commit bbbca2dcd96af88e91caa765b626301942c8d2a5
parent 4493e916aec5e95808918754698e8d5f9ad294fc
Author: MoiBaguette <[email protected]>
Date: Sat, 15 Apr 2023 17:03:32 +0200
crud overal
Diffstat:
11 files changed, 161 insertions(+), 161 deletions(-)
diff --git a/Lollipop/SQLDatabase.php b/Lollipop/SQLDatabase.php
@@ -69,7 +69,7 @@ namespace Lollipop {
*/
$cls = new $table_name($this);
- $sql = "SELECT {$cls->get_primary()} FROM {$cls->get_table()}";
+ $sql = "SELECT * FROM {$cls->get_table()}";
$result = $this->conn->query($sql);
@@ -79,7 +79,9 @@ namespace Lollipop {
$objects = [];
while ($row = $result->fetch_assoc()) {
- $objects[] = $this->get($table_name, $row[$cls->get_primary()]);
+ $o = new $table_name($this);
+ $o->setData($row);
+ $objects[] = $o;
}
return $objects;
}
diff --git a/add_user.php b/add_user.php
@@ -13,6 +13,12 @@
exit;
}
$db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+ //select the available permissions from the database
+ $all_p = $db->all(Permissions::class);
+ $available_permissions = [];
+ foreach($all_p as $tmp){
+ $available_permissions[] = ['id' => $tmp->id, 'name' => $tmp->name];
+ }
?>
<body>
<div class="container">
@@ -36,19 +42,15 @@
<input type="password" class="form-control" name="password" id="password" placeholder="******">
</div>
<p>Please select the user permissions:</p>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Admin" name="permissions[]" value="0">
- <label class="form-check-label" for="Admin">Admin</label>
- </div>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Administratief medewerker" name="permissions[]" value="1">
- <label class="form-check-label" for="Administratief medewerker">Administratief medewerker</label>
- </div>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Wetenschappelijk medewerker" name="permissions[]" value="2">
- <label class="form-check-label" for="Wetenschappelijk medewerker">Wetenschappelijk medewerker</label>
- </div>
- <button type="submit" class="btn btn-primary" name="submit">Voeg toe</button>
+ <?php
+ foreach($available_permissions as $db_permission){
+ echo "<div class=\"mb-3 form-check\">
+ <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions\" value=" . $db_permission['id'] . "\">
+ <label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>
+ </div>";
+ }
+ ?>
+ <button type="submit" class="btn btn-primary" name="submit">Add user</button>
</form>
</div>
<?php
@@ -121,7 +123,7 @@
//create a database object with table permission for each permission
//set the data and execute the add function
foreach($permissions as $permission){
- $p = $db->get(Permission::class);
+ $p = $db->get(Permission_user::class);
$p->email = $email;
$p->id = $permission;
$p->add();
diff --git a/alter_user.php b/alter_user.php
@@ -7,52 +7,73 @@
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
</head>
<?php
- include "navbar.php";
- include "utils/autoloader.php";
- if(!in_array(0, $_SESSION['permissions'])){
- header('Location: dashboard.php');
- exit;
- }
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+ include "navbar.php";
+ include "utils/autoloader.php";
+ if(!in_array(0, $_SESSION['permissions'])){
+ header('Location: dashboard.php');
+ exit;
+ }
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+
+ //select the available permissions from the database
+ $all_p = $db->all(Permissions::class);
+ $available_permissions = [];
+ foreach($all_p as $tmp){
+ $available_permissions[] = ['id' => $tmp->id, 'name' => $tmp->name];
+ }
+
+ if($_SERVER["REQUEST_METHOD"] == "GET"){
+ $u = $db->get(User::class);
+
+ //if the get var isset and user is found in the database load data into forms
+ if(isset($_GET['email']) && $u->load($_GET['email'])){
+ $fname = $u->fname;
+ $lname = $u->lname;
+ $email = $u->email;
+ $p = $db->all_where(Permission_user::class, array('email' => $email));
+ foreach($p as $permission){
+ $user_permissions[] = $permission->id;
+ }
+ }else{
+ //if not found set to empty
+ $fname = "";
+ $lname = "";
+ $email = "";
+ $user_permissions = [];
+ }
+ }
?>
<body>
<div class="container">
<h1>Alter user</h1>
-
<form action="alter_user.php" method="post">
<div class="mb-3">
<label for="voornaam" class="form-label"><b>Voornaam:</b></label>
- <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
+ <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam" value=<?php echo$fname?>>
</div>
<div class="mb-3">
<label for="achternaam" class="form-label"><b>Achternaam:</b></label>
- <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
+ <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam" value=<?php echo$lname?>>
</div>
<div class="mb-3">
<label for="email" class="form-label"><b>Email:</b></label>
- <input type="text" class="form-control" name="email" id="email" placeholder="Email">
- </div>
- <div class="mb-3">
- <label for="password" class="form-label"><b>Wachtwoord:</b></label>
- <input type="password" class="form-control" name="password" id="password" placeholder="******">
+ <input type="text" class="form-control" name="email" id="email" placeholder="Email" value=<?php echo$email?>>
</div>
<p>Please select the user permissions:</p>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Admin" name="permissions[]" value="1">
- <label class="form-check-label" for="Admin">Admin</label>
- </div>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Administratief medewerker" name="permissions[]"
- value="2">
- <label class="form-check-label" for="Administratief medewerker">Administratief medewerker</label>
- </div>
- <div class="mb-3 form-check">
- <input type="checkbox" class="form-check-input" id="Wetenschappelijk medewerker" name="permissions[]"
- value="3">
- <label class="form-check-label" for="Wetenschappelijk medewerker">Wetenschappelijk medewerker</label>
- </div>
- <button type="submit" class="btn btn-primary" name="submit">Voeg toe</button>
+ <?php
+ foreach($available_permissions as $db_permission){
+ echo "<div class=\"mb-3 form-check\">" .
+ "<input type=\"checkbox\" class=\"form-check-input\" name=\"permissions\" value=" . $db_permission['id'] . "\"";
+ if ($user_permissions != null && in_array($db_permission['id'], $user_permissions)) {
+ echo " checked";
+ }
+ echo "><label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>" .
+ "</div>";
+ }
+ ?>
+
+ <button type="submit" class="btn btn-primary" name="submit">Alter user</button>
</form>
</div>
<?php
@@ -104,39 +125,10 @@
// Pass the password through a hashing function
// Making a sql statement to add user to the database, preparing it and excuting
- $sql = "UPDATE medewerkers
- SET voornaam = ?, achternaam = ?
- WHERE email = ?";
- $stmt = $conn->prepare($sql);
- $stmt->bind_param("sss", $fname, $lname, $email);
- $stmt->execute();
-
- if ($password) {
- $hash = password_hash($password, PASSWORD_DEFAULT);
- $sql = "UPDATE medewerkers
- SET wachtwoord = ?
- WHERE email = ?";
- $stmt = $conn->prepare($sql);
- $stmt->bind_param("ss", $hash, $email);
- $stmt->execute();
- }
-
- $sql = "DELETE medewerkers WHERE email = ?";
- $stmt = $conn->prepare($sql);
- $stmt->bind_param("s", $email);
- $stmt->execute();
//Excecuting a sql statement for all the user permissions
- foreach ($permissions as $perm) {
- $sql = "INSERT INTO medewerkers_permissie (email, permissie_id) VALUES (?, ?);";
- $stmt = $conn->prepare($sql);
- $stmt->bind_param("si", $email, $perm);
- $stmt->execute();
- }
}
}
- // closing the connection
- mysqli_close($conn);
?>
</body>
diff --git a/backup.php b/backup.php
@@ -1,27 +0,0 @@
- <?php
- if($email == $row['email'] && password_verify($pwd, $row['wachtwoord'])) {
- session_start();
- $_SESSION['email'] = $row['email'];
- mysqli_data_seek($result, 0);
- $permissions = array();
- $permissions_names = array();
- while($row = mysqli_fetch_assoc($result)){
- array_push($permissions, $row['permissie_id']);
- array_push($permissions_names, $row['permissie_naam']);
- }
- $_SESSION['permissions'] = $permissions;
- $_SESSION['permissions_names'] = $permissions_names;
- foreach($_SESSION['permissions'] as $bullshit){
- echo $bullshit . "<br>";
-
-
- // verification logic and $_SESSION start
- if(count($row = $result->fetch_assoc()) > 0){
-
- header('Location: dashboard.php');
- } else {
- echo '<p style="color:red">Invalid username or password.</p>';
- }
- } else {
- echo '<p style="color:red">Invalid username or password.</p>';
- }
-\ No newline at end of file
diff --git a/classes/Permission.php b/classes/Permission.php
@@ -1,14 +0,0 @@
-<?php
-class Permission extends Lollipop\DatabaseObject
-{
- static function get_table(): string
- {
- return "permission_user";
- }
-
- static function get_primary(): string
- {
- return "email";
- }
-}
-?>
-\ No newline at end of file
diff --git a/classes/Permission_user.php b/classes/Permission_user.php
@@ -0,0 +1,14 @@
+<?php
+class Permission_user extends Lollipop\DatabaseObject
+{
+ static function get_table(): string
+ {
+ return "permission_user";
+ }
+
+ static function get_primary(): string
+ {
+ return "email";
+ }
+}
+?>
+\ No newline at end of file
diff --git a/classes/Permissions.php b/classes/Permissions.php
@@ -0,0 +1,14 @@
+<?php
+class Permissions extends Lollipop\DatabaseObject
+{
+ static function get_table(): string
+ {
+ return "permission";
+ }
+
+ static function get_primary(): string
+ {
+ return "id";
+ }
+}
+?>
+\ No newline at end of file
diff --git a/dashboard.php b/dashboard.php
@@ -8,14 +8,15 @@
<body>
<?php
//echo file_get_contents('http://127.0.0.1/server-status');
+ echo "voornaam = ";
echo $_SESSION['first_name'];
- echo " ";
+ echo "<br>";
+ echo "achternaam = ";
echo $_SESSION['last_name'];
- echo " ";
+ echo "<br>";
+ echo "email = ";
echo $_SESSION['email'];
- echo " ";
- echo " ";
- echo "blablab";
+ echo "<br>";
?>
</body>
diff --git a/login.php b/login.php
@@ -62,7 +62,7 @@
$_SESSION['first_name'] = $u->fname;
$_SESSION['last_name'] = $u->lname;
- $p = $db->all_where(Permission::class, array('email' => $email));
+ $p = $db->all_where(Permission_user::class, array('email' => $email));
foreach($p as $permission){
$user_permissions[] = $permission->id;
};
diff --git a/navbar.php b/navbar.php
@@ -16,8 +16,8 @@
// Admin links
$admin_links = array(
array('url' => '/add_user.php', 'title' => 'Add User'),
- array('url' => '/searchuser.php', 'title' => 'Search for user'),
- array('url' => '/alteruser.php', 'title' => 'Alter user')
+ array('url' => '/search_user.php', 'title' => 'Search for user'),
+ array('url' => '/alter_user.php', 'title' => 'Alter user')
);
$links[] = array('name' => 'Admin', 'links' => $admin_links);
}
@@ -53,7 +53,7 @@
?>
<nav class="navbar navbar-expand-lg navbar-light bg-light">
- <a class="navbar-brand" href="#">Dashboard</a>
+ <a class="navbar-brand" href="dashboard.php">Dashboard</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNavDropdown" aria-controls="navbarNavDropdown" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
@@ -79,4 +79,4 @@
</nav>
<script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@popperjs/[email protected]/dist/umd/popper.min.js"></script>
-<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js"></script>
-\ No newline at end of file
+<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js"></script>
diff --git a/search_user.php b/search_user.php
@@ -18,41 +18,58 @@
<button class="btn btn-outline-success" type="submit">Search</button>
</form>
<?php
- if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['search'])) {
+ if ($_SERVER["REQUEST_METHOD"] == "POST"){
+ if(isset($_POST['search'])) {
//set $query
$query = "%" . $_POST['search'] . "%";
-
- //create a User orm class and load all the records where user like query
- $results = $db->all_where(User::class, array('email' => $query));
-
- // display results
- if($results != null){
- echo "<table class=\"table table-striped\">
- <thead>
- <tr>
- <th>E-mail</th>
- <th>First name</th>
- <th>Last name</th>
- <th>Action</th>
- </tr>
- </thead>
- <tbody>";
- foreach($results as $data) {
- $link = "/alter_user.php?email=" . $data->email;
- echo "<tr>";
- echo "<td>" . $data->email . "</td>";
- echo "<td>" . $data->fname . "</td>";
- echo "<td>" . $data->lname . "</td>";
- echo "<td><a href='" . $link . "'>Edit</a></td>";
- echo "</tr>";
- }
- echo"
- </tbody>
- </table>";
- }else{
- echo "No users with this email address were found.";
- }
+ display_results($db, $query);
+ }elseif(isset($_POST['delete'])){
+ $u = $db->get(User::class);
+ $u->load($_POST['delete']);
+ $u->delete();
+ display_results($db, $_POST['query']);
}
+ }
+ function display_results($db, $query){
+ //create a User orm class and load all the records where user like query
+ $results = $db->all_where(User::class, array('email' => $query));
+
+ // display results
+ if($results != null){
+ echo "<table class=\"table table-striped\">
+ <thead>
+ <tr>
+ <th>E-mail</th>
+ <th>First name</th>
+ <th>Last name</th>
+ <th>Alter</th>
+ <th>Delete</th>
+ </tr>
+ </thead>
+ <tbody>";
+ foreach($results as $data) {
+ $link = "/alter_user.php?email=" . $data->email;
+ echo "<tr>";
+ echo "<td>" . $data->email . "</td>";
+ echo "<td>" . $data->fname . "</td>";
+ echo "<td>" . $data->lname . "</td>";
+ echo "<td><a href='" . $link . "'>Edit</a></td>";
+ echo "
+ <td>
+ <form method=\"post\" action=\"search_user.php\">
+ <input type=\"hidden\" name=\"query\" value=" . $query. ">
+ <button type=\"submit\" name='delete' value=" . $data->email ." ' class=\"btn btn-primary\">delete</button>
+ </form>
+ </td>";
+ echo "</tr>";
+ }
+ echo"
+ </tbody>
+ </table>";
+ }else{
+ echo "No users with this email address were found.";
+ }
+ }
?>
</body>
</html>
