diff --git a/admin/colors.php b/admin/colors.php index 542722b..700b64b 100755 --- a/admin/colors.php +++ b/admin/colors.php @@ -96,7 +96,7 @@ require_once '../inc/header.php'; -
+
@@ -105,16 +105,15 @@ require_once '../inc/header.php';
+
-
-
- - - Abbrechen - -
+
+ + + Abbrechen +
diff --git a/admin/meetings.php b/admin/meetings.php new file mode 100755 index 0000000..07a8019 --- /dev/null +++ b/admin/meetings.php @@ -0,0 +1,259 @@ +modify('next thursday'); + +for ($i = 0; $i < 2; $i++) { + $next_thursday = $date->format('Y-m-d'); + + $stmt = mysqli_prepare($conn, "SELECT id FROM meetings WHERE meeting_date = ?"); + mysqli_stmt_bind_param($stmt, "s", $next_thursday); + mysqli_stmt_execute($stmt); + mysqli_stmt_store_result($stmt); + + if (mysqli_stmt_num_rows($stmt) == 0) { + $color_id = get_weighted_random_color($conn); + if ($color_id) { + $stmt_insert = mysqli_prepare($conn, "INSERT INTO meetings (meeting_date, color_id) VALUES (?, ?)"); + mysqli_stmt_bind_param($stmt_insert, "si", $next_thursday, $color_id); + mysqli_stmt_execute($stmt_insert); + mysqli_stmt_close($stmt_insert); + } + } + mysqli_stmt_close($stmt); + + $date->modify('+1 week'); +} + +// --- Termine und alle Farben abrufen (für Übersicht und Formular) --- +$all_colors = []; +$result = mysqli_query($conn, "SELECT id, name, hex_code FROM colors ORDER BY name"); +while ($row = mysqli_fetch_assoc($result)) { + $all_colors[] = $row; +} + +$meetings = []; +$result = mysqli_query($conn, "SELECT m.id, m.meeting_date, m.created_at, c.name AS color_name, c.hex_code FROM meetings m JOIN colors c ON m.color_id = c.id ORDER BY m.meeting_date"); +while ($row = mysqli_fetch_assoc($result)) { + $meetings[] = $row; +} + +require_once '../inc/header.php'; +?> + +
+

Terminverwaltung

+ + + + + +
+
+

+
+
+
+ + + +
+
+ + + +
+
+ + + +
+
+ + + Abbrechen + +
+
+
+
+
+ +
+
+

Übersicht der Termine

+
+
+ +

Es sind noch keine Termine vorhanden.

+ +
+ + + + + + + + + + + + + + + + + +
DatumFarbeAktionen
+
+
+ +
+ 		+ + mode_edit_outline + + + delete_outline + +
+
+ +
+
+
+ + \ No newline at end of file diff --git a/admin/users.php b/admin/users.php index d8bd105..b995cf0 100755 --- a/admin/users.php +++ b/admin/users.php @@ -2,7 +2,7 @@ include('../inc/check_login.php'); require_once('../inc/db.php'); -// Zugriff nur für eingeloggte Admins +// Nur Admins haben Zugriff if ($_SESSION['role'] !== 'admin') { die("Zugriff nur für Admins"); } @@ -12,20 +12,75 @@ $message_type = ''; $edit_mode = false; $edit_user = null; -// Benutzer hinzufügen -if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['username'], $_POST['password'], $_POST['role'])) { - $username = mysqli_real_escape_string($conn, $_POST['username']); - $password = password_hash($_POST['password'], PASSWORD_DEFAULT); - $role = $_POST['role'] === 'admin' ? 'admin' : 'member'; +// --- Logik zum Löschen und Bearbeiten von Benutzern --- - $sql = "INSERT INTO users (username, password, role) VALUES ('$username', '$password', '$role')"; - if (mysqli_query($conn, $sql)) { - $message = "Benutzer erfolgreich hinzugefügt."; +// Aktion Löschen +if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) { + $id = $_GET['id']; + $stmt = mysqli_prepare($conn, "DELETE FROM users WHERE id = ?"); + mysqli_stmt_bind_param($stmt, "i", $id); + if (mysqli_stmt_execute($stmt)) { + $message = "Benutzer erfolgreich gelöscht!"; $message_type = 'success'; } else { - $message = "Fehler beim Hinzufügen: " . mysqli_error($conn); + $message = "Fehler beim Löschen des Benutzers."; $message_type = 'danger'; } + mysqli_stmt_close($stmt); +} + +// Aktion Bearbeiten (Formular laden) +if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) { + $id = $_GET['id']; + $stmt = mysqli_prepare($conn, "SELECT id, username, role FROM users WHERE id = ?"); + mysqli_stmt_bind_param($stmt, "i", $id); + mysqli_stmt_execute($stmt); + $result = mysqli_stmt_get_result($stmt); + $edit_user = mysqli_fetch_assoc($result); + mysqli_stmt_close($stmt); + $edit_mode = true; +} + +// --- Logik zum Hinzufügen oder Speichern von Benutzern --- + +if ($_SERVER["REQUEST_METHOD"] == "POST") { + $username = $_POST['username']; + $password = $_POST['password']; + $role = $_POST['role'] === 'admin' ? 'admin' : 'member'; + $id = $_POST['id'] ?? null; + + if ($id) { // Update-Logik + // Überprüfen, ob ein neues Passwort gesetzt wurde + if (!empty($password)) { + $password_hashed = password_hash($password, PASSWORD_DEFAULT); + $stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, role = ? WHERE id = ?"); + mysqli_stmt_bind_param($stmt, "sssi", $username, $password_hashed, $role, $id); + } else { + $stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, role = ? WHERE id = ?"); + mysqli_stmt_bind_param($stmt, "ssi", $username, $role, $id); + } + + if (mysqli_stmt_execute($stmt)) { + $message = "Benutzer erfolgreich aktualisiert!"; + $message_type = 'success'; + } else { + $message = "Fehler beim Aktualisieren des Benutzers."; + $message_type = 'danger'; + } + mysqli_stmt_close($stmt); + } else { // Insert-Logik + $password_hashed = password_hash($password, PASSWORD_DEFAULT); + $stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, role) VALUES (?, ?, ?)"); + mysqli_stmt_bind_param($stmt, "sss", $username, $password_hashed, $role); + if (mysqli_stmt_execute($stmt)) { + $message = "Benutzer erfolgreich hinzugefügt."; + $message_type = 'success'; + } else { + $message = "Fehler beim Hinzufügen: " . mysqli_error($conn); + $message_type = 'danger'; + } + mysqli_stmt_close($stmt); + } } // Benutzerübersicht abrufen @@ -52,31 +107,42 @@ require_once('../inc/header.php');
-

Neuen Benutzer hinzufügen

+

-
-
+ + + + +
- +
- + > +
+ +
+
+
+ +
-
- -
- - -
-
+
+ + + Abbrechen + +
@@ -108,10 +174,10 @@ require_once('../inc/header.php'); - + mode_edit_outline - + delete_outline