Merge branch 'orm' of https://github.com/friedelschoen/lollipop into dev - lollipop

commit 26b8a5c80357c85ed682a4d4732a6b2de543e3d3
parent 3d900209ec716b414cf8ab672870c039f4f060cd
Author: Friedel Schon <[email protected]>
Date:   Tue, 11 Apr 2023 12:56:16 +0200

Merge branch 'orm' of https://github.com/friedelschoen/lollipop into dev

Diffstat:
A backup.php  | 28 ++++++++++++++++++++++++++++
A classes/Permission.php  | 15 +++++++++++++++
A dashboard.php  | 22 ++++++++++++++++++++++
M login.php  | 75 ++++++++++++++++++++++-----------------------------------------------------
A navbar.php  | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M test_orm.php  | 2 ++

6 files changed, 168 insertions(+), 53 deletions(-)
diff --git a/backup.php b/backup.php
@@ -0,0 +1,27 @@
+  <?php
+  if($email == $row['email'] && password_verify($pwd, $row['wachtwoord'])) {
+            session_start();
+            $_SESSION['email'] = $row['email'];
+            mysqli_data_seek($result, 0);
+            $permissions = array();
+            $permissions_names = array();
+            while($row = mysqli_fetch_assoc($result)){
+              array_push($permissions, $row['permissie_id']);
+              array_push($permissions_names, $row['permissie_naam']);
+            }
+            $_SESSION['permissions'] = $permissions;
+            $_SESSION['permissions_names'] = $permissions_names;          
+            foreach($_SESSION['permissions'] as $bullshit){
+              echo $bullshit . "<br>"; 
+
+
+              // verification logic and $_SESSION start
+        if(count($row = $result->fetch_assoc()) > 0){
+          
+            header('Location: dashboard.php');
+          } else {
+            echo '<p style="color:red">Invalid username or password.</p>';
+          }
+        } else {
+          echo '<p style="color:red">Invalid username or password.</p>';
+        } 
+\ No newline at end of file
diff --git a/classes/Permission.php b/classes/Permission.php
@@ -0,0 +1,14 @@
+<?php
+class Permission extends Lollipop\DatabaseObject
+{
+	static function get_table(): string
+	{
+		return "permission_user";
+	}
+
+	static function get_primary(): string
+	{
+		return "email";
+	}
+}
+?>
+\ No newline at end of file
diff --git a/dashboard.php b/dashboard.php
@@ -0,0 +1,22 @@
+<html>
+    <head>
+        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+    </head>
+    <?php
+        include "navbar.php";
+    ?>
+    <body>
+        <?php 
+        echo file_get_contents('http://127.0.0.1/server-status'); 
+        echo $_SESSION['first_name'];
+        echo " ";
+        echo $_SESSION['last_name'];
+        echo " ";
+        echo $_SESSION['email'];
+        echo " ";
+        echo " ";
+        echo "blablab";
+        ?>
+    </body>
+
+</html>
diff --git a/login.php b/login.php
@@ -33,62 +33,31 @@
     <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
     <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
     <?php
-      $servername = "86.92.67.21";
-      $username = "friedel";
-      $password = "hailiwa";
-      $dbname = "wap2";
-      $conn = mysqli_connect($servername, $username, $password, $dbname);
-      // perform validation and authentication
-      if (!$conn) {
-        die("Connection failed: " . mysqli_connect_error());
-      }
-
+    include "autoloader.php";
+    $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
       // check if a post request was sent
-      if ($_SERVER["REQUEST_METHOD"] == "POST") {
-        // fetch data from the form
-        if(isset($_POST['email']) && isset($_POST['password'])){
-          $email = $_POST['email'];
-          $pwd = $_POST['password'];
-        } else {
-          echo "One of the forms was empty";
+    if ($_SERVER["REQUEST_METHOD"] == "POST") {
+      // fetch data from the form
+      if(!isset($_POST['email']) or !isset($_POST['password'])){
+        echo "One of the forms was empty";
+      } else {
+        $email = $_POST['email'];
+        $pwd = $_POST['password'];
+        $u = $db->get(User::class, $email);
+        
+        if($u->pwd == $pwd){//password_verify($pwd, $u->pwd)
+          session_start();
+          $_SESSION['email'] = $u->email;
+          $_SESSION['first_name'] = $u->fname;
+          $_SESSION['last_name'] = $u->lname;
+          $p = $db->get(Permission::class, $email);
+          
+          header('Location: dashboard.php');
         }
-
-        // create, prepare sql statement and execute sql statement
-        $sql = "select m.email, m.wachtwoord, pm.permissie_id, pm.permissie_naam
-                from medewerkers m
-                join medewerkers_permissie mp on mp.email = m.email
-                join permissie pm on pm.permissie_id = mp.permissie_id
-                where m.email = ?";
-        $stmt= $conn->prepare($sql);
-        $stmt->bind_param("s", $email);
-        $stmt->execute();
-        $result = $stmt->get_result();
-
-        // verification logic and $_SESSION start
-        if(count($row = $result->fetch_assoc()) > 0){
-          if($email == $row['email'] && password_verify($pwd, $row['wachtwoord'])) {
-            session_start();
-            $_SESSION['email'] = $row['email'];
-            mysqli_data_seek($result, 0);
-            $permissions = array();
-            $permissions_names = array();
-            while($row = mysqli_fetch_assoc($result)){
-              array_push($permissions, $row['permissie_id']);
-              array_push($permissions_names, $row['permissie_naam']);
-            }
-            $_SESSION['permissions'] = $permissions;
-            $_SESSION['permissions_names'] = $permissions_names;          
-            foreach($_SESSION['permissions'] as $bullshit){
-              echo $bullshit . "<br>"; 
-           }
-            header('Location: dashboard.php');
-          } else {
-            echo '<p style="color:red">Invalid username or password.</p>';
-          }
-        } else {
-          echo '<p style="color:red">Invalid username or password.</p>';
-        } 
       }
+    }
+      
+      
       ?>
    </body>
 </html>
 \ No newline at end of file
diff --git a/navbar.php b/navbar.php
@@ -0,0 +1,78 @@
+<?php
+    session_start();
+    if(!isset($_SESSION['email'])){
+        header('Location: login.php');
+        exit;
+    }
+    // Get the permission level of the user
+    $permission_levels= $_SESSION['permissions'];
+
+    // Assume $permission_levels is an array containing the user's permission levels
+
+    $links = array();
+
+    // Define the links for each type of employee
+    if (in_array(1, $permission_levels)) {
+        // Admin links
+        $admin_links = array(
+            array('url' => '/crud_user.php', 'title' => 'Add User'),
+            array('url' => '/searchuser.php', 'title' => 'Search for user'),
+            array('url' => '/alteruser.php', 'title' => 'Alter user')
+        );
+        $links[] = array('name' => 'Admin', 'links' => $admin_links);
+    }
+
+    if (in_array(2, $permission_levels)) {
+        // Administrative employee links
+        $admin_employee_links = array(
+            array('url' => 'admin_employee_page_1.php', 'title' => 'Admin Employee Page 1'),
+            array('url' => 'admin_employee_page_2.php', 'title' => 'Admin Employee Page 2'),
+            array('url' => 'admin_employee_page_3.php', 'title' => 'Admin Employee Page 3')
+        );
+        $links[] = array('name' => 'Administrative Employee', 'links' => $admin_employee_links);
+    }
+
+    if (in_array(3, $permission_levels)) {
+        // Scientific employee links
+        $scientific_employee_links = array(
+            array('url' => 'scientific_employee_page_1.php', 'title' => 'Scientific Employee Page 1'),
+            array('url' => 'scientific_employee_page_2.php', 'title' => 'Scientific Employee Page 2'),
+            array('url' => 'scientific_employee_page_3.php', 'title' => 'Scientific Employee Page 3')
+        );
+        $links[] = array('name' => 'Scientific Employee', 'links' => $scientific_employee_links);
+    }
+
+    if (empty($links)) {
+        // Guest links
+        $guest_links = array(
+            array('url' => 'guest_page_1.php', 'title' => 'Guest Page 1')
+        );
+        $links[] = array('name' => 'Guest', 'links' => $guest_links);
+    }
+?>
+
+<nav class="navbar navbar-expand-lg navbar-light bg-light">
+    <a class="navbar-brand" href="#">Dashboard</a>
+    <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown" aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
+        <span class="navbar-toggler-icon"></span>
+    </button>
+    <div class="collapse navbar-collapse" id="navbarNavDropdown">
+        <ul class="navbar-nav">
+            <?php foreach($links as $employee_links) { ?>
+                <li class="nav-item dropdown">
+                    <a class="nav-link dropdown-toggle" href="#" id="navbarDropdownMenuLink<?php echo $employee_links['name']; ?>" role="button" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                        <?php echo $employee_links['name']; ?>
+                    </a>
+                    <ul class="dropdown-menu" aria-labelledby="navbarDropdownMenuLink<?php echo $employee_links['name']; ?>">
+                        <?php foreach ($employee_links['links'] as $link) { ?>
+                            <li><a class="dropdown-item" href="<?php echo $link['url']; ?>"><?php echo $link['title']; ?></a></li>
+                        <?php } ?>
+                    </ul>
+                </li>
+            <?php } ?>
+        </ul>
+    </div>
+</nav>
+<script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/@popperjs/[email protected]/dist/umd/popper.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js"></script>
+\ No newline at end of file
diff --git a/test_orm.php b/test_orm.php
@@ -5,7 +5,9 @@ include "autoloader.php";
 $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
 
 $u = $db->get(User::class, "[email protected]");
+$p = $db->get(Permission::class, "[email protected]");
 
+echo $p->id;
 echo $u->fname;
 
 $u->fname = "Harald";

A	backup.php	\|	28	++++++++++++++++++++++++++++
A	classes/Permission.php	\|	15	+++++++++++++++
A	dashboard.php	\|	22	++++++++++++++++++++++
M	login.php	\|	75	++++++++++++++++++++++-----------------------------------------------------
A	navbar.php	\|	79	+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M	test_orm.php	\|	2	++

	lollipop A PHP-framework
	Log \| Files \| Refs