PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PBBFA23CSE:frontendBackendFinal
Branches Tags
PBBFA23CSE:main PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:develop
..
compare: PBBFA23CSE:6852923db06e00d2d8a5b636de55f82227a1370a
Branches Tags
PBBFA23CSE:frontendBackendFinal PBBFA23CSE:feature/login PBBFA23CSE:frontend PBBFA23CSE:frontendbackendtest PBBFA23CSE:backend PBBFA23CSE:feature/authentification PBBFA23CSE:main PBBFA23CSE:develop

17 Commits
frontendBa ... 6852923db0

Author SHA1 Message Date
Karsten Tlotzek
6852923db0 Add login page styles and refactor authentication views 
- Introduced new styles for the login page, enhancing layout and responsiveness.
- Updated the login view to utilize the new styles and improve user feedback for login errors and success messages.
- Removed unused controllers and views related to contact and login functionalities to streamline the codebase.
- Adjusted error message handling in the AuthController for better clarity on password requirements.
 2025-06-30 14:01:08 +02:00
Karsten Tlotzek
71d838da0a Merge branch 'feature/authentification' into frontendbackendtest 
# Conflicts:
#	bibarts.sql
 2025-06-30 11:13:44 +02:00
Karsten Tlotzek
8583012c5b Refactor views wegen öffnendem body tag im header und schließenden tag im footer 2025-06-30 10:50:08 +02:00
Karsten Tlotzek
31a381bba4 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:28:28 +02:00
Karsten Tlotzek
a72a0c5fc5 SQL spaltennamen vorkommen im code angepasst 2025-06-30 10:27:10 +02:00
Karsten Tlotzek
ce23d839a3 Register und login gefixt 2025-06-30 09:56:52 +02:00
Karsten Tlotzek
36d6364cd0 Auth angepasst 2025-06-27 10:24:21 +02:00
Max538
5477e7fdd8 fixed sql 2025-06-23 14:23:00 +02:00
Max538
db526e5bb2 implemented Controller logic 2025-06-23 14:22:43 +02:00
Max538
dd6e98fe28 implemented update pw function 2025-06-23 14:14:25 +02:00
Max538
5965e1df81 implemented input validation for register function 2025-06-23 10:35:55 +02:00
Max538
8d4376d313 fixed login function 2025-06-23 10:17:17 +02:00
Max538
49a8f6a1dc added database sql skript with changes 2025-06-16 15:12:51 +02:00
Max538
78e1e72eba implemented authmodel 2025-06-16 15:12:28 +02:00
Max538
4fa775f326 implemented authcontroller logic 2025-06-16 15:12:13 +02:00
Karsten Tlotzek
1df705a235 Merge remote-tracking branch 'origin/main' 2025-06-12 16:15:25 +02:00
Karsten Tlotzek
5594d469de Test 2025-06-12 16:14:54 +02:00
55 changed files with 853 additions and 1901 deletions
Expand all files Collapse all files

641
CSS/style.css
View File

@@ -4,12 +4,9 @@ body {
font-size: 15px; font-size: 15px;
margin: 0; margin: 0;
padding: 0; padding: 0;
min-height: 100vh; }
display: flex; #wrapper {
flex-direction: column;
width: 100vw;
max-width: 100vw;
overflow-x: hidden;
} }
a { a {
@@ -19,11 +16,6 @@ a {
#navigation { #navigation {
display: flex; display: flex;
justify-content: center; justify-content: center;
position: sticky;
top: 0;
z-index: 1000;
background: #BAC8D4;
width: 100vw;
} }
.link-container { .link-container {
display: grid; display: grid;
@@ -46,19 +38,17 @@ a {
background-size: contain; background-size: contain;
} }
#footer { #footer {
position: relative; position: absolute;
bottom: 0; bottom: 0;
left: 0; left: 0;
width: 100vw; width: 100%;
height: 180px; height: 240px;
background-color: #BAC8D4; background-color: #BAC8D4;
display: flex;
flex-direction: column; display: grid;
grid-template-columns: 6% 5% 43% 32% 14%;
grid-template-rows: 45% 10% 45%;
align-items: center; align-items: center;
justify-content: center;
flex-shrink: 0;
z-index: 999;
padding: 10px 0;
} }
.container-zahlungsmittel { .container-zahlungsmittel {
@@ -71,16 +61,11 @@ a {
} }
.inhalt { .inhalt {
flex: 1 1 auto;
display: flex; display: flex;
height: 10px;
justify-content: center; justify-content: center;
align-items: center; align-items: center;
width: 100vw; width: 100%;
min-height: 0;
min-width: 0;
margin: 0;
padding: 0 2vw;
box-sizing: border-box;
} }
.zahlungsmittel-img { .zahlungsmittel-img {
@@ -101,6 +86,12 @@ a {
grid-column-end: 6; grid-column-end: 6;
} }
.container-rest {
grid-column-start: 1;
grid-column-end: 6;
padding-left: 50px;
}
.link-impressum { .link-impressum {
padding-left: 30px; padding-left: 30px;
@@ -111,109 +102,109 @@ a {
padding-right: 30px; padding-right: 30px;
} }
.container-welcome-inhalt { .container-welcome-inhalt {
grid-template-columns: 39% 61%;
display: grid; display: grid;
grid-template-columns: 1fr 1fr; width: 110em;
width: 100%; min-height: 80%;
max-width: 900px;
min-height: 200px;
border-radius: 10px; border-radius: 10px;
background: white;
box-shadow: 0 2px 16px rgba(0,0,0,0.08);
justify-items: center;
align-items: center;
box-sizing: border-box;
padding: 10px 0;
} }
.beispiel-austellung1-img, .beispiel-austellung2-img { .beispiel-austellung1-img {
height: 200px; height: 480px;
width: 90vw; width: 670px;
max-width: 320px; background-image: url("../images/beispiel-austellung1.png");
background-position: center; background-position: center;
background-size: contain; background-size: contain;
justify-self: right;
border-radius: 10px;
}
.beispiel-austellung2-img {
background-image: url("../images/beispiel-austellung2.png");
background-position: center;
background-size: contain;
justify-self: right;
border-radius: 10px; border-radius: 10px;
} }
.form-container { /* Login Page Styles */
background-color: #BAC8D4; .login-page-bg {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
background: linear-gradient(135deg, #DFF0F2 60%, #BAC8D4 100%);
}
.login-container {
background: #fff;
box-shadow: 0 4px 24px rgba(0,0,0,0.10);
border-radius: 16px;
padding: 40px 32px 32px 32px;
width: 100%; width: 100%;
max-width: 400px; max-width: 400px;
border-radius: 10px;
display: flex; display: flex;
flex-direction: column; flex-direction: column;
align-items: center; align-items: center;
box-sizing: border-box;
padding: 32px 24px 24px 24px;
margin: 32px auto;
} }
.form-horizontal {
.login-title {
margin-bottom: 24px;
color: #4d4d4d;
font-size: 2rem;
font-weight: 600;
letter-spacing: 1px;
}
.login-form {
width: 100%; width: 100%;
display: flex; display: flex;
flex-direction: column; flex-direction: column;
gap: 12px; gap: 18px;
margin-bottom: 10px;
} }
.form-horizontal label {
margin-bottom: 2px; .login-field {
display: flex;
flex-direction: column;
gap: 6px;
} }
.form-horizontal input[type="text"],
.form-horizontal input[type="email"], .login-field label {
.form-horizontal input[type="password"] { font-weight: 500;
width: 100%; color: #4d4d4d;
padding: 8px 10px; }
.login-field input {
padding: 10px 12px;
border: 1px solid #BAC8D4; border: 1px solid #BAC8D4;
border-radius: 4px; border-radius: 6px;
font-size: 1rem; font-size: 1rem;
box-sizing: border-box; background: #F7FAFC;
background: #fff; transition: border 0.2s;
} }
.form-horizontal input[type="date"],
.form-horizontal input[type="number"], .login-field input:focus {
.form-horizontal select, border: 1.5px solid #09add0;
.form-horizontal textarea { outline: none;
width: 100%;
padding: 8px 10px;
border: 1px solid #BAC8D4;
border-radius: 4px;
font-size: 1rem;
box-sizing: border-box;
background: #fff;
} }
.form-horizontal textarea {
resize: vertical; .login-btn {
min-height: 100px; margin-top: 10px;
} padding: 12px 0;
.form-horizontal button { background: #09add0;
width: 100%;
padding: 10px 0;
border: none;
border-radius: 4px;
background: #4d4d4d;
color: #fff; color: #fff;
font-size: 1rem; border: none;
margin-top: 8px; border-radius: 6px;
font-size: 1.1rem;
font-weight: 600;
cursor: pointer; cursor: pointer;
transition: background 0.2s; transition: background 0.2s;
} }
.form-horizontal button:hover {
background: #333; .login-btn:hover {
background: #007b9e;
} }
.button-register {
width: 100%; .login-error {
padding: 10px 0;
border: none;
border-radius: 4px;
background: #4d4d4d;
color: #fff;
font-size: 1rem;
margin-top: 8px;
cursor: pointer;
transition: background 0.2s;
}
.button-register:hover {
background: #333;
}
.login-error, .form-error {
background: #ffe0e0; background: #ffe0e0;
color: #b30000; color: #b30000;
border: 1px solid #ffb3b3; border: 1px solid #ffb3b3;
@@ -224,432 +215,28 @@ a {
text-align: center; text-align: center;
} }
.login-success {
background: #e0ffe6;
color: #006633;
border: 1px solid #b3ffd1;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.login-link {
display: inline-block;
margin-top: 10px;
color: #09add0;
font-weight: 500;
text-decoration: underline;
}
@media (max-width: 600px) { @media (max-width: 600px) {
body { .login-container {
font-size: 14px; padding: 24px 8px;
width: 100vw; max-width: 95vw;
max-width: 100vw;
overflow-x: hidden;
} }
#navigation {
width: 100vw;
min-width: 0;
padding: 0;
display: flex;
justify-content: center;
align-items: center;
}
.link-container {
width: 100vw;
min-width: 0;
display: flex;
flex-direction: column;
align-items: center;
justify-content: center;
row-gap: 8px;
border-radius: 0;
padding: 0 4px;
}
.links {
font-size: 18px;
justify-content: center;
align-items: center;
padding: 6px 0;
text-align: center;
width: 100%;
}
#logo {
width: 120px;
height: 40px;
margin: 0 auto 8px auto;
display: flex;
justify-content: center;
align-items: center;
}
.container-welcome-inhalt {
grid-template-columns: 1fr;
width: 100vw;
max-width: 100vw;
min-height: 0;
padding: 8px 0;
}
.beispiel-austellung1-img, .beispiel-austellung2-img {
width: 90vw;
max-width: 98vw;
height: 120px;
margin-bottom: 10px;
}
.inhalt {
width: 100vw;
min-width: 0;
max-width: 100vw;
padding: 0 2vw;
box-sizing: border-box;
flex-direction: column;
align-items: stretch;
}
#footer {
width: 100vw;
height: auto;
min-height: 120px;
padding: 10px 0 10px 0;
font-size: 13px;
}
.container-zahlungsmittel {
width: 100vw;
text-align: center;
padding: 0;
}
.header-zahlungsarten {
font-size: 1.1em;
padding-right: 0;
text-align: center;
}
.zahlungsmittel-img {
width: 90vw;
max-width: 200px;
height: 30px;
margin: 0 auto;
}
.line {
width: 95vw;
}
.link-impressum, .link-datenschutz, .link-nutzungsbedingungen {
display: block;
padding: 2px 0;
text-align: center;
}
.text-bib {
display: block;
text-align: center;
padding: 0;
}
.mobile-only {
display: block !important;
}
.form-container {
position: static;
width: 95vw;
max-width: 400px;
height: auto;
margin: 24px auto;
padding: 16px 8px;
box-sizing: border-box;
}
.content-container {
position: static;
width: 95vw;
max-width: 400px;
height: auto;
margin: 24px auto;
padding: 16px 8px;
box-sizing: border-box;
}
.form-container h1 {
font-size: 1.5em;
text-align: center;
}
.content-container h1 {
font-size: 1.5em;
text-align: center;
}
.form-container form,
.form-container label,
.form-container input {
width: 100%;
max-width: 100%;
box-sizing: border-box;
}
.form-container button,
.form-container a {
width: 100%;
max-width: 100%;
margin-top: 8px;
text-align: center;
box-sizing: border-box;
}
#nav-toggle-btn {
display: block;
background: none;
border: none;
font-size: 2em;
cursor: pointer;
margin: 0 auto 8px auto;
transition: transform 0.2s;
}
.nav-links {
display: none;
flex-direction: column;
align-items: center;
width: 100%;
transition: max-height 0.3s ease;
overflow: hidden;
}
.nav-links.open {
display: flex;
}
#nav-toggle-btn.open {
transform: rotate(180deg);
}
}
@media (min-width: 601px) {
.mobile-only {
display: none !important;
}
.desktop-only {
display: block !important;
}
#nav-toggle-btn {
display: none;
}
.nav-links {
display: flex !important;
flex-direction: row;
align-items: center;
width: auto;
gap: 32px;
}
.nav-links .links {
margin: 0 12px;
}
.content-container {
width: 90vw;
max-width: 1200px;
margin: 24px auto;
padding: 16px 8px;
box-sizing: border-box;
display: flex;
flex-direction: column;
align-items: center;
}
.news-header {
text-align: center;
margin-bottom: 24px;
}
.news-header h2 {
margin-bottom: 16px;
}
.news-header .admin-btn {
margin: 0 auto;
display: inline-block;
}
.event-header {
text-align: center;
margin-bottom: 24px;
}
.event-header h2 {
margin-bottom: 16px;
}
.event-header .admin-btn {
margin: 0 auto;
display: inline-block;
}
.card--wide {
max-width: 700px;
width: auto;
margin: 0 auto;
display: block;
overflow-wrap: break-word;
}
}
table {
width: 100%;
border-collapse: separate;
border-spacing: 0;
background: #fff;
border-radius: 10px;
box-shadow: 0 2px 12px rgba(0,0,0,0.07);
margin: 24px 0;
overflow: hidden;
}
thead th {
background: #BAC8D4;
color: #222;
font-weight: 600;
padding: 12px 8px;
text-align: left;
border-bottom: 2px solid #e0e0e0;
}
tbody td {
padding: 10px 8px;
border-bottom: 1px solid #f0f0f0;
vertical-align: top;
}
tbody tr:last-child td {
border-bottom: none;
}
tbody tr:hover {
background: #f5faff;
}
.admin-btn, .admin-btn:visited {
display: inline-block;
background: #4d4d4d;
color: #fff;
border-radius: 5px;
padding: 7px 16px;
margin: 8px 0 12px 0;
text-decoration: none;
font-size: 1em;
font-weight: 500;
transition: background 0.2s;
}
.admin-btn:hover {
background: #222;
color: #fff;
}
td a {
color: #09add0;
text-decoration: underline;
margin: 0 4px;
font-size: 0.98em;
}
td a:hover {
color: #007b9e;
}
.news-cards {
display: flex;
flex-wrap: wrap;
gap: 24px;
justify-content: flex-start;
margin: 24px 0;
}
.card {
background: #fff;
border-radius: 12px;
box-shadow: 0 2px 12px rgba(0,0,0,0.08);
padding: 20px 18px 16px 18px;
max-width: 340px;
min-width: 220px;
flex: 1 1 300px;
display: flex;
flex-direction: column;
justify-content: space-between;
margin: 0;
overflow-wrap: break-word;
overflow: hidden;
}
.card h3 {
margin: 0 0 10px 0;
font-size: 1.25em;
color: #222;
font-weight: bold;
border-bottom: 2px solid #e0e0e0;
padding-bottom: 6px;
}
.card .news-date {
font-size: 0.95em;
color: #888;
margin-bottom: 16px;
margin-top: 2px;
display: block;
letter-spacing: 0.5px;
}
.card .news-desc {
font-size: 1em;
color: #333;
margin-bottom: 14px;
white-space: pre-line;
}
.card .admin-btn {
align-self: flex-end;
margin: 0 0 0 8px;
padding: 6px 12px;
font-size: 0.97em;
}
.card--wide {
max-width: 700px;
width: 100%;
margin: 0 auto;
display: block;
overflow: visible;
overflow-wrap: break-word;
}
.news-desc a {
color: #007b9e;
font-weight: 600;
text-decoration: underline;
margin-left: 4px;
transition: color 0.2s;
}
.news-desc a:hover {
color: #09add0;
text-decoration: underline;
}
.news-card-actions {
margin-top: auto;
display: flex;
gap: 12px;
}
.news-desc {
min-height: 80px;
margin-bottom: 14px;
}
@media (max-width: 700px) {
.news-cards {
flex-direction: column;
gap: 16px;
}
.card {
max-width: 98vw;
min-width: unset;
width: 100%;
}
}
.status-box {
background: #e6f9e6;
color: #217a21;
border: 1px solid #b3e6b3;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.error-box {
background: #ffe0e0;
color: #b30000;
border: 1px solid #ffb3b3;
border-radius: 6px;
padding: 10px 16px;
margin-bottom: 18px;
width: 100%;
text-align: center;
}
.gutschein-header-block {
width: 100%;
max-width: 1100px;
display: flex;
flex-direction: column;
align-items: center;
margin-bottom: 18px;
}
.gutschein-table {
max-width: 1100px;
width: 100%;
margin: 0 auto;
}
.event-details {
background: white;
padding: 20px;
border-radius: 8px;
margin-bottom: 20px;
box-shadow: 0 2px 8px rgba(0,0,0,0.1);
}
.event-details h2 {
margin-top: 0;
color: #333;
font-size: 1.5em;
}
.event-details p {
margin: 8px 0;
line-height: 1.4;
}
.event-details strong {
color: #4d4d4d;
} }

116
Controller/AuthController.php
View File

@@ -9,26 +9,14 @@ class AuthController
private $model; private $model;
private $view; private $view;
public function __construct($view) { public function __construct($view)
{
$this->model = new AuthModel(); $this->model = new AuthModel();
$this->view = $view; $this->view = $view;
} }
public function showLoginForm() { public function showAuthForm()
$this->view->setVars([ {
'labels' => [
"email" => "E-Mail-Adresse",
"password" => "Passwort",
"password_repeat" => "Passwort wiederholen",
"old_password" => "Altes Passwort"
],
'errors' => $_SESSION['auth_errors'] ?? [],
'validData' => $_SESSION['auth_validData'] ?? []
]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
}
public function showRegistrationForm() {
$this->view->setVars([ $this->view->setVars([
'labels' => [ 'labels' => [
"email" => "E-Mail-Adresse", "email" => "E-Mail-Adresse",
@@ -40,6 +28,7 @@ class AuthController
'validData' => $_SESSION['auth_validData'] ?? [] 'validData' => $_SESSION['auth_validData'] ?? []
]); ]);
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']); unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
$this->view->render('auth/form');
} }
public function login() { public function login() {
@@ -47,50 +36,85 @@ class AuthController
$password = $_POST['password']; $password = $_POST['password'];
$result = $this->model->login($email, $password); $result = $this->model->login($email, $password);
if ($result['success']) { if ($result === true) {
$_SESSION['user'] = $result['user']['email']; $_SESSION['user'] = $email;
$_SESSION['is_admin'] = $result['user']['is_admin'];
$this->view->setDoMethodName('showLoginSuccess'); $this->view->setVars([
'loginSuccess' => true,
'email' => $email
]);
} else { } else {
$this->view->setVars([ $this->view->setVars([
'errors' => ['login' => $result['error']], 'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."],
'validData' => ['email' => $email], 'validData' => ['email' => $email],
'loginSuccess' => false 'loginSuccess' => false
]); ]);
$this->view->setDoMethodName('showLoginForm');
} }
} }
public function register() { public function register() {
$data = [ $data = [
'first_name' => $_POST['first_name'] ?? '', 'vorname' => $_POST['vorname'] ?? '',
'last_name' => $_POST['last_name'] ?? '', 'nachname' => $_POST['nachname'] ?? '',
'street' => $_POST['street'] ?? '', 'straße' => $_POST['straße'] ?? '',
'house_number' => $_POST['house_number'] ?? '', 'hausnr' => $_POST['hausnr'] ?? '',
'postal_code' => $_POST['postal_code'] ?? '', 'postleitzahl' => $_POST['postleitzahl'] ?? '',
'city' => $_POST['city'] ?? '', 'ort' => $_POST['ort'] ?? '',
'country' => $_POST['country'] ?? '', 'land' => $_POST['land'] ?? '',
'phone' => $_POST['phone'] ?? '', 'tel' => $_POST['tel'] ?? '',
'email' => $_POST['email'] ?? '', 'email' => $_POST['email'] ?? '',
'password' => $_POST['password'] ?? '', 'password' => $_POST['password'] ?? '',
'password_repeat' => $_POST['password_repeat'] ?? '', 'password_repeat' => $_POST['password_repeat'] ?? '',
'is_admin' => $_POST['isAdmin'] ?? false, 'isAdmin' => $_POST['isAdmin'] ?? false,
]; ];
$result = $this->model->register($data); $errors = [];
if ($result === true) { if (!$this->model->checkDoublePw($data['password'], $data['password_repeat'])) {
$this->view->setDoMethodName('showRegistrationSuccess'); $errors['password'] = "Passwörter stimmen nicht überein.";
} else { }
if (is_array($result)) {
$errors['register'] = implode('<br>', $result); if ($this->pwRequirementCheck($data['password'])) {
$errors['password'] = "Passwort muss mindestens 8 Zeichen lang sein und mindestens ein Großbuchstabe, ein Kleinbuchstabe, eine Zahl und ein Sonderzeichen enthalten.";
}
if (empty($errors)) {
$result = $this->model->register($data);
if ($result === true) {
$this->view->setVars([
'success' => "Registrierung war erfolgreich."
]);
} else { } else {
$errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen."; $errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
} }
$this->view->setVars(['errors' => $errors, 'validData' => $data]);
$this->view->setDoMethodName('showRegistrationForm');
} }
$this->view->setVars([
'errors' => $errors,
'validData' => $data
]);
}
private function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("[^a-zA-Z0-9\s]", $password));
$error[] = "min one special character";
if(empty($error))
return true;
else
return $error;
} }
public function forgotPassword() { public function forgotPassword() {
@@ -105,7 +129,8 @@ class AuthController
exit; exit;
} }
public function changePassword() { public function changePassword()
{
$email = $_POST['email'] ?? ''; $email = $_POST['email'] ?? '';
$oldpw = $_POST['old_password'] ?? ''; $oldpw = $_POST['old_password'] ?? '';
$newpw = $_POST['password'] ?? ''; $newpw = $_POST['password'] ?? '';
@@ -129,7 +154,8 @@ class AuthController
} }
} }
public function showConfirmation() { public function showConfirmation()
{
$messages = [ $messages = [
'login' => "Login erfolgreich.", 'login' => "Login erfolgreich.",
'register' => "Registrierung erfolgreich.", 'register' => "Registrierung erfolgreich.",
@@ -141,10 +167,4 @@ class AuthController
$this->view->setVars(['message' => $message]); $this->view->setVars(['message' => $message]);
$this->view->render('auth/confirmation'); $this->view->render('auth/confirmation');
} }
public function logout() {
unset($_SESSION['user']);
session_destroy();
$this->view->setDoMethodName('showLogoutSuccess');
}
} }

141
Controller/EventController.php
View File

@@ -3,7 +3,6 @@
namespace Blog\Controller; namespace Blog\Controller;
use Blog\Model\EventModel; use Blog\Model\EventModel;
use Blog\Model\StandortModel;
class EventController { class EventController {
@@ -23,32 +22,19 @@ class EventController {
} }
public function createEvent() { public function createEvent() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php?controller=Event&do=showEvents');
exit;
}
$data = [ $data = [
'name' => $_POST['name'] ?? '', 'name' => $_POST['name'] ?? null,
'start_date' => $_POST['start_date'] ?? '', 'beschreibung' => $_POST['beschreibung'] ?? null,
'end_date' => $_POST['end_date'] ?? '', 'standortid' => $_POST['standortid'] ?? null,
'location_id' => $_POST['location_id'] ?? '', 'datum_von' => $_POST['datum_von'] ?? null,
'description' => $_POST['description'] ?? '', 'datum_bis' => $_POST['datum_bis'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? '', 'max_tickets' => $_POST['max_tickets'] ?? null,
'ticket_price' => $_POST['ticket_price'] ?? '' 'preis' => $_POST['preis'] ?? null
]; ];
$errors = [];
if (empty($data['name']) || empty($data['start_date']) || empty($data['end_date']) || empty($data['location_id']) || empty($data['description']) || empty($data['max_tickets']) || empty($data['ticket_price'])) {
$errors['event'] = 'Bitte alle Felder ausfüllen.';
}
if (!empty($errors)) {
$standortModel = new StandortModel();
$locations = $standortModel->getStandorte();
$this->view->setVars(['errors' => $errors, 'validData' => $data, 'locations' => $locations]);
$this->view->setDoMethodName('showCreateEvent');
return;
}
$this->model->createEvent($data); $this->model->createEvent($data);
$this->view->setDoMethodName('showCreateForwarding'); $this->view->setVars(['event' => $data]);
exit;
} }
public function editEventForm() { public function editEventForm() {
@@ -57,105 +43,22 @@ class EventController {
$this->view->setVars(['event' => $event]); $this->view->setVars(['event' => $event]);
} }
public function updateEvent() { public function updateEvent($id, $data) {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) { $id = $_POST['ausstellungid'];
header('Location: index.php?controller=Event&do=showEvents');
exit;
}
$id = $_POST['id'] ?? null;
$data = [ $data = [
'name' => $_POST['name'] ?? '', 'standortid' => $_POST['standortid'] ?? null,
'start_date' => $_POST['start_date'] ?? '', 'datum_von' => $_POST['datum_von'] ?? null,
'end_date' => $_POST['end_date'] ?? '', 'datum_bis' => $_POST['datum_bis'] ?? null,
'location_id' => $_POST['location_id'] ?? '', 'name' => $_POST['name'] ?? null,
'description' => $_POST['description'] ?? '', 'beschreibung' => $_POST['beschreibung'] ?? null,
'max_tickets' => $_POST['max_tickets'] ?? '', 'max_tickets' => $_POST['max_tickets'] ?? null,
'ticket_price' => $_POST['ticket_price'] ?? '' 'preis' => $_POST['preis'] ?? null
]; ];
$errors = [];
if (empty($data['name']) || empty($data['start_date']) || empty($data['end_date']) || empty($data['location_id']) || empty($data['description']) || empty($data['max_tickets']) || empty($data['ticket_price'])) {
$errors['event'] = 'Bitte alle Felder ausfüllen.';
}
if (!empty($errors)) {
$standortModel = new StandortModel();
$location = $standortModel->getStandort($data['location_id']);
$eventView = [
'id' => $id,
'name' => $data['name'],
'start_date' => $data['start_date'],
'end_date' => $data['end_date'],
'location_id' => $data['location_id'],
'location_name' => $location['city'] ?? '',
'description' => $data['description'],
'max_tickets' => $data['max_tickets'],
'ticket_price' => $data['ticket_price'],
];
$this->view->setVars(['event' => $eventView, 'errors' => $errors]);
$this->view->setDoMethodName('showUpdateEvent');
return;
}
$this->model->updateEvent($id, $data); $this->model->updateEvent($id, $data);
$this->view->setDoMethodName('showUpdateForwarding');
} }
public function deleteEvent() { public function deleteEvent($id) {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) { $this->model->deleteEvent($id);
header('Location: index.php?controller=Event&do=showEvents'); $this->view->setVars(['id' => $id]);
exit;
}
$id = $_GET['event_id'] ?? null;
if ($id) {
$this->model->deleteEvent($id);
$this->view->setVars(['id' => $id]);
$this->view->setDoMethodName('deleteEvent');
} else {
header('Location: index.php?controller=Event&do=showEvents');
exit;
}
}
public function showUpdateEvent() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php?controller=Event&do=showEvents');
exit;
}
$id = $_GET['event_id'] ?? null;
if (!$id) {
$this->view->setVars(['error' => 'Keine Event-ID angegeben.']);
return;
}
$event = $this->model->getEvent($id);
if (!$event) {
$this->view->setVars(['error' => 'Event nicht gefunden.']);
return;
}
$standortModel = new StandortModel();
$location = $standortModel->getStandort($event['location_id']);
$eventView = [
'id' => $event['event_id'],
'name' => $event['name'],
'start_date' => $event['start_date'],
'end_date' => $event['end_date'],
'location_id' => $event['location_id'],
'location_name' => $location['city'] ?? '',
'description' => $event['description'],
'max_tickets' => $event['max_tickets'],
'ticket_price' => $event['ticket_price'],
];
$this->view->setVars(['event' => $eventView, 'errors' => []]);
}
public function showCreateEvent() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php?controller=Event&do=showEvents');
exit;
}
$standortModel = new StandortModel();
$locations = $standortModel->getStandorte();
$this->view->setVars([
'locations' => $locations,
'errors' => [],
'validData' => []
]);
} }
} }

53
Controller/GutscheinController.php
View File

@@ -19,27 +19,16 @@ class GutscheinController {
$this->view->setVars(['gutscheine' => $gutscheine]); $this->view->setVars(['gutscheine' => $gutscheine]);
} }
public function createGutscheinForm() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php');
exit;
}
$this->view->setDoMethodName('createGutscheinForm');
}
public function createGutschein() { public function createGutschein() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php');
exit;
}
$data = [ $data = [
'code' => $_POST['code'] ?? null, 'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null, 'rabatt' => $_POST['rabatt'] ?? null,
'event_id' => $_POST['event_id'] ?? null, 'ausstellungid' => $_POST['ausstellungid'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null 'gueltigkeit' => $_POST['gueltigkeit'] ?? null
]; ];
$this->model->createGutschein($data); $erg = $this->model->createGutschein($data);
$this->view->setDoMethodName('showCreateSuccess'); $this->view->setVars(['gutschein' => $erg]);
exit;
} }
public function editGutscheinForm() { public function editGutscheinForm() {
@@ -51,32 +40,18 @@ class GutscheinController {
} }
public function updateGutschein() { public function updateGutschein() {
$id = $_POST['gutscheinid']; $id = $_POST['gutscheinid'];
$data = [ $data = [
'code' => $_POST['code'] ?? null, 'code' => $_POST['code'] ?? null,
'discount' => $_POST['discount'] ?? null, 'rabatt' => $_POST['rabatt'] ?? null,
'event_id' => $_POST['event_id'] ?? null, 'ausstellungid' => $_POST['ausstellungid'] ?? null,
'valid_until' => $_POST['valid_until'] ?? null 'gueltigkeit' => $_POST['gueltigkeit'] ?? null
]; ];
$this->model->updateGutschein($id, $data); $this->model->updateGutschein($id, $data);
header('Location: index.php?controller=Gutschein&do=adminVerwaltung');
exit;
} }
public function deleteGutschein() { public function deleteGutschein() {
$id = $_GET['gutscheinid'] ?? null; $id = $_GET['gutscheinid'] ?? null;
$this->model->deleteGutschein($id); $this->model->deleteGutschein($id);
header('Location: index.php?controller=Gutschein&do=adminVerwaltung');
exit;
}
public function adminVerwaltung() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php');
exit;
}
$gutscheine = $this->model->getGutscheine();
$this->view->setVars(['gutscheine' => $gutscheine]);
$this->view->setDoMethodName('showGutscheine');
} }
} }

98
Controller/NewsController.php
View File

@@ -20,102 +20,34 @@ class NewsController {
} }
public function createNews() { public function createNews() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php?controller=News&do=showNews');
exit;
}
$data = [ $data = [
'name' => $_POST['name'] ?? '', 'name' => $_POST['name'],
'description' => $_POST['description'] ?? '', 'beschreibung' => $_POST['beschreibung'],
'date' => $_POST['date'] ?? date('Y-m-d'), 'datum' => $_POST['datum'],
]; ];
$errors = []; $erg = $this->model->createNews($data);
if (empty($data['name']) || empty($data['description']) || empty($data['date'])) { $this->view->setVars(['news' => $erg]);
$errors['news'] = 'Bitte alle Felder ausfüllen.'; exit;
}
if (!empty($errors)) {
$this->view->setVars(['errors' => $errors, 'validData' => $data]);
$this->view->setDoMethodName('createNewsForm');
return;
}
$this->model->createNews($data);
$this->view->setDoMethodName('showCreateSuccess');
}
public function createNewsForm() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
header('Location: index.php?controller=News&do=showNews');
exit;
}
$this->view->setVars([
'errors' => [],
'validData' => []
]);
} }
public function editNewsForm() { public function editNewsForm() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) { $id = $_GET['newsid'];
header('Location: index.php?controller=News&do=showNews'); $news = $this->model->getNewsById($id);
exit; $this->view->setVars(['news' => $news]);
}
$id = $_GET['id'] ?? null;
if ($id) {
$news = $this->model->getNewsById($id);
$validData = [
'name' => $news['name'] ?? '',
'description' => $news['description'] ?? '',
'date' => $news['date'] ?? date('Y-m-d'),
];
$this->view->setVars(['validData' => $validData, 'id' => $id, 'errors' => []]);
}
} }
public function updateNews() { public function updateNews() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) { $id = $_POST['newsid'] ?? null;
header('Location: index.php?controller=News&do=showNews');
exit;
}
$id = $_POST['id'] ?? null;
$data = [ $data = [
'name' => $_POST['name'] ?? '', 'name' => $_POST['name'],
'description' => $_POST['description'] ?? '', 'beschreibung' => $_POST['beschreibung'],
'date' => $_POST['date'] ?? date('Y-m-d'), 'datum' => $_POST['datum'],
]; ];
$errors = [];
if (empty($data['name']) || empty($data['description']) || empty($data['date'])) {
$errors['news'] = 'Bitte alle Felder ausfüllen.';
}
if (!empty($errors)) {
$this->view->setVars(['errors' => $errors, 'validData' => $data, 'id' => $id]);
$this->view->setDoMethodName('editNewsForm');
return;
}
$this->model->updateNews($id, $data); $this->model->updateNews($id, $data);
$this->view->setDoMethodName('showEditSuccess');
} }
public function deleteNews() { public function deleteNews() {
if (!isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) { $id = $_GET['newsid'] ?? null;
header('Location: index.php?controller=News&do=showNews'); $this->model->deleteNews($id);
exit;
}
$id = $_GET['id'] ?? null;
if ($id) {
$this->model->deleteNews($id);
}
$this->view->setDoMethodName('showDeleteSuccess');
}
public function showNewsDetail() {
$id = $_GET['id'] ?? null;
if ($id) {
$news = $this->model->getNewsById($id);
if ($news) {
$this->view->setVars(['news' => $news]);
return;
}
}
header('Location: index.php?controller=News&do=showNews');
exit;
} }
} }

10
Controller/ProfileController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class ProfileController {
function showProfile()
{
}
}

10
Controller/RegisterController.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
namespace Blog\Controller;
class RegisterController {
function showRegisterPage()
{
}
}

14
Controller/StandortController.php
View File

@@ -21,9 +21,9 @@ class StandortController {
public function createStandort() { public function createStandort() {
$data = [ $data = [
'straße' => $_POST['straße'], 'strasse' => $_POST['strasse'],
'hausnr' => $_POST['hausnr'], 'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'], 'plz' => $_POST['plz'],
'ort' => $_POST['ort'], 'ort' => $_POST['ort'],
'land' => $_POST['land'], 'land' => $_POST['land'],
'tel' => $_POST['tel'], 'tel' => $_POST['tel'],
@@ -40,17 +40,17 @@ class StandortController {
} }
public function updateStandort() { public function updateStandort() {
$id = $_POST['standortid'];
$data = [ $data = [
'straße' => $_POST['straße'], 'strasse' => $_POST['strasse'],
'hausnr' => $_POST['hausnr'], 'hausnr' => $_POST['hausnr'],
'postleitzahl' => $_POST['postleitzahl'], 'plz' => $_POST['plz'],
'ort' => $_POST['ort'], 'ort' => $_POST['ort'],
'land' => $_POST['land'], 'land' => $_POST['land'],
'tel' => $_POST['tel'], 'tel' => $_POST['tel'],
'email' => $_POST['email'] 'email' => $_POST['email']
]; ];
$erg = $this->model->updateStandort($id, $data); $standortid = $_POST['standortid'];
$erg = $this->model->updateStandort($standortid, $data);
$this->view->setVars(['standort' => $erg]); $this->view->setVars(['standort' => $erg]);
} }

103
Controller/TicketController.php
View File

@@ -3,120 +3,37 @@
namespace Blog\Controller; namespace Blog\Controller;
use Blog\Model\TicketModel; use Blog\Model\TicketModel;
use Blog\Model\EventModel;
use Blog\Model\StandortModel;
class TicketController { class TicketController {
private $ticketModel; private $ticketModel;
private $eventModel;
private $view; private $view;
public function __construct($view) { public function __construct($view) {
$this->ticketModel = new TicketModel(); $this->ticketModel = new TicketModel();
$this->eventModel = new EventModel();
$this->view = $view; $this->view = $view;
} }
public function showTickets() { public function showTickets() {
if (!isset($_SESSION['user_id'])) { $tickets = $this->ticketModel->getTickets();
$this->view->setVars(['redirect' => 'index.php?controller=Auth&do=showLoginForm']);
return;
}
$tickets = $this->ticketModel->getUserTickets($_SESSION['user_id']);
$this->view->setVars(['tickets' => $tickets]); $this->view->setVars(['tickets' => $tickets]);
} }
public function showBuyTicketForm() {
if (!isset($_SESSION['user_id'])) {
$this->view->setVars(['redirect' => 'index.php?controller=Auth&do=showLoginForm']);
return;
}
$event_id = $_GET['event_id'] ?? null;
if (!$event_id) {
$this->view->setVars(['redirect' => 'index.php?controller=Event&do=showEvents']);
return;
}
$event = $this->eventModel->getEvent($event_id);
if (!$event) {
$this->view->setVars(['redirect' => 'index.php?controller=Event&do=showEvents']);
return;
}
// Check if user already has a ticket for this event
$hasTicket = $this->ticketModel->hasTicket($_SESSION['user_id'], $event_id);
$this->view->setVars([
'event' => $event,
'hasTicket' => $hasTicket['count'] > 0
]);
}
public function buyTicket() { public function buyTicket() {
if (!isset($_SESSION['user_id'])) {
header('Location: index.php?controller=Auth&do=showLoginForm');
exit;
}
$event_id = $_POST['event_id'] ?? null;
if (!$event_id) {
$this->view->setVars(['error' => 'Keine Event-ID angegeben.']);
return;
}
$event = $this->eventModel->getEvent($event_id);
if (!$event) {
$this->view->setVars(['error' => 'Event nicht gefunden.']);
return;
}
// Check if user already has a ticket for this event
$hasTicket = $this->ticketModel->hasTicket($_SESSION['user_id'], $event_id);
if ($hasTicket['count'] > 0) {
$this->view->setVars(['error' => 'Sie haben bereits ein Ticket für dieses Event.']);
return;
}
// Calculate valid until date (event end date + 30 days)
$valid_until = date('Y-m-d', strtotime($event['end_date'] . ' +30 days'));
$data = [ $data = [
'user_id' => $_SESSION['user_id'], 'userid' => $_POST['userid'],
'event_id' => $event_id, 'ausstellungid' => $_POST['ausstellungid'],
'purchase_date' => date('Y-m-d'), 'kaufdatum' => date('Y-m-d'),
'valid_until' => $valid_until 'gueltigkeit' => $_POST['gueltigkeit']
]; ];
$erg = $this->ticketModel->buyTicket($data);
try { $this->view->setVars(['ticket' => $erg]);
$ticket_id = $this->ticketModel->buyTicket($data);
$this->view->setVars([
'event' => $event,
'ticket_id' => $ticket_id,
'purchase_date' => $data['purchase_date'],
'valid_until' => $valid_until
]);
$this->view->setDoMethodName('buyTicket');
} catch (Exception $e) {
$this->view->setVars(['error' => 'Fehler beim Kauf des Tickets: ' . $e->getMessage()]);
$this->view->setDoMethodName('showBuyTicketForm');
}
} }
public function deleteTicket() { public function deleteTicket() {
if (!isset($_SESSION['user_id'])) { $ticketid = $_GET['ticketid'] ?? null;
$this->view->setVars(['redirect' => 'index.php?controller=Auth&do=showLoginForm']); if ($ticketid) {
return; $this->ticketModel->deleteTicket($ticketid);
} }
$ticket_id = $_GET['ticket_id'] ?? null;
if ($ticket_id) {
$this->ticketModel->deleteTicket($ticket_id);
}
// Redirect to tickets page using JavaScript
$this->view->setVars(['redirect' => 'index.php?controller=Ticket&do=showTickets']);
} }
} }

10
Controller/TicketsController.php
View File

@@ -1,10 +0,0 @@
<?php
namespace Blog\Controller;
class TicketsController {
function showTickets()
{
}
}

102
Model/AuthModel.php
View File

@@ -11,7 +11,7 @@ class AuthModel extends Database
public function login(string $email, string $password) public function login(string $email, string $password)
{ {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT email, password, valid_until, is_admin FROM user WHERE email = :email"; $sql = "SELECT email, password, validUntil FROM user WHERE email = :email";
$params = [":email" => $email]; $params = [":email" => $email];
try { try {
@@ -20,40 +20,46 @@ class AuthModel extends Database
$user = $sth->fetch(PDO::FETCH_ASSOC); $user = $sth->fetch(PDO::FETCH_ASSOC);
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Benutzerdaten.", $e); new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Benutzerdaten.", $e);
return ['success' => false, 'error' => "Interner Datenbankfehler."]; return "Interner Datenbankfehler."; // Nur für Debug sichtbar machen, sonst besser allgemein halten
} }
if (!$user) { if (!$user) {
return ['success' => false, 'error' => "Benutzer mit dieser E-Mail wurde nicht gefunden."]; return "Benutzer mit dieser E-Mail wurde nicht gefunden.";
} }
if (!password_verify($password, $user['password'])) { if (!password_verify($password, $user['password'])) {
return ['success' => false, 'error' => "Das eingegebene Passwort ist falsch."]; return "Das eingegebene Passwort ist falsch.";
} }
try { try {
$now = new DateTime(); $now = new DateTime();
$validUntil = new DateTime($user['valid_until']); $validUntil = new DateTime($user['validUntil']);
if ($now > $validUntil) { if ($now > $validUntil) {
return ['success' => false, 'error' => "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über \"Passwort vergessen\"."]; return "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über \"Passwort vergessen\".";
} }
} catch (\Exception $e) { } catch (\Exception $e) {
new \Blog\Library\ErrorMsg("Fehler beim Verarbeiten des Gültigkeitsdatums.", $e); new \Blog\Library\ErrorMsg("Fehler beim Verarbeiten des Gültigkeitsdatums.", $e);
return ['success' => false, 'error' => "Fehler bei der Passwortprüfung."]; return "Fehler bei der Passwortprüfung.";
} }
return ['success' => true, 'user' => $user]; return true;
} }
public function register($data) { public function register($data)
{
$rtn = $this->pwRequirementCheck($data['password']);
if ($rtn !== true) {
return $rtn;
}
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) { if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
return "Bitte geben Sie eine gültige E-Mail ein."; return "Bitte geben Sie eine gültige E-Mail ein.";
} }
$requiredFields = [ $requiredFields = [
'email', 'password', 'password_repeat', 'street', 'house_number', 'city', 'postal_code', 'email', 'password', 'straße', 'hausnr', 'ort', 'postleitzahl',
'country', 'first_name', 'last_name', 'phone' 'land', 'vorname', 'nachname', 'tel'
]; ];
foreach ($requiredFields as $field) { foreach ($requiredFields as $field) {
@@ -66,33 +72,23 @@ class AuthModel extends Database
return "Ein Account mit dieser E-Mail existiert bereits."; return "Ein Account mit dieser E-Mail existiert bereits.";
} }
// Passwort-Validierung
if (!$this->checkDoublePw($data['password'], $data['password_repeat'])) {
return "Passwörter stimmen nicht überein.";
}
$pwCheck = $this->pwRequirementCheck($data['password']);
if ($pwCheck !== true) {
return $pwCheck; // Array mit spezifischen Fehlern zurückgeben
}
$hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT); $hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, password, street, house_number, city, postal_code, country, first_name, last_name, phone, is_admin) $sql = "INSERT INTO user (email, password, straße, hausnr, ort, postleitzahl, land,vorname, nachname, tel, isAdmin)
VALUES (:email, :password, :street, :house_number, :city, :postal_code, :country, :first_name, :last_name, :phone, :is_admin)"; VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land,:vorname, :nachname, :tel, :isAdmin)";
$params = [ $params = [
':email' => $data['email'], ':email' => $data['email'],
':password' => $hashedPassword, ':password' => $hashedPassword,
':street' => $data['street'], ':straße' => $data['straße'],
':house_number' => $data['house_number'], ':hausnr' => $data['hausnr'],
':city' => $data['city'], ':ort' => $data['ort'],
':postal_code'=> $data['postal_code'], ':postleitzahl'=> $data['postleitzahl'],
':country'=> $data['country'], ':land'=> $data['land'],
':first_name' => $data['first_name'], ':vorname' => $data['vorname'],
':last_name'=> $data['last_name'], ':nachname'=> $data['nachname'],
':phone' => $data['phone'], ':tel' => $data['tel'],
':is_admin' => $data['is_admin'] ? 1 : 0, ':isAdmin' => $data['isAdmin'] ? 1 : 0,
]; ];
try { try {
@@ -110,7 +106,7 @@ class AuthModel extends Database
try { try {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT user_id FROM user WHERE email = :email"; $sql = "SELECT userid FROM user WHERE email = :email";
$params = [':email' => $email]; $params = [':email' => $email];
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
@@ -149,7 +145,8 @@ class AuthModel extends Database
} }
} }
private function forgottenPwUpdate($email, $hashedPassword) { private function forgottenPwUpdate($email, $hashedPassword)
{
try{ try{
$pdo = $this->linkDB(); $pdo = $this->linkDB();
@@ -164,16 +161,15 @@ class AuthModel extends Database
$sql = "UPDATE user $sql = "UPDATE user
SET password = :password, valid_until = :valid_until SET password = :password, validUntil = :validUntil
WHERE email = :email"; WHERE email = :email";
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$params = [ return $stmt->execute([
':email' => $email, ':email' => $email,
':password' => $hashedPassword, ':password' => $hashedPassword,
':valid_until' => $validUntil ':validUntil' => $validUntil
]; ]);
return $stmt->execute($params);
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e); new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die; die;
@@ -194,16 +190,16 @@ class AuthModel extends Database
} }
$hashedPassword = password_hash($newpw, PASSWORD_DEFAULT); $hashedPassword = password_hash($newpw, PASSWORD_DEFAULT);
$sql = "UPDATE user SET password = :password WHERE email = :email"; $sql = "INSERT INTO user (email, password)
VALUES (:email, :password)";
try{ try{
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
$params = [ return $stmt->execute([
':email' => $email, ':email' => $email,
':password' => $hashedPassword, ':password' => $hashedPassword,
]; ]);
return $stmt->execute($params);
} catch (PDOException $e) { } catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die; die;
@@ -217,24 +213,4 @@ class AuthModel extends Database
else else
return false; return false;
} }
public function pwRequirementCheck($password){
$error = [];
if(strlen($password) < 8)
$error[] = "Passwort: mindestens 8 Zeichen";
if(!preg_match("/[A-Z]/", $password))
$error[] = "Passwort: mindestens ein Großbuchstabe";
if(!preg_match("/[a-z]/", $password))
$error[] = "Passwort: mindestens ein Kleinbuchstabe";
if(!preg_match("/[0-9]/", $password))
$error[] = "Passwort: mindestens eine Zahl";
if(!preg_match("/[^a-zA-Z0-9\s]/", $password))
$error[] = "Passwort: mindestens ein Sonderzeichen";
if(empty($error))
return true;
else
return $error;
}
} }

31
Model/ContactModel.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace Blog\Model;
use PDOException;
class ContactModel extends Database
{
public function writeContactData($values)
{
$guid = $this->createUUID();
$sql = "INSERT INTO contact (`id`, `name`, `email`, `content`) VALUES (
:guid, :name, :email, :content);";
$pdo = $this->linkDB();
try {
$sth = $pdo->prepare($sql);
$sth->execute(array(":guid" => $guid,
":name" => $values["name"],
":email" => $values["email"],
":content" => $values["content"]));
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
return true;
}
}

30
Model/EventModel.php
View File

@@ -8,7 +8,7 @@ class EventModel extends Database {
public function getEvents() { public function getEvents() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM event ORDER BY start_date DESC;"; $sql = "SELECT * FROM ausstellung ORDER BY datum_von DESC;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute(); $sth->execute();
@@ -21,7 +21,7 @@ class EventModel extends Database {
public function getEvent($id) { public function getEvent($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM event WHERE event_id = :id;"; $sql = "SELECT * FROM ausstellung WHERE ausstellungid = :id;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]); $sth->execute([":id" => $id]);
@@ -34,15 +34,15 @@ class EventModel extends Database {
public function updateEvent($id, $data) { public function updateEvent($id, $data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE event SET location_id = :location_id, start_date = :start_date, end_date = :end_date, name = :name, description = :description, max_tickets = :max_tickets, ticket_price = :ticket_price WHERE event_id = :id;"; $sql = "UPDATE ausstellung SET standortid = :standortid, datum_von = :datum_von, datum_bis = :datum_bis, name = :name, beschreibung = :beschreibung, max_tickets = :max_tickets, preis = :preis WHERE ausstellungid = :id;";
$params = [ $params = [
":location_id" => $data['location_id'], ":standortid" => $data['standortid'],
":start_date" => $data['start_date'], ":datum_von" => $data['datum_von'],
":end_date" => $data['end_date'], ":datum_bis" => $data['datum_bis'],
":name" => $data['name'], ":name" => $data['name'],
":description" => $data['description'], ":beschreibung" => $data['beschreibung'],
":max_tickets" => $data['max_tickets'], ":max_tickets" => $data['max_tickets'],
":ticket_price" => $data['ticket_price'], ":preis" => $data['preis'],
":id" => $id ":id" => $id
]; ];
try { try {
@@ -56,15 +56,15 @@ class EventModel extends Database {
public function createEvent($data) { public function createEvent($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO event (location_id, start_date, end_date, name, description, max_tickets, ticket_price) VALUES (:location_id, :start_date, :end_date, :name, :description, :max_tickets, :ticket_price);"; $sql = "INSERT INTO ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets, preis) VALUES (:standortid, :datum_von, :datum_bis, :name, :beschreibung, :max_tickets, :preis);";
$params = [ $params = [
":location_id" => $data['location_id'], ":standortid" => $data['standortid'],
":start_date" => $data['start_date'], ":datum_von" => $data['datum_von'],
":end_date" => $data['end_date'], ":datum_bis" => $data['datum_bis'],
":name" => $data['name'], ":name" => $data['name'],
":description" => $data['description'], ":beschreibung" => $data['beschreibung'],
":max_tickets" => $data['max_tickets'], ":max_tickets" => $data['max_tickets'],
":ticket_price" => $data['ticket_price'] ":preis" => $data['preis']
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -78,7 +78,7 @@ class EventModel extends Database {
public function deleteEvent($id) { public function deleteEvent($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM event WHERE event_id = :id;"; $sql = "DELETE FROM ausstellung WHERE ausstellungid = :id;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]); $sth->execute([":id" => $id]);

22
Model/GutscheinModel.php
View File

@@ -8,7 +8,7 @@ class GutscheinModel extends Database {
public function getGutscheine() { public function getGutscheine() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM voucher ORDER BY valid_until DESC;"; $sql = "SELECT * FROM gutschein ORDER BY gueltigkeit DESC;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute(); $sth->execute();
@@ -21,7 +21,7 @@ class GutscheinModel extends Database {
public function getGutschein($id) { public function getGutschein($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM voucher WHERE voucher_id = :id;"; $sql = "SELECT * FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id]; $params = [":id" => $id];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -35,12 +35,12 @@ class GutscheinModel extends Database {
public function createGutschein($data) { public function createGutschein($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO voucher (code, discount, event_id, valid_until) VALUES (:code, :discount, :event_id, :valid_until);"; $sql = "INSERT INTO gutschein (code, rabatt, ausstellungid, gueltigkeit) VALUES (:code, :rabatt, :ausstellungid, :gueltigkeit);";
$params = [ $params = [
":code" => $data['code'], ":code" => $data['code'],
":discount" => $data['discount'], ":rabatt" => $data['rabatt'],
":event_id" => $data['event_id'], ":ausstellungid" => $data['ausstellungid'],
":valid_until" => $data['valid_until'] ":gueltigkeit" => $data['gueltigkeit']
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -54,12 +54,12 @@ class GutscheinModel extends Database {
public function updateGutschein($id, $data) { public function updateGutschein($id, $data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE voucher SET code = :code, discount = :discount, event_id = :event_id, valid_until = :valid_until WHERE voucher_id = :id;"; $sql = "UPDATE gutschein SET code = :code, rabatt = :rabatt, ausstellungid = :ausstellungid, gueltigkeit = :gueltigkeit WHERE gutscheinid = :id;";
$params = [ $params = [
":code" => $data['code'], ":code" => $data['code'],
":discount" => $data['discount'], ":rabatt" => $data['rabatt'],
":event_id" => $data['event_id'], ":ausstellungid" => $data['ausstellungid'],
":valid_until" => $data['valid_until'], ":gueltigkeit" => $data['gueltigkeit'],
":id" => $id ":id" => $id
]; ];
try { try {
@@ -73,7 +73,7 @@ class GutscheinModel extends Database {
public function deleteGutschein($id) { public function deleteGutschein($id) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM voucher WHERE voucher_id = :id;"; $sql = "DELETE FROM gutschein WHERE gutscheinid = :id;";
$params = [":id" => $id]; $params = [":id" => $id];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);

28
Model/NewsModel.php
View File

@@ -8,8 +8,8 @@ class NewsModel extends Database {
public function getNewsById($newsId) { public function getNewsById($newsId) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM news WHERE news_id = :news_id;"; $sql = "SELECT * FROM news WHERE newsid = :newsid;";
$params = [":news_id" => $newsId]; $params = [":newsid" => $newsId];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);
@@ -22,12 +22,12 @@ class NewsModel extends Database {
public function updateNews($newsId, $news) { public function updateNews($newsId, $news) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE news SET name = :name, description = :description, date = :date WHERE news_id = :news_id;"; $sql = "UPDATE news SET name = :name, beschreibung = :beschreibung, datum = :datum WHERE newsid = :newsid;";
$params = [ $params = [
":name" => $news['name'], ":name" => $news['titel'],
":description" => $news['description'], ":beschreibung" => $news['inhalt'],
":date" => $news['date'], ":datum" => $news['datum'],
":news_id" => $newsId ":newsid" => $newsId
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -41,7 +41,7 @@ class NewsModel extends Database {
public function getNews() { public function getNews() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM news ORDER BY date DESC;"; $sql = "SELECT * FROM news ORDER BY datum DESC;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute(); $sth->execute();
@@ -54,11 +54,11 @@ class NewsModel extends Database {
public function createNews($news) { public function createNews($news) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO news (name, description, date) VALUES (:name, :description, :date);"; $sql = "INSERT INTO news (name, beschreibung, datum) VALUES (:name, :beschreibung, :datum);";
$params = [ $params = [
":name" => $news['name'], ":name" => $news['titel'],
":description" => $news['description'], ":beschreibung" => $news['inhalt'],
":date" => $news['date'] ":datum" => $news['datum']
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -72,8 +72,8 @@ class NewsModel extends Database {
public function deleteNews($newsId) { public function deleteNews($newsId) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM news WHERE news_id = :news_id;"; $sql = "DELETE FROM news WHERE newsid = :newsid;";
$params = [":news_id" => $newsId]; $params = [":newsid" => $newsId];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);

62
Model/StandortModel.php
View File

@@ -8,7 +8,7 @@ class StandortModel extends Database {
public function getStandorte() { public function getStandorte() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM location ORDER BY location_id ASC;"; $sql = "SELECT * FROM Standort ORDER BY standortid ASC;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute(); $sth->execute();
@@ -19,10 +19,10 @@ class StandortModel extends Database {
} }
} }
public function getStandort($location_id) { public function getStandort($standortid) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT * FROM location WHERE location_id = :location_id;"; $sql = "SELECT * FROM Standort WHERE standortid = :standortid;";
$params = [":location_id" => $location_id]; $params = [":standortid" => $standortid];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);
@@ -35,15 +35,15 @@ class StandortModel extends Database {
public function createStandort($data) { public function createStandort($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO location (street, house_number, postal_code, city, country, phone, email) $sql = "INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email)
VALUES (:street, :house_number, :postal_code, :city, :country, :phone, :email);"; VALUES (:strasse, :hausnr, :plz, :ort, :land, :tel, :email);";
$params = [ $params = [
":street" => $data['street'], ":strasse" => $data['strasse'],
":house_number" => $data['house_number'], ":hausnr" => $data['hausnr'],
":postal_code" => $data['postal_code'], ":plz" => $data['plz'],
":city" => $data['city'], ":ort" => $data['ort'],
":country" => $data['country'], ":land" => $data['land'],
":phone" => $data['phone'], ":tel" => $data['tel'],
":email" => $data['email'] ":email" => $data['email']
]; ];
try { try {
@@ -56,26 +56,26 @@ class StandortModel extends Database {
} }
} }
public function updateStandort($location_id, $data) { public function updateStandort($standortid, $data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "UPDATE location SET $sql = "UPDATE Standort SET
street = :street, strasse = :strasse,
house_number = :house_number, hausnr = :hausnr,
postal_code = :postal_code, plz = :plz,
city = :city, ort = :ort,
country = :country, land = :land,
phone = :phone, tel = :tel,
email = :email email = :email
WHERE location_id = :location_id;"; WHERE standortid = :standortid;";
$params = [ $params = [
":street" => $data['street'], ":strasse" => $data['strasse'],
":house_number" => $data['house_number'], ":hausnr" => $data['hausnr'],
":postal_code" => $data['postal_code'], ":plz" => $data['plz'],
":city" => $data['city'], ":ort" => $data['ort'],
":country" => $data['country'], ":land" => $data['land'],
":phone" => $data['phone'], ":tel" => $data['tel'],
":email" => $data['email'], ":email" => $data['email'],
":location_id" => $location_id ":standortid" => $standortid
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -87,10 +87,10 @@ class StandortModel extends Database {
} }
} }
public function deleteStandort($location_id) { public function deleteStandort($standortid) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM location WHERE location_id = :location_id;"; $sql = "DELETE FROM Standort WHERE standortid = :standortid;";
$params = [":location_id" => $location_id]; $params = [":standortid" => $standortid];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);

80
Model/TicketModel.php
View File

@@ -8,12 +8,7 @@ class TicketModel extends Database {
public function getTickets() { public function getTickets() {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT t.*, e.name as event_name, e.start_date, e.end_date, e.ticket_price, $sql = "SELECT * FROM Ticket ORDER BY ticketid ASC;";
l.city as location_city, l.street as location_street, l.house_number as location_house_number
FROM ticket t
JOIN event e ON t.event_id = e.event_id
JOIN location l ON e.location_id = l.location_id
ORDER BY t.purchase_date DESC;";
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute(); $sth->execute();
@@ -24,75 +19,32 @@ class TicketModel extends Database {
} }
} }
public function getUserTickets($user_id) {
$pdo = $this->linkDB();
$sql = "SELECT t.*, e.name as event_name, e.start_date, e.end_date, e.ticket_price,
l.city as location_city, l.street as location_street, l.house_number as location_house_number
FROM ticket t
JOIN event e ON t.event_id = e.event_id
JOIN location l ON e.location_id = l.location_id
WHERE t.user_id = :user_id
ORDER BY t.purchase_date DESC;";
$params = [":user_id" => $user_id];
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Benutzer-Tickets.", $e);
die;
}
}
public function buyTicket($data) { public function buyTicket($data) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit)
// First check if the event still has available tickets VALUES (:userid, :ausstellungid, :kaufdatum, :gueltigkeit);";
$checkSql = "SELECT e.max_tickets, COUNT(t.ticket_id) as sold_tickets
FROM event e
LEFT JOIN ticket t ON e.event_id = t.event_id
WHERE e.event_id = :event_id
GROUP BY e.event_id, e.max_tickets";
try {
$checkStmt = $pdo->prepare($checkSql);
$checkStmt->execute([':event_id' => $data['event_id']]);
$eventInfo = $checkStmt->fetch(\PDO::FETCH_ASSOC);
if (!$eventInfo) {
throw new \Exception("Event nicht gefunden.");
}
if ($eventInfo['sold_tickets'] >= $eventInfo['max_tickets']) {
throw new \Exception("Alle Tickets für dieses Event sind bereits verkauft.");
}
} catch (PDOException $e) {
throw new \Exception("Fehler bei der Ticketverfügbarkeitsprüfung.");
}
$sql = "INSERT INTO ticket (user_id, event_id, purchase_date, valid_until)
VALUES (:user_id, :event_id, :purchase_date, :valid_until);";
$params = [ $params = [
":user_id" => $data['user_id'], ":userid" => $data['userid'],
":event_id" => $data['event_id'], ":ausstellungid" => $data['ausstellungid'],
":purchase_date" => $data['purchase_date'], ":kaufdatum" => $data['kaufdatum'],
":valid_until" => $data['valid_until'] ":gueltigkeit" => $data['gueltigkeit']
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);
return $pdo->lastInsertId(); return $pdo->lastInsertId();
} catch (PDOException $e) { } catch (PDOException $e) {
throw new \Exception("Fehler beim Kauf des Tickets."); new \Blog\Library\ErrorMsg("Fehler beim Kauf des Tickets.", $e);
die;
} }
} }
public function hasTicket($user_id, $event_id) { public function hasTicket($userid, $ausstellungid) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "SELECT COUNT(*) as count FROM ticket WHERE user_id = :user_id AND event_id = :event_id;"; $sql = "SELECT COUNT(*) as count FROM Ticket WHERE userid = :userid AND ausstellungid = :ausstellungid;";
$params = [ $params = [
":user_id" => $user_id, ":userid" => $userid,
":event_id" => $event_id ":ausstellungid" => $ausstellungid
]; ];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
@@ -104,10 +56,10 @@ class TicketModel extends Database {
} }
} }
public function deleteTicket($ticket_id) { public function deleteTicket($ticketid) {
$pdo = $this->linkDB(); $pdo = $this->linkDB();
$sql = "DELETE FROM ticket WHERE ticket_id = :ticket_id;"; $sql = "DELETE FROM Ticket WHERE ticketid = :ticketid;";
$params = [":ticket_id" => $ticket_id]; $params = [":ticketid" => $ticketid];
try { try {
$sth = $pdo->prepare($sql); $sth = $pdo->prepare($sql);
$sth->execute($params); $sth->execute($params);

23
Views/Auth/forgotPassword.phtml
View File

@@ -1,23 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Anmelden</h1>
<?php if (!empty($errors['login'])): ?>
<div class="login-error"><?=htmlspecialchars($errors['login'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<label for="email">E-Mail</label>
<input class="input-email" type="email" name="email" id="email" placeholder="E-Mail" required>
<label for="password">Passwort</label>
<input class="input-passwort" type="password" name="password" id="password" placeholder="Passwort" required>
<button class="button-loggin" type="submit">Login</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a class="link-passwort-vergessen" href="?controller=Auth&do=showForgotPasswordForm">Passwort vergessen?</a>
<br>
<a class="link-konto-erstellen" href="?controller=Auth&do=showRegistrationForm">Konto erstellen</a>
</div>
</div>
</div>

35
Views/Auth/login.phtml Normal file
View File

@@ -0,0 +1,35 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="login-page-bg">
<div class="login-container">
<h2 class="login-title">Login</h2>
<?php if (!empty($errors['login'])): ?>
<div class="login-error">
<?php echo htmlspecialchars($errors['login']); ?>
</div>
<?php elseif (!empty($loginSuccess)): ?>
<div class="login-success">
<p>Login f&uuml;r Benutzer <?php echo htmlspecialchars($_SESSION["user"]); ?> erfolgreich</p>
<a class="login-link" href="?controller=Welcome&do=showWelcome">Weiter</a>
</div>
<?php else: ?>
<form method="post" class="login-form">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<div class="login-field">
<label for="email">E-Mail:</label>
<input type="email" name="email" id="email" value="<?= htmlspecialchars($validData['email'] ?? '') ?>">
</div>
<div class="login-field">
<label for="password">Passwort:</label>
<input type="password" name="password" id="password">
</div>
<button class="login-btn" type="submit">Einloggen</button>
</form>
<?php endif; ?>
</div>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

61
Views/Auth/register.phtml Normal file
View File

@@ -0,0 +1,61 @@
<?php include dirname(__DIR__).'/header.phtml'; ?>
<?php if (!empty($success)) : ?>
<div class="success-message" style="color: green; margin-bottom: 1em;">
<p><?php echo htmlspecialchars($success); ?></p>
</div>
<?php endif; ?>
<?php if (!empty($errors)) : ?>
<div class="error-messages" style="color: red; margin-bottom: 1em;">
<ul>
<?php foreach ($errors as $field => $error) : ?>
<li><?php echo htmlspecialchars($error); ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
<form action="?controller=Auth&do=register" method="post">
<label for="vorname">Vorname:</label>
<input type="text" name="vorname" id="vorname" value="<?php echo htmlspecialchars($validData['vorname'] ?? ''); ?>" required>
<label for="nachname">Nachname:</label>
<input type="text" name="nachname" id="nachname" value="<?php echo htmlspecialchars($validData['nachname'] ?? ''); ?>" required>
<label for="straße">Straße:</label>
<input type="text" name="straße" id="straße" value="<?php echo htmlspecialchars($validData['straße'] ?? ''); ?>" required>
<label for="hausnr">Hausnummer:</label>
<input type="text" name="hausnr" id="hausnr" value="<?php echo htmlspecialchars($validData['hausnr'] ?? ''); ?>" required>
<label for="postleitzahl">Postleitzahl:</label>
<input type="text" name="postleitzahl" id="postleitzahl" value="<?php echo htmlspecialchars($validData['postleitzahl'] ?? ''); ?>" required>
<label for="ort">Ort:</label>
<input type="text" name="ort" id="ort" value="<?php echo htmlspecialchars($validData['ort'] ?? ''); ?>" required>
<label for="land">Land:</label>
<input type="text" name="land" id="land" value="<?php echo htmlspecialchars($validData['land'] ?? ''); ?>" required>
<label for="tel">Telefonnummer:</label>
<input type="text" name="tel" id="tel" value="<?php echo htmlspecialchars($validData['tel'] ?? ''); ?>">
<label for="email">E-Mail-Adresse:</label>
<input type="email" name="email" id="email" value="<?php echo htmlspecialchars($validData['email'] ?? ''); ?>" required>
<label for="password">Passwort:</label>
<input type="password" name="password" id="password" required>
<label for="password_repeat">Passwort wiederholen:</label>
<input type="password" name="password_repeat" id="password_repeat" required>
<label for="isAdmin">
<input type="checkbox" name="isAdmin" id="isAdmin" value="1" <?php echo (!empty($validData['isAdmin'])) ? 'checked' : ''; ?>>
Admin-Rechte
</label>
<button type="submit">Registrieren</button>
</form>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

27
Views/Auth/showAuthForm.phtml Normal file
View File

@@ -0,0 +1,27 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Anmelden</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<button class="button-loggin">Login</button>
<a class="link-passwort-vergessen">Passwort vergessen?</a>
<a class="link-konto-erstellen">Konto erstellen</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

23
Views/Auth/showLoginForm.phtml
View File

@@ -1,23 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Anmelden</h1>
<?php if (!empty($errors['login'])): ?>
<div class="error-box"><?=htmlspecialchars($errors['login'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="login">
<label for="email">E-Mail</label>
<input class="input-email" type="email" name="email" id="email" placeholder="E-Mail" required>
<label for="password">Passwort</label>
<input class="input-passwort" type="password" name="password" id="password" placeholder="Passwort" required>
<button class="button-login" type="submit">Login</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a class="link-passwort-vergessen" href="?controller=Auth&do=showForgotPasswordForm">Passwort vergessen?</a>
<br>
<a class="link-konto-erstellen" href="?controller=Auth&do=showRegistrationForm">Konto erstellen</a>
</div>
</div>
</div>

15
Views/Auth/showLoginSuccess.phtml
View File

@@ -1,15 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>Login erfolgreich!</h2>
<p>Sie werden in wenigen Sekunden zu den News weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=News&do=showNews";
}, 2000); // 2 Sekunden warten
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=News&do=showNews">
</noscript>

14
Views/Auth/showLogoutSuccess.phtml
View File

@@ -1,14 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>Logout erfolgreich!</h2>
<p>Sie werden in wenigen Sekunden zum Login weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=Auth&do=showLoginForm";
}, 2000); // 2 Sekunden warten
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=Auth&do=showLoginForm">
</noscript>

37
Views/Auth/showRegistrationForm.phtml
View File

@@ -1,37 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Registrieren</h1>
<?php if (!empty($errors['register'])): ?>
<div class="error-box"><?=htmlspecialchars($errors['register'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Auth">
<input type="hidden" name="do" value="register">
<label for="first_name">Vorname</label>
<input class="input-vorname" type="text" name="first_name" id="first_name" placeholder="Vorname" required value="<?=htmlspecialchars($validData['first_name'] ?? '')?>">
<label for="last_name">Nachname</label>
<input class="input-nachname" type="text" name="last_name" id="last_name" placeholder="Nachname" required value="<?=htmlspecialchars($validData['last_name'] ?? '')?>">
<label for="email">E-Mail</label>
<input class="input-email" type="email" name="email" id="email" placeholder="E-Mail" required value="<?=htmlspecialchars($validData['email'] ?? '')?>">
<label for="password">Passwort</label>
<input class="input-passwort" type="password" name="password" id="password" placeholder="Passwort" required>
<label for="password_repeat">Passwort wiederholen</label>
<input class="input-passwort-repeat" type="password" name="password_repeat" id="password_repeat" placeholder="Passwort wiederholen" required>
<label for="street">Straße</label>
<input class="input-strasse" type="text" name="street" id="street" placeholder="Straße" required value="<?=htmlspecialchars($validData['street'] ?? '')?>">
<label for="house_number">Hausnr.</label>
<input class="input-hausnr" type="text" name="house_number" id="house_number" placeholder="Hausnr." required value="<?=htmlspecialchars($validData['house_number'] ?? '')?>">
<label for="postal_code">Postleitzahl</label>
<input class="input-postleitzahl" type="text" name="postal_code" id="postal_code" placeholder="Postleitzahl" required value="<?=htmlspecialchars($validData['postal_code'] ?? '')?>">
<label for="city">Ort</label>
<input class="input-ort" type="text" name="city" id="city" placeholder="Ort" required value="<?=htmlspecialchars($validData['city'] ?? '')?>">
<label for="country">Land</label>
<input class="input-land" type="text" name="country" id="country" placeholder="Land" required value="<?=htmlspecialchars($validData['country'] ?? '')?>">
<label for="phone">Telefonnr.</label>
<input class="input-tel" type="text" name="phone" id="phone" placeholder="Telefonnr." required value="<?=htmlspecialchars($validData['phone'] ?? '')?>">
<button class="button-register" type="submit">Registrieren</button>
</form>
<a class="link-konto-erstellen" href="?controller=Auth&do=showLoginForm">Login</a>
</div>
</div>

14
Views/Auth/showRegistrationSuccess.phtml
View File

@@ -1,14 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>Registrierung erfolgreich!</h2>
<p>Sie werden in wenigen Sekunden zum Login weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=Auth&do=showLoginForm";
}, 2000);
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=Auth&do=showLoginForm">
</noscript>

12
Views/Event/createEvent.phtml Normal file
View File

@@ -0,0 +1,12 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Das Event "<?php echo $name?>" wurde erfolgreich erstellt!</p>
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

13
Views/Event/deleteEvent.phtml
View File

@@ -2,14 +2,11 @@
include dirname(__DIR__).'/header.phtml'; include dirname(__DIR__).'/header.phtml';
?> ?>
<div class="inhalt">
<div class="msg"> <div class="msg">
<p>Das Event mit der ID "<?php echo htmlspecialchars($id); ?>" wurde erfolgreich gelöscht!</p> <p>Das Event mit der id"<?php echo $id?>" wurde erfolgreich gelöscht!</p>
<p>Sie werden in 3 Sekunden zur Event-Übersicht weitergeleitet...</p> <a href="?controller=Event&do=showEvents">Weiter</a>
<a href="?controller=Event&do=showEvents">Jetzt zur Event-Übersicht</a>
</div> </div>
</div>
<meta http-equiv="refresh" content="3;url=index.php?controller=Event&do=showEvents"> <?php
include dirname(__DIR__).'/footer.phtml';
<?php include dirname(__DIR__).'/footer.phtml'; ?> ?>

38
Views/Event/showCreateEvent.phtml
View File

@@ -1,38 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Event erstellen</h1>
<?php if (!empty(
$errors['event'])): ?>
<div class="error-box"><?=htmlspecialchars($errors['event'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Event">
<input type="hidden" name="do" value="createEvent">
<label for="name">Name</label>
<input type="text" name="name" id="name" required value="<?=htmlspecialchars($validData['name'] ?? '')?>">
<label for="start_date">Startdatum</label>
<input type="date" name="start_date" id="start_date" required value="<?=htmlspecialchars($validData['start_date'] ?? '')?>">
<label for="end_date">Enddatum</label>
<input type="date" name="end_date" id="end_date" required value="<?=htmlspecialchars($validData['end_date'] ?? '')?>">
<label for="location_id">Standort</label>
<select name="location_id" id="location_id" required>
<option value="">Standort wählen</option>
<?php if (!empty($locations)): ?>
<?php foreach ($locations as $loc): ?>
<option value="<?= htmlspecialchars($loc['location_id']) ?>" <?= (isset($validData['location_id']) && $validData['location_id'] == $loc['location_id']) ? 'selected' : '' ?>>
<?= htmlspecialchars($loc['city']) ?>, <?= htmlspecialchars($loc['street']) ?> <?= htmlspecialchars($loc['house_number']) ?>
</option>
<?php endforeach; ?>
<?php endif; ?>
</select>
<label for="description">Beschreibung</label>
<textarea name="description" id="description" rows="7" required><?=htmlspecialchars($validData['description'] ?? '')?></textarea>
<label for="max_tickets">Max. Tickets</label>
<input type="number" name="max_tickets" id="max_tickets" required value="<?=htmlspecialchars($validData['max_tickets'] ?? '')?>">
<label for="ticket_price">Ticketpreis</label>
<input type="number" step="0.01" name="ticket_price" id="ticket_price" required value="<?=htmlspecialchars($validData['ticket_price'] ?? '')?>">
<button class="button-register" type="submit">Event erstellen</button>
</form>
<a href="?controller=Event&do=showEvents">Zurück zur Übersicht</a>
</div>
</div>

15
Views/Event/showCreateForwarding.phtml
View File

@@ -1,15 +0,0 @@
<div class="inhalt">
<div class="create-forwarding">
<h2>Erstellen...</h2>
<p>Sie werden in wenigen Sekunden zu der Erstell Seite weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=Event&do=showCreateEvent";
}, 2000); // 2 Sekunden warten
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=Event&do=showCreateEvent">
</noscript>

67
Views/Event/showEvents.phtml
View File

@@ -1,14 +1,8 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle Ausstellungen</h2>
<?php if (!empty($events)): ?> <?php if (!empty($events)): ?>
<div class="inhalt">
<div class="content-container">
<div class="event-header">
<h2>Alle Ausstellungen</h2>
<?php if (isset($_SESSION['is_admin']) && $_SESSION['is_admin']): ?>
<a href="?controller=Event&do=showCreateEvent" class="admin-btn">Event erstellen</a>
<?php endif; ?>
</div>
<div class="event-container-inhalt">
<table> <table>
<thead> <thead>
<tr> <tr>
@@ -16,59 +10,24 @@
<th>Beschreibung</th> <th>Beschreibung</th>
<th>Von</th> <th>Von</th>
<th>Bis</th> <th>Bis</th>
<th>Preis</th> <th>Max. Tickets</th>
<th>Tickets</th>
<th>Aktionen</th>
<?php if (isset($_SESSION['is_admin']) && $_SESSION['is_admin']): ?>
<th>Admin</th>
<?php endif; ?>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($events as $event): ?> <?php foreach ($events as $event): ?>
<tr class="event-row" data-event-id="<?php echo $event['event_id']; ?>" style="cursor: pointer;"> <tr>
<td><?php echo htmlspecialchars($event['name']); ?></td> <td><?php echo htmlspecialchars($event['name']); ?></td>
<td><?php echo nl2br(htmlspecialchars($event['description'])); ?></td> <td><?php echo nl2br(htmlspecialchars($event['beschreibung'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['start_date'])); ?></td> <td><?php echo date('d.m.Y', strtotime($event['datum_von'])); ?></td>
<td><?php echo date('d.m.Y', strtotime($event['end_date'])); ?></td> <td><?php echo date('d.m.Y', strtotime($event['datum_bis'])); ?></td>
<td><?php echo number_format($event['ticket_price'], 2, ',', '.'); ?></td>
<td><?php echo (int) $event['max_tickets']; ?></td> <td><?php echo (int) $event['max_tickets']; ?></td>
<td>
<a href="?controller=Ticket&do=showBuyTicketForm&event_id=<?php echo $event['event_id']; ?>" class="admin-btn">Ticket kaufen</a>
</td>
<?php if (isset($_SESSION['is_admin']) && $_SESSION['is_admin']): ?>
<td>
<a href="?controller=Event&do=showUpdateEvent&event_id=<?php echo $event['event_id']; ?>" class="admin-btn">Bearbeiten</a>
<a href="?controller=Event&do=deleteEvent&event_id=<?php echo $event['event_id']; ?>" class="admin-btn" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td>
<?php endif; ?>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
</table> </table>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
const eventRows = document.querySelectorAll('.event-row');
eventRows.forEach(function(row) {
row.addEventListener('dblclick', function(e) {
// Don't trigger if clicking on a link or button
if (e.target.tagName === 'A' || e.target.tagName === 'BUTTON') {
return;
}
const eventId = this.getAttribute('data-event-id');
if (eventId) {
window.location.href = 'index.php?controller=Ticket&do=showBuyTicketForm&event_id=' + eventId;
}
});
});
});
</script>
<?php else: ?> <?php else: ?>
<p>Derzeit sind keine Ausstellungen verfügbar.</p> <p>Derzeit sind keine Ausstellungen verfügbar.</p>
<?php endif; ?> <?php endif; ?>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

31
Views/Event/showUpdateEvent.phtml
View File

@@ -1,31 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Event bearbeiten</h1>
<?php if (!empty(
$errors['event'])): ?>
<div class="error-box"><?=htmlspecialchars($errors['event'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Event">
<input type="hidden" name="do" value="updateEvent">
<input type="hidden" name="id" value="<?=htmlspecialchars($event['id'] ?? '')?>">
<label for="name">Name</label>
<input type="text" name="name" id="name" required value="<?=htmlspecialchars($event['name'] ?? '')?>">
<label for="start_date">Startdatum</label>
<input type="date" name="start_date" id="start_date" required value="<?=htmlspecialchars($event['start_date'] ?? '')?>">
<label for="end_date">Enddatum</label>
<input type="date" name="end_date" id="end_date" required value="<?=htmlspecialchars($event['end_date'] ?? '')?>">
<label for="location_id">Standort</label>
<input type="text" name="location_name" value="<?=htmlspecialchars($event['location_name'] ?? '')?>" readonly>
<input type="hidden" name="location_id" value="<?=htmlspecialchars($event['location_id'] ?? '')?>">
<label for="description">Beschreibung</label>
<textarea name="description" id="description" rows="7" required><?=htmlspecialchars($event['description'] ?? '')?></textarea>
<label for="max_tickets">Max. Tickets</label>
<input type="number" name="max_tickets" id="max_tickets" required value="<?=htmlspecialchars($event['max_tickets'] ?? '')?>">
<label for="ticket_price">Ticketpreis</label>
<input type="number" step="0.01" name="ticket_price" id="ticket_price" required value="<?=htmlspecialchars($event['ticket_price'] ?? '')?>">
<button class="button-register" type="submit">Änderungen speichern</button>
</form>
<a href="?controller=Event&do=showEvents">Zurück zur Übersicht</a>
</div>
</div>

15
Views/Event/showUpdateForwarding.phtml
View File

@@ -1,15 +0,0 @@
<div class="inhalt">
<div class="update-forwarding">
<h2>Editieren...</h2>
<p>Sie werden in wenigen Sekunden zur Edit Seite weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=Event&do=showUpdateEvent";
}, 2000); // 2 Sekunden warten
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=Event&do=showUpdateEvent">
</noscript>

12
Views/Event/updateEvent.phtml Normal file
View File

@@ -0,0 +1,12 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="msg">
<p>Das Event mit der ID "<?php echo $ausstellungid?>" wurde erfolgreich bearbeitet!</p>
<a href="?controller=Event&do=showEvents">Weiter</a>
</div>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

8
Views/Gutschein/createGutschein.phtml
View File

@@ -1 +1,7 @@
echo "create gutschein" <?php
include dirname(__DIR__).'/header.phtml';
?>
<!-- Gutschein-Erstellungsformular oder Inhalt hier einfügen -->
<?php
include dirname(__DIR__).'/footer.phtml';
?>

19
Views/Gutschein/createGutscheinForm.phtml
View File

@@ -1,19 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Neuen Gutschein anlegen</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Gutschein">
<input type="hidden" name="do" value="createGutschein">
<label for="code">Code</label>
<input type="text" id="code" name="code" required>
<label for="discount">Rabatt (%)</label>
<input type="number" id="discount" name="discount" min="0" max="100" required>
<label for="event_id">Event-ID</label>
<input type="number" id="event_id" name="event_id" required>
<label for="valid_until">Gültig bis</label>
<input type="date" id="valid_until" name="valid_until" required>
<button class="admin-btn" type="submit">Erstellen</button>
</form>
<a href="?controller=Gutschein&do=adminVerwaltung" class="admin-btn" style="background:#888;">Abbrechen</a>
</div>
</div>

20
Views/Gutschein/editGutscheinForm.phtml
View File

@@ -1,20 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Gutschein bearbeiten</h1>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Gutschein">
<input type="hidden" name="do" value="updateGutschein">
<input type="hidden" name="gutscheinid" value="<?=htmlspecialchars($gutschein['voucher_id'])?>">
<label for="code">Code</label>
<input type="text" id="code" name="code" required value="<?=htmlspecialchars($gutschein['code'])?>">
<label for="discount">Rabatt (%)</label>
<input type="number" id="discount" name="discount" min="0" max="100" required value="<?=htmlspecialchars($gutschein['discount'])?>">
<label for="event_id">Event-ID</label>
<input type="number" id="event_id" name="event_id" required value="<?=htmlspecialchars($gutschein['event_id'])?>">
<label for="valid_until">Gültig bis</label>
<input type="date" id="valid_until" name="valid_until" required value="<?=htmlspecialchars($gutschein['valid_until'])?>">
<button class="admin-btn" type="submit">Speichern</button>
</form>
<a href="?controller=Gutschein&do=adminVerwaltung" class="admin-btn" style="background:#888;">Abbrechen</a>
</div>
</div>

14
Views/Gutschein/showCreateSuccess.phtml
View File

@@ -1,14 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>Gutschein erfolgreich erstellt!</h2>
<p>Du wirst in wenigen Sekunden zur Übersicht weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=Gutschein&do=adminVerwaltung";
}, 2000);
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=Gutschein&do=adminVerwaltung">
</noscript>

26
Views/Gutschein/showGutscheine.phtml
View File

@@ -1,10 +1,10 @@
<div class="inhalt" style="flex-direction:column;align-items:center;"> <?php
<div class="gutschein-header-block"> include dirname(__DIR__).'/header.phtml';
<h2>Alle Gutscheine</h2> ?>
<a href="?controller=Gutschein&do=createGutscheinForm" class="admin-btn">Neuen Gutschein anlegen</a> <h2>Alle Gutscheine</h2>
</div> <a href="?controller=Gutschein&do=createGutscheinForm">Neuen Gutschein anlegen</a>
<?php if (!empty($gutscheine)): ?> <?php if (!empty($gutscheine)): ?>
<table class="gutschein-table"> <table border="1" cellpadding="8" cellspacing="0">
<thead> <thead>
<tr> <tr>
<th>Code</th> <th>Code</th>
@@ -18,12 +18,12 @@
<?php foreach ($gutscheine as $g): ?> <?php foreach ($gutscheine as $g): ?>
<tr> <tr>
<td><?php echo htmlspecialchars($g['code']); ?></td> <td><?php echo htmlspecialchars($g['code']); ?></td>
<td><?php echo (int)$g['discount']; ?></td> <td><?php echo (int)$g['rabatt']; ?></td>
<td><?php echo (int)$g['event_id']; ?></td> <td><?php echo (int)$g['ausstellungid']; ?></td>
<td><?php echo htmlspecialchars($g['valid_until']); ?></td> <td><?php echo htmlspecialchars($g['gueltigkeit']); ?></td>
<td> <td>
<a href="?controller=Gutschein&do=editGutscheinForm&gutscheinid=<?php echo $g['voucher_id']; ?>" class="admin-btn">Bearbeiten</a> <a href="?controller=Gutschein&action=editGutscheinForm&id=<?php echo $g['gutscheinid']; ?>">Bearbeiten</a> |
<a href="?controller=Gutschein&do=deleteGutschein&gutscheinid=<?php echo $g['voucher_id']; ?>" class="admin-btn" onclick="return confirm('Wirklich löschen?');">Löschen</a> <a href="?controller=Gutschein&action=deleteGutschein&id=<?php echo $g['gutscheinid']; ?>" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</td> </td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
@@ -32,4 +32,6 @@
<?php else: ?> <?php else: ?>
<p>Keine Gutscheine vorhanden.</p> <p>Keine Gutscheine vorhanden.</p>
<?php endif; ?> <?php endif; ?>
</div> <?php
include dirname(__DIR__).'/footer.phtml';
?>

20
Views/News/createNewsForm.phtml
View File

@@ -1,20 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>News erstellen</h1>
<?php if (!empty($errors['news'])): ?>
<div class="error-box"><?=htmlspecialchars($errors['news'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="News">
<input type="hidden" name="do" value="createNews">
<label for="name">Titel</label>
<input type="text" name="name" id="name" required value="<?=htmlspecialchars($validData['name'] ?? '')?>">
<label for="date">Datum</label>
<input type="date" name="date" id="date" required value="<?=htmlspecialchars($validData['date'] ?? date('Y-m-d'))?>">
<label for="description">Beschreibung</label>
<textarea name="description" id="description" rows="7" required><?=htmlspecialchars($validData['description'] ?? '')?></textarea>
<button class="button-register" type="submit">News speichern</button>
</form>
<a href="?controller=News&do=showNews">Zurück zur Übersicht</a>
</div>
</div>

21
Views/News/editNewsForm.phtml
View File

@@ -1,21 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>News bearbeiten</h1>
<?php if (!empty($errors['news'])): ?>
<div class="error-box"><?=htmlspecialchars($errors['news'])?></div>
<?php endif; ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="News">
<input type="hidden" name="do" value="updateNews">
<input type="hidden" name="id" value="<?=htmlspecialchars($id ?? '')?>">
<label for="name">Titel</label>
<input type="text" name="name" id="name" required value="<?=htmlspecialchars($validData['name'] ?? '')?>">
<label for="date">Datum</label>
<input type="date" name="date" id="date" required value="<?=htmlspecialchars($validData['date'] ?? date('Y-m-d'))?>">
<label for="description">Beschreibung</label>
<textarea name="description" id="description" rows="7" required><?=htmlspecialchars($validData['description'] ?? '')?></textarea>
<button class="button-register" type="submit">Änderungen speichern</button>
</form>
<a href="?controller=News&do=showNews">Zurück zur Übersicht</a>
</div>
</div>

14
Views/News/showCreateSuccess.phtml
View File

@@ -1,14 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>News erfolgreich erstellt!</h2>
<p>Du wirst in wenigen Sekunden zur Übersicht weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=News&do=showNews";
}, 2000);
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=News&do=showNews">
</noscript>

14
Views/News/showDeleteSuccess.phtml
View File

@@ -1,14 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>News erfolgreich gelöscht!</h2>
<p>Du wirst in wenigen Sekunden zur Übersicht weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=News&do=showNews";
}, 2000);
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=News&do=showNews">
</noscript>

14
Views/News/showEditSuccess.phtml
View File

@@ -1,14 +0,0 @@
<div class="inhalt">
<div class="status-box">
<h2>News erfolgreich bearbeitet!</h2>
<p>Du wirst in wenigen Sekunden zur Übersicht weitergeleitet...</p>
</div>
</div>
<script>
setTimeout(function() {
window.location.href = "?controller=News&do=showNews";
}, 2000);
</script>
<noscript>
<meta http-equiv="refresh" content="2;url=?controller=News&do=showNews">
</noscript>

57
Views/News/showNews.phtml
View File

@@ -1,40 +1,29 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<h2>Alle News</h2>
<?php if (!empty($news)): ?> <?php if (!empty($news)): ?>
<div class="inhalt"> <table>
<div class="content-container"> <thead>
<div class="news-header"> <tr>
<h2>Alle Infos</h2> <th>Name</th>
<?php if (isset($_SESSION['is_admin']) && $_SESSION['is_admin']): ?> <th>Beschreibung</th>
<a href="?controller=News&do=createNewsForm" class="admin-btn">News erstellen</a> <th>Datum</th>
<?php endif; ?> </tr>
</div> </thead>
<div class="news-cards"> <tbody>
<?php foreach ($news as $item): ?> <?php foreach ($news as $item): ?>
<div class="card"> <tr>
<h3><?=htmlspecialchars($item['name'])?></h3> <td><?php echo htmlspecialchars($item['name']); ?></td>
<div class="news-date"><?=date('d.m.Y', strtotime($item['date']))?></div> <td><?php echo nl2br(htmlspecialchars($item['beschreibung'])); ?></td>
<div class="news-desc"> <td><?php echo date('d.m.Y', strtotime($item['datum'])); ?></td>
<?php </tr>
$desc = htmlspecialchars($item['description']);
if (mb_strlen($desc) > 255) {
$short = mb_substr($desc, 0, 255) . '...';
echo nl2br($short) . ' <a href="?controller=News&do=showNewsDetail&id=' . $item['news_id'] . '">mehr lesen</a>';
} else {
echo nl2br($desc);
}
?>
</div>
<?php if (isset($_SESSION['is_admin']) && $_SESSION['is_admin']): ?>
<div class="news-card-actions">
<a href="?controller=News&do=editNewsForm&id=<?=$item['news_id']?>" class="admin-btn">Bearbeiten</a>
<a href="?controller=News&do=deleteNews&id=<?=$item['news_id']?>" class="admin-btn" onclick="return confirm('Wirklich löschen?');">Löschen</a>
</div>
<?php endif; ?>
</div>
<?php endforeach; ?> <?php endforeach; ?>
</div> </tbody>
</table>
<?php else: ?> <?php else: ?>
<p>Derzeit sind keine News verfügbar.</p> <p>Derzeit sind keine News verfügbar.</p>
<?php endif; ?> <?php endif; ?>
</div> <?php
</div> include dirname(__DIR__).'/footer.phtml';
</div> ?>

10
Views/News/showNewsDetail.phtml
View File

@@ -1,10 +0,0 @@
<div class="inhalt">
<div class="content-container">
<div class="card card--wide">
<h2><?=htmlspecialchars($news['name'])?></h2>
<div class="news-date"><?=date('d.m.Y', strtotime($news['date']))?></div>
<div class="news-desc"><?=nl2br(htmlspecialchars($news['description']))?></div>
<a href="?controller=News&do=showNews" class="admin-btn">Zurück zur Übersicht</a>
</div>
</div>
</div>

0
Views/Profile/showProfile.phtml
View File

69
Views/Register/showRegisterPage.phtml Normal file
View File

@@ -0,0 +1,69 @@
<?php
include dirname(__DIR__) . '/header.phtml';
?>
<div class="inhalt">
<div class="login-container">
<h1>Registrieren</h1>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-vorname" type="text" placeholder="Vorname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-nachname" type="text" placeholder="Nachname">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-email" type="text" placeholder="E-Mail">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort" type="text" placeholder="Passwort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-passwort-repeat" type="text" placeholder="Passwort wiederholen">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-strasse" type="text" placeholder="Straße">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-hausnr" type="text" placeholder="Hausnr.">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-postleitzahl" type="text" placeholder="Postleitzahl">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-ort" type="text" placeholder="Ort">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-land" type="text" placeholder="Land">
</label>
</form>
<form class="form-horizontal" action="#" method="post">
<label>
<input class="input-tel" type="text" placeholder="Telefonnr.">
</label>
</form>
<button class="button-register">Registrieren</button>
<a class="link-konto-erstellen">Login</a>
</div>
</div>
<?php
include dirname(__DIR__) . '/footer.phtml';
?>

26
Views/Standort/showStandorte.phtml
View File

@@ -1,8 +1,7 @@
<?php include dirname(__DIR__) . '/header.phtml'; ?> <?php
include dirname(__DIR__).'/header.phtml';
<div class="inhalt"> ?>
<h2>Unsere Standorte</h2> <h2>Unsere Standorte</h2>
<?php if (!empty($standorte)): ?> <?php if (!empty($standorte)): ?>
<table border="1" cellpadding="8" cellspacing="0"> <table border="1" cellpadding="8" cellspacing="0">
<thead> <thead>
@@ -19,12 +18,12 @@
<tbody> <tbody>
<?php foreach ($standorte as $standort): ?> <?php foreach ($standorte as $standort): ?>
<tr> <tr>
<td><?php echo htmlspecialchars($standort['street']); ?></td> <td><?php echo htmlspecialchars($standort['strasse']); ?></td>
<td><?php echo htmlspecialchars($standort['house_number']); ?></td> <td><?php echo htmlspecialchars($standort['hausnr']); ?></td>
<td><?php echo htmlspecialchars($standort['postal_code']); ?></td> <td><?php echo htmlspecialchars($standort['plz']); ?></td>
<td><?php echo htmlspecialchars($standort['city']); ?></td> <td><?php echo htmlspecialchars($standort['ort']); ?></td>
<td><?php echo htmlspecialchars($standort['country']); ?></td> <td><?php echo htmlspecialchars($standort['land']); ?></td>
<td><?php echo htmlspecialchars($standort['phone']); ?></td> <td><?php echo htmlspecialchars($standort['tel']); ?></td>
<td><?php echo htmlspecialchars($standort['email']); ?></td> <td><?php echo htmlspecialchars($standort['email']); ?></td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
@@ -33,5 +32,6 @@
<?php else: ?> <?php else: ?>
<p>Keine Standorte gefunden.</p> <p>Keine Standorte gefunden.</p>
<?php endif; ?> <?php endif; ?>
</div> <?php
<?php include dirname(__DIR__) . '/footer.phtml'; ?> include dirname(__DIR__).'/footer.phtml';
?>

37
Views/Ticket/buyTicket.phtml
View File

@@ -1,27 +1,12 @@
<div class="inhalt"> <?php
<div class="form-container"> include dirname(__DIR__).'/header.phtml';
<h1>Ticket erfolgreich gekauft!</h1> ?>
<?php if (isset($event) && isset($ticket_id)): ?> <div class="msg">
<div class="status-box"> <p>Ihr Ticket für das Event "<?php echo $event['name']?>" wurde erfolgreich gekauft!</p>
<h2><?= htmlspecialchars($event['name']) ?></h2> <a href="?controller=Welcome&do=showWelcome">Weiter</a>
<p><strong>Ticket-ID:</strong> #<?= $ticket_id ?></p>
<p><strong>Kaufdatum:</strong> <?= date('d.m.Y', strtotime($purchase_date)) ?></p>
<p><strong>Gültig bis:</strong> <?= date('d.m.Y', strtotime($valid_until)) ?></p>
<p><strong>Preis:</strong> <?= number_format($event['ticket_price'], 2, ',', '.') ?></p>
<p><strong>Datum:</strong> <?= date('d.m.Y', strtotime($event['start_date'])) ?> - <?= date('d.m.Y', strtotime($event['end_date'])) ?></p>
</div>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Ticket&do=showTickets" class="admin-btn">Meine Tickets anzeigen</a>
<br><br>
<a href="?controller=Event&do=showEvents">Zurück zu den Events</a>
</div>
<?php else: ?>
<div class="error-box">Fehler beim Anzeigen der Ticket-Details.</div>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Event&do=showEvents">Zurück zu den Events</a>
</div>
<?php endif; ?>
</div> </div>
</div>
<?php
include dirname(__DIR__).'/footer.phtml';
?>

48
Views/Ticket/showBuyTicketForm.phtml
View File

@@ -1,48 +0,0 @@
<div class="inhalt">
<div class="form-container">
<h1>Ticket kaufen</h1>
<?php if (isset($event)): ?>
<div class="event-details">
<h2><?= htmlspecialchars($event['name']) ?></h2>
<p><strong>Beschreibung:</strong> <?= nl2br(htmlspecialchars($event['description'])) ?></p>
<p><strong>Datum:</strong> <?= date('d.m.Y', strtotime($event['start_date'])) ?> - <?= date('d.m.Y', strtotime($event['end_date'])) ?></p>
<p><strong>Preis:</strong> <?= number_format($event['ticket_price'], 2, ',', '.') ?></p>
<p><strong>Max. Tickets:</strong> <?= (int) $event['max_tickets'] ?></p>
</div>
<?php if ($hasTicket): ?>
<div class="status-box">
<p>Sie haben bereits ein Ticket für dieses Event gekauft.</p>
<a href="?controller=Ticket&do=showTickets" class="admin-btn">Meine Tickets anzeigen</a>
</div>
<?php else: ?>
<form class="form-horizontal" action="index.php" method="post">
<input type="hidden" name="controller" value="Ticket">
<input type="hidden" name="do" value="buyTicket">
<input type="hidden" name="event_id" value="<?= $event['event_id'] ?>">
<p>Möchten Sie ein Ticket für dieses Event kaufen?</p>
<p><strong>Preis:</strong> <?= number_format($event['ticket_price'], 2, ',', '.') ?></p>
<button class="button-login" type="submit">Jetzt kaufen</button>
</form>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Event&do=showEvents">Zurück zu den Events</a>
</div>
<?php endif; ?>
<?php else: ?>
<div class="error-box">Event nicht gefunden.</div>
<div style="text-align:center; margin-top: 1.5em;">
<a href="?controller=Event&do=showEvents">Zurück zu den Events</a>
</div>
<?php endif; ?>
</div>
</div>
<?php if (isset($redirect)): ?>
<script>
window.location.href = '<?= $redirect ?>';
</script>
<?php endif; ?>

53
Views/Tickets/showTickets.phtml
View File

@@ -1,53 +0,0 @@
<div class="inhalt">
<div class="content-container">
<div class="event-header">
<h2>Meine Tickets</h2>
</div>
<?php if (!empty($tickets)): ?>
<div class="event-container-inhalt">
<table>
<thead>
<tr>
<th>Event</th>
<th>Datum</th>
<th>Standort</th>
<th>Preis</th>
<th>Kaufdatum</th>
<th>Gültig bis</th>
<th>Aktionen</th>
</tr>
</thead>
<tbody>
<?php foreach ($tickets as $ticket): ?>
<tr>
<td><?= htmlspecialchars($ticket['event_name']) ?></td>
<td><?= date('d.m.Y', strtotime($ticket['start_date'])) ?> - <?= date('d.m.Y', strtotime($ticket['end_date'])) ?></td>
<td><?= htmlspecialchars($ticket['location_street'] . ' ' . $ticket['location_house_number'] . ', ' . $ticket['location_city']) ?></td>
<td><?= number_format($ticket['ticket_price'], 2, ',', '.') ?></td>
<td><?= date('d.m.Y', strtotime($ticket['purchase_date'])) ?></td>
<td><?= date('d.m.Y', strtotime($ticket['valid_until'])) ?></td>
<td>
<a href="?controller=Ticket&do=deleteTicket&ticket_id=<?= $ticket['ticket_id'] ?>"
class="admin-btn"
onclick="return confirm('Ticket wirklich löschen?')">Löschen</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php else: ?>
<div class="status-box">
<p>Sie haben noch keine Tickets gekauft.</p>
<a href="?controller=Event&do=showEvents" class="admin-btn">Events anzeigen</a>
</div>
<?php endif; ?>
</div>
</div>
<?php if (isset($redirect)): ?>
<script>
window.location.href = '<?= $redirect ?>';
</script>
<?php endif; ?>

45
Views/header.phtml
View File

@@ -1,43 +1,20 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="HTML-5"> <html lang="de">
<head> <head>
<title>VR Contact</title> <title>VR Contact</title>
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="CSS/style.css" rel="stylesheet" type="text/css" /> <link href="/bibarts/CSS/style.css" rel="stylesheet" type="text/css" />
</head> </head>
<body> <body>
<nav id="navigation"> <div id="wrapper">
<div class="link-container"> <nav id="navigation">
<div id="logo" ><a class="link-logo" href="#"></a></div> <div class="link-container">
<button id="nav-toggle-btn" aria-label="Menü ein-/ausklappen">&#9660;</button> <div id="logo" ><a class="link-logo" href="#"></a></div>
<div class="nav-links"> <a id="link-tickets" class="links" href="#">Tickets</a>
<?php if (isset($_SESSION['user'])): ?> <a id="link-infos" class="links" href="?controller=Welcome&do=showWelcome">Infos</a>
<a id="link-tickets" class="links" href="?controller=Event&do=showEvents">Event</a> <a id="link-profil" class="links" href="?controller=Contact&do=showContactForm">Profil</a>
<a id="link-infos" class="links" href="?controller=News&do=showNews">Infos</a>
<a id="link-tickets" class="links" href="?controller=Tickets&do=showTickets">Tickets</a>
<?php if (isset($_SESSION['is_admin']) && $_SESSION['is_admin']): ?>
<a id="link-gutscheinverwaltung" class="links" href="?controller=Gutschein&do=adminVerwaltung">Gutscheine</a>
<?php endif; ?>
<a id="link-logout" class="links" href="?controller=Auth&do=logout">Logout</a>
<?php else: ?>
<a id="link-login" class="links" href="?controller=Auth&do=showLoginForm">Login</a>
<a id="link-register" class="links" href="?controller=Auth&do=showRegistrationForm">Register</a>
<?php endif; ?>
<div id="profile-picture"></div> <div id="profile-picture"></div>
</div> </div>
</div> </nav>
</nav> </div>
<script>
document.addEventListener('DOMContentLoaded', function() {
var btn = document.getElementById('nav-toggle-btn');
var links = document.querySelector('.nav-links');
if (btn && links) {
btn.addEventListener('click', function() {
links.classList.toggle('open');
btn.classList.toggle('open');
btn.innerHTML = links.classList.contains('open') ? '&#9650;' : '&#9660;';
});
}
});
</script>

159
bibarts.sql
View File

@@ -3,129 +3,142 @@ SET time_zone = "+00:00";
-- -------------------------------------------------------- -- --------------------------------------------------------
CREATE TABLE user ( CREATE TABLE User (
user_id INT AUTO_INCREMENT PRIMARY KEY, userid INT AUTO_INCREMENT PRIMARY KEY,
first_name VARCHAR(50), vorname VARCHAR(50),
last_name VARCHAR(50), nachname VARCHAR(50),
street VARCHAR(100), strasse VARCHAR(100),
house_number VARCHAR(10), hausnr VARCHAR(10),
postal_code VARCHAR(10), postleitzahl VARCHAR(10),
city VARCHAR(50), ort VARCHAR(50),
country VARCHAR(50), land VARCHAR(50),
phone VARCHAR(20), tel VARCHAR(20),
email VARCHAR(100) UNIQUE, email VARCHAR(100) UNIQUE,
is_admin BOOLEAN DEFAULT FALSE, isAdmin BOOLEAN DEFAULT FALSE,
valid_until DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00',
password VARCHAR(255) password VARCHAR(255)
); );
CREATE TABLE location ( CREATE TABLE Standort (
location_id INT AUTO_INCREMENT PRIMARY KEY, standortid INT AUTO_INCREMENT PRIMARY KEY,
street VARCHAR(100), strasse VARCHAR(100),
house_number VARCHAR(10), hausnr VARCHAR(10),
postal_code VARCHAR(10), plz VARCHAR(10),
city VARCHAR(50), ort VARCHAR(50),
country VARCHAR(50), land VARCHAR(50),
phone VARCHAR(20), tel VARCHAR(20),
email VARCHAR(100) email VARCHAR(100)
); );
CREATE TABLE event ( CREATE TABLE Ausstellung (
event_id INT AUTO_INCREMENT PRIMARY KEY, austellungid INT AUTO_INCREMENT PRIMARY KEY,
location_id INT, standortid INT,
start_date DATE, datum_von DATE,
end_date DATE, datum_bis DATE,
name VARCHAR(100), name VARCHAR(100),
description TEXT, beschreibung TEXT,
max_tickets INT, max_tickets INT,
ticket_price DECIMAL(5,2), FOREIGN KEY (standortid) REFERENCES Standort(standortid)
FOREIGN KEY (location_id) REFERENCES location(location_id)
); );
CREATE TABLE ticket ( CREATE TABLE Ticket (
ticket_id INT AUTO_INCREMENT PRIMARY KEY, ticketid INT AUTO_INCREMENT PRIMARY KEY,
user_id INT, userid INT,
event_id INT, ausstellungid INT,
purchase_date DATE, kaufdatum DATE,
valid_until DATE, gueltigkeit DATE,
FOREIGN KEY (user_id) REFERENCES user(user_id), preis DECIMAL(10,2),
FOREIGN KEY (event_id) REFERENCES event(event_id) FOREIGN KEY (userid) REFERENCES User(userid),
FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
); );
CREATE TABLE voucher ( CREATE TABLE Gutschein (
voucher_id INT AUTO_INCREMENT PRIMARY KEY, gutscheinid INT AUTO_INCREMENT PRIMARY KEY,
code VARCHAR(50) UNIQUE, code VARCHAR(50) UNIQUE,
discount INT CHECK (discount BETWEEN 0 AND 100), rabatt INT CHECK (rabatt BETWEEN 0 AND 100),
event_id INT, ausstellungid INT,
valid_until DATE, gueltigkeit DATE,
FOREIGN KEY (event_id) REFERENCES event(event_id) FOREIGN KEY (ausstellungid) REFERENCES Ausstellung(austellungid)
); );
CREATE TABLE news ( CREATE TABLE News (
news_id INT AUTO_INCREMENT PRIMARY KEY, newsid INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100), name VARCHAR(100),
description TEXT, beschreibung TEXT,
date DATE datum DATE
); );
-- User-Daten (Passwort: passwort123) -- User-Daten
INSERT INTO user (first_name, last_name, street, house_number, postal_code, city, country, phone, email, is_admin, password) INSERT INTO User (vorname, nachname, strasse, hausnr, postleitzahl, ort, land, tel, email, isAdmin, password)
VALUES VALUES
('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, '$2y$10$VAj.C0XHPUxV4oXS6b79aumlg5fBMPPx5FPqgkQSIQeBLh0WtYmKy'), ('Max', 'Muster', 'Musterstraße', '1', '12345', 'Musterstadt', 'Deutschland', '0123456789', 'max@muster.de', FALSE, 'passwort123'),
('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, '$2y$10$cnPBpkvLbdpDxzYvxlQg9uVp5y8ggr2SWL8NAMg9zk.3QnnEl.MGq'); ('Anna', 'Beispiel', 'Beispielweg', '5a', '54321', 'Beispielstadt', 'Deutschland', '0987654321', 'anna@beispiel.de', TRUE, 'adminpass');
-- Standort-Daten -- Standort-Daten
INSERT INTO location (street, house_number, postal_code, city, country, phone, email) INSERT INTO Standort (strasse, hausnr, plz, ort, land, tel, email)
VALUES VALUES
('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'), ('Galeriestraße', '10', '10115', 'Berlin', 'Deutschland', '030123456', 'kontakt@galerie-berlin.de'),
('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de'); ('Kunstallee', '22b', '50667', 'Köln', 'Deutschland', '0221123456', 'info@kunst-koeln.de');
-- Ausstellung-Daten -- Ausstellung-Daten
INSERT INTO event (location_id, start_date, end_date, name, description, max_tickets, ticket_price) INSERT INTO Ausstellung (standortid, datum_von, datum_bis, name, beschreibung, max_tickets)
VALUES VALUES
(1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200, 19.99), (1, '2025-07-01', '2025-08-31', 'Moderne Meisterwerke', 'Eine Sammlung moderner Kunstwerke aus Europa.', 200),
(2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150, 39.99); (2, '2025-09-10', '2025-10-20', 'Kunst der Antike', 'Ausstellung antiker Skulpturen und Gemälde.', 150);
-- Gutschein-Daten -- Gutschein-Daten (Spaltennamen korrigiert)
INSERT INTO voucher (code, discount, event_id, valid_until) INSERT INTO Gutschein (code, rabatt, ausstellungid, gueltigkeit)
VALUES VALUES
('SOMMER2025', 15, 1, '2025-08-31'), ('SOMMER2025', 15, 1, '2025-08-31'),
('HERBST25', 25, 2, '2025-10-15'); ('HERBST25', 25, 2, '2025-10-15');
-- Ticket-Daten -- Ticket-Daten (Spaltennamen korrigiert)
INSERT INTO ticket (user_id, event_id, purchase_date, valid_until) INSERT INTO Ticket (userid, ausstellungid, kaufdatum, gueltigkeit, preis)
VALUES VALUES
(1, 1, '2025-06-01', '2025-07-15'), (1, 1, '2025-06-01', '2025-07-15', 12.50),
(2, 2, '2025-06-05', '2025-09-15'); (2, 2, '2025-06-05', '2025-09-15', 10.00);
-- News-Daten -- News-Daten
INSERT INTO news (name, description, date) INSERT INTO News (name, beschreibung, datum)
VALUES VALUES
('Branchen-News: bibarts schließt strategische Partnerschaft mit regionalen Veranstaltern', 'Die aufstrebende Ticketplattform bibarts hat heute eine Partnerschaft mit mehreren regionalen Veranstaltungsagenturen in Süddeutschland bekannt gegeben. Ziel der Zusammenarbeit ist die gemeinsame Digitalisierung lokaler Events und die Vereinfachung des Ticketverkaufsprozesses für kleinere Veranstalter. ('Neuer Standort eröffnet', 'Unsere Galerie in Köln ist jetzt geöffnet!', '2025-06-01'),
('Frühbucher-Rabatt', 'Sichern Sie sich jetzt 15% Rabatt auf unsere Sommerausstellung.', '2025-05-20');
„Viele unserer Kunden sind Künstlerkollektive, Kulturvereine oder Betreiber kleiner Bühnen für sie war der Einstieg in den digitalen Ticketverkauf bisher kompliziert oder zu teuer,“ erklärt der Vertriebsleiter von bibarts. --Änderungen:
Durch die Partnerschaft erhalten Veranstalter Zugang zu einem vereinfachten Onboarding-System, einer automatisierten Veranstaltungsverwaltung und einem integrierten Zahlungssystem. bibarts stellt zudem eigene Event-Widgets bereit, die direkt in bestehende Websites eingebettet werden können. ALTER TABLE austellung
ADD preis decimal NOT NULL
Die ersten Live-Tests starten im Juli auf Veranstaltungen in Augsburg, Regensburg und Rosenheim. Bei Erfolg soll das Modell bundesweit ausgerollt werden. Marktanalysten sehen in bibarts einen ernstzunehmenden Konkurrenten für etablierte Anbieter wie Eventim oder Reservix vor allem im Bereich Nischen- und Indie-Veranstaltungen.', '2025-06-01'), ALTER TABLE ticket
('bibarts bringts: Neue Ticketplattform sorgt für Chaos auf der Poetry-Slam-Bühne aber im besten Sinne', '„Niemand hat damit gerechnet, dass Poetry & Pizza Vol. 7 restlos ausverkauft sein würde außer vielleicht bibarts.“ So beschreibt der Veranstalter des beliebten Slam-Formats in Hamburg-Altona die Überraschung des Abends. DROP COLUMN preis
Dank der neuen Ticketplattform bibarts, die laut Insidern „selbst mit einem Toaster kompatibel“ sei, wurden innerhalb von 48 Stunden über 300 Tickets verkauft komplett online, ohne Papierkram, ohne Warteschlangen.
Doch die größte Überraschung: Die Slammer wurden beim Einlass mit QR-Codes auf Bananen begrüßt ein kreatives Gimmick von bibarts Entwicklerteam, das einen Testlauf für „alternative Ticketträger“ durchführt. Laut Veranstalter kamen fast 30 Gäste mit beschrifteten Bananen zum Einlass der Scanner erkannte alle korrekt. 🍌✅ ALTER TABLE user
MODIFY COLUMN userid INT NOT NULL AUTO_INCREMENT;
„Wenn Technik und Kultur auf diese Weise verschmelzen, haben wir etwas richtig gemacht,“ scherzte ein Sprecher von bibarts nach der Show. Auch wenn die Banane wohl kein langfristiges Ticketmedium wird, sei der Abend ein voller Erfolg gewesen sowohl auf als auch vor der Bühne.', '2025-05-20'), ALTER TABLE ticket
('bibarts launcht Wartelistenfunktion und füllt plötzlich leergebliebene Reihen', 'Mit einem neuen Feature sorgt bibarts erneut für Schlagzeilen: Die Plattform hat kürzlich eine intelligente Wartelistenfunktion eingeführt, die automatisch frei gewordene Plätze an Interessierte nachbesetzt ein Gamechanger für spontane Events und kurzfristige Absagen. MODIFY COLUMN ticketid INT NOT NULL AUTO_INCREMENT;
Beim ersten Einsatz bei einem Impro-Theater in Köln meldeten sich über 40 Personen für die Warteliste. Als drei Gruppen krankheitsbedingt absagen mussten, sprang das System ein und verschickte automatisch neue Tickets an Wartende. Innerhalb von 15 Minuten waren die Plätze wieder gefüllt. ALTER TABLE standort
MODIFY COLUMN standortid INT NOT NULL AUTO_INCREMENT;
„Wir konnten dadurch die Show vor vollem Haus spielen ohne Einnahmeverluste“, sagt die Theaterleitung. Das Feature basiert auf einem Prioritätssystem, das Fairness und Schnelligkeit kombiniert und sogar per SMS benachrichtigt. ALTER TABLE news
MODIFY COLUMN newsid INT NOT NULL AUTO_INCREMENT;
bibarts plant, die Funktion in Zukunft noch zu erweitern etwa mit Echtzeit-Übersicht für Veranstalter oder integrierter Last-Minute-Werbung.', '2025-06-20'); ALTER TABLE gutschein
MODIFY COLUMN gutscheinid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE ausstellung
MODIFY COLUMN austellungid INT NOT NULL AUTO_INCREMENT;
ALTER TABLE user
MODIFY COLUMN isAdmin BOOLEAN DEFAULT FALSE;
ALTER TABLE user
ADD validUntil DATETIME NOT NULL DEFAULT '3025-01-01 00:00:00';

77
index.php
View File

@@ -1,48 +1,45 @@
<?php <?php
session_start();
include 'Views/header.phtml';
?>
<?php
spl_autoload_register(function ($className) {
if (substr($className, 0, 5) !== 'Blog\\') {
// not our business
return;
}
$fileName = __DIR__.'/'.str_replace('\\', DIRECTORY_SEPARATOR, substr($className, 5)).'.php'; session_start();;;
if (file_exists($fileName)) { spl_autoload_register(function ($className) {
include $fileName; if (substr($className, 0, 5) !== 'Blog\\') {
} // not our business
}); return;
$controllerName = "";
$doMethodName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Welcome";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showWelcome";
} else {
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Welcome";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showWelcome";
} }
$controllerClassName = 'Blog\\Controller\\'.ucfirst($controllerName).'Controller'; $fileName = __DIR__.'/'.str_replace('\\', DIRECTORY_SEPARATOR, substr($className, 5)).'.php';
if (method_exists($controllerClassName, $doMethodName)) { if (file_exists($fileName)) {
$view = new \Blog\Library\View(__DIR__.DIRECTORY_SEPARATOR.'Views' include $fileName;
, ucfirst($controllerName), $doMethodName);
$controller = new $controllerClassName($view);
$controller->$doMethodName();
$view->render();
} else {
new \Blog\Library\ErrorMsg('Page not found: '.$controllerClassName.'::'.$doMethodName);
} }
?> });
<?php
include 'Views/footer.phtml';
$controllerName = "";
$doMethodName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$controllerName = isset($_POST['controller']) && $_POST['controller'] ? $_POST['controller'] : "Welcome";
$doMethodName = isset($_POST['do']) && $_POST['do'] ? $_POST['do'] : "showWelcome";
} else {
$controllerName = isset($_GET['controller']) && $_GET['controller'] ? $_GET['controller'] : "Welcome";
$doMethodName = isset($_GET['do']) && $_GET['do'] ? $_GET['do'] : "showWelcome";
}
$controllerClassName = 'Blog\\Controller\\'.ucfirst($controllerName).'Controller';
if (method_exists($controllerClassName, $doMethodName)) {
$view = new \Blog\Library\View(__DIR__.DIRECTORY_SEPARATOR.'Views'
, ucfirst($controllerName), $doMethodName);
$controller = new $controllerClassName($view);
$controller->$doMethodName();
$view->render();
} else {
new \Blog\Library\ErrorMsg('Page not found: '.$controllerClassName.'::'.$doMethodName);
}
?> ?>