aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--admin.php105
-rw-r--r--edit.php2
-rw-r--r--handle-reservation.php8
-rw-r--r--login.php32
-rw-r--r--request-edit.js33
-rw-r--r--reservation.php7
-rw-r--r--style.css29
-rw-r--r--test/notes.sql6
8 files changed, 168 insertions, 54 deletions
diff --git a/admin.php b/admin.php
index 39f268c..32f6b03 100644
--- a/admin.php
+++ b/admin.php
@@ -1,33 +1,5 @@
<?php
session_start();
-
-# IS LOGIN LEGITIMATE?
-if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_POST['password'])) {
- # DB CONNECT
- try {
- $user = "yota_user";
- $password = "gahdeer6shai9hogai2sai4quuaj1eVu";
- $database = "yota_call_db";
-
- $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
- $stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
- $stmt->bindParam(':email', $_POST['email']);
- $stmt->execute();
- $row = $stmt->fetch();
-
- if (password_verify($_POST['password'], $row['password'])){
- $_SESSION['admin'] = true;
- } else {
- $_SESSION['admin'] = false;
- }
- } catch (PDOException $e) {
- echo "<p>Error!: " . $e->getMessage() . "</p>";
- }
- $stmt=null;
- $conn=null;
-}
?>
<!DOCTYPE html>
<html lang="en">
@@ -52,35 +24,79 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_PO
?>
</nav>
<main>
+<p id="alert"></p>
<?php
if (isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
try {
+ $user = "yota_admin";
+ $password = "quaequaquagh6ahwoh6Chahx1EiFooGh";
+ $database = "yota_call_db";
+ $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+ $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
echo '<div style="overflow-x:auto;">';
- echo "<table>\n";
+ echo "<table><thead>\n";
echo "<tr>";
- echo "<th>Ime</th>";
- echo "<th>Prezime</th>";
- echo "<th>Godine</th>";
+ echo "<th>ID</th>";
+ echo "<th>Approved</th>";
+ echo "<th>Operator Sign</th>";
+ echo "<th>QSO</th>";
+ echo "<th>From</th>";
+ echo "<th>To</th>";
+ echo "<th>Frequencies</th>";
+ echo "<th>Modes</th>";
+ echo "<th>Special sign</th>";
+ echo "<th>Operator Name</th>";
+ echo "<th>Operator Email</th>";
+ echo "<th>Operator Phone</th>";
echo "<th>Actions</th>";
- echo "</tr>\n";
- foreach($conn->query("SELECT * FROM activities WHERE approved = false") as $row) {
+ echo "</tr></thead><tbody>\n";
+
+ foreach($conn->query("SELECT * FROM activities ORDER BY `id` DESC") as $row) {
echo "<tr>";
- echo "<td>" . $row['name'] . "</td>";
- echo "<td>" . $row['surname'] . "</td>";
- echo "<td>" . $row['age'] . "</td>";
- echo '<td><form action="admin.php" method="post">';
- echo '<input type="hidden" name="id" value="' . $row['id'] . '">';
- echo '<input type="submit" class="abtn" value="Approve"/>';
- echo '</form></td>';
- echo "</tr>\n";
+ echo "<td>" . $row['id'] . "</td>";
+
+ if ($row['approved'])
+ echo "<td><input type=\"checkbox\" checked></td>";
+ else
+ echo "<td class=\"center\"><input type=\"checkbox\"></td>";
+
+ //echo "<td contenteditable=\"true\">" . $row['operatorCall'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['fromTime'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['toTime'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['frequencies'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['modes'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['specialCall'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['operatorName'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['operatorEmail'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['operatorPhone'] . "</td>";
+ //echo "<td contenteditable=\"true\">" . $row['qso'] . "</td>";
+
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['operatorCall'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['qso'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['fromTime'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['toTime'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['frequencies'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['modes'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['specialCall'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['operatorName'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['operatorEmail'] . "</div></td>";
+ echo "<td><div class=\"edit\" contenteditable=\"true\">" . $row['operatorPhone'] . "</div></td>";
+
+ echo "<td>";
+ echo "<button onclick=\"btnAction('update', this)\">Update</button>";
+ echo "<button onclick=\"btnAction('restore', this)\">Restore</button>";
+ echo "<button onclick=\"btnAction('delete', this)\">Delete</button>";
+ echo "</td></tr>\n";
}
- echo "</table>\n</div>\n";
+ echo "</tbody></table>\n</div>\n";
} catch (PDOException $e) {
echo "<p>Error!: " . $e->getMessage() . "</p>";
}
} else {
# Bad pass check...
- if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_SESSION['admin']) && $_SESSION['admin'] == false) echo "<em>Bad credentials!</em>";
+ if (isset($_SESSION['admin']) && $_SESSION['admin'] == false)
+ echo "<em>Bad credentials!</em>";
# Login form
echo '<form method="post">';
echo '<label for="email">Email:</label>';
@@ -92,5 +108,6 @@ if (isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
}
?>
</main>
+<script src="request-edit.js"></script>
</body>
</html>
diff --git a/edit.php b/edit.php
index 3ddada5..4ff5b5e 100644
--- a/edit.php
+++ b/edit.php
@@ -1,7 +1,7 @@
<?php
session_start();
-if (isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
+if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
try {
$user = "yota_admin";
$password = "quaequaquagh6ahwoh6Chahx1EiFooGh";
diff --git a/handle-reservation.php b/handle-reservation.php
index c61ed3c..bed1949 100644
--- a/handle-reservation.php
+++ b/handle-reservation.php
@@ -59,7 +59,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Error handling
if ($is_something_empty) {
- echo "<p class=\"mid\"><strong>All fields must be filed!</strong></p>";
+ $_SESSION["msg"] = "All fields must be filed!";
}
else {
// Send to DB
@@ -79,9 +79,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$stmt->bindParam(':operatorEmail', $operatorEmail);
$stmt->bindParam(':operatorPhone', $operatorPhone);
$stmt->execute();
- echo "<p class=\"mid\">Data inserted.</p>";
+ $_SESSION["msg"] = "Data inserted.";
} catch (PDOException $e) {
- echo "<p class=\"mid\">Error!: " . $e->getMessage() . "</p>";
+ $_SESSION["msg"] = "Error!: " . $e->getMessage();
}
}
}
@@ -92,3 +92,5 @@ function clear_input($data) {
$data = htmlspecialchars($data);
return $data;
}
+
+header("Location: reservation.php");
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..6d51326
--- /dev/null
+++ b/login.php
@@ -0,0 +1,32 @@
+<?php
+session_start();
+
+# IS LOGIN LEGITIMATE?
+if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_POST['password'])) {
+ # DB CONNECT
+ try {
+ $user = "yota_user";
+ $password = "gahdeer6shai9hogai2sai4quuaj1eVu";
+ $database = "yota_call_db";
+
+ $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+ $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+ $stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
+ $stmt->bindParam(':email', $_POST['email']);
+ $stmt->execute();
+ $row = $stmt->fetch();
+
+ if (password_verify($_POST['password'], $row['password'])) {
+ $_SESSION['admin'] = true;
+ } else {
+ $_SESSION['admin'] = false;
+ }
+ } catch (PDOException $e) {
+ die("Error!: " . $e->getMessage());
+ }
+ $stmt=null;
+ $conn=null;
+}
+
+header("Location: admin.php");
diff --git a/request-edit.js b/request-edit.js
new file mode 100644
index 0000000..4d8a245
--- /dev/null
+++ b/request-edit.js
@@ -0,0 +1,33 @@
+function btnAction(action, btn) {
+ var trDom = btn.parentElement.parentElement;
+ var trData = trDom.children;
+
+ var actionData = {
+ action: action,
+ id: trData[0].innerHTML,
+ approved: trData[1].firstElementChild.checked,
+ operatorSign: trData[2].firstElementChild.innerHTML,
+ qso: trData[3].firstElementChild.innerHTML,
+ fromTime: trData[4].firstElementChild.innerHTML,
+ toTime: trData[5].firstElementChild.innerHTML,
+ freqs: trData[6].firstElementChild.innerHTML,
+ modes: trData[7].firstElementChild.innerHTML,
+ specialSign: trData[8].firstElementChild.innerHTML,
+ operatorName: trData[9].firstElementChild.innerHTML,
+ operatorEmail: trData[10].firstElementChild.innerHTML,
+ operatorPhone: trData[11].firstElementChild.innerHTML
+ }
+
+ if (actionData.action == 'delete')
+ if (confirm("Are you sure you want to delete reservation #" + actionData.id + " made by " + actionData.operatorSign + "?"))
+ trDom.remove();
+
+ //var xhr = new XMLHttpRequest();
+ //xhr.onreadystatechange = function () {
+ //if (this.readyState == 4 && status == 200) {
+
+ //}
+ //};
+ //xhr.open("POST", "edit.php", true);
+ //xhr.send(JSON.stringify(actionData));
+}
diff --git a/reservation.php b/reservation.php
index ec46440..05f6fa7 100644
--- a/reservation.php
+++ b/reservation.php
@@ -24,11 +24,14 @@ session_start();
?>
</nav>
<main>
+
<?php
- require "handle-reservation.php";
+if (isset($_SESSION["msg"])) {
+ echo "<p class=\"mid\"><strong>" . $_SESSION["msg"] . "</strong></p>";
+}
?>
-<form method="post">
+<form action="handle-reservation.php" method="post">
<!-- SPECIAL CALL -->
<label for="special-call">Special Call:</label>
<select id="special-call" name="scall">
diff --git a/style.css b/style.css
index 6495f91..c4c5f2f 100644
--- a/style.css
+++ b/style.css
@@ -48,6 +48,10 @@ nav a:hover {
max-width: 750px;
margin: 1rem auto;
}
+.alert {
+ font-weight: bold;
+ color: red;
+}
/* MAIN STYLING */
main {
@@ -70,7 +74,7 @@ a {
/* TABEL STYLING */
table {
- margin: 2rem 0;
+ margin: 1rem 0;
border-collapse: collapse;
width: 100%;
}
@@ -86,6 +90,18 @@ td, th {
border: 1px solid #ccc;
text-align: left;
padding: 8px;
+ white-space: nowrap;
+}
+
+.center {
+ text-align: center;
+}
+.edit {
+ padding: 2px;
+ border-top: 1px solid #333;
+ border-left: 1px solid #333;
+ border-bottom: 1px solid #aaa;
+ border-right: 1px solid #aaa;
}
tr:nth-child(even) {
@@ -117,6 +133,17 @@ input[type=submit] {
margin: 8px 0;
}
+button {
+ background-color: #eee;
+ color: black;
+ border: #ccc 1px solid;
+ padding: 7px 10px;
+ margin: 2px;
+}
+button:hover {
+ background-color: #f6f6f6;
+}
+
input[type=submit] {
background-color: #ddd;
}
diff --git a/test/notes.sql b/test/notes.sql
index dd59770..fbabe4e 100644
--- a/test/notes.sql
+++ b/test/notes.sql
@@ -22,6 +22,6 @@ CREATE TABLE admins(
`password` varchar(255) not null
) charset=utf8;
-GRANT ALL PRIVILEGES ON `yota_db`.* TO `yota_admin`@`localhost` IDENTIFIED BY 'quaequaquagh6ahwoh6Chahx1EiFooGh';
-GRANT SELECT ON `yota_db`.* TO `yota_user`@`localhost` IDENTIFIED BY 'gahdeer6shai9hogai2sai4quuaj1eVu';
-GRANT INSERT ON `yota_db`.`activities` TO `yota_requester`@`localhost` IDENTIFIED BY 'oon5iraeghaidoShi5sheefie2uuz3gu';
+GRANT ALL PRIVILEGES ON `yota_call_db`.* TO `yota_admin`@`localhost` IDENTIFIED BY 'quaequaquagh6ahwoh6Chahx1EiFooGh';
+GRANT SELECT ON `yota_call_db`.* TO `yota_user`@`localhost` IDENTIFIED BY 'gahdeer6shai9hogai2sai4quuaj1eVu';
+GRANT INSERT ON `yota_call_db`.`activities` TO `yota_requester`@`localhost` IDENTIFIED BY 'oon5iraeghaidoShi5sheefie2uuz3gu';
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 10:08:55 +0000