PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PBBFA23CSE:49a8f6a1dc8ee14d82c243fab02d0ae4120ad1f9
Branches Tags
PBBFA23CSE:main PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:develop
..
compare: PBBFA23CSE:develop
Branches Tags
PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:main PBBFA23CSE:develop

4 Commits
49a8f6a1dc ... develop

Author SHA1 Message Date
Max Schneider
5bde268b89 Merge remote-tracking branch 'origin/develop' into develop 2025-06-12 16:30:43 +02:00
Max Schneider
5cef69ae81 added database creation sql with test data karsten kann nicht coden 2025-06-12 16:29:00 +02:00
Karsten Tlotzek
f3699cb287 Added .gitignore 2025-06-12 16:27:03 +02:00
Karsten Tlotzek
1f8e7dc67b Test 2025-06-12 16:24:31 +02:00
5 changed files with 283 additions and 338 deletions
Expand all files Collapse all files

193
.gitignore vendored Normal file
View File

@@ -0,0 +1,193 @@
# Created by https://www.toptal.com/developers/gitignore/api/intellij,windows,macos,git
# Edit at https://www.toptal.com/developers/gitignore?templates=intellij,windows,macos,git
### Git ###
# Created by git for backups. To disable backups in Git:
# $ git config --global mergetool.keepBackup false
*.orig
# Created by git when using merge tools for conflicts
*.BACKUP.*
*.BASE.*
*.LOCAL.*
*.REMOTE.*
*_BACKUP_*.txt
*_BASE_*.txt
*_LOCAL_*.txt
*_REMOTE_*.txt
### Intellij ###
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff
.idea/**/workspace.xml
.idea/encodings.xml
.idea/php.xml
.idea/**/tasks.xml
.idea/**/usage.statistics.xml
.idea/**/dictionaries
.idea/**/shelf
# AWS User-specific
.idea/**/aws.xml
# Generated files
.idea/**/contentModel.xml
# Sensitive or high-churn files
.idea/**/dataSources/
.idea/**/dataSources.ids
.idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml
.idea/**/dynamic.xml
.idea/**/uiDesigner.xml
.idea/**/dbnavigator.xml
# Gradle
.idea/**/gradle.xml
.idea/**/libraries
# Gradle and Maven with auto-import
# When using Gradle or Maven with auto-import, you should exclude module files,
# since they will be recreated, and may cause churn. Uncomment if using
# auto-import.
# .idea/artifacts
# .idea/compiler.xml
# .idea/jarRepositories.xml
# .idea/modules.xml
# .idea/*.iml
# .idea/modules
# *.iml
# *.ipr
# CMake
cmake-build-*/
# Mongo Explorer plugin
.idea/**/mongoSettings.xml
# File-based project format
*.iws
# IntelliJ
out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
# Cursive Clojure plugin
.idea/replstate.xml
# SonarLint plugin
.idea/sonarlint/
# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
# Editor-based Rest Client
.idea/httpRequests
# Android studio 3.1+ serialized cache file
.idea/caches/build_file_checksums.ser
### Intellij Patch ###
# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721
# *.iml
# modules.xml
# .idea/misc.xml
# *.ipr
# Sonarlint plugin
# https://plugins.jetbrains.com/plugin/7973-sonarlint
.idea/**/sonarlint/
# SonarQube Plugin
# https://plugins.jetbrains.com/plugin/7238-sonarqube-community-plugin
.idea/**/sonarIssues.xml
# Markdown Navigator plugin
# https://plugins.jetbrains.com/plugin/7896-markdown-navigator-enhanced
.idea/**/markdown-navigator.xml
.idea/**/markdown-navigator-enh.xml
.idea/**/markdown-navigator/
# Cache file creation bug
# See https://youtrack.jetbrains.com/issue/JBR-2257
.idea/$CACHE_FILE$
# CodeStream plugin
# https://plugins.jetbrains.com/plugin/12206-codestream
.idea/codestream.xml
# Azure Toolkit for IntelliJ plugin
# https://plugins.jetbrains.com/plugin/8053-azure-toolkit-for-intellij
.idea/**/azureSettings.xml
### macOS ###
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
### macOS Patch ###
# iCloud generated files
*.icloud
### Windows ###
# Windows thumbnail cache files
Thumbs.db
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msix
*.msm
*.msp
# Windows shortcuts
*.lnk
# End of https://www.toptal.com/developers/gitignore/api/intellij,windows,macos,git

55
Controller/AuthController.php
View File

@@ -1,55 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\AuthModel;
class AuthController
{
protected $view;
private $db;
private $validData = array();
private $errors = array();
private $labels = array("name" => "Name", "email" => "E-Mail-Adresse", "content" => "Nachricht");
public function __construct($view)
{
$this->db = new AuthModel();
$this->view = $view;
}
public function showAuthForm()
{
$this->view->setVars([
'labels' => $this->labels,
'validData' => $this->validData,
'errors' => $this->errors
]);
}
public function showConfirmation()
{
}
public function validateForm(){
foreach ($this->labels as $index => $value) {
if (!isset($_POST[$index]) || empty($_POST[$index])) {
$this->errors[$index] = "Bitte " . $value . " angeben";
} else {
$this->validData[$index] = $_POST[$index];
}
}
if (count($this->errors) > 0) {
$this->view->setDoMethodName("showContactForm");
$this->showContactForm();
} else {
if ($this->db->writeContactData($this->validData)) {
$this->view->setDoMethodName("showConfirmation");
$this->showConfirmation();
}
}
}
}

149
Model/AuthModel.php
View File

@@ -1,149 +0,0 @@
<?php
namespace Blog\Model;
use PDOException;
class AuthModel extends Database
{
public function login($email, $password){
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$params=array();
$params[":email"] = $email;
$params[":password"] = $hashedPassword;
$sql = "SELECT email, password, validUntil FROM user WHERE email = $email AND password = $password";
$pdo = $this->linkDB();
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
$result = $sth->fetchAll();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
if(new \DateTime() <= DateTime($result['validUntil']))
return $result ? true : false;
else
return "Ihr Passwort ist abgelaufen \n bitte erstellen Sie ein neues über: Passwort Vergessen";
}
public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
{
$rtn = $this->pwRequirementCheck($password);
if($rtn !== true){
return $rtn;
}
else{
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, passwort, straße, hausnr, ort, postleitzahl,land, vorname, nachname, tel)
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land, :vorname, :nachname, :tel)";
try{
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
return $stmt->execute([
':email' => $email,
':password' => $hashedPassword,
':straße' => $straße,
':hausnr' => $hausnr,
':ort' => $ort,
':postleitzahl' => $postleitzahl,
':land' => $land,
':vorname' => $vorname,
':nachname' => $nachname,
':tel' => $tel
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
}
}
private function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("/[ <>|°^,;·.:…\-_#'+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞЪŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ ]/", $password));
$error[] = "min one of these: <>|°^,;·.:…\-_#'+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞЪŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ";
if(empty($error))
return true;
else
return $error;
}
public function pwForgot($email){
$randomPw = bin2hex(random_bytes(12 / 2));
$hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);
$betreff = "Passwort zurücksetzen bei bibArts";
$nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";
$header = "From: noreply@edu.bib.de\r\n";
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
$maxTries = 5;
$try = 0;
$success = false;
while ($try < $maxTries && !$success) {
$erfolg = mail($email, $betreff, $nachricht, $header);
$try++;
if (!$erfolg) {
error_log("Mailversuch $try an $email fehlgeschlagen.");
sleep(1);
}
}
}
private function forgottenPwUpdate($email, $hashedPassword)
{
try{
$pdo = $this->linkDB();
$sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
$stmt = $pdo->prepare($sqlCheck);
$stmt->execute([':email' => $email]);
if ($stmt->fetchColumn() == 0) {
return false;
}
$sql = "UPDATE user
SET passwort = :password
WHERE email = :email";
$stmt = $pdo->prepare($sql);
return $stmt->execute([
':email' => $email,
':password' => $hashedPassword
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
return false;
}
}
public function checkDoublePw($password1, $password2){
if($password1 === $password2){
return true;
}
else
return false;
}
}

78
bibarts.sql
View File

@@ -1,4 +1,22 @@
CREATE TABLE user ( -- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Erstellungszeit: 24. Nov 2017 um 17:01
-- Server-Version: 10.1.16-MariaDB
-- PHP-Version: 7.0.9
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
--
-- Datenbank: `blog`
--
-- --------------------------------------------------------
CREATE TABLE User (
userid INT AUTO_INCREMENT PRIMARY KEY, userid INT AUTO_INCREMENT PRIMARY KEY,
vorname VARCHAR(50), vorname VARCHAR(50),
nachname VARCHAR(50), nachname VARCHAR(50),
@@ -14,7 +32,7 @@ CREATE TABLE user (
); );
CREATE TABLE standort ( CREATE TABLE Standort (
standortid INT AUTO_INCREMENT PRIMARY KEY, standortid INT AUTO_INCREMENT PRIMARY KEY,
straße VARCHAR(100), straße VARCHAR(100),
hausnr VARCHAR(10), hausnr VARCHAR(10),
@@ -26,7 +44,7 @@ CREATE TABLE standort (
); );
CREATE TABLE ausstellung ( CREATE TABLE Ausstellung (
austellungid INT AUTO_INCREMENT PRIMARY KEY, austellungid INT AUTO_INCREMENT PRIMARY KEY,
standortid INT, standortid INT,
datum_von DATE, datum_von DATE,
@@ -38,7 +56,7 @@ CREATE TABLE ausstellung (
); );
CREATE TABLE ticket ( CREATE TABLE Ticket (
ticketid INT AUTO_INCREMENT PRIMARY KEY, ticketid INT AUTO_INCREMENT PRIMARY KEY,
userid INT, userid INT,
eventid INT, eventid INT,
@@ -50,7 +68,7 @@ CREATE TABLE ticket (
); );
CREATE TABLE gutschein ( CREATE TABLE Gutschein (
gutscheinid INT AUTO_INCREMENT PRIMARY KEY, gutscheinid INT AUTO_INCREMENT PRIMARY KEY,
code VARCHAR(50) UNIQUE, code VARCHAR(50) UNIQUE,
rabatt INT CHECK (rabatt BETWEEN 0 AND 100), rabatt INT CHECK (rabatt BETWEEN 0 AND 100),
@@ -60,79 +78,47 @@ CREATE TABLE gutschein (
); );
CREATE TABLE news ( CREATE TABLE News (
newsid INT AUTO_INCREMENT PRIMARY KEY, newsid INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100), name VARCHAR(100),
beschreibung TEXT, beschreibung TEXT,
datum DATE datum DATE
); );
--Testdaten
INSERT INTO user (vorname, nachname, straße, hausnr, postleitzahl, ort, land, tel, email, isAdmin, password)
INSERT INTO User (vorname, nachname, straße, hausnr, postleitzahl, ort, land, tel, email, isAdmin, password)
VALUES VALUES
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, 'passwort123'), ('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, 'passwort123'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, 'adminpass'); ('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, 'adminpass');
INSERT INTO standort (straße, hausnr, postleitzahl, ort, land, tel, email) INSERT INTO Standort (straße, hausnr, postleitzahl, ort, land, tel, email)
VALUES VALUES
('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'), ('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'),
('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de'); ('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de');
INSERT INTO ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets) INSERT INTO Ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets)
VALUES VALUES
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200), (1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150); (2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150);
INSERT INTO gutschein (code, rabatt, eventid, gültigkeit) INSERT INTO Gutschein (code, rabatt, eventid, gültigkeit)
VALUES VALUES
('SOMMER2025', 15, 1, '2025-08-31'), ('SOMMER2025', 15, 1, '2025-08-31'),
('HERBST25', 25, 2, '2025-10-15'); ('HERBST25', 25, 2, '2025-10-15');
INSERT INTO ticket (userid, eventid, kaufdatum, gültigkeitsdatum, preis) INSERT INTO Ticket (userid, eventid, kaufdatum, gültigkeitsdatum, preis)
VALUES VALUES
(1, 1, '2025-06-01', '2025-07-15', 12.50), (1, 1, '2025-06-01', '2025-07-15', 12.50),
(2, 2, '2025-06-05', '2025-09-15', 10.00); (2, 2, '2025-06-05', '2025-09-15', 10.00);
INSERT INTO news (name, beschreibung, datum) INSERT INTO News (name, beschreibung, datum)
VALUES VALUES
('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'), ('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'),
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20'); ('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');
--Änderungen:
ALTER TABLE austellung
ADD preis decimal NOT NULL
ALTER TABLE ticket
DROP COLUMN preis
ALTER TABLE user
MODIFY COLUMN userid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ticket
MODIFY COLUMN ticketid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE standort
MODIFY COLUMN standortid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE news
MODIFY COLUMN newsid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE gutschein
MODIFY COLUMN gutscheinid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ausstellung
MODIFY COLUMN austellungid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE user
MODIFY COLUMN isAdmin BOOLEAN DEFAULT FALSE;
ALTER TABLE user
ADD validUntil DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00';

30
contact.sql
View File

@@ -1,30 +0,0 @@
-- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Erstellungszeit: 24. Nov 2017 um 17:01
-- Server-Version: 10.1.16-MariaDB
-- PHP-Version: 7.0.9
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
--
-- Datenbank: `blog`
--
-- --------------------------------------------------------
CREATE TABLE `contact` (
`id` varchar(36) NOT NULL,
`topicCode` tinyint(2) NULL,
`name` varchar(200) NOT NULL,
`email` varchar(300) NOT NULL,
`phone` varchar(16) NULL,
`content` varchar(500) NOT NULL,
`created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE `contact`
ADD PRIMARY KEY (`id`)