PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PBBFA23CSE:backend
Branches Tags
PBBFA23CSE:main PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:develop
..
compare: PBBFA23CSE:frontendbackendtest
Branches Tags
PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:main PBBFA23CSE:develop

22 Commits
backend ... frontendba

Author SHA1 Message Date
Karsten Tlotzek
60f72ec6c9 Login/Logout jetzt in der Navi! News-Link ergänzt und Weiterleitungen gefixt (mit /bibarts/). Fehler nach Login behoben. 2025-07-03 09:52:33 +02:00
Karsten Tlotzek
8a59ddde8e Alles auf Englisch umbenannt: exhibition → event, Variablen und Tabellen angepasst, Views auf neue Felder umgestellt, Controller/Model/SQL konsistent gemacht. Alte Variablennamen raus, jetzt ist alles einheitlich. Fehler aus dem Frontend gefixt. 2025-07-01 09:59:25 +02:00
Karsten Tlotzek
d24d914c8c refactor: Validierungslogik ins Model verschoben 
- pwRequirementCheck und checkDoublePw aus Controller ins Model
- Alle Passwort- und E-Mail-Validierungen jetzt zentral im Model
- Controller macht nur noch Request/Response Handling
- Saubere MVC-Trennung
 2025-06-30 21:18:04 +02:00
Karsten Tlotzek
d711bc6152 Add registration functionality and update authentication views 
- Implemented a new method in AuthController to display the registration form with localized labels and session error handling.
- Updated the login view to include a link for account creation.
- Enhanced the registration view with a link to the login form.
- Removed the obsolete showRegisterPage view to streamline the codebase.
 2025-06-30 14:10:40 +02:00
Karsten Tlotzek
8e1a13ea27 Remove unused render call in AuthController after session cleanup 2025-06-30 14:01:56 +02:00
Karsten Tlotzek
6852923db0 Add login page styles and refactor authentication views 
- Introduced new styles for the login page, enhancing layout and responsiveness.
- Updated the login view to utilize the new styles and improve user feedback for login errors and success messages.
- Removed unused controllers and views related to contact and login functionalities to streamline the codebase.
- Adjusted error message handling in the AuthController for better clarity on password requirements.
 2025-06-30 14:01:08 +02:00
Karsten Tlotzek
71d838da0a Merge branch 'feature/authentification' into frontendbackendtest 
# Conflicts:
#	bibarts.sql
 2025-06-30 11:13:44 +02:00
Karsten Tlotzek
8583012c5b Refactor views wegen öffnendem body tag im header und schließenden tag im footer 2025-06-30 10:50:08 +02:00
Karsten Tlotzek
31a381bba4 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:28:28 +02:00
Karsten Tlotzek
a72a0c5fc5 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:27:10 +02:00
Karsten Tlotzek
ce23d839a3 Register und login gefixt 2025-06-30 09:56:52 +02:00
Karsten Tlotzek
36d6364cd0 Auth angepasst 2025-06-27 10:24:21 +02:00
Max538
5477e7fdd8 fixed sql 2025-06-23 14:23:00 +02:00
Max538
db526e5bb2 implemented Controller logic 2025-06-23 14:22:43 +02:00
Max538
dd6e98fe28 implemented update pw function 2025-06-23 14:14:25 +02:00
Max538
5965e1df81 implemented input validation for register function 2025-06-23 10:35:55 +02:00
Max538
8d4376d313 fixed login function 2025-06-23 10:17:17 +02:00
Max538
49a8f6a1dc added database sql skript with changes 2025-06-16 15:12:51 +02:00
Max538
78e1e72eba implemented authmodel 2025-06-16 15:12:28 +02:00
Max538
4fa775f326 implemented authcontroller logic 2025-06-16 15:12:13 +02:00
Karsten Tlotzek
1df705a235 Merge remote-tracking branch 'origin/main' 2025-06-12 16:15:25 +02:00
Karsten Tlotzek
5594d469de Test 2025-06-12 16:14:54 +02:00
44 changed files with 1119 additions and 892 deletions
Expand all files Collapse all files

6
.idea/sqldialects.xml generated
View File

@@ -1,6 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="SqlDialectMappings">
<file url="file://$PROJECT_DIR$/contact.sql" dialect="GenericSQL" />
</component>
</project>

118
CSS/style.css
View File

@@ -126,11 +126,117 @@ a {
border-radius: 10px;
}
/* Login Page Styles */
.login-page-bg {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
background: linear-gradient(135deg, #DFF0F2 60%, #BAC8D4 100%);
}
.login-container {
position: absolute;
top: 200px;
background-color: #BAC8D4;
width: 900px;
height: 450px;
border-radius: 10px;
background: #fff;
box-shadow: 0 4px 24px rgba(0,0,0,0.10);
border-radius: 16px;
padding: 40px 32px 32px 32px;
width: 100%;
max-width: 400px;
display: flex;
flex-direction: column;
align-items: center;
}
.login-title {
margin-bottom: 24px;
color: #4d4d4d;
font-size: 2rem;
font-weight: 600;
letter-spacing: 1px;
}
.login-form {
width: 100%;
display: flex;
flex-direction: column;
gap: 18px;
}
.login-field {
display: flex;
flex-direction: column;
gap: 6px;
}
.login-field label {
font-weight: 500;
color: #4d4d4d;
}
.login-field input {
padding: 10px 12px;
border: 1px solid #BAC8D4;
border-radius: 6px;
font-size: 1rem;
background: #F7FAFC;
transition: border 0.2s;
}
.login-field input:focus {
border: 1.5px solid #09add0;
outline: none;
}
.login-btn {
margin-top: 10px;
padding: 12px 0;
background: #09add0;
color: #fff;
border: none;
border-radius: 6px;
font-size: 1.1rem;
font-weight: 600;
cursor: pointer;
transition: background 0.2s;
}
.login-btn:hover {
background: #007b9e;
}
.login-error {
background: #ffe0e0;
color: #b30000;
border: 1px solid #ffb3b3;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-success {
background: #e0ffe6;
color: #006633;
border: 1px solid #b3ffd1;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-link {
display: inline-block;
margin-top: 10px;
color: #09add0;
font-weight: 500;
text-decoration: underline;
}
@media (max-width: 600px) {
.login-container {
padding: 24px 8px;
max-width: 95vw;
}
}

151
Controller/AuthController.php Normal file
View File

@@ -0,0 +1,151 @@
<?php
namespace Blog\Controller;
use Blog\Model\AuthModel;
class AuthController
{
private $model;
private $view;
public function __construct($view) {
$this->model = new AuthModel();
$this->view = $view;
}
public function showLoginForm() {
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
}
public function showRegistrationForm() {
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
}
public function login() {
$email = $_POST['email'];
$password = $_POST['password'];
$result = $this->model->login($email, $password);
if ($result === true) {
$_SESSION['user'] = $email;
header('Location: /bibarts/?controller=News&do=showNews');
exit();
} else {
$this->view->setVars([
'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."],
'validData' => ['email' => $email],
'loginSuccess' => false
]);
}
}
public function register() {
$data = [
'first_name' => $_POST['vorname'] ?? '',
'last_name' => $_POST['nachname'] ?? '',
'street' => $_POST['strasse'] ?? '',
'house_number' => $_POST['hausnr'] ?? '',
'postal_code' => $_POST['plz'] ?? '',
'city' => $_POST['ort'] ?? '',
'country' => $_POST['land'] ?? '',
'phone' => $_POST['tel'] ?? '',
'email' => $_POST['email'] ?? '',
'password' => $_POST['password'] ?? '',
'password_repeat' => $_POST['password_repeat'] ?? '',
'is_admin' => $_POST['isAdmin'] ?? false,
];
$result = $this->model->register($data);
if ($result === true) {
$this->view->setVars(['success' => 'Registrierung erfolgreich!']);
$this->view->render('Auth/showLoginForm');
exit;
} else {
$errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
$this->view->setVars(['errors' => $errors, 'validData' => $data]);
$this->view->render('Auth/showRegistrationForm');
exit;
}
}
public function forgotPassword() {
$email = $_POST['email'] ?? '';
if (empty($email)) {
$_SESSION['auth_errors']['email'] = "Bitte E-Mail-Adresse angeben.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
$this->model->pwForgot($email);
header("Location: /?controller=Auth&do=showConfirmation&msg=pwforgot");
exit;
}
public function changePassword()
{
$email = $_POST['email'] ?? '';
$oldpw = $_POST['old_password'] ?? '';
$newpw = $_POST['password'] ?? '';
$repeat = $_POST['password_repeat'] ?? '';
if (!$this->model->checkDoublePw($newpw, $repeat)) {
$_SESSION['auth_errors']['password'] = "Neue Passwörter stimmen nicht überein.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
$result = $this->model->updatePassword($email, $oldpw, $newpw);
if ($result === true) {
header("Location: /?controller=Auth&do=showConfirmation&msg=pwchange");
exit;
} else {
$_SESSION['auth_errors']['password'] = is_string($result) ? $result : "Fehler beim Aktualisieren des Passworts.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
}
public function showConfirmation()
{
$messages = [
'login' => "Login erfolgreich.",
'register' => "Registrierung erfolgreich.",
'pwforgot' => "Ein temporäres Passwort wurde an Ihre E-Mail gesendet.",
'pwchange' => "Passwort erfolgreich geändert."
];
$msgKey = $_GET['msg'] ?? '';
$message = $messages[$msgKey] ?? "Aktion erfolgreich.";
$this->view->setVars(['message' => $message]);
$this->view->render('auth/confirmation');
}
public function logout() {
unset($_SESSION['user']);
session_destroy();
header('Location: /bibarts/?controller=Auth&do=showLoginForm');
exit();
}
}

53
Controller/ContactController.php
View File

@@ -1,53 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\ContactModel;
class ContactController
{
protected $view;
private $db;
private $validData = array();
private $errors = array();
private $labels = array("name" => "Name", "email" => "E-Mail-Adresse", "content" => "Nachricht");
public function __construct($view) {
$this->db = new ContactModel();
$this->view = $view;
}
public function showContactForm() {
$this->view->setVars([
'labels' => $this->labels,
'validData' => $this->validData,
'errors' => $this->errors
]);
}
public function showConfirmation() {
}
public function validateForm() {
foreach ($this->labels as $index => $value) {
if (!isset($_POST[$index]) || empty($_POST[$index])) {
$this->errors[$index] = "Bitte " . $value . " angeben";
} else {
$this->validData[$index] = $_POST[$index];
}
}
if (count($this->errors) > 0) {
$this->view->setDoMethodName("showContactForm");
$this->showContactForm();
} else {
if ($this->db->writeContactData($this->validData)) {
$this->view->setDoMethodName("showConfirmation");
$this->showConfirmation();
}
}
}
}
?>

24
Controller/EventController.php
View File

@@ -23,13 +23,13 @@ class EventController {
public function createEvent() {
$data = [
'location_id' => $_POST['location_id'] ?? null,
'start_date' => $_POST['start_date'] ?? null,
'end_date' => $_POST['end_date'] ?? null,
'name' => $_POST['name'] ?? null,
'beschreibung' => $_POST['beschreibung'] ?? null,
'standortid' => $_POST['standortid'] ?? null,
'datum_von' => $_POST['datum_von'] ?? null,
'datum_bis' => $_POST['datum_bis'] ?? null,
'description' => $_POST['description'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? null,
'preis' => $_POST['preis'] ?? null
'ticket_price' => $_POST['ticket_price'] ?? null
];
$this->model->createEvent($data);
@@ -38,21 +38,21 @@ class EventController {
}
public function editEventForm() {
$id = $_GET['ausstellungid'];
$id = $_GET['event_id'];
$event = $this->model->getEvent($id);
$this->view->setVars(['event' => $event]);
}
public function updateEvent($id, $data) {
$id = $_POST['ausstellungid'];
$id = $_POST['event_id'];
$data = [
'standortid' => $_POST['standortid'] ?? null,
'datum_von' => $_POST['datum_von'] ?? null,
'datum_bis' => $_POST['datum_bis'] ?? null,
'location_id' => $_POST['location_id'] ?? null,
'start_date' => $_POST['start_date'] ?? null,
'end_date' => $_POST['end_date'] ?? null,
'name' => $_POST['name'] ?? null,
'beschreibung' => $_POST['beschreibung'] ?? null,
'description' => $_POST['description'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? null,
'preis' => $_POST['preis'] ?? null
'ticket_price' => $_POST['ticket_price'] ?? null
];
$this->model->updateEvent($id, $data);
}

57
Controller/GutscheinController.php
View File

@@ -1,57 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\GutscheinModel;
class GutscheinController {
private $model;
private $view;
public function __construct($view) {
$this->model = new GutscheinModel();
$this->view = $view;
}
public function showGutscheine() {
$gutscheine = $this->model->getGutscheine();
$this->view->setVars(['gutscheine' => $gutscheine]);
}
public function createGutschein() {
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'eventid' => $_POST['eventid'] ?? null,
'gültigkeit' => $_POST['gültigkeit'] ?? null
];
$erg = $this->model->createGutschein($data);
$this->view->setVars(['gutschein' => $erg]);
exit;
}
public function editGutscheinForm() {
$id = $_GET['gutscheinid'];
if ($id) {
$gutschein = $this->model->getGutschein($id);
$this->view->setVars(['gutschein' => $gutschein]);
}
}
public function updateGutschein() {
$id = $_POST['gutscheinid'];
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'eventid' => $_POST['eventid'] ?? null,
'gültigkeit' => $_POST['gültigkeit'] ?? null
];
$this->model->updateGutschein($id, $data);
}
public function deleteGutschein() {
$id = $_GET['gutscheinid'] ?? null;
$this->model->deleteGutschein($id);
}
}

61
Controller/LocationController.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace Blog\Controller;
use Blog\Model\LocationModel;
class LocationController {
private $model;
private $view;
public function __construct($view) {
$this->model = new LocationModel();
$this->view = $view;
}
public function showLocations() {
$locations = $this->model->getLocations();
$this->view->setVars(['locations' => $locations]);
}
public function createLocation() {
$data = [
'street' => $_POST['street'],
'house_number' => $_POST['house_number'],
'postal_code' => $_POST['postal_code'],
'city' => $_POST['city'],
'country' => $_POST['country'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$result = $this->model->createLocation($data);
$this->view->setVars(['location' => $result]);
}
public function editLocationForm() {
$id = $_GET['location_id'];
$location = $this->model->getLocation($id);
$this->view->setVars(['location' => $location]);
}
public function updateLocation() {
$data = [
'street' => $_POST['street'],
'house_number' => $_POST['house_number'],
'postal_code' => $_POST['postal_code'],
'city' => $_POST['city'],
'country' => $_POST['country'],
'phone' => $_POST['phone'],
'email' => $_POST['email']
];
$location_id = $_POST['location_id'];
$result = $this->model->updateLocation($location_id, $data);
$this->view->setVars(['location' => $result]);
}
public function deleteLocation() {
$id = $_GET['location_id'] ?? null;
$this->model->deleteLocation($id);
}
}

10
Controller/LoginController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class LoginController {
function showLoginPage()
{
}
}

10
Controller/RegisterController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class RegisterController {
function showRegisterPage()
{
}
}

61
Controller/StandortController.php
View File

@@ -1,61 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\StandortModel;
class StandortController {
private $model;
private $view;
public function __construct($view) {
$this->model = new StandortModel();
$this->view = $view;
}
public function showStandorte() {
$standorte = $this->model->getStandorte();
$this->view->setVars(['standorte' => $standorte]);
}
public function createStandort() {
$data = [
'straße' => $_POST['straße'],
'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$erg = $this->model->createStandort($data);
$this->view->setVars(['standort' => $erg]);
}
public function editStandortForm() {
$id = $_GET['standortid'];
$standort = $this->model->getStandort($id);
$this->view->setVars(['standort' => $standort]);
}
public function updateStandort() {
$id = $_POST['standortid'];
$data = [
'straße' => $_POST['straße'],
'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$erg = $this->model->updateStandort($id, $data);
$this->view->setVars(['standort' => $erg]);
}
public function deleteStandort() {
$id = $_GET['standortid'] ?? null;
$this->model->deleteStandort($id);
}
}

12
Controller/TicketController.php
View File

@@ -21,13 +21,13 @@ class TicketController {
public function buyTicket() {
$data = [
'userid' => $_POST['userid'],
'eventid' => $_POST['eventid'],
'kaufdatum' => date('Y-m-d'),
'gültigkeitsdatum' => $_POST['gültigkeitsdatum']
'user_id' => $_POST['user_id'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'price' => $_POST['price'] ?? null
];
$erg = $this->ticketModel->buyTicket($data);
$this->view->setVars(['ticket' => $erg]);
$result = $this->ticketModel->createTicket($data);
$this->view->setVars(['ticket' => $result]);
}
public function deleteTicket() {

57
Controller/VoucherController.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
namespace Blog\Controller;
use Blog\Model\VoucherModel;
class VoucherController {
private $model;
private $view;
public function __construct($view) {
$this->model = new VoucherModel();
$this->view = $view;
}
public function showVouchers() {
$vouchers = $this->model->getVouchers();
$this->view->setVars(['vouchers' => $vouchers]);
}
public function createVoucher() {
$data = [
'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null
];
$result = $this->model->createVoucher($data);
$this->view->setVars(['voucher' => $result]);
exit;
}
public function editVoucherForm() {
$id = $_GET['voucher_id'];
if ($id) {
$voucher = $this->model->getVoucher($id);
$this->view->setVars(['voucher' => $voucher]);
}
}
public function updateVoucher() {
$id = $_POST['voucher_id'];
$data = [
'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null,
'event_id' => $_POST['event_id'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null
];
$this->model->updateVoucher($id, $data);
}
public function deleteVoucher() {
$id = $_GET['voucher_id'] ?? null;
$this->model->deleteVoucher($id);
}
}

18
Controller/WelcomeController.php
View File

@@ -1,18 +0,0 @@
<?php
namespace Blog\Controller;
class WelcomeController
{
function showWelcome() {
}
function showProjects() {
}
function showTutorials() {
}
}

239
Model/AuthModel.php Normal file
View File

@@ -0,0 +1,239 @@
<?php
namespace Blog\Model;
use DateTime;
use PDO;
use PDOException;
class AuthModel extends Database
{
public function login(string $email, string $password)
{
$pdo = $this->linkDB();
$sql = "SELECT email, password, valid_until FROM user WHERE email = :email";
$params = [":email" => $email];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
$user = $sth->fetch(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Benutzerdaten.", $e);
return "Interner Datenbankfehler."; // Nur für Debug sichtbar machen, sonst besser allgemein halten
}
if (!$user) {
return "Benutzer mit dieser E-Mail wurde nicht gefunden.";
}
if (!password_verify($password, $user['password'])) {
return "Das eingegebene Passwort ist falsch.";
}
try {
$now = new DateTime();
$validUntil = new DateTime($user['valid_until']);
if ($now > $validUntil) {
return "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über \"Passwort vergessen\".";
}
} catch (\Exception $e) {
new \Blog\Library\ErrorMsg("Fehler beim Verarbeiten des Gültigkeitsdatums.", $e);
return "Fehler bei der Passwortprüfung.";
}
return true;
}
public function register($data) {
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
return "Bitte geben Sie eine gültige E-Mail ein.";
}
$requiredFields = [
'email', 'password', 'street', 'house_number', 'city', 'postal_code',
'country', 'first_name', 'last_name', 'phone'
];
foreach ($requiredFields as $field) {
if (empty($data[$field])) {
return "Bitte füllen Sie alle Felder aus.";
}
}
if ($this->userExistsByEmail($data['email'])) {
return "Ein Account mit dieser E-Mail existiert bereits.";
}
// Passwort-Validierung
if (!$this->checkDoublePw($data['password'], $data['password_repeat'])) {
return "Passwörter stimmen nicht überein.";
}
if ($this->pwRequirementCheck($data['password']) !== true) {
return "Passwort muss mindestens 8 Zeichen lang sein und mindestens ein Großbuchstabe, ein Kleinbuchstabe, eine Zahl und ein Sonderzeichen enthalten.";
}
$hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password, street, house_number, city, postal_code, country, first_name, last_name, phone, is_admin)
VALUES (:email, :password, :street, :house_number, :city, :postal_code, :country, :first_name, :last_name, :phone, :is_admin)";
$params = [
':email' => $data['email'],
':password' => $hashedPassword,
':street' => $data['street'],
':house_number' => $data['house_number'],
':city' => $data['city'],
':postal_code'=> $data['postal_code'],
':country'=> $data['country'],
':first_name' => $data['first_name'],
':last_name'=> $data['last_name'],
':phone' => $data['phone'],
':is_admin' => $data['is_admin'] ? 1 : 0,
];
try {
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return true;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
return false;
}
}
private function userExistsByEmail($email) {
try {
$pdo = $this->linkDB();
$sql = "SELECT user_id FROM user WHERE email = :email";
$params = [':email' => $email];
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return (bool) $stmt->fetch();
} catch (\PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler bei der E-Mail-Prüfung", $e);
return false;
}
}
public function pwForgot($email){
$randomPw = bin2hex(random_bytes(12 / 2));
$hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);
$this->forgottenPwUpdate($email, $hashedPassword);
$betreff = "Passwort zurücksetzen bei bibArts";
$nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";
$header = "From: noreply@edu.bib.de\r\n";
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
$maxTries = 5;
$try = 0;
$success = false;
while ($try < $maxTries && !$success) {
$erfolg = mail($email, $betreff, $nachricht, $header);
$try++;
if (!$erfolg) {
error_log("Mailversuch $try an $email fehlgeschlagen.");
sleep(1);
}
}
}
private function forgottenPwUpdate($email, $hashedPassword) {
try{
$pdo = $this->linkDB();
$sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
$stmt = $pdo->prepare($sqlCheck);
$stmt->execute([':email' => $email]);
if ($stmt->fetchColumn() == 0) {
return false;
}
$validUntil = (new DateTime())->add(new DateInterval('PT2H'))->format('Y-m-d H:i:s');
$sql = "UPDATE user
SET password = :password, valid_until = :valid_until
WHERE email = :email";
$stmt = $pdo->prepare($sql);
$params = [
':email' => $email,
':password' => $hashedPassword,
':valid_until' => $validUntil
];
return $stmt->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
return false;
}
}
public function updatePassword($email, $oldpw, $newpw){
if(!$this->login($email, $oldpw)) {
return false;
}
$requiredFields = [$email, $oldpw, $newpw];
foreach ($requiredFields as $field) {
if (empty($field)) {
return "Bitte füllen Sie alle Felder aus";
}
}
$hashedPassword = password_hash($newpw, PASSWORD_DEFAULT);
$sql = "UPDATE user SET password = :password WHERE email = :email";
try{
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
$params = [
':email' => $email,
':password' => $hashedPassword,
];
return $stmt->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
}
public function checkDoublePw($password1, $password2){
if($password1 === $password2){
return true;
}
else
return false;
}
public function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("[^a-zA-Z0-9\s]", $password));
$error[] = "min one special character";
if(empty($error))
return true;
else
return $error;
}
}

63
Model/EventModel.php
View File

@@ -8,11 +8,11 @@ class EventModel extends Database {
public function getEvents() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM ausstellung ORDER BY datum_von DESC;";
$sql = "SELECT * FROM event ORDER BY start_date ASC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Events.", $e);
die;
@@ -21,11 +21,12 @@ class EventModel extends Database {
public function getEvent($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM ausstellung WHERE ausstellungid = :id;";
$sql = "SELECT * FROM event WHERE event_id = :event_id;";
$params = [":event_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]);
return $sth->fetch(\PDO::FETCH_ASSOC);
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return $stmt->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen des Events.", $e);
die;
@@ -34,20 +35,29 @@ class EventModel extends Database {
public function updateEvent($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE ausstellung SET standortid = :standortid, datum_von = :datum_von, datum_bis = :datum_bis, name = :name, beschreibung = :beschreibung, max_tickets = :max_tickets, preis = :preis WHERE ausstellungid = :id;";
$sql = "UPDATE event SET
name = :name,
description = :description,
location_id = :location_id,
start_date = :start_date,
end_date = :end_date,
max_tickets = :max_tickets,
ticket_price = :ticket_price
WHERE event_id = :event_id;";
$params = [
":standortid" => $data['standortid'],
":datum_von" => $data['datum_von'],
":datum_bis" => $data['datum_bis'],
":name" => $data['name'],
":beschreibung" => $data['beschreibung'],
":description" => $data['description'],
":location_id" => $data['location_id'],
":start_date" => $data['start_date'],
":end_date" => $data['end_date'],
":max_tickets" => $data['max_tickets'],
":preis" => $data['preis'],
":id" => $id
":ticket_price" => $data['ticket_price'],
":event_id" => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Events.", $e);
die;
@@ -56,32 +66,35 @@ class EventModel extends Database {
public function createEvent($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets, preis) VALUES (:standortid, :datum_von, :datum_bis, :name, :beschreibung, :max_tickets, :preis);";
$sql = "INSERT INTO event (name, description, location_id, start_date, end_date, max_tickets, ticket_price)
VALUES (:name, :description, :location_id, :start_date, :end_date, :max_tickets, :ticket_price);";
$params = [
":standortid" => $data['standortid'],
":datum_von" => $data['datum_von'],
":datum_bis" => $data['datum_bis'],
":name" => $data['name'],
":beschreibung" => $data['beschreibung'],
":description" => $data['description'],
":location_id" => $data['location_id'],
":start_date" => $data['start_date'],
":end_date" => $data['end_date'],
":max_tickets" => $data['max_tickets'],
":preis" => $data['preis']
":ticket_price" => $data['ticket_price']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Erstellen des Events.", $e);
new \Blog\Library\ErrorMsg("Fehler beim Schreiben des Events.", $e);
die;
}
}
public function deleteEvent($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM ausstellung WHERE ausstellungid = :id;";
$sql = "DELETE FROM event WHERE event_id = :event_id;";
$params = [":event_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]);
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return $stmt->rowCount();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Events.", $e);
die;

86
Model/GutscheinModel.php
View File

@@ -1,86 +0,0 @@
<?php
namespace Blog\Model;
use PDOException;
class GutscheinModel extends Database {
public function getGutscheine() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein ORDER BY gültigkeit DESC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Gutscheine.", $e);
die;
}
}
public function getGutschein($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen des Gutscheins.", $e);
die;
}
}
public function createGutschein($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO gutschein (code, rabatt, eventid, gültigkeit) VALUES (:code, :rabatt, :eventid, :gültigkeit);";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":eventid" => $data['eventid'],
":gültigkeit" => $data['gültigkeit']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Erstellen des Gutscheins.", $e);
die;
}
}
public function updateGutschein($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE gutschein SET code = :code, rabatt = :rabatt, eventid = :eventid, gültigkeit = :gültigkeit WHERE gutscheinid = :id;";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":eventid" => $data['eventid'],
":gültigkeit" => $data['gültigkeit'],
":id" => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren des Gutscheins.", $e);
die;
}
}
public function deleteGutschein($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Gutscheins.", $e);
die;
}
}
}

69
Model/StandortModel.php → Model/LocationModel.php
View File

@@ -2,13 +2,14 @@
namespace Blog\Model;
use PDO;
use PDOException;
class StandortModel extends Database {
class LocationModel extends Database {
public function getStandorte() {
public function getLocations() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM Standort ORDER BY standortid ASC;";
$sql = "SELECT * FROM location ORDER BY location_id ASC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
@@ -19,10 +20,10 @@ class StandortModel extends Database {
}
}
public function getStandort($standortid) {
public function getLocation($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM Standort WHERE standortid = :standortid;";
$params = [":standortid" => $standortid];
$sql = "SELECT * FROM location WHERE location_id = :location_id;";
$params = [":location_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
@@ -33,17 +34,17 @@ class StandortModel extends Database {
}
}
public function createStandort($data) {
public function createLocation($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO Standort (straße, hausnr, postleitzahl, ort, land, tel, email)
VALUES (:straße, :hausnr, :postleitzahl, :ort, :land, :tel, :email);";
$sql = "INSERT INTO location (street, house_number, postal_code, city, country, phone, email)
VALUES (:street, :house_number, :postal_code, :city, :country, :phone, :email);";
$params = [
":straße" => $data['straße'],
":hausnr" => $data['hausnr'],
":postleitzahl" => $data['postleitzahl'],
":ort" => $data['ort'],
":land" => $data['land'],
":tel" => $data['tel'],
":street" => $data['street'],
":house_number" => $data['house_number'],
":postal_code" => $data['postal_code'],
":city" => $data['city'],
":country" => $data['country'],
":phone" => $data['phone'],
":email" => $data['email']
];
try {
@@ -56,26 +57,26 @@ class StandortModel extends Database {
}
}
public function updateStandort($standortid, $data) {
public function updateLocation($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE Standort SET
straße = :straße,
hausnr = :hausnr,
postleitzahl = :postleitzahl,
ort = :ort,
land = :land,
tel = :tel,
$sql = "UPDATE location SET
street = :street,
house_number = :house_number,
postal_code = :postal_code,
city = :city,
country = :country,
phone = :phone,
email = :email
WHERE standortid = :standortid;";
WHERE location_id = :location_id;";
$params = [
":straße" => $data['straße'],
":hausnr" => $data['hausnr'],
":postleitzahl" => $data['postleitzahl'],
":ort" => $data['ort'],
":land" => $data['land'],
":tel" => $data['tel'],
":street" => $data['street'],
":house_number" => $data['house_number'],
":postal_code" => $data['postal_code'],
":city" => $data['city'],
":country" => $data['country'],
":phone" => $data['phone'],
":email" => $data['email'],
":standortid" => $standortid
":location_id" => $id
];
try {
$sth = $pdo->prepare($sql);
@@ -87,10 +88,10 @@ class StandortModel extends Database {
}
}
public function deleteStandort($standortid) {
public function deleteLocation($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM Standort WHERE standortid = :standortid;";
$params = [":standortid" => $standortid];
$sql = "DELETE FROM location WHERE location_id = :location_id;";
$params = [":location_id" => $id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);

89
Model/NewsModel.php
View File

@@ -3,83 +3,58 @@
namespace Blog\Model;
use PDOException;
use PDO;
class NewsModel extends Database {
public function getNewsById($newsId) {
public function getNewsById($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM news WHERE newsid = :newsid;";
$params = [":newsid" => $newsId];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der News.", $e);
die;
}
$sql = "SELECT * FROM news WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [':news_id' => $id];
$stmt->execute($params);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function updateNews($newsId, $news) {
public function updateNews($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE news SET name = :name, beschreibung = :beschreibung, datum = :datum WHERE newsid = :newsid;";
$sql = "UPDATE news SET name = :name, description = :description, date = :date WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [
":name" => $news['titel'],
":beschreibung" => $news['inhalt'],
":datum" => $news['datum'],
":newsid" => $newsId
':name' => $data['name'],
':description' => $data['description'],
':date' => $data['date'],
':news_id' => $id
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der News.", $e);
die;
}
return $stmt->execute($params);
}
public function getNews() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM news ORDER BY datum DESC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der News.", $e);
die;
}
$sql = "SELECT * FROM news ORDER BY date DESC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function createNews($news) {
public function createNews($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO news (name, beschreibung, datum) VALUES (:name, :beschreibung, :datum);";
$sql = "INSERT INTO news (name, description, date) VALUES (:name, :description, :date);";
$stmt = $pdo->prepare($sql);
$params = [
":name" => $news['titel'],
":beschreibung" => $news['inhalt'],
":datum" => $news['datum']
':name' => $data['name'],
':description' => $data['description'],
':date' => $data['date']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der News.", $e);
die;
}
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function deleteNews($newsId) {
public function deleteNews($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM news WHERE newsid = :newsid;";
$params = [":newsid" => $newsId];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen der News.", $e);
die;
}
$sql = "DELETE FROM news WHERE news_id = :news_id;";
$stmt = $pdo->prepare($sql);
$params = [':news_id' => $id];
return $stmt->execute($params);
}
}

98
Model/TicketModel.php
View File

@@ -3,70 +3,72 @@
namespace Blog\Model;
use PDOException;
use PDO;
class TicketModel extends Database {
public function getTickets() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM Ticket ORDER BY ticketid ASC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Tickets.", $e);
die;
}
$sql = "SELECT * FROM ticket ORDER BY ticket_id ASC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function buyTicket($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO Ticket (userid, eventid, kaufdatum, gültigkeitsdatum)
VALUES (:userid, :eventid, :kaufdatum, :gültigkeitsdatum);";
$sql = "INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES (:user_id, :event_id, :purchase_date, :valid_until)";
$stmt = $pdo->prepare($sql);
$params = [
":userid" => $data['userid'],
":eventid" => $data['eventid'],
":kaufdatum" => $data['kaufdatum'],
":gültigkeitsdatum" => $data['gültigkeitsdatum']
':user_id' => $data['user_id'],
':event_id' => $data['event_id'],
':purchase_date' => $data['purchase_date'],
':valid_until' => $data['valid_until']
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $pdo->lastInsertId();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Kauf des Tickets.", $e);
die;
}
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function hasTicket($userid, $eventid) {
public function checkTicketExists($userid, $ausstellungid) {
$pdo = $this->linkDB();
$sql = "SELECT COUNT(*) as count FROM Ticket WHERE userid = :userid AND eventid = :eventid;";
$params = [
":userid" => $userid,
":eventid" => $eventid
];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetch(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler bei der Ticketprüfung.", $e);
die;
}
$sql = "SELECT COUNT(*) as count FROM ticket WHERE user_id = :user_id AND event_id = :event_id;";
$stmt = $pdo->prepare($sql);
$params = [':user_id' => $userid, ':event_id' => $ausstellungid];
$stmt->execute($params);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
return $result['count'] > 0;
}
public function deleteTicket($ticketid) {
public function deleteTicket($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM Ticket WHERE ticketid = :ticketid;";
$params = [":ticketid" => $ticketid];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->rowCount();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Löschen des Tickets.", $e);
die;
}
$sql = "DELETE FROM ticket WHERE ticket_id = :ticket_id;";
$stmt = $pdo->prepare($sql);
$params = [':ticket_id' => $id];
return $stmt->execute($params);
}
public function createTicket($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO ticket (event_id, user_id, price) VALUES (:event_id, :user_id, :price);";
$stmt = $pdo->prepare($sql);
$params = [
':event_id' => $data['event_id'],
':user_id' => $data['user_id'],
':price' => $data['price']
];
return $stmt->execute($params);
}
public function getTicketsByUser($userId) {
$pdo = $this->linkDB();
$sql = "SELECT t.*, e.name as event_name, e.start_date, e.end_date
FROM ticket t
JOIN event e ON t.event_id = e.event_id
WHERE t.user_id = :user_id;";
$stmt = $pdo->prepare($sql);
$params = [':user_id' => $userId];
$stmt->execute($params);
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
}

62
Model/VoucherModel.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
namespace Blog\Model;
use PDO;
use PDOException;
class VoucherModel extends Database {
public function getVouchers() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM voucher ORDER BY valid_until DESC;";
$stmt = $pdo->prepare($sql);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function getVoucher($id) {
$pdo = $this->linkDB();
$sql = "SELECT * FROM voucher WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [':id' => $id];
$stmt->execute($params);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function createVoucher($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO voucher (code, discount, event_id, valid_until) VALUES (:code, :discount, :event_id, :valid_until);";
$stmt = $pdo->prepare($sql);
$params = [
':code' => $data['code'],
':discount' => $data['discount'],
':event_id' => $data['event_id'],
':valid_until' => $data['valid_until']
];
$stmt->execute($params);
return $pdo->lastInsertId();
}
public function updateVoucher($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE voucher SET code = :code, discount = :discount, event_id = :event_id, valid_until = :valid_until WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [
':code' => $data['code'],
':discount' => $data['discount'],
':event_id' => $data['event_id'],
':valid_until' => $data['valid_until'],
':id' => $id
];
return $stmt->execute($params);
}
public function deleteVoucher($id) {
$pdo = $this->linkDB();
$sql = "DELETE FROM voucher WHERE voucher_id = :id;";
$stmt = $pdo->prepare($sql);
$params = [':id' => $id];
return $stmt->execute($params);
}
}

28
Views/Auth/showLoginForm.phtml Normal file
View File

@@ -0,0 +1,28 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<label for="email">E-Mail</label>
<input class="input-email" type="email" name="email" id="email" placeholder="E-Mail" required>
<label for="password">Passwort</label>
<input class="input-passwort" type="password" name="password" id="password" placeholder="Passwort" required>
<button class="button-loggin" type="submit">Login</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<br>
<a class="link-konto-erstellen" href="?controller=Auth&do=showRegistrationForm">Konto erstellen</a>
</div>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

55
Views/Auth/showRegistrationForm.phtml Normal file
View File

@@ -0,0 +1,55 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="register">
<label>
<input class="input-vorname" type="text" name="vorname" placeholder="Vorname">
</label>
<label>
<input class="input-nachname" type="text" name="nachname" placeholder="Nachname">
</label>
<label>
<input class="input-email" type="text" name="email" placeholder="E-Mail">
</label>
<label>
<input class="input-passwort" type="password" name="password" placeholder="Passwort">
</label>
<label>
<input class="input-passwort-repeat" type="password" name="password_repeat" placeholder="Passwort wiederholen">
</label>
<label>
<input class="input-strasse" type="text" name="strasse" placeholder="Straße">
</label>
<label>
<input class="input-hausnr" type="text" name="hausnr" placeholder="Hausnr.">
</label>
<label>
<input class="input-postleitzahl" type="text" name="plz" placeholder="Postleitzahl">
</label>
<label>
<input class="input-ort" type="text" name="ort" placeholder="Ort">
</label>
<label>
<input class="input-land" type="text" name="land" placeholder="Land">
</label>
<label>
<input class="input-tel" type="text" name="tel" placeholder="Telefonnr.">
</label>
<button class="button-register" type="submit">Registrieren</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Auth&do=showLoginForm" class="login-link">Bereits registriert? Hier einloggen</a>
</div>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

12
Views/Contact/showConfirmation.phtml
View File

@@ -1,12 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Ihre Anfrage wurde erfolgreich versendet.</p>
<a href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

36
Views/Contact/showContactForm.phtml
View File

@@ -1,36 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Ihre Anfrage an uns</h2>
<form method="post">
<?php foreach ($labels as $index => $value) {
echo '<label for="' . $index . '">' . $value . '</label>';
if ($index == "content") {
echo "<textarea id=\"$index\" name=\"$index\" >";
if (isset($validData[$index])) { echo $validData[$index]; }
echo "</textarea><br>";
} else {
echo '<input type="text" name="' . $index . '" value="' . (isset($validData[$index]) ? $validData[$index] : '') . '"><br>';
}
if (isset($errors[$index])) {
echo '<label class="errorMsg">' . $errors[$index] . '</label><br>';
}
}
?>
<input type="hidden" name="controller" value="contact">
<input type="hidden" name="do" value="validateForm">
<input type="submit" name="submit" value="Absenden"></form>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

8
Views/Event/createEvent.phtml
View File

@@ -3,10 +3,10 @@ include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Das Event "<?php echo $name?>" wurde erfolgreich erstellt!</p>
<p>Das Event "<?php echo $event['name']?>" wurde erfolgreich erstellt!</p>
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

6
Views/Event/deleteEvent.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

21
Views/Event/showEvents.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle Ausstellungen</h2>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Events</h2>
<?php if (!empty($events)): ?>
<table>
<thead>
@@ -17,16 +17,17 @@
<?php foreach ($events as $event): ?>
<tr>
<td><?php echo htmlspecialchars($event['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($event['beschreibung'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['datum_von'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['datum_bis'])); ?></td>
<td><?php echo nl2br(htmlspecialchars($event['description'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['start_date'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['end_date'])); ?></td>
<td><?php echo (int) $event['max_tickets']; ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Derzeit sind keine Ausstellungen verfügbar.</p>
<p>Derzeit sind keine Events verfügbar.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

8
Views/Event/updateEvent.phtml
View File

@@ -3,10 +3,10 @@ include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Das Event mit der ID "<?php echo $ausstellungid?>" wurde erfolgreich bearbeitet!</p>
<p>Das Event mit der ID "<?php echo $event_id?>" wurde erfolgreich bearbeitet!</p>
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

1
Views/Gutschein/createGutschein.phtml
View File

@@ -1 +0,0 @@
echo "create gutschein"

35
Views/Gutschein/showGutscheine.phtml
View File

@@ -1,35 +0,0 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Gutschein&do=createGutscheinForm">Neuen Gutschein anlegen</a>
<?php if (!empty($gutscheine)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
<tr>
<th>Code</th>
<th>Rabatt (%)</th>
<th>Event-ID</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($gutscheine as $g): ?>
<tr>
<td><?php echo htmlspecialchars($g['code']); ?></td>
<td><?php echo (int)$g['rabatt']; ?></td>
<td><?php echo (int)$g['eventid']; ?></td>
<td><?php echo htmlspecialchars($g['gültigkeit']); ?></td>
<td>
<a href="?controller=Gutschein&action=editGutscheinForm&id=<?php echo $g['gutscheinid']; ?>">Bearbeiten</a> |
<a href="?controller=Gutschein&action=deleteGutschein&id=<?php echo $g['gutscheinid']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>

17
Views/Standort/showStandorte.phtml → Views/Location/showStandorte.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Unsere Standorte</h2>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Unsere Standorte</h2>
<?php if (!empty($standorte)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
@@ -18,9 +18,9 @@
<tbody>
<?php foreach ($standorte as $standort): ?>
<tr>
<td><?php echo htmlspecialchars($standort['straße']); ?></td>
<td><?php echo htmlspecialchars($standort['strasse']); ?></td>
<td><?php echo htmlspecialchars($standort['hausnr']); ?></td>
<td><?php echo htmlspecialchars($standort['postleitzahl']); ?></td>
<td><?php echo htmlspecialchars($standort['plz']); ?></td>
<td><?php echo htmlspecialchars($standort['ort']); ?></td>
<td><?php echo htmlspecialchars($standort['land']); ?></td>
<td><?php echo htmlspecialchars($standort['tel']); ?></td>
@@ -32,5 +32,6 @@
<?php else: ?>
<p>Keine Standorte gefunden.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

37
Views/Login/showLoginPage.phtml
View File

@@ -1,37 +0,0 @@
<!DOCTYPE html>
<html lang="HTML-5">
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="../../CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<button class="button-loggin">Login</button>
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<a class="link-konto-erstellen">Konto erstellen</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>
<body>
</html>

19
Views/News/showNews.phtml
View File

@@ -1,12 +1,12 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle News</h2>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle News</h2>
<?php if (!empty($news)): ?>
<table>
<thead>
<tr>
<th>Name</th>
<th>Titel</th>
<th>Beschreibung</th>
<th>Datum</th>
</tr>
@@ -15,8 +15,8 @@
<?php foreach ($news as $item): ?>
<tr>
<td><?php echo htmlspecialchars($item['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($item['beschreibung'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($item['datum'])); ?></td>
<td><?php echo nl2br(htmlspecialchars($item['description'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($item['date'])); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
@@ -24,5 +24,6 @@
<?php else: ?>
<p>Derzeit sind keine News verfügbar.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

81
Views/Register/showRegisterPage.phtml
View File

@@ -1,81 +0,0 @@
<!DOCTYPE html>
<html lang="HTML-5">
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="../../CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-vorname" type="text" placeholder="Vorname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-nachname" type="text" placeholder="Nachname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort-repeat" type="text" placeholder="Passwort wiederholen">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-strasse" type="text" placeholder="Straße">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-hausnr" type="text" placeholder="Hausnr.">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-postleitzahl" type="text" placeholder="Postleitzahl">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-ort" type="text" placeholder="Ort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-land" type="text" placeholder="Land">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-tel" type="text" placeholder="Telefonnr.">
</label>
</form>
<button class="button-register">Registrieren</button>
<a class="link-konto-erstellen">Login</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>
<body>
</html>

6
Views/Ticket/buyTicket.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

7
Views/Voucher/createVoucher.phtml Normal file
View File

@@ -0,0 +1,7 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<!-- Gutschein-Erstellungsformular oder Inhalt hier einfügen -->
<?php
include dirname(__DIR__).'/footer.phtml';
?>

37
Views/Voucher/showVouchers.phtml Normal file
View File

@@ -0,0 +1,37 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Voucher&do=createVoucherForm">Neuen Gutschein anlegen</a>
<?php if (!empty($vouchers)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
<tr>
<th>Code</th>
<th>Rabatt (%)</th>
<th>Event-ID</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($vouchers as $v): ?>
<tr>
<td><?php echo htmlspecialchars($v['code']); ?></td>
<td><?php echo (int)$v['discount']; ?></td>
<td><?php echo (int)$v['event_id']; ?></td>
<td><?php echo htmlspecialchars($v['valid_until']); ?></td>
<td>
<a href="?controller=Voucher&do=editVoucherForm&id=<?php echo $v['voucher_id']; ?>">Bearbeiten</a> |
<a href="?controller=Voucher&do=deleteVoucher&id=<?php echo $v['voucher_id']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

21
Views/Welcome/showProjects.phtml
View File

@@ -1,21 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<article>
<h2>Virtuelles Museum</h2>
<span class="articleInfo">John Doe | 12.08.2018 um 10:18 Uhr</span>
<p>
<img class="articleImg" src="images/museum.jpg" alt="my Oculus Rift">
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Curabitur pretium tincidunt lacus. Nulla gravida orci a odio.
</p>
<p>
Proin nonummy, lacus eget pulvinar lacinia, pede felis dignissim leo, vitae tristique magna lacus sit amet eros. Nullam ornare. Praesent odio ligula, dapibus sed, tincidunt eget, dictum ac, nibh. Nam quis lacus. Nunc eleifend molestie velit. Morbi lobortis quam eu velit. Donec euismod vestibulum massa. Donec non lectus. Aliquam commodo lacus sit amet nulla. Cras dignissim elit et augue. Nullam non diam. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. In hac habitasse platea dictumst. Aenean vestibulum. Sed lobortis elit quis lectus. Nunc sed lacus at augue bibendum dapibus.
</p>
<p>
Aliquam vehicula sem ut pede. Cras purus lectus, egestas eu, vehicula at, imperdiet sed, nibh. Morbi consectetuer luctus felis. Donec vitae nisi. Aliquam tincidunt feugiat elit. Duis sed elit ut turpis ullamcorper feugiat. Praesent pretium, mauris sed fermentum hendrerit, nulla lorem iaculis magna, pulvinar scelerisque urna tellus a justo. Suspendisse pulvinar massa in metus. Duis quis quam. Proin justo. Curabitur ac sapien. Nam erat.
Praesent ut quam.
</p>
</article>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

21
Views/Welcome/showTutorials.phtml
View File

@@ -1,21 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<article>
<h2>Implement Controller</h2>
<span class="articleInfo">John Doe | 18.07.2018 um 18:43 Uhr</span>
<p>
<img class="articleImg" src="images/controller.jpg" alt="my Oculus Rift">
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Curabitur pretium tincidunt lacus. Nulla gravida orci a odio.
</p>
<p>
Proin nonummy, lacus eget pulvinar lacinia, pede felis dignissim leo, vitae tristique magna lacus sit amet eros. Nullam ornare. Praesent odio ligula, dapibus sed, tincidunt eget, dictum ac, nibh. Nam quis lacus. Nunc eleifend molestie velit. Morbi lobortis quam eu velit. Donec euismod vestibulum massa. Donec non lectus. Aliquam commodo lacus sit amet nulla. Cras dignissim elit et augue. Nullam non diam. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. In hac habitasse platea dictumst. Aenean vestibulum. Sed lobortis elit quis lectus. Nunc sed lacus at augue bibendum dapibus.
</p>
<p>
Aliquam vehicula sem ut pede. Cras purus lectus, egestas eu, vehicula at, imperdiet sed, nibh. Morbi consectetuer luctus felis. Donec vitae nisi. Aliquam tincidunt feugiat elit. Duis sed elit ut turpis ullamcorper feugiat. Praesent pretium, mauris sed fermentum hendrerit, nulla lorem iaculis magna, pulvinar scelerisque urna tellus a justo. Suspendisse pulvinar massa in metus. Duis quis quam. Proin justo. Curabitur ac sapien. Nam erat.
Praesent ut quam.
</p>
</article>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

16
Views/Welcome/showWelcome.phtml
View File

@@ -1,16 +0,0 @@
<!DOCTYPE html>
<html lang="HTML-5">
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="inhalt">
<div class="container-welcome-inhalt">
<div class="beispiel-austellung1-img"></div>
<div class="beispiel-austellung2-img"></div>
</div>
</div>
<?php
include dirname(__DIR__).'/footer.phtml';
?>
</html>

30
Views/footer.phtml
View File

@@ -1,19 +1,13 @@
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="footer">
<div class="container-zahlungsmittel">
<h2 class="header-zahlungsarten">Mögliche Zahlungsarten</h2>
<div class="zahlungsmittel-img"></div>
</div>
<div class="line"></div>
<a class="link-impressum">Impressum</a>
<a class="link-datenschutz">Datenschutz</a>
<a class="link-nutzungsbedingungen">Nutzungsbedingungen</a>
<span class="text-bib">© bib arts GmbH</span>
<div id="footer">
<div class="container-zahlungsmittel">
<h2 class="header-zahlungsarten">Mögliche Zahlungsarten</h2>
<div class="zahlungsmittel-img"></div>
</div>
</body>
<div class="line"></div>
<a class="link-impressum">Impressum</a>
<a class="link-datenschutz">Datenschutz</a>
<a class="link-nutzungsbedingungen">Nutzungsbedingungen</a>
<span class="text-bib">© bib arts GmbH</span>
</div>
</body>
</html>

21
Views/header.phtml
View File

@@ -1,21 +1,30 @@
<!DOCTYPE html>
<html lang="HTML-5">
<html lang="de">
<head>
<title>VR Contact</title>
<title>Bib Arts</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="CSS/style.css" rel="stylesheet" type="text/css" />
<link href="/bibarts/CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="wrapper">
<nav id="navigation">
<div class="link-container">
<div id="logo" ><a class="link-logo" href="#"></a></div>
<a id="link-ausstellungen" class="links" href="?controller=Event&do=showEvents">Ausstellungen</a>
<a id="link-tickets" class="links" href="#">Tickets</a>
<a id="link-infos" class="links" href="?controller=Welcome&do=showWelcome">Infos</a>
<a id="link-news" class="links" href="/bibarts/?controller=News&do=showNews">News</a>
<a id="link-profil" class="links" href="?controller=Contact&do=showContactForm">Profil</a>
<div id="profile-picture"></div>
<?php if (isset($_SESSION['user'])): ?>
<form method="post" action="/bibarts/index.php" style="display:inline;">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="logout">
<button type="submit" class="links" style="background:none;border:none;cursor:pointer;">Logout</button>
</form>
<?php else: ?>
<a class="links" href="?controller=Auth&do=showLoginForm">Login</a>
<?php endif; ?>
</div>
</nav>
</body>
</html>
</div>

136
bibarts.sql
View File

@@ -1,124 +1,112 @@
-- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Erstellungszeit: 24. Nov 2017 um 17:01
-- Server-Version: 10.1.16-MariaDB
-- PHP-Version: 7.0.9
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
--
-- Datenbank: `blog`
--
-- --------------------------------------------------------
CREATE TABLE User (
userid INT AUTO_INCREMENT PRIMARY KEY,
vorname VARCHAR(50),
nachname VARCHAR(50),
strasse VARCHAR(100),
hausnr VARCHAR(10),
postleitzahl VARCHAR(10),
ort VARCHAR(50),
land VARCHAR(50),
tel VARCHAR(20),
CREATE TABLE user (
user_id INT AUTO_INCREMENT PRIMARY KEY,
first_name VARCHAR(50),
last_name VARCHAR(50),
street VARCHAR(100),
house_number VARCHAR(10),
postal_code VARCHAR(10),
city VARCHAR(50),
country VARCHAR(50),
phone VARCHAR(20),
email VARCHAR(100) UNIQUE,
isAdmin BOOLEAN DEFAULT FALSE,
is_admin BOOLEAN DEFAULT FALSE,
valid_until DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00',
password VARCHAR(255)
);
CREATE TABLE Standort (
standortid INT AUTO_INCREMENT PRIMARY KEY,
strasse VARCHAR(100),
hausnr VARCHAR(10),
plz VARCHAR(10),
ort VARCHAR(50),
land VARCHAR(50),
tel VARCHAR(20),
CREATE TABLE location (
location_id INT AUTO_INCREMENT PRIMARY KEY,
street VARCHAR(100),
house_number VARCHAR(10),
postal_code VARCHAR(10),
city VARCHAR(50),
country VARCHAR(50),
phone VARCHAR(20),
email VARCHAR(100)
);
CREATE TABLE Ausstellung (
austellungid INT AUTO_INCREMENT PRIMARY KEY,
standortid INT,
datum_von DATE,
datum_bis DATE,
CREATE TABLE event (
event_id INT AUTO_INCREMENT PRIMARY KEY,
location_id INT,
start_date DATE,
end_date DATE,
name VARCHAR(100),
beschreibung TEXT,
description TEXT,
max_tickets INT,
FOREIGN KEY (standortid) REFERENCES Standort(standortid)
ticket_price DECIMAL(5,2),
FOREIGN KEY (location_id) REFERENCES location(location_id)
);
CREATE TABLE Ticket (
ticketid INT AUTO_INCREMENT PRIMARY KEY,
userid INT,
ausstellungid INT,
kaufdatum DATE,
gueltigkeit DATE,
preis DECIMAL(10,2),
FOREIGN KEY (userid) REFERENCES User(userid),
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
CREATE TABLE ticket (
ticket_id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT,
event_id INT,
purchase_date DATE,
valid_until DATE,
FOREIGN KEY (user_id) REFERENCES user(user_id),
FOREIGN KEY (event_id) REFERENCES event(event_id)
);
CREATE TABLE Gutschein (
gutscheinid INT AUTO_INCREMENT PRIMARY KEY,
CREATE TABLE voucher (
voucher_id INT AUTO_INCREMENT PRIMARY KEY,
code VARCHAR(50) UNIQUE,
rabatt INT CHECK (rabatt BETWEEN 0 AND 100),
ausstellungid INT,
gueltigkeit DATE,
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
discount INT CHECK (discount BETWEEN 0 AND 100),
event_id INT,
valid_until DATE,
FOREIGN KEY (event_id) REFERENCES event(event_id)
);
CREATE TABLE News (
newsid INT AUTO_INCREMENT PRIMARY KEY,
CREATE TABLE news (
news_id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100),
beschreibung TEXT,
datum DATE
description TEXT,
date DATE
);
-- User-Daten
INSERT INTO User (vorname, nachname, strasse, hausnr, postleitzahl, ort, land, tel, email, isAdmin, password)
-- User-Daten (Passwort: passwort123)
INSERT INTO user (first_name, last_name, street, house_number, postal_code, city, country, phone, email, is_admin, password)
VALUES
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, 'passwort123'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, 'adminpass');
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, '$2y$10$VAj.C0XHPUxV4oXS6b79aumlg5fBMPPx5FPqgkQSIQeBLh0WtYmKy'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, '$2y$10$cnPBpkvLbdpDxzYvxlQg9uVp5y8ggr2SWL8NAMg9zk.3QnnEl.MGq');
-- Standort-Daten
INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email)
INSERT INTO location (street, house_number, postal_code, city, country, phone, email)
VALUES
('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'),
('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de');
-- Ausstellung-Daten
INSERT INTO Ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets)
INSERT INTO event (location_id, start_date, end_date, name, description, max_tickets, ticket_price)
VALUES
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150);
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200, 19.99),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150, 39.99);
-- Gutschein-Daten (Spaltennamen korrigiert)
INSERT INTO Gutschein (code, rabatt, ausstellungid, gueltigkeit)
-- Gutschein-Daten
INSERT INTO voucher (code, discount, event_id, valid_until)
VALUES
('SOMMER2025', 15, 1, '2025-08-31'),
('HERBST25', 25, 2, '2025-10-15');
-- Ticket-Daten (Spaltennamen korrigiert)
INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit, preis)
-- Ticket-Daten
INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES
(1, 1, '2025-06-01', '2025-07-15', 12.50),
(2, 2, '2025-06-05', '2025-09-15', 10.00);
(1, 1, '2025-06-01', '2025-07-15'),
(2, 2, '2025-06-05', '2025-09-15');
-- News-Daten
INSERT INTO News (name, beschreibung, datum)
INSERT INTO news (name, description, date)
VALUES
('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'),
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');

8
index.php
View File

@@ -19,11 +19,11 @@ spl_autoload_register(function ($className) {
$controllerName = "";
$doMethodName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Welcome";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showWelcome";
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Auth";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showAuthForm";
} else {
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Welcome";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showWelcome";
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Auth";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showAuthForm";
}
$controllerClassName = 'Blog\\Controller\\'.ucfirst($controllerName).'Controller';