commit 5ea97dd0ca04b95e3ab8c9a7e47935904cb36351
parent 2b967ecdce67fd739be37890a1992c0abdd926b6
Author: Friedel Schön <[email protected]>
Date: Sat, 24 Jun 2023 15:15:49 +0200
Merge branch 'master' of https://github.com/friedelschoen/lollipop
Diffstat:
13 files changed, 170 insertions(+), 65 deletions(-)
diff --git a/Controller/Templates.php b/Controller/Templates.php
@@ -46,6 +46,40 @@ namespace Controller{
return $form;
}
+ function form_v2(string $action, array $values = [], array $extra = [], array $response = []): string{
+
+ /*auto-increment fields are automatically hidden*/
+ $form = '<h1>Add '. $this->table->get_table() .'</h1>
+ <a href="/'. $this->table->get_table() .'">New</a>';
+ $form .= '<form method="POST" action="'. $action . '">';
+ foreach($this->table->get_col_info() as $col => $info){
+ if($info["extra"] == "auto_increment"){
+ $form .= '<input type="hidden" name="' . $col . '" placeholder="' . $col . '" value="' . $values[$col] . '">';
+ }elseif($info["extra"] == "password"){
+ $form .= '<input type="password" name="' . $col . '" placeholder="' . $col . '">';
+ }else{
+ $form .= '<input type="'. $info["input_type"] .'" name="' . $col . '" placeholder="' . $col . '" value="' . $values[$col] . '">';
+ }
+ $miss_key = 'missing_'.$col;
+ if(array_key_exists($miss_key, $response)){
+ $form .= '<div class="form-response"><p style="color:red;"> col: '. $col . ' cannot be empty</p></div>';
+ }
+ }
+ foreach($extra as $html){
+ $form.= $html;
+ }
+ if(sizeof($values) == 0){
+ $form_type = "Add";
+ }else{
+ $form_type = "Update";
+ }
+ $form .= '<input type="hidden" name="form_type" " value="' . $form_type . '">';
+ $form .='
+ <input type="submit" value="'. $form_type .'">
+ </form>';
+ return $form;
+ }
+
function search_form(string $action):string{
return '
<form method="POST" action="'. $action . '">
@@ -54,13 +88,17 @@ namespace Controller{
</form>';
}
- public function crud_table(string $action, string $search = "", string $search_key):string{
+ public function crud_table(string $action, string $search = "", string $search_key, \Model\PermissionUser $permissionUser = null):string{
$search = '%' . $search . '%';
$table = "<table> <thead> <tr>";
foreach($this->table->get_column_names() as $column){
$table .= "<th>$column</th>";
}
- $table .= "<th>Alter</th> <th>Delete</th> </tr> </thead>";
+ $table .= "<th>Alter</th> <th>Delete</th>";
+ if($permissionUser != null){
+ $table .= "<th>Permissions</th>";
+ }
+ $table .= "</tr> </thead>";
$objs = $this->db->all_where($this->table_name, [$search_key => $search]);
$table .= "<tbody>";
@@ -73,10 +111,13 @@ namespace Controller{
$table .= '
<td>
<a class="edit" href="' . $action . '/'. $obj->{$this->table->get_primary()} .'/edit/";>Edit</a>
+ </td>
<td>
<a class="delete" href="' . $action . '/'. $obj->{$this->table->get_primary()} .'/delete/">Delete</a>
</td>
- </tr>';
+ <td>';
+
+ $table .= '</td> </tr>';
}
$table .= "
diff --git a/Lollipop/DatabaseObject.php b/Lollipop/DatabaseObject.php
@@ -171,30 +171,25 @@ namespace Lollipop {
}
public function notNullable(){
//non-auto-increment not-nullable collumn names query
- $not_null = [];
$col_names = [];
- $sql = " SELECT column_name, is_nullable, extra
+ $sql = " SELECT column_name, is_nullable
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_NAME = '{$this->table}'
- AND TABLE_SCHEMA = 'lollipop'";
+ AND TABLE_SCHEMA = '{$this->schema}'";
$stmt = $this->db->conn->prepare($sql);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows == 0) {
- return false;
+ return [];
}
while($tmp = $result->fetch_assoc()){
if($tmp["is_nullable"] == 'NO'){
- if($tmp["extra"] == "auto_increment")
- continue;
- $not_null[] = $tmp["column_name"];
+ if(!$tmp["extra"] == "auto_increment")
+ $col_names[] = $tmp["column_name"];
}
- $col_names[] = $tmp["column_name"];
}
- $this->not_nullable = $not_null;
- $this->column_names = $col_names;
- return true;
+ return $col_names;
}
public function get_column_names():array{
$column_names = [];
@@ -252,5 +247,35 @@ namespace Lollipop {
}
return $column_names;
}
+ public function get_col_info():array{
+ $column_names = [];
+ $sql = " SELECT column_name, extra, data_type
+ FROM INFORMATION_SCHEMA.COLUMNS
+ WHERE TABLE_NAME = '$this->table'
+ AND TABLE_SCHEMA = '$this->schema'";
+ $stmt = $this->db->conn->prepare($sql);
+ $stmt->execute();
+ $result = $stmt->get_result();
+
+ if ($result->num_rows == 0) {
+ return [];
+ }
+ while($tmp = $result->fetch_assoc()){
+ if(str_contains($tmp['data_type'], "varchar") || str_contains($tmp['data_type'], "text")){
+ $column_names[$tmp["column_name"]]["input_type"] = "text";
+ }elseif(str_contains($tmp['data_type'], "date")){
+ $column_names[$tmp["column_name"]]["input_type"] = "date";
+ }elseif(str_contains($tmp['data_type'], "int")){
+ $column_names[$tmp["column_name"]]["input_type"] = "number";
+ }
+ if(str_contains($tmp['extra'], "auto_increment")){
+ $column_names[$tmp["column_name"]]['extra'] = "auto_increment";
+ }
+ if(str_contains($tmp['column_name'], "password")){
+ $column_names[$tmp["column_name"]]['extra'] = "password";
+ }
+ }
+ return $column_names;
+ }
}
}
\ No newline at end of file
diff --git a/Lollipop/Utils.php b/Lollipop/Utils.php
@@ -9,10 +9,10 @@ namespace Lollipop{
return $arr;
}
- static function missing_fields($post, $not_nullable){
+ static function missing_fields($not_nullable){
$missing = [];
foreach($not_nullable as $column){
- if($post[$column] == NULL || $post[$column] == ""){
+ if($_POST[$column] == NULL || $_POST[$column] == ""){
$key = 'missing_' . $column;
$missing[$key] = "This field cannot be empty!";
}
diff --git a/Model/Course.php b/Model/Course.php
@@ -1,6 +1,7 @@
<?php
namespace Model {
+use Lollipop\Utils;
class Course extends \Lollipop\DatabaseObject
{
static function get_table(): string
@@ -19,20 +20,29 @@ namespace Model {
}
public function add_course():bool{
- foreach($_POST as $key => $post){
- if(in_array($key, $this->get_col_names_no_ai())){
- $this->{$key} = $post;
+ $missing_fields = Utils::missing_fields($this->notNullable());
+ if(sizeof($missing_fields) == 0){
+ foreach($_POST as $key => $post){
+ if(in_array($key, $this->get_col_names_no_ai())){
+ $this->{$key} = $post;
+ }
}
+ return $this->add();
}
- return $this->add();
+ return false;
}
public function update_course():bool{
- foreach($_POST as $key => $post){
- if(in_array($key, $this->get_column_names())){
- $this->{$key} = $post;
+ $missing_fields = Utils::missing_fields($this->notNullable());
+ if(sizeof($missing_fields) == 0){
+ foreach($_POST as $key => $post){
+ if(in_array($key, $this->get_column_names())){
+ $this->{$key} = $post;
+ }
}
+ return $this->save();
}
- return $this->save();
+ return false;
}
+
}
}
\ No newline at end of file
diff --git a/Model/Permission.php b/Model/Permission.php
@@ -16,7 +16,7 @@ namespace Model {
{
return "lollipop";
}
- function all_fields(): string{
+ function get_checkboxes(): string{
$all_permissions = $this->db->all($this::class);
$html = "";
foreach($all_permissions as $permission){
diff --git a/Model/PermissionUser.php b/Model/PermissionUser.php
@@ -15,15 +15,21 @@ namespace Model {
{
return "lollipop";
}
- public function add_permissions(User $user):array{
+ public function add_permissions(User $user):bool{
if(array_key_exists('permissions', $_POST)){
foreach($_POST['permissions'] as $permission){
$this->{$user->get_primary()} = $user->{$user->get_primary()};
$this->id = $permission;
$this->add();
}
+ return true;
}
- return [];
+ return false;
+ }
+ public function update_permissions(User $user):array{
+
+
+ return $this->db->all_where($this->get_table(), ["email", $_POST["email"]]);
}
}
}
\ No newline at end of file
diff --git a/Model/User.php b/Model/User.php
@@ -45,12 +45,11 @@ namespace Model {
function login():array{
$post_arr = \Lollipop\Utils::post_to_array();
- $missing_fields = \Lollipop\Utils::missing_fields($post_arr , [$this->get_primary(), $this->get_password_field()]);
- if(sizeof($missing_fields) == 0){
+ if([$this->get_primary() != "" && !$this->get_password_field() == ""]){
return $this->authenticate($post_arr);
}else{
- return ["response" => "missing fields"];
+ return ["response" => ""];
}
}
function authenticate(array $post) : array
@@ -83,7 +82,7 @@ namespace Model {
}
}
//get permissions form db and set sessions_permissions
- $p = $this->db->all_where(Permission_user::class, [$this->get_primary(), $this->{$this->get_primary()}]);
+ $p = $this->db->all_where(PermissionUser::class, [$this->get_primary(), $this->{$this->get_primary()}]);
foreach($p as $permission){
$user_permissions[] = $permission->id;
}
@@ -92,7 +91,7 @@ namespace Model {
function add_user():array{
$post_arr = \Lollipop\Utils::post_to_array();
- $missing_fields = \Lollipop\Utils::missing_fields($post_arr , $this->not_nullable);
+ $missing_fields = \Lollipop\Utils::missing_fields($this->notNullable());
if(sizeof($missing_fields) == 0){
return $this->add_data_db($post_arr);
@@ -111,7 +110,7 @@ namespace Model {
if($post_arr[$this->get_password_field()]){
$post_arr[$this->get_password_field()] = password_hash($post_arr[$this->get_password_field()], PASSWORD_DEFAULT);
}
- foreach($this->column_names as $col){
+ foreach($this->get_col_names_no_ai() as $col){
if($post_arr[$col] != ""){
$this->$col = $post_arr[$col];
$user_credentials[$col] = $post_arr[$col];
diff --git a/index.php b/index.php
@@ -36,6 +36,8 @@ $router->addRoute(["GET"], "/user/:primary_key/edit", $user_edit);
$router->addRoute(["GET"], "/user/:primary_key/delete", $user_delete);
+$router->addRoute(["GET"], "/user/:primary_key/page", $user_page);
+
$router->addRoute(["POST"], "/logout", $logout);
$router->addRoute(["GET"], "/course", $course_get);
diff --git a/routing/course.php b/routing/course.php
@@ -1,5 +1,4 @@
<?php
-
$course_get = function(&$vars){
global $db;
$course = $db->get(Model\Course::class);
@@ -9,7 +8,7 @@ $course_get = function(&$vars){
$course->load($_POST["search"]);
$data = $course->getData();
}
- $vars["form"] = $templates->form("/course");
+ $vars["form"] = $templates->form_v2("/course");
$vars["search"] = $templates->search_form("/course/search");
$vars["table"] = $templates->crud_table("/course", "" ,"name");
return "views/course.html";
@@ -22,14 +21,19 @@ $course_post = function(&$vars){
$data = [];
if(isset($_POST["form_type"])){
- if($_POST["form_type"] == 'Add')
- $course->add_course();
- elseif($_POST["form_type"] == 'Update'){
- $course->update_course();
+ if($_POST["form_type"] == 'Add'){
+ if($course->add_course()){
+ $vars["response"] = 'succesfully added: ' . $_POST["name"];
+ }
+ } elseif($_POST["form_type"] == 'Update'){
+ if($course->update_course()){
+ $vars["response"] = 'succesfully updated: ' . $_POST["name"];
+ }
}
}
+
- $vars["form"] = $templates->form("/course", $data);
+ $vars["form"] = $templates->form_v2("/course", $data);
$vars["search"] = $templates->search_form("/course");
$vars["table"] = $templates->crud_table("/course", "", "name");
return "views/course.html";
@@ -38,8 +42,8 @@ $course_post = function(&$vars){
$course_query = function(&$vars){
global $db;
$course = $db->get(Model\Course::class);
- $templates = new Controller\Templates($db, $course);
- $vars["form"] = $templates->form("/course");
+ $templates = new controller\templates($db, $course);
+ $vars["form"] = $templates->form_v2("/course");
$vars["search"] = $templates->search_form("/course/search");
$vars["table"] = $templates->crud_table("/course", $vars["search_query"], "name");
return "views/course.html";
@@ -69,7 +73,7 @@ $course_edit = function(&$vars){
foreach($course->getData() as $key => $col){
$data[$key] = $col;
}
- $vars["form"] = $templates->form("/course", $data);
+ $vars["form"] = $templates->form_v2("/course", $data);
$vars["search"] = $templates->search_form("/course/search");
$vars["table"] = $templates->crud_table("/course", "", "name");
return "views/course.html";
@@ -81,7 +85,7 @@ $course_delete = function(&$vars){
$templates = new Controller\Templates($db, $course);
$course->load($vars["primary_key"]);
$course->delete();
- $vars["form"] = $templates->form("/course");
+ $vars["form"] = $templates->form_v2("/course");
$vars["search"] = $templates->search_form("/course");
$vars["table"] = $templates->crud_table("/course" ,"", "name");
return "views/course.html";
diff --git a/routing/user.php b/routing/user.php
@@ -1,35 +1,43 @@
<?php
-
$user_get = function(&$vars){
global $db;
$user = $db->get(Model\User::class);
- $templates = new Controller\Templates($db, $user);
+ $permissions = $db->get(Model\Permission::class);
+ $permissionUser = $db->get(Model\PermissionUser::class);
+ $templates = new controller\templates($db, $user);
if(isset($_POST["search"])){
$user->load($_POST["search"]);
$data = $user->getData();
}
- $vars["form"] = $templates->form("/user");
+ $vars["form"] = $templates->form_v2("/user", [], ["checkboxes" => $permissions->get_checkboxes()]);
$vars["search"] = $templates->search_form("/user/search");
- $vars["table"] = $templates->crud_table("/user", "" ,"email");
+ $vars["table"] = $templates->crud_table("/user", "" ,"email", $permissionUser);
return "views/user.html";
};
$user_post = function(&$vars){
global $db;
$user = $db->get(Model\User::class);
- $templates = new Controller\Templates($db, $user);
+ $permissions = $db->get(Model\Permission::class);
+ $permission_user = $db->get(Model\PermissionUser::class);
+ $templates = new controller\templates($db, $user);
$data = [];
if(isset($_POST["form_type"])){
- if($_POST["form_type"] == 'Add')
- $user->add_user();
- elseif($_POST["form_type"] == 'Update'){
- $user->update_user();
+ if($_POST["form_type"] == 'Add'){
+ if($user->add_user() && $permission_user->add_permissions($user)){
+ $vars["response"] = 'succesfully added: ' . $_POST["email"];
+ }
+ } elseif($_POST["form_type"] == 'Update'){
+ if($user->update_user()){
+ $vars["response"] = 'succesfully updated: ' . $_POST["email"];
+ }
}
}
+
- $vars["form"] = $templates->form("/user", $data);
+ $vars["form"] = $templates->form_v2("/user", $data, ["checkboxes" => $permissions->get_checkboxes()]);
$vars["search"] = $templates->search_form("/user");
$vars["table"] = $templates->crud_table("/user", "", "email");
return "views/user.html";
@@ -38,8 +46,9 @@ $user_post = function(&$vars){
$user_query = function(&$vars){
global $db;
$user = $db->get(Model\User::class);
- $templates = new Controller\Templates($db, $user);
- $vars["form"] = $templates->form("/user");
+ $permissions = $db->get(Model\Permission::class);
+ $templates = new controller\templates($db, $user);
+ $vars["form"] = $templates->form_v2("/user", [], ["checkboxes" => $permissions->get_checkboxes()]);
$vars["search"] = $templates->search_form("/user/search");
$vars["table"] = $templates->crud_table("/user", $vars["search_query"], "email");
return "views/user.html";
@@ -63,13 +72,14 @@ $user_search = function(&$vars){
$user_edit = function(&$vars){
global $db;
$user = $db->get(Model\User::class);
- $templates = new Controller\Templates($db, $user);
+ $permissions = $db->get(Model\Permission::class);
+ $templates = new controller\templates($db, $user);
$data = [];
$user->load($vars["primary_key"]);
foreach($user->getData() as $key => $col){
$data[$key] = $col;
}
- $vars["form"] = $templates->form("/user", $data);
+ $vars["form"] = $templates->form_v2("/user", $data, ["checkboxes" => $permissions->get_checkboxes()]);
$vars["search"] = $templates->search_form("/user/search");
$vars["table"] = $templates->crud_table("/user", "", "email");
return "views/user.html";
@@ -78,11 +88,21 @@ $user_edit = function(&$vars){
$user_delete = function(&$vars){
global $db;
$user = $db->get(Model\User::class);
- $templates = new Controller\Templates($db, $user);
+ $permissions = $db->get(Model\Permission::class);
+ $templates = new controller\templates($db, $user);
$user->load($vars["primary_key"]);
$user->delete();
- $vars["form"] = $templates->form("/user");
+ $vars["form"] = $templates->form_v2("/user", [], ["checkboxes" => $permissions->get_checkboxes()]);
$vars["search"] = $templates->search_form("/user");
- $vars["table"] = $templates->crud_table("/user" ,"", "email");
+ $vars["table"] = $templates->crud_table("/user" ,"", "email");
return "views/user.html";
};
+
+$user_page = function(&$vars){
+ global $db;
+ $user = $db->get(Model\User::class);
+ $permissions = $db->get(Model\Permission::class);
+ $templates = new controller\templates($db, $user);
+
+ return "views/user_page.html";
+};
+\ No newline at end of file
diff --git a/views/course.html b/views/course.html
@@ -10,9 +10,8 @@
<div class="flex_container">
<div class ="side_bar">
<div class ="form_add">
- <h1>Add Course</h1>
- <a href="/course">New</a>
{{$form}}
+ {{$response}}
</div>
</div>
<div class = "courses">
diff --git a/views/user.html b/views/user.html
@@ -10,8 +10,6 @@
<div class="flex_container">
<div class ="side_bar">
<div class ="form_add">
- <h1>Add Course</h1>
- <a href="/course">New</a>
{{$form}}
</div>
</div>
diff --git a/views/user_page.html b/views/user_page.html
