1.3.0
This commit is contained in:
Borgal
67
users.php
67
users.php
@@ -9,6 +9,28 @@ $message_type = '';
|
||||
$edit_mode = false;
|
||||
$edit_user = null;
|
||||
|
||||
// Hilfsfunktion: DE-Format zu DB-Format
|
||||
function deDateToDb($deDate)
|
||||
{
|
||||
if (empty($deDate)) return null;
|
||||
$parts = explode('.', $deDate);
|
||||
if (count($parts) !== 3) return null;
|
||||
$day = str_pad($parts[0], 2, '0', STR_PAD_LEFT);
|
||||
$month = str_pad($parts[1], 2, '0', STR_PAD_LEFT);
|
||||
$year = $parts[2];
|
||||
if (checkdate((int)$month, (int)$day, (int)$year)) {
|
||||
return "$year-$month-$day";
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
// Hilfsfunktion: DB-Format zu DE-Format
|
||||
function dbDateToDe($dbDate)
|
||||
{
|
||||
if (empty($dbDate) || $dbDate === '0000-00-00') return '';
|
||||
return date('d.m.Y', strtotime($dbDate));
|
||||
}
|
||||
|
||||
// --- Nur Admins: Löschen ---
|
||||
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
|
||||
$id = (int)$_GET['id'];
|
||||
@@ -34,7 +56,7 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset(
|
||||
// --- Nur Admins: Bearbeiten ---
|
||||
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
|
||||
$id = (int)$_GET['id'];
|
||||
$stmt = mysqli_prepare($conn, "SELECT id, username, email, role FROM users WHERE id = ?");
|
||||
$stmt = mysqli_prepare($conn, "SELECT id, username, email, role, birthday FROM users WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "i", $id);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$result = mysqli_stmt_get_result($stmt);
|
||||
@@ -45,6 +67,9 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_
|
||||
if (!$edit_user) {
|
||||
$message = "Benutzer nicht gefunden.";
|
||||
$message_type = 'warning';
|
||||
} else {
|
||||
// Konvertiere DB-Datum zu DE-Format für das Formular
|
||||
$edit_user['birthday_de'] = dbDateToDe($edit_user['birthday']);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,10 +78,12 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = trim($_POST['username'] ?? '');
|
||||
$password = $_POST['password'] ?? '';
|
||||
$email_raw = trim($_POST['email'] ?? '');
|
||||
$birthday_de = trim($_POST['birthday'] ?? '');
|
||||
$role = ($_POST['role'] ?? 'member') === 'admin' ? 'admin' : 'member';
|
||||
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
|
||||
|
||||
$email = !empty($email_raw) ? $email_raw : null;
|
||||
$birthday_db = deDateToDb($birthday_de); // null bei ungültig/leer
|
||||
|
||||
if (empty($username)) {
|
||||
$message = "Benutzername ist erforderlich.";
|
||||
@@ -65,11 +92,11 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
if ($id) {
|
||||
if (!empty($password)) {
|
||||
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
|
||||
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, email = ?, role = ? WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "ssssi", $username, $password_hashed, $email, $role, $id);
|
||||
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, email = ?, birthday = ?, role = ? WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "sssssi", $username, $password_hashed, $email, $birthday_db, $role, $id);
|
||||
} else {
|
||||
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, email = ?, role = ? WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "sssi", $username, $email, $role, $id);
|
||||
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, email = ?, birthday = ?, role = ? WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "ssssi", $username, $email, $birthday_db, $role, $id);
|
||||
}
|
||||
} else {
|
||||
if (empty($password)) {
|
||||
@@ -77,8 +104,8 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$message_type = 'danger';
|
||||
} else {
|
||||
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
|
||||
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, role) VALUES (?, ?, ?, ?)");
|
||||
mysqli_stmt_bind_param($stmt, "ssss", $username, $password_hashed, $email, $role);
|
||||
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, birthday, role) VALUES (?, ?, ?, ?, ?)");
|
||||
mysqli_stmt_bind_param($stmt, "sssss", $username, $password_hashed, $email, $birthday_db, $role);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -99,7 +126,7 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
|
||||
// --- Mitgliederliste für alle ---
|
||||
$users = [];
|
||||
$result = mysqli_query($conn, "SELECT id, username, role FROM users ORDER BY id ASC");
|
||||
$result = mysqli_query($conn, "SELECT id, username, role, email, birthday FROM users ORDER BY id ASC");
|
||||
while ($row = mysqli_fetch_assoc($result)) {
|
||||
$users[] = $row;
|
||||
}
|
||||
@@ -140,6 +167,11 @@ require_once 'inc/header.php';
|
||||
<label class="form-label">E-Mail (optional)</label>
|
||||
<input type="email" class="form-control" name="email" value="<?= htmlspecialchars($edit_user['email'] ?? ''); ?>">
|
||||
</div>
|
||||
<div class="col-md-3">
|
||||
<label class="form-label">Geburtsdatum (optional, TT.MM.JJJJ)</label>
|
||||
<input type="text" class="form-control" name="birthday" placeholder="z. B. 15.08.1990" value="<?= htmlspecialchars($edit_user['birthday_de'] ?? ''); ?>">
|
||||
<div class="form-text">Leer lassen, um kein Geburtsdatum zu speichern.</div>
|
||||
</div>
|
||||
<div class="col-md-3">
|
||||
<label class="form-label">Passwort</label>
|
||||
<input type="password" class="form-control" name="password" placeholder="<?= $edit_mode ? 'Leer lassen = unverändert' : 'Erforderlich' ?>">
|
||||
@@ -182,10 +214,11 @@ require_once 'inc/header.php';
|
||||
<thead>
|
||||
<tr>
|
||||
<th>ID</th>
|
||||
<th>Benutzername</th>
|
||||
<th>User</th>
|
||||
<th class="text-center" style="width: 56px;">Daten</th>
|
||||
<th>Rolle</th>
|
||||
<?php if ($is_admin): ?>
|
||||
<th>Aktionen</th>
|
||||
<th class="text-end"></th>
|
||||
<?php endif; ?>
|
||||
</tr>
|
||||
</thead>
|
||||
@@ -194,6 +227,20 @@ require_once 'inc/header.php';
|
||||
<tr>
|
||||
<td><?= htmlspecialchars($user['id']) ?></td>
|
||||
<td><?= htmlspecialchars($user['username']) ?></td>
|
||||
<td class="text-center align-middle">
|
||||
<div class="d-flex" style="justify-content: center; height: 1.4rem; gap: 0.25rem;">
|
||||
<div class="d-flex align-items-center justify-content-center" style="width: 1.3em;">
|
||||
<?php if (!empty($user['email'])): ?>
|
||||
<span class="material-symbols-outlined text-success" style="font-size:0.8em; line-height:1;" title="E-Mail vorhanden">mail</span>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<div class="d-flex align-items-center justify-content-center" style="width: 1.3em;">
|
||||
<?php if (!empty($user['birthday']) && $user['birthday'] !== '0000-00-00'): ?>
|
||||
<span class="material-symbols-outlined text-info" style="font-size:0.8em; line-height:1;" title="Geburtstag vorhanden">cake</span>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
<td>
|
||||
<span class="badge rounded-pill bg-<?= $user['role'] === 'admin' ? 'info' : 'secondary' ?>">
|
||||
<?= htmlspecialchars($user['role']) ?>
|
||||
|
||||
Reference in New Issue
Block a user