<?php
$user_admin=$_COOKIE["user_admin"];
include("kurs/datenbankanbindung.php");     // f&uuml;gt die Datenbankanbindung ein: Sys:\php\includes\kurs\datenbankanbindung.php
$hs=$_COOKIE["ck_hs"];

// Rechte&uuml;berpr&uuml;fung
$db = dbconnect();
if ($user_admin == ""){ require("index.php"); exit;} //Wenn man nicht angemeldet ist, darf man nicht auf die Seite
$result = $db->query("SELECT 1 FROM stan_admin_rechte, stan_admin_rechte_zuord , stan_admin where stan_admin_rechte.stan_admin_rolle = stan_admin_rechte_zuord.stan_admin_rolle AND stan_admin_rechte_zuord.said = stan_admin.said AND stan_admin.user = '$user_admin' AND stan_admin_rechte_zuord.stan_admin_rolle = 'a_stan_bea'");
$row = $result->fetch_array();
if ($row[0] != 1){ include("kurs/rechte.php"); exit;}
// Rechte&uuml;berpr&uuml;fung ende



if (isset($_GET['action']))
   $action = $_GET['action'];
else
   $action = "";

switch($action){
default:
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Administrator bearbeiten</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <font class=\"hd\">Standortadmin bearbeiten</font><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td>
					<form action="; echo $_SERVER['PHP_SELF'] . "?action=adminbearb"; echo" method=\"POST\" name=\"beleg\">
					  <table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse; border-width: 0\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"115\">
						<tr>
						  <td width=\"25%\">
						  </td>
						  <td width=\"25%\">&nbsp;</td>
						  <td width=\"25%\">
						  <p>&nbsp;
						  </td>
						  <td width=\"25%\">
						  <p>
						  </td>
						</tr>
						<tr>
						  <td width=\"25%\">
						  <p>
						  </td>
						  <td width=\"50%\" colspan=\"2\">
						  <p align=\"center\">
						  ";
						  $db = dbconnect();
						  $query = "SELECT seaid, nachname, vorname FROM stan_standort_admin ORDER BY nachname";
						  $result = $db->query ($query)
							 or die ("Cannot execute query");
						  echo "<select size=\"5\" name=\"adminbe\">";
						  while ($row = $result->fetch_array()){
						  echo "<option value='$row[seaid]'>$row[nachname], $row[vorname]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>\n";
						  }
						  echo "</select>";
						  echo "
						  </td>
						  <td width=\"25%\">
						  <p>
						  </td>
						</tr>
						<tr>
						  <td width=\"25%\">
						  <p>
						  </td>
						  <td width=\"50%\" colspan=\"2\">
						  &nbsp;</td>
						  <td width=\"25%\">
						  <p>
						  </td>
						</tr>
						<tr>
						  <td width=\"25%\">
						  </td>
						  <td width=\"50%\"colspan=\"2\" align=\"center\">
						  <input type=\"submit\" value=\"Abschicken\" name=\"B1\"></td>
						  <td width=\"25%\">
						  </td>
						</tr>
					  </table>
					</form>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                	</tr>
                	<tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";
break;
case "adminbearb":
setcookie("ck_stanadminbe",$_POST[adminbe]);

$db = dbconnect();

$bearb_adm = $db->query ("SELECT nachname, vorname, uid, mail FROM stan_standort_admin WHERE seaid ='$_POST[adminbe]'");
$adm = $bearb_adm->fetch_array();

echo"
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Administratorrechte</title>

<style type=\"text/css\">
select{
	width:267px;
}
</style>

</head>
<body onload=\"if(document.beleg1)document.beleg1.vorname.focus();return false;\">
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <font class=\"hd\">Standortadministrator bearbeiten</font><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td>
					<form action="; echo $_SERVER['PHP_SELF'] . "?action=dozbearb1"; echo" method=\"POST\" name=\"beleg1\">
					  
					  <table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse; border-width: 0\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"194\">
						<tr>
						  <td width=\"40%\">
						  <b>Vorname*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"vorname\" size=\"40\" value='$adm[vorname]'>
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Nachname*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"nachname\" size=\"40\" value='$adm[nachname]'>
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Benutzerkennung*:</b>
						  </td>
						  <td width=\"60%\">
						  $adm[uid]
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Mail*:</b>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"mail\" size=\"40\" value='$adm[mail]'>
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Standort*:</b>
						  <br>
						  <font size='1'>STRG-Taste für Mehrfachauswahl</font>
						  </td>
						  <td width=\"60%\" colspan=\"2\">
						  <p align=\"left\">
						  ";
						  $db = dbconnect();
						  $query = "SELECT sid, standort, block, abdatum, pendler
						              FROM stan_standort
						             ORDER BY standort ASC";
						  $result = $db->query ($query)
							 or die ("Cannot execute query");
						  echo "<select size=\"5\" name=\"standort1[]\" multiple>";
						  while ($row = $result->fetch_array()){
						    $db = dbconnect();
						    $bearb_adm = $db->query ("SELECT 1
						                                 FROM stan_standort_zuord
						                                WHERE sid ='$row[sid]'
						                                  AND seaid= '$_POST[adminbe]'
						                              ");

                                                    $admin = $bearb_adm->fetch_array();
						                                  
						  echo "<option value='$row[sid]'"; if($admin[0] == 1){echo "selected";} echo">$row[standort] (Block $row[block]) ab $row[abdatum] ($row[pendler])</option>\n";
						  }
						  echo "</select>
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  <b>Passwort:</b><br>
						  <font size='1'>Neues vergeben bei Bedarf</font>
						  </td>
						  <td width=\"60%\">
						  <input type=\"text\" name=\"pass\" size=\"40\">
						  </td>
						</tr>
						<tr>
						  <td width=\"40%\">
						  &nbsp;
						  </td>
						  <td width=\"60%\">
						  &nbsp;
						  </td>
						</tr
						<tr>
						  <td width=\"40%\">
						  * = Pflichtfelder
						  </td>
						  <td width=\"60%\">
						  &nbsp;
						  </td>
						</tr>
					  </table>
					  <p align='center'>
					<input type=\"submit\" value=\"Abschicken\" name=\"B1\">
					
					</form>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                	</tr>
                	<tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";



break;
case "dozbearb1":
$db = dbconnect();

if ($_POST[vorname] == "" or $_POST[nachname] == "" or $_POST[standort1][0] == ""  or $_POST[mail] == ""){    // Fehler, falls Pflichtfelder unausgef&uuml;llt
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Eingabefehler</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
                    <td width=\"95%\" background=\"../images/box_top.gif\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <span class=\"sh\">Eingabefehler</span><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td colspan=\"2\"><br>
                    <p align=\"center\"><b>Es m&uuml;ssen mindestens die Pflichtfelder ausgef&uuml;llt werden!</b>
                    </p>
                    <p align=\"center\"><a href=\"javascript:history.back()\">
                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
                    </p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p><br>
                    </p>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";
exit;
}


$seaid  = $_COOKIE[ck_stanadminbe];
$passwd = md5($_POST['pass']);

if($_POST['pass'] == ''){
$sql = $db->query("UPDATE stan_standort_admin 
                       SET vorname = '$_POST[vorname]'
                          ,nachname = '$_POST[nachname]'
                          , mail ='$_POST[mail]'
                     WHERE seaid='$seaid'
                  ");
}else{
$sql = $db->query("UPDATE stan_standort_admin 
                       SET vorname = '$_POST[vorname]'
                          ,nachname = '$_POST[nachname]'
                          , mail ='$_POST[mail]'
                          , passwort='$passwd'
                     WHERE seaid='$seaid'
                  ");
}

$sql_del = $db->query("DELETE FROM stan_standort_zuord WHERE seaid = $seaid");


$standort = $_POST[standort1];
for ($i=0;$i<sizeof($standort);$i++) { 
  
  $sql = $db->query ("INSERT INTO stan_standort_zuord (sid, seaid) 
                       VALUES
                       ('$standort[$i]', $seaid)
                     ");
}



echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Anlegen erfolgreich</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
    <tr>
        <td>
        <div align=\"center\">
            <table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
                <tr>
                    <td width=\"10\" background=\"../images/box_e1.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
                    <td width=\"95%\" background=\"../images/box_top.gif\">
                    <img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
                    <span class=\"sh\">Anlegen erfolgreich</span><br>
                    <img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
                    <img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td width=\"1%\" background=\"../images/box_l.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td colspan=\"2\"><br>
                    <p align=\"center\">Der Standortadministrator wurde bearbeitet!
                    <br><br>

                    </p>
                    <p align=\"center\"><a href=".$_SERVER['PHP_SELF'] .">
                    <img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
                    </p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p></p>
                    <p><br>
                    </p>
                    </td>
                    <td width=\"1%\" background=\"../images/box_r.gif\">
                    <img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
                </tr>
                <tr>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
                    <td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
                    <td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
                    <img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
                </tr>
            </table>
        </div>
        </td>
    </tr>
</table>
</body>
</html>";
} // Ende Action script

?>