commit 80ab285f91c59627915ccfc7cc6b32bb000e50ce
parent e9908cbf92e6f0620c6ab4004386cfe2ebefeb7a
Author: Friedel Schon <[email protected]>
Date: Sun, 16 Apr 2023 23:35:29 +0200
some changes
Diffstat:
28 files changed, 953 insertions(+), 867 deletions(-)
diff --git a/Lollipop/DatabaseObject.php b/Lollipop/DatabaseObject.php
@@ -5,9 +5,6 @@ namespace Lollipop {
abstract class DatabaseObject
{
- protected string $table;
- protected string $primary;
-
protected SQLDatabase $db;
protected array $data = [];
protected array $changed_keys = [];
@@ -15,12 +12,10 @@ namespace Lollipop {
function __construct(SQLDatabase $db)
{
$this->db = $db;
- $this->primary = $this->get_primary();
- $this->table = $this->get_table();
}
- abstract static function get_primary(): string;
- abstract static function get_table(): string;
+ public abstract static function get_primary(): string;
+ public abstract static function get_table(): string;
public function setData($data)
{
@@ -38,7 +33,7 @@ namespace Lollipop {
*/
public function load(string $id): bool
{
- $sql = "SELECT * FROM {$this->table} WHERE {$this->primary} = ?";
+ $sql = "SELECT * FROM {$this->get_table()} WHERE {$this->get_primary()} = ?";
$stmt = $this->db->conn->prepare($sql);
$stmt->execute([$id]);
@@ -57,7 +52,7 @@ namespace Lollipop {
if (!$this->changed_keys)
return;
- $sql = "UPDATE {$this->table} SET ";
+ $sql = "UPDATE {$this->get_table()} SET ";
$values = [];
foreach ($this->changed_keys as $index => $key) {
@@ -67,8 +62,8 @@ namespace Lollipop {
$values[] = $this->data[$key];
}
- $sql .= " WHERE {$this->primary} = ?";
- $values[] = $this->data[$this->primary];
+ $sql .= " WHERE {$this->get_primary()} = ?";
+ $values[] = $this->data[$this->get_primary()];
$stmt = $this->db->conn->prepare($sql);
$stmt->execute($values);
@@ -76,41 +71,28 @@ namespace Lollipop {
$this->changed_keys = [];
}
- /** this function add the set variables to the database */
- public function add(): bool
+ public function delete()
{
- if (!$this->changed_keys)
- return false;
-
- $sql = "INSERT INTO {$this->table} (";
- $sql_val = ") VALUES (";
- $values = [];
+ $sql = "DELETE FROM {$this->get_table()} WHERE";
- foreach ($this->changed_keys as $index => $key) {
- if ($index > 0) {
- $sql .= ', ';
- $sql_val .= ', ';
+ $i = 0;
+ foreach ($this->data as $key => $value) {
+ if ($i > 0) {
+ $sql .= ' AND ';
}
- $sql .= $key;
- $sql_val .= "?";
- $values[] = $this->data[$key];
+ $sql .= " $key = ?";
+ $i++;
}
- $sql .= $sql_val . ")";
$stmt = $this->db->conn->prepare($sql);
+ $stmt->execute(array_values($this->data));
+ $result = $stmt->get_result();
+
+ if (!$result || $result->num_rows == 0) {
+ return [];
+ }
- $this->changed_keys = [];
- if ($stmt->execute($values))
- return true;
- else
- return false;
- }
- public function delete()
- {
- $sql = "DELETE FROM {$this->table} WHERE {$this->primary} = ?";
- $stmt = $this->db->conn->prepare($sql);
- $stmt->execute([$this->data[$this->primary]]);
$this->data = [];
$this->changed_keys = [];
}
@@ -129,7 +111,7 @@ namespace Lollipop {
function insert(): bool
{
//first check if this primary key exists
- $sql = "SELECT {$this->primary} FROM {$this->table} WHERE {$this->primary} = ?";
+ $sql = "SELECT {$this->get_primary()} FROM {$this->get_table()} WHERE {$this->get_primary()} = ?";
$stmt = $this->db->conn->prepare($sql);
$stmt->bind_param('s', $this->data['email']);
$stmt->execute();
@@ -139,9 +121,9 @@ namespace Lollipop {
//if this primay key does not exist add the data
$keys = implode(", ", array_keys($this->data));
- $values = implode(", ", array_fill(0, sizeof($this->data), '?'));
+ $values = implode(", ", array_fill(0, count($this->data), '?'));
- $sql = "INSERT INTO {$this->table} ({$keys}) VALUES ({$values})";
+ $sql = "INSERT INTO {$this->get_table()} ({$keys}) VALUES ({$values})";
$stmt = $this->db->conn->prepare($sql);
$stmt->execute(array_values($this->data));
diff --git a/Lollipop/Router.php b/Lollipop/Router.php
@@ -26,8 +26,12 @@ namespace Lollipop {
}
- function addRoute(string $method, string $match, callable $func)
+ function addRoute(string|array $method, string $match, string|callable $func)
{
+ if (is_string($method))
+ $method = [$method];
+
+
$this->routes[] = array(
"method" => $method,
"match" => $match,
@@ -35,22 +39,35 @@ namespace Lollipop {
);
}
+ function includeRoute(string $path, array $_PARAM)
+ {
+ include $path;
+ }
+
function route(string $base = null)
{
$this->path = $_SERVER["REQUEST_URI"];
+ if (strpos($this->path, '?'))
+ $this->path = explode('?', $this->path)[0];
+
if ($base && strpos($this->path, $base))
$this->path = explode($base, $this->path)[1];
$method = $_SERVER["REQUEST_METHOD"];
foreach ($this->routes as $route) {
- if ($route["method"] != null && $route["method"] != $method)
+ if ($route["method"] != null && !in_array($method, $route["method"]))
continue;
$vars = [];
- if ($this->match($route["match"], $vars))
- return $route["func"]($vars);
+ if ($this->match($route["match"], $vars)) {
+ if (is_callable($route["func"])) {
+ return $route["func"]($vars);
+ } else {
+ return $this->includeRoute($route["func"], $vars);
+ }
+ }
}
echo "404 '$this->path' not found!";
diff --git a/Lollipop/SQLDatabase.php b/Lollipop/SQLDatabase.php
@@ -25,9 +25,10 @@ namespace Lollipop {
{
$cls = new $table_class($this);
- $sql = "SELECT * FROM {$cls->table}";
+ $sql = "SELECT * FROM {$cls->get_table()}";
$stmt = $this->conn->prepare($sql);
+ $stmt->execute();
$result = $stmt->get_result();
if (!$result || $result->num_rows == 0) {
@@ -50,7 +51,7 @@ namespace Lollipop {
if (!sizeof($vars))
return [];
- $sql = "SELECT * FROM {$cls->table} WHERE ";
+ $sql = "SELECT * FROM {$cls->get_table()} WHERE";
$i = 0;
foreach ($vars as $key => $value) {
diff --git a/Model/Course.php b/Model/Course.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace Model {
+ class Course extends \Lollipop\DatabaseObject
+ {
+ static function get_table(): string
+ {
+ return "course";
+ }
+
+ static function get_primary(): string
+ {
+ return "id";
+ }
+ }
+}
+\ No newline at end of file
diff --git a/Model/CourseUser.php b/Model/CourseUser.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace Model {
+ class CourseUser extends \Lollipop\DatabaseObject
+ {
+ static function get_table(): string
+ {
+ return "user_course";
+ }
+
+ static function get_primary(): string
+ {
+ return "id";
+ }
+ }
+}
+\ No newline at end of file
diff --git a/Model/Exam.php b/Model/Exam.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace Model {
+ class User extends \Lollipop\DatabaseObject
+ {
+ static function get_table(): string
+ {
+ return "exam";
+ }
+
+ static function get_primary(): string
+ {
+ return "id";
+ }
+ }
+}
+\ No newline at end of file
diff --git a/Model/PermissionUser.php b/Model/PermissionUser.php
@@ -0,0 +1,15 @@
+<?php
+namespace Model {
+ class PermissionUser extends \Lollipop\DatabaseObject
+ {
+ static function get_table(): string
+ {
+ return "permission_user";
+ }
+
+ static function get_primary(): string
+ {
+ return 'id';
+ }
+ }
+}
+\ No newline at end of file
diff --git a/Model/Permission_user.php b/Model/Permission_user.php
@@ -1,15 +0,0 @@
-<?php
-namespace Model {
- class PermissionUser extends \Lollipop\DatabaseObject
- {
- static function get_table(): string
- {
- return "permission_user";
- }
-
- static function get_primary(): string
- {
- return null;
- }
- }
-}
-\ No newline at end of file
diff --git a/README.md b/README.md
@@ -1,3 +1,9 @@
# `LOLLIPOP.php`
> Lollipop is een PHP component-system :lollipop:
+
+ADMIN PASSWORD IS:
+
+| user | password |
+| -------------- | -------- |
+| `[email protected]` | `test` |
diff --git a/add_user.php b/add_user.php
@@ -1,146 +0,0 @@
-<!DOCTYPE html>
-<html lang="eng">
-
-<head>
- <title>Add user</title>
- <!-- Bootstrap CSS -->
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
-</head>
-<?php
-include "navbar.php";
-include "utils/autoloader.php";
-if (!in_array(0, $_SESSION['permissions'])) {
- header('Location: dashboard.php');
- exit;
-}
-$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
-//select the available permissions from the database
-$all_p = $db->all(Permissions::class);
-$available_permissions = [];
-foreach ($all_p as $tmp) {
- $available_permissions[] = ['id' => $tmp->id, 'name' => $tmp->name];
-}
-?>
-
-<body>
- <div class="container">
- <h1>Add user</h1>
-
- <form action="add_user.php" method="post">
- <div class="mb-3">
- <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
- <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
- </div>
- <div class="mb-3">
- <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
- <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
- </div>
- <div class="mb-3">
- <label for="email" class="form-label"><b>Email:</b></label>
- <input type="text" class="form-control" name="email" id="email" placeholder="Email">
- </div>
- <div class="mb-3">
- <label for="password" class="form-label"><b>Wachtwoord:</b></label>
- <input type="password" class="form-control" name="password" id="password" placeholder="******">
- </div>
- <p>Please select the user permissions:</p>
- <?php
- foreach ($available_permissions as $db_permission) {
- echo "<div class=\"mb-3 form-check\">
- <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission['id'] . "\">
- <label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>
- </div>";
- }
- ?>
- <button type="submit" class="btn btn-primary" name="submit">Add user</button>
- </form>
- </div>
- <?php
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- $errors = array(); // initialize an empty array to store errors
-
- // Check if voornaam is set and not empty
- if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
- $fname = $_POST['voornaam'];
- } else {
- $errors[] = "Voornaam is required";
- }
-
- // Check if achternaam is set and not empty
- if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
- $lname = $_POST['achternaam'];
- } else {
- $errors[] = "Achternaam is required";
- }
-
- // Check if email is set and not empty
- if (isset($_POST['email']) && !empty($_POST['email'])) {
- $email = $_POST['email'];
- } else {
- $errors[] = "E-mail is required";
- }
-
- // Check if password is set and not empty
- if (isset($_POST['password']) && !empty($_POST['password'])) {
- $password = $_POST['password'];
- } else {
- $errors[] = "Wachtwoord is required";
- }
-
- // Check if permissions is set
- if (isset($_POST['permissions'])) {
- $permissions = $_POST['permissions'];
- } else {
- $errors[] = "Permissies zijn vereist";
- }
-
- // Check if there are any errors
- if (count($errors) > 0) {
- // Print out the errors
- foreach ($errors as $error) {
- echo $error . "<br>";
- }
- } else {
- // Pass the password through a hashing function
- $hashed_pwd = password_hash($password, PASSWORD_DEFAULT);
-
- //create a database object with table user
- $u = $db->get(User::class);
-
- //check if email already exists
- if ($u->load($email)) {
- echo "this email address is taken: " . $email;
- } else {
- $succes = false;
- //set new user data
- $u->email = $email;
- $u->fname = $fname;
- $u->lname = $lname;
- $u->pwd = $hashed_pwd;
-
- //add user with the add function
- if ($u->add()) {
- $succes = true;
- }
- ;
-
- //create a database object with table permission for each permission
- //set the data and execute the add function
- foreach ($permissions as $permission) {
- $p = $db->get(Permission_user::class);
- $p->email = $email;
- $p->id = (int) $permission;
- if ($p->add()) {
- $succes = true;
- }
- }
- if ($succes) {
- echo "succes!";
- }
- }
- }
- }
- ?>
-</body>
-
-</html>
-\ No newline at end of file
diff --git a/alter_user.php b/alter_user.php
@@ -1,180 +0,0 @@
-<!DOCTYPE html>
-<html lang="eng">
-
-<head>
- <title>User toevoegen</title>
- <!-- Bootstrap CSS -->
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
-</head>
-<?php
-use Lollipop\DatabaseObject;
-use Lollipop\SQLDatabase;
-
-include "navbar.php";
-include "utils/autoloader.php";
-if (!in_array(0, $_SESSION['permissions'])) {
- header('Location: dashboard.php');
- exit;
-}
-$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
-
-//select the available permissions from the database
-$all_p = $db->all(Permissions::class);
-$available_permissions = [];
-foreach ($all_p as $tmp) {
- $available_permissions[] = ['id' => $tmp->id, 'name' => $tmp->name];
-}
-//if not found set to empty if not GET
-$fname = "";
-$lname = "";
-$email = "";
-$user_permissions = [];
-
-if ($_SERVER["REQUEST_METHOD"] == "GET") {
- //if the get var isset and user is found in the database load data into forms
- if (!isset($_GET['email'])) {
- echo "";
- } else {
- $get_email = $_GET['email'];
- $u = $db->get(User::class);
- if ($u->load($get_email)) {
- $fname = $u->fname;
- $lname = $u->lname;
- $email = $u->email;
- $p = $db->where(Permission_user::class, array('email' => $email));
- foreach ($p as $permission) {
- $user_permissions[] = $permission->id;
- }
- }
- }
-}
-if ($_SERVER["REQUEST_METHOD"] == "POST") {
- $errors = array(); // initialize an empty array to store errors
-
- // Check if voornaam is set and not empty
- if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
- $fname = $_POST['voornaam'];
- } else {
- $errors[] = "Voornaam is required";
- }
-
- // Check if achternaam is set and not empty
- if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
- $lname = $_POST['achternaam'];
- } else {
- $errors[] = "Achternaam is required";
- }
-
- // Check if email is set and not empty
- if (isset($_POST['email']) && !empty($_POST['email'])) {
- $email = $_POST['email'];
- } else {
- $errors[] = "E-mail is required";
- }
-
- // Check if permissions is set
- if (isset($_POST['permissions'])) {
- $permissions = $_POST['permissions'];
- } else {
- $errors[] = "Permissies zijn vereist";
- }
-
- // Check if there are any errors
- if (count($errors) > 0) {
- // Print out the errors
- foreach ($errors as $error) {
- echo $error . "<br>";
- }
- } else {
- //create a database object with table user
- $u = $db->get(User::class);
-
- //check if email already exists
- if (!$u->load($email)) {
- echo "this user does not exist " . $email;
- } else {
- $succes = false;
- //set new user data
- $u->email = $email;
- $u->fname = $fname;
- $u->lname = $lname;
- echo $u->save();
- //add user with the add function
- if (true) {
- $succes = true;
- }
- ;
-
- $p = $db->get(Permission_user::class);
- //delete all permissions
- foreach ($available_permissions as $available) {
- $p->email = $email;
- $p->id = $available['id'];
- $p->delete();
- }
-
- //add permissions
- foreach ($permissions as $keep) {
- $p->email = $email;
- $p->id = (int) $keep;
- $p->add();
- }
- if ($succes) {
- echo "succes!";
- }
- }
- }
- //if the get var isset and user is found in the database load data into forms
- if (!isset($_GET['email'])) {
- echo "";
- } else {
- $get_email = $_GET['email'];
- $u = $db->get(User::class);
- if ($u->load($get_email)) {
- $fname = $u->fname;
- $lname = $u->lname;
- $email = $u->email;
- $p = $db->where(Model\PermissionUser::class, array('email' => $email));
- foreach ($p as $permission) {
- $user_permissions[] = $permission->id;
- }
- }
- }
-}
-?>
-
-<body>
- <div class="container">
- <h1>Alter user</h1>
- <form action="alter_user.php?email=<?php echo $email; ?>" method="post">
- <div class="mb-3">
- <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
- <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam" value=<?php echo $fname ?>>
- </div>
- <div class="mb-3">
- <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
- <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam"
- value=<?php echo $lname ?>>
- </div>
- <div class="mb-3">
- <label for="email" class="form-label"><b>Email:</b></label>
- <input type="text" class="form-control" name="email" id="email" placeholder="Email" value=<?php echo $email ?>>
- </div>
- <p>Please select the user permissions:</p>
- <?php
- foreach ($available_permissions as $db_permission) {
- echo "<div class=\"mb-3 form-check\">" .
- "<input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission['id'] . "\"";
- if ($user_permissions != null && in_array($db_permission['id'], $user_permissions)) {
- echo " checked";
- }
- echo "><label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>" .
- "</div>";
- }
- ?>
- <button type="submit" class="btn btn-primary" name="submit">Alter user</button>
- </form>
- </div>
-</body>
-
-</html>
-\ No newline at end of file
diff --git a/crud_user.php b/crud_user.php
@@ -1,125 +0,0 @@
-<!DOCTYPE html>
-<html lang="nl">
- <head>
- <title>User toevoegen</title>
- <!-- Bootstrap CSS -->
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
- </head>
- <?php
- include "navbar.php";
- include 'utils/autoloader.php';
-
- $permissions = $_SESSION['permissions'];
- if(!isset($_SESSION['email'])){
- if(!in_array(0, $permissions)){
- header('Location: dashboard.php');
- exit;
- }
- }
- ?>
- <body>
- <div class="container">
- <h1>User toevoegen</h1>
-
- <form action="crud_user.php" method="post">
- <div class="mb-3">
- <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
- <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
- </div>
- <div class="mb-3">
- <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
- <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
- </div>
- <div class="mb-3">
- <label for="email" class="form-label"><b>Email:</b></label>
- <input type="text" class="form-control" name="email" id="email" placeholder="Email">
- </div>
- <div class="mb-3">
- <label for="password" class="form-label"><b>Wachtwoord:</b></label>
- <input type="password" class="form-control" name="password" id="password" placeholder="******">
- </div>
- <p>Please select the user permissions:</p>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Admin" name="permissions[]" value="1">
- <label class="form-check-label" for="Admin">Admin</label>
- </div>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Administratief medewerker" name="permissions[]" value="2">
- <label class="form-check-label" for="Administratief medewerker">Administratief medewerker</label>
- </div>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Wetenschappelijk medewerker" name="permissions[]" value="3">
- <label class="form-check-label" for="Wetenschappelijk medewerker">Wetenschappelijk medewerker</label>
- </div>
- <button type="submit" class="btn btn-primary" name="submit">Voeg toe</button>
- </form>
- </div>
- <?php
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
-
- $errors = array(); // initialize an empty array to store errors
-
- // Check if voornaam is set and not empty
- if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
- $fname = $_POST['voornaam'];
- } else {
- $errors[] = "Voornaam is required";
- }
-
- // Check if achternaam is set and not empty
- if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
- $lname = $_POST['achternaam'];
- } else {
- $errors[] = "Achternaam is required";
- }
-
- // Check if email is set and not empty
- if (isset($_POST['email']) && !empty($_POST['email'])) {
- $email = $_POST['email'];
- } else {
- $errors[] = "E-mail is required";
- }
-
- // Check if password is set and not empty
- if (isset($_POST['password']) && !empty($_POST['password'])) {
- $pwd = $_POST['password'];
- } else {
- $errors[] = "Wachtwoord is required";
- }
-
- // Check if permissions is set
- if (isset($_POST['permissions'])) {
- $permissions = $_POST['permissions'];
- } else {
- $errors[] = "Permissies zijn vereist";
- }
-
- // Check if there are any errors
- if (count($errors) > 0) {
- // Print out the errors
- foreach ($errors as $error) {
- echo $error . "<br>";
- }
- } else {
- // Pass the password through a hashing function
- $hashed_pwd = password_hash($pwd, PASSWORD_DEFAULT);
-
- // Making a sql statement to add user to the database, preparing it and excuting
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
-
- $u = $db->get(User::class);
-
- $data = array('email' => $email, 'fname' => $fname, 'lname' => $lname, 'pwd' => $hashed_pwd);
-
- $u->setData($data);
- $bool = $u->insert();
- if(!$bool){
- echo "user already exists";
- }else{
- echo"succes!";
- }
- }
- }
- ?>
- </body>
-</html>
diff --git a/dashboard.php b/dashboard.php
@@ -1,26 +0,0 @@
-<html>
- <head>
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
- </head>
- <?php
- include "navbar.php";
- ?>
- <body>
- <?php
- //echo file_get_contents('http://127.0.0.1/server-status');
- echo "voornaam = ";
- echo $_SESSION['first_name'];
- echo "<br>";
- echo "achternaam = ";
- echo $_SESSION['last_name'];
- echo "<br>";
- echo "email = ";
- echo $_SESSION['email'];
- foreach($_SESSION['permissions'] as $bs){
- echo $bs;
- }
- echo "blablab";
- ?>
- </body>
-
-</html>
diff --git a/hello.php b/hello.php
@@ -0,0 +1 @@
+<?php var_dump($_PARAM);
+\ No newline at end of file
diff --git a/index.php b/index.php
@@ -3,9 +3,14 @@
require_once "utils/autoloader.php";
$router = new Lollipop\Router();
-$router->addRoute("GET", "/hello/:world", function ($vars) {
- echo "hello";
- var_dump($vars);
-});
+$router->addRoute(["GET", "POST"], "/user/:email/update", "views/alter_user.php");
+$router->addRoute(["GET", "POST"], "/user/add", "views/add_user.php");
+$router->addRoute(["GET", "POST"], "/user/:email/crud", "views/crud_user.php");
+$router->addRoute(["GET", "POST"], "/user/search", "views/search_user.php");
+$router->addRoute(["GET", "POST"], "/dashboard", "views/dashboard.php");
+$router->addRoute(["GET", "POST"], "/login", "views/login.php");
+$router->addRoute(["GET", "POST"], "/course/search", "views/search_course.php");
+$router->addRoute(["GET", "POST"], "/course/:enroll/enroll", "views/search_course.php");
+$router->addRoute(["GET", "POST"], "/course/:unsubscribe/unsubscribe", "views/search_course.php");
$router->route();
\ No newline at end of file
diff --git a/login.php b/login.php
@@ -1,92 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <title>Login Page</title>
- <!-- Add the Bootstrap CSS stylesheet -->
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
- integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
- <?php
- include "utils/autoloader.php";
- if (isset($_SESSION['email'])) {
- header('Location: dashboard.php');
- }
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
- ?>
-</head>
-
-<body>
- <div class="container mt-5">
- <div class="row justify-content-center">
- <div class="col-md-6">
- <div class="card">
- <div class="card-header">Login</div>
- <div class="card-body">
- <form method="POST" action="login.php">
- <div class="form-group">
- <label for="email">Email:</label>
- <input type="email" class="form-control" id="email" name="email" placeholder="Enter email">
- </div>
- <div class="form-group">
- <label for="password">Password:</label>
- <input type="password" class="form-control" id="password" name="password" placeholder="Enter password">
- </div>
- <button type="submit" name='login_btn' class="btn btn-primary">Login</button>
- </form>
- </div>
- </div>
- </div>
- </div>
- </div>
- </div>
- <?php
- // check if a post request was sent
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- // fetch data from the form
- if (isset($_POST['login_btn'])) {
- if (!isset($_POST['email']) || !isset($_POST['password'])) {
- echo "One of the forms was empty";
- } else {
- //store data from the form in a variable
- $email = $_POST['email'];
- $pwd = $_POST['password'];
-
- //create a User orm class
- $u = $db->get(Model\User::class);
-
- if (!$u->load($email)) {
- //user incorrect, but to give out as little person info as possible just show either is wrong
- echo "password or user incorrect";
- } else {
- //password verification logic
- if (password_verify($pwd, $u->pwd)) {
- //start session and set session variables
- session_start();
- $_SESSION['email'] = $u->email;
- $_SESSION['first_name'] = $u->fname;
- $_SESSION['last_name'] = $u->lname;
-
- $p = $db->where(Model\PermissionUser::class, array('email' => $email));
- foreach ($p as $permission) {
- $user_permissions[] = $permission->id;
- }
- $_SESSION['user_permissions'] = $user_permissions;
-
- header('Location: dashboard.php');
- } else {
- //password incorrect, but to give out as little person info as possible just show either is wrong
- echo "password or user incorrect";
- }
- }
- }
- $_SESSION['permissions'] = $permissions;
- header('Location: dashboard.php');
- }
- }
-
-
-
- ?>
-</body>
-
-</html>
-\ No newline at end of file
diff --git a/navbar.php b/navbar.php
@@ -1,89 +1,91 @@
<?php
- session_start();
- if(!isset($_SESSION['email'])){
- header('Location: login.php');
- exit;
- }
- // Get the permission level of the user
- $permission_levels= $_SESSION['permissions'];
+session_start();
+if (!isset($_SESSION['email'])) {
+ header('Location: /login');
+ exit;
+}
+// Get the permission level of the user
+$permission_levels = $_SESSION['permissions'];
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- if(isset($_POST['logout'])) {
- echo "This is Button1 that is selected";
- session_abort();
- header('Location: login.php');
- }
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ if (isset($_POST['logout'])) {
+ echo "This is Button1 that is selected";
+ session_abort();
+ header('Location: /login');
}
- // Assume $permission_levels is an array containing the user's permission levels
+}
+// Assume $permission_levels is an array containing the user's permission levels
- $links = array();
+$links = array();
- // Define the links for each type of employee
- if (in_array(0, $permission_levels)) {
- // Admin links
- $admin_links = array(
- array('url' => '/add_user.php', 'title' => 'Add User'),
- array('url' => '/search_user.php', 'title' => 'Search for user'),
- array('url' => '/alter_user.php', 'title' => 'Alter user')
- );
- $links[] = array('name' => 'Admin', 'links' => $admin_links);
- }
+// Define the links for each type of employee
+if (in_array(0, $permission_levels)) {
+ // Admin links
+ $admin_links = array(
+ array('url' => '/user/add', 'title' => 'Add User'),
+ array('url' => '/user/search', 'title' => 'Search for user'),
+ );
+ $links[] = array('name' => 'Admin', 'links' => $admin_links);
+}
- if (in_array(1, $permission_levels)) {
- // Lecturer links
- $lecturer_links = array(
- array('url' => 'lecturer_page_1.php', 'title' => 'Lecturer Page 1'),
- array('url' => 'lecturer_page_2.php', 'title' => 'Lecturer Page 2'),
- array('url' => 'lecturer_page_3.php', 'title' => 'Lecturer Page 3')
- );
- $links[] = array('name' => 'Lecturer', 'links' => $lecturer_links);
- }
+if (in_array(1, $permission_levels)) {
+ // Lecturer links
+ $lecturer_links = array(
+ array('url' => 'lecturer_page_1.php', 'title' => 'Lecturer Page 1'),
+ array('url' => 'lecturer_page_2.php', 'title' => 'Lecturer Page 2'),
+ array('url' => 'lecturer_page_3.php', 'title' => 'Lecturer Page 3')
+ );
+ $links[] = array('name' => 'Lecturer', 'links' => $lecturer_links);
+}
- if (in_array(2, $permission_levels)) {
- // Student links
- $student_links = array(
- array('url' => 'student_page_1.php', 'title' => 'Student Page 1'),
- array('url' => 'student_page_2.php', 'title' => 'Student Page 2'),
- array('url' => 'student_page_3.php', 'title' => 'Student Page 3')
- );
- $links[] = array('name' => 'Student', 'links' => $student_links);
- }
+if (in_array(2, $permission_levels)) {
+ // Student links
+ $student_links = array(
+ array('url' => '/course/search', 'title' => 'Courses'),
+ );
+ $links[] = array('name' => 'Student', 'links' => $student_links);
+}
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- if(isset($_POST['logout'])){
- session_unset();
- session_destroy();
- header('Location: login.php');
- exit;
- }
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ if (isset($_POST['logout'])) {
+ session_unset();
+ session_destroy();
+ header('Location: /login');
+ exit;
}
+}
?>
<nav class="navbar navbar-expand-lg navbar-light bg-light">
- <a class="navbar-brand" href="dashboard.php">Dashboard</a>
- <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown" aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
+ <a class="navbar-brand" href="/dashboard">Dashboard</a>
+ <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown"
+ aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNavDropdown">
<ul class="navbar-nav">
- <?php foreach($links as $employee_links) { ?>
+ <?php foreach ($links as $employee_links) { ?>
<li class="nav-item dropdown">
- <a class="nav-link dropdown-toggle" href="#" id="navbarDropdownMenuLink<?php echo $employee_links['name']; ?>" role="button" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+ <a class="nav-link dropdown-toggle" href="#"
+ id="navbarDropdownMenuLink<?php echo $employee_links['name']; ?>" role="button"
+ data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<?php echo $employee_links['name']; ?>
</a>
- <ul class="dropdown-menu" aria-labelledby="navbarDropdownMenuLink<?php echo $employee_links['name']; ?>">
+ <ul class="dropdown-menu"
+ aria-labelledby="navbarDropdownMenuLink<?php echo $employee_links['name']; ?>">
<?php foreach ($employee_links['links'] as $link) { ?>
- <li><a class="dropdown-item" href="<?php echo $link['url']; ?>"><?php echo $link['title']; ?></a></li>
+ <li><a class="dropdown-item" href="<?php echo $link['url']; ?>"><?php echo $link['title']; ?></a>
+ </li>
<?php } ?>
</ul>
</li>
<?php } ?>
</ul>
- <form method="post" action="login.php">
+ <form method="post" action="/login">
<button type="submit" id='logout' class="btn btn-primary">log out</button>
</form>
</div>
</nav>
<script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@popperjs/[email protected]/dist/umd/popper.min.js"></script>
-<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js"></script>
+\ No newline at end of file
diff --git a/search_user.php b/search_user.php
@@ -1,79 +0,0 @@
-<!DOCTYPE html>
-<html lang="eng">
-
-<head>
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
- <?php
- include "navbar.php";
- include "utils/autoloader.php";
- if (!in_array(0, $_SESSION['permissions'])) {
- header('Location: dashboard.php');
- exit;
- }
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
- ?>
-</head>
-
-<body>
- <form class="d-flex" action="search_user.php" method="post">
- <input class="form-control me-2" type="search" name="search" placeholder="Email" aria-label="Search">
- <button class="btn btn-outline-success" type="submit">Search</button>
- </form>
- <?php
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- if (isset($_POST['search'])) {
- //set $query
- $query = "%" . $_POST['search'] . "%";
- display_results($db, $query);
- } elseif (isset($_POST['delete'])) {
- $u = $db->get(User::class);
- $u->load($_POST['delete']);
- $u->delete();
- display_results($db, $_POST['query']);
- }
- }
- function display_results(Lollipop\SQLDatabase $db, $query)
- {
- //create a User orm class and load all the records where user like query
- $results = $db->where(User::class, array('email' => $query));
-
- // display results
- if ($results != null) {
- echo "<table class=\"table table-striped\">
- <thead>
- <tr>
- <th>E-mail</th>
- <th>First name</th>
- <th>Last name</th>
- <th>Alter</th>
- <th>Delete</th>
- </tr>
- </thead>
- <tbody>";
- foreach ($results as $data) {
- $link = "/alter_user.php?email=" . $data->email;
- echo "<tr>";
- echo "<td>" . $data->email . "</td>";
- echo "<td>" . $data->fname . "</td>";
- echo "<td>" . $data->lname . "</td>";
- echo "<td><a href='" . $link . "'>Edit</a></td>";
- echo "
- <td>
- <form method=\"post\" action=\"search_user.php\">
- <input type=\"hidden\" name=\"query\" value=" . $query . ">
- <button type=\"submit\" name='delete' value=" . $data->email . " ' class=\"btn btn-primary\">delete</button>
- </form>
- </td>";
- echo "</tr>";
- }
- echo "
- </tbody>
- </table>";
- } else {
- echo "No users with this email address were found.";
- }
- }
- ?>
-</body>
-
-</html>
-\ No newline at end of file
diff --git a/searchuser.php b/searchuser.php
@@ -1,53 +0,0 @@
-<?php
-include "navbar.php";
-include "utils/autoloader.php";
-?>
-<html>
-
-<head>
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
-</head>
-
-<body>
- <form class="d-flex" action="searchuser.php" method="post">
- <input class="form-control me-2" type="search" name="search" placeholder="Search" aria-label="Search">
- <button class="btn btn-outline-success" type="submit">Search</button>
- </form>
- <?php
- if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['search'])) {
- $search = $_POST['search'];
- $search = array('email' => "%" . $search . "%");
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
- $u = $db->where(User::class, $search);
- // verification logic and $_SESSION start
- if (count($u) > 0) {
- echo "<table class=\"table table-striped\">
- <thead>
- <tr>
- <th>E-mail</th>
- <th>First name</th>
- <th>Last name</th>
- <th>Action</th>
- </tr>
- </thead>
- <tbody>";
- foreach ($u as $user) {
- $link = "/alteruser.php?email=" . $user['email'];
- echo "<tr>";
- echo "<td>" . $user['email'] . "</td>";
- echo "<td>" . $user['fname'] . "</td>";
- echo "<td>" . $user['lname'] . "</td>";
- echo "<td><a href='" . $link . "'>Edit</a></td>";
- echo "</tr>";
- }
- echo "
- </tbody>
- </table>";
- } else {
- echo "No users with this email address were found.";
- }
- }
- ?>
-</body>
-
-</html>
-\ No newline at end of file
diff --git a/test.php b/test.php
@@ -1,11 +0,0 @@
-<?php
-
-$ob = $db->new();
-
-$obj->where("");
-
-
-
-foreach ($db->all() as $object) {
- $object->id;
-}
-\ No newline at end of file
diff --git a/test_orm.php b/test_orm.php
@@ -1,23 +0,0 @@
-<?php
-
-include "utils/autoloader.php";
-
-$email = '[email protected]';
-$fname = 'GERCO';
-$lname = 'GERCO';
-$pwd = 'GERCO';
-// Pass the password through a hashing function
-$hashed_pwd = password_hash($pwd, PASSWORD_DEFAULT);
-
-// Making a sql statement to add user to the database, preparing it and excuting
-$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
-
-$u = $db->get(User::class);
-
-$data = array('email' => $email, 'fname' => $fname, 'lname' => $lname, 'pwd' => $hashed_pwd);
-
-$u->setData($data);
-$result = $u->insert();
-var_dump($result);
-
-?>
-\ No newline at end of file
diff --git a/views/add_user.php b/views/add_user.php
@@ -0,0 +1,146 @@
+<!DOCTYPE html>
+<html lang="eng">
+
+<head>
+ <title>Add user</title>
+ <!-- Bootstrap CSS -->
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+<?php
+include "navbar.php";
+include "utils/autoloader.php";
+if (!in_array(0, $_SESSION['permissions'])) {
+ header('Location: /dashboard');
+ exit;
+}
+$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+//select the available permissions from the database
+$all_p = $db->all(Model\Permission::class);
+$available_permissions = [];
+foreach ($all_p as $tmp) {
+ $available_permissions[] = ['id' => $tmp->id, 'name' => $tmp->name];
+}
+?>
+
+<body>
+ <div class="container">
+ <h1>Add user</h1>
+
+ <form action="/user/add" method="post">
+ <div class="mb-3">
+ <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
+ <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
+ </div>
+ <div class="mb-3">
+ <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
+ <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
+ </div>
+ <div class="mb-3">
+ <label for="email" class="form-label"><b>Email:</b></label>
+ <input type="text" class="form-control" name="email" id="email" placeholder="Email">
+ </div>
+ <div class="mb-3">
+ <label for="password" class="form-label"><b>Wachtwoord:</b></label>
+ <input type="password" class="form-control" name="password" id="password" placeholder="******">
+ </div>
+ <p>Please select the user permissions:</p>
+ <?php
+ foreach ($available_permissions as $db_permission) {
+ echo "<div class=\"mb-3 form-check\">
+ <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission['id'] . "\">
+ <label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>
+ </div>";
+ }
+ ?>
+ <button type="submit" class="btn btn-primary" name="submit">Add user</button>
+ </form>
+ </div>
+ <?php
+ if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ $errors = array(); // initialize an empty array to store errors
+
+ // Check if voornaam is set and not empty
+ if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
+ $fname = $_POST['voornaam'];
+ } else {
+ $errors[] = "Voornaam is required";
+ }
+
+ // Check if achternaam is set and not empty
+ if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
+ $lname = $_POST['achternaam'];
+ } else {
+ $errors[] = "Achternaam is required";
+ }
+
+ // Check if email is set and not empty
+ if (isset($_POST['email']) && !empty($_POST['email'])) {
+ $email = $_POST['email'];
+ } else {
+ $errors[] = "E-mail is required";
+ }
+
+ // Check if password is set and not empty
+ if (isset($_POST['password']) && !empty($_POST['password'])) {
+ $password = $_POST['password'];
+ } else {
+ $errors[] = "Wachtwoord is required";
+ }
+
+ // Check if permissions is set
+ if (isset($_POST['permissions'])) {
+ $permissions = $_POST['permissions'];
+ } else {
+ $errors[] = "Permissies zijn vereist";
+ }
+
+ // Check if there are any errors
+ if (count($errors) > 0) {
+ // Print out the errors
+ foreach ($errors as $error) {
+ echo $error . "<br>";
+ }
+ } else {
+ // Pass the password through a hashing function
+ $hashed_pwd = password_hash($password, PASSWORD_DEFAULT);
+
+ //create a database object with table user
+ $u = $db->get(Model\User::class);
+
+ //check if email already exists
+ if ($u->load($email)) {
+ echo "this email address is taken: " . $email;
+ } else {
+ $succes = false;
+ //set new user data
+ $u->email = $email;
+ $u->fname = $fname;
+ $u->lname = $lname;
+ $u->pwd = $hashed_pwd;
+
+ //add user with the add function
+ if ($u->insert()) {
+ $succes = true;
+ }
+
+
+ //create a database object with table permission for each permission
+ //set the data and execute the add function
+ foreach ($permissions as $permission) {
+ $p = $db->get(Model\PermissionUser::class);
+ $p->email = $email;
+ $p->id = (int) $permission;
+ if ($p->insert()) {
+ $succes = true;
+ }
+ }
+ if ($succes) {
+ echo "succes!";
+ }
+ }
+ }
+ }
+ ?>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/alter_user.php b/views/alter_user.php
@@ -0,0 +1,170 @@
+<!DOCTYPE html>
+<html lang="eng">
+
+<head>
+ <title>User toevoegen</title>
+ <!-- Bootstrap CSS -->
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+<?php
+
+include "navbar.php";
+include "utils/autoloader.php";
+if (!in_array(0, $_SESSION['permissions'])) {
+ header('Location: /dashboard');
+ exit;
+}
+$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+
+//select the available permissions from the database
+$all_p = $db->all(Model\Permission::class);
+$available_permissions = [];
+foreach ($all_p as $tmp) {
+ $available_permissions[] = ['id' => $tmp->id, 'name' => $tmp->name];
+}
+//if not found set to empty if not GET
+$fname = "";
+$lname = "";
+$email = "";
+$user_permissions = [];
+
+if ($_SERVER["REQUEST_METHOD"] == "GET") {
+ //if the get var isset and user is found in the database load data into forms
+ $get_email = $_PARAM['email'];
+ $u = $db->get(Model\User::class);
+ if ($u->load($get_email)) {
+ $fname = $u->fname;
+ $lname = $u->lname;
+ $email = $u->email;
+ $p = $db->where(Model\PermissionUser::class, array('email' => $email));
+ foreach ($p as $permission) {
+ $user_permissions[] = $permission->id;
+ }
+ }
+}
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ $errors = array(); // initialize an empty array to store errors
+
+ // Check if voornaam is set and not empty
+ if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
+ $fname = $_POST['voornaam'];
+ } else {
+ $errors[] = "Voornaam is required";
+ }
+
+ // Check if achternaam is set and not empty
+ if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
+ $lname = $_POST['achternaam'];
+ } else {
+ $errors[] = "Achternaam is required";
+ }
+
+ // Check if email is set and not empty
+ if (isset($_POST['email']) && !empty($_POST['email'])) {
+ $email = $_POST['email'];
+ } else {
+ $errors[] = "E-mail is required";
+ }
+
+ // Check if permissions is set
+ if (isset($_POST['permissions'])) {
+ $permissions = $_POST['permissions'];
+ } else {
+ $errors[] = "Permissies zijn vereist";
+ }
+
+ // Check if there are any errors
+ if (count($errors) > 0) {
+ // Print out the errors
+ foreach ($errors as $error) {
+ echo $error . "<br>";
+ }
+ } else {
+ //create a database object with table user
+ $u = $db->get(Model\User::class);
+
+ //check if email already exists
+ if (!$u->load($email)) {
+ echo "this user does not exist " . $email;
+ } else {
+ $succes = false;
+ //set new user data
+ $u->email = $email;
+ $u->fname = $fname;
+ $u->lname = $lname;
+ echo $u->save();
+ //add user with the add function
+ if (true) {
+ $succes = true;
+ }
+
+ $p = $db->get(Model\PermissionUser::class);
+ //delete all permissions
+ foreach ($available_permissions as $available) {
+ $p->email = $email;
+ $p->id = $available['id'];
+ $p->delete();
+ }
+
+ //add permissions
+ foreach ($permissions as $keep) {
+ $p->email = $email;
+ $p->id = (int) $keep;
+ $p->insert();
+ }
+ if ($succes) {
+ echo "succes!";
+ }
+ }
+ }
+ //if the get var isset and user is found in the database load data into forms
+
+ $get_email = $_PARAMS['email'];
+ $u = $db->get(Model\User::class);
+ if ($u->load($get_email)) {
+ $fname = $u->fname;
+ $lname = $u->lname;
+ $email = $u->email;
+ $p = $db->where(Model\PermissionUser::class, array('email' => $email));
+ foreach ($p as $permission) {
+ $user_permissions[] = $permission->id;
+ }
+ }
+}
+?>
+
+<body>
+ <div class="container">
+ <h1>Alter user</h1>
+ <form action="/user/<?= $email ?>/update" method="post">
+ <div class="mb-3">
+ <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
+ <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam" value=<?php echo $fname ?>>
+ </div>
+ <div class="mb-3">
+ <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
+ <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam"
+ value=<?php echo $lname ?>>
+ </div>
+ <div class="mb-3">
+ <label for="email" class="form-label"><b>Email:</b></label>
+ <input type="text" class="form-control" name="email" id="email" placeholder="Email" value=<?php echo $email ?>>
+ </div>
+ <p>Please select the user permissions:</p>
+ <?php
+ foreach ($available_permissions as $db_permission) {
+ echo "<div class=\"mb-3 form-check\">" .
+ "<input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission['id'] . "\"";
+ if ($user_permissions != null && in_array($db_permission['id'], $user_permissions)) {
+ echo " checked";
+ }
+ echo "><label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>" .
+ "</div>";
+ }
+ ?>
+ <button type="submit" class="btn btn-primary" name="submit">Alter user</button>
+ </form>
+ </div>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/crud_user.php b/views/crud_user.php
@@ -0,0 +1,130 @@
+<!DOCTYPE html>
+<html lang="nl">
+
+<head>
+ <title>User toevoegen</title>
+ <!-- Bootstrap CSS -->
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+<?php
+include "navbar.php";
+include 'utils/autoloader.php';
+
+$permissions = $_SESSION['permissions'];
+if (!isset($_SESSION['email'])) {
+ if (!in_array(0, $permissions)) {
+ header('Location: /dashboard');
+ exit;
+ }
+}
+?>
+
+<body>
+ <div class="container">
+ <h1>User toevoegen</h1>
+
+ <form action="/user/:/crud" method="post">
+ <div class="mb-3">
+ <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
+ <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
+ </div>
+ <div class="mb-3">
+ <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
+ <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
+ </div>
+ <div class="mb-3">
+ <label for="email" class="form-label"><b>Email:</b></label>
+ <input type="text" class="form-control" name="email" id="email" placeholder="Email">
+ </div>
+ <div class="mb-3">
+ <label for="password" class="form-label"><b>Wachtwoord:</b></label>
+ <input type="password" class="form-control" name="password" id="password" placeholder="******">
+ </div>
+ <p>Please select the user permissions:</p>
+ <div class="mb-3 form-check">
+ <input type="checkbox" class="form-check-input" id="Admin" name="permissions[]" value="1">
+ <label class="form-check-label" for="Admin">Admin</label>
+ </div>
+ <div class="mb-3 form-check">
+ <input type="checkbox" class="form-check-input" id="Administratief medewerker" name="permissions[]"
+ value="2">
+ <label class="form-check-label" for="Administratief medewerker">Administratief medewerker</label>
+ </div>
+ <div class="mb-3 form-check">
+ <input type="checkbox" class="form-check-input" id="Wetenschappelijk medewerker" name="permissions[]"
+ value="3">
+ <label class="form-check-label" for="Wetenschappelijk medewerker">Wetenschappelijk medewerker</label>
+ </div>
+ <button type="submit" class="btn btn-primary" name="submit">Voeg toe</button>
+ </form>
+ </div>
+ <?php
+ if ($_SERVER["REQUEST_METHOD"] == "POST") {
+
+ $errors = array(); // initialize an empty array to store errors
+
+ // Check if voornaam is set and not empty
+ if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
+ $fname = $_POST['voornaam'];
+ } else {
+ $errors[] = "Voornaam is required";
+ }
+
+ // Check if achternaam is set and not empty
+ if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
+ $lname = $_POST['achternaam'];
+ } else {
+ $errors[] = "Achternaam is required";
+ }
+
+ // Check if email is set and not empty
+ if (isset($_POST['email']) && !empty($_POST['email'])) {
+ $email = $_POST['email'];
+ } else {
+ $errors[] = "E-mail is required";
+ }
+
+ // Check if password is set and not empty
+ if (isset($_POST['password']) && !empty($_POST['password'])) {
+ $pwd = $_POST['password'];
+ } else {
+ $errors[] = "Wachtwoord is required";
+ }
+
+ // Check if permissions is set
+ if (isset($_POST['permissions'])) {
+ $permissions = $_POST['permissions'];
+ } else {
+ $errors[] = "Permissies zijn vereist";
+ }
+
+ // Check if there are any errors
+ if (count($errors) > 0) {
+ // Print out the errors
+ foreach ($errors as $error) {
+ echo $error . "<br>";
+ }
+ } else {
+ // Pass the password through a hashing function
+ $hashed_pwd = password_hash($pwd, PASSWORD_DEFAULT);
+
+ // Making a sql statement to add user to the database, preparing it and excuting
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+
+ $u = $db->get(Model\User::class);
+
+ $data = array('email' => $email, 'fname' => $fname, 'lname' => $lname, 'pwd' => $hashed_pwd);
+
+ $u->setData($data);
+ $bool = $u->insert();
+ if (!$bool) {
+ echo "user already exists";
+ } else {
+ echo "succes!";
+ }
+ }
+ }
+ ?>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/dashboard.php b/views/dashboard.php
@@ -0,0 +1,31 @@
+<html>
+
+<head>
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+<?php
+include "navbar.php";
+?>
+
+<body>
+ <?php
+ //echo file_get_contents('http://127.0.0.1/server-status');
+ echo "voornaam = ";
+ echo $_SESSION['first_name'];
+ echo "<br>";
+ echo "achternaam = ";
+ echo $_SESSION['last_name'];
+ echo "<br>";
+ echo "email = ";
+ echo $_SESSION['email'];
+ echo "<br>";
+ echo "perm = ";
+ var_dump($_SESSION['permissions']);
+
+ echo "<pre>";
+ var_dump($_SESSION);
+ echo "</pre>";
+ ?>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/login.php b/views/login.php
@@ -0,0 +1,94 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <title>Login Page</title>
+ <!-- Add the Bootstrap CSS stylesheet -->
+ <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
+ integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+ <?php
+ include "utils/autoloader.php";
+ if (isset($_SESSION['email'])) {
+ header('Location: /dashboard');
+ }
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+ ?>
+</head>
+
+<body>
+ <div class="container mt-5">
+ <div class="row justify-content-center">
+ <div class="col-md-6">
+ <div class="card">
+ <div class="card-header">Login</div>
+ <div class="card-body">
+ <form method="POST" action="/login">
+ <div class="form-group">
+ <label for="email">Email:</label>
+ <input type="email" class="form-control" id="email" name="email"
+ placeholder="Enter email">
+ </div>
+ <div class="form-group">
+ <label for="password">Password:</label>
+ <input type="password" class="form-control" id="password" name="password"
+ placeholder="Enter password">
+ </div>
+ <button type="submit" name='login_btn' class="btn btn-primary">Login</button>
+ </form>
+ </div>
+ </div>
+ </div>
+ </div>
+ </div>
+ </div>
+ <?php
+ // check if a post request was sent
+ if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ // fetch data from the form
+ if (isset($_POST['login_btn'])) {
+ if (!isset($_POST['email']) || !isset($_POST['password'])) {
+ echo "One of the forms was empty";
+ } else {
+ //store data from the form in a variable
+ $email = $_POST['email'];
+ $pwd = $_POST['password'];
+
+ //create a User orm class
+ $u = $db->get(Model\User::class);
+
+ if (!$u->load($email)) {
+ //user incorrect, but to give out as little person info as possible just show either is wrong
+ echo "password or user incorrect";
+ } else {
+ //password verification logic
+ if (password_verify($pwd, $u->pwd)) {
+ //start session and set session variables
+ session_start();
+ $_SESSION['email'] = $u->email;
+ $_SESSION['first_name'] = $u->fname;
+ $_SESSION['last_name'] = $u->lname;
+
+ $user_permissions = [];
+ $p = $db->where(Model\PermissionUser::class, array('email' => $email));
+ foreach ($p as $permission) {
+ $user_permissions[] = $permission->id;
+ }
+ $_SESSION['permissions'] = $user_permissions;
+
+ header('Location: /dashboard');
+ } else {
+ //password incorrect, but to give out as little person info as possible just show either is wrong
+ echo "password or user incorrect";
+ }
+ }
+ }
+ header('Location: /dashboard');
+ }
+ }
+
+
+
+ ?>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/search_course.php b/views/search_course.php
@@ -0,0 +1,97 @@
+<?php
+include "utils/autoloader.php";
+
+session_start();
+
+$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+if (!isset($_SESSION['permissions']) || !in_array(1, $_SESSION['permissions'])) {
+ header('Location: /dashboard');
+ exit;
+}
+
+if (isset($_PARAM['enroll'])) {
+ $c = $db->get(Model\CourseUser::class);
+ $c->email = $_SESSION['email'];
+ $c->id = $_PARAM['enroll'];
+ $c->insert();
+} else if (isset($_PARAM['unsubscribe'])) {
+ $c = $db->get(Model\CourseUser::class);
+ $c->email = $_SESSION['email'];
+ $c->id = $_PARAM['unsubscribe'];
+ $c->delete();
+}
+
+$query = '';
+if (isset($_GET['query'])) {
+ $query = $_GET['query'];
+ $results = $db->where(Model\Course::class, ['name' => "%$query%"], true);
+} else {
+ $results = $db->all(Model\Course::class);
+}
+
+$enrolled = [];
+foreach ($db->where(Model\CourseUser::class, ['email' => $_SESSION['email']]) as $r) {
+ $enrolled[] = $r->id;
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+ <meta charset="UTF-8">
+ <title>Course Search</title>
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+
+<body>
+ <?= include "navbar.php"; ?>
+ <form class="d-flex" action="/course/search" method="get">
+ <input class="form-control me-2" type="search" name="query" placeholder="Email" aria-label="Search">
+ <button class="btn btn-outline-success" type="submit">Search</button>
+ </form>
+ <?php
+ if (!empty($results)) {
+ ?>
+ <table class='table table-striped'>
+ <thead>
+ <tr>
+ <th>Cursus</th>
+ <th>Year</th>
+ <th>Semester</th>
+ <th>Lecturer</th>
+ </tr>
+ </thead>
+ <tbody>
+ <?php
+ foreach ($results as $data) { ?>
+ <tr>
+ <td>
+ <?= $data->name ?>
+ </td>
+ <td>
+ <?= $data->year ?>
+ </td>
+ <td>
+ <?= $data->semester ?>
+ </td>
+ <td>
+ <?= $data->lecturer ?>
+ </td>
+ <?php if (!in_array($data->id, $enrolled)) { ?>
+ <td><a href='/course/<?= $data->id ?>/enroll'>Enroll</a></td>
+ <?php } else { ?>
+ <td><a href='/course/<?= $data->id ?>/unsubscribe'>Unsubscribe</a></td>
+ <?php } ?>
+ </tr>
+ <?php
+ }
+ echo "</tbody></table>";
+ } else {
+ echo "No courses found.";
+ }
+ ?>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/search_user.php b/views/search_user.php
@@ -0,0 +1,86 @@
+<?php
+include "utils/autoloader.php";
+
+session_start();
+
+$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+if (!isset($_SESSION['permissions']) || !in_array(0, $_SESSION['permissions'])) {
+ header('Location: /dashboard');
+ exit;
+}
+
+if (isset($_GET['delete'])) {
+ $u = $db->get(Model\User::class);
+ $u->load($_GET['delete']);
+ $u->delete();
+}
+
+$query = '';
+if (isset($_GET['query'])) {
+ $query = $_GET['query'];
+ $results = $db->where(Model\User::class, ['email' => "%$query%"], true);
+} else {
+ $results = $db->all(Model\User::class);
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+ <meta charset="UTF-8">
+ <title>User Search</title>
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+
+<body>
+ <?= include "navbar.php"; ?>
+ <form class="d-flex" action="/user/search" method="get">
+ <input class="form-control me-2" type="search" name="query" placeholder="Email" aria-label="Search">
+ <button class="btn btn-outline-success" type="submit">Search</button>
+ </form>
+ <?php
+ if (!empty($results)) {
+ ?>
+ <table class='table table-striped'>
+ <thead>
+ <tr>
+ <th>Email</th>
+ <th>First Name</th>
+ <th>Last Name</th>
+ <th>Alter</th>
+ <th>Delete</th>
+ </tr>
+ </thead>
+ <tbody>
+ <?php
+ foreach ($results as $data) { ?>
+ <tr>
+ <td>
+ <?= $data->email ?>
+ </td>
+ <td>
+ <?= $data->fname ?>
+ </td>
+ <td>
+ <?= $data->lname ?>
+ </td>
+ <td><a href='/user/<?= $data->email ?>/update'>Edit</a></td>
+ <td>
+ <form method='get' action='/user/search'>
+ <input type='hidden' name='query' value='<?= $query ?>'>
+ <button type='submit' name='delete' value='<?= $data->email ?>' class='btn btn-primary'>Delete</button>
+ </form>
+ </td>
+ </tr>
+ <?php
+ }
+ echo "</tbody></table>";
+ } else {
+ echo "No users with this email address were found.";
+ }
+ ?>
+</body>
+
+</html>
+\ No newline at end of file
