first commit

admin/administration_frame.php

@@ -0,0 +1,9 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+$smarty->display("$template/admin/$templatename");
+?>

admin/datencheck.php

@@ -0,0 +1,210 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+    #Anzahl der getesteten Kandidaten
+    $result_anzget = $db->query("SELECT count(distinct ka_id) Anz
+                                   FROM dvm_term_kand a, dvm_tanpool b
+                                  WHERE a.tp_id = b.tp_id
+                                    AND b.login_dat != '0000-00-00 00:00:00'");
+    $row_anzget    = $result_anzget->fetch_array();
+    $smarty->assign('datenchk_anzget', $row_anzget['Anz']);
+    
+    #Anzahl der Kandidaten mit ausstehendem Test
+    $result_aussttest = $db->query("SELECT count(*) Anz
+                                      FROM dvm_tanpool b
+                                     WHERE verw_dat != '0000-00-00 00:00:00'
+                                       AND b.login_dat = '0000-00-00 00:00:00'");
+    $row_aussttest    = $result_aussttest->fetch_array();
+    $smarty->assign('datenchk_aussttest', $row_aussttest['Anz']);
+    
+    #Anzahl aller Anmeldung
+    $result_alleranm = $db->query("SELECT count(distinct ka_id) Anz
+                                     FROM dvm_term_kand a, dvm_tanpool b
+                                    WHERE a.tp_id = b.tp_id
+                                      AND b.verw_dat != '0000-00-00 00:00:00'");
+    $row_alleranm    = $result_alleranm->fetch_array();
+    $smarty->assign('datenchk_alleranm', $row_alleranm['Anz']);
+    
+    #Anzahl Durchfaller - komplizierter. Wenn er nach dem ersten Mal durchgefallen doch bestanden hat, gilt er nicht als Durchfaller
+    $query = "SELECT ka_id, max(tp_id) tp_id
+                FROM dvm_term_kand
+               GROUP BY ka_id
+             ";
+     
+    $result = $db->query($query) or die("Cannot execute query1");
+    $zaehler = 0;
+    while ($row = $result->fetch_array()) {
+      $result_tan = $db->query("SELECT tan
+                                  FROM dvm_tanpool
+                                 WHERE tp_id = $row[tp_id]");
+      $row_tan    = $result_tan->fetch_array();
+      
+      $result_bestanden = $db->query("SELECT bestanden, vorname, nachname, id
+                                        FROM dvm_ergebnisse a, dvm_kandidat b
+                                       WHERE a.ka_id = $row[ka_id]
+                                         AND tan = '$row_tan[tan]'
+                                         AND a.ka_id = b.ka_id
+                                         ");
+      $row_bestanden    = $result_bestanden->fetch_array();
+      if($row_bestanden['bestanden'] == 0 and $row_bestanden['bestanden'] != ''){
+        $zaehler++;
+#        echo "$row_bestanden[nachname], $row_bestanden[vorname], $row_bestanden[id]<br>";
+      }
+    }
+    $smarty->assign('datenchk_anzdurchfaller', $zaehler);
+
+  # Gespeicherte Werte
+  $query1 = "SELECT a.ka_id, perso, vorname, nachname, mail, date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, CASE tm_standort
+		                  WHEN 'L' THEN 'Ludwigsburg'
+		                  WHEN 'K' THEN 'Kehl'
+		                  ELSE '' END as tm_standort
+		                  , a.hochschule
+		                  , behinderung
+               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_ergebnisse d, dvm_tanpool e
+              WHERE a.ka_id = b.ka_id
+                AND b.tm_id = c.tm_id
+                AND a.ka_id = d.ka_id
+                AND b.tp_id = e.tp_id
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_ergebnisse)
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_upload WHERE upload_dat != '0000-00-00 00:00:00')
+                AND d.bestanden = '1'
+                AND e.tan=d.tan
+           ORDER BY tm_datum DESC, nachname ASC, vorname ASC
+            ";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  $row_cnt = $result1->num_rows;
+  $smarty->assign('dokverw_anzdb', $row_cnt);
+  
+  while ($row1 = $result1->fetch_array()) {
+
+    $result_test = $db->query("SELECT summe 
+                                 FROM dvm_ergebnisse
+                                WHERE ka_id = '$row1[ka_id]'
+                                  AND bestanden = '1'");
+    $row_test    = $result_test->fetch_array();
+    
+    $result_perso = $db->query("SELECT count(*) Anz
+                                  FROM dvm_kandidat
+                                 WHERE perso = '$row1[perso]'
+                              ");
+    $row_perso    = $result_perso->fetch_array();
+    if($row_perso['Anz'] > 1){
+      $perso_alert = "red";
+    }else{
+      $perso_alert = "black";
+    }
+
+    
+    $result_anzhzb = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'HZB'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzhzb    = $result_anzhzb->fetch_array();
+    if($row_anzhzb['Anz'] > 0){
+     $image_hzb = "ok.gif";
+    }else{
+     $image_hzb = "cross.jpg";
+    }
+
+    $result_anzzusage = $db->query("SELECT b.bez
+                                      FROM dvm_dst_wunsch a, dvm_dienststellen b
+                                     WHERE a.dst_id = b.dst_id
+                                       AND a.zusage = 'J'
+                                       AND a.ka_id = '$row1[ka_id]'");
+
+    $row_anzzusage    = $result_anzzusage->fetch_array();
+    if($row_anzzusage['bez'] != ''){
+     $image_zusage = "ok.gif";
+     $dstzusagebez = $row_anzzusage['bez'];
+    }else{
+     $image_zusage = "cross.jpg";
+     $dstzusagebez = "";
+    }
+
+    # Wunschhochschule
+    $result_wunschhs = $db->query("SELECT wunsch_hs
+                                     FROM dvm_erw_daten
+                                   WHERE ka_id = '$row1[ka_id]'");
+    $row_wunschhs    = $result_wunschhs->fetch_array();
+    if($row_wunschhs['wunsch_hs'] == 'E'){
+      $wunsch_hs = "Egal";
+    }elseif($row_wunschhs['wunsch_hs'] == 'K'){
+      $wunsch_hs = "Kehl";
+    }elseif($row_wunschhs['wunsch_hs'] == 'L'){
+      $wunsch_hs = "Ludwigsburg";
+    }
+    
+    $result_anzzeug = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE (beschreibung = 'Zeugnis 1'
+                                   OR  beschreibung = 'Zeugnis 2')
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzzeug    = $result_anzzeug->fetch_array();
+    if($row_anzzeug['Anz'] >= 2){
+     $image_zeug = "ok.gif";
+    }else{
+     $image_zeug = "cross.jpg";
+    }
+
+    $result_anzleben = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'Lebenslauf'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzleben    = $result_anzleben->fetch_array();
+    if($row_anzleben['Anz'] >= 1){
+     $image_leben = "ok.gif";
+    }else{
+     $image_leben = "cross.jpg";
+    }
+    
+    $result_notehzb = $db->query("SELECT hzb, zeugnisschnitt
+                                 FROM dvm_note
+                                WHERE ka_id = '$row1[ka_id]'");
+    $row_notehzb    = $result_notehzb->fetch_array();
+    if($row_notehzb['hzb'] == "0.00" or $row_notehzb['hzb'] == ""){
+     $image_notehzb = "cross.jpg";
+    }else{
+     $image_notehzb = "ok.gif";
+    }
+    
+    if($row_notehzb['zeugnisschnitt'] == "0.00" or $row_notehzb['zeugnisschnitt'] == ""){
+     $image_noteschnitt = "cross.jpg";
+    }else{
+     $image_noteschnitt = "ok.gif";
+    }
+    
+    $row1['image_zusage']     = $image_zusage;
+    $row1['perso_alert']      = $perso_alert;
+    $row1['dstzusagebez']     = $dstzusagebez;
+    $row1['image_noteschnitt']     = $image_noteschnitt;
+    $row1['image_notehzb']     = $image_notehzb;
+    $row1['image_leben']       = $image_leben;
+    $row1['image_zeug']        = $image_zeug;
+    $row1['anz_zeug']          = $row_anzzeug['Anz'];
+    $row1['image_hzb']         = $image_hzb;
+    $row1['testergebnis']      = $row_test['summe'];
+    $row1['wunsch_hs']      = $wunsch_hs;
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/datencheck.php_20200723

@@ -0,0 +1,160 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+    #Anzahl der getesteten Kandidaten
+    $result_anzget = $db->query("SELECT count(distinct ka_id) Anz
+                                   FROM dvm_term_kand a, dvm_tanpool b
+                                  WHERE a.tp_id = b.tp_id
+                                    AND b.login_dat != '0000-00-00 00:00:00'");
+    $row_anzget    = $result_anzget->fetch_array();
+    $smarty->assign('datenchk_anzget', $row_anzget['Anz']);
+    
+    #Anzahl der Kandidaten mit ausstehendem Test
+    $result_aussttest = $db->query("SELECT count(*) Anz
+                                      FROM dvm_tanpool b
+                                     WHERE verw_dat != '0000-00-00 00:00:00'
+                                       AND b.login_dat = '0000-00-00 00:00:00'");
+    $row_aussttest    = $result_aussttest->fetch_array();
+    $smarty->assign('datenchk_aussttest', $row_aussttest['Anz']);
+    
+    #Anzahl aller Anmeldung
+    $result_alleranm = $db->query("SELECT count(distinct ka_id) Anz
+                                     FROM dvm_term_kand a, dvm_tanpool b
+                                    WHERE a.tp_id = b.tp_id
+                                      AND b.verw_dat != '0000-00-00 00:00:00'");
+    $row_alleranm    = $result_alleranm->fetch_array();
+    $smarty->assign('datenchk_alleranm', $row_alleranm['Anz']);
+    
+    #Anzahl Durchfaller - komplizierter. Wenn er nach dem ersten Mal durchgefallen doch bestanden hat, gilt er nicht als Durchfaller
+    $query = "SELECT ka_id, max(tp_id) tp_id
+                FROM dvm_term_kand
+               GROUP BY ka_id
+             ";
+     
+    $result = $db->query($query) or die("Cannot execute query1");
+    $zaehler = 0;
+    while ($row = $result->fetch_array()) {
+      $result_tan = $db->query("SELECT tan
+                                  FROM dvm_tanpool
+                                 WHERE tp_id = $row[tp_id]");
+      $row_tan    = $result_tan->fetch_array();
+      
+      $result_bestanden = $db->query("SELECT bestanden
+                                        FROM dvm_ergebnisse
+                                       WHERE ka_id = $row[ka_id]
+                                         AND tan = '$row_tan[tan]'");
+      $row_bestanden    = $result_bestanden->fetch_array();
+      if($row_bestanden['bestanden'] == 0 and $row_bestanden['bestanden'] != ''){
+        $zaehler++;
+      }
+    }
+    $smarty->assign('datenchk_anzdurchfaller', $zaehler);
+
+  # Gespeicherte Werte
+  $query1 = "SELECT a.ka_id, vorname, nachname, date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, CASE tm_standort
+		                  WHEN 'L' THEN 'Ludwigsburg'
+		                  WHEN 'K' THEN 'Kehl'
+		                  ELSE '' END as tm_standort
+               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_ergebnisse d, dvm_tanpool e
+              WHERE a.ka_id = b.ka_id
+                AND b.tm_id = c.tm_id
+                AND a.ka_id = d.ka_id
+                AND b.tp_id = e.tp_id
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_ergebnisse)
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_upload WHERE upload_dat != '0000-00-00 00:00:00')
+                AND d.bestanden = '1'
+                AND e.tan=d.tan
+           ORDER BY tm_datum DESC, nachname ASC, vorname ASC
+            ";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  $row_cnt = $result1->num_rows;
+  $smarty->assign('dokverw_anzdb', $row_cnt);
+  
+  while ($row1 = $result1->fetch_array()) {
+
+    $result_test = $db->query("SELECT summe 
+                                 FROM dvm_ergebnisse
+                                WHERE ka_id = '$row1[ka_id]'
+                                  AND bestanden = '1'");
+    $row_test    = $result_test->fetch_array();
+    
+    $result_anzhzb = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'HZB'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzhzb    = $result_anzhzb->fetch_array();
+    if($row_anzhzb['Anz'] > 0){
+     $image_hzb = "ok.gif";
+    }else{
+     $image_hzb = "cross.jpg";
+    }
+    
+    $result_anzzeug = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'Zeugnis'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzzeug    = $result_anzzeug->fetch_array();
+    if($row_anzzeug['Anz'] >= 2){
+     $image_zeug = "ok.gif";
+    }else{
+     $image_zeug = "cross.jpg";
+    }
+
+    $result_anzleben = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'Lebenslauf'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzleben    = $result_anzleben->fetch_array();
+    if($row_anzleben['Anz'] >= 1){
+     $image_leben = "ok.gif";
+    }else{
+     $image_leben = "cross.jpg";
+    }
+    
+    $result_notehzb = $db->query("SELECT hzb, zeugnisschnitt
+                                 FROM dvm_note
+                                WHERE ka_id = '$row1[ka_id]'");
+    $row_notehzb    = $result_notehzb->fetch_array();
+    if($row_notehzb['hzb'] == "0.00" or $row_notehzb['hzb'] == ""){
+     $image_notehzb = "cross.jpg";
+    }else{
+     $image_notehzb = "ok.gif";
+    }
+    
+    if($row_notehzb['zeugnisschnitt'] == "0.00" or $row_notehzb['zeugnisschnitt'] == ""){
+     $image_noteschnitt = "cross.jpg";
+    }else{
+     $image_noteschnitt = "ok.gif";
+    }
+    
+    $row1['image_noteschnitt']     = $image_noteschnitt;
+    $row1['image_notehzb']     = $image_notehzb;
+    $row1['image_leben']       = $image_leben;
+    $row1['image_zeug']        = $image_zeug;
+    $row1['anz_zeug']          = $row_anzzeug['Anz'];
+    $row1['image_hzb']         = $image_hzb;
+    $row1['testergebnis']      = $row_test['summe'];
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/datencheck_excel.php

@@ -0,0 +1,283 @@
+<?php
+# Orner phpspreadsheet_1.8.1.0_php-7.0 für Hoschschule verwenden
+#require_once "../phpspreadsheet-1.13_php-7.4/vendor/autoload.php";
+require_once "../phpspreadsheet_1.8.1.0/vendor/autoload.php";
+require_once("../config.inc.php");
+
+
+
+use PhpOffice\PhpSpreadsheet\Spreadsheet;
+use PhpOffice\PhpSpreadsheet\Writer\Xlsx;
+
+$spreadsheet = new Spreadsheet();
+#$spreadsheet->getActiveSheet()->getPageSetup()->setFitToWidth(1);
+#$spreadsheet->getActiveSheet()->getPageSetup()->setFitToHeight(0);
+
+$activeSheet = $spreadsheet->getActiveSheet();
+
+$activeSheet->getStyle('A1:AB1')->applyFromArray(array(
+  'font' => array(
+    'bold' => true
+  )
+));
+
+
+$activeSheet->setCellValue('A1', 'Bewerbernr.');
+$activeSheet->setCellValue('B1', 'Anrede');
+$activeSheet->setCellValue('C1', 'Vorname');
+$activeSheet->setCellValue('D1', 'Nachname');
+$activeSheet->setCellValue('E1', 'Ausweis');
+$activeSheet->setCellValue('F1', 'Mail');
+$activeSheet->setCellValue('G1', 'Straße');
+$activeSheet->setCellValue('H1', 'PLZ');
+$activeSheet->setCellValue('I1', 'Ort');
+$activeSheet->setCellValue('J1', 'Geburtsdatum');
+$activeSheet->setCellValue('K1', 'Testdatum');
+$activeSheet->setCellValue('L1', 'Zuständige Hochschule');
+$activeSheet->setCellValue('M1', 'Wunsch Hochschule');
+$activeSheet->setCellValue('N1', 'Zugewiesene Hochschule');
+$activeSheet->setCellValue('O1', 'Testergebnis');
+$activeSheet->setCellValue('P1', 'Verkürzung');
+$activeSheet->setCellValue('Q1', 'Schwerbehinderung');
+$activeSheet->setCellValue('R1', 'PDF Upload HZB');
+$activeSheet->setCellValue('S1', 'PDF Upload Zeugnisse');
+$activeSheet->setCellValue('T1', 'Lebenslauf');
+$activeSheet->setCellValue('U1', 'Note HZB');
+$activeSheet->setCellValue('V1', 'Notenwert HZB');
+$activeSheet->setCellValue('W1', 'Note Durchschnitt');
+$activeSheet->setCellValue('X1', 'Notewert Durchschnitt');
+$activeSheet->setCellValue('Y1', 'Bezeichnung Ausbildungsstelle');
+$activeSheet->setCellValue('Z1', 'Straße Ausbildungsstelle');
+$activeSheet->setCellValue('AA1', 'PLZ Ausbildungsstelle');
+$activeSheet->setCellValue('AB1', 'Ort Ausbildungsstelle');
+$activeSheet->freezePane('A2');
+
+$query = $db->query("SELECT a.ka_id
+                           ,CASE anrede
+                                 WHEN 'W' THEN 'Frau'
+                                 WHEN 'M' THEN 'Herr'
+                                 ELSE '' END as Anrede
+                           ,vorname
+                           ,nachname
+                           ,perso
+                           ,mail
+                           ,str
+                           ,plz
+                           ,ort
+                           ,mail
+                           ,date_format(gebdat, '%d.%m.%Y') Gebdat
+                           ,date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum
+                           ,CASE tm_standort
+                                 WHEN 'L' THEN 'Ludwigsburg'
+                                 WHEN 'K' THEN 'Kehl'
+                                 ELSE '' END as tm_standort
+                          ,behinderung
+                          ,a.hochschule
+                       FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_ergebnisse d, dvm_tanpool e
+                      WHERE a.ka_id = b.ka_id
+                        AND b.tm_id = c.tm_id
+                        AND a.ka_id = d.ka_id
+                        AND b.tp_id = e.tp_id
+                        AND a.ka_id IN (SELECT distinct ka_id FROM dvm_ergebnisse)
+                        AND a.ka_id IN (SELECT distinct ka_id FROM dvm_upload WHERE upload_dat != '0000-00-00 00:00:00')
+                        AND d.bestanden = '1'
+                        AND e.tan=d.tan
+                      ORDER BY nachname ASC, vorname ASC
+                      ");
+
+if ($query->num_rows > 0) {
+  $i = 2;
+  while ($row = $query->fetch_assoc()) {
+    
+    $result_test = $db->query("SELECT summe 
+                                 FROM dvm_ergebnisse
+                                WHERE ka_id = '$row[ka_id]'
+                                  AND bestanden = '1'");
+    $row_test    = $result_test->fetch_array();
+    
+#    $result_rang3 = $db->query("SELECT rang3 
+#                                 FROM dvm_tmp_jahrgang_kandidat
+#                                WHERE ka_id = '$row[ka_id]'
+#                              ");
+#    $row_rang3    = $result_rang3->fetch_array();
+    
+    if ($row['verkuerzung'] == 'J') {
+      $verkuerzung = 'Ja';
+    } else {
+      $verkuerzung = '';
+    }
+    if ($row['behinderung'] == 'J') {
+      $behinderung = 'Ja';
+    } else {
+      $behinderung = '';
+    }
+    
+    $result_anzhzb = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'HZB'
+                                  AND ka_id = '$row[ka_id]'");
+    $row_anzhzb    = $result_anzhzb->fetch_array();
+    if ($row_anzhzb['Anz'] > 0) {
+      $pdf_hzb = "Ja";
+    } else {
+      $pdf_hzb = "Nein";
+    }
+    
+    $result_anzzeug = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung like 'Zeugnis%'
+                                  AND ka_id = '$row[ka_id]'");
+    $row_anzzeug    = $result_anzzeug->fetch_array();
+    
+    $result_anzleben = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'Lebenslauf'
+                                  AND ka_id = '$row[ka_id]'");
+    $row_anzleben    = $result_anzleben->fetch_array();
+    if ($row_anzleben['Anz'] >= 1) {
+      $leben = "Ja";
+    } else {
+      $leben = "Nein";
+    }
+    
+    $result_notehzb = $db->query("SELECT hzb, zeugnisschnitt
+                                 FROM dvm_note
+                                WHERE ka_id = '$row[ka_id]'");
+    $row_notehzb    = $result_notehzb->fetch_array();
+    if ($row_notehzb['hzb'] == "0.00" or $row_notehzb['hzb'] == "") {
+      $notehzb = "Nein";
+      $note_hzb = '';
+    } else {
+      $notehzb = "Ja";
+      $note_hzb = number_format($row_notehzb['hzb'], 1, ',', '.');
+    }
+    
+    if ($row_notehzb['zeugnisschnitt'] == "0.00" or $row_notehzb['zeugnisschnitt'] == "") {
+      $noteschnitt = "Nein";
+      $note_wert = '';
+    } else {
+      $noteschnitt = "Ja";
+      $note_wert = number_format($row_notehzb['zeugnisschnitt'], 1, ',', '.');
+    }
+    
+    $result_dst = $db->query("SELECT bez, str, plz, ort
+                                FROM dvm_dienststellen a
+                               WHERE dst_id IN (SELECT dst_id
+                                                  FROM dvm_dst_wunsch b
+                                                 WHERE a.dst_id = b.dst_id
+                                                   AND b.ka_id = '$row[ka_id]'
+                                                   AND zusage ='J')");
+    $row_dst    = $result_dst->fetch_array();
+    if ($row_dst['bez'] != "") {
+      $dst_bez = $row_dst['bez'];
+      $dst_str = $row_dst['str'];
+      $dst_plz = $row_dst['plz'];
+      $dst_ort = $row_dst['ort'];
+    } else {
+      $dst_bez = '';
+      $dst_str = '';
+      $dst_plz = '';
+      $dst_ort = '';
+    }
+    
+    $result_erwhs = $db->query("SELECT wunsch_hs 
+                                  FROM dvm_erw_daten
+                                 WHERE ka_id = '$row[ka_id]'
+                               ");
+    $row_erwhs    = $result_erwhs->fetch_array();
+    
+    if($row_erwhs['wunsch_hs'] == 'E'){
+      $wunsch_hs = "Egal";
+    }elseif($row_erwhs['wunsch_hs'] == 'K'){
+      $wunsch_hs = "Kehl";
+    }elseif($row_erwhs['wunsch_hs'] == 'L'){
+      $wunsch_hs = "Ludwigsburg";
+    }elseif($row_erwhs['wunsch_hs'] == ''){
+      $wunsch_hs = "";
+    }
+    
+    if($row_erwhs['zugewiesene_hs'] == 'O'){
+      $zugewiesene_hs = "Offen";
+    }elseif($row_erwhs['zugewiesene_hs'] == 'K'){
+      $zugewiesene_hs = "Kehl";
+    }elseif($row_erwhs['zugewiesene_hs'] == 'L'){
+      $zugewiesene_hs = "Ludwigsburg";
+    }elseif($row_erwhs['zugewiesene_hs'] == ''){
+      $zugewiesene_hs = "";
+    }
+
+    
+    
+    $activeSheet->setCellValue('A' . $i, $row['ka_id']);
+    $activeSheet->setCellValue('B' . $i, "$row[Anrede]");
+    $activeSheet->setCellValue('C' . $i, "$row[vorname]");
+    $activeSheet->setCellValue('D' . $i, "$row[nachname]");
+    $activeSheet->setCellValue('E' . $i, "$row[perso]");
+    $activeSheet->setCellValue('F' . $i, "$row[mail]");
+    $activeSheet->setCellValue('G' . $i, "$row[str]");
+    $activeSheet->setCellValue('H' . $i, "$row[plz]");
+    $activeSheet->setCellValue('I' . $i, "$row[ort]");
+    $activeSheet->setCellValue('J' . $i, "$row[Gebdat]");
+    $activeSheet->setCellValue('K' . $i, "$row[tm_datum] ($row[tm_standort])");
+    $activeSheet->setCellValue('L' . $i, $row['hochschule']);
+    $activeSheet->setCellValue('M' . $i, $wunsch_hs);
+    $activeSheet->setCellValue('N' . $i, $zugewiesene_hs);
+    $activeSheet->setCellValue('O' . $i, "$row_test[summe]  / 130");
+    $activeSheet->setCellValue('P' . $i, $verkuerzung);
+    $activeSheet->setCellValue('Q' . $i, $behinderung);
+    $activeSheet->setCellValue('R' . $i, $pdf_hzb);
+    $activeSheet->setCellValue('S' . $i, "$row_anzzeug[Anz] / 2");
+    $activeSheet->setCellValue('T' . $i, $leben);
+    $activeSheet->setCellValue('U' . $i, $notehzb);
+    $activeSheet->setCellValue('V' . $i, $note_hzb);
+    $activeSheet->setCellValue('W' . $i, $noteschnitt);
+    $activeSheet->setCellValue('X' . $i, $note_wert);
+    $activeSheet->setCellValue('Y' . $i, $dst_bez);
+    $activeSheet->setCellValue('Z' . $i, $dst_str);
+    $activeSheet->setCellValue('AA' . $i, $dst_plz);
+    $activeSheet->setCellValue('AB' . $i, $dst_ort);
+
+    $i++;
+  }
+  
+}
+
+$spreadsheet->getActiveSheet()->setTitle("Datencheck");
+$spreadsheet->getActiveSheet()->getColumnDimension('A')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('B')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('C')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('D')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('E')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('F')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('G')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('H')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('I')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('J')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('K')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('L')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('M')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('N')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('O')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('P')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('Q')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('R')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('S')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('T')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('U')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('V')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('W')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('X')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('Y')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('Z')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('AA')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('AB')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->setSelectedCell('A1');
+$writer   = new Xlsx($spreadsheet);
+$filename = 'Datencheck.xlsx';
+
+header('Content-type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
+header('Content-Disposition: attachment;filename=' . $filename);
+header('Cache-Control: max-age=0');
+$writer->save('php://output');
+
+?>

admin/dokverw.php

@@ -0,0 +1,110 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+require_once("../func_get_restplatz.php");
+require_once("../func_get_parameter.php");
+$verz = "../uploads/"; // relatives Uploadverzeichnis (relativ zum 'Standort' dieser Datei, wohin die Dateien kopiert werden sollen
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+  
+
+  # Gespeicherte Werte
+  $query1 = "SELECT up_id, file, ka_id
+               FROM dvm_upload
+              WHERE upload_dat != '0000-00-00 00:00:00'";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  $row_cnt = $result1->num_rows;
+  $smarty->assign('dokverw_anzdb', $row_cnt);
+  
+  while ($row1 = $result1->fetch_array()) {
+    $result_kand = $db->query("SELECT vorname, nachname 
+                                 FROM dvm_kandidat
+                                WHERE ka_id = '$row1[ka_id]'");
+    $row_kand    = $result_kand->fetch_array();
+    if (file_exists($row1['file'])) {
+        $exists = 1;
+    } else {
+        $exists = 0;
+    }
+
+    $row1['vorname']           = $row_kand['vorname'];
+    $row1['nachname']          = $row_kand['nachname'];
+    $row1['exists']            = $exists;
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+      
+      
+      $dir = $_SERVER["DOCUMENT_ROOT"].dirname($_SERVER['PHP_SELF'])."/$verz";
+
+      $folder = dir($dir);
+      while ($dateiname = $folder->read()) {
+          if (filetype($dir.$dateiname) != "dir") {
+              $ext        = strrchr($dateiname, '.');
+              if($ext == '.pdf'){
+                $result_checkdoc = $db->query("SELECT count(*) Anz
+                                               FROM dvm_upload
+                                              WHERE file ='$verz$dateiname'
+                                              LIMIT 1");
+                $row_checkdoc    = $result_checkdoc->fetch_array();
+                if($row_checkdoc['Anz'] == 0){
+                 $exists2 = 0;
+                 $vorname = "";
+                 $nachname = "";
+                }else{
+                 $result_checkdoc2 = $db->query("SELECT ka_id
+                                                FROM dvm_upload
+                                               WHERE file ='$verz$dateiname'
+                                               LIMIT 1");
+                 $row_checkdoc2    = $result_checkdoc2->fetch_array();
+                
+                 $result_kand = $db->query("SELECT vorname, nachname 
+                                              FROM dvm_kandidat
+                                             WHERE ka_id = '$row_checkdoc2[ka_id]'");
+                 $row_kand    = $result_kand->fetch_array();
+                 $vorname = $row_kand['vorname'];
+                 $nachname = $row_kand['nachname'];
+                 $exists2 = 1;
+                }
+                $row2['vorname']    = $vorname;
+                $row2['nachname']   = $nachname;
+                $row2['file']       = $dateiname;
+                $row2['exists']     = $exists2;
+                $row2['dateiname']  = $dateiname;
+                $table_data2[]      = $row2;
+              }
+          }
+      }
+      $smarty->assign('table_data2', $table_data2);
+      $cntserver = count($table_data2);
+      $smarty->assign('dokverw_anzserver', $cntserver);
+}
+if ($action == 'delserver') {
+  $file = $verz.$_GET['file'];
+  @unlink($file);
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
+}
+if ($action == 'deldb') {
+  $up_id = $_GET['up_id'];
+  $sql1 = $db->query("DELETE FROM dvm_upload
+                       WHERE up_id = $up_id
+                    ");
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/downpdf.php

@@ -0,0 +1,27 @@
+<?php 
+require_once("../config.inc.php");  
+if($_SESSION["global_username"] == ''){
+echo"<script type='text/javascript'>window.top.location.href = \"index.php\";</script>";
+exit;
+}
+$file = $_GET["file"]; 
+if (file_exists($file)) {
+header("Content-Type: application/octet-stream"); 
+header("Content-Disposition: attachment; filename=" . urlencode(basename($file)));
+header("Content-Type: application/download"); 
+header("Content-Description: File Transfer");             
+header("Content-Length: " . filesize($file)); 
+  
+flush(); // This doesn't really matter. 
+
+$fp = fopen($file, "r"); 
+while (!feof($fp)) { 
+      echo fread($fp, 65536); 
+      flush(); // This is essential for large downloads 
+}  
+
+fclose($fp);
+}else{
+echo "Datei nicht gefunden";
+}
+?>

admin/ergebnisse.php

@@ -0,0 +1,123 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']), 0, -3) . "html";
+$smarty       = new SmartyAdmin();
+require_once("../language/german.inc.php");
+require_once("../func_get_parameter.php");
+require_once("../config/func_cryption.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+
+if ($action == '') {
+  
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  
+  $query1 = "SELECT a.tm_id, date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+               FROM dvm_termine a, dvm_term_kand b, dvm_ergebnisse c
+              WHERE a.tm_id=b.tm_id
+                AND b.ka_id = c.ka_id
+                AND a.tm_datum > ADDDATE(now(), -365)
+                AND a.tm_datum < now()
+              GROUP BY a.tm_id, tm_datum_form, tm_standort
+              ORDER BY tm_datum desc";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  
+  while ($row1 = $result1->fetch_array()) {
+    
+    if ($row1['tm_standort'] == 'L') {
+      $standort = 'Ludwigsburg';
+    }
+    if ($row1['tm_standort'] == 'K') {
+      $standort = 'Kehl';
+    }
+    
+    $row1['tm_standort'] = $standort;
+    $table_data1[]       = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+}
+
+if ($action == 'ausgabe') {
+  if (isset($_POST["testtermin"])) {
+    $testtermin = $_POST["testtermin"];
+  } else {
+    $testtermin = $_SESSION["testtermin"];
+  }
+  
+  $_SESSION["testtermin"] = $testtermin;
+  
+  $result = $db->query("SELECT date_format(tm_datum, '%d.%m.%Y') tm_datum, tm_standort
+                          FROM dvm_termine
+                         WHERE tm_id = $testtermin");
+  $row    = $result->fetch_array();
+
+  if ($row['tm_standort'] == 'L') {
+    $standort = 'Ludwigsburg';
+  }
+  if ($row['tm_standort'] == 'K') {
+    $standort = 'Kehl';
+  }
+    
+  $smarty->assign('erg_datum', $row['tm_datum']);
+  $smarty->assign('erg_standort', $standort);
+
+  $query1 = "SELECT vorname, nachname, a.ka_id, a.tan, satzerg, analogie, rechenaufgaben, zahlenreihen, rechenzeichen, matrizen, merkf, summe, bestanden, a.eg_id
+               FROM dvm_ergebnisse a, dvm_kandidat b, dvm_term_kand c, dvm_termine d, dvm_tanpool e
+              WHERE a.ka_id = b.ka_id
+                AND b.ka_id = c.ka_id
+                AND c.tm_id = d.tm_id
+                AND c.tp_id = e.tp_id
+                AND e.tan = a.tan
+                AND d.tm_id = $testtermin
+              ORDER BY nachname ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  
+  while ($row1 = $result1->fetch_array()) {
+    $row1['tm_standort'] = $standort;
+    $table_data1[]       = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+
+}
+
+
+if ($action == 'del') {
+$ka_id = $_GET['ka_id'];
+$eg_id = $_GET['eg_id'];
+
+  $result = $db->query("SELECT vorname, nachname
+                          FROM dvm_kandidat
+                         WHERE ka_id = $ka_id");
+  $row    = $result->fetch_array();
+  $smarty->assign('del_name', "$row[vorname] $row[nachname]");
+  $smarty->assign('del_eg_id', $eg_id);
+
+} 
+
+if ($action == 'del2') {
+  $eg_id = $_GET['eg_id'];
+    
+  $sql1 = $db->query("UPDATE dvm_ergebnisse
+                         SET summe = 0
+                            ,bestanden='0'
+                       WHERE eg_id= $eg_id");
+
+echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=ausgabe\">";
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/fetch.php

@@ -0,0 +1,85 @@
+<?php
+ require_once("../config/datenbankanbindung.php");
+$db = dbconnect();
+$output = '';
+$script = '';
+$script = $_POST['script'];
+
+if(isset($_POST["query"]))
+{
+	$search = mysqli_real_escape_string($db, $_POST["query"]);
+        if($script == "kand_del" OR $script == "termine_kandidat"){
+        $query = "
+                 SELECT a.ka_id, vorname, nachname
+                   FROM dvm_kandidat a, dvm_term_kand b, dvm_tanpool c
+                  WHERE a.ka_id =b.ka_id
+                    AND b.tp_id =c.tp_id
+                    AND c.login_dat = '0000-00-00 00:00:00'
+                    AND (vorname LIKE '%".$search."%'
+	                 OR nachname LIKE '%".$search."%')
+                  ORDER BY nachname ASC, vorname ASC";
+        }else{
+	$query = "
+	  SELECT ka_id, vorname, nachname
+	    FROM dvm_kandidat 
+	   WHERE vorname LIKE '%".$search."%'
+	      OR nachname LIKE '%".$search."%'
+	  ";
+	}
+}
+else
+{
+        if($script == "kand_del" OR $script == "termine_kandidat"){
+	       $query = "
+	       SELECT a.ka_id, vorname, nachname
+                 FROM dvm_kandidat a, dvm_term_kand b, dvm_tanpool c
+                WHERE a.ka_id =b.ka_id
+                  AND b.tp_id =c.tp_id
+                  AND c.login_dat = '0000-00-00 00:00:00'
+                ORDER BY nachname ASC, vorname ASC";
+        }else{
+	       $query = "
+	       SELECT ka_id, vorname, nachname
+                 FROM dvm_kandidat
+                ORDER BY nachname, vorname";
+        }
+}
+$result = mysqli_query($db, $query);
+if(mysqli_num_rows($result) > 0)
+{
+	while($row = mysqli_fetch_array($result))
+	{
+	    
+            $result2 = $db->query("SELECT date_format(tm_datum, '%d.%m.%Y - %H:%i Uhr') tm_datum_form, tm_datum
+                                     FROM dvm_term_kand a, dvm_termine b
+                                    WHERE a.tm_id = b.tm_id
+                                      AND a.ka_id = '$row[ka_id]'
+                                    ORDER BY tk_id DESC
+                                    LIMIT 1");
+            $row2    = $result2->fetch_array();
+            if($row2['tm_datum'] == '0000-00-00 00:00:00'){
+	      $tm_datum_form = "-";
+	    }else{
+	      $tm_datum_form = $row2['tm_datum_form'];
+	    }
+	    
+	    
+	    if(mysqli_num_rows($result) == 1){
+		$output .= "
+			<option value='$row[ka_id]' selected>$row[nachname], $row[vorname] ($tm_datum_form)</option>
+		";
+	    
+	    }else{
+		$output .= "
+			<option value='$row[ka_id]'>$row[nachname], $row[vorname] ($tm_datum_form)</option>
+		";
+	    
+	    }
+	}
+	echo $output;
+}
+else
+{
+	echo 'Data Not Found';
+}
+?>

admin/hauptframe.php

@@ -0,0 +1,9 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+$smarty->display("$template/admin/$templatename");
+?>

admin/index.php

@@ -0,0 +1,86 @@
+<?php
+## INDEX gegen DB
+session_start();
+
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+require_once("../config/datenbankanbindung.php");
+$smarty = new SmartyAdmin();
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+require_once "../language/german.inc.php";
+
+
+$action = $_GET['action'];
+if($action == ''){
+  if(isset($_GET['error'])){
+  
+    $errorno = $_GET['error'];
+    
+    $smarty->assign('index_error', 1);
+    
+    if($errorno == 1){
+      $smarty->assign('index_error_text', "Es m&uuml;ssen alle Felder ausgef&uuml;llt werden");
+    }
+    
+    if($errorno == 2){
+      $smarty->assign('index_error_text', "Der Benutzername ist im System nicht vorhanden");
+    }
+    
+    if($errorno == 3){
+      $smarty->assign('index_error_text', "Der Benutzername oder das Passwort ist nicht korrekt.");
+    }
+    
+    # Daten aufbereiten bei Fehler
+    if(isset($_SESSION["global_username"])){
+      $smarty->assign('index_user', $_SESSION["global_username"]);
+    }
+  }
+  
+
+}
+
+if($action == 'anmeld'){
+  $username=strtoupper($_POST["user"]); //remove case sensitivity on the username
+  $password=$_POST["password"];
+  
+  if($_POST["user"] != ""){
+    $_SESSION["global_username"]=$username;
+  }
+  
+  if($username == "" OR $password == ""){
+     echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=1\">";
+  }else{
+  
+  
+  $db = dbconnect();
+  $result = $db->query("SELECT dvmuid, uid, passwort FROM dvm_admin WHERE UPPER(uid)='$username'");
+  $row = $result->fetch_array();
+  
+  
+  if ($username != strtoupper($row['uid'])) {
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=2\">";
+  }
+  // Passwort falsch
+  elseif (md5($password) != $row['passwort']){  //verschlüsseltes Passwort überprüfen
+    # Cookies werden bereits gesetzt, falls sich jemand ein passwort zusenden lässt.
+    $_SESSION["global_uid"]  = $row['dvmuid'];
+    $_SESSION["global_username"] = $row['uid'];
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=3\">";
+  }else{
+    $db = dbconnect();
+    $datum=date("Y-m-d H:i:s");
+    $ip=getenv("REMOTE_ADDR");
+    $agent=getenv("HTTP_USER_AGENT");
+    $user_admin = $row['dvmuid'];
+    $_SESSION["global_uid"]  = $user_admin;
+    $_SESSION["global_username"] = $row['uid'];
+    $result_1 = $db->query("INSERT INTO dvm_adminlog (Datum, IP, user_agent, dvmuid) VALUES ('$datum', '$ip', '$agent', '$user_admin')");
+    $smarty->assign('index_login', "1");
+  }
+  }
+  
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+?>

admin/indexframe.php

@@ -0,0 +1,8 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+$smarty->display("$template/admin/$templatename");
+?>

admin/kand_del.php

@@ -0,0 +1,111 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+   
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  
+# Dropdown befüllen übernimmt ajax:fetch.php
+#  $query1 = "SELECT a.ka_id, vorname, nachname, date_format(gebdat, '%d.%m.%Y') geb_format
+#               FROM dvm_kandidat a, dvm_term_kand b, dvm_tanpool c
+#              WHERE a.ka_id =b.ka_id
+#                AND b.tp_id =c.tp_id
+#                AND c.login_dat = '0000-00-00 00:00:00'
+#              ORDER BY nachname ASC, vorname ASC";
+#  
+#  $result1 = $db->query($query1) or die("Cannot execute query1");
+#  
+#  
+#  while ($row1 = $result1->fetch_array()) {
+#    $table_data1[]           = $row1;
+#  }
+#  $smarty->assign('table_data1', $table_data1);
+}
+
+if ($action == 'nachfrage') {
+ $ka_id = $_POST['user'];
+
+ $result_id = $db->query("SELECT vorname, nachname
+                            FROM dvm_kandidat
+                           WHERE ka_id = '$ka_id'");
+ $row_id    = $result_id->fetch_array();
+ 
+ $smarty->assign('kand_name', "$row_id[vorname] $row_id[nachname]");
+ $smarty->assign('kand_ka_id', $ka_id);
+
+}
+
+if ($action == 'delkand') {
+  $ka_id = $_GET['ka_id'];
+  
+
+  $result_del = $db->query("SELECT count(*) Anz
+                              FROM dvm_kandidat a, dvm_term_kand b, dvm_tanpool c
+                             WHERE a.ka_id =b.ka_id
+                               AND b.tp_id =c.tp_id
+                               AND c.login_dat = '0000-00-00 00:00:00'
+                               AND a.ka_id = $ka_id
+                           ");
+  $row_del    = $result_del->fetch_array();
+  
+  # Kandidat war inzwischen nicht beim Test angemeldet
+  if ($row_del['Anz'] == 1) {
+  
+    #Aktuelle Tan ermitteln
+    $result_tan = $db->query("SELECT a.tp_id, tan
+                                FROM dvm_tanpool a, dvm_term_kand b
+                               WHERE a.tp_id = b.tp_id
+                                 AND b.ka_id = '$ka_id'
+                               ORDER BY b.tk_id DESC
+                               LIMIT 1");
+    $row_tan    = $result_tan->fetch_array();
+    $tan        = $row_tan['tan'];
+    $tp_id      = $row_tan['tp_id'];
+  
+
+    $sql1 = $db->query("DELETE FROM dvm_term_kand
+                         WHERE tp_id = $tp_id
+                           AND ka_id= $ka_id");
+                           
+    $sql1 = $db->query("DELETE FROM dvm_sonstige_mail
+                         WHERE ka_id= $ka_id");
+                           
+    # TAN wieder freigeben
+    $sql2 = $db->query("UPDATE dvm_tanpool
+                           SET verw_dat = '0000-00-00 00:00:00'
+                              ,login_dat = '0000-00-00 00:00:00'
+                         WHERE tp_id= $tp_id
+                           AND tan = '$tan'");
+    
+    # Prüfen, ob es noch eine alte Bewerbung zum Test gibt, den er nicht bestanden hatte. Dann sollen die Stammdaten erhalten bleiben
+    $result_del2 = $db->query("SELECT count(*) Anz
+                                FROM dvm_term_kand
+                               WHERE ka_id ='$ka_id'
+                             ");
+    $row_del2    = $result_del2->fetch_array();
+    
+    if($row_del2['Anz'] == 0){
+      $sql3 = $db->query("DELETE FROM dvm_kandidat
+                           WHERE ka_id= $ka_id");
+    }
+  }
+  
+echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?\">";
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/liste_bestanden.php

@@ -0,0 +1,111 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+
+  # Gespeicherte Werte
+  $query1 = "SELECT a.ka_id, vorname, nachname, date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, CASE tm_standort
+		                  WHEN 'L' THEN 'Ludwigsburg'
+		                  WHEN 'K' THEN 'Kehl'
+		                  ELSE '' END as tm_standort
+               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_ergebnisse d, dvm_tanpool e
+              WHERE a.ka_id = b.ka_id
+                AND b.tm_id = c.tm_id
+                AND a.ka_id = d.ka_id
+                AND b.tp_id = e.tp_id
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_ergebnisse)
+                AND d.bestanden = '1'
+                AND e.tan=d.tan
+           ORDER BY nachname ASC, vorname ASC
+            ";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  $row_cnt = $result1->num_rows;
+  $smarty->assign('dokverw_anzdb', $row_cnt);
+  
+  while ($row1 = $result1->fetch_array()) {
+
+    $result_test = $db->query("SELECT summe 
+                                 FROM dvm_ergebnisse
+                                WHERE ka_id = '$row1[ka_id]'
+                                  AND bestanden = '1'");
+    $row_test    = $result_test->fetch_array();
+    
+    $result_anzhzb = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'HZB'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzhzb    = $result_anzhzb->fetch_array();
+    if($row_anzhzb['Anz'] > 0){
+     $image_hzb = "ok.gif";
+    }else{
+     $image_hzb = "cross.jpg";
+    }
+    
+    $result_anzzeug = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'Zeugnis'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzzeug    = $result_anzzeug->fetch_array();
+    if($row_anzzeug['Anz'] >= 2){
+     $image_zeug = "ok.gif";
+    }else{
+     $image_zeug = "cross.jpg";
+    }
+
+    $result_anzleben = $db->query("SELECT count(*) Anz 
+                                 FROM dvm_upload
+                                WHERE beschreibung = 'Lebenslauf'
+                                  AND ka_id = '$row1[ka_id]'");
+    $row_anzleben    = $result_anzleben->fetch_array();
+    if($row_anzleben['Anz'] >= 1){
+     $image_leben = "ok.gif";
+    }else{
+     $image_leben = "cross.jpg";
+    }
+    
+    $result_notehzb = $db->query("SELECT hzb, zeugnisschnitt
+                                 FROM dvm_note
+                                WHERE ka_id = '$row1[ka_id]'");
+    $row_notehzb    = $result_notehzb->fetch_array();
+    if($row_notehzb['hzb'] == "0.00" or $row_notehzb['hzb'] == ""){
+     $image_notehzb = "cross.jpg";
+    }else{
+     $image_notehzb = "ok.gif";
+    }
+    
+    if($row_notehzb['zeugnisschnitt'] == "0.00" or $row_notehzb['zeugnisschnitt'] == ""){
+     $image_noteschnitt = "cross.jpg";
+    }else{
+     $image_noteschnitt = "ok.gif";
+    }
+    
+    $row1['image_noteschnitt']     = $image_noteschnitt;
+    $row1['image_notehzb']     = $image_notehzb;
+    $row1['image_leben']       = $image_leben;
+    $row1['image_zeug']        = $image_zeug;
+    $row1['anz_zeug']          = $row_anzzeug['Anz'];
+    $row1['image_hzb']         = $image_hzb;
+    $row1['testergebnis']      = $row_test['summe'];
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/liste_tn.php

@@ -0,0 +1,262 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+   
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  
+  $query1 = "SELECT a.tm_id, date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+               FROM dvm_termine a, dvm_term_kand b
+              WHERE a.tm_id=b.tm_id
+                AND a.tm_datum > ADDDATE(now(), -7)
+              GROUP BY a.tm_id, tm_datum_form, tm_standort
+              ORDER BY tm_datum ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  
+  while ($row1 = $result1->fetch_array()) {
+  
+    if($row1['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg';
+    }
+    if($row1['tm_standort'] == 'K'){
+      $standort = 'Kehl';
+    }
+    
+    $row1['tm_standort']     = $standort;
+    $table_data1[]           = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+}
+
+if ($action == 'ausgabe') {
+  $testtermin = $_POST["testtermin"];
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  $query_termin = $db->query("SELECT date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+                                FROM dvm_termine
+                               WHERE tm_id = $testtermin");
+  $row_get_termin = $query_termin->fetch_array();
+  
+  if($row_get_termin['tm_standort'] == 'L'){
+    $standort = 'Ludwigsburg';
+  }
+  if($row_get_termin['tm_standort'] == 'K'){
+    $standort = 'Kehl';
+  }
+  
+
+$buffer = '<page backtop="7mm" backbottom="10mm" style="font-size: 11pt">';
+$buffer .= "<style type='text/css'>
+                .td1 { border:0.3px solid black; }
+                .td_foot { border: none; }
+                 body { font-size: 14px;  }
+                 h1 { font-size: 22px;  }
+                 table { font-size: 12px;  }
+                 td{padding: 3px;}
+                 table.page_footer {width: 100%; border: none; padding: 20mm}
+                 .fcol{color: #0C25BF;}
+                 .td2 { border:0.3px solid black; 
+                        height:1.0cm;
+                      }
+           </style>";
+
+$buffer.="<h1><p align='center'>$row_get_termin[tm_datum_form], $standort</p></h1>
+<table  cellspacing='0' cellpadding='0' border='0.3'>
+<thead>
+<tr>
+  <td class='td1' width='180'>
+    <b>Name</b>
+  </td>
+  <td class='td1' width='80'>
+    <b>Geburtstag</b>
+  </td>
+  <td class='td1' width='80'>
+    <b>Minderjährig</b>
+  </td>
+  <td class='td1' width='100'>
+    <b>ID</b>
+  </td>
+  <td class='td1' width='140'>
+    <b>Mail</b>
+  </td>
+  <td class='td1' width='60'>
+    <b>TAN</b>
+  </td>
+  <td class='td1' width='100'>
+    <b>Link</b>
+  </td>
+</tr>
+</thead>";
+  $query1 = "SELECT anrede, perso, vorname, nachname, str, plz, ort, alter18, id, date_format(gebdat,'%d.%m.%Y') gebdat_form, tan, tinyurl, mail
+               FROM dvm_term_kand a, dvm_tanpool b, dvm_kandidat c
+              WHERE a.tp_id=  b.tp_id
+                AND a.ka_id = c.ka_id
+                AND a.tm_id = $testtermin
+               ORDER BY nachname, vorname
+            ";
+  
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  $smarty->assign('termine_aktdat', date("d.m.Y H:i", time() ) ) ;
+  while ($row1 = $result1->fetch_array()) {
+  if($row1['alter18'] == 0){
+    $minderj = 'ja';
+  }
+  if($row1['alter18'] == 1){
+    $minderj = 'nein';
+  }
+  if($row1['perso'] != ''){
+    $ausweis = "<br>Ausweis: $row1[perso]";
+  }else{
+    $ausweis = "";
+  }
+$buffer.="
+<tr>
+  <td class='td1' width='180'>
+    $row1[nachname], $row1[vorname] ($row1[anrede])<br>
+    $row1[str]<br>
+    $row1[plz] $row1[ort]
+    $ausweis
+  </td>
+  <td class='td1' width='80'>
+    $row1[gebdat_form]
+  </td>
+  <td class='td1' width='80'>
+    $minderj
+  </td>
+  <td class='td1' width='100'>
+    $row1[id]
+  </td>
+  <td class='td1' width='140'>
+    $row1[mail]
+  </td>
+  <td class='td1' width='60'>
+    $row1[tan]
+  </td>
+  <td class='td1' width='100'>
+    $row1[tinyurl]
+  </td>
+</tr>";
+  }
+
+$buffer.="
+</table>
+</page>";	
+
+require_once("../mpdf/vendor/autoload.php"); 
+$mpdf = new \Mpdf\Mpdf([
+    'mode' => 'utf-8',
+    'format' => 'A4',
+    'orientation' => 'P',
+    'margin_top' => 10,
+    'margin_bottom' => 10,
+    'margin_left' => 10,
+    'margin_right' => 16,
+    'default_font' => 'arial'
+]);
+
+
+
+  $query2 = "SELECT anrede, vorname, nachname, str, plz, ort, alter18, id, date_format(gebdat,'%d.%m.%Y') gebdat_form, tan, tinyurl, mail, hochschule
+               FROM dvm_term_kand a, dvm_tanpool b, dvm_kandidat c
+              WHERE a.tp_id=  b.tp_id
+                AND a.ka_id = c.ka_id
+                AND a.tm_id = $testtermin
+               ORDER BY nachname, vorname
+            ";
+  
+  
+  $result2 = $db->query($query2) or die("Cannot execute query2");
+  
+  $smarty->assign('termine_aktdat', date("d.m.Y H:i", time() ) ) ;
+  while ($row2 = $result2->fetch_array()) {
+    
+    if($row2['alter18'] == 0){
+      $minderj = 'ja';
+    }
+    if($row2['alter18'] == 1){
+      $minderj = 'nein';
+    }
+    
+      if($row2['hochschule'] == 'Ludwigsburg'){
+              $link = "https://www.hs-ludwigsburg.de/studium/digitales-verwaltungsmanagement-ba/bewerbung-zugang.html";
+      }
+      if($row2['hochschule'] == 'Kehl'){
+        $link = "http://www.hs-kehl.de/studieninteressierte/bachelor-studiengaenge/digitales-verwaltungsmanagement-ba/bewerbung/";
+      }
+      if($row2['hochschule'] == 'NA'){
+        $link = "http://www.hs-kehl.de/studieninteressierte/bachelor-studiengaenge/digitales-verwaltungsmanagement-ba/bewerbung/ bzw.<br>https://www.hs-ludwigsburg.de/studium/digitales-verwaltungsmanagement-ba/bewerbung-zugang.html";
+      }
+    $buffer.="
+    <pagebreak>
+    <page backtop='7mm' backbottom='10mm' style='font-size: 11pt'>
+    <h1>Anmeldedaten für $row2[vorname] $row2[nachname] ($row2[gebdat_form])</h1>
+    <br><br>
+    Bitte bewahren Sie die nachfolgenden Anmeldedaten für das gesamte Bewerbungsverfahren auf.
+    <br>
+    <br>
+    <table  cellspacing='0' cellpadding='0' border='0.3'>
+    <thead>
+    <tr>
+      <td class='td2' width='350'>
+        <b>Persönliche ID</b>
+      </td>
+      <td class='td2' width='350'>
+        <b>Passwort/TAN</b>
+      </td>
+    </tr>
+    </thead>
+    <tr>
+      <td class='td2'>
+        $row2[id]
+      </td>
+      <td class='td2'>
+        $row2[tan]
+      </td>
+    </tr>
+    </table>
+    <br>
+    <br>
+    Weiterf&uuml;hrende Links:
+    <table  cellspacing='0' cellpadding='0' border='0.3'>
+    <tr>
+      <td class='td2' width='150'>
+        <b>Weitere Informationen: </b>
+      </td>
+      <td class='td2' width='550'>
+        $link
+      </td>
+    </tr>
+    </table>
+    </page>";
+  }
+#$mpdf->setFooter("Teilnehmerliste|$row_get_termin[tm_datum_form], $standort|{PAGENO} / {nb}");
+$mpdf->setFooter("Testteilnehmer||$row_get_termin[tm_datum_form], $standort");
+
+
+
+$mpdf->WriteHTML($buffer);
+
+// Output a PDF file directly to the browser
+$mpdf->Output();
+ 
+  
+}
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/logout.php

@@ -0,0 +1,12 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+session_destroy();
+
+$smarty->display("$template/admin/$templatename");
+?>

admin/mail_test.php

@@ -0,0 +1,151 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+require_once("../func_get_parameter.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+   
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  
+  $query1 = "SELECT a.tm_id, date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+               FROM dvm_termine a, dvm_term_kand b
+              WHERE a.tm_id=b.tm_id
+                AND a.tm_datum > ADDDATE(now(), -7)
+              GROUP BY a.tm_id, tm_datum_form, tm_standort
+              ORDER BY tm_datum ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  
+  while ($row1 = $result1->fetch_array()) {
+  
+    if($row1['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg';
+    }
+    if($row1['tm_standort'] == 'K'){
+      $standort = 'Kehl';
+    }
+    
+    $row1['tm_standort']     = $standort;
+    $table_data1[]           = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+}
+
+if ($action == 'mailsenden_test') {
+  $testtermin = $_POST["testtermin"];
+  $_SESSION["testtermin"] = $testtermin;
+  
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  $query_termin = $db->query("SELECT date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+                                FROM dvm_termine
+                               WHERE tm_id = $testtermin");
+  $row_get_termin = $query_termin->fetch_array();
+  
+  if($row_get_termin['tm_standort'] == 'L'){
+      $sender = 'Hochschule Ludwigsburg';
+      $sendermail = trim(get_parameter(8));
+  }
+  if($row_get_termin['tm_standort'] == 'K'){
+      $sender = 'Hochschule Kehl';
+      $sendermail = trim(get_parameter(7));
+  }
+  $smarty->assign('mail_sender', $sender); 
+  $smarty->assign('mail_sendermail', $sendermail); 
+
+  $query1 = "SELECT vorname, nachname, mail
+               FROM dvm_kandidat
+              WHERE ka_id IN (SELECT ka_id FROM dvm_term_kand WHERE tm_id = $testtermin)";
+
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  $mail = "";
+  while ($row1 = $result1->fetch_array()) {
+    $mail .= $row1['mail'].", ";
+  }
+  $mail = substr($mail,0,-2);
+  $smarty->assign('empfaenger', $mail); 
+}
+
+if ($action == 'mailsenden2_test') {
+  $testtermin = $_SESSION["testtermin"];
+  
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  $query_termin = $db->query("SELECT date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+                                FROM dvm_termine
+                               WHERE tm_id = $testtermin");
+  $row_get_termin = $query_termin->fetch_array();
+  
+  if($row_get_termin['tm_standort'] == 'L'){
+      $sender = 'Hochschule Ludwigsburg';
+      $sendermail = trim(get_parameter(8));
+  }
+  if($row_get_termin['tm_standort'] == 'K'){
+      $sender = 'Hochschule Kehl';
+      $sendermail = trim(get_parameter(7));
+  }
+
+  $empfaenger_alle = $_POST['mail_mail'];
+  $betreff    = $_POST['betreff'];
+  $text       = $_POST['text'];
+  
+  $empf_array = explode(",", $empfaenger_alle);
+#  echo "
+#  <pre>
+#  From: $sender - $sendermail<br>
+#  $empfaenger<br>
+#  $betreff<br>
+#  $text<br>";
+#  #print_r($empf_array);
+#  echo "</pre>";
+#  exit;
+
+    $style ="<head><style>p {margin: 0;}</style></head>";
+    $text = $style.$text;
+  
+  for($i=0;$i<count($empf_array);$i++){
+    $empfaenger = trim($empf_array[$i]);
+
+    $query_kaid = $db->query("SELECT ka_id
+                                FROM dvm_kandidat
+                               WHERE mail = '$empfaenger'");
+    $row_kaid = $query_kaid->fetch_array();
+    
+
+    ## Mailversand:
+    $headers = "From: $sender <$sendermail>\r\n";
+    $headers .= "MIME-Version: 1.0\r\n";
+    $headers .= "Content-type: text/html; charset=utf-8\r\n";
+    $return     = @mail($empfaenger, $betreff, $text, $headers);
+    $heute      = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")); // heutiges Datum & Zeit: http://de2.php.net/manual/de/function.date.php
+    $datum_db   = date("Y-m-d H:i:s", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+    $text_db    = addslashes($text);
+    $betreff_db = addslashes($betreff);
+    if ($return) {
+      $sql1 = $db->query("INSERT INTO dvm_sonstige_mail (sender, sendermail, ka_id, empfaenger, mail_betreff, mail_text, status, sendedat)
+                          VALUES ('$sender', '$sendermail', '$row_kaid[ka_id]', '$empfaenger', '$betreff', '$text_db', 'V', '$datum_db')
+                        ");
+      $smarty->assign('mail_senderg', "Die Mail wurde verschickt!");
+    } else {
+      $sql1 = $db->query("INSERT INTO dvm_sonstige_mail (sender, sendermail, ka_id, empfaenger, mail_betreff, mail_text, status, sendedat)
+                          VALUES ('$sender', '$sendermail', '$row_kaid[ka_id]', '$empfaenger', '$betreff', '$text_db', 'F', '$datum_db')
+                        ");
+      $smarty->assign('mail_senderg', "Die Mail konnte nicht verschickt werden!<br>Prüfen Sie die Mailadresse das Kandidaten.");
+    }
+  }
+}
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/menu_administration.php

@@ -0,0 +1,16 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+$action = $_GET['action'];
+
+if($action == ''){
+
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+?>

admin/menu_verwaltung.php

@@ -0,0 +1,16 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+$action = $_GET['action'];
+
+if($action == ''){
+
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+?>

admin/parameter.php

@@ -0,0 +1,84 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once("../language/german.inc.php");
+require_once("../config/func_cryption.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+
+  $query1 = "SELECT pid, beschreibung, wert
+               FROM dvm_parameter
+              ORDER BY sort ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  $result_ct = $db->query("SELECT count(*) Anz FROM dvm_tanpool where verw_dat = '0000-00-00 00:00:00'");
+  $row_ct    = $result_ct->fetch_array();
+  $smarty->assign('parameter_anzahltan', "$row_ct[Anz]");
+  
+  while ($row1 = $result1->fetch_array()) {
+      # Passwort f<>r die Praxisstellen wird verschl<68>sselt gespeichert
+      
+      if(!isset($zaehler) or $zaehler == 1){
+        $zaehler = 0;
+      }else{
+        $zaehler = 1;
+      }
+    $row1['zaehler']         = $zaehler;
+    $table_data1[]           = $row1;
+  }
+  
+  $smarty->assign('table_data1', $table_data1);
+}
+
+if($action == 'save'){
+
+
+    $query2 = "SELECT pid
+                 FROM dvm_parameter
+                ORDER BY pid ASC";
+    $result2 = $db->query( $query2)
+              or die ("Cannot execute query2");
+
+    while ($row2 = $result2->fetch_array()){
+      $pid = $row2['pid'];
+      $pid_value = $_POST[$pid];
+      
+      
+      $sql1 = $db->query( "UPDATE dvm_parameter 
+                              SET wert = '$pid_value'
+                            WHERE pid = $pid
+                         " );
+                       
+    }                       
+      
+      if(!$sql1){
+        $error = TRUE;
+        $error_reason .= "Fehler beim Update [dvm_parameter]<br>";
+      }else{
+        $error = FALSE;
+        $smarty->assign('parameter_inserterr', "2");
+        echo "<meta http-equiv=\"refresh\" content=\"2; URL=".$_SERVER['PHP_SELF'] ."?\">";
+      }
+
+      if($error){ 
+        $smarty->assign('parameter_inserterr', "1");
+        $smarty->assign('parameter_reason', "$error_reason");  // Kein Mailversand
+      } // Ende IF : Insert hat geklappt
+    
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/praxisstellen_edit.php

@@ -0,0 +1,224 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+require_once("../func_get_restplatz.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+  
+  if (isset($_GET['edit'])) {
+    $_SESSION["prxedit_status"] = 'edit';
+    $id                       = $_GET['edit'];
+    $_SESSION["prxedit_id"]   = $id;
+    
+  } else {
+    $_SESSION["prxedit_status"] = 'neu';
+    unset($_SESSION['prxedit_user']);
+    unset($_SESSION['prxedit_username']);
+  }
+  
+    # Falls von bewerber_daten kommend
+    if($_GET['ka_id'] != ''){
+      $user                     = $_GET['ka_id'];
+      $result_name = $db->query("SELECT vorname, nachname
+	                           FROM dvm_kandidat
+                                  WHERE ka_id = $user");
+      $row_name    = $result_name->fetch_array();
+      $_SESSION["prxedit_user"] = $user;
+      $_SESSION["prxedit_username"] = "$row_name[vorname] $row_name[nachname]";
+      # Falls aus bewerber_daten.php kommend, bietet man einen zurückbutton an
+      $smarty->assign('prxedit_value_user', $_SESSION["prxedit_user"]);
+      $smarty->assign('prxedit_value_username', $_SESSION["prxedit_username"]);
+    }
+  
+  # -- Fehlermeldungen -- #
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    
+    $smarty->assign('prxedit_error', 1);
+    
+    $smarty->assign('prxedit_value_art', $_SESSION["prxedit_value_art"]);
+    $smarty->assign('prxedit_value_name', $_SESSION["prxedit_value_name"]);
+    $smarty->assign('prxedit_value_str', $_SESSION["prxedit_value_str"]);
+    $smarty->assign('prxedit_value_plz', $_SESSION["prxedit_value_plz"]);
+    $smarty->assign('prxedit_value_ort', $_SESSION["prxedit_value_ort"]);
+    $smarty->assign('prxedit_value_mail', $_SESSION["prxedit_value_mail"]);
+    $smarty->assign('prxedit_value_gueltigvon', $_SESSION["prxedit_value_gueltigvon"]);
+    $smarty->assign('prxedit_value_gueltigbis', $_SESSION["prxedit_value_gueltigbis"]);
+    
+
+    
+    if ($errorno == 3) {
+      # ungültiges Datum
+      $smarty->assign('prxedit_error_text', "Das eingegebene Gültig von Datum ist nicht korrekt. Bitte korrigieren Sie das Datum!");
+    }
+    if ($errorno == 4) {
+      # ungültiges Datum
+      $smarty->assign('prxedit_error_text', "Das eingegebene Gültig bis Datum ist nicht korrekt. Bitte korrigieren Sie das Datum!");
+    }
+  }
+  
+  # --- Wenn Werte editiert werden ------------
+  if ($_SESSION["prxedit_status"] == 'edit') {
+
+    $result_edit = $db->query("SELECT dst_id, bezeichnung, name, str, plz, ort, mail, date_format(gueltig_von, '%d.%m.%Y') gueltig_von_form, date_format(gueltig_bis, '%d.%m.%Y') gueltig_bis_form
+	                         FROM dvm_dienststellen
+                                WHERE dst_id = $id");
+    $row_edit    = $result_edit->fetch_array();
+    if($row_edit['gueltig_von_form'] == '00.00.0000'){
+      $gueltig_von_form = "";
+    }else{
+      $gueltig_von_form = $row_edit['gueltig_von_form'];
+    }
+    if($row_edit['gueltig_bis_form'] == '00.00.0000'){
+      $gueltig_bis_form = "";
+    }else{
+      $gueltig_bis_form = $row_edit['gueltig_bis_form'];
+    }
+    $smarty->assign('prxedit_value_art', "$row_edit[bezeichnung]");
+    $smarty->assign('prxedit_value_name', "$row_edit[name]");
+    $smarty->assign('prxedit_value_str', "$row_edit[str]");
+    $smarty->assign('prxedit_value_plz', "$row_edit[plz]");
+    $smarty->assign('prxedit_value_ort', "$row_edit[ort]");
+    $smarty->assign('prxedit_value_mail', "$row_edit[mail]");
+    $smarty->assign('prxedit_value_gueltigvon', "$gueltig_von_form");
+    $smarty->assign('prxedit_value_gueltigbis', "$gueltig_bis_form");
+   
+  }
+  # --- Wenn Werte editiert werden Ende -------
+  
+  if ($_GET['editende'] == 1) {
+    # Editieren ist beendet, als ein update auf einen Datensatz. Dann ist der status wieder Neu, damit wird wieder ein Insert durchgeführt
+    $_SESSION["prxedit_status"] = 'neu';
+  }
+
+
+  
+}
+
+
+if ($action == 'save') {
+
+$art        = $_POST['art'];
+$name       = $_POST['name'];
+$str        = $_POST['str'];
+$plz        = $_POST['plz'];
+$ort        = $_POST['ort'];
+$mail       = $_POST['mail'];
+$gueltigvon = $_POST['gueltigvon'];
+$gueltigbis = $_POST['gueltigbis'];
+
+
+
+$_SESSION["prxedit_value_art"]     = $art;
+$_SESSION["prxedit_value_name"]    = $name;
+$_SESSION["prxedit_value_str"]     = $str;
+$_SESSION["prxedit_value_plz"]     = $plz;
+$_SESSION["prxedit_value_ort"]     = $ort;
+$_SESSION["prxedit_value_mail"]    = $mail;
+
+$gueltigvon_form = preg_replace('/^(\\d{2})\\.(\\d{2})\\.(\\d{4})$/', '$3-$2-$1', $gueltigvon);
+$gueltigbis_form = preg_replace('/^(\\d{2})\\.(\\d{2})\\.(\\d{4})$/', '$3-$2-$1', $gueltigbis);
+
+
+function validateDate($date, $format = 'Y-m-d')
+{
+    $d = DateTime::createFromFormat($format, $date);
+    return $d && $d->format($format) == $date;
+}
+
+if(!validateDate($gueltigvon_form) AND $gueltigvon_form != ''){
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=3\">";
+  exit;    
+}
+
+if(!validateDate($gueltigbis_form) AND $gueltigbis_form != ''){
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=4\">";
+  exit;    
+}
+
+if($gueltigvon_form == ''){
+ $gueltigvon_form ='0000-00-00';
+}
+
+if($gueltigbis_form == ''){
+ $gueltigbis_form ='0000-00-00';
+}
+
+  $bez = $art." ".$name;
+
+  #$datum = date("Y-m-d H:i:s");
+  if ($_SESSION["prxedit_status"] == 'neu') {
+    
+    $sql1 = $db->query("INSERT INTO dvm_dienststellen ( bezeichnung
+                                                , name
+                                                , bez
+                                                , str
+                                                , plz
+                                                , ort
+                                                , mail
+                                                , gueltig_von
+                                                , gueltig_bis
+                                                )
+                                VALUES
+                                                ( '$art'
+                                                , '$name'
+                                                , '$bez'
+                                                , '$str'
+                                                , '$plz'
+                                                , '$ort'
+                                                , '$mail'
+                                                , '$gueltigvon_form'
+                                                , '$gueltigbis_form'
+                                                )
+                              ");
+  }
+  
+  if ($_SESSION["prxedit_status"] == 'edit') {
+    $id    = $_SESSION["prxedit_id"];
+    $ka_id = $_SESSION["prxedit_user"];
+    
+    $result = $db->query("UPDATE dvm_dienststellen 
+                             SET bezeichnung = '$art'
+                               , name = '$name'
+                               , bez = '$bez'
+                               , str = '$str'
+                               , plz = '$plz'
+                               , ort = '$ort'
+                               , mail = '$mail'
+                               , gueltig_von = '$gueltigvon_form'
+                               , gueltig_bis = '$gueltigbis_form'
+                          WHERE dst_id = $id
+                         ");
+    
+    unset($_SESSION['prxedit_id']);
+  }
+  # Dann bekommts beim refresh den status neu, also es wird beim Abschicken ein Insert gemacht
+  $editende = 1;
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende&ka_id=$ka_id\">";
+
+
+}
+if ($action == 'del') {
+  $id = $_GET['id'];
+  
+  $del1 = $db->query("DELETE FROM dvm_termine WHERE id = $id");
+  
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/praxisstellen_news.php

@@ -0,0 +1,151 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+require_once("../func_get_restplatz.php");
+require_once("../func_get_parameter.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+  
+  if (isset($_GET['edit'])) {
+    $_SESSION["news_status"] = 'edit';
+    $pn_id                    = $_GET['edit'];
+    $_SESSION["news_pn_id"]   = $pn_id;
+  } else {
+    $_SESSION["news_status"] = 'neu';
+  }
+  
+  # -- Fehlermeldungen -- #
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    
+    $smarty->assign('news_error', 1);
+    
+    $smarty->assign('news_value_headline', $_SESSION["news_value_headline"]);
+    $smarty->assign('news_value_text', $_SESSION["news_value_text"]);
+ 
+    if ($errorno == 1) {
+      # ungültiges Datum
+      $smarty->assign('news_error_text', "Bitte füllen Sie alle Felder aus!");
+    }
+  }
+  
+  # --- Wenn Werte editiert werden ------------
+  if ($_SESSION["news_status"] == 'edit') {
+    $result_edit = $db->query("SELECT pn_id, pn_headline, pn_text
+                                 FROM dvm_prxnews
+                                WHERE pn_id = $pn_id");
+    $row_edit    = $result_edit->fetch_array();
+    $smarty->assign('news_value_headline', "$row_edit[pn_headline]");
+    $smarty->assign('news_value_text', "$row_edit[pn_text]");
+    
+  }
+  # --- Wenn Werte editiert werden Ende -------
+  
+  if ($_GET['editende'] == 1) {
+    # Editieren ist beendet, als ein update auf einen Datensatz. Dann ist der status wieder Neu, damit wird wieder ein Insert durchgeführt
+    $_SESSION["news_status"] = 'neu';
+  }
+
+
+  # Gespeicherte Werte
+  $query1 = "SELECT pn_id, pn_headline, pn_text, date_format(pn_date, '%d.%m.%Y - %H:%i Uhr') pn_date_form
+               FROM dvm_prxnews
+              ORDER BY pn_date DESC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+  
+}
+
+
+if ($action == 'save') {
+
+$headline        = $_POST['headline'];
+$text            = $_POST['text'];
+
+$_SESSION["news_value_headline"]         = $headline;
+$_SESSION["news_value_text"]             = $text;
+
+
+if($text == "" or $headline == ""){
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=1\">";
+  exit;    
+}
+
+
+  $datum = date("Y-m-d H:i:s");
+  $headline_db = addslashes($headline);
+  $text_db    = addslashes($text);
+  
+  if ($_SESSION["news_status"] == 'neu') {
+  
+    $sql1 = $db->query("INSERT INTO dvm_prxnews ( pn_headline
+                                                , pn_text
+                                                , pn_date
+                                                )
+                                VALUES
+                                                ( '$headline_db'
+                                                , '$text_db'
+                                                , '$datum'
+                                                )
+                              ");
+  }
+  
+  if ($_SESSION["news_status"] == 'edit') {
+      $pn_id   = $_SESSION["news_pn_id"];
+
+      $result = $db->query("UPDATE dvm_prxnews 
+                               SET pn_headline = '$headline_db'
+                                 , pn_text  = '$text_db'
+                            WHERE pn_id = $pn_id
+                           ");
+    
+      unset($_SESSION['news_pn_id']);
+ 
+  }
+  # Dann bekommts beim refresh den status neu, also es wird beim Abschicken ein Insert gemacht
+  $editende = 1;
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende\">";
+
+
+}
+
+if ($action == 'show') {
+  $pn_id = $_GET['pn_id'];
+  $result_show = $db->query("SELECT pn_headline, pn_text
+                               FROM dvm_prxnews
+                              WHERE pn_id = $pn_id
+                             ");
+  $row_show    = $result_show->fetch_array();
+  $smarty->assign('prx_show_headline', $row_show['pn_headline']);
+  $smarty->assign('prx_show_text', $row_show['pn_text']);
+}
+
+if ($action == 'del') {
+  $pn_id = $_GET['pn_id'];
+  
+  $del1 = $db->query("DELETE FROM dvm_prxnews WHERE pn_id = $pn_id");
+  
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/prx_search.php

@@ -0,0 +1,104 @@
+<?php
+require_once("../config.inc.php");
+    $db = dbconnect();
+	$result1 = $db->query("SELECT dst_id, bezeichnung, name, str, plz, ort, mail, date_format(gueltig_von, '%d.%m.%Y') gueltig_von_form, date_format(gueltig_bis, '%d.%m.%Y') gueltig_bis_form, gueltig_von, gueltig_bis
+	                         FROM dvm_dienststellen
+	                        WHERE upper(name) LIKE '%" . strtoupper($_GET['search']) . "%' 
+	                           OR plz LIKE '%" . $_GET['search'] . "%' 
+	                           OR bezeichnung LIKE '%" . $_GET['search'] . "%'
+	                     ORDER BY name ASC");
+echo "<table width='100%' border='1' cellspacing='0' cellpadding='0'>
+       <tr>
+         <td style='padding-left:5px'>
+           <b>#</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Behördenart</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Name</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Straße</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>PLZ</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Ort</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Mailadresse</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Gültig von</b>
+         </td>
+         <td style='padding-left:5px'>
+           <b>Gültig bis</b>
+         </td>
+         <td align='center'>
+           <b>Edit</b>
+         </td>
+       </tr>
+";
+
+	while($row = $result1->fetch_array())
+	{
+	if($row['gueltig_von'] != '0000-00-00'){
+	 $gueltig_von = $row['gueltig_von_form'];
+	}else{
+	 $gueltig_von = '';
+	}
+	
+	if($row['gueltig_bis'] != '0000-00-00'){
+	 $gueltig_bis = $row['gueltig_bis_form'];
+	}else{
+	 $gueltig_bis = '';
+	}
+	
+	
+	$lnnr++;
+		echo '<tr>';
+		echo '<td style="padding-left:5px">';
+		echo $lnnr;
+		echo '</td>';
+
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $row['bezeichnung']);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $row['name']);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $row['str']);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $row['plz']);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $row['ort']);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $row['mail']);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $gueltig_von);
+		echo '</td>';
+		
+		echo '<td style="padding-left:5px">';
+		echo preg_replace('/(' . $_GET['search'] . ')/Usi', '<span class="result">\\1</span>', $gueltig_bis);
+		echo '</td>';
+		
+		echo '<td align="center">';
+		echo '<a href=?edit='.$row['dst_id'].'><img title = "Stelle bearbeiten" border="0" height=10 src="../templates/modern/images/edit.png"></a>';
+		echo '</td>';
+		echo '</tr>';
+	}
+echo "</table>";
+?>

admin/rangliste2.php

@@ -0,0 +1,72 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+
+
+  # Gespeicherte Werte
+  $query1 = "SELECT a.ka_id, vorname, nachname, date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, CASE tm_standort
+		                  WHEN 'L' THEN 'Ludwigsburg'
+		                  WHEN 'K' THEN 'Kehl'
+		                  ELSE '' END as tm_standort
+		                  , summe
+		                  , id
+		                  , mail
+               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_ergebnisse d, dvm_tanpool e
+              WHERE a.ka_id = b.ka_id
+                AND b.tm_id = c.tm_id
+                AND a.ka_id = d.ka_id
+                AND b.tp_id = e.tp_id
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_ergebnisse)
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_upload WHERE upload_dat != '0000-00-00 00:00:00')
+                AND d.bestanden = '1'
+                AND e.tan=d.tan
+           ORDER BY summe DESC, nachname ASC, vorname ASC
+            ";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  $row_cnt = $result1->num_rows;
+  $smarty->assign('dokverw_anzdb', $row_cnt);
+  
+  $rangliste   = 0;
+  $lfd_nr2     = 0;
+  $lfd_nr3     = 0;
+  $summevorher = 0;
+  
+  while ($row1 = $result1->fetch_array()) {
+    
+    $lfd_nr2++;
+    
+    $summe  = $row1['summe'];
+    if($summe == $summevorher){
+      $rangliste = $lfd_nr3;
+    }else{
+      $rangliste = $lfd_nr2;
+      $lfd_nr3   = $lfd_nr2;
+    }
+    $summevorher  = $row1['summe'];
+  
+
+    $row1['rangliste']         = $rangliste;
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/rangliste2_excel.php

@@ -0,0 +1,103 @@
+<?php
+
+require_once "../phpspreadsheet_1.8.1.0/vendor/autoload.php";
+require_once("../config.inc.php");
+
+
+
+use PhpOffice\PhpSpreadsheet\Spreadsheet;
+use PhpOffice\PhpSpreadsheet\Writer\Xlsx;
+
+$spreadsheet = new Spreadsheet();
+#$spreadsheet->getActiveSheet()->getPageSetup()->setFitToWidth(1);
+#$spreadsheet->getActiveSheet()->getPageSetup()->setFitToHeight(0);
+
+$activeSheet = $spreadsheet->getActiveSheet();
+
+$activeSheet->getStyle('A1:G1')->applyFromArray(
+   array(
+      'font'  => array(
+          'bold'  =>  true
+      )
+   )
+ );
+
+
+$activeSheet->setCellValue('A1', 'Ranglistenplatz');
+$activeSheet->setCellValue('B1', 'Vorname');
+$activeSheet->setCellValue('C1', 'Nachname');
+$activeSheet->setCellValue('D1', 'Mail');
+$activeSheet->setCellValue('E1', 'ID');
+$activeSheet->setCellValue('F1', 'Testdatum');
+$activeSheet->setCellValue('G1', 'Ergebnis');
+$activeSheet->freezePane('H2');
+
+$query = $db->query("SELECT a.ka_id, vorname, nachname, date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, CASE tm_standort
+		                  WHEN 'L' THEN 'Ludwigsburg'
+		                  WHEN 'K' THEN 'Kehl'
+		                  ELSE '' END as tm_standort
+		                  , summe
+		                  , id
+		                  , mail
+               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_ergebnisse d, dvm_tanpool e
+              WHERE a.ka_id = b.ka_id
+                AND b.tm_id = c.tm_id
+                AND a.ka_id = d.ka_id
+                AND b.tp_id = e.tp_id
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_ergebnisse)
+                AND a.ka_id IN (SELECT distinct ka_id FROM dvm_upload WHERE upload_dat != '0000-00-00 00:00:00')
+                AND d.bestanden = '1'
+                AND e.tan=d.tan
+           ORDER BY summe DESC, nachname ASC, vorname ASC
+            ");
+ 
+if($query->num_rows > 0) {
+    $i = 2;
+    $rangliste   = 0;
+    $lfd_nr2     = 0;
+    $lfd_nr3     = 0;
+    $summevorher = 0;
+    
+    while($row = $query->fetch_assoc()) {
+    
+       $lfd_nr2++;
+       
+       $summe  = $row['summe'];
+       if($summe == $summevorher){
+         $rangliste = $lfd_nr3;
+       }else{
+         $rangliste = $lfd_nr2;
+         $lfd_nr3   = $lfd_nr2;
+       }
+       $summevorher  = $row['summe'];
+    
+        $activeSheet->setCellValue('A'.$i , $rangliste);
+        $activeSheet->setCellValue('B'.$i , $row['nachname']);
+        $activeSheet->setCellValue('C'.$i , $row['vorname']);
+        $activeSheet->setCellValue('D'.$i , $row['mail']);
+        $activeSheet->setCellValue('E'.$i , $row['id']);
+        $activeSheet->setCellValue('F'.$i , "$row[tm_datum] ($row[tm_standort])");
+        $activeSheet->setCellValue('G'.$i , $row['summe']);
+        $i++;
+    }
+    
+}
+$spreadsheet->getActiveSheet()->setTitle("Rangliste 2");
+$spreadsheet->getActiveSheet()->setSelectedCell('A1');
+$spreadsheet->getActiveSheet()->getColumnDimension('A')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('B')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('C')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('D')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('E')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('F')->setAutoSize(true);
+$spreadsheet->getActiveSheet()->getColumnDimension('G')->setAutoSize(true);
+
+$writer = new Xlsx($spreadsheet);
+$filename = 'Rangliste2.xlsx';
+ 
+header('Content-type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
+header('Content-Disposition: attachment;filename='. $filename);
+header('Cache-Control: max-age=0');
+$writer->save('php://output');
+
+?>

admin/save_note.php

@@ -0,0 +1,88 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+ 
+ require_once("../config/datenbankanbindung.php");
+ require_once("../func_notenskala.php");
+
+function floor3($val, $precision) {
+    $pos = strpos($val, '.');
+    $zahl = substr($val, 0, $pos+1+$precision);
+    return $zahl;
+}
+ 
+ $notenart      = $_POST['get_notenart'];
+ $note          = floor3(str_replace(',','.',str_replace('.','', $_POST['get_note'])),1);
+ $notenskala    = $_POST['get_notenskala'];
+ 
+ $ka_id         = $_SESSION["username"];;
+
+ $db = dbconnect();
+
+
+#echo $hzbnote;
+
+if($notenart == "Keine"){
+ NULL;
+ echo "reload";
+}
+
+if($notenart == "HZB"){
+  $durchschnittnote   = "0.00";
+  $durchschnittpunkte = "0.00";
+  $erfdat_schnitt     = "0000-00-00 00:00:00";
+  
+  if($notenskala == "Punkte"){
+   $hzbnote           = notenskala($note);
+   $hzbpunkte         = $note;
+   $erfdat_hzb        = date("Y-m-d H:i:s");
+  }elseif($notenskala == "Noten"){
+   $hzbnote           = $note;
+   $hzbpunkte         = "0.00";
+   $erfdat_hzb        = date("Y-m-d H:i:s");
+  }
+}
+
+if($notenart == "Durchschnitt"){
+  $hzb                  = "0.00";
+  $hzb_punkte           = "0.00";
+  $erfdat_hzb           = "0000-00-00 00:00:00";
+  
+  if($notenskala == "Punkte"){
+   $durchschnittnote    = notenskala($note);
+   echo "notenwert1||(= Note: ".number_format($durchschnittnote, 1, ',', '.').")";
+   $durchschnittpunkte  = $note;
+   $erfdat_schnitt      = date("Y-m-d H:i:s");
+   
+  }elseif($notenskala == "Noten"){
+   $durchschnittnote    = $note;
+   $durchschnittpunkte  = "0.00";
+   $erfdat_schnitt      = date("Y-m-d H:i:s");
+  }
+}
+
+
+ $query_anz = $db->query("SELECT count(*) Anz
+                            FROM dvm_note
+                           WHERE ka_id = $ka_id");
+ $row_anz   = $query_anz->fetch_array();   
+   if($row_anz['Anz'] == 0){
+     #Insert
+     $sql1 = $db->query("INSERT INTO dvm_note (ka_id, hzb, hzb_punkte, zeugnisschnitt, zeugnisschnitt_punkte, erfdat_hzb, erfdat_schnitt) VALUES('$ka_id', '$hzbnote', '$hzbpunkte', '$durchschnittnote', '$durchschnittpunkte', '$erfdat_hzb', '$erfdat_schnitt')");
+   }else{
+     #Update
+     $sql1 = $db->query("UPDATE dvm_note 
+                            SET hzb = '$hzbnote'
+                               ,hzb_punkte = '$hzbpunkte'
+                               ,zeugnisschnitt = '$durchschnittnote'
+                               ,zeugnisschnitt_punkte = '$durchschnittpunkte'
+                               ,erfdat_hzb = '$erfdat_hzb'
+                               ,erfdat_schnitt = '$erfdat_schnitt'
+                           WHERE ka_id = '$ka_id'");
+   } 
+  
+   
+ 
+ exit;
+
+?>
+

admin/tanimport.php

@@ -0,0 +1,274 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']), 0, -3) . "html";
+$smarty       = new SmartyAdmin();
+require_once("../language/german.inc.php");
+require_once("../func_get_parameter.php");
+require_once("../config/func_cryption.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+#########Konfiguration#######################################
+$verz               = "upload_csv/"; // relatives Uploadverzeichnis (relativ zum 'Standort' dieser Datei, wohin die Dateien kopiert werden sollen
+$trennzeichen_excel = "\t"; // Das Trennzeichen das Excel f&uuml;r CVS-Dateien nimmt ist je nach Excelversion unterschiedlich: 
+// Entweder $trennzeichen_excel = ";"; --> Semikolon
+//     oder $trennzeichen_excel = ","; --> Komma
+#############################################################
+
+
+
+
+$_SESSION["ck_verz"] = $verz;
+
+
+if ($action == '') {
+  # Den Testtermin wählt man, damit jede Hochschule seine eigenen Daten importieren kann. Wenn eine Hochschule am selben TAg einen Test hat vermeidet man dass ein halbfertiger Test importiert wird
+  if (isset($_POST["testtermin"])) {
+    $testtermin = $_POST["testtermin"];
+  } else {
+    $testtermin = $_SESSION["testtermin"];
+  }
+  
+  $_SESSION["testtermin"] = $testtermin;
+  
+  
+  # Uploadverzeichnis aufräumen. Temporäre Dateien, die älter als 2 Wochen sind, werden gelöscht
+    $dir = $_SERVER["DOCUMENT_ROOT"].dirname($_SERVER['PHP_SELF'])."/$verz";
+    $folder = dir($dir);
+    while ($dateiname = $folder->read()) {
+        if (filetype($dir.$dateiname) != "dir") {
+            if (strtotime("-2 weeks") >
+                @filemtime($dir.$dateiname)) {
+                if (@unlink($dir.$dateiname) != false){
+                #  echo $dateiname.' wurde gelöscht<br>';
+                }else{
+                #  echo $dateiname.' konnte nichtgelöscht werden<br>';
+                }
+            }
+        }
+    }
+  
+  $result_ct = $db->query("SELECT count(*) Anz FROM dvm_tanpool where verw_dat = '0000-00-00 00:00:00'");
+  $row_ct    = $result_ct->fetch_array();
+  $smarty->assign('tanimp_anzahltan', "$row_ct[Anz]");
+  
+  # Fehler beim Upload anzeigen
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    $smarty->assign('index_error', 1);
+    
+    if ($errorno == 1) {
+      $smarty->assign('index_error_text', "Es dürfen nur CSV Dateien hochgeladen werden.");
+    }
+    if ($errorno == 2) {
+      # Tabelle dvm_parameter
+      $size_mb = trim(get_parameter(12));
+      $smarty->assign('index_error_text', "Die Datei ist zu groß. Die Dateigröße darf max. $size_mb MB betragen.");
+    }
+    if ($errorno == 3) {
+      $smarty->assign('index_error_text', "Vorgang wurde abgebrochen. Die Datei wurde vom Server gelöscht");
+    }
+    if ($errorno == 4) {
+      $smarty->assign('index_error_text', "Vorgang wurde abgebrochen. Die Datei wurde nicht vom Server gelöscht");
+    }
+  }
+}
+
+if ($action == 'csvimp') {
+  
+  $testtermin = $_SESSION["testtermin"];
+  
+  // http://www.tutorials.de/tutorials65420.html
+  #echo '<pre>', print_r($_POST, true), '</pre>'; 
+  
+  $tempname = $_FILES['file']['tmp_name'];
+  $name     = $_FILES['file']['name'];
+  
+  $type    = $_FILES['file']['type'];
+  $size    = $_FILES['file']['size'];
+  $einheit = "Byte"; // F&uuml;r die Efolgsmeldung.
+  
+  $limitedext = array(
+    ".csv"
+  ); //Erlaubte Dateieindung beim Upload
+  
+  $extlimit = "yes"; //Do you want to limit the extensions of files uploaded
+  $ext      = strrchr($name, '.');
+  
+  if (($extlimit == "yes") && (!in_array($ext, $limitedext))) {
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=1\">";
+    exit;
+  }
+  
+  
+  # Tabelle dvm_parameter
+  $size_mb = trim(get_parameter(12));
+  $size_bt = $size_mb * 1024 * 1024;
+  
+  if ($size > $size_bt) {
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=2\">";
+    exit;
+  }
+  
+  
+  $name               = str_replace(array(
+    "&auml;",
+    "&ouml;",
+    "&uuml;",
+    "&szlig;",
+    "&Auml;",
+    "&Ouml;",
+    "&Uuml;",
+    " "
+  ), array(
+    "ae",
+    "oe",
+    "ue",
+    "ss",
+    "Ae",
+    "Oe",
+    "Ue",
+    "_"
+  ), $name);
+  $heute              = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")); // heutiges Datum & Zeit: http://de2.php.net/manual/de/function.date.php
+  $heuteformat        = date("H-i-s_Y-m-d", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+  $datum_db           = date("Y-m-d H:i:s", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+  $neu                = $heuteformat . "_" . $name;
+  $_SESSION["ck_neu"] = $neu;
+  move_uploaded_file("$tempname", "$verz$neu"); // Unterverzeichnisse wie folgt: copy("$tempname", "pdf/$neu");
+  
+  $handle = fopen("$verz$neu", "r"); // Datei zum Lesen &ouml;ffnen
+  
+
+  # Hier vor der Schleife erste Zeile holen und ignorieren. Enthält Überschrift
+  # fgetcsv($handle, 0, $trennzeichen_excel);
+  
+  while (($data = fgetcsv($handle, 0, $trennzeichen_excel)) !== FALSE) { // Daten werden aus der Datei in ein Array $data gelesen
+      if(!isset($zaehler) or $zaehler == 1){
+        $zaehler = 0;
+      }else{
+        $zaehler = 1;
+      }
+      
+      $tan         = $data[3];
+      $tinyurl     = $data[4];
+      
+      $row1['zaehler']         = $zaehler;
+      $row1['tan']             = $tan;
+      $row1['tinyurl']         = $tinyurl;
+    $table_data1[] = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+  fclose($handle);
+  
+}
+
+if ($action == 'csvimp2') {
+  $neu        = $_SESSION["ck_neu"]; //CSV-Dateinamen um Datei l&ouml;schen zu k&ouml;nnen
+  $verz       = $_SESSION["ck_verz"]; //Uploadverzeichnis aus Cookie holen
+  $testtermin = $_SESSION["testtermin"];
+  
+  
+  if ($_POST['import'] == "0") // DS sollen nicht importiert werden
+    {
+    $dateiname = "$verz$neu";
+    if (@unlink($dateiname)) // Funktion l&ouml;scht Dateien und gibt true / false zur&uuml;ck
+      {
+      # Abbruch, datei gelöscht
+      echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=3\">";
+      exit;
+    } else {
+      # Abbruch, datei nicht gelöscht
+      echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=4\">";
+      exit;
+    } // End if
+    
+  } elseif ($_POST['import'] == "1") // DS sollen importiert werden
+    {
+    $handle = fopen("$verz$neu", "r"); // Datei zum Lesen &ouml;ffnen
+    
+
+    while (($data = fgetcsv($handle, 0, $trennzeichen_excel)) !== FALSE) { // Daten werden aus der Datei in ein Array $data gelesen
+      
+      $dummy_vorname = $data[0];
+      $dummy_name    = $data[1];
+      $tan           = $data[3];
+      $tinyurl       = $data[4];
+      
+      $result_ct = $db->query("SELECT count(*) Anz
+                               FROM dvm_tanpool
+                              WHERE tan = '$tan'");
+      $row_ct    = $result_ct->fetch_array();
+      
+      if ($row_ct['Anz'] == 0) {
+          # keine TANs vorhanden, insert
+          
+          $sql1 = $db->query("insert into dvm_tanpool (dummy_name
+                                                      , dummy_vorname
+                                                      , tan
+                                                      , tinyurl
+                                                      , aktiv)
+                                               VALUES ( '$dummy_name'
+                                                      , '$dummy_vorname'
+                                                      , '$tan'
+                                                      , '$tinyurl'
+                                                      , 'A'
+                                                      )");
+          if (!$sql1) {
+            $hinweis['hinweis'] = "TAN: " . $tan . " Fehler: TAN nicht gespeichert<br>";
+            $smarty->assign('index_error', 1);
+          }
+      } else {
+          # Ergebnisse gibt es schon, kein insert
+          $hinweis['hinweis'] = "TAN: " . $tan . " schon vorhanden<br>";
+          $smarty->assign('index_error', 1);
+      }
+        
+      $table_data2[] = $hinweis;
+    }
+    $smarty->assign('table_data2', $table_data2);
+    
+    
+    fclose($handle);
+    
+  } else { // Es wurde kein Radiobutton gew&auml;hlt! Technisch aber ausgeschlossen
+    
+    echo "sie m&uuml;ssen eine Auswahl treffen";
+    
+  }
+  
+  function deleteFiles($verz)
+  {
+    $handle = opendir($verz);
+    while ($file = readdir($handle)) {
+      if ($file != "." && $file != "..") {
+        
+        $datei = $verz . $file;
+        
+        if (@unlink($datei)) {
+          $error = TRUE;
+        } else {
+          $error = FALSE;
+        }
+      }
+    }
+    closedir($handle);
+    return $error;
+  }
+  
+  deleteFiles($verz); // Dateien werden im Uploadverzeichnis gel&ouml;scht, falls noch welche darin w&auml;ren
+  
+} // ende Action
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/termine.php

@@ -0,0 +1,404 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+require_once("../func_get_restplatz.php");
+require_once("../func_get_parameter.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+  
+  if (isset($_GET['edit'])) {
+    $_SESSION["termine_status"] = 'edit';
+    $tm_id                    = $_GET['edit'];
+    $_SESSION["termine_tm_id"]   = $tm_id;
+  } else {
+    $_SESSION["termine_status"] = 'neu';
+  }
+  
+  # -- Fehlermeldungen -- #
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    
+    $smarty->assign('termine_error', 1);
+    
+    $smarty->assign('termine_value_datum', $_SESSION["termine_value_tm_datum"]);
+    $smarty->assign('termine_value_zeit', $_SESSION["termine_value_tm_zeit"]);
+    $smarty->assign('termine_value_tm_standort', $_SESSION["termine_value_tm_standort"]);
+    $smarty->assign('termine_value_tm_plaetze', $_SESSION["termine_value_tm_plaetze"]);
+    $smarty->assign('termine_value_tm_raum', $_SESSION["termine_value_tm_raum"]);
+    $smarty->assign('termine_value_tm_referenznr', $_SESSION["termine_value_tm_referenznr"]);
+ 
+    if ($errorno == 3) {
+      # ungültiges Datum
+      $smarty->assign('termine_error_text', "Das eingegebene Datum ist nicht korrekt. Bitte korrigieren Sie das Datum!");
+    }
+  }
+  
+  # --- Wenn Werte editiert werden ------------
+  if ($_SESSION["termine_status"] == 'edit') {
+    $result_edit = $db->query("SELECT tm_id, date_format(tm_datum, '%d.%m.%Y') datum, date_format(tm_datum, '%H:%i') zeit, tm_standort, tm_plaetze, tm_raum, tm_referenznr
+                                 FROM dvm_termine
+                                WHERE tm_id = $tm_id");
+    $row_edit    = $result_edit->fetch_array();
+    $smarty->assign('termine_value_datum', "$row_edit[datum]");
+    $smarty->assign('termine_value_zeit', "$row_edit[zeit]");
+    $smarty->assign('termine_value_tm_standort', "$row_edit[tm_standort]");
+    $smarty->assign('termine_value_tm_plaetze', "$row_edit[tm_plaetze]");
+    $smarty->assign('termine_value_tm_raum', "$row_edit[tm_raum]");
+    $smarty->assign('termine_value_tm_referenznr', "$row_edit[tm_referenznr]");
+    
+  }
+  # --- Wenn Werte editiert werden Ende -------
+  
+  if ($_GET['editende'] == 1) {
+    # Editieren ist beendet, als ein update auf einen Datensatz. Dann ist der status wieder Neu, damit wird wieder ein Insert durchgeführt
+    $_SESSION["termine_status"] = 'neu';
+  }
+
+
+  # Gespeicherte Werte
+  $query1 = "SELECT tm_id, date_format(tm_datum, '%d.%m.%Y') datum, date_format(tm_datum, '%H:%i') zeit, tm_standort, tm_plaetze, tm_raum, tm_referenznr
+               FROM dvm_termine
+              WHERE tm_datum > DATE_SUB( NOW() , INTERVAL 30 DAY )
+              ORDER BY tm_datum ASC, zeit ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+    if($row1['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg';
+    }
+    if($row1['tm_standort'] == 'K'){
+      $standort = 'Kehl';
+    }
+    $restplatz = get_restplatz($row1['tm_id']);
+    if($restplatz != $row1['tm_plaetze']){
+      $disable = 0;
+    }else{
+      $disable = 1;
+    }
+    $row1['restplatz']         = $restplatz;
+    $row1['tm_disable']        = $disable;
+    $row1['standort_form']     = $standort;
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+  
+}
+
+
+if ($action == 'save') {
+
+$tm_datum        = $_POST['tm_datum'];
+$tm_zeit         = $_POST['tm_zeit'];
+$tm_plaetze      = $_POST['tm_plaetze'];
+$tm_standort     = $_POST['tm_standort'];
+$tm_raum         = $_POST['tm_raum'];
+$tm_referenznr   = trim($_POST['tm_referenznr']);
+
+
+$_SESSION["termine_value_tm_datum"]         = $tm_datum;
+$_SESSION["termine_value_tm_zeit"]          = $tm_zeit;
+$_SESSION["termine_value_tm_plaetze"]       = $tm_plaetze;
+$_SESSION["termine_value_tm_standort"]      = $tm_standort;
+$_SESSION["termine_value_tm_raum"]          = $tm_raum;
+$_SESSION["termine_value_tm_referenznr"]    = $tm_referenznr;
+
+$tm_datum_form = preg_replace('/^(\\d{2})\\.(\\d{2})\\.(\\d{4})$/', '$3-$2-$1', $tm_datum);
+$testdatum = $tm_datum_form." ".$tm_zeit.":00";
+$_SESSION["termine_value_tm_testdatum"]    = $testdatum;
+function validateDate($date, $format = 'Y-m-d')
+{
+    $d = DateTime::createFromFormat($format, $date);
+    return $d && $d->format($format) == $date;
+}
+
+if(!validateDate($tm_datum_form)){
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=3\">";
+  exit;    
+}
+
+
+  #$datum = date("Y-m-d H:i:s");
+  if ($_SESSION["termine_status"] == 'neu') {
+    $sql1 = $db->query("INSERT INTO dvm_termine ( tm_datum
+                                                , tm_standort
+                                                , tm_plaetze
+                                                , tm_raum
+                                                , tm_referenznr
+                                                )
+                                VALUES
+                                                ( '$testdatum'
+                                                , '$tm_standort'
+                                                , '$tm_plaetze'
+                                                , '$tm_raum'
+                                                , '$tm_referenznr'
+                                                )
+                              ");
+  }
+  
+  if ($_SESSION["termine_status"] == 'edit') {
+    $tm_id   = $_SESSION["termine_tm_id"];
+
+    # Prüfen, ob zu diesem Termin bereits Kandidaten gebucht sind. Wenn ja, dann Weiterleitung zum Mailanschreiben und dann Termin ändern
+    $result_vorh = $db->query("SELECT count(*) Anz
+                                 FROM dvm_term_kand
+                                WHERE tm_id ='$tm_id'
+                             ");
+    $row_vorh    = $result_vorh->fetch_array();
+    
+    # Prüfen, ob der Kandidat angeschrieben werden muss. Nur bei einer Änderung der Anzahl muss der Kandidat nicht extra informiert werden
+    $result_vorh1 = $db->query("SELECT count(*) Anz
+                                 FROM dvm_termine
+                                WHERE tm_id ='$tm_id'
+                                  AND (tm_datum != '$testdatum'
+                                       OR tm_standort != '$tm_standort'
+                                       OR tm_raum != '$tm_raum'
+                                       OR tm_referenznr != '$tm_referenznr'
+                                      )
+                             ");
+    $row_vorh1    = $result_vorh1->fetch_array();
+    if($row_vorh['Anz'] != 0 AND $row_vorh1['Anz'] != 0){
+      echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=mailterminupdate\">";
+      exit;
+    }else{
+      $result = $db->query("UPDATE dvm_termine 
+                               SET tm_datum = '$testdatum'
+                                 , tm_standort  = '$tm_standort'
+                                 , tm_plaetze     = '$tm_plaetze'
+                                 , tm_raum = '$tm_raum'
+                                 , tm_referenznr = '$tm_referenznr'
+                            WHERE tm_id = $tm_id
+                           ");
+    
+      unset($_SESSION['termine_tm_id']);
+    }
+  
+  }
+  # Dann bekommts beim refresh den status neu, also es wird beim Abschicken ein Insert gemacht
+  $editende = 1;
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende\">";
+
+
+}
+if ($action == 'del') {
+  $tm_id = $_GET['tm_id'];
+  
+  $del1 = $db->query("DELETE FROM dvm_termine WHERE tm_id = $tm_id");
+  
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
+}
+
+if ($action == 'mailterminupdate') {
+  $tm_id   = $_SESSION["termine_tm_id"];
+  
+  # Gespeicherte Werte
+  $query1 = "SELECT mail
+               FROM dvm_kandidat
+              WHERE ka_id IN (SELECT ka_id
+                                FROM dvm_term_kand
+                               WHERE tm_id = $tm_id)
+              ORDER BY nachname ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+     $mail .= "$row1[mail], ";
+  }
+  $mail_lubu = get_parameter(8);
+  $mail_kehl = get_parameter(7);
+  
+  $mail_an = "$mail_kehl, $mail_lubu";
+  $mail_bcc = substr(trim($mail),0,-1);
+  $smarty->assign('mtupd_mailadressen_an', "$mail_an");
+  $smarty->assign('mtupd_mailadressen_bcc', "$mail_bcc");
+
+}
+
+if ($action == 'mailsenden2') {
+
+  $tm_id          = $_SESSION["termine_tm_id"];
+  $tm_plaetze     = $_SESSION["termine_value_tm_plaetze"];
+  $tm_standort    = $_SESSION["termine_value_tm_standort"];
+  $tm_raum        = $_SESSION["termine_value_tm_raum"];
+  $tm_referenznr  = $_SESSION["termine_value_tm_referenznr"];
+  $testdatum      = $_SESSION["termine_value_tm_testdatum"];
+  $empfaenger_an  = $_POST['empfaenger_an'];
+  $empfaenger_bcc = $_POST['empfaenger_bcc'];
+  $betreff        = $_POST['betreff'];
+  $text           = $_POST['text'];
+  $absender       = $_POST['absender'];
+  
+  if($absender == 'Kehl'){
+   $sendermail = get_parameter(7);
+   $sender     = 'Hochschule Kehl';
+  }
+  
+  if($absender == 'Ludwigsburg'){
+   $sendermail = get_parameter(8);
+   $sender     = 'Hochschule Ludwigsburg';
+  }
+  
+  # Update
+  $result = $db->query("UPDATE dvm_termine 
+                           SET tm_datum = '$testdatum'
+                             , tm_standort  = '$tm_standort'
+                             , tm_plaetze     = '$tm_plaetze'
+                             , tm_raum = '$tm_raum'
+                             , tm_referenznr = '$tm_referenznr'
+                        WHERE tm_id = $tm_id
+                      ");
+  
+  $query_termin = $db->query("SELECT date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, tm_standort, tm_raum, tm_plaetze, tm_referenznr FROM dvm_termine WHERE tm_id='$tm_id'");
+  $row_termin = $query_termin->fetch_array();
+    if($row_termin['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg - Reuteallee 36, 71634 Ludwigsburg';
+      $sendermail = get_parameter(8);
+    }
+    
+    if($row_termin['tm_standort'] == 'K'){
+      $standort = 'Kehl - Kinzigallee 1, 77694 Kehl';
+      $sendermail = get_parameter(7);
+    }
+  $text = $text."
+  <br>
+  <br>
+  Neue Daten:
+          <figure class='table' style='float:left;'>
+          <table>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Testtag:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $row_termin[tm_datum]
+               </font>
+             </td>
+          </tr>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Hochschule:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $standort
+               </font>
+             </td>
+          </tr>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Gebäude / Raum:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $row_termin[tm_raum]
+               </font>
+             </td>
+          </tr>
+  </table>
+  </figure>
+  ";
+  
+   $query1 = "SELECT mail, ka_id
+                FROM dvm_kandidat
+               WHERE ka_id IN (SELECT ka_id
+                                 FROM dvm_term_kand
+                                WHERE tm_id = $tm_id)
+               ORDER BY nachname ASC";
+  $result1 = $db->query($query1) or die("Cannot execute query1a $tm_id");
+  $lnnr = 0;
+  while ($row1 = $result1->fetch_array()) {
+     $mail[$lnnr]['mail'] = "$row1[mail]";
+     $mail[$lnnr]['ka_id'] = "$row1[ka_id]";
+     $lnnr++;
+  }
+  $lfdnr = $lfdnr++;
+  # Mail auch an die zuständige HS
+  $mail[$lnnr][mail]= $sendermail;
+  $mail[$lnnr][ka_id]= "";
+  
+  #echo "<pre>";
+  #print_r($mail);
+  #echo "</pre><hr>";
+  #exit;
+  #echo "
+  #From: $sender - $sendermail<br>
+  #$empfaenger<br>
+  #$betreff<br>
+  #echo "$text<br>";
+  #echo "</pre>";
+  #$hochschule<br>";
+  #exit;
+  
+  #Beim CKEDITOR die <p> Tags mit Zeilenabstand 0 in der Mail
+  $style ="<head>
+            <style>
+             p {margin: 0;}
+            </style>
+            </head>
+           ";
+  $text = $style.$text;
+  
+           for($i=0;$i<count($mail);$i++){
+ 	     ## Mailversand:
+             $headers  = "From: $sender <$sendermail>\r\n";
+             $headers .= "MIME-Version: 1.0\r\n";
+             $headers .= "Content-type: text/html; charset=utf-8\r\n";
+             $return   = @mail($empfaenger, $betreff, $text, $headers);
+             $heute    = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")); // heutiges Datum & Zeit: http://de2.php.net/manual/de/function.date.php
+             $datum_db = date("Y-m-d H:i:s", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+             $text_db = addslashes($text);
+
+             if($mail[$i][ka_id] != ""){
+             # Mail an HS soll nicht protokolliert werden
+             if($return){
+               $sql1 = $db->query("INSERT INTO dvm_sonstige_mail (sender, sendermail, ka_id, empfaenger, mail_betreff, mail_text, status, sendedat)
+                                   VALUES ('$sender', '$sendermail', '".$mail[$i][ka_id]."', '".$mail[$i][mail]."', '$betreff', '$text_db', 'V', '$datum_db')
+                                 ");
+               $smarty->assign('mail_senderg', "Die Mail wurde verschickt!");
+             }else{
+               $sql1 = $db->query("INSERT INTO dvm_sonstige_mail (sender, sendermail, ka_id, empfaenger, mail_betreff, mail_text, status, sendedat)
+                                   VALUES ('$sender', '$sendermail', '".$mail[$i][ka_id]."', '".$mail[$i][mail]."', '$betreff', '$text_db', 'F', '$datum_db')
+                                 ");
+                                 
+               $err = 1;
+               $mail_err .= $mail[$i][mail]."<br>";
+           
+             }
+             }
+           }
+
+           unset($_SESSION['termine_tm_id']);
+           $editende = 1;
+  
+           
+           if($err == 1){
+             $smarty->assign('mail_senderg', "Die Mails konnten nicht verschickt werden!<br>Prüfen Sie die folgenden Mailadressen:<br><br>$mail_err");
+           }else{
+             $smarty->assign('mail_senderg', "Die Mails wurden verschickt!");
+             echo "<meta http-equiv=\"refresh\" content=\"2; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende\">";  
+           }
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/termine.php_bcc

@@ -0,0 +1,352 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+require_once("../func_get_restplatz.php");
+require_once("../func_get_parameter.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+if ($action == '') {
+  
+  if (isset($_GET['edit'])) {
+    $_SESSION["termine_status"] = 'edit';
+    $tm_id                    = $_GET['edit'];
+    $_SESSION["termine_tm_id"]   = $tm_id;
+  } else {
+    $_SESSION["termine_status"] = 'neu';
+  }
+  
+  # -- Fehlermeldungen -- #
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    
+    $smarty->assign('termine_error', 1);
+    
+    $smarty->assign('termine_value_datum', $_SESSION["termine_value_tm_datum"]);
+    $smarty->assign('termine_value_zeit', $_SESSION["termine_value_tm_zeit"]);
+    $smarty->assign('termine_value_tm_standort', $_SESSION["termine_value_tm_standort"]);
+    $smarty->assign('termine_value_tm_plaetze', $_SESSION["termine_value_tm_plaetze"]);
+    $smarty->assign('termine_value_tm_raum', $_SESSION["termine_value_tm_raum"]);
+    $smarty->assign('termine_value_tm_referenznr', $_SESSION["termine_value_tm_referenznr"]);
+ 
+    if ($errorno == 3) {
+      # ungültiges Datum
+      $smarty->assign('termine_error_text', "Das eingegebene Datum ist nicht korrekt. Bitte korrigieren Sie das Datum!");
+    }
+  }
+  
+  # --- Wenn Werte editiert werden ------------
+  if ($_SESSION["termine_status"] == 'edit') {
+    $result_edit = $db->query("SELECT tm_id, date_format(tm_datum, '%d.%m.%Y') datum, date_format(tm_datum, '%H:%i') zeit, tm_standort, tm_plaetze, tm_raum, tm_referenznr
+                                 FROM dvm_termine
+                                WHERE tm_id = $tm_id");
+    $row_edit    = $result_edit->fetch_array();
+    $smarty->assign('termine_value_datum', "$row_edit[datum]");
+    $smarty->assign('termine_value_zeit', "$row_edit[zeit]");
+    $smarty->assign('termine_value_tm_standort', "$row_edit[tm_standort]");
+    $smarty->assign('termine_value_tm_plaetze', "$row_edit[tm_plaetze]");
+    $smarty->assign('termine_value_tm_raum', "$row_edit[tm_raum]");
+    $smarty->assign('termine_value_tm_referenznr', "$row_edit[tm_referenznr]");
+    
+  }
+  # --- Wenn Werte editiert werden Ende -------
+  
+  if ($_GET['editende'] == 1) {
+    # Editieren ist beendet, als ein update auf einen Datensatz. Dann ist der status wieder Neu, damit wird wieder ein Insert durchgeführt
+    $_SESSION["termine_status"] = 'neu';
+  }
+
+
+  # Gespeicherte Werte
+  $query1 = "SELECT tm_id, date_format(tm_datum, '%d.%m.%Y') datum, date_format(tm_datum, '%H:%i') zeit, tm_standort, tm_plaetze, tm_raum, tm_referenznr
+               FROM dvm_termine
+              WHERE tm_datum > now()
+              ORDER BY tm_datum ASC, zeit ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+    if($row1['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg';
+    }
+    if($row1['tm_standort'] == 'K'){
+      $standort = 'Kehl';
+    }
+    $restplatz = get_restplatz($row1['tm_id']);
+    if($restplatz != $row1['tm_plaetze']){
+      $disable = 0;
+    }else{
+      $disable = 1;
+    }
+    $row1['restplatz']         = $restplatz;
+    $row1['tm_disable']        = $disable;
+    $row1['standort_form']     = $standort;
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+  
+}
+
+
+if ($action == 'save') {
+
+$tm_datum        = $_POST['tm_datum'];
+$tm_zeit         = $_POST['tm_zeit'];
+$tm_plaetze      = $_POST['tm_plaetze'];
+$tm_standort     = $_POST['tm_standort'];
+$tm_raum         = $_POST['tm_raum'];
+$tm_referenznr   = trim($_POST['tm_referenznr']);
+
+
+$_SESSION["termine_value_tm_datum"]         = $tm_datum;
+$_SESSION["termine_value_tm_zeit"]          = $tm_zeit;
+$_SESSION["termine_value_tm_plaetze"]       = $tm_plaetze;
+$_SESSION["termine_value_tm_standort"]      = $tm_standort;
+$_SESSION["termine_value_tm_raum"]          = $tm_raum;
+$_SESSION["termine_value_tm_referenznr"]    = $tm_referenznr;
+
+$tm_datum_form = preg_replace('/^(\\d{2})\\.(\\d{2})\\.(\\d{4})$/', '$3-$2-$1', $tm_datum);
+$testdatum = $tm_datum_form." ".$tm_zeit.":00";
+$_SESSION["termine_value_tm_testdatum"]    = $testdatum;
+function validateDate($date, $format = 'Y-m-d')
+{
+    $d = DateTime::createFromFormat($format, $date);
+    return $d && $d->format($format) == $date;
+}
+
+if(!validateDate($tm_datum_form)){
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=3\">";
+  exit;    
+}
+
+
+  #$datum = date("Y-m-d H:i:s");
+  if ($_SESSION["termine_status"] == 'neu') {
+    $sql1 = $db->query("INSERT INTO dvm_termine ( tm_datum
+                                                , tm_standort
+                                                , tm_plaetze
+                                                , tm_raum
+                                                , tm_referenznr
+                                                )
+                                VALUES
+                                                ( '$testdatum'
+                                                , '$tm_standort'
+                                                , '$tm_plaetze'
+                                                , '$tm_raum'
+                                                , '$tm_referenznr'
+                                                )
+                              ");
+  }
+  
+  if ($_SESSION["termine_status"] == 'edit') {
+    $tm_id   = $_SESSION["termine_tm_id"];
+
+    # Prüfen, ob zu diesem Termin bereits Kandidaten gebucht sind. Wenn ja, dann Weiterleitung zum Mailanschreiben und dann Termin ändern
+    $result_vorh = $db->query("SELECT count(*) Anz
+                                 FROM dvm_term_kand
+                                WHERE tm_id ='$tm_id'
+                             ");
+    $row_vorh    = $result_vorh->fetch_array();
+    
+    # Prüfen, ob der Kandidat angeschrieben werden muss. Nur bei einer Änderung der Anzahl muss der Kandidat nicht extra informiert werden
+    $result_vorh1 = $db->query("SELECT count(*) Anz
+                                 FROM dvm_termine
+                                WHERE tm_id ='$tm_id'
+                                  AND (tm_datum != '$testdatum'
+                                       OR tm_standort != '$tm_standort'
+                                       OR tm_raum != '$tm_raum'
+                                       OR tm_referenznr != '$tm_referenznr'
+                                      )
+                             ");
+    $row_vorh1    = $result_vorh1->fetch_array();
+    if($row_vorh['Anz'] != 0 AND $row_vorh1['Anz'] != 0){
+      echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=mailterminupdate\">";
+      exit;
+    }else{
+      $result = $db->query("UPDATE dvm_termine 
+                               SET tm_datum = '$testdatum'
+                                 , tm_standort  = '$tm_standort'
+                                 , tm_plaetze     = '$tm_plaetze'
+                                 , tm_raum = '$tm_raum'
+                                 , tm_referenznr = '$tm_referenznr'
+                            WHERE tm_id = $tm_id
+                           ");
+    
+      unset($_SESSION['termine_tm_id']);
+    }
+  
+  }
+  # Dann bekommts beim refresh den status neu, also es wird beim Abschicken ein Insert gemacht
+  $editende = 1;
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende\">";
+
+
+}
+if ($action == 'del') {
+  $tm_id = $_GET['tm_id'];
+  
+  $del1 = $db->query("DELETE FROM dvm_termine WHERE tm_id = $tm_id");
+  
+  echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
+}
+
+if ($action == 'mailterminupdate') {
+  $tm_id   = $_SESSION["termine_tm_id"];
+  
+  # Gespeicherte Werte
+  $query1 = "SELECT mail
+               FROM dvm_kandidat
+              WHERE ka_id IN (SELECT ka_id
+                                FROM dvm_term_kand
+                               WHERE tm_id = $tm_id)
+              ORDER BY nachname ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+     $mail .= "$row1[mail], ";
+  }
+  $mail_lubu = get_parameter(8);
+  $mail_kehl = get_parameter(7);
+  
+  $mail_an = "$mail_kehl, $mail_lubu";
+  $mail_bcc = substr(trim($mail),0,-1);
+  $smarty->assign('mtupd_mailadressen_an', "$mail_an");
+  $smarty->assign('mtupd_mailadressen_bcc', "$mail_bcc");
+
+}
+
+if ($action == 'mailsenden2') {
+
+  $tm_id          = $_SESSION["termine_tm_id"];
+  $tm_plaetze     = $_SESSION["termine_value_tm_plaetze"];
+  $tm_standort    = $_SESSION["termine_value_tm_standort"];
+  $tm_raum        = $_SESSION["termine_value_tm_raum"];
+  $tm_referenznr  = $_SESSION["termine_value_tm_referenznr"];
+  $testdatum      = $_SESSION["termine_value_tm_testdatum"];
+  $empfaenger_an  = $_POST['empfaenger_an'];
+  $empfaenger_bcc = $_POST['empfaenger_bcc'];
+  $betreff        = $_POST['betreff'];
+  $text           = $_POST['text'];
+  $absender       = $_POST['absender'];
+  
+  if($absender == 'Kehl'){
+   $sendermail = get_parameter(7);
+   $sender     = 'Hochschule Kehl';
+  }
+  
+  if($absender == 'Ludwigsburg'){
+   $sendermail = get_parameter(8);
+   $sender     = 'Hochschule Ludwigsburg';
+  }
+  
+  # Update
+  $result = $db->query("UPDATE dvm_termine 
+                           SET tm_datum = '$testdatum'
+                             , tm_standort  = '$tm_standort'
+                             , tm_plaetze     = '$tm_plaetze'
+                             , tm_raum = '$tm_raum'
+                             , tm_referenznr = '$tm_referenznr'
+                        WHERE tm_id = $tm_id
+                      ");
+  
+  $query_termin = $db->query("SELECT date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, tm_standort, tm_raum, tm_plaetze, tm_referenznr FROM dvm_termine WHERE tm_id='$tm_id'");
+  $row_termin = $query_termin->fetch_array();
+    if($row_termin['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg - Reuteallee 36, 71634 Ludwigsburg';
+    }
+    
+    if($row_termin['tm_standort'] == 'K'){
+      $standort = 'Kehl - Kinzigallee 1, 77694 Kehl';
+    }
+  $text = $text."
+  <br>
+  <br>
+  Neue Daten:<br>
+          <table>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Testtag:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $row_termin[tm_datum]
+               </font>
+             </td>
+          </tr>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Hochschule:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $standort
+               </font>
+             </td>
+          </tr>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Gebäude / Raum:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $row_termin[tm_raum]
+               </font>
+             </td>
+          </tr>
+
+  </table>
+  ";
+  
+  #echo "
+  #From: $sender - $sendermail<br>
+  #$empfaenger<br>
+  #$betreff<br>
+  #$text<br>
+  #$hochschule<br>";
+  #exit;
+  
+  
+  
+  ## Mailversand:
+  $headers = "From: $sender <$sendermail>\r\n";
+  $headers .= "MIME-Version: 1.0\r\n";
+  $headers .= "Content-type: text/html; charset=utf-8\r\n";
+  $headers .= "Bcc: $empfaenger_bcc\n"; 
+  
+  $return     = @mail($empfaenger_an, $betreff, $text, $headers);
+  
+  if ($return) {
+    $smarty->assign('mail_senderg', "Die Mail wurde verschickt!");
+  } else {
+    $smarty->assign('mail_senderg', "Die Mail konnte nicht verschickt werden!<br>Prüfen Sie die Mailadressen.");
+  }
+
+
+
+    
+  unset($_SESSION['termine_tm_id']);
+  $editende = 1;
+  echo "<meta http-equiv=\"refresh\" content=\"2; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende\">";  
+}
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/termine_kandidat.php

@@ -0,0 +1,343 @@
+<?php
+if(!isset($_SESSION)) { session_start(); }
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']), 0, -3) . "html";
+$smarty       = new SmartyAdmin();
+require_once("../language/german.inc.php");
+require_once("../func_get_restplatz.php");
+require_once("../func_get_parameter.php");
+require_once("../config/func_cryption.php");
+$verz = "../uploads/"; // relatives Uploadverzeichnis (relativ zum 'Standort' dieser Datei, wohin die Dateien kopiert werden sollen
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+
+if ($action == '') {
+  
+  unset($_SESSION["username"]);
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+# Dropdown befüllen übernimmt ajax:fetch.php
+#  $query1 = "SELECT ka_id, vorname, nachname
+#               FROM dvm_kandidat
+#              ORDER BY nachname, vorname";
+#  
+#  $result1 = $db->query($query1) or die("Cannot execute query1a");
+#  
+#  
+#  while ($row1 = $result1->fetch_array()) {
+#    $table_data1[] = $row1;
+#  }
+#  $smarty->assign('table_data1', $table_data1);
+  
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    $smarty->assign('bewerber_error', 1);
+    if ($errorno == 1) {
+      $smarty->assign('bewerber_error_text', "Es muss ein Bewerber ausgewählt werden.");
+    }
+    
+  }
+}
+
+if ($action == 'ausgabe') {
+  if (isset($_POST['user'])) {
+    $username = mb_strtoupper($_POST["user"]); //remove case sensitivity on the username
+  } else {
+    $username = $_SESSION["username"];
+  }
+  
+  $_SESSION["username"] = $username;
+  
+  if(isset($_GET['error'])){
+  
+    $errorno = $_GET['error'];
+    $smarty->assign('termine_error', 1);
+    
+    if($errorno == 1){
+      $smarty->assign('termine_error_text', "Es muss ein Termin gewählt werden");
+    }
+  }
+  
+  if ($username == "") {
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?error=1\">";
+    exit;
+  }
+  # Kandidat
+  $result_kandidat = $db->query("SELECT anrede, vorname, nachname
+                                 FROM dvm_kandidat
+                                WHERE ka_id = '$username'
+                             ");
+  $row_kandidat    = $result_kandidat->fetch_array();
+  if($row_kandidat['anrede'] == 'W'){
+    $anrede = 'Frau';
+  }
+  if($row_kandidat['anrede'] == 'M'){
+    $anrede = 'Herrn';
+  }
+  $smarty->assign('term_kand_anrede', $anrede);
+  $smarty->assign('term_kand_vorname', $row_kandidat['vorname']);
+  $smarty->assign('term_kand_nachname', $row_kandidat['nachname']);
+  
+  # Wo ist der Kandidat bisher eingebucht
+  $result_bisher = $db->query("SELECT tm_id, date_format(tm_datum, '%d.%m.%Y') datum, date_format(tm_datum, '%H:%i') zeit, tm_standort, tm_plaetze, tm_raum, tm_referenznr
+                                 FROM dvm_termine
+                                WHERE tm_id = (SELECT tm_id 
+                                                 FROM dvm_term_kand
+                                                WHERE ka_id = '$username'
+                                                ORDER BY tk_id desc
+                                                LIMIT 1)
+                             ");
+  $row_bisher    = $result_bisher->fetch_array();
+  if($row_bisher['tm_standort'] == 'L'){
+    $standort = 'Ludwigsburg';
+  }
+  if($row_bisher['tm_standort'] == 'K'){
+    $standort = 'Kehl';
+  }
+  $smarty->assign('term_kand_datum', $row_bisher['datum']);
+  $smarty->assign('term_kand_zeit', $row_bisher['zeit']);
+  $smarty->assign('term_kand_tm_id', $row_bisher['tm_id']);
+  $smarty->assign('term_kand_standort', $standort);
+  
+  # Gespeicherte Termine
+  $query1 = "SELECT tm_id, date_format(tm_datum, '%d.%m.%Y') datum, date_format(tm_datum, '%H:%i') zeit, tm_standort, tm_plaetze, tm_raum, tm_referenznr
+               FROM dvm_termine
+              WHERE tm_datum >  NOW()
+              ORDER BY tm_datum ASC, zeit ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+    if($row1['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg';
+    }
+    if($row1['tm_standort'] == 'K'){
+      $standort = 'Kehl';
+    }
+    $restplatz = get_restplatz($row1['tm_id']);
+    if($restplatz != $row1['tm_plaetze']){
+      $disable = 0;
+    }else{
+      $disable = 1;
+    }
+    $row1['restplatz']         = $restplatz;
+    $row1['tm_disable']        = $disable;
+    $row1['standort_form']     = $standort;
+    $table_data1[]             = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+    
+}
+
+if ($action == 'mail') {
+  $tm_id = $_POST['tm_id'];
+  
+  $username = $_SESSION["username"];
+  
+  if($tm_id == ""){
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?action=ausgabe&error=1\">";
+    exit;
+  }
+  $_SESSION["termine_tm_id"] = $tm_id;
+  
+  # Gespeicherte Werte
+  $query1 = "SELECT mail
+               FROM dvm_kandidat
+              WHERE ka_id = '$username'
+              LIMIT 1";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  while ($row1 = $result1->fetch_array()) {
+     $mail .= "$row1[mail]";
+  }
+
+  $smarty->assign('mtupd_mailadressen_an', "$mail");
+}
+
+
+
+if ($action == 'mailsenden2') {
+
+  $tm_id          = $_SESSION["termine_tm_id"];
+  $username       = $_SESSION["username"];
+  $empfaenger     = $_POST['empfaenger_an'];
+  $betreff        = $_POST['betreff'];
+  $text           = $_POST['text'];
+  $absender       = $_POST['absender'];
+
+  if($absender == 'Kehl'){
+   $sendermail = get_parameter(7);
+   $sender     = 'Hochschule Kehl';
+  }
+  
+  if($absender == 'Ludwigsburg'){
+   $sendermail = get_parameter(8);
+   $sender     = 'Hochschule Ludwigsburg';
+  }
+  
+  # Update
+  $result_curid = $db->query("SELECT tp_id
+                                          FROM dvm_term_kand
+                                         WHERE ka_id = $username
+                                      ORDER BY tp_id desc
+                                         LIMIT 1
+                             ");
+  $row_curid    = $result_curid->fetch_array();
+  $akt_tpid = $row_curid['tp_id'];
+
+  $result = $db->query("UPDATE dvm_term_kand 
+                           SET tm_id = '$tm_id'
+                         WHERE tp_id = $akt_tpid
+                      ");
+
+  $query_termin = $db->query("SELECT date_format(tm_datum, '%d.%m.%Y um %H:%i Uhr') tm_datum, tm_standort, tm_raum, tm_plaetze, tm_referenznr 
+                                FROM dvm_termine 
+                               WHERE tm_id='$tm_id'");
+                               
+  $row_termin = $query_termin->fetch_array();
+    if($row_termin['tm_standort'] == 'L'){
+      $standort = 'Ludwigsburg - Reuteallee 36, 71634 Ludwigsburg';
+      $sendermail = get_parameter(8);
+    }
+    
+    if($row_termin['tm_standort'] == 'K'){
+      $standort = 'Kehl - Kinzigallee 1, 77694 Kehl';
+      $sendermail = get_parameter(7);
+    }
+  $text = $text."
+  <br>
+  <br>
+  Neue Daten:
+          <figure class='table' style='float:left;'>
+          <table>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Testtag:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $row_termin[tm_datum]
+               </font>
+             </td>
+          </tr>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Hochschule:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $standort
+               </font>
+             </td>
+          </tr>
+          <tr>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 <b>Gebäude / Raum:</b>
+               </font>
+             </td>
+             <td valign='top'>
+               <font face='Arial' size='2'>
+                 $row_termin[tm_raum]
+               </font>
+             </td>
+          </tr>
+  </table>
+  </figure>
+  ";
+  
+   $query1 = "SELECT mail, ka_id
+                FROM dvm_kandidat
+               WHERE ka_id = $username
+               ORDER BY nachname ASC";
+  $result1 = $db->query($query1) or die("Cannot execute query1a $tm_id");
+  $lnnr = 0;
+  while ($row1 = $result1->fetch_array()) {
+     $mail[$lnnr]['mail'] = "$row1[mail]";
+     $mail[$lnnr]['ka_id'] = "$row1[ka_id]";
+     $lnnr++;
+  }
+  $lfdnr = $lfdnr++;
+  # Mail auch an die zuständige HS
+  $mail[$lnnr][mail]= $sendermail;
+  $mail[$lnnr][ka_id]= "";
+  
+  #echo "<pre>";
+  #print_r($mail);
+  #echo "</pre><hr>";
+  #exit;
+  #echo "
+  #From: $sender - $sendermail<br>
+  #$empfaenger<br>
+  #$betreff<br>
+  #echo "$text<br>";
+  #echo "</pre>";
+  #$hochschule<br>";
+  #exit;
+  
+  #Beim CKEDITOR die <p> Tags mit Zeilenabstand 0 in der Mail
+  $style ="<head>
+            <style>
+             p {margin: 0;}
+            </style>
+            </head>
+           ";
+  $text = $style.$text;
+  
+           for($i=0;$i<count($mail);$i++){
+ 	     ## Mailversand:
+             $headers  = "From: $sender <$sendermail>\r\n";
+             $headers .= "MIME-Version: 1.0\r\n";
+             $headers .= "Content-type: text/html; charset=utf-8\r\n";
+             $return   = @mail($empfaenger, $betreff, $text, $headers);
+             $heute    = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")); // heutiges Datum & Zeit: http://de2.php.net/manual/de/function.date.php
+             $datum_db = date("Y-m-d H:i:s", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+             $text_db = addslashes($text);
+
+             if($mail[$i][ka_id] != ""){
+             # Mail an HS soll nicht protokolliert werden
+             if($return){
+               $sql1 = $db->query("INSERT INTO dvm_sonstige_mail (sender, sendermail, ka_id, empfaenger, mail_betreff, mail_text, status, sendedat)
+                                   VALUES ('$sender', '$sendermail', '".$mail[$i][ka_id]."', '".$mail[$i][mail]."', '$betreff', '$text_db', 'V', '$datum_db')
+                                 ");
+               $smarty->assign('mail_senderg', "Die Mail wurde verschickt!");
+             }else{
+               $sql1 = $db->query("INSERT INTO dvm_sonstige_mail (sender, sendermail, ka_id, empfaenger, mail_betreff, mail_text, status, sendedat)
+                                   VALUES ('$sender', '$sendermail', '".$mail[$i][ka_id]."', '".$mail[$i][mail]."', '$betreff', '$text_db', 'F', '$datum_db')
+                                 ");
+                                 
+               $err = 1;
+               $mail_err .= $mail[$i][mail]."<br>";
+           
+             }
+             }
+           }
+
+           unset($_SESSION['termine_tm_id']);
+           $editende = 1;
+  
+           
+           if($err == 1){
+             $smarty->assign('mail_senderg', "Die Mails konnten nicht verschickt werden!<br>Prüfen Sie die folgenden Mailadressen:<br><br>$mail_err");
+           }else{
+             $smarty->assign('mail_senderg', "Die Mails wurden verschickt!");
+             echo "<meta http-equiv=\"refresh\" content=\"2; URL=" . $_SERVER['PHP_SELF'] . "?editende=$editende\">";  
+           }
+}
+// ende Action
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/test_csv.php

@@ -0,0 +1,889 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once("../language/german.inc.php");
+require_once("../config/func_cryption.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+#########Konfiguration#######################################
+$verz = "upload_csv/";                          // relatives Uploadverzeichnis (relativ zum 'Standort' dieser Datei, wohin die Dateien kopiert werden sollen
+$trennzeichen_excel = "\t";                  // Das Trennzeichen das Excel f&uuml;r CVS-Dateien nimmt ist je nach Excelversion unterschiedlich: 
+                                            // Entweder $trennzeichen_excel = ";"; --> Semikolon
+                                            //     oder $trennzeichen_excel = ","; --> Komma
+#############################################################
+
+
+
+
+$_SESSION["ck_verz"]=$verz;
+
+$limitedext = array(".csv"); //Erlaubte Dateieindung beim Upload
+
+if ($action == '') {
+
+$heute  = mktime(0, 0, 0, date("m"), date("d"), date("Y"));  // heutiges Datum
+$heute_format = date("Y-m-d", $heute);  // ISO-8601 Format wie in der Datenbank: Formatierung f&uuml;r Vergleiche erforderlich
+
+function deleteFiles($verz){
+  $handle = opendir($verz);
+  while ($file = readdir ($handle)) {
+    if($file != "." && $file != "..") {
+
+      $datei = $verz.$file;
+
+      if(@unlink($datei)){
+          $error = TRUE;
+      }
+      else
+      {
+          $error = FALSE;
+      }
+    }
+  }
+  closedir($handle);
+  return $error;
+}
+
+deleteFiles($verz);  // Dateien werden im Uploadverzeichnis gel&ouml;scht, falls noch welche darin w&auml;ren
+
+
+echo "
+<html>
+<head>
+<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+<title>CSV Upload</title>
+</head>
+<body>
+<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+    <tr>
+        <td>
+        <div align=\"center\">
+            <table cellspacing=\"0\" cellpadding=\"0\" allign=\"center\"  width=\"50%\" border=\"0\">
+                <tr>
+                    <td width=\"10\" background=\"../images/box_e1.gif\">
+                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
+                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                    <font class=\"hd\">CSV Upload</font><br>
+                    <span class=\"sh\">Import eines Studienjahrgangs</span>
+                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
+                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                </tr>
+                <tr>
+                    <td width=\"1%\" background=\"../images/box_l.gif\">
+                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    <td>
+                    <form action='".$_SERVER['PHP_SELF'] . "?action=csvimp" ."' enctype=\"multipart/form-data\" method='post'>
+                        <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-width:0; border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"142\">
+                            <tr>
+                                <td width=\"60%\" style=\"border-style: none; border-width: medium\" >
+                                  <b>Datei w&auml;hlen:</b><br>Erlaubte Dateiendungen: *.csv
+                                </td>
+                                <td width=\"40%\"align=\"left\" style=\"border-style: none; border-width: medium\" >
+                                  <p>
+                                  <input name=\"file\" type=\"file\" size=\"30\"></p>
+                                </td>
+                             </tr>
+                             <tr>
+                                <td width=\"60%\" style=\"border-style: none; border-width: medium\">
+                                </td>
+                                <td width=\"40%\"align=\"right\" style=\"border-style: none; border-width: medium\">
+                                  <p>
+                                  <input type=\"submit\" value=\"Abschicken\" name=\"B1\" size=\"20\">
+                                </td>
+                            </tr>
+                        </table>
+                    </form>
+                    </td>
+                    <td width=\"1%\" background=\"../images/box_r.gif\">
+                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                </tr>
+                <tr>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                    </td>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"8\">
+                    </td>
+                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                    </td>
+                </tr>
+
+            </table>
+        </div>
+        </td>
+    </tr>
+</table>
+</body>
+</html>";
+
+}
+
+if ($action == 'csvimp') {
+
+
+// http://www.tutorials.de/tutorials65420.html
+$tempname = $_FILES['file']['tmp_name'];
+$name = $_FILES['file']['name'];
+
+$type = $_FILES['file']['type'];
+$size = $_FILES['file']['size'];
+$einheit = "Byte";  // F&uuml;r die Efolgsmeldung.
+
+$extlimit = "yes"; //Do you want to limit the extensions of files uploaded
+$ext = strrchr($name,'.');
+if (($extlimit == "yes") && (!in_array($ext,$limitedext))) {
+
+$err[] = "
+<html>
+<head>
+<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+<title>Falscher Dateityp</title>
+</head>
+<body>
+<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+    <tr>
+        <td>
+        <div align=\"center\">
+            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
+                <tr>
+                    <td width=\"10\" background=\"../images/box_e1.gif\">
+                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
+                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                    <span class=\"sh\">Falscher Dateityp</span>
+                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
+                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                </tr>
+                <tr>
+                    <td width=\"1%\" background=\"../images/box_l.gif\">
+                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    <td>
+                     <br>
+                     <p align=\"center\">Es d&uuml;rfen nur csv-Dateien hochgeladen werden!
+                     <p>
+                     <p align=\"center\"><p align=\"center\"><a href=\"javascript:history.back()\">
+                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a>
+                     </p>
+                    </td>
+                    <td width=\"1%\" background=\"../images/box_r.gif\">
+                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                </tr>
+                <tr>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                    </td>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"8\">
+                    </td>
+                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                    </td>
+                </tr>
+
+            </table>
+        </div>
+        </td>
+    </tr>
+</table>
+</body>
+</html>";
+}
+
+if($size > "9900000") {
+$err[] = "
+<html>
+<head>
+<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+<title>Datei zu gro&szlig;</title>
+</head>
+<body>
+<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+    <tr>
+        <td>
+        <div align=\"center\">
+            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
+                <tr>
+                    <td width=\"10\" background=\"../images/box_e1.gif\">
+                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
+                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                    <span class=\"sh\">Datei zu gro&szlig;</span>
+                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
+                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                </tr>
+                <tr>
+                    <td width=\"1%\" background=\"../images/box_l.gif\">
+                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    <td>
+                     <br>
+                     <p align=\"center\">Die Datei welche Sie hochladen wollen, ist zu gross!<br>Maximale Dateigroesse betr&auml;gt 9.900 KB!
+                     <p>
+                     <p align=\"center\"><p align=\"center\"><a href=\"javascript:history.back()\">
+                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a>
+                     </p>
+                    </td>
+                    <td width=\"1%\" background=\"../images/box_r.gif\">
+                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                </tr>
+                <tr>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                    </td>
+                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"8\">
+                    </td>
+                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                      <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                    </td>
+                </tr>
+            </table>
+        </div>
+        </td>
+    </tr>
+</table>
+</body>
+</html>";
+}
+$name = str_replace (array("&auml;", "&ouml;", "&uuml;", "&szlig;", "&Auml;", "&Ouml;", "&Uuml;"," "), array("ae", "oe", "ue", "ss", "Ae", "Oe", "Ue", "_"), $name);
+$heute  = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y"));  // heutiges Datum & Zeit: http://de2.php.net/manual/de/function.date.php
+$heuteformat = date("H-i-s_Y-m-d", $heute);  // Formatierung, wie es vor dem Dateinamen erscheinen soll
+$datum_db = date("Y-m-d H:i:s", $heute);  // Formatierung, wie es vor dem Dateinamen erscheinen soll
+$neu = $heuteformat."_".$name;
+$_SESSION["ck_neu"]=$neu;
+
+If(empty($err)) {
+  move_uploaded_file("$tempname", "$verz$neu");  // Unterverzeichnisse wie folgt: copy("$tempname", "pdf/$neu");
+
+  $row = 1;                                                              // Anzahl der Arrays
+  $handle = fopen ("$verz$neu","r");                                      // Datei zum Lesen &ouml;ffnen
+
+  echo "
+  <html>
+   <head>
+     <meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+     <link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+     <title>Datens&auml;tze pr&uuml;fen</title>
+   </head>
+   <body>
+    <table border=\"0\" style=\"border-collapse: collapse\" width='150%'  cellpadding=\"0\" height=\"90%\">
+      <tr>
+          <td>
+            <div align=\"center\">
+              <table cellspacing=\"0\" cellpadding=\"0\"  border=\"0\">
+                  <tr>
+                      <td width=\"10\" background=\"../images/box_e1.gif\">
+                      <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                      <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
+                      <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                      <font class=\"hd\">Datens&auml;tze pr&uuml;fen</font><br>
+                      <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
+                      <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                      <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                  </tr>
+                  <tr>
+                      <td width=\"1%\" background=\"../images/box_l.gif\">
+                      <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                      <td>
+                        <table border=\"0\" cellpadding=\"2\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#E7E8ED\">
+                          <tr>
+                            <td width=\"4%\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">uid</font></b>
+                            </td>
+                            <td width=\"10%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Nachname</font></b>
+                            </td>
+                            <td width=\"10%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Vorname</font></b>
+                            </td>
+                            <td width=\"1%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Matrikelnr.</font></b>
+                            </td>
+                            <td width=\"2%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">KFZ</font></b>
+                            </td>
+                            <td width=\"2%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">HS</font></b>
+                            </td>
+                            <td width=\"2%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">PLZ</font></b>
+                            </td>
+                            <td width=\"13%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Ort</font></b>
+                            </td>
+                            <td width=\"14%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Stra&szlig;e</font></b>
+                            </td>
+                            <td width=\"2%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Stg</font></b>
+                            </td>
+                            <td width=\"11%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">StgText</font></b>
+                            </td>
+                            <td width=\"2%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">AG</font></b>
+                            </td>
+                            <td width=\"2%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Jahr</font></b>
+                            </td>
+                            <td width=\"3%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Passwort</font></b>
+                            </td>
+                            <td width=\"44%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Mail</font></b>
+                            </td>
+                          </tr>";
+
+
+                          while ( ($data = fgetcsv ($handle, 0, $trennzeichen_excel)) !== FALSE )                  // Daten werden aus der Datei in ein Array $data gelesen
+                          {
+                            $num = count ($data);                                                     // Felder im Array $data werden gez&auml;hlt
+                            //print "<p> $num fields in line $row: <br>\n";
+                            print "\n";
+                            $row++;                                                                   // Anzahl der Arrays wird
+                                                                                                      // inkrementiert
+                                                                                                    
+                           $passwd = str_replace(".", "", $data[13]);
+
+                            print "<tr>";
+                            //   for ($c=0; $c < $num; $c++) {                                        // FOR-Schleife: Oder Anzahl der zu importierenden Felder ($num)
+                            print "<td><font size=\"1\">".strtolower($data[0]) . "</td>\n";       // uid
+                            print "<td><font size=\"1\">".$data[1] . "</td>\n";                   // Nacname
+                            print "<td><font size=\"1\">".$data[2] . "</td>\n";                   // Vorname
+                            print "<td><font size=\"1\">".$data[3] . "</td>\n";                   // Matrikelnr
+                            print "<td><font size=\"1\">".$data[4] . "</td>\n";                   // KFZ
+                            print "<td><font size=\"1\">".$data[5] . "</td>\n";                   // HS
+                            print "<td><font size=\"1\">".$data[6] . "</td>\n";                   // PLZ
+                            print "<td><font size=\"1\">".$data[7] . "</td>\n";                   // ORT
+                            print "<td><font size=\"1\">".$data[8] . "</td>\n";                   // Stra&szlig;e
+                            print "<td><font size=\"1\">".$data[9] . "</td>\n";                   // STG
+                            print "<td><font size=\"1\">".$data[10] . "</td>\n";                   // StgText
+                            print "<td><font size=\"1\">".strtoupper($data[11]) . "</td>\n";      // AG
+                            print "<td><font size=\"1\">".$data[12] . "</td>\n";                  // Jahrgang
+                            #print "<td><font size=\"1\">".strtolower($data[12]) . "</td>\n";      // Passwort in Kleinbuchstaben
+                            print "<td><font size=\"1\">".$passwd . "</td>\n";      // Passwort
+                            print "<td><font size=\"1\">".$data[14] . "</td>\n";                  // Mail
+                            //   }
+                            print "</tr>";
+                            $ln_inserts[]++;                                                      //z&auml;hlt die Anzahl der importierenden DS
+                          }
+                        echo "
+                        </table>
+                      </td>
+                      <td width=\"1%\" background=\"../images/box_r.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\">
+                      </td>
+                  </tr>
+                  <tr>
+                      <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                      </td>
+                      <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"8\">
+                      </td>
+                      <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                      </td>
+                  </tr>
+              </table>
+              <br>";
+              $zahl=count($ln_inserts);
+
+              echo"
+
+              <table border=\"0\" style=\"border-collapse: collapse\" width='40%'  cellpadding=\"0\">
+              <tr>
+                <td>
+                   <div align=\"center\">
+                     <table cellspacing=\"0\" cellpadding=\"0\"  border=\"0\">
+                     <tr>
+                        <td width=\"10\" background=\"../images/box_e1.gif\">
+                          <img height=\"40\" src=\"../images/blank.gif\" width=\"22\">
+                        </td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
+                          <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                          <font class=\"hd\">Sollen die $zahl Datens&auml;tze importiert werden?</font><br>
+                          <img height=\"5\" src=\"../images/blank.gif\" width=\"1\">
+                        </td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                          <img height=\"40\" src=\"../images/blank.gif\" width=\"22\">
+                        </td>
+                     </tr>
+                     <tr>
+                        <td width=\"1%\" background=\"../images/box_l.gif\">
+                          <img height=\"1\" src=\"../images/blank.gif\" width=\"22\">
+                        </td>
+                        <td>
+                          <form action='".$_SERVER['PHP_SELF'] . "?action=csvimp2" ."' enctype=\"multipart/form-data\" method='post'>
+                          <table width=\"100%\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#E7E8ED\">
+                          <tr>
+                            <td width=\"70%\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Auswahl</font></b>
+                            </td>
+                            <td width=\"30%\" align=\"left\" style=\"border-left-style: none; border-left-width: medium; border-right-style: none; border-right-width: medium; border-top-style: none; border-top-width: medium; border-bottom-style: solid; border-bottom-width: 1px\">
+                              <b><font size=\"1\">Markieren</font></b>
+                            </td>
+                          </tr>
+                          <tr>
+                            <td width=\"70%\"><font size=\"1\">Datens&auml;tze nicht importieren
+                            </td>
+                            <td width=\"30%\"><font size=\"1\"><input type=\"radio\" name=\"import\" value=\"0\" checked>
+                            </td>
+                          </tr>
+                          <tr>
+                            <td width=\"70%\"><font size=\"1\">Datens&auml;tze importieren
+                            </td>
+                            <td width=\"30%\"><font size=\"1\"><input type=\"radio\" name=\"import\" value=\"1\">
+                            </td>
+                          </tr>
+                          <tr>
+                            <td width=\"70%\">
+                              &nbsp;
+                            </td>
+                            <td width=\"30%\">
+                              &nbsp;
+                            </td>
+                          </tr>
+                          <tr>
+                            <td width=\"70%\">
+                              &nbsp;
+                            </td width=\"30%\">
+                            <td>
+                              <input type=\"submit\" value=\"Abschicken\" name=\"B1\" size=\"20\">
+                            </td>
+                          </tr>
+                          </table>
+                        </td>
+                        <td width=\"1%\" background=\"../images/box_r.gif\">
+                          <img height=\"1\" src=\"../images/blank.gif\" width=\"22\">
+                        </td>
+                     </tr>
+                     <tr>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                          <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                        </td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
+                          <img height=\"16\" src=\"../images/blank.gif\" width=\"8\">
+                        </td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                          <img height=\"16\" src=\"../images/blank.gif\" width=\"22\">
+                        </td>
+                     </tr>
+                     </table>
+                   </div>
+                </td>
+              </tr>
+              </table>
+   </body>
+  </html>
+  ";
+}else {
+
+  foreach($err as $error)
+  echo "$error";
+  exit;
+} //Ende if error
+fclose ($handle);
+
+}
+
+if ($action == 'csvimp2') {
+$neu=$_SESSION["ck_neu"];  //CSV-Dateinamen um Datei l&ouml;schen zu k&ouml;nnen
+$verz=$_SESSION["ck_verz"];  //Uploadverzeichnis aus Cookie holen
+
+
+if ($_POST['import'] == "0")  // DS sollen nicht importiert werden
+{
+  $dateiname="$verz$neu";
+  if (@unlink($dateiname))  // Funktion l&ouml;scht Dateien und gibt true / false zur&uuml;ck
+  {
+  echo"
+
+    <html>
+    <head>
+    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+    <link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+    <title>Import beendet</title>
+    </head>
+    <body>
+    <table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+        <tr>
+            <td>
+            <div align=\"center\">
+                <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
+                    <tr>
+                        <td width=\"10\" background=\"../images/box_e1.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
+                        <td width=\"95%\" background=\"../images/box_top.gif\">
+                        <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                        <span class=\"sh\">Importvorgang abgebrochen</span><br>
+                        <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td width=\"1%\" background=\"../images/box_l.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td colspan=\"2\"><br>
+                        <p align=\"center\">Datems&auml;tze wurden nicht importiert!<br>Die CSV-Datei wurde vom Server gel&ouml;scht!
+                        </p>
+                        <p align=\"center\"><a href=\"javascript:window.close()\">
+                        <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
+                        </p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p><br>
+                        </p>
+                        </td>
+                        <td width=\"1%\" background=\"../images/box_r.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
+                    </tr>
+                </table>
+            </div>
+            </td>
+        </tr>
+    </table>
+    </body>
+    </html>";
+
+  }else{
+
+    echo"
+    <html>
+    <head>
+    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+    <link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+    <title>Datei nicht gel&ouml;scht</title>
+    </head>
+    <body>
+    <table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+        <tr>
+            <td>
+            <div align=\"center\">
+                <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
+                    <tr>
+                        <td width=\"10\" background=\"../images/box_e1.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
+                        <td width=\"95%\" background=\"../images/box_top.gif\">
+                        <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                        <span class=\"sh\">Importvorgang abgebrochen</span><br>
+                        <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td width=\"1%\" background=\"../images/box_l.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td colspan=\"2\"><br>
+                        <p align=\"center\">Datems&auml;tze wurden nicht importiert!<br>Die CSV-Datei ($neu) konnte <b>nicht</b> vom Server gel&ouml;scht werden!
+                        </p>
+                        <p align=\"center\"><a href=\"javascript:window.close()\">
+                        <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
+                        </p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p><br>
+                        </p>
+                        </td>
+                        <td width=\"1%\" background=\"../images/box_r.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
+                    </tr>
+                </table>
+            </div>
+            </td>
+        </tr>
+    </table>
+    </body>
+    </html>";
+  } // End if
+
+} elseif($_POST['import'] == "1") // DS sollen importiert werden
+{
+  $row = 1;                                                                   // Anzahl der Arrays
+  $handle = fopen ("$verz$neu","r");                                          // Datei zum Lesen &ouml;ffnen
+  while ( ($data = fgetcsv ($handle, 1000, $trennzeichen_excel)) !== FALSE )                  // Daten werden aus der Datei in ein Array $data gelesen
+  {
+    $num = count ($data);                                                     // Felder im Array $data werden gez&auml;hlt
+    //print "<p> $num fields in line $row: <br>\n";
+    print "\n";
+    $row++;                                                                   // Anzahl der Arrays wird
+                                                                              // inkrementiert
+   #$pwd  = strtolower($data[13]);
+   $pwd = str_replace(".", "", $data[13]);
+   $passwd = md5($pwd);
+   $uid  = strtolower($data[0]);
+   
+   $geb = preg_split('/\./', $data[13]);
+   $tag = $geb[0];
+   $mon = $geb[1];
+   $jahr = $geb[2];
+   $gebtag = "$jahr-$mon-$tag";
+   //$passwd = mysql_escape_string($passwd);
+   
+                                                                              
+    // ACHTUNG: AN DIESER ZEILE NICHTS &Auml;NDERN, da die erste Zeile des Strings rausgefiltert wird bei der Ausgabe der nichtimportierten DS
+    $insert[] .= "INSERT INTO stud (uid, nachname, vorname, mtknr, pokfz, hs, poplz, poOrt, poStrasse, stg, stgText, AG, Jahrgang, Pwd, mail, geburtstag) VALUES ( lower('$data[0]')
+                                     ,'$data[1]'
+                                     ,'$data[2]'
+                                     ,'$data[3]'
+                                     ,'$data[4]'
+                                     ,'$data[5]'
+                                     ,'$data[6]'
+                                     ,'$data[7]'
+                                     ,'$data[8]'
+                                     ,'$data[9]'
+                                     ,'$data[10]'
+                                     ,upper('$data[11]')
+                                     ,'$data[12]'
+                                     ,'$passwd'
+                                     ,'$data[14]'
+                                     ,'$gebtag'
+                                   )
+                 ";
+  }
+
+  
+  for ($i=0;$i<sizeof($insert);$i++)
+  {
+    $sql = mysql_query("$insert[$i]");
+    if (!$sql) {
+      $unimported[]= $insert[$i];
+    }
+  }
+  fclose ($handle);
+  $dateiname="$verz$neu";
+  if (@unlink($dateiname))  // Funktion l&ouml;scht Dateien und gibt true / false zur&uuml;ck
+  {
+  
+$y = str_replace (array("INSERT INTO stud (uid, nachname, vorname, mtknr, pokfz, hs, poplz, poOrt, poStrasse, stg, stgText, AG, Jahrgang, Pwd, mail, geburtstag) VALUES ( lower('"), array(""), $unimported);
+
+    echo"
+
+    <html>
+    <head>
+    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+    <link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+    <title>Import beendet</title>
+    </head>
+    <body>
+    <table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+        <tr>
+            <td>
+            <div align=\"center\">
+                <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
+                    <tr>
+                        <td width=\"10\" background=\"../images/box_e1.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
+                        <td width=\"95%\" background=\"../images/box_top.gif\">
+                        <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                        <span class=\"sh\">Importvorgang erfolgreich</span><br>
+                        <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td width=\"1%\" background=\"../images/box_l.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td colspan=\"2\"><br>
+                        <p align=\"center\">Der Importvorgang wurde erfolgreich beendet!<br>Die CSV-Datei wurde vom Server gel&ouml;scht!
+                        </p>";
+                          $num1 = count ($y);  // Anzahl der nicht importierten UIDs
+                          if ($y != "")
+                          {
+                            echo"Es wurden $num1 Datens&auml;tze nicht importiert<br>
+                                 Wahrscheinlich ist die UID bereits in der Datenbank vorhanden,<br>
+                                 oder eines der Felder ist zu lang:
+                                 <p>";
+                          }
+                          // Ausgabe der nicht importierten DS
+                          for ($i=0;$i<sizeof($y);$i++)
+                          {
+                            $b = strpos ($y[$i], "'");
+                            $e = substr($y[$i], 0, $b);
+                            
+                            print strtolower($e); // Ausgabe der nicht importierten UIDs
+                            echo"<br>";
+                          }
+                        echo"
+                        <p align=\"center\"><a href=\"../hauptframe_welcome.php\">
+                        <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
+                        </p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p><br>
+                        </p>
+                        </td>
+                        <td width=\"1%\" background=\"../images/box_r.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
+                    </tr>
+                </table>
+            </div>
+            </td>
+        </tr>
+    </table>
+    </body>
+    </html>";
+
+  }else{
+
+    echo"
+    <html>
+    <head>
+    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">
+    <link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
+    <title>Datei nicht gel&ouml;scht</title>
+    </head>
+    <body>
+    <table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
+        <tr>
+            <td>
+            <div align=\"center\">
+                <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
+                    <tr>
+                        <td width=\"10\" background=\"../images/box_e1.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
+                        <td width=\"95%\" background=\"../images/box_top.gif\">
+                        <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
+                        <span class=\"sh\">Importvorgang erfolgreich</span><br>
+                        <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
+                        <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td width=\"1%\" background=\"../images/box_l.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td colspan=\"2\"><br>
+                        <p align=\"center\">Der Importvorgang wurde erfolgreich beendet!<br>Die CSV-Datei ($neu) konnte <b>nicht</b> vom Server gel&ouml;scht werden!
+                        </p>";
+                          $num1 = count ($y);  // Anzahl der nicht importierten UIDs
+                          if ($y != "")
+                          {
+                            echo"Es wurden $num1 Datens&auml;tze nicht importiert<br>
+                                 Wahrscheinlich ist die UID bereits in der Datenbank vorhanden,<br>
+                                 oder eines der Felder ist zu lang:
+                                 <p>";
+                          }
+                          // Ausgabe der nicht importierten DS
+                          for ($i=0;$i<sizeof($y);$i++)
+                          {
+                            $b = strpos ($y[$i], "'");
+                            $e = substr($y[$i], 0, $b);
+                            
+                            print strtolower($e); // Ausgabe der nicht importierten UIDs
+                            echo"<br>";
+                          }
+                        echo"
+                        <p align=\"center\"><a href=\"javascript:window.close()\">
+                        <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
+                        </p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p></p>
+                        <p><br>
+                        </p>
+                        </td>
+                        <td width=\"1%\" background=\"../images/box_r.gif\">
+                        <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
+                    </tr>
+                    <tr>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
+                        <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
+                        <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
+                        <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
+                    </tr>
+                </table>
+            </div>
+            </td>
+        </tr>
+    </table>
+    </body>
+    </html>";
+  } // End if
+
+}else { // Es wurde kein Radiobutton gew&auml;hlt! Technisch aber ausgeschlossen
+
+  echo "sie m&uuml;ssen eine Auswahl treffen";
+
+}
+
+function deleteFiles($verz){
+  $handle = opendir($verz);
+  while ($file = readdir ($handle)) {
+    if($file != "." && $file != "..") {
+
+      $datei = $verz.$file;
+
+      if(@unlink($datei)){
+          $error = TRUE;
+      }
+      else
+      {
+          $error = FALSE;
+      }
+    }
+  }
+  closedir($handle);
+  return $error;
+}
+
+deleteFiles($verz);  // Dateien werden im Uploadverzeichnis gel&ouml;scht, falls noch welche darin w&auml;ren
+
+} // ende Action
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/titel.php

@@ -0,0 +1,51 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";
+
+if($_SESSION["global_username"] == ''){
+echo"<script type='text/javascript'>window.top.location.href = \"index.php\";</script>";
+}
+
+/*
+$db = dbconnect();
+
+#Hat User ein Adminrecht
+
+$result_admin = $db->query("SELECT count(*) Anz FROM dep_rollen_user_zuord WHERE imtuid = '$uid' AND roid='1'");
+#echo "SELECT count(*) Anz FROM dep_rollen_user_zuord WHERE imtuid = '$uid' AND roid='1'<br>";
+$row_admin = $result_admin->fetch_array();
+
+if($row_admin[Anz] > 0){
+  $smarty->assign('titel_admin', "1");
+}
+
+
+$result_ausschuss = $db->query("SELECT count(*) Anz FROM dep_rollen_user_zuord WHERE imtuid = '$uid' AND roid in (4,5)");
+$row_ausschuss = $result_ausschuss->fetch_array();
+
+if($row_ausschuss[Anz] > 0){
+  $smarty->assign('titel_ausschuss', "1");
+}
+
+
+$result_beteiligte = $db->query("SELECT count(*) Anz FROM dep_rollen_user_zuord WHERE imtuid = '$uid' AND roid='3'");
+$row_beteiligte = $result_beteiligte->fetch_array();
+
+if($row_beteiligte[Anz] > 0){
+  $smarty->assign('titel_beteiligte', "1");
+}
+
+
+$result_gutachter = $db->query("SELECT count(*) Anz FROM dep_rollen_user_zuord WHERE imtuid = '$uid' AND roid='2'");
+$row_gutachter = $result_gutachter->fetch_array();
+
+if($row_gutachter[Anz] > 0){
+  $smarty->assign('titel_gutachter', "1");
+}
+
+*/
+$smarty->display("$template/admin/$templatename");
+?>

admin/upload.php

@@ -0,0 +1,402 @@
+<?php
+session_start();
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']), 0, -3) . "html";
+$smarty       = new SmartyAdmin();
+require_once("../language/german.inc.php");
+require_once("../func_get_parameter.php");
+require_once("../config/func_cryption.php");
+
+if (isset($_GET['action'])) {
+  $action = $_GET['action'];
+} else {
+  $action = '';
+}
+
+
+#########Konfiguration#######################################
+$verz               = "upload_csv/"; // relatives Uploadverzeichnis (relativ zum 'Standort' dieser Datei, wohin die Dateien kopiert werden sollen
+$trennzeichen_excel = "\t"; // Das Trennzeichen das Excel f&uuml;r CVS-Dateien nimmt ist je nach Excelversion unterschiedlich: 
+// Entweder $trennzeichen_excel = ";"; --> Semikolon
+//     oder $trennzeichen_excel = ","; --> Komma
+#############################################################
+
+
+
+
+$_SESSION["ck_verz"] = $verz;
+
+
+if ($action == '') {
+  
+  $german = $db->query("SET lc_time_names = 'de_DE';");
+  
+  $query1 = "SELECT a.tm_id, date_format(tm_datum, '%a, %d.%m.%Y - %H:%i Uhr')tm_datum_form, tm_standort
+               FROM dvm_termine a, dvm_term_kand b
+              WHERE a.tm_id=b.tm_id
+                AND a.tm_datum > ADDDATE(now(), -7)
+              GROUP BY a.tm_id, tm_datum_form, tm_standort
+              ORDER BY tm_datum ASC";
+  
+  $result1 = $db->query($query1) or die("Cannot execute query1");
+  
+  
+  while ($row1 = $result1->fetch_array()) {
+    
+    if ($row1['tm_standort'] == 'L') {
+      $standort = 'Ludwigsburg';
+    }
+    if ($row1['tm_standort'] == 'K') {
+      $standort = 'Kehl';
+    }
+    
+    $row1['tm_standort'] = $standort;
+    $table_data1[]       = $row1;
+  }
+  $smarty->assign('table_data1', $table_data1);
+}
+
+if ($action == 'upload') {
+  # Den Testtermin wählt man, damit jede Hochschule seine eigenen Daten importieren kann. Wenn eine Hochschule am selben TAg einen Test hat vermeidet man dass ein halbfertiger Test importiert wird
+  if (isset($_POST["testtermin"])) {
+    $testtermin = $_POST["testtermin"];
+  } else {
+    $testtermin = $_SESSION["testtermin"];
+  }
+  
+  $_SESSION["testtermin"] = $testtermin;
+  
+  
+  # Uploadverzeichnis aufräumen. Temporäre Dateien, die älter als 2 Wochen sind, werden gelöscht
+    $dir = $_SERVER["DOCUMENT_ROOT"].dirname($_SERVER['PHP_SELF'])."/$verz";
+    $folder = dir($dir);
+    while ($dateiname = $folder->read()) {
+        if (filetype($dir.$dateiname) != "dir") {
+            if (strtotime("-2 weeks") >
+                @filemtime($dir.$dateiname)) {
+                if (@unlink($dir.$dateiname) != false){
+                #  echo $dateiname.' wurde gelöscht<br>';
+                }else{
+                #  echo $dateiname.' konnte nichtgelöscht werden<br>';
+                }
+            }
+        }
+    }
+  
+  
+  # Fehler beim Upload anzeigen
+  if (isset($_GET['error'])) {
+    
+    $errorno = $_GET['error'];
+    $smarty->assign('index_error', 1);
+    
+    if ($errorno == 1) {
+      $smarty->assign('index_error_text', "Es dürfen nur CSV Dateien hochgeladen werden.");
+    }
+    if ($errorno == 2) {
+      # Tabelle dvm_parameter
+      $size_mb = trim(get_parameter(12));
+      $smarty->assign('index_error_text', "Die Datei ist zu groß. Die Dateigröße darf max. $size_mb MB betragen.");
+    }
+    if ($errorno == 3) {
+      $smarty->assign('index_error_text', "Vorgang wurde abgebrochen. Die Datei wurde vom Server gelöscht");
+    }
+    if ($errorno == 4) {
+      $smarty->assign('index_error_text', "Vorgang wurde abgebrochen. Die Datei wurde nicht vom Server gelöscht");
+    }
+  }
+}
+
+if ($action == 'csvimp') {
+  
+  $testtermin = $_SESSION["testtermin"];
+  
+  // http://www.tutorials.de/tutorials65420.html
+  #echo '<pre>', print_r($_POST, true), '</pre>'; 
+  
+  $tempname = $_FILES['file']['tmp_name'];
+  $name     = $_FILES['file']['name'];
+  
+  $type    = $_FILES['file']['type'];
+  $size    = $_FILES['file']['size'];
+  $einheit = "Byte"; // F&uuml;r die Efolgsmeldung.
+  
+  $limitedext = array(
+    ".csv"
+  ); //Erlaubte Dateieindung beim Upload
+  
+  $extlimit = "yes"; //Do you want to limit the extensions of files uploaded
+  $ext      = strrchr($name, '.');
+  
+  if (($extlimit == "yes") && (!in_array($ext, $limitedext))) {
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=upload&error=1\">";
+    exit;
+  }
+  
+  
+  # Tabelle dvm_parameter
+  $size_mb = trim(get_parameter(12));
+  $size_bt = $size_mb * 1024 * 1024;
+  
+  if ($size > $size_bt) {
+    echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=upload&error=2\">";
+    exit;
+  }
+  
+  
+  $name               = str_replace(array(
+    "&auml;",
+    "&ouml;",
+    "&uuml;",
+    "&szlig;",
+    "&Auml;",
+    "&Ouml;",
+    "&Uuml;",
+    " "
+  ), array(
+    "ae",
+    "oe",
+    "ue",
+    "ss",
+    "Ae",
+    "Oe",
+    "Ue",
+    "_"
+  ), $name);
+  $heute              = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")); // heutiges Datum & Zeit: http://de2.php.net/manual/de/function.date.php
+  $heuteformat        = date("H-i-s_Y-m-d", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+  $datum_db           = date("Y-m-d H:i:s", $heute); // Formatierung, wie es vor dem Dateinamen erscheinen soll
+  $neu                = $heuteformat . "_" . $name;
+  $_SESSION["ck_neu"] = $neu;
+  move_uploaded_file("$tempname", "$verz$neu"); // Unterverzeichnisse wie folgt: copy("$tempname", "pdf/$neu");
+  
+  $handle = fopen("$verz$neu", "r"); // Datei zum Lesen &ouml;ffnen
+  
+  # Bestehnswert 65 Punkte
+  $bestehenswert = trim(get_parameter(11));
+  
+  # Hier vor der Schleife erste Zeile holen und ignorieren. Enthält Überschrift
+  fgetcsv($handle, 0, $trennzeichen_excel);
+  
+  while (($data = fgetcsv($handle, 0, $trennzeichen_excel)) !== FALSE) { // Daten werden aus der Datei in ein Array $data gelesen
+    #2020-02-23T17:44:56 
+    $tag      = substr($data[11], 8, 2);
+    $monat    = substr($data[11], 5, 2);
+    $jahr     = substr($data[11], 0, 4);
+    $std      = substr($data[11], 11, 2);
+    $min      = substr($data[11], 14, 2);
+    $sek      = substr($data[11], 17, 2);
+    $datum    = "$tag.$monat.$jahr - $std:$min:$sek";
+    $datum_db = "$jahr-$monat-$tag";
+    $tan      = $data[7];
+
+
+    $result_ct = $db->query("SELECT concat(vorname,' ', nachname) name, date_format(tm_datum, '%Y-%m-%d') tm_datum
+                               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_tanpool d
+                              WHERE a.ka_id = b.ka_id
+                                AND b.tm_id = c.tm_id
+                                AND b.tp_id = d.tp_id
+                                AND d.tan = '$tan'
+                                AND c.tm_id = $testtermin");
+    $row_ct    = $result_ct->fetch_array();
+    
+    if ($row_ct['name'] != '' AND $row_ct['tm_datum'] == $datum_db) {
+      
+      $satzerg_raw         = $data[13];
+      $analogie_raw        = $data[14];
+      #$gemeinsamkeiten_raw = $data[15];
+      $rechenaufgaben_raw  = $data[16];
+      $zahlenreihen_raw    = $data[17];
+      $rechenzeichen_raw   = $data[18];
+      $matrizen_raw        = $data[21];
+      $merkf_raw           = $data[27];
+      
+      $row1['tan']                 = $tan;
+      $row1['name']                = $row_ct['name'];
+      $row1['datum']               = $datum;
+      $row1['satzerg_raw']         = $satzerg_raw;
+      $row1['analogie_raw']        = $analogie_raw;
+      #$row1['gemeinsamkeiten_raw'] = $gemeinsamkeiten_raw;
+      $row1['rechenaufgaben_raw']  = $rechenaufgaben_raw;
+      $row1['zahlenreihen_raw']    = $zahlenreihen_raw;
+      $row1['rechenzeichen_raw']   = $rechenzeichen_raw;
+      $row1['matrizen_raw']        = $matrizen_raw;
+      $row1['merkf_raw']           = $merkf_raw;
+      
+      # In die Berechnung fliest verb/num Intelligenz nicht mit ein. Das sind interne Berechnungen und keine Testaufgaben
+      $summe         = $satzerg_raw + $analogie_raw  + $rechenaufgaben_raw + $zahlenreihen_raw + $rechenzeichen_raw + $matrizen_raw + $merkf_raw;
+      $row1['summe'] = $summe;
+      if ($summe >= $bestehenswert) {
+        $bestanden = 1;
+      } else {
+        $bestanden = 0;
+      }
+      $row1['bestanden'] = $bestanden;
+      $table_data1[] = $row1;
+    }
+    
+  }
+
+  $smarty->assign('table_data1', $table_data1);
+  fclose($handle);
+  
+}
+
+if ($action == 'csvimp2') {
+  $neu        = $_SESSION["ck_neu"]; //CSV-Dateinamen um Datei l&ouml;schen zu k&ouml;nnen
+  $verz       = $_SESSION["ck_verz"]; //Uploadverzeichnis aus Cookie holen
+  $testtermin = $_SESSION["testtermin"];
+  
+  
+  if ($_POST['import'] == "0") // DS sollen nicht importiert werden
+    {
+    $dateiname = "$verz$neu";
+    if (@unlink($dateiname)) // Funktion l&ouml;scht Dateien und gibt true / false zur&uuml;ck
+      {
+      # Abbruch, datei gelöscht
+      echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=upload&error=3\">";
+      exit;
+    } else {
+      # Abbruch, datei nicht gelöscht
+      echo "<meta http-equiv=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "?action=upload&error=4\">";
+      exit;
+    } // End if
+    
+  } elseif ($_POST['import'] == "1") // DS sollen importiert werden
+    {
+    $handle = fopen("$verz$neu", "r"); // Datei zum Lesen &ouml;ffnen
+    
+    # Bestehnswert 65 Punkte
+    $bestehenswert = trim(get_parameter(11));
+    
+    # Hier vor der Schleife erste Zeile holen und ignorieren. Enthält Überschrift
+    fgetcsv($handle, 0, $trennzeichen_excel);
+    
+    while (($data = fgetcsv($handle, 0, $trennzeichen_excel)) !== FALSE) { // Daten werden aus der Datei in ein Array $data gelesen
+      
+      #2020-02-23T17:44:56 
+      $tag      = substr($data[11], 8, 2);
+      $monat    = substr($data[11], 5, 2);
+      $jahr     = substr($data[11], 0, 4);
+      $std      = substr($data[11], 11, 2);
+      $min      = substr($data[11], 14, 2);
+      $sek      = substr($data[11], 17, 2);
+      $datum    = "$tag.$monat.$jahr - $std:$min:$sek";
+      $datum_db = "$jahr-$monat-$tag";
+      $tan      = $data[7];
+      
+      $result_ct = $db->query("SELECT a.ka_id, concat(vorname,' ', nachname) name, date_format(tm_datum, '%Y-%m-%d') tm_datum
+                               FROM dvm_kandidat a, dvm_term_kand b, dvm_termine c, dvm_tanpool d
+                              WHERE a.ka_id = b.ka_id
+                                AND b.tm_id = c.tm_id
+                                AND b.tp_id = d.tp_id
+                                AND d.tan = '$tan'
+                                AND c.tm_id = $testtermin");
+      $row_ct    = $result_ct->fetch_array();
+      
+      if ($row_ct['name'] != '' AND $row_ct['tm_datum'] == $datum_db) {
+        
+        $satzerg_raw         = $data[13];
+        $analogie_raw        = $data[14];
+        #$gemeinsamkeiten_raw = $data[15];
+        $rechenaufgaben_raw  = $data[16];
+        $zahlenreihen_raw    = $data[17];
+        $rechenzeichen_raw   = $data[18];
+        $matrizen_raw        = $data[21];
+        $merkf_raw           = $data[27];
+        $summe               = $satzerg_raw + $analogie_raw + $rechenaufgaben_raw + $zahlenreihen_raw + $rechenzeichen_raw + $matrizen_raw + $merkf_raw;
+        if ($summe >= $bestehenswert) {
+          $bestanden = 1;
+        } else {
+          $bestanden = 0;
+          # Tan Inaktiv setzen
+          $result_1 = $db->query("UPDATE dvm_tanpool
+                                     SET aktiv='I'
+                                   WHERE tan = '$tan'");
+        }
+        $result_ct1 = $db->query("SELECT count(*) Anz
+                                  FROM dvm_ergebnisse
+                                 WHERE ka_id = $row_ct[ka_id]
+                                   AND tan = '$tan'");
+        $row_ct1    = $result_ct1->fetch_array();
+        if ($row_ct1['Anz'] == 0) {
+          # keine Ergebnisse vorhanden, insert
+          
+          $sql1 = $db->query("insert into dvm_ergebnisse (ka_id
+                                                      , tan
+                                                      , satzerg
+                                                      , analogie
+                                                      , rechenaufgaben
+                                                      , zahlenreihen
+                                                      , rechenzeichen
+                                                      , matrizen
+                                                      , merkf
+                                                      , summe
+                                                      , bestanden)
+                                               VALUES ('$row_ct[ka_id]'
+                                                      , '$tan'
+                                                      , '$satzerg_raw'
+                                                      , '$analogie_raw'
+                                                      , '$rechenaufgaben_raw'
+                                                      , '$zahlenreihen_raw'
+                                                      , '$rechenzeichen_raw'
+                                                      , '$matrizen_raw'
+                                                      , '$merkf_raw'
+                                                      , '$summe'
+                                                      , '$bestanden')");
+          if (!$sql1) {
+            $hinweis['hinweis'] = "TAN: " . $tan . " Fehler: Ergebnis nicht gespeichert<br>";
+            $smarty->assign('index_error', 1);
+          }
+        } else {
+          # Ergebnisse gibt es schon, kein insert
+          $hinweis['hinweis'] = "TAN: " . $tan . " Ergebnisse schon gespeichert<br>";
+          $smarty->assign('index_error', 1);
+        }
+        
+      } else {
+        # Testdatum stimmt nicht, kein Student gefunden
+        $hinweis['hinweis'] = "TAN: " . $tan . " in der CSV gehört nicht zu diesem Datum (Kein Fehler)<br>";
+        $smarty->assign('index_error', 1);
+      }
+      $table_data2[] = $hinweis;
+    }
+    $smarty->assign('table_data2', $table_data2);
+    
+    
+    fclose($handle);
+    
+  } else { // Es wurde kein Radiobutton gew&auml;hlt! Technisch aber ausgeschlossen
+    
+    echo "sie m&uuml;ssen eine Auswahl treffen";
+    
+  }
+  
+  function deleteFiles($verz)
+  {
+    $handle = opendir($verz);
+    while ($file = readdir($handle)) {
+      if ($file != "." && $file != "..") {
+        
+        $datei = $verz . $file;
+        
+        if (@unlink($datei)) {
+          $error = TRUE;
+        } else {
+          $error = FALSE;
+        }
+      }
+    }
+    closedir($handle);
+    return $error;
+  }
+  
+  deleteFiles($verz); // Dateien werden im Uploadverzeichnis gel&ouml;scht, falls noch welche darin w&auml;ren
+  
+} // ende Action
+
+$smarty->assign('action', "$action");
+$smarty->display("$template/admin/$templatename");
+
+?>

admin/verwaltung_frame.php

@@ -0,0 +1,6 @@
+<?php
+include_once '../classes/TestProjektSmarty.class_subdir.php';
+require_once("../config.inc.php");
+$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
+$smarty = new SmartyAdmin();
+require_once "../language/german.inc.php";