We should add relationships between different users. Therefore we need to configure possible relationships and their link to each other. Possible relationships roles:

• mother
• father
• son
• daughter
• sister
• brother
• ...

Possible links:

• father - daughter
• father - son
• sister - brother
• sister - sister
• ...

Within the profile you can add relationships to the current user. Therefore you must define his role e.g. father and then the user you want to define the relationship and than you can choose the possible relationships roles for this user e.g. daughter or son. If we consider the gender and this data is mantained in the database we could direkt save the right role e.g. daughter.

A link should only defined ones. E.g. the link father - daughter could also be daughter - father but we should only save one combination. If you choose the role of the current user then we must look for possible links on both assigned roles to links.

Hier sind die bisherigen CodeStyle-Richtlinien zu finden: http://admidio.org/dokuwiki/doku.php?id=de:entwickler:programmierrichtlinien

Hier hab ich etwas gefunden von weit verbreiteten PHP CodeStyle Standards: https://rwetzlmayr.github.io/php-the-right-way/ http://www.php-fig.org/

Die 2 Dokumente sind interessant: http://www.php-fig.org/psr/psr-1/ http://www.php-fig.org/psr/psr-2/

Ich würde mir auch anschauen wie das mit automatischem Testing (hier mal bezogen auf CodeStyle) mittels Travis-CI geht: http://docs.travis-ci.com/user/languages/php/

I tried both the beta and the official version in my localhost, and both times I haven't gotten past the "creating database" screen:

Has anyone ran into this issue?

Hallo, icch habe in meiner config.php den Wert für $g_root_path auf https://mein.verein.xyz/portal gesetzt. Bei mir tritt nun das Verhalten auf, dass ich immer nach der Seite der Weiterleitung in einen 404er laufe, da nicht auf https://mein.verein.xyz/portal/redirectA.php weitergeleitet wird, sondern auf https://mein.verein.xyz/redirectA.php. Um weiterzumachen muss man das /portal immer manuell in die URL einfügen. Das ist äußerst ungünstig. Dies tritt hauptsächlich bei der Weiterleitungsseite auf, also nach dem Einloggen, nach dem Speichern, usw.

Wenn das von Bedeutung ist: ich benutze Admidio auf Docker-Basis in der Version 3.2.11. Darin ist PHP in der Version 5.6.30-0+deb8u1 enthalten. MySQL wird auch auf Docker-Basis benutzt in der Version 5.7.20.

if i load the website there are MANY icon they got requested. many requests -> bad loading performance. normally a webserver only makes 8 requests at the same time.

to improve this there are following possible solutions:

• image sprites (https://en.wikipedia.org/wiki/Sprite_%28computer_graphics%29)
• take "font-images"
  • http://fontawesome.io/
  • http://ionicons.com/
  • http://glyphicons.com/

i prefer the "font-images":

• no complex css rules
• no complex update process for new icons
• font -> vector -> scaleable

bootstrap uses glyphicons

fixes #50

TODOs:

• [x] Use const for password-min-length of 8
• [x] Use const for password-gen-length of 16
• [x] Use const for password-gen-chars
• [x] Password-Strength Indicator
• [x] Check password-strength on Server side
• [x] Option to set minimum password-strength
• [ ] Add more user strings to dictionary (optional)
• [ ] More options for password-strength (lower-/uppercase, digits, symbols, minlength) (optional)

We should change the behavior of the printed error messages at the login process.

Today:

• username found, password correct, activated: do login
• username found, password correct, not activated: not activated message
• username found, password false, activated: false password message
• username found, password false, not activated: not activated message
• username not found: not found message

Should change to:

• username found, password correct, activated: do login
• username found, password correct, not activated: not activated message
• username found, password false, activated: Login incorrect (username OR password)
• username found, password false, not activated: Login incorrect (username OR password)
• username not found: Login incorrect (username OR password)

We shouldn't give an attacker infos about if a username exists e.g. This way is the common secure way

Admidio 4.1

To Reproduce Steps to reproduce the behavior:

1. Create a family with father, mother and boy, girl child
2. Add all possible relations
3. The relations shown for the parent-child always pick the gender of the child, so a father is shown as mother if the child is female

This is the view of a father's relations. The spouse is shown correctly, but the two female children are wrong:

This is the view of one of the children of the same Family. She is incorrectly shown as the "Son" of the "Father"

Infos:

• Admidio-Version: 3.0.6
• Letzter Update-Schritt: 610
• PHP-Version: 5.5.9-1ubuntu4.14
• MySQL-Version: 10.0.20-MariaDB-1~trusty-log

URL: https://www.example.org/adm_program/modules/lists/lists_show.php?lst_id=6&mode=html&show_members=0

S Q L - E R R O R

CODE: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ') AND rol_cat_id = cat_id AND ( cat_org' at line 3

B A C K T R A C E

FILE: adm_program/system/classes/dbmysql.php
LINE: 67
CALL: DBCommon->db_error()

FILE: adm_program/system/classes/dbmysql.php
LINE: 202
CALL: DBMySQL->db_error()

FILE: adm_program/modules/lists/lists_show.php
LINE: 135
CALL: DBMySQL->query()

If go back and create the same list it works again. I think this happens if i refresh the open tab after long time again. Maybe a session problem? Didn't look into the code in detail yet

Last year I had the opportunity to help about 10 people register a new user account, that's when I noticed that many of them struggled with the input validation.

Let me give you an example:

1. They fill in everything and send the form, but something like the password minimum length is not correct.
2. Then they go back and correct that but then then something else is wrong, for example they missed a field.
3. Then they go back and correct that, but they didn't notice that the password field was reset.
4. So they go back and fill in the password field, but they didn't notice that the captcha was also reset.
5. So they go back and fill in the password and captcha and everything works.

Here are 3 suggestions how to fix this:

1. Show the user a list things that are not correct, not only one thing at a time. Like this: "Field Username is empty. Password has to include at least 6 characters."
2. Trust the user after they filled in one correct captcha. You can trust them after one, you don't need to make them fill out one more. Or alternatively, show them the same captcha.
3. Validate input with javascript. This way you can show an icon next to every field that show if the input is correct and you can let them know with an alert/popup message if there is something wrong with their input before they submit. This way it is not necessary to retype the password and captcha.

I hope you consider my suggestions. :)

Describe the bug User has edit rights to calendar "calendar1". The edit rights are inherited by group membership. The calendar1 gave edit rights to the group "bigGroup".

User1 (no global calendar edit rights) User1 -member of> Group1 Group1 (no global calendar edit rights) Group1 -indirect member of> bigGroup. bigGroup (no global calendar edit rights) calendar1 is set to allow bigGroup to edit events.

I am under the impression that this should work because the rights are inherited.

User can create a new appointment. User is not allowed to create a new appointment if "Anmeldung zu diesem Termin ermöglichen" aka calendar invitation settings are choosen.

To Reproduce Steps to reproduce the behavior:

1. User with edit rights only for specific calendar and not global (edit rights given by calendar to group)
2. User adds event
3. User activates the invitation category
4. User saves event. See error

Expected behavior User can edit the invitation settings.

Screenshots

Desktop (please complete the following information):

• OS: Windows
• Browser chrome

Additional context

Is your feature request related to a problem? Please describe. In an organisation where you have several people, it is time-consuming if you always have to invite all users yourself or if you have to register yourself. An LDAP connection would be advantageous here, where the data is synchronised from the active directory. This saves all the manual work and the user can log in with his AD password.

Describe the solution you'd like An LDAP connection via the web interface where you can then set all the entries accordingly. An LDAP tester would also be good here, so that you can see whether the connection works.

During synchronisation, the user should then be created with all the information that comes from the AD, among other things:

• Email
• username
• First and last name
• phone number
• email address
• his AD password - should be synchronised
• possibly profile picture

Error thrown starting up using docker-compose on Ubuntu 22.04.1 LTS.

To reproduce

docker-compose.yaml:

version: "3.9"


# https://github.com/Admidio/admidio/blob/master/README-Docker.md

services:
  db:
    restart: unless-stopped
    image: mariadb:10.4.13
    container_name: admidio-mariaDB
    volumes:
      - "/opt/volumes/admidio/mariadb/config:/etc/mysql/conf.d"
      - "/opt/volumes/admidio/mariadb/data:/var/lib/mysql"
    # ports:
    #   - 3306:3306
    environment:
      - MYSQL_ROOT_PASSWORD=rootpasswd
      - MYSQL_DATABASE=admidio
      - MYSQL_USER=admidio
      - MYSQL_PASSWORD=password
    healthcheck:
      test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=rootpasswd"]
      interval: 10s
      timeout: 10s
      retries: 5

  admidio:
    restart: unless-stopped
    image: admidio/admidio:latest
    container_name: admidio
    depends_on:
      # - db
      db:
        condition: service_healthy
    volumes:
      - /opt/volumes/admidio/files:/opt/app-root/src/adm_my_files
      - /opt/volumes/admidio/themes:/opt/app-root/src/adm_themes
      - /opt/volumes/admidio/plugins:/opt/app-root/src/adm_plugins
    ports:
      - 1142:8080
    environment:
      - ADMIDIO_DB_TYPE=mysql
      - ADMIDIO_DB_HOST=db:3306
      - ADMIDIO_DB_NAME=admidio
      - ADMIDIO_DB_USER=admidio
      - ADMIDIO_DB_PASSWORD=password
      - ADMIDIO_DB_TABLE_PRAEFIX=gbv
      # - ADMIDIO_MAIL_RELAYHOST=hostname.domain.at:25
      - ADMIDIO_LOGIN_FOR_UPDATE=1
      - ADMIDIO_ORGANISATION=GBV
      - ADMIDIO_PASSWORD_HASH_ALGORITHM=DEFAULT
      - TZ=Europe/Berlin
      #- HTTPD_START_SERVERS=8
      #- DOCUMENTROOT=/
      #- PHP_MEMORY_LIMIT=256M
      #- ERROR_REPORTING=E_ALL & ~E_NOTICE
      #- DISPLAY_ERRORS=ON
      #- DISPLAY_STARTUP_ERRORS=OFF
      #- TRACK_ERRORS=OFF
      #- HTML_ERRORS=ON
    labels:
      - "com.centurylinklabs.watchtower.monitor-only=true"
      - "com.centurylinklabs.watchtower.enable=true"

admidio log:

[INFO ] provisioning missing directory adm_plugins


[INFO ] provisioning missing directory adm_themes


[INFO ] provisioning missing directory adm_my_files


[INFO ] set filesystem permissions (chown -R default:root .)


[INFO ] configure ServerName in /etc/httpd/conf/httpd.conf


[INFO ] configure postfix set inet_protocols to ipv4 since ipv6 is disabled (net.ipv6.conf.all.disable_ipv6=1)


[INFO ] execute postfix start


[INFO ] execute postfix status


[INFO ] execute mailq


Mail queue is empty


[INFO ] generate admidio config.php file


[INFO ] configure admidio config.php file


[INFO ] run apache with php enabled (/usr/libexec/s2i/run)


=> sourcing 20-copy-config.sh ...


---> 13:09:41     Processing additional arbitrary httpd configuration provided by s2i ...


=> sourcing 00-documentroot.conf ...


=> sourcing 50-mpm-tuning.conf ...


=> sourcing 40-ssl-certs.sh ...


[Sat Nov 12 13:09:41.180890 2022] [suexec:notice] [pid 128] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)


[Sat Nov 12 13:09:41.182587 2022] [ssl:warn] [pid 128] AH01909: 3548ff04998e:8443:0 server certificate does NOT include an ID which matches the server name


[Sat Nov 12 13:09:41.288993 2022] [ssl:warn] [pid 128] AH01909: 3548ff04998e:8443:0 server certificate does NOT include an ID which matches the server name


[Sat Nov 12 13:09:41.289194 2022] [lbmethod_heartbeat:notice] [pid 128] AH02282: No slotmem from mod_heartmonitor


[Sat Nov 12 13:09:41.289274 2022] [http2:warn] [pid 128] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.


[Sat Nov 12 13:09:41.435275 2022] [mpm_prefork:notice] [pid 128] AH00163: Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1k configured -- resuming normal operations


[Sat Nov 12 13:09:41.435529 2022] [core:notice] [pid 128] AH00094: Command line: 'httpd -D FOREGROUND'


[Sat Nov 12 13:10:09.113248 2022] [php7:error] [pid 153] [client 127.0.0.1:40876] PHP Fatal error:  Uncaught Error: Call to a member function fetchAll() on bool in /opt/app-root/src/adm_program/system/classes/Database.php:460\nStack trace:\n#0 /opt/app-root/src/adm_program/system/classes/Database.php(389): Database->loadTableColumnsProperties('gbv_sessions')\n#1 /opt/app-root/src/adm_program/system/classes/TableAccess.php(622): Database->getTableColumnsProperties('gbv_sessions')\n#2 /opt/app-root/src/adm_program/system/classes/TableAccess.php(140): TableAccess->setColumnsInfos()\n#3 /opt/app-root/src/adm_program/system/classes/TableAccess.php(104): TableAccess->clear()\n#4 /opt/app-root/src/adm_program/system/classes/Session.php(60): TableAccess->__construct(Object(Database), 'gbv_sessions', 'ses')\n#5 /opt/app-root/src/adm_program/system/common.php(88): Session->__construct(Object(Database), 'ADMIDIO_GBV_JSD...')\n#6 /opt/app-root/src/adm_program/overview.php(18): require_once('/opt/app-root/s...')\n#7 {main}\n  thrown in /opt/app-root/src/adm_program/system/classes/Database.php on line 460


127.0.0.1 - - [12/Nov/2022:13:10:09 +0100] "GET /adm_program/overview.php HTTP/1.1" 500 - "-" "curl/7.61.1"


[Sat Nov 12 13:10:39.212055 2022] [php7:error] [pid 152] [client 127.0.0.1:38662] PHP Fatal error:  Uncaught Error: Call to a member function fetchAll() on bool in /opt/app-root/src/adm_program/system/classes/Database.php:460\nStack trace:\n#0 /opt/app-root/src/adm_program/system/classes/Database.php(389): Database->loadTableColumnsProperties('gbv_sessions')\n#1 /opt/app-root/src/adm_program/system/classes/TableAccess.php(622): Database->getTableColumnsProperties('gbv_sessions')\n#2 /opt/app-root/src/adm_program/system/classes/TableAccess.php(140): TableAccess->setColumnsInfos()\n#3 /opt/app-root/src/adm_program/system/classes/TableAccess.php(104): TableAccess->clear()\n#4 /opt/app-root/src/adm_program/system/classes/Session.php(60): TableAccess->__construct(Object(Database), 'gbv_sessions', 'ses')\n#5 /opt/app-root/src/adm_program/system/common.php(88): Session->__construct(Object(Database), 'ADMIDIO_GBV_JSD...')\n#6 /opt/app-root/src/adm_program/overview.php(18): require_once('/opt/app-root/s...')\n#7 {main}\n  thrown in /opt/app-root/src/adm_program/system/classes/Database.php on line 460


127.0.0.1 - - [12/Nov/2022:13:10:39 +0100] "GET /adm_program/overview.php HTTP/1.1" 500 - "-" "curl/7.61.1"

I don't know what to do, how can this be fixed?

Thank you for your work! Grüße nach Wien. Walter

Is your feature request related to a problem? Please describe. For legal reasons, we need to document personal details as stated in official documents. This causes issues with Deadnaming.

Describe the solution you'd like In addition to legal first name and legal last name, two more fields with chosen name and pronouns. The display name should default to some combination of first and last name if preferred name is unset. There should be an option to display pronouns along with the name.

e.g. first name: Nettie last name: Lichloathe chosen name: {empty} pronouns: {empty} --> name: Nettie

first name: Tara last name: Lambert chosen name: Em pronouns: they/them -->name: Em (they/them)

Describe alternatives you've considered We could use first name for the chosen name and last name for pronouns and active a similar result. Legal name could go in an extra field. This causes issues with plugins (e.g. to generate bank statements we need the legal name, and plugins typically access first name + last name).

Additional context I have implemented these changes on an instance running at version 4.0.7.

Admidio utilizes Smarty but only for parts of the Views... thereby theme customization provides only restricted possibilies to change the display of the different Module views.

Why is the design like that?

Question also applies for the language files... shouldnt it be possible to tweak them via a theme and not by changing the "core" Code?

Currently the dropdown field-type available in the profile fields won't let you choose more than one option.

It would be nice to allow multiple selections in a dropdown of the profile page.

Admidio 4.1.13 Browser: MS Edge (up to date)

Description If you create a photo library and upload photos, only every second file is uploaded and shown in the photo gallery.

Reproduction: I created a root photoalbum and a sub-photoalbum (start date 2021-12-04) Inside the sub-fotoalbum I selected 69 file for upload. The first time I selected 69 files for upload. (starting with 2177) Every second file (2178m, 2180 ...)was uploaded. 35 files uploaded into the folder structure on the server (photos\2021-12-04_x)

The second time I selected the same 69 files (starting with 2177) and then every second file (2177, 2179) is uploaded. The folder now contain 69 files

As the picture name are uploaded with the original file name (/Upload), but then in the folderstructure with a subsequent numebering (1,2,3,4...), it is first not possible to find out, which files are missing and second the folder the sequence (sorting) is not as expected.

Expected behaviour.

• All selected files are uploaded as selected.
• An advantage would be to keep the original file names. This makes it even possible to change the order or to easily find out the missing files.