added admin function: add user

homepage/participo/admin.inc.php

@@ -0,0 +1,31 @@
+<?php
+setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
+set_include_path(get_include_path() . PATH_SEPARATOR . "./lib/");
+
+// configs and local data
+require_once './local/cwsvJudo.php';
+
+// libraries
+require_once 'participoLib/dbConnector.php';
+require_once 'participoLib/participo.php';
+
+
+// init the db connector 
+dbConnector::connect(
+	$cwsvJudoConfig['db']['host'],
+	$cwsvJudoConfig['db']['name'],
+	$cwsvJudoConfig['db']['user'],
+	$cwsvJudoConfig['db']['password']
+);
+
+// authentication of the current user 
+participo::authentificate();
+if (!participo::isUserAdmin()) {
+    header('Location: /participo', true, 301);
+}
+
+$meta = array(
+    'title' => "AdminStuff",
+    'description' => "Administrative Verwaltung"
+);
+?>

homepage/participo/admin.js

@@ -0,0 +1,12 @@
+// What to do when the document is loaded.
+document.addEventListener('DOMContentLoaded', function () {
+    // init materialize elements
+    initSidenav();
+});
+
+function initSidenav() {
+    var sidenavElements = document.querySelectorAll('.sidenav');
+    // var sidenavInstances = 
+    M.Sidenav.init(sidenavElements, {
+    });
+};

homepage/participo/admin.php

@@ -0,0 +1,51 @@
+<?php
+require 'admin.inc.php';
+?>
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="utf-8" />
+		<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+
+		<!-- shared imports (common css, MaterializeCss) -->
+		<?php readfile('shared/imports.php'); ?>
+
+		<!-- inits for the materializeCss -->
+		<script src="admin.js"></script>
+
+        <title><?php echo($meta['title']); ?></title>
+		<meta name="description" content="<?php echo($meta['description']); ?>" />
+
+		<link rel="icon"             href="<?echo($config['ressourceUrl']);?>/graphiken/icons/cwsv.ico" />
+		<link rel="apple-touch-icon" href="<?echo($config['baseUrl']);?>/apple-touch-icon.png">
+	</head>
+
+	<body>
+		<header>
+			<!-- The sidenav -->
+			<?php require './admin.sidenav.inc.php'; ?>
+		</header>
+
+<?php if (participo::isLoginValid() && participo::isUserAdmin()) { ?>
+    <main>
+        <h2>AdminStuff</h2>
+        <div id="admiStuff" class="row">
+<?php
+	echo(
+		AppCard::fromArray([
+			'title' => 'lastLogins',
+			'description' => '</p>' . lastLoginTable() . '</p>'
+		])->htmlCode()
+	);
+	echo(
+		AppCard::fromArray([
+			'title' => 'Add User',
+			'description' => User::getHtmlFormAddUser(),
+		])->htmlCode()
+	);
+?>
+        </div>
+    </main>
+<?php } ?>
+	</body>
+</html>

homepage/participo/admin.sidenav.inc.php

@@ -0,0 +1,37 @@
+<!-- cwsvJudoApps-Admin sidenav-->
+<div>
+    <nav class="indigo darken-4">
+		<div class="nav-wrapper">
+			<div class="col s12">
+				<a href="http://cwsvjudo.bplaced.net/participo" class="breadcrumb">cwsvJudo-Apps</a>
+				<a href="http://cwsvjudo.bplaced.net/participo/admin" class="breadcrumb">
+					<?php echo($meta['title']); ?>
+				</a>
+				<a class="right top-nav sidenav-trigger waves-effect waves-light hide-on-large-only" href="#"
+					data-target="nav-mobile">
+					<i class="material-icons">menu</i>
+				</a>
+			</div>
+		</div>
+
+        <a class="right top-nav sidenav-trigger waves-effect waves-light hide-on-large-only" href="#"
+			data-target="nav-mobile">
+			<i class="material-icons">menu</i>
+		</a>
+	</nav>
+
+	<ul class="sidenav sidenav-fixed sidenav-close" id="nav-mobile">
+		<li class="logo">
+			<a style="height:auto;" class="brand-logo" id="logo-container" href="/participo/">
+				<img alt="cwsvJudoApps" style="max-width:100%;height:12vh;" class="responsive-img"
+					src="http://cwsvjudo.bplaced.net/ressourcen/graphiken/logos/cwsvJudoLogoWappen.x256.png" />
+			</a>
+		</li>
+		<!-- brings its own li -->
+		<?php require_once 'sidenav/loginStatus.php'; ?>
+		<li class="bold">
+			<a class="waves-effect waves-teal" href="/participo">zurück<i
+					class="material-icons">home</i></a>
+		</li>
+    </ul>
+</div> <!-- cwsvJudoApps-Admin sidenav-->

homepage/participo/api.user.add.php

@@ -0,0 +1,32 @@
+<?php
+// (local specific) settings
+require_once 'local/cwsvJudo.php';
+require_once 'config/participo.php';
+
+
+require_once 'participoLib/dbConnector.php';
+require_once 'participoLib/participo.php';
+require_once 'participoLib/user.php';
+
+dbConnector::connect(
+	$cwsvJudoConfig['db']['host'],
+	$cwsvJudoConfig['db']['name'],
+	$cwsvJudoConfig['db']['user'],
+	$cwsvJudoConfig['db']['password']
+);
+
+participo::authentificate();
+
+$loginName = $_POST['loginName'] ?? null;
+$name = $_POST['name'] ?? null;
+$firstName = $_POST['firstName']??null;
+$dateOfBirth = $_POST['dateOfBirth']??null;
+$eMail=$_POST['eMail']?? null;
+
+$returnToUrl = $_POST['returnToUrl'] ?? 'participo/';
+
+$newUser = new User(null, $loginName, $name, $firstName, $dateOfBirth, $eMail);
+$newUserId = $newUser->addToDb();
+
+header('Location: ' . urldecode($returnToUrl), true, 301);
+exit(-1); // shouldn't matter

homepage/participo/css/participo.css

@@ -1,5 +1,5 @@
 /*
-on large screens add a padding on the left for the fixed sidnav
+on large screens add a padding on the left for the fixed sidenav
 */
 header,
 main,
@@ -8,7 +8,6 @@ footer {
 }
 
 @media only screen and (max-width: 992px) {
-
   header,
   main,
   footer {
@@ -25,11 +24,11 @@ footer {
 overrides for the header font sizes
 */
 h1 {
-	font-size: 2.00rem;
+  font-size: 2rem;
 }
 
 h2 {
-	font-size: 1.50rem;
+  font-size: 1.5rem;
 }
 
 h3 {
@@ -37,7 +36,7 @@ h3 {
 }
 
 h3 {
-	font-size: 1.20rem;
+  font-size: 1.2rem;
 }
 
 h3 {
@@ -45,5 +44,5 @@ h3 {
 }
 
 h6 {
-	font-size: 1.10rem;
+  font-size: 1.1rem;
 }

homepage/participo/events.inc.php

@@ -21,7 +21,6 @@ require_once("config/participo.php");
 		$cwsvJudoConfig["db"]["user"],
 		$cwsvJudoConfig["db"]["password"]
 	);
-	eventPlaner::setDbConnection(dbConnector::getDbConnection());
 
 	participo::authentificate();
 

homepage/participo/events.php

@@ -1,6 +1,5 @@
 <?php
-include_once 'events.inc.php';
+require_once 'events.inc.php';
-
 ?>
 <!DOCTYPE html>
 <html>
@@ -9,7 +8,7 @@ include_once 'events.inc.php';
 		<meta name="viewport" content="width=device-width, initial-scale=1.0" />
 
 		<!-- shared imports (common css, MaterializeCss) -->
-		<?php readfile('./shared/imports.php'); ?>
+		<?php readfile('shared/imports.php'); ?>
 
 		<!-- inits for the materializeCss -->
 		<script src="events.js"></script>

homepage/participo/index.inc.php

@@ -0,0 +1,37 @@
+<?php
+setlocale (LC_ALL, 'de_DE@euro', 'de_DE', 'de', 'ge');
+set_include_path(get_include_path() . PATH_SEPARATOR . "./lib/");
+
+// configs and local data
+// @todo Check and replace obsolete ones
+require_once 'config/participo.php';
+require_once 'config/phpcount.config.php';
+require_once 'local/cwsvJudo.php';
+
+// legacy lib usage
+// @todo remove unused libraries
+require_once 'db.php'; // should be replaced
+require_once 'api.php'; // should be replaced
+
+// libraries
+require_once 'participoLib/participo.php';
+require_once 'participoLib/planer.php';
+require_once 'participoLib/apiKey.php';
+require_once 'phpcount/phpcount.php';
+
+// Add page hit
+PHPCount::AddHit('participo');
+
+// init the db connector 
+dbConnector::connect(
+	$cwsvJudoConfig['db']['host'],
+	$cwsvJudoConfig['db']['name'],
+	$cwsvJudoConfig['db']['user'],
+	$cwsvJudoConfig['db']['password']
+);
+
+// authentication of the current user 
+participo::authentificate();
+
+// load the userData
+$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);

homepage/participo/index.js

@@ -0,0 +1,29 @@
+// What to do when the document is loaded.
+document.addEventListener('DOMContentLoaded', function () {
+    // init materialize elements
+    initModals();
+    initSidenav();
+});
+
+function initSidenav() {
+    var sidenavElements = document.querySelectorAll('.sidenav');
+    // var sidenavInstances = 
+    M.Sidenav.init(sidenavElements, {
+    });
+};
+
+// Init Modals
+function initModals() {
+    var modalElements = document.querySelectorAll('.modal');
+    // var modalInstances = 
+    M.Modal.init(modalElements, {
+        'onOpenEnd': initSelects
+    });
+};
+
+// Init select forms
+function initSelects() {
+    var selectElements = document.querySelectorAll('select');
+    // var selectInstances = 
+    M.FormSelect.init(selectElements, {});
+}

homepage/participo/index.php

@@ -1,70 +1,17 @@
 <?php
-require_once 'config/participo.php';
+require_once 'index.inc.php';
-
-require_once './local/cwsvJudo.php';
-
-require_once './lib/db.php'; // should be replaced
-require_once './lib/api.php'; // should be replaced
-
-require_once 'participoLib/participo.php';
-require_once 'participoLib/planer.php';
-require_once 'participoLib/apiKey.php';
-require_once 'config/phpcount.config.php';
-require_once 'phpcount/phpcount.php';
-
-PHPCount::AddHit('participo');
-
-dbConnector::connect(
-	$cwsvJudoConfig['db']['host'],
-	$cwsvJudoConfig['db']['name'],
-	$cwsvJudoConfig['db']['user'],
-	$cwsvJudoConfig['db']['password']
-);
-
-participo::authentificate();
-$userData = getUserData(dbConnector::getDbConnection(), $_SESSION['user']['userId']);
 ?>
-
 <!DOCTYPE html>
 <html>
 	<head>
 		<meta charset="utf-8" />
 		<meta name="viewport" content="width=device-width, initial-scale=1.0" />
 
-		<?php readfile('./shared/imports.php'); ?>
+		<!-- shared imports (common css, MaterializeCss) -->
+		<?php readfile('shared/imports.php'); ?>
 
 		<!-- inits for the materializeCss -->
-		<script>
+		<script src="index.js"></script>
-			// What to do when the document is loaded.
-			document . addEventListener('DOMContentLoaded', function () {
-				// init materialize elements
-				initModals();
-				initSidenav();
-			});
-
-			function initSidenav() {
-				var sidenavElements = document.querySelectorAll('.sidenav');
-				// var sidenavInstances = 
-				M.Sidenav.init(sidenavElements, {
-				});
-			};
-			// Init Modals
-			function initModals() {
-				var modalElements = document.querySelectorAll('.modal');
-				// var modalInstances = 
-				M.Modal.init(modalElements, {
-					'onOpenEnd': initSelects
-				});
-			};
-			// Init select forms
-			function initSelects() {
-				var selectElements = document.querySelectorAll('select');
-				// var selectInstances = 
-				M.FormSelect.init(selectElements, {});
-			}
-		</script>
-
-		<style>h1{ font-size: 2.00rem;}h2{ font-size: 1.50rem;}h3{ font-size: 1.25rem;}h3{ font-size: 1.20rem;}h3{ font-size: 1.15rem;}h6{ font-size: 1.10rem;}</style>
 
 		<title>participo</title>
 		<meta name="description" content="Online-Apps der Judoka des Chemnitzer WSV">
@@ -219,6 +166,16 @@ if (participo::isUserAdmin($userData['id'])) {
 		])->htmlCode() .
 		'</div>'
 	);
+	echo(
+		AppCard::fromArray([
+			'link' => 'admin',
+			'title' => 'Admin',
+			'description' => 'Admin Stuff',
+			'actions' => [
+				AppCardAction::fromArray(['caption' => 'Admin', 'link' => 'admin']),
+			],
+		])->htmlCode()
+	);
 } ?>
 		</main>
 <?php

homepage/participo/lib/participoLib/event.php

@@ -14,6 +14,7 @@ class Event
 	private $deadline = null; //< until when one can register for the event
 	private $remarks = null;  //< remarks to the event (special rules) or a json object for missing data (e.g. non-shiai events)
 
+	// linked data
 	private $shiai = null;    //< a place to load the linked shiai to (if loaded)
 
 	/** constructor
@@ -32,8 +33,6 @@ class Event
 		$this->shiaiId = filterId($shiaiId);
 		$this->deadline = DateTime::createFromFormat('Y-m-d', $deadline);
 		$this->remarks = $remarks;
-
-		$this->shiai = $shiai;
 	}
 
 	// Getter
@@ -75,17 +74,15 @@ class Event
 	}
 
 	/** Getter for the shiai
+	 * 
+	 * If the Shiai isn't loaded yet, it is loaded
 	 *
 	 * @return Shiai shiai for the event
 	 */
-	public function getShiai()
+	public function getShiai($forceLoading = false)
 	{
-		return $this->shiai;
+		// We want to load if it isn't loaded yet or we want to enforce it. But in either case we need an id to load
-	}
+		if( (!isset($this->shiai) || $forceLoading) && isset($this->shiaiId) ){
-
-	public function loadShiai()
-	{
-		if ($this->shiaiId != null) {
 			$this->shiai = Shiai::loadFromDb($this->shiaiId);
 		}
 		return $this->shiai;
@@ -112,7 +109,7 @@ class Event
 	 */
 	public function asHtmlCard()
 	{
-		$shiai = self::loadShiai();
+		$shiai = $this->getShiai();
 		return
 			'<div class="card blue-grey darken-1">' .
 				'<div class="card-content white-text">' .
@@ -124,13 +121,14 @@ class Event
 						'<dd>' . $this->deadline->format('Y-m-d') . '</dd>' .
 						'<dt>Altersklassen</dt>' .
 						'<dd>' . $this->shiai->getAgeClasses() . '</dd>' .
+					'</dl>'.
 				'</div>' .
 			'</div>';
 	}
 
 	public function htmlTableRow()
 	{
-		$shiai = $this->loadShiai();
+		$shiai = $this->getShiai();
 		return
 			'<tr>' .
 				'<td>' . $this->date->format('Y-m-d') . '</td>' .

homepage/participo/lib/participoLib/participo.php

@@ -168,8 +168,9 @@ class participo
 	 * @retval true user with id $userId has attribute "isAdmin"
 	 * @retval false otherwise
 	 */
-	public static function isUserAdmin($userId)
+	public static function isUserAdmin($userId = null)
 	{
+		$userId = $userId ?? $_SESSION['user']['userId'];
 		return self::hasUserAttribute($userId, 'isAdmin');
 	}
 
@@ -550,8 +551,7 @@ function getHtmlSquareDate($date = null)
 		. '</div>';
 }
 
-/**
+/** filter_var for a (db)id
- * filter_var for a (db)id
  *
  * check for valid id; null is default; only values > 0 are excepted
  *

homepage/participo/lib/participoLib/shiai.php

@@ -1,4 +1,5 @@
 <?php
+require_once 'participoLib/participo.php';
 
 /** frame for a shiai
  */
@@ -59,6 +60,8 @@ class Shiai
 
 	public static function loadFromDb(int $id)
 	{
+		$id = filterId($id);
+
 		$query = 'SELECT * FROM `cwsvjudo`.`wettkampfkalender` WHERE `lfdeNr` = :id;';
 		$params = [':id' => ['value' => $id, 'data_type' => PDO::PARAM_INT]];
 		$response = dbConnector::query($query, $params);
@@ -88,7 +91,7 @@ class Shiai
 	/**
 	 * shiai event as html code for displaying
 	 *
-	 * @return html formated string
+	 * @return html formatted string
 	 */
 	public function getHtml()
 	{

homepage/participo/lib/participoLib/starter.php

@@ -57,7 +57,7 @@ class Starter
 
 	////
 	// dbInterface
-	///
+	////
 
 	/** Load a Start from the db via an id
 	 *
@@ -117,7 +117,7 @@ class Starter
 	{
 		// - if the id is already set it *has* to be already in the DB hence we don't add it
 		// - the logged in user must have wardship over the starter
-		if (isset($this->id) && !participo::isWardOf($this->userId)) {
+		if (isset($this->id) || !participo::isWardOf($this->userId)) {
 			return null;
 		}
 

homepage/participo/lib/participoLib/user.php

@@ -1,20 +1,72 @@
 <?php
 
-/**
+require_once 'participoLib/participo.php';
- * User for the Participo system
+
+/** Frame for a User if the Participo system
  */
 class User
 {
-	private $id;
+	/** Constructor
-	private $loginName;
+	 * @todo Document parameter
-	private $name;
+	 * @todo Input sanitation
-	private $firstName;
+	 */
-	private $dateOfBirth;
+	public function __construct($id, $loginName, $name, $firstName, $dateOfBirth=null, $eMail=null, $config=null, $pwHash=null)
-	private $eMail;
+	{
-	private $config;
+		$this->id = filterId($id);
-	private $pwHash;
+		$this->loginName = $loginName;
+		$this->name = $name;
+		$this->firstName = $firstName;
+		$this->dateOfBirth = ($dateOfBirth != null) ? DateTime::createFromFormat('Y-m-d', $dateOfBirth) : null;
+		$this->eMail = ($eMail!=null) ? filter_var($eMail, FILTER_VALIDATE_EMAIL,['options'=>['default'=>null]]):null;
+		$this->config = $config;
+		$this->pwHash = $pwHash;
+	}
 
-	/** columns in the user table (in the database) with their type
+	////
+	// dbInterface
+	////
+
+	public function addToDb(){
+		// if the user has an Id set it has to come from the Db. Hence don't add an User that is already added.
+		if(isset($this->id) || !participo::isUserAdmin()){
+			return;
+		}
+		$this->id = self::dbInsert(
+			$this->loginName
+			, $this->name
+			, $this->firstName
+			, (isset($this->dateOfBirth))?($this->dateOfBirth->format('Y-m-d')):null
+			, $this->eMail
+			, $this->config
+			, $this->pwHash
+		);
+		return $this->id;
+	}
+
+	private static function dbInsert($loginName, $name, $firstName, $dateOfBirth=null, $eMail=null, $config=null, $pwHash=null){
+		$query = 'INSERT INTO `'.self::$tableName.'` '
+			.'(loginName, name, vorname, gebDatum, eMail, config, pwHash) '
+			.' VALUES (:loginName, :name, :vorname, :gebDatum, :eMail, :config, :pwHash);';
+		$params = [
+			':loginName'=>['value'=>$loginName, 'data_type' => self::$dbColumns['loginName']],
+			':name'=>['value'=>$name, 'data_type' => self::$dbColumns['name']],
+			':vorname'=>['value'=>$firstName, 'data_type' => self::$dbColumns['vorname']],
+			':gebDatum'=>['value'=>$dateOfBirth, 'data_type' => self::$dbColumns['gebDatum']],
+			':eMail'=>['value'=>$eMail, 'data_type' => self::$dbColumns['eMail']],
+			':config'=>['value'=>$config, 'data_type' => self::$dbColumns['config']],
+			':pwHash'=>['value'=>$pwHash, 'data_type' => self::$dbColumns['pwHash']],
+		];
+		$response = dbConnector::query($query, $params);
+		return dbConnector::getLastInsertId();
+	}
+
+	/** Name of the table with all the Users
+	 *
+	 * @var string
+	 */
+	private static $tableName = 'wkParticipo_Users';
+
+	/** columns in the User table (in the database) with their type
 	 *
 	 * @var array
 	 */
@@ -25,26 +77,48 @@ class User
 		'vorname' => PDO::PARAM_STR,
 		'gebDatum' => PDO::PARAM_STR,
 		'eMail' => PDO::PARAM_STR,
-		'pwHash' => PDO::PARAM_STR,
+		'config' => PDO::PARAM_STR,
-		'config' => PDO::PARAM_STR
+		'pwHash' => PDO::PARAM_STR
 	];
 
-	/** Constructor
+
-	 * @todo Document parameter
+	////
-	 * @todo Input sanitation
+	// html interface
-	 */
+	////
-	public function __construct($id, $loginName, $name, $firstName, $dateOfBirth, $eMail, $config, $pwHash)
+
+	public static function getHtmlFormAddUser($options = [])
 	{
-		$this->id = (int) $id;
+		$returnToUrl = $options['returnToUrl'] ?? urlencode(getCurPagesUrl());
-		$this->loginName = $loginName;
+		$formClass = isset($options['formClass']) ? 'class="'.$options['formClass'].'"' : '';
-		$this->name = $name;
+
-		$this->firstName = $firstName;
+		$form =
-		$this->dateOfBirth = $dateOfBirth != null ? DateTime::createFromFormat('Y-m-d', $dateOfBirth) : null;
+			'<form ' . $formClass . ' action="api.user.add.php" method="post">'
-		$this->eMail = $eMail;
+				. '<input type="hidden" name="returnToUrl" id="returnToUrl" value="' . $returnToUrl . '" >'
-		$this->config = $config;
+				.'<div><label for="loginName">Benutzername</label> <input type="text" name="loginName" id="loginName"></div>'
-		$this->pwHash = $pwHash;
+				.'<div><label for="name">Nachname</label> <input type="text" name="name" id="name"></div>'
+				.'<div><label for="firstName">Vorname</label> <input type="text" name="firstName" id="firstName"></div>'
+				.'<div><label for="dateOfBirth">Geb.Datum</label> <input type="text" name="dateOfBirth" id="dateOfBirth"></div>'
+				.'<div><label for="eMail">eMail</label> <input type="text" name="eMail" id="eMail"></div>'
+				. '<button class="btn" type="submit" name="submit">erstellen</button>'
+			. '</form>';
+		return $form;
 	}
 
+	public static function htmlFormAddUser($options = []){
+		echo(self::getHtmlFormAddUser($options));
+	}
+
+
+	// member variables
+	private $id;
+	private $loginName;
+	private $name;
+	private $firstName;
+	private $dateOfBirth;
+	private $eMail;
+	private $config;
+	private $pwHash;
+
 	/** Export the User data into an associative array
 	 *
 	 * @return array associative array representing the user
@@ -105,7 +179,7 @@ class User
 	/** Create a User from an assoziative array like it is returned from db requests
 	 *
 	 * @param array $member associative array with the UserData from the dbRequest
-	 * @param $columnMappings renaming of columnNames, e.g., if the id  isn't under id in the array, add 'id'=>'userId' to the mappings
+	 * @param $columnMappings renaming of columnNames, e.g., if the id  isn't under 'id' in the array but under 'userID', add 'id'=>'userId' to the mappings
 	 * @return User initialized user
 	 */
 	public static function fromDbArray($member, $columnMappings = [])