PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PBBFA23CSE:frontendBackendFinal
Branches Tags
PBBFA23CSE:main PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:develop
...
compare: PBBFA23CSE:6852923db06e00d2d8a5b636de55f82227a1370a
Branches Tags
PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:main PBBFA23CSE:develop

17 Commits
frontendBa ... 6852923db0

Author SHA1 Message Date
Karsten Tlotzek
6852923db0 Add login page styles and refactor authentication views 
- Introduced new styles for the login page, enhancing layout and responsiveness.
- Updated the login view to utilize the new styles and improve user feedback for login errors and success messages.
- Removed unused controllers and views related to contact and login functionalities to streamline the codebase.
- Adjusted error message handling in the AuthController for better clarity on password requirements.
 2025-06-30 14:01:08 +02:00
Karsten Tlotzek
71d838da0a Merge branch 'feature/authentification' into frontendbackendtest 
# Conflicts:
#	bibarts.sql
 2025-06-30 11:13:44 +02:00
Karsten Tlotzek
8583012c5b Refactor views wegen öffnendem body tag im header und schließenden tag im footer 2025-06-30 10:50:08 +02:00
Karsten Tlotzek
31a381bba4 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:28:28 +02:00
Karsten Tlotzek
a72a0c5fc5 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:27:10 +02:00
Karsten Tlotzek
ce23d839a3 Register und login gefixt 2025-06-30 09:56:52 +02:00
Karsten Tlotzek
36d6364cd0 Auth angepasst 2025-06-27 10:24:21 +02:00
Max538
5477e7fdd8 fixed sql 2025-06-23 14:23:00 +02:00
Max538
db526e5bb2 implemented Controller logic 2025-06-23 14:22:43 +02:00
Max538
dd6e98fe28 implemented update pw function 2025-06-23 14:14:25 +02:00
Max538
5965e1df81 implemented input validation for register function 2025-06-23 10:35:55 +02:00
Max538
8d4376d313 fixed login function 2025-06-23 10:17:17 +02:00
Max538
49a8f6a1dc added database sql skript with changes 2025-06-16 15:12:51 +02:00
Max538
78e1e72eba implemented authmodel 2025-06-16 15:12:28 +02:00
Max538
4fa775f326 implemented authcontroller logic 2025-06-16 15:12:13 +02:00
Karsten Tlotzek
1df705a235 Merge remote-tracking branch 'origin/main' 2025-06-12 16:15:25 +02:00
Karsten Tlotzek
5594d469de Test 2025-06-12 16:14:54 +02:00
34 changed files with 732 additions and 335 deletions
Expand all files Collapse all files

6
.idea/sqldialects.xml generated
View File

@@ -1,6 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="SqlDialectMappings">
<file url="file://$PROJECT_DIR$/contact.sql" dialect="GenericSQL" />
</component>
</project>

120
CSS/style.css
View File

@@ -126,11 +126,117 @@ a {
border-radius: 10px;
}
.login-container {
position: absolute;
top: 200px;
background-color: #BAC8D4;
width: 900px;
height: 450px;
border-radius: 10px;
/* Login Page Styles */
.login-page-bg {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
background: linear-gradient(135deg, #DFF0F2 60%, #BAC8D4 100%);
}
.login-container {
background: #fff;
box-shadow: 0 4px 24px rgba(0,0,0,0.10);
border-radius: 16px;
padding: 40px 32px 32px 32px;
width: 100%;
max-width: 400px;
display: flex;
flex-direction: column;
align-items: center;
}
.login-title {
margin-bottom: 24px;
color: #4d4d4d;
font-size: 2rem;
font-weight: 600;
letter-spacing: 1px;
}
.login-form {
width: 100%;
display: flex;
flex-direction: column;
gap: 18px;
}
.login-field {
display: flex;
flex-direction: column;
gap: 6px;
}
.login-field label {
font-weight: 500;
color: #4d4d4d;
}
.login-field input {
padding: 10px 12px;
border: 1px solid #BAC8D4;
border-radius: 6px;
font-size: 1rem;
background: #F7FAFC;
transition: border 0.2s;
}
.login-field input:focus {
border: 1.5px solid #09add0;
outline: none;
}
.login-btn {
margin-top: 10px;
padding: 12px 0;
background: #09add0;
color: #fff;
border: none;
border-radius: 6px;
font-size: 1.1rem;
font-weight: 600;
cursor: pointer;
transition: background 0.2s;
}
.login-btn:hover {
background: #007b9e;
}
.login-error {
background: #ffe0e0;
color: #b30000;
border: 1px solid #ffb3b3;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-success {
background: #e0ffe6;
color: #006633;
border: 1px solid #b3ffd1;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-link {
display: inline-block;
margin-top: 10px;
color: #09add0;
font-weight: 500;
text-decoration: underline;
}
@media (max-width: 600px) {
.login-container {
padding: 24px 8px;
max-width: 95vw;
}
}

170
Controller/AuthController.php Normal file
View File

@@ -0,0 +1,170 @@
<?php
namespace Blog\Controller;
use Blog\Model\AuthModel;
class AuthController
{
private $model;
private $view;
public function __construct($view)
{
$this->model = new AuthModel();
$this->view = $view;
}
public function showAuthForm()
{
$this->view->setVars([
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
$this->view->render('auth/form');
}
public function login() {
$email = $_POST['email'];
$password = $_POST['password'];
$result = $this->model->login($email, $password);
if ($result === true) {
$_SESSION['user'] = $email;
$this->view->setVars([
'loginSuccess' => true,
'email' => $email
]);
} else {
$this->view->setVars([
'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."],
'validData' => ['email' => $email],
'loginSuccess' => false
]);
}
}
public function register() {
$data = [
'vorname' => $_POST['vorname'] ?? '',
'nachname' => $_POST['nachname'] ?? '',
'straße' => $_POST['straße'] ?? '',
'hausnr' => $_POST['hausnr'] ?? '',
'postleitzahl' => $_POST['postleitzahl'] ?? '',
'ort' => $_POST['ort'] ?? '',
'land' => $_POST['land'] ?? '',
'tel' => $_POST['tel'] ?? '',
'email' => $_POST['email'] ?? '',
'password' => $_POST['password'] ?? '',
'password_repeat' => $_POST['password_repeat'] ?? '',
'isAdmin' => $_POST['isAdmin'] ?? false,
];
$errors = [];
if (!$this->model->checkDoublePw($data['password'], $data['password_repeat'])) {
$errors['password'] = "Passwörter stimmen nicht überein.";
}
if ($this->pwRequirementCheck($data['password'])) {
$errors['password'] = "Passwort muss mindestens 8 Zeichen lang sein und mindestens ein Großbuchstabe, ein Kleinbuchstabe, eine Zahl und ein Sonderzeichen enthalten.";
}
if (empty($errors)) {
$result = $this->model->register($data);
if ($result === true) {
$this->view->setVars([
'success' => "Registrierung war erfolgreich."
]);
} else {
$errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
}
}
$this->view->setVars([
'errors' => $errors,
'validData' => $data
]);
}
private function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("[^a-zA-Z0-9\s]", $password));
$error[] = "min one special character";
if(empty($error))
return true;
else
return $error;
}
public function forgotPassword() {
$email = $_POST['email'] ?? '';
if (empty($email)) {
$_SESSION['auth_errors']['email'] = "Bitte E-Mail-Adresse angeben.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
$this->model->pwForgot($email);
header("Location: /?controller=Auth&do=showConfirmation&msg=pwforgot");
exit;
}
public function changePassword()
{
$email = $_POST['email'] ?? '';
$oldpw = $_POST['old_password'] ?? '';
$newpw = $_POST['password'] ?? '';
$repeat = $_POST['password_repeat'] ?? '';
if (!$this->model->checkDoublePw($newpw, $repeat)) {
$_SESSION['auth_errors']['password'] = "Neue Passwörter stimmen nicht überein.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
$result = $this->model->updatePassword($email, $oldpw, $newpw);
if ($result === true) {
header("Location: /?controller=Auth&do=showConfirmation&msg=pwchange");
exit;
} else {
$_SESSION['auth_errors']['password'] = is_string($result) ? $result : "Fehler beim Aktualisieren des Passworts.";
header("Location: /?controller=Auth&do=showAuthForm");
exit;
}
}
public function showConfirmation()
{
$messages = [
'login' => "Login erfolgreich.",
'register' => "Registrierung erfolgreich.",
'pwforgot' => "Ein temporäres Passwort wurde an Ihre E-Mail gesendet.",
'pwchange' => "Passwort erfolgreich geändert."
];
$msgKey = $_GET['msg'] ?? '';
$message = $messages[$msgKey] ?? "Aktion erfolgreich.";
$this->view->setVars(['message' => $message]);
$this->view->render('auth/confirmation');
}
}

53
Controller/ContactController.php
View File

@@ -1,53 +0,0 @@
<?php
namespace Blog\Controller;
use Blog\Model\ContactModel;
class ContactController
{
protected $view;
private $db;
private $validData = array();
private $errors = array();
private $labels = array("name" => "Name", "email" => "E-Mail-Adresse", "content" => "Nachricht");
public function __construct($view) {
$this->db = new ContactModel();
$this->view = $view;
}
public function showContactForm() {
$this->view->setVars([
'labels' => $this->labels,
'validData' => $this->validData,
'errors' => $this->errors
]);
}
public function showConfirmation() {
}
public function validateForm() {
foreach ($this->labels as $index => $value) {
if (!isset($_POST[$index]) || empty($_POST[$index])) {
$this->errors[$index] = "Bitte " . $value . " angeben";
} else {
$this->validData[$index] = $_POST[$index];
}
}
if (count($this->errors) > 0) {
$this->view->setDoMethodName("showContactForm");
$this->showContactForm();
} else {
if ($this->db->writeContactData($this->validData)) {
$this->view->setDoMethodName("showConfirmation");
$this->showConfirmation();
}
}
}
}
?>

8
Controller/GutscheinController.php
View File

@@ -23,8 +23,8 @@ class GutscheinController {
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'eventid' => $_POST['eventid'] ?? null,
'gültigkeit' => $_POST['gültigkeit'] ?? null
'ausstellungid' => $_POST['ausstellungid'] ?? null,
'gueltigkeit' => $_POST['gueltigkeit'] ?? null
];
$erg = $this->model->createGutschein($data);
$this->view->setVars(['gutschein' => $erg]);
@@ -44,8 +44,8 @@ class GutscheinController {
$data = [
'code' => $_POST['code'] ?? null,
'rabatt' => $_POST['rabatt'] ?? null,
'eventid' => $_POST['eventid'] ?? null,
'gültigkeit' => $_POST['gültigkeit'] ?? null
'ausstellungid' => $_POST['ausstellungid'] ?? null,
'gueltigkeit' => $_POST['gueltigkeit'] ?? null
];
$this->model->updateGutschein($id, $data);
}

10
Controller/LoginController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class LoginController {
function showLoginPage()
{
}
}

12
Controller/StandortController.php
View File

@@ -21,9 +21,9 @@ class StandortController {
public function createStandort() {
$data = [
'straße' => $_POST['straße'],
'strasse' => $_POST['strasse'],
'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'],
'plz' => $_POST['plz'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
@@ -40,17 +40,17 @@ class StandortController {
}
public function updateStandort() {
$id = $_POST['standortid'];
$data = [
'straße' => $_POST['straße'],
'strasse' => $_POST['strasse'],
'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'],
'plz' => $_POST['plz'],
'ort' => $_POST['ort'],
'land' => $_POST['land'],
'tel' => $_POST['tel'],
'email' => $_POST['email']
];
$erg = $this->model->updateStandort($id, $data);
$standortid = $_POST['standortid'];
$erg = $this->model->updateStandort($standortid, $data);
$this->view->setVars(['standort' => $erg]);
}

4
Controller/TicketController.php
View File

@@ -22,9 +22,9 @@ class TicketController {
public function buyTicket() {
$data = [
'userid' => $_POST['userid'],
'eventid' => $_POST['eventid'],
'ausstellungid' => $_POST['ausstellungid'],
'kaufdatum' => date('Y-m-d'),
'gültigkeitsdatum' => $_POST['gültigkeitsdatum']
'gueltigkeit' => $_POST['gueltigkeit']
];
$erg = $this->ticketModel->buyTicket($data);
$this->view->setVars(['ticket' => $erg]);

18
Controller/WelcomeController.php
View File

@@ -1,18 +0,0 @@
<?php
namespace Blog\Controller;
class WelcomeController
{
function showWelcome() {
}
function showProjects() {
}
function showTutorials() {
}
}

216
Model/AuthModel.php Normal file
View File

@@ -0,0 +1,216 @@
<?php
namespace Blog\Model;
use DateTime;
use PDO;
use PDOException;
class AuthModel extends Database
{
public function login(string $email, string $password)
{
$pdo = $this->linkDB();
$sql = "SELECT email, password, validUntil FROM user WHERE email = :email";
$params = [":email" => $email];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
$user = $sth->fetch(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Benutzerdaten.", $e);
return "Interner Datenbankfehler."; // Nur für Debug sichtbar machen, sonst besser allgemein halten
}
if (!$user) {
return "Benutzer mit dieser E-Mail wurde nicht gefunden.";
}
if (!password_verify($password, $user['password'])) {
return "Das eingegebene Passwort ist falsch.";
}
try {
$now = new DateTime();
$validUntil = new DateTime($user['validUntil']);
if ($now > $validUntil) {
return "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über \"Passwort vergessen\".";
}
} catch (\Exception $e) {
new \Blog\Library\ErrorMsg("Fehler beim Verarbeiten des Gültigkeitsdatums.", $e);
return "Fehler bei der Passwortprüfung.";
}
return true;
}
public function register($data)
{
$rtn = $this->pwRequirementCheck($data['password']);
if ($rtn !== true) {
return $rtn;
}
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
return "Bitte geben Sie eine gültige E-Mail ein.";
}
$requiredFields = [
'email', 'password', 'straße', 'hausnr', 'ort', 'postleitzahl',
'land', 'vorname', 'nachname', 'tel'
];
foreach ($requiredFields as $field) {
if (empty($data[$field])) {
return "Bitte füllen Sie alle Felder aus.";
}
}
if ($this->userExistsByEmail($data['email'])) {
return "Ein Account mit dieser E-Mail existiert bereits.";
}
$hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password, straße, hausnr, ort, postleitzahl, land,vorname, nachname, tel, isAdmin)
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land,:vorname, :nachname, :tel, :isAdmin)";
$params = [
':email' => $data['email'],
':password' => $hashedPassword,
':straße' => $data['straße'],
':hausnr' => $data['hausnr'],
':ort' => $data['ort'],
':postleitzahl'=> $data['postleitzahl'],
':land'=> $data['land'],
':vorname' => $data['vorname'],
':nachname'=> $data['nachname'],
':tel' => $data['tel'],
':isAdmin' => $data['isAdmin'] ? 1 : 0,
];
try {
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return true;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
return false;
}
}
private function userExistsByEmail($email) {
try {
$pdo = $this->linkDB();
$sql = "SELECT userid FROM user WHERE email = :email";
$params = [':email' => $email];
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
return (bool) $stmt->fetch();
} catch (\PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler bei der E-Mail-Prüfung", $e);
return false;
}
}
public function pwForgot($email){
$randomPw = bin2hex(random_bytes(12 / 2));
$hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);
$this->forgottenPwUpdate($email, $hashedPassword);
$betreff = "Passwort zurücksetzen bei bibArts";
$nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";
$header = "From: noreply@edu.bib.de\r\n";
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
$maxTries = 5;
$try = 0;
$success = false;
while ($try < $maxTries && !$success) {
$erfolg = mail($email, $betreff, $nachricht, $header);
$try++;
if (!$erfolg) {
error_log("Mailversuch $try an $email fehlgeschlagen.");
sleep(1);
}
}
}
private function forgottenPwUpdate($email, $hashedPassword)
{
try{
$pdo = $this->linkDB();
$sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
$stmt = $pdo->prepare($sqlCheck);
$stmt->execute([':email' => $email]);
if ($stmt->fetchColumn() == 0) {
return false;
}
$validUntil = (new DateTime())->add(new DateInterval('PT2H'))->format('Y-m-d H:i:s');
$sql = "UPDATE user
SET password = :password, validUntil = :validUntil
WHERE email = :email";
$stmt = $pdo->prepare($sql);
return $stmt->execute([
':email' => $email,
':password' => $hashedPassword,
':validUntil' => $validUntil
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
return false;
}
}
public function updatePassword($email, $oldpw, $newpw){
if(!$this->login($email, $oldpw)) {
return false;
}
$requiredFields = [$email, $oldpw, $newpw];
foreach ($requiredFields as $field) {
if (empty($field)) {
return "Bitte füllen Sie alle Felder aus";
}
}
$hashedPassword = password_hash($newpw, PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password)
VALUES (:email, :password)";
try{
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
return $stmt->execute([
':email' => $email,
':password' => $hashedPassword,
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
}
public function checkDoublePw($password1, $password2){
if($password1 === $password2){
return true;
}
else
return false;
}
}

14
Model/GutscheinModel.php
View File

@@ -8,7 +8,7 @@ class GutscheinModel extends Database {
public function getGutscheine() {
$pdo = $this->linkDB();
$sql = "SELECT * FROM gutschein ORDER BY gültigkeit DESC;";
$sql = "SELECT * FROM gutschein ORDER BY gueltigkeit DESC;";
try {
$sth = $pdo->prepare($sql);
$sth->execute();
@@ -35,12 +35,12 @@ class GutscheinModel extends Database {
public function createGutschein($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO gutschein (code, rabatt, eventid, gültigkeit) VALUES (:code, :rabatt, :eventid, :gültigkeit);";
$sql = "INSERT INTO gutschein (code, rabatt, ausstellungid, gueltigkeit) VALUES (:code, :rabatt, :ausstellungid, :gueltigkeit);";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":eventid" => $data['eventid'],
":gültigkeit" => $data['gültigkeit']
":ausstellungid" => $data['ausstellungid'],
":gueltigkeit" => $data['gueltigkeit']
];
try {
$sth = $pdo->prepare($sql);
@@ -54,12 +54,12 @@ class GutscheinModel extends Database {
public function updateGutschein($id, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE gutschein SET code = :code, rabatt = :rabatt, eventid = :eventid, gültigkeit = :gültigkeit WHERE gutscheinid = :id;";
$sql = "UPDATE gutschein SET code = :code, rabatt = :rabatt, ausstellungid = :ausstellungid, gueltigkeit = :gueltigkeit WHERE gutscheinid = :id;";
$params = [
":code" => $data['code'],
":rabatt" => $data['rabatt'],
":eventid" => $data['eventid'],
":gültigkeit" => $data['gültigkeit'],
":ausstellungid" => $data['ausstellungid'],
":gueltigkeit" => $data['gueltigkeit'],
":id" => $id
];
try {

16
Model/StandortModel.php
View File

@@ -35,12 +35,12 @@ class StandortModel extends Database {
public function createStandort($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO Standort (straße, hausnr, postleitzahl, ort, land, tel, email)
VALUES (:straße, :hausnr, :postleitzahl, :ort, :land, :tel, :email);";
$sql = "INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email)
VALUES (:strasse, :hausnr, :plz, :ort, :land, :tel, :email);";
$params = [
":straße" => $data['straße'],
":strasse" => $data['strasse'],
":hausnr" => $data['hausnr'],
":postleitzahl" => $data['postleitzahl'],
":plz" => $data['plz'],
":ort" => $data['ort'],
":land" => $data['land'],
":tel" => $data['tel'],
@@ -59,18 +59,18 @@ class StandortModel extends Database {
public function updateStandort($standortid, $data) {
$pdo = $this->linkDB();
$sql = "UPDATE Standort SET
straße = :straße,
strasse = :strasse,
hausnr = :hausnr,
postleitzahl = :postleitzahl,
plz = :plz,
ort = :ort,
land = :land,
tel = :tel,
email = :email
WHERE standortid = :standortid;";
$params = [
":straße" => $data['straße'],
":strasse" => $data['strasse'],
":hausnr" => $data['hausnr'],
":postleitzahl" => $data['postleitzahl'],
":plz" => $data['plz'],
":ort" => $data['ort'],
":land" => $data['land'],
":tel" => $data['tel'],

14
Model/TicketModel.php
View File

@@ -21,13 +21,13 @@ class TicketModel extends Database {
public function buyTicket($data) {
$pdo = $this->linkDB();
$sql = "INSERT INTO Ticket (userid, eventid, kaufdatum, gültigkeitsdatum)
VALUES (:userid, :eventid, :kaufdatum, :gültigkeitsdatum);";
$sql = "INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit)
VALUES (:userid, :ausstellungid, :kaufdatum, :gueltigkeit);";
$params = [
":userid" => $data['userid'],
":eventid" => $data['eventid'],
":ausstellungid" => $data['ausstellungid'],
":kaufdatum" => $data['kaufdatum'],
":gültigkeitsdatum" => $data['gültigkeitsdatum']
":gueltigkeit" => $data['gueltigkeit']
];
try {
$sth = $pdo->prepare($sql);
@@ -39,12 +39,12 @@ class TicketModel extends Database {
}
}
public function hasTicket($userid, $eventid) {
public function hasTicket($userid, $ausstellungid) {
$pdo = $this->linkDB();
$sql = "SELECT COUNT(*) as count FROM Ticket WHERE userid = :userid AND eventid = :eventid;";
$sql = "SELECT COUNT(*) as count FROM Ticket WHERE userid = :userid AND ausstellungid = :ausstellungid;";
$params = [
":userid" => $userid,
":eventid" => $eventid
":ausstellungid" => $ausstellungid
];
try {
$sth = $pdo->prepare($sql);

35
Views/Auth/login.phtml Normal file
View File

@@ -0,0 +1,35 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="login-page-bg">
<div class="login-container">
<h2 class="login-title">Login</h2>
<?php if (!empty($errors['login'])): ?>
<div class="login-error">
<?php echo htmlspecialchars($errors['login']); ?>
</div>
<?php elseif (!empty($loginSuccess)): ?>
<div class="login-success">
<p>Login f&uuml;r Benutzer <?php echo htmlspecialchars($_SESSION["user"]); ?> erfolgreich</p>
<a class="login-link" href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php else: ?>
<form method="post" class="login-form">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<div class="login-field">
<label for="email">E-Mail:</label>
<input type="email" name="email" id="email" value="<?= htmlspecialchars($validData['email'] ?? '') ?>">
</div>
<div class="login-field">
<label for="password">Passwort:</label>
<input type="password" name="password" id="password">
</div>
<button class="login-btn" type="submit">Einloggen</button>
</form>
<?php endif; ?>
</div>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

61
Views/Auth/register.phtml Normal file
View File

@@ -0,0 +1,61 @@
<?php include dirname(__DIR__).'/header.phtml'; ?>
<?php if (!empty($success)) : ?>
<div class="success-message" style="color: green; margin-bottom: 1em;">
<p><?php echo htmlspecialchars($success); ?></p>
</div>
<?php endif; ?>
<?php if (!empty($errors)) : ?>
<div class="error-messages" style="color: red; margin-bottom: 1em;">
<ul>
<?php foreach ($errors as $field => $error) : ?>
<li><?php echo htmlspecialchars($error); ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
<form action="?controller=Auth&do=register" method="post">
<label for="vorname">Vorname:</label>
<input type="text" name="vorname" id="vorname" value="<?php echo htmlspecialchars($validData['vorname'] ?? ''); ?>" required>
<label for="nachname">Nachname:</label>
<input type="text" name="nachname" id="nachname" value="<?php echo htmlspecialchars($validData['nachname'] ?? ''); ?>" required>
<label for="straße">Straße:</label>
<input type="text" name="straße" id="straße" value="<?php echo htmlspecialchars($validData['straße'] ?? ''); ?>" required>
<label for="hausnr">Hausnummer:</label>
<input type="text" name="hausnr" id="hausnr" value="<?php echo htmlspecialchars($validData['hausnr'] ?? ''); ?>" required>
<label for="postleitzahl">Postleitzahl:</label>
<input type="text" name="postleitzahl" id="postleitzahl" value="<?php echo htmlspecialchars($validData['postleitzahl'] ?? ''); ?>" required>
<label for="ort">Ort:</label>
<input type="text" name="ort" id="ort" value="<?php echo htmlspecialchars($validData['ort'] ?? ''); ?>" required>
<label for="land">Land:</label>
<input type="text" name="land" id="land" value="<?php echo htmlspecialchars($validData['land'] ?? ''); ?>" required>
<label for="tel">Telefonnummer:</label>
<input type="text" name="tel" id="tel" value="<?php echo htmlspecialchars($validData['tel'] ?? ''); ?>">
<label for="email">E-Mail-Adresse:</label>
<input type="email" name="email" id="email" value="<?php echo htmlspecialchars($validData['email'] ?? ''); ?>" required>
<label for="password">Passwort:</label>
<input type="password" name="password" id="password" required>
<label for="password_repeat">Passwort wiederholen:</label>
<input type="password" name="password_repeat" id="password_repeat" required>
<label for="isAdmin">
<input type="checkbox" name="isAdmin" id="isAdmin" value="1" <?php echo (!empty($validData['isAdmin'])) ? 'checked' : ''; ?>>
Admin-Rechte
</label>
<button type="submit">Registrieren</button>
</form>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

14
Views/Login/showLoginPage.phtml → Views/Auth/showAuthForm.phtml
View File

@@ -1,15 +1,7 @@
<!DOCTYPE html>
<html lang="HTML-5">
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="../../CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
@@ -26,12 +18,10 @@ include dirname(__DIR__) . '/header.phtml';
<button class="button-loggin">Login</button>
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<a class="link-konto-erstellen">Konto erstellen</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>
<body>
</html>

12
Views/Contact/showConfirmation.phtml
View File

@@ -1,12 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Ihre Anfrage wurde erfolgreich versendet.</p>
<a href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

36
Views/Contact/showContactForm.phtml
View File

@@ -1,36 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Ihre Anfrage an uns</h2>
<form method="post">
<?php foreach ($labels as $index => $value) {
echo '<label for="' . $index . '">' . $value . '</label>';
if ($index == "content") {
echo "<textarea id=\"$index\" name=\"$index\" >";
if (isset($validData[$index])) { echo $validData[$index]; }
echo "</textarea><br>";
} else {
echo '<input type="text" name="' . $index . '" value="' . (isset($validData[$index]) ? $validData[$index] : '') . '"><br>';
}
if (isset($errors[$index])) {
echo '<label class="errorMsg">' . $errors[$index] . '</label><br>';
}
}
?>
<input type="hidden" name="controller" value="contact">
<input type="hidden" name="do" value="validateForm">
<input type="submit" name="submit" value="Absenden"></form>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

6
Views/Event/createEvent.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

6
Views/Event/deleteEvent.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

13
Views/Event/showEvents.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle Ausstellungen</h2>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Ausstellungen</h2>
<?php if (!empty($events)): ?>
<table>
<thead>
@@ -28,5 +28,6 @@
<?php else: ?>
<p>Derzeit sind keine Ausstellungen verfügbar.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

6
Views/Event/updateEvent.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

8
Views/Gutschein/createGutschein.phtml
View File

@@ -1 +1,7 @@
echo "create gutschein"
<?php
include dirname(__DIR__).'/header.phtml';
?>
<!-- Gutschein-Erstellungsformular oder Inhalt hier einfügen -->
<?php
include dirname(__DIR__).'/footer.phtml';
?>

18
Views/Gutschein/showGutscheine.phtml
View File

@@ -1,7 +1,8 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Gutschein&do=createGutscheinForm">Neuen Gutschein anlegen</a>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Gutscheine</h2>
<a href="?controller=Gutschein&do=createGutscheinForm">Neuen Gutschein anlegen</a>
<?php if (!empty($gutscheine)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
@@ -18,8 +19,8 @@
<tr>
<td><?php echo htmlspecialchars($g['code']); ?></td>
<td><?php echo (int)$g['rabatt']; ?></td>
<td><?php echo (int)$g['eventid']; ?></td>
<td><?php echo htmlspecialchars($g['gültigkeit']); ?></td>
<td><?php echo (int)$g['ausstellungid']; ?></td>
<td><?php echo htmlspecialchars($g['gueltigkeit']); ?></td>
<td>
<a href="?controller=Gutschein&action=editGutscheinForm&id=<?php echo $g['gutscheinid']; ?>">Bearbeiten</a> |
<a href="?controller=Gutschein&action=deleteGutschein&id=<?php echo $g['gutscheinid']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
@@ -31,5 +32,6 @@
<?php else: ?>
<p>Keine Gutscheine vorhanden.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

13
Views/News/showNews.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Alle News</h2>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle News</h2>
<?php if (!empty($news)): ?>
<table>
<thead>
@@ -24,5 +24,6 @@
<?php else: ?>
<p>Derzeit sind keine News verfügbar.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

12
Views/Register/showRegisterPage.phtml
View File

@@ -1,12 +1,3 @@
<!DOCTYPE html>
<html lang="HTML-5">
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="../../CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
include dirname(__DIR__) . '/header.phtml';
?>
@@ -70,12 +61,9 @@ include dirname(__DIR__) . '/header.phtml';
</form>
<button class="button-register">Registrieren</button>
<a class="link-konto-erstellen">Login</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>
<body>
</html>

17
Views/Standort/showStandorte.phtml
View File

@@ -1,7 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?>
<h2>Unsere Standorte</h2>
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Unsere Standorte</h2>
<?php if (!empty($standorte)): ?>
<table border="1" cellpadding="8" cellspacing="0">
<thead>
@@ -18,9 +18,9 @@
<tbody>
<?php foreach ($standorte as $standort): ?>
<tr>
<td><?php echo htmlspecialchars($standort['straße']); ?></td>
<td><?php echo htmlspecialchars($standort['strasse']); ?></td>
<td><?php echo htmlspecialchars($standort['hausnr']); ?></td>
<td><?php echo htmlspecialchars($standort['postleitzahl']); ?></td>
<td><?php echo htmlspecialchars($standort['plz']); ?></td>
<td><?php echo htmlspecialchars($standort['ort']); ?></td>
<td><?php echo htmlspecialchars($standort['land']); ?></td>
<td><?php echo htmlspecialchars($standort['tel']); ?></td>
@@ -32,5 +32,6 @@
<?php else: ?>
<p>Keine Standorte gefunden.</p>
<?php endif; ?>
<?php include dirname(__DIR__) . '/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

6
Views/Ticket/buyTicket.phtml
View File

@@ -7,6 +7,6 @@ include dirname(__DIR__).'/header.phtml';
<a href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

21
Views/Welcome/showProjects.phtml
View File

@@ -1,21 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<article>
<h2>Virtuelles Museum</h2>
<span class="articleInfo">John Doe | 12.08.2018 um 10:18 Uhr</span>
<p>
<img class="articleImg" src="images/museum.jpg" alt="my Oculus Rift">
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Curabitur pretium tincidunt lacus. Nulla gravida orci a odio.
</p>
<p>
Proin nonummy, lacus eget pulvinar lacinia, pede felis dignissim leo, vitae tristique magna lacus sit amet eros. Nullam ornare. Praesent odio ligula, dapibus sed, tincidunt eget, dictum ac, nibh. Nam quis lacus. Nunc eleifend molestie velit. Morbi lobortis quam eu velit. Donec euismod vestibulum massa. Donec non lectus. Aliquam commodo lacus sit amet nulla. Cras dignissim elit et augue. Nullam non diam. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. In hac habitasse platea dictumst. Aenean vestibulum. Sed lobortis elit quis lectus. Nunc sed lacus at augue bibendum dapibus.
</p>
<p>
Aliquam vehicula sem ut pede. Cras purus lectus, egestas eu, vehicula at, imperdiet sed, nibh. Morbi consectetuer luctus felis. Donec vitae nisi. Aliquam tincidunt feugiat elit. Duis sed elit ut turpis ullamcorper feugiat. Praesent pretium, mauris sed fermentum hendrerit, nulla lorem iaculis magna, pulvinar scelerisque urna tellus a justo. Suspendisse pulvinar massa in metus. Duis quis quam. Proin justo. Curabitur ac sapien. Nam erat.
Praesent ut quam.
</p>
</article>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

21
Views/Welcome/showTutorials.phtml
View File

@@ -1,21 +0,0 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<article>
<h2>Implement Controller</h2>
<span class="articleInfo">John Doe | 18.07.2018 um 18:43 Uhr</span>
<p>
<img class="articleImg" src="images/controller.jpg" alt="my Oculus Rift">
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Curabitur pretium tincidunt lacus. Nulla gravida orci a odio.
</p>
<p>
Proin nonummy, lacus eget pulvinar lacinia, pede felis dignissim leo, vitae tristique magna lacus sit amet eros. Nullam ornare. Praesent odio ligula, dapibus sed, tincidunt eget, dictum ac, nibh. Nam quis lacus. Nunc eleifend molestie velit. Morbi lobortis quam eu velit. Donec euismod vestibulum massa. Donec non lectus. Aliquam commodo lacus sit amet nulla. Cras dignissim elit et augue. Nullam non diam. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. In hac habitasse platea dictumst. Aenean vestibulum. Sed lobortis elit quis lectus. Nunc sed lacus at augue bibendum dapibus.
</p>
<p>
Aliquam vehicula sem ut pede. Cras purus lectus, egestas eu, vehicula at, imperdiet sed, nibh. Morbi consectetuer luctus felis. Donec vitae nisi. Aliquam tincidunt feugiat elit. Duis sed elit ut turpis ullamcorper feugiat. Praesent pretium, mauris sed fermentum hendrerit, nulla lorem iaculis magna, pulvinar scelerisque urna tellus a justo. Suspendisse pulvinar massa in metus. Duis quis quam. Proin justo. Curabitur ac sapien. Nam erat.
Praesent ut quam.
</p>
</article>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

16
Views/Welcome/showWelcome.phtml
View File

@@ -1,16 +0,0 @@
<!DOCTYPE html>
<html lang="HTML-5">
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="inhalt">
<div class="container-welcome-inhalt">
<div class="beispiel-austellung1-img"></div>
<div class="beispiel-austellung2-img"></div>
</div>
</div>
<?php
include dirname(__DIR__).'/footer.phtml';
?>
</html>

12
Views/footer.phtml
View File

@@ -1,11 +1,4 @@
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="footer">
<div id="footer">
<div class="container-zahlungsmittel">
<h2 class="header-zahlungsarten">Mögliche Zahlungsarten</h2>
<div class="zahlungsmittel-img"></div>
@@ -15,5 +8,6 @@
<a class="link-datenschutz">Datenschutz</a>
<a class="link-nutzungsbedingungen">Nutzungsbedingungen</a>
<span class="text-bib">© bib arts GmbH</span>
</div>
</div>
</body>
</html>

7
Views/header.phtml
View File

@@ -1,10 +1,10 @@
<!DOCTYPE html>
<html lang="HTML-5">
<html lang="de">
<head>
<title>VR Contact</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="CSS/style.css" rel="stylesheet" type="text/css" />
<link href="/bibarts/CSS/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="wrapper">
@@ -17,5 +17,4 @@
<div id="profile-picture"></div>
</div>
</nav>
</body>
</html>
</div>

46
bibarts.sql
View File

@@ -1,19 +1,6 @@
-- phpMyAdmin SQL Dump
-- version 4.5.1
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Erstellungszeit: 24. Nov 2017 um 17:01
-- Server-Version: 10.1.16-MariaDB
-- PHP-Version: 7.0.9
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
--
-- Datenbank: `blog`
--
-- --------------------------------------------------------
CREATE TABLE User (
@@ -122,3 +109,36 @@ INSERT INTO News (name, beschreibung, datum)
VALUES
('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'),
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');
--Änderungen:
ALTER TABLE austellung
ADD preis decimal NOT NULL
ALTER TABLE ticket
DROP COLUMN preis
ALTER TABLE user
MODIFY COLUMN userid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ticket
MODIFY COLUMN ticketid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE standort
MODIFY COLUMN standortid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE news
MODIFY COLUMN newsid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE gutschein
MODIFY COLUMN gutscheinid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ausstellung
MODIFY COLUMN austellungid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE user
MODIFY COLUMN isAdmin BOOLEAN DEFAULT FALSE;
ALTER TABLE user
ADD validUntil DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00';