Überarbeitete Version der 1. Version. Es bestehen noch grosse Feher in einzelnen Skripten.

www/intern/scripts/sidebar/sidebar.php

@@ -40,11 +40,11 @@ $icons = [
 if (isset($mysqli) && isset($tableInternUsers)) {
 
     if ($currentPage === 'kampfrichter' && checkIfUserHasSessionId('kampfrichter')):
-        $userDispId = intval($_SESSION['passcodekampfrichter_id']);
+        $userDispId = intval($_SESSION['user_id_kampfrichter']);
     elseif ($currentPage === 'kampfrichter' && checkIfUserHasSessionId('trainer')):
-        $userDispId = intval($_SESSION['passcodetrainer_id']);
+        $userDispId = intval($_SESSION['user_id_trainer']);
     elseif ($isWKL && checkIfUserHasSessionId('wk_leitung')):
-        $userDispId = intval($_SESSION['passcodewk_leitung_id']);
+        $userDispId = intval($_SESSION['user_id_wk_leitung']);
     endif;
 
     $sql = "SELECT `username`, `freigabe` FROM $tableInternUsers WHERE id = ?";
@@ -87,7 +87,7 @@ if ($isWKL) {
 }
 
 function checkIfUserHasSessionId($type) : bool {
-    if (isset($_SESSION['passcode'.$type.'_id']) && intval(['passcode'.$type.'_id']) > 0) { return true; }
+    if (isset($_SESSION['user_id_'.$type]) && intval(['user_id_'.$type]) > 0) { return true; }
     else { return false; }
 }
 
@@ -181,6 +181,8 @@ function sidebarRender(string $mode) {
 
     <script>
 
+    window.CSRF_TOKEN = "<?= $csrf_token ?? $_SESSION['csrf_token'] ?? '' ?>";
+
     const siteType = '<?= $currentPage ?>';
     // Close button binding (inline to avoid race condition with sidebar.js)
     document.addEventListener('DOMContentLoaded', function() {