commit 63fc2d94ff72438677072dc100c0d723afda368c
parent 374a33f6836c9ce9d6d64acf71d7962dbf7a2dc1
Author: LennartSchroot <[email protected]>
Date: Sun, 16 Apr 2023 18:38:17 +0200
joejoe
Diffstat:
9 files changed, 70 insertions(+), 45 deletions(-)
diff --git a/.idea/php.xml b/.idea/php.xml
@@ -15,7 +15,7 @@
<path value="$PROJECT_DIR$/Composer/vendor/composer" />
</include_path>
</component>
- <component name="PhpProjectSharedConfiguration" php_language_level="8.1" />
+ <component name="PhpProjectSharedConfiguration" php_language_level="8.2" />
<component name="PhpStanOptionsConfiguration">
<option name="transferred" value="true" />
</component>
diff --git a/add_user.php b/add_user.php
@@ -8,10 +8,9 @@
<?php
include "navbar.php";
include "utils/autoloader.php";
- var_dump($_SESSION['user_permissions']);
- if(!in_array(0, $_SESSION['user_permissions'])){
- //header('Location: dashboard.php');
- //exit;
+ if(!in_array(1, $_SESSION['user_permissions'])){
+ header('Location: /dashboard');
+ exit;
}
$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "wap2");
//select the available permissions from the database
diff --git a/alter_user.php b/alter_user.php
@@ -11,10 +11,10 @@ use Lollipop\DatabaseObject;
use Lollipop\SQLDatabase;
include "navbar.php";
include "utils/autoloader.php";
- //if(!in_array(0, $_SESSION['user_permissions'])){
- //header('Location: dashboard.php');
- //exit;
- //}
+ if(!in_array(1, $_SESSION['user_permissions'])){
+ header('Location: /dashboard');
+ exit;
+ }
$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "wap2");
//select the available permissions from the database
diff --git a/index.php b/index.php
@@ -23,13 +23,11 @@ $router->get('/addcontract', function () {
include 'addContract.php';
});
-<<<<<<< HEAD
+
$router->get('/login_handler', function () {
include '../login_handler.php';
});
-=======
->>>>>>> bbaf41e512d1e8a86e7e23e73b4b799c79368e15
$router->get('/login', function () {
include 'templates/login.html';
});
@@ -43,7 +41,11 @@ $router->get('/alter_user', function () {
include 'search_user.php';
});
$router->get('/dashboard', function () {
- include 'search_data.php';
+ include 'searchdata.php';
+});
+
+$router->post('/logout', function () {
+ include 'logout.php';
});
//$router->get('/data', function () {
diff --git a/login_handler.php b/login_handler.php
@@ -40,7 +40,7 @@
$user_permissions[] = $permission->permission_id;
}
$_SESSION['user_permissions'] = $user_permissions;
- header('Location: dashboard.php');
+ header('Location: /dashboard');
}else{
//password incorrect, but to give out as little person info as possible just show either is wrong
echo"<p style=\"color:red\">Invalid username or password.</p>";
diff --git a/logout.php b/logout.php
@@ -0,0 +1,5 @@
+<?php
+session_start();
+session_unset();
+session_destroy();
+header('Location: /');
+\ No newline at end of file
diff --git a/navbar.php b/navbar.php
@@ -1,11 +1,11 @@
<?php
session_start();
if(!isset($_SESSION['email'])){
- header('Location: login.php');
+ header('Location: /');
exit;
}
// Get the permission level of the user
- $permission_levels= $_SESSION['permissions'];
+ $permission_levels= $_SESSION['user_permissions'];
// Assume $permission_levels is an array containing the user's permission levels
@@ -54,7 +54,7 @@
?>
<nav class="navbar navbar-expand-lg navbar-light bg-light">
- <a class="navbar-brand" href="dashboard.php">Dashboard</a>
+ <a class="navbar-brand" href="/dashboard">Dashboard</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown" aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
@@ -76,7 +76,7 @@
<a class="nav-link" href="/addcontract">Add Subscription</a>
</li>
</ul>
- <form method="post" action="templates/homepage.php">
+ <form method="post" action="/logout">
<button type="submit" id='logout' class="btn btn-primary">log out</button>
</form>
</div>
diff --git a/search_user.php b/search_user.php
@@ -5,10 +5,10 @@
<?php
include "navbar.php";
include "utils/autoloader.php";
- //if(!in_array(0, $_SESSION['user_permissions'])){
- // header('Location: dashboard.php');
- // exit;
- //}
+ if(!in_array(1, $_SESSION['user_permissions'])){
+ header('Location: /dashboard');
+ exit;
+ }
$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "wap2");
?>
</head>
diff --git a/searchdata.php b/searchdata.php
@@ -4,50 +4,68 @@ error_reporting(0);
include "navbar.php";
include "Connect.php";
?>
-<html>
- <head>
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
- </head>
-<body>
- <form class="d-flex" action="searchdata.php" method="get">
- <input class="form-control me-2" type="text" name="date-begin" placeholder="Date begin (YYYY-MM-DD)" pattern="\d{4}-\d{2}-\d{2}">
- <input class="form-control me-2" type="text" name="date-end" placeholder="Date end (YYYY-MM-DD)" pattern="\d{4}-\d{2}-\d{2}">
- <input class="form-control me-2" type="text" name="station" placeholder="Search" aria-label="Search">
- <button class="btn btn-outline-success" type="submit">Search</button>
- </form>
+
<?php
$connect = new Connect;
$conn = $connect->getConn();
+ $params = [];
+
+ $dateEnd = ($_GET['date-end']) . "%";
+ $dateBegin = ($_GET['date-begin'] . "%");
+
+ $startDate = $_GET['date-begin'];
+ $endDate = $_GET['date-end'];
+ $station = $_GET['station'];
$sql = "SELECT station_name, date_time, validated, temperature FROM weather_data";
if (isset($_GET['date-begin']) && $_GET['date-begin']) {
$sql .= " WHERE date_time >= ?";
+ $params[] = $dateBegin;
if (isset($_GET['date-end']) && $_GET['date-end']) {
$sql .= " AND date_time <= ?";
+ $params[] = $dateEnd;
}
} elseif (isset($_GET['date-end']) && $_GET['date-end']) {
$sql .= " WHERE date_time <= ?";
+ $params[] = $dateEnd;
}
if (isset($_GET['station']) && $_GET['station']) {
- $sql .= " WHERE station_name = ?";
+ if (isset($_GET['date-begin']) || isset($_GET['date-end'])){
+ $sql .= " AND ";
+ }
+ else{
+ $sql .= " WHERE ";
+ }
+ $sql .= "station_name = ?";
+ $params[] = $_GET['station'];
}
- $dateEnd = ($_GET['date-end']);
- $dateBegin = ($_GET['date-begin']);
$stmt = $conn->prepare($sql);
- if (isset($_GET['date-begin']))
- $stmt->bind_param('s', $dateBegin);
- if (isset($_GET['date-end']))
- $stmt->bind_param('s', $dateEnd);
- if (isset($_GET['station'])) {
- $stmt->bind_param('d', $_GET['station']);
- }
-
- $stmt->execute();
+// if (isset($_GET['date-begin']))
+// $stmt->bind_param('s', $dateBegin);
+// if (isset($_GET['date-end']))
+// $stmt->bind_param('s', $dateEnd);
+// if (isset($_GET['station'])) {
+// $stmt->bind_param('d', $_GET['station']);
+// }
+ $stmt->execute($params);
$result = $stmt->get_result();
+ ?>
+<html>
+<head>
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+<body>
+<form class="d-flex" action="searchdata.php" method="get">
+ <input class="form-control me-2" type="text" name="date-begin" placeholder="Date begin (YYYY-MM-DD)" pattern="\d{4}-\d{2}-\d{2}" value=<?php echo$startDate?>>
+ <input class="form-control me-2" type="text" name="date-end" placeholder="Date end (YYYY-MM-DD)" pattern="\d{4}-\d{2}-\d{2}" value=<?php echo$endDate?>>
+ <input class="form-control me-2" type="text" name="station" placeholder="Search" aria-label="Search" value=<?php echo$station?>>
+ <button class="btn btn-outline-success" type="submit">Search</button>
+</form>
+<?php
// verification logic and $_SESSION start
if ($result->num_rows > 0) {
echo "<table class=\"table table-striped\">
