Überarbeitete Version der 1. Version. Es bestehen noch grosse Feher in einzelnen Skripten.
This commit is contained in:
Fabio Herzig
@@ -1,94 +0,0 @@
|
||||
<?php
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https://" : "http://";
|
||||
$domain = $_SERVER['HTTP_HOST'];
|
||||
|
||||
$url = $protocol . $domain;
|
||||
|
||||
if ((isset($_POST['prev_abt'])) && !empty($_POST['prev_abt_submit'])) {
|
||||
$value = get_option('wk_panel_current_abt', 1);
|
||||
if ($value > 1){
|
||||
$value -= 1;
|
||||
update_option('wk_panel_current_abt', $value);
|
||||
}
|
||||
|
||||
header("Location: ".$url."/intern/kampfrichter".$_SERVER['REQUEST_URI']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ((isset($_POST['next_abt'])) && !empty($_POST['next_abt_submit'])) {
|
||||
$value = get_option('wk_panel_current_abt', 1);
|
||||
$maxvalue = $wpdb->get_var( "SELECT abteilung FROM $table_name ORDER BY abteilung DESC LIMIT 1" );
|
||||
|
||||
if ($value < $maxvalue){
|
||||
$value += 1;
|
||||
update_option('wk_panel_current_abt', $value);
|
||||
}
|
||||
header("Location: ".$url."/intern/kampfrichter".$_SERVER['REQUEST_URI']);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
if (!isset($_SESSION['currentsubabt'])){
|
||||
$_SESSION['currentsubabt'] = 0;
|
||||
}
|
||||
|
||||
if (!isset($_SESSION['last_abt'])){
|
||||
$_SESSION['last_abt'] = get_option('wk_panel_current_abt', 1);
|
||||
}
|
||||
|
||||
if ($_SESSION['last_abt'] !== get_option('wk_panel_current_abt', 1)){
|
||||
$_SESSION['currentsubabt'] = 0;
|
||||
$_SESSION['last_abt'] = get_option('wk_panel_current_abt', 1);
|
||||
}
|
||||
|
||||
if ((isset($_POST['prev_subabt'])) && !empty($_POST['prev_subabt_submit'])) {
|
||||
$value = $_SESSION['currentsubabt'];
|
||||
if ($value > 0){
|
||||
$_SESSION['currentsubabt']--;
|
||||
$_SESSION['last_abt'] = get_option('wk_panel_current_abt', 1);
|
||||
}
|
||||
header("Location: ".$url."/intern/kampfrichter");
|
||||
exit;
|
||||
}
|
||||
if ((isset($_POST['next_subabt'])) && !empty($_POST['next_subabt_submit'])) {
|
||||
|
||||
$value = $_SESSION['currentsubabt'];
|
||||
|
||||
if ($value < 4){
|
||||
$_SESSION['currentsubabt']++;
|
||||
$_SESSION['last_abt'] = get_option('wk_panel_current_abt', 1);
|
||||
}
|
||||
header("Location: ".$url."/intern/kampfrichter");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (
|
||||
isset($_POST['togle_advanced_mode']) &&
|
||||
!empty($_POST['togle_advanced_mode_submit']) &&
|
||||
check_admin_referer('toggle_advanced_mode_action', 'toggle_advanced_mode_nonce')
|
||||
) {
|
||||
$current_value = get_option('option_advanced_mode', false);
|
||||
$new_value = !$current_value;
|
||||
update_option('option_advanced_mode', $new_value);
|
||||
|
||||
hheader("Location: ".$url."/intern/kampfrichter".$_SERVER['REQUEST_URI']);
|
||||
exit;
|
||||
}
|
||||
if (
|
||||
isset($_POST['togle_advanced_mode_admin']) &&
|
||||
!empty($_POST['togle_advanced_mode_admin_submit']) &&
|
||||
check_admin_referer('toggle_advanced_mode_admin_action', 'toggle_advanced_mode_admin_nonce')
|
||||
) {
|
||||
$current_value = get_option('option_advanced_mode_admin', false);
|
||||
$new_value = !$current_value;
|
||||
update_option('option_advanced_mode_admin', $new_value);
|
||||
|
||||
header("Location: ".$url."/intern/kampfrichter".$_SERVER['REQUEST_URI']);
|
||||
exit;
|
||||
}
|
||||
@@ -1,15 +1,18 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (
|
||||
!((isset($_SESSION['access_granted_wk_leitung']) && $_SESSION['access_granted_wk_leitung'] === true) ||
|
||||
(isset($_SESSION['access_granted_kampfrichter']) && $_SESSION['access_granted_kampfrichter'] === true))
|
||||
) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
verify_csrf();
|
||||
|
||||
check_multiple_allowed_permissions(['kampfrichter', 'wk_leitung']);
|
||||
|
||||
|
||||
if (!isset($_POST['access'])) {
|
||||
http_response_code(400);
|
||||
exit;
|
||||
@@ -17,8 +20,6 @@ if (!isset($_POST['access'])) {
|
||||
|
||||
$access = preg_replace("/[\W]/", "", trim($_POST['access']));
|
||||
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
require $baseDir . "/../scripts/websocket/ws-create-token.php";
|
||||
|
||||
$token = generateWSToken($access);
|
||||
|
||||
@@ -1,10 +1,15 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$new_value = $_POST['freigabe'] ?? '';
|
||||
|
||||
$type = $_POST['type'] ?? 'nan';
|
||||
@@ -12,22 +17,7 @@ $type = $_POST['type'] ?? 'nan';
|
||||
$allowedTypes = ['kampfrichter', 'trainer'];
|
||||
|
||||
if (in_array($type, $allowedTypes)) {
|
||||
|
||||
|
||||
$accessKey = "access_granted_" . $type;
|
||||
$idKey = "passcode" . $type . "_id";
|
||||
|
||||
// 3. Check if they have access
|
||||
$hasAccess = isset($_SESSION[$accessKey]) &&
|
||||
$_SESSION[$accessKey] === true &&
|
||||
!empty($_SESSION[$idKey]) &&
|
||||
$_SESSION[$idKey] > 0;
|
||||
|
||||
|
||||
if (!$hasAccess) {
|
||||
echo json_encode(['success' => false, 'message' => 'no permissions']);
|
||||
exit;
|
||||
}
|
||||
check_user_permission($type);
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'message' => 'no permissions']);
|
||||
exit;
|
||||
@@ -1,31 +1,20 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
$isTrainer =
|
||||
isset($_SESSION['access_granted_trainer'], $_SESSION['passcodetrainer_id']) &&
|
||||
$_SESSION['access_granted_trainer'] === true &&
|
||||
(int)$_SESSION['passcodetrainer_id'] > 0;
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
$isWkLeitung =
|
||||
isset($_SESSION['access_granted_wk_leitung'], $_SESSION['passcodewk_leitung_id']) &&
|
||||
$_SESSION['access_granted_wk_leitung'] === true &&
|
||||
(int)$_SESSION['passcodewk_leitung_id'] > 0;
|
||||
ini_wkvs_session();
|
||||
|
||||
if (!$isTrainer && !$isWkLeitung) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
check_multiple_allowed_permissions(['trainer', 'wk_leitung']);
|
||||
|
||||
verify_csrf();
|
||||
|
||||
// Allow large uploads and enough memory for GD processing
|
||||
ini_set('memory_limit', '256M');
|
||||
ini_set('max_execution_time', '120');
|
||||
|
||||
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
|
||||
if (!isset($_FILES['music_file']) || $_FILES['music_file']['error'] !== UPLOAD_ERR_OK) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
|
||||
@@ -1,10 +0,0 @@
|
||||
-- 1. Update the Noten table to include run_number
|
||||
-- NOTE: We also update the PRIMARY KEY to include this new column
|
||||
ALTER TABLE `a4b9577448d6_noten`
|
||||
ADD COLUMN `run_number` TINYINT(3) UNSIGNED NOT NULL DEFAULT 1 AFTER `jahr`,
|
||||
DROP PRIMARY KEY,
|
||||
ADD PRIMARY KEY (`person_id`, `note_bezeichnung_id`, `geraet_id`, `jahr`, `run_number`);
|
||||
|
||||
-- 2. Update the configuration table to support program-specific run counts
|
||||
ALTER TABLE `a4b9577448d6_noten_bezeichnungen`
|
||||
ADD COLUMN `anzahl_laeufe_json` TEXT NULL DEFAULT NULL AFTER `pro_geraet`;
|
||||
@@ -4,8 +4,17 @@ header('Content-Type: application/json');
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$type = isset($_GET['type']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_GET['type']) : '';
|
||||
$type = isset($_POST['type']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_POST['type']) : '';
|
||||
|
||||
$allowed_types = ['logo','scoring','ctext'];
|
||||
if (!in_array($type, $allowed_types)) {
|
||||
@@ -14,7 +23,7 @@ if (!in_array($type, $allowed_types)) {
|
||||
}
|
||||
|
||||
if ($type === 'ctext'){
|
||||
$ctext = isset($_GET['ctext']) ? $_GET['ctext'] : '';
|
||||
$ctext = isset($_POST['ctext']) ? $_POST['ctext'] : '';
|
||||
}
|
||||
|
||||
$folder = realpath($baseDir.'/displays/json');
|
||||
|
||||
4
www/intern/scripts/einstellungen/.user.ini
Normal file
4
www/intern/scripts/einstellungen/.user.ini
Normal file
@@ -0,0 +1,4 @@
|
||||
upload_max_filesize = 50M
|
||||
post_max_size = 55M
|
||||
max_execution_time = 120
|
||||
max_input_time = 120
|
||||
@@ -6,17 +6,18 @@ error_reporting(E_ALL);
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -1,20 +1,21 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -1,22 +1,21 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
ini_set("display_errors", 1);
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -20,16 +20,17 @@ $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
session_start();
|
||||
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
|
||||
// Only accept POST
|
||||
|
||||
@@ -2,26 +2,19 @@
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
ini_set('display_errors', 1);
|
||||
error_reporting(E_ALL);
|
||||
|
||||
session_start();
|
||||
|
||||
if (
|
||||
empty($_SESSION['access_granted_kampfrichter']) ||
|
||||
$_SESSION['access_granted_kampfrichter'] !== true ||
|
||||
empty($_SESSION['passcodekampfrichter_id']) ||
|
||||
intval($_SESSION['passcodekampfrichter_id']) < 1
|
||||
) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
|
||||
|
||||
if (!verify_csrf()) {
|
||||
echo json_encode(['success' => false, 'message' => 'Forbidden']);
|
||||
@@ -158,6 +151,14 @@ $notenConfig = $result->fetch_all(MYSQLI_ASSOC);
|
||||
|
||||
$stmt->close();
|
||||
|
||||
$displayIdNoteL = intval(db_get_var($mysqli, "SELECT `value` FROM $tableVar WHERE `name` = ?", ['displayIdNoteL'])) ?? 0;
|
||||
$displayIdNoteR = intval(db_get_var($mysqli, "SELECT `value` FROM $tableVar WHERE `name` = ?", ['displayIdNoteR'])) ?? 0;
|
||||
|
||||
if ($displayIdNoteL !== 0 && $displayIdNoteR !== 0) {
|
||||
$displayNoten = [$displayIdNoteR => 0, $displayIdNoteL => 0];
|
||||
}
|
||||
|
||||
|
||||
$noten = [];
|
||||
|
||||
$row = $dbresult[0];
|
||||
@@ -176,15 +177,25 @@ foreach ($disciplines as $d) {
|
||||
// Determine number of runs for this program
|
||||
$anzRunsConfig = !empty($snC['anzahl_laeufe_json']) ? json_decode($snC['anzahl_laeufe_json'], true) : [];
|
||||
|
||||
$runs = $anzRunsConfig[$programm_id] ?? $anzRunsConfig['default'] ?? 1;
|
||||
$runs = $anzRunsConfig[$d][$programm_id] ?? $anzRunsConfig['default'] ?? 1;
|
||||
|
||||
if (isset($displayNoten) && array_key_exists($snC['id'], $displayNoten)) {
|
||||
$displayNoten[$snC['id']] = $runs;
|
||||
}
|
||||
|
||||
for ($r = 1; $r <= $runs; $r++) {
|
||||
$value = $indexedNotenDB[$d][$snC['id']][$r] ?? $snC['default_value'] ?? 0;
|
||||
$noten[$d][$snC['id']][$r] = number_format($value, $snC['nullstellen'] ?? 2);
|
||||
$noten[$d][$r][$snC['id']] = number_format($value, $snC['nullstellen'] ?? 2);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$countBtn = 1;
|
||||
|
||||
if (isset($displayNoten)) {
|
||||
$countBtn = min($displayNoten);
|
||||
}
|
||||
|
||||
|
||||
$titel = $row['vorname'].' '.$row['name'].', '.$row['programm'];
|
||||
|
||||
@@ -305,7 +316,8 @@ if ($isAdmin) {
|
||||
'id' => $editId,
|
||||
'programm_id' => $programm_id,
|
||||
'titel' => $titel,
|
||||
'noten' => $noten
|
||||
'noten' => $noten,
|
||||
'countBtn' => $countBtn
|
||||
]);
|
||||
} else {
|
||||
echo json_encode([
|
||||
@@ -314,7 +326,8 @@ if ($isAdmin) {
|
||||
'programm_id' => $programm_id,
|
||||
'titel' => $titel,
|
||||
'noten' => $noten,
|
||||
'nturnerin' => $nturnerin
|
||||
'nturnerin' => $nturnerin,
|
||||
'countBtn' => $countBtn
|
||||
]);
|
||||
}
|
||||
|
||||
|
||||
@@ -8,16 +8,18 @@ ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);*/
|
||||
|
||||
// Start session if not already started
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) {
|
||||
session_start();
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
// Check access
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true ||
|
||||
empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
|
||||
// Validate POST input
|
||||
if (!isset($_POST['abteilung'])) {
|
||||
|
||||
@@ -2,24 +2,17 @@
|
||||
|
||||
use TCPDF;
|
||||
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
// Show all errors except deprecation notices (these come from vendor libraries
|
||||
// that aren't yet typed for newer PHP versions). Long-term fix: update
|
||||
// dependencies to versions compatible with your PHP runtime.
|
||||
error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
|
||||
|
||||
// Start session if not already started
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) {
|
||||
session_start();
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
// Check access
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true ||
|
||||
empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
// Validate POST input
|
||||
/*
|
||||
|
||||
@@ -1,19 +1,17 @@
|
||||
<?php
|
||||
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
// Show all errors except deprecation notices (these come from vendor libraries
|
||||
// that aren't yet typed for newer PHP versions). Long-term fix: update
|
||||
// dependencies to versions compatible with your PHP runtime.
|
||||
error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -26,8 +24,8 @@ if ($data['success'] === false){
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
||||
$discipline = isset($_GET['discipline']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_GET['discipline']) : '';
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
$discipline = isset($_POST['discipline']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_POST['discipline']) : '';
|
||||
|
||||
if ($discipline !== 'boden') {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid discipline']);
|
||||
|
||||
@@ -2,9 +2,17 @@
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$discipline = 'boden';
|
||||
|
||||
$folder = realpath($baseDir . '/displays/json');
|
||||
|
||||
@@ -2,21 +2,18 @@
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
ini_set('display_errors', '1');
|
||||
ini_set('display_startup_errors', '1');
|
||||
error_reporting(E_ALL);
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -1,21 +1,17 @@
|
||||
<?php
|
||||
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -120,6 +116,10 @@ try {
|
||||
|
||||
$geraete = db_select($mysqli, $tableGeraete, "id");
|
||||
|
||||
$programmName = db_get_var($mysqli, "SELECT `programm` FROM $tableTurnerinnen WHERE `id` = ?", [$person_id]);
|
||||
|
||||
$programmId = db_get_var($mysqli, "SELECT `id` FROM $tableProgramme WHERE `programm` = ?", [$programmName]);
|
||||
|
||||
// Alle Werte werden von der Datenbank geholt und werden, wenn nicht vorhanden, durch den Standartwert ersetzt.
|
||||
|
||||
$alleNoten = db_select($mysqli, $tableNotenBezeichnungen, "id, berechnung, default_value, nullstellen, pro_geraet, geraete_json, anzahl_laeufe_json");
|
||||
@@ -132,9 +132,20 @@ $ascArrayGeraeteJSON = array_column($alleNoten, 'geraete_json', 'id');
|
||||
$ascArrayAnzahlLaeufeJSON = array_column($alleNoten, 'anzahl_laeufe_json', 'id');
|
||||
$ascArrayRechnungen = array_column($alleNoten, 'berechnung', 'id');
|
||||
|
||||
|
||||
// $proGeraet = intval($calc['pro_geraet']) !== 1;
|
||||
|
||||
$mRunFunctions = [];
|
||||
|
||||
foreach ($abhaenigeRechnungen as $saRechnung) {
|
||||
$sRechnung = $ascArrayRechnungen[$saRechnung[0]] ?? 0;
|
||||
//var_dump($sRechnung);
|
||||
$mRunCalc = $notenRechner->checkRunFunctions($sRechnung) ?? false;
|
||||
|
||||
if ($mRunCalc) {
|
||||
$mRunFunctions[] = $saRechnung[0];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$indexedNotenArray = [];
|
||||
|
||||
@@ -158,22 +169,72 @@ foreach ($noten as $sn) {
|
||||
|
||||
$alleNotenIds = array_column($alleNoten, 'id') ?? [];
|
||||
|
||||
foreach ($indexedNotenArray as $sG => $siNA) {
|
||||
$existierendeNotenIds = array_keys($siNA) ?? [];
|
||||
|
||||
$nichtExistierendeNotenIds = array_diff($alleNotenIds, $existierendeNotenIds) ?? [];
|
||||
|
||||
foreach ($nichtExistierendeNotenIds as $neni) {
|
||||
if (!isset($ascArrayDefaultValues[$neni])) { continue; }
|
||||
if (intval($ascArrayProGeraet[$neni]) === 1 && intval($sG) === 0) { continue; }
|
||||
if (intval($ascArrayProGeraet[$neni]) !== 1 && (!is_array($ascArrayGeraeteJSON[$neni]) || !in_array($sG, $ascArrayGeraeteJSON[$neni]))) { continue; }
|
||||
|
||||
// For non-existent notes, we fill all runs with default value
|
||||
// We set Run 1 by default, and if more are configured, also those
|
||||
$indexedNotenArray[$sG][$neni][1] = $ascArrayDefaultValues[$neni];
|
||||
if (count($mRunFunctions) > 0) {
|
||||
foreach ($indexedNotenArray as $sG => $siNA) {
|
||||
|
||||
// Check for more runs in config? (Actually, this might be overkill for defaults,
|
||||
// but the calculator might need them)
|
||||
foreach ($alleNotenIds as $neni) { // Use $neni as the ID
|
||||
|
||||
// 1. Skip if no default value is defined
|
||||
if (!isset($ascArrayDefaultValues[$neni])) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// 2. Logic Check: Is this note assigned to this device?
|
||||
$isProGeraet = (int)($ascArrayProGeraet[$neni] ?? 0);
|
||||
|
||||
if ($isProGeraet === 1 && (int)$sG === 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($isProGeraet !== 1) {
|
||||
$allowedGeraete = $ascArrayGeraeteJSON[$neni] ?? [];
|
||||
if (!is_array($allowedGeraete) || !in_array($sG, $allowedGeraete)) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
$runs = $ascArrayAnzahlLaeufeJSON[$neni][$sG][$programmId] ?? $ascArrayAnzahlLaeufeJSON[$neni]["default"] ?? 1;
|
||||
|
||||
for ($r = 1; $r <= $runs; $r++) {
|
||||
if (isset($indexedNotenArray[$sG][$neni][$r])) {
|
||||
continue;
|
||||
}
|
||||
$indexedNotenArray[$sG][$neni][$r] = $ascArrayDefaultValues[$neni];
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
foreach ($indexedNotenArray as $sG => $siNA) {
|
||||
|
||||
foreach ($alleNotenIds as $neni) { // Use $neni as the ID
|
||||
|
||||
// 1. Skip if value already exists for this specific run
|
||||
if (isset($indexedNotenArray[$sG][$neni][$run_number])) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// 2. Skip if no default value is defined
|
||||
if (!isset($ascArrayDefaultValues[$neni])) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// 3. Logic Check: Is this note assigned to this device?
|
||||
$isProGeraet = (int)($ascArrayProGeraet[$neni] ?? 0);
|
||||
|
||||
if ($isProGeraet === 1 && (int)$sG === 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($isProGeraet !== 1) {
|
||||
$allowedGeraete = $ascArrayGeraeteJSON[$neni] ?? [];
|
||||
if (!is_array($allowedGeraete) || !in_array($sG, $allowedGeraete)) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
// 4. Assign the default value
|
||||
$indexedNotenArray[$sG][$neni][$run_number] = $ascArrayDefaultValues[$neni];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -181,44 +242,51 @@ foreach ($indexedNotenArray as $sG => $siNA) {
|
||||
$idsToSave = [];
|
||||
|
||||
foreach ($abhaenigeRechnungen as $sRechnung) {
|
||||
if ($sRechnung[1] !== "A" && intval($sRechnung[1]) !== $gereat_id) { continue; }
|
||||
|
||||
$rechnung = $ascArrayRechnungen[$sRechnung[0]] ?? null;
|
||||
|
||||
$gereadIdArrays = ($sRechnung[1] === "A") ? $gereat_id : $sRechnung[1];
|
||||
|
||||
$targetNoteId = $sRechnung[0];
|
||||
$isProGeraet = (intval($ascArrayProGeraet[$targetNoteId]) === 1);
|
||||
$rechnungType = $sRechnung[1];
|
||||
|
||||
// 1. Initial Filter
|
||||
if ($rechnungType !== "A" && intval($rechnungType) !== $gereat_id) continue;
|
||||
|
||||
$rechnung = $ascArrayRechnungen[$targetNoteId] ?? null;
|
||||
if ($rechnung === null) {
|
||||
echo json_encode(['success' => true, 'message' => "Fehler: Rechnung $targetNoteId nicht gefunden"]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// 2. Determine Target Device ID
|
||||
$isProGeraet = (intval($ascArrayProGeraet[$targetNoteId] ?? 0) === 1);
|
||||
$allowedGeraete = $ascArrayGeraeteJSON[$targetNoteId] ?? [];
|
||||
|
||||
if ($isProGeraet) {
|
||||
$gereadIdArrays = $gereat_id;
|
||||
} elseif (in_array($gereat_id, $allowedGeraete)) {
|
||||
$gereadIdArrays = $gereat_id;
|
||||
if ($rechnungType === "A" || $isProGeraet || in_array($gereat_id, $allowedGeraete)) {
|
||||
$targetGeraetKey = $gereat_id;
|
||||
} else {
|
||||
$gereadIdArrays = 0;
|
||||
$targetGeraetKey = 0;
|
||||
}
|
||||
|
||||
if ($rechnung === null) {
|
||||
echo json_encode(['success' => true, 'message' => "Wert aktualisiert, Fehler: Rechnung" . $sRechnung[0] . "nicht gefunden"]);
|
||||
|
||||
// 3. Calculation Logic
|
||||
$runsConfig = $ascArrayAnzahlLaeufeJSON[$targetNoteId] ?? [];
|
||||
$runs = $runsConfig[$gereat_id][$programmId] ?? $runsConfig["default"] ?? 1;
|
||||
|
||||
$acrun = min($runs, $run_number);
|
||||
|
||||
if (in_array($targetNoteId, $mRunFunctions)) {
|
||||
$calcResult = $notenRechner->berechneStringComplexRun($rechnung, $indexedNotenArray, $gereat_id, $programmId, $ascArrayAnzahlLaeufeJSON);
|
||||
} else {
|
||||
$calcResult = $notenRechner->berechneStringComplex($rechnung, $indexedNotenArray, $gereat_id, $acrun);
|
||||
}
|
||||
|
||||
if (!($calcResult['success'] ?? false)) {
|
||||
echo json_encode(['success' => true, 'message' => "Rechenfehler in $targetNoteId: " . ($calcResult['value'] ?? '')]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$calcResult = $notenRechner->berechneStringComplex($rechnung, $indexedNotenArray, $gereat_id);
|
||||
if ($calcResult['success'] !== true) {
|
||||
echo json_encode(['success' => true, 'message' => "Wert aktualisiert, Rechenfehler: " . ($calcResult['value'] ?? '')]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Update the local array (Always Run 1 for calculations for now, UNLESS we want calculated runs?)
|
||||
// Most calculations are "Total" points which have run_number = 1
|
||||
$indexedNotenArray[$gereadIdArrays][$sRechnung[0]][1] = $calcResult['value'];
|
||||
|
||||
// Track that this ID needs to be written to the database (Target run is 1)
|
||||
$updatedValues[$gereadIdArrays][$sRechnung[0]][1] = $calcResult['value'];
|
||||
// 4. Update State
|
||||
$val = $calcResult['value'];
|
||||
$indexedNotenArray[$targetGeraetKey][$targetNoteId][$acrun] = $val;
|
||||
$updatedValues[$targetGeraetKey][$targetNoteId][$acrun] = $val;
|
||||
}
|
||||
|
||||
|
||||
// Prepare the statement once
|
||||
$sql = "INSERT INTO $tableNoten (`value`, `person_id`, `note_bezeichnung_id`, `geraet_id`, `jahr`, `run_number`)
|
||||
VALUES (?, ?, ?, ?, ?, ?)
|
||||
|
||||
@@ -1,93 +0,0 @@
|
||||
<?php
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1 || !isset($_SESSION['selectedFreigabeKampfrichter']) || $_SESSION['selectedFreigabeKampfrichter'] !== 'admin') {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($data['success'] === false){
|
||||
echo json_encode(['success' => false, 'message' => $data['message']]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
$fieldType = isset($_POST['field_type']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_POST['field_type']) : '';
|
||||
$discipline = isset($_POST['discipline']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_POST['discipline']) : '';
|
||||
$value = isset($_POST['value']) ? floatval($_POST['value']) : 0;
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid ID']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($value) || floatval($value) < 0 || !isset($discipline) || $discipline === ''|| !isset($fieldType) || $fieldType === '') {
|
||||
http_response_code(422);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($discipline === 'all') {
|
||||
$column = $fieldType;
|
||||
} else {
|
||||
$column = $fieldType . ' ' . $discipline;
|
||||
}
|
||||
|
||||
$excluded_columns = [
|
||||
'id',
|
||||
'name',
|
||||
'vorname',
|
||||
'bezahlt',
|
||||
'bezahltoverride',
|
||||
'geburtsdatum',
|
||||
'programm',
|
||||
'verein',
|
||||
'bodenmusik'
|
||||
];
|
||||
|
||||
$sql = "SHOW COLUMNS FROM `$tableTurnerinnen`";
|
||||
$result = $mysqli->query($sql);
|
||||
|
||||
$all_columns = [];
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$all_columns[] = $row['Field'];
|
||||
}
|
||||
|
||||
$allowed_columns = array_values(
|
||||
array_diff($all_columns, $excluded_columns)
|
||||
);
|
||||
|
||||
|
||||
if (!in_array($column, $allowed_columns, true)) {
|
||||
http_response_code(422);
|
||||
exit;
|
||||
}
|
||||
|
||||
$stmt = $mysqli->prepare("UPDATE `$tableTurnerinnen` SET `$column` = ? WHERE id = ?");
|
||||
$stmt->bind_param("di", $value, $id);
|
||||
if (!$stmt->execute()) {
|
||||
http_response_code(500);
|
||||
exit;
|
||||
}
|
||||
$stmt->close();
|
||||
$mysqli->close();
|
||||
|
||||
http_response_code(200);
|
||||
echo json_encode([
|
||||
'success' => true,
|
||||
'message' => 'Updated successfully'
|
||||
]);
|
||||
exit;
|
||||
@@ -1,20 +1,23 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('kampfrichter');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = intval($_POST['personId']) ?? 0;
|
||||
$run = intval($_POST['run']) ?? 0;
|
||||
$geraetId = intval($_POST['geraetId']) ?? 0;
|
||||
$dataType = intval($_POST['dataType']) ?? 0;
|
||||
$jahr = isset($_POST['jahr']) ? preg_replace('/[^0-9]/', '', $_POST['jahr']) : '';
|
||||
$anfrageType = $_POST['type'] ?? '';
|
||||
|
||||
@@ -123,20 +126,28 @@ switch ($anfrageType) {
|
||||
$jsonData = json_encode($data);
|
||||
break;
|
||||
case "start":
|
||||
if (array_key_exists("start", $oldjson)) {
|
||||
$oldjson["start"] = true;
|
||||
|
||||
$jsonData = json_encode($oldjson);
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'message' => 'Turnerin nicht auf Display '.json_encode($oldjson).'; '.$jsonString]);
|
||||
if (!array_key_exists("id", $oldjson) || intval($oldjson["id"]) !== $id || !array_key_exists("start", $oldjson)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Person nicht auf Display!']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$oldjson["start"] = (bool) $dataType;
|
||||
|
||||
$jsonData = json_encode($oldjson);
|
||||
break;
|
||||
case "result":
|
||||
// 1. Get IDs and filter out empty values
|
||||
$noteLinksId = db_get_var($mysqli, "SELECT `value` FROM $tableVar WHERE `name` = ?", ['displayIdNoteL']);
|
||||
$noteRechtsId = db_get_var($mysqli, "SELECT `value` FROM $tableVar WHERE `name` = ?", ['displayIdNoteR']);
|
||||
|
||||
$stmt = $mysqli->prepare("UPDATE $tableNoten SET `is_public` = 1, `public_value` = `value` WHERE `person_id` = ? AND `jahr` = ? AND `geraet_id` = ? AND `run_number` = ?");
|
||||
|
||||
$stmt->bind_param("ssss", $id, $jahr, $geraetId, $run);
|
||||
|
||||
$stmt->execute();
|
||||
|
||||
$stmt->close();
|
||||
|
||||
// Create an array of IDs that actually exist
|
||||
$validIds = array_filter([$noteLinksId, $noteRechtsId]);
|
||||
|
||||
@@ -148,12 +159,12 @@ switch ($anfrageType) {
|
||||
$placeholders = implode(',', array_fill(0, count($validIds), '?'));
|
||||
|
||||
$sqlNoten = "SELECT `value`, `note_bezeichnung_id` FROM $tableNoten
|
||||
WHERE person_id = ? AND `jahr` = ? AND `geraet_id` = ?
|
||||
WHERE person_id = ? AND `jahr` = ? AND `geraet_id` = ? AND run_number = ?
|
||||
AND `note_bezeichnung_id` IN ($placeholders)";
|
||||
|
||||
$stmt = $mysqli->prepare($sqlNoten);
|
||||
// Combine standard params with our dynamic ID list
|
||||
$params = array_merge([$id, $jahr, $geraetId], $validIds);
|
||||
$params = array_merge([$id, $jahr, $geraetId, $run], $validIds);
|
||||
$types = str_repeat('s', count($params));
|
||||
$stmt->bind_param($types, ...$params);
|
||||
$stmt->execute();
|
||||
|
||||
@@ -1,115 +0,0 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($data['success'] === false){
|
||||
echo json_encode(['success' => false, 'message' => $data['message']]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
$discipline = isset($_POST['discipline']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_POST['discipline']) : '';
|
||||
|
||||
|
||||
$stmt = $mysqli->prepare("SELECT `name` FROM $tableGeraete ORDER BY start_index ASC");
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
http_response_code(500);
|
||||
exit;
|
||||
}
|
||||
|
||||
$result = $stmt->get_result();
|
||||
$allowed_disciplines = array_map(
|
||||
'strtolower',
|
||||
array_column($result->fetch_all(MYSQLI_ASSOC), 'name')
|
||||
);
|
||||
|
||||
$stmt->close();
|
||||
|
||||
if (!in_array($discipline, $allowed_disciplines)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid discipline']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid ID']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ---------- Step 2: Get values from DB ----------
|
||||
|
||||
$result = $mysqli->query("SELECT * FROM `$tableTurnerinnen` WHERE id = $id");
|
||||
$row = $result->fetch_assoc();
|
||||
if (!$row) {
|
||||
echo json_encode(['success' => false, 'message' => 'Row fetch failed']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$folder = realpath($baseDir . '/displays/json');
|
||||
if ($folder === false) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Could not find displays folder.'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$filename = 'display_' . $discipline . '.json';
|
||||
$filepath = $folder . '/' . $filename;
|
||||
|
||||
if (!is_writable($folder)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Folder not writable: ' . $folder]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$jsonString = file_get_contents($filepath);
|
||||
|
||||
// decode JSON, fallback to empty array if invalid
|
||||
$oldjson = json_decode($jsonString, true) ?? [];
|
||||
|
||||
|
||||
if (array_key_exists("note", $oldjson) && array_key_exists("dnote", $oldjson)) {
|
||||
$oldjson["note"] = (float)$row['note '.$discipline];
|
||||
$oldjson["dnote"] = (float)$row['d-note '.$discipline];
|
||||
} else {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'ERROR: JSON keys "note" or "dnote" do not exist'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$jsonData = json_encode($oldjson);
|
||||
|
||||
// Write file
|
||||
if (file_put_contents($filepath, $jsonData) === false) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Failed to write JSON file: ' . $filepath
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ---------- Return JSON ----------
|
||||
echo json_encode([
|
||||
'success' => true,
|
||||
'message' => 'JSON updated successfully for '.$discipline,
|
||||
]);
|
||||
exit;
|
||||
@@ -1,97 +0,0 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$discipline = isset($_GET['discipline']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_GET['discipline']) : '';
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($data['success'] === false){
|
||||
echo json_encode(['success' => false, 'message' => $data['message']]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
$stmt = $mysqli->prepare("SELECT `name` FROM $tableGeraete ORDER BY start_index ASC");
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
http_response_code(500);
|
||||
exit;
|
||||
}
|
||||
|
||||
$result = $stmt->get_result();
|
||||
$allowed_disciplines = array_map(
|
||||
'strtolower',
|
||||
array_column($result->fetch_all(MYSQLI_ASSOC), 'name')
|
||||
);
|
||||
|
||||
$stmt->close();
|
||||
|
||||
if (!in_array($discipline, $allowed_disciplines)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid discipline']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$folder = realpath($baseDir . '/displays/json');
|
||||
if ($folder === false) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Could not find displays folder.'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$filename = 'display_' . $discipline . '.json';
|
||||
$filepath = $folder . '/' . $filename;
|
||||
|
||||
if (!is_writable($folder)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Folder not writable']);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
$jsonString = file_get_contents($filepath);
|
||||
|
||||
// decode JSON, fallback to empty array if invalid
|
||||
$oldjson = json_decode($jsonString, true) ?? [];
|
||||
|
||||
if (array_key_exists("start", $oldjson)) {
|
||||
$oldjson["start"] = true;
|
||||
|
||||
$jsonData = json_encode($oldjson);
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'message' => 'Turnerin nicht auf Display '.json_encode($oldjson).'; '.$jsonString]);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
// Write file
|
||||
if (file_put_contents($filepath, $jsonData) === false) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Failed to write JSON file'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ---------- Return JSON ----------
|
||||
echo json_encode([
|
||||
'success' => true,
|
||||
'message' => 'JSON updated successfully for '.$discipline,
|
||||
'disable_start_button' => true
|
||||
]);
|
||||
exit;
|
||||
@@ -1,122 +0,0 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
session_start();
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($data['success'] === false){
|
||||
echo json_encode(['success' => false, 'message' => $data['message']]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
||||
$discipline = isset($_GET['discipline']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_GET['discipline']) : '';
|
||||
|
||||
$stmt = $mysqli->prepare("SELECT `name` FROM $tableGeraete ORDER BY start_index ASC");
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
http_response_code(500);
|
||||
exit;
|
||||
}
|
||||
|
||||
$result = $stmt->get_result();
|
||||
$allowed_disciplines = array_map(
|
||||
'strtolower',
|
||||
array_column($result->fetch_all(MYSQLI_ASSOC), 'name')
|
||||
);
|
||||
|
||||
$stmt->close();
|
||||
|
||||
if (!in_array($discipline, $allowed_disciplines)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid discipline']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid ID']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ---------- Step 2: Get values from DB ----------
|
||||
|
||||
$result = $mysqli->query("SELECT name, vorname, verein, programm FROM `$tableTurnerinnen` WHERE id = $id");
|
||||
$row = $result->fetch_assoc();
|
||||
if (!$row) {
|
||||
echo json_encode(['success' => false, 'message' => 'Row fetch failed']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$folder = realpath($baseDir . '/displays/json');
|
||||
if ($folder === false) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Could not find displays folder. Tried: ' . __DIR__ . '/../displays'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$filename = 'display_' . $discipline . '.json';
|
||||
$filepath = $folder . '/' . $filename;
|
||||
|
||||
if (!is_writable($folder)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Folder not writable: ' . $folder]);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (file_put_contents($filepath, $jsonData) === false) {
|
||||
echo json_encode(['success' => false, 'message' => 'Failed to write file: ' . $filepath]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$jsonString = file_get_contents($folder . $filename);
|
||||
|
||||
// decode JSON, fallback to empty array if invalid
|
||||
$oldjson = json_decode($jsonString, true) ?? [];
|
||||
|
||||
// safely get value, default 0 if missing
|
||||
$olduniqueid = $oldjson['uniqueid'] ?? 0;
|
||||
$uniqueid = $olduniqueid + 1;
|
||||
|
||||
$data = ["note" => 'nan',
|
||||
"dnote" => 'nan',
|
||||
"id" => $id,
|
||||
"name" => $row['name'],
|
||||
"vorname" => $row['vorname'],
|
||||
"programm" => $row['programm'],
|
||||
"verein" => $row['verein'],
|
||||
"start" => false,
|
||||
"musik" => 'nan',
|
||||
"uniqueid" => $uniqueid];
|
||||
$jsonData = json_encode($data);
|
||||
|
||||
|
||||
// Encode JSON with readable formatting
|
||||
$jsonData = json_encode($data);
|
||||
|
||||
// Write file
|
||||
if (file_put_contents($filepath, $jsonData) === false) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Failed to write JSON file: ' . $filepath
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ---------- Return JSON ----------
|
||||
echo json_encode([
|
||||
'success' => true,
|
||||
'message' => 'JSON updated successfully for '.$discipline,
|
||||
'disable_turnerin_button' => true,
|
||||
'enable_result_button' => true
|
||||
]);
|
||||
exit;
|
||||
@@ -1,160 +0,0 @@
|
||||
<?php
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
//ini_set('display_errors', 1);
|
||||
//ini_set('display_startup_errors', 1);
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
$type = 'kr';
|
||||
|
||||
$data = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($data['success'] === false){
|
||||
echo json_encode(['success' => false, 'message' => $data['message']]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
$noten = db_select($mysqli, $tableNotenBezeichnungen, "id, berechnung, type");
|
||||
|
||||
// 1. Re-index the array so the keys match the database IDs
|
||||
$notenById = array_column($noten, null, 'id');
|
||||
|
||||
$berechnungen = [];
|
||||
foreach ($notenById as $id => $sn) {
|
||||
if ($sn['type'] === 'berechnung') {
|
||||
$berechnungen[] = $sn;
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($berechnungen)) {
|
||||
echo json_encode(['success' => true, 'message' => "Keine Berechnungen ausgewählt"]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . "/../scripts/string-calculator/string-calculator-functions.php";
|
||||
$notenRechner = new NotenRechner();
|
||||
|
||||
// 1. Build the direct map
|
||||
// Format: [ Changed_Note_ID => [ "CalcId|GeraetId" => [CalcId, GeraetId] ] ]
|
||||
$dependencyMap = [];
|
||||
|
||||
foreach ($berechnungen as $calc) {
|
||||
$neededIdsArray = $notenRechner->getBenoetigteIdsComplex($calc['berechnung']);
|
||||
|
||||
if (empty($neededIdsArray)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$calcId = (int)$calc['id'];
|
||||
|
||||
foreach ($neededIdsArray as $needed) {
|
||||
$nId = (int)$needed['noteId'];
|
||||
|
||||
// Keep geraetId as integer if it's a number (e.g., 3), otherwise string ('S')
|
||||
$gId = is_numeric($needed['geraetId']) ? (int)$needed['geraetId'] : $needed['geraetId'];
|
||||
|
||||
// Create a unique string key so we don't store exact duplicates
|
||||
$nodeKey = $calcId . '|' . $gId;
|
||||
|
||||
if (!isset($dependencyMap[$nId])) {
|
||||
$dependencyMap[$nId] = [];
|
||||
}
|
||||
|
||||
// Store it as the "little array" you requested: [DependentCalcId, GeraetId]
|
||||
$dependencyMap[$nId][$nodeKey] = [$calcId, $gId];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// 2. Our recursive helper function (Updated for complex nodes)
|
||||
function getCompleteDependencyChain($id, $directMap, $visited = [])
|
||||
{
|
||||
// If this ID doesn't have anything depending on it, return empty
|
||||
if (!isset($directMap[$id])) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$allDependencies = [];
|
||||
|
||||
foreach ($directMap[$id] as $nodeKey => $complexNode) {
|
||||
// CIRCULAR DEPENDENCY CHECK:
|
||||
// We check against the string key (e.g., "10|S") to prevent infinite loops
|
||||
if (isset($visited[$nodeKey])) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// 1. Mark this specific node as visited
|
||||
$visited[$nodeKey] = true;
|
||||
|
||||
// 2. Add the little array [CalcId, GeraetId] to our master list
|
||||
$allDependencies[$nodeKey] = $complexNode;
|
||||
|
||||
// 3. Recursively find everything that depends on THIS calculation ID
|
||||
// $complexNode[0] is the dependent Calc ID
|
||||
$childDependencies = getCompleteDependencyChain($complexNode[0], $directMap, $visited);
|
||||
|
||||
// 4. Merge the child results into our master list safely
|
||||
foreach ($childDependencies as $childKey => $childNode) {
|
||||
$allDependencies[$childKey] = $childNode;
|
||||
$visited[$childKey] = true; // Ensure the parent loop knows this was visited
|
||||
}
|
||||
}
|
||||
|
||||
return $allDependencies;
|
||||
}
|
||||
|
||||
|
||||
// 3. Create the final flattened map for ALL IDs
|
||||
$flatDependencyMap = [];
|
||||
|
||||
foreach (array_keys($notenById) as $id) {
|
||||
$chain = getCompleteDependencyChain($id, $dependencyMap);
|
||||
|
||||
// Only add it if dependencies exist
|
||||
if (!empty($chain)) {
|
||||
// array_values() removes the "10|S" string keys, turning it into a perfect
|
||||
// 0-indexed array for clean JSON encoding: [[10, "S"], [12, 3]]
|
||||
$flatDependencyMap[$id] = array_values($chain);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// 4. Database Updates
|
||||
// Step 1: Reset all rows to NULL in a single query
|
||||
$resetSql = "UPDATE $tableNotenBezeichnungen SET `berechnung_json` = NULL";
|
||||
$mysqli->query($resetSql);
|
||||
|
||||
// Step 2: Prepare the statement
|
||||
$updateSql = "UPDATE $tableNotenBezeichnungen SET `berechnung_json` = ? WHERE id = ?";
|
||||
$stmt = $mysqli->prepare($updateSql);
|
||||
|
||||
foreach ($flatDependencyMap as $id => $completeDependencyArray) {
|
||||
if (empty($completeDependencyArray)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$jsonString = json_encode($completeDependencyArray);
|
||||
|
||||
// Bind parameters: 's' for string (JSON), 'i' for integer (ID)
|
||||
$stmt->bind_param("si", $jsonString, $id);
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
$stmt->close();
|
||||
|
||||
echo json_encode(['success' => true, 'message' => "Abhaengigkeiten berechnet"]);
|
||||
exit;
|
||||
@@ -5,7 +5,7 @@ ini_set('display_startup_errors', 1);
|
||||
|
||||
session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['passcodekampfrichter_id']) || $_SESSION['passcodekampfrichter_id'] < 1) {
|
||||
if (empty($_SESSION['access_granted_kampfrichter']) || $_SESSION['access_granted_kampfrichter'] !== true || empty($_SESSION['user_id_kampfrichter']) || $_SESSION['user_id_kampfrichter'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
@@ -20,6 +20,7 @@ function toggleFullscreen() {
|
||||
}
|
||||
|
||||
let messagePosArray = [];
|
||||
const csrf_token = window.CSDR_TOKEN;
|
||||
|
||||
function displayMsg(type, msg) {
|
||||
const colors = ["#900000ff", "#00b200ff"];
|
||||
@@ -75,9 +76,15 @@ async function fetchNewWSToken(freigabe) {
|
||||
headers: {
|
||||
'Content-Type': 'application/x-www-form-urlencoded',
|
||||
},
|
||||
body: new URLSearchParams({ access: freigabe })
|
||||
body: new URLSearchParams({ access: freigabe, csrf_token })
|
||||
});
|
||||
|
||||
if (response.status === 403) {
|
||||
console.warn("Please Re-Autenithicate. Reloading page...");
|
||||
location.reload();
|
||||
return null;
|
||||
}
|
||||
|
||||
if (!response.ok) return null;
|
||||
|
||||
const data = await response.json();
|
||||
@@ -152,7 +159,39 @@ function scheduleRetry() {
|
||||
// Start the initial connection attempt safely
|
||||
startWebSocket();
|
||||
|
||||
function updateRunButtons(targetCount, personId, $container) {
|
||||
|
||||
if (targetCount === 0) { return; }
|
||||
|
||||
const geraetId = $container.find('.submit-display-result').first().data('geraet-id') || "";
|
||||
|
||||
const currentCount = $container.find('.submit-display-result').length;
|
||||
|
||||
if (targetCount > currentCount) {
|
||||
for (let i = currentCount + 1; i <= targetCount; i++) {
|
||||
const buttonHtml = `
|
||||
<input type="button" class="submit-display-result"
|
||||
data-person-id="${personId}"
|
||||
data-geraet-id="${geraetId}"
|
||||
data-run="${i}"
|
||||
value="Ergebnis anzeigen (Run ${i})">`;
|
||||
$container.append(buttonHtml);
|
||||
}
|
||||
$container.find('.submit-display-result[data-run="1"]').val('Ergebnis anzeigen (Run 1)');
|
||||
} else if (targetCount < currentCount) {
|
||||
for (let i = currentCount; i > targetCount; i--) {
|
||||
$container.find(`.submit-display-result[data-run="${i}"]`).remove();
|
||||
}
|
||||
if (targetCount === 1 && $container.find('.submit-display-result').length === 1) {
|
||||
$container.find('.submit-display-result').val('Ergebnis anzeigen');
|
||||
}
|
||||
}
|
||||
|
||||
$container.find('.submit-display-result').each(function() {
|
||||
$(this).attr('data-person-id', personId);
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
$.fn.updateCurrentEdit = function() {
|
||||
return this.each(function() {
|
||||
@@ -183,7 +222,7 @@ $.fn.updateCurrentEdit = function() {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token: window.CSDR_TOKEN,
|
||||
csrf_token,
|
||||
editId: $input.attr('data-person-id'),
|
||||
geraet: $input.attr('data-geraet-id') ?? null
|
||||
})
|
||||
@@ -196,10 +235,13 @@ $.fn.updateCurrentEdit = function() {
|
||||
'color': '#209200ff',
|
||||
'transition': 'all 0.3s ease-out'
|
||||
});
|
||||
|
||||
setTimeout(() => $(".current-turnerin-name").css({
|
||||
'color': ''
|
||||
}), 2000);
|
||||
|
||||
$(".heading_fv_selturnerin").focus();
|
||||
|
||||
$(".div_edit_values_user").css("display", "flex");
|
||||
|
||||
$(".current-turnerin-name").text(response.titel);
|
||||
@@ -212,86 +254,93 @@ $.fn.updateCurrentEdit = function() {
|
||||
$(".submit-display-result").css("opacity", "1");
|
||||
|
||||
const $editAllDiv = $('.div_edit_values_all_gereate');
|
||||
const noten = response.noten;
|
||||
const programmId = response.programm_id;
|
||||
const noten = response.noten;
|
||||
const personId = response.id;
|
||||
|
||||
// First, reset all containers to a single input state and clear values
|
||||
$editAllDiv.find('.note-container').each(function() {
|
||||
const $container = $(this);
|
||||
const $tbody = $container.find('tbody');
|
||||
const $headerRow = $container.find('thead tr');
|
||||
// 1. Loop directly through the 'noten' object
|
||||
for (const [geraetId, disciplineData] of Object.entries(noten)) {
|
||||
|
||||
// Reset header
|
||||
$headerRow.find('.run-num-header').remove();
|
||||
// Find the specific DOM wrapper for this Geraet using the outer div
|
||||
// Assuming your PHP renders the tables with the correct geraetId on the button
|
||||
const $disciplineWrapper = $editAllDiv.find(`.submit-display-turnerin[data-geraet-id="${geraetId}"]`).closest('.all_vaules_div');
|
||||
|
||||
// Remove extra inputs beyond run 1
|
||||
$tbody.find('.inputs-row').each(function() {
|
||||
$(this).find('td:not(.input-cell-run-1)').remove();
|
||||
if ($disciplineWrapper.length === 0) continue;
|
||||
|
||||
// --- UPDATE GENERAL BUTTONS FOR THIS GERAET ---
|
||||
$disciplineWrapper.find(".submit-display-turnerin, .submit-display-start").attr({
|
||||
'data-person-id': personId,
|
||||
'data-geraet-id': geraetId
|
||||
});
|
||||
|
||||
// Clear value of run 1
|
||||
$container.find('input[data-run="1"]').val('').attr('data-person-id', response.id);
|
||||
});
|
||||
$disciplineWrapper.find(".submit-musik-start, .submit-musik-stopp").attr({
|
||||
'data-id': personId,
|
||||
'data-geraet': geraetId
|
||||
});
|
||||
|
||||
// Now loop through the data and populate/expand
|
||||
for (const [geraetId, noteGroup] of Object.entries(noten)) {
|
||||
for (const [noteId, runGroup] of Object.entries(noteGroup)) {
|
||||
const $container = $editAllDiv.find(`.note-container[data-note-id="${noteId}"]`);
|
||||
if ($container.length === 0) continue;
|
||||
// 2. Identify master containers for this specific discipline
|
||||
const $masterContainer = $disciplineWrapper.find('.singleNotentable').first();
|
||||
const $displayresultDiv = $disciplineWrapper.find('.div-submit-display-result');
|
||||
|
||||
// 3. CLEANUP: Remove previously generated runs and buttons
|
||||
$disciplineWrapper.find('.singleNotentable').not(':first').remove();
|
||||
$displayresultDiv.find('.submit-display-result').not(':first').remove();
|
||||
|
||||
const $tbody = $container.find('tbody');
|
||||
const $headerRow = $container.find('thead tr');
|
||||
const $inputsRow = $tbody.find('.inputs-row');
|
||||
|
||||
const runCount = Object.keys(runGroup).length;
|
||||
const $originalResultBtn = $displayresultDiv.find('.submit-display-result').first();
|
||||
const runKeys = Object.keys(disciplineData).sort((a, b) => a - b);
|
||||
const totalRuns = runKeys.length;
|
||||
|
||||
$headerRow.find('.note-name-header .rm').remove();
|
||||
console.log(totalRuns);
|
||||
|
||||
const originalText = $headerRow.find('.note-name-header').text().trim();
|
||||
// 4. Process each Run in the data
|
||||
runKeys.forEach(runNum => {
|
||||
const runInt = parseInt(runNum);
|
||||
let $currentRunContainer;
|
||||
|
||||
// If more than 1 run, add headers if not already present
|
||||
if (runCount > 1 && $headerRow.find('.run-num-header').length === 0) {
|
||||
$headerRow.find('.note-name-header').html(originalText + ' <span class="rm">(R1)</span>');
|
||||
for (let r = 2; r <= runCount; r++) {
|
||||
$headerRow.append(`<th class="run-num-header">${originalText} <span class="rm">(R${r})</span></th>`);
|
||||
}
|
||||
if (runInt === 1) {
|
||||
$currentRunContainer = $masterContainer;
|
||||
} else {
|
||||
// CLONE the entire container for Run 2, 3, etc.
|
||||
$currentRunContainer = $masterContainer.clone();
|
||||
$currentRunContainer.addClass(`run-container-block run-${runNum}`);
|
||||
$currentRunContainer.insertAfter($disciplineWrapper.find('.singleNotentable').last());
|
||||
}
|
||||
|
||||
for (const [runNum, val] of Object.entries(runGroup)) {
|
||||
let $input = $inputsRow.find(`input[data-run="${runNum}"][data-geraet-id="${geraetId}"]`);
|
||||
|
||||
|
||||
// 5. Update all Tables and Inputs inside this Run Container
|
||||
for (const [noteId, value] of Object.entries(disciplineData[runNum])) {
|
||||
const $table = $currentRunContainer.find(`.note-container[data-note-id="${noteId}"]`);
|
||||
|
||||
// If input doesn't exist yet (for Run 2+), clone it
|
||||
if ($input.length === 0) {
|
||||
const $cell1 = $inputsRow.find('.input-cell-run-1');
|
||||
const $newCell = $cell1.clone();
|
||||
$newCell.removeClass('input-cell-run-1').addClass(`input-cell-run-${runNum}`);
|
||||
|
||||
$input = $newCell.find('input');
|
||||
$input.attr('data-run', runNum).val(val ?? '');
|
||||
$inputsRow.append($newCell);
|
||||
|
||||
// Re-bind change event to new input
|
||||
//bindAjaxInput($input);
|
||||
} else {
|
||||
$input.val(val ?? '').attr('data-person-id', response.id);
|
||||
// Update Header to show Run Number
|
||||
if (runInt > 1) {
|
||||
const $header = $table.find('.note-name-header');
|
||||
if (!$header.find('.rm-tag').length) {
|
||||
$header.append(` <span class="rm-tag" style="font-size: 0.8em;">(R${runNum})</span>`);
|
||||
}
|
||||
}
|
||||
|
||||
// Update Input attributes and value
|
||||
const $input = $table.find('input');
|
||||
$input.attr({
|
||||
'data-run': runNum,
|
||||
'data-person-id': personId,
|
||||
'data-geraet-id': geraetId
|
||||
}).val(value ?? '');
|
||||
}
|
||||
}
|
||||
|
||||
// 6. Remove tables cloned from Run 1 that don't exist in Run 2+
|
||||
if (runInt > 1) {
|
||||
$currentRunContainer.find('input[data-run="1"]').closest('.note-container').remove();
|
||||
}
|
||||
});
|
||||
|
||||
// Ensure the UI script tracking the buttons is updated last
|
||||
updateRunButtons(totalRuns, personId, $displayresultDiv);
|
||||
}
|
||||
|
||||
$(".submit-display-turnerin").attr('data-person-id', response.id);
|
||||
$(".submit-display-start").attr('data-person-id', response.id);
|
||||
|
||||
|
||||
|
||||
const submitMusikStart = $(".submit-musik-start");
|
||||
const submitMusikStopp = $(".submit-musik-stopp");
|
||||
|
||||
if (submitMusikStart.length > 0 && submitMusikStopp.length > 0){
|
||||
submitMusikStart.attr('data-id', response.id);
|
||||
submitMusikStopp.attr('data-id', response.id);
|
||||
}
|
||||
|
||||
$(".submit-display-result").attr('data-person-id', response.id);
|
||||
//$(".submit-display-result").attr('data-person-id', response.id);
|
||||
|
||||
} else {
|
||||
displayMsg(0, response.message);
|
||||
@@ -320,60 +369,63 @@ jQuery(document).ready(function($) {
|
||||
$(this).updateCurrentEdit();
|
||||
});
|
||||
|
||||
const $ajaxInputDiv = $('.div_edit_values_all_gereate');
|
||||
|
||||
$ajaxInputDiv.on('change', '.ajax-input', function(e) {
|
||||
const start = performance.now();
|
||||
const $input = $(this);
|
||||
|
||||
const url = `/intern/scripts/kampfrichter/ajax/ajax-update_value_kampfrichter.php`;
|
||||
|
||||
function bindAjaxInput($el) {
|
||||
$el.on('change', function() {
|
||||
const start = performance.now();
|
||||
const $input = $(this);
|
||||
|
||||
const url = `/intern/scripts/kampfrichter/ajax/ajax-update_value_kampfrichter.php`;
|
||||
personId = $input.data('person-id');
|
||||
fieldTypeId = $input.data('field-type-id');
|
||||
gereatId = $input.data('geraet-id');
|
||||
runNum = $input.attr('data-run') || 1;
|
||||
jahr = window.AKTUELLES_JAHR;
|
||||
value = $input.val();
|
||||
|
||||
personId = $input.data('person-id');
|
||||
fieldTypeId = $input.data('field-type-id');
|
||||
gereatId = $input.data('geraet-id');
|
||||
runNum = $input.attr('data-run') || 1;
|
||||
jahr = window.AKTUELLES_JAHR;
|
||||
value = $input.val();
|
||||
|
||||
fetch(url, {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
personId: personId,
|
||||
fieldTypeId: fieldTypeId,
|
||||
gereatId: gereatId,
|
||||
run: runNum,
|
||||
jahr: jahr,
|
||||
value: value
|
||||
})
|
||||
fetch(url, {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token,
|
||||
personId: personId,
|
||||
fieldTypeId: fieldTypeId,
|
||||
gereatId: gereatId,
|
||||
run: runNum,
|
||||
jahr: jahr,
|
||||
value: value
|
||||
})
|
||||
.then(res => res.json())
|
||||
.then(response => {
|
||||
const end = performance.now();
|
||||
console.log(`Total AJAX time: ${(end - start).toFixed(3)} ms`);
|
||||
|
||||
if (response.success) {
|
||||
|
||||
})
|
||||
.then(res => res.json())
|
||||
.then(response => {
|
||||
const end = performance.now();
|
||||
console.log(`Total AJAX time: ${(end - start).toFixed(3)} ms`);
|
||||
|
||||
if (response.success) {
|
||||
|
||||
let objValues = [];
|
||||
|
||||
|
||||
const rowId = $input.attr('data-id');
|
||||
|
||||
$input.css({"color": "#0e670d", "font-weight": "600"});
|
||||
|
||||
|
||||
|
||||
setTimeout(() => $input.css({'color': '', "font-weight": ""}), 2000);
|
||||
|
||||
|
||||
const noten = response.noten;
|
||||
|
||||
for (const [keyN, noteGroup] of Object.entries(noten)) {
|
||||
for (const [key, runGroup] of Object.entries(noteGroup)) {
|
||||
if (key == fieldTypeId && keyN == gereatId) { continue; }
|
||||
|
||||
for (const [run, value] of Object.entries(runGroup)) {
|
||||
$(`input.changebleValue[data-field-type-id="${key}"][data-geraet-id="${keyN}"][data-person-id="${personId}"][data-run="${run}"]`)
|
||||
const selectorBase = `[data-field-type-id="${key}"][data-geraet-id="${keyN}"][data-person-id="${personId}"][data-run="${run}"]`;
|
||||
// Handle Inputs (excluding current one)
|
||||
$(`input.changebleValue${selectorBase}`)
|
||||
.not(this)
|
||||
.val(value ?? '');
|
||||
$(`.changebleValue:not(input)[data-field-type-id="${key}"][data-geraet-id="${keyN}"][data-person-id="${personId}"][data-run="${run}"]`)
|
||||
|
||||
// Handle Display elements (Spans/Divs)
|
||||
$(`.changebleValue:not(input)${selectorBase}`)
|
||||
.text(value ?? '');
|
||||
}
|
||||
}
|
||||
@@ -389,101 +441,20 @@ jQuery(document).ready(function($) {
|
||||
noten: noten
|
||||
}
|
||||
}));
|
||||
|
||||
} else {
|
||||
// Flash red on error
|
||||
$input.css({'color': '#ff6a76ff'});
|
||||
displayMsg(0, response.message || 'Unknown error');
|
||||
console.error(response.message || 'Unknown error');
|
||||
}
|
||||
})
|
||||
.catch(err => {
|
||||
$input.css({'color': '#670d0d'});
|
||||
console.error('AJAX fetch error:', err);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
$('.ajax-input').each(function() {
|
||||
bindAjaxInput($(this));
|
||||
|
||||
} else {
|
||||
// Flash red on error
|
||||
$input.css({'color': '#ff6a76ff'});
|
||||
displayMsg(0, response.message || 'Unknown error');
|
||||
console.error(response.message || 'Unknown error');
|
||||
}
|
||||
})
|
||||
.catch(err => {
|
||||
$input.css({'color': '#670d0d'});
|
||||
console.error('AJAX fetch error:', err);
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
/*$('.ranglisteExport').on('click', function(e) {
|
||||
const $input = $(this);
|
||||
if ($input.data('field_type') !== 'upload_programm') {e.preventDefault();}
|
||||
|
||||
|
||||
// Build the data to send
|
||||
const data = new URLSearchParams();
|
||||
data.append('prog', $input.data('id'));
|
||||
data.append('type', $input.data('field_type'));
|
||||
|
||||
// Record start time
|
||||
const start = performance.now();
|
||||
|
||||
const url = '/intern/scripts/kampfrichter/ajax/ajax-neu_rangliste.php';
|
||||
|
||||
fetch(url, {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
prog: $input.data('id'),
|
||||
type: $input.data('field_type')
|
||||
})
|
||||
})
|
||||
.then(res => res.blob())
|
||||
.then(blob => {
|
||||
if ($input.data('field_type') !== 'upload_programm'){
|
||||
const url = window.URL.createObjectURL(blob);
|
||||
const a = document.createElement('a');
|
||||
a.href = url;
|
||||
a.download = "KTBB_Ergebnisse.pdf"; // optional
|
||||
document.body.appendChild(a);
|
||||
a.click();
|
||||
a.remove();
|
||||
window.URL.revokeObjectURL(url);
|
||||
} else {
|
||||
alert('PDF auf Webseite geladen!');
|
||||
}
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
$('.protokollExport').on('click', function() {
|
||||
console.log('ok');
|
||||
const $input = $(this);
|
||||
|
||||
// Build the data to send
|
||||
const data = new URLSearchParams();
|
||||
data.append('abteilung', $input.data('abteilung'));
|
||||
|
||||
// Record start time
|
||||
const start = performance.now();
|
||||
|
||||
const url = '/intern/scripts/kampfrichter/ajax/ajax-neu_protokoll.php';
|
||||
|
||||
fetch(url, {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
abteilung: $input.data('abteilung')
|
||||
})
|
||||
})
|
||||
.then(res => res.blob())
|
||||
.then(blob => {
|
||||
const url = window.URL.createObjectURL(blob);
|
||||
const a = document.createElement('a');
|
||||
a.href = url;
|
||||
a.download = "KTBB_Protokoll.pdf"; // optional
|
||||
document.body.appendChild(a);
|
||||
a.click();
|
||||
a.remove();
|
||||
window.URL.revokeObjectURL(url);
|
||||
});
|
||||
|
||||
});*/
|
||||
|
||||
$('.inputnamekr').on('change', function() {
|
||||
const $input = $(this);
|
||||
|
||||
@@ -494,6 +465,7 @@ jQuery(document).ready(function($) {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token,
|
||||
aufgabe: $input.data('id'),
|
||||
abteilung: $input.data('abt'),
|
||||
geraet: $input.data('user'),
|
||||
@@ -534,50 +506,6 @@ jQuery(document).ready(function($) {
|
||||
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
* Handle namekr input updates
|
||||
|
||||
$('.ajax-input-namekr').on('change', function() {
|
||||
let $input = $(this);
|
||||
|
||||
$.post(ajax_object.ajaxurl, {
|
||||
action: 'save_namekr_input',
|
||||
id: $input.data('id'),
|
||||
abt: $input.data('abt'),
|
||||
user: $input.data('user'),
|
||||
value: $input.val()
|
||||
}, function(response) {
|
||||
if (response.success) {
|
||||
console.log(response.data.message);
|
||||
$input.css({
|
||||
'background-color': '#a4bf4a',
|
||||
'color': '#fff',
|
||||
'transition': 'all 0.3s ease-out'
|
||||
});
|
||||
setTimeout(() => $input.css({
|
||||
'background-color': '',
|
||||
'color': ''
|
||||
}), 2000);
|
||||
} else {
|
||||
console.error(response.data.message);
|
||||
$input.css({
|
||||
'background-color': '#f8d7da',
|
||||
'color': '#fff',
|
||||
'transition': 'all 0.3s ease-out'
|
||||
});
|
||||
setTimeout(() => $input.css({
|
||||
'background-color': '',
|
||||
'color': ''
|
||||
}), 2000);
|
||||
}
|
||||
}, 'json');
|
||||
}); */
|
||||
|
||||
|
||||
/**
|
||||
* Handle display JSON updates
|
||||
*/
|
||||
$('.submit-display-turnerin').on('click', function() {
|
||||
const $input = $(this);
|
||||
|
||||
@@ -588,6 +516,7 @@ jQuery(document).ready(function($) {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token,
|
||||
personId: $input.attr('data-person-id'),
|
||||
geraetId: $input.attr('data-geraet-id'),
|
||||
jahr: window.AKTUELLES_JAHR,
|
||||
@@ -623,12 +552,16 @@ jQuery(document).ready(function($) {
|
||||
const $input = $(this);
|
||||
|
||||
const url = '/intern/scripts/kampfrichter/ajax/displays/ajax-display-functions.php';
|
||||
const dataType = $input.attr('data-type');
|
||||
|
||||
fetch(url,{
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token,
|
||||
geraetId: $input.attr('data-geraet-id'),
|
||||
personId: $input.attr('data-person-id'),
|
||||
dataType: dataType,
|
||||
type: "start"
|
||||
})
|
||||
})
|
||||
@@ -643,11 +576,16 @@ jQuery(document).ready(function($) {
|
||||
data: response.data
|
||||
}
|
||||
}));
|
||||
displayMsg(1, 'Start freigegeben');
|
||||
|
||||
$input.css('opacity', 0.5);
|
||||
if (dataType == 1) {
|
||||
displayMsg(1, 'Start freigegeben');
|
||||
} else if (dataType == 0) {
|
||||
displayMsg(1, 'Startfreigabe entzogen');
|
||||
}
|
||||
|
||||
|
||||
} else {
|
||||
alert('Error: ' + response.message);
|
||||
displayMsg(0, response.message);
|
||||
}
|
||||
})
|
||||
.catch(err => {
|
||||
@@ -656,48 +594,23 @@ jQuery(document).ready(function($) {
|
||||
console.error('AJAX fetch error:', err);
|
||||
});
|
||||
});
|
||||
|
||||
/*$('.submit-display-start').on('click', function() {
|
||||
let discipline = $(this).data('discipline');
|
||||
|
||||
$.post(ajax_object.ajaxurl, {
|
||||
action: 'write_discipline_json_start',
|
||||
discipline: discipline
|
||||
}, function(response) {
|
||||
if (response.success) {
|
||||
alert('Start freigegeben');
|
||||
|
||||
if (response.data.disable_start_button) {
|
||||
$('.submit-display-start').css({
|
||||
'border': '1px solid #aaa',
|
||||
'background-color': '#aaa',
|
||||
'color': '#555',
|
||||
'pointer-events': 'none'
|
||||
});
|
||||
$('.submit-musik-start').css({
|
||||
'background-color': '#077',
|
||||
'border': '1px solid #077',
|
||||
'color': '#fff',
|
||||
'cursor': 'pointer',
|
||||
'pointer-events': 'auto'
|
||||
});
|
||||
}
|
||||
} else {
|
||||
alert('Error: ' + response.data.message);
|
||||
}
|
||||
}, 'json');
|
||||
});*/
|
||||
|
||||
|
||||
$('.submit-musik-start').on('click', function() {
|
||||
const $input = $(this);
|
||||
|
||||
// Build the URL with GET parameters safely
|
||||
const url = `/intern/scripts/kampfrichter/ajax/ajax-update_kampfrichter_start_musik.php` +
|
||||
`?id=${$input.attr('data-id')}` +
|
||||
`&discipline=${encodeURIComponent($input.data('geraet'))}`;
|
||||
const url = `/intern/scripts/kampfrichter/ajax/ajax-update_kampfrichter_start_musik.php`;
|
||||
|
||||
fetch(url)
|
||||
fetch(url,{
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token,
|
||||
id: $input.attr('data-id'),
|
||||
discipline: $input.data('geraet')
|
||||
})
|
||||
})
|
||||
.then(res => res.json())
|
||||
.then(response => {
|
||||
const end = performance.now();
|
||||
@@ -725,7 +638,13 @@ jQuery(document).ready(function($) {
|
||||
// Build the URL with GET parameters safely
|
||||
const url = `/intern/scripts/kampfrichter/ajax/ajax-update_kampfrichter_stopp_musik.php`;
|
||||
|
||||
fetch(url)
|
||||
fetch(url,{
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token
|
||||
})
|
||||
})
|
||||
.then(res => res.json())
|
||||
.then(response => {
|
||||
if (response.success) {
|
||||
@@ -745,7 +664,7 @@ jQuery(document).ready(function($) {
|
||||
});
|
||||
});
|
||||
|
||||
$('.submit-display-result').on('click', function() {
|
||||
$('.div-submit-display-result').on('click', '.submit-display-result', function() {
|
||||
$input = $(this);
|
||||
|
||||
// Build the URL with GET parameters safely
|
||||
@@ -755,8 +674,10 @@ jQuery(document).ready(function($) {
|
||||
method: 'POST',
|
||||
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
||||
body: new URLSearchParams({
|
||||
csrf_token,
|
||||
personId: $input.attr('data-person-id'),
|
||||
geraetId: $input.attr('data-geraet-id'),
|
||||
run: $input.attr("data-run"),
|
||||
jahr: window.AKTUELLES_JAHR,
|
||||
type: "result"
|
||||
})
|
||||
@@ -843,34 +764,3 @@ ws.addEventListener("message", event => { // Use 'event' as it's more standard t
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
/*document.getElementById('freigabe-select').addEventListener('change', function() {
|
||||
const freigabe = this.value;
|
||||
const user_id = document.getElementById('user_id').value;
|
||||
const nonce = document.getElementById('freigabe_nonce').value;
|
||||
const type = document.getElementById('type_freigabe').value;
|
||||
|
||||
const params = new URLSearchParams();
|
||||
params.append('action', 'save_freigabe');
|
||||
params.append('freigabe', freigabe);
|
||||
params.append('user_id', user_id);
|
||||
params.append('type', type);
|
||||
|
||||
fetch('/intern/scripts/kampfrichter/ajax/ajax-update_selected_kampfrichter.php', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
||||
body: params
|
||||
})
|
||||
.then(res => res.json())
|
||||
.then(data => {
|
||||
if (data.success) {
|
||||
window.location.reload();
|
||||
} else {
|
||||
alert('Error: ' + data.data);
|
||||
}
|
||||
})
|
||||
.catch(err => {
|
||||
console.error(err);
|
||||
displayMsg(0, 'AJAX fetch error:' + err);
|
||||
});
|
||||
});*/
|
||||
167
www/intern/scripts/logindata/ajax-create-link-user.php
Normal file
167
www/intern/scripts/logindata/ajax-create-link-user.php
Normal file
@@ -0,0 +1,167 @@
|
||||
<?php
|
||||
|
||||
use Dotenv\Dotenv;
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($dbconnection['success'] !== true){
|
||||
echo json_encode(['success' => false, 'message' => 'Critical DB Error.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$editor_id = $_SESSION['user_id_wk_leitung'];
|
||||
|
||||
$plain = trim($_POST['password'] ?? null);
|
||||
|
||||
$username = trim($_POST['username'] ?? null);
|
||||
|
||||
$namePerson = htmlspecialchars(trim($_POST['namePerson'] ?? null));
|
||||
|
||||
$freigaben = $_POST['freigaben'] ?? [];
|
||||
$freigabenTrainer = $_POST['freigabenTrainer'] ?? [];
|
||||
$freigabenKampfrichter = $_POST['freigabenKampfrichter'] ?? [];
|
||||
|
||||
if (!is_array($freigaben)) {
|
||||
$freigaben = [];
|
||||
}
|
||||
if (!is_array($freigabenTrainer)) {
|
||||
$freigabenTrainer = [];
|
||||
}
|
||||
if (!is_array($freigabenKampfrichter)) {
|
||||
$freigabenKampfrichter = [];
|
||||
}
|
||||
|
||||
$array = [
|
||||
'types' => $freigaben,
|
||||
'freigabenTrainer' => $freigabenTrainer,
|
||||
'freigabenKampfrichter' => $freigabenKampfrichter
|
||||
];
|
||||
|
||||
// Store as proper JSON string
|
||||
$freigabe_store = json_encode($array);
|
||||
|
||||
$hash = null;
|
||||
$cipher_store = null;
|
||||
|
||||
if ($plain != null) {
|
||||
// Hash for login
|
||||
$hash = password_hash($plain, PASSWORD_ARGON2ID);
|
||||
|
||||
|
||||
require $baseDir . '/../composer/vendor/autoload.php';
|
||||
|
||||
$envFile = realpath($baseDir . '/../config/.env.pw-encryption-key');
|
||||
|
||||
if ($envFile === false) {
|
||||
http_response_code(500);
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => "Environment file not found"
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
try {
|
||||
$envDir = dirname($envFile);
|
||||
|
||||
$dotenv = Dotenv::createImmutable($envDir, '.env.pw-encryption-key');
|
||||
|
||||
$dotenv->load();
|
||||
} catch (Throwable $e) {
|
||||
http_response_code(500);
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => "Dotenv error"
|
||||
]);
|
||||
}
|
||||
|
||||
// Encrypt for display
|
||||
$iv_length = openssl_cipher_iv_length('aes-256-cbc');
|
||||
$iv = random_bytes($iv_length);
|
||||
$encrypted = openssl_encrypt($plain, 'aes-256-cbc', $_ENV['PW_ENCRYPTION_KEY'], 0, $iv);
|
||||
$cipher_store = base64_encode($iv . $encrypted);
|
||||
}
|
||||
|
||||
$created_at = date('Y-m-d H:i:s');
|
||||
$updated_at = $created_at;
|
||||
|
||||
|
||||
$stmt = $mysqli->prepare(
|
||||
"INSERT INTO {$tableInternUsers}
|
||||
(username, name_person, password_hash, password_cipher, freigabe, created_at, updated_at, edited_by)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
|
||||
);
|
||||
|
||||
$stmt->bind_param(
|
||||
"sssssssi",
|
||||
$username,
|
||||
$namePerson,
|
||||
$hash,
|
||||
$cipher_store,
|
||||
$freigabe_store,
|
||||
$created_at,
|
||||
$updated_at,
|
||||
$editor_id
|
||||
);
|
||||
|
||||
$updated = $stmt->execute();
|
||||
|
||||
if (!$updated) {
|
||||
echo json_encode(['success' => false, 'message' => 'DB Error']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$new_id = $mysqli->insert_id;
|
||||
|
||||
// Delete old OTL links for this user (recommended)
|
||||
db_delete($mysqli, $tableOTL, ['user_id' => $new_id]);
|
||||
|
||||
// Insert the row — url + timestamp are auto-generated by MySQL
|
||||
|
||||
$typeOp = "create_profile";
|
||||
|
||||
$stmt = $mysqli->prepare("INSERT INTO {$tableOTL} (user_id, `type`) VALUES (?, ?)");
|
||||
$stmt->bind_param("is", $new_id, $typeOp);
|
||||
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
echo json_encode(['success' => false, 'message' => 'Failed to create OTL record']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$row_id = $stmt->insert_id;
|
||||
|
||||
$stmt->close();
|
||||
|
||||
// Now fetch the auto-generated URL
|
||||
$url = db_get_var($mysqli, "SELECT url FROM $tableOTL WHERE id = ? LIMIT 1", [$row_id]);
|
||||
|
||||
if (!$url) {
|
||||
echo json_encode(['success' => false, 'message' => 'Could not fetch generated URL']);
|
||||
exit;
|
||||
}
|
||||
|
||||
echo json_encode(['success' => true, 'url' => $url]);
|
||||
@@ -1,20 +1,21 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
@@ -27,6 +28,15 @@ if ($dbconnection['success'] !== true){
|
||||
}
|
||||
|
||||
$id = intval($_POST['user_id'] ?? 0);
|
||||
$typeOp = trim($_POST['type'] ?? '');
|
||||
|
||||
$allowedTypesOp = ['login', 'pwreset'];
|
||||
|
||||
if (!in_array($typeOp, $allowedTypesOp)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Operation nicht gestattet']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'No valid ID']);
|
||||
exit;
|
||||
@@ -37,8 +47,8 @@ db_delete($mysqli, $tableOTL, ['user_id' => $id]);
|
||||
|
||||
// Insert the row — url + timestamp are auto-generated by MySQL
|
||||
|
||||
$stmt = $mysqli->prepare("INSERT INTO {$tableOTL} (user_id) VALUES (?)");
|
||||
$stmt->bind_param("i", $id);
|
||||
$stmt = $mysqli->prepare("INSERT INTO {$tableOTL} (user_id, `type`) VALUES (?, ?)");
|
||||
$stmt->bind_param("is", $id, $typeOp);
|
||||
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
39
www/intern/scripts/logindata/ajax-delete-user.php
Normal file
39
www/intern/scripts/logindata/ajax-delete-user.php
Normal file
@@ -0,0 +1,39 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($dbconnection['success'] !== true){
|
||||
echo json_encode(['success' => false, 'message' => 'Critical DB Error.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$id = intval($_POST['field_id'] ?? 0);
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid Input.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
db_delete($mysqli, $tableInternUsers, ['id' => $id]);
|
||||
|
||||
echo json_encode(['success' => true, 'message' => "Benutzer $id erfolgreich gelöscht.", 'id' => $id]);
|
||||
exit;
|
||||
|
||||
36
www/intern/scripts/logindata/ajax-delete-verein.php
Normal file
36
www/intern/scripts/logindata/ajax-delete-verein.php
Normal file
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$id = intval($_POST['field_id'] ?? 0);
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'No valid ID']);
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($dbconnection['success'] !== true){
|
||||
echo 'Critical DB Error.';
|
||||
exit;
|
||||
}
|
||||
|
||||
db_delete($mysqli, $tableVereine, ['id' => $id]);
|
||||
|
||||
echo json_encode(['success' => true, 'message' => 'Verein gelöscht']);
|
||||
@@ -1,24 +1,18 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
$token = isset($_GET['token']) ? $_GET['token'] : '';
|
||||
|
||||
if ($token !== 'sWZ4GxbsoVhUPk5zhjH0uU9hets3zV2KsV8CZUvAWCCRk4uuuDr9vfFVgxWqr5FtDttbtm50EdWK9YxuMPswGZBQZFHAUAET1aG1'){
|
||||
echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -30,7 +24,7 @@ if ($data['success'] === false){
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
$value = isset($_GET['value']) ? preg_replace('/[^a-zA-Z0-9\s\-"]/u', '', $_GET['value']) : '';
|
||||
$value = isset($_POST['value']) ? preg_replace('/[^a-zA-Z0-9\s\-"]/u', '', $_POST['value']) : '';
|
||||
|
||||
if (!$value || $value === ''){
|
||||
echo json_encode(['success' => false, 'message' => 'No input']);
|
||||
|
||||
@@ -5,24 +5,18 @@ ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL);
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
$token = isset($_GET['token']) ? $_GET['token'] : '';
|
||||
|
||||
if ($token !== 'bKqBAPjwojZdarJaE7jwvRrIEf2WzJUlFlufQadfLJ98qJcrWZK5pRlGoUQOHp1L06urGRbEdE9v5oIRirPiUCjm93wATghO4qx'){
|
||||
echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -34,7 +28,7 @@ if ($data['success'] === false){
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid ID']);
|
||||
|
||||
@@ -4,21 +4,20 @@ use Dotenv\Dotenv;
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
@@ -36,7 +35,7 @@ if (isset($_POST['field_id'])){
|
||||
exit;
|
||||
}
|
||||
|
||||
$editor_id = $_SESSION['passcodewk_leitung_id'];
|
||||
$editor_id = $_SESSION['user_id_wk_leitung'];
|
||||
$plain = trim($_POST['password'] ?? '');
|
||||
|
||||
if (!$plain) {
|
||||
@@ -51,6 +50,7 @@ if (!$username) {
|
||||
exit;
|
||||
}
|
||||
|
||||
$namePerson = htmlspecialchars(trim($_POST['namePerson'] ?? ''));
|
||||
|
||||
$freigaben = $_POST['freigaben'] ?? [];
|
||||
$freigabenTrainer = $_POST['freigabenTrainer'] ?? [];
|
||||
@@ -118,6 +118,7 @@ if ($id > 0) {
|
||||
'password_hash' => $hash,
|
||||
'password_cipher' => $cipher_store,
|
||||
'username' => $username,
|
||||
'name_person' => $namePerson,
|
||||
'freigabe' => $freigabe_store,
|
||||
'updated_at' => date('Y-m-d H:i:s'),
|
||||
'edited_by' => $editor_id
|
||||
@@ -125,19 +126,23 @@ if ($id > 0) {
|
||||
} else {
|
||||
$stmt = $mysqli->prepare(
|
||||
"INSERT INTO {$tableInternUsers}
|
||||
(username, password_hash, password_cipher, freigabe, created_at, updated_at, edited_by)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?)"
|
||||
(username, name_person, password_hash, password_cipher, freigabe, created_at, updated_at, edited_by, login_active)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"
|
||||
);
|
||||
|
||||
$loginActive = 1;
|
||||
|
||||
$stmt->bind_param(
|
||||
"ssssssi",
|
||||
"sssssssis",
|
||||
$username,
|
||||
$namePerson,
|
||||
$hash,
|
||||
$cipher_store,
|
||||
$freigabe_store,
|
||||
$created_at,
|
||||
$updated_at,
|
||||
$editor_id
|
||||
$editor_id,
|
||||
$loginActive
|
||||
);
|
||||
|
||||
$created_at = date('Y-m-d H:i:s');
|
||||
|
||||
@@ -1,25 +1,18 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
$token = isset($_GET['token']) ? $_GET['token'] : '';
|
||||
|
||||
if ($token !== '0UgBVHutbxTRTYsB04ujFKMjMRA8GgdqRJjVh3DKU1LRJfwtcDfrpDc7jpMxcrg9rYurAEwYPy5gu15R77MsgKsDMkFZEykx0A67'){
|
||||
echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -32,8 +25,8 @@ if ($data['success'] === false){
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
||||
$value = isset($_GET['value']) ? floatval($_GET['value']) : 0;
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
$value = isset($_POST['value']) ? floatval($_POST['value']) : 0;
|
||||
|
||||
|
||||
if ($id < 0) {
|
||||
|
||||
@@ -1,25 +1,18 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
$token = isset($_GET['token']) ? $_GET['token'] : '';
|
||||
|
||||
if ($token !== 'k7uweziEUWZiJhwe7687UWIQZ28SQIH2ug74pINKyxHxPerB6wUZ'){
|
||||
echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -32,8 +25,8 @@ if ($data['success'] === false){
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// ---------- Get and sanitize input ----------
|
||||
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
||||
$value = isset($_GET['value']) ? round(floatval($_GET['value']), 2) : 0;
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
$value = isset($_POST['value']) ? round(floatval($_POST['value']), 2) : 0;
|
||||
|
||||
|
||||
if ($id < 0) {
|
||||
|
||||
@@ -2,20 +2,20 @@
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
@@ -1,46 +0,0 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($dbconnection['success'] !== true){
|
||||
echo json_encode(['success' => false, 'message' => 'Critical DB Error.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$id = intval($_POST['field_id'] ?? 0);
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Invalid Input.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$deleted = db_delete($mysqli, $tableInternUsers, ['id' => $id]);
|
||||
|
||||
if ($deleted !== true) {
|
||||
// DB query failed (syntax/connection issue)
|
||||
echo json_encode(['success' => false, 'message' => 'DB Error.']);
|
||||
exit;
|
||||
} else {
|
||||
// Success
|
||||
echo json_encode(['success' => true, 'message' => "Benutzer $id erfolgreich gelöscht.", 'id' => $id]);
|
||||
exit;
|
||||
}
|
||||
|
||||
@@ -1,36 +0,0 @@
|
||||
<?php
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
}
|
||||
|
||||
$id = intval($_POST['field_id'] ?? 0);
|
||||
|
||||
if ($id <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'No valid ID']);
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/csrf_functions.php';
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($dbconnection['success'] !== true){
|
||||
echo 'Critical DB Error.';
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!db_delete($mysqli, $tableVereine, ['id' => $id])) {
|
||||
echo json_encode(['success' => false, 'message' => 'Failed to delete verein']);
|
||||
exit;
|
||||
}
|
||||
|
||||
echo json_encode(['success' => true, 'message' => '200, ok']);
|
||||
@@ -1,17 +1,18 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -1,17 +1,18 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -7,17 +7,18 @@ ini_set('display_startup_errors', 1);
|
||||
// dependencies to versions compatible with your PHP runtime.
|
||||
error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -7,13 +7,18 @@ ini_set('display_startup_errors', 1);
|
||||
// dependencies to versions compatible with your PHP runtime.
|
||||
error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
// Validate input
|
||||
if (!isset($_POST['anz_abt']) || !ctype_digit($_POST['anz_abt'])) {
|
||||
http_response_code(406);
|
||||
@@ -22,10 +27,6 @@ if (!isset($_POST['anz_abt']) || !ctype_digit($_POST['anz_abt'])) {
|
||||
|
||||
$anz_abt = (int) $_POST['anz_abt'];
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -8,13 +8,18 @@ ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
|
||||
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
// Validate input
|
||||
if (!isset($_POST['abt']) || !ctype_digit($_POST['abt'])) {
|
||||
http_response_code(406);
|
||||
@@ -23,10 +28,6 @@ if (!isset($_POST['abt']) || !ctype_digit($_POST['abt'])) {
|
||||
|
||||
$abtInput = (int) $_POST['abt'];
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -1,19 +1,20 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($dbconnection['success'] !== true){
|
||||
@@ -23,7 +24,7 @@ if ($dbconnection['success'] !== true){
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true);
|
||||
$input = $_POST;
|
||||
|
||||
if (!$input || !isset($input['new'])) {
|
||||
http_response_code(400);
|
||||
|
||||
@@ -1,16 +1,17 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_wk_leitung']) || $_SESSION['access_granted_wk_leitung'] !== true || empty($_SESSION['passcodewk_leitung_id']) || intval($_SESSION['passcodewk_leitung_id']) < 0 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) {
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
}
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('wk_leitung');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'wkl';
|
||||
|
||||
$dbconnection = require $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -40,11 +40,11 @@ $icons = [
|
||||
if (isset($mysqli) && isset($tableInternUsers)) {
|
||||
|
||||
if ($currentPage === 'kampfrichter' && checkIfUserHasSessionId('kampfrichter')):
|
||||
$userDispId = intval($_SESSION['passcodekampfrichter_id']);
|
||||
$userDispId = intval($_SESSION['user_id_kampfrichter']);
|
||||
elseif ($currentPage === 'kampfrichter' && checkIfUserHasSessionId('trainer')):
|
||||
$userDispId = intval($_SESSION['passcodetrainer_id']);
|
||||
$userDispId = intval($_SESSION['user_id_trainer']);
|
||||
elseif ($isWKL && checkIfUserHasSessionId('wk_leitung')):
|
||||
$userDispId = intval($_SESSION['passcodewk_leitung_id']);
|
||||
$userDispId = intval($_SESSION['user_id_wk_leitung']);
|
||||
endif;
|
||||
|
||||
$sql = "SELECT `username`, `freigabe` FROM $tableInternUsers WHERE id = ?";
|
||||
@@ -87,7 +87,7 @@ if ($isWKL) {
|
||||
}
|
||||
|
||||
function checkIfUserHasSessionId($type) : bool {
|
||||
if (isset($_SESSION['passcode'.$type.'_id']) && intval(['passcode'.$type.'_id']) > 0) { return true; }
|
||||
if (isset($_SESSION['user_id_'.$type]) && intval(['user_id_'.$type]) > 0) { return true; }
|
||||
else { return false; }
|
||||
}
|
||||
|
||||
@@ -181,6 +181,8 @@ function sidebarRender(string $mode) {
|
||||
|
||||
<script>
|
||||
|
||||
window.CSRF_TOKEN = "<?= $csrf_token ?? $_SESSION['csrf_token'] ?? '' ?>";
|
||||
|
||||
const siteType = '<?= $currentPage ?>';
|
||||
// Close button binding (inline to avoid race condition with sidebar.js)
|
||||
document.addEventListener('DOMContentLoaded', function() {
|
||||
|
||||
@@ -1,14 +1,15 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if ( empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || intval($_SESSION['passcodetrainer_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('trainer');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$type = 'tr';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -20,8 +21,8 @@ if ($data['success'] === false){
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
$ids = isset($_GET['ids']) ? htmlspecialchars(strip_tags(trim($_GET['ids'])), ENT_QUOTES) : '';
|
||||
$user = intval($_SESSION['passcodetrainer_id']);
|
||||
$ids = isset($_POST['ids']) ? htmlspecialchars(strip_tags(trim($_POST['ids'])), ENT_QUOTES) : '';
|
||||
$user = intval($_SESSION['user_id_trainer']);
|
||||
|
||||
|
||||
$arrayids = array_filter(array_map('trim', explode(',', $ids)));
|
||||
|
||||
@@ -1,21 +1,18 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL);
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || intval($_SESSION['passcodetrainer_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
$userId = $_SESSION['passcodetrainer_id'];
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('trainer');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
$userId = $_SESSION['user_id_trainer'];
|
||||
|
||||
$type = 'tr';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -5,21 +5,17 @@ ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL);
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
$token = isset($_GET['token']) ? $_GET['token'] : '';
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
/*if ($token !== 'OOlhSGI8CraW6BFmJbj6JFy4sxrYyZ0UxzzbASLhY1sWm0IgqmBXjqqwtqKSvpVFBSBgOFrXHuQLGQj1pxlxj3rlTt1r7kAAWX67dcP'){
|
||||
echo json_encode(['success' => false, 'message' => '500 Error - Critical Server Error']);
|
||||
exit;
|
||||
}*/
|
||||
ini_wkvs_session();
|
||||
|
||||
if (empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || intval($_SESSION['passcodetrainer_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
check_user_permission('trainer');
|
||||
|
||||
function generateInvoiceNumber(): int {
|
||||
verify_csrf();
|
||||
|
||||
function generateInvoiceNumber() : int {
|
||||
return random_int(10000000, 99999999);
|
||||
}
|
||||
|
||||
@@ -59,9 +55,7 @@ function createInvoice(mysqli $conn, $tableOrders, $orderType , $preis, $userId,
|
||||
throw new RuntimeException('Failed to generate unique invoice number');
|
||||
}
|
||||
|
||||
$userId = $_SESSION['passcodetrainer_id'];
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
$userId = $_SESSION['user_id_trainer'];
|
||||
|
||||
$type = 'tr';
|
||||
|
||||
|
||||
@@ -1,16 +1,17 @@
|
||||
<?php
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if ( empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || intval($_SESSION['passcodetrainer_id']) < 1 ) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('trainer');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
|
||||
$type = 'tr';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
@@ -24,7 +25,7 @@ require $baseDir . '/../scripts/db/db-tables.php';
|
||||
|
||||
// --- Get input ---
|
||||
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
|
||||
$userId = intval($_SESSION['passcodetrainer_id']);
|
||||
$userId = intval($_SESSION['user_id_trainer']);
|
||||
|
||||
// --- Validate inputs ---
|
||||
if ($id < 1) {
|
||||
|
||||
@@ -2,18 +2,15 @@
|
||||
header('Content-Type: application/json');
|
||||
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
$isTrainer =
|
||||
isset($_SESSION['access_granted_trainer'], $_SESSION['passcodetrainer_id']) &&
|
||||
$_SESSION['access_granted_trainer'] === true &&
|
||||
(int)$_SESSION['passcodetrainer_id'] > 0;
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
if (!$isTrainer) {
|
||||
echo json_encode(['success' => false]);
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('trainer');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
if (!isset($_POST['musicId']) || !isset($_POST['turnerinId']) || intval($_POST['musicId']) < 1 || intval($_POST['turnerinId']) < 1) {
|
||||
echo json_encode(['success' => false]);
|
||||
@@ -21,8 +18,6 @@ if (!isset($_POST['musicId']) || !isset($_POST['turnerinId']) || intval($_POST['
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
$type = 'tr';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -1,17 +1,14 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
$isTrainer =
|
||||
isset($_SESSION['access_granted_trainer'], $_SESSION['passcodetrainer_id']) &&
|
||||
$_SESSION['access_granted_trainer'] === true &&
|
||||
(int)$_SESSION['passcodetrainer_id'] > 0;
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
if (!$isTrainer) {
|
||||
echo json_encode(['success' => false]);
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('trainer');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
if (!isset($_POST['oldMusicId'])) {
|
||||
echo json_encode(['success' => false]);
|
||||
@@ -27,8 +24,6 @@ if ($oldMusicId < 1) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
$type = 'tr';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
if (empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || $_SESSION['passcodetrainer_id'] < 1) {
|
||||
if (empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['user_id_trainer']) || $_SESSION['user_id_trainer'] < 1) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
@@ -4,11 +4,6 @@ use Sprain\SwissQrBill\PaymentPart\Output\DisplayOptions;
|
||||
use Sprain\SwissQrBill\PaymentPart\Output\TcPdfOutput\TcPdfOutput;
|
||||
use TCPDF;
|
||||
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
require $baseDir . '/../composer/vendor/autoload.php';
|
||||
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
// Show all errors except deprecation notices (these come from vendor libraries
|
||||
@@ -18,10 +13,20 @@ error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
|
||||
// Add a higher memory limit
|
||||
ini_set('memory_limit', '256M'); // Start with 256M, increase if needed
|
||||
|
||||
session_start();
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
require_once $baseDir . '/../scripts/session_functions.php';
|
||||
|
||||
ini_wkvs_session();
|
||||
|
||||
check_user_permission('trainer');
|
||||
|
||||
verify_csrf();
|
||||
|
||||
require $baseDir . '/../composer/vendor/autoload.php';
|
||||
|
||||
|
||||
if (empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || $_SESSION['passcodetrainer_id'] < 1) {
|
||||
if (empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['user_id_trainer']) || $_SESSION['user_id_trainer'] < 1) {
|
||||
http_response_code(403);
|
||||
header("Location: /intern/trainer");
|
||||
exit;
|
||||
@@ -338,7 +343,6 @@ if (isset($_POST['postversand'])) {
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
if ($totalPreis !== 0) {
|
||||
require __DIR__ . '/ajax-neu_qr_rechnung.php';
|
||||
}
|
||||
@@ -350,7 +354,7 @@ $pdf->SetX($columns['name']['max_width'] + $columns['programm']['max_width'] + $
|
||||
$pdf->Cell($columns['preis']['max_width'], 10, 'CHF ' . number_format($totalPreis, 2), 0, 1, 'C');
|
||||
$pdf->SetFont('GoogleSansFlex-Regular', '', 10);
|
||||
|
||||
if ($totalPreis !== 0) {
|
||||
if ($totalPreis === 0) {
|
||||
$pdf->Ln(10);
|
||||
$pdf->SetTextColor(90, 103, 39);
|
||||
$pdf->MultiCell(0, 8, 'Diese Rechnung wurde als bezahlt eigetragen, da der Betrag 0 CHF beträgt', 0, 'L');
|
||||
@@ -410,7 +414,7 @@ $stmt->execute();
|
||||
$stmt->close();
|
||||
|
||||
// 2. DELETE basket items
|
||||
db_delete($mysqli, $tableBasketItems, ['user_id' => intval($_SESSION['passcodetrainer_id'])]);
|
||||
db_delete($mysqli, $tableBasketItems, ['user_id' => intval($_SESSION['user_id_trainer'])]);
|
||||
|
||||
$mysqli->close();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user