From ffd8937b889b5ae74c358d2ceee7f8dac7bdeb90 Mon Sep 17 00:00:00 2001
From: Gerald Raab <raab@technikum-wien.at>
Date: Fri, 24 Aug 2007 11:00:07 +0000
Subject: [PATCH] dokumente

---
 cis/pdfExport.php                 | 259 ++++++++++++++++--------------
 cis/private/lehre/upload.php      |   3 +-
 cis/private/menu.php              |  17 +-
 include/konto.class.php           |  53 +++++-
 include/studiensemester.class.php |   2 +-
 5 files changed, 207 insertions(+), 127 deletions(-)

diff --git a/cis/pdfExport.php b/cis/pdfExport.php
index ab95e077c..ce0eb6174 100644
--- a/cis/pdfExport.php
+++ b/cis/pdfExport.php
@@ -29,7 +29,8 @@ require_once('../vilesci/config.inc.php');
 require_once('../include/functions.inc.php');
 require_once('../include/benutzerberechtigung.class.php');
 require_once('../include/xslfo2pdf/xslfo2pdf.php');
-require_once('../include/akte.class.php');
+require_once('../include/akte.class.php');
+require_once('../include/konto.class.php');
 
 // Datenbank Verbindung
 if (!$conn = pg_pconnect(CONN_STRING))
@@ -54,8 +55,9 @@ else
 
 //Parameter setzen
 $params='?xmlformat=xml';
-if(isset($_GET['uid']))
-	$params.='&uid='.$_GET['uid'];
+//if(isset($_GET['uid']))
+//	$params.='&uid='.$_GET['uid'];
+$params.='&uid='.$user;
 if(isset($_GET['person_id']))
 	$params.='&person_id='.$_GET['person_id'];
 if(isset($_GET['buchungsnummern']))
@@ -69,133 +71,146 @@ if(isset($_GET['abschlusspruefung_id']))
 if(isset($_GET['typ']))
 	$params.='&typ='.$_GET['typ'];
 
+
+$konto = new konto($conn);
+if (($user == $_GET["uid"]) and $konto->checkStudienbeitrag($user, $_GET["ss"]))
+{
 
-//Berechtigung pruefen
-$rechte = new benutzerberechtigung($conn);
-$rechte->getBerechtigungen($user);
-
-//if(!$rechte->isBerechtigt('admin',$stg_kz))
-//	die("Keine Berechtigung");
-
-$xml_url=XML_ROOT.$xml.$params;
-//echo $xml_url;
-// Load the XML source
-$xml_doc = new DOMDocument;
-
-if(!$xml_doc->load($xml_url))
-	die('unable to load xml');
-//echo ':'.$xml_doc->saveXML().':';
-
-//XSL aus der DB holen
-$qry = "SELECT text FROM public.tbl_vorlagestudiengang WHERE (studiengang_kz=0 OR studiengang_kz='".addslashes($xsl_stg_kz)."') AND vorlage_kurzbz='$xsl' ORDER BY studiengang_kz DESC, version DESC LIMIT 1";
-
-if(!$result = pg_query($conn, $qry))
-	die('Fehler beim laden der Vorlage'.pg_errormessage($conn));
-if(!$row = pg_fetch_object($result))
-	die('Vorlage wurde nicht gefunden'.$qry);
-
-// Load the XSL source
-$xsl_doc = new DOMDocument;
-//if(!$xsl_doc->load('../../../../xsl/collection.xsl'))
-if(!$xsl_doc->loadXML($row->text))
-	die('unable to load xsl');
-
-// Configure the transformer
-$proc = new XSLTProcessor;
-$proc->importStyleSheet($xsl_doc); // attach the xsl rules
-
-$buffer = $proc->transformToXml($xml_doc);
-//in $buffer steht nun das xsl-fo file mit den daten
-$buffer = '<?xml version="1.0" encoding="ISO-8859-15" ?>'.substr($buffer, strpos($buffer,"\n"),strlen($buffer));
-//$buffer = html_entity_decode($buffer);
-//echo "buffer: $buffer";
-
-//Pdf erstellen
-$fo2pdf = new XslFo2Pdf();
-
-//wenn uid gefunden wird, dann den Nachnamen zum Dateinamen dazuhaengen
-$nachname='';
-if(isset($_GET['uid']) && $_GET['uid']!='')
-{
-	$uid = str_replace(';','',$_GET['uid']);
-	$qry = "SELECT nachname FROM campus.vw_benutzer WHERE uid='".addslashes($uid)."'";
+	//Berechtigung pruefen
+	$rechte = new benutzerberechtigung($conn);
+	$rechte->getBerechtigungen($user);
 	
-	if($result = pg_query($conn, $qry))
+	//if(!$rechte->isBerechtigt('admin',$stg_kz))
+	//	die("Keine Berechtigung");
+	
+	$xml_url=XML_ROOT.$xml.$params;
+	//echo $xml_url;
+	// Load the XML source
+	$xml_doc = new DOMDocument;
+	
+	if(!$xml_doc->load($xml_url))
+		die('unable to load xml');
+	//echo ':'.$xml_doc->saveXML().':';
+	
+	//XSL aus der DB holen
+	$qry = "SELECT text FROM public.tbl_vorlagestudiengang WHERE (studiengang_kz=0 OR studiengang_kz='".addslashes($xsl_stg_kz)."') AND vorlage_kurzbz='$xsl' ORDER BY studiengang_kz DESC, version DESC LIMIT 1";
+	
+	if(!$result = pg_query($conn, $qry))
+		die('Fehler beim laden der Vorlage'.pg_errormessage($conn));
+	if(!$row = pg_fetch_object($result))
+		die('Vorlage wurde nicht gefunden'.$qry);
+	
+	// Load the XSL source
+	$xsl_doc = new DOMDocument;
+	//if(!$xsl_doc->load('../../../../xsl/collection.xsl'))
+	if(!$xsl_doc->loadXML($row->text))
+		die('unable to load xsl');
+	
+	// Configure the transformer
+	$proc = new XSLTProcessor;
+	$proc->importStyleSheet($xsl_doc); // attach the xsl rules
+	
+	$buffer = $proc->transformToXml($xml_doc);
+	//in $buffer steht nun das xsl-fo file mit den daten
+	$buffer = '<?xml version="1.0" encoding="ISO-8859-15" ?>'.substr($buffer, strpos($buffer,"\n"),strlen($buffer));
+	//$buffer = html_entity_decode($buffer);
+	//echo "buffer: $buffer";
+	
+	//Pdf erstellen
+	$fo2pdf = new XslFo2Pdf();
+	
+	//wenn uid gefunden wird, dann den Nachnamen zum Dateinamen dazuhaengen
+	$nachname='';
+	
+
+	if(isset($_GET['uid']) && $_GET['uid']!='')
 	{
-		if($row = pg_fetch_object($result))
+		$uid = str_replace(';','',$_GET['uid']);
+		$qry = "SELECT nachname FROM campus.vw_benutzer WHERE uid='".addslashes($uid)."'";
+		
+		if($result = pg_query($conn, $qry))
 		{
-			$nachname = '_'.$row->nachname;
+			if($row = pg_fetch_object($result))
+			{
+				$nachname = '_'.$row->nachname;
+			}
 		}
 	}
-}
-$filename=$xsl.$nachname;
-
-if (!isset($_REQUEST["archive"]))
-{
- if (!$fo2pdf->generatePdf($buffer, $filename, "D"))
- {
-     echo('Failed to generate PDF');
- }
-}
-else
-{
-
-	$filename = $user;
-	if (!$fo2pdf->generatePdf($buffer, $filename, 'F'))
+	$filename=$xsl.$nachname;
+	
+	if (!isset($_REQUEST["archive"]))
 	{
-		echo('Failed to generate PDF');
+	 if (!$fo2pdf->generatePdf($buffer, $filename, "D"))
+	 {
+	     echo('Failed to generate PDF');
+	 }
 	}
-	$file = "/tmp/".$filename.".pdf";
-	$handle = fopen($file, "rb");
-	$string = fread($handle, filesize($file));
-	fclose($handle);
-	unlink($file);
-
-	$hex="";
-	for ($i=0;$i<strlen($string);$i++)
-		$hex.=(strlen(dechex(ord($string[$i])))<2)? "0".dechex(ord($string[$i])): dechex(ord($string[$i]));
-
-
-	$uid = $_REQUEST["uid"];
-	$ss = $_REQUEST["ss"];
-	$heute = date('Y-m-d');
-	$query = "SELECT tbl_studentlehrverband.semester, tbl_studiengang.typ, tbl_studiengang.kurzbz, tbl_person.person_id FROM tbl_person, tbl_benutzer, tbl_studentlehrverband, tbl_studiengang where tbl_studentlehrverband.student_uid = tbl_benutzer.uid and tbl_benutzer.person_id = tbl_person.person_id and tbl_studentlehrverband.studiengang_kz = tbl_studiengang.studiengang_kz and tbl_studentlehrverband.student_uid = '".$uid."' and tbl_studentlehrverband.studiensemester_kurzbz = '".$ss."'";
-
-	if($result = pg_query($conn, $query))
-	{
-		if($row = pg_fetch_object($result))
-		{
-			$person_id = $row->person_id;
-			$titel = "Zeugnis_".strtoupper($row->typ).strtoupper($row->kurzbz)."_".$row->semester;
-			$bezeichnung = "Zeugnis ".strtoupper($row->typ).strtoupper($row->kurzbz)." ".$row->semester.". Semester";
-		}
-		else
-		{
-			$echo = 'Datensatz wurde nicht gefunden';
-
-		}
-	}
-
-
-	$akte = new akte($conn);
-	$akte->person_id = $person_id;
-  	$akte->dokument_kurzbz = "Zeugnis";
-  	$akte->inhalt = $hex;
-  	$akte->mimetype = "application/octet-stream";
-  	$akte->erstelltam = $heute;
-  	$akte->gedruckt = true;
-  	$akte->titel = $titel.".pdf";
-  	$akte->bezeichnung = $bezeichnung;
-  	$akte->updateamum = "";
-  	$akte->updatevon = "";
-	$akte->insertamum = date('Y-m-d h:m:s');
-	$akte->insertvon = $user;
-  	$akte->ext_id = "";
-  	$akte->uid = $_REQUEST["uid"];
-	$akte->new = true;
-	if (!$akte->save('new'))
-		return true;
 	else
-		return false;
+	{
+	
+		$filename = $user;
+		if (!$fo2pdf->generatePdf($buffer, $filename, 'F'))
+		{
+			echo('Failed to generate PDF');
+		}
+		$file = "/tmp/".$filename.".pdf";
+		$handle = fopen($file, "rb");
+		$string = fread($handle, filesize($file));
+		fclose($handle);
+		unlink($file);
+	
+		$hex="";
+		for ($i=0;$i<strlen($string);$i++)
+			$hex.=(strlen(dechex(ord($string[$i])))<2)? "0".dechex(ord($string[$i])): dechex(ord($string[$i]));
+	
+	
+		$uid = $_REQUEST["uid"];
+		$ss = $_REQUEST["ss"];
+		$heute = date('Y-m-d');
+		$query = "SELECT tbl_studentlehrverband.semester, tbl_studiengang.typ, tbl_studiengang.kurzbz, tbl_person.person_id FROM tbl_person, tbl_benutzer, tbl_studentlehrverband, tbl_studiengang where tbl_studentlehrverband.student_uid = tbl_benutzer.uid and tbl_benutzer.person_id = tbl_person.person_id and tbl_studentlehrverband.studiengang_kz = tbl_studiengang.studiengang_kz and tbl_studentlehrverband.student_uid = '".$uid."' and tbl_studentlehrverband.studiensemester_kurzbz = '".$ss."'";
+	
+		if($result = pg_query($conn, $query))
+		{
+			if($row = pg_fetch_object($result))
+			{
+				$person_id = $row->person_id;
+				$titel = "Zeugnis_".strtoupper($row->typ).strtoupper($row->kurzbz)."_".$row->semester;
+				$bezeichnung = "Zeugnis ".strtoupper($row->typ).strtoupper($row->kurzbz)." ".$row->semester.". Semester";
+			}
+			else
+			{
+				$echo = 'Datensatz wurde nicht gefunden';
+	
+			}
+		}
+	
+	
+		$akte = new akte($conn);
+		$akte->person_id = $person_id;
+	  	$akte->dokument_kurzbz = "Zeugnis";
+	  	$akte->inhalt = $hex;
+	  	$akte->mimetype = "application/octet-stream";
+	  	$akte->erstelltam = $heute;
+	  	$akte->gedruckt = true;
+	  	$akte->titel = $titel.".pdf";
+	  	$akte->bezeichnung = $bezeichnung;
+	  	$akte->updateamum = "";
+	  	$akte->updatevon = "";
+		$akte->insertamum = date('Y-m-d h:m:s');
+		$akte->insertvon = $user;
+	  	$akte->ext_id = "";
+	  	$akte->uid = $_REQUEST["uid"];
+		$akte->new = true;
+		if (!$akte->save('new'))
+			return true;
+		else
+			return false;
+	}
+}
+
+else
+// kein berechtigung
+{
+echo "<html><body><h3>Sie haben keine Bereichtigung zum Anzeigen dieser Seite</h3></body></html>";
 }
 ?>
\ No newline at end of file
diff --git a/cis/private/lehre/upload.php b/cis/private/lehre/upload.php
index 3506b8975..eef81a47f 100644
--- a/cis/private/lehre/upload.php
+++ b/cis/private/lehre/upload.php
@@ -706,7 +706,8 @@ A:hover {
               <?php
                   echo "<table class='tabcontent'>";
                   echo "  <tr>";
-			      echo "    <td align=\"right\" width=\"59%\">";
+			      echo "    <td align=\"right\" width=\"59%\">";
+			      echo "<span style='font-size:8pt;'>Max. Uploadgröße (alle Dateien): <b>8 MB</b></span>";
 			      echo "      <input id=\"btnupload\" type=\"submit\" name=\"upload\" value=\"Upload\">";
 			      echo "    </td>";
 			      echo "    <td width=\"41%\">&nbsp;</td>";
diff --git a/cis/private/menu.php b/cis/private/menu.php
index 6e5fcc9b4..3d92206d4 100644
--- a/cis/private/menu.php
+++ b/cis/private/menu.php
@@ -55,7 +55,12 @@ else
 if(check_lektor($user,$db_conn))
    $is_lector=true;
 else
-   $is_lector=false;
+   $is_lector=false;
+  
+if(check_student($user,$db_conn))
+   $is_student=true;
+else
+   $is_student=false;
 
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
@@ -128,7 +133,15 @@ else
 		  	<tr>
 				<td class="tdwidth10" nowrap>&nbsp;</td>
 				<td class='tdwrap'><a class="Item" href="lvplan/stpl_week.php" target="content"><img src="../../skin/images/menu_item.gif" width="7" height="9">&nbsp;LV-Plan</a></td>
-			</tr>
+			</tr>
+			<?php			
+			if ($is_student)
+				echo '<tr>
+			  	<td class="tdwidth10" nowrap>&nbsp;</td>
+				<td class="tdwrap"><a class="Item" href="profile/dokumente.php" target="content"><img src="../../skin/images/menu_item.gif" width="7" height="9">&nbsp;Dokumente</a></td>
+			</tr>'
+			?>
+			
 			<?php
 			//Eigene LVs des eingeloggten Lektors anzeigen
 			if($is_lector)
diff --git a/include/konto.class.php b/include/konto.class.php
index b525a2b68..09649ad2c 100644
--- a/include/konto.class.php
+++ b/include/konto.class.php
@@ -29,7 +29,9 @@ class konto
 	var $conn;     // @var resource DB-Handle
 	var $new;       // @var boolean
 	var $errormsg;  // @var string
-	var $result = array(); // @var adresse Objekt
+	var $result = array(); // @var adresse Objekt
+	var $buch_nr = array();
+	var $buch_date = array();
 
 	//Tabellenspalten
 	var $buchungsnr;
@@ -462,6 +464,55 @@ class konto
 			$this->errormsg = 'Fehler beim Ermitteln der Differenz';
 			return false;
 		}
+	}
+
+
+	// ******************************
+	// * ÃberprÃŒft, ob studiengebÃŒhr gebucht ist fÃŒr  
+	// * student_uid und studiensemester
+	// * gibt true/false zurÃŒck und setzt bei true das buchungsdatum $this->buchungsdatum
+	// ******************************
+	function checkStudienbeitrag($uid, $stsem)
+	{
+		$subqry = "SELECT tbl_konto.buchungsnr, tbl_konto.buchungsdatum FROM public.tbl_konto, public.tbl_benutzer WHERE tbl_konto.studiensemester_kurzbz = '".$stsem."' AND tbl_benutzer.uid = '".$uid."' AND tbl_benutzer.person_id = tbl_konto.person_id and tbl_konto.buchungstyp_kurzbz = 'Studiengebuehr' ORDER BY buchungsnr";
+		$subres = pg_query($this->conn, $subqry);
+		if (pg_num_rows($subres)==0)
+			return false;
+		else
+		{
+			while ($subrow = pg_fetch_object($subres))
+			{
+					$buch_nr[] = $subrow->buchungsnr;
+					$buch_date[] = $subrow->buchungsdatum;
+			}
+		}
+		
+		
+		$qry = "SELECT sum(betrag) as differenz FROM public.tbl_konto WHERE buchungsnr='".$buch_nr[0]."' OR buchungsnr_verweis='".$buch_nr[0]."'";
+
+		if($result = pg_query($this->conn, $qry))
+		{
+			if($row = pg_fetch_object($result))
+			{
+				if ($row->differenz == 0)
+				{
+					$this->buchungsdatum = $buch_date[1];
+					return true;	
+				}				
+				else
+					return false;
+			}
+			else
+			{
+				$this->errormsg = 'Fehler beim Ermitteln der Differenz';
+				return false;
+			}
+		}
+		else
+		{
+			$this->errormsg = 'Fehler beim Ermitteln der Differenz';
+			return false;
+		}
 	}
 }
 ?>
\ No newline at end of file
diff --git a/include/studiensemester.class.php b/include/studiensemester.class.php
index 2ac166f08..84b39eee9 100644
--- a/include/studiensemester.class.php
+++ b/include/studiensemester.class.php
@@ -234,7 +234,7 @@ class studiensemester
 		else
 		{
 			//$qry = "SELECT studiensemester_kurzbz FROM public.tbl_studiensemester WHERE ende >= now() ORDER BY ende";
-			$qry = "SELECT studiensemester_kurzbz FROM vw_studiensemester ";
+			$qry = "SELECT studiensemester_kurzbz FROM public.vw_studiensemester ";
 			if($semester!='')
 			{
 				if($semester%2==0)