PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PBBFA23CSE:6852923db06e00d2d8a5b636de55f82227a1370a
Branches Tags
PBBFA23CSE:main PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:develop
...
compare: PBBFA23CSE:frontendbackendtest
Branches Tags
PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:main PBBFA23CSE:develop

5 Commits
6852923db0 ... frontendba

Author SHA1 Message Date
Karsten Tlotzek
60f72ec6c9 Login/Logout jetzt in der Navi! News-Link ergänzt und Weiterleitungen gefixt (mit /bibarts/). Fehler nach Login behoben. 2025-07-03 09:52:33 +02:00
Karsten Tlotzek
8a59ddde8e Alles auf Englisch umbenannt: exhibition → event, Variablen und Tabellen angepasst, Views auf neue Felder umgestellt, Controller/Model/SQL konsistent gemacht. Alte Variablennamen raus, jetzt ist alles einheitlich. Fehler aus dem Frontend gefixt. 2025-07-01 09:59:25 +02:00
Karsten Tlotzek
d24d914c8c refactor: Validierungslogik ins Model verschoben 
- pwRequirementCheck und checkDoublePw aus Controller ins Model
- Alle Passwort- und E-Mail-Validierungen jetzt zentral im Model
- Controller macht nur noch Request/Response Handling
- Saubere MVC-Trennung
 2025-06-30 21:18:04 +02:00
Karsten Tlotzek
d711bc6152 Add registration functionality and update authentication views 
- Implemented a new method in AuthController to display the registration form with localized labels and session error handling.
- Updated the login view to include a link for account creation.
- Enhanced the registration view with a link to the login form.
- Removed the obsolete showRegisterPage view to streamline the codebase.
 2025-06-30 14:10:40 +02:00
Karsten Tlotzek
8e1a13ea27 Remove unused render call in AuthController after session cleanup 2025-06-30 14:01:56 +02:00
32 changed files with 661 additions and 831 deletions
Expand all files Collapse all files

107
Controller/AuthController.php
View File

@@ -9,14 +9,26 @@ class AuthController
private $model;
private $view;
public function __construct($view)
{
public function __construct($view) {
$this->model = new AuthModel();
$this->view = $view;
}
public function showAuthForm()
{
public function showLoginForm() {
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
}
public function showRegistrationForm() {
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
@@ -28,7 +40,6 @@ class AuthController
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
$this->view->render('auth/form');
}
public function login() {
@@ -39,11 +50,8 @@ class AuthController
if ($result === true) {
$_SESSION['user'] = $email;
$this->view->setVars([
'loginSuccess' => true,
'email' => $email
]);
header('Location: /bibarts/?controller=News&do=showNews');
exit();
} else {
$this->view->setVars([
'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."],
@@ -55,66 +63,32 @@ class AuthController
public function register() {
$data = [
'vorname' => $_POST['vorname'] ?? '',
'nachname' => $_POST['nachname'] ?? '',
'straße' => $_POST['straße'] ?? '',
'hausnr' => $_POST['hausnr'] ?? '',
'postleitzahl' => $_POST['postleitzahl'] ?? '',
'ort' => $_POST['ort'] ?? '',
'land' => $_POST['land'] ?? '',
'tel' => $_POST['tel'] ?? '',
'first_name' => $_POST['vorname'] ?? '',
'last_name' => $_POST['nachname'] ?? '',
'street' => $_POST['strasse'] ?? '',
'house_number' => $_POST['hausnr'] ?? '',
'postal_code' => $_POST['plz'] ?? '',
'city' => $_POST['ort'] ?? '',
'country' => $_POST['land'] ?? '',
'phone' => $_POST['tel'] ?? '',
'email' => $_POST['email'] ?? '',
'password' => $_POST['password'] ?? '',
'password_repeat' => $_POST['password_repeat'] ?? '',
'isAdmin' => $_POST['isAdmin'] ?? false,
'is_admin' => $_POST['isAdmin'] ?? false,
];
$errors = [];
$result = $this->model->register($data);
if (!$this->model->checkDoublePw($data['password'], $data['password_repeat'])) {
$errors['password'] = "Passwörter stimmen nicht überein.";
if ($result === true) {
$this->view->setVars(['success' => 'Registrierung erfolgreich!']);
$this->view->render('Auth/showLoginForm');
exit;
} else {
$errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
$this->view->setVars(['errors' => $errors, 'validData' => $data]);
$this->view->render('Auth/showRegistrationForm');
exit;
}
if ($this->pwRequirementCheck($data['password'])) {
$errors['password'] = "Passwort muss mindestens 8 Zeichen lang sein und mindestens ein Großbuchstabe, ein Kleinbuchstabe, eine Zahl und ein Sonderzeichen enthalten.";
}
if (empty($errors)) {
$result = $this->model->register($data);
if ($result === true) {
$this->view->setVars([
'success' => "Registrierung war erfolgreich."
]);
} else {
$errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
}
}
$this->view->setVars([
'errors' => $errors,
'validData' => $data
]);
}
private function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("[^a-zA-Z0-9\s]", $password));
$error[] = "min one special character";
if(empty($error))
return true;
else
return $error;
}
public function forgotPassword() {
@@ -167,4 +141,11 @@ class AuthController
$this->view->setVars(['message' => $message]);
$this->view->render('auth/confirmation');
}
public function logout() {
unset($_SESSION['user']);
session_destroy();
header('Location: /bibarts/?controller=Auth&do=showLoginForm');
exit();
}
}

24
Controller/EventController.php
View File

@@ -23,13 +23,13 @@ class EventController {
public function createEvent() {
$data = [
'location_id' => $_POST['location_id'] ?? null,
'start_date' => $_POST['start_date'] ?? null,
'end_date' => $_POST['end_date'] ?? null,
'name' => $_POST['name'] ?? null,
'beschreibung' => $_POST['beschreibung'] ?? null,
'standortid' => $_POST['standortid'] ?? null,
'datum_von' => $_POST['datum_von'] ?? null,
'datum_bis' => $_POST['datum_bis'] ?? null,
'description' => $_POST['description'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? null,
'preis' => $_POST['preis'] ?? null
'ticket_price' => $_POST['ticket_price'] ?? null
];
$this->model->createEvent($data);
@@ -38,21 +38,21 @@ class EventController {
}
public function editEventForm() {
$id = $_GET['ausstellungid'];
$id = $_GET['event_id'];
$event = $this->model->getEvent($id);
$this->view->setVars(['event' => $event]);
}
public function updateEvent($id, $data) {
$id = $_POST['ausstellungid'];
$id = $_POST['event_id'];
$data = [
'standortid' => $_POST['standortid'] ?? null,
'datum_von' => $_POST['datum_von'] ?? null,
'datum_bis' => $_POST['datum_bis'] ?? null,
'location_id' => $_POST['location_id'] ?? null,
'start_date' => $_POST['start_date'] ?? null,
'end_date' => $_POST['end_date'] ?? null,
'name' => $_POST['name'] ?? null,
'beschreibung' => $_POST['beschreibung'] ?? null,
'description' => $_POST['description'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? null,
'preis' => $_POST['preis'] ?? null
'ticket_price' => $_POST['ticket_price'] ?? null
];
$this->model->updateEvent($id, $data);
}

57
Controller/GutscheinController.php
View File

@@ -1,57 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\GutscheinModel;
class GutscheinController {
private $model;
private $view;
public function __construct($view) {
$this->model = new GutscheinModel();
$this->view = $view;
}
public function showGutscheine() {
$gutscheine = $this->model->getGutscheine();
$this->view->setVars(['gutscheine' => $gutscheine]);
}
public function createGutschein() {
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'ausstellungid' => $_POST['ausstellungid'] ?? null,
'gueltigkeit' => $_POST['gueltigkeit'] ?? null
];
$erg = $this->model->createGutschein($data);
$this->view->setVars(['gutschein' => $erg]);
exit;
}
public function editGutscheinForm() {
$id = $_GET['gutscheinid'];
if ($id) {
$gutschein = $this->model->getGutschein($id);
$this->view->setVars(['gutschein' => $gutschein]);
}
}
public function updateGutschein() {
$id = $_POST['gutscheinid'];
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'ausstellungid' => $_POST['ausstellungid'] ?? null,
'gueltigkeit' => $_POST['gueltigkeit'] ?? null
];
$this->model->updateGutschein($id, $data);
}
public function deleteGutschein() {
$id = $_GET['gutscheinid'] ?? null;
$this->model->deleteGutschein($id);
}
}

61
Controller/LocationController.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace Blog\Controller;
use Blog\Model\LocationModel;
class LocationController {
private $model;
private $view;
public function __construct($view) {
$this->model = new LocationModel();
$this->view = $view;
}
public function showLocations() {
$locations = $this->model->getLocations();
$this->view->setVars(['locations' => $locations]);
}
public function createLocation() {
$data = [
'street' => $_POST['street'],
'house_number' => $_POST['house_number'],
'postal_code' => $_POST['postal_code'],
'city' => $_POST['city'],
'country' => $_POST['country'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$result = $this->model->createLocation($data);
$this->view->setVars(['location' => $result]);
}
public function editLocationForm() {
$id = $_GET['location_id'];
$location = $this->model->getLocation($id);
$this->view->setVars(['location' => $location]);
}
public function updateLocation() {
$data = [
'street' => $_POST['street'],
'house_number' => $_POST['house_number'],
'postal_code' => $_POST['postal_code'],
'city' => $_POST['city'],
'country' => $_POST['country'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$location_id = $_POST['location_id'];
$result = $this->model->updateLocation($location_id, $data);
$this->view->setVars(['location' => $result]);
}
public function deleteLocation() {
$id = $_GET['location_id'] ?? null;
$this->model->deleteLocation($id);
}
}

10
Controller/RegisterController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class RegisterController {
function showRegisterPage()
{
}
}

61
Controller/StandortController.php
View File

@@ -1,61 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\StandortModel;
class StandortController {
private $model;
private $view;
public function __construct($view) {
$this->model = new StandortModel();
$this->view = $view;
}
public function showStandorte() {
$standorte = $this->model->getStandorte();
$this->view->setVars(['standorte' => $standorte]);
}
public function createStandort() {
$data = [
'strasse' => $_POST['strasse'],
'hausnr' => $_POST['hausnr'],
'plz' => $_POST['plz'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$erg = $this->model->createStandort($data);
$this->view->setVars(['standort' => $erg]);
}
public function editStandortForm() {
$id = $_GET['standortid'];
$standort = $this->model->getStandort($id);
$this->view->setVars(['standort' => $standort]);
}
public function updateStandort() {
$data = [
'strasse' => $_POST['strasse'],
'hausnr' => $_POST['hausnr'],
'plz' => $_POST['plz'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$standortid = $_POST['standortid'];
$erg = $this->model->updateStandort($standortid, $data);
$this->view->setVars(['standort' => $erg]);
}
public function deleteStandort() {
$id = $_GET['standortid'] ?? null;
$this->model->deleteStandort($id);
}
}

12
Controller/TicketController.php
View File

@@ -21,13 +21,13 @@ class TicketController {
public function buyTicket() {
$data = [
'userid' => $_POST['userid'],
'ausstellungid' => $_POST['ausstellungid'],
'kaufdatum' => date('Y-m-d'),
'gueltigkeit' => $_POST['gueltigkeit']
'user_id' => $_POST['user_id'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'price' => $_POST['price'] ?? null
];
$erg = $this->ticketModel->buyTicket($data);
$this->view->setVars(['ticket' => $erg]);
$result = $this->ticketModel->createTicket($data);
$this->view->setVars(['ticket' => $result]);
}
public function deleteTicket() {

57
Controller/VoucherController.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
namespace Blog\Controller;
use Blog\Model\VoucherModel;
class VoucherController {
private $model;
private $view;
public function __construct($view) {
$this->model = new VoucherModel();
$this->view = $view;
}
public function showVouchers() {
$vouchers = $this->model->getVouchers();
$this->view->setVars(['vouchers' => $vouchers]);
}
public function createVoucher() {
$data = [
'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null
];
$result = $this->model->createVoucher($data);
$this->view->setVars(['voucher' => $result]);
exit;
}
public function editVoucherForm() {
$id = $_GET['voucher_id'];
if ($id) {
$voucher = $this->model->getVoucher($id);
$this->view->setVars(['voucher' => $voucher]);
}
}
public function updateVoucher() {
$id = $_POST['voucher_id'];
$data = [
'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null
];
$this->model->updateVoucher($id, $data);
}
public function deleteVoucher() {
$id = $_GET['voucher_id'] ?? null;
$this->model->deleteVoucher($id);
}
}

89
Model/AuthModel.php
View File

@@ -11,7 +11,7 @@ class AuthModel extends Database
public function login(string $email, string $password)
{
$pdo = $this->linkDB();
$sql = "SELECT email, password, validUntil FROM user WHERE email = :email";
$sql = "SELECT email, password, valid_until FROM user WHERE email = :email";
$params = [":email" => $email];
try {
@@ -33,7 +33,7 @@ class AuthModel extends Database
try {
$now = new DateTime();
$validUntil = new DateTime($user['validUntil']);
$validUntil = new DateTime($user['valid_until']);
if ($now > $validUntil) {
return "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über \"Passwort vergessen\".";
@@ -46,20 +46,14 @@ class AuthModel extends Database
return true;
}
public function register($data)
{
$rtn = $this->pwRequirementCheck($data['password']);
if ($rtn !== true) {
return $rtn;
}
public function register($data) {
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
return "Bitte geben Sie eine gültige E-Mail ein.";
}
$requiredFields = [
'email', 'password', 'straße', 'hausnr', 'ort', 'postleitzahl',
'land', 'vorname', 'nachname', 'tel'
'email', 'password', 'street', 'house_number', 'city', 'postal_code',
'country', 'first_name', 'last_name', 'phone'
];
foreach ($requiredFields as $field) {
@@ -72,23 +66,32 @@ class AuthModel extends Database
return "Ein Account mit dieser E-Mail existiert bereits.";
}
// Passwort-Validierung
if (!$this->checkDoublePw($data['password'], $data['password_repeat'])) {
return "Passwörter stimmen nicht überein.";
}
if ($this->pwRequirementCheck($data['password']) !== true) {
return "Passwort muss mindestens 8 Zeichen lang sein und mindestens ein Großbuchstabe, ein Kleinbuchstabe, eine Zahl und ein Sonderzeichen enthalten.";
}
$hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password, straße, hausnr, ort, postleitzahl, land,vorname, nachname, tel, isAdmin)
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land,:vorname, :nachname, :tel, :isAdmin)";
$sql = "INSERT INTO user (email, password, street, house_number, city, postal_code, country, first_name, last_name, phone, is_admin)
VALUES (:email, :password, :street, :house_number, :city, :postal_code, :country, :first_name, :last_name, :phone, :is_admin)";
$params = [
':email' => $data['email'],
':password' => $hashedPassword,
':straße' => $data['straße'],
':hausnr' => $data['hausnr'],
':ort' => $data['ort'],
':postleitzahl'=> $data['postleitzahl'],
':land'=> $data['land'],
':vorname' => $data['vorname'],
':nachname'=> $data['nachname'],
':tel' => $data['tel'],
':isAdmin' => $data['isAdmin'] ? 1 : 0,
':street' => $data['street'],
':house_number' => $data['house_number'],
':city' => $data['city'],
':postal_code'=> $data['postal_code'],
':country'=> $data['country'],
':first_name' => $data['first_name'],
':last_name'=> $data['last_name'],
':phone' => $data['phone'],
':is_admin' => $data['is_admin'] ? 1 : 0,
];
try {
@@ -106,7 +109,7 @@ class AuthModel extends Database
try {
$pdo = $this->linkDB();
$sql = "SELECT userid FROM user WHERE email = :email";
$sql = "SELECT user_id FROM user WHERE email = :email";
$params = [':email' => $email];
$stmt = $pdo->prepare($sql);
@@ -145,8 +148,7 @@ class AuthModel extends Database
}
}
private function forgottenPwUpdate($email, $hashedPassword)
{
private function forgottenPwUpdate($email, $hashedPassword) {
try{
$pdo = $this->linkDB();
@@ -161,15 +163,16 @@ class AuthModel extends Database
$sql = "UPDATE user
SET password = :password, validUntil = :validUntil
SET password = :password, valid_until = :valid_until
WHERE email = :email";
$stmt = $pdo->prepare($sql);
return $stmt->execute([
$params = [
':email' => $email,
':password' => $hashedPassword,
':validUntil' => $validUntil
]);
':valid_until' => $validUntil
];
return $stmt->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
@@ -190,16 +193,16 @@ class AuthModel extends Database
}
$hashedPassword = password_hash($newpw, PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password)
VALUES (:email, :password)";
$sql = "UPDATE user SET password = :password WHERE email = :email";
try{
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
return $stmt->execute([
$params = [
':email' => $email,
':password' => $hashedPassword,
]);
];
return $stmt->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
@@ -213,4 +216,24 @@ class AuthModel extends Database
else
return false;
}
public function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("[^a-zA-Z0-9\s]", $password));
$error[] = "min one special character";
if(empty($error))
return true;
else
return $error;
}
}

63
Model/EventModel.php
View File

@@ -8,11 +8,11 @@ class EventModel extends Database {
public function getEvents() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM ausstellung ORDER BY datum_von DESC;";
$sql = "SELECT * FROM event ORDER BY start_date ASC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Events.", $e);
die;
@@ -21,11 +21,12 @@ class EventModel extends Database {
public function getEvent($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM ausstellung WHERE ausstellungid = :id;";
$sql = "SELECT * FROM event WHERE event_id = :event_id;";
$params = [":event_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]);
return $sth->fetch(\PDO::FETCH_ASSOC);
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return $stmt->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen des Events.", $e);
die;
@@ -34,20 +35,29 @@ class EventModel extends Database {
public function updateEvent($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE ausstellung SET standortid = :standortid, datum_von = :datum_von, datum_bis = :datum_bis, name = :name, beschreibung = :beschreibung, max_tickets = :max_tickets, preis = :preis WHERE ausstellungid = :id;";
$sql = "UPDATE event SET
name = :name,
description = :description,
location_id = :location_id,
start_date = :start_date,
end_date = :end_date,
max_tickets = :max_tickets,
ticket_price = :ticket_price
WHERE event_id = :event_id;";
$params = [
":standortid" => $data['standortid'],
":datum_von" => $data['datum_von'],
":datum_bis" => $data['datum_bis'],
":name" => $data['name'],
":beschreibung" => $data['beschreibung'],
":description" => $data['description'],
":location_id" => $data['location_id'],
":start_date" => $data['start_date'],
":end_date" => $data['end_date'],
":max_tickets" => $data['max_tickets'],
":preis" => $data['preis'],
":id" => $id
":ticket_price" => $data['ticket_price'],
":event_id" => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Events.", $e);
die;
@@ -56,32 +66,35 @@ class EventModel extends Database {
public function createEvent($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets, preis) VALUES (:standortid, :datum_von, :datum_bis, :name, :beschreibung, :max_tickets, :preis);";
$sql = "INSERT INTO event (name, description, location_id, start_date, end_date, max_tickets, ticket_price)
VALUES (:name, :description, :location_id, :start_date, :end_date, :max_tickets, :ticket_price);";
$params = [
":standortid" => $data['standortid'],
":datum_von" => $data['datum_von'],
":datum_bis" => $data['datum_bis'],
":name" => $data['name'],
":beschreibung" => $data['beschreibung'],
":description" => $data['description'],
":location_id" => $data['location_id'],
":start_date" => $data['start_date'],
":end_date" => $data['end_date'],
":max_tickets" => $data['max_tickets'],
":preis" => $data['preis']
":ticket_price" => $data['ticket_price']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Erstellen des Events.", $e);
new \Blog\Library\ErrorMsg("Fehler beim Schreiben des Events.", $e);
die;
}
}
public function deleteEvent($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM ausstellung WHERE ausstellungid = :id;";
$sql = "DELETE FROM event WHERE event_id = :event_id;";
$params = [":event_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]);
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return $stmt->rowCount();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Events.", $e);
die;

86
Model/GutscheinModel.php
View File

@@ -1,86 +0,0 @@
<?php
namespace Blog\Model;
use PDOException;
class GutscheinModel extends Database {
public function getGutscheine() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein ORDER BY gueltigkeit DESC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Gutscheine.", $e);
die;
}
}
public function getGutschein($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen des Gutscheins.", $e);
die;
}
}
public function createGutschein($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO gutschein (code, rabatt, ausstellungid, gueltigkeit) VALUES (:code, :rabatt, :ausstellungid, :gueltigkeit);";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":ausstellungid" => $data['ausstellungid'],
":gueltigkeit" => $data['gueltigkeit']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Erstellen des Gutscheins.", $e);
die;
}
}
public function updateGutschein($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE gutschein SET code = :code, rabatt = :rabatt, ausstellungid = :ausstellungid, gueltigkeit = :gueltigkeit WHERE gutscheinid = :id;";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":ausstellungid" => $data['ausstellungid'],
":gueltigkeit" => $data['gueltigkeit'],
":id" => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Gutscheins.", $e);
die;
}
}
public function deleteGutschein($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Gutscheins.", $e);
die;
}
}
}

69
Model/StandortModel.php → Model/LocationModel.php
View File

@@ -2,13 +2,14 @@
namespace Blog\Model;
use PDO;
use PDOException;
class StandortModel extends Database {
class LocationModel extends Database {
public function getStandorte() {
public function getLocations() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM Standort ORDER BY standortid ASC;";
$sql = "SELECT * FROM location ORDER BY location_id ASC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
@@ -19,10 +20,10 @@ class StandortModel extends Database {
}
}
public function getStandort($standortid) {
public function getLocation($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM Standort WHERE standortid = :standortid;";
$params = [":standortid" => $standortid];
$sql = "SELECT * FROM location WHERE location_id = :location_id;";
$params = [":location_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
@@ -33,17 +34,17 @@ class StandortModel extends Database {
}
}
public function createStandort($data) {
public function createLocation($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email)
VALUES (:strasse, :hausnr, :plz, :ort, :land, :tel, :email);";
$sql = "INSERT INTO location (street, house_number, postal_code, city, country, phone, email)
VALUES (:street, :house_number, :postal_code, :city, :country, :phone, :email);";
$params = [
":strasse" => $data['strasse'],
":hausnr" => $data['hausnr'],
":plz" => $data['plz'],
":ort" => $data['ort'],
":land" => $data['land'],
":tel" => $data['tel'],
":street" => $data['street'],
":house_number" => $data['house_number'],
":postal_code" => $data['postal_code'],
":city" => $data['city'],
":country" => $data['country'],
":phone" => $data['phone'],
":email" => $data['email']
];
try {
@@ -56,26 +57,26 @@ class StandortModel extends Database {
}
}
public function updateStandort($standortid, $data) {
public function updateLocation($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE Standort SET
strasse = :strasse,
hausnr = :hausnr,
plz = :plz,
ort = :ort,
land = :land,
tel = :tel,
$sql = "UPDATE location SET
street = :street,
house_number = :house_number,
postal_code = :postal_code,
city = :city,
country = :country,
phone = :phone,
email = :email
WHERE standortid = :standortid;";
WHERE location_id = :location_id;";
$params = [
":strasse" => $data['strasse'],
":hausnr" => $data['hausnr'],
":plz" => $data['plz'],
":ort" => $data['ort'],
":land" => $data['land'],
":tel" => $data['tel'],
":street" => $data['street'],
":house_number" => $data['house_number'],
":postal_code" => $data['postal_code'],
":city" => $data['city'],
":country" => $data['country'],
":phone" => $data['phone'],
":email" => $data['email'],
":standortid" => $standortid
":location_id" => $id
];
try {
$sth = $pdo->prepare($sql);
@@ -87,10 +88,10 @@ class StandortModel extends Database {
}
}
public function deleteStandort($standortid) {
public function deleteLocation($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM Standort WHERE standortid = :standortid;";
$params = [":standortid" => $standortid];
$sql = "DELETE FROM location WHERE location_id = :location_id;";
$params = [":location_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);

89
Model/NewsModel.php
View File

@@ -3,83 +3,58 @@
namespace Blog\Model;
use PDOException;
use PDO;
class NewsModel extends Database {
public function getNewsById($newsId) {
public function getNewsById($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM news WHERE newsid = :newsid;";
$params = [":newsid" => $newsId];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der News.", $e);
die;
}
$sql = "SELECT * FROM news WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [':news_id' => $id];
$stmt->execute($params);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function updateNews($newsId, $news) {
public function updateNews($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE news SET name = :name, beschreibung = :beschreibung, datum = :datum WHERE newsid = :newsid;";
$sql = "UPDATE news SET name = :name, description = :description, date = :date WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [
":name" => $news['titel'],
":beschreibung" => $news['inhalt'],
":datum" => $news['datum'],
":newsid" => $newsId
':name' => $data['name'],
':description' => $data['description'],
':date' => $data['date'],
':news_id' => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der News.", $e);
die;
}
return $stmt->execute($params);
}
public function getNews() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM news ORDER BY datum DESC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der News.", $e);
die;
}
$sql = "SELECT * FROM news ORDER BY date DESC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function createNews($news) {
public function createNews($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO news (name, beschreibung, datum) VALUES (:name, :beschreibung, :datum);";
$sql = "INSERT INTO news (name, description, date) VALUES (:name, :description, :date);";
$stmt = $pdo->prepare($sql);
$params = [
":name" => $news['titel'],
":beschreibung" => $news['inhalt'],
":datum" => $news['datum']
':name' => $data['name'],
':description' => $data['description'],
':date' => $data['date']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der News.", $e);
die;
}
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function deleteNews($newsId) {
public function deleteNews($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM news WHERE newsid = :newsid;";
$params = [":newsid" => $newsId];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen der News.", $e);
die;
}
$sql = "DELETE FROM news WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [':news_id' => $id];
return $stmt->execute($params);
}
}

98
Model/TicketModel.php
View File

@@ -3,70 +3,72 @@
namespace Blog\Model;
use PDOException;
use PDO;
class TicketModel extends Database {
public function getTickets() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM Ticket ORDER BY ticketid ASC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Tickets.", $e);
die;
}
$sql = "SELECT * FROM ticket ORDER BY ticket_id ASC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function buyTicket($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit)
VALUES (:userid, :ausstellungid, :kaufdatum, :gueltigkeit);";
$sql = "INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES (:user_id, :event_id, :purchase_date, :valid_until)";
$stmt = $pdo->prepare($sql);
$params = [
":userid" => $data['userid'],
":ausstellungid" => $data['ausstellungid'],
":kaufdatum" => $data['kaufdatum'],
":gueltigkeit" => $data['gueltigkeit']
':user_id' => $data['user_id'],
':event_id' => $data['event_id'],
':purchase_date' => $data['purchase_date'],
':valid_until' => $data['valid_until']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $pdo->lastInsertId();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Kauf des Tickets.", $e);
die;
}
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function hasTicket($userid, $ausstellungid) {
public function checkTicketExists($userid, $ausstellungid) {
$pdo = $this->linkDB();
$sql = "SELECT COUNT(*) as count FROM Ticket WHERE userid = :userid AND ausstellungid = :ausstellungid;";
$params = [
":userid" => $userid,
":ausstellungid" => $ausstellungid
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler bei der Ticketprüfung.", $e);
die;
}
$sql = "SELECT COUNT(*) as count FROM ticket WHERE user_id = :user_id AND event_id = :event_id;";
$stmt = $pdo->prepare($sql);
$params = [':user_id' => $userid, ':event_id' => $ausstellungid];
$stmt->execute($params);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
return $result['count'] > 0;
}
public function deleteTicket($ticketid) {
public function deleteTicket($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM Ticket WHERE ticketid = :ticketid;";
$params = [":ticketid" => $ticketid];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->rowCount();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Tickets.", $e);
die;
}
$sql = "DELETE FROM ticket WHERE ticket_id = :ticket_id;";
$stmt = $pdo->prepare($sql);
$params = [':ticket_id' => $id];
return $stmt->execute($params);
}
public function createTicket($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO ticket (event_id, user_id, price) VALUES (:event_id, :user_id, :price);";
$stmt = $pdo->prepare($sql);
$params = [
':event_id' => $data['event_id'],
':user_id' => $data['user_id'],
':price' => $data['price']
];
return $stmt->execute($params);
}
public function getTicketsByUser($userId) {
$pdo = $this->linkDB();
$sql = "SELECT t.*, e.name as event_name, e.start_date, e.end_date
FROM ticket t
JOIN event e ON t.event_id = e.event_id
WHERE t.user_id = :user_id;";
$stmt = $pdo->prepare($sql);
$params = [':user_id' => $userId];
$stmt->execute($params);
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
}

62
Model/VoucherModel.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
namespace Blog\Model;
use PDO;
use PDOException;
class VoucherModel extends Database {
public function getVouchers() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM voucher ORDER BY valid_until DESC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function getVoucher($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM voucher WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [':id' => $id];
$stmt->execute($params);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function createVoucher($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO voucher (code, discount, event_id, valid_until) VALUES (:code, :discount, :event_id, :valid_until);";
$stmt = $pdo->prepare($sql);
$params = [
':code' => $data['code'],
':discount' => $data['discount'],
':event_id' => $data['event_id'],
':valid_until' => $data['valid_until']
];
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function updateVoucher($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE voucher SET code = :code, discount = :discount, event_id = :event_id, valid_until = :valid_until WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [
':code' => $data['code'],
':discount' => $data['discount'],
':event_id' => $data['event_id'],
':valid_until' => $data['valid_until'],
':id' => $id
];
return $stmt->execute($params);
}
public function deleteVoucher($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM voucher WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [':id' => $id];
return $stmt->execute($params);
}
}

35
Views/Auth/login.phtml
View File

@@ -1,35 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="login-page-bg">
<div class="login-container">
<h2 class="login-title">Login</h2>
<?php if (!empty($errors['login'])): ?>
<div class="login-error">
<?php echo htmlspecialchars($errors['login']); ?>
</div>
<?php elseif (!empty($loginSuccess)): ?>
<div class="login-success">
<p>Login f&uuml;r Benutzer <?php echo htmlspecialchars($_SESSION["user"]); ?> erfolgreich</p>
<a class="login-link" href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php else: ?>
<form method="post" class="login-form">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<div class="login-field">
<label for="email">E-Mail:</label>
<input type="email" name="email" id="email" value="<?= htmlspecialchars($validData['email'] ?? '') ?>">
</div>
<div class="login-field">
<label for="password">Passwort:</label>
<input type="password" name="password" id="password">
</div>
<button class="login-btn" type="submit">Einloggen</button>
</form>
<?php endif; ?>
</div>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

61
Views/Auth/register.phtml
View File

@@ -1,61 +0,0 @@
<?php include dirname(__DIR__).'/header.phtml'; ?>
<?php if (!empty($success)) : ?>
<div class="success-message" style="color: green; margin-bottom: 1em;">
<p><?php echo htmlspecialchars($success); ?></p>
</div>
<?php endif; ?>
<?php if (!empty($errors)) : ?>
<div class="error-messages" style="color: red; margin-bottom: 1em;">
<ul>
<?php foreach ($errors as $field => $error) : ?>
<li><?php echo htmlspecialchars($error); ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
<form action="?controller=Auth&do=register" method="post">
<label for="vorname">Vorname:</label>
<input type="text" name="vorname" id="vorname" value="<?php echo htmlspecialchars($validData['vorname'] ?? ''); ?>" required>
<label for="nachname">Nachname:</label>
<input type="text" name="nachname" id="nachname" value="<?php echo htmlspecialchars($validData['nachname'] ?? ''); ?>" required>
<label for="straße">Straße:</label>
<input type="text" name="straße" id="straße" value="<?php echo htmlspecialchars($validData['straße'] ?? ''); ?>" required>
<label for="hausnr">Hausnummer:</label>
<input type="text" name="hausnr" id="hausnr" value="<?php echo htmlspecialchars($validData['hausnr'] ?? ''); ?>" required>
<label for="postleitzahl">Postleitzahl:</label>
<input type="text" name="postleitzahl" id="postleitzahl" value="<?php echo htmlspecialchars($validData['postleitzahl'] ?? ''); ?>" required>
<label for="ort">Ort:</label>
<input type="text" name="ort" id="ort" value="<?php echo htmlspecialchars($validData['ort'] ?? ''); ?>" required>
<label for="land">Land:</label>
<input type="text" name="land" id="land" value="<?php echo htmlspecialchars($validData['land'] ?? ''); ?>" required>
<label for="tel">Telefonnummer:</label>
<input type="text" name="tel" id="tel" value="<?php echo htmlspecialchars($validData['tel'] ?? ''); ?>">
<label for="email">E-Mail-Adresse:</label>
<input type="email" name="email" id="email" value="<?php echo htmlspecialchars($validData['email'] ?? ''); ?>" required>
<label for="password">Passwort:</label>
<input type="password" name="password" id="password" required>
<label for="password_repeat">Passwort wiederholen:</label>
<input type="password" name="password_repeat" id="password_repeat" required>
<label for="isAdmin">
<input type="checkbox" name="isAdmin" id="isAdmin" value="1" <?php echo (!empty($validData['isAdmin'])) ? 'checked' : ''; ?>>
Admin-Rechte
</label>
<button type="submit">Registrieren</button>
</form>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

27
Views/Auth/showAuthForm.phtml
View File

@@ -1,27 +0,0 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<button class="button-loggin">Login</button>
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<a class="link-konto-erstellen">Konto erstellen</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

28
Views/Auth/showLoginForm.phtml Normal file
View File

@@ -0,0 +1,28 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<label for="email">E-Mail</label>
<input class="input-email" type="email" name="email" id="email" placeholder="E-Mail" required>
<label for="password">Passwort</label>
<input class="input-passwort" type="password" name="password" id="password" placeholder="Passwort" required>
<button class="button-loggin" type="submit">Login</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<br>
<a class="link-konto-erstellen" href="?controller=Auth&do=showRegistrationForm">Konto erstellen</a>
</div>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

55
Views/Auth/showRegistrationForm.phtml Normal file
View File

@@ -0,0 +1,55 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="register">
<label>
<input class="input-vorname" type="text" name="vorname" placeholder="Vorname">
</label>
<label>
<input class="input-nachname" type="text" name="nachname" placeholder="Nachname">
</label>
<label>
<input class="input-email" type="text" name="email" placeholder="E-Mail">
</label>
<label>
<input class="input-passwort" type="password" name="password" placeholder="Passwort">
</label>
<label>
<input class="input-passwort-repeat" type="password" name="password_repeat" placeholder="Passwort wiederholen">
</label>
<label>
<input class="input-strasse" type="text" name="strasse" placeholder="Straße">
</label>
<label>
<input class="input-hausnr" type="text" name="hausnr" placeholder="Hausnr.">
</label>
<label>
<input class="input-postleitzahl" type="text" name="plz" placeholder="Postleitzahl">
</label>
<label>
<input class="input-ort" type="text" name="ort" placeholder="Ort">
</label>
<label>
<input class="input-land" type="text" name="land" placeholder="Land">
</label>
<label>
<input class="input-tel" type="text" name="tel" placeholder="Telefonnr.">
</label>
<button class="button-register" type="submit">Registrieren</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Auth&do=showLoginForm" class="login-link">Bereits registriert? Hier einloggen</a>
</div>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

2
Views/Event/createEvent.phtml
View File

@@ -3,7 +3,7 @@ include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Das Event "<?php echo $name?>" wurde erfolgreich erstellt!</p>
<p>Das Event "<?php echo $event['name']?>" wurde erfolgreich erstellt!</p>
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>

10
Views/Event/showEvents.phtml
View File

@@ -1,7 +1,7 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Ausstellungen</h2>
<h2>Alle Events</h2>
<?php if (!empty($events)): ?>
<table>
<thead>
@@ -17,16 +17,16 @@ include dirname(__DIR__).'/header.phtml';
<?php foreach ($events as $event): ?>
<tr>
<td><?php echo htmlspecialchars($event['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($event['beschreibung'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['datum_von'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['datum_bis'])); ?></td>
<td><?php echo nl2br(htmlspecialchars($event['description'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['start_date'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['end_date'])); ?></td>
<td><?php echo (int) $event['max_tickets']; ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Derzeit sind keine Ausstellungen verfügbar.</p>
<p>Derzeit sind keine Events verfügbar.</p>
<?php endif; ?>
<?php
include dirname(__DIR__).'/footer.phtml';

2
Views/Event/updateEvent.phtml
View File

@@ -3,7 +3,7 @@ include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Das Event mit der ID "<?php echo $ausstellungid?>" wurde erfolgreich bearbeitet!</p>
<p>Das Event mit der ID "<?php echo $event_id?>" wurde erfolgreich bearbeitet!</p>
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>

37
Views/Gutschein/showGutscheine.phtml
View File

@@ -1,37 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Gutschein&do=createGutscheinForm">Neuen Gutschein anlegen</a>
<?php if (!empty($gutscheine)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
<tr>
<th>Code</th>
<th>Rabatt (%)</th>
<th>Event-ID</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($gutscheine as $g): ?>
<tr>
<td><?php echo htmlspecialchars($g['code']); ?></td>
<td><?php echo (int)$g['rabatt']; ?></td>
<td><?php echo (int)$g['ausstellungid']; ?></td>
<td><?php echo htmlspecialchars($g['gueltigkeit']); ?></td>
<td>
<a href="?controller=Gutschein&action=editGutscheinForm&id=<?php echo $g['gutscheinid']; ?>">Bearbeiten</a> |
<a href="?controller=Gutschein&action=deleteGutschein&id=<?php echo $g['gutscheinid']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

0
Views/Standort/showStandorte.phtml → Views/Location/showStandorte.phtml
View File

6
Views/News/showNews.phtml
View File

@@ -6,7 +6,7 @@ include dirname(__DIR__).'/header.phtml';
<table>
<thead>
<tr>
<th>Name</th>
<th>Titel</th>
<th>Beschreibung</th>
<th>Datum</th>
</tr>
@@ -15,8 +15,8 @@ include dirname(__DIR__).'/header.phtml';
<?php foreach ($news as $item): ?>
<tr>
<td><?php echo htmlspecialchars($item['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($item['beschreibung'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($item['datum'])); ?></td>
<td><?php echo nl2br(htmlspecialchars($item['description'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($item['date'])); ?></td>
</tr>
<?php endforeach; ?>
</tbody>

69
Views/Register/showRegisterPage.phtml
View File

@@ -1,69 +0,0 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-vorname" type="text" placeholder="Vorname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-nachname" type="text" placeholder="Nachname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort-repeat" type="text" placeholder="Passwort wiederholen">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-strasse" type="text" placeholder="Straße">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-hausnr" type="text" placeholder="Hausnr.">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-postleitzahl" type="text" placeholder="Postleitzahl">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-ort" type="text" placeholder="Ort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-land" type="text" placeholder="Land">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-tel" type="text" placeholder="Telefonnr.">
</label>
</form>
<button class="button-register">Registrieren</button>
<a class="link-konto-erstellen">Login</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

0
Views/Gutschein/createGutschein.phtml → Views/Voucher/createVoucher.phtml
View File

37
Views/Voucher/showVouchers.phtml Normal file
View File

@@ -0,0 +1,37 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Voucher&do=createVoucherForm">Neuen Gutschein anlegen</a>
<?php if (!empty($vouchers)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
<tr>
<th>Code</th>
<th>Rabatt (%)</th>
<th>Event-ID</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($vouchers as $v): ?>
<tr>
<td><?php echo htmlspecialchars($v['code']); ?></td>
<td><?php echo (int)$v['discount']; ?></td>
<td><?php echo (int)$v['event_id']; ?></td>
<td><?php echo htmlspecialchars($v['valid_until']); ?></td>
<td>
<a href="?controller=Voucher&do=editVoucherForm&id=<?php echo $v['voucher_id']; ?>">Bearbeiten</a> |
<a href="?controller=Voucher&do=deleteVoucher&id=<?php echo $v['voucher_id']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

14
Views/header.phtml
View File

@@ -1,7 +1,7 @@
<!DOCTYPE html>
<html lang="de">
<head>
<title>VR Contact</title>
<title>Bib Arts</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="/bibarts/CSS/style.css" rel="stylesheet" type="text/css" />
@@ -11,10 +11,20 @@
<nav id="navigation">
<div class="link-container">
<div id="logo" ><a class="link-logo" href="#"></a></div>
<a id="link-ausstellungen" class="links" href="?controller=Event&do=showEvents">Ausstellungen</a>
<a id="link-tickets" class="links" href="#">Tickets</a>
<a id="link-infos" class="links" href="?controller=Welcome&do=showWelcome">Infos</a>
<a id="link-news" class="links" href="/bibarts/?controller=News&do=showNews">News</a>
<a id="link-profil" class="links" href="?controller=Contact&do=showContactForm">Profil</a>
<div id="profile-picture"></div>
<?php if (isset($_SESSION['user'])): ?>
<form method="post" action="/bibarts/index.php" style="display:inline;">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="logout">
<button type="submit" class="links" style="background:none;border:none;cursor:pointer;">Logout</button>
</form>
<?php else: ?>
<a class="links" href="?controller=Auth&do=showLoginForm">Login</a>
<?php endif; ?>
</div>
</nav>
</div>

154
bibarts.sql
View File

@@ -3,142 +3,110 @@ SET time_zone = "+00:00";
-- --------------------------------------------------------
CREATE TABLE User (
userid INT AUTO_INCREMENT PRIMARY KEY,
vorname VARCHAR(50),
nachname VARCHAR(50),
strasse VARCHAR(100),
hausnr VARCHAR(10),
postleitzahl VARCHAR(10),
ort VARCHAR(50),
land VARCHAR(50),
tel VARCHAR(20),
CREATE TABLE user (
user_id INT AUTO_INCREMENT PRIMARY KEY,
first_name VARCHAR(50),
last_name VARCHAR(50),
street VARCHAR(100),
house_number VARCHAR(10),
postal_code VARCHAR(10),
city VARCHAR(50),
country VARCHAR(50),
phone VARCHAR(20),
email VARCHAR(100) UNIQUE,
isAdmin BOOLEAN DEFAULT FALSE,
is_admin BOOLEAN DEFAULT FALSE,
valid_until DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00',
password VARCHAR(255)
);
CREATE TABLE Standort (
standortid INT AUTO_INCREMENT PRIMARY KEY,
strasse VARCHAR(100),
hausnr VARCHAR(10),
plz VARCHAR(10),
ort VARCHAR(50),
land VARCHAR(50),
tel VARCHAR(20),
CREATE TABLE location (
location_id INT AUTO_INCREMENT PRIMARY KEY,
street VARCHAR(100),
house_number VARCHAR(10),
postal_code VARCHAR(10),
city VARCHAR(50),
country VARCHAR(50),
phone VARCHAR(20),
email VARCHAR(100)
);
CREATE TABLE Ausstellung (
austellungid INT AUTO_INCREMENT PRIMARY KEY,
standortid INT,
datum_von DATE,
datum_bis DATE,
CREATE TABLE event (
event_id INT AUTO_INCREMENT PRIMARY KEY,
location_id INT,
start_date DATE,
end_date DATE,
name VARCHAR(100),
beschreibung TEXT,
description TEXT,
max_tickets INT,
FOREIGN KEY (standortid) REFERENCES Standort(standortid)
ticket_price DECIMAL(5,2),
FOREIGN KEY (location_id) REFERENCES location(location_id)
);
CREATE TABLE Ticket (
ticketid INT AUTO_INCREMENT PRIMARY KEY,
userid INT,
ausstellungid INT,
kaufdatum DATE,
gueltigkeit DATE,
preis DECIMAL(10,2),
FOREIGN KEY (userid) REFERENCES User(userid),
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
CREATE TABLE ticket (
ticket_id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT,
event_id INT,
purchase_date DATE,
valid_until DATE,
FOREIGN KEY (user_id) REFERENCES user(user_id),
FOREIGN KEY (event_id) REFERENCES event(event_id)
);
CREATE TABLE Gutschein (
gutscheinid INT AUTO_INCREMENT PRIMARY KEY,
CREATE TABLE voucher (
voucher_id INT AUTO_INCREMENT PRIMARY KEY,
code VARCHAR(50) UNIQUE,
rabatt INT CHECK (rabatt BETWEEN 0 AND 100),
ausstellungid INT,
gueltigkeit DATE,
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
discount INT CHECK (discount BETWEEN 0 AND 100),
event_id INT,
valid_until DATE,
FOREIGN KEY (event_id) REFERENCES event(event_id)
);
CREATE TABLE News (
newsid INT AUTO_INCREMENT PRIMARY KEY,
CREATE TABLE news (
news_id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100),
beschreibung TEXT,
datum DATE
description TEXT,
date DATE
);
-- User-Daten
INSERT INTO User (vorname, nachname, strasse, hausnr, postleitzahl, ort, land, tel, email, isAdmin, password)
-- User-Daten (Passwort: passwort123)
INSERT INTO user (first_name, last_name, street, house_number, postal_code, city, country, phone, email, is_admin, password)
VALUES
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, 'passwort123'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, 'adminpass');
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, '$2y$10$VAj.C0XHPUxV4oXS6b79aumlg5fBMPPx5FPqgkQSIQeBLh0WtYmKy'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, '$2y$10$cnPBpkvLbdpDxzYvxlQg9uVp5y8ggr2SWL8NAMg9zk.3QnnEl.MGq');
-- Standort-Daten
INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email)
INSERT INTO location (street, house_number, postal_code, city, country, phone, email)
VALUES
('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'),
('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de');
-- Ausstellung-Daten
INSERT INTO Ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets)
INSERT INTO event (location_id, start_date, end_date, name, description, max_tickets, ticket_price)
VALUES
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150);
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200, 19.99),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150, 39.99);
-- Gutschein-Daten (Spaltennamen korrigiert)
INSERT INTO Gutschein (code, rabatt, ausstellungid, gueltigkeit)
-- Gutschein-Daten
INSERT INTO voucher (code, discount, event_id, valid_until)
VALUES
('SOMMER2025', 15, 1, '2025-08-31'),
('HERBST25', 25, 2, '2025-10-15');
-- Ticket-Daten (Spaltennamen korrigiert)
INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit, preis)
-- Ticket-Daten
INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES
(1, 1, '2025-06-01', '2025-07-15', 12.50),
(2, 2, '2025-06-05', '2025-09-15', 10.00);
(1, 1, '2025-06-01', '2025-07-15'),
(2, 2, '2025-06-05', '2025-09-15');
-- News-Daten
INSERT INTO News (name, beschreibung, datum)
INSERT INTO news (name, description, date)
VALUES
('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'),
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');
--Änderungen:
ALTER TABLE austellung
ADD preis decimal NOT NULL
ALTER TABLE ticket
DROP COLUMN preis
ALTER TABLE user
MODIFY COLUMN userid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ticket
MODIFY COLUMN ticketid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE standort
MODIFY COLUMN standortid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE news
MODIFY COLUMN newsid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE gutschein
MODIFY COLUMN gutscheinid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ausstellung
MODIFY COLUMN austellungid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE user
MODIFY COLUMN isAdmin BOOLEAN DEFAULT FALSE;
ALTER TABLE user
ADD validUntil DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00';

8
index.php
View File

@@ -19,11 +19,11 @@ spl_autoload_register(function ($className) {
$controllerName = "";
$doMethodName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Welcome";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showWelcome";
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Auth";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showAuthForm";
} else {
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Welcome";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showWelcome";
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Auth";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showAuthForm";
}
$controllerClassName = 'Blog\\Controller\\'.ucfirst($controllerName).'Controller';