yannic/librarySoftware
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed formatting

Browse source
This commit is contained in:
Yannic 2025-09-26 21:13:51 +02:00
parent 91bb969d66
commit 6ba55c000b
3 changed files with 448 additions and 431 deletions
Download patch file Download diff file Expand all files Collapse all files

101
index.php
View file

@ -1,28 +1,30 @@
<!DOCTYPE html>
<html>
<?php
include "db/bootstrap.php";
include "db/functions.php";
<?php
include "db/bootstrap.php";
include "db/functions.php";
session_start();
session_start();
if(empty($_SESSION['csrf_token'])){
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
}
$books = getBooks($pdo);
$borrowers = getBorrowers($pdo);
$activeLoans = getActiveLoans($pdo);
$lateLoans = getLateLoans($pdo);
$books = getBooks($pdo);
$borrowers = getBorrowers($pdo);
$activeLoans = getActiveLoans($pdo);
$lateLoans = getLateLoans($pdo);
?>
<head>
?>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="style.css">
<title>Bücherei Verwaltung</title>
</head>
<body>
</head>
<body>
<h1>Bücherei Verwaltung</h1>
<br>
<table>
@ -60,8 +62,8 @@
<select name="book" required>
<option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID'])?>">
<?= htmlspecialchars($book['title'] . " by " . $book['author'])?>
<option value="<?= htmlspecialchars($book['bookID']) ?>">
<?= htmlspecialchars($book['title'] . " by " . $book['author']) ?>
</option>
<?php endforeach; ?>
</select>
@ -119,8 +121,8 @@
<select name="borrowerID" required>
<option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID'])?>">
<?= htmlspecialchars($borrower['lastName'] . ", " . $borrower['firstName'] . " (" . $borrower['role'] . ")")?>
<option value="<?= htmlspecialchars($borrower['borrowerID']) ?>">
<?= htmlspecialchars($borrower['lastName'] . ", " . $borrower['firstName'] . " (" . $borrower['role'] . ")") ?>
</option>
<?php endforeach; ?>
</select>
@ -132,8 +134,8 @@
<select id="bookSelect" name="book" required>
<option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID'])?>">
<?= htmlspecialchars($book['title'] . " von " . $book['author'])?>
<option value="<?= htmlspecialchars($book['bookID']) ?>">
<?= htmlspecialchars($book['title'] . " von " . $book['author']) ?>
</option>
<?php endforeach; ?>
</select>
@ -150,13 +152,14 @@
<br>
<label>Ausleihdatum
<br>
<input type="date" name="borrowedDate" value="<?=date("Y-m-d");?>">
<input type="date" name="borrowedDate" value="<?= date("Y-m-d"); ?>">
</label>
<br>
<br>
<label>Rückgabedatum
<br>
<input type="date" name="dueDate" value="<?=date_add(date_create(date('Y-m-d')), date_interval_create_from_date_string('14 days'))->format('Y-m-d');?>">
<input type="date" name="dueDate"
value="<?= date_add(date_create(date('Y-m-d')), date_interval_create_from_date_string('14 days'))->format('Y-m-d'); ?>">
</label>
<input type="hidden" name="submissionType" value="loan">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
@ -173,8 +176,8 @@
<select id="borrowerSelect">
<option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID'])?>">
<?= htmlspecialchars($borrower['firstName'] . " " . $borrower['lastName'])?>
<option value="<?= htmlspecialchars($borrower['borrowerID']) ?>">
<?= htmlspecialchars($borrower['firstName'] . " " . $borrower['lastName']) ?>
</option>
<?php endforeach; ?>
</select>
@ -204,16 +207,22 @@
<td>
<h2>Verliehene Bücher</h2>
<table>
<th>Vorname</th><th>Nachname</th><th>Klasse/Funktion</th><th>Buch</th><th>Exemplar</th><th>Ausleihdatum</th><th>Rückgabe fällig</th>
<th>Vorname</th>
<th>Nachname</th>
<th>Klasse/Funktion</th>
<th>Buch</th>
<th>Exemplar</th>
<th>Ausleihdatum</th>
<th>Rückgabe fällig</th>
<?php foreach ($activeLoans as $loan): ?>
<tr>
<td><?= htmlspecialchars($loan['firstName'])?></td>
<td><?= htmlspecialchars($loan['lastName'])?></td>
<td><?= htmlspecialchars($loan['borrowerRole'])?></td>
<td><?= htmlspecialchars($loan['bookTitle'])?></td>
<td>#<?= htmlspecialchars($loan['copyID'])?></td>
<td><?= date_create($loan['borrowedDate'])->format("d.m.Y")?></td>
<td><?= date_create($loan['dueDate'])->format("d.m.Y")?></td>
<td><?= htmlspecialchars($loan['firstName']) ?></td>
<td><?= htmlspecialchars($loan['lastName']) ?></td>
<td><?= htmlspecialchars($loan['borrowerRole']) ?></td>
<td><?= htmlspecialchars($loan['bookTitle']) ?></td>
<td>#<?= htmlspecialchars($loan['copyID']) ?></td>
<td><?= date_create($loan['borrowedDate'])->format("d.m.Y") ?></td>
<td><?= date_create($loan['dueDate'])->format("d.m.Y") ?></td>
</tr>
<?php endforeach; ?>
</table>
@ -221,16 +230,22 @@
<td>
<h2>Versäumte Rückgaben</h2>
<table>
<th>Vorname</th><th>Nachname</th><th>Klasse/Funktion</th><th>Buch</th><th>Exemplar</th><th>Ausleihdatum</th><th>Rückgabe fällig</th>
<th>Vorname</th>
<th>Nachname</th>
<th>Klasse/Funktion</th>
<th>Buch</th>
<th>Exemplar</th>
<th>Ausleihdatum</th>
<th>Rückgabe fällig</th>
<?php foreach ($lateLoans as $lateLoan): ?>
<tr>
<td><?= htmlspecialchars($lateLoan['firstName'])?></td>
<td><?= htmlspecialchars($lateLoan['lastName'])?></td>
<td><?= htmlspecialchars($lateLoan['borrowerRole'])?></td>
<td><?= htmlspecialchars($lateLoan['bookTitle'])?></td>
<td>#<?= htmlspecialchars($lateLoan['copyID'])?></td>
<td><?= date_create($lateLoan['borrowedDate'])->format("d.m.Y")?></td>
<td><?= date_create($lateLoan['dueDate'])->format("d.m.Y")?></td>
<td><?= htmlspecialchars($lateLoan['firstName']) ?></td>
<td><?= htmlspecialchars($lateLoan['lastName']) ?></td>
<td><?= htmlspecialchars($lateLoan['borrowerRole']) ?></td>
<td><?= htmlspecialchars($lateLoan['bookTitle']) ?></td>
<td>#<?= htmlspecialchars($lateLoan['copyID']) ?></td>
<td><?= date_create($lateLoan['borrowedDate'])->format("d.m.Y") ?></td>
<td><?= date_create($lateLoan['dueDate'])->format("d.m.Y") ?></td>
</tr>
<?php endforeach; ?>
</table>
@ -241,7 +256,8 @@
<h2>Datenbank durchsuchen</h2>
<form id="sqlSelectInputForm">
<label>
SELECT <input style="width: 500px;" type="text" name="sqlSelectTextarea" placeholder="* FROM books WHERE bookID = 5" required></input>
SELECT <input style="width: 500px;" type="text" name="sqlSelectTextarea"
placeholder="* FROM books WHERE bookID = 5" required></input>
</label>
<input type="hidden" name="submissionType" value="selectRequest">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
@ -256,5 +272,6 @@
<div id="result"></div>
<?php include "script.php" ?>
</body>
</body>
</html>

32
script.php
View file

@ -1,5 +1,5 @@
<script>
document.getElementById('bookForm').addEventListener('submit', function (e) {
document.getElementById('bookForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
@ -16,9 +16,9 @@ document.getElementById('bookForm').addEventListener('submit', function (e) {
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
});
document.getElementById('copyForm').addEventListener('submit', function (e) {
document.getElementById('copyForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
@ -35,9 +35,9 @@ document.getElementById('copyForm').addEventListener('submit', function (e) {
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
});
document.getElementById('borrowerForm').addEventListener('submit', function (e) {
document.getElementById('borrowerForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
@ -54,9 +54,9 @@ document.getElementById('borrowerForm').addEventListener('submit', function (e)
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
});
document.getElementById('loanForm').addEventListener('submit', function (e) {
document.getElementById('loanForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
@ -75,9 +75,9 @@ document.getElementById('loanForm').addEventListener('submit', function (e) {
});
location.reload();
});
});
document.getElementById('checkInForm').addEventListener('submit', function (e) {
document.getElementById('checkInForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
@ -96,9 +96,9 @@ document.getElementById('checkInForm').addEventListener('submit', function (e) {
});
location.reload();
});
});
document.getElementById('sqlSelectInputForm').addEventListener('submit', function (e) {
document.getElementById('sqlSelectInputForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
@ -121,9 +121,9 @@ document.getElementById('sqlSelectInputForm').addEventListener('submit', functio
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
});
document.querySelector("#bookSelect").addEventListener("change", function () {
document.querySelector("#bookSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const bookID = this.value;
const copySelect = document.querySelector("#copySelect");
@ -154,9 +154,9 @@ document.querySelector("#bookSelect").addEventListener("change", function () {
} else {
copySelect.innerHTML = '<option value="">Bitte zuerst ein Buch wählen</option>';
}
});
});
document.querySelector("#borrowerSelect").addEventListener("change", function () {
document.querySelector("#borrowerSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const borrowerID = this.value;
const copySelect = document.querySelector("#copyReturnSelect");
@ -187,5 +187,5 @@ document.querySelector("#borrowerSelect").addEventListener("change", function ()
} else {
copySelect.innerHTML = '<option value="">Bitte zuerst einen Ausleiher wählen</option>';
}
});
});
</script>

54
submission.php
View file

@ -4,22 +4,22 @@ include "db/functions.php";
session_start();
if(empty($_SESSION['csrf_token'])){
if (empty($_SESSION['csrf_token'])) {
die("Invalid request: No token supplied.");
}
$sessionToken = (string)($_SESSION['csrf_token'] ?? '');
$postToken = (string)($_POST['csrf_token'] ?? '');
$getToken = (string)($_GET['csrf_token'] ?? '');
$sessionToken = (string) ($_SESSION['csrf_token'] ?? '');
$postToken = (string) ($_POST['csrf_token'] ?? '');
$getToken = (string) ($_GET['csrf_token'] ?? '');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if(!hash_equals($sessionToken, $postToken)){
if (!hash_equals($sessionToken, $postToken)) {
die("Invalid request: Token mismatch.");
}
//Book Submission
if($_POST['submissionType'] == "book"){
if ($_POST['submissionType'] == "book") {
$title = $_POST['title'] ?? '';
$author = $_POST['author'] ?? '';
$area = $_POST['area'] ?? '';
@ -32,7 +32,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
//Copy Submission
if($_POST['submissionType'] == "copy"){
if ($_POST['submissionType'] == "copy") {
$bookID = $_POST['book'] ?? '';
$amount = $_POST['amount'] ?? '';
$copyCondition = $_POST['condition'] ?? '';
@ -45,80 +45,80 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
//Borrower Submission
if($_POST['submissionType'] == "borrower"){
if ($_POST['submissionType'] == "borrower") {
$firstname = $_POST['firstname'] ?? '';
$lastname = $_POST['lastname'] ?? '';
$role = $_POST['role'] ?? '';
if($firstname && $lastname && $role){
if ($firstname && $lastname && $role) {
addBorrower($pdo, $firstname, $lastname, $role);
}else{
} else {
echo "<p>Please fill in all fields.</p>";
}
}
if($_POST['submissionType'] == "loan"){
if ($_POST['submissionType'] == "loan") {
$copyID = $_POST['copyID'] ?? '';
$borrowerID = $_POST['borrowerID'] ?? '';
$borrowedDate = $_POST['borrowedDate'] ?? '';
$dueDate = $_POST['dueDate'];
if($copyID && $borrowerID && $borrowedDate && $dueDate){
if ($copyID && $borrowerID && $borrowedDate && $dueDate) {
addLoan($pdo, $copyID, $borrowerID, $borrowedDate, $dueDate);
}else{
} else {
echo "<p>Please fill in all fields.</p>";
}
}
if($_POST['submissionType'] == "return"){
if ($_POST['submissionType'] == "return") {
$copyIDLoanID = explode("-", $_POST['copyID-loanID'], 2);
$copyID = $copyIDLoanID[0];
$loanID = $copyIDLoanID[1];
$returnedDate = $_POST['returnedDate'];
if($copyID && $loanID){
if ($copyID && $loanID) {
removeLoan($pdo, $copyID, $loanID, $returnedDate);
}else{
} else {
echo "<p>Please fill in all fields</p>";
}
}
if($_POST['submissionType'] == "selectRequest"){
if ($_POST['submissionType'] == "selectRequest") {
$selectRequest = $_POST['sqlSelectTextarea'];
if($selectRequest){
if ($selectRequest) {
selectRequest($pdo, $selectRequest);
}else{
} else {
echo "<p>Please fill in all fields</p>";
}
}
}
if($_SERVER['REQUEST_METHOD'] == 'GET'){
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
if(!hash_equals($sessionToken, $getToken)){
if (!hash_equals($sessionToken, $getToken)) {
die("Invalid request: Token mismatch.");
}
if($_GET['submissionType'] == "getCopies"){
if ($_GET['submissionType'] == "getCopies") {
$bookID = $_GET['bookID'];
if($bookID){
if ($bookID) {
$copies = getAvailableCopiesOfBook($pdo, $bookID);
echo json_encode($copies);
}else{
} else {
echo json_encode([]);
}
}
if($_GET['submissionType'] == "getReturnCopies"){
if ($_GET['submissionType'] == "getReturnCopies") {
$borrowerID = $_GET['borrowerID'];
if($borrowerID){
if ($borrowerID) {
$copies = getBorrowedCopiesOfBorrower($pdo, $borrowerID);
echo json_encode($copies);
}else{
} else {
echo json_encode([]);
}
}