diff options
| author | root | 2014-09-28 22:26:50 +0200 |
|---|---|---|
| committer | root | 2014-09-28 22:32:04 +0200 |
| commit | b9c2f9ce85e909005d0fef74794ba99d1724cbf8 (patch) | |
| tree | a164f980b198647751009ad115efaad6168db37b | |
| parent | bde71668e1b64f57e4cd3d45703e8a488b1de957 (diff) | |
| download | jungegemeinde-b9c2f9ce85e909005d0fef74794ba99d1724cbf8.tar.gz | |
improvements and dl
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | action.php | 81 | ||||
| -rw-r--r-- | functions.php | 20 | ||||
| -rw-r--r-- | index.php | 21 |
4 files changed, 108 insertions, 17 deletions
@@ -4,9 +4,12 @@ *.db *.sqlite *.swp +*.tmp _setup.php piwik.html favicon.ico +config.php tmp/ +pdf/ @@ -74,6 +74,7 @@ switch($_GET["task"]){ break; case("update"): + lredirect("liste"); if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); ob_clean(); @@ -100,8 +101,10 @@ switch($_GET["task"]){ break; case("add"): + lredirect("liste"); if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); echo "Method not allowed"; exit; } @@ -119,9 +122,45 @@ switch($_GET["task"]){ $c->flush(); } break; + case("delete"): + lredirect("liste"); + if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ + header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); + echo "Method not allowed"; + exit; + } + if ( ! isset($_GET["id"]) || $_GET["id"] == 0 || $_GET["id"] == "" ){ + print_list("update"); + } else { + //$sql = $db->prepare("UPDATE " . DBPREFIX . "member SET name = %s, adresse = %s, telefonnummer = %s, handynummer = %s, email = %s, geburtstag = %s WHERE member_id = %d;", + // $_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"], $_GET["id"] + //); + $sql = $db->prepare("DELETE FROM " . DBPREFIX . "member WHERE member_id = %d;", $_GET["id"]); + if ( ! $sql ){ + ob_clean(); + echo "SQL preparation failed."; + exit; + } + if ( $result = $db->doQuery($sql) ){ + header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); + //header("Location: /?page=" . $_GET["goto"]); + header("Location: /?page=liste"); + $c->flush(); + exit; + } else { + print_update('update'); + exit; + + } + } + + break; case("account"): + lredirect("liste"); if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); echo "Method not allowed"; exit; } @@ -173,6 +212,7 @@ switch($_GET["task"]){ case("recover"): if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); echo "Method not allowed"; exit; } @@ -209,4 +249,45 @@ JG Adlershof"; redirect("recover&track=0"); } break; + case("download"): + lredirect("liste"); + $file = '/tmp/jg_data.txt'; + $fp=fopen($file, 'w'); + if( ! isset($_GET["type"]) || $_GET["type"] == "" || $_GET["type"] == "plain" ){ + $content = "Adressliste der JG \n"; + $content .= "# | Name | Adresse | Telefon | Handy | E-Mail | Geburtstag\n"; + } else { + $content = "Adressliste der JG \n"; + } + $res = $db->doQuery("SELECT * FROM " . DBPREFIX . "member;"); + $content .= "\n"; + $count = 1; + //while ($row = $res->fetch_array(MYSQLI_ASSOC) ){ + while ($row = $res->fetch_array() ){ + + if( ! isset($_GET["type"]) || $_GET["type"] == "" || $_GET["type"] == "plain" ){ + $content .= $count . " | " . $row["name"] . " | " . $row["adresse"] . " | " . $row["telefonnummer"] . " | " . $row["handynummer"] . " | " . $row["email"] . " | " . $row["geburtstag"] . "\n"; + + }else if(($_GET["type"] == "csv")){ + $content .= $count; + for ( $i=1;$i<7;$i++){ + $content .= ';' . $row[$i]; + } + $content .= "\n"; + } + $count++; + } + + fputs($fp, $content); + fclose($fp); + ob_clean(); + header("Content-Type: text/plain; Charset=UTF-8"); + header("Content-Disposition: attachment; filename=\"JG Adressliste ".time().".txt\""); + readfile($file); + unlink($file); + exit; + break; + default: + print_404(); + break; } diff --git a/functions.php b/functions.php index 659241a..efb173c 100644 --- a/functions.php +++ b/functions.php @@ -191,6 +191,8 @@ function print_list($option = false){ ?> </tbody> </table> + <p>Downloade als <a href="/?page=action&task=download&type=plain">[plain text]</a> oder als <a href="/?page=action&task=download&type=csv">[csv]</a> Datei.</p> + <br> </div> <form method="POST" action="/?page=add&_flush="<?php echo $c->token; ?>> <button id="singlebutton" class="btn btn-info" type="submit">Füge jemanden hinzu</button> @@ -248,9 +250,25 @@ function print_update_list($id){ </tbody> </table> </div> + <button id="singlebutton" name="singlebutton" class="btn btn-info" type="submit">Ändere!</button> + + + </form> </div> + <br> + <form method="POST" action="/?page=action&task=delete&id=<?php echo htmlentities($_GET["id"]); ?>" class="form-horizontal"> + <fieldset> + <legend>Lösche "<?php echo $row["name"]; ?>" von der Liste</legend> + <div class="form-group"> + <label class="col-md-4 control-label" for="singlebutton"></label> + <div class="col-md-4"> + <button id="singlebutton" name="singlebutton" class="btn btn-danger" type="submit" onclick="return confirm('Bist du dir sicher? Der Datensatz wird unwiederbringlich gelöscht werden!');">Löschen!</button> + </div> +</div> + </fieldset> + </form> <?php } else { print_list("update"); @@ -425,7 +443,7 @@ function print_register($option = false){ } function print_account($option = false){ - lredirect("accout"); + lredirect("account"); global $user; ?> <form class="form-horizontal" method="POST" action="/?page=action&task=account&goto=account"> @@ -1,9 +1,5 @@ <?php - -# if we kann redirect user with the ?goto variable -$redirect = true; - require_once( dirname(__FILE__) . '/bootstrap.php'); ob_start('minify'); session_name(SESSION); @@ -17,7 +13,7 @@ if ( isset($_SESSION["loggedin"]) && $_SESSION["loggedin"]){ $a = "0_"; } -if ( $_SERVER["REQUEST_METHOD"] == "GET" && $_SERVER["REDIRECT_STATUS"] == 200 && strpos($_SERVER["QUERY_STRING"], "account") === false && strpos($_SERVER["QUERY_STRING"], "logout") === false) { +if ( $_SERVER["REQUEST_METHOD"] == "GET" && $_SERVER["REDIRECT_STATUS"] == 200 && strpos($_SERVER["QUERY_STRING"], "account") === false && strpos($_SERVER["QUERY_STRING"], "logout") === false && strpos($_SERVER["QUERY_STRING"], "action") === false) { $token = $c->getToken($_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]. $_SERVER["QUERY_STRING"], $a); if ( $c->exists($token)){ header("X-Cache: Hit"); @@ -87,27 +83,20 @@ require_once 'static/header.php'; case("account"): print_account(); break; - case("404"): - print_404(); - break; case("action"): require_once 'action.php'; break; + case("404"): + print_404(); + break; case("recover"). print_recover(); break; default: - print_index(); + print_404(); break; } } - -/* -if ( isset($_GET['goto']) && $_GET['goto'] != "" && $redirect ){ - header($_SERVER['SERVER_PROTOCOL'] . ' 302 Moved'); - header('Location: /?page='.$_GET['goto']); -} -*/ ?> </div> </div> |