Borgal/domili
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Borgal:0433161ab1671c1d83ced3115fa2028825880c9a
Branches Tags
Borgal:main
...
compare: Borgal:9cd9afaad4a89b0782666f6ff640c946cab1b30b
Branches Tags
Borgal:main

10 Commits
0433161ab1 ... 9cd9afaad4

Author SHA1 Message Date
Borgal
9cd9afaad4 neu sortiert 2025-10-30 03:16:15 +01:00
Borgal
83489a149d Verschiebung mit aufgenommen 2025-10-30 03:16:05 +01:00
Borgal
a3437a9dcc Release Notes hinzugefügt 2025-10-30 03:15:51 +01:00
Borgal
5574ee031b Todo reminder 2025-10-30 03:15:32 +01:00
Borgal
7393378a02 Menü angepasst 2025-10-30 03:15:09 +01:00
Borgal
9887da8e77 Menü und Anzahl angepasst 2025-10-30 03:14:52 +01:00
Borgal
313157e24a nur ein Termin die Woche 2025-10-30 03:14:26 +01:00
Borgal
7abaaede8b Menü erneuert 2025-10-30 03:13:51 +01:00
Borgal
0f34cf93a4 menü angepasst und Terminplaunung überarbeitet 2025-10-30 03:13:35 +01:00
Borgal
2cf4d98714 verschoben in root 2025-10-30 03:12:53 +01:00
13 changed files with 1017 additions and 650 deletions
Expand all files Collapse all files

276
admin/planning.php
View File

@@ -1,276 +0,0 @@
<?php
include('../inc/check_login.php');
include('../inc/check_admin.php');
require_once('../inc/db.php');
$message = '';
$message_type = '';
$edit_mode = false;
$edit_meeting = null;
// --- Funktion zur gewichteten zufälligen Farbauswahl ---
function get_weighted_random_color($conn)
{
// 1. Alle Farben abrufen
$all_colors = [];
$result_all = mysqli_query($conn, "SELECT id FROM colors");
while ($row = mysqli_fetch_assoc($result_all)) {
$all_colors[] = $row['id'];
}
if (empty($all_colors)) {
return null; // Keine Farben vorhanden
}
// 2. Anzahl der Farben als "Sperrzeit"
$color_count = count($all_colors);
// 3. Kürzlich verwendete Farben abrufen
$used_colors_id = [];
$stmt = mysqli_prepare($conn, "SELECT color_id FROM meetings ORDER BY meeting_date DESC LIMIT ?");
mysqli_stmt_bind_param($stmt, "i", $color_count);
mysqli_stmt_execute($stmt);
$result_used = mysqli_stmt_get_result($stmt);
while ($row = mysqli_fetch_assoc($result_used)) {
$used_colors_id[] = $row['color_id'];
}
mysqli_stmt_close($stmt);
// 4. Farben-Pool erstellen
$color_pool = [];
foreach ($all_colors as $color_id) {
if (in_array($color_id, $used_colors_id)) {
// Kürzlich verwendete Farben haben 1x Chance
$color_pool[] = $color_id;
} else {
// Andere Farben haben 3x Chance
$color_pool[] = $color_id;
$color_pool[] = $color_id;
$color_pool[] = $color_id;
}
}
// 5. Zufällige Farbe aus dem Pool auswählen
shuffle($color_pool);
return $color_pool[0];
}
// --- Logik zum Löschen und Bearbeiten von Terminen ---
// Aktion Löschen
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = $_GET['id'];
$stmt = mysqli_prepare($conn, "DELETE FROM meetings WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
if (mysqli_stmt_execute($stmt)) {
$message = "Termin erfolgreich gelöscht!";
$message_type = 'success';
} else {
$message = "Fehler beim Löschen des Termins.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
}
// Aktion Bearbeiten (Formular laden)
if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
$id = $_GET['id'];
$stmt = mysqli_prepare($conn, "SELECT id, meeting_date, color_id, reason FROM meetings WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$edit_meeting = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
$edit_mode = true;
// Datum und Uhrzeit für die Formularfelder aufteilen
$edit_date_time = new DateTime($edit_meeting['meeting_date']);
$edit_meeting['meeting_date_only'] = $edit_date_time->format('Y-m-d');
$edit_meeting['meeting_time_only'] = $edit_date_time->format('H:i');
}
// --- Logik zum Hinzufügen oder Speichern von Terminen (POST) ---
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$meeting_date_only = $_POST['meeting_date'];
$meeting_time_only = $_POST['meeting_time'] ?? '12:00';
$meeting_date = $meeting_date_only . ' ' . $meeting_time_only;
$color_id = $_POST['color_id'];
$reason = $_POST['reason'] ?? 'Zufallsfarbe';
$id = $_POST['id'] ?? null;
if ($id) { // Update-Logik
$stmt = mysqli_prepare($conn, "UPDATE meetings SET meeting_date = ?, color_id = ?, reason = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "sisi", $meeting_date, $color_id, $reason, $id);
if (mysqli_stmt_execute($stmt)) {
$message = "Termin erfolgreich aktualisiert!";
$message_type = 'success';
} else {
$message = "Fehler beim Aktualisieren des Termins.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
} else { // Insert-Logik
$stmt = mysqli_prepare($conn, "INSERT INTO meetings (meeting_date, color_id, reason) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, "sis", $meeting_date, $color_id, $reason);
if (mysqli_stmt_execute($stmt)) {
$message = "Neuer Termin erfolgreich hinzugefügt!";
$message_type = 'success';
} else {
$message = "Fehler beim Hinzufügen des Termins.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
}
}
// --- Nächste 2 Donnerstage automatisch hinzufügen (mit 12:00 Uhr) ---
$date = new DateTime('now');
$date->modify('next thursday');
for ($i = 0; $i < 2; $i++) {
$next_thursday = $date->format('Y-m-d') . ' 12:00:00';
$stmt = mysqli_prepare($conn, "SELECT id FROM meetings WHERE meeting_date = ?");
mysqli_stmt_bind_param($stmt, "s", $next_thursday);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 0) {
$color_id = get_weighted_random_color($conn);
if ($color_id) {
$stmt_insert = mysqli_prepare($conn, "INSERT INTO meetings (meeting_date, color_id, reason) VALUES (?, ?, ?)");
$default_reason = "Zufallsfarbe";
mysqli_stmt_bind_param($stmt_insert, "sis", $next_thursday, $color_id, $default_reason);
mysqli_stmt_execute($stmt_insert);
mysqli_stmt_close($stmt_insert);
}
}
mysqli_stmt_close($stmt);
$date->modify('+1 week');
}
// --- Termine und alle Farben abrufen (für Übersicht und Formular) ---
$all_colors = [];
$result = mysqli_query($conn, "SELECT id, name, hex_code FROM colors ORDER BY name");
while ($row = mysqli_fetch_assoc($result)) {
$all_colors[] = $row;
}
$meetings = [];
// Aktualisierte Abfrage: Zeigt nur Meetings an, die nicht abgeschlossen sind (is_completed = 0)
$result = mysqli_query($conn, "SELECT m.id, m.meeting_date, m.created_at, m.reason, c.name AS color_name, c.hex_code FROM meetings m JOIN colors c ON m.color_id = c.id WHERE m.is_completed = 0 ORDER BY m.meeting_date");
while ($row = mysqli_fetch_assoc($result)) {
$meetings[] = $row;
}
require_once '../inc/header.php';
?>
<div class="container mt-5">
<?php if ($message) : ?>
<div id="status-message" class="alert alert-<?php echo $message_type; ?> alert-dismissible fade show" role="alert">
<?php echo htmlspecialchars($message); ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
<div class="d-flex justify-content-between align-items-center mb-4">
<h2 class="mb-0">Terminverwaltung</h2>
</div>
<div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="planningFormCollapse">
<div class="card shadow mb-4">
<div class="card-header bg-primary-subtle text-secondary">
<h4 class="mb-0"><?= $edit_mode ? 'Termin bearbeiten' : 'Neuen Termin hinzufügen'; ?></h4>
</div>
<div class="card-body">
<form action="planning.php" method="post">
<?php if ($edit_mode): ?>
<input type="hidden" name="id" value="<?= htmlspecialchars($edit_meeting['id']); ?>">
<?php endif; ?>
<div class="row g-1 align-items-end">
<div class="col-md-4">
<label for="meeting_date" class="form-label">Datum</label>
<input type="date" class="form-control" id="meeting_date" name="meeting_date" value="<?= htmlspecialchars($edit_meeting['meeting_date_only'] ?? ''); ?>" required>
<div class="form-text" style="visibility: hidden;">&nbsp;</div>
</div>
<div class="col-md-4">
<label for="meeting_time" class="form-label">Uhrzeit</label>
<input type="time" class="form-control" id="meeting_time" name="meeting_time" value="<?= htmlspecialchars($edit_meeting['meeting_time_only'] ?? '12:00'); ?>" required>
<div class="form-text" style="visibility: hidden;">&nbsp;</div>
</div>
<div class="col-md-4">
<label for="color_id" class="form-label">Farbe</label>
<select class="form-select" id="color_id" name="color_id" required>
<?php foreach ($all_colors as $color): ?>
<option value="<?= htmlspecialchars($color['id']); ?>" <?= (($edit_meeting['color_id'] ?? '') == $color['id']) ? 'selected' : ''; ?>>
<?= htmlspecialchars($color['name']); ?>
</option>
<?php endforeach; ?>
</select>
<div class="form-text" style="visibility: hidden;">&nbsp;</div>
</div>
<div class="col-md-6">
<label for="reason" class="form-label">Grund für die Farbe (optional)</label>
<input type="text" class="form-control" id="reason" name="reason" value="<?= htmlspecialchars($edit_meeting['reason'] ?? ''); ?>">
<div class="form-text">wenn leer, wird automatisch "Zufallsfarbe" eingetragen</div>
</div>
<div class="col-12 d-flex justify-content-start">
<div class="d-flex w-100">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?> w-auto me-2">
<?= $edit_mode ? 'Speichern' : 'Hinzufügen'; ?>
</button>
<a href="planning.php" class="btn btn-sm btn-outline-secondary w-auto">Abbrechen</a>
</div>
</div>
</div>
</form>
</div>
</div>
<hr class="mt-4 mb-4">
</div>
<div class="card shadow">
<div class="card-header bg-secondary bg-opacity-50 text-secondary d-flex justify-content-between align-items-center mb-4">
<h4 class="mb-0">Übersicht der nächsten Termine</h4>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#planningFormCollapse" role="button" aria-expanded="false" aria-controls="planningFormCollapse">Add
<span class="material-symbols-outlined">add</span>
</a>
</div>
<div class="card-body">
<?php if (empty($meetings)): ?>
<p class="text-muted text-center">Es sind noch keine Termine vorhanden.</p>
<?php else: ?>
<div class="list-group list-group-flush">
<?php foreach ($meetings as $meeting): ?>
<div class="list-group-item">
<div class="d-flex justify-content-between align-items-center">
<div>
<p class="mb-1 fw-bold"><?= date('d.m.y H:i', strtotime($meeting['meeting_date'])); ?></p>
<div class="d-flex align-items-center">
<div class="color-preview rounded me-2" style="background-color: <?= htmlspecialchars($meeting['hex_code']); ?>; width: 20px; height: 20px;"></div>
<p class="mb-1"><?= htmlspecialchars($meeting['color_name']); ?></p>
</div>
</div>
<div>
<a href="planning.php?action=edit&id=<?= htmlspecialchars($meeting['id']); ?>" class="text-dark me-1 text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Bearbeiten">
<span class="material-icons">mode_edit_outline</span>
</a>
<a href="planning.php?action=delete&id=<?= htmlspecialchars($meeting['id']); ?>" class="text-danger text-decoration-none" onclick="return confirm('Sind Sie sicher, dass Sie diesen Termin löschen möchten?');" data-bs-toggle="tooltip" data-bs-placement="top" title="Löschen">
<span class="material-icons">delete_outline</span>
</a>
</div>
</div>
<p class="small text-muted mb-0 mt-2">Grund: <?= htmlspecialchars($meeting['reason']); ?></p>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
</div>
</div>
<?php include('../inc/footer.php'); ?>

210
admin/users.php
View File

@@ -1,210 +0,0 @@
<?php
include('../inc/check_login.php');
include('../inc/check_admin.php');
require_once('../inc/db.php');
$message = '';
$message_type = '';
$edit_mode = false;
$edit_user = null;
// --- Logik zum Löschen und Bearbeiten von Benutzern ---
// Aktion Löschen
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = $_GET['id'];
$stmt = mysqli_prepare($conn, "DELETE FROM users WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
if (mysqli_stmt_execute($stmt)) {
$message = "Benutzer erfolgreich gelöscht!";
$message_type = 'success';
} else {
$message = "Fehler beim Löschen des Benutzers.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
}
// Aktion Bearbeiten (Formular laden)
if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
$id = $_GET['id'];
// E-Mail-Feld zur Abfrage hinzugefügt, da es für das Bearbeiten benötigt wird
$stmt = mysqli_prepare($conn, "SELECT id, username, email, role FROM users WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$edit_user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
$edit_mode = true;
}
// --- Logik zum Hinzufügen oder Speichern von Benutzern ---
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'];
$password = $_POST['password'];
// E-Mail-Feld aus dem Formular auslesen
$email = $_POST['email'] ?? null;
$role = $_POST['role'] === 'admin' ? 'admin' : 'member';
$id = $_POST['id'] ?? null;
if ($id) { // Update-Logik
// Überprüfen, ob ein neues Passwort gesetzt wurde
if (!empty($password)) {
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
// E-Mail-Feld zum UPDATE-Statement hinzugefügt
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, email = ?, role = ? WHERE id = ?");
// `email` zur Parameter-Bindung hinzugefügt
mysqli_stmt_bind_param($stmt, "ssssi", $username, $password_hashed, $email, $role, $id);
} else {
// E-Mail-Feld zum UPDATE-Statement hinzugefügt
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, email = ?, role = ? WHERE id = ?");
// `email` zur Parameter-Bindung hinzugefügt
mysqli_stmt_bind_param($stmt, "sssi", $username, $email, $role, $id);
}
if (mysqli_stmt_execute($stmt)) {
$message = "Benutzer erfolgreich aktualisiert!";
$message_type = 'success';
} else {
$message = "Fehler beim Aktualisieren des Benutzers.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
} else { // Insert-Logik
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
// E-Mail-Feld zum INSERT-Statement hinzugefügt
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, role) VALUES (?, ?, ?, ?)");
// `email` zur Parameter-Bindung hinzugefügt
mysqli_stmt_bind_param($stmt, "ssss", $username, $password_hashed, $email, $role);
if (mysqli_stmt_execute($stmt)) {
$message = "Benutzer erfolgreich hinzugefügt.";
$message_type = 'success';
} else {
$message = "Fehler beim Hinzufügen: " . mysqli_error($conn);
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
}
}
// Benutzerübersicht abrufen (E-Mail-Feld entfernt)
$users = [];
$result = mysqli_query($conn, "SELECT id, username, role FROM users ORDER BY id ASC");
if ($result) {
while ($row = mysqli_fetch_assoc($result)) {
$users[] = $row;
}
}
require_once('../inc/header.php');
?>
<div class="container mt-5">
<?php if ($message) : ?>
<div id="status-message" class="alert alert-<?php echo $message_type; ?> alert-dismissible fade show" role="alert">
<?php echo htmlspecialchars($message); ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
<div class="d-flex justify-content-between align-items-center mb-4">
<h2 class="mb-0">Benutzerverwaltung</h2>
</div>
<div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="userFormCollapse">
<div class="card shadow mb-4">
<div class="card-header bg-primary-subtle text-secondary">
<h4 class="mb-0"><?= $edit_mode ? 'Benutzer bearbeiten' : 'Neuen Benutzer hinzufügen'; ?></h4>
</div>
<div class="card-body">
<form action="users.php" method="post">
<?php if ($edit_mode): ?>
<input type="hidden" name="id" value="<?= htmlspecialchars($edit_user['id']); ?>">
<?php endif; ?>
<div class="row g-1 align-items-end">
<div class="col-md-3">
<label for="username" class="form-label">Benutzername</label>
<input type="text" class="form-control" id="username" name="username" value="<?= htmlspecialchars($edit_user['username'] ?? ''); ?>" required>
<div class="form-text" style="visibility: hidden;">&nbsp;</div>
</div>
<div class="col-md-3">
<label for="email" class="form-label">E-Mail (optional)</label>
<input type="email" class="form-control" id="email" name="email" value="<?= htmlspecialchars($edit_user['email'] ?? ''); ?>">
<div class="form-text" style="visibility: hidden;">&nbsp;</div>
</div>
<div class="col-md-3">
<label for="password" class="form-label">Passwort</label>
<input type="password" class="form-control" id="password" name="password" <?= $edit_mode ? '' : 'required'; ?>>
<div class="form-text">
<?= $edit_mode ? 'Feld leer lassen, um das Passwort nicht zu ändern.' : '&nbsp;'; ?>
</div>
</div>
<div class="col-md-3">
<label for="role" class="form-label">Rolle</label>
<select class="form-select" id="role" name="role">
<option value="member" <?= (($edit_user['role'] ?? '') === 'member') ? 'selected' : ''; ?>>Mitglied</option>
<option value="admin" <?= (($edit_user['role'] ?? '') === 'admin') ? 'selected' : ''; ?>>Admin</option>
</select>
<div class="form-text" style="visibility: hidden;">&nbsp;</div>
</div>
<div class="col-12 d-flex justify-content-start">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?> w-auto me-2">
<?= $edit_mode ? 'Speichern' : 'Hinzufügen'; ?>
</button>
<a href="users.php" class="btn btn-sm btn-outline-secondary w-auto">Abbrechen</a>
</div>
</div>
</form>
</div>
</div>
<hr class="mt-4 mb-4">
</div>
<div class="card shadow">
<div class="card-header bg-secondary bg-opacity-50 text-secondary d-flex justify-content-between align-items-center mb-4">
<h4 class="mb-0">Benutzerübersicht</h4>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#userFormCollapse" role="button" aria-expanded="false" aria-controls="userFormCollapse">Add
<span class="material-symbols-outlined">add</span>
</a>
</div>
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead>
<tr>
<th>ID</th>
<th>Benutzername</th>
<th>Rolle</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?= htmlspecialchars($user['id']) ?></td>
<td><?= htmlspecialchars($user['username']) ?></td>
<td>
<span class="badge rounded-pill bg-<?= $user['role'] === 'admin' ? 'info' : 'secondary' ?>">
<?= htmlspecialchars($user['role']) ?>
</span>
</td>
<td>
<a href="users.php?action=edit&id=<?= htmlspecialchars($user['id']) ?>" class="text-dark me-1 text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Bearbeiten">
<span class="material-icons">mode_edit_outline</span>
</a>
<a href="users.php?action=delete&id=<?= htmlspecialchars($user['id']) ?>" class="text-danger text-decoration-none" data-bs-toggle="tooltip" data-bs-placement="top" title="Löschen" onclick="return confirm('Sind Sie sicher, dass Sie diesen Benutzer löschen möchten?');">
<span class="material-icons">delete_outline</span>
</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?php include('../inc/footer.php'); ?>

6
admin/check_session.php → check_session.php
View File

@@ -1,8 +1,8 @@
<?php
session_start();
include('../inc/check_admin.php');
require_once('../inc/header.php'); ?>
include('inc/check_admin.php');
require_once('inc/header.php'); ?>
<div class="container mt-5">
<h2 class="mb-4">Debug-Informationen</h2>
@@ -34,4 +34,4 @@ require_once('../inc/header.php'); ?>
</div>
</div>
<?php require_once '../inc/footer.php'; ?>
<?php require_once 'inc/footer.php'; ?>

119
colors.php
View File

@@ -1,5 +1,5 @@
<?php
session_start(); // Sicherstellen, dass Session läuft
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit();
@@ -7,7 +7,6 @@ if (!isset($_SESSION['user_id'])) {
require_once 'inc/db.php';
// Prüfen, ob der aktuelle Benutzer Admin ist
$is_admin = ($_SESSION['role'] === 'admin');
$message = '';
@@ -28,15 +27,14 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset(
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
// Weiterleitung verhindert doppeltes Löschen beim Reload
header("Location: colors.php");
exit();
}
// --- Nur Admins: Bearbeiten (Vorbereitung) ---
// --- Nur Admins: Bearbeiten ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$stmt = mysqli_prepare($conn, "SELECT id, name, hex_code FROM colors WHERE id = ?");
$stmt = mysqli_prepare($conn, "SELECT id, name, hex_code, is_special FROM colors WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
@@ -50,10 +48,11 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_
}
}
// --- Nur Admins: Hinzufügen / Aktualisieren ---
// --- Nur Admins: Speichern ---
if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$name = trim($_POST['name'] ?? '');
$hex_code = trim($_POST['hex_code'] ?? '');
$is_special = !empty($_POST['is_special']) ? 1 : 0;
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
if (empty($name) || empty($hex_code)) {
@@ -61,37 +60,40 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$message_type = 'danger';
} else {
if ($id) {
$stmt = mysqli_prepare($conn, "UPDATE colors SET name = ?, hex_code = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "ssi", $name, $hex_code, $id);
if (mysqli_stmt_execute($stmt)) {
$message = "Farbe erfolgreich aktualisiert!";
$message_type = 'success';
} else {
$message = "Fehler beim Aktualisieren der Farbe.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
$stmt = mysqli_prepare($conn, "UPDATE colors SET name = ?, hex_code = ?, is_special = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "ssii", $name, $hex_code, $is_special, $id);
} else {
$stmt = mysqli_prepare($conn, "INSERT INTO colors (name, hex_code) VALUES (?, ?)");
mysqli_stmt_bind_param($stmt, "ss", $name, $hex_code);
if (mysqli_stmt_execute($stmt)) {
$message = "Neue Farbe erfolgreich hinzugefügt!";
$message_type = 'success';
} else {
$message = "Fehler beim Hinzufügen der Farbe.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
$stmt = mysqli_prepare($conn, "INSERT INTO colors (name, hex_code, is_special) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, "ssi", $name, $hex_code, $is_special);
}
// Nach POST: Weiterleitung zur Anzeige (Post-Redirect-Get)
if (mysqli_stmt_execute($stmt)) {
$message = $id ? "Farbe erfolgreich aktualisiert!" : "Neue Farbe erfolgreich hinzugefügt!";
$message_type = 'success';
} else {
$message = "Fehler beim Speichern der Farbe.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
header("Location: colors.php");
exit();
}
}
// --- Farben für alle anzeigen ---
// --- Farben mit Nutzungszähler laden ---
$colors = [];
$result = mysqli_query($conn, "SELECT id, name, hex_code FROM colors ORDER BY name");
$result = mysqli_query($conn, "
SELECT
c.id,
c.name,
c.hex_code,
c.is_special,
COUNT(m.id) AS usage_count
FROM colors c
LEFT JOIN meetings m ON c.id = m.color_id
GROUP BY c.id, c.name, c.hex_code, c.is_special
ORDER BY c.name
");
while ($row = mysqli_fetch_assoc($result)) {
$colors[] = $row;
}
@@ -110,11 +112,6 @@ require_once 'inc/header.php';
<div class="d-flex justify-content-between align-items-center mb-4">
<h2 class="mb-0">Farbverwaltung</h2>
<?php if ($is_admin): ?>
<a class="btn btn-sm btn-outline-primary d-flex align-items-center" data-bs-toggle="collapse" href="#colorFormCollapse" role="button">
<span class="material-symbols-outlined me-1">add</span> Farbe hinzufügen
</a>
<?php endif; ?>
</div>
<?php if ($is_admin): ?>
@@ -139,6 +136,14 @@ require_once 'inc/header.php';
<input type="color" class="form-control form-control-color" id="hex_code" name="hex_code"
value="<?= htmlspecialchars($edit_color['hex_code'] ?? '#000000'); ?>">
</div>
<div class="col-12">
<div class="form-check">
<input class="form-check-input" type="checkbox" id="is_special" name="is_special" <?= (!empty($edit_color['is_special']) ? 'checked' : ''); ?>>
<label class="form-check-label" for="is_special">
Sonderfarbe (wird nicht im Zufallsmodus verwendet)
</label>
</div>
</div>
<div class="col-12 d-flex justify-content-start mt-2">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?> me-2">
<?= $edit_mode ? 'Speichern' : 'Hinzufügen'; ?>
@@ -149,13 +154,17 @@ require_once 'inc/header.php';
</form>
</div>
</div>
<hr class="mt-4 mb-4">
</div>
<?php endif; ?>
<div class="card shadow">
<div class="card-header bg-secondary bg-opacity-50 text-secondary">
<div class="card-header bg-secondary bg-opacity-50 text-secondary d-flex justify-content-between align-items-center">
<h4 class="mb-0">Aktuelle Farben</h4>
<?php if ($is_admin): ?>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#colorFormCollapse" role="button" aria-expanded="false" aria-controls="colorFormCollapse">Add
<span class="material-symbols-outlined">add</span>
</a>
<?php endif; ?>
</div>
<div class="card-body">
<?php if (empty($colors)): ?>
@@ -166,8 +175,8 @@ require_once 'inc/header.php';
<thead>
<tr>
<th>Name</th>
<th>Hex-Code</th>
<th>Farbe</th>
<th>Anz</th>
<?php if ($is_admin): ?>
<th>Aktionen</th>
<?php endif; ?>
@@ -176,19 +185,37 @@ require_once 'inc/header.php';
<tbody>
<?php foreach ($colors as $color): ?>
<tr>
<td><?= htmlspecialchars($color['name']); ?></td>
<td><?= htmlspecialchars($color['hex_code']); ?></td>
<td>
<?= htmlspecialchars($color['name']); ?>
<?php if ($color['is_special']): ?>
<span class="badge bg-info ms-1" title="Sonderfarbe nicht im Zufallsmodus">★</span>
<?php endif; ?>
</td>
<td>
<div style="background-color: <?= htmlspecialchars($color['hex_code']); ?>; width: 40px; height: 20px; border: 1px solid #ccc;"></div>
</td>
<td>
<?= (int)$color['usage_count']; ?>
</td>
<?php if ($is_admin): ?>
<td>
<a href="colors.php?action=edit&id=<?= htmlspecialchars($color['id']); ?>" class="text-dark me-1 text-decoration-none">
<span class="material-icons">mode_edit_outline</span>
</a>
<a href="colors.php?action=delete&id=<?= htmlspecialchars($color['id']); ?>" class="text-danger text-decoration-none" onclick="return confirm('Sind Sie sicher, dass Sie diese Farbe löschen möchten?');">
<span class="material-icons">delete_outline</span>
</a>
<td class="text-end align-middle">
<div class="dropdown">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<li>
<a class="dropdown-item d-flex align-items-center" href="colors.php?action=edit&id=<?= htmlspecialchars($color['id']); ?>">
<span class="material-icons me-2">mode_edit_outline</span> Bearbeiten
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="colors.php?action=delete&id=<?= htmlspecialchars($color['id']); ?>" onclick="return confirm('Sind Sie sicher, dass Sie diese Farbe löschen möchten?');">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
</ul>
</div>
</td>
<?php endif; ?>
</tr>

29
history.php
View File

@@ -155,20 +155,25 @@ include('inc/header.php');
<div class="mb-0 fs-6 fs-md-5 fw-bold">
<span class="fw-normal me-2">am</span><?= date('d.m.y', strtotime($meeting['date'])) ?>
</div>
<?php
if ($_SESSION['role'] == 'admin') {
?>
<div>
<a href="admin/participant.php?id=<?= $meeting_id ?>&source=history" style="text-decoration: none; border: none; outline: none;">
<span class="material-symbols-outlined text-dark">edit_calendar</span>
</a>
<a href="history.php?action=delete&id=<?= $meeting_id ?>" class="ms-1" style="text-decoration: none; border: none; outline: none;" onclick="return confirm('Möchtest du diesen Termin wirklich löschen?');">
<span class="material-symbols-outlined text-danger">delete_outline</span>
<?php if ($_SESSION['role'] === 'admin'): ?>
<div class="dropdown">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<li>
<a class="dropdown-item d-flex align-items-center" href="participant.php?id=<?= $meeting_id ?>&source=history">
<span class="material-icons me-2">edit_calendar</span> Bearbeiten
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="history.php?action=delete&id=<?= $meeting_id ?>" onclick="return confirm('Möchtest du diesen Termin wirklich löschen?');">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
</ul>
</div>
<?php
}
?>
<?php endif; ?>
</div>
<div class="card-body">
<div class="d-flex flex-column text-muted fst-italic mb-2">

92
inc/menu.php
View File

@@ -1,66 +1,86 @@
<nav class="navbar navbar-expand-lg navbar-dark bg-dark fixed-top">
<div class="container-fluid">
<a class="navbar-brand d-flex align-items-center" href="../index.php">
<img src="../img/icon-192.png" alt="Logo" width="32" height="32" class="me-2">
<a class="navbar-brand d-flex align-items-center" href="index.php">
<img src="img/icon-192.png" alt="Logo" width="32" height="32" class="me-2">
DoMiLi
</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav">
<li class="nav-item">
<a class="nav-link d-flex" href="../history.php"><span class="material-icons md-18 me-1">calendar_month</span>History</a>
<a class="nav-link d-flex align-items-center" href="history.php">
<span class="material-icons md-18 me-2">calendar_month</span> History
</a>
</li>
<li class="nav-item">
<a class="nav-link d-flex" href="../kasse.php"><span class="material-icons md-18 me-1">euro</span>Kasse</a>
<a class="nav-link d-flex align-items-center" href="kasse.php">
<span class="material-icons md-18 me-2">euro</span> Kasse
</a>
</li>
<li class="nav-item">
<a class="nav-link d-flex" href="../stats.php"><span class="material-icons md-18 me-1">bar_chart</span>Auswertung</a>
</li>
<!-- <li class="nav-item">
<a class="nav-link d-flex" href="#"><span class="material-icons md-18 me-1">menu_book</span>Anleitung</a>
<a class="nav-link d-flex align-items-center" href="stats.php">
<span class="material-icons md-18 me-2">bar_chart</span> Auswertung
</a>
</li>
<li class="nav-item">
<a class="nav-link d-flex" href="#"><span class="material-icons md-18 me-1">message</span>Kontakt</a>
</li> -->
<a class="nav-link d-flex align-items-center" href="vacation.php">
<span class="material-icons md-18 me-2" style="width: 24px;">beach_access</span> Abwesenheiten
</a>
</li>
<li class="nav-item dropdown">
<a class="nav-link d-flex align-items-center dropdown-toggle" href="#" role="button" data-bs-toggle="dropdown"><span class="material-icons md-18 me-1">settings</span>Settings</a>
<a class="nav-link d-flex align-items-center dropdown-toggle" href="#" role="button" data-bs-toggle="dropdown">
<span class="material-icons md-18 me-2">settings</span> Settings
</a>
<ul class="dropdown-menu">
<li><a class="dropdown-item" href="../colors.php">Farben</a></li>
<li><a class="dropdown-item d-flex align-items-center" href="colors.php"><span class="material-icons text-secondary me-2">palette</span>Farben</a></li>
<li><a class="dropdown-item d-flex align-items-center" href="planning.php"><span class="material-icons text-secondary me-2">event</span>Terminplanung</a></li>
<li><a class="dropdown-item d-flex align-items-center" href="users.php"><span class="material-icons text-secondary me-2">group</span>Benutzer</a></li>
<li><a class="dropdown-item d-flex align-items-center" href="info.php"><span class="material-icons text-secondary me-2">info</span>Release Notes</a></li>
</ul>
</li>
<?php
if (isset($_SESSION['role']) && $_SESSION['role'] == 'admin') {
?>
<li class="nav-item dropdown">
<a class="nav-link d-flex align-items-center dropdown-toggle" href="#" role="button" data-bs-toggle="dropdown"><span class="material-icons md-18 me-1">admin_panel_settings</span>Admin</a>
<ul class="dropdown-menu">
<li><a class="dropdown-item" href="../admin/planning.php">Terminplanung</a></li>
<li><a class="dropdown-item" href="../admin/users.php">Benutzer</a></li>
<li><a class="dropdown-item" href="../admin/check_session.php">Session prüfen</a></li>
</ul>
</li>
<?php
}
?>
</ul>
<ul class="navbar-nav ms-auto">
<li><a class="dropdown-item" href="#"><span class="material-icons align-baseline md-18 me-1">help</span></a></li>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" role="button" data-bs-toggle="dropdown"><span class="material-symbols-outlined align-text-bottom md-18 me-1">person</span><?php echo $_SESSION['username']; ?></a>
<a class="nav-link dropdown-toggle d-flex align-items-center" href="#" role="button" data-bs-toggle="dropdown">
<span class="material-symbols-outlined align-middle md-18 me-2">person</span>
<?= htmlspecialchars($_SESSION['username'] ?? 'Benutzer'); ?>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<li><a class="dropdown-item" href="../profil.php"><span class="material-icons text-secondary align-middle md-18 me-1">person</span>Profil</a></li>
<li><a class="dropdown-item" href="../change_password.php"><span class="material-icons text-secondary align-middle md-18 me-1">lock</span>Passwort ändern</a></li>
<li><a class="dropdown-item" href="../vacation.php"><span class="material-icons text-secondary align-middle md-18 me-1">beach_access</span>Abwesenheiten</a></li>
<li>
<div class="dropdown-divider"></div>
<a class="dropdown-item d-flex align-items-center" href="profil.php">
<span class="material-icons text-secondary" style="width: 24px;">person</span>
Profil
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center" href="change_password.php">
<span class="material-icons text-secondary" style="width: 24px;">lock</span>
Passwort ändern
</a>
</li>
<?php if (isset($_SESSION['role']) && $_SESSION['role'] === 'admin'): ?>
<li>
<a class="dropdown-item d-flex align-items-center" href="check_session.php">
<span class="material-icons text-secondary" style="width: 24px;">check_small</span>
Session prüfen
</a>
</li>
<?php endif; ?>
<li>
<hr class="dropdown-divider">
</li>
<li>
<a class="dropdown-item d-flex align-items-center" href="logout.php">
<span class="material-icons text-secondary" style="width: 24px;">logout</span>
Log Out
</a>
</li>
<li><a class="dropdown-item" href="../logout.php"><span class="material-icons align-middle md-18 me-1">logout</span>Log Out</a></li>
</ul>
</li>
</ul>

4
index.php
View File

@@ -332,7 +332,7 @@ $german_weekdays = [
</div>
</div>
<!-- TODO: -->
<!-- TODO: Fehler, wenn Kommentar weggelassen wird-->
<div class="d-flex justify-content-center pt-2 pb-3" style="max-width: 500px; margin-left: auto; margin-right: auto; flex-direction: column; align-items: center;" <!-- inline-css-ok -->
<?php if ($user_attendance_status === 'accepted'): ?>
@@ -371,7 +371,7 @@ $german_weekdays = [
<?php endif; ?>
<div class="d-flex justify-content-center my-3" style="max-width: 500px; margin-left: auto; margin-right: auto;">
<a href="admin/participant.php?id=<?= htmlspecialchars($row['id']) ?>" class="btn btn-sm btn-outline-secondary">Teilnahme eintragen</a>
<a href="participant.php?id=<?= htmlspecialchars($row['id']) ?>" class="btn btn-sm btn-outline-secondary">Teilnahme eintragen</a>
</div>
<!-- Teilnehmerübersicht -->

215
info.php Executable file
View File

@@ -0,0 +1,215 @@
<?php
// 🔐 Sicherheits- und Datenbanklogik zuerst VOR jeglicher HTML-Ausgabe
include('inc/check_login.php');
require_once('inc/db.php');
$is_admin = ($_SESSION['role'] === 'admin');
$message = '';
$message_type = '';
$edit_mode = false;
$edit_release = null;
// --- Nur Admins: Aktionen verarbeiten ---
if ($is_admin) {
// Löschen
if (isset($_GET['action']) && $_GET['action'] === 'delete' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$stmt = mysqli_prepare($conn, "DELETE FROM releases WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
if (mysqli_stmt_execute($stmt)) {
$_SESSION['message'] = "Version erfolgreich gelöscht!";
$_SESSION['message_type'] = 'success';
} else {
$_SESSION['message'] = "Fehler beim Löschen.";
$_SESSION['message_type'] = 'danger';
}
mysqli_stmt_close($stmt);
header("Location: info.php");
exit();
}
// Bearbeiten: Daten laden
if (isset($_GET['action']) && $_GET['action'] === 'edit' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$stmt = mysqli_prepare($conn, "SELECT id, version, release_date, notes FROM releases WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$edit_release = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
$edit_mode = true;
if (!$edit_release) {
$_SESSION['message'] = "Version nicht gefunden.";
$_SESSION['message_type'] = 'warning';
}
}
// Speichern (POST)
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$version = trim($_POST['version'] ?? '');
$date = trim($_POST['date'] ?? '');
$notes = trim($_POST['notes'] ?? '');
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
if (empty($version) || empty($date) || empty($notes)) {
$_SESSION['message'] = "Alle Felder sind erforderlich.";
$_SESSION['message_type'] = 'danger';
} elseif (!preg_match('/^v\d+\.\d+\.\d+$/', $version)) {
$_SESSION['message'] = "Ungültiges Versionsformat. Beispiel: v1.4.2";
$_SESSION['message_type'] = 'danger';
} elseif (!strtotime($date)) {
$_SESSION['message'] = "Ungültiges Datum.";
$_SESSION['message_type'] = 'danger';
} else {
if ($id) {
$stmt = mysqli_prepare($conn, "UPDATE releases SET version = ?, release_date = ?, notes = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "sssi", $version, $date, $notes, $id);
} else {
$stmt = mysqli_prepare($conn, "INSERT INTO releases (version, release_date, notes) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, "sss", $version, $date, $notes);
}
if (mysqli_stmt_execute($stmt)) {
$_SESSION['message'] = $id ? "Version aktualisiert!" : "Neue Version hinzugefügt!";
$_SESSION['message_type'] = 'success';
mysqli_stmt_close($stmt);
header("Location: info.php");
exit();
} else {
$_SESSION['message'] = "Fehler beim Speichern.";
$_SESSION['message_type'] = 'danger';
}
mysqli_stmt_close($stmt);
}
}
}
// --- Meldungen aus Session holen (nach Redirects) ---
if (isset($_SESSION['message'])) {
$message = $_SESSION['message'];
$message_type = $_SESSION['message_type'];
unset($_SESSION['message'], $_SESSION['message_type']);
}
// --- Daten für Anzeige laden ---
$releases = [];
$result = mysqli_query($conn, "SELECT id, version, release_date, notes FROM releases ORDER BY release_date DESC, id DESC");
while ($row = mysqli_fetch_assoc($result)) {
$row['notes_array'] = array_filter(array_map('trim', explode("\n", $row['notes'])));
$releases[] = $row;
}
$current_release = $releases[0] ?? null;
// --- Erst JETZT: HTML-Header einbinden ---
require_once('inc/header.php');
?>
<div class="container mt-5 mb-4">
<?php if ($message): ?>
<div class="alert alert-<?= htmlspecialchars($message_type) ?> alert-dismissible fade show" role="alert">
<?= htmlspecialchars($message) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<div class="row justify-content-center">
<div class="col-lg-8">
<h2 class="mb-4"> Info & Versionshinweise</h2>
<?php if ($current_release): ?>
<div class="card shadow mb-4">
<div class="card-header bg-primary-subtle text-secondary">
<h4 class="mb-0">Aktuelle Version</h4>
</div>
<div class="card-body">
<p class="h5 mb-0"><?= htmlspecialchars($current_release['version']) ?></p>
<p class="text-muted small mb-0">Veröffentlicht am: <?= date('d.m.Y', strtotime($current_release['release_date'])) ?></p>
</div>
</div>
<?php endif; ?>
<div class="card shadow">
<div class="card-header bg-secondary bg-opacity-50 text-secondary d-flex justify-content-between align-items-center">
<h4 class="mb-0">Release Notes</h4>
<?php if ($is_admin): ?>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#releaseFormCollapse" role="button" aria-expanded="false" aria-controls="releaseFormCollapse">Add
<span class="material-symbols-outlined">add</span>
</a>
<?php endif; ?>
</div>
<div class="card-body">
<?php if ($is_admin): ?>
<div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="releaseFormCollapse">
<div class="card card-body bg-light mb-4">
<h5><?= $edit_mode ? 'Version bearbeiten' : 'Neue Version hinzufügen'; ?></h5>
<form method="POST">
<?php if ($edit_mode): ?>
<input type="hidden" name="id" value="<?= htmlspecialchars($edit_release['id']); ?>">
<?php endif; ?>
<div class="mb-3">
<label class="form-label">Versionsnummer</label>
<input type="text" class="form-control" name="version" value="<?= htmlspecialchars($edit_release['version'] ?? ''); ?>" placeholder="z.B. v1.5.0" required>
<div class="form-text">Format: v1.4.2</div>
</div>
<div class="mb-3">
<label class="form-label">Veröffentlichungsdatum</label>
<input type="date" class="form-control" name="date" value="<?= htmlspecialchars($edit_release['release_date'] ?? date('Y-m-d')); ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Release Notes (ein Punkt pro Zeile)</label>
<textarea class="form-control" name="notes" rows="5" required><?= htmlspecialchars($edit_release['notes'] ?? '') ?></textarea>
</div>
<div class="d-flex gap-2">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?>"><?= $edit_mode ? 'Speichern' : 'Hinzufügen'; ?></button>
<a href="info.php" class="btn btn-sm btn-outline-secondary">Abbrechen</a>
</div>
</form>
</div>
</div>
<?php endif; ?>
<?php if (empty($releases)): ?>
<p class="text-muted">Keine Release Notes vorhanden.</p>
<?php else: ?>
<?php foreach ($releases as $release): ?>
<div class="d-flex align-items-start">
<div class="flex-grow-1">
<h5 class="mt-4 mb-1"><?= htmlspecialchars($release['version']) ?></h5>
<p class="text-muted small mb-3">Veröffentlicht am: <?= date('d.m.Y', strtotime($release['release_date'])) ?></p>
<ul class="mb-4">
<?php foreach ($release['notes_array'] as $note): ?>
<li><?= htmlspecialchars($note) ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php if ($is_admin): ?>
<div class="dropdown ms-3 mt-4">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<li>
<a class="dropdown-item d-flex align-items-center" href="info.php?action=edit&id=<?= $release['id'] ?>">
<span class="material-icons me-2">mode_edit_outline</span> Bearbeiten
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="info.php?action=delete&id=<?= $release['id'] ?>" onclick="return confirm('Wirklich löschen?')">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
</ul>
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php include('inc/footer.php'); ?>

20
admin/participant.php → participant.php
View File

@@ -3,20 +3,14 @@
// error_reporting(E_ALL);
// ini_set('display_errors', 1);
include('../inc/check_login.php');
include('../inc/db.php');
require_once '../inc/helpers.php';
// Nur Admin darf diese Seite nutzen deaktiviert
// if (!isset($_SESSION['role']) || $_SESSION['role'] !== 'admin') {
// header("Location: ../index.php");
// exit;
// }
include('inc/check_login.php');
include('inc/db.php');
require_once 'inc/helpers.php';
// Meeting-ID prüfen
if (!isset($_GET['id'])) {
$_SESSION['error_message'] = "Keine Meeting-ID angegeben.";
header("Location: ../index.php");
header("Location: index.php");
exit;
}
@@ -24,7 +18,7 @@ $meeting_id = intval($_GET['id']);
// Quelle merken (für Weiterleitung)
$source_page = isset($_GET['source']) && $_GET['source'] === 'history' ? 'history' : 'index';
$cancel_link = $source_page === 'history' ? '../history.php' : '../index.php';
$cancel_link = $source_page === 'history' ? 'history.php' : 'index.php';
// Meeting-Daten laden
$stmt = mysqli_prepare($conn, "SELECT meeting_date, color_id, reason FROM meetings WHERE id = ?");
@@ -123,7 +117,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
exit;
}
require_once '../inc/header.php';
require_once 'inc/header.php';
?>
<div class="container mt-5">
@@ -234,4 +228,4 @@ require_once '../inc/header.php';
</div>
</div>
<?php include('../inc/footer.php'); ?>
<?php include('inc/footer.php'); ?>

307
planning.php Executable file
View File

@@ -0,0 +1,307 @@
<?php
include('inc/check_login.php');
require_once('inc/db.php');
$is_admin = ($_SESSION['role'] === 'admin');
$message = '';
$message_type = '';
$edit_mode = false;
$edit_meeting = null;
// --- Funktion: Zufallsfarbe mit inverser Gewichtung (alle Termine, keine Sonderfarben) ---
function get_weighted_random_color($conn)
{
// Zählt ALLE Termine (vergangen + geplant) für jede reguläre Farbe
$colors = [];
$result = mysqli_query($conn, "
SELECT
c.id,
c.name,
COUNT(m.id) AS usage_count
FROM colors c
LEFT JOIN meetings m ON c.id = m.color_id
WHERE c.is_special = 0
GROUP BY c.id, c.name
");
if (!$result || mysqli_num_rows($result) === 0) {
return null;
}
while ($row = mysqli_fetch_assoc($result)) {
$colors[] = [
'id' => (int)$row['id'],
'usage' => (int)$row['usage_count']
];
}
$max_usage = max(array_column($colors, 'usage'));
$color_pool = [];
foreach ($colors as $color) {
$weight = $max_usage - $color['usage'] + 1; // Mindestgewicht = 1
for ($i = 0; $i < $weight; $i++) {
$color_pool[] = $color['id'];
}
}
if (empty($color_pool)) {
return null;
}
return $color_pool[array_rand($color_pool)];
}
// --- Nur Admins: Löschen ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$stmt = mysqli_prepare($conn, "DELETE FROM meetings WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
if (mysqli_stmt_execute($stmt)) {
$message = "Termin erfolgreich gelöscht!";
$message_type = 'success';
} else {
$message = "Fehler beim Löschen des Termins.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
header("Location: planning.php");
exit();
}
// --- Nur Admins: Bearbeiten ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$stmt = mysqli_prepare($conn, "SELECT id, meeting_date, color_id, reason FROM meetings WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$edit_meeting = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
$edit_mode = true;
if ($edit_meeting) {
$edit_dt = new DateTime($edit_meeting['meeting_date']);
$edit_meeting['meeting_date_only'] = $edit_dt->format('Y-m-d');
$edit_meeting['meeting_time_only'] = $edit_dt->format('H:i');
} else {
$message = "Termin nicht gefunden.";
$message_type = 'warning';
}
}
// --- Nur Admins: Speichern (POST) ---
if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$meeting_date_only = $_POST['meeting_date'] ?? '';
$meeting_time_only = $_POST['meeting_time'] ?? '12:00';
$color_id = (int)($_POST['color_id'] ?? 0);
$reason = trim($_POST['reason'] ?? 'Zufallsfarbe');
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
if (empty($meeting_date_only) || !$color_id) {
$message = "Datum und Farbe sind erforderlich.";
$message_type = 'danger';
} else {
$meeting_date = $meeting_date_only . ' ' . $meeting_time_only;
if ($id) {
$stmt = mysqli_prepare($conn, "UPDATE meetings SET meeting_date = ?, color_id = ?, reason = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "sisi", $meeting_date, $color_id, $reason, $id);
} else {
$stmt = mysqli_prepare($conn, "INSERT INTO meetings (meeting_date, color_id, reason) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, "sis", $meeting_date, $color_id, $reason);
}
if (mysqli_stmt_execute($stmt)) {
$message = $id ? "Termin aktualisiert!" : "Neuer Termin hinzugefügt!";
$message_type = 'success';
} else {
$message = "Fehler beim Speichern.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
header("Location: planning.php");
exit();
}
}
// --- 🔁 Automatische Planung: 4 Donnerstage, max. 1 pro Woche ---
if ($is_admin) {
$today = new DateTime('today');
$existing_weeks = [];
$result_existing = mysqli_query($conn, "SELECT meeting_date FROM meetings");
while ($row = mysqli_fetch_assoc($result_existing)) {
$dt = new DateTime($row['meeting_date']);
$year = $dt->format('o');
$week = $dt->format('W');
$existing_weeks["$year-$week"] = true;
}
$date = clone $today;
for ($i = 0; $i < 4; $i++) {
$date->modify($i === 0 ? 'next thursday' : 'next thursday');
$year = $date->format('o');
$week = $date->format('W');
$week_key = "$year-$week";
if (!isset($existing_weeks[$week_key])) {
$new_date = $date->format('Y-m-d') . ' 12:00:00';
$color_id = get_weighted_random_color($conn);
if ($color_id) {
$check = mysqli_prepare($conn, "SELECT id FROM meetings WHERE meeting_date = ?");
mysqli_stmt_bind_param($check, "s", $new_date);
mysqli_stmt_execute($check);
$exists = mysqli_fetch_assoc(mysqli_stmt_get_result($check));
mysqli_stmt_close($check);
if (!$exists) {
$default_reason = "Zufallsfarbe";
$ins = mysqli_prepare($conn, "INSERT INTO meetings (meeting_date, color_id, reason) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($ins, "sis", $new_date, $color_id, $default_reason);
mysqli_stmt_execute($ins);
mysqli_stmt_close($ins);
$existing_weeks[$week_key] = true;
}
}
}
}
}
// --- Daten für Anzeige laden ---
$all_colors = [];
if ($is_admin) {
$result_colors = mysqli_query($conn, "SELECT id, name, hex_code FROM colors ORDER BY name");
while ($row = mysqli_fetch_assoc($result_colors)) {
$all_colors[] = $row;
}
}
$meetings = [];
$result_meetings = mysqli_query($conn, "
SELECT m.id, m.meeting_date, m.reason, c.name AS color_name, c.hex_code
FROM meetings m
JOIN colors c ON m.color_id = c.id
WHERE m.is_completed = 0
ORDER BY m.meeting_date
");
while ($row = mysqli_fetch_assoc($result_meetings)) {
$meetings[] = $row;
}
require_once 'inc/header.php';
?>
<div class="container mt-5">
<?php if ($message): ?>
<div class="alert alert-<?= htmlspecialchars($message_type) ?> alert-dismissible fade show" role="alert">
<?= htmlspecialchars($message) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<div class="d-flex justify-content-between align-items-center mb-4">
<h2 class="mb-0">Terminübersicht</h2>
</div>
<?php if ($is_admin): ?>
<div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="planningFormCollapse">
<div class="card shadow mb-4">
<div class="card-header bg-primary-subtle text-secondary">
<h4 class="mb-0"><?= $edit_mode ? 'Termin bearbeiten' : 'Neuen Termin hinzufügen'; ?></h4>
</div>
<div class="card-body">
<form action="planning.php" method="post">
<?php if ($edit_mode): ?>
<input type="hidden" name="id" value="<?= htmlspecialchars($edit_meeting['id']); ?>">
<?php endif; ?>
<div class="row g-3">
<div class="col-md-4">
<label class="form-label">Datum</label>
<input type="date" class="form-control" name="meeting_date" value="<?= htmlspecialchars($edit_meeting['meeting_date_only'] ?? ''); ?>" required>
</div>
<div class="col-md-4">
<label class="form-label">Uhrzeit</label>
<input type="time" class="form-control" name="meeting_time" value="<?= htmlspecialchars($edit_meeting['meeting_time_only'] ?? '12:00'); ?>" required>
</div>
<div class="col-md-4">
<label class="form-label">Farbe</label>
<select class="form-select" name="color_id" required>
<?php foreach ($all_colors as $color): ?>
<option value="<?= $color['id'] ?>" <?= (($edit_meeting['color_id'] ?? 0) == $color['id']) ? 'selected' : '' ?>>
<?= htmlspecialchars($color['name']) ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="col-12">
<label class="form-label">Grund für die Farbe (optional)</label>
<input type="text" class="form-control" name="reason" value="<?= htmlspecialchars($edit_meeting['reason'] ?? ''); ?>">
<div class="form-text">Wenn leer, wird „Zufallsfarbe“ eingetragen.</div>
</div>
<div class="col-12 d-flex justify-content-start">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary' ?> me-2">
<?= $edit_mode ? 'Speichern' : 'Hinzufügen' ?>
</button>
<a href="planning.php" class="btn btn-sm btn-outline-secondary">Abbrechen</a>
</div>
</div>
</form>
</div>
</div>
</div>
<?php endif; ?>
<div class="card shadow">
<div class="card-header bg-secondary bg-opacity-50 text-secondary d-flex justify-content-between align-items-center">
<h4 class="mb-0">Anstehende Termine</h4>
<?php if ($is_admin): ?>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#planningFormCollapse" role="button" aria-expanded="false" aria-controls="planningFormCollapse">Add
<span class="material-symbols-outlined">add</span>
</a>
<?php endif; ?>
</div>
<div class="card-body">
<?php if (empty($meetings)): ?>
<p class="text-muted text-center">Keine anstehenden Termine.</p>
<?php else: ?>
<div class="list-group list-group-flush">
<?php foreach ($meetings as $m): ?>
<div class="list-group-item">
<div class="d-flex justify-content-between align-items-start">
<div>
<p class="fw-bold mb-1"><?= date('d.m.Y H:i', strtotime($m['meeting_date'])) ?></p>
<div class="d-flex align-items-center mb-1">
<div class="rounded me-2" style="background-color: <?= htmlspecialchars($m['hex_code']); ?>; width: 20px; height: 20px;"></div>
<span><?= htmlspecialchars($m['color_name']); ?></span>
</div>
<p class="text-muted small mb-0">Grund: <?= htmlspecialchars($m['reason']); ?></p>
</div>
<?php if ($is_admin): ?>
<div class="dropdown ms-2">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<li>
<a class="dropdown-item d-flex align-items-center" href="planning.php?action=edit&id=<?= $m['id'] ?>">
<span class="material-icons me-2">mode_edit_outline</span> Bearbeiten
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="planning.php?action=delete&id=<?= $m['id'] ?>" onclick="return confirm('Wirklich löschen?')">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
</ul>
</div>
<?php endif; ?>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
</div>
</div>
<?php include('inc/footer.php'); ?>

153
stats.php
View File

@@ -38,7 +38,7 @@ while ($row = mysqli_fetch_assoc($result)) {
$participation_stats[] = $row;
}
// Neue Statistik: Durchschnittliche Anwesenheit pro Meeting
// Durchschnittliche Anwesenheit pro Meeting
$avg_attendance = 0;
$sql_avg_attendance = "
SELECT AVG(attended_count) AS avg_attended
@@ -54,7 +54,7 @@ if ($row = mysqli_fetch_assoc($result_avg)) {
$avg_attendance = round($row['avg_attended'], 2);
}
// Neue Statistik: Durchschnittliche Anzahl derer, die die korrekte Farbe getragen haben
// Durchschnittliche korrekte Farbe
$avg_wore_color = 0;
$sql_avg_wore_color = "
SELECT AVG(wore_color_count) AS avg_wore_color
@@ -70,7 +70,7 @@ if ($row = mysqli_fetch_assoc($result_avg_wore)) {
$avg_wore_color = round($row['avg_wore_color'], 2);
}
// Neue Statistik: Ranking nach dem Tragen der Farbe
// Ranking: Farbe getragen
$wore_color_stats = [];
$sql_wore_color = "
SELECT
@@ -88,7 +88,22 @@ while ($row = mysqli_fetch_assoc($result_wore)) {
$wore_color_stats[] = $row;
}
// Header einbinden
// 🔹 NEU: Ranking der Verschiebungsvorschläge
$reschedule_stats = [];
$sql_reschedule = "
SELECT
u.username,
COUNT(p.id) AS reschedule_count
FROM meeting_reschedule_proposals p
JOIN users u ON p.proposed_by_user_id = u.id
GROUP BY u.username
ORDER BY reschedule_count DESC
";
$result_reschedule = mysqli_query($conn, $sql_reschedule);
while ($row = mysqli_fetch_assoc($result_reschedule)) {
$reschedule_stats[] = $row;
}
require_once 'inc/header.php';
?>
@@ -105,21 +120,18 @@ require_once 'inc/header.php';
<h5 class="card-title text-center">Häufigkeit der gewählten Farben</h5>
<canvas id="colorChart" class="mb-4"></canvas>
</div>
<!-- Trennlinie, die nur auf Mobilgeräten sichtbar ist -->
<hr class="d-lg-none my-4">
<div class="col-lg-6">
<h5 class="card-title text-center">Teilnahme-Ranking</h5>
<p class="text-center text-muted mt-2 mb-3">
Durchschnittliche Anwesenheit je Treffen: <strong><?= htmlspecialchars($avg_attendance) ?></strong>
</p>
<!-- Neuer Container mit fester Höhe, um das unendliche Wachstum zu stoppen -->
<div style="height: 40vh;">
<canvas id="participationChart"></canvas>
</div>
</div>
</div>
<!-- Trennlinie für die neue Statistik -->
<hr class="my-4">
<div class="row justify-content-center">
@@ -128,13 +140,27 @@ require_once 'inc/header.php';
<p class="text-center text-muted mt-2 mb-3">
Durchschnittliche korrekte Farbe je Treffen: <strong><?= htmlspecialchars($avg_wore_color) ?></strong>
</p>
<!-- Container für das neue Diagramm -->
<div style="height: 40vh;">
<canvas id="woreColorChart"></canvas>
</div>
</div>
</div>
<!-- 🔹 NEUER BLOCK: Verschiebungsvorschläge -->
<hr class="my-4">
<div class="row justify-content-center">
<div class="col-lg-6">
<h5 class="card-title text-center">Ranking - Verschiebungsvorschläge</h5>
<p class="text-center text-muted mt-2 mb-3">
Wer schlägt am häufigsten eine Terminverschiebung vor?
</p>
<div style="height: 40vh;">
<canvas id="rescheduleChart"></canvas>
</div>
</div>
</div>
</div>
</div>
</div>
@@ -143,7 +169,7 @@ require_once 'inc/header.php';
<script>
document.addEventListener('DOMContentLoaded', function() {
// Daten für Farbhäufigkeits-Diagramm
// Farbhäufigkeit
const colorData = {
labels: <?= json_encode(array_column($color_stats, 'name')); ?>,
datasets: [{
@@ -154,15 +180,14 @@ require_once 'inc/header.php';
borderWidth: 1
}]
};
const colorConfig = {
new Chart(document.getElementById('colorChart'), {
type: 'pie',
data: colorData,
options: {
responsive: true,
plugins: {
legend: {
position: 'top',
position: 'top'
},
title: {
display: true,
@@ -170,14 +195,9 @@ require_once 'inc/header.php';
}
}
}
};
});
new Chart(
document.getElementById('colorChart'),
colorConfig
);
// Daten für Teilnahme-Diagramm
// Teilnahme
const participationData = {
labels: <?= json_encode(array_column($participation_stats, 'username')); ?>,
datasets: [{
@@ -188,14 +208,13 @@ require_once 'inc/header.php';
borderWidth: 1
}]
};
const participationConfig = {
new Chart(document.getElementById('participationChart'), {
type: 'bar',
data: participationData,
options: {
indexAxis: 'y',
responsive: true,
maintainAspectRatio: false, // Wichtig für die Größenanpassung
maintainAspectRatio: false,
plugins: {
legend: {
display: false
@@ -212,29 +231,19 @@ require_once 'inc/header.php';
y: {
ticks: {
font: {
size: 10 // Kleinere Schriftgröße für bessere Lesbarkeit auf mobilen Geräten
size: 10
},
// Callback, um lange Namen zu kürzen und Überlappungen zu vermeiden
callback: function(value, index, ticks) {
callback: function(value) {
const username = this.getLabelForValue(value);
const maxChars = 15; // Maximale Zeichen auf Mobilgeräten
if (username.length > maxChars) {
return username.substring(0, maxChars) + '...';
}
return username;
return username.length > 15 ? username.substring(0, 15) + '...' : username;
}
}
}
}
}
};
});
new Chart(
document.getElementById('participationChart'),
participationConfig
);
// Daten für "Farbe getragen"-Diagramm
// Farbe getragen
const woreColorData = {
labels: <?= json_encode(array_column($wore_color_stats, 'username')); ?>,
datasets: [{
@@ -245,8 +254,7 @@ require_once 'inc/header.php';
borderWidth: 1
}]
};
const woreColorConfig = {
new Chart(document.getElementById('woreColorChart'), {
type: 'bar',
data: woreColorData,
options: {
@@ -264,31 +272,74 @@ require_once 'inc/header.php';
},
scales: {
x: {
beginAtZero: true
beginAtZero: true,
ticks: {
stepSize: 1
}
},
y: {
ticks: {
font: {
size: 10
},
callback: function(value, index, ticks) {
callback: function(value) {
const username = this.getLabelForValue(value);
const maxChars = 15;
if (username.length > maxChars) {
return username.substring(0, maxChars) + '...';
}
return username;
return username.length > 15 ? username.substring(0, 15) + '...' : username;
}
}
}
}
}
};
});
new Chart(
document.getElementById('woreColorChart'),
woreColorConfig
);
// 🔹 NEU: Verschiebungsvorschläge
const rescheduleData = {
labels: <?= json_encode(array_column($reschedule_stats, 'username')); ?>,
datasets: [{
label: 'Verschiebungsvorschläge',
data: <?= json_encode(array_column($reschedule_stats, 'reschedule_count')); ?>,
backgroundColor: 'rgba(255, 159, 64, 0.8)',
borderColor: 'rgb(255, 159, 64)',
borderWidth: 1
}]
};
new Chart(document.getElementById('rescheduleChart'), {
type: 'bar',
data: rescheduleData,
options: {
indexAxis: 'y',
responsive: true,
maintainAspectRatio: false,
plugins: {
legend: {
display: false
},
title: {
display: true,
text: 'Anzahl der Verschiebungsvorschläge pro Benutzer'
}
},
scales: {
x: {
beginAtZero: true,
ticks: {
stepSize: 1
}
},
y: {
ticks: {
font: {
size: 10
},
callback: function(value) {
const username = this.getLabelForValue(value);
return username.length > 15 ? username.substring(0, 15) + '...' : username;
}
}
}
}
}
});
});
</script>

234
users.php Executable file
View File

@@ -0,0 +1,234 @@
<?php
include('inc/check_login.php');
require_once('inc/db.php');
$is_admin = ($_SESSION['role'] === 'admin');
$message = '';
$message_type = '';
$edit_mode = false;
$edit_user = null;
// --- Nur Admins: Löschen ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
if ($id == $_SESSION['user_id']) {
$message = "Sie können Ihren eigenen Account nicht löschen.";
$message_type = 'danger';
} else {
$stmt = mysqli_prepare($conn, "DELETE FROM users WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
if (mysqli_stmt_execute($stmt)) {
$message = "Benutzer erfolgreich gelöscht!";
$message_type = 'success';
} else {
$message = "Fehler beim Löschen des Benutzers.";
$message_type = 'danger';
}
mysqli_stmt_close($stmt);
}
header("Location: users.php");
exit();
}
// --- Nur Admins: Bearbeiten ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$stmt = mysqli_prepare($conn, "SELECT id, username, email, role FROM users WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$edit_user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
$edit_mode = true;
if (!$edit_user) {
$message = "Benutzer nicht gefunden.";
$message_type = 'warning';
}
}
// --- Nur Admins: Speichern ---
if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$username = trim($_POST['username'] ?? '');
$password = $_POST['password'] ?? '';
$email_raw = trim($_POST['email'] ?? '');
$role = ($_POST['role'] ?? 'member') === 'admin' ? 'admin' : 'member';
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
$email = !empty($email_raw) ? $email_raw : null;
if (empty($username)) {
$message = "Benutzername ist erforderlich.";
$message_type = 'danger';
} else {
if ($id) {
if (!empty($password)) {
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, email = ?, role = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "ssssi", $username, $password_hashed, $email, $role, $id);
} else {
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, email = ?, role = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "sssi", $username, $email, $role, $id);
}
} else {
if (empty($password)) {
$message = "Passwort ist beim Erstellen erforderlich.";
$message_type = 'danger';
} else {
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, role) VALUES (?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, "ssss", $username, $password_hashed, $email, $role);
}
}
if (!isset($message)) {
if (isset($stmt) && mysqli_stmt_execute($stmt)) {
$message = $id ? "Benutzer aktualisiert!" : "Neuer Benutzer hinzugefügt!";
$message_type = 'success';
} else {
$message = "Fehler beim Speichern.";
$message_type = 'danger';
}
if (isset($stmt)) mysqli_stmt_close($stmt);
header("Location: users.php");
exit();
}
}
}
// --- Mitgliederliste für alle ---
$users = [];
$result = mysqli_query($conn, "SELECT id, username, role FROM users ORDER BY id ASC");
while ($row = mysqli_fetch_assoc($result)) {
$users[] = $row;
}
require_once 'inc/header.php';
?>
<div class="container mt-5">
<?php if ($message): ?>
<div class="alert alert-<?= htmlspecialchars($message_type) ?> alert-dismissible fade show" role="alert">
<?= htmlspecialchars($message) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<div class="d-flex justify-content-between align-items-center mb-4">
<h2 class="mb-0">Benutzerübersicht</h2>
</div>
<?php if ($is_admin): ?>
<div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="userFormCollapse">
<div class="card shadow mb-4">
<div class="card-header bg-primary-subtle text-secondary">
<h4 class="mb-0"><?= $edit_mode ? 'Benutzer bearbeiten' : 'Neuen Benutzer hinzufügen'; ?></h4>
</div>
<div class="card-body">
<form action="users.php" method="post">
<?php if ($edit_mode): ?>
<input type="hidden" name="id" value="<?= htmlspecialchars($edit_user['id']); ?>">
<?php endif; ?>
<div class="row g-3">
<div class="col-md-3">
<label class="form-label">Benutzername</label>
<input type="text" class="form-control" name="username" value="<?= htmlspecialchars($edit_user['username'] ?? ''); ?>" required>
</div>
<div class="col-md-3">
<label class="form-label">E-Mail (optional)</label>
<input type="email" class="form-control" name="email" value="<?= htmlspecialchars($edit_user['email'] ?? ''); ?>">
</div>
<div class="col-md-3">
<label class="form-label">Passwort</label>
<input type="password" class="form-control" name="password" placeholder="<?= $edit_mode ? 'Leer lassen = unverändert' : 'Erforderlich' ?>">
<?php if ($edit_mode): ?>
<div class="form-text">Leer lassen, um Passwort nicht zu ändern.</div>
<?php endif; ?>
</div>
<div class="col-md-3">
<label class="form-label">Rolle</label>
<select class="form-select" name="role">
<option value="member" <?= (($edit_user['role'] ?? 'member') === 'member') ? 'selected' : ''; ?>>Mitglied</option>
<option value="admin" <?= (($edit_user['role'] ?? 'member') === 'admin') ? 'selected' : ''; ?>>Admin</option>
</select>
</div>
<div class="col-12 d-flex justify-content-start">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?> me-2">
<?= $edit_mode ? 'Speichern' : 'Hinzufügen'; ?>
</button>
<a href="users.php" class="btn btn-sm btn-outline-secondary">Abbrechen</a>
</div>
</div>
</form>
</div>
</div>
</div>
<?php endif; ?>
<div class="card shadow">
<div class="card-header bg-secondary bg-opacity-50 text-secondary d-flex justify-content-between align-items-center">
<h4 class="mb-0">Mitglieder</h4>
<?php if ($is_admin): ?>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#userFormCollapse" role="button" aria-expanded="false" aria-controls="userFormCollapse">Add
<span class="material-symbols-outlined">add</span>
</a>
<?php endif; ?>
</div>
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead>
<tr>
<th>ID</th>
<th>Benutzername</th>
<th>Rolle</th>
<?php if ($is_admin): ?>
<th>Aktionen</th>
<?php endif; ?>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?= htmlspecialchars($user['id']) ?></td>
<td><?= htmlspecialchars($user['username']) ?></td>
<td>
<span class="badge rounded-pill bg-<?= $user['role'] === 'admin' ? 'info' : 'secondary' ?>">
<?= htmlspecialchars($user['role']) ?>
</span>
</td>
<?php if ($is_admin): ?>
<td class="text-end align-middle">
<div class="dropdown">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<li>
<a class="dropdown-item d-flex align-items-center" href="users.php?action=edit&id=<?= htmlspecialchars($user['id']) ?>">
<span class="material-icons me-2">mode_edit_outline</span> Bearbeiten
</a>
</li>
<?php if ($user['id'] != $_SESSION['user_id']): ?>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="users.php?action=delete&id=<?= htmlspecialchars($user['id']) ?>" onclick="return confirm('Wirklich löschen?')">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
<?php endif; ?>
</ul>
</div>
</td>
<?php endif; ?>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?php include('inc/footer.php'); ?>

2
verschiebung.php
View File

@@ -232,7 +232,7 @@ function handle_reschedule_actions($conn, $meeting_id, $user_id)
// Meeting aktualisieren
$update_meeting = mysqli_prepare($conn, "
UPDATE meetings
SET meeting_date = ?, reason = ?
SET meeting_date = ?
WHERE id = ?
");
mysqli_stmt_bind_param($update_meeting, "ssi", $new_date, $new_reason, $meeting_id);