whupfeld/melder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Admin User

Browse Source
This commit is contained in:
Walter Hupfeld 2024-02-21 19:42:20 +01:00
parent 11575edc75
commit c1c4151300
12 changed files with 69 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
admin/alter_table.php
View File

@ -20,4 +20,11 @@ $db->exec("CREATE TABLE IF NOT EXISTS user(
created_at TEXT DEFAULT CURRENT_TIMESTAMP
)");
header("Location: configuration.php");
header("Location: configuration.php");
INSERT INTO user (username, passwordhash, district)
SELECT district, "$2y$10$W9CE8IOOfnfi3XTMEVByZeDIrZo1VPxCHz2CfCe.sOH87V/AdaUG2", district
FROM district;

11
admin/configuration.php
View File

@ -6,7 +6,13 @@
header("Location: login.php");
}
$dbFilename = "../db/locations.db";
if (isset($_SESSION['superadmin'])) {
$boolSuperAdmin = $_SESSION['superadmin']==true;
} else {
$boolSuperAdmin=false;
}
require_once("../config.php");
$boolError=false;
?>
@ -72,7 +78,7 @@
<div class="row">
<div class="col-md-7 col-lg-7">
<?php if ($boolSuperAdmin): ?>
<div class="card">
<div class="card-header">
<h3>Konfiguration</h3>
@ -130,6 +136,7 @@
<input type="hidden" name="csrf" value="<?=$_SESSION['csrf_token']?>">
<input type="submit" class="btn btn-primary" value="Konfiguration ändern">
</form>
<?php endif; ?>
<br><br><br>
</div>
</div> <!-- row -->

7
admin/dump.php
View File

@ -16,10 +16,13 @@
header("Location: login.php");
}
$strDistrict=$_SESSION['district'];
if (isset($_SESSION['superadmin'])) {
$boolSuperAdmin = $_SESSION['superadmin']==true;
} else {
$boolSuperAdmin=false;
}
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
require("../config.db.php");
require ("../config.php");
// Set headers to make the browser download the results as a csv file

4
admin/export.php
View File

@ -15,9 +15,13 @@
if (!$boolLogin) {
header("Location: login.php");
}
$strDistrict=$_SESSION['district'];
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
require ("../config.php");
?>
<!DOCTYPE html>

8
admin/index.php
View File

@ -17,6 +17,14 @@
header("Location: login.php");
}
$strDistrict=$_SESSION['district'];
if (isset($_SESSION['superadmin'])) {
$boolSuperAdmin = $_SESSION['superadmin']==true;
} else {
$boolSuperAdmin=false;
}
include("../config.php");
$boolShowmap=false;

6
admin/login.php
View File

@ -25,12 +25,14 @@ $boolLogin=true;
if (isset($_POST['login']) && isset($_POST['password'])) {
$strUser = trim($_POST['login']);
$strPassword = trim($_POST['password']);
$strSQL = "SELECT username,passwordhash FROM user WHERE username='$strUser'";
$strSQL = "SELECT username,passwordhash,district FROM user WHERE username='$strUser'";
$result = $db->query($strSQL);
if ($row=$result->fetch(PDO::FETCH_ASSOC)) {
if (password_verify($strPassword,$row['passwordhash'])) {
$boolOk = $strDistrict==$row['district'] || $row['username']=="admin";
if (password_verify($strPassword,$row['passwordhash']) && $boolOk) {
$_SESSION['user']=$strUser;
$_SESSION['csrf_token'] = uniqid('', true);
$_SESSION['superadmin'] = $row['username']=="admin";
header ("Location: index.php");
} else {
$boolLogin=false;

6
admin/logout.php
View File

@ -1,5 +1,11 @@
<?php
session_start();
if (isset($_SESSION['district'])) {
$strDistrict=$_SESSION['district'];
}
session_destroy();
session_start();
$_SESSION['district']=$strDistrict;
header ("Location: ../index.php");

5
admin/print_html.php
View File

@ -7,6 +7,11 @@
header("Location: login.php");
}
$strDistrict=$_SESSION['district'];
if (isset($_SESSION['superadmin'])) {
$boolSuperAdmin = $_SESSION['superadmin']==true;
} else {
$boolSuperAdmin=false;
}
include("../config.php");
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";

2
config.php
View File

@ -11,8 +11,6 @@
require_once("config.db.php");
$boolSuperAdmin=false;
$strSQL = "select * from config";
$result = $db->query($strSQL);

22
docker-compose.sample.yml
View File

@ -1,29 +1,29 @@
version: '3'
services:
dev-unfallkarte:
dev-ideenmelder:
image: php81:v1
container_name: dev-unfallkarte
container_name: dev-ideenmelder
volumes:
- ./:/var/www/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.dev-unfallkarte.entrypoints=https"
- "traefik.http.routers.dev-unfallkarte.rule=Host(`unfallkarte.hpadm.de`)"
- "traefik.http.routers.dev-unfallkarte.tls=true"
- "traefik.http.routers.dev-unfallkarte.tls.certresolver=http"
- "traefik.http.routers.dev-unfallkarte.middlewares=default@file"
- "traefik.http.routers.dev-unfallkarte.service=dev-unfallkarte"
- "traefik.http.services.dev-unfallkarte.loadbalancer.server.port=80"
- "traefik.http.routers.dev-ideenmelder.entrypoints=https"
- "traefik.http.routers.dev-ideenmelder.rule=Host(`nrw-ideenmelder.hpadm.de`)"
- "traefik.http.routers.dev-ideenmelder.tls=true"
- "traefik.http.routers.dev-ideenmelder.tls.certresolver=http"
- "traefik.http.routers.dev-ideenmelder.middlewares=default@file"
- "traefik.http.routers.dev-ideenmelder.service=dev-ideenmelder"
- "traefik.http.services.dev-ideenmelder.loadbalancer.server.port=80"
- "traefik.docker.network=proxy"
networks:
- default
- proxy
restart: always
dev-unfallkarte-db:
dev-ideenmelder-db:
image: mariadb
container_name: dev-unfallkarte-db
container_name: dev-ideenmelder-db
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=geheim #SQL root Passwort eingeben

3
index.php
View File

@ -1,6 +1,5 @@
<?php
/** *****************************
/*******************************
* Ideenmelder
* Autor: Walter Hupfeld, Hamm
* E-Mail: info@hupfeld-software.de

45
setup.php
View File

@ -8,15 +8,11 @@
* Datum: 18.05.2021
******************************** */
$dbFilename = "db/locations.db";
exit();
require("config.db.php");
$boolError=false;
if (file_exists("db/locations.php")) {
die ("Datenbank existiert bereits.");
}
?>
@ -79,9 +75,9 @@
* Datenbank anlegen
*
************************************************** */
$boolError=true;
echo "Datenbank anlegen: ";
if (!$boolError && !file_exists("db/locations.db")) {
if (!$boolError) {
require("admin/create_database.php");
echo "Datenbank angelegt";
} else {
@ -108,7 +104,7 @@ require("config.php");
</div>
</div>
<br>
<!--
<div class="card">
<div class="card-header">
<h3>Dateneingabe aktivieren</h3>
@ -119,7 +115,7 @@ require("config.php");
</div>
</div>
<br>
-->
<div class="card">
<div class="card-header">
<h3>Konfiguration</h3>
@ -143,31 +139,6 @@ require("config.php");
<br>
<div class="card">
<div class="card-header">
<h3>Karteninfo</h3>
</div>
<div class="card-body">
<h4>Stadt oder Kreis</h4>
<label class="leftlabel">Stadt/Kreis: </label>
<input type="text" name="district" id="district" value="<?=$strStadt?>" required >
<h4>Kartenzentrum</h4>
<div class="small">Hier liegt das Zentrum der Karte und es erscheint der Info-Marker.</div>
<label class="leftlabel">Latitude:</label><input type="text" name="lat" id="lat" value="<?=$numInfoLat?>" required><br>
<label class="leftlabel">Longitude:</label><input type="text" name="lng" id="lng" value="<?=$numInfoLng?>" required><br>
<div class="small">Zoom-Faktor beim Start der Karte.</div>
<label class="leftlabel">Startzoom:</label><input type="text" name="zoom" id="zoom" value="<?=$numZoom?>" required>
<h4>GeoJson</h4>
<p>Die Datei kann man von folgender Adresse laden und ins Vezeichnis /geojson kopieren:
<a href="https://public.opendatasoft.com/explore/dataset/landkreise-in-germany/export/">public.opendatasoft.com</a>
</p>
<label class="leftlabel">GeoJson-Datei: </label><input type="text" name="geojson" id="geojson" value="<?=$fileGeojson?>" required>
</div>
</div>
<br>