souko/Simple-Wishlist
1
0
Fork 0
Code Issues Releases 1 Activity
Files
27ec06033aa6ef6dc66e2666f6bd03cb5f3f4403
Simple-Wishlist/index.php

445 lines
16 KiB
PHP
Raw Blame History

<?php
session_start();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include_once('include/listgenerator.php');
include_once('config/config.php');
$ListID = -1;
$loggedin = false;
$sortby = 'date_asc';
if (isset($_GET['list'])) {
$ListID = $_GET['list'];
}
if (isset($_POST['sortby'])) {
$sortby = $_POST['sortby'];
}
if (isset($_SESSION['listid'])) {
if ($ListID == $_SESSION['listid']) {
$loggedin = true;
}
}
if (isset($_POST['login'])) {
$ListPassword = $_POST['ListPassword'];
$ListID = $_POST['ListID'];
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
$sql = 'SELECT edit_pw FROM lists WHERE ID = ' . $ListID;
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
if ($row = $result->fetch_assoc()) {
if (password_verify($ListPassword, $row['edit_pw'])) {
$_SESSION['listid'] = $ListID;
$loggedin = true;
$message = array('msg' => 'Login erfolgreich', 'type' => 'success');
} else {
$message = array('msg' => 'Falsches Passwort', 'type' => 'warning');
}
}
}
$conn->close();
}
if (isset($_POST['listadd'])) {
$listName = $_POST['listName'];
$listPassword = password_hash($_POST['listPassword'], PASSWORD_DEFAULT);
$listDescription = $_POST['listDescription'];
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
$sql = 'INSERT INTO lists (title, description, edit_pw) VALUES ("' . $listName . '", "' .$listDescription. '","' . $listPassword . '")';
$result = $conn->query($sql);
if ($conn->query($sql) === TRUE) {
$last_id = $conn->insert_id;
$_SESSION['listid'] = $last_id;
$loggedin = true;
$actual_link = 'http://' . $_SERVER['HTTP_HOST'] . '/?list=' . $last_id;
header('Location: ' . $actual_link);
} else {
$message = array('msg' => 'Error: ' . $sql . '<br>' . $conn->error, 'type' => 'error');
}
$conn->close();
}
if (isset($_POST['logout'])) {
session_destroy();
$loggedin = false;
$message = array('msg' => 'Logout erfolgreich', 'type' => 'success');
}
if (isset($_POST['reservation'])) {
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
if ($_POST['reservedstat'] == 1) {
$sql = 'SELECT reserved_pw FROM whishes WHERE ID = ' . $_POST['wishid'];
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
if ($row = $result->fetch_assoc()) {
if (password_verify($_POST['WishPassword'], $row['reserved_pw'])) {
$sql = 'UPDATE whishes SET reserved=0, reserved_pw="" WHERE ID = ' . $_POST['wishid'];
if ($conn->query($sql) === TRUE)
$message = array('msg' => 'Reservierung aufgehoben', 'type' => 'success');
else
$message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger');
} else {
$message = array('msg' => 'Falsches Reservierungs-Passwort', 'type' => 'warning');
}
}
}
}
if ($_POST['reservedstat'] == 0) {
$reservedHash = password_hash($_POST['WishPassword'], PASSWORD_BCRYPT);
$sql = 'UPDATE whishes SET reserved=1, reserved_pw="' . $reservedHash . '" WHERE ID = ' . $_POST['wishid'];
if ($conn->query($sql) === TRUE)
$message = array('msg' => 'Reservierung eingetragen', 'type' => 'success');
else
$message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger');
}
$conn->close();
}
if (isset($_POST['delete']) && $loggedin == true) {
if (isset($_POST['WhishID'])) {
$WhishID = $_POST['WhishID'];
$WhishTitle = '';
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
$sql = 'SELECT image, title FROM whishes WHERE ID = ' . $WhishID;
$result = $conn->query($sql);
if ($result !== false && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
unlink($row['image']);
$WhishTitle = $row['title'];
}
}
$sql = 'DELETE FROM whishes WHERE ID = ' . $WhishID;
if ($conn->query($sql) === TRUE)
$message = array('msg' => 'Wunsch <b>"' . $WhishTitle . '"</b> gelöscht', 'type' => 'success');
else
$message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger');
} else {
$message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger');
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Simple Wishlist</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="css/bootstrap.min.css">
<!--<link rel="stylesheet" href="css/custom.css">-->
<link rel="stylesheet" href="css/tweaks.css">
<script src="js/bootstrap.bundle.min.js"></script>
<script src="js/jquery.min.js"></script>
<link rel="apple-touch-icon" sizes="180x180" href="img/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="img/favicon-16x16.png">
<link rel="manifest" href="img/site.webmanifest">
<link rel="mask-icon" href="img/safari-pinned-tab.svg" color="#5bbad5">
<link rel="shortcut icon" href="img/favicon.ico">
<meta name="msapplication-TileColor" content="#da532c">
<meta name="msapplication-config" content="img/browserconfig.xml">
<meta name="theme-color" content="#ffffff">
<link rel="manifest" href="img/site.webmanifest">
</head>
<body>
<header>
<div class="navbar navbar-dark bg-dark shadow-sm">
<div class="container">
<a href="#" class="navbar-brand d-flex align-items-center">
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="me-2 bi bi-gift" viewBox="0 0 16 16">
<path d="M3 2.5a2.5 2.5 0 0 1 5 0 2.5 2.5 0 0 1 5 0v.006c0 .07 0 .27-.038.494H15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1v7.5a1.5 1.5 0 0 1-1.5 1.5h-11A1.5 1.5 0 0 1 1 14.5V7a1 1 0 0 1-1-1V4a1 1 0 0 1 1-1h2.038A2.968 2.968 0 0 1 3 2.506V2.5zm1.068.5H7v-.5a1.5 1.5 0 1 0-3 0c0 .085.002.274.045.43a.522.522 0 0 0 .023.07zM9 3h2.932a.56.56 0 0 0 .023-.07c.043-.156.045-.345.045-.43a1.5 1.5 0 0 0-3 0V3zM1 4v2h6V4H1zm8 0v2h6V4H9zm5 3H9v8h4.5a.5.5 0 0 0 .5-.5V7zm-7 8V7H2v7.5a.5.5 0 0 0 .5.5H7z" />
</svg>
<strong>Simple Wishlist</strong>
</a>
<div class="nav navbar-nav navbar-right">
<div class="d-grid gap-2 d-flex">
<?php
if ($loggedin == true) {
echo ('
<form class="form-inline" action="" method="POST">
<button type="button" class="btn btn-outline-secondary my-2 my-sm-0" data-bs-toggle="modal" data-bs-target="#addItemModal">Add Item</button>
</form>
<form class="form-inline" action="" method="POST">
<button type="submit" class="btn btn-outline-secondary my-2 my-sm-0" name="logout">Logout</button>
</form>
');
} else {
echo ('
<form class="form-inline" action="" method="POST">
<button type="button" class="btn btn-outline-secondary my-2 my-sm-0" data-bs-toggle="modal" data-bs-target="#loginModal">Login</button>
</form>
');
}
?>
<form class="form-inline" action="" method="POST">
<select class="form-control" name="sortby" id="sortby">
<option <?php echo ($sortby == 'price_asc' ? 'selected="selected"' : ''); ?> value="price_asc">Preis aufsteigend</option>
<option <?php echo ($sortby == 'price_desc' ? 'selected="selected"' : ''); ?> value="price_desc">Preis absteigend</option>
<option <?php echo ($sortby == 'date_desc' ? 'selected="selected"' : ''); ?> value="date_desc">Datum, neu -> alt</option>
<option <?php echo ($sortby == 'date_asc' ? 'selected="selected"' : ''); ?> value="date_asc">Datum, alt -> neu</option>
<option <?php echo ($sortby == 'random' ? 'selected="selected"' : ''); ?> value="random">Zufall</option>
</select>
</form>
</div>
</div>
</div>
</div>
</header>
<main>
<?php
if (isset($message)) {
echo ('
<div class="alert alert-' . $message['type'] . ' alert-dismissible fade show" role="alert">
' . $message['msg'] . '
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
');
}
wishlistMainBuilder($ListID, $sortby);
?>
</main>
<footer class="text-muted py-5">
<div class="container">
<p class="float-end mb-1">
<a href="#">Back to top</a>
</p>
<p class="mb-1">Simple Wishlist &copy; by Marcel Peterkau</p>
</div>
</footer>
<?php
if ($loggedin == true) {
echo ('
<!-- Modal addItem-->
<div class="modal fade" id="addItemModal" tabindex="-1" aria-labelledby="addItemModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="addItemModalLabel">Add new Item</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form action="add_item.php" method="POST">
<div class="modal-body">
<label for="ItemTitle" class="form-label">Titel</label>
<div class="input-group mb-3">
<input type="text" class="form-control" id="ItemTitle" name="ItemTitle" rows="3" required>
</div>
<label for="ItemDescription" class="form-label">Beschreibung</label>
<div class="input-group mb-3">
<textarea class="form-control" id="ItemDescription" name="ItemDescription" rows="3"></textarea>
</div>
<label for="ItemPrice" class="form-label">Preis</label>
<div class="input-group mb-3">
<input type="text" class="form-control" id="ItemPrice" name="ItemPrice" pattern="^\d*(\,\d{2}$)?" value="" data-type="currency" placeholder="0,00€" />
<span class="input-group-text">€</span>
</div>
<label for="ItemLink" class="form-label">Link zum Angebot</label>
<div class="input-group mb-3">
<input type="url" class="form-control" id="ItemLink" name="ItemLink" pattern="https?://.+" title="Include http://" rows="3">
</div>
<label for="ItemImage" class="form-label">Link zum Bild</label>
<div class="input-group mb-3">
<input type="url" class="form-control" id="ItemImage" name="ItemImage" pattern="https?://.+" title="Include http://" rows="3">
</div>
</div>
<div class="modal-footer">
<input type="hidden" id="ItemListID" name="ItemListID" value="' . $ListID . '">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="submit" class="btn btn-primary">Add new Item</button>
</div>
</form>
</div>
</div>
</div>
');
}
if ($loggedin != true) {
echo ('
<!-- Modal Login-->
<div class="modal fade" id="loginModal" tabindex="-1" aria-labelledby="loginModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="loginModalLabel">Login</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form action="" method="POST">
<div class="modal-body">
<label for="ListPassword" class="form-label">Passwort</label>
<div class="input-group mb-3">
<input type="password" class="form-control" id="ListPassword" name="ListPassword" rows="3" required>
<input type="hidden" id="ListID" name="ListID" value="' . $ListID . '">
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="submit" name="login" class="btn btn-primary">Login</button>
</div>
</form>
</div>
</div>
</div>
');
}
if ($loggedin == true) {
echo ('
<!-- Modal Delete-->
<div class="modal fade" id="deleteModal" tabindex="-1" aria-labelledby="deleteModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="deleteModalLabel">Wunsch löschen</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<h5 id="whish-title">WunschTitel</h5>
<p>Soll dieser Wunsch wirklich gelöscht werden ?</p>
</div>
<div class="modal-footer">
<form action="" method="POST">
<input type="hidden" id="WhishID" name="WhishID" value="-1">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="submit" name="delete" class="btn btn-primary">Löschen</button>
</form>
</div>
</div>
</div>
</div>
<!-- END OF Modal Delete-->
');
}
?>
<!-- Modal Reservation-->
<div class="modal fade" id="reservationModal" tabindex="-1" aria-labelledby="reservationModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="reservationModalLabel">Wunsch reservieren</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<p id="ReservationInfoText">Bitte vergeben sie ein Passwort um diesen Wunsch zu reservieren. Nur mit diesem Passwort (oder durch den Listeneigentümer) kann die Reservierung wieder aufgehoben werden.</p>
<form action="" method="POST">
<label for="ListPassword" class="form-label">Passwort</label>
<div class="input-group mb-3">
<input type="password" class="form-control" id="WishPassword" name="WishPassword" rows="3" required>
<input type="hidden" name="wishid" id="modal-wishid" value="">
<input type="hidden" name="reservedstat" id="modal-reservedstat" value="">
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="submit" id="reservation-submit" name="reservation" class="btn btn-primary">Reservieren</button>
</form>
</div>
</div>
</div>
</div>
<!-- END OF Modal Reservation-->
<script>
$('#reservationModal').on('show.bs.modal', function(event) {
var resTr = $(event.relatedTarget)
var wishid = resTr.data('wishid')
var reserved = resTr.data('reserved')
var modal = $(this)
modal.find('#modal-wishid').val(wishid)
modal.find('#modal-reservedstat').val(reserved)
if (reserved == 1) {
modal.find('#reservation-submit').text('Reservierung aufheben')
modal.find('#reservationModalLabel').text('Reservierung aufheben')
modal.find('#ReservationInfoText').remove()
} else {
modal.find('#reservation-submit').text('Reservieren')
modal.find('#reservationModalLabel').text('Wunsch reservieren')
}
});
<?php
if ($loggedin == true) {
echo ('
$(\'#deleteModal\').on(\'show.bs.modal\', function(event) \{
var resTr = $(event.relatedTarget)
var whishcard = resTr.parents().closest(\'.card\');
var whishtitle = whishcard.find(\'.card-title\').text();
var wishid = resTr.data(\'wishid\')
var modal = $(this)
modal.find(\'#WhishID\').val(wishid)
modal.find(\'#whish-title\').text(whishtitle)
});
');
}
?>
$(document).ready(function() {
$('#sortby').on('change', function() {
this.form.submit();
});
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink