Pfadanpassung und Admin-Ordner
This commit is contained in:
Borgal
40
admin/check_session.php
Executable file
40
admin/check_session.php
Executable file
@@ -0,0 +1,40 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
require_once '../inc/header.php'; ?>
|
||||
|
||||
<div class="container">
|
||||
<h1 class="mb-4">Debug-Informationen</h1>
|
||||
|
||||
<div class="card mb-4">
|
||||
<div class="card-header bg-primary text-white">
|
||||
<h4>Session-Daten ($_SESSION)</h4>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<?php if (!empty($_SESSION)): ?>
|
||||
<pre><?php print_r($_SESSION); ?></pre>
|
||||
<?php else: ?>
|
||||
<p class="text-muted">Keine aktiven Session-Daten.</p>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-header bg-success text-white">
|
||||
<h4>Cookie-Daten ($_COOKIE)</h4>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<?php if (!empty($_COOKIE)): ?>
|
||||
<pre><?php print_r($_COOKIE); ?></pre>
|
||||
<?php else: ?>
|
||||
<p class="text-muted">Keine Cookies gefunden.</p>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="text-center mt-4">
|
||||
<a href="index.php" class="btn btn-secondary">Zurück zur Startseite</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php require_once '../inc/footer.php'; ?>
|
||||
71
admin/users.php
Executable file
71
admin/users.php
Executable file
@@ -0,0 +1,71 @@
|
||||
<?php
|
||||
include('../inc/check_login.php');
|
||||
require_once('../inc/db.php');
|
||||
|
||||
// Zugriff nur für eingeloggte Admins
|
||||
if ($_SESSION['role'] !== 'admin') {
|
||||
die("Zugriff nur für Admins");
|
||||
}
|
||||
|
||||
// Datenbankverbindung einbinden
|
||||
|
||||
|
||||
// Benutzer hinzufügen
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['username'], $_POST['password'], $_POST['role'])) {
|
||||
$username = mysqli_real_escape_string($conn, $_POST['username']);
|
||||
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
||||
$role = $_POST['role'] === 'admin' ? 'admin' : 'member';
|
||||
|
||||
$sql = "INSERT INTO users (username, password, role) VALUES ('$username', '$password', '$role')";
|
||||
if (mysqli_query($conn, $sql)) {
|
||||
$message = "Benutzer erfolgreich hinzugefügt.";
|
||||
} else {
|
||||
$message = "Fehler beim Hinzufügen: " . mysqli_error($conn);
|
||||
}
|
||||
}
|
||||
|
||||
// Benutzerübersicht abrufen
|
||||
$users = [];
|
||||
$result = mysqli_query($conn, "SELECT id, username, role FROM users ORDER BY username ASC");
|
||||
if ($result) {
|
||||
while ($row = mysqli_fetch_assoc($result)) {
|
||||
$users[] = $row;
|
||||
}
|
||||
}
|
||||
|
||||
require_once '../inc/header.php';
|
||||
?>
|
||||
|
||||
<h1>Benutzerverwaltung</h1>
|
||||
|
||||
<?php if (isset($message)) echo "<p><strong>$message</strong></p>"; ?>
|
||||
|
||||
<form method="post">
|
||||
<label>Benutzername: <input type="text" name="username" required></label><br>
|
||||
<label>Passwort: <input type="password" name="password" required></label><br>
|
||||
<label>Rolle:
|
||||
<select name="role">
|
||||
<option value="member">Mitglied</option>
|
||||
<option value="admin">Admin</option>
|
||||
</select>
|
||||
</label><br>
|
||||
<button type="submit">Benutzer hinzufügen</button>
|
||||
</form>
|
||||
|
||||
<h2>Benutzerübersicht</h2>
|
||||
<table border="1" cellpadding="5">
|
||||
<tr>
|
||||
<th>ID</th>
|
||||
<th>Benutzername</th>
|
||||
<th>Rolle</th>
|
||||
</tr>
|
||||
<?php foreach ($users as $user): ?>
|
||||
<tr>
|
||||
<td><?= htmlspecialchars($user['id']) ?></td>
|
||||
<td><?= htmlspecialchars($user['username']) ?></td>
|
||||
<td><?= htmlspecialchars($user['role']) ?></td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</table>
|
||||
|
||||
<?php include('../inc/footer.php'); ?>
|
||||
Reference in New Issue
Block a user