
}
//Gesamtkosten anzeigen
- $worksheet->writeNumber($zeile,11,$gesamtkosten, $format_number_bold);
- $gesamt->writeNumber($gesamtsheet_row,11,$gesamtkosten, $format_number_bold);
+ $worksheet->writeNumber($zeile,13,$gesamtkosten, $format_number_bold);
+ $gesamt->writeNumber($gesamtsheet_row,13,$gesamtkosten, $format_number_bold);
}
}
diff --git a/include/ical.class.php b/include/ical.class.php
index 53fae9dd7..1fa3982f9 100644
--- a/include/ical.class.php
+++ b/include/ical.class.php
@@ -29,7 +29,7 @@ class ical extends basis_db
public $result = array();
public $dtresult = array();
-
+
/**
* Konstruktor
*/
@@ -40,18 +40,31 @@ class ical extends basis_db
/**
* Importiert ein FreeBusy File
- *
+ *
* @param $ical
* @param $typ
*/
public function importFreeBusy($ical, $typ)
{
$rows = explode("\n",$ical);
-
+
$idx = count($this->result);
$status=0;
$dtstart='';
$dtend='';
+
+ /*
+ * Google Kalender schreibt kein FreeBusy sondern anonymisiert die Kalendereintraege
+ * Daher gibt es dort kein Beginn / Ende von VFREEBUSY
+ */
+ if($typ == 'Google')
+ {
+ $status = 1;
+ if(!isset($this->result[$idx]))
+ $this->result[$idx]='';
+ $this->result[$idx].= "BEGIN:VFREEBUSY\n";
+ }
+
foreach($rows as $row)
{
if(mb_strstr($row,'BEGIN:VFREEBUSY'))
@@ -59,7 +72,7 @@ class ical extends basis_db
$status=1;
if(!isset($this->result[$idx]))
$this->result[$idx]='';
- $this->result[$idx].=$row."\n";
+ $this->result[$idx].=$row."\n";
}
elseif(mb_strstr($row,'END:VFREEBUSY'))
{
@@ -71,11 +84,11 @@ class ical extends basis_db
{
if($typ=='Google')
{
- // VEVENT mit UTC Timestamps
+ // VEVENT mit UTC Timestamps
if(mb_strstr($row,'DTSTART:'))
{
$dtstart = $this->ConvertTimezoneUTC(mb_substr($row,8,-1));
- }
+ }
elseif(mb_strstr($row,'DTEND:'))
{
$dtend = $this->ConvertTimezoneUTC(mb_substr($row,6));
@@ -107,7 +120,7 @@ class ical extends basis_db
$dtstart = $this->ConvertTimezoneUTC(mb_substr($row, 0, $slashpos));
$dtend = $this->ConvertTimezoneUTC(mb_substr($row, $slashpos+1));
$this->dtresult[]=array('dtstart'=>trim($dtstart),'dtend'=>trim($dtend));
-
+
$dtstart = $this->ConvertTimezoneUTC($dtstart);
$dtend = $this->ConvertTimezoneUTC($dtend);
$this->result[$idx].='FREEBUSY:'.$dtstart.'/'.$dtend."\n";
@@ -144,8 +157,16 @@ class ical extends basis_db
}
}
}
+ if($typ == 'Google')
+ {
+ $status = 0;
+ if(!isset($this->result[$idx]))
+ $this->result[$idx]='';
+ $this->result[$idx].= "END:VFREEBUSY\n";
+ $idx++;
+ }
}
-
+
/**
* Liefert die FreeBusy Eintraege
*/
@@ -153,17 +174,17 @@ class ical extends basis_db
{
return implode($this->result);
}
-
+
/**
* Importiert ein FreeBusy File
- *
+ *
* @param $ical
* @param $typ
*/
public function parseFreeBusy($ical)
{
$rows = explode("\n",$ical);
-
+
$idx = count($this->result);
$status=0;
$dtstart='';
@@ -176,7 +197,7 @@ class ical extends basis_db
$doppelpunktpos = mb_strpos($row, ':');
$row = mb_substr($row, $doppelpunktpos+1);
$len = mb_strlen($row);
-
+
$slashpos = mb_strpos($row, '/');
$dtstart = mb_substr($row, 0, $len-$slashpos-1);
$dtend = mb_substr($row, $slashpos+1);
@@ -186,10 +207,10 @@ class ical extends basis_db
}
}
}
-
+
/**
- *
- * Konvertiert die Zeitzone eines XMLRPC (Compact) datetimes von Europe/Vienna auf UTC
+ *
+ * Konvertiert die Zeitzone eines XMLRPC (Compact) datetimes von Europe/Vienna auf UTC
* @param $datetime (zB 20080701T093807Z)
*/
function ConvertTimezoneUTC($datetime)
@@ -204,15 +225,15 @@ class ical extends basis_db
//Default
$timezone = new DateTimeZone('Europe/Vienna');
}
-
+
$date = new DateTime($datetime, $timezone);
$date->setTimezone(new DateTimeZone('UTC'));
return $date->format('Ymd\THis').'Z';
}
-
+
/**
- *
- * Konvertiert die Zeitzone eines XMLRPC (Compact) datetimes von Europe/Vienna auf UTC
+ *
+ * Konvertiert die Zeitzone eines XMLRPC (Compact) datetimes von Europe/Vienna auf UTC
* @param $datetime (zB 20080701T093807Z)
*/
function ConvertTimezoneLocal($datetime)
@@ -227,7 +248,7 @@ class ical extends basis_db
//Default
$timezone = new DateTimeZone('Europe/Vienna');
}
-
+
$date = new DateTime($datetime, $timezone);
$date->setTimezone(new DateTimeZone('Europe/Vienna'));
return $date->format('Ymd\THis');
diff --git a/system/xsl/StudienblattEng_0.xsl b/system/xsl/StudienblattEng_0.xsl
index ff1e6962a..bd2ccdbae 100644
--- a/system/xsl/StudienblattEng_0.xsl
+++ b/system/xsl/StudienblattEng_0.xsl
@@ -447,7 +447,18 @@ xmlns:office="urn:oasis:names:tc:opendocument:xmlns:office:1.0" xmlns:style="urn
-
+
+
+
+
+ Summer
+
+
+
+
+
+
+
@@ -456,7 +467,17 @@ xmlns:office="urn:oasis:names:tc:opendocument:xmlns:office:1.0" xmlns:style="urn
-
+
+
+
+
+ Summer
+
+
+
+
+
+
@@ -501,7 +522,17 @@ xmlns:office="urn:oasis:names:tc:opendocument:xmlns:office:1.0" xmlns:style="urn
-
+
+
+
+
+ Summer
+
+
+
+
+
+
diff --git a/vilesci/bis/studentenmeldung.php b/vilesci/bis/studentenmeldung.php
index 12d7c85e7..ef9cbbc09 100644
--- a/vilesci/bis/studentenmeldung.php
+++ b/vilesci/bis/studentenmeldung.php
@@ -487,7 +487,7 @@ fclose($dateiausgabe);
if(file_exists($ddd))
{
echo 'BIS-Meldung Stg '.$stg_kz.' archivieren
';
- echo 'XML-Datei für BIS-Meldung Stg '.$stg_kz.'
';
+ echo 'XML-Datei für BIS-Meldung Stg '.$stg_kz.'
';
}
if(file_exists($eee))
{
diff --git a/vilesci/stammdaten/personen_wartung.php b/vilesci/stammdaten/personen_wartung.php
index 9f695f718..2f38206a8 100644
--- a/vilesci/stammdaten/personen_wartung.php
+++ b/vilesci/stammdaten/personen_wartung.php
@@ -226,8 +226,8 @@ if (isset($personToDelete) && isset($personToKeep) && $personToDelete >= 0 && $p
$akteInhalt = $akte1->result[0]->inhalt;
$akteDMS = $akte1->result[0]->dms_id;
// Bestehende Fotohistorie löschen und jene vom neuen Foto übernehmen
- $sql_query_upd1 .= "DELETE FROM public.tbl_person_fotostatus WHERE person_id=" . $db->db_add_param($akte2->result[0]->person_id, FHC_INTEGER) . ";";
- $sql_query_upd1 .= "UPDATE public.tbl_person_fotostatus SET person_id=" . $db->db_add_param($akte2->result[0]->person_id, FHC_INTEGER) . " WHERE person_id=" . $db->db_add_param($akte1->result[0]->person_id, FHC_INTEGER) . ";";
+ $sql_query_upd1 .= "DELETE FROM public.tbl_person_fotostatus WHERE person_id=" . $db->db_add_param($personToKeep, FHC_INTEGER) . ";";
+ $sql_query_upd1 .= "UPDATE public.tbl_person_fotostatus SET person_id=" . $db->db_add_param($personToKeep, FHC_INTEGER) . " WHERE person_id=" . $db->db_add_param($personToDelete, FHC_INTEGER) . ";";
$msg_warning[] = "Das Foto von Person ".$personToDelete." war aktueller und wurde übernommen";
}
elseif ($insertamum1 < $insertamum2)
@@ -235,7 +235,7 @@ if (isset($personToDelete) && isset($personToKeep) && $personToDelete >= 0 && $p
$akteInhalt = $akte2->result[0]->inhalt;
$akteDMS = $akte2->result[0]->dms_id;
// Bestehende Fotohistorie löschen und jene vom neuen Foto übernehmen
- $sql_query_upd1 .= "DELETE FROM public.tbl_person_fotostatus WHERE person_id=" . $db->db_add_param($akte1->result[0]->person_id, FHC_INTEGER) . ";";
+ $sql_query_upd1 .= "DELETE FROM public.tbl_person_fotostatus WHERE person_id=" . $db->db_add_param($personToDelete, FHC_INTEGER) . ";";
$msg_warning[] = "Das Foto von Person ".$personToKeep." war aktueller und wurde übernommen";
}
else
@@ -245,11 +245,11 @@ if (isset($personToDelete) && isset($personToKeep) && $personToDelete >= 0 && $p
}
// Wenn Inhalt vorhanden, diesen laden, sonst aus DMS
$base64foto = '';
- if ($akteInhalt != '')
+ if (isset($akteInhalt) && $akteInhalt != '')
{
$base64foto = $akteInhalt;
}
- elseif ($akteDMS != '')
+ elseif (isset($akteDMS) && $akteDMS != '')
{
$dms = new dms();
if ($dms->load($akteDMS))
@@ -713,7 +713,7 @@ if (isset($personToDelete) && isset($personToKeep) && $personToDelete >= 0 && $p
$prestudentenArray[$previousKey]['zgvmadatum'] = $zgvmadatum = $value['zgvmadatum'];
$prestudentenArray[$previousKey]['zgvmanation'] = $zgvmanation = $value['zgvmanation'];
// Wenn kein Status außer Interessent und Abgewiesener mehr vorhanden ist, löschen
- if (!isset($statusArrayWichtige[$value->prestudent_id]))
+ if (!isset($statusArrayWichtige[$value['prestudent_id']]))
{
unset($prestudentenArray[$key]);
$prestudentLoeschArray[] = $value['prestudent_id'];
@@ -730,7 +730,7 @@ if (isset($personToDelete) && isset($personToKeep) && $personToDelete >= 0 && $p
$warningList['zgvUnklar'][$prestudentId][$i]['zgvmadatum'] = $value['zgvmadatum'];
$warningList['zgvUnklar'][$prestudentId][$i]['zgvmanation'] = $value['zgvmanation'];
// Wenn kein Status außer Interessent und Abgewiesener mehr vorhanden ist, löschen
- if (!isset($statusArrayWichtige[$value->prestudent_id]))
+ if (!isset($statusArrayWichtige[$value['prestudent_id']]))
{
unset($prestudentenArray[$key]);
$prestudentLoeschArray[] = $value['prestudent_id'];
diff --git a/vilesci/stammdaten/reihungstestverwaltung.php b/vilesci/stammdaten/reihungstestverwaltung.php
index ce29b583a..c05a18b49 100644
--- a/vilesci/stammdaten/reihungstestverwaltung.php
+++ b/vilesci/stammdaten/reihungstestverwaltung.php
@@ -2594,9 +2594,11 @@ if($reihungstest_id!='')
JOIN public.tbl_person USING (person_id)
JOIN public.tbl_prestudent ON (tbl_rt_person.person_id=tbl_prestudent.person_id)
WHERE
- rt_id = ".$db->db_add_param($reihungstest_id, FHC_INTEGER);
-
- $qry .= " AND tbl_rt_person.studienplan_id IN(SELECT studienplan_id FROM public.tbl_prestudentstatus where prestudent_id=tbl_prestudent.prestudent_id)
+ rt_id = ".$db->db_add_param($reihungstest_id, FHC_INTEGER)."
+ AND tbl_rt_person.studienplan_id IN (
+ SELECT studienplan_id
+ FROM public.tbl_prestudentstatus
+ WHERE prestudent_id=tbl_prestudent.prestudent_id)
ORDER BY ort_kurzbz NULLS FIRST,nachname,vorname";
$mailto = '';