Grisu/PunkteSystem-KSP
1
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

added user managment

Browse Source
This commit is contained in:
Grisu
2022-06-09 22:20:05 +02:00
parent c769766cd5
commit 1197c6e07f
12 changed files with 167 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/public/add_entry.php
View File

@@ -20,7 +20,7 @@
die;
}
echo file_get_contents("heder_footer/header.php");
include("header_footer/header.php");
?>
<body>

2
app/public/add_station.php
View File

@@ -10,7 +10,7 @@
die;
}
echo file_get_contents("header_footer/header.php");
include("header_footer/header.php");
?>
<body>

2
app/public/add_team.php
View File

@@ -10,7 +10,7 @@
die;
}
echo file_get_contents("header_footer/header.php");
include("header_footer/header.php");
?>
<body>

60
app/public/add_user.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
session_start();
include("../scripts/connection.php");
include("../scripts/functions.php");
$user_data = check_admin($con);
if($_SERVER['REQUEST_METHOD'] == "POST") {
$user_name = $_POST['user_name'];
$password = $_POST['password'];
$user_group = $_POST['user_group'];
$bind_station = $_POST['bind_station'];
if(!empty($user_name) && !empty($password)) {
$salt = generate_salt();
$user_id = generate_user_id($_POST['user_name'], $salt);
$phash = generate_password_hash($_POST['password'], $salt);
if($user_group == "station") {
write_user($con, $user_name, $user_id, $phash, $salt, $user_group, $bind_station);
} else {
write_user($con, $user_name, $user_id, $phash, $salt, $user_group, NULL);
}
} else {
echo "Bitte Benutzername und Passwort eintragen!";
}
}
include("header_footer/header.php");
?>
<body>
<div class="headline">
<h2>Benutzer hinzufügen</h2>
</div>
<div>
<form method="post">
<label for="user_name">Benutzername</label>
<input type="text" name="user_name"/><br>
<label for="password">Passwort</label>
<input type="password" name="password"/><br>
<label for="user_group">Benutzergruppe</label>
<select name="user_group" id="user_group">
<option value="station">Station</option>
<option value="statistics">Statistik</option>
<option value="admin">Administrator</option>
</select><br>
<label for="bind_station">Gebunden an Station:</label>
<select name="bind_station" id="bind_station">
<?php
load_options_stations($con, "", false);
?>
</select>
<label for="bind_station">(Nur für Benutzergruppe Station)</label><br>
<input type="submit" value="Hinzufügen"/>
</form>
</div>
</body>
<?php
$con = null;
echo file_get_contents("header_footer/footer.html");
?>

7
app/public/header_footer/header.php
View File

@@ -19,6 +19,13 @@
<a href="mannschaft.php">Mannschaftsverwaltung</a>
<a href="stationen.php">Stationen</a>
<a href="statistik.php">Statistik</a>
<?php
if(isset($_SESSION['user_group'])) {
if ($_SESSION['user_group'] == 'admin') {
echo "<a href=\"manage_user.php\">Benutzerverwaltung</a>";
}
}
?>
</nav>
</section>
</header>

2
app/public/index.php
View File

@@ -5,7 +5,7 @@
$user_data = check_login($con);
echo file_get_contents("header_footer/header.php");
include("header_footer/header.php");
?>
<body>

39
app/public/manage_user.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
session_start();
include("../scripts/connection.php");
include("../scripts/functions.php");
$user_data = check_admin($con);
include('header_footer/header.php');
?>
<body>
<div class="headline">
<h2>Benutzerverwaltung</h2>
</div>
<div>
<form action="add_user.php" method="get">
<input type="submit" value="Benutzer hinzufügen"/>
</form>
</div>
<div class="table-div">
<table>
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Benutzergruppe</th>
</tr>
</thead>
<tbody>
<?php
load_users($con);
?>
</tbody>
</table>
</div>
</body>
<?php
$con = null;
echo file_get_contents("header_footer/footer.html");
?>

2
app/public/mannschaft.php
View File

@@ -5,7 +5,7 @@
include("../scripts/functions.php");
$user_data = check_login($con);
echo file_get_contents("header_footer/header.php");
include("header_footer/header.php");
?>
<body>

2
app/public/stationen.php
View File

@@ -5,7 +5,7 @@
include("../scripts/functions.php");
$user_data = check_login($con);
echo file_get_contents("header_footer/header.php");
include("header_footer/header.php");
?>
<body>

4
app/public/statistik.php
View File

@@ -15,7 +15,7 @@
$session = $_SESSION['select-statistics'];
}
echo file_get_contents("header_footer/header.php");
include("header_footer/header.php");
?>
<body>
@@ -32,7 +32,7 @@
<form name="switch-statistics" method="get">
<select name="stationen" id="station" onchange="this.form.submit()">
<?php
load_options_stations($con, $session);
load_options_stations($con, $session, true);
?>
</select>
</form>

27
app/scripts/database_queries.php
View File

@@ -171,6 +171,7 @@ function get_fire_departments($con) {
try {
$stmt = $con->prepare("SELECT DISTINCT feuerwehr FROM Mannschaft");
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt;
} catch(PDOException $e) {
handle_pdo_exception($e);
@@ -186,4 +187,30 @@ function write_team($con, $team_name, $fire_department) {
} catch(PDOEXCEPTION $e) {
handle_pdo_exception($e);
}
}
function get_users($con) {
try {
$stmt = $con->prepare("SELECT user_name, user_group FROM users");
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt;
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function write_user($con, $user_name, $user_id, $phash, $salt, $user_group, $s_id) {
try {
$stmt = $con->prepare("INSERT INTO users (user_id, password, user_name, salt, user_group, s_id) VALUES (?, ?, ?, ?, ?, ?)");
$stmt->bindParam(1, $user_id, PDO::PARAM_STR);
$stmt->bindParam(2, $phash, PDO::PARAM_STR);
$stmt->bindParam(3, $user_name, PDO::PARAM_STR);
$stmt->bindParam(4, $salt, PDO::PARAM_STR);
$stmt->bindParam(5, $user_group, PDO::PARAM_STR);
$stmt->bindParam(6, $s_id, PDO::PARAM_INT);
$stmt->execute();
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}

28
app/scripts/functions.php
View File

@@ -72,14 +72,16 @@ function load_total_score($con) {
echo "</tbody>\n";
}
function load_options_stations($con, $session) {
function load_options_stations($con, $session, $stats) {
$stmt = get_stations_all($con);
if ($session == "total-score"){
$total_score_selected = " selected";
} else {
$total_score_selected = "";
}
echo "<option value=\"total-score\"" . $total_score_selected . ">Gesamtpunkte</option>";
if($stats) {
echo "<option value=\"total-score\"" . $total_score_selected . ">Gesamtpunkte</option>";
}
foreach($stmt->fetchAll() as $option) {
if($session == $option['s_id']){
$station_selected = " selected";
@@ -124,4 +126,26 @@ function load_fire_departments($con) {
foreach($stmt->fetchAll() as $option) {
echo "<option>".$option['feuerwehr']."</option>\n";
}
}
function check_admin($con) {
$user_data = check_login($con);
if($user_data['user_group'] == "admin") {
return $user_data;
} else {
unset($_SESSION['user_id']);
unset($_SESSION['user_group']);
header("Location: login.php");
die;
}
}
function load_users($con) {
$stmt = get_users($con);
foreach($stmt->fetchAll() as $row) {
echo "<tr>\n";
echo "<td>" . $row['user_name'] . "</td>\n";
echo "<td>" . $row['user_group'] . "</td>\n";
echo "</tr>\n";
}
}