hamza.sarwar/Lachenzelg
1
0
Fork 0
Code Issues 17 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: hamza.sarwar:acaebcb578ee5b6edd69e03c73ff0bda0c1d51ea
Branches Tags
hamza.sarwar:master
...
compare: hamza.sarwar:b4c925f6aa11823774cc9de6074d5f38ccafeb3a
Branches Tags
hamza.sarwar:master

2 Commits
acaebcb578 ... b4c925f6aa

Author SHA1 Message Date
hamza.sarwar
b4c925f6aa Merge branch 'master' of https://gitlab.sarwar.cloud/hamza.sarwar/Lachenzelg 2025-01-14 14:21:19 +01:00
hamza.sarwar
3afced16db Forgot-Password hinzugefügt 2025-01-14 07:44:19 +01:00
9 changed files with 411 additions and 106 deletions
Show Stats Expand all files Collapse all files

3
admin/categories-edit.php
View File

@ -22,7 +22,8 @@
<div class="col-7"> <div class="col-7">
<a href="categories.php" class="btn ms-2 btn-light float-end"> <i class="ti ti-arrow-left"></i> Zurück zur Übersicht</a> <a href="categories.php" class="btn ms-2 btn-light float-end"> <i class="ti ti-arrow-left"></i> Zurück zur Übersicht</a>
<a href="categories-registrations.php?id=<?= $category['data']['id']; ?>" class="btn ms-2 btn-secondary float-end"> <i class="ti ti-chart-candle"></i> Kursanmeldungen</a> <a href="categories-registrations.php?id=<?= $category['data']['id']; ?>" class="btn ms-2 btn-secondary float-end"> <i class="ti ti-chart-candle"></i> Kursanmeldungen</a>
<a href="categories-reports.php?id=<?= $category['data']['id']; ?>" class="btn btn-danger float-end disabled"> <i class="ti ti-chart-area"></i> Auswertung</a> <a href="categories-reports-course.php?id=<?= $category['data']['id']; ?>" class="btn btn-danger ms-2 float-end"> <i class="ti ti-chart-area"></i> Statistik nach Kurs</a>
<a href="categories-reports-class.php?id=<?= $category['data']['id']; ?>" class="btn btn-warning float-end"> <i class="ti ti-chart-area"></i> Statistik nach Klasse</a>
</div> </div>
</div> </div>
<form action="code.php" method="POST"> <form action="code.php" method="POST">

67
admin/categories-reports-class.php Normal file
View File

@ -0,0 +1,67 @@
<?php include('includes/header.php'); ?>
<div>
<?php
$paramResult = checkParamId('id');
if(!is_numeric($paramResult)){
echo '<div class="alert alert-danger" role="alert">'.$paramResult.'</div>';
return false;
}
$category = getById('tbl_categories', checkParamId('id'));
if($category['status'] == 200) {
?>
<div class="card card-body p-4">
<?= alertMessage(); ?>
<div class="row">
<div class="col-8">
<h3 class="fw-semibold mb-4">Statistik nach Klasse zu <?=$category['data']['name'];?></h3>
</div>
<div class="col-4">
<a href="categories-edit.php?id=<?=$category['data']['id'];?>" class="btn btn-light float-end">
<i class="ti ti-arrow-left"></i> Zurück zur Übersicht
</a>
</div>
</div>
<div class="table-responsive">
<table class="table table-hover" id="sortTable">
<thead>
<tr>
<th style="cursor: pointer;" onclick="sortTable(0)">Klasse</th>
<th style="cursor: pointer;" onclick="sortTable(1)">Schüler</th>
<th style="cursor: pointer;" onclick="sortTable(2)">Mit Auswahl</th>
<th style="cursor: pointer;" onclick="sortTable(3)">Nichts ausgewählt</th>
</tr>
</thead>
<tbody>
<?php
$classes = mysqli_query($conn, "
SELECT
c.id AS classID,
CONCAT(c.sek, ' ', c.type, ' - ', c.name) AS classDisplayName
FROM tbl_classes c
");
while ($class = mysqli_fetch_assoc($classes)) {
$classID = $class['classID'];
$classDisplayName = $class['classDisplayName'];
$totalStudents = countStudentsInClass($classID);
$studentsWithSelection = countStudentsWithSelection($classID, $category['data']['id']);
$studentsWithoutSelection = $totalStudents - $studentsWithSelection;
?>
<tr>
<td><?= $classDisplayName; ?></td>
<td><?= $totalStudents; ?></td>
<td><?= $studentsWithSelection; ?></td>
<td><?= $studentsWithoutSelection; ?></td>
</tr>
<?php }
} ?>
</tbody>
</table>
</div>
</div>
</div>
<?php include('includes/footer.php'); ?>

74
admin/categories-reports-course.php Normal file
View File

@ -0,0 +1,74 @@
<?php include('includes/header.php'); ?>
<div>
<?php
$paramResult = checkParamId('id');
if(!is_numeric($paramResult)){
echo '<div class="alert alert-danger" role="alert">'.$paramResult.'</div>';
return false;
}
$category = getById('tbl_categories',checkParamId('id'));
if($category['status'] == 200)
{
?>
<div class="card card-body p-4">
<?= alertMessage(); ?>
<div class="row">
<div class="col-8">
<h3 class="fw-semibold mb-4">Statistik nach Kurs zu <?=$category['data']['name'] ;?> </h3>
</div>
<div class="col-4">
<a href="categories-edit.php?id=<?=$category['data']['id'] ;?>" class="btn btn-light float-end"> <i class="ti ti-arrow-left"></i> Zurück zur Übersicht</a>
</div>
</div>
<div class="table-responsive">
<table class="table table-hover" id="sortTable">
<thead>
<tr>
<th style="cursor: pointer;" onclick="sortTable(0)">Kursname</th>
<th style="cursor: pointer;" onclick="sortTable(1)">Anzahl der Schüler</th>
<th style="cursor: pointer;" onclick="sortTable(2)">Angemeldet</th>
<th style="cursor: pointer;" onclick="sortTable(3)">Genehmigt</th>
<th style="cursor: pointer;" onclick="sortTable(4)">Abgelehnt</th>
<th></th>
</tr>
</thead>
<tbody>
<?php
$category_id = $category['data']['id'];
$courses = getAll('id,name', 'tbl_courses', "WHERE category_id='$category_id'");
if(mysqli_num_rows($courses) > 0) {
foreach($courses as $courseEntry) {
$studentCount = countAllStudentsInCourse($courseEntry['id']);
$registeredCount = countStudentsByStatus($courseEntry['id'], 'Angemeldet');
$selectedCount = countStudentsByStatus($courseEntry['id'], 'Genehmigt');
$rejectedCount = countStudentsByStatus($courseEntry['id'], 'Abgelehnt');
?>
<tr>
<td><?= $courseEntry['name']; ?></td>
<td><?= $studentCount; ?></td>
<td><?= $registeredCount; ?></td>
<td><?= $selectedCount; ?></td>
<td><?= $rejectedCount; ?></td>
<td>
<a href="courses-edit.php?id=<?= $courseEntry['id']; ?>" class="btn btn-light btn-sm float-end mx-1"> <i class="ti ti-pencil"></i></a>
</td>
</tr>
<?php }
}
} else {
?>
<tr>
<td colspan="7">Keine Kurse vorhanden</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php include('includes/footer.php'); ?>

101
admin/categories-reports.php
View File

@ -1,101 +0,0 @@
<?php include('includes/header.php'); ?>
<div>
<div class="card card-body p-4">
<?= alertMessage(); ?>
<div class="row">
<div class="col-8">
<h3 class="fw-semibold mb-4">Administrator bearbeiten</h3>
</div>
<div class="col-4">
<a href="admins.php" class="btn btn-light float-end"> <i class="ti ti-arrow-left"></i> Zurück zur Übersicht</a>
</div>
</div>
<form action="code.php" method="POST">
<?php
$paramResult = checkParamId('id');
if(!is_numeric($paramResult)){
echo '<div class="alert alert-danger" role="alert">'.$paramResult.'</div>';
return false;
}
$admin = getById('tbl_admins',checkParamId('id'));
if($admin['status'] == 200)
{
?>
<input type="hidden" name="id" value="<?= $admin['data']['id'] ;?>" required>
<div class="row">
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">Vorname</label>
<input type="text" name="firstname" value="<?= $admin['data']['firstname'] ;?>" required class="form-control">
</div>
</div>
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">Nachname</label>
<input type="text" name="lastname" value="<?= $admin['data']['lastname'] ;?>" required class="form-control">
</div>
</div>
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">Benutzer-ID</label>
<input type="text" name="user-id" value="<?= $admin['data']['userid'] ;?>" required pattern="[A-Za-z0-9\-]+" onkeydown="if(['Space'].includes(arguments[0].code)){return false;}" class="form-control">
</div>
</div>
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">Kennwort</label>
<input type="password" name="password" value="<?= $admin['data']['password'] ;?>" required class="form-control">
</div>
</div>
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">Status</label>
<select name="status" class="form-select">
<?php
$enumValueLabels = [
'active' => 'Aktiv',
'disabled' => 'Inaktiv'
];
createEnumSelect('tbl_admins', 'status', $admin['data']['status'],$enumValueLabels); ?>
</select>
</div>
</div>
<div class="col-md-12">
<button type="submit" name="updateadmin" class="btn btn-info float-end mx-1"> <i class="ti ti-check"></i> Änderungen speichern</button>
<a type="button" class="btn btn-danger float-end mx-1" data-bs-toggle="modal" data-bs-target="#deleteAdmin"><i class="ti ti-trash"></i> Löschen</a>
</div>
</div>
<?php
}
else
{
echo '<div class="alert alert-danger" role="alert">'.$admin['message'].'</div>';
}
?>
</form>
</div>
</div>
<!-- Modal -->
<div class="modal fade" id="deleteAdmin" data-bs-backdrop="static" data-bs-keyboard="false" tabindex="-1" aria-labelledby="staticBackdropLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h1 class="modal-title fs-5" id="staticBackdropLabel">Administrator entfernen</h1>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<p>Sind Sie sicher, dass Sie <b><?= $admin['data']['firstname'] . ' ' . $admin['data']['lastname']?></b> entfernen möchten?</p>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-light" data-bs-dismiss="modal">Abbrechen</button>
<a href="admins-delete.php?id=<?= $admin['data']['id']; ?>" class="btn btn-danger"><i class="ti ti-trash"></i> Löschen</a>
</div>
</div>
</div>
</div>
<!-- Modal Ende -->
<?php include('includes/footer.php'); ?>

163
config/function.php
View File

@ -64,6 +64,18 @@ function getAll($columnname,$tablename,$conditionvalue = "")
return $result; return $result;
} }
function saveResetToken($userId, $token, $expiry) {
global $conn;
$userId = validate($userId);
$token = validate($token);
$expiry = validate($expiry);
$query = "UPDATE users SET reset_token='$token', reset_token_expiry='$expiry' WHERE userid='$userId'";
$result = mysqli_query($conn, $query);
return $result;
}
function getById($tableName, $id) function getById($tableName, $id)
{ {
global $conn; global $conn;
@ -918,6 +930,27 @@ function getStudentAssignments($studentID)
} }
} }
function updatePassword($userId, $newPassword) {
global $conn;
$userId = validate($userId);
$newPassword = validate($newPassword);
$query = "UPDATE users SET password='$newPassword' WHERE id='$userId'";
$result = mysqli_query($conn, $query);
return $result;
}
function deleteResetToken($userId) {
global $conn;
$userId = validate($userId);
$query = "UPDATE users SET reset_token=NULL, reset_token_expiry=NULL WHERE id='$userId'";
$result = mysqli_query($conn, $query);
return $result;
}
function isStudentRegisteredForCourse($studentId, $courseId) { function isStudentRegisteredForCourse($studentId, $courseId) {
// Hier eine Abfrage zur Datenbank machen, um zu prüfen, ob ein Eintrag in tbl_assign_students_courses existiert // Hier eine Abfrage zur Datenbank machen, um zu prüfen, ob ein Eintrag in tbl_assign_students_courses existiert
global $conn; // Annahme, dass $conn die Datenbankverbindung ist global $conn; // Annahme, dass $conn die Datenbankverbindung ist
@ -929,7 +962,7 @@ function isStudentRegisteredForCourse($studentId, $courseId) {
$stmt->fetch(); $stmt->fetch();
$stmt->close(); $stmt->close();
return $count > 0; return $count = 0;
} }
@ -968,4 +1001,132 @@ function getAllAssignedCoursesByCategory($studentID, $categoryID) {
return $assignedCourses; return $assignedCourses;
} }
// Funktion, die alle Schüler zählt, die einer Klasse zugewiesen sind, die der Kategorie und dem Kurs zugeordnet ist
function countAllStudentsInCourse($courseID) {
global $conn;
// Abfrage, um alle Schüler zu zählen, deren Klasse der Kategorie und dem Kurs zugeordnet ist
$query = "
SELECT COUNT(DISTINCT s.id)
FROM tbl_students s
INNER JOIN tbl_assign_categories_classes acc ON s.class = acc.class_id
INNER JOIN tbl_assign_courses_classes acc_courses ON acc.class_id = acc_courses.class_id
WHERE acc_courses.course_id = '$courseID'
AND acc.category_id = (
SELECT category_id FROM tbl_courses WHERE id = '$courseID'
)
";
$result = mysqli_query($conn, $query);
if ($result) {
$row = mysqli_fetch_row($result);
return $row[0]; // Gibt die Anzahl der Schüler zurück
}
return 0; // Falls keine Schüler gefunden wurden
}
// Funktion, um Schüler nach Status zu zählen
function countStudentsByStatus($courseID, $status) {
global $conn;
// SQL-Abfrage, um die Anzahl der Schüler mit einem bestimmten Status zu zählen
$query = "
SELECT COUNT(DISTINCT s.id)
FROM tbl_students s
INNER JOIN tbl_assign_categories_classes acc ON s.class = acc.class_id
INNER JOIN tbl_assign_courses_classes acc_courses ON acc.class_id = acc_courses.class_id
INNER JOIN tbl_assign_students_courses asc_tbl ON asc_tbl.student_id = s.id
WHERE acc_courses.course_id = '$courseID'
AND acc.category_id = (
SELECT category_id FROM tbl_courses WHERE id = '$courseID'
)
AND asc_tbl.status = '$status'
";
$result = mysqli_query($conn, $query);
if ($result) {
$row = mysqli_fetch_row($result);
return $row[0]; // Gibt die Anzahl der Schüler mit diesem Status zurück
}
return 0; // Falls keine Schüler gefunden wurden
}
function countStudentsWithoutSelection($classID, $categoryID) {
global $conn;
$query = "
SELECT COUNT(DISTINCT s.id) AS no_selection_count
FROM tbl_students s
LEFT JOIN tbl_assign_students_courses asc_tbl
ON asc_tbl.student_id = s.id
AND asc_tbl.course_id IN (
SELECT id
FROM tbl_courses
WHERE category_id = '$categoryID'
)
WHERE s.class = '$classID'
AND asc_tbl.course_id IS NULL
";
$result = mysqli_query($conn, $query);
if ($result) {
$row = mysqli_fetch_assoc($result);
return $row['no_selection_count'];
}
return 0; // Falls keine Schüler gefunden wurden
}
function countStudentsInClass($classID) {
global $conn;
$query = "
SELECT COUNT(*) AS student_count
FROM tbl_students
WHERE class = '$classID'
";
$result = mysqli_query($conn, $query);
if ($result) {
$row = mysqli_fetch_assoc($result);
return $row['student_count'];
}
return 0; // Falls keine Schüler in der Klasse gefunden wurden
}
function countStudentsWithSelection($classID, $categoryID) {
global $conn;
$query = "
SELECT COUNT(DISTINCT s.id) AS selected_count
FROM tbl_students s
JOIN tbl_assign_students_courses asc_tbl
ON s.id = asc_tbl.student_id
WHERE s.class = '$classID'
AND asc_tbl.course_id IN (
SELECT id
FROM tbl_courses
WHERE category_id = '$categoryID'
)
";
$result = mysqli_query($conn, $query);
if ($result) {
$row = mysqli_fetch_assoc($result);
return $row['selected_count'];
}
return 0; // Falls keine Schüler mit einer Auswahl gefunden wurden
}
?> ?>

2
forgot-password.php
View File

@ -1,2 +0,0 @@
<?php
?>

75
forgot_password.php Normal file
View File

@ -0,0 +1,75 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Scolify - Schule Lachenzelg</title>
<link rel="shortcut icon" type="image/png" href="assets/images/logos/favicon.png" />
<link rel="stylesheet" href="assets/css/styles.min.css" />
</head>
<body>
<!-- Body Wrapper -->
<div class="page-wrapper" id="main-wrapper" data-layout="vertical" data-navbarbg="skin6" data-sidebartype="full"
data-sidebar-position="fixed" data-header-position="fixed">
<div
class="position-relative overflow-hidden radial-gradient min-vh-100 d-flex align-items-center justify-content-center">
<div class="d-flex align-items-center justify-content-center w-100">
<div class="row justify-content-center w-100">
<div class="col-md-8 col-lg-6 col-xxl-3">
<div class="card mb-0">
<div class="card-body">
<a href="./index.php" class="text-nowrap logo-img text-center d-block py-3 w-100">
<img src="assets/images/logos/login.png" width="180" alt="">
</a>
<form action="forgot_password.php" method="POST">
<label for="user_id">Benutzer-ID:</label>
<input type="text" name="user_id" required>
<button class="btn btn-primary py-8 fs-4 w-100 mb-2 mt-3 rounded-2" type="btn submit">Passwort zurücksetzen</button>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script src="assets/libs/jquery/dist/jquery.min.js"></script>
<script src="assets/libs/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$userId = $_POST['user_id'];
// Hole den Benutzer anhand der User-ID
$userResponse = getById('tbl_students', $userId);
if ($userResponse['status'] == 200) {
$user = $userResponse['data'];
// Überprüfe, ob eine E-Mail-Adresse für den Benutzer vorhanden ist
if (!empty($user['emailstudent'])) {
// Generiere ein Token für das Zurücksetzen des Passworts
$token = bin2hex(random_bytes(50));
$expiry = date('Y-m-d H:i:s', strtotime('+1 hour'));
// Speichere das Token und das Ablaufdatum in der Datenbank
saveResetToken($user['id'], $token, $expiry);
// Sende die E-Mail mit dem Token-Link
$resetLink = "http://localhost/reset_password.php?token=$token";
mail($user['emailstudent'], "Passwort zurücksetzen", "Klicke auf diesen Link, um dein Passwort zurückzusetzen: $resetLink");
echo "Überprüfe deine E-Mails, um dein Passwort zurückzusetzen.";
}
}
}
?>

2
index.php
View File

@ -49,7 +49,7 @@
Beispiel: </b> 06.04.2002 Beispiel: </b> 06.04.2002
</div> </div>
<div class="d-flex align-items-center justify-content-between mb-4"> <div class="d-flex align-items-center justify-content-between mb-4">
<a class="text-primary fw-bold" href="./forgot-password.php">Kennwort vergessen?</a> <a class="text-primary fw-bold" href="./forgot_password.php">Kennwort vergessen?</a>
</div> </div>
<button type="submit" name="login" class="btn btn-primary w-100 py-8 fs-4 mb-4 rounded-2">Anmelden</button> <button type="submit" name="login" class="btn btn-primary w-100 py-8 fs-4 mb-4 rounded-2">Anmelden</button>
</form> </form>

30
reset_password.php Normal file
View File

@ -0,0 +1,30 @@
<?php
if (isset($_GET['token'])) {
$token = $_GET['token'];
// Hole den Benutzer, der das Token hat und prüfe, ob das Token gültig ist
$userResponse = getById('users', $token);
if ($userResponse['status'] == 200) {
$user = $userResponse['data'];
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$newPassword = password_hash($_POST['password'], PASSWORD_DEFAULT);
// Setze das neue Passwort und lösche das Token
updatePassword($user['id'], $newPassword);
deleteResetToken($user['id']);
echo "Dein Passwort wurde erfolgreich zurückgesetzt.";
}
} else {
echo "Das Token ist ungültig oder abgelaufen.";
}
}
?>
<form action="reset_password.php?token=<?php echo $token; ?>" method="POST">
<label for="password">Neues Passwort:</label>
<input type="password" name="password" required>
<button type="submit">Passwort zurücksetzen</button>
</form>