:wqMerge branch 'homepage'

2022-06-12 19:57:30 +02:00
parent c0eee30a65 8329a6b2df
commit 2f67b4d35f
17 changed files with 651 additions and 247 deletions
--- a/homepage/participo/attendance.php
+++ b/homepage/participo/attendance.php
@@ -15,15 +15,15 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once($config['basePath']."/config/cwsvJudo.config.php");
 	require_once($config['basePath']."/config/phpcount.config.php");

-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);

-	$userData = getUserData($dbConnection, $_SESSION['user']['userId']);
-	$usersKids = getUsersKids($dbConnection, $_SESSION['user']['userId']);
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+	$usersKids = getUsersKids(dbConnector::getDbConnection(), $_SESSION['user']['userId']);

 	abstract class AttendanceType {
 		const __default = null;
@@ -273,13 +273,13 @@ foreach($usersKids as $k){
 if($_SESSION['login']){
 ?>
 		<main>
-				<?php //User::htmlTable( User::getUsers($dbConnection, ['attributeId' => UserAttribute::InTraining]));?>
+				<?php //User::htmlTable( User::getUsers(dbConnector::getDbConnection(), ['attributeId' => UserAttribute::InTraining]));?>
 <?php			// show own ...
-				$ownAttendances = Attendance::getUsersAttendance($dbConnection, $_SESSION['user']['userId']);
+				$ownAttendances = Attendance::getUsersAttendance(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
 				if (!empty($ownAttendances)){
 					echo(
 						"<h2 id=\"attendance-".$userData['id']."\">Eigene Anwesenheiten</h2>".
-						Attendance::userAttendanceHtmlTable($dbConnection, $userData['id'])
+						Attendance::userAttendanceHtmlTable(dbConnector::getDbConnection(), $userData['id'])
 					);	require_once("./lib/participoLib/participo.php");

 				}
@@ -290,7 +290,7 @@ if($_SESSION['login']){
 						if($userData['id']==$k['kidId']) continue;
 						echo(
 							"<h3 id=\"attendance-".$k['kidId']."\">".$k['vorname']." ".$k['name']."</h3>".
-							Attendance::userAttendanceHtmlTable($dbConnection, $k['kidId'])
+							Attendance::userAttendanceHtmlTable(dbConnector::getDbConnection(), $k['kidId'])
 						);
 					}
 				}
--- a/homepage/participo/auth.php
+++ b/homepage/participo/auth.php
@@ -1,9 +1,9 @@
 <?php
 session_start();
-	// Falls der serverseitige Logincookie nicht gesetzt ist, 
+	// Falls der serverseitige LoginCookie nicht gesetzt ist, 
 	// leite zur loginSeite weiter
 	if (empty($_SESSION['login'])) {
-		header('Location: login', TRUE, 301);
+		header("Location: login?returnTo=".urlencode($_SERVER['REQUEST_URI']), TRUE, 301);
 		exit;
 	} else {
 		$login_status = 
--- a/homepage/participo/css/participo.css
+++ b/homepage/participo/css/participo.css
@@ -1,16 +1,49 @@
 /*
 on large screens add a padding on the left for the fixed sidnav
 */
-header, main, footer {
+header,
+main,
+footer {
 	padding-left: 300px;
-	}
+}
+
@media only screen and (max-width : 992px) {
-	header, main, footer {
+
+	header,
+	main,
+	footer {
 		padding-left: 0;
 	}
 }

-.card video{
+.card video {
 	width: 100%;
 	max-width: 100%;
 }
+
+/*
+overrides for the header font sizes
+*/
+h1 {
+	font-size: 2.00rem;
+}
+
+h2 {
+	font-size: 1.50rem;
+}
+
+h3 {
+	font-size: 1.25rem;
+}
+
+h3 {
+	font-size: 1.20rem;
+}
+
+h3 {
+	font-size: 1.15rem;
+}
+
+h6 {
+	font-size: 1.10rem;
+}
--- a/homepage/participo/events.inc.php
+++ b/homepage/participo/events.inc.php
@@ -0,0 +1,34 @@
+<?php
+setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
+set_include_path(get_include_path() . PATH_SEPARATOR . "./lib/");
+
+require_once("participoLib/participo.php");
+require_once("participoLib/planer.php");
+
+require_once("config/participo.php");
+	
+	require_once("./local/dbConf.php");
+	require_once("./local/cwsvJudo.php");
+
+	require_once("./lib/db.php");
+	require_once("./lib/api.php");
+
+	require_once($config['basePath']."/config/cwsvJudo.config.php");
+
+	dbConnector::connect(
+		$cwsvJudoConfig["db"]["host"], 
+		$cwsvJudoConfig["db"]["name"], 
+		$cwsvJudoConfig["db"]["user"],
+		$cwsvJudoConfig["db"]["password"]
+	);
+    eventPlaner::setDbConnection(dbConnector::getDbConnection());
+
+	participo::authentificate();
+	
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+
+	$meta = array(
+		'title' => "Event Planer",
+		'description' => "Planung von (Nicht-)Teilnahmen an Wettkämpfen und anderen Veranstaltungen"
+	);
+?>
--- a/homepage/participo/events.php
+++ b/homepage/participo/events.php
@@ -0,0 +1,94 @@
+<?php
+include_once("events.inc.php");
+
+?>
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="utf-8" />
+		<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+
+		<!-- shared imports (common css, MaterializeCss) -->
+		<?php readfile("./shared/imports.php");?>
+
+		<!-- inits for the materializeCss -->
+		<script>
+			document.addEventListener('DOMContentLoaded', function() {
+				var elems = document.querySelectorAll('.sidenav');
+				var instances = M.Sidenav.init(elems, {
+					// specify options here
+				});
+			});
+			document.addEventListener('DOMContentLoaded', function() {
+				var elems = document.querySelectorAll('.modal');
+				var instances = M.Modal.init(elems, {
+				// specify options here
+				});
+			});
+
+			// Open the given modal
+			document.addEventListener('DOMContentLoaded', function () {
+				// So far we assume the first given fragment (the stuff behind the #) is the modalId 
+				var eventId = window.location.hash.substr(1);
+				var Modalelem = document.querySelector('#event-modal-'+eventId);
+				var instance = M.Modal.init(Modalelem);
+				instance.open();
+			});
+		</script>
+
+
+		<title><?php echo($meta['title']);?></title>
+		<meta name="description" content="<?php echo($meta['description']);?>" />
+
+		<link rel="icon"             href="<?echo($config['ressourceUrl']);?>/graphiken/icons/cwsv.ico" />
+		<link rel="apple-touch-icon" href="<?echo($config['baseUrl']);?>/apple-touch-icon.png">
+
+	</head>
+
+	<body>
+		<header>
+			<!-- cwsvJudoApps SideNav -->
+			<div>
+				<nav class="indigo darken-4">
+					<div class="nav-wrapper">
+						<div class="col s12">
+							<a href="http://cwsvjudo.bplaced.net/" class="breadcrumb">cwsvJudo-Apps</a>
+							<a href="http://cwsvjudo.bplaced.net/participo/events" class="breadcrumb"><?php echo($meta['title']);?></a>
+						</div>
+					</div>
+					
+					<a class="right top-nav sidenav-trigger waves-effect waves-light hide-on-large-only" href="#" data-target="nav-mobile">
+						<i class="material-icons">menu</i>
+					</a>
+				</nav>
+
+				<ul class="sidenav sidenav-fixed sidenav-close" id="nav-mobile">
+					<li class="logo">
+						<a style="height:auto;" class="brand-logo" id="logo-container" href="/participo/">
+							<img alt="cwsvJudoApps" style="max-width:100%;height:12vh;" class="responsive-img" src="http://cwsvjudo.bplaced.net/ressourcen/graphiken/logos/cwsvJudoLogoWappen.x256.png" />
+						</a>
+					</li>
+					<?php require_once("sidenav/loginStatus.php");?><!-- brings its own li -->
+					<li class="bold">
+						<a class="waves-effect waves-teal right-align" href="#eventList">Liste anstehender Events<i class="material-icons">format_list_bulleted</i></a>
+					</li>
+					<li class="bold">
+						<a class="waves-effect waves-teal right-align" href="#detailedEventList">Details anstehender Events<i class="material-icons">view_list</i></a>
+					</li>
+				</ul>
+
+			</div>
+		</header>
+
+<?php if($_SESSION['login']){ ?>
+		<main>
+			<h1 id="eventList">Übersicht anstehender Events</h1>
+			<!-- Table with events-->
+			<?php echo( eventPlaner::getHtmlEventTable(eventPlaner::getCommingWkEvents()) );?>
+
+			<h1 id="detailedEventList">Detailansicht kommender Wettkämpfe</h1>
+			<?php foreach( eventPlaner::getCommingWkEvents() as $event ) echo($event->asHtmlCard());?>
+		</main>
+<?php } ?>
+	</body>
+</html>
--- a/homepage/participo/index.php
+++ b/homepage/participo/index.php
@@ -1,110 +1,30 @@
 <?php
 setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once("config/participo.php");
-	
+
 	require_once("./local/dbConf.php");
 	require_once("./local/cwsvJudo.php");

 	require_once("./lib/db.php");
 	require_once("./lib/api.php");
 	require_once("./lib/participoLib/participo.php");
+	require_once("./lib/participoLib/planer.php");

 	require_once("./auth.php");

 	require_once($config['basePath']."/config/cwsvJudo.config.php");
 	require_once($config['basePath']."/config/phpcount.config.php");

-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);
-	$userData = getUserData($dbConnection, $_SESSION['user']['userId']);

-function getCommingWkEvents($dbConn, $someOptions=array() ){
-	// wir befinden uns in der Übergangsphase:
-	// - als Standard wird das derzeitige Verhalten definiert (ISO-8859-1 
-	//   und die Konvertierung erfolgt ausserhalb)
-	// - wenn einmal alle mbConvertEncoding weg sind, kann der Standard auf 
-	//   das gewünschte Verhalten umgestellt werden
-	$dbCharset = $someOptions['dbCharset'] ?? "ISO-8859-1";
-	// dbCharset = $someOptions['outCharset'] ?? "UTF-8";// das spätere, gewünschte Verhalten
-	$outCharset = $someOptions['outCharset'] ?? "ISO-8859-1";
-	
-	$query = 
-		"SELECT ".
-			"wkParticipo_Events.id, ".
-			"wkParticipo_Events.date, ".
-			"wkParticipo_Events.wkId, ".
-			"wkParticipo_Events.meldefrist, ".
-			"wkParticipo_Events.bemerkungen, ".
-			"wkParticipo_Events.kvOptions, ".
-			"wettkampfkalender.Datum, ".
-			"wettkampfkalender.Veranstaltung, ".
-			"wettkampfkalender.Altersklassen, ".
-			"wettkampfkalender.Ort, ".
-			"wettkampfkalender.Ausschreibung, ".
-			"wettkampfkalender.Routenplaner ".
-		"FROM wkParticipo_Events ".
-		"LEFT JOIN wettkampfkalender ".
-		"ON wettkampfkalender.lfdeNr = wkParticipo_Events.wkId ".
-			"WHERE wkParticipo_Events.date >= CURDATE() ".
-			"ORDER BY wkParticipo_Events.date;";
-		$ret = dbQuery($dbConn, $query);
-		// $results = $anMysqlConn->query($query);
-		
-		// // Bei einem Fehler bei der Abfrage soll NULL zurückgeliefert werden
-		// if( !$results ){
-		// 	echo("No Results: ".$anMysqlConn->error);
-		// 	return NULL;
-		// }
-		// // Bei einem leeren Ergebnis (NULL oder leeres Array) soll ein leeres Array zurückgeliefert werden
-		// if( empty($results) ) return array();
-	
-		// while( $result = $results->fetch_assoc() ){
-		// 	array_walk(
-		// 		$result,
-		// 		function (&$value, $key, $someOptions) {
-		// 			$value = iconv($someOptions['dbCharset'], $someOptions['outCharset'], $value);
-		// 		},
-		// 		$someOptions
-		// 	);
-		// 	array_push( $ret, $result);
-		// }
-	return $ret;
-}
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+	eventPlaner::setDbConnection( dbConnector::getDbConnection() );

-// array(12) { 
-// 	["id"]=> string(3) "139" 
-// 	["date"]=> string(10) "2021-12-29" 
-// 	["wkId"]=> string(0) "" 
-// 	["meldefrist"]=> string(10) "2021-12-28" 
-// 	["bemerkungen"]=> string(374) "{ "Datum": "2021-12-29", "Veranstaltung": "Jahresabschlusstraining", "Altersklassen": "alle", "bemerkungen": "
-
-//     Zum Abschluss des Jahres noch einmal eine kleine Einheit hauptsächlich zum Spielen
-//     Zeit: 16:00--19:00 Uhr
-
-// ", "Ort": "unser Dojo, Str. Usti nad Labem 42, 09120 Chemnitz", "Routenplaner": "https://osm.org/go/0MIYhLf3Q-" }" 
-// 	["kvOptions"]=> string(0) "" 
-// 	["Datum"]=> string(0) "" 
-// 	["Veranstaltung"]=> string(0) "" 
-// 	["Altersklassen"]=> string(0) "" 
-// 	["Ort"]=> string(0) "" 
-// 	["Ausschreibung"]=> string(0) "" 
-// 	["Routenplaner"]=> string(0) "" 
-// } 
-function getHtmlEventTable($eventList){
-	$ret = "</a><table>";
-	foreach($eventList as $event){
-		$e = json_decode($event['bemerkungen'], true);
-		$e = (($e==null)?$event:$e);
-		$e['id']=$event['id'];
-		$ret .= "<tr><td>".$e['Datum']."</td><td><a href=\"/pages/desktop/wkParticipo/showWkEvent.php?eventId=".$e['id']."\" >".$e['Veranstaltung']."</a></td></tr>";
-	}
-	$ret .= "</table><a>";
-	return $ret;
-}
 ?>
 <!DOCTYPE html>
 <html>
@@ -160,9 +80,9 @@ function getHtmlEventTable($eventList){
 				<li class="bold">
 					<a class="waves-effect waves-teal right-align" href="#configApps">Einstellen<i class="material-icons">settings</i></a>
 				</li>
-<?php if( isUserAdmin($dbConnection, $userData['id']) ){?>
+<?php if( isUserAdmin(dbConnector::getDbConnection(), $userData['id']) ){?>
 				<li class="bold">
-					<a class="waves-effect waves-teal right-align" href="#Admin">adminStuff</a>
+					<a class="waves-effect waves-teal right-align" href="#admiStuff">adminStuff</a>
 				</li>
 <?php }?>
 			</ul>
@@ -189,7 +109,7 @@ echo(
 	AppCard::fromArray([
 		'link'       => "/pages/desktop/wkParticipo",
 		'title'      => "Event-Planer",
-		'description'=> "Organisieren der Teilnahmen (und nicht-Teilnahmen) an Wettkämpfen, Sondertrainingseinheiten, Feiern etc.</p>".getHtmlEventTable(getCommingWkEvents($dbConnection))."<p>",
+		'description'=> "Organisieren der Teilnahmen (und nicht-Teilnahmen) an Wettkämpfen, Sondertrainingseinheiten, Feiern etc.</p>".eventPlaner::getHtmlEventTable(eventPlaner::getCommingWkEvents())."<p>",
 		'imgUrl'     => "/ressourcen/graphiken/icons/terminKalender.svg",
 		'actions'    => [
 			AppCardAction::fromArray(['caption'=>"Planer", 'link'=>"/pages/desktop/wkParticipo"]),
@@ -272,7 +192,7 @@ echo(
 			</div> <!-- configApps -->
 <?php
 // AdminStuff, thats only visible for Admins
-if( isUserAdmin($dbConnection, $userData['id']) ){
+if( isUserAdmin(dbConnector::getDbConnection(), $userData['id']) ){
 	echo(
 		"<h2>AdminStuff</h2>".
 		"<div id=\"admiStuff\" class=\"row\">".
--- a/homepage/participo/infoZettel.php
+++ b/homepage/participo/infoZettel.php
@@ -1,5 +1,8 @@
 <?php
 setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
+set_include_path(get_include_path() . PATH_SEPARATOR . "./lib/");
+	require_once("participoLib/participo.php");
+
 	require_once("config/participo.php");
 	
 	require_once("./local/dbConf.php");
@@ -7,8 +10,7 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');

 	require_once("./lib/db.php");
 	require_once("./lib/api.php");
-	require_once("./lib/participoLib/participo.php");
-
+	
 	require_once("./auth.php");

 	$basePath = $config['basePath'];
@@ -81,9 +83,6 @@ foreach($years as $year){?>
 			</ul>
 		</header>

-<?php
-if($_SESSION['login']){
-?>
 		<main>
 			<!-- List of Infos -->
 			<div class="row" id="infoList">
--- a/homepage/participo/lib/api.php
+++ b/homepage/participo/lib/api.php
@@ -123,7 +123,7 @@ function updateUserPassword($db, $userId, $password){
 		':val' => array('value'=>$password, 'data_type'=>PDO::PARAM_STR), 
 		':id'  => array('value'=>$userId,   'data_type'=>PDO::PARAM_INT) 
 	);
-	dbQuery($db, $query, $params);
+	dbConnector::query($query, $params);
 	
 	return;
 }
--- a/homepage/participo/lib/db.php
+++ b/homepage/participo/lib/db.php
@@ -1,19 +1,4 @@
 <?php
-// get a Connection to the database
-function getPdoDbConnection($hostname, $dbName, $user, $password){
-	try{
-		$dbConnection = new PDO(
-			'mysql:host='.$hostname.';dbname='.$dbName, 
-			$user, 
-			$password
-		);
-	}
-	catch(PDOException $dbError){
-		echo( "Error whilst getting a dbConnection!: " . $dbError->getMessage() );
-	}
-return $dbConnection;
-}
-
 function createDb($dbConnection){
 <<<SQL
 CREATE TABLE `cwsvjudo`.`anwesenheit` ( 
@@ -198,7 +183,7 @@ function isUserInKidIds($uId, $idList){

 // @todo: Achtung, als id ist die id der Vormundschaft gespeichert. Unter kidId die des Kindes.
 function getUsersKids($db, $userId, $options = []){
-	options['attribute'] ?? 
+	$options['attribute'] ?? 
 	$query = <<<SQL
 SELECT * 
 FROM `wkParticipo_Users` 
--- a/homepage/participo/lib/participoLib/participo.php
+++ b/homepage/participo/lib/participoLib/participo.php
@@ -2,11 +2,98 @@

 class participo{
 	private static $db = null;
-	static public function initDbConnection(){}
+	private static $message = ['error' => NULL, 'success' => NULL, 'notice' => NULL];
+
+	/**
+	 * Returns the current login status
+	 * 
+	 * The login status is stored in the session cookie. If it is not even set it means the login is invalid.
+	 *
+	 * @return The login status or false if none is set so far
+	 */
+	static public function isLoginValid(){
+		return ($_SESSION['login'] ?? false);
+	}
+
+	/**
+	 * A little Box with the login status as html entity
+	 *
+	 * @return string htmlEntity showing the login status 
+	 */
+	static public function htmlLoginStatus(){
+		return 
+			"<div style=\"border: 1px solid black\">".
+				"Datum: ".date("Y-m-d")."<br />".
+				"Angemeldet als <strong>".htmlspecialchars($_SESSION['user']['username'])."</strong>.<br />".
+				"<a href=\"logout.php\">Sitzung beenden</a>".
+			"</div>";
+	}
+
+	/**
+	 * Checks, if there already is a valid login, if not redirect to the login form
+	 *
+	 * @retval void
+	 */
+	static public function authentificate(){
+		session_start();
+		if ( !self::isLoginValid() ) {
+			header("Location: login?returnToUrl=".urlencode($_SERVER['REQUEST_URI'].($_POST['fragment'] ?? "")), TRUE, 301);
+			exit(); // should'nt matter
+		}
+	}
+
+	static public function getMessages(){return self::$message;}
+	static public function addMessage($type, $message){self::$message[$type] = (self::$message[$type] ?? "").$message;}
+
+	/**
+	 * check password for user
+	 * 
+	 * @param string $loginName user who wants to get in
+	 * @param string $password passwor for the user
+	 *
+	 * @retval true $password belongs to $loginName
+	 * @retval false otherwise
+	 */
+	static public function checkCredentials($loginName, $password){
+		sleep(1); // just to discurrage brute force attacks
+		// Check for dbConnection
+		if(!dbConnector::getDbConnection()){
+			self::addMessage('error', "<div>No DbConnection available</div>");
+			return false;
+		}
+
+		// query all users with the entered name
+		$user = dbConnector::query(
+			"SELECT `id`, `loginName`, `pwHash`, `config` FROM `wkParticipo_Users` WHERE `loginName` = :loginName",
+			['loginName' => ['value'=>$loginName, 'data_type'=>PDO::PARAM_STR]]
+		);
+
+		// If there is no such user OR the password isn't valid the login fails
+		if( empty($user || !password_verify( $password, $user['pwHash']) )){
+			sleep(5); // discourage brute force attacks
+			self::addMessage('error', "<div>Falsches Passwort oder LoginName</div>");
+			return false;
+		}
+
+		session_start();
+		// case valid login: Set the session data
+		$_SESSION = array(
+			'login' => true,
+			'user'  => array(
+				'username'  => $row['loginName'],
+				'userId' => $row['id'],
+				'userConfig' => json_decode($row['config'], true)
+			)
+		);
+
+		// Logging Logins
+		logLoginsToJsonFile($_SESSION['user']['username']);
+		
+		self::addMessage('success', "<div>Anmeldung erfolgreich</div>");
+		return true;
+	}
 }

-
-
 /**
 * Action element of an MaterializeCss (App-)card
 */
@@ -213,44 +300,6 @@ function loadMarkdownFile($fileName){
 	);
 }

-
-function checkCredentials($username, $password, $db_server, $db_user, $db_password, $db_name){
-    sleep(1);
-	$mysqli = @new mysqli($db_server, $db_user, $db_password, $db_name);
-	if ($mysqli->connect_error) {
-		$message['error'] = 'Datenbankverbindung fehlgeschlagen: ' . $mysqli->connect_error;
-	} else {
-		$query = sprintf(
-			"SELECT id, loginName, pwHash, config FROM wkParticipo_Users WHERE loginName = '%s'",
-			$mysqli->real_escape_string($_POST['f']['username'])
-		);
-		$result = $mysqli->query($query);
-		if ($row = $result->fetch_array(MYSQLI_ASSOC)) {
-			if( password_verify( $_POST['f']['password'], $row['pwHash']) ){
-				session_start();
-				$_SESSION = array(
-					'login' => true,
-					'user'  => array(
-						'username'  => $row['loginName'],
-						'userId' => $row['id'],
-						'userConfig' => json_decode($row['config'], true)
-					),
-				);
-				$message['success'] = 'Anmeldung erfolgreich, <a href="index.php">weiter zum Inhalt</a>.';				
-
-				// Logging Logins
-				logLoginsToJsonFile($_SESSION['user']['username']);
-				
-				header('Location: http://' . $_SERVER['HTTP_HOST'] . '/participo?user=' . $_POST['f']['username']);
-			} else {
-				sleep(5);
-				$message['error'] = 'Das Kennwort ist nicht korrekt.';
-			}
-		}
-	}
-return $message;
-}
-
 /**
 * Log the Login of an user into a logFile
 *
@@ -273,4 +322,111 @@ function logLoginsToJsonFile($userName, $fileName="lastLogins.json"){
 	}
 }

+
+class dbConnector{
+	static private $db = null;
+
+	// connect to the database
+	public static function connect($hostname, $dbName, $user, $password){
+		return self::setDbConnection( self::connectToPdo($hostname, $dbName, $user, $password) );
+	}
+
+	public static function getDbConnection(){return self::$db;}
+
+	/// perform a pdo-query
+	///
+	/// @param $aQueryString
+	/// @param $aBindArray e.g. array( 
+	///  ':userId'     => array('value'=>$anUserId,      'data_type'=>PDO::PARAM_INT), 
+	///  ':attributeId'=> array('value'=>$anAttributeId, 'data_type'=>PDO::PARAM_INT) )
+	/// @param $someOption
+	function query($aQueryString, $aBindArray = array(), $someOptions = array()){
+		// Standardbelegungen
+		if( empty($someOptions['dbCharset' ]) ) $someOptions['dbCharset' ] = "ISO-8859-1";
+		if( empty($someOptions['outCharset']) ) $someOptions['outCharset'] = "UTF-8";
+		if( empty($someOptions['dontFetch' ]) ) $someOptions['dontFetch' ] = false;
+		
+		/// @toDo: Bisher wird nur die Rückgabe konvertiert. Eigentlich muss 
+		///  doch auch die Eingabe konvertiert werden. Aber das jetzt 
+		///  umzustellen wird schwer! Die User im Wettkampfplaner sind ja z.B. 
+		///  als UTF8 in latin1(?) gespeichert.
+		/// @toDo: Die Standardwerte sollten vielleicht aus einer config 
+		///  kommen, nicht hardcoded
+		try{
+			$pdoStatement = self::$db->prepare( $aQueryString );
+			foreach( $aBindArray as $bindName => $bind ){
+				if( $bind['data_type'] == PDO::PARAM_STR)
+					$bind['value'] = iconv(
+						$someOptions['outCharset'], 
+						$someOptions['dbCharset'], 
+						$bind['value']
+					);
+				$pdoStatement->bindValue(
+					$bindName,
+					$bind['value'],
+					(isset($bind['data_type'])?$bind['data_type']:PDO::PARAM_STR)
+				);
+			}
+			$pdoResult = $pdoStatement->execute();
+			if(!$pdoResult){
+				echo("Error during dbQuery!\n");
+				echo("DB-Error:\n"); var_dump(self::$db->errorInfo());
+			}
+			if($someOptions['dontFetch']){
+				$ret = NULL;
+			}
+			else{
+				$ret = $pdoStatement->fetchAll(PDO::FETCH_ASSOC);
+			}
+		}
+		catch(PDOException $db_error){
+			print "Error!: " . $db_error->getMessage() . "<br/>";
+			return null;
+		}
+		
+		// Zeichensatzkonvertierung
+		if( is_array($ret) ){
+			foreach($ret as &$entry){
+				array_walk(
+					$entry,
+					function (&$value, $key, $someOptions) {
+						$value = iconv($someOptions['dbCharset'], $someOptions['outCharset'], $value);
+					},
+					$someOptions
+				);
+			}
+		}
+		return $ret;
+	}
+	
+	// get a Connection to the database
+	static private function connectToPdo($hostname, $dbName, $user, $password){
+		$dbConnection=null;
+		try{
+			$dbConnection = new PDO(
+				'mysql:host='.$hostname.';dbname='.$dbName, 
+				$user, 
+				$password
+			);
+		}
+		catch(PDOException $dbError){
+			echo( "Error whilst getting a dbConnection!: " . $dbError->getMessage() );
+		}
+		return $dbConnection;
+	}
+
+	// set the dbConnection (just setting, no establishing)
+	private static function setDbConnection($dbConnection){
+		$success = false;
+		if($dbConnection instanceof PDO){
+			self::$db = $dbConnection;
+			$success = true;
+		}
+		else{
+			self::$db = null;
+		}
+	}
+
+
+}
 ?>
--- a/homepage/participo/lib/participoLib/planer.php
+++ b/homepage/participo/lib/participoLib/planer.php
@@ -0,0 +1,186 @@
+<?php
+
+
+class shiai{
+	private $id = null; //< unique id
+	private $date = null; //< date of the shiai
+	private $name = null; //< name of the shiai as string
+	private $ageclasses = null; //< age classes as space separated Uxy in a string
+	private $place = null; //< place of the shiai as string
+	private $announcementUrl = null; //< url to the announcement
+	private $routeUrl = null; //< url to a routing planner
+	private $galleryUrl = null; //< url of the gallery to a gallery of the shiai
+	private $promoImgUrl = null; //< promotional image for the shiai (as url)
+
+	function __construct($id, $date, $name, $ageclasses, $place, $announcementUrl, $routeUrl, $galleryUrl, $promoImgUrl){
+		//! @todo input validation and sanitation
+		$this->id = (int) $id;
+		$this->date = DateTime::createFromFormat("Y-m-d", $date);
+		$this->name = $name;
+		$this->ageclasses = $ageclasses;
+		$this->place = $place;
+		$this->announcementUrl = $announcementUrl;
+		$this->routeUrl = $routeUrl;
+		$this->galleryUrl = $galleryUrl;
+		$this->promoImgUrl = $promoImgUrl;
+	}
+
+	public function getName(){
+		return $this->name;
+	}
+	public function getAgeClasses(){
+		return $this->ageclasses ? $this->ageclasses : "-";
+	}
+	public function getId(){
+		return $this->id;
+	}
+
+	static public function fromArray($member){
+		return new shiai(
+			$member['lfdeNr'] ?? null,
+			$member['Datum'] ?? null,
+			$member['Veranstaltung'] ?? "<fehlender Name>",
+			$member['Altersklassen'] ?? null,
+			$member['Ort'] ?? "<fehlender Ort>",
+			$member['Ausschreibung'] ?? null,
+			$member['Routenplaner'] ?? null,
+			$member['galleryLink'] ?? null,
+			$member['promoPic'] ?? null
+		);
+	}
+} // end class shiai
+
+class event{
+	private $id = null;       //< unique id of the event in the db
+	private $date = null;     //< date for the event (@todo ranges?)
+	private $shiaiId = null;  //< unique id of the shiai in the db (if appropriate)
+	private $deadline = null; //< until when one can register for the event
+	private $remarks = null;  //< remarks to the event (special rules) or a json object for missing data (e.g. non-shiai events)
+
+	private $shiai = null;
+
+	function __construct($id, $date, $shiaiId, $deadline, $remarks, $shiai){
+		//! @todo InputValidation
+		$this->id = (int) $id;
+		$this->date = DateTime::createFromFormat("Y-m-d", $date);
+		$this->shiaiId = (($shiaiId!=null)?((int)$shiaiId):(null));
+		$this->deadline = DateTime::createFromFormat("Y-m-d", $deadline);
+		$this->remarks = $remarks;
+
+		$this->shiai = $shiai;
+	}
+
+	function asHtmlCard(){
+		return 
+			"<div class=\"card blue-grey darken-1\">".
+				"<div class=\"card-content white-text\">".
+					"<span class=\"card-title\">".$this->shiai->getName()."</span>".
+					"<dl>".
+						"<dt>Datum</dt>".
+						"<dd>".$this->date->format("Y-m-d")."</dd>".
+						"<dt>Meldefrist</dt>".
+						"<dd>".$this->deadline->format("Y-m-d")."</dd>".
+						"<dt>Altersklassen</dt>".
+						"<dd>".$this->shiai->getAgeClasses()."</dd>".
+				"</div>".
+			"</div>";
+	}
+	public function htmlTableRow(){
+		return 
+			"<tr>".
+				"<td>Datum ".$this->date->format("Y-m-d")."</td>".
+				"<td><a href=\"/pages/desktop/wkParticipo/showWkEvent.php?eventId=".$this->id."\" >".$this->shiai->getName()."</a></td>".
+				"<td><a class=\"waves-effect waves-light btn-floating modal-trigger\" href=\"#event-modal-".$this->id."\"><i class=\"material-icons\">add</i></a></td>".
+			"</tr>";
+	}
+	public function htmlModal(){
+		return 
+			"<div id=\"event-modal-".$this->id."\" class=\"modal\">".
+				"<div class=\"modal-content\">".
+					"<h4>".$this->shiai->getName()."</h4>".
+					"<p>A bunch of text</p>".
+				"</div>". // end modal-content
+				"<div class=\"modal-footer\">".
+					"<a href=\"#!\" class=\"modal-close waves-effect waves-green btn-flat\">Agree</a>".
+				"</div>".
+			"</div>";
+	}
+
+	static public function fromArray($member){
+		$shiai = json_decode($member['bemerkungen'], true);
+
+		return new event(
+			$member['id'] ?? null,
+			$member['date'] ?? null,
+			$member['wkId'] ?? null,
+			$member['meldefrist'] ?? null,
+			$member['bemerkungen'] ?? null,
+			shiai::fromArray( ($shiai != null) ? $shiai : $member )
+		);
+	}
+} // end class event
+
+class eventPlaner{
+	static private $db = null;
+	// set the dbConnection (just setting, no establishing)
+	public static function setDbConnection($dbConnection){
+		if($dbConnection instanceof PDO)
+			self::$db = $dbConnection;
+		else
+			self::$db = null;
+	return;
+	}
+
+	static public function getCommingWkEvents($someOptions=array() ){
+		// wir befinden uns in der Übergangsphase:
+		// - als Standard wird das derzeitige Verhalten definiert (ISO-8859-1 
+		//   und die Konvertierung erfolgt ausserhalb)
+		// - wenn einmal alle mbConvertEncoding weg sind, kann der Standard auf 
+		//   das gewünschte Verhalten umgestellt werden
+		$dbCharset = $someOptions['dbCharset'] ?? "ISO-8859-1";
+		// dbCharset = $someOptions['outCharset'] ?? "UTF-8";// das spätere, gewünschte Verhalten
+		$outCharset = $someOptions['outCharset'] ?? "ISO-8859-1";
+		
+		$query = 
+			"SELECT ".
+				"wkParticipo_Events.id, ".
+				"wkParticipo_Events.date, ".
+				"wkParticipo_Events.wkId, ".
+				"wkParticipo_Events.meldefrist, ".
+				"wkParticipo_Events.bemerkungen, ".
+				"wkParticipo_Events.kvOptions, ".
+				"wettkampfkalender.Datum, ".
+				"wettkampfkalender.Veranstaltung, ".
+				"wettkampfkalender.Altersklassen, ".
+				"wettkampfkalender.Ort, ".
+				"wettkampfkalender.Ausschreibung, ".
+				"wettkampfkalender.Routenplaner ".
+			"FROM wkParticipo_Events ".
+			"LEFT JOIN wettkampfkalender ".
+			"ON wettkampfkalender.lfdeNr = wkParticipo_Events.wkId ".
+				"WHERE wkParticipo_Events.date >= CURDATE() ".
+				"ORDER BY wkParticipo_Events.date;";
+		$ret = dbQuery(self::$db, $query);
+		$events = array();
+		foreach($ret as $event){
+			array_push( $events, event::fromArray( $event ) );
+		}
+		return $events;
+	}
+	
+	static public function getHtmlEventTable($eventList){
+		$ret = "<table>";
+		$ret .= "<!-- And now the table -->";
+		foreach($eventList as $event){
+			$ret .= $event->htmlTableRow();
+		}
+		$ret .= "</table>";
+		foreach($eventList as $event){
+			$ret .= $event->htmlModal();
+		}
+		return $ret;
+	}
+}
+
+
+?>
--- a/homepage/participo/lib/planerLib/planer.php
+++ b/homepage/participo/lib/planerLib/planer.php
@@ -1,64 +0,0 @@
-<?php
-
-class eventPlaner{
-	static private $db = null;
-	function setDbConnection($db){
-		$this->$db = $db;
-	}
-}
-
-class shiai{
-	private $id = null; //< unique id
-	private $date = null; //< date of the shiai
-	private $name = null; //< name of the shiai as string
-	private $ageclasses = null; //< age classes as space separated Uxy in a string
-	private $place = null; //< place of the shiai as string
-	private $announcementUrl = null; //< url to the announcement
-	private $routeUrl = null; //< url to a routing planner
-	private $galleryUrl = null; //< url of the gallery to a gallery of the shiai
-	private $promoImgUrl = null; //< promotional image for the shiai (as url)
-
-	function __construct($id, $date, $name, $ageclasses, $place, $announcementUrl, $routeUrl, $galleryUrl, $promoImgUrl){
-		//! @todo input validation and sanitation
-		$this->$id = (int) $id;
-		$this->$date = DateTime::createFromFormat("Y-m-d", $date);
-		$this->$name = $name;
-		$this->ageclasses = $ageclasses;
-		$this->place = $place;
-		$this->announcementUrl = $announcementUrl;
-		$this->routeUrl = $routeUrl;
-		$this->galleryUrl = $galleryUrl;
-		$this->promoImgUrl = $promoImgUrl;
-	}
-	static public function fromArray($member){
-		$id = $member['lfdeNr'] ?? null;
-		$date = $member['Datum'] ?? null;
-		$name = $member['Veranstaltung'] ?? "<fehlender Name>";
-		$ageclasses = $member['Altersklassen'] ?? null;
-		$place = $member['Ort'] ?? "<fehlender Ort>";
-		$announcementUrl = $member['Ausschreibung'] ?? null;
-		$routeUrl = $member['Routenplaner'] ?? null;
-		$galleryUrl = $member['galleryLink'] ?? null;
-		$promoImgUrl = $member['promoPic'] ?? null;
-	}
-}
-class event{
-	private $id = null;       //< unique id of the event in the db
-	private $date = null;     //< date for the event (@todo ranges?)
-	private $shiaiId = null;  //< unique id of the shiai in the db (if appropriate)
-	private $deadline = null; //< until when one can register for the event
-	private $remarks = null;  //< remarks to the event (special rules) or a json object for missing data (e.g. non-shiai events)
-
-	private $shiai = null;
-
-	function __construct($id, $date, $shiaiId, $deadline, $remarks){
-		//! @todo InputValidation
-		$this->$id = (int) $id;
-		$this->$date = DateTime::createFromFormat("Y-m-d", $date);
-		$this->shiaiId = (($shiaiId!=null)?((int)$shiaiId):(null));
-		$this->deadline = DateTime::createFromFormat("Y-m-d");
-		$this->remarks = $remarks;
-	}
-}
-
-?>
--- a/homepage/participo/login.php
+++ b/homepage/participo/login.php
@@ -1,14 +1,23 @@
 <?php
 setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
+set_include_path(get_include_path() . PATH_SEPARATOR . "./lib/");

-	require_once("lib/participoLib/participo.php");
+	require_once("participoLib/participo.php");
 	require_once("config/participo.php");
 	
 	require_once("./local/dbConf.php");

-// Check, if the login is already set. If so move to the main page.
+	require_once($config['basePath']."/config/cwsvJudo.config.php");
+	dbConnector::connect(
+		$cwsvJudoConfig["db"]["host"], 
+		$cwsvJudoConfig["db"]["name"], 
+		$cwsvJudoConfig["db"]["user"],
+		$cwsvJudoConfig["db"]["password"]
+	);
+
+// Check, if the login is already set. If so move to the main page
 if (isset($_SESSION['login'])) {
-	header('Location: http://' . $_SERVER['HTTP_HOST'] . '/index.php');
+	header("Location: http://" . ($_POST['returnToUrl'] ?? "."), TRUE, 301);
 }
 // Otherwise check credentials if given.
 else{
@@ -17,12 +26,14 @@ else{
 			empty($_POST['f']['username']) ||
 			empty($_POST['f']['password'])
 		) {
-			$message['error'] = 'Es wurden nicht alle Felder ausgefüllt.';
+			$message = ['error' => "Es wurden nicht alle Felder ausgefüllt."];
 		} else {
-			
-			$message = checkCredentials($_POST['f']['username'], $_POST['f']['password'], $db_server, $db_user, $db_password, $db_name);
-			if( !isset($message['error']) )
-				$message['notice'] = "OnlineApps - cwsvJudo";
+			if( participo::checkCredentials( $_POST['f']['username'], $_POST['f']['password']) ){
+				$returnToUrl = ($_POST['returnToUrl'] ?? ".").($_POST['fragment'] ?? "");
+				participo::addMessage('success', "<div><a href=\"".$returnToUrl."\">weiter zum Inhalt</a>.</div>");
+				participo::addMessage('notice', "OnlineApps - cwsvJudo");
+				header("Location: " . $returnToUrl, TRUE, 301 );
+			}
 		}
 	}
 }
@@ -42,18 +53,28 @@ else{
 	</head>
 	<body class="container">
 		<h1>Loginseite der Online-Apps der Judoka des CWSV</h1>
-		<?php echo(htmlRetMessage($message));?>
+		<?php echo(htmlRetMessage(participo::getMessages()));?>
 		<form action="./login.php" method="post">
 			<fieldset>
 				<legend>Benutzerdaten</legend>
 				<div>
 					<label for="username">Benutzername</label>
-					<input  id="username"type="text" name="f[username]" <?php echo isset($_POST['f']['username']) ? ' value="' . htmlspecialchars($_POST['f']['username']) . '"' : '' ?> />
+					<input  id="username" type="text" name="f[username]" <?php echo isset($_POST['f']['username']) ? ' value="' . htmlspecialchars($_POST['f']['username']) . '"' : '' ?> />
 				</div>
 				<div>
 					<label for="password">Kennnwort</label>
 					<input  id="password" type="password" name="f[password]" />
 				</div>
+				<?php if( isset( $_GET['returnToUrl']) ) echo("<input type=\"hidden\" name=\"returnToUrl\" value=\"".htmlspecialchars( $_GET['returnToUrl'])."\" />"); ?>
+				<?php if( isset($_POST['returnToUrl']) ) echo("<input type=\"hidden\" name=\"returnToUrl\" value=\"".htmlspecialchars($_POST['returnToUrl'])."\" />"); ?>
+				<input id="fragment" type="hidden" name="fragment" />
+				<!-- add the fragment to the post data-->
+				<script>
+					if(window.location.hash){
+						document.getElementById("fragment").value=window.location.hash;
+					}
+				</script>
+
 			</fieldset>
 			<fieldset>
 				<div>
--- a/homepage/participo/shared/sidenav.inc.php
+++ b/homepage/participo/shared/sidenav.inc.php
@@ -0,0 +1,39 @@
+<!-- cwsvJudoApps SideNav -->
+<div>
+    <nav class="indigo darken-4">
+        <h1 style="display:inline;">
+            <?php echo($meta['title']);?>
+        </h1>
+        
+        <a class="right top-nav sidenav-trigger waves-effect waves-light hide-on-large-only" href="#" data-target="nav-mobile">
+            <i class="material-icons">menu</i>
+        </a>
+    </nav>
+
+    <ul class="sidenav sidenav-fixed sidenav-close" id="nav-mobile">
+        <li class="logo">
+            <a style="height:auto;" class="brand-logo" id="logo-container" href="/participo/">
+                <img alt="cwsvJudoApps" style="max-width:100%;height:12vh;" class="responsive-img" src="http://cwsvjudo.bplaced.net/ressourcen/graphiken/logos/cwsvJudoLogoWappen.x256.png" />
+            </a>
+        </li>
+        <?php require_once("sidenav/loginStatus.php");?><!-- brings its own li -->
+        <li class="bold">
+            <a class="waves-effect waves-teal right-align" href="#mitmachApps">Mitmachen<i class="material-icons">accessibility</i></a>
+        </li>
+        <li class="bold">
+            <a class="waves-effect waves-teal right-align" href="#infoApps">Informieren<i class="material-icons">info</i></a>
+        </li>
+        <li class="bold">
+            <a class="waves-effect waves-teal right-align" href="#lexiApps">Nachschlagen<i class="material-icons">book</i></a>
+        </li>
+        <li class="bold">
+            <a class="waves-effect waves-teal right-align" href="#configApps">Einstellen<i class="material-icons">settings</i></a>
+        </li>
+
+<?php if( isUserAdmin($dbConnection, $userData['id']) ){?>
+        <li class="bold">
+            <a class="waves-effect waves-teal right-align" href="#Admin">adminStuff</a>
+        </li>
+<?php }?>
+    </ul>
+</div>
--- a/homepage/participo/user.php
+++ b/homepage/participo/user.php
@@ -5,6 +5,7 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once("./local/dbConf.php");
 	require_once("./local/cwsvJudo.php");

+	require_once("./lib/participoLib/participo.php");
 	require_once("./lib/db.php");
 	require_once("./lib/api.php");

@@ -13,17 +14,17 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once($config['basePath']."/config/cwsvJudo.config.php");
 	require_once($config['basePath']."/config/phpcount.config.php");
 	
-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);
 	
-	$userData = getUserData($dbConnection, $_SESSION['user']['userId']);
-	$usersKids = getUsersKids($dbConnection, $_SESSION['user']['userId']);
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+	$usersKids = getUsersKids(dbConnector::getDbConnection(), $_SESSION['user']['userId']);

-	processPostData($dbConnection, $_POST);
+	processPostData(dbConnector::getDbConnection(), $_POST);

 ?>
 <!DOCTYPE html>
--- a/infoZettelOrg/Makefile
+++ b/infoZettelOrg/Makefile
@@ -62,14 +62,14 @@ aushang/%.pdf: aushang/%.md
 .PHONY: infoZettelUpload
 #infoZettelUpload: $(infoZettelUploads)
 infoZettelUpload: infoZettel
-	curl -T "{$$(echo *.md | tr ' ' ',')}" ftp://cwsvjudo:$(uploadPassword)@cwsvjudo.bplaced.net/www/infoZettel/
+	curl -T "{$$(echo *.md | tr ' ' ',')}" ftp://$(uploadUser):$(uploadPassword)@cwsvjudo.bplaced.net/www/infoZettel/

 uploadTouch/%.md: %.md
-	curl --verbose --upload-file $^ ftp://cwsvjudo:$(uploadPassword)@cwsvjudo.bplaced.net/www/infoZettel/$^
+	curl --verbose --upload-file $^ ftp://$(uploadUser):$(uploadPassword)@cwsvjudo.bplaced.net/www/infoZettel/$^
 	touch $@

 uploadTouch/%.pdf: %.pdf
-	curl --verbose --upload-file $^ ftp://cwsvjudo:$(uploadPassword)@cwsvjudo.bplaced.net/www/temp/druck/$^
+	curl --verbose --upload-file $^ ftp://$(uploadUser):$(uploadPassword)@cwsvjudo.bplaced.net/www/temp/druck/$^
 	touch $@

 .PHONY: echo
--- a/submodules/materialize
+++ b/submodules/materialize