Layout angepasst
This commit is contained in:
Borgal
120
admin/users.php
120
admin/users.php
@@ -2,7 +2,7 @@
|
||||
include('../inc/check_login.php');
|
||||
require_once('../inc/db.php');
|
||||
|
||||
// Zugriff nur für eingeloggte Admins
|
||||
// Nur Admins haben Zugriff
|
||||
if ($_SESSION['role'] !== 'admin') {
|
||||
die("Zugriff nur für Admins");
|
||||
}
|
||||
@@ -12,20 +12,75 @@ $message_type = '';
|
||||
$edit_mode = false;
|
||||
$edit_user = null;
|
||||
|
||||
// Benutzer hinzufügen
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['username'], $_POST['password'], $_POST['role'])) {
|
||||
$username = mysqli_real_escape_string($conn, $_POST['username']);
|
||||
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
||||
$role = $_POST['role'] === 'admin' ? 'admin' : 'member';
|
||||
// --- Logik zum Löschen und Bearbeiten von Benutzern ---
|
||||
|
||||
$sql = "INSERT INTO users (username, password, role) VALUES ('$username', '$password', '$role')";
|
||||
if (mysqli_query($conn, $sql)) {
|
||||
$message = "Benutzer erfolgreich hinzugefügt.";
|
||||
// Aktion Löschen
|
||||
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
|
||||
$id = $_GET['id'];
|
||||
$stmt = mysqli_prepare($conn, "DELETE FROM users WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "i", $id);
|
||||
if (mysqli_stmt_execute($stmt)) {
|
||||
$message = "Benutzer erfolgreich gelöscht!";
|
||||
$message_type = 'success';
|
||||
} else {
|
||||
$message = "Fehler beim Hinzufügen: " . mysqli_error($conn);
|
||||
$message = "Fehler beim Löschen des Benutzers.";
|
||||
$message_type = 'danger';
|
||||
}
|
||||
mysqli_stmt_close($stmt);
|
||||
}
|
||||
|
||||
// Aktion Bearbeiten (Formular laden)
|
||||
if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
|
||||
$id = $_GET['id'];
|
||||
$stmt = mysqli_prepare($conn, "SELECT id, username, role FROM users WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "i", $id);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$result = mysqli_stmt_get_result($stmt);
|
||||
$edit_user = mysqli_fetch_assoc($result);
|
||||
mysqli_stmt_close($stmt);
|
||||
$edit_mode = true;
|
||||
}
|
||||
|
||||
// --- Logik zum Hinzufügen oder Speichern von Benutzern ---
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
$role = $_POST['role'] === 'admin' ? 'admin' : 'member';
|
||||
$id = $_POST['id'] ?? null;
|
||||
|
||||
if ($id) { // Update-Logik
|
||||
// Überprüfen, ob ein neues Passwort gesetzt wurde
|
||||
if (!empty($password)) {
|
||||
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
|
||||
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, role = ? WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "sssi", $username, $password_hashed, $role, $id);
|
||||
} else {
|
||||
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, role = ? WHERE id = ?");
|
||||
mysqli_stmt_bind_param($stmt, "ssi", $username, $role, $id);
|
||||
}
|
||||
|
||||
if (mysqli_stmt_execute($stmt)) {
|
||||
$message = "Benutzer erfolgreich aktualisiert!";
|
||||
$message_type = 'success';
|
||||
} else {
|
||||
$message = "Fehler beim Aktualisieren des Benutzers.";
|
||||
$message_type = 'danger';
|
||||
}
|
||||
mysqli_stmt_close($stmt);
|
||||
} else { // Insert-Logik
|
||||
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
|
||||
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, role) VALUES (?, ?, ?)");
|
||||
mysqli_stmt_bind_param($stmt, "sss", $username, $password_hashed, $role);
|
||||
if (mysqli_stmt_execute($stmt)) {
|
||||
$message = "Benutzer erfolgreich hinzugefügt.";
|
||||
$message_type = 'success';
|
||||
} else {
|
||||
$message = "Fehler beim Hinzufügen: " . mysqli_error($conn);
|
||||
$message_type = 'danger';
|
||||
}
|
||||
mysqli_stmt_close($stmt);
|
||||
}
|
||||
}
|
||||
|
||||
// Benutzerübersicht abrufen
|
||||
@@ -52,31 +107,42 @@ require_once('../inc/header.php');
|
||||
|
||||
<div class="card shadow mb-4">
|
||||
<div class="card-header bg-primary text-white">
|
||||
<h4 class="mb-0">Neuen Benutzer hinzufügen</h4>
|
||||
<h4 class="mb-0"><?php echo $edit_mode ? 'Benutzer bearbeiten' : 'Neuen Benutzer hinzufügen'; ?></h4>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<form method="post">
|
||||
<div class="row g-3 align-items-end">
|
||||
<form action="users.php" method="post">
|
||||
<?php if ($edit_mode): ?>
|
||||
<input type="hidden" name="id" value="<?php echo htmlspecialchars($edit_user['id']); ?>">
|
||||
<?php endif; ?>
|
||||
<div class="row g-1 align-items-end">
|
||||
<div class="col-md-4">
|
||||
<label for="username" class="form-label">Benutzername</label>
|
||||
<input type="text" class="form-control" id="username" name="username" required>
|
||||
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($edit_user['username'] ?? ''); ?>" required>
|
||||
<div class="form-text" style="visibility: hidden;"> </div>
|
||||
</div>
|
||||
<div class="col-md-4">
|
||||
<label for="password" class="form-label">Passwort</label>
|
||||
<input type="password" class="form-control" id="password" name="password" required>
|
||||
<input type="password" class="form-control" id="password" name="password" <?php echo $edit_mode ? '' : 'required'; ?>>
|
||||
<div class="form-text">
|
||||
<?php echo $edit_mode ? 'Feld leer lassen, um das Passwort nicht zu ändern.' : ' '; ?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-md-4">
|
||||
<label for="role" class="form-label">Rolle</label>
|
||||
<select class="form-select" id="role" name="role">
|
||||
<option value="member" <?php echo ($edit_user['role'] ?? '') === 'member' ? 'selected' : ''; ?>>Mitglied</option>
|
||||
<option value="admin" <?php echo ($edit_user['role'] ?? '') === 'admin' ? 'selected' : ''; ?>>Admin</option>
|
||||
</select>
|
||||
<div class="form-text" style="visibility: hidden;"> </div>
|
||||
</div>
|
||||
<div class="col-md-4 d-flex flex-column justify-content-end">
|
||||
<label for="role" class="form-label">Rolle</label>
|
||||
<div class="d-flex w-100">
|
||||
<select class="form-select w-100" id="role" name="role">
|
||||
<option value="member">Mitglied</option>
|
||||
<option value="admin">Admin</option>
|
||||
</select>
|
||||
|
||||
</div>
|
||||
</div><button type="submit" class="btn btn-primary ms-2">Hinzufügen</button>
|
||||
<div class="col-12 d-flex justify-content-start">
|
||||
<button type="submit" class="btn btn-<?php echo $edit_mode ? 'success' : 'primary'; ?> w-auto me-2">
|
||||
<?php echo $edit_mode ? 'Speichern' : 'Hinzufügen'; ?>
|
||||
</button>
|
||||
<?php if ($edit_mode): ?>
|
||||
<a href="users.php" class="btn btn-secondary w-auto">Abbrechen</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
@@ -108,10 +174,10 @@ require_once('../inc/header.php');
|
||||
</span>
|
||||
</td>
|
||||
<td>
|
||||
<a href="#" class="text-dark me-1 text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Bearbeiten">
|
||||
<a href="users.php?action=edit&id=<?= htmlspecialchars($user['id']) ?>" class="text-dark me-1 text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Bearbeiten">
|
||||
<span class="material-icons">mode_edit_outline</span>
|
||||
</a>
|
||||
<a href="#" class="text-danger text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Löschen">
|
||||
<a href="users.php?action=delete&id=<?= htmlspecialchars($user['id']) ?>" class="text-danger text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Löschen" onclick="return confirm('Sind Sie sicher, dass Sie diesen Benutzer löschen möchten?');">
|
||||
<span class="material-icons">delete_outline</span>
|
||||
</a>
|
||||
</td>
|
||||
|
||||
Reference in New Issue
Block a user