yannic/librarySoftware
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed formatting

Browse source
This commit is contained in:
Yannic 2025-09-26 21:13:51 +02:00
parent 91bb969d66
commit 6ba55c000b
3 changed files with 448 additions and 431 deletions
Download patch file Download diff file Expand all files Collapse all files

101
index.php
View file

@ -1,28 +1,30 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<?php <?php
include "db/bootstrap.php"; include "db/bootstrap.php";
include "db/functions.php"; include "db/functions.php";
session_start(); session_start();
if(empty($_SESSION['csrf_token'])){ if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32)); $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
} }
$books = getBooks($pdo); $books = getBooks($pdo);
$borrowers = getBorrowers($pdo); $borrowers = getBorrowers($pdo);
$activeLoans = getActiveLoans($pdo); $activeLoans = getActiveLoans($pdo);
$lateLoans = getLateLoans($pdo); $lateLoans = getLateLoans($pdo);
?> ?>
<head>
<head>
<meta charset="utf-8"> <meta charset="utf-8">
<link rel="stylesheet" href="style.css"> <link rel="stylesheet" href="style.css">
<title>Bücherei Verwaltung</title> <title>Bücherei Verwaltung</title>
</head> </head>
<body>
<body>
<h1>Bücherei Verwaltung</h1> <h1>Bücherei Verwaltung</h1>
<br> <br>
<table> <table>
@ -60,8 +62,8 @@
<select name="book" required> <select name="book" required>
<option value="">Wähle ein Buch</option> <option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?> <?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID'])?>"> <option value="<?= htmlspecialchars($book['bookID']) ?>">
<?= htmlspecialchars($book['title'] . " by " . $book['author'])?> <?= htmlspecialchars($book['title'] . " by " . $book['author']) ?>
</option> </option>
<?php endforeach; ?> <?php endforeach; ?>
</select> </select>
@ -119,8 +121,8 @@
<select name="borrowerID" required> <select name="borrowerID" required>
<option value="">Wähle einen Ausleiher</option> <option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?> <?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID'])?>"> <option value="<?= htmlspecialchars($borrower['borrowerID']) ?>">
<?= htmlspecialchars($borrower['lastName'] . ", " . $borrower['firstName'] . " (" . $borrower['role'] . ")")?> <?= htmlspecialchars($borrower['lastName'] . ", " . $borrower['firstName'] . " (" . $borrower['role'] . ")") ?>
</option> </option>
<?php endforeach; ?> <?php endforeach; ?>
</select> </select>
@ -132,8 +134,8 @@
<select id="bookSelect" name="book" required> <select id="bookSelect" name="book" required>
<option value="">Wähle ein Buch</option> <option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?> <?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID'])?>"> <option value="<?= htmlspecialchars($book['bookID']) ?>">
<?= htmlspecialchars($book['title'] . " von " . $book['author'])?> <?= htmlspecialchars($book['title'] . " von " . $book['author']) ?>
</option> </option>
<?php endforeach; ?> <?php endforeach; ?>
</select> </select>
@ -150,13 +152,14 @@
<br> <br>
<label>Ausleihdatum <label>Ausleihdatum
<br> <br>
<input type="date" name="borrowedDate" value="<?=date("Y-m-d");?>"> <input type="date" name="borrowedDate" value="<?= date("Y-m-d"); ?>">
</label> </label>
<br> <br>
<br> <br>
<label>Rückgabedatum <label>Rückgabedatum
<br> <br>
<input type="date" name="dueDate" value="<?=date_add(date_create(date('Y-m-d')), date_interval_create_from_date_string('14 days'))->format('Y-m-d');?>"> <input type="date" name="dueDate"
value="<?= date_add(date_create(date('Y-m-d')), date_interval_create_from_date_string('14 days'))->format('Y-m-d'); ?>">
</label> </label>
<input type="hidden" name="submissionType" value="loan"> <input type="hidden" name="submissionType" value="loan">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
@ -173,8 +176,8 @@
<select id="borrowerSelect"> <select id="borrowerSelect">
<option value="">Wähle einen Ausleiher</option> <option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?> <?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID'])?>"> <option value="<?= htmlspecialchars($borrower['borrowerID']) ?>">
<?= htmlspecialchars($borrower['firstName'] . " " . $borrower['lastName'])?> <?= htmlspecialchars($borrower['firstName'] . " " . $borrower['lastName']) ?>
</option> </option>
<?php endforeach; ?> <?php endforeach; ?>
</select> </select>
@ -204,16 +207,22 @@
<td> <td>
<h2>Verliehene Bücher</h2> <h2>Verliehene Bücher</h2>
<table> <table>
<th>Vorname</th><th>Nachname</th><th>Klasse/Funktion</th><th>Buch</th><th>Exemplar</th><th>Ausleihdatum</th><th>Rückgabe fällig</th> <th>Vorname</th>
<th>Nachname</th>
<th>Klasse/Funktion</th>
<th>Buch</th>
<th>Exemplar</th>
<th>Ausleihdatum</th>
<th>Rückgabe fällig</th>
<?php foreach ($activeLoans as $loan): ?> <?php foreach ($activeLoans as $loan): ?>
<tr> <tr>
<td><?= htmlspecialchars($loan['firstName'])?></td> <td><?= htmlspecialchars($loan['firstName']) ?></td>
<td><?= htmlspecialchars($loan['lastName'])?></td> <td><?= htmlspecialchars($loan['lastName']) ?></td>
<td><?= htmlspecialchars($loan['borrowerRole'])?></td> <td><?= htmlspecialchars($loan['borrowerRole']) ?></td>
<td><?= htmlspecialchars($loan['bookTitle'])?></td> <td><?= htmlspecialchars($loan['bookTitle']) ?></td>
<td>#<?= htmlspecialchars($loan['copyID'])?></td> <td>#<?= htmlspecialchars($loan['copyID']) ?></td>
<td><?= date_create($loan['borrowedDate'])->format("d.m.Y")?></td> <td><?= date_create($loan['borrowedDate'])->format("d.m.Y") ?></td>
<td><?= date_create($loan['dueDate'])->format("d.m.Y")?></td> <td><?= date_create($loan['dueDate'])->format("d.m.Y") ?></td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
</table> </table>
@ -221,16 +230,22 @@
<td> <td>
<h2>Versäumte Rückgaben</h2> <h2>Versäumte Rückgaben</h2>
<table> <table>
<th>Vorname</th><th>Nachname</th><th>Klasse/Funktion</th><th>Buch</th><th>Exemplar</th><th>Ausleihdatum</th><th>Rückgabe fällig</th> <th>Vorname</th>
<th>Nachname</th>
<th>Klasse/Funktion</th>
<th>Buch</th>
<th>Exemplar</th>
<th>Ausleihdatum</th>
<th>Rückgabe fällig</th>
<?php foreach ($lateLoans as $lateLoan): ?> <?php foreach ($lateLoans as $lateLoan): ?>
<tr> <tr>
<td><?= htmlspecialchars($lateLoan['firstName'])?></td> <td><?= htmlspecialchars($lateLoan['firstName']) ?></td>
<td><?= htmlspecialchars($lateLoan['lastName'])?></td> <td><?= htmlspecialchars($lateLoan['lastName']) ?></td>
<td><?= htmlspecialchars($lateLoan['borrowerRole'])?></td> <td><?= htmlspecialchars($lateLoan['borrowerRole']) ?></td>
<td><?= htmlspecialchars($lateLoan['bookTitle'])?></td> <td><?= htmlspecialchars($lateLoan['bookTitle']) ?></td>
<td>#<?= htmlspecialchars($lateLoan['copyID'])?></td> <td>#<?= htmlspecialchars($lateLoan['copyID']) ?></td>
<td><?= date_create($lateLoan['borrowedDate'])->format("d.m.Y")?></td> <td><?= date_create($lateLoan['borrowedDate'])->format("d.m.Y") ?></td>
<td><?= date_create($lateLoan['dueDate'])->format("d.m.Y")?></td> <td><?= date_create($lateLoan['dueDate'])->format("d.m.Y") ?></td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
</table> </table>
@ -241,7 +256,8 @@
<h2>Datenbank durchsuchen</h2> <h2>Datenbank durchsuchen</h2>
<form id="sqlSelectInputForm"> <form id="sqlSelectInputForm">
<label> <label>
SELECT <input style="width: 500px;" type="text" name="sqlSelectTextarea" placeholder="* FROM books WHERE bookID = 5" required></input> SELECT <input style="width: 500px;" type="text" name="sqlSelectTextarea"
placeholder="* FROM books WHERE bookID = 5" required></input>
</label> </label>
<input type="hidden" name="submissionType" value="selectRequest"> <input type="hidden" name="submissionType" value="selectRequest">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
@ -256,5 +272,6 @@
<div id="result"></div> <div id="result"></div>
<?php include "script.php" ?> <?php include "script.php" ?>
</body> </body>
</html> </html>

32
script.php
View file

@ -1,5 +1,5 @@
<script> <script>
document.getElementById('bookForm').addEventListener('submit', function (e) { document.getElementById('bookForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission e.preventDefault(); // prevent normal form submission
const formData = new FormData(this); const formData = new FormData(this);
@ -16,9 +16,9 @@ document.getElementById('bookForm').addEventListener('submit', function (e) {
.catch(error => { .catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error; document.getElementById('result').innerHTML = 'Error: ' + error;
}); });
}); });
document.getElementById('copyForm').addEventListener('submit', function (e) { document.getElementById('copyForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission e.preventDefault(); // prevent normal form submission
const formData = new FormData(this); const formData = new FormData(this);
@ -35,9 +35,9 @@ document.getElementById('copyForm').addEventListener('submit', function (e) {
.catch(error => { .catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error; document.getElementById('result').innerHTML = 'Error: ' + error;
}); });
}); });
document.getElementById('borrowerForm').addEventListener('submit', function (e) { document.getElementById('borrowerForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission e.preventDefault(); // prevent normal form submission
const formData = new FormData(this); const formData = new FormData(this);
@ -54,9 +54,9 @@ document.getElementById('borrowerForm').addEventListener('submit', function (e)
.catch(error => { .catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error; document.getElementById('result').innerHTML = 'Error: ' + error;
}); });
}); });
document.getElementById('loanForm').addEventListener('submit', function (e) { document.getElementById('loanForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission e.preventDefault(); // prevent normal form submission
const formData = new FormData(this); const formData = new FormData(this);
@ -75,9 +75,9 @@ document.getElementById('loanForm').addEventListener('submit', function (e) {
}); });
location.reload(); location.reload();
}); });
document.getElementById('checkInForm').addEventListener('submit', function (e) { document.getElementById('checkInForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission e.preventDefault(); // prevent normal form submission
const formData = new FormData(this); const formData = new FormData(this);
@ -96,9 +96,9 @@ document.getElementById('checkInForm').addEventListener('submit', function (e) {
}); });
location.reload(); location.reload();
}); });
document.getElementById('sqlSelectInputForm').addEventListener('submit', function (e) { document.getElementById('sqlSelectInputForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission e.preventDefault(); // prevent normal form submission
const formData = new FormData(this); const formData = new FormData(this);
@ -121,9 +121,9 @@ document.getElementById('sqlSelectInputForm').addEventListener('submit', functio
.catch(error => { .catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error; document.getElementById('result').innerHTML = 'Error: ' + error;
}); });
}); });
document.querySelector("#bookSelect").addEventListener("change", function () { document.querySelector("#bookSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>"; const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const bookID = this.value; const bookID = this.value;
const copySelect = document.querySelector("#copySelect"); const copySelect = document.querySelector("#copySelect");
@ -154,9 +154,9 @@ document.querySelector("#bookSelect").addEventListener("change", function () {
} else { } else {
copySelect.innerHTML = '<option value="">Bitte zuerst ein Buch wählen</option>'; copySelect.innerHTML = '<option value="">Bitte zuerst ein Buch wählen</option>';
} }
}); });
document.querySelector("#borrowerSelect").addEventListener("change", function () { document.querySelector("#borrowerSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>"; const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const borrowerID = this.value; const borrowerID = this.value;
const copySelect = document.querySelector("#copyReturnSelect"); const copySelect = document.querySelector("#copyReturnSelect");
@ -187,5 +187,5 @@ document.querySelector("#borrowerSelect").addEventListener("change", function ()
} else { } else {
copySelect.innerHTML = '<option value="">Bitte zuerst einen Ausleiher wählen</option>'; copySelect.innerHTML = '<option value="">Bitte zuerst einen Ausleiher wählen</option>';
} }
}); });
</script> </script>

54
submission.php
View file

@ -4,22 +4,22 @@ include "db/functions.php";
session_start(); session_start();
if(empty($_SESSION['csrf_token'])){ if (empty($_SESSION['csrf_token'])) {
die("Invalid request: No token supplied."); die("Invalid request: No token supplied.");
} }
$sessionToken = (string)($_SESSION['csrf_token'] ?? ''); $sessionToken = (string) ($_SESSION['csrf_token'] ?? '');
$postToken = (string)($_POST['csrf_token'] ?? ''); $postToken = (string) ($_POST['csrf_token'] ?? '');
$getToken = (string)($_GET['csrf_token'] ?? ''); $getToken = (string) ($_GET['csrf_token'] ?? '');
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if(!hash_equals($sessionToken, $postToken)){ if (!hash_equals($sessionToken, $postToken)) {
die("Invalid request: Token mismatch."); die("Invalid request: Token mismatch.");
} }
//Book Submission //Book Submission
if($_POST['submissionType'] == "book"){ if ($_POST['submissionType'] == "book") {
$title = $_POST['title'] ?? ''; $title = $_POST['title'] ?? '';
$author = $_POST['author'] ?? ''; $author = $_POST['author'] ?? '';
$area = $_POST['area'] ?? ''; $area = $_POST['area'] ?? '';
@ -32,7 +32,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} }
//Copy Submission //Copy Submission
if($_POST['submissionType'] == "copy"){ if ($_POST['submissionType'] == "copy") {
$bookID = $_POST['book'] ?? ''; $bookID = $_POST['book'] ?? '';
$amount = $_POST['amount'] ?? ''; $amount = $_POST['amount'] ?? '';
$copyCondition = $_POST['condition'] ?? ''; $copyCondition = $_POST['condition'] ?? '';
@ -45,80 +45,80 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} }
//Borrower Submission //Borrower Submission
if($_POST['submissionType'] == "borrower"){ if ($_POST['submissionType'] == "borrower") {
$firstname = $_POST['firstname'] ?? ''; $firstname = $_POST['firstname'] ?? '';
$lastname = $_POST['lastname'] ?? ''; $lastname = $_POST['lastname'] ?? '';
$role = $_POST['role'] ?? ''; $role = $_POST['role'] ?? '';
if($firstname && $lastname && $role){ if ($firstname && $lastname && $role) {
addBorrower($pdo, $firstname, $lastname, $role); addBorrower($pdo, $firstname, $lastname, $role);
}else{ } else {
echo "<p>Please fill in all fields.</p>"; echo "<p>Please fill in all fields.</p>";
} }
} }
if($_POST['submissionType'] == "loan"){ if ($_POST['submissionType'] == "loan") {
$copyID = $_POST['copyID'] ?? ''; $copyID = $_POST['copyID'] ?? '';
$borrowerID = $_POST['borrowerID'] ?? ''; $borrowerID = $_POST['borrowerID'] ?? '';
$borrowedDate = $_POST['borrowedDate'] ?? ''; $borrowedDate = $_POST['borrowedDate'] ?? '';
$dueDate = $_POST['dueDate']; $dueDate = $_POST['dueDate'];
if($copyID && $borrowerID && $borrowedDate && $dueDate){ if ($copyID && $borrowerID && $borrowedDate && $dueDate) {
addLoan($pdo, $copyID, $borrowerID, $borrowedDate, $dueDate); addLoan($pdo, $copyID, $borrowerID, $borrowedDate, $dueDate);
}else{ } else {
echo "<p>Please fill in all fields.</p>"; echo "<p>Please fill in all fields.</p>";
} }
} }
if($_POST['submissionType'] == "return"){ if ($_POST['submissionType'] == "return") {
$copyIDLoanID = explode("-", $_POST['copyID-loanID'], 2); $copyIDLoanID = explode("-", $_POST['copyID-loanID'], 2);
$copyID = $copyIDLoanID[0]; $copyID = $copyIDLoanID[0];
$loanID = $copyIDLoanID[1]; $loanID = $copyIDLoanID[1];
$returnedDate = $_POST['returnedDate']; $returnedDate = $_POST['returnedDate'];
if($copyID && $loanID){ if ($copyID && $loanID) {
removeLoan($pdo, $copyID, $loanID, $returnedDate); removeLoan($pdo, $copyID, $loanID, $returnedDate);
}else{ } else {
echo "<p>Please fill in all fields</p>"; echo "<p>Please fill in all fields</p>";
} }
} }
if($_POST['submissionType'] == "selectRequest"){ if ($_POST['submissionType'] == "selectRequest") {
$selectRequest = $_POST['sqlSelectTextarea']; $selectRequest = $_POST['sqlSelectTextarea'];
if($selectRequest){ if ($selectRequest) {
selectRequest($pdo, $selectRequest); selectRequest($pdo, $selectRequest);
}else{ } else {
echo "<p>Please fill in all fields</p>"; echo "<p>Please fill in all fields</p>";
} }
} }
} }
if($_SERVER['REQUEST_METHOD'] == 'GET'){ if ($_SERVER['REQUEST_METHOD'] == 'GET') {
if(!hash_equals($sessionToken, $getToken)){ if (!hash_equals($sessionToken, $getToken)) {
die("Invalid request: Token mismatch."); die("Invalid request: Token mismatch.");
} }
if($_GET['submissionType'] == "getCopies"){ if ($_GET['submissionType'] == "getCopies") {
$bookID = $_GET['bookID']; $bookID = $_GET['bookID'];
if($bookID){ if ($bookID) {
$copies = getAvailableCopiesOfBook($pdo, $bookID); $copies = getAvailableCopiesOfBook($pdo, $bookID);
echo json_encode($copies); echo json_encode($copies);
}else{ } else {
echo json_encode([]); echo json_encode([]);
} }
} }
if($_GET['submissionType'] == "getReturnCopies"){ if ($_GET['submissionType'] == "getReturnCopies") {
$borrowerID = $_GET['borrowerID']; $borrowerID = $_GET['borrowerID'];
if($borrowerID){ if ($borrowerID) {
$copies = getBorrowedCopiesOfBorrower($pdo, $borrowerID); $copies = getBorrowedCopiesOfBorrower($pdo, $borrowerID);
echo json_encode($copies); echo json_encode($copies);
}else{ } else {
echo json_encode([]); echo json_encode([]);
} }
} }