From 80a03ec5578f1c425ca9bf6c07b7897811682dea Mon Sep 17 00:00:00 2001
From: Grisu <grisu_steam@gmx.de>
Date: Thu, 9 Jun 2022 17:18:35 +0200
Subject: [PATCH] add teams to teams table and fix for login

---
 app/public/add_team.php          | 39 ++++++++++++++++++++++++++++++++
 app/public/login.php             | 15 ++++++++----
 app/public/mannschaft.php        |  8 +++++++
 app/scripts/database_queries.php | 21 +++++++++++++++++
 app/scripts/functions.php        |  7 ++++++
 5 files changed, 85 insertions(+), 5 deletions(-)
 create mode 100644 app/public/add_team.php

diff --git a/app/public/add_team.php b/app/public/add_team.php
new file mode 100644
index 0000000..0843d0e
--- /dev/null
+++ b/app/public/add_team.php
@@ -0,0 +1,39 @@
+<?php
+    session_start();
+    include("../scripts/connection.php");
+    include("../scripts/functions.php");
+
+    if($_SERVER['REQUEST_METHOD'] == "POST") {
+        write_team($con, $_POST['team_name'], $_POST['fire_department']);
+        header("Location: mannschaft.php");
+        die;      
+    }
+
+    echo file_get_contents("html/header.html");
+?>
+
+<body>
+    <div class="headline">
+        <h2>Mannschaft hinzufügen</h2>
+    </div>
+    <div>
+        <form method="post">
+            <label for="team_name">Mannschaftsname</label>
+            <input type="text" name="team_name"/><br>
+            <label for="fire_department">Feuerwehr</label>
+            <input type="text" name="fire_department" list="fire_departments"/><br>
+            <datalist id="fire_departments">
+                <?php
+                    load_fire_departments($con);
+                ?>
+            </datalist>
+            <input id="button" type="submit" value="Hinzufügen">
+        </form>
+    </div>
+    
+</body>
+
+<?php
+    $con = null;
+    echo file_get_contents("html/footer.html");
+?>
\ No newline at end of file
diff --git a/app/public/login.php b/app/public/login.php
index a5a5b54..1446890 100644
--- a/app/public/login.php
+++ b/app/public/login.php
@@ -9,14 +9,19 @@
 
         if(!empty($user_name) && !empty($password)) {
             $user_data = get_user_data_name($con, $user_name);
-            $phash = generate_password_hash($password, $user_data['salt']);
-            if($user_data['password'] === $phash) {
-                $_SESSION['user_id'] = $user_data['user_id'];
-                header("Location: index.php");
-                die;
+            if($user_data) {
+                $phash = generate_password_hash($password, $user_data['salt']);
+                if($user_data['password'] === $phash) {
+                    $_SESSION['user_id'] = $user_data['user_id'];
+                    header("Location: index.php");
+                    die;
+                } else {
+                    echo "Benutzername oder Passwort stimmen nicht";
+                }
             } else {
                 echo "Benutzername oder Passwort stimmen nicht";
             }
+
         } else {
             echo "Gib bitte gültige Daten ein!";
         }
diff --git a/app/public/mannschaft.php b/app/public/mannschaft.php
index ef3ebea..d9518ee 100644
--- a/app/public/mannschaft.php
+++ b/app/public/mannschaft.php
@@ -9,6 +9,14 @@
 ?>
 
 <body>
+    <div class="headline">
+        <h2>Mannschaftsverwaltung</h2>
+    </div>
+    <div>
+        <form action="add_team.php" method="get">
+            <input id="butto" type="submit" value="Mannschaft hinzufügen">
+        </form>
+    </div>
     <div class="table-div">
         <table>
             <thead>
diff --git a/app/scripts/database_queries.php b/app/scripts/database_queries.php
index 6b2f258..eff71ca 100644
--- a/app/scripts/database_queries.php
+++ b/app/scripts/database_queries.php
@@ -165,4 +165,25 @@ function write_station($con, $station_name, $station_pos) {
     } catch(PDOException $e) {
         handle_pdo_exceptio($e);
     }
+}
+
+function get_fire_departments($con) {
+    try {
+        $stmt = $con->prepare("SELECT DISTINCT feuerwehr FROM Mannschaft");
+        $stmt->execute();
+        return $stmt;
+    } catch(PDOException $e) {
+        handle_pdo_exception($e);
+    }
+}
+
+function write_team($con, $team_name, $fire_department) {
+    try {
+        $stmt = $con->prepare("INSERT INTO Mannschaft (name, feuerwehr) VALUES (?, ?)");
+        $stmt->bindParam(1, $team_name, PDO::PARAM_STR);
+        $stmt->bindParam(2, $fire_department, PDO::PARAM_STR);
+        $stmt->execute();
+    } catch(PDOEXCEPTION $e) {
+        handle_pdo_exception($e);
+    }
 }
\ No newline at end of file
diff --git a/app/scripts/functions.php b/app/scripts/functions.php
index f68c3c4..c064337 100644
--- a/app/scripts/functions.php
+++ b/app/scripts/functions.php
@@ -117,4 +117,11 @@ function load_teams_no_points($con, $s_id) {
             echo "<option value=\"" . $option['m_id'] . "\">" . $option['name'] . " " . $option['feuerwehr'] . "</option>";
         }
     }
+}
+
+function load_fire_departments($con) {
+    $stmt = get_fire_departments($con);
+    foreach($stmt->fetchAll() as $option) {
+        echo "<option>".$option['feuerwehr']."</option>\n";
+    }
 }
\ No newline at end of file