PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PBBFA23CSE:37ee931954547d1fc8f27eae84d8987b16d3ffb1
Branches Tags
PBBFA23CSE:main PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:develop
..
compare: PBBFA23CSE:frontendbackendtest
Branches Tags
PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:main PBBFA23CSE:develop

22 Commits
37ee931954 ... frontendba

Author SHA1 Message Date
Karsten Tlotzek
60f72ec6c9 Login/Logout jetzt in der Navi! News-Link ergänzt und Weiterleitungen gefixt (mit /bibarts/). Fehler nach Login behoben. 2025-07-03 09:52:33 +02:00
Karsten Tlotzek
8a59ddde8e Alles auf Englisch umbenannt: exhibition → event, Variablen und Tabellen angepasst, Views auf neue Felder umgestellt, Controller/Model/SQL konsistent gemacht. Alte Variablennamen raus, jetzt ist alles einheitlich. Fehler aus dem Frontend gefixt. 2025-07-01 09:59:25 +02:00
Karsten Tlotzek
d24d914c8c refactor: Validierungslogik ins Model verschoben 
- pwRequirementCheck und checkDoublePw aus Controller ins Model
- Alle Passwort- und E-Mail-Validierungen jetzt zentral im Model
- Controller macht nur noch Request/Response Handling
- Saubere MVC-Trennung
 2025-06-30 21:18:04 +02:00
Karsten Tlotzek
d711bc6152 Add registration functionality and update authentication views 
- Implemented a new method in AuthController to display the registration form with localized labels and session error handling.
- Updated the login view to include a link for account creation.
- Enhanced the registration view with a link to the login form.
- Removed the obsolete showRegisterPage view to streamline the codebase.
 2025-06-30 14:10:40 +02:00
Karsten Tlotzek
8e1a13ea27 Remove unused render call in AuthController after session cleanup 2025-06-30 14:01:56 +02:00
Karsten Tlotzek
6852923db0 Add login page styles and refactor authentication views 
- Introduced new styles for the login page, enhancing layout and responsiveness.
- Updated the login view to utilize the new styles and improve user feedback for login errors and success messages.
- Removed unused controllers and views related to contact and login functionalities to streamline the codebase.
- Adjusted error message handling in the AuthController for better clarity on password requirements.
 2025-06-30 14:01:08 +02:00
Karsten Tlotzek
71d838da0a Merge branch 'feature/authentification' into frontendbackendtest 
# Conflicts:
#	bibarts.sql
 2025-06-30 11:13:44 +02:00
Karsten Tlotzek
8583012c5b Refactor views wegen öffnendem body tag im header und schließenden tag im footer 2025-06-30 10:50:08 +02:00
Karsten Tlotzek
31a381bba4 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:28:28 +02:00
Karsten Tlotzek
a72a0c5fc5 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:27:10 +02:00
Karsten Tlotzek
ce23d839a3 Register und login gefixt 2025-06-30 09:56:52 +02:00
Karsten Tlotzek
36d6364cd0 Auth angepasst 2025-06-27 10:24:21 +02:00
Max538
5477e7fdd8 fixed sql 2025-06-23 14:23:00 +02:00
Max538
db526e5bb2 implemented Controller logic 2025-06-23 14:22:43 +02:00
Max538
dd6e98fe28 implemented update pw function 2025-06-23 14:14:25 +02:00
Max538
5965e1df81 implemented input validation for register function 2025-06-23 10:35:55 +02:00
Max538
8d4376d313 fixed login function 2025-06-23 10:17:17 +02:00
Max538
49a8f6a1dc added database sql skript with changes 2025-06-16 15:12:51 +02:00
Max538
78e1e72eba implemented authmodel 2025-06-16 15:12:28 +02:00
Max538
4fa775f326 implemented authcontroller logic 2025-06-16 15:12:13 +02:00
Karsten Tlotzek
1df705a235 Merge remote-tracking branch 'origin/main' 2025-06-12 16:15:25 +02:00
Karsten Tlotzek
5594d469de Test 2025-06-12 16:14:54 +02:00
43 changed files with 1160 additions and 1078 deletions
Expand all files Collapse all files

6
.idea/sqldialects.xml generated
View File

@@ -1,6 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="SqlDialectMappings">
<file url="file://$PROJECT_DIR$/contact.sql" dialect="GenericSQL" />
</component>
</project>

385
CSS/style.css
View File

@@ -4,22 +4,9 @@ body {
font-size: 15px; font-size: 15px;
margin: 0; margin: 0;
padding: 0; padding: 0;
min-height: 100vh;
display: flex;
flex-direction: column;
width: 100vw;
max-width: 100vw;
overflow-x: hidden;
} }
#wrapper { #wrapper {
flex: 1 0 auto;
min-height: 0;
display: flex;
flex-direction: column;
justify-content: flex-start;
margin-bottom: 20px;
width: 100vw;
max-width: 100vw;
} }
a { a {
@@ -29,11 +16,6 @@ a {
#navigation { #navigation {
display: flex; display: flex;
justify-content: center; justify-content: center;
position: sticky;
top: 0;
z-index: 1000;
background: #BAC8D4;
width: 100vw;
} }
.link-container { .link-container {
display: grid; display: grid;
@@ -56,19 +38,17 @@ a {
background-size: contain; background-size: contain;
} }
#footer { #footer {
position: relative; position: absolute;
bottom: 0; bottom: 0;
left: 0; left: 0;
width: 100vw; width: 100%;
height: 180px; height: 240px;
background-color: #BAC8D4; background-color: #BAC8D4;
display: flex;
flex-direction: column; display: grid;
grid-template-columns: 6% 5% 43% 32% 14%;
grid-template-rows: 45% 10% 45%;
align-items: center; align-items: center;
justify-content: center;
flex-shrink: 0;
z-index: 999;
padding: 10px 0;
} }
.container-zahlungsmittel { .container-zahlungsmittel {
@@ -81,16 +61,11 @@ a {
} }
.inhalt { .inhalt {
flex: 1 1 auto;
display: flex; display: flex;
height: 10px;
justify-content: center; justify-content: center;
align-items: center; align-items: center;
width: 100vw; width: 100%;
min-height: 0;
min-width: 0;
margin: 0;
padding: 0 2vw;
box-sizing: border-box;
} }
.zahlungsmittel-img { .zahlungsmittel-img {
@@ -127,251 +102,141 @@ a {
padding-right: 30px; padding-right: 30px;
} }
.container-welcome-inhalt { .container-welcome-inhalt {
grid-template-columns: 39% 61%;
display: grid; display: grid;
grid-template-columns: 1fr 1fr; width: 110em;
width: 100%; min-height: 80%;
max-width: 900px;
min-height: 200px;
border-radius: 10px; border-radius: 10px;
background: white;
box-shadow: 0 2px 16px rgba(0,0,0,0.08);
justify-items: center;
align-items: center;
box-sizing: border-box;
padding: 10px 0;
} }
.beispiel-austellung1-img, .beispiel-austellung2-img { .beispiel-austellung1-img {
height: 200px; height: 480px;
width: 90vw; width: 670px;
max-width: 320px; background-image: url("../images/beispiel-austellung1.png");
background-position: center; background-position: center;
background-size: contain; background-size: contain;
justify-self: right;
border-radius: 10px; border-radius: 10px;
} }
.beispiel-austellung2-img {
background-image: url("../images/beispiel-austellung2.png");
background-position: center;
background-size: contain;
justify-self: right;
border-radius: 10px;
}
/* Login Page Styles */
.login-page-bg {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
background: linear-gradient(135deg, #DFF0F2 60%, #BAC8D4 100%);
}
.login-container { .login-container {
position: absolute; background: #fff;
top: 200px; box-shadow: 0 4px 24px rgba(0,0,0,0.10);
background-color: #BAC8D4; border-radius: 16px;
width: 900px; padding: 40px 32px 32px 32px;
height: 450px; width: 100%;
border-radius: 10px; max-width: 400px;
display: flex; display: flex;
flex-direction: column; flex-direction: column;
align-items: center; align-items: center;
justify-content: center;
box-sizing: border-box;
} }
.tickets-container { .login-title {
position: absolute; margin-bottom: 24px;
top: 200px; color: #4d4d4d;
background-color: #BAC8D4; font-size: 2rem;
width: 900px; font-weight: 600;
height: 450px; letter-spacing: 1px;
border-radius: 10px; }
.login-form {
width: 100%;
display: flex; display: flex;
flex-direction: column; flex-direction: column;
align-items: center; gap: 18px;
justify-content: center; }
box-sizing: border-box;
.login-field {
display: flex;
flex-direction: column;
gap: 6px;
}
.login-field label {
font-weight: 500;
color: #4d4d4d;
}
.login-field input {
padding: 10px 12px;
border: 1px solid #BAC8D4;
border-radius: 6px;
font-size: 1rem;
background: #F7FAFC;
transition: border 0.2s;
}
.login-field input:focus {
border: 1.5px solid #09add0;
outline: none;
}
.login-btn {
margin-top: 10px;
padding: 12px 0;
background: #09add0;
color: #fff;
border: none;
border-radius: 6px;
font-size: 1.1rem;
font-weight: 600;
cursor: pointer;
transition: background 0.2s;
}
.login-btn:hover {
background: #007b9e;
}
.login-error {
background: #ffe0e0;
color: #b30000;
border: 1px solid #ffb3b3;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-success {
background: #e0ffe6;
color: #006633;
border: 1px solid #b3ffd1;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-link {
display: inline-block;
margin-top: 10px;
color: #09add0;
font-weight: 500;
text-decoration: underline;
} }
@media (max-width: 600px) { @media (max-width: 600px) {
body {
font-size: 14px;
width: 100vw;
max-width: 100vw;
overflow-x: hidden;
}
#wrapper {
width: 100vw;
max-width: 100vw;
}
#navigation {
width: 100vw;
min-width: 0;
padding: 0;
display: flex;
justify-content: center;
align-items: center;
}
.link-container {
width: 100vw;
min-width: 0;
display: flex;
flex-direction: column;
align-items: center;
justify-content: center;
row-gap: 8px;
border-radius: 0;
padding: 0 4px;
}
.links {
font-size: 18px;
justify-content: center;
align-items: center;
padding: 6px 0;
text-align: center;
width: 100%;
}
#logo {
width: 120px;
height: 40px;
margin: 0 auto 8px auto;
display: flex;
justify-content: center;
align-items: center;
}
.container-welcome-inhalt {
grid-template-columns: 1fr;
width: 100vw;
max-width: 100vw;
min-height: 0;
padding: 8px 0;
}
.beispiel-austellung1-img, .beispiel-austellung2-img {
width: 90vw;
max-width: 98vw;
height: 120px;
margin-bottom: 10px;
}
.inhalt {
width: 100vw;
min-width: 0;
max-width: 100vw;
padding: 0 2vw;
box-sizing: border-box;
flex-direction: column;
align-items: stretch;
}
#footer {
width: 100vw;
height: auto;
min-height: 120px;
padding: 10px 0 10px 0;
font-size: 13px;
}
.container-zahlungsmittel {
width: 100vw;
text-align: center;
padding: 0;
}
.header-zahlungsarten {
font-size: 1.1em;
padding-right: 0;
text-align: center;
}
.zahlungsmittel-img {
width: 90vw;
max-width: 200px;
height: 30px;
margin: 0 auto;
}
.line {
width: 95vw;
}
.link-impressum, .link-datenschutz, .link-nutzungsbedingungen {
display: block;
padding: 2px 0;
text-align: center;
}
.text-bib {
display: block;
text-align: center;
padding: 0;
}
.desktop-only {
display: none !important;
}
.mobile-only {
display: block !important;
}
.login-container { .login-container {
position: static; padding: 24px 8px;
width: 95vw; max-width: 95vw;
max-width: 400px;
height: auto;
margin: 24px auto;
padding: 16px 8px;
box-sizing: border-box;
}
.tickets-container {
position: static;
width: 95vw;
max-width: 400px;
height: auto;
margin: 24px auto;
padding: 16px 8px;
box-sizing: border-box;
}
.login-container h1 {
font-size: 1.5em;
text-align: center;
}
.tickets-container h1 {
font-size: 1.5em;
text-align: center;
}
.login-container form,
.login-container label,
.login-container input {
width: 100%;
max-width: 100%;
box-sizing: border-box;
}
.login-container button,
.login-container a {
width: 100%;
max-width: 100%;
margin-top: 8px;
text-align: center;
box-sizing: border-box;
}
#nav-toggle-btn {
display: block;
background: none;
border: none;
font-size: 2em;
cursor: pointer;
margin: 0 auto 8px auto;
transition: transform 0.2s;
}
.nav-links {
display: none;
flex-direction: column;
align-items: center;
width: 100%;
transition: max-height 0.3s ease;
overflow: hidden;
}
.nav-links.open {
display: flex;
}
#nav-toggle-btn.open {
transform: rotate(180deg);
}
}
@media (min-width: 601px) {
.mobile-only {
display: none !important;
}
.desktop-only {
display: block !important;
}
#nav-toggle-btn {
display: none;
}
.nav-links {
display: flex !important;
flex-direction: row;
align-items: center;
width: auto;
gap: 32px;
}
.nav-links .links {
margin: 0 12px;
} }
} }

151
Controller/AuthController.php Normal file
View File

@@ -0,0 +1,151 @@
<?php
namespace Blog\Controller;
use Blog\Model\AuthModel;
class AuthController
{
private $model;
private $view;
public function __construct($view) {
$this->model = new AuthModel();
$this->view = $view;
}
public function showLoginForm() {
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
}
public function showRegistrationForm() {
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
}
public function login() {
$email = $_POST['email'];
$password = $_POST['password'];
$result = $this->model->login($email, $password);
if ($result === true) {
$_SESSION['user'] = $email;
header('Location: /bibarts/?controller=News&do=showNews');
exit();
} else {
$this->view->setVars([
'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."],
'validData' => ['email' => $email],
'loginSuccess' => false
]);
}
}
public function register() {
$data = [
'first_name' => $_POST['vorname'] ?? '',
'last_name' => $_POST['nachname'] ?? '',
'street' => $_POST['strasse'] ?? '',
'house_number' => $_POST['hausnr'] ?? '',
'postal_code' => $_POST['plz'] ?? '',
'city' => $_POST['ort'] ?? '',
'country' => $_POST['land'] ?? '',
'phone' => $_POST['tel'] ?? '',
'email' => $_POST['email'] ?? '',
'password' => $_POST['password'] ?? '',
'password_repeat' => $_POST['password_repeat'] ?? '',
'is_admin' => $_POST['isAdmin'] ?? false,
];
$result = $this->model->register($data);
if ($result === true) {
$this->view->setVars(['success' => 'Registrierung erfolgreich!']);
$this->view->render('Auth/showLoginForm');
exit;
} else {
$errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
$this->view->setVars(['errors' => $errors, 'validData' => $data]);
$this->view->render('Auth/showRegistrationForm');
exit;
}
}
public function forgotPassword() {
$email = $_POST['email'] ?? '';
if (empty($email)) {
$_SESSION['auth_errors']['email'] = "Bitte E-Mail-Adresse angeben.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
$this->model->pwForgot($email);
header("Location: /?controller=Auth&do=showConfirmation&msg=pwforgot");
exit;
}
public function changePassword()
{
$email = $_POST['email'] ?? '';
$oldpw = $_POST['old_password'] ?? '';
$newpw = $_POST['password'] ?? '';
$repeat = $_POST['password_repeat'] ?? '';
if (!$this->model->checkDoublePw($newpw, $repeat)) {
$_SESSION['auth_errors']['password'] = "Neue Passwörter stimmen nicht überein.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
$result = $this->model->updatePassword($email, $oldpw, $newpw);
if ($result === true) {
header("Location: /?controller=Auth&do=showConfirmation&msg=pwchange");
exit;
} else {
$_SESSION['auth_errors']['password'] = is_string($result) ? $result : "Fehler beim Aktualisieren des Passworts.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
}
public function showConfirmation()
{
$messages = [
'login' => "Login erfolgreich.",
'register' => "Registrierung erfolgreich.",
'pwforgot' => "Ein temporäres Passwort wurde an Ihre E-Mail gesendet.",
'pwchange' => "Passwort erfolgreich geändert."
];
$msgKey = $_GET['msg'] ?? '';
$message = $messages[$msgKey] ?? "Aktion erfolgreich.";
$this->view->setVars(['message' => $message]);
$this->view->render('auth/confirmation');
}
public function logout() {
unset($_SESSION['user']);
session_destroy();
header('Location: /bibarts/?controller=Auth&do=showLoginForm');
exit();
}
}

53
Controller/ContactController.php
View File

@@ -1,53 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\ContactModel;
class ContactController
{
protected $view;
private $db;
private $validData = array();
private $errors = array();
private $labels = array("name" => "Name", "email" => "E-Mail-Adresse", "content" => "Nachricht");
public function __construct($view) {
$this->db = new ContactModel();
$this->view = $view;
}
public function showContactForm() {
$this->view->setVars([
'labels' => $this->labels,
'validData' => $this->validData,
'errors' => $this->errors
]);
}
public function showConfirmation() {
}
public function validateForm() {
foreach ($this->labels as $index => $value) {
if (!isset($_POST[$index]) || empty($_POST[$index])) {
$this->errors[$index] = "Bitte " . $value . " angeben";
} else {
$this->validData[$index] = $_POST[$index];
}
}
if (count($this->errors) > 0) {
$this->view->setDoMethodName("showContactForm");
$this->showContactForm();
} else {
if ($this->db->writeContactData($this->validData)) {
$this->view->setDoMethodName("showConfirmation");
$this->showConfirmation();
}
}
}
}
?>

24
Controller/EventController.php
View File

@@ -23,13 +23,13 @@ class EventController {
public function createEvent() { public function createEvent() {
$data = [ $data = [
'location_id' => $_POST['location_id'] ?? null,
'start_date' => $_POST['start_date'] ?? null,
'end_date' => $_POST['end_date'] ?? null,
'name' => $_POST['name'] ?? null, 'name' => $_POST['name'] ?? null,
'beschreibung' => $_POST['beschreibung'] ?? null, 'description' => $_POST['description'] ?? null,
'standortid' => $_POST['standortid'] ?? null,
'datum_von' => $_POST['datum_von'] ?? null,
'datum_bis' => $_POST['datum_bis'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? null, 'max_tickets' => $_POST['max_tickets'] ?? null,
'preis' => $_POST['preis'] ?? null 'ticket_price' => $_POST['ticket_price'] ?? null
]; ];
$this->model->createEvent($data); $this->model->createEvent($data);
@@ -38,21 +38,21 @@ class EventController {
} }
public function editEventForm() { public function editEventForm() {
$id = $_GET['ausstellungid']; $id = $_GET['event_id'];
$event = $this->model->getEvent($id); $event = $this->model->getEvent($id);
$this->view->setVars(['event' => $event]); $this->view->setVars(['event' => $event]);
} }
public function updateEvent($id, $data) { public function updateEvent($id, $data) {
$id = $_POST['ausstellungid']; $id = $_POST['event_id'];
$data = [ $data = [
'standortid' => $_POST['standortid'] ?? null, 'location_id' => $_POST['location_id'] ?? null,
'datum_von' => $_POST['datum_von'] ?? null, 'start_date' => $_POST['start_date'] ?? null,
'datum_bis' => $_POST['datum_bis'] ?? null, 'end_date' => $_POST['end_date'] ?? null,
'name' => $_POST['name'] ?? null, 'name' => $_POST['name'] ?? null,
'beschreibung' => $_POST['beschreibung'] ?? null, 'description' => $_POST['description'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? null, 'max_tickets' => $_POST['max_tickets'] ?? null,
'preis' => $_POST['preis'] ?? null 'ticket_price' => $_POST['ticket_price'] ?? null
]; ];
$this->model->updateEvent($id, $data); $this->model->updateEvent($id, $data);
} }

57
Controller/GutscheinController.php
View File

@@ -1,57 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\GutscheinModel;
class GutscheinController {
private $model;
private $view;
public function __construct($view) {
$this->model = new GutscheinModel();
$this->view = $view;
}
public function showGutscheine() {
$gutscheine = $this->model->getGutscheine();
$this->view->setVars(['gutscheine' => $gutscheine]);
}
public function createGutschein() {
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'eventid' => $_POST['eventid'] ?? null,
'gültigkeit' => $_POST['gültigkeit'] ?? null
];
$erg = $this->model->createGutschein($data);
$this->view->setVars(['gutschein' => $erg]);
exit;
}
public function editGutscheinForm() {
$id = $_GET['gutscheinid'];
if ($id) {
$gutschein = $this->model->getGutschein($id);
$this->view->setVars(['gutschein' => $gutschein]);
}
}
public function updateGutschein() {
$id = $_POST['gutscheinid'];
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'eventid' => $_POST['eventid'] ?? null,
'gültigkeit' => $_POST['gültigkeit'] ?? null
];
$this->model->updateGutschein($id, $data);
}
public function deleteGutschein() {
$id = $_GET['gutscheinid'] ?? null;
$this->model->deleteGutschein($id);
}
}

61
Controller/LocationController.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace Blog\Controller;
use Blog\Model\LocationModel;
class LocationController {
private $model;
private $view;
public function __construct($view) {
$this->model = new LocationModel();
$this->view = $view;
}
public function showLocations() {
$locations = $this->model->getLocations();
$this->view->setVars(['locations' => $locations]);
}
public function createLocation() {
$data = [
'street' => $_POST['street'],
'house_number' => $_POST['house_number'],
'postal_code' => $_POST['postal_code'],
'city' => $_POST['city'],
'country' => $_POST['country'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$result = $this->model->createLocation($data);
$this->view->setVars(['location' => $result]);
}
public function editLocationForm() {
$id = $_GET['location_id'];
$location = $this->model->getLocation($id);
$this->view->setVars(['location' => $location]);
}
public function updateLocation() {
$data = [
'street' => $_POST['street'],
'house_number' => $_POST['house_number'],
'postal_code' => $_POST['postal_code'],
'city' => $_POST['city'],
'country' => $_POST['country'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$location_id = $_POST['location_id'];
$result = $this->model->updateLocation($location_id, $data);
$this->view->setVars(['location' => $result]);
}
public function deleteLocation() {
$id = $_GET['location_id'] ?? null;
$this->model->deleteLocation($id);
}
}

12
Controller/LoginController.php
View File

@@ -1,12 +0,0 @@
<?php
namespace Blog\Controller;
class LoginController {
function showLoginPage(){
}
function showPasswortVergessen(){
}
}

10
Controller/ProfileController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class ProfileController {
function showProfile()
{
}
}

10
Controller/RegisterController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class RegisterController {
function showRegisterPage()
{
}
}

61
Controller/StandortController.php
View File

@@ -1,61 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\StandortModel;
class StandortController {
private $model;
private $view;
public function __construct($view) {
$this->model = new StandortModel();
$this->view = $view;
}
public function showStandorte() {
$standorte = $this->model->getStandorte();
$this->view->setVars(['standorte' => $standorte]);
}
public function createStandort() {
$data = [
'straße' => $_POST['straße'],
'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$erg = $this->model->createStandort($data);
$this->view->setVars(['standort' => $erg]);
}
public function editStandortForm() {
$id = $_GET['standortid'];
$standort = $this->model->getStandort($id);
$this->view->setVars(['standort' => $standort]);
}
public function updateStandort() {
$id = $_POST['standortid'];
$data = [
'straße' => $_POST['straße'],
'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$erg = $this->model->updateStandort($id, $data);
$this->view->setVars(['standort' => $erg]);
}
public function deleteStandort() {
$id = $_GET['standortid'] ?? null;
$this->model->deleteStandort($id);
}
}

12
Controller/TicketController.php
View File

@@ -21,13 +21,13 @@ class TicketController {
public function buyTicket() { public function buyTicket() {
$data = [ $data = [
'userid' => $_POST['userid'], 'user_id' => $_POST['user_id'] ?? null,
'eventid' => $_POST['eventid'], 'event_id' => $_POST['event_id'] ?? null,
'kaufdatum' => date('Y-m-d'), 'price' => $_POST['price'] ?? null
'gültigkeitsdatum' => $_POST['gültigkeitsdatum']
]; ];
$erg = $this->ticketModel->buyTicket($data);
$this->view->setVars(['ticket' => $erg]); $result = $this->ticketModel->createTicket($data);
$this->view->setVars(['ticket' => $result]);
} }
public function deleteTicket() { public function deleteTicket() {

10
Controller/TicketsController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class TicketsController {
function showTickets()
{
}
}

57
Controller/VoucherController.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
namespace Blog\Controller;
use Blog\Model\VoucherModel;
class VoucherController {
private $model;
private $view;
public function __construct($view) {
$this->model = new VoucherModel();
$this->view = $view;
}
public function showVouchers() {
$vouchers = $this->model->getVouchers();
$this->view->setVars(['vouchers' => $vouchers]);
}
public function createVoucher() {
$data = [
'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null
];
$result = $this->model->createVoucher($data);
$this->view->setVars(['voucher' => $result]);
exit;
}
public function editVoucherForm() {
$id = $_GET['voucher_id'];
if ($id) {
$voucher = $this->model->getVoucher($id);
$this->view->setVars(['voucher' => $voucher]);
}
}
public function updateVoucher() {
$id = $_POST['voucher_id'];
$data = [
'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null
];
$this->model->updateVoucher($id, $data);
}
public function deleteVoucher() {
$id = $_GET['voucher_id'] ?? null;
$this->model->deleteVoucher($id);
}
}

18
Controller/WelcomeController.php
View File

@@ -1,18 +0,0 @@
<?php
namespace Blog\Controller;
class WelcomeController
{
function showWelcome() {
}
function showProjects() {
}
function showTutorials() {
}
}

239
Model/AuthModel.php Normal file
View File

@@ -0,0 +1,239 @@
<?php
namespace Blog\Model;
use DateTime;
use PDO;
use PDOException;
class AuthModel extends Database
{
public function login(string $email, string $password)
{
$pdo = $this->linkDB();
$sql = "SELECT email, password, valid_until FROM user WHERE email = :email";
$params = [":email" => $email];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
$user = $sth->fetch(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Benutzerdaten.", $e);
return "Interner Datenbankfehler."; // Nur für Debug sichtbar machen, sonst besser allgemein halten
}
if (!$user) {
return "Benutzer mit dieser E-Mail wurde nicht gefunden.";
}
if (!password_verify($password, $user['password'])) {
return "Das eingegebene Passwort ist falsch.";
}
try {
$now = new DateTime();
$validUntil = new DateTime($user['valid_until']);
if ($now > $validUntil) {
return "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über \"Passwort vergessen\".";
}
} catch (\Exception $e) {
new \Blog\Library\ErrorMsg("Fehler beim Verarbeiten des Gültigkeitsdatums.", $e);
return "Fehler bei der Passwortprüfung.";
}
return true;
}
public function register($data) {
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
return "Bitte geben Sie eine gültige E-Mail ein.";
}
$requiredFields = [
'email', 'password', 'street', 'house_number', 'city', 'postal_code',
'country', 'first_name', 'last_name', 'phone'
];
foreach ($requiredFields as $field) {
if (empty($data[$field])) {
return "Bitte füllen Sie alle Felder aus.";
}
}
if ($this->userExistsByEmail($data['email'])) {
return "Ein Account mit dieser E-Mail existiert bereits.";
}
// Passwort-Validierung
if (!$this->checkDoublePw($data['password'], $data['password_repeat'])) {
return "Passwörter stimmen nicht überein.";
}
if ($this->pwRequirementCheck($data['password']) !== true) {
return "Passwort muss mindestens 8 Zeichen lang sein und mindestens ein Großbuchstabe, ein Kleinbuchstabe, eine Zahl und ein Sonderzeichen enthalten.";
}
$hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password, street, house_number, city, postal_code, country, first_name, last_name, phone, is_admin)
VALUES (:email, :password, :street, :house_number, :city, :postal_code, :country, :first_name, :last_name, :phone, :is_admin)";
$params = [
':email' => $data['email'],
':password' => $hashedPassword,
':street' => $data['street'],
':house_number' => $data['house_number'],
':city' => $data['city'],
':postal_code'=> $data['postal_code'],
':country'=> $data['country'],
':first_name' => $data['first_name'],
':last_name'=> $data['last_name'],
':phone' => $data['phone'],
':is_admin' => $data['is_admin'] ? 1 : 0,
];
try {
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return true;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
return false;
}
}
private function userExistsByEmail($email) {
try {
$pdo = $this->linkDB();
$sql = "SELECT user_id FROM user WHERE email = :email";
$params = [':email' => $email];
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return (bool) $stmt->fetch();
} catch (\PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler bei der E-Mail-Prüfung", $e);
return false;
}
}
public function pwForgot($email){
$randomPw = bin2hex(random_bytes(12 / 2));
$hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);
$this->forgottenPwUpdate($email, $hashedPassword);
$betreff = "Passwort zurücksetzen bei bibArts";
$nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";
$header = "From: noreply@edu.bib.de\r\n";
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
$maxTries = 5;
$try = 0;
$success = false;
while ($try < $maxTries && !$success) {
$erfolg = mail($email, $betreff, $nachricht, $header);
$try++;
if (!$erfolg) {
error_log("Mailversuch $try an $email fehlgeschlagen.");
sleep(1);
}
}
}
private function forgottenPwUpdate($email, $hashedPassword) {
try{
$pdo = $this->linkDB();
$sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
$stmt = $pdo->prepare($sqlCheck);
$stmt->execute([':email' => $email]);
if ($stmt->fetchColumn() == 0) {
return false;
}
$validUntil = (new DateTime())->add(new DateInterval('PT2H'))->format('Y-m-d H:i:s');
$sql = "UPDATE user
SET password = :password, valid_until = :valid_until
WHERE email = :email";
$stmt = $pdo->prepare($sql);
$params = [
':email' => $email,
':password' => $hashedPassword,
':valid_until' => $validUntil
];
return $stmt->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
return false;
}
}
public function updatePassword($email, $oldpw, $newpw){
if(!$this->login($email, $oldpw)) {
return false;
}
$requiredFields = [$email, $oldpw, $newpw];
foreach ($requiredFields as $field) {
if (empty($field)) {
return "Bitte füllen Sie alle Felder aus";
}
}
$hashedPassword = password_hash($newpw, PASSWORD_DEFAULT);
$sql = "UPDATE user SET password = :password WHERE email = :email";
try{
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
$params = [
':email' => $email,
':password' => $hashedPassword,
];
return $stmt->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
}
public function checkDoublePw($password1, $password2){
if($password1 === $password2){
return true;
}
else
return false;
}
public function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("[^a-zA-Z0-9\s]", $password));
$error[] = "min one special character";
if(empty($error))
return true;
else
return $error;
}
}

63
Model/EventModel.php
View File

@@ -8,11 +8,11 @@ class EventModel extends Database {
public function getEvents() { public function getEvents() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM ausstellung ORDER BY datum_von DESC;"; $sql = "SELECT * FROM event ORDER BY start_date ASC;";
try { try {
$sth = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$sth->execute(); $stmt->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC); return $stmt->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Events.", $e); new \Blog\Library\ErrorMsg("Fehler beim Lesen der Events.", $e);
die; die;
@@ -21,11 +21,12 @@ class EventModel extends Database {
public function getEvent($id) { public function getEvent($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM ausstellung WHERE ausstellungid = :id;"; $sql = "SELECT * FROM event WHERE event_id = :event_id;";
$params = [":event_id" => $id];
try { try {
$sth = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$sth->execute([":id" => $id]); $stmt->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC); return $stmt->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen des Events.", $e); new \Blog\Library\ErrorMsg("Fehler beim Lesen des Events.", $e);
die; die;
@@ -34,20 +35,29 @@ class EventModel extends Database {
public function updateEvent($id, $data) { public function updateEvent($id, $data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE ausstellung SET standortid = :standortid, datum_von = :datum_von, datum_bis = :datum_bis, name = :name, beschreibung = :beschreibung, max_tickets = :max_tickets, preis = :preis WHERE ausstellungid = :id;"; $sql = "UPDATE event SET
name = :name,
description = :description,
location_id = :location_id,
start_date = :start_date,
end_date = :end_date,
max_tickets = :max_tickets,
ticket_price = :ticket_price
WHERE event_id = :event_id;";
$params = [ $params = [
":standortid" => $data['standortid'],
":datum_von" => $data['datum_von'],
":datum_bis" => $data['datum_bis'],
":name" => $data['name'], ":name" => $data['name'],
":beschreibung" => $data['beschreibung'], ":description" => $data['description'],
":location_id" => $data['location_id'],
":start_date" => $data['start_date'],
":end_date" => $data['end_date'],
":max_tickets" => $data['max_tickets'], ":max_tickets" => $data['max_tickets'],
":preis" => $data['preis'], ":ticket_price" => $data['ticket_price'],
":id" => $id ":event_id" => $id
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);
return $sth;
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Events.", $e); new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Events.", $e);
die; die;
@@ -56,32 +66,35 @@ class EventModel extends Database {
public function createEvent($data) { public function createEvent($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets, preis) VALUES (:standortid, :datum_von, :datum_bis, :name, :beschreibung, :max_tickets, :preis);"; $sql = "INSERT INTO event (name, description, location_id, start_date, end_date, max_tickets, ticket_price)
VALUES (:name, :description, :location_id, :start_date, :end_date, :max_tickets, :ticket_price);";
$params = [ $params = [
":standortid" => $data['standortid'],
":datum_von" => $data['datum_von'],
":datum_bis" => $data['datum_bis'],
":name" => $data['name'], ":name" => $data['name'],
":beschreibung" => $data['beschreibung'], ":description" => $data['description'],
":location_id" => $data['location_id'],
":start_date" => $data['start_date'],
":end_date" => $data['end_date'],
":max_tickets" => $data['max_tickets'], ":max_tickets" => $data['max_tickets'],
":preis" => $data['preis'] ":ticket_price" => $data['ticket_price']
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);
return $sth; return $sth;
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Erstellen des Events.", $e); new \Blog\Library\ErrorMsg("Fehler beim Schreiben des Events.", $e);
die; die;
} }
} }
public function deleteEvent($id) { public function deleteEvent($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM ausstellung WHERE ausstellungid = :id;"; $sql = "DELETE FROM event WHERE event_id = :event_id;";
$params = [":event_id" => $id];
try { try {
$sth = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$sth->execute([":id" => $id]); $stmt->execute($params);
return $stmt->rowCount();
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Events.", $e); new \Blog\Library\ErrorMsg("Fehler beim Löschen des Events.", $e);
die; die;

86
Model/GutscheinModel.php
View File

@@ -1,86 +0,0 @@
<?php
namespace Blog\Model;
use PDOException;
class GutscheinModel extends Database {
public function getGutscheine() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein ORDER BY gültigkeit DESC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Gutscheine.", $e);
die;
}
}
public function getGutschein($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen des Gutscheins.", $e);
die;
}
}
public function createGutschein($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO gutschein (code, rabatt, eventid, gültigkeit) VALUES (:code, :rabatt, :eventid, :gültigkeit);";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":eventid" => $data['eventid'],
":gültigkeit" => $data['gültigkeit']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Erstellen des Gutscheins.", $e);
die;
}
}
public function updateGutschein($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE gutschein SET code = :code, rabatt = :rabatt, eventid = :eventid, gültigkeit = :gültigkeit WHERE gutscheinid = :id;";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":eventid" => $data['eventid'],
":gültigkeit" => $data['gültigkeit'],
":id" => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Gutscheins.", $e);
die;
}
}
public function deleteGutschein($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Gutscheins.", $e);
die;
}
}
}

69
Model/StandortModel.php → Model/LocationModel.php
View File

@@ -2,13 +2,14 @@
namespace Blog\Model; namespace Blog\Model;
use PDO;
use PDOException; use PDOException;
class StandortModel extends Database { class LocationModel extends Database {
public function getStandorte() { public function getLocations() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM Standort ORDER BY standortid ASC;"; $sql = "SELECT * FROM location ORDER BY location_id ASC;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute(); $sth->execute();
@@ -19,10 +20,10 @@ class StandortModel extends Database {
} }
} }
public function getStandort($standortid) { public function getLocation($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM Standort WHERE standortid = :standortid;"; $sql = "SELECT * FROM location WHERE location_id = :location_id;";
$params = [":standortid" => $standortid]; $params = [":location_id" => $id];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);
@@ -33,17 +34,17 @@ class StandortModel extends Database {
} }
} }
public function createStandort($data) { public function createLocation($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO Standort (straße, hausnr, postleitzahl, ort, land, tel, email) $sql = "INSERT INTO location (street, house_number, postal_code, city, country, phone, email)
VALUES (:straße, :hausnr, :postleitzahl, :ort, :land, :tel, :email);"; VALUES (:street, :house_number, :postal_code, :city, :country, :phone, :email);";
$params = [ $params = [
":straße" => $data['straße'], ":street" => $data['street'],
":hausnr" => $data['hausnr'], ":house_number" => $data['house_number'],
":postleitzahl" => $data['postleitzahl'], ":postal_code" => $data['postal_code'],
":ort" => $data['ort'], ":city" => $data['city'],
":land" => $data['land'], ":country" => $data['country'],
":tel" => $data['tel'], ":phone" => $data['phone'],
":email" => $data['email'] ":email" => $data['email']
]; ];
try { try {
@@ -56,26 +57,26 @@ class StandortModel extends Database {
} }
} }
public function updateStandort($standortid, $data) { public function updateLocation($id, $data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE Standort SET $sql = "UPDATE location SET
straße = :straße, street = :street,
hausnr = :hausnr, house_number = :house_number,
postleitzahl = :postleitzahl, postal_code = :postal_code,
ort = :ort, city = :city,
land = :land, country = :country,
tel = :tel, phone = :phone,
email = :email email = :email
WHERE standortid = :standortid;"; WHERE location_id = :location_id;";
$params = [ $params = [
":straße" => $data['straße'], ":street" => $data['street'],
":hausnr" => $data['hausnr'], ":house_number" => $data['house_number'],
":postleitzahl" => $data['postleitzahl'], ":postal_code" => $data['postal_code'],
":ort" => $data['ort'], ":city" => $data['city'],
":land" => $data['land'], ":country" => $data['country'],
":tel" => $data['tel'], ":phone" => $data['phone'],
":email" => $data['email'], ":email" => $data['email'],
":standortid" => $standortid ":location_id" => $id
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -87,10 +88,10 @@ class StandortModel extends Database {
} }
} }
public function deleteStandort($standortid) { public function deleteLocation($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM Standort WHERE standortid = :standortid;"; $sql = "DELETE FROM location WHERE location_id = :location_id;";
$params = [":standortid" => $standortid]; $params = [":location_id" => $id];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);

89
Model/NewsModel.php
View File

@@ -3,83 +3,58 @@
namespace Blog\Model; namespace Blog\Model;
use PDOException; use PDOException;
use PDO;
class NewsModel extends Database { class NewsModel extends Database {
public function getNewsById($newsId) { public function getNewsById($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM news WHERE newsid = :newsid;"; $sql = "SELECT * FROM news WHERE news_id = :news_id;";
$params = [":newsid" => $newsId]; $stmt = $pdo->prepare($sql);
try { $params = [':news_id' => $id];
$sth = $pdo->prepare($sql); $stmt->execute($params);
$sth->execute($params); return $stmt->fetch(PDO::FETCH_ASSOC);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der News.", $e);
die;
}
} }
public function updateNews($newsId, $news) { public function updateNews($id, $data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE news SET name = :name, beschreibung = :beschreibung, datum = :datum WHERE newsid = :newsid;"; $sql = "UPDATE news SET name = :name, description = :description, date = :date WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [ $params = [
":name" => $news['titel'], ':name' => $data['name'],
":beschreibung" => $news['inhalt'], ':description' => $data['description'],
":datum" => $news['datum'], ':date' => $data['date'],
":newsid" => $newsId ':news_id' => $id
]; ];
try { return $stmt->execute($params);
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der News.", $e);
die;
}
} }
public function getNews() { public function getNews() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM news ORDER BY datum DESC;"; $sql = "SELECT * FROM news ORDER BY date DESC;";
try { $stmt = $pdo->prepare($sql);
$sth = $pdo->prepare($sql); $stmt->execute();
$sth->execute(); return $stmt->fetchAll(PDO::FETCH_ASSOC);
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der News.", $e);
die;
}
} }
public function createNews($news) { public function createNews($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO news (name, beschreibung, datum) VALUES (:name, :beschreibung, :datum);"; $sql = "INSERT INTO news (name, description, date) VALUES (:name, :description, :date);";
$stmt = $pdo->prepare($sql);
$params = [ $params = [
":name" => $news['titel'], ':name' => $data['name'],
":beschreibung" => $news['inhalt'], ':description' => $data['description'],
":datum" => $news['datum'] ':date' => $data['date']
]; ];
try { $stmt->execute($params);
$sth = $pdo->prepare($sql); return $pdo->lastInsertId();
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der News.", $e);
die;
}
} }
public function deleteNews($newsId) { public function deleteNews($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM news WHERE newsid = :newsid;"; $sql = "DELETE FROM news WHERE news_id = :news_id;";
$params = [":newsid" => $newsId]; $stmt = $pdo->prepare($sql);
try { $params = [':news_id' => $id];
$sth = $pdo->prepare($sql); return $stmt->execute($params);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen der News.", $e);
die;
}
} }
} }

98
Model/TicketModel.php
View File

@@ -3,70 +3,72 @@
namespace Blog\Model; namespace Blog\Model;
use PDOException; use PDOException;
use PDO;
class TicketModel extends Database { class TicketModel extends Database {
public function getTickets() { public function getTickets() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM Ticket ORDER BY ticketid ASC;"; $sql = "SELECT * FROM ticket ORDER BY ticket_id ASC;";
try { $stmt = $pdo->prepare($sql);
$sth = $pdo->prepare($sql); $stmt->execute();
$sth->execute(); return $stmt->fetchAll(PDO::FETCH_ASSOC);
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Tickets.", $e);
die;
}
} }
public function buyTicket($data) { public function buyTicket($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO Ticket (userid, eventid, kaufdatum, gültigkeitsdatum) $sql = "INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES (:userid, :eventid, :kaufdatum, :gültigkeitsdatum);"; VALUES (:user_id, :event_id, :purchase_date, :valid_until)";
$stmt = $pdo->prepare($sql);
$params = [ $params = [
":userid" => $data['userid'], ':user_id' => $data['user_id'],
":eventid" => $data['eventid'], ':event_id' => $data['event_id'],
":kaufdatum" => $data['kaufdatum'], ':purchase_date' => $data['purchase_date'],
":gültigkeitsdatum" => $data['gültigkeitsdatum'] ':valid_until' => $data['valid_until']
]; ];
try { $stmt->execute($params);
$sth = $pdo->prepare($sql); return $pdo->lastInsertId();
$sth->execute($params);
return $pdo->lastInsertId();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Kauf des Tickets.", $e);
die;
}
} }
public function hasTicket($userid, $eventid) { public function checkTicketExists($userid, $ausstellungid) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT COUNT(*) as count FROM Ticket WHERE userid = :userid AND eventid = :eventid;"; $sql = "SELECT COUNT(*) as count FROM ticket WHERE user_id = :user_id AND event_id = :event_id;";
$params = [ $stmt = $pdo->prepare($sql);
":userid" => $userid, $params = [':user_id' => $userid, ':event_id' => $ausstellungid];
":eventid" => $eventid $stmt->execute($params);
]; $result = $stmt->fetch(PDO::FETCH_ASSOC);
try { return $result['count'] > 0;
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler bei der Ticketprüfung.", $e);
die;
}
} }
public function deleteTicket($ticketid) { public function deleteTicket($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM Ticket WHERE ticketid = :ticketid;"; $sql = "DELETE FROM ticket WHERE ticket_id = :ticket_id;";
$params = [":ticketid" => $ticketid]; $stmt = $pdo->prepare($sql);
try { $params = [':ticket_id' => $id];
$sth = $pdo->prepare($sql); return $stmt->execute($params);
$sth->execute($params); }
return $sth->rowCount();
} catch (PDOException $e) { public function createTicket($data) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Tickets.", $e); $pdo = $this->linkDB();
die; $sql = "INSERT INTO ticket (event_id, user_id, price) VALUES (:event_id, :user_id, :price);";
} $stmt = $pdo->prepare($sql);
$params = [
':event_id' => $data['event_id'],
':user_id' => $data['user_id'],
':price' => $data['price']
];
return $stmt->execute($params);
}
public function getTicketsByUser($userId) {
$pdo = $this->linkDB();
$sql = "SELECT t.*, e.name as event_name, e.start_date, e.end_date
FROM ticket t
JOIN event e ON t.event_id = e.event_id
WHERE t.user_id = :user_id;";
$stmt = $pdo->prepare($sql);
$params = [':user_id' => $userId];
$stmt->execute($params);
return $stmt->fetchAll(PDO::FETCH_ASSOC);
} }
} }

62
Model/VoucherModel.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
namespace Blog\Model;
use PDO;
use PDOException;
class VoucherModel extends Database {
public function getVouchers() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM voucher ORDER BY valid_until DESC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function getVoucher($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM voucher WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [':id' => $id];
$stmt->execute($params);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function createVoucher($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO voucher (code, discount, event_id, valid_until) VALUES (:code, :discount, :event_id, :valid_until);";
$stmt = $pdo->prepare($sql);
$params = [
':code' => $data['code'],
':discount' => $data['discount'],
':event_id' => $data['event_id'],
':valid_until' => $data['valid_until']
];
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function updateVoucher($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE voucher SET code = :code, discount = :discount, event_id = :event_id, valid_until = :valid_until WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [
':code' => $data['code'],
':discount' => $data['discount'],
':event_id' => $data['event_id'],
':valid_until' => $data['valid_until'],
':id' => $id
];
return $stmt->execute($params);
}
public function deleteVoucher($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM voucher WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [':id' => $id];
return $stmt->execute($params);
}
}

28
Views/Auth/showLoginForm.phtml Normal file
View File

@@ -0,0 +1,28 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<label for="email">E-Mail</label>
<input class="input-email" type="email" name="email" id="email" placeholder="E-Mail" required>
<label for="password">Passwort</label>
<input class="input-passwort" type="password" name="password" id="password" placeholder="Passwort" required>
<button class="button-loggin" type="submit">Login</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<br>
<a class="link-konto-erstellen" href="?controller=Auth&do=showRegistrationForm">Konto erstellen</a>
</div>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

55
Views/Auth/showRegistrationForm.phtml Normal file
View File

@@ -0,0 +1,55 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="register">
<label>
<input class="input-vorname" type="text" name="vorname" placeholder="Vorname">
</label>
<label>
<input class="input-nachname" type="text" name="nachname" placeholder="Nachname">
</label>
<label>
<input class="input-email" type="text" name="email" placeholder="E-Mail">
</label>
<label>
<input class="input-passwort" type="password" name="password" placeholder="Passwort">
</label>
<label>
<input class="input-passwort-repeat" type="password" name="password_repeat" placeholder="Passwort wiederholen">
</label>
<label>
<input class="input-strasse" type="text" name="strasse" placeholder="Straße">
</label>
<label>
<input class="input-hausnr" type="text" name="hausnr" placeholder="Hausnr.">
</label>
<label>
<input class="input-postleitzahl" type="text" name="plz" placeholder="Postleitzahl">
</label>
<label>
<input class="input-ort" type="text" name="ort" placeholder="Ort">
</label>
<label>
<input class="input-land" type="text" name="land" placeholder="Land">
</label>
<label>
<input class="input-tel" type="text" name="tel" placeholder="Telefonnr.">
</label>
<button class="button-register" type="submit">Registrieren</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Auth&do=showLoginForm" class="login-link">Bereits registriert? Hier einloggen</a>
</div>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

8
Views/Event/createEvent.phtml
View File

@@ -3,10 +3,10 @@ include dirname(__DIR__).'/header.phtml';
?> ?>
<div class="msg"> <div class="msg">
<p>Das Event "<?php echo $name?>" wurde erfolgreich erstellt!</p> <p>Das Event "<?php echo $event['name']?>" wurde erfolgreich erstellt!</p>
<a href="?controller=Event&do=showEvents">Weiter</a> <a href="?controller=Event&do=showEvents">Weiter</a>
</div> </div>
<?php
include dirname(__DIR__).'/footer.phtml';
<?php include dirname(__DIR__).'/footer.phtml'; ?> ?>

6
Views/Event/deleteEvent.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Event&do=showEvents">Weiter</a> <a href="?controller=Event&do=showEvents">Weiter</a>
</div> </div>
<?php
include dirname(__DIR__).'/footer.phtml';
<?php include dirname(__DIR__).'/footer.phtml'; ?> ?>

21
Views/Event/showEvents.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?> <?php
include dirname(__DIR__).'/header.phtml';
<h2>Alle Ausstellungen</h2> ?>
<h2>Alle Events</h2>
<?php if (!empty($events)): ?> <?php if (!empty($events)): ?>
<table> <table>
<thead> <thead>
@@ -17,16 +17,17 @@
<?php foreach ($events as $event): ?> <?php foreach ($events as $event): ?>
<tr> <tr>
<td><?php echo htmlspecialchars($event['name']); ?></td> <td><?php echo htmlspecialchars($event['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($event['beschreibung'])); ?></td> <td><?php echo nl2br(htmlspecialchars($event['description'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['datum_von'])); ?></td> <td><?php echo date('d.m.Y', strtotime($event['start_date'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['datum_bis'])); ?></td> <td><?php echo date('d.m.Y', strtotime($event['end_date'])); ?></td>
<td><?php echo (int) $event['max_tickets']; ?></td> <td><?php echo (int) $event['max_tickets']; ?></td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
</table> </table>
<?php else: ?> <?php else: ?>
<p>Derzeit sind keine Ausstellungen verfügbar.</p> <p>Derzeit sind keine Events verfügbar.</p>
<?php endif; ?> <?php endif; ?>
<?php
<?php include dirname(__DIR__) . '/footer.phtml'; ?> include dirname(__DIR__).'/footer.phtml';
?>

8
Views/Event/updateEvent.phtml
View File

@@ -3,10 +3,10 @@ include dirname(__DIR__).'/header.phtml';
?> ?>
<div class="msg"> <div class="msg">
<p>Das Event mit der ID "<?php echo $ausstellungid?>" wurde erfolgreich bearbeitet!</p> <p>Das Event mit der ID "<?php echo $event_id?>" wurde erfolgreich bearbeitet!</p>
<a href="?controller=Event&do=showEvents">Weiter</a> <a href="?controller=Event&do=showEvents">Weiter</a>
</div> </div>
<?php
include dirname(__DIR__).'/footer.phtml';
<?php include dirname(__DIR__).'/footer.phtml'; ?> ?>

1
Views/Gutschein/createGutschein.phtml
View File

@@ -1 +0,0 @@
echo "create gutschein"

35
Views/Gutschein/showGutscheine.phtml
View File

@@ -1,35 +0,0 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Gutschein&do=createGutscheinForm">Neuen Gutschein anlegen</a>
<?php if (!empty($gutscheine)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
<tr>
<th>Code</th>
<th>Rabatt (%)</th>
<th>Event-ID</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($gutscheine as $g): ?>
<tr>
<td><?php echo htmlspecialchars($g['code']); ?></td>
<td><?php echo (int)$g['rabatt']; ?></td>
<td><?php echo (int)$g['eventid']; ?></td>
<td><?php echo htmlspecialchars($g['gültigkeit']); ?></td>
<td>
<a href="?controller=Gutschein&action=editGutscheinForm&id=<?php echo $g['gutscheinid']; ?>">Bearbeiten</a> |
<a href="?controller=Gutschein&action=deleteGutschein&id=<?php echo $g['gutscheinid']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>

17
Views/Standort/showStandorte.phtml → Views/Location/showStandorte.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?> <?php
include dirname(__DIR__).'/header.phtml';
<h2>Unsere Standorte</h2> ?>
<h2>Unsere Standorte</h2>
<?php if (!empty($standorte)): ?> <?php if (!empty($standorte)): ?>
<table border="1" cellpadding="8" cellspacing="0"> <table border="1" cellpadding="8" cellspacing="0">
<thead> <thead>
@@ -18,9 +18,9 @@
<tbody> <tbody>
<?php foreach ($standorte as $standort): ?> <?php foreach ($standorte as $standort): ?>
<tr> <tr>
<td><?php echo htmlspecialchars($standort['straße']); ?></td> <td><?php echo htmlspecialchars($standort['strasse']); ?></td>
<td><?php echo htmlspecialchars($standort['hausnr']); ?></td> <td><?php echo htmlspecialchars($standort['hausnr']); ?></td>
<td><?php echo htmlspecialchars($standort['postleitzahl']); ?></td> <td><?php echo htmlspecialchars($standort['plz']); ?></td>
<td><?php echo htmlspecialchars($standort['ort']); ?></td> <td><?php echo htmlspecialchars($standort['ort']); ?></td>
<td><?php echo htmlspecialchars($standort['land']); ?></td> <td><?php echo htmlspecialchars($standort['land']); ?></td>
<td><?php echo htmlspecialchars($standort['tel']); ?></td> <td><?php echo htmlspecialchars($standort['tel']); ?></td>
@@ -32,5 +32,6 @@
<?php else: ?> <?php else: ?>
<p>Keine Standorte gefunden.</p> <p>Keine Standorte gefunden.</p>
<?php endif; ?> <?php endif; ?>
<?php
<?php include dirname(__DIR__) . '/footer.phtml'; ?> include dirname(__DIR__).'/footer.phtml';
?>

20
Views/Login/showLoginPage.phtml
View File

@@ -1,20 +0,0 @@
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<button class="button-loggin">Login</button>
<a class="link-passwort-vergessen" href="?controller=Login&do=showPasswortVergessen">Passwort vergessen?</a>
<a class="link-konto-erstellen" href="?controller=Register&do=showRegisterPage">Konto erstellen</a>
</div>
</div>

0
Views/Login/showPasswortVergessen.phtml
View File

19
Views/News/showNews.phtml
View File

@@ -1,12 +1,12 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?> <?php
include dirname(__DIR__).'/header.phtml';
<h2>Alle News</h2> ?>
<h2>Alle News</h2>
<?php if (!empty($news)): ?> <?php if (!empty($news)): ?>
<table> <table>
<thead> <thead>
<tr> <tr>
<th>Name</th> <th>Titel</th>
<th>Beschreibung</th> <th>Beschreibung</th>
<th>Datum</th> <th>Datum</th>
</tr> </tr>
@@ -15,8 +15,8 @@
<?php foreach ($news as $item): ?> <?php foreach ($news as $item): ?>
<tr> <tr>
<td><?php echo htmlspecialchars($item['name']); ?></td> <td><?php echo htmlspecialchars($item['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($item['beschreibung'])); ?></td> <td><?php echo nl2br(htmlspecialchars($item['description'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($item['datum'])); ?></td> <td><?php echo date('d.m.Y', strtotime($item['date'])); ?></td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
@@ -24,5 +24,6 @@
<?php else: ?> <?php else: ?>
<p>Derzeit sind keine News verfügbar.</p> <p>Derzeit sind keine News verfügbar.</p>
<?php endif; ?> <?php endif; ?>
<?php
<?php include dirname(__DIR__) . '/footer.phtml'; ?> include dirname(__DIR__).'/footer.phtml';
?>

0
Views/Profile/showProfile.phtml
View File

64
Views/Register/showRegisterPage.phtml
View File

@@ -1,64 +0,0 @@
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-vorname" type="text" placeholder="Vorname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-nachname" type="text" placeholder="Nachname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort-repeat" type="text" placeholder="Passwort wiederholen">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-strasse" type="text" placeholder="Straße">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-hausnr" type="text" placeholder="Hausnr.">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-postleitzahl" type="text" placeholder="Postleitzahl">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-ort" type="text" placeholder="Ort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-land" type="text" placeholder="Land">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-tel" type="text" placeholder="Telefonnr.">
</label>
</form>
<button class="button-register">Registrieren</button>
<a class="link-konto-erstellen" href="?controller=Login&do=showLoginPage">Login</a>
</div>
</div>

6
Views/Ticket/buyTicket.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Welcome&do=showWelcome">Weiter</a> <a href="?controller=Welcome&do=showWelcome">Weiter</a>
</div> </div>
<?php
include dirname(__DIR__).'/footer.phtml';
<?php include dirname(__DIR__).'/footer.phtml'; ?> ?>

8
Views/Tickets/showTickets.phtml
View File

@@ -1,8 +0,0 @@
<div class="inhalt">
<div class="tickets-container">
<h1>Tickets</h1>
<div class="tickets-container-inhalt">
</div>
</div>
</div>

7
Views/Voucher/createVoucher.phtml Normal file
View File

@@ -0,0 +1,7 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<!-- Gutschein-Erstellungsformular oder Inhalt hier einfügen -->
<?php
include dirname(__DIR__).'/footer.phtml';
?>

37
Views/Voucher/showVouchers.phtml Normal file
View File

@@ -0,0 +1,37 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Voucher&do=createVoucherForm">Neuen Gutschein anlegen</a>
<?php if (!empty($vouchers)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
<tr>
<th>Code</th>
<th>Rabatt (%)</th>
<th>Event-ID</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($vouchers as $v): ?>
<tr>
<td><?php echo htmlspecialchars($v['code']); ?></td>
<td><?php echo (int)$v['discount']; ?></td>
<td><?php echo (int)$v['event_id']; ?></td>
<td><?php echo htmlspecialchars($v['valid_until']); ?></td>
<td>
<a href="?controller=Voucher&do=editVoucherForm&id=<?php echo $v['voucher_id']; ?>">Bearbeiten</a> |
<a href="?controller=Voucher&do=deleteVoucher&id=<?php echo $v['voucher_id']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

50
Views/header.phtml
View File

@@ -1,36 +1,30 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="HTML-5"> <html lang="de">
<head> <head>
<title>VR Contact</title> <title>Bib Arts</title>
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="CSS/style.css" rel="stylesheet" type="text/css" /> <link href="/bibarts/CSS/style.css" rel="stylesheet" type="text/css" />
</head> </head>
<body> <body>
<nav id="navigation"> <div id="wrapper">
<div class="link-container"> <nav id="navigation">
<div id="logo" ><a class="link-logo" href="#"></a></div> <div class="link-container">
<button id="nav-toggle-btn" aria-label="Menü ein-/ausklappen">&#9660;</button> <div id="logo" ><a class="link-logo" href="#"></a></div>
<div class="nav-links"> <a id="link-ausstellungen" class="links" href="?controller=Event&do=showEvents">Ausstellungen</a>
<a id="link-tickets" class="links" href="?controller=Tickets&do=showTickets">Tickets</a> <a id="link-tickets" class="links" href="#">Tickets</a>
<a id="link-infos" class="links" href="?controller=Welcome&do=showWelcome">Infos</a> <a id="link-news" class="links" href="/bibarts/?controller=News&do=showNews">News</a>
<a id="link-profil" class="links" href="?controller=Profile&do=showProfile">Profil</a> <a id="link-profil" class="links" href="?controller=Contact&do=showContactForm">Profil</a>
<a id="link-login" class="links" href="?controller=Login&do=showLoginPage">Login</a>
<a id="link-register" class="links" href="?controller=Register&do=showRegisterPage">Register</a>
<div id="profile-picture"></div> <div id="profile-picture"></div>
<?php if (isset($_SESSION['user'])): ?>
<form method="post" action="/bibarts/index.php" style="display:inline;">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="logout">
<button type="submit" class="links" style="background:none;border:none;cursor:pointer;">Logout</button>
</form>
<?php else: ?>
<a class="links" href="?controller=Auth&do=showLoginForm">Login</a>
<?php endif; ?>
</div> </div>
</div> </nav>
</nav> </div>
<script>
document.addEventListener('DOMContentLoaded', function() {
var btn = document.getElementById('nav-toggle-btn');
var links = document.querySelector('.nav-links');
if (btn && links) {
btn.addEventListener('click', function() {
links.classList.toggle('open');
btn.classList.toggle('open');
btn.innerHTML = links.classList.contains('open') ? '&#9650;' : '&#9660;';
});
}
});
</script>

136
bibarts.sql
View File

@@ -1,124 +1,112 @@
-- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Erstellungszeit: 24. Nov 2017 um 17:01
-- Server-Version: 10.1.16-MariaDB
-- PHP-Version: 7.0.9
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO"; SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00"; SET time_zone = "+00:00";
--
-- Datenbank: `blog`
--
-- -------------------------------------------------------- -- --------------------------------------------------------
CREATE TABLE User ( CREATE TABLE user (
userid INT AUTO_INCREMENT PRIMARY KEY, user_id INT AUTO_INCREMENT PRIMARY KEY,
vorname VARCHAR(50), first_name VARCHAR(50),
nachname VARCHAR(50), last_name VARCHAR(50),
strasse VARCHAR(100), street VARCHAR(100),
hausnr VARCHAR(10), house_number VARCHAR(10),
postleitzahl VARCHAR(10), postal_code VARCHAR(10),
ort VARCHAR(50), city VARCHAR(50),
land VARCHAR(50), country VARCHAR(50),
tel VARCHAR(20), phone VARCHAR(20),
email VARCHAR(100) UNIQUE, email VARCHAR(100) UNIQUE,
isAdmin BOOLEAN DEFAULT FALSE, is_admin BOOLEAN DEFAULT FALSE,
valid_until DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00',
password VARCHAR(255) password VARCHAR(255)
); );
CREATE TABLE Standort ( CREATE TABLE location (
standortid INT AUTO_INCREMENT PRIMARY KEY, location_id INT AUTO_INCREMENT PRIMARY KEY,
strasse VARCHAR(100), street VARCHAR(100),
hausnr VARCHAR(10), house_number VARCHAR(10),
plz VARCHAR(10), postal_code VARCHAR(10),
ort VARCHAR(50), city VARCHAR(50),
land VARCHAR(50), country VARCHAR(50),
tel VARCHAR(20), phone VARCHAR(20),
email VARCHAR(100) email VARCHAR(100)
); );
CREATE TABLE Ausstellung ( CREATE TABLE event (
austellungid INT AUTO_INCREMENT PRIMARY KEY, event_id INT AUTO_INCREMENT PRIMARY KEY,
standortid INT, location_id INT,
datum_von DATE, start_date DATE,
datum_bis DATE, end_date DATE,
name VARCHAR(100), name VARCHAR(100),
beschreibung TEXT, description TEXT,
max_tickets INT, max_tickets INT,
FOREIGN KEY (standortid) REFERENCES Standort(standortid) ticket_price DECIMAL(5,2),
FOREIGN KEY (location_id) REFERENCES location(location_id)
); );
CREATE TABLE Ticket ( CREATE TABLE ticket (
ticketid INT AUTO_INCREMENT PRIMARY KEY, ticket_id INT AUTO_INCREMENT PRIMARY KEY,
userid INT, user_id INT,
ausstellungid INT, event_id INT,
kaufdatum DATE, purchase_date DATE,
gueltigkeit DATE, valid_until DATE,
preis DECIMAL(10,2), FOREIGN KEY (user_id) REFERENCES user(user_id),
FOREIGN KEY (userid) REFERENCES User(userid), FOREIGN KEY (event_id) REFERENCES event(event_id)
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
); );
CREATE TABLE Gutschein ( CREATE TABLE voucher (
gutscheinid INT AUTO_INCREMENT PRIMARY KEY, voucher_id INT AUTO_INCREMENT PRIMARY KEY,
code VARCHAR(50) UNIQUE, code VARCHAR(50) UNIQUE,
rabatt INT CHECK (rabatt BETWEEN 0 AND 100), discount INT CHECK (discount BETWEEN 0 AND 100),
ausstellungid INT, event_id INT,
gueltigkeit DATE, valid_until DATE,
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid) FOREIGN KEY (event_id) REFERENCES event(event_id)
); );
CREATE TABLE News ( CREATE TABLE news (
newsid INT AUTO_INCREMENT PRIMARY KEY, news_id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100), name VARCHAR(100),
beschreibung TEXT, description TEXT,
datum DATE date DATE
); );
-- User-Daten -- User-Daten (Passwort: passwort123)
INSERT INTO User (vorname, nachname, strasse, hausnr, postleitzahl, ort, land, tel, email, isAdmin, password) INSERT INTO user (first_name, last_name, street, house_number, postal_code, city, country, phone, email, is_admin, password)
VALUES VALUES
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, 'passwort123'), ('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, '$2y$10$VAj.C0XHPUxV4oXS6b79aumlg5fBMPPx5FPqgkQSIQeBLh0WtYmKy'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, 'adminpass'); ('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, '$2y$10$cnPBpkvLbdpDxzYvxlQg9uVp5y8ggr2SWL8NAMg9zk.3QnnEl.MGq');
-- Standort-Daten -- Standort-Daten
INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email) INSERT INTO location (street, house_number, postal_code, city, country, phone, email)
VALUES VALUES
('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'), ('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'),
('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de'); ('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de');
-- Ausstellung-Daten -- Ausstellung-Daten
INSERT INTO Ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets) INSERT INTO event (location_id, start_date, end_date, name, description, max_tickets, ticket_price)
VALUES VALUES
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200), (1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200, 19.99),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150); (2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150, 39.99);
-- Gutschein-Daten (Spaltennamen korrigiert) -- Gutschein-Daten
INSERT INTO Gutschein (code, rabatt, ausstellungid, gueltigkeit) INSERT INTO voucher (code, discount, event_id, valid_until)
VALUES VALUES
('SOMMER2025', 15, 1, '2025-08-31'), ('SOMMER2025', 15, 1, '2025-08-31'),
('HERBST25', 25, 2, '2025-10-15'); ('HERBST25', 25, 2, '2025-10-15');
-- Ticket-Daten (Spaltennamen korrigiert) -- Ticket-Daten
INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit, preis) INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES VALUES
(1, 1, '2025-06-01', '2025-07-15', 12.50), (1, 1, '2025-06-01', '2025-07-15'),
(2, 2, '2025-06-05', '2025-09-15', 10.00); (2, 2, '2025-06-05', '2025-09-15');
-- News-Daten -- News-Daten
INSERT INTO News (name, beschreibung, datum) INSERT INTO news (name, description, date)
VALUES VALUES
('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'), ('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'),
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20'); ('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');

79
index.php
View File

@@ -1,50 +1,45 @@
<?php <?php
session_start();
include 'Views/header.phtml';
?>
<div id="wrapper">
<?php
spl_autoload_register(function ($className) {
if (substr($className, 0, 5) !== 'Blog\\') {
// not our business
return;
}
$fileName = __DIR__.'/'.str_replace('\\', DIRECTORY_SEPARATOR, substr($className, 5)).'.php'; session_start();;;
if (file_exists($fileName)) { spl_autoload_register(function ($className) {
include $fileName; if (substr($className, 0, 5) !== 'Blog\\') {
} // not our business
}); return;
}
$controllerName = "";
$doMethodName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Welcome";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showWelcome";
} else {
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Welcome";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showWelcome";
}
$controllerClassName = 'Blog\\Controller\\'.ucfirst($controllerName).'Controller'; $fileName = __DIR__.'/'.str_replace('\\', DIRECTORY_SEPARATOR, substr($className, 5)).'.php';
if (method_exists($controllerClassName, $doMethodName)) { if (file_exists($fileName)) {
$view = new \Blog\Library\View(__DIR__.DIRECTORY_SEPARATOR.'Views' include $fileName;
, ucfirst($controllerName), $doMethodName); }
});
$controller = new $controllerClassName($view);
$controller->$doMethodName();
$controllerName = "";
$doMethodName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Auth";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showAuthForm";
} else {
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Auth";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showAuthForm";
}
$view->render(); $controllerClassName = 'Blog\\Controller\\'.ucfirst($controllerName).'Controller';
} else { if (method_exists($controllerClassName, $doMethodName)) {
new \Blog\Library\ErrorMsg('Page not found: '.$controllerClassName.'::'.$doMethodName); $view = new \Blog\Library\View(__DIR__.DIRECTORY_SEPARATOR.'Views'
} , ucfirst($controllerName), $doMethodName);
?>
</div> $controller = new $controllerClassName($view);
<?php $controller->$doMethodName();
include 'Views/footer.phtml';
$view->render();
} else {
new \Blog\Library\ErrorMsg('Page not found: '.$controllerClassName.'::'.$doMethodName);
}
?> ?>