From b625e7fe5c7aec7e89fb36a0931e4df25f9f3bed Mon Sep 17 00:00:00 2001 From: Jan Vales Date: Tue, 14 Jul 2015 16:40:29 +0200 Subject: [PATCH] das ganze mal committet, bevor was schief geht :) --- db_funcs.php | 77 ++++++++++++++++++++++++++++++++++++ funcs.php | 94 ++++++++++++++++++++++++++++++++++++++++++++ index.php | 5 +++ list.php | 12 ++++++ person.php | 79 +++++++++++++++++++++++++++++++++++++ settings.php.example | 11 ++++++ stats.php | 10 +++++ 7 files changed, 288 insertions(+) create mode 100644 db_funcs.php create mode 100644 funcs.php create mode 100644 index.php create mode 100644 list.php create mode 100644 person.php create mode 100644 settings.php.example create mode 100644 stats.php diff --git a/db_funcs.php b/db_funcs.php new file mode 100644 index 0000000..29ef2df --- /dev/null +++ b/db_funcs.php @@ -0,0 +1,77 @@ + (aka. Someone ) +*/ + +require_once('./settings.php'); + +function db_get_uinfo($user, $pass){ + $lvl = -1; + $prep = $GLOBALS['dbc']->prepare('SELECT uname,lvl FROM users WHERE lower(uname)=lower(?) and pwd=encode(digest(?, \'sha512\'),\'hex\')'); + $prep->execute(array($user, $pass)); + $row = $prep->fetch(); + if(isset($row['uname'])){ + return $row; + }else{ + return NULL; + } +} + +function db_list_anmeldungen(){ + $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE lower(uname)=lower(?)'); + $prep->execute(array($GLOBALS['uname'],)); + if($GLOBALS['lvl'] >= 2){ + $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen'); + $prep->execute(); + } + return $prep->fetchAll(); +} + +function db_get_person($id){ + $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE id = ?'); + $prep->execute(array($id,)); + return $prep->fetch(); +} + +function db_delete_person($id){ + if($GLOBALS['lvl'] >= 2){ + $prep = $GLOBALS['dbc']->prepare('DELETE FROM anmeldungen WHERE id = ?'); + $prep->execute(array($id,)); + }else{ + $prep = $GLOBALS['dbc']->prepare('DELETE FROM anmeldungen WHERE id = ? and lower(uname) = ?'); + $prep->execute(array($id,$GLOBALS['uname'])); + } + return $prep->rowCount(); +} + +function db_store_person($id, $pdata){ + $p = db_get_person($id); + + if($p !== FALSE && $p['id'] == $id){ + // found, we do updating, if uname == uname. + if($p['uname'] == $GLOBALS['uname'] || $GLOBALS['lvl'] >= 2){ + if($pdata['analphabet'] == '')$pdata['analphabet'] = 0; + if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0; + if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0; + if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0; + if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01'; + $prep = $GLOBALS['dbc']->prepare('UPDATE anmeldungen SET nname=?, vname=?, gebdatum=?, nationaliaet=?, sprachen=?, analphabet=?, bemerkungen=?, vorwissen=?, fotoerlaubnis=?, videoerlaubnis=? WHERE id=?'); + $prep->execute(array($pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $p['id'])); + return $prep->rowCount(); + } + }else{ + // inserting a new person. + if($pdata['analphabet'] == '')$pdata['analphabet'] = 0; + if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0; + if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0; + if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0; + if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01'; + $prep = $GLOBALS['dbc']->prepare('INSERT INTO anmeldungen(uname, nname, vname, gebdatum, nationaliaet, sprachen, analphabet, bemerkungen, vorwissen, fotoerlaubnis, videoerlaubnis) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) returning id;'); + $prep->execute(array($GLOBALS['uname'], $pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'])); + $r = $prep->fetchColumn(); + return -$r; + } +} + diff --git a/funcs.php b/funcs.php new file mode 100644 index 0000000..f7bf2c4 --- /dev/null +++ b/funcs.php @@ -0,0 +1,94 @@ + (aka. Someone ) +*/ + +require_once('./settings.php'); +require_once('./db_funcs.php'); + +function login(){ +// if(!isset($_SERVER['HTTPS'])){ +// $url = 'https://'.$_SERVER["HTTP_HOST"].$_SERVER['REQUEST_URI']; +// header('Location: '.$url, true, 301); +// exit('

Redirecting to: '.$url.'

'); +// } + $uinfo = db_get_uinfo($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + if($uinfo['lvl'] >= 1){ + $GLOBALS['uname'] = $uinfo['uname']; + $GLOBALS['lvl'] = $uinfo['lvl']; + }else{ + header('WWW-Authenticate: Basic realm="WelcomeTUcode login"'); + header('HTTP/1.0 401 Unauthorized'); + exit('Nicht eingeloggt. Falsche Anmeldedaten?'); + } +} + +function list_anmeldungen(){ + $liste = db_list_anmeldungen(); + $ret = ''. + ''; + foreach ($liste as &$person) { + $ret .=''. + ''. + ''. + ''; +/* echo '
'.$person['vname'].'
+
'.$person['nname'].'
'.$person['gebdatum'].'
+
'.$person['nationaliaet'].'
'.$person['sprachen'].'
+
'.$person['vorwissen'].'
'.$person['analphabet'].'
+
'.$person['fotoerlaubnis'].'
'.$person['videoerlaubnis'].'
+
'.$person['bemerkungen'].'
+
';*/ + } + return $ret.'
AktionidAnmeldung beiNachname(n)Vorname(n)GeborenNationalitätSprachkenntnisVorwissenAnalphabetfotoerlaubnisVideoerlaubnisBemerkung
Bearbeiten'.$person['id'].''.$person['uname'].''.$person['nname'].''.$person['vname'].''.$person['gebdatum'].''.$person['nationaliaet'].''.$person['sprachen'].''.$person['vorwissen'].''.$person['analphabet'].''.$person['fotoerlaubnis'].''.$person['videoerlaubnis'].''.$person['bemerkungen'].'
'; +} + +function store_person(){ + if(!isset($_REQUEST['delete']) && !isset($_REQUEST['save'])) return 0; + +//var_export($_REQUEST); + + if(isset($_REQUEST['delete']))return db_delete_person($_REQUEST['id']); + if(isset($_REQUEST['save'])){ + + if(!isset($_REQUEST['vname']))return '-vname- not set!'; + $pdata['vname']=$_REQUEST['vname']; + + if(!isset($_REQUEST['nname']))return '-nname- not set!'; + $pdata['nname']=$_REQUEST['nname']; + + if(!isset($_REQUEST['gebdatum']))return '-gebdatum- not set!'; + $pdata['gebdatum']=$_REQUEST['gebdatum']; + + if(!isset($_REQUEST['nationaliaet']))return '-nationaliaet- not set!'; + $pdata['nationaliaet']=$_REQUEST['nationaliaet']; + + if(!isset($_REQUEST['sprachen']))return '-sprachen- not set!'; + $pdata['sprachen']=$_REQUEST['sprachen']; + + if(!isset($_REQUEST['vorwissen']))return '-vorwissen- not set!'; + $pdata['vorwissen']=$_REQUEST['vorwissen']; + + if(!isset($_REQUEST['analphabet']))return '-analphabet- not set!'; + $pdata['analphabet']=$_REQUEST['analphabet']; + + if(!isset($_REQUEST['fotoerlaubnis']))return '-fotoerlaubnis- not set!'; + $pdata['fotoerlaubnis']=$_REQUEST['fotoerlaubnis']; + + if(!isset($_REQUEST['videoerlaubnis']))return '-videoerlaubnis- not set!'; + $pdata['videoerlaubnis']=$_REQUEST['videoerlaubnis']; + + if(!isset($_REQUEST['bemerkungen']))return '-bemerkungen- not set!'; + $pdata['bemerkungen']=$_REQUEST['bemerkungen']; + + return db_store_person($_REQUEST['id'], $pdata); + } +} + +function get_person($id){ + if(!is_numeric($id)) return NULL; + return db_get_person($id); +} + diff --git a/index.php b/index.php new file mode 100644 index 0000000..23db70e --- /dev/null +++ b/index.php @@ -0,0 +1,5 @@ +

anmeldesystem

+ +

zu der Liste der angemeldeten

+

Stats

+ diff --git a/list.php b/list.php new file mode 100644 index 0000000..1e5a475 --- /dev/null +++ b/list.php @@ -0,0 +1,12 @@ + + +

Anmeldungsliste

+

Person hinzufügen

+ +

Person hinzufügen

+ diff --git a/person.php b/person.php new file mode 100644 index 0000000..044b727 --- /dev/null +++ b/person.php @@ -0,0 +1,79 @@ + (aka. Someone ) +*/ + +require_once('./funcs.php'); + +login(); + +$status = store_person(); +$person = get_person($_REQUEST['id']); + +if(isset($_REQUEST['api'])){ + header('Content-Type: application/json'); + header('Access-Control-Allow-Origin: *'); + mb_internal_encoding('UTF-8'); + $send['status'] = $status; + $send['person'] = $person; + exit(json_encode($send)); +} + +?> + +

Person bearbeiten

+Person gelöscht'; +}elseif($status == 1 && isset($_REQUEST['save'])){ + echo '

Person aktualisiert

'; +}elseif($status < 0){ + echo '

Person angelegt. ID:'.-$status.'

'; +} +?> +

Zurück zur Übersicht

+
+ + +

Vorname(n)
+

+

Nachname(n)
+

+

Geboren
+

+

Nationalität
+

+

Sprachkenntnisse
+

+

Vorwissen
+

+

Analphabet
+

+

Fotoerlaubnis
+

+

Videoerlaubnis
+

+

Besonderes/Bemerkungen
+

+ + +
+

Zurück zur Übersicht

+ +Comment or context:

Hashtag, if needed:
+
+ Image upload

+ Image position:
+
+

+ Comment for Admins/Mods:


'; +
+ +*/ + diff --git a/settings.php.example b/settings.php.example new file mode 100644 index 0000000..3cae100 --- /dev/null +++ b/settings.php.example @@ -0,0 +1,11 @@ +setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); +$GLOBALS['dbc']->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); + + diff --git a/stats.php b/stats.php new file mode 100644 index 0000000..eee7cea --- /dev/null +++ b/stats.php @@ -0,0 +1,10 @@ + + +

Stats

+TODO, wenn überhaupt (kann-Ziel) + -- 2.43.0