Finished first draft of the system.

2020-03-09 18:09:41 +00:00 · 2020-03-09 18:09:41 +00:00 · fc92b80938
commit fc92b80938
parent 8381eeb3aa
8 changed files with 64 additions and 6 deletions
--- a/html/index.php
+++ b/html/index.php
@ -7,14 +7,22 @@ ob_start();
 $url = $_SERVER['REQUEST_URI'];
 $url = preg_replace('/\?.+\=.+/m', '', $url);
-if ($url === '/') {
+if ($url === '/' && !isAuthorized()) {
    include __DIR__ . '/../templates/index.html.php';
-} elseif ($url === '/login' && $_SERVER['REQUEST_METHOD'] === "GET") {
+} elseif ($url === '/' && isAuthorized()) {
    header('Location: /dashboard');
 } elseif ($url === '/login' && $_SERVER['REQUEST_METHOD'] === "GET" && !isAuthorized()) {
    include __DIR__ . '/../templates/login.html.php';
 } elseif ($url === '/login' && $_SERVER['REQUEST_METHOD'] === "GET" && isAuthorized()) {
    header('Location: /dashboard');
 } elseif ($url === '/login' && $_SERVER['REQUEST_METHOD'] === "POST") {
    include __DIR__ . '/../php/login.php';
 } elseif ($url === '/update' && $_SERVER['REQUEST_METHOD'] === "POST" && isAuthorized()) {
    include __DIR__ . '/../php/update.php';
 } elseif ($url === '/dashboard' && isAuthorized()) {
    include __DIR__ . '/../templates/dashboard.html.php';
 } elseif ($url === '/logout') {
    include __DIR__ . '/../php/logout.php';
 }
 $output = ob_get_clean();
--- a/php/auth.php
+++ b/php/auth.php
@ -4,7 +4,7 @@ session_start();
 function isAuthorized() {
-  require 'conn.php';
+  require __DIR__ . '/conn.php';
  $result = $conn->query("SELECT * FROM docenten WHERE username = '" . $_SESSION["username"] . "' AND password = '" . $_SESSION["password"] . "'");
--- a/php/dashboard.php
+++ b/php/dashboard.php
@ -7,3 +7,11 @@ require 'conn.php';
 $result = $conn->query("SELECT * FROM docenten WHERE username = '" . $_SESSION['username'] . "';");
 $docent = $result->fetch_assoc();
 if (isset($_GET['date'])) {
  $date = date("Y-m-d", strtotime($_GET['date']));
 } else {
  $date = date("Y-m-d"); // Create date in mysql DATE format.
 }
 $rooster = $conn->query("SELECT * FROM rooster WHERE docent = " . $docent['id'] . " AND dag = DATE('" . $date . "')")->fetch_assoc();
--- a/php/logout.php
+++ b/php/logout.php
@ -0,0 +1,7 @@
 <?php
 session_start();
 session_destroy();
 header('Location: /');
--- a/php/update.php
+++ b/php/update.php
@ -0,0 +1,15 @@
 <?php
 if (isset($_POST["opmerking"]) && isset($_POST["locatie"]) && isset($_GET["date"]) && isset($_GET['docent'])) {
  require 'conn.php';
  $result = $conn->query("SELECT * FROM rooster WHERE dag = DATE('" . $_GET["date"] . "') AND docent = " . $_GET['docent'] .";");
  if ($result->num_rows === 0) {
    $conn->query("INSERT INTO rooster (dag, docent, opmerking, locatie) VALUES (DATE('" . $_GET['date'] . "'), " . $_GET['docent'] . ", '" . $_POST['opmerking'] . "', " . $_POST['locatie'] . ");");
  } else {
    $conn->query("UPDATE rooster SET opmerking = '" . $_POST["opmerking"] . "', locatie = " . $_POST["locatie"] . " WHERE docent = " . $_GET['docent'] . " AND dag = DATE('" . $_GET['date'] . "');");
  }
 }
 header('Location: /dashboard');
--- a/templates/dashboard.html.php
+++ b/templates/dashboard.html.php
@ -1,2 +1,19 @@
 <?php require __DIR__ . '/../php/dashboard.php' ?>
 Welkom <?=$docent['naam']?>
 <h1>Gymrooster voor <?=date("D d M Y", strtotime($date))?></h1>
 <a href="/dashboard?date=<?=date("Y-m-d", strtotime("-1 day", strtotime($date)))?>">Dag eerder</a>
 <a href="/dashboard?date=<?=date("Y-m-d", strtotime("+1 day", strtotime($date)))?>">Dag later</a>
 <form action="update?date=<?=$date?>&docent=<?=$docent['id']?>" method="post">
  <textarea name="opmerking" placeholder="Opmerkingen"><?=$rooster['opmerking']?></textarea><br>
  <select name="locatie">
  <?php if ($rooster['locatie'] === "1"): ?>
    <option value="1">Binnen</option>
    <option value="2">Buiten</option>
  <?php else: ?>
    <option value="2">Buiten</option>
    <option value="1">Binnen</option>
  <?php endif; ?>
  </select><br>
  <input type="submit" value="Verzenden">
 </form>
--- a/templates/layout.html.php
+++ b/templates/layout.html.php
@ -10,7 +10,11 @@
    <nav>
        <!-- Topnav -->
        <a href="/"><img src="/res/HLC.svg"></a>
-        <a href="/login">Login</a>
+        <?php if (isAuthorized()): ?>
            <a href="/logout">Log uit</a>
        <?php else: ?>
            <a href="/login">Login</a>
        <?php endif; ?>
    </nav>
    <main>
--- a/templates/login.html.php
+++ b/templates/login.html.php
@ -1,4 +1,3 @@
 <!-- Login screen -->
 <div class="loginContainer">
    <form action="/login" method="post">
        <h1>Login</h1>