<?php
$user_admin=$_COOKIE["user_admin"];
include("kurs/datenbankanbindung.php");     // f&uuml;gt die Datenbankanbindung ein: Sys:\php\includes\kurs\datenbankanbindung.php
$hs=$_COOKIE["ck_hs"];

// Rechte&uuml;berpr&uuml;fung
$db = dbconnect();
if ($user_admin == ""){ require("index.php"); exit;} //Wenn man nicht angemeldet ist, darf man nicht auf die Seite
$result = $db->query("SELECT 1 FROM stan_admin_rechte, stan_admin_rechte_zuord , stan_admin where stan_admin_rechte.stan_admin_rolle = stan_admin_rechte_zuord.stan_admin_rolle AND stan_admin_rechte_zuord.said = stan_admin.said AND stan_admin.user = '$user_admin' AND stan_admin_rechte_zuord.stan_admin_rolle = 'a_stan_anl'");
$row = $result->fetch_array();
if ($row[0] != 1){ include("kurs/rechte.php"); exit;}
// Rechte&uuml;berpr&uuml;fung ende



if (isset($_GET['action']))
   $action = $_GET['action'];
else
   $action = "";

switch($action){
default:



echo"
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Administratorrechte</title>

<style type=\"text/css\">
select{
	width:267px;
}
</style>

</head>
<body onload=\"if(document.beleg1)document.beleg1.vorname.focus();return false;\">
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <font class=\"hd\">Standortadministrator anlegen</font><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td>
					<form action="; echo $_SERVER['PHP_SELF'] . "?action=dozbearb1"; echo" method=\"POST\" name=\"beleg1\">
					  
					  <table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse; border-width: 0\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"194\">
						<tr>
						  <td width=\"40%\">
						  <b>Vorname*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"vorname\" size=\"40\">
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Nachname*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"nachname\" size=\"40\">
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Benutzerkennung*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"user\" size=\"40\">
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Mail*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"mail\" size=\"40\">
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Standort*:</b>
						  <br>
						  <font size='1'>STRG-Taste für Mehrfachauswahl</font>
						  </td>
						  <td width=\"60%\" colspan=\"2\">
						  <p align=\"left\">
						  ";
						  $db = dbconnect();
						  $query = "SELECT sid, standort, block, abdatum, pendler
						              FROM stan_standort
						             ORDER BY standort ASC";
						  $result = $db->query ($query)
							 or die ("Cannot execute query");
						  echo "<select size=\"5\" name=\"standort1[]\" multiple>";
						  while ($row = $result->fetch_array()){
						    $db = dbconnect();
						    $bearb_adm = $db->query ("SELECT 1
						                                 FROM stan_admin_rechte_zuord, stan_admin
						                                WHERE stan_admin_rechte_zuord.said = stan_admin.said
						                                  AND stan_admin.said='$_POST[adminre]'
						                                  AND stan_admin_rolle = '$row[stan_admin_rolle]'");
						                                  
                                                    $admin = $bearb_adm->fetch_array();
						                                  
						  echo "<option value='$row[sid]'"; if($admin[0] == 1){echo "selected";} echo">$row[standort] (Block $row[block]) ab $row[abdatum] ($row[pendler])</option>\n";
						  }
						  echo "</select>
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  &nbsp;
						  </td>
						  <td width=\"60%\">
						  &nbsp;
						  </td>
						</tr
						<tr>
						  <td width=\"40%\">
						  * = Pflichtfelder
						  </td>
						  <td width=\"60%\">
						  &nbsp;
						  </td>
						</tr>
					  </table>
					  <p align='center'>
					<input type=\"submit\" value=\"Abschicken\" name=\"B1\">
					
					</form>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                	</tr>
                	<tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";



break;
case "dozbearb1":
$db = dbconnect();




if ($_POST[vorname] == "" or $_POST[nachname] == "" or $_POST[user] == "" or $_POST[standort1][0] == ""  or $_POST[mail] == ""){    // Fehler, falls Pflichtfelder unausgef&uuml;llt
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Eingabefehler</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
                    <td width=\"95%\" background=\"../images/box_top.gif\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <span class=\"sh\">Eingabefehler</span><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td colspan=\"2\"><br>
                    <p align=\"center\"><b>Es m&uuml;ssen mindestens die Pflichtfelder ausgef&uuml;llt werden!</b>
                    </p>
                    <p align=\"center\"><a href=\"javascript:history.back()\">
                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
                    </p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p><br>
                    </p>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";
exit;
}



$result = $db->query("SELECT uid FROM stan_standort_admin WHERE uid ='$_POST[user]'");
$row = $result->fetch_array();
     if ($_POST['user'] == $row[uid] ){

echo"
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Doppelerfassung</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
                    <td width=\"95%\" background=\"../images/box_top.gif\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <span class=\"sh\">Doppelerfassung</span><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td colspan=\"2\"><br>
                    <p align=\"center\"><b>Die Benutzerkennung ist im System bereits vorhanden!</b>
                    </p>
                    <p align=\"center\"><a href=\"javascript:history.back()\">
                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
                    </p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p><br>
                    </p>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";

exit;
} // Ende If zwei benutzerkennungen



$passwd = md5($_POST['user']);
//$passwd= mysql_escape_string($passwd);

$sql = $db->query("INSERT INTO stan_standort_admin ( vorname
                                                    , nachname
                                                    , uid
                                                    , passwort
                                                    , mail
                                                    )
                                               VALUES
                                                    ( '$_POST[vorname]'
                                                     ,'$_POST[nachname]'
                                                     ,'$_POST[user]'
                                                     ,'$passwd'
                                                     ,'$_POST[mail]'
                                          )
                  ");
$seaid = $db->insert_id;
#$sql_del = $db->query("DELETE FROM stan_standort_zuord WHERE said = $ck_admre");

$standort = $_POST[standort1];
for ($i=0;$i<sizeof($standort);$i++) { 
  $sql = $db->query ("INSERT INTO stan_standort_zuord (sid, seaid) 
                       VALUES
                       ('$standort[$i]', $seaid)
                     ");
}



  $empfaenger = "$_POST[mail]";
  $betreff = "Anmeldung Standortadministrator";
  $text = "
    <html>
    <head>
    <title>Anmeldung Standortadministrator</title>
    </head>
    <body>
    <font face='Arial' size='2'>
    Guten Tag $_POST[vorname] $_POST[nachname]!<br><br>
    Sie wurden als Standortadministrator für das Stellenantragssystem registriert!<br>
    Nachfolgend finden Sie Ihre Zugangsdaten:
    <br>
    <br>
    <table>
    <tr>
       <td valign='top'>
         <font face='Arial' size='2'>
           Benutzerkennung:
         </font>
       </td>
       <td valign='top'>
         <font face='Arial' size='2'>
           <b>$_POST[user]</b>
         </font>
       </td>
    </tr>
    <tr>
       <td valign='top'>
         <font face='Arial' size='2'>
           Passwort:
         </font>
       </td>
       <td valign='top'>
         <font face='Arial' size='2'>
           <b>$_POST[user]</b>
         </font>
       </td>
    </tr>
    </table>
    <br>
    Bitte beachten Sie, dass zwischen Gro&szlig;- und<br>
    Kleinschreibung unterschieden wird.
    <p>
    &Auml;ndern Sie bitte zu Ihrer eigenen Sicherheit das<br>
    Passwort nach dem ersten Login.
    <p>

    Link zum Stellenantragssystem: <a href=\"http://www.hs-ludwigsburg.de/kurs/stellenantrag_neu/standort\">http://www.hs-ludwigsburg.de/kurs/stellenantrag_neu/standort</a>
    <p>
    Diese Mail wurde automatisch generiert!<br>
    Antworten Sie daher nicht auf diese Mail<br>
    <br>
    Vielen Dank
    </body>
    </html>";
    

    
if($hs =='K' or $hs =='k'){ //Empfängeradresse selektieren. Je nach Hochshule verschieden
  $result3 = $db->query("SELECT wert2 FROM parameter WHERE pid=7");
  $row3 = $result3->fetch_array();
  $hochschule = 'Kehl';
}else{
  $result3 = $db->query("SELECT wert2 FROM parameter WHERE pid=4");
  $row3 = $result3->fetch_array();
  $hochschule = 'Ludwigsburg';
}
  $result_admin = $db->query("SELECT vorname, nachname FROM stan_admin WHERE user='$user_admin'");
  $row_admin = $result_admin->fetch_array();
    
$sender = "$row_admin[vorname] $row_admin[nachname]";
$sendermail = "$row3[wert2]";

## Mailversand:
$headers  = "From: $sender <$sendermail>\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=utf-8\r\n";
$return = @mail($empfaenger, $betreff, $text, $headers);



echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Anlegen erfolgreich</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
                    <td width=\"95%\" background=\"../images/box_top.gif\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <span class=\"sh\">Anlegen erfolgreich</span><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td colspan=\"2\"><br>
                    <p align=\"center\">Der Standortadministrator wurde eingebunden!<br>Das Passwort ist gleich der Benutzerkennung
                    <br><br>";
                    if($return){
                      echo "Der Benutzer wurde per Mail informiert ($_POST[mail])";
                    }else{
                      echo "Der Benutzer konnte <b>nicht</b> per Mail informiert werden!";
                    }
                    echo"

                    </p>
                    <p align=\"center\"><a href=".$_SERVER['PHP_SELF'] .">
                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
                    </p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p><br>
                    </p>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";
} // Ende Action script

?>