redirecting login

2022-06-06 12:55:17 +02:00
parent 706b722b12
commit 3e3fb6d953
12 changed files with 304 additions and 144 deletions
--- a/homepage/participo/attendance.php
+++ b/homepage/participo/attendance.php
@@ -15,15 +15,15 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once($config['basePath']."/config/cwsvJudo.config.php");
 	require_once($config['basePath']."/config/phpcount.config.php");

-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);

-	$userData = getUserData($dbConnection, $_SESSION['user']['userId']);
-	$usersKids = getUsersKids($dbConnection, $_SESSION['user']['userId']);
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+	$usersKids = getUsersKids(dbConnector::getDbConnection(), $_SESSION['user']['userId']);

 	abstract class AttendanceType {
 		const __default = null;
@@ -273,13 +273,13 @@ foreach($usersKids as $k){
 if($_SESSION['login']){
 ?>
 		<main>
-				<?php //User::htmlTable( User::getUsers($dbConnection, ['attributeId' => UserAttribute::InTraining]));?>
+				<?php //User::htmlTable( User::getUsers(dbConnector::getDbConnection(), ['attributeId' => UserAttribute::InTraining]));?>
 <?php			// show own ...
-				$ownAttendances = Attendance::getUsersAttendance($dbConnection, $_SESSION['user']['userId']);
+				$ownAttendances = Attendance::getUsersAttendance(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
 				if (!empty($ownAttendances)){
 					echo(
 						"<h2 id=\"attendance-".$userData['id']."\">Eigene Anwesenheiten</h2>".
-						Attendance::userAttendanceHtmlTable($dbConnection, $userData['id'])
+						Attendance::userAttendanceHtmlTable(dbConnector::getDbConnection(), $userData['id'])
 					);	require_once("./lib/participoLib/participo.php");

 				}
@@ -290,7 +290,7 @@ if($_SESSION['login']){
 						if($userData['id']==$k['kidId']) continue;
 						echo(
 							"<h3 id=\"attendance-".$k['kidId']."\">".$k['vorname']." ".$k['name']."</h3>".
-							Attendance::userAttendanceHtmlTable($dbConnection, $k['kidId'])
+							Attendance::userAttendanceHtmlTable(dbConnector::getDbConnection(), $k['kidId'])
 						);
 					}
 				}
--- a/homepage/participo/auth.php
+++ b/homepage/participo/auth.php
@@ -1,9 +1,9 @@
 <?php
 session_start();
-	// Falls der serverseitige Logincookie nicht gesetzt ist, 
+	// Falls der serverseitige LoginCookie nicht gesetzt ist, 
 	// leite zur loginSeite weiter
 	if (empty($_SESSION['login'])) {
-		header('Location: login', TRUE, 301);
+		header("Location: login?returnTo=".urlencode($_SERVER['REQUEST_URI']), TRUE, 301);
 		exit;
 	} else {
 		$login_status = 
--- a/homepage/participo/events.inc.php
+++ b/homepage/participo/events.inc.php
@@ -8,18 +8,24 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once("./lib/db.php");
 	require_once("./lib/api.php");
 	require_once("./lib/participoLib/participo.php");
-    require_once("./lib/planerLib/planer.php");
-
-	require_once("./auth.php");
+    require_once("./lib/participoLib/planer.php");

 	require_once($config['basePath']."/config/cwsvJudo.config.php");

-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);
-    eventPlaner::setDbConnection($dbConnection);
-    $userData = getUserData($dbConnection, $_SESSION['user']['userId']);
+    eventPlaner::setDbConnection(dbConnector::getDbConnection());
+
+	participo::authentificate();
+	
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+
+	$meta = array(
+		'title' => "Event Planer",
+		'description' => "Planung von (Nicht-)Teilnahmen an Wettkämpfen und anderen Veranstaltungen"
+	);
 ?>
--- a/homepage/participo/events.php
+++ b/homepage/participo/events.php
@@ -1,8 +1,5 @@
 <?php
-$meta = array(
-	'title' => "Event Planer",
-	'description' => "Planung von (Nich-)Teilnahmen an Wettkämpfen und anderen Veranstaltungen"
-);
+set_include_path(get_include_path() . PATH_SEPARATOR . "./lib/");

 include_once("events.inc.php");

@@ -28,7 +25,7 @@ include_once("events.inc.php");


 		<title><?php echo($meta['title']);?></title>
-		<meta name="description" content=<?php echo($meta['description']);?>])>
+		<meta name="description" content="<?php echo($meta['description']);?>" />

 		<link rel="icon"             href="<?echo($config['ressourceUrl']);?>/graphiken/icons/cwsv.ico" />
 		<link rel="apple-touch-icon" href="<?echo($config['baseUrl']);?>/apple-touch-icon.png">
@@ -37,12 +34,46 @@ include_once("events.inc.php");

 	<body>
 		<header>
-			<?php readfile("./shared/sidenav.inc.php");?>
+			<!-- cwsvJudoApps SideNav -->
+			<div>
+				<nav class="indigo darken-4">
+					<div class="nav-wrapper">
+						<div class="col s12">
+							<a href="http://cwsvjudo.bplaced.net/" class="breadcrumb">cwsvJudo-Apps</a>
+							<a href="http://cwsvjudo.bplaced.net/participo/events" class="breadcrumb"><?php echo($meta['title']);?></a>
+						</div>
+					</div>
+					
+					<a class="right top-nav sidenav-trigger waves-effect waves-light hide-on-large-only" href="#" data-target="nav-mobile">
+						<i class="material-icons">menu</i>
+					</a>
+				</nav>
+
+				<ul class="sidenav sidenav-fixed sidenav-close" id="nav-mobile">
+					<li class="logo">
+						<a style="height:auto;" class="brand-logo" id="logo-container" href="/participo/">
+							<img alt="cwsvJudoApps" style="max-width:100%;height:12vh;" class="responsive-img" src="http://cwsvjudo.bplaced.net/ressourcen/graphiken/logos/cwsvJudoLogoWappen.x256.png" />
+						</a>
+					</li>
+					<?php require_once("sidenav/loginStatus.php");?><!-- brings its own li -->
+					<li class="bold">
+						<a class="waves-effect waves-teal right-align" href="#eventList">Liste anstehender Events<i class="material-icons">format_list_bulleted</i></a>
+					</li>
+					<li class="bold">
+						<a class="waves-effect waves-teal right-align" href="#detailedEventList">Details anstehender Events<i class="material-icons">view_list</i></a>
+					</li>
+				</ul>
+
+			</div>
 		</header>

 <?php if($_SESSION['login']){ ?>
 		<main>
+			<h1 id="eventList">Übersicht anstehender Events</h1>
 			<?php echo( eventPlaner::getHtmlEventTable(eventPlaner::getCommingWkEvents()) );?>
+
+			<h1 id="detailedEventList">Detailansicht kommender Wettkämpfe</h1>
+			<?php foreach( eventPlaner::getCommingWkEvents() as $event ) echo($event->asHtmlCard());?>
 		</main>
 <?php } ?>
 	</body>
--- a/homepage/participo/index.php
+++ b/homepage/participo/index.php
@@ -1,110 +1,30 @@
 <?php
 setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once("config/participo.php");
-	
+
 	require_once("./local/dbConf.php");
 	require_once("./local/cwsvJudo.php");

 	require_once("./lib/db.php");
 	require_once("./lib/api.php");
 	require_once("./lib/participoLib/participo.php");
+	require_once("./lib/participoLib/planer.php");

 	require_once("./auth.php");

 	require_once($config['basePath']."/config/cwsvJudo.config.php");
 	require_once($config['basePath']."/config/phpcount.config.php");

-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);
-	$userData = getUserData($dbConnection, $_SESSION['user']['userId']);

-function getCommingWkEvents($dbConn, $someOptions=array() ){
-	// wir befinden uns in der Übergangsphase:
-	// - als Standard wird das derzeitige Verhalten definiert (ISO-8859-1 
-	//   und die Konvertierung erfolgt ausserhalb)
-	// - wenn einmal alle mbConvertEncoding weg sind, kann der Standard auf 
-	//   das gewünschte Verhalten umgestellt werden
-	$dbCharset = $someOptions['dbCharset'] ?? "ISO-8859-1";
-	// dbCharset = $someOptions['outCharset'] ?? "UTF-8";// das spätere, gewünschte Verhalten
-	$outCharset = $someOptions['outCharset'] ?? "ISO-8859-1";
-	
-	$query = 
-		"SELECT ".
-			"wkParticipo_Events.id, ".
-			"wkParticipo_Events.date, ".
-			"wkParticipo_Events.wkId, ".
-			"wkParticipo_Events.meldefrist, ".
-			"wkParticipo_Events.bemerkungen, ".
-			"wkParticipo_Events.kvOptions, ".
-			"wettkampfkalender.Datum, ".
-			"wettkampfkalender.Veranstaltung, ".
-			"wettkampfkalender.Altersklassen, ".
-			"wettkampfkalender.Ort, ".
-			"wettkampfkalender.Ausschreibung, ".
-			"wettkampfkalender.Routenplaner ".
-		"FROM wkParticipo_Events ".
-		"LEFT JOIN wettkampfkalender ".
-		"ON wettkampfkalender.lfdeNr = wkParticipo_Events.wkId ".
-			"WHERE wkParticipo_Events.date >= CURDATE() ".
-			"ORDER BY wkParticipo_Events.date;";
-		$ret = dbQuery($dbConn, $query);
-		// $results = $anMysqlConn->query($query);
-		
-		// // Bei einem Fehler bei der Abfrage soll NULL zurückgeliefert werden
-		// if( !$results ){
-		// 	echo("No Results: ".$anMysqlConn->error);
-		// 	return NULL;
-		// }
-		// // Bei einem leeren Ergebnis (NULL oder leeres Array) soll ein leeres Array zurückgeliefert werden
-		// if( empty($results) ) return array();
-	
-		// while( $result = $results->fetch_assoc() ){
-		// 	array_walk(
-		// 		$result,
-		// 		function (&$value, $key, $someOptions) {
-		// 			$value = iconv($someOptions['dbCharset'], $someOptions['outCharset'], $value);
-		// 		},
-		// 		$someOptions
-		// 	);
-		// 	array_push( $ret, $result);
-		// }
-	return $ret;
-}
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+	eventPlaner::setDbConnection( dbConnector::getDbConnection() );

-// array(12) { 
-// 	["id"]=> string(3) "139" 
-// 	["date"]=> string(10) "2021-12-29" 
-// 	["wkId"]=> string(0) "" 
-// 	["meldefrist"]=> string(10) "2021-12-28" 
-// 	["bemerkungen"]=> string(374) "{ "Datum": "2021-12-29", "Veranstaltung": "Jahresabschlusstraining", "Altersklassen": "alle", "bemerkungen": "
-
-//     Zum Abschluss des Jahres noch einmal eine kleine Einheit hauptsächlich zum Spielen
-//     Zeit: 16:00--19:00 Uhr
-
-// ", "Ort": "unser Dojo, Str. Usti nad Labem 42, 09120 Chemnitz", "Routenplaner": "https://osm.org/go/0MIYhLf3Q-" }" 
-// 	["kvOptions"]=> string(0) "" 
-// 	["Datum"]=> string(0) "" 
-// 	["Veranstaltung"]=> string(0) "" 
-// 	["Altersklassen"]=> string(0) "" 
-// 	["Ort"]=> string(0) "" 
-// 	["Ausschreibung"]=> string(0) "" 
-// 	["Routenplaner"]=> string(0) "" 
-// } 
-function getHtmlEventTable($eventList){
-	$ret = "</a><table>";
-	foreach($eventList as $event){
-		$e = json_decode($event['bemerkungen'], true);
-		$e = (($e==null)?$event:$e);
-		$e['id']=$event['id'];
-		$ret .= "<tr><td>".$e['Datum']."</td><td><a href=\"/pages/desktop/wkParticipo/showWkEvent.php?eventId=".$e['id']."\" >".$e['Veranstaltung']."</a></td></tr>";
-	}
-	$ret .= "</table><a>";
-	return $ret;
-}
 ?>
 <!DOCTYPE html>
 <html>
@@ -160,9 +80,9 @@ function getHtmlEventTable($eventList){
 				<li class="bold">
 					<a class="waves-effect waves-teal right-align" href="#configApps">Einstellen<i class="material-icons">settings</i></a>
 				</li>
-<?php if( isUserAdmin($dbConnection, $userData['id']) ){?>
+<?php if( isUserAdmin(dbConnector::getDbConnection(), $userData['id']) ){?>
 				<li class="bold">
-					<a class="waves-effect waves-teal right-align" href="#Admin">adminStuff</a>
+					<a class="waves-effect waves-teal right-align" href="#admiStuff">adminStuff</a>
 				</li>
 <?php }?>
 			</ul>
@@ -189,7 +109,7 @@ echo(
 	AppCard::fromArray([
 		'link'       => "/pages/desktop/wkParticipo",
 		'title'      => "Event-Planer",
-		'description'=> "Organisieren der Teilnahmen (und nicht-Teilnahmen) an Wettkämpfen, Sondertrainingseinheiten, Feiern etc.</p>".getHtmlEventTable(getCommingWkEvents($dbConnection))."<p>",
+		'description'=> "Organisieren der Teilnahmen (und nicht-Teilnahmen) an Wettkämpfen, Sondertrainingseinheiten, Feiern etc.</p>".eventPlaner::getHtmlEventTable(eventPlaner::getCommingWkEvents())."<p>",
 		'imgUrl'     => "/ressourcen/graphiken/icons/terminKalender.svg",
 		'actions'    => [
 			AppCardAction::fromArray(['caption'=>"Planer", 'link'=>"/pages/desktop/wkParticipo"]),
@@ -272,7 +192,7 @@ echo(
 			</div> <!-- configApps -->
 <?php
 // AdminStuff, thats only visible for Admins
-if( isUserAdmin($dbConnection, $userData['id']) ){
+if( isUserAdmin(dbConnector::getDbConnection(), $userData['id']) ){
 	echo(
 		"<h2>AdminStuff</h2>".
 		"<div id=\"admiStuff\" class=\"row\">".
--- a/homepage/participo/lib/api.php
+++ b/homepage/participo/lib/api.php
@@ -123,7 +123,7 @@ function updateUserPassword($db, $userId, $password){
 		':val' => array('value'=>$password, 'data_type'=>PDO::PARAM_STR), 
 		':id'  => array('value'=>$userId,   'data_type'=>PDO::PARAM_INT) 
 	);
-	dbQuery($db, $query, $params);
+	dbConnector::query($query, $params);
 	
 	return;
 }
--- a/homepage/participo/lib/db.php
+++ b/homepage/participo/lib/db.php
@@ -1,19 +1,4 @@
 <?php
-// get a Connection to the database
-function getPdoDbConnection($hostname, $dbName, $user, $password){
-	try{
-		$dbConnection = new PDO(
-			'mysql:host='.$hostname.';dbname='.$dbName, 
-			$user, 
-			$password
-		);
-	}
-	catch(PDOException $dbError){
-		echo( "Error whilst getting a dbConnection!: " . $dbError->getMessage() );
-	}
-return $dbConnection;
-}
-
 function createDb($dbConnection){
 <<<SQL
 CREATE TABLE `cwsvjudo`.`anwesenheit` ( 
@@ -198,7 +183,7 @@ function isUserInKidIds($uId, $idList){

 // @todo: Achtung, als id ist die id der Vormundschaft gespeichert. Unter kidId die des Kindes.
 function getUsersKids($db, $userId, $options = []){
-	options['attribute'] ?? 
+	$options['attribute'] ?? 
 	$query = <<<SQL
 SELECT * 
 FROM `wkParticipo_Users` 
--- a/homepage/participo/lib/participoLib/participo.php
+++ b/homepage/participo/lib/participoLib/participo.php
@@ -2,11 +2,89 @@

 class participo{
 	private static $db = null;
-	static public function initDbConnection(){}
+	private static $message = ['error' => NULL, 'success' => NULL, 'notice' => NULL];
+
+	/**
+	 * Returns the current login status
+	 * 
+	 * The login status is stored in the session cookie. If it is not even set it means the login is invalid.
+	 *
+	 * @return The login status or false if none is set so far
+	 */
+	static public function isLoginValid(){
+		return ($_SESSION['login'] ?? false);
+	}
+
+	/**
+	 * A little Box with the login status as html entity
+	 *
+	 * @return string htmlEntity showing the login status 
+	 */
+	static public function htmlLoginStatus(){
+		return 
+			"<div style=\"border: 1px solid black\">".
+				"Datum: ".date("Y-m-d")."<br />".
+				"Angemeldet als <strong>".htmlspecialchars($_SESSION['user']['username'])."</strong>.<br />".
+				"<a href=\"logout.php\">Sitzung beenden</a>".
+			"</div>";
+	}
+
+	/**
+	 * Checks, if there already is a valid login, if not redirect to the login form
+	 *
+	 * @retval void
+	 */
+	static public function authentificate(){
+		session_start();
+		if ( !self::isLoginValid() ) {
+			header("Location: login?returnToUrl=".urlencode($_SERVER['REQUEST_URI']), TRUE, 301);
+			exit(); // should'nt matter
+		}
+	}
+
+	static public function getMessages(){return self::$message;}
+	static public function addMessage($type, $message){self::$message[$type] = (self::$message[$type] ?? "").$message;}
+
+	static public function checkCredentials($loginName, $password){
+		sleep(1); // just to discurrage brute force attacks
+		// Check for dbConnection
+		if(!dbConnector::getDbConnection()){
+			self::addMessage('error', "<div>No DbConnection available</div>");
+			return false;
+		}
+
+		// query all users with the entered name
+		$user = dbConnector::query(
+			"SELECT `id`, `loginName`, `pwHash`, `config` FROM `wkParticipo_Users` WHERE `loginName` = :loginName",
+			['loginName' => ['value'=>$loginName, 'data_type'=>PDO::PARAM_STR]]
+		);
+
+		// If there is no such user OR the password isn't valid the login fails
+		if( empty($user || !password_verify( $password, $user['pwHash']) )){
+			sleep(5); // discourage brute force attacks
+			self::addMessage('error', "<div>Falsches Passwort oder LoginName</div>");
+			return false;
+		}
+
+		session_start();
+		// case valid login: Set the session data
+		$_SESSION = array(
+			'login' => true,
+			'user'  => array(
+				'username'  => $row['loginName'],
+				'userId' => $row['id'],
+				'userConfig' => json_decode($row['config'], true)
+			)
+		);
+
+		// Logging Logins
+		logLoginsToJsonFile($_SESSION['user']['username']);
+		
+		self::addMessage('success', "<div>Anmeldung erfolgreich</div>");
+		return true;
+	}
 }

-
-
 /**
 * Action element of an MaterializeCss (App-)card
 */
@@ -273,4 +351,111 @@ function logLoginsToJsonFile($userName, $fileName="lastLogins.json"){
 	}
 }

+
+class dbConnector{
+	static private $db = null;
+
+	// connect to the database
+	public static function connect($hostname, $dbName, $user, $password){
+		return self::setDbConnection( self::connectToPdo($hostname, $dbName, $user, $password) );
+	}
+
+	public static function getDbConnection(){return self::$db;}
+
+	/// perform a pdo-query
+	///
+	/// @param $aQueryString
+	/// @param $aBindArray e.g. array( 
+	///  ':userId'     => array('value'=>$anUserId,      'data_type'=>PDO::PARAM_INT), 
+	///  ':attributeId'=> array('value'=>$anAttributeId, 'data_type'=>PDO::PARAM_INT) )
+	/// @param $someOption
+	function query($aQueryString, $aBindArray = array(), $someOptions = array()){
+		// Standardbelegungen
+		if( empty($someOptions['dbCharset' ]) ) $someOptions['dbCharset' ] = "ISO-8859-1";
+		if( empty($someOptions['outCharset']) ) $someOptions['outCharset'] = "UTF-8";
+		if( empty($someOptions['dontFetch' ]) ) $someOptions['dontFetch' ] = false;
+		
+		/// @toDo: Bisher wird nur die Rückgabe konvertiert. Eigentlich muss 
+		///  doch auch die Eingabe konvertiert werden. Aber das jetzt 
+		///  umzustellen wird schwer! Die User im Wettkampfplaner sind ja z.B. 
+		///  als UTF8 in latin1(?) gespeichert.
+		/// @toDo: Die Standardwerte sollten vielleicht aus einer config 
+		///  kommen, nicht hardcoded
+		try{
+			$pdoStatement = self::$db->prepare( $aQueryString );
+			foreach( $aBindArray as $bindName => $bind ){
+				if( $bind['data_type'] == PDO::PARAM_STR)
+					$bind['value'] = iconv(
+						$someOptions['outCharset'], 
+						$someOptions['dbCharset'], 
+						$bind['value']
+					);
+				$pdoStatement->bindValue(
+					$bindName,
+					$bind['value'],
+					(isset($bind['data_type'])?$bind['data_type']:PDO::PARAM_STR)
+				);
+			}
+			$pdoResult = $pdoStatement->execute();
+			if(!$pdoResult){
+				echo("Error during dbQuery!\n");
+				echo("DB-Error:\n"); var_dump(self::$db->errorInfo());
+			}
+			if($someOptions['dontFetch']){
+				$ret = NULL;
+			}
+			else{
+				$ret = $pdoStatement->fetchAll(PDO::FETCH_ASSOC);
+			}
+		}
+		catch(PDOException $db_error){
+			print "Error!: " . $db_error->getMessage() . "<br/>";
+			return null;
+		}
+		
+		// Zeichensatzkonvertierung
+		if( is_array($ret) ){
+			foreach($ret as &$entry){
+				array_walk(
+					$entry,
+					function (&$value, $key, $someOptions) {
+						$value = iconv($someOptions['dbCharset'], $someOptions['outCharset'], $value);
+					},
+					$someOptions
+				);
+			}
+		}
+		return $ret;
+	}
+	
+	// get a Connection to the database
+	static private function connectToPdo($hostname, $dbName, $user, $password){
+		$dbConnection=null;
+		try{
+			$dbConnection = new PDO(
+				'mysql:host='.$hostname.';dbname='.$dbName, 
+				$user, 
+				$password
+			);
+		}
+		catch(PDOException $dbError){
+			echo( "Error whilst getting a dbConnection!: " . $dbError->getMessage() );
+		}
+		return $dbConnection;
+	}
+
+	// set the dbConnection (just setting, no establishing)
+	private static function setDbConnection($dbConnection){
+		$success = false;
+		if($dbConnection instanceof PDO){
+			self::$db = $dbConnection;
+			$success = true;
+		}
+		else{
+			self::$db = null;
+		}
+	}
+
+
+}
 ?>
--- a/homepage/participo/lib/participoLib/planer.php
+++ b/homepage/participo/lib/participoLib/planer.php
@@ -28,6 +28,9 @@ class shiai{
 	public function getName(){
 		return $this->name;
 	}
+	public function getAgeClasses(){
+		return $this->ageclasses ? $this->ageclasses : "-";
+	}
 	public function getId(){
 		return $this->id;
 	}
@@ -67,6 +70,21 @@ class event{
 		$this->shiai = $shiai;
 	}

+	function asHtmlCard(){
+		return 
+			"<div class=\"card blue-grey darken-1\">".
+				"<div class=\"card-content white-text\">".
+					"<span class=\"card-title\">".$this->shiai->getName()."</span>".
+					"<dl>".
+						"<dt>Datum</dt>".
+						"<dd>".$this->date->format("Y-m-d")."</dd>".
+						"<dt>Meldefrist</dt>".
+						"<dd>".$this->deadline->format("Y-m-d")."</dd>".
+						"<dt>Altersklassen</dt>".
+						"<dd>".$this->shiai->getAgeClasses()."</dd>".
+				"</div>".
+			"</div>";
+	}
 	public function htmlTableRow(){
 		return 
 			"<tr>".
@@ -146,4 +164,6 @@ class eventPlaner{
 		return $ret;
 	}
 }
+
+
 ?>
--- a/homepage/participo/login.php
+++ b/homepage/participo/login.php
@@ -6,9 +6,17 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	
 	require_once("./local/dbConf.php");

-// Check, if the login is already set. If so move to the main page.
+	require_once($config['basePath']."/config/cwsvJudo.config.php");
+	dbConnector::connect(
+		$cwsvJudoConfig["db"]["host"], 
+		$cwsvJudoConfig["db"]["name"], 
+		$cwsvJudoConfig["db"]["user"],
+		$cwsvJudoConfig["db"]["password"]
+	);
+
+// Check, if the login is already set. If so move to the main page
 if (isset($_SESSION['login'])) {
-	header('Location: http://' . $_SERVER['HTTP_HOST'] . '/index.php');
+	header("Location: http://" . ($_POST['returnToUrl'] ?? "."), TRUE, 301);
 }
 // Otherwise check credentials if given.
 else{
@@ -17,12 +25,14 @@ else{
 			empty($_POST['f']['username']) ||
 			empty($_POST['f']['password'])
 		) {
-			$message['error'] = 'Es wurden nicht alle Felder ausgefüllt.';
+			$message = ['error' => "Es wurden nicht alle Felder ausgefüllt."];
 		} else {
-			
-			$message = checkCredentials($_POST['f']['username'], $_POST['f']['password'], $db_server, $db_user, $db_password, $db_name);
-			if( !isset($message['error']) )
-				$message['notice'] = "OnlineApps - cwsvJudo";
+			if( participo::checkCredentials( $_POST['f']['username'], $_POST['f']['password']) ){
+				$returnToUrl = $_POST['returnToUrl'] ?? ".";
+				participo::addMessage('success', "<div><a href=\"".$returnToUrl."\">weiter zum Inhalt</a>.</div>");
+				participo::addMessage('notice', "OnlineApps - cwsvJudo");
+				header("Location: " . $returnToUrl );
+			}
 		}
 	}
 }
@@ -42,18 +52,20 @@ else{
 	</head>
 	<body class="container">
 		<h1>Loginseite der Online-Apps der Judoka des CWSV</h1>
-		<?php echo(htmlRetMessage($message));?>
+		<?php echo(htmlRetMessage(participo::getMessages()));?>
 		<form action="./login.php" method="post">
 			<fieldset>
 				<legend>Benutzerdaten</legend>
 				<div>
 					<label for="username">Benutzername</label>
-					<input  id="username"type="text" name="f[username]" <?php echo isset($_POST['f']['username']) ? ' value="' . htmlspecialchars($_POST['f']['username']) . '"' : '' ?> />
+					<input  id="username" type="text" name="f[username]" <?php echo isset($_POST['f']['username']) ? ' value="' . htmlspecialchars($_POST['f']['username']) . '"' : '' ?> />
 				</div>
 				<div>
 					<label for="password">Kennnwort</label>
 					<input  id="password" type="password" name="f[password]" />
 				</div>
+				<?php if( isset( $_GET['returnToUrl']) ) echo("<input type=\"hidden\" name=\"returnToUrl\" value=\"".htmlspecialchars( $_GET['returnToUrl'])."\" />"); ?>
+				<?php if( isset($_POST['returnToUrl']) ) echo("<input type=\"hidden\" name=\"returnToUrl\" value=\"".htmlspecialchars($_POST['returnToUrl'])."\" />"); ?>
 			</fieldset>
 			<fieldset>
 				<div>
--- a/homepage/participo/user.php
+++ b/homepage/participo/user.php
@@ -5,6 +5,7 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once("./local/dbConf.php");
 	require_once("./local/cwsvJudo.php");

+	require_once("./lib/participoLib/participo.php");
 	require_once("./lib/db.php");
 	require_once("./lib/api.php");

@@ -13,17 +14,17 @@ setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
 	require_once($config['basePath']."/config/cwsvJudo.config.php");
 	require_once($config['basePath']."/config/phpcount.config.php");
 	
-	$dbConnection = getPdoDbConnection(
+	dbConnector::connect(
 		$cwsvJudoConfig["db"]["host"], 
 		$cwsvJudoConfig["db"]["name"], 
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);
 	
-	$userData = getUserData($dbConnection, $_SESSION['user']['userId']);
-	$usersKids = getUsersKids($dbConnection, $_SESSION['user']['userId']);
+	$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
+	$usersKids = getUsersKids(dbConnector::getDbConnection(), $_SESSION['user']['userId']);

-	processPostData($dbConnection, $_POST);
+	processPostData(dbConnector::getDbConnection(), $_POST);

 ?>
 <!DOCTYPE html>