Borgal/domili
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Borgal:ddcd614a4900206f4f35f235cb82c774c267e3e6
Branches Tags
Borgal:main
...
compare: Borgal:main
Branches Tags
Borgal:main

12 Commits
ddcd614a49 ... main

Author SHA1 Message Date
Borgal
2a96df9381 v1.3.2 - "Passwort vergessen" Funktion hinzugefügt 2025-11-21 11:45:49 +01:00
Borgal
968bbdec3b v1.3.1 - siehe Release Notes 2025-11-21 11:45:10 +01:00
Borgal
654157f174 v1.3.1 - Zahlerlogik verbessert 2025-11-19 20:40:09 +01:00
Borgal
2046d80c9b v1.3.1 - PDF Download auch als Member 2025-11-19 01:24:38 +01:00
Borgal
358a73f16f v1.3.1 - Sortierung Zahler - nächster Zahler immer ganz oben 2025-11-18 18:51:46 +01:00
Borgal
a8b4b0d5f2 v1.3.1 Geburtstaglogik komplett überarbeitet 2025-11-18 18:40:27 +01:00
Borgal
a4c3644a54 v1.3.1 - Statistik jetzt nach Quoten nicht mehr nach absoluten Zahlen 2025-11-18 18:40:04 +01:00
Borgal
cb0f7ea866 v1.3.1 - Sortierung nach ABC 2025-11-18 18:39:22 +01:00
Borgal
ec0a253d4e v1.3.1 PDF Backup hinzugefügt 2025-11-18 18:38:47 +01:00
Borgal
1b78d4b15a v1.3.0 - Geburtstags in Admin-Edit hinzugefügt 2025-11-17 18:57:07 +01:00
Borgal
b7676b2833 v1.3.0 - dezenter Rahmen um Farbvorgabe 2025-11-17 00:52:14 +01:00
Borgal
0cb4ca932c 1.3.0 Geburtstagslogik verbessert 2025-11-16 21:26:21 +01:00
22 changed files with 1030 additions and 440 deletions
Expand all files Collapse all files

118
backup.php Executable file
View File

@@ -0,0 +1,118 @@
<?php
include('inc/check_login.php');
include('inc/db.php');
// 🔹 Pfad zum Backup-Ordner (relativ zum Projekt)
$backup_dir = __DIR__ . '/backups/';
$backup_url = 'backups/'; // öffentliche URL
// Prüfen, ob Ordner existiert
if (!is_dir($backup_dir)) {
mkdir($backup_dir, 0755, true);
}
// PDF-Dateien holen
$files = [];
if ($handle = opendir($backup_dir)) {
while (false !== ($entry = readdir($handle))) {
if ($entry !== '.' && $entry !== '..' && pathinfo($entry, PATHINFO_EXTENSION) === 'pdf') {
$full_path = $backup_dir . $entry;
$files[] = [
'name' => $entry,
'size' => filesize($full_path),
'mtime' => filemtime($full_path)
];
}
}
closedir($handle);
// 🔸 Sortieren nach Datum im Dateinamen: DoMiLi_Backup_YYYY-MM[_x].pdf
usort($files, function ($a, $b) {
// Extrahiere YYYY-MM aus dem Dateinamen (ohne .pdf)
$nameA = pathinfo($a['name'], PATHINFO_FILENAME);
$nameB = pathinfo($b['name'], PATHINFO_FILENAME);
// Regex: Suche nach 4 Ziffern, Bindestrich, 2 Ziffern
$dateA = null;
$dateB = null;
if (preg_match('/(\d{4}-\d{2})/', $nameA, $matchesA)) {
$dateA = $matchesA[1];
}
if (preg_match('/(\d{4}-\d{2})/', $nameB, $matchesB)) {
$dateB = $matchesB[1];
}
// Wenn kein Datum gefunden: ans Ende schieben
if ($dateA === null && $dateB === null) return 0;
if ($dateA === null) return 1; // A hinter B
if ($dateB === null) return -1; // B hinter A
// Absteigend sortieren: neuestes zuerst → "2025-07" > "2025-02"
return $dateB <=> $dateA;
});
}
require_once 'inc/header.php';
?>
<div class="container mt-5">
<div class="d-flex justify-content-between align-items-center mb-4">
<h2 class="mb-0">PDF-Backups</h2>
<a href="index.php" class="btn btn-sm btn-outline-secondary">Zurück</a>
</div>
<?php if (empty($files)): ?>
<div class="alert alert-info">
<span class="material-symbols-outlined align-text-bottom me-2">info</span>
Keine PDF-Backups gefunden.
</div>
<?php else: ?>
<div class="card shadow">
<div class="card-body p-0">
<div class="table-responsive">
<table class="table table-hover mb-0">
<thead class="table-light">
<tr>
<th>Datei</th>
<th>Datum</th>
<th class="d-none d-md-table-cell">Größe</th>
<th class="text-end">Aktion</th>
</tr>
</thead>
<tbody>
<?php foreach ($files as $file): ?>
<tr>
<td style="white-space: nowrap;">
<div class="d-flex align-items-center" style="min-height: 1.4rem;">
<span class="material-symbols-outlined text-info me-2" style="font-size: 1.1em; line-height: 1; flex-shrink: 0;">picture_as_pdf</span>
<span class="fw-medium text-break" style="font-size: 0.92rem; line-height: 1.3; min-width: 0; white-space: normal;">
<?= htmlspecialchars(pathinfo($file['name'], PATHINFO_FILENAME)) ?>
</span>
</div>
</td>
<td><?= date('d.m.y', $file['mtime']) ?></td>
<td class="d-none d-md-table-cell"><?= number_format($file['size'] / 1024, 1, ',', '.') ?> KB</td>
<td class="text-end pe-4">
<a href="<?= htmlspecialchars($backup_url . $file['name']) ?>" target="_blank" class="text-secondary" title="PDF öffnen oder herunterladen">
<span class="material-icons">download</span>
</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
<?php endif; ?>
<div class="mt-4 p-3 bg-light rounded">
<h5 class="mb-3">Hinweis</h5>
<p class="mb-0">
Diese PDFs werden manuell oder automatisch erstellt (z.B. über <code>export.php</code>).
Sie dienen als Archiv und können nicht über diese Oberfläche gelöscht werden.
</p>
</div>
</div>
<?php include('inc/footer.php'); ?>

BIN
backups/DoMiLi_Backup_2025-07.pdf Executable file
View File

Binary file not shown.

BIN
backups/DoMiLi_Backup_2025-08.pdf Executable file
View File

Binary file not shown.

BIN
backups/DoMiLi_Backup_2025-09.pdf Executable file
View File

Binary file not shown.

BIN
backups/DoMiLi_Backup_2025-10.pdf
View File

Binary file not shown.

59
colors.php
View File

@@ -1,10 +1,5 @@
<?php <?php
session_start(); include('inc/check_login.php');
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit();
}
require_once 'inc/db.php'; require_once 'inc/db.php';
$is_admin = ($_SESSION['role'] === 'admin'); $is_admin = ($_SESSION['role'] === 'admin');
@@ -80,6 +75,18 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
} }
} }
// --- Sortierung mit Richtung (asc/desc) ---
$sort = $_GET['sort'] ?? 'name';
$dir = $_GET['dir'] ?? 'asc';
$sort = in_array($sort, ['name', 'usage']) ? $sort : 'name';
$dir = in_array($dir, ['asc', 'desc']) ? $dir : 'asc';
if ($sort === 'usage') {
$order_by = "usage_count $dir, c.name ASC";
} else {
$order_by = "c.name $dir";
}
// --- Farben mit Nutzungszähler laden --- // --- Farben mit Nutzungszähler laden ---
$colors = []; $colors = [];
$result = mysqli_query($conn, " $result = mysqli_query($conn, "
@@ -92,7 +99,7 @@ $result = mysqli_query($conn, "
FROM colors c FROM colors c
LEFT JOIN meetings m ON c.id = m.color_id LEFT JOIN meetings m ON c.id = m.color_id
GROUP BY c.id, c.name, c.hex_code, c.is_special GROUP BY c.id, c.name, c.hex_code, c.is_special
ORDER BY c.name ORDER BY $order_by
"); ");
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$colors[] = $row; $colors[] = $row;
@@ -174,27 +181,49 @@ require_once 'inc/header.php';
<table class="table table-striped table-hover"> <table class="table table-striped table-hover">
<thead> <thead>
<tr> <tr>
<th>Name</th>
<th>Farbe</th> <th>Farbe</th>
<th>Anz</th> <th>
<?php
$name_dir = ($sort === 'name' && $dir === 'asc') ? 'desc' : 'asc';
$name_arrow = '';
if ($sort === 'name') {
$name_arrow = $dir === 'asc' ? 'arrow_upward' : 'arrow_downward';
}
?>
<a href="?sort=name&dir=<?= $name_dir ?>" class="link-secondary text-decoration-none">
Name <?php if ($name_arrow): ?><span class="material-symbols-outlined" style="font-size:1em;"><?= $name_arrow ?></span><?php endif; ?>
</a>
</th>
<th>
<?php
$usage_dir = ($sort === 'usage' && $dir === 'asc') ? 'desc' : 'asc';
$usage_arrow = '';
if ($sort === 'usage') {
$usage_arrow = $dir === 'asc' ? 'arrow_upward' : 'arrow_downward';
}
?>
<a href="?sort=usage&dir=<?= $usage_dir ?>" class="link-secondary text-decoration-none">
Anzahl <?php if ($usage_arrow): ?><span class="material-symbols-outlined" style="font-size:1em;"><?= $usage_arrow ?></span><?php endif; ?>
</a>
</th>
<?php if ($is_admin): ?> <?php if ($is_admin): ?>
<th>Aktionen</th> <th></th>
<?php endif; ?> <?php endif; ?>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($colors as $color): ?> <?php foreach ($colors as $color): ?>
<tr> <tr>
<td> <td class="align-middle">
<div style="background-color: <?= htmlspecialchars($color['hex_code']); ?>; width: 40px; height: 20px; border: 1px solid #ccc;"></div>
</td>
<td class="align-middle">
<?= htmlspecialchars($color['name']); ?> <?= htmlspecialchars($color['name']); ?>
<?php if ($color['is_special']): ?> <?php if ($color['is_special']): ?>
<span class="badge bg-info ms-1" title="Sonderfarbe nicht im Zufallsmodus">★</span> <span class="badge bg-info ms-1" title="Sonderfarbe nicht im Zufallsmodus">★</span>
<?php endif; ?> <?php endif; ?>
</td> </td>
<td> <td class="align-middle">
<div style="background-color: <?= htmlspecialchars($color['hex_code']); ?>; width: 40px; height: 20px; border: 1px solid #ccc;"></div>
</td>
<td>
<?= (int)$color['usage_count']; ?> <?= (int)$color['usage_count']; ?>
</td> </td>
<?php if ($is_admin): ?> <?php if ($is_admin): ?>

37
export.php
View File

@@ -1,5 +1,5 @@
<?php <?php
// define('DOMILI_ALLOW_WEB', true); // Zum Testen im Browser einkommentieren //define('DOMILI_ALLOW_WEB', true); // Zum Testen im Browser einkommentieren
if (php_sapi_name() !== 'cli' && !defined('DOMILI_ALLOW_WEB')) { if (php_sapi_name() !== 'cli' && !defined('DOMILI_ALLOW_WEB')) {
die('Zugriff verweigert.'); die('Zugriff verweigert.');
@@ -14,11 +14,17 @@ use Dompdf\Options;
date_default_timezone_set('Europe/Berlin'); date_default_timezone_set('Europe/Berlin');
// === 1. Berichtsmonat === // === 1. Berichtsmonat ===
$berichtsMonatEnde = new DateTime('last day of last month');
$berichtsMonatBeginn = new DateTime('first day of last month'); $berichtsMonatBeginn = new DateTime('first day of last month');
$berichtsMonatEnde = new DateTime('last day of last month');
$berichtsMonatEnde->setTime(23, 59, 59);
// Backup für manuelles erzeugen eines PDF in einem anderen Zeitabschnitt
//$berichtsMonatBeginn = new DateTime('2025-09-01 00:00:00');
//$berichtsMonatEnde = new DateTime('2025-09-30 23:59:59');
// === 2. Letzter Jahresabschluss === // === 2. Letzter Jahresabschluss ===
$last_closing = '2020-01-01'; $last_closing = '2025-01-01';
$res = mysqli_query($conn, "SELECT MAX(closing_date) AS last_date FROM penalty_closings"); $res = mysqli_query($conn, "SELECT MAX(closing_date) AS last_date FROM penalty_closings");
if ($res && ($row = mysqli_fetch_assoc($res)) && !is_null($row['last_date'])) { if ($res && ($row = mysqli_fetch_assoc($res)) && !is_null($row['last_date'])) {
$last_closing = $row['last_date']; $last_closing = $row['last_date'];
@@ -33,10 +39,10 @@ while ($row = mysqli_fetch_assoc($resUsers)) {
$userIds = array_keys($alleBenutzer); $userIds = array_keys($alleBenutzer);
// === 4. Alle relevanten Daten (nur completed + attended=1) === // === 4. Alle relevanten Daten (nur completed + attended=1) ===
$bisDatum = $berichtsMonatEnde->format('Y-m-d'); $bisDatum = $berichtsMonatEnde->format('Y-m-d H:i:s');
$stmt = mysqli_prepare($conn, " $stmt = mysqli_prepare($conn, "
SELECT m.id AS meeting_id, m.meeting_date, SELECT m.id AS meeting_id, m.meeting_date,
mt.user_id, mt.wore_color, mt.paid mt.user_id, mt.wore_color, mt.paid, mt.birthday_pay
FROM meetings m FROM meetings m
LEFT JOIN meeting_teilnehmer mt ON m.id = mt.meeting_id AND mt.attended = 1 LEFT JOIN meeting_teilnehmer mt ON m.id = mt.meeting_id AND mt.attended = 1
WHERE m.meeting_date <= ? AND m.is_completed = 1 WHERE m.meeting_date <= ? AND m.is_completed = 1
@@ -59,8 +65,8 @@ $stmtMeta = mysqli_prepare($conn, "
WHERE meeting_date >= ? AND meeting_date <= ? AND is_completed = 1 WHERE meeting_date >= ? AND meeting_date <= ? AND is_completed = 1
ORDER BY meeting_date ORDER BY meeting_date
"); ");
$startDate = $berichtsMonatBeginn->format('Y-m-d'); $startDate = $berichtsMonatBeginn->format('Y-m-d H:i:s');
$endDate = $berichtsMonatEnde->format('Y-m-d'); $endDate = $berichtsMonatEnde->format('Y-m-d H:i:s');
mysqli_stmt_bind_param($stmtMeta, 'ss', $startDate, $endDate); mysqli_stmt_bind_param($stmtMeta, 'ss', $startDate, $endDate);
mysqli_stmt_execute($stmtMeta); mysqli_stmt_execute($stmtMeta);
$resultMeta = mysqli_stmt_get_result($stmtMeta); $resultMeta = mysqli_stmt_get_result($stmtMeta);
@@ -107,12 +113,15 @@ foreach ($berichtsMeetingsMeta as $meta) {
$teilgenommen = false; $teilgenommen = false;
$wore_color = null; $wore_color = null;
$paid_this = false; $paid_this = false;
$paid_this_birthday = false; // NEU
// Finde Teilnahme-Daten für dieses Meeting
foreach ($alleMeetingsMitTeilnehmern as $mt) { foreach ($alleMeetingsMitTeilnehmern as $mt) {
if ($mt['meeting_id'] == $mid && $mt['user_id'] == $uid) { if ($mt['meeting_id'] == $mid && $mt['user_id'] == $uid) {
$teilgenommen = true; $teilgenommen = true;
$wore_color = !empty($mt['wore_color']); $wore_color = !empty($mt['wore_color']);
$paid_this = !empty($mt['paid']); $paid_this = ($mt['paid'] == 1);
$paid_this_birthday = ($mt['birthday_pay'] == 1); // Explizit prüfen
break; break;
} }
} }
@@ -135,14 +144,22 @@ foreach ($berichtsMeetingsMeta as $meta) {
$offeneStrafen++; $offeneStrafen++;
} }
} }
if (!empty($mt['paid'])) {
// 🔹 NUR normale Zahlungen zählen (birthday_pay = 0)
$is_paid = ($mt['paid'] == 1);
$is_birthday = ($mt['birthday_pay'] == 1);
if ($is_paid && !$is_birthday) {
$rechnungenGesamt++; $rechnungenGesamt++;
} }
} }
// Name mit Symbolen
$userNameAnzeige = htmlspecialchars($username); $userNameAnzeige = htmlspecialchars($username);
if ($paid_this) { if ($paid_this) {
$userNameAnzeige .= ' <span class="paid-symbol">€</span>'; $userNameAnzeige .= ' <span class="paid-symbol">€</span>';
if ($paid_this_birthday) {
$userNameAnzeige .= ' <span class="birthday-symbol">(G)</span>';
}
} }
if (!$teilgenommen) { if (!$teilgenommen) {
@@ -196,6 +213,7 @@ $html = '
th, td { border: 1px solid #333; padding: 4pt 6pt; text-align: left; } th, td { border: 1px solid #333; padding: 4pt 6pt; text-align: left; }
th { background-color: #f0f0f0; font-weight: bold; } th { background-color: #f0f0f0; font-weight: bold; }
.paid-symbol { color: red; font-weight: bold; } .paid-symbol { color: red; font-weight: bold; }
.birthday-symbol { color: #d63384; font-size: 0.85em; }
.color-ok { color: green; } .color-ok { color: green; }
.color-fail { color: red; } .color-fail { color: red; }
.page-break { page-break-after: always; } .page-break { page-break-after: always; }
@@ -260,6 +278,7 @@ $html .= '
<div class="meta"> <div class="meta">
<p>Erstellt am: ' . date('d.m.Y') . '</p> <p>Erstellt am: ' . date('d.m.Y') . '</p>
<p><em>* = "€" hat Restaurant-Rechnung bezahlt</em></p> <p><em>* = "€" hat Restaurant-Rechnung bezahlt</em></p>
<p><em>(G) = Geburtstagszahlung (zählt nicht zur Rechnungsanzahl)</em></p>
</div> </div>
</body> </body>

123
forgot_password.php Executable file
View File

@@ -0,0 +1,123 @@
<?php
session_start();
include('inc/db.php');
// SMTP-Konfiguration wird über die DB-Einbindung bereits bereitgestellt
// (SMTP_HOST, SMTP_USERNAME, etc. müssen in inc/db.php oder einer config.php definiert sein)
$message = '';
$message_type = '';
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$identifier = trim($_POST['identifier']);
// Benutzer per Username ODER E-Mail finden
$stmt = mysqli_prepare($conn, "SELECT id, username, email FROM users WHERE username = ? OR email = ?");
mysqli_stmt_bind_param($stmt, "ss", $identifier, $identifier);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
if ($user && !empty($user['email'])) {
// Sicherer Token (64 Zeichen hex)
$token = bin2hex(random_bytes(32));
$expires_at = date('Y-m-d H:i:s', strtotime('+12 hours'));
// Token in DB speichern
$stmt = mysqli_prepare($conn, "INSERT INTO password_reset_tokens (user_id, token, expires_at) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, "iss", $user['id'], $token, $expires_at);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
// 🔸 PHPMailer wie in deinem Beispiel
try {
require_once __DIR__ . '/vendor/autoload.php';
$mail = new \PHPMailer\PHPMailer\PHPMailer(true);
$mail->CharSet = 'UTF-8';
$mail->isSMTP();
$mail->Host = SMTP_HOST;
$mail->SMTPAuth = true;
$mail->Username = SMTP_USERNAME;
$mail->Password = SMTP_PASSWORD;
$mail->SMTPSecure = SMTP_ENCRYPTION;
$mail->Port = SMTP_PORT;
$mail->setFrom(MAIL_FROM_ADDRESS, MAIL_FROM_NAME);
$reset_link = "https://domili.borgal.de/reset_password.php?token=" . urlencode($token);
// Text-Version (für E-Mail-Clients ohne HTML)
$text_body = "Hallo {$user['username']},\n\n";
$text_body .= "du hast eine Zurücksetzung deines Passworts angefordert.\n";
$text_body .= "Klicke auf den folgenden Link (gültig 12 Stunden):\n";
$text_body .= "$reset_link\n\n";
$text_body .= "Falls du dies nicht angefordert hast, ignoriere diese E-Mail.\n\n";
$text_body .= "\nDein DoMiLi-Admin";
// HTML-Version (mit lesbarer Formatierung)
$html_body = "
<p>Hallo <strong>{$user['username']}</strong>,</p>
<p>du hast eine Zurücksetzung deines Passworts angefordert.</p>
<p>Bitte klicke auf den folgenden Link, um ein neues Passwort festzulegen (gültig für 12&nbsp;Stunden):</p>
<p>
<a href=\"$reset_link\" style=\"color: #0d6efd; text-decoration: underline;\">Passwort zurücksetzen</a>
</p>
<p style=\"margin-top: 16px; color: #555; font-size: 0.95em; line-height: 1.5;\">
Falls du diese Anfrage nicht gestellt hast, kannst du diese E-Mail ignorieren.
</p>
<p style=\"margin-top: 20px; font-size: 0.9em; color: #777;\">
—<br>
Dein DoMiLi-Admin
</p>
";
$mail->isHTML(true);
$mail->Subject = "DoMiLi: Passwort zurücksetzen";
$mail->Body = $html_body;
$mail->AltBody = $text_body;
$mail->addAddress($user['email'], $user['username']);
$mail->send();
$message = "Ein Link zum Zurücksetzen wurde an deine E-Mail gesendet.";
$message_type = "success";
} catch (Exception $e) {
error_log("PHPMailer Fehler bei Passwort-Zurücksetzung für {$user['email']}: " . $mail->ErrorInfo);
$message = "Fehler beim Senden der E-Mail. Bitte versuche es später erneut.";
$message_type = "danger";
}
} else {
// Vage Antwort Schutz vor Benutzer-Enumeration
$message = "Falls ein Konto mit dieser Angabe existiert, wurde eine E-Mail gesendet.";
$message_type = "info";
}
}
// HTML-Ausgabe
require_once 'inc/public_header.php';
?>
<div class="container d-flex justify-content-center align-items-start py-4 pt-5">
<div class="card bg-light shadow w-100" style="max-width: 400px;">
<div class="card-body">
<h4 class="card-title text-center mb-4 fs-3">Passwort vergessen</h4>
<?php if ($message): ?>
<div class="alert alert-<?= htmlspecialchars($message_type) ?>"><?= htmlspecialchars($message) ?></div>
<?php endif; ?>
<form method="post">
<div class="mb-3">
<label for="identifier" class="form-label">Benutzername oder E-Mail</label>
<input type="text" class="form-control form-control-lg" id="identifier" name="identifier" required autofocus>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary btn-lg">Link senden</button>
</div>
</form>
<div class="text-center mt-3">
<a href="login.php" class="text-decoration-none">Zurück zum Login</a>
</div>
</div>
</div>
</div>
<?php include('inc/footer.php'); ?>

14
history.php
View File

@@ -57,7 +57,8 @@ function get_all_meeting_details($conn)
u.username, u.username,
mt.attended, mt.attended,
mt.wore_color, mt.wore_color,
mt.paid mt.paid,
mt.birthday_pay
FROM meetings m FROM meetings m
JOIN colors c ON m.color_id = c.id JOIN colors c ON m.color_id = c.id
LEFT JOIN meeting_teilnehmer mt ON m.id = mt.meeting_id LEFT JOIN meeting_teilnehmer mt ON m.id = mt.meeting_id
@@ -91,7 +92,8 @@ function get_all_meeting_details($conn)
'username' => $row['username'], 'username' => $row['username'],
'attended' => $row['attended'], 'attended' => $row['attended'],
'wore_color' => $row['wore_color'], 'wore_color' => $row['wore_color'],
'paid' => $row['paid'] 'paid' => $row['paid'],
'birthday_pay' => $row['birthday_pay']
]; ];
} }
} }
@@ -215,7 +217,13 @@ include('inc/header.php');
$status_icon = $participant['wore_color'] ? '✅' : '🔴'; $status_icon = $participant['wore_color'] ? '✅' : '🔴';
$status_text = $participant['wore_color'] ? 'Farbe getragen' : 'Falsche Farbe'; $status_text = $participant['wore_color'] ? 'Farbe getragen' : 'Falsche Farbe';
} }
$paid_icon = $participant['paid'] ? '💰' : ''; $paid_icon = '';
if ($participant['paid']) {
$paid_icon = '💰';
if ($participant['birthday_pay']) {
$paid_icon .= ' 🎂';
}
}
?> ?>
<?= $status_icon ?> <?= $status_icon ?>
<span class="fw-bold"><?= htmlspecialchars($participant['username']) ?></span> <span class="fw-bold"><?= htmlspecialchars($participant['username']) ?></span>

1
inc/menu.php
View File

@@ -48,6 +48,7 @@
<ul class="dropdown-menu"> <ul class="dropdown-menu">
<li><a class="dropdown-item d-flex align-items-center" href="colors.php"><span class="material-icons text-secondary me-2">palette</span>Farben</a></li> <li><a class="dropdown-item d-flex align-items-center" href="colors.php"><span class="material-icons text-secondary me-2">palette</span>Farben</a></li>
<li><a class="dropdown-item d-flex align-items-center" href="users.php"><span class="material-icons text-secondary me-2">group</span>Benutzer</a></li> <li><a class="dropdown-item d-flex align-items-center" href="users.php"><span class="material-icons text-secondary me-2">group</span>Benutzer</a></li>
<li><a class="dropdown-item d-flex align-items-center" href="backup.php"><span class="material-icons text-secondary me-2">archive</span>PDF-Backup</a></li>
</ul> </ul>
</li> </li>
</ul> </ul>

30
inc/public_header.php Executable file
View File

@@ -0,0 +1,30 @@
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo htmlspecialchars('DoMiLi Farbe der Woche'); ?></title>
<!-- PWA Meta Tags -->
<meta name="theme-color" content="#212529">
<meta name="mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-title" content="<?php echo htmlspecialchars('DoMiLi'); ?>">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<!-- Bootstrap -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Material Icons -->
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined" rel="stylesheet">
<!-- Custom styles -->
<link rel="stylesheet" href="/css/style.css">
<!-- PWA Manifest -->
<link rel="manifest" href="./manifest.json?v=1">
<link rel="apple-touch-icon" href="../img/icon-192.png">
</head>
<body>

13
index.php
View File

@@ -180,10 +180,10 @@ if ($row) {
} }
// --- ZAHLENDE PERSON BESTIMMEN --- // --- ZAHLENDE PERSON BESTIMMEN ---
$next_payer_username = null; $next_payer_info = null;
if ($total_accepted > 0) { if ($total_accepted > 0) {
include_once('zahler.php'); include_once('zahler.php');
$next_payer_username = get_next_payer_username($conn, $meeting_id); $next_payer_info = get_next_payer_info($conn, $meeting_id);
} }
@@ -369,10 +369,15 @@ $german_weekdays = [
<!-- Horizontale Linie hier einfügen --> <!-- Horizontale Linie hier einfügen -->
<hr class="my-1"> <hr class="my-1">
<?php if ($next_payer_username): ?> <?php if ($next_payer_info): ?>
<div class="text-center my-2 mx-auto" style="max-width: 500px; border-radius: 0.5rem;"> <div class="text-center my-2 mx-auto" style="max-width: 500px; border-radius: 0.5rem;">
<p class="fw-bold mb-1">Rechnung wird bezahlt von:</p> <p class="fw-bold mb-1">Rechnung wird bezahlt von:</p>
<h4 class="text-muted fw-bold mb-0"><?= htmlspecialchars($next_payer_username); ?></h4> <h4 class="text-muted fw-bold mb-0">
<?= htmlspecialchars($next_payer_info['username']); ?>
<?php if ($next_payer_info['is_birthday_payer']): ?>
<span class="material-symbols-outlined align-text-bottom" style="font-size: 1.1em; color: #ff6f00;" title="Geburtstagsvorschlag">cake</span>
<?php endif; ?>
</h4>
</div> </div>
<?php endif; ?> <?php endif; ?>

9
kasse.php
View File

@@ -1,5 +1,4 @@
<?php <?php
// KEIN LEERZEICHEN ODER ZEILENUMBRUCH VOR DIESEM <?php!
include('inc/check_login.php'); include('inc/check_login.php');
require_once('inc/db.php'); require_once('inc/db.php');
@@ -263,10 +262,13 @@ $sql_paid = "
FROM meeting_teilnehmer mt FROM meeting_teilnehmer mt
JOIN meetings m ON mt.meeting_id = m.id JOIN meetings m ON mt.meeting_id = m.id
JOIN users u ON mt.user_id = u.id JOIN users u ON mt.user_id = u.id
WHERE mt.paid = 1 AND m.is_completed = 1 WHERE mt.paid = 1
AND mt.birthday_pay = 0
AND m.is_completed = 1
GROUP BY u.username GROUP BY u.username
ORDER BY paid_count DESC ORDER BY paid_count ASC, u.username ASC
"; ";
$result_paid = mysqli_query($conn, $sql_paid); $result_paid = mysqli_query($conn, $sql_paid);
while ($row = mysqli_fetch_assoc($result_paid)) { while ($row = mysqli_fetch_assoc($result_paid)) {
$paid_stats[] = $row; $paid_stats[] = $row;
@@ -377,6 +379,7 @@ require_once 'inc/header.php';
</div> </div>
<div class="card-body"> <div class="card-body">
<h5 class="card-title text-center">Ranking Rechnung übernommen</h5> <h5 class="card-title text-center">Ranking Rechnung übernommen</h5>
<p class="text-muted text-center small mb-1">Position 1 = nächster Zahler</p>
<div style="height: 40vh;"> <div style="height: 40vh;">
<canvas id="paidChart"></canvas> <canvas id="paidChart"></canvas>
</div> </div>

74
login.php
View File

@@ -46,51 +46,35 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$error = "Datenbankfehler."; $error = "Datenbankfehler.";
} }
} }
require_once 'inc/public_header.php';
?> ?>
<div class="container d-flex justify-content-center align-items-start py-4 pt-5">
<!DOCTYPE html> <div class="card bg-light shadow w-100" style="max-width: 400px;">
<html lang="de"> <div class="card-body">
<h4 class="card-title text-center mb-4 fs-3">DoMiLi Login</h4>
<head> <?php if ($error) { ?>
<meta charset="UTF-8"> <div class="alert alert-danger" role="alert">
<meta name="viewport" content="width=device-width, initial-scale=1"> <?php echo $error; ?>
<title>DoMiLi Login</title> </div>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet"> <?php } ?>
<!-- Font Google--> <form method="post" action="">
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet"> <div class="mb-3">
<link href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined" rel="stylesheet"> <label for="username" class="form-label">Benutzername</label>
<!-- Custom styles --> <input type="text" class="form-control form-control-lg" id="username" name="username" required autofocus>
<link rel="stylesheet" href="css/style.css"> </div>
<link rel="manifest" href="manifest.json"> <div class="mb-3">
</head> <label for="password" class="form-label">Passwort</label>
<input type="password" class="form-control form-control-lg" id="password" name="password" required>
<body> </div>
<div class="container d-flex justify-content-center align-items-start py-4 pt-5"> <div class="d-grid">
<div class="card bg-light shadow w-100" style="max-width: 400px;"> <button type="submit" class="btn btn-primary btn-lg">Einloggen</button>
<div class="card-body"> </div>
<h4 class="card-title text-center mb-4 fs-3">DoMiLi Login</h4> <div class="text-center mt-3">
<?php if ($error) { ?> <a href="forgot_password.php" class="text-decoration-none">Passwort vergessen?</a>
<div class="alert alert-danger" role="alert"> </div>
<?php echo $error; ?> </form>
</div>
<?php } ?>
<form method="post" action="">
<div class="mb-3">
<label for="username" class="form-label">Benutzername</label>
<input type="text" class="form-control form-control-lg" id="username" name="username" required autofocus>
</div>
<div class="mb-3">
<label for="password" class="form-label">Passwort</label>
<input type="password" class="form-control form-control-lg" id="password" name="password" required>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary btn-lg">Einloggen</button>
</div>
</form>
</div>
</div> </div>
</div> </div>
<?php include('inc/footer.php'); ?> </div>
</body> <?php include('inc/footer.php'); ?>
</html>

97
participant.php
View File

@@ -38,7 +38,7 @@ while ($row = mysqli_fetch_assoc($users_result)) {
} }
$existing_feedback = []; $existing_feedback = [];
$stmt = mysqli_prepare($conn, "SELECT user_id, attended, wore_color, paid FROM meeting_teilnehmer WHERE meeting_id = ?"); $stmt = mysqli_prepare($conn, "SELECT user_id, attended, wore_color, paid, birthday_pay FROM meeting_teilnehmer WHERE meeting_id = ?");
mysqli_stmt_bind_param($stmt, "i", $meeting_id); mysqli_stmt_bind_param($stmt, "i", $meeting_id);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt); $result = mysqli_stmt_get_result($stmt);
@@ -72,54 +72,75 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
// Neue Daten speichern // Neue Daten speichern
if (isset($_POST['user_id']) && is_array($_POST['user_id'])) { if (isset($_POST['user_id']) && is_array($_POST['user_id'])) {
$stmt_insert = mysqli_prepare($conn, "INSERT INTO meeting_teilnehmer (meeting_id, user_id, attended, wore_color, paid) VALUES (?, ?, ?, ?, ?)"); $stmt_insert = mysqli_prepare($conn, "
INSERT INTO meeting_teilnehmer
(meeting_id, user_id, attended, wore_color, paid, birthday_pay)
VALUES (?, ?, ?, ?, ?, ?)
");
$meeting_year = (int)date('Y', strtotime($meeting['meeting_date']));
$meeting_month = (int)date('n', strtotime($meeting['meeting_date']));
$meeting_day = (int)date('j', strtotime($meeting['meeting_date']));
foreach ($_POST['user_id'] as $user_id) { foreach ($_POST['user_id'] as $user_id) {
$user_id = intval($user_id); $user_id = intval($user_id);
$attended = isset($_POST['attended'][$user_id]) ? 1 : 0; $attended = isset($_POST['attended'][$user_id]) ? 1 : 0;
$wore_color = isset($_POST['wore_color'][$user_id]) ? 1 : 0; $wore_color = isset($_POST['wore_color'][$user_id]) ? 1 : 0;
$paid = isset($_POST['paid'][$user_id]) ? 1 : 0; $paid = isset($_POST['paid'][$user_id]) ? 1 : 0;
$birthday_pay = 0;
mysqli_stmt_bind_param($stmt_insert, "iiiii", $meeting_id, $user_id, $attended, $wore_color, $paid); if ($paid) {
// Hole Geburtstag des Users
$user_stmt = mysqli_prepare($conn, "SELECT birthday FROM users WHERE id = ?");
mysqli_stmt_bind_param($user_stmt, "i", $user_id);
mysqli_stmt_execute($user_stmt);
$user_row = mysqli_fetch_assoc(mysqli_stmt_get_result($user_stmt));
mysqli_stmt_close($user_stmt);
if ($user_row && $user_row['birthday'] && $user_row['birthday'] !== '0000-00-00') {
$bday_month = (int)date('n', strtotime($user_row['birthday']));
$bday_day = (int)date('j', strtotime($user_row['birthday']));
// War Geburtstag in diesem Jahr bereits?
$birthday_passed = ($bday_month < $meeting_month ||
($bday_month == $meeting_month && $bday_day <= $meeting_day));
if ($birthday_passed) {
// Prüfen: Hat er in DIESEM JAHR schon als Geburtstagszahler gezahlt?
$check_stmt = mysqli_prepare($conn, "
SELECT 1 FROM meeting_teilnehmer mt
JOIN meetings m ON mt.meeting_id = m.id
WHERE mt.user_id = ?
AND mt.birthday_pay = 1
AND YEAR(m.meeting_date) = ?
LIMIT 1
");
mysqli_stmt_bind_param($check_stmt, "ii", $user_id, $meeting_year);
mysqli_stmt_execute($check_stmt);
$already_birthday_paid = mysqli_num_rows(mysqli_stmt_get_result($check_stmt)) > 0;
mysqli_stmt_close($check_stmt);
if (!$already_birthday_paid) {
$birthday_pay = 1;
}
}
}
}
mysqli_stmt_bind_param(
$stmt_insert,
"iiiiii",
$meeting_id,
$user_id,
$attended,
$wore_color,
$paid,
$birthday_pay
);
mysqli_stmt_execute($stmt_insert); mysqli_stmt_execute($stmt_insert);
} }
mysqli_stmt_close($stmt_insert); mysqli_stmt_close($stmt_insert);
// 🔹 GEBURTSTAGS-REGEL: last_birthday_year NUR setzen, wenn Geburtstag bereits war
$current_year = (int)date('Y');
$meeting_date_for_bday = $meeting['meeting_date'];
foreach ($_POST['user_id'] as $user_id) {
$user_id = (int)$user_id;
$paid = isset($_POST['paid'][$user_id]) && $_POST['paid'][$user_id] == 1;
if (!$paid) continue;
$user_stmt = mysqli_prepare($conn, "SELECT birthday FROM users WHERE id = ? AND birthday IS NOT NULL");
mysqli_stmt_bind_param($user_stmt, "i", $user_id);
mysqli_stmt_execute($user_stmt);
$user_row = mysqli_fetch_assoc(mysqli_stmt_get_result($user_stmt));
mysqli_stmt_close($user_stmt);
if (!$user_row) continue;
$birthday = $user_row['birthday'];
$birth_month = (int)date('m', strtotime($birthday));
$birth_day = (int)date('d', strtotime($birthday));
$birthday_this_year = "$current_year-$birth_month-$birth_day";
if (strtotime($birthday_this_year) <= strtotime($meeting_date_for_bday)) {
$update_stmt = mysqli_prepare($conn, "
UPDATE users
SET last_birthday_year = ?
WHERE id = ?
");
mysqli_stmt_bind_param($update_stmt, "ii", $current_year, $user_id);
mysqli_stmt_execute($update_stmt);
mysqli_stmt_close($update_stmt);
}
}
// Meeting abschließen (nur im Index-Modus) // Meeting abschließen (nur im Index-Modus)
if ($source_page === 'index') { if ($source_page === 'index') {
$stmt_complete = mysqli_prepare($conn, "UPDATE meetings SET is_completed = 1 WHERE id = ?"); $stmt_complete = mysqli_prepare($conn, "UPDATE meetings SET is_completed = 1 WHERE id = ?");

5
planning.php
View File

@@ -40,7 +40,7 @@ function get_weighted_random_color($conn)
$color_pool = []; $color_pool = [];
foreach ($colors as $color) { foreach ($colors as $color) {
$weight = $max_usage - $color['usage'] + 1; // Mindestgewicht = 1 $weight = ($max_usage - $color['usage'] + 1) ** 2;
for ($i = 0; $i < $weight; $i++) { for ($i = 0; $i < $weight; $i++) {
$color_pool[] = $color['id']; $color_pool[] = $color['id'];
} }
@@ -271,8 +271,7 @@ require_once 'inc/header.php';
<div> <div>
<p class="fw-bold mb-1"><?= date('d.m.Y H:i', strtotime($m['meeting_date'])) ?></p> <p class="fw-bold mb-1"><?= date('d.m.Y H:i', strtotime($m['meeting_date'])) ?></p>
<div class="d-flex align-items-center mb-1"> <div class="d-flex align-items-center mb-1">
<div class="rounded me-2" style="background-color: <?= htmlspecialchars($m['hex_code']); ?>; width: 20px; height: 20px;"></div> <div class="me-2" style="background-color: <?= htmlspecialchars($m['hex_code']); ?>; width: 20px; height: 20px; border: 1px solid #ccc; border-radius: 2px;"></div> <span><?= htmlspecialchars($m['color_name']); ?></span>
<span><?= htmlspecialchars($m['color_name']); ?></span>
</div> </div>
<p class="text-muted small mb-0">Grund: <?= htmlspecialchars($m['reason']); ?></p> <p class="text-muted small mb-0">Grund: <?= htmlspecialchars($m['reason']); ?></p>
</div> </div>

29
profil.php
View File

@@ -8,7 +8,7 @@ $message_type = '';
$user_id = (int)$_SESSION['user_id']; $user_id = (int)$_SESSION['user_id'];
// Aktuelle Benutzerdaten laden // Aktuelle Benutzerdaten laden
$stmt_fetch = mysqli_prepare($conn, "SELECT username, email, role, birthday, last_birthday_year FROM users WHERE id = ?"); $stmt_fetch = mysqli_prepare($conn, "SELECT username, email, role, birthday FROM users WHERE id = ?");
mysqli_stmt_bind_param($stmt_fetch, "i", $user_id); mysqli_stmt_bind_param($stmt_fetch, "i", $user_id);
mysqli_stmt_execute($stmt_fetch); mysqli_stmt_execute($stmt_fetch);
$result = mysqli_stmt_get_result($stmt_fetch); $result = mysqli_stmt_get_result($stmt_fetch);
@@ -23,7 +23,6 @@ $current_username = $user_data['username'];
$current_email = $user_data['email'] ?? ''; $current_email = $user_data['email'] ?? '';
$current_role = $user_data['role']; $current_role = $user_data['role'];
$current_birthday = $user_data['birthday'] ?? ''; $current_birthday = $user_data['birthday'] ?? '';
$current_last_bday_year = $user_data['last_birthday_year'];
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
$new_username = trim($_POST['username'] ?? ''); $new_username = trim($_POST['username'] ?? '');
@@ -76,27 +75,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$success = false; $success = false;
} }
// 2. Optional: last_birthday_year aktualisieren
if ($success && $update_last_bday_year) {
$stmt2 = mysqli_prepare($conn, "UPDATE users SET last_birthday_year = ? WHERE id = ?");
if ($stmt2) {
mysqli_stmt_bind_param($stmt2, "ii", $new_last_bday_year, $user_id);
if (!mysqli_stmt_execute($stmt2)) {
$success = false;
}
mysqli_stmt_close($stmt2);
} else {
$success = false;
}
}
if ($success) { if ($success) {
mysqli_commit($conn); mysqli_commit($conn);
$_SESSION['username'] = $new_username; $_SESSION['username'] = $new_username;
$_SESSION['email'] = $new_email; $_SESSION['email'] = $new_email;
// Neu laden // Neu laden
$stmt_reload = mysqli_prepare($conn, "SELECT username, email, role, birthday, last_birthday_year FROM users WHERE id = ?"); $stmt_reload = mysqli_prepare($conn, "SELECT username, email, role, birthday FROM users WHERE id = ?");
mysqli_stmt_bind_param($stmt_reload, "i", $user_id); mysqli_stmt_bind_param($stmt_reload, "i", $user_id);
mysqli_stmt_execute($stmt_reload); mysqli_stmt_execute($stmt_reload);
$user_data = mysqli_fetch_assoc(mysqli_stmt_get_result($stmt_reload)); $user_data = mysqli_fetch_assoc(mysqli_stmt_get_result($stmt_reload));
@@ -106,7 +91,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$current_email = $user_data['email'] ?? ''; $current_email = $user_data['email'] ?? '';
$current_role = $user_data['role']; $current_role = $user_data['role'];
$current_birthday = $user_data['birthday'] ?? ''; $current_birthday = $user_data['birthday'] ?? '';
$current_last_bday_year = $user_data['last_birthday_year'];
$message = "Profil erfolgreich aktualisiert!"; $message = "Profil erfolgreich aktualisiert!";
$message_type = 'success'; $message_type = 'success';
@@ -152,15 +136,6 @@ require_once 'inc/header.php';
<div class="mb-3"> <div class="mb-3">
<label for="birthday" class="form-label fw-bold">Geburtstag</label> <label for="birthday" class="form-label fw-bold">Geburtstag</label>
<input type="date" class="form-control" id="birthday" name="birthday" value="<?= htmlspecialchars($current_birthday ?? '') ?>"> <input type="date" class="form-control" id="birthday" name="birthday" value="<?= htmlspecialchars($current_birthday ?? '') ?>">
<small class="form-text text-muted">
<?php if (!empty($current_birthday) && $current_last_bday_year == date('Y')): ?>
<span class="text-success">✓ In diesem Jahr bereits als Geburtstagszahler markiert.</span>
<?php elseif (!empty($current_birthday)): ?>
Geburtstag steht noch an du kannst als Sonderzahler vorgeschlagen werden.
<?php else: ?>
Für automatische Sonderzahlung.
<?php endif; ?>
</small>
</div> </div>
<div class="mb-3"> <div class="mb-3">
<label for="role" class="form-label fw-bold">Rolle</label> <label for="role" class="form-label fw-bold">Rolle</label>

93
reset_password.php Executable file
View File

@@ -0,0 +1,93 @@
<?php
include('inc/db.php');
$token = $_GET['token'] ?? null;
$error = '';
$success = false;
$username = '';
if (!$token) {
die("Ungültiger Zugriff.");
}
// Token prüfen: existiert, nicht abgelaufen, nicht verwendet
$stmt = mysqli_prepare($conn, "
SELECT prt.id, prt.user_id, prt.expires_at, u.username
FROM password_reset_tokens prt
JOIN users u ON prt.user_id = u.id
WHERE prt.token = ? AND prt.used = 0
");
mysqli_stmt_bind_param($stmt, "s", $token);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$token_data = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
if (!$token_data) {
$error = "Ungültiger oder bereits verwendeter Link.";
} else if (strtotime($token_data['expires_at']) < time()) {
$error = "Der Link ist abgelaufen. Bitte fordere einen neuen Link an.";
} else {
$username = htmlspecialchars($token_data['username']);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$new_password = $_POST['new_password'] ?? '';
$confirm_password = $_POST['confirm_password'] ?? '';
if (strlen($new_password) < 6) {
$error = "Das Passwort muss mindestens 6 Zeichen lang sein.";
} else if ($new_password !== $confirm_password) {
$error = "Die Passwörter stimmen nicht überein.";
} else {
// Neues Passwort hashen und speichern
$hashed = password_hash($new_password, PASSWORD_DEFAULT);
$stmt = mysqli_prepare($conn, "UPDATE users SET password = ? WHERE id = ?");
mysqli_stmt_bind_param($stmt, "si", $hashed, $token_data['user_id']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
// Token als verwendet markieren
$stmt = mysqli_prepare($conn, "UPDATE password_reset_tokens SET used = 1 WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $token_data['id']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$success = true;
}
}
}
require_once 'inc/public_header.php';
?>
<div class="container d-flex justify-content-center align-items-start py-4 pt-5">
<div class="card bg-light shadow w-100" style="max-width: 400px;">
<div class="card-body">
<h4 class="card-title text-center mb-4 fs-3">Neues Passwort</h4>
<?php if ($error): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php elseif ($success): ?>
<div class="alert alert-success">
Dein Passwort wurde erfolgreich geändert!<br>
<a href="login.php" class="alert-link">Zum Login</a>
</div>
<?php else: ?>
<p>Neues Passwort für: <strong><?= $username ?></strong></p>
<form method="post">
<div class="mb-3">
<label for="new_password" class="form-label">Neues Passwort</label>
<input type="password" class="form-control" id="new_password" name="new_password" required minlength="6">
</div>
<div class="mb-3">
<label for="confirm_password" class="form-label">Bestätigen</label>
<input type="password" class="form-control" id="confirm_password" name="confirm_password" required>
</div>
<button type="submit" class="btn btn-primary w-100">Passwort speichern</button>
</form>
<?php endif; ?>
</div>
</div>
</div>
<?php include('inc/footer.php'); ?>

251
stats.php
View File

@@ -2,13 +2,17 @@
include('inc/check_login.php'); include('inc/check_login.php');
require_once('inc/db.php'); require_once('inc/db.php');
// Statistik 1: Häufigkeit der gewählten Farben // Gesamtanzahl abgeschlossener Treffen (nur zur Info)
$total_meetings = 0;
$result_total_meetings = mysqli_query($conn, "SELECT COUNT(*) AS total FROM meetings WHERE is_completed = 1");
if ($row = mysqli_fetch_assoc($result_total_meetings)) {
$total_meetings = (int)$row['total'];
}
// Statistik: Farbhäufigkeit
$color_stats = []; $color_stats = [];
$sql_colors = " $sql_colors = "
SELECT SELECT c.name, c.hex_code, COUNT(m.id) AS meeting_count
c.name,
c.hex_code,
COUNT(m.id) AS meeting_count
FROM meetings m FROM meetings m
JOIN colors c ON m.color_id = c.id JOIN colors c ON m.color_id = c.id
WHERE m.is_completed = 1 WHERE m.is_completed = 1
@@ -20,25 +24,44 @@ while ($row = mysqli_fetch_assoc($result)) {
$color_stats[] = $row; $color_stats[] = $row;
} }
// Statistik 2: Teilnahmequote pro Benutzer // TEILNAHME: Sortiert nach Prozent, mit Prozentwert
$participation_stats = []; $participation_stats = [];
$participation_percentages = [];
$participation_registered = [];
$participation_attended = [];
$sql_participation = " $sql_participation = "
SELECT SELECT
u.username, u.username,
COUNT(mt.user_id) AS total_attendance COUNT(*) AS registered_completed,
SUM(CASE WHEN mt.attended = 1 THEN 1 ELSE 0 END) AS total_attendance,
ROUND(
(SUM(CASE WHEN mt.attended = 1 THEN 1 ELSE 0 END) / COUNT(*)) * 100,
1
) AS percentage
FROM meeting_teilnehmer mt FROM meeting_teilnehmer mt
JOIN meetings m ON mt.meeting_id = m.id AND m.is_completed = 1
JOIN users u ON mt.user_id = u.id JOIN users u ON mt.user_id = u.id
JOIN meetings m ON mt.meeting_id = m.id GROUP BY u.id, u.username
WHERE mt.attended = 1 AND m.is_completed = 1 ORDER BY percentage DESC, u.username ASC
GROUP BY u.username
ORDER BY total_attendance DESC
"; ";
$result = mysqli_query($conn, $sql_participation); $result = mysqli_query($conn, $sql_participation);
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$participation_stats[] = $row; $registered = (int)$row['registered_completed'];
$attended = (int)$row['total_attendance'];
$percentage = (float)$row['percentage'];
$participation_stats[] = [
'username' => $row['username'],
'total_attendance' => $attended,
'registered_meetings' => $registered,
'percentage' => $percentage
];
$participation_percentages[] = $percentage;
$participation_registered[] = $registered;
$participation_attended[] = $attended;
} }
// Durchschnittliche Anwesenheit pro Meeting // Globale Durchschnitte (unverändert)
$avg_attendance = 0; $avg_attendance = 0;
$sql_avg_attendance = " $sql_avg_attendance = "
SELECT AVG(attended_count) AS avg_attended SELECT AVG(attended_count) AS avg_attended
@@ -54,7 +77,6 @@ if ($row = mysqli_fetch_assoc($result_avg)) {
$avg_attendance = round($row['avg_attended'], 2); $avg_attendance = round($row['avg_attended'], 2);
} }
// Durchschnittliche korrekte Farbe
$avg_wore_color = 0; $avg_wore_color = 0;
$sql_avg_wore_color = " $sql_avg_wore_color = "
SELECT AVG(wore_color_count) AS avg_wore_color SELECT AVG(wore_color_count) AS avg_wore_color
@@ -70,34 +92,56 @@ if ($row = mysqli_fetch_assoc($result_avg_wore)) {
$avg_wore_color = round($row['avg_wore_color'], 2); $avg_wore_color = round($row['avg_wore_color'], 2);
} }
// Ranking: Farbe getragen // FARBE GETRAGEN: Sortiert nach Prozent, mit Prozentwert
$wore_color_stats = []; $wore_color_stats = [];
$wore_color_percentages = [];
$wore_color_attended = [];
$wore_color_count = [];
$sql_wore_color = " $sql_wore_color = "
SELECT SELECT
u.username, u.username,
COUNT(mt.user_id) AS wore_color_count SUM(CASE WHEN mt.attended = 1 THEN 1 ELSE 0 END) AS total_attendance,
SUM(CASE WHEN mt.wore_color = 1 THEN 1 ELSE 0 END) AS wore_color_count,
CASE
WHEN SUM(CASE WHEN mt.attended = 1 THEN 1 ELSE 0 END) > 0 THEN
ROUND(
(SUM(CASE WHEN mt.wore_color = 1 THEN 1 ELSE 0 END) /
SUM(CASE WHEN mt.attended = 1 THEN 1 ELSE 0 END)) * 100,
1
)
ELSE 0.0
END AS percentage
FROM meeting_teilnehmer mt FROM meeting_teilnehmer mt
JOIN meetings m ON mt.meeting_id = m.id AND m.is_completed = 1
JOIN users u ON mt.user_id = u.id JOIN users u ON mt.user_id = u.id
JOIN meetings m ON mt.meeting_id = m.id GROUP BY u.id, u.username
WHERE mt.wore_color = 1 AND m.is_completed = 1 ORDER BY percentage DESC, u.username ASC
GROUP BY u.username
ORDER BY wore_color_count DESC
"; ";
$result_wore = mysqli_query($conn, $sql_wore_color); $result_wore = mysqli_query($conn, $sql_wore_color);
while ($row = mysqli_fetch_assoc($result_wore)) { while ($row = mysqli_fetch_assoc($result_wore)) {
$wore_color_stats[] = $row; $attended = (int)$row['total_attendance'];
$wore = (int)$row['wore_color_count'];
$percentage = (float)$row['percentage'];
$wore_color_stats[] = [
'username' => $row['username'],
'wore_color_count' => $wore,
'total_attendance' => $attended,
'percentage' => $percentage
];
$wore_color_percentages[] = $percentage;
$wore_color_attended[] = $attended;
$wore_color_count[] = $wore;
} }
// 🔹 NEU: Ranking der Verschiebungsvorschläge // Verschiebungsvorschläge (unverändert)
$reschedule_stats = []; $reschedule_stats = [];
$sql_reschedule = " $sql_reschedule = "
SELECT SELECT u.username, COUNT(p.id) AS reschedule_count
u.username,
COUNT(p.id) AS reschedule_count
FROM meeting_reschedule_proposals p FROM meeting_reschedule_proposals p
JOIN users u ON p.proposed_by_user_id = u.id JOIN users u ON p.proposed_by_user_id = u.id
GROUP BY u.username GROUP BY u.username
ORDER BY reschedule_count DESC ORDER BY reschedule_count DESC, u.username ASC
"; ";
$result_reschedule = mysqli_query($conn, $sql_reschedule); $result_reschedule = mysqli_query($conn, $sql_reschedule);
while ($row = mysqli_fetch_assoc($result_reschedule)) { while ($row = mysqli_fetch_assoc($result_reschedule)) {
@@ -124,6 +168,7 @@ require_once 'inc/header.php';
<div class="col-lg-6"> <div class="col-lg-6">
<h5 class="card-title text-center">Teilnahme-Ranking</h5> <h5 class="card-title text-center">Teilnahme-Ranking</h5>
<p class="text-center text-muted mt-2 mb-3"> <p class="text-center text-muted mt-2 mb-3">
Insgesamt <?= $total_meetings ?> abgeschlossene Treffen.<br>
Durchschnittliche Anwesenheit je Treffen: <strong><?= htmlspecialchars($avg_attendance) ?></strong> Durchschnittliche Anwesenheit je Treffen: <strong><?= htmlspecialchars($avg_attendance) ?></strong>
</p> </p>
<div style="height: 40vh;"> <div style="height: 40vh;">
@@ -146,7 +191,6 @@ require_once 'inc/header.php';
</div> </div>
</div> </div>
<!-- 🔹 NEUER BLOCK: Verschiebungsvorschläge -->
<hr class="my-4"> <hr class="my-4">
<div class="row justify-content-center"> <div class="row justify-content-center">
@@ -160,29 +204,26 @@ require_once 'inc/header.php';
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script> <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
<script> <script>
document.addEventListener('DOMContentLoaded', function() { document.addEventListener('DOMContentLoaded', function() {
// Farbhäufigkeit // Farben (unverändert)
const colorData = {
labels: <?= json_encode(array_column($color_stats, 'name')); ?>,
datasets: [{
label: 'Anzahl Treffen',
data: <?= json_encode(array_column($color_stats, 'meeting_count')); ?>,
backgroundColor: <?= json_encode(array_column($color_stats, 'hex_code')); ?>,
borderColor: 'rgba(0, 0, 0, 0.1)',
borderWidth: 1
}]
};
new Chart(document.getElementById('colorChart'), { new Chart(document.getElementById('colorChart'), {
type: 'pie', type: 'pie',
data: colorData, data: {
labels: <?= json_encode(array_column($color_stats, 'name')) ?>,
datasets: [{
label: 'Anzahl Treffen',
data: <?= json_encode(array_column($color_stats, 'meeting_count')) ?>,
backgroundColor: <?= json_encode(array_column($color_stats, 'hex_code')) ?>,
borderColor: 'rgba(0,0,0,0.1)',
borderWidth: 1
}]
},
options: { options: {
responsive: true, responsive: true,
plugins: { plugins: {
@@ -191,26 +232,25 @@ require_once 'inc/header.php';
}, },
title: { title: {
display: true, display: true,
text: 'Verteilung der Farbwahl über alle Treffen' text: 'Verteilung der Farbwahl'
} }
} }
} }
}); });
// Teilnahme // Teilnahme: Mit Prozentwerten (0100%), sortiert nach Prozent
const participationData = {
labels: <?= json_encode(array_column($participation_stats, 'username')); ?>,
datasets: [{
label: 'Anzahl Teilnahmen',
data: <?= json_encode(array_column($participation_stats, 'total_attendance')); ?>,
backgroundColor: 'rgba(54, 162, 235, 0.8)',
borderColor: 'rgb(54, 162, 235)',
borderWidth: 1
}]
};
new Chart(document.getElementById('participationChart'), { new Chart(document.getElementById('participationChart'), {
type: 'bar', type: 'bar',
data: participationData, data: {
labels: <?= json_encode(array_column($participation_stats, 'username')) ?>,
datasets: [{
label: 'Teilnahmequote (%)',
data: <?= json_encode($participation_percentages) ?>,
backgroundColor: 'rgba(54,162,235,0.8)',
borderColor: 'rgb(54,162,235)',
borderWidth: 1
}]
},
options: { options: {
indexAxis: 'y', indexAxis: 'y',
responsive: true, responsive: true,
@@ -221,21 +261,37 @@ require_once 'inc/header.php';
}, },
title: { title: {
display: true, display: true,
text: 'Anzahl der Teilnahmen pro Benutzer' text: 'Teilnahmequote (nur abgeschlossene Treffen mit Eintrag)'
},
tooltip: {
callbacks: {
label: function(ctx) {
const pct = ctx.raw;
const attended = <?= json_encode($participation_attended) ?>[ctx.dataIndex] || 0;
const reg = <?= json_encode($participation_registered) ?>[ctx.dataIndex] || 0;
return `${attended} von ${reg} (${pct}%)`;
}
}
} }
}, },
scales: { scales: {
x: { x: {
beginAtZero: true beginAtZero: true,
max: 100,
ticks: {
callback: function(value) {
return value + '%';
}
}
}, },
y: { y: {
ticks: { ticks: {
font: { font: {
size: 10 size: 10
}, },
callback: function(value) { callback: function(v) {
const username = this.getLabelForValue(value); const l = this.getLabelForValue(v);
return username.length > 15 ? username.substring(0, 15) + '...' : username; return l.length > 15 ? l.substring(0, 15) + '...' : l;
} }
} }
} }
@@ -243,20 +299,19 @@ require_once 'inc/header.php';
} }
}); });
// Farbe getragen // Farbe getragen: Mit Prozentwerten (0100%)
const woreColorData = {
labels: <?= json_encode(array_column($wore_color_stats, 'username')); ?>,
datasets: [{
label: 'Farbe getragen',
data: <?= json_encode(array_column($wore_color_stats, 'wore_color_count')); ?>,
backgroundColor: 'rgba(75, 192, 192, 0.8)',
borderColor: 'rgb(75, 192, 192)',
borderWidth: 1
}]
};
new Chart(document.getElementById('woreColorChart'), { new Chart(document.getElementById('woreColorChart'), {
type: 'bar', type: 'bar',
data: woreColorData, data: {
labels: <?= json_encode(array_column($wore_color_stats, 'username')) ?>,
datasets: [{
label: 'Farbenquote (%)',
data: <?= json_encode($wore_color_percentages) ?>,
backgroundColor: 'rgba(75,192,192,0.8)',
borderColor: 'rgb(75,192,192)',
borderWidth: 1
}]
},
options: { options: {
indexAxis: 'y', indexAxis: 'y',
responsive: true, responsive: true,
@@ -267,14 +322,27 @@ require_once 'inc/header.php';
}, },
title: { title: {
display: true, display: true,
text: 'Anzahl der "Farbe getragen"-Einträge pro Benutzer' text: 'Farbenquote (nur bei Teilnahme)'
},
tooltip: {
callbacks: {
label: function(ctx) {
const pct = ctx.raw;
const wore = <?= json_encode($wore_color_count) ?>[ctx.dataIndex] || 0;
const att = <?= json_encode($wore_color_attended) ?>[ctx.dataIndex] || 0;
return `${wore} von ${att} Teilnahmen (${pct}%)`;
}
}
} }
}, },
scales: { scales: {
x: { x: {
beginAtZero: true, beginAtZero: true,
max: 100,
ticks: { ticks: {
stepSize: 1 callback: function(value) {
return value + '%';
}
} }
}, },
y: { y: {
@@ -282,9 +350,9 @@ require_once 'inc/header.php';
font: { font: {
size: 10 size: 10
}, },
callback: function(value) { callback: function(v) {
const username = this.getLabelForValue(value); const l = this.getLabelForValue(v);
return username.length > 15 ? username.substring(0, 15) + '...' : username; return l.length > 15 ? l.substring(0, 15) + '...' : l;
} }
} }
} }
@@ -292,20 +360,19 @@ require_once 'inc/header.php';
} }
}); });
// 🔹 NEU: Verschiebungsvorschläge // Verschiebungsvorschläge (unverändert ABER mit korrekter Syntax!)
const rescheduleData = {
labels: <?= json_encode(array_column($reschedule_stats, 'username')); ?>,
datasets: [{
label: 'Verschiebungsvorschläge',
data: <?= json_encode(array_column($reschedule_stats, 'reschedule_count')); ?>,
backgroundColor: 'rgba(255, 159, 64, 0.8)',
borderColor: 'rgb(255, 159, 64)',
borderWidth: 1
}]
};
new Chart(document.getElementById('rescheduleChart'), { new Chart(document.getElementById('rescheduleChart'), {
type: 'bar', type: 'bar',
data: rescheduleData, data: {
labels: <?= json_encode(array_column($reschedule_stats, 'username')) ?>,
datasets: [{
label: 'Vorschläge',
data: <?= json_encode(array_column($reschedule_stats, 'reschedule_count')) ?>,
backgroundColor: 'rgba(255,159,64,0.8)',
borderColor: 'rgb(255,159,64)',
borderWidth: 1
}]
},
options: { options: {
indexAxis: 'y', indexAxis: 'y',
responsive: true, responsive: true,
@@ -316,7 +383,7 @@ require_once 'inc/header.php';
}, },
title: { title: {
display: true, display: true,
text: 'Anzahl der Verschiebungsvorschläge pro Benutzer' text: 'Verschiebungsvorschläge'
} }
}, },
scales: { scales: {
@@ -331,9 +398,9 @@ require_once 'inc/header.php';
font: { font: {
size: 10 size: 10
}, },
callback: function(value) { callback: function(v) {
const username = this.getLabelForValue(value); const l = this.getLabelForValue(v);
return username.length > 15 ? username.substring(0, 15) + '...' : username; return l.length > 15 ? l.substring(0, 15) + '...' : l;
} }
} }
} }

138
users.php
View File

@@ -2,6 +2,32 @@
include('inc/check_login.php'); include('inc/check_login.php');
require_once('inc/db.php'); require_once('inc/db.php');
// 🔹 Hilfsfunktion: DE-Format → DB-Format
function deDateToDb($deDate)
{
if (empty($deDate)) return null;
$parts = explode('.', $deDate);
if (count($parts) !== 3) return null;
$day = str_pad(trim($parts[0]), 2, '0', STR_PAD_LEFT);
$month = str_pad(trim($parts[1]), 2, '0', STR_PAD_LEFT);
$year = trim($parts[2]);
if (strlen($year) === 2) {
$year = (int)$year < 50 ? "20$year" : "19$year";
}
if (strlen($year) !== 4) return null;
if (checkdate((int)$month, (int)$day, (int)$year)) {
return "$year-$month-$day";
}
return null;
}
// 🔹 Hilfsfunktion: DB-Format → DE-Format
function dbDateToDe($dbDate)
{
if (empty($dbDate) || $dbDate === '0000-00-00') return '';
return date('d.m.Y', strtotime($dbDate));
}
$is_admin = ($_SESSION['role'] === 'admin'); $is_admin = ($_SESSION['role'] === 'admin');
$message = ''; $message = '';
@@ -9,28 +35,6 @@ $message_type = '';
$edit_mode = false; $edit_mode = false;
$edit_user = null; $edit_user = null;
// Hilfsfunktion: DE-Format zu DB-Format
function deDateToDb($deDate)
{
if (empty($deDate)) return null;
$parts = explode('.', $deDate);
if (count($parts) !== 3) return null;
$day = str_pad($parts[0], 2, '0', STR_PAD_LEFT);
$month = str_pad($parts[1], 2, '0', STR_PAD_LEFT);
$year = $parts[2];
if (checkdate((int)$month, (int)$day, (int)$year)) {
return "$year-$month-$day";
}
return null;
}
// Hilfsfunktion: DB-Format zu DE-Format
function dbDateToDe($dbDate)
{
if (empty($dbDate) || $dbDate === '0000-00-00') return '';
return date('d.m.Y', strtotime($dbDate));
}
// --- Nur Admins: Löschen --- // --- Nur Admins: Löschen ---
if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) { if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = (int)$_GET['id']; $id = (int)$_GET['id'];
@@ -44,7 +48,7 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'delete' && isset(
$message = "Benutzer erfolgreich gelöscht!"; $message = "Benutzer erfolgreich gelöscht!";
$message_type = 'success'; $message_type = 'success';
} else { } else {
$message = "Fehler beim Löschen des Benutzers."; $message = "Fehler beim Löschen: " . mysqli_error($conn);
$message_type = 'danger'; $message_type = 'danger';
} }
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
@@ -68,7 +72,6 @@ if ($is_admin && isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_
$message = "Benutzer nicht gefunden."; $message = "Benutzer nicht gefunden.";
$message_type = 'warning'; $message_type = 'warning';
} else { } else {
// Konvertiere DB-Datum zu DE-Format für das Formular
$edit_user['birthday_de'] = dbDateToDe($edit_user['birthday']); $edit_user['birthday_de'] = dbDateToDe($edit_user['birthday']);
} }
} }
@@ -83,22 +86,79 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$id = !empty($_POST['id']) ? (int)$_POST['id'] : null; $id = !empty($_POST['id']) ? (int)$_POST['id'] : null;
$email = !empty($email_raw) ? $email_raw : null; $email = !empty($email_raw) ? $email_raw : null;
$birthday_db = deDateToDb($birthday_de); // null bei ungültig/leer $birthday_db = deDateToDb($birthday_de);
// --- DEBUG: Zeige, was konvertiert wurde (kannst du später löschen) ---
// error_log("DEBUG: birthday_de='$birthday_de' → birthday_db='$birthday_db'");
if (empty($username)) { if (empty($username)) {
$message = "Benutzername ist erforderlich."; $message = "Benutzername ist erforderlich.";
$message_type = 'danger'; $message_type = 'danger';
} else { } else {
$success = false;
$update_fields = [];
$params = [];
$types = "";
if ($id) { if ($id) {
if (!empty($password)) { // 🔹 UPDATE: Nur Felder aktualisieren, die sich geändert haben
$password_hashed = password_hash($password, PASSWORD_DEFAULT); $current = mysqli_prepare($conn, "SELECT username, email, birthday, role FROM users WHERE id = ?");
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, password = ?, email = ?, birthday = ?, role = ? WHERE id = ?"); mysqli_stmt_bind_param($current, "i", $id);
mysqli_stmt_bind_param($stmt, "sssssi", $username, $password_hashed, $email, $birthday_db, $role, $id); mysqli_stmt_execute($current);
$curr_data = mysqli_fetch_assoc(mysqli_stmt_get_result($current));
mysqli_stmt_close($current);
if (!$curr_data) {
$message = "Benutzer nicht gefunden.";
$message_type = 'danger';
} else { } else {
$stmt = mysqli_prepare($conn, "UPDATE users SET username = ?, email = ?, birthday = ?, role = ? WHERE id = ?"); // Prüfe Änderungen
mysqli_stmt_bind_param($stmt, "ssssi", $username, $email, $birthday_db, $role, $id); if ($username !== $curr_data['username']) {
$update_fields[] = "username = ?";
$params[] = $username;
$types .= "s";
}
if ($email !== $curr_data['email']) {
$update_fields[] = "email = ?";
$params[] = $email;
$types .= "s";
}
if ($birthday_db !== ($curr_data['birthday'] ?: null)) {
$update_fields[] = "birthday = ?";
$params[] = $birthday_db;
$types .= "s";
}
if ($role !== $curr_data['role']) {
$update_fields[] = "role = ?";
$params[] = $role;
$types .= "s";
}
if (!empty($update_fields)) {
// Passwort separat
if (!empty($password)) {
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
$update_fields[] = "password = ?";
$params[] = $password_hashed;
$types .= "s";
}
$sql = "UPDATE users SET " . implode(", ", $update_fields) . " WHERE id = ?";
$stmt = mysqli_prepare($conn, $sql);
$params[] = $id;
$types .= "i";
mysqli_stmt_bind_param($stmt, $types, ...$params);
$success = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
} else {
$success = true; // nichts zu ändern → Erfolg
$message = "Keine Änderungen vorgenommen.";
$message_type = 'info';
}
} }
} else { } else {
// 🔹 INSERT
if (empty($password)) { if (empty($password)) {
$message = "Passwort ist beim Erstellen erforderlich."; $message = "Passwort ist beim Erstellen erforderlich.";
$message_type = 'danger'; $message_type = 'danger';
@@ -106,25 +166,27 @@ if ($is_admin && $_SERVER["REQUEST_METHOD"] == "POST") {
$password_hashed = password_hash($password, PASSWORD_DEFAULT); $password_hashed = password_hash($password, PASSWORD_DEFAULT);
$stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, birthday, role) VALUES (?, ?, ?, ?, ?)"); $stmt = mysqli_prepare($conn, "INSERT INTO users (username, password, email, birthday, role) VALUES (?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, "sssss", $username, $password_hashed, $email, $birthday_db, $role); mysqli_stmt_bind_param($stmt, "sssss", $username, $password_hashed, $email, $birthday_db, $role);
$success = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
} }
} }
if (!isset($message)) { if (!isset($message)) {
if (isset($stmt) && mysqli_stmt_execute($stmt)) { if ($success) {
$message = $id ? "Benutzer aktualisiert!" : "Neuer Benutzer hinzugefügt!"; $message = $id ? "Benutzer erfolgreich aktualisiert!" : "Neuer Benutzer hinzugefügt!";
$message_type = 'success'; $message_type = 'success';
} else { } else {
$message = "Fehler beim Speichern."; $message = "Fehler beim Speichern: " . mysqli_error($conn);
$message_type = 'danger'; $message_type = 'danger';
} }
if (isset($stmt)) mysqli_stmt_close($stmt);
header("Location: users.php");
exit();
} }
header("Location: users.php");
exit();
} }
} }
// --- Mitgliederliste für alle --- // --- Mitgliederliste ---
$users = []; $users = [];
$result = mysqli_query($conn, "SELECT id, username, role, email, birthday FROM users ORDER BY id ASC"); $result = mysqli_query($conn, "SELECT id, username, role, email, birthday FROM users ORDER BY id ASC");
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {

253
version.php
View File

@@ -287,6 +287,7 @@ foreach ($releases as $rel) {
require_once('inc/header.php'); require_once('inc/header.php');
?> ?>
<!-- 🔸 ANGEPASST: Kein row/col-Wrapper direkter container wie auf anderen Seiten -->
<div class="container mt-5 mb-4"> <div class="container mt-5 mb-4">
<?php if ($message): ?> <?php if ($message): ?>
<div class="alert alert-<?= htmlspecialchars($message_type) ?> alert-dismissible fade show" role="alert"> <div class="alert alert-<?= htmlspecialchars($message_type) ?> alert-dismissible fade show" role="alert">
@@ -295,140 +296,136 @@ require_once('inc/header.php');
</div> </div>
<?php endif; ?> <?php endif; ?>
<div class="row justify-content-center"> <h2 class="mb-4">📋 Versionsübersicht</h2>
<div class="col-lg-8">
<h2 class="mb-4">📋 Versionsübersicht</h2>
<div class="card shadow"> <div class="card shadow">
<div class="card-header bg-primary-subtle text-secondary d-flex justify-content-between align-items-center"> <div class="card-header bg-primary-subtle text-secondary d-flex justify-content-between align-items-center">
<h4 class="mb-0">Release Notes</h4> <h4 class="mb-0">Release Notes</h4>
<?php if ($is_admin): ?> <?php if ($is_admin): ?>
<a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#releaseFormCollapse" role="button" aria-expanded="false" aria-controls="releaseFormCollapse">Add <a class="btn btn-sm d-flex align-items-center justify-content-center" data-bs-toggle="collapse" href="#releaseFormCollapse" role="button" aria-expanded="false" aria-controls="releaseFormCollapse">Add
<span class="material-symbols-outlined">add</span> <span class="material-symbols-outlined">add</span>
</a> </a>
<?php endif; ?> <?php endif; ?>
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($is_admin): ?> <?php if ($is_admin): ?>
<div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="releaseFormCollapse"> <div class="collapse <?= $edit_mode ? 'show' : '' ?>" id="releaseFormCollapse">
<div class="card card-body bg-light mb-4"> <div class="card card-body bg-light mb-4">
<h5><?= $edit_mode ? 'Version bearbeiten' : 'Neuen Entwurf anlegen'; ?></h5> <h5><?= $edit_mode ? 'Version bearbeiten' : 'Neuen Entwurf anlegen'; ?></h5>
<form method="POST"> <form method="POST">
<?php if ($edit_mode): ?> <?php if ($edit_mode): ?>
<input type="hidden" name="id" value="<?= htmlspecialchars($edit_release['id']); ?>"> <input type="hidden" name="id" value="<?= htmlspecialchars($edit_release['id']); ?>">
<?php endif; ?> <?php endif; ?>
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Versionsnummer</label> <label class="form-label">Versionsnummer</label>
<input type="text" class="form-control" name="version" value="<?= htmlspecialchars($edit_release['version'] ?? ''); ?>" placeholder="z.B. v1.5.0" required> <input type="text" class="form-control" name="version" value="<?= htmlspecialchars($edit_release['version'] ?? ''); ?>" placeholder="z.B. v1.5.0" required>
<div class="form-text">Format: v1.4.2</div> <div class="form-text">Format: v1.4.2</div>
</div>
<div class="mb-3">
<label class="form-label">Veröffentlichungsdatum</label>
<input type="date" class="form-control" name="date" value="<?= htmlspecialchars($edit_release['release_date'] ?? date('Y-m-d')); ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Neue Features (ein Punkt pro Zeile)<br>
<small class="text-muted">Verwende [b]fett[/b] oder [i]kursiv[/i] für Hervorhebungen.</small>
</label>
<textarea class="form-control" name="features" rows="4"><?= htmlspecialchars($edit_release['features'] ?? '') ?></textarea>
</div>
<div class="mb-3">
<label class="form-label">Verbesserungen (ein Punkt pro Zeile)<br>
<small class="text-muted">Verwende [b]fett[/b] oder [i]kursiv[/i] für Hervorhebungen.</small>
</label>
<textarea class="form-control" name="improvements" rows="4"><?= htmlspecialchars($edit_release['improvements'] ?? '') ?></textarea>
</div>
<div class="mb-3">
<label class="form-label">Behobene Fehler (ein Punkt pro Zeile)<br>
<small class="text-muted">Verwende [b]fett[/b] oder [i]kursiv[/i] für Hervorhebungen.</small>
</label>
<textarea class="form-control" name="bugfixes" rows="4"><?= htmlspecialchars($edit_release['bugfixes'] ?? '') ?></textarea>
</div>
<div class="d-flex gap-2">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?>"><?= $edit_mode ? 'Speichern' : 'Entwurf speichern'; ?></button>
<a href="version.php" class="btn btn-sm btn-outline-secondary">Abbrechen</a>
</div>
</form>
</div> </div>
</div> <div class="mb-3">
<?php endif; ?> <label class="form-label">Veröffentlichungsdatum</label>
<input type="date" class="form-control" name="date" value="<?= htmlspecialchars($edit_release['release_date'] ?? date('Y-m-d')); ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Neue Features (ein Punkt pro Zeile)<br>
<small class="text-muted">Verwende [b]fett[/b] oder [i]kursiv[/i] für Hervorhebungen.</small>
</label>
<textarea class="form-control" name="features" rows="4"><?= htmlspecialchars($edit_release['features'] ?? '') ?></textarea>
</div>
<div class="mb-3">
<label class="form-label">Verbesserungen (ein Punkt pro Zeile)<br>
<small class="text-muted">Verwende [b]fett[/b] oder [i]kursiv[/i] für Hervorhebungen.</small>
</label>
<textarea class="form-control" name="improvements" rows="4"><?= htmlspecialchars($edit_release['improvements'] ?? '') ?></textarea>
</div>
<div class="mb-3">
<label class="form-label">Behobene Fehler (ein Punkt pro Zeile)<br>
<small class="text-muted">Verwende [b]fett[/b] oder [i]kursiv[/i] für Hervorhebungen.</small>
</label>
<textarea class="form-control" name="bugfixes" rows="4"><?= htmlspecialchars($edit_release['bugfixes'] ?? '') ?></textarea>
</div>
<div class="d-flex gap-2">
<button type="submit" class="btn btn-sm btn-outline-<?= $edit_mode ? 'success' : 'primary'; ?>"><?= $edit_mode ? 'Speichern' : 'Entwurf speichern'; ?></button>
<a href="version.php" class="btn btn-sm btn-outline-secondary">Abbrechen</a>
</div>
</form>
</div>
</div>
<?php endif; ?>
<?php if (empty($releases)): ?> <?php if (empty($releases)): ?>
<p class="text-muted">Keine veröffentlichten Release Notes vorhanden.</p> <p class="text-muted">Keine veröffentlichten Release Notes vorhanden.</p>
<?php else: ?> <?php else: ?>
<?php foreach ($releases as $release): ?> <?php foreach ($releases as $release): ?>
<div class="d-flex align-items-start"> <div class="d-flex align-items-start">
<div class="flex-grow-1"> <div class="flex-grow-1">
<h5 class="mt-4 mb-1"> <h5 class="mt-4 mb-1">
<?= htmlspecialchars($release['version']) ?> <?= htmlspecialchars($release['version']) ?>
<?php if (($release['is_draft'] ?? 0) == 1): ?> <?php if (($release['is_draft'] ?? 0) == 1): ?>
<span class="badge bg-warning text-dark ms-1" style="font-size: 0.65em; font-weight: normal; padding: 0.2em 0.4em;">Entwurf</span> <span class="badge bg-warning text-dark ms-1" style="font-size: 0.65em; font-weight: normal; padding: 0.2em 0.4em;">Entwurf</span>
<?php elseif ($release['version'] === $latest_published_version): ?> <?php elseif ($release['version'] === $latest_published_version): ?>
<span class="badge bg-white text-primary border border-primary ms-1" style="font-size: 0.65em; font-weight: normal; padding: 0.15em 0.3em; position: relative; top: -0.7px;">aktuelle Version</span> <span class="badge bg-white text-primary border border-primary ms-1" style="font-size: 0.65em; font-weight: normal; padding: 0.15em 0.3em; position: relative; top: -0.7px;">aktuelle Version</span>
<?php endif; ?>
</h5>
<p class="text-muted small mb-3">Veröffentlicht am: <?= date('d.m.Y', strtotime($release['release_date'])) ?></p>
<?php if (!empty($release['features_list'])): ?>
<p class="small text-success mb-1"><strong>Neue Features:</strong></p>
<ul class="mb-3">
<?php foreach ($release['features_list'] as $f): ?>
<li><?= parse_formatting($f) ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php if (!empty($release['improvements_list'])): ?>
<p class="small text-info mb-1"><strong>Verbesserungen:</strong></p>
<ul class="mb-3">
<?php foreach ($release['improvements_list'] as $i): ?>
<li><?= parse_formatting($i) ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php if (!empty($release['bugfixes_list'])): ?>
<p class="small text-danger mb-1"><strong>Behobene Fehler:</strong></p>
<ul class="mb-3">
<?php foreach ($release['bugfixes_list'] as $b): ?>
<li><?= parse_formatting($b) ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
</div>
<?php if ($is_admin): ?>
<div class="dropdown ms-3 mt-4">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<?php if (($release['is_draft'] ?? 0) == 1): ?>
<li>
<a class="dropdown-item d-flex align-items-center text-success" href="version.php?action=publish&id=<?= $release['id'] ?>" onclick="return confirm('Wirklich veröffentlichen?')">
<span class="material-icons me-2">check</span> Veröffentlichen
</a>
</li>
<?php endif; ?>
<li>
<a class="dropdown-item d-flex align-items-center" href="version.php?action=edit&id=<?= $release['id'] ?>">
<span class="material-icons me-2">mode_edit_outline</span> Bearbeiten
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="version.php?action=delete&id=<?= $release['id'] ?>" onclick="return confirm('Wirklich löschen?')">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
</ul>
</div>
<?php endif; ?> <?php endif; ?>
</div> </h5>
<?php endforeach; ?> <p class="text-muted small mb-3">Veröffentlicht am: <?= date('d.m.Y', strtotime($release['release_date'])) ?></p>
<?php endif; ?>
<?php if (!empty($release['features_list'])): ?>
<p class="small text-success mb-1"><strong>Neue Features:</strong></p>
<ul class="mb-3">
<?php foreach ($release['features_list'] as $f): ?>
<li><?= parse_formatting($f) ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php if (!empty($release['improvements_list'])): ?>
<p class="small text-info mb-1"><strong>Verbesserungen:</strong></p>
<ul class="mb-3">
<?php foreach ($release['improvements_list'] as $i): ?>
<li><?= parse_formatting($i) ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php if (!empty($release['bugfixes_list'])): ?>
<p class="small text-danger mb-1"><strong>Behobene Fehler:</strong></p>
<ul class="mb-3">
<?php foreach ($release['bugfixes_list'] as $b): ?>
<li><?= parse_formatting($b) ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
</div>
<?php if ($is_admin): ?>
<div class="dropdown ms-3 mt-4">
<a href="#" class="text-secondary" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<span class="material-icons">more_vert</span>
</a>
<ul class="dropdown-menu dropdown-menu-end">
<?php if (($release['is_draft'] ?? 0) == 1): ?>
<li>
<a class="dropdown-item d-flex align-items-center text-success" href="version.php?action=publish&id=<?= $release['id'] ?>" onclick="return confirm('Wirklich veröffentlichen?')">
<span class="material-icons me-2">check</span> Veröffentlichen
</a>
</li>
<?php endif; ?>
<li>
<a class="dropdown-item d-flex align-items-center" href="version.php?action=edit&id=<?= $release['id'] ?>">
<span class="material-icons me-2">mode_edit_outline</span> Bearbeiten
</a>
</li>
<li>
<a class="dropdown-item d-flex align-items-center text-danger" href="version.php?action=delete&id=<?= $release['id'] ?>" onclick="return confirm('Wirklich löschen?')">
<span class="material-icons me-2">delete_outline</span> Löschen
</a>
</li>
</ul>
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div>
</div>
</div> </div>
</div> </div>
</div> </div>

126
zahler.php
View File

@@ -1,59 +1,115 @@
<?php <?php
function get_next_payer_username($conn, $meeting_id)
{
$current_year = (int)date('Y');
// Alle zugesagten Nutzer mit paid_count /**
* Gibt den Vorschlag für den nächsten Rechnungszahler zurück.
* Liefert ein Array: ['username' => ..., 'is_birthday_payer' => true/false]
*/
function get_next_payer_info($conn, $meeting_id)
{
// Meeting-Datum holen
$stmt = mysqli_prepare($conn, "SELECT meeting_date FROM meetings WHERE id = ?");
mysqli_stmt_bind_param($stmt, "i", $meeting_id);
mysqli_stmt_execute($stmt);
$meeting = mysqli_fetch_assoc(mysqli_stmt_get_result($stmt));
mysqli_stmt_close($stmt);
if (!$meeting) {
return null;
}
$meeting_date = $meeting['meeting_date'];
$meeting_ts = strtotime($meeting_date);
$meeting_year = (int)date('Y', $meeting_ts);
$meeting_month = (int)date('n', $meeting_ts);
$meeting_day = (int)date('j', $meeting_ts);
// Alle ZUSAGENDEN Teilnehmer
$sql = " $sql = "
SELECT SELECT
u.id, u.id,
u.username, u.username,
u.birthday, u.birthday
u.last_birthday_year,
(SELECT COUNT(*) FROM meeting_teilnehmer WHERE user_id = u.id AND paid = 1) AS paid_count
FROM meeting_teilnehmer mt FROM meeting_teilnehmer mt
JOIN users u ON mt.user_id = u.id JOIN users u ON mt.user_id = u.id
WHERE mt.meeting_id = ? AND mt.rsvp_status = 'accepted' WHERE mt.meeting_id = ? AND mt.rsvp_status = 'accepted'
ORDER BY u.username ORDER BY u.username
"; ";
$stmt = mysqli_prepare($conn, $sql); $stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "i", $meeting_id); mysqli_stmt_bind_param($stmt, "i", $meeting_id);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
$candidates = mysqli_fetch_all(mysqli_stmt_get_result($stmt), MYSQLI_ASSOC); $candidates = mysqli_fetch_all(mysqli_stmt_get_result($stmt), MYSQLI_ASSOC);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
if (empty($candidates)) return null; if (empty($candidates)) {
return null;
}
// Finde minimale paid_count // 🔹 Geburtstagskandidaten: Geburtstag war + noch nicht in diesem Jahr als Geburtstagszahler gezahlt
$min_paid = min(array_column($candidates, 'paid_count')); $birthday_candidates = array_filter($candidates, function ($c) use ($conn, $meeting_year, $meeting_month, $meeting_day) {
$eligible = array_filter($candidates, fn($c) => $c['paid_count'] == $min_paid); if (!$c['birthday'] || $c['birthday'] === '0000-00-00') {
return false;
$birthday_eligible = [];
$others = [];
foreach ($eligible as $c) {
$is_birthday_payer_eligible = (
!empty($c['birthday'])
&& $c['birthday'] !== '0000-00-00'
&& $c['last_birthday_year'] != $current_year
);
if ($is_birthday_payer_eligible) {
$birthday_eligible[] = $c;
} else {
$others[] = $c;
} }
$bday_month = (int)date('n', strtotime($c['birthday']));
$bday_day = (int)date('j', strtotime($c['birthday']));
// War Geburtstag in diesem Jahr bereits?
if (!($bday_month < $meeting_month ||
($bday_month == $meeting_month && $bday_day <= $meeting_day))) {
return false;
}
// Hat er in diesem Jahr schon als Geburtstagszahler gezahlt?
$check_stmt = mysqli_prepare($conn, "
SELECT 1 FROM meeting_teilnehmer mt
JOIN meetings m ON mt.meeting_id = m.id
WHERE mt.user_id = ?
AND mt.birthday_pay = 1
AND YEAR(m.meeting_date) = ?
LIMIT 1
");
mysqli_stmt_bind_param($check_stmt, "ii", $c['id'], $meeting_year);
mysqli_stmt_execute($check_stmt);
$already_paid = mysqli_num_rows(mysqli_stmt_get_result($check_stmt)) > 0;
mysqli_stmt_close($check_stmt);
return !$already_paid;
});
if (!empty($birthday_candidates)) {
usort($birthday_candidates, fn($a, $b) => strcmp($a['username'], $b['username']));
$first = $birthday_candidates[0];
return [
'username' => $first['username'],
'is_birthday_payer' => true
];
} }
// Sortiere alphabetisch // 🔹 Normale Rotation: Zähle paid=1 UND birthday_pay=0
$sort = fn($a, $b) => strcmp($a['username'], $b['username']); $user_paid_counts = [];
foreach ($candidates as $c) {
if (!empty($birthday_eligible)) { $count_stmt = mysqli_prepare($conn, "
usort($birthday_eligible, $sort); SELECT COUNT(*)
return $birthday_eligible[0]['username']; FROM meeting_teilnehmer
WHERE user_id = ? AND paid = 1 AND birthday_pay = 0
");
mysqli_stmt_bind_param($count_stmt, "i", $c['id']);
mysqli_stmt_execute($count_stmt);
$count = (int)mysqli_fetch_row(mysqli_stmt_get_result($count_stmt))[0];
mysqli_stmt_close($count_stmt);
$user_paid_counts[$c['id']] = $count;
} }
$all = array_merge($birthday_eligible, $others); $min_paid = min($user_paid_counts);
usort($all, $sort); $regular_candidates = array_filter($candidates, function ($c) use ($user_paid_counts, $min_paid) {
return $all[0]['username']; return $user_paid_counts[$c['id']] === $min_paid;
});
usort($regular_candidates, fn($a, $b) => strcmp($a['username'], $b['username']));
$first = reset($regular_candidates);
return [
'username' => $first['username'],
'is_birthday_payer' => false
];
} }