souko/Simple-Wishlist
1
0
Fork 0
Code Issues Releases 1 Activity

Login works and Reservation works

Browse Source
This commit is contained in:
Marcel Peterkau
2022-09-20 22:30:10 +02:00
parent cf6e272d87
commit ce3465fdba
4 changed files with 263 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
add_item.php
View File

@@ -13,9 +13,9 @@ $ItemImage = $_POST['ItemImage'];
#--- check if the provided Image-Link is a real image: #--- check if the provided Image-Link is a real image:
$headers = get_headers($ItemImage, 1); $headers = array_change_key_case(get_headers($ItemImage, 1), CASE_LOWER); // make all keys LowerCase
if (strpos($headers['Content-Type'], 'image/') !== false) { if (strpos($headers['content-type'], 'image/') !== false) {
$strippedimagepath = strtok($ItemImage, '?'); $strippedimagepath = strtok($ItemImage, '?');
$imageLocalLink = 'data/images/' . uniqid() . '.' . pathinfo($strippedimagepath, PATHINFO_EXTENSION); $imageLocalLink = 'data/images/' . uniqid() . '.' . pathinfo($strippedimagepath, PATHINFO_EXTENSION);
echo "ImageLink: " . $imageLocalLink; echo "ImageLink: " . $imageLocalLink;

68
include/listgenerator.php
View File

@@ -1,5 +1,7 @@
<?php <?php
include 'config/config.php';
function generateListItem($ListItemID, $ItemImage, $ItemTitle, $ItemLink, $ItemPrice, $ItemComment, $ItemReserved) function generateListItem($ListItemID, $ItemImage, $ItemTitle, $ItemLink, $ItemPrice, $ItemComment, $ItemReserved)
{ {
$formatter = new NumberFormatter('de_DE', NumberFormatter::CURRENCY); $formatter = new NumberFormatter('de_DE', NumberFormatter::CURRENCY);
@@ -18,7 +20,7 @@ function generateListItem($ListItemID, $ItemImage, $ItemTitle, $ItemLink, $ItemP
<div class="d-flex justify-content-between align-items-center"> <div class="d-flex justify-content-between align-items-center">
<div class="btn-group"> <div class="btn-group">
<a href="' . $ItemLink . '" class="btn btn-sm btn-outline-secondary" role="button" target="_blank">zum Anbieter</a> <a href="' . $ItemLink . '" class="btn btn-sm btn-outline-secondary" role="button" target="_blank">zum Anbieter</a>
<button type="button" class="btn btn-sm ' . ($ItemReserved == true ? 'btn-outline-info' : 'btn-outline-secondary') . ' "data-bs-toggle="modal" data-bs-target="#reservationModal">Reservieren</button> <button type="button" class="btn btn-sm ' . ($ItemReserved == true ? 'btn-outline-info' : 'btn-outline-secondary') . '" data-reserved="' . $ItemReserved . '" data-wishid="' . $ListItemID . '" data-bs-toggle="modal" data-bs-target="#reservationModal">' . ($ItemReserved == true ? 'Reservierung aufheben' : 'Reservieren') . '</button>
</div> </div>
<small class="text-muted">' . $formatter->formatCurrency($ItemPrice / 100, 'EUR') . '</small> <small class="text-muted">' . $formatter->formatCurrency($ItemPrice / 100, 'EUR') . '</small>
</div> </div>
@@ -27,3 +29,67 @@ function generateListItem($ListItemID, $ItemImage, $ItemTitle, $ItemLink, $ItemP
</div> </div>
'); ');
} }
function wishlistMainBuilder($ListID)
{
global $servername, $username, $password, $db;
// Create connection
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
$sql = 'SELECT title, description FROM lists WHERE ID = ' . $ListID;
$result = $conn->query($sql);
echo ('
<section class="py-5 text-center container">
<div class="row py-lg-5">
<div class="col-lg-6 col-md-8 mx-auto">
');
if ($result !== false && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
echo ('
<h1 class="fw-light">' . $row['title'] . '</h1>
<p class="lead text-muted">' . $row['description'] . '</p>
');
}
} else {
echo ('
<h1 class="fw-light">Das tut mir leid...</h1>
<p class="lead text-muted">Diese Liste gibt es nicht mehr</p>
');
}
echo ('
</div></div></section>
');
// End of Header Generator
echo ('
<div class="album py-5 bg-light">
<div class="container">
<div class="row row-cols-1 row-cols-sm-2 row-cols-md-3 g-3">
');
$sql = 'SELECT ID, title, description, link, image, reserved, price FROM whishes WHERE whislist = ' . $ListID;
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
generateListItem($row['ID'], $row['image'], $row['title'], $row['link'], $row['price'], $row['description'], $row['reserved']);
}
}
echo ('
</div></div></div>
');
$conn->close();
}

214
index.php
View File

@@ -1,9 +1,98 @@
<?php <?php
session_start();
ini_set('display_errors', 1); ini_set('display_errors', 1);
ini_set('display_startup_errors', 1); ini_set('display_startup_errors', 1);
error_reporting(E_ALL); error_reporting(E_ALL);
include_once('include/listgenerator.php'); include_once('include/listgenerator.php');
include_once('config/config.php'); include_once('config/config.php');
$ListID = -1;
$loggedin = false;
if (isset($_GET['list'])) {
$ListID = $_GET['list'];
}
if (isset($_SESSION['listid'])) {
if ($ListID == $_SESSION['listid']) {
$loggedin = true;
}
}
if (isset($_POST['login'])) {
$ListPassword = $_POST['ListPassword'];
$ListID = $_POST['ListID'];
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
$sql = 'SELECT edit_pw FROM lists WHERE ID = ' . $ListID;
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
if ($row = $result->fetch_assoc()) {
if (password_verify($ListPassword, $row['edit_pw'])) {
$_SESSION['listid'] = $ListID;
$loggedin = true;
$message = array('msg' => 'Login erfolgreich', 'type' => 'success');
} else {
$message = array('msg' => 'Falsches Passwort', 'type' => 'warning');
}
}
}
$conn->close();
}
if (isset($_POST['logout'])) {
session_destroy();
$loggedin = false;
$message = array('msg' => 'Logout erfolgreich', 'type' => 'success');
}
if (isset($_POST['reservation'])) {
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
if ($_POST['reservedstat'] == 1) {
$sql = 'SELECT reserved_pw FROM whishes WHERE ID = ' . $_POST['wishid'];
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
if ($row = $result->fetch_assoc()) {
if (password_verify($_POST['WishPassword'], $row['reserved_pw'])) {
$sql = 'UPDATE whishes SET reserved=0, reserved_pw="" WHERE ID = ' . $_POST['wishid'];
if ($conn->query($sql) === TRUE)
$message = array('msg' => 'Reservierung aufgehoben', 'type' => 'success');
else
$message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger');
} else {
$message = array('msg' => 'Falsches Reservierungs-Passwort', 'type' => 'warning');
}
}
}
}
if ($_POST['reservedstat'] == 0) {
$reservedHash = password_hash($_POST['WishPassword'], PASSWORD_BCRYPT);
$sql = 'UPDATE whishes SET reserved=1, reserved_pw="' . $reservedHash . '" WHERE ID = ' . $_POST['wishid'];
if ($conn->query($sql) === TRUE)
$message = array('msg' => 'Reservierung eingetragen', 'type' => 'success');
else
$message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger');
}
$conn->close();
}
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
@@ -17,6 +106,7 @@ include_once('config/config.php');
<!--<link rel="stylesheet" href="css/custom.css">--> <!--<link rel="stylesheet" href="css/custom.css">-->
<link rel="stylesheet" href="css/tweaks.css"> <link rel="stylesheet" href="css/tweaks.css">
<script src="js/bootstrap.bundle.min.js"></script> <script src="js/bootstrap.bundle.min.js"></script>
<script src="js/jquery.min.js"></script>
<link rel="apple-touch-icon" sizes="180x180" href="img/apple-touch-icon.png"> <link rel="apple-touch-icon" sizes="180x180" href="img/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png"> <link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="img/favicon-16x16.png"> <link rel="icon" type="image/png" sizes="16x16" href="img/favicon-16x16.png">
@@ -41,50 +131,39 @@ include_once('config/config.php');
<strong>Simple Wishlist</strong> <strong>Simple Wishlist</strong>
</a> </a>
<div class="nav navbar-nav navbar-right"> <div class="nav navbar-nav navbar-right">
<?php
if ($loggedin == true) {
echo ('
<div class="d-grid gap-2 d-flex">
<button type="button" class="btn btn-sm btn-outline-secondary" data-bs-toggle="modal" data-bs-target="#addItemModal">Add Item</button> <button type="button" class="btn btn-sm btn-outline-secondary" data-bs-toggle="modal" data-bs-target="#addItemModal">Add Item</button>
<form action="" method="POST">
<button type="submit" class="btn btn-sm btn-outline-secondary" name= "logout">Logout</a>
</form>
</div>
');
} else {
echo ('
<button type="button" class="btn btn-sm btn-outline-secondary" data-bs-toggle="modal" data-bs-target="#loginModal">Login</button>
');
}
?>
</div> </div>
</div> </div>
</div> </div>
</header> </header>
<main> <main>
<section class="py-5 text-center container">
<div class="row py-lg-5">
<div class="col-lg-6 col-md-8 mx-auto">
<h1 class="fw-light">Album example</h1>
<p class="lead text-muted">Something short and leading about the collection below—its contents, the creator, etc. Make it short and sweet, but not too short so folks dont simply skip over it entirely.</p>
</div>
</div>
</section>
<div class="album py-5 bg-light">
<div class="container">
<div class="row row-cols-1 row-cols-sm-2 row-cols-md-3 g-3">
<?php <?php
// Create connection if (isset($message)) {
$conn = new mysqli($servername, $username, $password, $db); echo ('
<div class="alert alert-' . $message['type'] . ' alert-dismissible fade show" role="alert">
// Check connection ' . $message['msg'] . '
if ($conn->connect_error) { <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
die('Connection failed: ' . $conn->connect_error); </div>
} ');
$sql = 'SELECT ID, title, description, link, image, reserved, price FROM whishes';
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
generateListItem($row['ID'], $row['image'], $row['title'], $row['link'], $row['price'], $row['description'], $row['reserved']);
}
$conn->close();
} }
wishlistMainBuilder($ListID);
?> ?>
</div>
</div>
</div>
</main> </main>
<footer class="text-muted py-5"> <footer class="text-muted py-5">
@@ -97,6 +176,9 @@ include_once('config/config.php');
</div> </div>
</footer> </footer>
<?php
if ($loggedin == true) {
echo ('
<!-- Modal addItem--> <!-- Modal addItem-->
<div class="modal fade" id="addItemModal" tabindex="-1" aria-labelledby="addItemModalLabel" aria-hidden="true"> <div class="modal fade" id="addItemModal" tabindex="-1" aria-labelledby="addItemModalLabel" aria-hidden="true">
<div class="modal-dialog"> <div class="modal-dialog">
@@ -143,6 +225,40 @@ include_once('config/config.php');
</div> </div>
</div> </div>
</div> </div>
');
}
if ($loggedin != true) {
echo ('
<!-- Modal Login-->
<div class="modal fade" id="loginModal" tabindex="-1" aria-labelledby="loginModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="loginModalLabel">Login</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form action="" method="POST">
<div class="modal-body">
<label for="ListPassword" class="form-label">Passwort</label>
<div class="input-group mb-3">
<input type="password" class="form-control" id="ListPassword" name="ListPassword" rows="3" required>
<input type="hidden" id="ListID" name="ListID" value="' . $ListID . '">
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="submit" name="login" class="btn btn-primary">Login</button>
</div>
</form>
</div>
</div>
</div>
');
}
?>
<!-- Modal Reservation--> <!-- Modal Reservation-->
<div class="modal fade" id="reservationModal" tabindex="-1" aria-labelledby="reservationModalLabel" aria-hidden="true"> <div class="modal fade" id="reservationModal" tabindex="-1" aria-labelledby="reservationModalLabel" aria-hidden="true">
@@ -153,16 +269,42 @@ include_once('config/config.php');
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div> </div>
<div class="modal-body"> <div class="modal-body">
... <form action="" method="POST">
<label for="ListPassword" class="form-label">Passwort</label>
<div class="input-group mb-3">
<input type="password" class="form-control" id="WishPassword" name="WishPassword" rows="3" required>
<input type="hidden" name="wishid" id="modal-wishid" value="">
<input type="hidden" name="reservedstat" id="modal-reservedstat" value="">
</div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button> <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="button" class="btn btn-primary">Reservieren</button> <button type="submit" id="reservation-submit" name="reservation" class="btn btn-primary">Reservieren</button>
</form>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<script>
$('#reservationModal').on('show.bs.modal', function(event) {
var resTr = $(event.relatedTarget)
var wishid = resTr.data('wishid')
var reserved = resTr.data('reserved')
var modal = $(this)
modal.find('#modal-wishid').val(wishid)
modal.find('#modal-reservedstat').val(reserved)
if (reserved == 1) {
modal.find('#reservation-submit').text('Reservierung aufheben')
modal.find('#reservationModalLabel').text('Reservierung aufheben')
} else {
modal.find('#reservation-submit').text('Reservieren')
modal.find('#reservationModalLabel').text('Wunsch reservieren')
}
});
</script>
</body> </body>
</html> </html>

2
js/jquery.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long