Borgal/domili
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.3.0 - Geburtstags in Admin-Edit hinzugefügt

Browse Source
This commit is contained in:
Borgal
2025-11-17 18:57:07 +01:00
parent b7676b2833
commit 1b78d4b15a
1 changed files with 100 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
users.php
View File

@@ -2,6 +2,32 @@
include('inc/check_login.php'); include('inc/check_login.php');
require_once('inc/db.php'); require_once('inc/db.php');
// 🔹 Hilfsfunktion: DE-Format → DB-Format
function deDateToDb($deDate)
{
if (empty($deDate)) return null;
$parts = explode('.', $deDate);
if (count($parts) !== 3) return null;
$day = str_pad(trim($parts[0]), 2, '0', STR_PAD_LEFT);
$month = str_pad(trim($parts[1]), 2, '0', STR_PAD_LEFT);
$year = trim($parts[2]);
if (strlen($year) === 2) {
$year = (int)$year < 50 ? "20$year" : "19$year";
}
if (strlen($year) !== 4) return null;
if (checkdate((int)$month, (int)$day, (int)$year)) {
return "$year-$month-$day";
}
return null;
}
// 🔹 Hilfsfunktion: DB-Format → DE-Format
function dbDateToDe($dbDate)
{
if (empty($dbDate) || $dbDate === '0000-00-00') return '';
return date('d.m.Y', strtotime($dbDate));
}
$is_admin = ($_SESSION['role'] === 'admin'); $is_admin = ($_SESSION['role'] === 'admin');
$message = ''; $message = '';
@@ -9,28 +35,6 @@ $message_type = '';
$edit_mode = false; $edit_mode = false;
$edit_user = null; $edit_user = null;
// Hilfsfunktion: DE-Format zu DB-Format
function deDateToDb($deDate)
{
if (empty($deDate)) return null;
$parts = explode('.', $deDate);
if (count($parts) !== 3) return null;
$day = str_pad($parts[0], 2, '0', STR_PAD_LEFT);
$month = str_pad($parts[1], 2, '0', STR_PAD_LEFT);
$year = $parts[2];
if (checkdate((int)$month, (int)$day, (int)$year)) {
return "$year-$month-$day";
}
return null;
}
// Hilfsfunktion: DB-Format zu DE-Format
function dbDateToDe($dbDate)
{
if (empty($dbDate) || $dbDate === '0000-00-00') return '';
return date('d.m.Y', strtotime($dbDate));
}
// --- Nur Admins: Löschen --- // --- Nur Admins: Löschen ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) { if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = (int)$_GET['id']; $id = (int)$_GET['id'];
@@ -44,7 +48,7 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset(
$message = "Benutzer erfolgreich gelöscht!"; $message = "Benutzer erfolgreich gelöscht!";
$message_type = 'success'; $message_type = 'success';
} else { } else {
$message = "Fehler beim Löschen des Benutzers."; $message = "Fehler beim Löschen: " . mysqli_error($conn);
$message_type = 'danger'; $message_type = 'danger';
} }
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
@@ -68,7 +72,6 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_
$message = "Benutzer nicht gefunden."; $message = "Benutzer nicht gefunden.";
$message_type = 'warning'; $message_type = 'warning';
} else { } else {
// Konvertiere DB-Datum zu DE-Format für das Formular
$edit_user['birthday_de'] = dbDateToDe($edit_user['birthday']); $edit_user['birthday_de'] = dbDateToDe($edit_user['birthday']);
} }
} }
@@ -83,22 +86,79 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null; $id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
$email = !empty($email_raw) ? $email_raw : null; $email = !empty($email_raw) ? $email_raw : null;
$birthday_db = deDateToDb($birthday_de); // null bei ungültig/leer $birthday_db = deDateToDb($birthday_de);
// --- DEBUG: Zeige, was konvertiert wurde (kannst du später löschen) ---
// error_log("DEBUG: birthday_de='$birthday_de' → birthday_db='$birthday_db'");
if (empty($username)) { if (empty($username)) {
$message = "Benutzername ist erforderlich."; $message = "Benutzername ist erforderlich.";
$message_type = 'danger'; $message_type = 'danger';
} else { } else {
$success = false;
$update_fields = [];
$params = [];
$types = "";
if ($id) { if ($id) {
if (!empty($password)) { // 🔹 UPDATE: Nur Felder aktualisieren, die sich geändert haben
$password_hashed = password_hash($password, PASSWORD_DEFAULT); $current = mysqli_prepare($conn, "SELECT username, email, birthday, role FROM users WHERE id = ?");
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, email = ?, birthday = ?, role = ? WHERE id = ?"); mysqli_stmt_bind_param($current, "i", $id);
mysqli_stmt_bind_param($stmt, "sssssi", $username, $password_hashed, $email, $birthday_db, $role, $id); mysqli_stmt_execute($current);
$curr_data = mysqli_fetch_assoc(mysqli_stmt_get_result($current));
mysqli_stmt_close($current);
if (!$curr_data) {
$message = "Benutzer nicht gefunden.";
$message_type = 'danger';
} else { } else {
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, email = ?, birthday = ?, role = ? WHERE id = ?"); // Prüfe Änderungen
mysqli_stmt_bind_param($stmt, "ssssi", $username, $email, $birthday_db, $role, $id); if ($username !== $curr_data['username']) {
$update_fields[] = "username = ?";
$params[] = $username;
$types .= "s";
}
if ($email !== $curr_data['email']) {
$update_fields[] = "email = ?";
$params[] = $email;
$types .= "s";
}
if ($birthday_db !== ($curr_data['birthday'] ?: null)) {
$update_fields[] = "birthday = ?";
$params[] = $birthday_db;
$types .= "s";
}
if ($role !== $curr_data['role']) {
$update_fields[] = "role = ?";
$params[] = $role;
$types .= "s";
}
if (!empty($update_fields)) {
// Passwort separat
if (!empty($password)) {
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
$update_fields[] = "password = ?";
$params[] = $password_hashed;
$types .= "s";
}
$sql = "UPDATE users SET " . implode(", ", $update_fields) . " WHERE id = ?";
$stmt = mysqli_prepare($conn, $sql);
$params[] = $id;
$types .= "i";
mysqli_stmt_bind_param($stmt, $types, ...$params);
$success = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
} else {
$success = true; // nichts zu ändern → Erfolg
$message = "Keine Änderungen vorgenommen.";
$message_type = 'info';
}
} }
} else { } else {
// 🔹 INSERT
if (empty($password)) { if (empty($password)) {
$message = "Passwort ist beim Erstellen erforderlich."; $message = "Passwort ist beim Erstellen erforderlich.";
$message_type = 'danger'; $message_type = 'danger';
@@ -106,25 +166,27 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$password_hashed = password_hash($password, PASSWORD_DEFAULT); $password_hashed = password_hash($password, PASSWORD_DEFAULT);
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, birthday, role) VALUES (?, ?, ?, ?, ?)"); $stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, birthday, role) VALUES (?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, "sssss", $username, $password_hashed, $email, $birthday_db, $role); mysqli_stmt_bind_param($stmt, "sssss", $username, $password_hashed, $email, $birthday_db, $role);
$success = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
} }
} }
if (!isset($message)) { if (!isset($message)) {
if (isset($stmt) && mysqli_stmt_execute($stmt)) { if ($success) {
$message = $id ? "Benutzer aktualisiert!" : "Neuer Benutzer hinzugefügt!"; $message = $id ? "Benutzer erfolgreich aktualisiert!" : "Neuer Benutzer hinzugefügt!";
$message_type = 'success'; $message_type = 'success';
} else { } else {
$message = "Fehler beim Speichern."; $message = "Fehler beim Speichern: " . mysqli_error($conn);
$message_type = 'danger'; $message_type = 'danger';
} }
if (isset($stmt)) mysqli_stmt_close($stmt);
header("Location: users.php");
exit();
} }
header("Location: users.php");
exit();
} }
} }
// --- Mitgliederliste für alle --- // --- Mitgliederliste ---
$users = []; $users = [];
$result = mysqli_query($conn, "SELECT id, username, role, email, birthday FROM users ORDER BY id ASC"); $result = mysqli_query($conn, "SELECT id, username, role, email, birthday FROM users ORDER BY id ASC");
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {