Bump version to 1.17.8

- Feat: Verbrauchsauswertung – Ablesung korrigieren (Datum, Zählerstand, Korrekturnotiz) und löschen direkt aus der Tabelle (manage_kleingarten) - Feat: Inventarverwaltung – Gegenstände erfassen, bearbeiten, löschen; Ausleihe und Rückgabe je Mitglied mit Notiz und Fälligkeitsdatum tracken; Export/Import integriert (InventoryRepository, Schema, Validator, DataTransfer) - Feat: Jahresabrechnung Sperrstatus – Festschreiben/Freigeben mit serverseitiger Prüfung aller Schreibzugriffe auf Kosten und Preise
Bump version to 1.17.5
2026-04-19 21:59:40 +02:00 · 2026-04-17 21:39:32 +02:00 · 2026-04-17 21:39:15 +02:00 · 2026-04-17 18:30:41 +02:00 · 2026-04-17 17:44:55 +02:00 · 2026-04-17 17:44:36 +02:00
27 changed files with 1294 additions and 58 deletions
--- a/.gitignore
+++ b/.gitignore
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@ Contributors: ronnygrobel
 Tags: verein, mitgliederverwaltung, parzellen, zaehler, abrechnung
 Requires at least: 6.0
 Tested up to: 6.8
-Stable tag: 1.17.1
+Stable tag: 1.17.8
 Requires PHP: 7.2
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -43,6 +43,27 @@ Ja, insbesondere fuer Kleingartenvereine und deren Verwaltungsprozesse.

 == Changelog ==

+= 1.17.8 =
+Feat: Verbrauchsauswertung – Ablesung korrigieren (Datum, Zählerstand, Korrekturnotiz) und löschen direkt aus der Tabelle.
+
+= 1.17.7 =
+Feat: Inventarverwaltung – Gegenstände (Werkzeug etc.) erfassen, bearbeiten, löschen. Ausleihe und Rückgabe je Mitglied mit Notiz und Fälligkeitsdatum tracken. Export/Import integriert.
+
+= 1.17.6 =
+Feat: Jahresabrechnung kann festgeschrieben (gesperrt) werden. Alle Schreibzugriffe auf Kosten, Preise und Parzellenzuordnungen prüfen den Sperrstatus serverseitig.
+
+= 1.17.5 =
+Fix: Spaltenbreiten in Abrechnungstabellen angepasst für bessere Lesbarkeit langer Texte.
+
+= 1.17.4 =
+Fix: Checkbox "Verpflichtende Position" bei Kostenposten wird jetzt korrekt gespeichert wenn sie deaktiviert ist.
+
+= 1.17.3 =
+Verbesserung: Kostenübersicht zeigt jetzt direkt pro Kostenposten den Status Verpflichtend oder Manuell in einer eigenen Spalte an.
+
+= 1.17.2 =
+Fix: Manuelle Kostenpositionen auf der Jahresabrechnung einer Parzelle werden nach dem Hinzufügen jetzt sofort korrekt berücksichtigt. Pflichtpositionen ohne Einschränkung werden in der Seitenleiste als automatisch aktiv dargestellt.
+
 = 1.17.1 =
 Feat: is_mandatory Flag für Kostenpositionstypen - Kostenposten können jetzt als "verpflichtend" oder "manuell/optional" gekennzeichnet werden. Checkbox in der Kostenposten-Bearbeitung.

--- a/assets/css/admin.css
+++ b/assets/css/admin.css
--- a/assets/js/chat.js
+++ b/assets/js/chat.js
--- a/includes/Activator.php
+++ b/includes/Activator.php
--- a/includes/Admin/Admin.php
+++ b/includes/Admin/Admin.php
--- a/includes/Autoloader.php
+++ b/includes/Autoloader.php
--- a/includes/DataTransfer.php
+++ b/includes/DataTransfer.php
@@ -25,6 +25,7 @@ class DataTransfer {
 		'sections',
 		'parcels',
 		'tenants',
+		'inventory_items',
 		'parcel_members',
 		'parcel_tenants',
 		'meters',
@@ -38,6 +39,7 @@ class DataTransfer {
 		'work_year_config',
 		'work_logs',
 		'work_log_members',
+		'inventory_loans',
 	);

 	public function __construct( \wpdb $wpdb ) {
--- a/includes/Deactivator.php
+++ b/includes/Deactivator.php
--- a/includes/Plugin.php
+++ b/includes/Plugin.php
--- a/includes/Repositories/AbstractRepository.php
+++ b/includes/Repositories/AbstractRepository.php
--- a/includes/Repositories/AssignmentRepository.php
+++ b/includes/Repositories/AssignmentRepository.php
--- a/includes/Repositories/CostRepository.php
+++ b/includes/Repositories/CostRepository.php
@@ -222,6 +222,75 @@ class CostRepository extends AbstractRepository {
 		return $this->wpdb->get_row( $this->wpdb->prepare( "SELECT * FROM {$year_table} WHERE entry_year = %d", $year ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
 	}

+	/**
+	 * Get lock state for one statement year.
+	 *
+	 * @param int $year Selected year.
+	 * @return array
+	 */
+	public function get_statement_lock_state( $year ) {
+		$details = $this->get_year_details( $year );
+
+		if ( ! $details ) {
+			return array(
+				'is_locked' => false,
+				'locked_at' => null,
+				'locked_by' => 0,
+			);
+		}
+
+		return array(
+			'is_locked' => ! empty( $details->statement_is_locked ) && 1 === (int) $details->statement_is_locked,
+			'locked_at' => isset( $details->statement_locked_at ) ? $details->statement_locked_at : null,
+			'locked_by' => isset( $details->statement_locked_by ) ? (int) $details->statement_locked_by : 0,
+		);
+	}
+
+	/**
+	 * Check whether statement data for one year is locked.
+	 *
+	 * @param int $year Selected year.
+	 * @return bool
+	 */
+	public function is_statement_locked( $year ) {
+		$state = $this->get_statement_lock_state( $year );
+
+		return ! empty( $state['is_locked'] );
+	}
+
+	/**
+	 * Lock or unlock a statement year.
+	 *
+	 * @param int  $year       Selected year.
+	 * @param bool $is_locked  Target lock state.
+	 * @param int  $locked_by  User ID that changes the state.
+	 * @return bool
+	 */
+	public function set_statement_lock( $year, $is_locked, $locked_by = 0 ) {
+		$year = absint( $year );
+
+		if ( $year < 1 || ! $this->ensure_year( $year ) ) {
+			return false;
+		}
+
+		$payload = array(
+			'statement_is_locked' => $is_locked ? 1 : 0,
+			'statement_locked_at' => $is_locked ? $this->now() : null,
+			'statement_locked_by' => $is_locked ? absint( $locked_by ) : 0,
+			'updated_at'          => $this->now(),
+		);
+
+		$result = $this->wpdb->update(
+			$this->year_table(),
+			$payload,
+			array( 'entry_year' => $year ),
+			array( '%d', '%s', '%d', '%s' ),
+			array( '%d' )
+		);
+
+		return false !== $result;
+	}
+
 	/**
 	 * Save section-specific yearly prices.
 	 *
--- a/includes/Repositories/InventoryRepository.php
+++ b/includes/Repositories/InventoryRepository.php
@@ -0,0 +1,336 @@
+<?php
+/**
+ * Inventory repository.
+ *
+ * @package KGV\VereinManager
+ */
+
+namespace KGV\VereinManager\Repositories;
+
+use KGV\VereinManager\Schema;
+
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
+
+class InventoryRepository extends AbstractRepository {
+
+	/**
+	 * Resolve main inventory table name.
+	 *
+	 * @return string
+	 */
+	protected function resolve_table() {
+		return Schema::table( 'inventory_items' );
+	}
+
+	/**
+	 * Resolve loan table name.
+	 *
+	 * @return string
+	 */
+	private function loans_table() {
+		return Schema::table( 'inventory_loans' );
+	}
+
+	/**
+	 * Search inventory items.
+	 *
+	 * @param array $args Query arguments.
+	 * @return array
+	 */
+	public function search_items( $args = array() ) {
+		$search  = isset( $args['s'] ) ? sanitize_text_field( wp_unslash( $args['s'] ) ) : '';
+		$status  = isset( $args['status'] ) ? sanitize_key( wp_unslash( $args['status'] ) ) : '';
+		$orderby = $this->sanitize_orderby( isset( $args['orderby'] ) ? sanitize_key( wp_unslash( $args['orderby'] ) ) : 'name', array( 'name', 'total_quantity', 'available_quantity', 'is_active', 'updated_at' ), 'name' );
+		$order   = $this->sanitize_order( isset( $args['order'] ) ? sanitize_key( wp_unslash( $args['order'] ) ) : 'ASC' );
+
+		$sql    = "SELECT * FROM {$this->table} WHERE 1=1";
+		$params = array();
+
+		if ( '' !== $search ) {
+			$like     = '%' . $this->wpdb->esc_like( $search ) . '%';
+			$sql     .= ' AND (name LIKE %s OR storage_location LIKE %s OR description LIKE %s)';
+			$params[] = $like;
+			$params[] = $like;
+			$params[] = $like;
+		}
+
+		if ( in_array( $status, array( 'active', 'inactive' ), true ) ) {
+			$sql     .= ' AND is_active = %d';
+			$params[] = 'active' === $status ? 1 : 0;
+		}
+
+		$sql .= " ORDER BY {$orderby} {$order}, id DESC";
+
+		if ( ! empty( $params ) ) {
+			return $this->wpdb->get_results( $this->wpdb->prepare( $sql, $params ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
+		}
+
+		return $this->wpdb->get_results( $sql ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery
+	}
+
+	/**
+	 * Save or update one inventory item.
+	 *
+	 * @param array $data Item payload.
+	 * @param int   $id   Optional item ID.
+	 * @return int|false
+	 */
+	public function save_item( $data, $id = 0 ) {
+		$payload = array(
+			'name'               => $data['name'],
+			'total_quantity'     => max( 0, (int) $data['total_quantity'] ),
+			'available_quantity' => max( 0, (int) $data['available_quantity'] ),
+			'storage_location'   => isset( $data['storage_location'] ) ? $data['storage_location'] : '',
+			'description'        => isset( $data['description'] ) ? $data['description'] : '',
+			'is_active'          => ! empty( $data['is_active'] ) ? 1 : 0,
+			'updated_at'         => $this->now(),
+		);
+
+		if ( $payload['available_quantity'] > $payload['total_quantity'] ) {
+			$payload['available_quantity'] = $payload['total_quantity'];
+		}
+
+		if ( $id > 0 ) {
+			$result = $this->wpdb->update(
+				$this->table,
+				$payload,
+				array( 'id' => absint( $id ) ),
+				array( '%s', '%d', '%d', '%s', '%s', '%d', '%s' ),
+				array( '%d' )
+			);
+
+			return false !== $result ? (int) $id : false;
+		}
+
+		$payload['created_at'] = $this->now();
+		$result                = $this->wpdb->insert( $this->table, $payload, array( '%s', '%d', '%d', '%s', '%s', '%d', '%s', '%s' ) );
+
+		return false !== $result ? (int) $this->wpdb->insert_id : false;
+	}
+
+	/**
+	 * Check whether one item has open loans.
+	 *
+	 * @param int $item_id Item ID.
+	 * @return bool
+	 */
+	public function has_open_loans( $item_id ) {
+		$item_id = absint( $item_id );
+		$table   = $this->loans_table();
+
+		if ( $item_id < 1 || '' === $table ) {
+			return false;
+		}
+
+		$count = (int) $this->wpdb->get_var( $this->wpdb->prepare( "SELECT COUNT(*) FROM {$table} WHERE item_id = %d AND status = %s", $item_id, 'open' ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
+
+		return $count > 0;
+	}
+
+	/**
+	 * Get total currently borrowed quantity for one item.
+	 *
+	 * @param int $item_id Item ID.
+	 * @return int
+	 */
+	public function get_open_borrowed_quantity( $item_id ) {
+		$item_id = absint( $item_id );
+		$table   = $this->loans_table();
+
+		if ( $item_id < 1 || '' === $table ) {
+			return 0;
+		}
+
+		$sum = (int) $this->wpdb->get_var( $this->wpdb->prepare( "SELECT COALESCE(SUM(borrowed_quantity), 0) FROM {$table} WHERE item_id = %d AND status = %s", $item_id, 'open' ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
+
+		return max( 0, $sum );
+	}
+
+	/**
+	 * Borrow an inventory item.
+	 *
+	 * @param int    $item_id   Item ID.
+	 * @param int    $user_id   Borrower user ID.
+	 * @param int    $quantity  Quantity.
+	 * @param string $due_date  Optional due date.
+	 * @param string $note      Optional note.
+	 * @return bool
+	 */
+	public function borrow_item( $item_id, $user_id, $quantity, $due_date = '', $note = '' ) {
+		$item_id  = absint( $item_id );
+		$user_id  = absint( $user_id );
+		$quantity = max( 0, (int) $quantity );
+		$loan_tab = $this->loans_table();
+
+		if ( $item_id < 1 || $user_id < 1 || $quantity < 1 || '' === $loan_tab ) {
+			return false;
+		}
+
+		$item = $this->find( $item_id );
+
+		if ( ! $item || (int) $item->available_quantity < $quantity ) {
+			return false;
+		}
+
+		$this->wpdb->query( 'START TRANSACTION' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+
+		$inserted = $this->wpdb->insert(
+			$loan_tab,
+			array(
+				'item_id'           => $item_id,
+				'user_id'           => $user_id,
+				'borrowed_quantity' => $quantity,
+				'borrowed_at'       => $this->now(),
+				'due_date'          => '' !== $due_date ? $due_date : null,
+				'returned_at'       => null,
+				'note'              => $note,
+				'return_note'       => '',
+				'status'            => 'open',
+				'created_at'        => $this->now(),
+				'updated_at'        => $this->now(),
+			),
+			array( '%d', '%d', '%d', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )
+		);
+
+		if ( false === $inserted ) {
+			$this->wpdb->query( 'ROLLBACK' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+			return false;
+		}
+
+		$updated = $this->wpdb->update(
+			$this->table,
+			array(
+				'available_quantity' => max( 0, (int) $item->available_quantity - $quantity ),
+				'updated_at'         => $this->now(),
+			),
+			array( 'id' => $item_id ),
+			array( '%d', '%s' ),
+			array( '%d' )
+		);
+
+		if ( false === $updated ) {
+			$this->wpdb->query( 'ROLLBACK' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+			return false;
+		}
+
+		$this->wpdb->query( 'COMMIT' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+		return true;
+	}
+
+	/**
+	 * Return one open loan.
+	 *
+	 * @param int    $loan_id      Loan ID.
+	 * @param string $return_note  Optional return note.
+	 * @return bool
+	 */
+	public function return_loan( $loan_id, $return_note = '' ) {
+		$loan_id  = absint( $loan_id );
+		$loan_tab = $this->loans_table();
+
+		if ( $loan_id < 1 || '' === $loan_tab ) {
+			return false;
+		}
+
+		$loan = $this->wpdb->get_row( $this->wpdb->prepare( "SELECT * FROM {$loan_tab} WHERE id = %d", $loan_id ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
+
+		if ( ! $loan || 'open' !== $loan->status ) {
+			return false;
+		}
+
+		$item = $this->find( (int) $loan->item_id );
+
+		if ( ! $item ) {
+			return false;
+		}
+
+		$this->wpdb->query( 'START TRANSACTION' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+
+		$updated_loan = $this->wpdb->update(
+			$loan_tab,
+			array(
+				'status'      => 'returned',
+				'returned_at' => $this->now(),
+				'return_note' => $return_note,
+				'updated_at'  => $this->now(),
+			),
+			array( 'id' => $loan_id ),
+			array( '%s', '%s', '%s', '%s' ),
+			array( '%d' )
+		);
+
+		if ( false === $updated_loan ) {
+			$this->wpdb->query( 'ROLLBACK' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+			return false;
+		}
+
+		$new_available = min( (int) $item->total_quantity, (int) $item->available_quantity + (int) $loan->borrowed_quantity );
+
+		$updated_item = $this->wpdb->update(
+			$this->table,
+			array(
+				'available_quantity' => $new_available,
+				'updated_at'         => $this->now(),
+			),
+			array( 'id' => (int) $loan->item_id ),
+			array( '%d', '%s' ),
+			array( '%d' )
+		);
+
+		if ( false === $updated_item ) {
+			$this->wpdb->query( 'ROLLBACK' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+			return false;
+		}
+
+		$this->wpdb->query( 'COMMIT' ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
+		return true;
+	}
+
+	/**
+	 * Get open loans with item and borrower information.
+	 *
+	 * @return array
+	 */
+	public function get_open_loans() {
+		$table = $this->loans_table();
+
+		if ( '' === $table ) {
+			return array();
+		}
+
+		$sql = "SELECT l.*, i.name AS item_name, u.display_name AS borrower_name
+			FROM {$table} l
+			LEFT JOIN {$this->table} i ON i.id = l.item_id
+			LEFT JOIN {$this->wpdb->users} u ON u.ID = l.user_id
+			WHERE l.status = %s
+			ORDER BY l.borrowed_at DESC, l.id DESC";
+
+		return $this->wpdb->get_results( $this->wpdb->prepare( $sql, 'open' ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
+	}
+
+	/**
+	 * Get latest loan history entries.
+	 *
+	 * @param int $limit Number of rows.
+	 * @return array
+	 */
+	public function get_recent_loans( $limit = 20 ) {
+		$table = $this->loans_table();
+		$limit = max( 1, min( 200, (int) $limit ) );
+
+		if ( '' === $table ) {
+			return array();
+		}
+
+		$sql = "SELECT l.*, i.name AS item_name, u.display_name AS borrower_name
+			FROM {$table} l
+			LEFT JOIN {$this->table} i ON i.id = l.item_id
+			LEFT JOIN {$this->wpdb->users} u ON u.ID = l.user_id
+			ORDER BY l.borrowed_at DESC, l.id DESC
+			LIMIT %d";
+
+		return $this->wpdb->get_results( $this->wpdb->prepare( $sql, $limit ) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
+	}
+}
--- a/includes/Repositories/MeterReadingRepository.php
+++ b/includes/Repositories/MeterReadingRepository.php
@@ -244,4 +244,25 @@ class MeterReadingRepository extends AbstractRepository {

 		return array_reverse( array_values( $monthly ) );
 	}
+
+	/**
+	 * Correct an existing reading (value, date, note).
+	 *
+	 * @param int   $id   Reading ID.
+	 * @param array $data Corrected data: reading_value, reading_date, note.
+	 * @return int|false
+	 */
+	public function update_reading( $id, $data ) {
+		return $this->wpdb->update(
+			$this->table,
+			array(
+				'reading_value' => (float) $data['reading_value'],
+				'reading_date'  => sanitize_text_field( $data['reading_date'] ),
+				'note'          => sanitize_textarea_field( $data['note'] ),
+			),
+			array( 'id' => absint( $id ) ),
+			array( '%f', '%s', '%s' ),
+			array( '%d' )
+		);
+	}
 }
--- a/includes/Repositories/MeterRepository.php
+++ b/includes/Repositories/MeterRepository.php
--- a/includes/Repositories/ParcelRepository.php
+++ b/includes/Repositories/ParcelRepository.php
--- a/includes/Repositories/SectionRepository.php
+++ b/includes/Repositories/SectionRepository.php
--- a/includes/Repositories/TenantRepository.php
+++ b/includes/Repositories/TenantRepository.php
--- a/includes/Repositories/WorkRepository.php
+++ b/includes/Repositories/WorkRepository.php
--- a/includes/Roles.php
+++ b/includes/Roles.php
--- a/includes/Schema.php
+++ b/includes/Schema.php
@@ -27,6 +27,8 @@ class Schema {
 			'parcels'        => $wpdb->prefix . 'kgvvm_parcels',
 			'meters'         => $wpdb->prefix . 'kgvvm_meters',
 			'tenants'        => $wpdb->prefix . 'kgvvm_tenants',
+			'inventory_items' => $wpdb->prefix . 'kgvvm_inventory_items',
+			'inventory_loans' => $wpdb->prefix . 'kgvvm_inventory_loans',
 			'parcel_members' => $wpdb->prefix . 'kgvvm_parcel_members',
 			'parcel_tenants' => $wpdb->prefix . 'kgvvm_parcel_tenants',
 			'chat_messages'  => $wpdb->prefix . 'kgvvm_chat_messages',
@@ -126,6 +128,42 @@ class Schema {
 			KEY is_active (is_active)
 		) {$charset_collate};";

+		$sql[] = "CREATE TABLE " . self::table( 'inventory_items' ) . " (
+			id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
+			name VARCHAR(190) NOT NULL,
+			total_quantity INT UNSIGNED NOT NULL DEFAULT 0,
+			available_quantity INT UNSIGNED NOT NULL DEFAULT 0,
+			storage_location VARCHAR(190) NULL,
+			description TEXT NULL,
+			is_active TINYINT(1) NOT NULL DEFAULT 1,
+			created_at DATETIME NOT NULL,
+			updated_at DATETIME NOT NULL,
+			PRIMARY KEY  (id),
+			KEY name (name),
+			KEY is_active (is_active)
+		) {$charset_collate};";
+
+		$sql[] = "CREATE TABLE " . self::table( 'inventory_loans' ) . " (
+			id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
+			item_id BIGINT UNSIGNED NOT NULL,
+			user_id BIGINT UNSIGNED NOT NULL,
+			borrowed_quantity INT UNSIGNED NOT NULL,
+			borrowed_at DATETIME NOT NULL,
+			due_date DATE NULL,
+			returned_at DATETIME NULL,
+			note TEXT NULL,
+			return_note TEXT NULL,
+			status VARCHAR(20) NOT NULL DEFAULT 'open',
+			created_at DATETIME NOT NULL,
+			updated_at DATETIME NOT NULL,
+			PRIMARY KEY  (id),
+			KEY item_id (item_id),
+			KEY user_id (user_id),
+			KEY status (status),
+			KEY borrowed_at (borrowed_at),
+			KEY due_date (due_date)
+		) {$charset_collate};";
+
 		$sql[] = "CREATE TABLE " . self::table( 'parcel_members' ) . " (
 			parcel_id BIGINT UNSIGNED NOT NULL,
 			user_id BIGINT UNSIGNED NOT NULL,
@@ -175,6 +213,9 @@ class Schema {
 			entry_year SMALLINT UNSIGNED NOT NULL,
 			power_price_per_kwh DECIMAL(12,4) NULL,
 			water_price_per_m3 DECIMAL(12,4) NULL,
+			statement_is_locked TINYINT(1) NOT NULL DEFAULT 0,
+			statement_locked_at DATETIME NULL,
+			statement_locked_by BIGINT UNSIGNED NOT NULL DEFAULT 0,
 			created_at DATETIME NOT NULL,
 			updated_at DATETIME NOT NULL,
 			PRIMARY KEY  (id),
@@ -282,6 +323,8 @@ class Schema {
 			self::table( 'parcels' ),
 			self::table( 'meters' ),
 			self::table( 'tenants' ),
+			self::table( 'inventory_items' ),
+			self::table( 'inventory_loans' ),
 			self::table( 'parcel_members' ),
 			self::table( 'parcel_tenants' ),
 			self::table( 'chat_messages' ),
@@ -317,6 +360,8 @@ class Schema {
 			self::table( 'work_logs' ),
 			self::table( 'work_year_config' ),
 			self::table( 'work_jobs' ),
+			self::table( 'inventory_loans' ),
+			self::table( 'inventory_items' ),
 			self::table( 'cost_entries' ),
 			self::table( 'cost_rates' ),
 			self::table( 'cost_years' ),
--- a/includes/Services/ParcelService.php
+++ b/includes/Services/ParcelService.php
--- a/includes/Validator.php
+++ b/includes/Validator.php
@@ -259,7 +259,7 @@ class Validator {
 		$unit_amount       = isset( $data['unit_amount'] ) ? str_replace( ',', '.', wp_unslash( $data['unit_amount'] ) ) : '';
 		$entry_year        = $this->sanitize_cost_year( $data );
 		$distribution_type = sanitize_key( wp_unslash( isset( $data['distribution_type'] ) ? $data['distribution_type'] : 'parcel' ) );
-		$is_mandatory       = isset( $data['is_mandatory'] ) ? (bool) $data['is_mandatory'] : true;
+		$is_mandatory      = isset( $data['is_mandatory'] ) && '1' === (string) wp_unslash( $data['is_mandatory'] );

 		return array(
 			'entry_year'        => $entry_year,
@@ -367,6 +367,91 @@ class Validator {
 		return $errors;
 	}

+	/**
+	 * Sanitize one inventory item payload.
+	 *
+	 * @param array $data Raw request data.
+	 * @return array
+	 */
+	public function sanitize_inventory_item( $data ) {
+		return array(
+			'name'               => sanitize_text_field( wp_unslash( isset( $data['name'] ) ? $data['name'] : '' ) ),
+			'total_quantity'     => absint( isset( $data['total_quantity'] ) ? $data['total_quantity'] : 0 ),
+			'available_quantity' => absint( isset( $data['available_quantity'] ) ? $data['available_quantity'] : 0 ),
+			'storage_location'   => sanitize_text_field( wp_unslash( isset( $data['storage_location'] ) ? $data['storage_location'] : '' ) ),
+			'description'        => sanitize_textarea_field( wp_unslash( isset( $data['description'] ) ? $data['description'] : '' ) ),
+			'is_active'          => ! empty( $data['is_active'] ) ? 1 : 0,
+		);
+	}
+
+	/**
+	 * Validate one inventory item payload.
+	 *
+	 * @param array $data Sanitized data.
+	 * @return \WP_Error
+	 */
+	public function validate_inventory_item( $data ) {
+		$errors = new \WP_Error();
+
+		if ( '' === $data['name'] ) {
+			$errors->add( 'inventory_name_required', __( 'Bitte einen Namen für den Inventargegenstand eingeben.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		if ( (int) $data['total_quantity'] < 0 ) {
+			$errors->add( 'inventory_total_invalid', __( 'Die Gesamtmenge muss 0 oder größer sein.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		if ( (int) $data['available_quantity'] < 0 ) {
+			$errors->add( 'inventory_available_invalid', __( 'Die verfügbare Menge muss 0 oder größer sein.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		if ( (int) $data['available_quantity'] > (int) $data['total_quantity'] ) {
+			$errors->add( 'inventory_available_too_high', __( 'Die verfügbare Menge darf nicht größer als die Gesamtmenge sein.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		return $errors;
+	}
+
+	/**
+	 * Sanitize one inventory borrow request.
+	 *
+	 * @param array $data Raw request data.
+	 * @return array
+	 */
+	public function sanitize_inventory_loan( $data ) {
+		return array(
+			'item_id'  => absint( isset( $data['item_id'] ) ? $data['item_id'] : 0 ),
+			'user_id'  => absint( isset( $data['user_id'] ) ? $data['user_id'] : 0 ),
+			'quantity' => absint( isset( $data['quantity'] ) ? $data['quantity'] : 0 ),
+			'due_date' => $this->normalize_date( isset( $data['due_date'] ) ? $data['due_date'] : '' ),
+			'note'     => sanitize_textarea_field( wp_unslash( isset( $data['note'] ) ? $data['note'] : '' ) ),
+		);
+	}
+
+	/**
+	 * Validate one inventory borrow request.
+	 *
+	 * @param array $data Sanitized data.
+	 * @return \WP_Error
+	 */
+	public function validate_inventory_loan( $data ) {
+		$errors = new \WP_Error();
+
+		if ( (int) $data['item_id'] < 1 ) {
+			$errors->add( 'inventory_item_required', __( 'Bitte einen Inventargegenstand auswählen.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		if ( (int) $data['user_id'] < 1 ) {
+			$errors->add( 'inventory_user_required', __( 'Bitte ein Mitglied auswählen.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		if ( (int) $data['quantity'] < 1 ) {
+			$errors->add( 'inventory_quantity_required', __( 'Bitte eine gültige Ausleihmenge eingeben.', KGVVM_TEXT_DOMAIN ) );
+		}
+
+		return $errors;
+	}
+
 	/**
 	 * Normalize optional date fields to Y-m-d.
 	 *
--- a/kgv-verein-manager.php
+++ b/kgv-verein-manager.php
@@ -4,7 +4,7 @@
 * Plugin Name: KGV Vereinsverwaltung
 * Plugin URI: https://apex-project.de/
 * Description: Verwaltung von Sparten, Parzellen, Mitgliedern, Pächtern sowie Wasser- und Stromzählern für Kleingartenvereine.
- * Version: 1.17.1
+ * Version: 1.17.7
 * Author: Ronny Grobel
 * Author URI: https://apex-project.de/
 * License: GPL v2 or later
@@ -31,7 +31,7 @@ if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }

-define( 'KGVVM_VERSION', '1.17.1' );
+define( 'KGVVM_VERSION', '1.17.8' );
 define( 'KGVVM_PLUGIN_FILE', __FILE__ );
 define( 'KGVVM_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
 define( 'KGVVM_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
@@ -45,8 +45,9 @@ register_activation_hook( __FILE__, array( '\\KGV\\VereinManager\\Activator', 'a
 register_deactivation_hook( __FILE__, array( '\\KGV\\VereinManager\\Deactivator', 'deactivate' ) );

 add_action(
-	'plugins_loaded',
+	'init',
 	function() {
 		\KGV\VereinManager\Plugin::instance()->run();
-	}
+	},
+	1
 );
--- a/readme.txt
+++ b/readme.txt
@@ -3,7 +3,7 @@ Contributors: ronnygrobel
 Tags: verein, mitgliederverwaltung, parzellen, zaehler, abrechnung
 Requires at least: 6.0
 Tested up to: 6.8
-Stable tag: 1.17.1
+Stable tag: 1.17.8
 Requires PHP: 7.2
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -41,6 +41,27 @@ Ja, insbesondere fuer Kleingartenvereine und deren Verwaltungsprozesse.

 == Changelog ==

+= 1.17.8 =
+Feat: Verbrauchsauswertung – Ablesung korrigieren (Datum, Zählerstand, Korrekturnotiz) und löschen direkt aus der Tabelle.
+
+= 1.17.7 =
+Feat: Inventarverwaltung – Gegenstände (Werkzeug etc.) erfassen, bearbeiten, löschen. Ausleihe und Rückgabe je Mitglied mit Notiz und Fälligkeitsdatum tracken. Export/Import integriert.
+
+= 1.17.6 =
+Feat: Jahresabrechnung kann festgeschrieben (gesperrt) werden. Alle Schreibzugriffe auf Kosten, Preise und Parzellenzuordnungen prüfen den Sperrstatus serverseitig.
+
+= 1.17.5 =
+Fix: Spaltenbreiten in Abrechnungstabellen angepasst für bessere Lesbarkeit langer Texte.
+
+= 1.17.4 =
+Fix: Checkbox "Verpflichtende Position" bei Kostenposten wird jetzt korrekt gespeichert wenn sie deaktiviert ist.
+
+= 1.17.3 =
+Verbesserung: Kostenübersicht zeigt jetzt direkt pro Kostenposten den Status Verpflichtend oder Manuell in einer eigenen Spalte an.
+
+= 1.17.2 =
+Fix: Manuelle Kostenpositionen auf der Jahresabrechnung einer Parzelle werden nach dem Hinzufügen jetzt sofort korrekt berücksichtigt. Pflichtpositionen ohne Einschränkung werden in der Seitenleiste als automatisch aktiv dargestellt.
+
 = 1.17.1 =
 Feat: is_mandatory Flag für Kostenpositionstypen - Kostenposten können jetzt als "verpflichtend" oder "manuell/optional" gekennzeichnet werden. Checkbox in der Kostenposten-Bearbeitung.

--- a/uninstall.php
+++ b/uninstall.php
Author	SHA1	Message	Date
Ronny Grobel	6aa31147df	Bump version to 1.17.8 - Feat: Verbrauchsauswertung – Ablesung korrigieren (Datum, Zählerstand, Korrekturnotiz) und löschen direkt aus der Tabelle (manage_kleingarten) - Feat: Inventarverwaltung – Gegenstände erfassen, bearbeiten, löschen; Ausleihe und Rückgabe je Mitglied mit Notiz und Fälligkeitsdatum tracken; Export/Import integriert (InventoryRepository, Schema, Validator, DataTransfer) - Feat: Jahresabrechnung Sperrstatus – Festschreiben/Freigeben mit serverseitiger Prüfung aller Schreibzugriffe auf Kosten und Preise	2026-04-19 21:59:40 +02:00
Ronny Grobel	bc89452b5e	Bump version to 1.17.5	2026-04-17 21:39:32 +02:00
Ronny Grobel	be8e8832f5	Adjust column widths in statement tables for better text readability	2026-04-17 21:39:15 +02:00
Ronny Grobel	95682bb35f	Remove Gesamtkosten column from Abrechnung view	2026-04-17 18:30:41 +02:00
Ronny Grobel	fca849c1a5	Bump version to 1.17.4	2026-04-17 17:44:55 +02:00
Ronny Grobel	80600be607	Fix is_mandatory checkbox not saving when unchecked	2026-04-17 17:44:36 +02:00
Ronny Grobel	6b15d7b2a1	Bump version to 1.17.3	2026-04-17 17:30:30 +02:00
Ronny Grobel	ba45d09bdd	Add cost entry status column	2026-04-17 17:28:02 +02:00
Ronny Grobel	e71868dac6	Bump version to 1.17.2	2026-04-17 17:21:40 +02:00
Ronny Grobel	b41e3c7bb1	Fix parcel statement cost assignment behavior	2026-04-17 17:20:51 +02:00