Grisu/PunkteSystem-KSP
1
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Grisu:9ddc2616de76f53037a4d73397e3a96de94d99d5
Branches Tags
Grisu:main Grisu:dev
...
compare: Grisu:main
Branches Tags
Grisu:dev Grisu:main

26 Commits
9ddc2616de ... main

Author SHA1 Message Date
Grisu
2e77ac243b added compression for download and ensure utf-8 encoding 2022-12-04 23:04:29 +01:00
Grisu
42d3f01176 Merge pull request 'added csv download' (#9) from dev into main 
Reviewed-on: #9
 2022-12-04 21:49:55 +00:00
Grisu
c4d62ac658 added csv download 2022-12-04 22:34:01 +01:00
Grisu
c1ffddfdb2 as admin you now can't delete your own account 2022-09-22 18:09:50 +02:00
Grisu
dc4d28cd91 Merge pull request 'dev' (#4) from dev into main 
Reviewed-on: #4
 2022-09-22 15:42:36 +00:00
Grisu
3598769c04 added warning when wrong password is entered 2022-09-22 17:38:02 +02:00
Grisu
cfc9c96a17 updated database schema 2022-09-22 14:19:38 +02:00
Grisu
e62be84d35 you can now edit, add and delete results 2022-09-22 14:17:29 +02:00
Grisu
c3873744be you can now set if a station needs points or get the results of the excersice and the website should calculate the points 2022-09-22 11:22:25 +02:00
Grisu
bb118e169e fixed typo 2022-09-18 21:12:35 +02:00
Grisu
458e0cbad9 Merge pull request 'changed the total score to a station ranking on the homepage' (#3) from dev into main 
Reviewed-on: #3
 2022-09-18 17:34:05 +00:00
Grisu
eacf3ce9b5 changed the total score to a station ranking on the homepage 2022-09-18 19:32:26 +02:00
Grisu
ca6549280f Merge pull request 'Adding close button to the edit and add pages' (#2) from dev into main 
Reviewed-on: #2
 2022-09-18 17:11:41 +00:00
Grisu
55e51a8214 added close button 2022-09-18 19:05:46 +02:00
Grisu
0a3beeeaec fixed typo and added close button to edit pages 2022-09-16 09:49:36 +02:00
Grisu
506982f1b1 fixed bug where you can't change the station which a station account belongs to 2022-09-15 10:32:13 +02:00
Grisu
83c62d0015 Points are now only counted if it is selected 2022-09-04 16:51:47 +02:00
Grisu
0f221c9303 fixed time encoding 2022-06-21 23:40:10 +02:00
Grisu
6d74360d1d sanitize all input against xss and fixed bug with time encoding when adding result 2022-06-21 23:35:06 +02:00
Grisu
b0478a7dd4 station account are redirect to their station table after login 2022-06-21 22:44:12 +02:00
Grisu
16e205232a Add 'LICENSE.md' 2022-06-21 10:45:19 +00:00
Grisu
478ee9c633 added standart user admin 2022-06-20 12:30:10 +02:00
Grisu
e9fe05b78f db user name and password are now configured by environment variables 2022-06-20 12:18:38 +02:00
Grisu
417cc45018 database schema 2022-06-19 22:59:38 +02:00
Grisu
b7e095e910 styling for edit and add subpage 2022-06-19 22:51:55 +02:00
Grisu
22bb085d5e responsiv navbar 2022-06-19 16:02:11 +02:00
28 changed files with 1268 additions and 322 deletions
Expand all files Collapse all files

7
LICENSE.md Normal file
View File

@@ -0,0 +1,7 @@
Copyright 2022 Grisu
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE

112
app/public/add_entry.php
View File

@@ -4,18 +4,41 @@
include("../scripts/functions.php");
$user_data = check_login($con);
if($_SERVER['REQUEST_METHOD'] == "POST") {
$points = $_POST['points'];
$minutes = $_POST['minutes'];
$seconds = $_POST['seconds'];
$miliseconds = $_POST['miliseconds'];
if($_SERVER['REQUEST_METHOD'] == "GET") {
$s_id = sanitize_input($_GET['station']);
}
if($minutes == 0 && $seconds == 0 && $miliseconds == 0){
$time = null;
} else {
$time = "00:" . $minutes . ":" . $seconds . "." . $miliseconds;
if($_SERVER['REQUEST_METHOD'] == "POST") {
$s_id = sanitize_input($_GET['station']);
if(isset($_POST['save']) && get_direct_points($con, $s_id)->fetch()['direkte_punkte'] == 1){
$points = sanitize_input($_POST['points']);
$minutes = sanitize_input($_POST['minutes']);
$seconds = sanitize_input($_POST['seconds']);
$miliseconds = sanitize_input($_POST['miliseconds']);
$m_id = sanitize_input($_POST['team']);
if($minutes == 0 && $seconds == 0 && $miliseconds == 0){
$time = null;
} else {
if ($minutes < 10) {
$minutes = "0" . $minutes;
}
if ($seconds < 10) {
$seconds = "0" . $seconds;
}
if ($miliseconds < 10) {
$miliseconds = "0" . $miliseconds;
}
$time = "00:" . $minutes . ":" . $seconds . "." . $miliseconds;
}
write_points($con, $s_id, $m_id, $points, $time);
} elseif (isset($_POST['save'])) {
$result = sanitize_input($_POST['result']);
$m_id = sanitize_input($_POST['team']);
write_result($con, $s_id, $m_id, $result);
}
write_points($con, $_GET['station'], $_POST['team'], $points, $time);
header("Location: statistik.php");
die;
}
@@ -24,29 +47,52 @@
?>
<body>
<div <?php if(!station_exists($con, $_GET['station'])) { echo "hidden=\"true\"";}?>>
<form action="" method="post">
<div id="team-div">
<label for="team">Mannschaft</label>
<select name="team" id="team">
<?php load_teams_no_points($con, $_GET['station'])?>
</select>
</div>
<label for="points">Punkte: </label>
<input name="points" id="points" type="number" max="15" min="0" value="0"/><br>
<label for="zeit">Zeit: </label>
<div id="zeit">
<label for="minutes">Minuten</label>
<input name="minutes" id="minutes" type="number" max="60" min="0" value="0"/><br>
<label for="seconds">Sekunden</label>
<input name="seconds" id="seconds" type="number" max="60" min="0" value="0"/><br>
<label for="miliseconds">Millisekunden</label>
<input name="miliseconds" id="miliseconds" type="number" max="99" min="0" value="0"/>
</div>
<div>
<input id="button" type="submit" value="Eintragen"/>
</div>
</form>
<div class="center">
<div class="headline">
<h2>Ergebnis eintragen</h2>
</div>
<div class="form_div">
<form action="" method="post">
<div id="team-div" class="dropdown">
<label for="team">Mannschaft</label>
<select name="team" id="team">
<?php load_teams_no_points($con, sanitize_input($_GET['station']))?>
</select>
</div>
<?php
if(get_direct_points($con, $s_id)->fetch()['direkte_punkte'] == 1) {
echo "<div class=\"number_field\">
<label for=\"points\">Punkte: </label>
<input name=\"points\" id=\"points\" type=\"number\" max=\"15\" min=\"0\" value=\"0\" required/>
</div>
<div class=\"headline\">
<h3>Zeit</h3>
</div>
<div id=\"zeit\">
<div class=\"number_field\">
<label for=\"minutes\">Minuten</label>
<input name=\"minutes\" id=\"minutes\" type=\"number\" max=\"60\" min=\"0\" value=\"0\"/>
</div>
<div class=\"number_field\">
<label for=\"seconds\">Sekunden</label>
<input name=\"seconds\" id=\"seconds\" type=\"number\" max=\"60\" min=\"0\" value=\"0\"/>
</div>
<div class=\"number_field\">
<label for=\"miliseconds\">Millisekunden</label>
<input name=\"miliseconds\" id=\"miliseconds\" type=\"number\" max=\"99\" min=\"0\" value=\"0\"/>
</div>
</div>";} else {
echo "<div class=\"number_field\">
<label for=\"result\">Ergebnis: </label>
<input name=\"result\" id=\"result\" type=\"number\" max=\"65535\" min=\"0\" value=\"0\" required/>
</div>";
}?>
<div>
<input id="button" type="submit" value="Eintragen" class="btn-confirm" name="save"/>
<input id="close" type="submit" value="Schließen" class="btn-confirm" name="close">
</div>
</form>
</div>
</div>
</body>
<?php

45
app/public/add_station.php
View File

@@ -5,7 +5,12 @@
$user_data = check_login($con);
if($_SERVER['REQUEST_METHOD'] == "POST") {
write_station($con, $_POST['station_name'], $_POST['station_pos']);
if(isset($_POST['save'])){
$station_name = sanitize_input($_POST['station_name']);
$station_pos = sanitize_input($_POST['station_pos']);
$station_direct_points = sanitize_input($_POST['direkte_punkte']);
write_station($con, $station_name, $station_pos, $station_direct_points);
}
header("Location: stationen.php");
die;
}
@@ -14,17 +19,33 @@
?>
<body>
<div class="headline">
<h2>Station hinzufügen</h2>
</div>
<div>
<form method="post">
<label for="station_name">Name:</label>
<input id="station_name" type="text" name="station_name"/><br>
<label for="station_pos">Standort:</label>
<input id="station_pos" type="text" name="station_pos"/><br>
<input id="button" type="submit" value="Hinzufügen"/>
</form>
<div class="center">
<div class="headline">
<h2>Station hinzufügen</h2>
</div>
<div class="form_div">
<form method="post">
<div class="txt_field">
<input class="input_field" id="station_name" type="text" name="station_name" required/>
<span></span>
<label for="station_name">Name</label>
</div>
<div class="txt_field">
<input class="input_field" id="station_pos" type="text" name="station_pos" required/>
<span></span>
<label for="station_pos">Standort</label>
</div>
<div class="dropdown">
<label for="direkte_punkte">Punkte eintragen</label>
<select name="direkte_punkte" id="direkte_punkte">
<option value="1" selected>Ja</option>
<option value="0">Nein</option>
</select>
</div>
<input id="button" type="submit" value="Hinzufügen" class="btn-confirm" name="save"/>
<a href="stationen.php" class="btn-close">Schließen</a>
</form>
</div>
</div>
</body>
<?php

47
app/public/add_team.php
View File

@@ -5,7 +5,11 @@
$user_data = check_login($con);
if($_SERVER['REQUEST_METHOD'] == "POST") {
write_team($con, $_POST['team_name'], $_POST['fire_department']);
if(isset($_POST['save'])) {
$team_name = sanitize_input($_POST['team_name']);
$fire_department = sanitize_input($_POST['fire_department']);
write_team($con, $team_name, $fire_department);
}
header("Location: mannschaft.php");
die;
}
@@ -14,22 +18,31 @@
?>
<body>
<div class="headline">
<h2>Mannschaft hinzufügen</h2>
</div>
<div>
<form method="post">
<label for="team_name">Mannschaftsname</label>
<input type="text" name="team_name"/><br>
<label for="fire_department">Feuerwehr</label>
<input type="text" name="fire_department" list="fire_departments"/><br>
<datalist id="fire_departments">
<?php
load_fire_departments($con);
?>
</datalist>
<input id="button" type="submit" value="Hinzufügen">
</form>
<div class="center">
<div class="headline">
<h2>Mannschaft hinzufügen</h2>
</div>
<div class="form_div">
<form method="post">
<div class="txt_field">
<input type="text" name="team_name" required/>
<span></span>
<label for="team_name">Mannschaftsname</label>
</div>
<div class="txt_field">
<input type="text" name="fire_department" list="fire_departments" required/>
<datalist id="fire_departments">
<?php
load_fire_departments($con);
?>
</datalist>
<span></span>
<label for="fire_department">Feuerwehr</label>
</div>
<input id="button" type="submit" value="Hinzufügen" class="btn-confirm" name="save"/>
<a href="mannschaft.php">Schließen</a>
</form>
</div>
</div>
</body>

74
app/public/add_user.php
View File

@@ -6,14 +6,14 @@
$error = null;
if($_SERVER['REQUEST_METHOD'] == "POST") {
$user_name = $_POST['user_name'];
$password = $_POST['password'];
$user_group = $_POST['user_group'];
$bind_station = $_POST['bind_station'];
$user_name = sanitize_input($_POST['user_name']);
$password = sanitize_input($_POST['password']);
$user_group = sanitize_input($_POST['user_group']);
$bind_station = sanitize_input($_POST['bind_station']);
if(!empty($user_name) && !empty($password)) {
$salt = generate_salt();
$user_id = generate_user_id($_POST['user_name'], $salt);
$phash = generate_password_hash($_POST['password'], $salt);
$user_id = generate_user_id($user_name, $salt);
$phash = generate_password_hash($password, $salt);
if($user_group == "station") {
write_user($con, $user_name, $user_id, $phash, $salt, $user_group, $bind_station);
} else {
@@ -30,31 +30,43 @@
?>
<body>
<div class="headline">
<h2>Benutzer hinzufügen</h2>
</div>
<div>
<form method="post">
<label><?php echo $error ?></label><br>
<label for="user_name">Benutzername</label>
<input type="text" name="user_name"/><br>
<label for="password">Passwort</label>
<input type="password" name="password"/><br>
<label for="user_group">Benutzergruppe</label>
<select name="user_group" id="user_group">
<option value="station">Station</option>
<option value="statistics">Statistik</option>
<option value="admin">Administrator</option>
</select><br>
<label for="bind_station">Gebunden an Station:</label>
<select name="bind_station" id="bind_station">
<?php
load_options_stations($con, "", false);
?>
</select>
<label for="bind_station">(Nur für Benutzergruppe Station)</label><br>
<input type="submit" value="Hinzufügen"/>
</form>
<div class="center">
<div class="headline">
<h2>Benutzer hinzufügen</h2>
</div>
<div class="form_div">
<form method="post" class="form_class">
<label><?php echo $error ?></label><br>
<div class="txt_field">
<input type="text" name="user_name" required>
<span></span>
<label>Benutzername</label>
</div>
<div class="txt_field">
<input type="password" name="password" required>
<span></span>
<label>Passwort</label>
</div>
<div class="dropdown">
<label for="user_group">Benutzergruppe</label>
<select name="user_group" id="user_group">
<option value="station">Station</option>
<option value="statistics">Statistik</option>
<option value="admin">Administrator</option>
</select>
</div>
<div class="dropdown">
<label for="bind_station">Gebunden an Station (Nur für Gruppe Station)</label>
<select name="bind_station" id="bind_station">
<?php
load_options_stations($con, "", false);
?>
</select>
</div>
<input type="submit" value="Hinzufügen" class="btn-confirm"/>
<a href="manage_user.php">Schließen</a>
</form>
</div>
</div>
</body>

172
app/public/css/edit.css Normal file
View File

@@ -0,0 +1,172 @@
*{
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Open Sans', sans-serif;
}
form .txt_field{
position: relative;
border-bottom: 2px solid #adadad;
margin: 20px 0px;
}
.txt_field_opt {
position: relative;
border-bottom: 2px solid #adadad;
margin: 20px 0px;
}
.txt_field input {
width: 100%;
padding: 0 5px;
height: 40px;
font-size: 16px;
border: none;
background: none;
outline: none;
}
.txt_field_opt input {
width: 100%;
padding: 0 5px;
height: 40px;
font-size: 16px;
border: none;
background: none;
outline: none;
}
.txt_field label {
position: absolute;
top: 50%;
left: 5px;
color: #adadad;
transform: translateY(-50%);
font-size: 16px;
pointer-events: none;
transition: .5s;
}
.txt_field_opt label {
position: absolute;
top: 50%;
left: 5px;
color: #adadad;
transform: translateY(-50%);
font-size: 16px;
pointer-events: none;
transition: .5s;
}
.txt_field span::before{
content: '';
position: absolute;
top: 40px;
left: 0;
width: 0%;
height: 2px;
background: #2691d9;
transition: .5s;
}
.txt_field_opt span::before{
content: '';
position: absolute;
top: 40px;
left: 0;
width: 0%;
height: 2px;
background: #2691d9;
transition: .5s;
}
.txt_field_opt input:focus ~ label,
.txt_field_opt input:not(:placeholder-shown) ~ label{
top: -5px;
color: #2691d9;
}
.txt_field input:focus ~ label,
.txt_field input:valid ~ label{
top: -5px;
color: #2691d9;
}
.txt_field_opt input:focus ~ span::before,
.txt_field_opt input:not(:placeholder-shown) ~ span::before{
width: 100%;
}
.txt_field input:focus ~ span::before,
.txt_field input:valid ~ span::before{
width: 100%;
}
.dropdown {
display: flex;
flex-direction: column;
}
.dropdown label {
margin-bottom: 5px;
border-bottom: 1px solid #adadad;
}
.dropdown select {
border-radius: 0px;
height: 30px;
border: none;
padding-bottom: 5px;
margin-bottom: 5px;
border-bottom: 1px solid #adadad;
}
.btn-confirm {
margin-bottom: 10px;
border-radius: 0px;
border: none;
height: 30px;
width: 100%;
}
.btn-close a {
text-decoration: none;
}
.form_div {
margin-left: 5px;
margin-right: 5px;
}
.number_field {
display: flex;
flex-direction: column;
}
.number_field label {
padding-bottom: 2px;
margin-bottom: 5px;
border-bottom: 1px solid #adadad;
}
.number_field input {
border: none;
outline: none;
height: 30px;
padding-bottom: 2px;
margin-bottom: 5px;
border-bottom: 1px solid #adadad;
width: 100%;
}
.headline h3 {
text-align: center;
font-weight: 400;
color: #002e5b;
}
.information {
border-bottom: 1px solid #adadad;
margin-bottom: 5px;
}

31
app/public/css/login.css
View File

@@ -84,14 +84,7 @@ form .txt_field{
.txt_field input:valid ~ span::before{
width: 100%;
}
.pass{
margin: -5px 0 20px 5px;
color: #a6a6a6;
cursor: pointer;
}
.pass:hover{
text-decoration: underline;
}
input[type="submit"]{
width: 100%;
height: 50px;
@@ -108,16 +101,12 @@ input[type="submit"]:hover{
border-color: #2691d9;
transition: .5s;
}
.signup_link{
margin: 30px 0;
text-align: center;
font-size: 16px;
color: #666666;
}
.signup_link a{
color: #2691d9;
text-decoration: none;
}
.signup_link a:hover{
text-decoration: underline;
}
.warnings {
outline: none;
margin-top: 0px;
margin-bottom: 10px;
background-color: #ff8080;
border-radius: 4px;
padding: 4px;
}

151
app/public/css/styles.css
View File

@@ -1,5 +1,9 @@
@import url(./trashcan.css);
*{
box-sizing: border-box;
}
html {
background: url("../pictures/Gerätehaus.jpg") no-repeat center center fixed;
-webkit-background-size: cover;
@@ -9,30 +13,69 @@ html {
height: 100%;
}
nav a{
float: right;
text-decoration: none;
color: #FFFFFF;
font-size: 18px;
padding: 15px 25px;
display: inline-block;
transition: all 0.5s ease 0s;
.navbar {
display: flex;
position: relative;
justify-content: space-between;
align-items: center;
background-color: #090CA9;
color: white;
width: 100%;
}
#logo {
font-size: 20px;
text-transform: uppercase;
color: #FFFFFF;
font-weight: bold;
float: left;
padding: 20px;
margin-left: 0.5rem;
font-size: 1.5rem;
margin: .5rem;
}
.navbar-links {
height: 100%;
}
.navbar-links ul {
display: flex;
margin: 0;
padding: 0;
}
.navbar-links li {
list-style: none;
}
.navbar-links li a {
display: block;
text-decoration: none;
color: white;
padding: 1rem;
}
.navbar-links li:hover {
background-color: #002e5b;
}
.toggle-button {
position: absolute;
top: .75rem;
right: .1rem;
display: none;
flex-direction: column;
justify-content: space-between;
width: 30px;
height: 21px;
}
.toggle-button .bar {
height: 3px;
width: 100%;
background-color: white;
border-radius: 10px;
}
header {
overflow: hidden;
background-color: #090CA9;
margin-bottom: 5px;
width: 100%;
}
body {
@@ -41,10 +84,9 @@ body {
font-family: 'Open Sans', sans-serif;
align-items: center;
justify-content: center;
}
nav {
margin-right: 0.5rem;
display: flex;
flex-direction: column;
width: 100%;
}
h1 {
@@ -57,6 +99,8 @@ h1 {
h1 span{
font-weight: 500;
margin-left: 5px;
margin-right: 5px;
}
div.table-div {
@@ -76,8 +120,8 @@ div.table-div table{
div.table-div th,td {
border: 1px solid;
padding-left: 2.5vw;
padding-right: 2.5vw;
padding-left: .5rem;
padding-right: .5rem;
padding-bottom: 5px;
}
@@ -95,15 +139,16 @@ div.headline h2{
margin: 0px auto;
padding: 10px 0px;
font-weight: 400;
margin-left: 5px;
margin-right: 5px;
}
.center{
max-width: 900px;
min-width: 300px;
/*max-width: 800px;
min-width: 300px;*/
margin: auto;
margin-top: 0px;
background-color: white;
padding-top: 0px;
height: 100%;
border-radius: 10px;
box-shadow: 0px 0px 15px rgba(0, 0, 0, 0.25);
@@ -172,9 +217,19 @@ div.headline h2{
visibility: visible;
}
#icon-download {
position:absolute;
top: 6px;
left: 5px;
pointer-events: none;
visibility: visible;
}
.input-table{
padding-left: 2px;
padding-right: 2px;
margin-left: 5px;
margin-right: 5px;
}
.select-div {
@@ -208,4 +263,48 @@ div.headline h2{
margin: 0px auto;
padding: 10px 0px;
font-weight: 400;
}
@media (max-width: 800px) {
.navbar {
flex-direction: column;
align-items: flex-start;
}
.toggle-button {
display: flex;
}
.navbar-links {
display: none;
width: 100%;
}
.navbar-links ul {
width: 100%;
flex-direction: column;
}
.navbar-links ul li {
text-align: end;
}
.navbar-links ul li a {
padding: .5rem 1rem;
}
.navbar-links.active {
display: flex;
}
.center {
margin-left: 2%;
margin-right: 2%;
}
}
@media (max-width: 500px) {
.table-div table{
font-size: 4vmin;
}
}

7
app/public/delete_statistics.php
View File

@@ -10,6 +10,13 @@
$stmt->bindParam(1, $_POST["m_id"], PDO::PARAM_INT);
$stmt->bindParam(2, $_POST["s_id"], PDO::PARAM_INT);
$stmt->execute();
if(get_direct_points($con, $_POST['s_id'])->fetch()['direkte_punkte'] == 0) {
$stmt = $con->prepare("DELETE FROM Ergebnisse WHERE m_id = ? AND s_id =?");
$stmt->bindParam(1, $_POST["m_id"], PDO::PARAM_INT);
$stmt->bindParam(2, $_POST["s_id"], PDO::PARAM_INT);
$stmt->execute();
update_points($con, $_POST["s_id"]);
}
} catch(PDOException $e) {
handle_pdo_exception($e);
}

7
app/public/delete_user.php
View File

@@ -6,8 +6,11 @@
if($_SERVER['REQUEST_METHOD'] == "POST") {
try {
$stmt = $con->prepare("DELETE FROM users WHERE id = :id");
$stmt->execute(['id' => $_POST['id']]);
$selected_user_id = get_id_user_by_user_id($con, $_SESSION['user_id']);
if($selected_user_id != $_POST['id']) {
$stmt = $con->prepare("DELETE FROM users WHERE id = :id");
$stmt->execute(['id' => $_POST['id']]);
}
} catch(PDOException $e) {
handle_pdo_exception($e);
}

36
app/public/download_table.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
session_start();
include("../scripts/connection.php");
include("../scripts/functions.php");
$user_data = check_admin($con);
if(isset($_GET['table'])) {
$table = $_GET['table'];
}
ob_start('ob_gzhandler'); #compressing data which is sent to the browser, the browser will decompress the data automatically
header('Content-type: text/csv; charset="UTF-8" ');
header('Content-Disposition: attachment; filename="table.csv" ');
function download_table($stmt) {
$output = fopen('php://output', 'w');
$header = true;
while ($row = $stmt->fetch()) {
if ($header) {
fputcsv($output, array_keys($row));
$header = false;
}
fputcsv($output, $row);
}
fclose($output);
}
if($table == "total-score") {
$total_score = get_total_score($con);
download_table($total_score);
} else {
$station = get_station($con, $table);
download_table($station);
}
?>

85
app/public/edit_station.php
View File

@@ -5,21 +5,39 @@
$user_data = check_admin($con);
if($_SERVER['REQUEST_METHOD'] == "GET") {
$s_id = sanitize_input($_GET['s_id']);
$row = get_station_all($con, $_GET['s_id'])->fetch();
include("header_footer/header.php");
}
if($_SERVER['REQUEST_METHOD'] == "POST") {
$station = get_station_all($con, $_POST['station_id'])->fetch();
$s_id = intval($station['s_id']);
$name = strval($station['name']);
$standort = strval($station['standort']);
if($name != $_POST['station_name']) {
update_station_name($con, $s_id, $_POST['station_name']);
}
if(!isset($_POST['close'])){
$station_id = sanitize_input($_POST['station_id']);
$station_name = sanitize_input($_POST['station_name']);
$station_pos = sanitize_input($_POST['station_pos']);
$station_gewertet = sanitize_input($_POST['gewertet']);
$station_direct_points = sanitize_input($_POST['direkte_punkte']);
$station = get_station_all($con, $station_id)->fetch();
$s_id = intval($station['s_id']);
$name = strval($station['name']);
$standort = strval($station['standort']);
$gewertet = intval($station['gewertet']);
$direct_points = intval($station['direkte_punkte']);
if($name != $station_name) {
update_station_name($con, $s_id, $station_name);
}
if($standort != $_POST['station_pos']) {
update_station_pos($con, $s_id, $_POST['station_pos']);
if($standort != $station_pos) {
update_station_pos($con, $s_id, $station_pos);
}
if($gewertet != $station_gewertet) {
update_station_gewertet($con, $s_id, $station_gewertet);
}
if($direct_points != $station_direct_points) {
update_station_direct_points($con, $s_id, $station_direct_points);
}
}
header("Location: stationen.php");
die;
@@ -27,18 +45,43 @@
?>
<body>
<div class="headline">
<h2>Station bearbeiten</h2>
</div>
<div>
<form method="post">
<label for="station_name">Stations Namen:</label>
<input type="text" name="station_name" <?php echo "value=\"" . $row['name'] . "\"" ?> /><br>
<label for="station_pos">Stations Standort:</label>
<input type="text" name="station_pos" <?php echo "value=\"" . $row['standort'] . "\""?>/><br>
<input type="hidden" name="station_id" <?php echo "value=\"" . $row ['s_id'] . "\""?>/>
<input type="submit" value="Speichern"/>
</form>
<div class="center">
<div class="headline">
<h2>Station bearbeiten</h2>
</div>
<div class="form_div">
<form method="post">
<div class="txt_field">
<input type="text" name="station_name" <?php echo "value=\"" . $row['name'] . "\"" ?> />
<span></span>
<label for="station_name">Stations Namen:</label>
</div>
<div class="txt_field">
<input type="text" name="station_pos" <?php echo "value=\"" . $row['standort'] . "\""?>/>
<span></span>
<label for="station_pos">Stations Standort:</label>
</div>
<div class="dropdown">
<label for="gewertet">Wertung:</label>
<select name="gewertet" id="gewertet">
<option value="1" <?php if($row['gewertet'] == '1'){echo " selected";}?>>Ja</option>
<option value="0" <?php if($row['gewertet'] == '0'){echo " selected";}?>>Nein</option>
</select>
</div>
<div class="dropdown">
<label for="direkte_punkte">Punkte eintragen</label>
<select name="direkte_punkte" id="direkte_punkte">
<option value="1" <?php if($row['direkte_punkte'] == '1'){echo " selected";}?>>Ja</option>
<option value="0" <?php if($row['direkte_punkte'] == '0'){echo " selected";}?>>Nein</option>
</select>
</div>
<input type="hidden" name="station_id" <?php echo "value=\"" . $row ['s_id'] . "\""?>/>
<div>
<input type="submit" value="Speichern" class="btn-confirm"/>
<input type="submit" value="Schließen" class="btn-confirm" name="close">
</div>
</form>
</div>
</div>
</body>

136
app/public/edit_statistics.php
View File

@@ -5,59 +5,111 @@
$user_data=check_login($con);
if($_SERVER['REQUEST_METHOD'] == "GET") {
$row = get_result($con, $_GET["m_id"], $_GET['s_id'])->fetch();
$m_id = intval(sanitize_input($_GET['m_id']));
$s_id = intval(sanitize_input($_GET['s_id']));
$row = get_result($con, $m_id, $s_id)->fetch();
include("header_footer/header.php");
}
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$m_id = intval($_POST['m_id']);
$s_id = intval($_POST['s_id']);
$points = intval($_POST['points']);
$minutes = intval($_POST['minutes']);
$seconds = intval($_POST['seconds']);
$millis = intval($_POST['millis']);
if (get_points($con, $m_id, $s_id)->fetch()['punkte'] != $points) {
change_points($con, $m_id, $s_id, $points);
}
if (get_minutes($con, $m_id, $s_id)->fetch()['minutes'] != $minutes || get_seconds($con, $m_id, $s_id)->fetch()['seconds'] != $seconds || get_millis($con, $m_id, $s_id)->fetch()['millis'] != $millis) {
if ($millis < 10) {
$time = "00:" . $minutes . ":" . $seconds . "." . "0" . $millis;
} else {
$time = "00:" . $minutes . ":" . $seconds . "." . $millis;
$s_id = intval(sanitize_input($_POST['s_id']));
$m_id = intval(sanitize_input($_POST['m_id']));
if(isset($_POST['save']) && get_direct_points($con, $s_id)->fetch()['direkte_punkte'] == 1) {
$points = intval(sanitize_input($_POST['points']));
$minutes = intval(sanitize_input($_POST['minutes']));
$seconds = intval(sanitize_input($_POST['seconds']));
$millis = intval(sanitize_input($_POST['millis']));
if (get_points($con, $m_id, $s_id)->fetch()['punkte'] != $points) {
change_points($con, $m_id, $s_id, $points);
}
change_time($con, $m_id, $s_id, $time);
if (get_minutes($con, $m_id, $s_id)->fetch()['minutes'] != $minutes || get_seconds($con, $m_id, $s_id)->fetch()['seconds'] != $seconds || get_millis($con, $m_id, $s_id)->fetch()['millis'] != $millis) {
if ($millis < 10) {
$millis = "0" . $millis;
}
if ($minutes < 10) {
$minutes = "0" . $minutes;
}
if ($seconds < 10) {
$seconds = "0" . $seconds;
}
$time = "00:" . $minutes . ":" . $seconds . "." . $millis;
change_time($con, $m_id, $s_id, $time);
}
} elseif(isset($_POST['save'])) {
$result = intval(sanitize_input($_POST['result']));
update_result($con, $s_id, $m_id, $result);
}
header("Location: statistik.php");
die;
}
?>
<body>
<div class="headline">
<h2>Ergebniss bearbeiten</h2>
</div>
<div>
<form method="post">
<label for="team_name">Mannschaftsname: </label>
<label for="" name="team_name"><?php echo $row['name']?></label><br>
<label for="fire_department">Feuerwehr:</label>
<label for="" name="fire_department"><?php echo $row["feuerwehr"]?></label><br>
<label for="points">Punkte:</label>
<input type="number" min="0" max="15" name="points" value="<?php echo $row['punkte']?>"/><br>
<div id="time">
<?php $time_set = check_time($con, $row['m_id'], $row['s_id']);?>
<label for="minutes">Minuten:</label>
<input name="minutes" type="number" min="0" max="60" value=<?php if(!$time_set){echo "\"0\"";} else {echo "\"" . get_minutes($con, $row['m_id'], $row['s_id'])->fetch()['minutes'] . "\""; }?>/><br>
<label for="seconds">Sekunden</label>
<input name="seconds" type="number" min="0" max="60" value=<?php if(!$time_set){echo"\"0\"";} else { echo "\"" . get_seconds($con, $row['m_id'], $row['s_id'])->fetch()['seconds'] . "\""; }?>/><br>
<label for="millis">Millisekunden</label>
<input name="millis" type="number" min="0" max="99" value=<?php if(!$time_set){echo"\"0\"";} else { echo "\"" . get_millis($con, $row['m_id'], $row['s_id'])->fetch()['millis'] / 1e4 . "\""; }?>/><br>
</div>
<input type="hidden" name="m_id" value=<?php echo $row['m_id'] ?>/>
<input type="hidden" name="s_id" value=<?php echo $row['s_id'] ?>/>
<input name="button" type="submit" value="Speichern"/>
</form>
<div class="center">
<div class="headline">
<h2>Ergebnis bearbeiten</h2>
</div>
<div class="form_div">
<form method="post">
<label class="information">Mannschaftsname: <?php echo $row['name']?></label><br>
<label for="fire_department" class="information">Feuerwehr: <?php echo $row["feuerwehr"]?></label><br>
<?php
if (get_direct_points($con, $s_id)->fetch()['direkte_punkte'] == 1){
echo "<div class=\"number_field\">
<label for=\"points\">Punkte:</label>
<input type=\"number\" min=\"0\" max=\"15\" name=\"points\" value=\"" . $row['punkte'] . "\"/>
</div>
<div class=\"headline\">
<h3>Zeit</h3>
</div>
<div id=\"time\">";
$time_set = check_time($con, $m_id, $s_id);
echo "<div class=\"number_field\">
<label for=\"minutes\">Minuten:</label>
<input name=\"minutes\" type=\"number\" min=\"0\" max=\"60\" value=";
if(!$time_set){
echo "\"0\"";
} else {
echo "\"" . get_minutes($con, $m_id, $s_id)->fetch()['minutes'] . "\"";
}
echo "/>
</div>
<div class=\"number_field\">
<label for=\"seconds\">Sekunden</label>
<input name=\"seconds\" type=\"number\" min=\"0\" max=\"60\" value=";
if(!$time_set){
echo"\"0\"";
} else {
echo "\"" . get_seconds($con, $m_id, $s_id)->fetch()['seconds'] . "\""; }
echo"/>
</div>
<div class=\"number_field\">
<label for=\"millis\">Millisekunden</label>
<input name=\"millis\" type=\"number\" min=\"0\" max=\"99\" value=";
if(!$time_set) {
echo"\"0\"";
} else {
$millis = get_millis($con, $m_id, $s_id)->fetch()['millis'] / 1e4;
echo "\"" . $millis . "\"";
}
echo"/>
</div>
</div>";
} else {
echo "<div class=\"number_field\">
<label for=\"result\">Ergebnis: </label>
<input name=\"result\" type=\"number\" min=\"0\" max=\"65535\" value=";
echo "\"" . get_result_team_station($con, $s_id, $m_id) . "\"";
echo "</div>";
}?>
<input type="hidden" name="m_id" value=<?php echo $m_id ?>/>
<input type="hidden" name="s_id" value=<?php echo $s_id ?>/>
<input name="save" type="submit" value="Speichern" class="btn-confirm"/>
<input type="submit" name="close" value="Schließen" class="btn-confirm"/>
</form>
</div>
</div>
</body>
<?php

68
app/public/edit_team.php
View File

@@ -5,20 +5,25 @@
$user_data = check_admin($con);
if($_SERVER['REQUEST_METHOD'] == "GET") {
$row = get_team($con, $_GET['m_id'])->fetch();
$m_id = $_GET['m_id'];
$row = get_team($con, $m_id)->fetch();
}
if($_SERVER['REQUEST_METHOD'] == "POST") {
$row = get_team($con, $_POST['m_id'])->fetch();
if($_POST['team_name'] != $row['name']) {
update_team_name($con, $_POST['m_id'], $_POST['team_name']);
if(isset($_POST['save'])) {
$m_id = sanitize_input($_POST['m_id']);
$team_name = sanitize_input($_POST['team_name']);
$fire_department = sanitize_input($_POST['fire_department']);
$row = get_team($con, $m_id)->fetch();
if($_POST['team_name'] != $row['name']) {
update_team_name($con, $m_id, $team_name);
}
if($_POST['fire_department'] != $row['feuerwehr']) {
update_team_fire_department($con, $m_id, $fire_department);
}
}
if($_POST['fire_department'] != $row['feuerwehr']) {
update_team_fire_department($con, $_POST['m_id'], $_POST['fire_department']);
}
header("Location: mannschaft.php");
die;
}
@@ -26,23 +31,32 @@
include("header_footer/header.php");
?>
<body>
<div class="headline">
<h2>Mannschaft bearbeiten</h2>
</div>
<div>
<form method="post">
<label for="team_name">Mannschaftsname</label>
<input type="text" name="team_name" <?php echo "value=\"" . $row['name'] . "\""?> /><br>
<label for="fire_department">Feuerwehr</label>
<input type="text" name="fire_department" list="fire_departments" <?php echo "value=\"" . $row['feuerwehr'] . "\"" ?>/><br>
<datalist id="fire_departments">
<?php
load_fire_departments($con);
?>
</datalist>
<input type="hidden" name="m_id" <?php echo "value=\"" . $row['m_id'] . "\""?> />
<input type="submit" value="Speichern"/>
</form>
<div class="center">
<div class="headline">
<h2>Mannschaft bearbeiten</h2>
</div>
<div class="form_div">
<form method="post">
<div class="txt_field">
<input type="text" name="team_name" <?php echo "value=\"" . $row['name'] . "\""?> />
<span></span>
<label for="team_name">Mannschaftsname</label>
</div>
<div class="txt_field">
<input type="text" name="fire_department" list="fire_departments" <?php echo "value=\"" . $row['feuerwehr'] . "\"" ?>/>
<datalist id="fire_departments">
<?php
load_fire_departments($con);
?>
</datalist>
<span></span>
<label for="fire_department">Feuerwehr</label>
</div>
<input type="hidden" name="m_id" <?php echo "value=\"" . $row['m_id'] . "\""?> />
<input type="submit" value="Speichern" class="btn-confirm" name="save"/>
<input type="submit" nam="close" value="Schließen" class="btn-confirm"/>
</form>
</div>
</div>
</body>
<?php

119
app/public/edit_user.php
View File

@@ -5,65 +5,90 @@
$user_data = check_admin($con);
if($_SERVER['REQUEST_METHOD'] == "GET") {
$row = get_user($con, $_GET['id'])->fetch();
$id = sanitize_input($_GET['id']);
$row = get_user($con, $id)->fetch();
include("header_footer/header.php");
}
if($_SERVER['REQUEST_METHOD'] == "POST") {
$user = get_user($con, $_POST['id'])->fetch();
if($user['user_name'] != $_POST['user_name']) {
change_user_name($con, $_POST['id'], $_POST['user_name']);
}
if($user['user_group'] != $_POST['user_group']) {
if($_POST['user_group'] == "station") {
change_user_group($con, $_POST['id'], $_POST['user_group'], $_POST['bind_station']);
} else {
change_user_group($con, $_POST['id'], $_POST['user_group'], NULL);
if(isset($_POST['save'])){
$id = sanitize_input($_POST['id']);
$user = get_user($con, $id)->fetch();
$user_group = sanitize_input($_POST['user_group']);
$user_name = sanitize_input($_POST['user_name']);
$bind_station = sanitize_input($_POST['bind_station']);
$password = sanitize_input($_POST['password']);
if($user['user_name'] != $user_name) {
change_user_name($con, $id, $user_name);
}
if($user['user_group'] != $user_group) {
if($user_group == "station") {
change_user_group($con, $id, $user_group, $bind_station);
} else {
change_user_group($con, $id, $user_group, NULL);
}
}
if($user['s_id'] != $bind_station) {
if ($user_group == "station") {
change_s_id($con, $id, $bind_station);
}
}
if(!empty($password)) {
$phash = generate_password_hash($password, $user['salt']);
change_password($con, $id, $phash);
}
}
if(!empty($_POST['password'])) {
$phash = generate_password_hash($_POST['password'], $user['salt']);
change_password($con, $_POST['id'], $phash);
}
header("Location: manage_user.php");
die;
}
?>
<body>
<div class="headline">
<h2>Benutzer bearbeiten</h2>
</div>
<div>
<form method="post">
<label for="user_name">Benutzername:</label>
<input name="user_name" type="text" value=<?php echo "\"" . $row['user_name'] . "\"";?>/><br>
<label for="password">Neues Passwort:</label>
<input type="password" name="password"/><br>
<label for="user_group">Benutzergruppe:</label>
<select name="user_group" id="user_group">
<option value="station" <?php if($row['user_group'] == "station"){echo " selected";}?>>Station</option>
<option value="statistics" <?php if($row['user_group'] == "statistics") {echo " selected";}?>>Statistik</option>
<option value="admin" <?php if($row['user_group'] == "admin") {echo " selected";}?>>Admin</option>
</select><br>
<label for="bind_station">Gebunden an Station:</label>
<select name="bind_station" id="bind_station">
<?php
if($row['s_id'] == null) {
load_options_stations($con, "", false);
} else {
load_options_stations($con, $row['s_id'], false);
}
?>
</select>
<label for="bind_station">(Nur für Benutzergruppe Station)</label><br>
<input type="hidden" value=<?php echo "\"" . $row['id'] . "\""?> name="id"/>
<input type="submit" value="ändern">
</form>
<div class="center">
<div class="headline">
<h2>Benutzer bearbeiten</h2>
</div>
<div class="form_div">
<form method="post">
<div class="txt_field">
<input name="user_name" type="text" value=<?php echo "\"" . $row['user_name'] . "\"";?> required/>
<span></span>
<label for="user_name">Benutzername</label>
</div>
<div class="txt_field_opt">
<input placeholder=" " type="password" name="password" />
<span></span>
<label for="password">Neues Passwort:</label>
</div>
<div class="dropdown">
<label for="user_group">Benutzergruppe:</label>
<select name="user_group" id="user_group">
<option value="station" <?php if($row['user_group'] == "station"){echo " selected";}?>>Station</option>
<option value="statistics" <?php if($row['user_group'] == "statistics") {echo " selected";}?>>Statistik</option>
<option value="admin" <?php if($row['user_group'] == "admin") {echo " selected";}?>>Admin</option>
</select>
</div>
<div class="dropdown">
<label for="bind_station">Gebunden an Station (nur für Gruppe Station)</label>
<select name="bind_station" id="bind_station">
<?php
if($row['s_id'] == null) {
load_options_stations($con, "", false);
} else {
load_options_stations($con, $row['s_id'], false);
}
?>
</select>
</div>
<input type="hidden" value=<?php echo "\"" . $row['id'] . "\""?> name="id"/>
<input type="submit" value="Speichern" class="btn-confirm" name="save"/>
<input type="submit" value="Schließen" class="btn-confirm" name="close"/>
</form>
</div>
</div>
</body>
<?php

2
app/public/header_footer/footer.html
View File

@@ -1,2 +1,2 @@
</body>
</html>

61
app/public/header_footer/header.php
View File

@@ -6,31 +6,42 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="css/styles.css">
<link rel="stylesheet" href="css/edit.css">
<script src="js/navbar.js" defer></script>
<script src="js/edit_table.js"></script>
<script src="js/add_entries.js"></script>
</head>
<body>
<header>
<nav class="navbar">
<div id="logo">
Punktesystem-Kreispokalwettbewerb
</div>
<a href="#" class="toggle-button">
<span class="bar"></span>
<span class="bar"></span>
<span class="bar"></span>
</a>
<div class="navbar-links">
<ul>
<li><a href="index.php">Home</a></li>
<?php
if(isset($_SESSION['user_group'])) {
if ($_SESSION['user_group'] == 'admin') {
echo "<li><a href=\"manage_user.php\">Benutzerverwaltung</a></li>\n";
echo "<li><a href=\"mannschaft.php\">Mannschaftsverwaltung</a></li>\n";
echo "<li><a href=\"stationen.php\">Stationen</a></li>\n";
}
if ($_SESSION['user_group'] == 'statistics') {
echo "<li><a href=\"statistik.php\">Ergebnis</a></li>";
} else {
echo "<li><a href=\"statistik.php\">Ergebnis eintragen</a></li>";
}
}
?>
<header>
<section>
<div id="logo">
Punktesystem-KSP
</div>
<nav>
<a href="logout.php">Logout</a>
<a href="index.php">Home</a>
<?php
if(isset($_SESSION['user_group'])) {
if ($_SESSION['user_group'] == 'admin') {
echo "<a href=\"manage_user.php\">Benutzerverwaltung</a>\n";
echo "<a href=\"mannschaft.php\">Mannschaftsverwaltung</a>\n";
echo "<a href=\"stationen.php\">Stationen</a>\n";
}
if ($_SESSION['user_group'] == 'statistics') {
echo "<a href=\"statistik.php\">Ergebnisse</a>";
} else {
echo "<a href=\"statistik.php\">Ergebnisse eintragen</a>";
}
}
?>
</nav>
</section>
</header>
<li><a href="logout.php">Logout</a></li>
</ul>
</div>
</nav>
</header>

6
app/public/index.php
View File

@@ -11,14 +11,14 @@
<body>
<div class="center">
<div class="headline">
<h1><span>Punktesystem Kreispokalwettbewerb Altdorf</span></h1>
<h1><span>Punktesystem Kreispokalwettbewerb</span></h1>
</div>
<div class="home">
<h2>Gesamtergebniss</h2>
<h2>Stationsranking</h2>
</div>
<div class="home-menu-table table-div">
<table id="table">
<?php load_total_score($con); ?>
<?php load_station_ranking($con); ?>
</table>
</div>
</div>

6
app/public/js/navbar.js Normal file
View File

@@ -0,0 +1,6 @@
const toggleButton = document.getElementsByClassName('toggle-button')[0]
const navbarLinks = document.getElementsByClassName('navbar-links')[0]
toggleButton.addEventListener('click', () => {
navbarLinks.classList.toggle('active')
})

39
app/public/login.php
View File

@@ -2,10 +2,12 @@
session_start();
include("../scripts/connection.php");
include("../scripts/functions.php");
$password_wrong = false;
$wrong_data = false;
if($_SERVER['REQUEST_METHOD'] == "POST"){
$user_name = $_POST['user_name'];
$password = $_POST['password'];
$user_name = sanitize_input($_POST['user_name']);
$password = sanitize_input($_POST['password']);
if(!empty($user_name) && !empty($password)) {
$user_data = get_user_data_name($con, $user_name);
@@ -14,17 +16,21 @@
if($user_data['password'] === $phash) {
$_SESSION['user_id'] = $user_data['user_id'];
$_SESSION['user_group'] = $user_data['user_group'];
header("Location: index.php");
if ($_SESSION['user_group'] != 'station') {
header("Location: index.php");
} else {
header("Location: statistik.php");
}
die;
} else {
echo "Benutzername oder Passwort stimmen nicht";
$password_wrong = true;
}
} else {
echo "Benutzername oder Passwort stimmen nicht";
$password_wrong = true;
}
} else {
echo "Gib bitte gültige Daten ein!";
$wrong_data = true;
}
}
$con = null;
@@ -37,14 +43,14 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="css/login.css">
<title>Punktesystem-KSP</title>
<title>Punktesystem-KPW</title>
</head>
<body>
<div class="center">
<h1>PUNKTESYSTEM-KSP</h1>
<h1>PUNKTESYSTEM-KPW</h1>
<form method="post">
<div class="txt_field">
<input id="user_name" type="text" name="user_name" required>
<input id="user_name" type="text" name="user_name" required/>
<span></span>
<label>Benutzername</label>
</div>
@@ -53,6 +59,21 @@
<span></span>
<label>Passwort</label>
</div>
<?php
if ($password_wrong == true) {
echo "
<div class=\"warnings\" id=\"wrong_user_name\">
<label for=\"warnings\">Benutzername oder <br>Passwort stimmen nicht!</label>
</div>";
}
if ($wrong_data == true) {
echo "
<div class=\"warnings\" id=\"wrong_data\">
<label for=\"warnings\">Gib bitte gültige Daten ein!</label>
</div>";
}
?>
<input class="button" id="button" type="submit" value="Login"><br><br>
</form>
</div>

2
app/public/stationen.php
View File

@@ -42,6 +42,8 @@
<tr>
<th scope="col">Name</th>
<th scope="col">Standort</th>
<th scope="col">Gewertet</th>
<th scope="col">Direkt Punkte eintragen</th>
</tr>
</thead>
<tbody>

10
app/public/statistik.php
View File

@@ -74,6 +74,16 @@
</form>
</div>\n";
}
if($user_data['user_group'] == 'admin') {
echo "<div class=\"btn-div\">
<form action=\"download_table.php\" method=\"get\">
<span class=\"gg-software-download icon\" id=\"icon-download\"></span>
<input type=\"hidden\" name=\"table\" value=\"$session\">
<input type=\"submit\" value=\"\">
</form>
</div>";
}
?>
</div>
<div class="table-div">

4
app/scripts/connection.php
View File

@@ -1,8 +1,8 @@
<?php
$dbhost = "mysql";
$dbuser = "grisu";
$dbpass = "secret";
$dbuser = $_ENV['DB_USER_NAME'];
$dbpass = $_ENV['DB_PASS'];
$dbname = "ksp";
try {

123
app/scripts/database_queries.php
View File

@@ -87,7 +87,18 @@ function get_teams($con) {
function get_total_score($con) {
try {
$stmt = $con->prepare("SELECT M.name as Mannschaftsname, M.feuerwehr as Feuerwehr, SUM(P.punkte) as Gesamtpunkte FROM Punkte as P, Mannschaft as M WHERE P.m_id = M.m_id GROUP BY M.m_id ORDER BY Gesamtpunkte DESC");
$stmt = $con->prepare("SELECT M.name as Mannschaftsname, M.feuerwehr as Feuerwehr, SUM(P.punkte) as Gesamtpunkte FROM Punkte as P, Mannschaft as M, Station as S WHERE P.m_id = M.m_id AND P.s_id = S.s_id AND S.gewertet = \"1\" GROUP BY M.m_id ORDER BY Gesamtpunkte DESC");
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt;
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function get_station_ranking($con) {
try {
$stmt = $con->prepare("SELECT S.name as Stationsname, SUM(P.punkte) as Gesamtpunkte FROM Punkte as P, Station as S WHERE P.s_id = S.s_id AND S.gewertet = \"1\" GROUP BY S.s_id ORDER BY Gesamtpunkte DESC");
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt;
@@ -156,11 +167,12 @@ function write_points($con, $s_id, $m_id, $points, $time) {
}
}
function write_station($con, $station_name, $station_pos) {
function write_station($con, $station_name, $station_pos, $station_direct_points) {
try {
$stmt = $con->prepare("INSERT INTO Station (name, standort) VALUES (?, ?)");
$stmt = $con->prepare("INSERT INTO Station (name, standort, direkte_punkte) VALUES (?, ?, ?)");
$stmt->bindParam(1, $station_name, PDO::PARAM_STR);
$stmt->bindParam(2, $station_pos, PDO::PARAM_STR);
$stmt->bindParam(3, $station_direct_points, PDO::PARAM_INT);
$stmt->execute();
} catch(PDOException $e) {
handle_pdo_exceptio($e);
@@ -260,6 +272,17 @@ function change_password($con, $id, $password) {
}
}
function change_s_id($con, $id, $s_id) {
try {
$stmt = $con->prepare("UPDATE users SET s_id = ? WHERE id= ?");
$stmt->bindParam(1, $s_id, PDO::PARAM_INT);
$stmt->bindParam(2, $id, PDO::PARAM_STR);
$stmt->execute();
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function get_result($con, $m_id, $s_id) {
try {
$stmt = $con->prepare("SELECT P.*, M.name as name, M.feuerwehr as feuerwehr FROM Punkte P, Mannschaft M WHERE M.m_id = P.m_id AND P.m_id = ? AND P.s_id = ?");
@@ -393,6 +416,28 @@ function update_station_pos($con, $s_id, $pos) {
}
}
function update_station_gewertet($con, $s_id, $gewertet) {
try {
$stmt = $con->prepare("UPDATE Station SET gewertet = ? WHERE s_id = ?");
$stmt->bindParam(1, $gewertet, PDO::PARAM_INT);
$stmt->bindParam(2, $s_id, PDO::PARAM_INT);
$stmt->execute();
} catch(PDOExeption $e) {
handle_pdo_exception($e);
}
}
function update_station_direct_points($con, $s_id, $direct_points) {
try {
$stmt = $con->prepare("UPDATE Station SET direkte_punkte = ? WHERE s_id = ?");
$stmt->bindParam(1, $direct_points, PDO::PARAM_INT);
$stmt->bindParam(2, $s_id, PDO::PARAM_INT);
$stmt->execute();
} catch(PDOExeption $e) {
handle_pdo_exception($e);
}
}
function get_team($con, $m_id) {
try {
$stmt = $con->prepare("SELECT * FROM Mannschaft WHERE m_id = :m_id");
@@ -424,4 +469,76 @@ function update_team_fire_department($con, $m_id, $dep) {
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function get_direct_points($con, $s_id) {
try {
$stmt = $con->prepare("SELECT direkte_punkte FROM Station WHERE s_id = :s_id");
$stmt->execute(['s_id' => $s_id]);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt;
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function write_result_db($con, $s_id, $m_id, $result) {
try {
$stmt = $con->prepare("INSERT INTO Ergebnisse (s_id, m_id, erg) VALUES (?, ?, ?)");
$stmt->bindParam(1, $s_id, PDO::PARAM_INT);
$stmt->bindParam(2, $m_id, PDO::PARAM_INT);
$stmt->bindParam(3, $result, PDO::PARAM_INT);
$stmt->execute();
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function get_results($con, $s_id) {
try {
$stmt = $con->prepare("SELECT * FROM Ergebnisse WHERE s_id = :s_id ORDER BY erg DESC");
$stmt->execute(['s_id' => $s_id]);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt;
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function update_result_db($con, $s_id, $m_id, $result) {
try {
$stmt = $con->prepare("UPDATE Ergebnisse SET erg = ? WHERE s_id = ? AND m_id = ?");
$stmt->bindParam(1, $result, PDO::PARAM_INT);
$stmt->bindParam(2, $s_id, PDO::PARAM_INT);
$stmt->bindParam(3, $m_id, PDO::PARAM_INT);
$stmt->execute();
} catch(PDOException $e) {
handle_pdo_exception($e);
}
}
function get_result_team_station($con, $s_id, $m_id) {
try {
$stmt = $con->prepare("SELECT * FROM Ergebnisse WHERE s_id = ? AND m_id = ?");
$stmt->bindParam(1, $s_id, PDO::PARAM_INT);
$stmt->bindParam(2, $m_id, PDO::PARAM_INT);
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$result = $stmt->fetch()['erg'];
return $result;
} catch( PDOException $e) {
handle_pdo_exception($e);
}
}
function get_id_user_by_user_id($con, $user_id) {
try {
$stmt = $con->prepare("SELECT * FROM users WHERE user_id = ?");
$stmt->bindParam(1, $user_id, PDO::PARAM_STR);
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
return $stmt->fetch()['id'];
} catch( PDOException $e) {
handle_pdo_exception($e);
}
}

53
app/scripts/functions.php
View File

@@ -37,9 +37,21 @@ function generate_password_hash($password, $salt) {
function load_stations_table($con) {
$stmt = get_stations_all($con);
foreach($stmt->fetchAll() as $row) {
if ($row['gewertet'] == '1') {
$checked = "Ja";
} else {
$checked = "Nein";
}
if ($row['direkte_punkte'] == '1') {
$direkte_punkte = "Ja";
} else {
$direkte_punkte = "Nein";
}
echo "<tr id=\"" . $row['s_id'] . "\">";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['standort'] . "</td>";
echo "<td>". $checked . "</td>";
echo "<td>" . $direkte_punkte . "</td>";
echo "</tr>";
}
}
@@ -72,6 +84,22 @@ function load_total_score($con) {
echo "</tbody>\n";
}
function load_station_ranking($con) {
echo "<thead> \n
<th scope=\"col\">Station</th>\n
<th scope=\"col\">Gesamtpunkte</th>\n
</thead>\n
<tbody>\n";
$stmt = get_station_ranking($con);
foreach($stmt->fetchAll() as $row) {
echo "<tr>\n";
echo "<td>" . $row['Stationsname'] . "</td>\n";
echo "<td>" . $row['Gesamtpunkte'] . "</td>\n";
echo "</tr>\n";
}
echo "</tbody>\n";
}
function load_options_stations($con, $session, $stats) {
$stmt = get_stations_all($con);
if ($session == "total-score"){
@@ -195,4 +223,29 @@ function get_time_str($con, $m_id, $s_id) {
$time .= "." . $millis;
}
return $time;
}
function sanitize_input ($input) {
$return = strip_tags($input);
return htmlspecialchars($return, ENT_QUOTES);
}
function update_points($con, $s_id) {
$results = get_results($con, $s_id)->fetchAll();
$factor = $results[0]['erg']/ 15.0;
foreach($results as $row) {
$points = round($row['erg']/$factor);
change_points($con, $row['m_id'], $s_id, $points);
}
}
function write_result($con, $s_id, $m_id, $result) {
write_result_db($con, $s_id, $m_id, $result);
write_points($con, $s_id, $m_id, 0, null);
update_points($con, $s_id);
}
function update_result($con, $s_id, $m_id, $result) {
update_result_db($con, $s_id, $m_id, $result);
update_points($con, $s_id);
}

3
docker-compose.yml
View File

@@ -16,6 +16,9 @@ services:
dockerfile: PHP.Dockerfile
volumes:
- ./app:/app
environment:
DB_USER_NAME: 'grisu'
DB_PASS: 'secret'
mysql:
image: mariadb:latest
environment:

122
mysql-schema/schema.sql Normal file
View File

@@ -0,0 +1,122 @@
-- MariaDB dump 10.19 Distrib 10.9.2-MariaDB, for Linux (x86_64)
--
-- Host: localhost Database: ksp
-- ------------------------------------------------------
-- Server version 10.9.2-MariaDB-1:10.9.2+maria~ubu2204
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Table structure for table `Ergebnisse`
--
DROP TABLE IF EXISTS `Ergebnisse`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `Ergebnisse` (
`erg_id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,
`s_id` tinyint(3) unsigned DEFAULT NULL,
`m_id` tinyint(3) unsigned DEFAULT NULL,
`erg` smallint(5) unsigned DEFAULT NULL,
PRIMARY KEY (`erg_id`),
KEY `s_id` (`s_id`),
KEY `m_id` (`m_id`),
CONSTRAINT `Ergebnisse_ibfk_1` FOREIGN KEY (`s_id`) REFERENCES `Station` (`s_id`),
CONSTRAINT `Ergebnisse_ibfk_2` FOREIGN KEY (`m_id`) REFERENCES `Mannschaft` (`m_id`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8mb4;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `Mannschaft`
--
DROP TABLE IF EXISTS `Mannschaft`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `Mannschaft` (
`m_id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT,
`name` tinytext DEFAULT NULL,
`feuerwehr` tinytext DEFAULT NULL,
PRIMARY KEY (`m_id`)
) ENGINE=InnoDB AUTO_INCREMENT=15 DEFAULT CHARSET=utf8mb4;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `Punkte`
--
DROP TABLE IF EXISTS `Punkte`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `Punkte` (
`m_id` tinyint(3) unsigned NOT NULL,
`s_id` tinyint(3) unsigned NOT NULL,
`punkte` tinyint(4) DEFAULT NULL,
`zeit` time(2) DEFAULT NULL,
PRIMARY KEY (`m_id`,`s_id`),
KEY `fk_s_id` (`s_id`),
CONSTRAINT `fk_m_id` FOREIGN KEY (`m_id`) REFERENCES `Mannschaft` (`m_id`) ON DELETE CASCADE,
CONSTRAINT `fk_s_id` FOREIGN KEY (`s_id`) REFERENCES `Station` (`s_id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `Station`
--
DROP TABLE IF EXISTS `Station`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `Station` (
`s_id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT,
`name` tinytext DEFAULT NULL,
`standort` text DEFAULT NULL,
`gewertet` tinyint(1) DEFAULT 1,
`direkte_punkte` tinyint(1) DEFAULT 1,
PRIMARY KEY (`s_id`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8mb4;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `users`
--
DROP TABLE IF EXISTS `users`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `users` (
`id` tinyint(4) NOT NULL AUTO_INCREMENT,
`user_id` varchar(512) NOT NULL,
`password` varchar(512) NOT NULL,
`user_name` varchar(128) NOT NULL,
`salt` varchar(256) DEFAULT NULL,
`user_group` varchar(128) DEFAULT NULL,
`date` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`s_id` tinyint(3) unsigned DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `user_id` (`user_id`),
UNIQUE KEY `user_name` (`user_name`),
KEY `s_id` (`s_id`),
CONSTRAINT `users_ibfk_1` FOREIGN KEY (`s_id`) REFERENCES `Station` (`s_id`)
) ENGINE=InnoDB AUTO_INCREMENT=12 DEFAULT CHARSET=utf8mb4;
/*!40101 SET character_set_client = @saved_cs_client */;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2022-09-22 14:19:05

62
mysql-schema/users.sql Normal file
View File

@@ -0,0 +1,62 @@
-- MariaDB dump 10.19 Distrib 10.8.3-MariaDB, for Linux (x86_64)
--
-- Host: localhost Database: ksp
-- ------------------------------------------------------
-- Server version 10.7.3-MariaDB-1:10.7.3+maria~focal
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Table structure for table `users`
--
DROP TABLE IF EXISTS `users`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `users` (
`id` tinyint(4) NOT NULL AUTO_INCREMENT,
`user_id` varchar(512) NOT NULL,
`password` varchar(512) NOT NULL,
`user_name` varchar(128) NOT NULL,
`salt` varchar(256) DEFAULT NULL,
`user_group` varchar(128) DEFAULT NULL,
`date` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`s_id` tinyint(3) unsigned DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `user_id` (`user_id`),
UNIQUE KEY `user_name` (`user_name`),
KEY `s_id` (`s_id`),
CONSTRAINT `users_ibfk_1` FOREIGN KEY (`s_id`) REFERENCES `Station` (`s_id`)
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8mb4;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Dumping data for table `users`
--
LOCK TABLES `users` WRITE;
/*!40000 ALTER TABLE `users` DISABLE KEYS */;
INSERT INTO `users` VALUES
(1,'f76416a04154a31e5e90a50458824158d4001c58d7d4fad91e1b67d6735ecc4b9acc71f20702ccb10b207c027f1073d5b7f9989e7014be2fa95895dbbc40ed2b','f76416a04154a31e5e90a50458824158d4001c58d7d4fad91e1b67d6735ecc4b9acc71f20702ccb10b207c027f1073d5b7f9989e7014be2fa95895dbbc40ed2b','admin','24ef861210b1797532c1316360684807d0d63d920a2dc5672dfaabca073ade91ce2dc8a7654337e31c710da92da0dbb74a7124f14ba9b58c6c89b34d2e558850','admin','2022-06-07 19:03:51',NULL);
/*!40000 ALTER TABLE `users` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2022-06-20 12:28:41