marko/cwsvJudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

self opening modals, loginredirects keep fragment data

Browse Source
This commit is contained in:
marko
2022-06-12 19:54:29 +02:00
parent 56fe127c81
commit 8329a6b2df
8 changed files with 72 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
homepage/participo/lib/participoLib/participo.php
View File

@@ -37,7 +37,7 @@ class participo{
static public function authentificate(){
session_start();
if ( !self::isLoginValid() ) {
header("Location: login?returnToUrl=".urlencode($_SERVER['REQUEST_URI']), TRUE, 301);
header("Location: login?returnToUrl=".urlencode($_SERVER['REQUEST_URI'].($_POST['fragment'] ?? "")), TRUE, 301);
exit(); // should'nt matter
}
}
@@ -45,6 +45,15 @@ class participo{
static public function getMessages(){return self::$message;}
static public function addMessage($type, $message){self::$message[$type] = (self::$message[$type] ?? "").$message;}
/**
* check password for user
*
* @param string $loginName user who wants to get in
* @param string $password passwor for the user
*
* @retval true $password belongs to $loginName
* @retval false otherwise
*/
static public function checkCredentials($loginName, $password){
sleep(1); // just to discurrage brute force attacks
// Check for dbConnection
@@ -291,44 +300,6 @@ function loadMarkdownFile($fileName){
);
}
function checkCredentials($username, $password, $db_server, $db_user, $db_password, $db_name){
sleep(1);
$mysqli = @new mysqli($db_server, $db_user, $db_password, $db_name);
if ($mysqli->connect_error) {
$message['error'] = 'Datenbankverbindung fehlgeschlagen: ' . $mysqli->connect_error;
} else {
$query = sprintf(
"SELECT id, loginName, pwHash, config FROM wkParticipo_Users WHERE loginName = '%s'",
$mysqli->real_escape_string($_POST['f']['username'])
);
$result = $mysqli->query($query);
if ($row = $result->fetch_array(MYSQLI_ASSOC)) {
if( password_verify( $_POST['f']['password'], $row['pwHash']) ){
session_start();
$_SESSION = array(
'login' => true,
'user' => array(
'username' => $row['loginName'],
'userId' => $row['id'],
'userConfig' => json_decode($row['config'], true)
),
);
$message['success'] = 'Anmeldung erfolgreich, <a href="index.php">weiter zum Inhalt</a>.';
// Logging Logins
logLoginsToJsonFile($_SESSION['user']['username']);
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/participo?user=' . $_POST['f']['username']);
} else {
sleep(5);
$message['error'] = 'Das Kennwort ist nicht korrekt.';
}
}
}
return $message;
}
/**
* Log the Login of an user into a logFile
*

19
homepage/participo/lib/participoLib/planer.php
View File

@@ -88,10 +88,23 @@ class event{
public function htmlTableRow(){
return
"<tr>".
"<td>".$this->date->format("Y-m-d")."</td>".
"<td>Datum ".$this->date->format("Y-m-d")."</td>".
"<td><a href=\"/pages/desktop/wkParticipo/showWkEvent.php?eventId=".$this->id."\" >".$this->shiai->getName()."</a></td>".
"<td><a class=\"waves-effect waves-light btn-floating modal-trigger\" href=\"#event-modal-".$this->id."\"><i class=\"material-icons\">add</i></a></td>".
"</tr>";
}
public function htmlModal(){
return
"<div id=\"event-modal-".$this->id."\" class=\"modal\">".
"<div class=\"modal-content\">".
"<h4>".$this->shiai->getName()."</h4>".
"<p>A bunch of text</p>".
"</div>". // end modal-content
"<div class=\"modal-footer\">".
"<a href=\"#!\" class=\"modal-close waves-effect waves-green btn-flat\">Agree</a>".
"</div>".
"</div>";
}
static public function fromArray($member){
$shiai = json_decode($member['bemerkungen'], true);
@@ -157,10 +170,14 @@ class eventPlaner{
static public function getHtmlEventTable($eventList){
$ret = "<table>";
$ret .= "<!-- And now the table -->";
foreach($eventList as $event){
$ret .= $event->htmlTableRow();
}
$ret .= "</table>";
foreach($eventList as $event){
$ret .= $event->htmlModal();
}
return $ret;
}
}