added admin function: add user

homepage/participo/lib/participoLib/event.php

@@ -14,6 +14,7 @@ class Event
 	private $deadline = null; //< until when one can register for the event
 	private $remarks = null;  //< remarks to the event (special rules) or a json object for missing data (e.g. non-shiai events)
 
+	// linked data
 	private $shiai = null;    //< a place to load the linked shiai to (if loaded)
 
 	/** constructor
@@ -32,8 +33,6 @@ class Event
 		$this->shiaiId = filterId($shiaiId);
 		$this->deadline = DateTime::createFromFormat('Y-m-d', $deadline);
 		$this->remarks = $remarks;
-
-		$this->shiai = $shiai;
 	}
 
 	// Getter
@@ -75,17 +74,15 @@ class Event
 	}
 
 	/** Getter for the shiai
+	 * 
+	 * If the Shiai isn't loaded yet, it is loaded
 	 *
 	 * @return Shiai shiai for the event
 	 */
-	public function getShiai()
+	public function getShiai($forceLoading = false)
 	{
-		return $this->shiai;
-	}
-
-	public function loadShiai()
-	{
-		if ($this->shiaiId != null) {
+		// We want to load if it isn't loaded yet or we want to enforce it. But in either case we need an id to load
+		if( (!isset($this->shiai) || $forceLoading) && isset($this->shiaiId) ){
 			$this->shiai = Shiai::loadFromDb($this->shiaiId);
 		}
 		return $this->shiai;
@@ -112,7 +109,7 @@ class Event
 	 */
 	public function asHtmlCard()
 	{
-		$shiai = self::loadShiai();
+		$shiai = $this->getShiai();
 		return
 			'<div class="card blue-grey darken-1">' .
 				'<div class="card-content white-text">' .
@@ -124,13 +121,14 @@ class Event
 						'<dd>' . $this->deadline->format('Y-m-d') . '</dd>' .
 						'<dt>Altersklassen</dt>' .
 						'<dd>' . $this->shiai->getAgeClasses() . '</dd>' .
+					'</dl>'.
 				'</div>' .
 			'</div>';
 	}
 
 	public function htmlTableRow()
 	{
-		$shiai = $this->loadShiai();
+		$shiai = $this->getShiai();
 		return
 			'<tr>' .
 				'<td>' . $this->date->format('Y-m-d') . '</td>' .

homepage/participo/lib/participoLib/participo.php

@@ -168,8 +168,9 @@ class participo
 	 * @retval true user with id $userId has attribute "isAdmin"
 	 * @retval false otherwise
 	 */
-	public static function isUserAdmin($userId)
+	public static function isUserAdmin($userId = null)
 	{
+		$userId = $userId ?? $_SESSION['user']['userId'];
 		return self::hasUserAttribute($userId, 'isAdmin');
 	}
 
@@ -550,8 +551,7 @@ function getHtmlSquareDate($date = null)
 		. '</div>';
 }
 
-/**
- * filter_var for a (db)id
+/** filter_var for a (db)id
  *
  * check for valid id; null is default; only values > 0 are excepted
  *

homepage/participo/lib/participoLib/shiai.php

@@ -1,4 +1,5 @@
 <?php
+require_once 'participoLib/participo.php';
 
 /** frame for a shiai
  */
@@ -59,6 +60,8 @@ class Shiai
 
 	public static function loadFromDb(int $id)
 	{
+		$id = filterId($id);
+
 		$query = 'SELECT * FROM `cwsvjudo`.`wettkampfkalender` WHERE `lfdeNr` = :id;';
 		$params = [':id' => ['value' => $id, 'data_type' => PDO::PARAM_INT]];
 		$response = dbConnector::query($query, $params);
@@ -88,7 +91,7 @@ class Shiai
 	/**
 	 * shiai event as html code for displaying
 	 *
-	 * @return html formated string
+	 * @return html formatted string
 	 */
 	public function getHtml()
 	{

homepage/participo/lib/participoLib/starter.php

@@ -57,7 +57,7 @@ class Starter
 
 	////
 	// dbInterface
-	///
+	////
 
 	/** Load a Start from the db via an id
 	 *
@@ -117,7 +117,7 @@ class Starter
 	{
 		// - if the id is already set it *has* to be already in the DB hence we don't add it
 		// - the logged in user must have wardship over the starter
-		if (isset($this->id) && !participo::isWardOf($this->userId)) {
+		if (isset($this->id) || !participo::isWardOf($this->userId)) {
 			return null;
 		}
 

homepage/participo/lib/participoLib/user.php

@@ -1,20 +1,72 @@
 <?php
 
-/**
- * User for the Participo system
+require_once 'participoLib/participo.php';
+
+/** Frame for a User if the Participo system
  */
 class User
 {
-	private $id;
-	private $loginName;
-	private $name;
-	private $firstName;
-	private $dateOfBirth;
-	private $eMail;
-	private $config;
-	private $pwHash;
+	/** Constructor
+	 * @todo Document parameter
+	 * @todo Input sanitation
+	 */
+	public function __construct($id, $loginName, $name, $firstName, $dateOfBirth=null, $eMail=null, $config=null, $pwHash=null)
+	{
+		$this->id = filterId($id);
+		$this->loginName = $loginName;
+		$this->name = $name;
+		$this->firstName = $firstName;
+		$this->dateOfBirth = ($dateOfBirth != null) ? DateTime::createFromFormat('Y-m-d', $dateOfBirth) : null;
+		$this->eMail = ($eMail!=null) ? filter_var($eMail, FILTER_VALIDATE_EMAIL,['options'=>['default'=>null]]):null;
+		$this->config = $config;
+		$this->pwHash = $pwHash;
+	}
 
-	/** columns in the user table (in the database) with their type
+	////
+	// dbInterface
+	////
+
+	public function addToDb(){
+		// if the user has an Id set it has to come from the Db. Hence don't add an User that is already added.
+		if(isset($this->id) || !participo::isUserAdmin()){
+			return;
+		}
+		$this->id = self::dbInsert(
+			$this->loginName
+			, $this->name
+			, $this->firstName
+			, (isset($this->dateOfBirth))?($this->dateOfBirth->format('Y-m-d')):null
+			, $this->eMail
+			, $this->config
+			, $this->pwHash
+		);
+		return $this->id;
+	}
+
+	private static function dbInsert($loginName, $name, $firstName, $dateOfBirth=null, $eMail=null, $config=null, $pwHash=null){
+		$query = 'INSERT INTO `'.self::$tableName.'` '
+			.'(loginName, name, vorname, gebDatum, eMail, config, pwHash) '
+			.' VALUES (:loginName, :name, :vorname, :gebDatum, :eMail, :config, :pwHash);';
+		$params = [
+			':loginName'=>['value'=>$loginName, 'data_type' => self::$dbColumns['loginName']],
+			':name'=>['value'=>$name, 'data_type' => self::$dbColumns['name']],
+			':vorname'=>['value'=>$firstName, 'data_type' => self::$dbColumns['vorname']],
+			':gebDatum'=>['value'=>$dateOfBirth, 'data_type' => self::$dbColumns['gebDatum']],
+			':eMail'=>['value'=>$eMail, 'data_type' => self::$dbColumns['eMail']],
+			':config'=>['value'=>$config, 'data_type' => self::$dbColumns['config']],
+			':pwHash'=>['value'=>$pwHash, 'data_type' => self::$dbColumns['pwHash']],
+		];
+		$response = dbConnector::query($query, $params);
+		return dbConnector::getLastInsertId();
+	}
+
+	/** Name of the table with all the Users
+	 *
+	 * @var string
+	 */
+	private static $tableName = 'wkParticipo_Users';
+
+	/** columns in the User table (in the database) with their type
 	 *
 	 * @var array
 	 */
@@ -25,26 +77,48 @@ class User
 		'vorname' => PDO::PARAM_STR,
 		'gebDatum' => PDO::PARAM_STR,
 		'eMail' => PDO::PARAM_STR,
-		'pwHash' => PDO::PARAM_STR,
-		'config' => PDO::PARAM_STR
+		'config' => PDO::PARAM_STR,
+		'pwHash' => PDO::PARAM_STR
 	];
 
-	/** Constructor
-	 * @todo Document parameter
-	 * @todo Input sanitation
-	 */
-	public function __construct($id, $loginName, $name, $firstName, $dateOfBirth, $eMail, $config, $pwHash)
+
+	////
+	// html interface
+	////
+
+	public static function getHtmlFormAddUser($options = [])
 	{
-		$this->id = (int) $id;
-		$this->loginName = $loginName;
-		$this->name = $name;
-		$this->firstName = $firstName;
-		$this->dateOfBirth = $dateOfBirth != null ? DateTime::createFromFormat('Y-m-d', $dateOfBirth) : null;
-		$this->eMail = $eMail;
-		$this->config = $config;
-		$this->pwHash = $pwHash;
+		$returnToUrl = $options['returnToUrl'] ?? urlencode(getCurPagesUrl());
+		$formClass = isset($options['formClass']) ? 'class="'.$options['formClass'].'"' : '';
+
+		$form =
+			'<form ' . $formClass . ' action="api.user.add.php" method="post">'
+				. '<input type="hidden" name="returnToUrl" id="returnToUrl" value="' . $returnToUrl . '" >'
+				.'<div><label for="loginName">Benutzername</label> <input type="text" name="loginName" id="loginName"></div>'
+				.'<div><label for="name">Nachname</label> <input type="text" name="name" id="name"></div>'
+				.'<div><label for="firstName">Vorname</label> <input type="text" name="firstName" id="firstName"></div>'
+				.'<div><label for="dateOfBirth">Geb.Datum</label> <input type="text" name="dateOfBirth" id="dateOfBirth"></div>'
+				.'<div><label for="eMail">eMail</label> <input type="text" name="eMail" id="eMail"></div>'
+				. '<button class="btn" type="submit" name="submit">erstellen</button>'
+			. '</form>';
+		return $form;
 	}
 
+	public static function htmlFormAddUser($options = []){
+		echo(self::getHtmlFormAddUser($options));
+	}
+
+
+	// member variables
+	private $id;
+	private $loginName;
+	private $name;
+	private $firstName;
+	private $dateOfBirth;
+	private $eMail;
+	private $config;
+	private $pwHash;
+
 	/** Export the User data into an associative array
 	 *
 	 * @return array associative array representing the user
@@ -105,7 +179,7 @@ class User
 	/** Create a User from an assoziative array like it is returned from db requests
 	 *
 	 * @param array $member associative array with the UserData from the dbRequest
-	 * @param $columnMappings renaming of columnNames, e.g., if the id  isn't under id in the array, add 'id'=>'userId' to the mappings
+	 * @param $columnMappings renaming of columnNames, e.g., if the id  isn't under 'id' in the array but under 'userID', add 'id'=>'userId' to the mappings
 	 * @return User initialized user
 	 */
 	public static function fromDbArray($member, $columnMappings = [])