yannic/librarySoftware
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed formatting

Browse source
This commit is contained in:
Yannic 2025-09-26 21:13:51 +02:00
parent 91bb969d66
commit 6ba55c000b
3 changed files with 448 additions and 431 deletions
Download patch file Download diff file Expand all files Collapse all files

507
index.php
View file

@ -1,260 +1,277 @@
<!DOCTYPE html>
<html>
<?php
include "db/bootstrap.php";
include "db/functions.php";
<?php
include "db/bootstrap.php";
include "db/functions.php";
session_start();
session_start();
if(empty($_SESSION['csrf_token'])){
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
$books = getBooks($pdo);
$borrowers = getBorrowers($pdo);
$activeLoans = getActiveLoans($pdo);
$lateLoans = getLateLoans($pdo);
$books = getBooks($pdo);
$borrowers = getBorrowers($pdo);
$activeLoans = getActiveLoans($pdo);
$lateLoans = getLateLoans($pdo);
?>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="style.css">
<title>Bücherei Verwaltung</title>
</head>
<body>
<h1>Bücherei Verwaltung</h1>
<br>
?>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="style.css">
<title>Bücherei Verwaltung</title>
</head>
<body>
<h1>Bücherei Verwaltung</h1>
<br>
<table>
<td>
<h2>Neues Buch hinzufügen</h2>
<form id="bookForm">
<label>Titel
<br>
<input type="text" name="title" required>
</label>
<br>
<br>
<label>Autor
<br>
<input type="text" name="author" required>
</label>
<br>
<br>
<label>Lernfeld
<br>
<input type="text" name="area" required>
</label>
<input type="hidden" name="submissionType" value="book">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Buch hinzufügen</button>
</form>
</td>
<td>
<h2>Neue Exemplare hinzufügen</h2>
<form id="copyForm">
<label>Buch
<br>
<select name="book" required>
<option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID']) ?>">
<?= htmlspecialchars($book['title'] . " by " . $book['author']) ?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Anzahl
<br>
<input type="number" name="amount" value="1" required>
</label>
<br>
<br>
<label>Zustand
<br>
<input type="text" name="condition" required>
</label>
<input type="hidden" name="submissionType" value="copy">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Exemplare hinzufügen</button>
</form>
</td>
<td>
<h2>Ausleiher hinzufügen</h2>
<form id="borrowerForm">
<label>Vorname
<br>
<input type="name" name="firstname" required>
</label>
<br>
<br>
<label>Nachname
<br>
<input type="name" name="lastname" required>
</label>
<br>
<br>
<label>Klasse/Funktion
<br>
<input type="text" name="role" required>
</label>
<input type="hidden" name="submissionType" value="borrower">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Ausleiher hinzufügen</button>
</form>
</td>
<td>
<h2>Buch verleihen</h2>
<form id="loanForm">
<label>Ausleiher
<br>
<select name="borrowerID" required>
<option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID']) ?>">
<?= htmlspecialchars($borrower['lastName'] . ", " . $borrower['firstName'] . " (" . $borrower['role'] . ")") ?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Buch
<br>
<select id="bookSelect" name="book" required>
<option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID']) ?>">
<?= htmlspecialchars($book['title'] . " von " . $book['author']) ?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Exemplar
<br>
<select id="copySelect" name="copyID">
<option value="">Bitte zuerst ein Buch wählen</option>
</select>
</label>
<br>
<br>
<label>Ausleihdatum
<br>
<input type="date" name="borrowedDate" value="<?= date("Y-m-d"); ?>">
</label>
<br>
<br>
<label>Rückgabedatum
<br>
<input type="date" name="dueDate"
value="<?= date_add(date_create(date('Y-m-d')), date_interval_create_from_date_string('14 days'))->format('Y-m-d'); ?>">
</label>
<input type="hidden" name="submissionType" value="loan">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Buch verleihen</button>
</form>
</td>
<td>
<h2>Buch einsammeln</h2>
<form id="checkInForm">
<label>Ausleiher wählen
<br>
<select id="borrowerSelect">
<option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID']) ?>">
<?= htmlspecialchars($borrower['firstName'] . " " . $borrower['lastName']) ?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Wähle ein Exemplar
<br>
<select id="copyReturnSelect" name="copyID-loanID">
<option>Bitte zuerst einen Ausleiher wählen</option>
</select>
</label>
<br>
<br>
<label>Zurückgegeben am
<br>
<input type="date" name="returnedDate" value=<?= date("Y-m-d") ?>>
</label>
<br>
<br>
<button type="submit">Buch einsammeln</button>
<input type="hidden" name="submissionType" value="return">
<input type="hidden" name="csrf_token" value=<?= $_SESSION['csrf_token'] ?>>
</form>
</td>
<table>
<td>
<h2>Neues Buch hinzufügen</h2>
<form id="bookForm">
<label>Titel
<br>
<input type="text" name="title" required>
</label>
<br>
<br>
<label>Autor
<br>
<input type="text" name="author" required>
</label>
<br>
<br>
<label>Lernfeld
<br>
<input type="text" name="area" required>
</label>
<input type="hidden" name="submissionType" value="book">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Buch hinzufügen</button>
</form>
<h2>Verliehene Bücher</h2>
<table>
<th>Vorname</th>
<th>Nachname</th>
<th>Klasse/Funktion</th>
<th>Buch</th>
<th>Exemplar</th>
<th>Ausleihdatum</th>
<th>Rückgabe fällig</th>
<?php foreach ($activeLoans as $loan): ?>
<tr>
<td><?= htmlspecialchars($loan['firstName']) ?></td>
<td><?= htmlspecialchars($loan['lastName']) ?></td>
<td><?= htmlspecialchars($loan['borrowerRole']) ?></td>
<td><?= htmlspecialchars($loan['bookTitle']) ?></td>
<td>#<?= htmlspecialchars($loan['copyID']) ?></td>
<td><?= date_create($loan['borrowedDate'])->format("d.m.Y") ?></td>
<td><?= date_create($loan['dueDate'])->format("d.m.Y") ?></td>
</tr>
<?php endforeach; ?>
</table>
</td>
<td>
<h2>Neue Exemplare hinzufügen</h2>
<form id="copyForm">
<label>Buch
<br>
<select name="book" required>
<option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID'])?>">
<?= htmlspecialchars($book['title'] . " by " . $book['author'])?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Anzahl
<br>
<input type="number" name="amount" value="1" required>
</label>
<br>
<br>
<label>Zustand
<br>
<input type="text" name="condition" required>
</label>
<input type="hidden" name="submissionType" value="copy">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Exemplare hinzufügen</button>
</form>
<h2>Versäumte Rückgaben</h2>
<table>
<th>Vorname</th>
<th>Nachname</th>
<th>Klasse/Funktion</th>
<th>Buch</th>
<th>Exemplar</th>
<th>Ausleihdatum</th>
<th>Rückgabe fällig</th>
<?php foreach ($lateLoans as $lateLoan): ?>
<tr>
<td><?= htmlspecialchars($lateLoan['firstName']) ?></td>
<td><?= htmlspecialchars($lateLoan['lastName']) ?></td>
<td><?= htmlspecialchars($lateLoan['borrowerRole']) ?></td>
<td><?= htmlspecialchars($lateLoan['bookTitle']) ?></td>
<td>#<?= htmlspecialchars($lateLoan['copyID']) ?></td>
<td><?= date_create($lateLoan['borrowedDate'])->format("d.m.Y") ?></td>
<td><?= date_create($lateLoan['dueDate'])->format("d.m.Y") ?></td>
</tr>
<?php endforeach; ?>
</table>
</td>
<td>
<h2>Ausleiher hinzufügen</h2>
<form id="borrowerForm">
<label>Vorname
<br>
<input type="name" name="firstname" required>
</label>
<br>
<br>
<label>Nachname
<br>
<input type="name" name="lastname" required>
</label>
<br>
<br>
<label>Klasse/Funktion
<br>
<input type="text" name="role" required>
</label>
<input type="hidden" name="submissionType" value="borrower">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Ausleiher hinzufügen</button>
</form>
</td>
<td>
<h2>Buch verleihen</h2>
<form id="loanForm">
<label>Ausleiher
<br>
<select name="borrowerID" required>
<option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID'])?>">
<?= htmlspecialchars($borrower['lastName'] . ", " . $borrower['firstName'] . " (" . $borrower['role'] . ")")?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Buch
<br>
<select id="bookSelect" name="book" required>
<option value="">Wähle ein Buch</option>
<?php foreach ($books as $book): ?>
<option value="<?= htmlspecialchars($book['bookID'])?>">
<?= htmlspecialchars($book['title'] . " von " . $book['author'])?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Exemplar
<br>
<select id="copySelect" name="copyID">
<option value="">Bitte zuerst ein Buch wählen</option>
</select>
</label>
<br>
<br>
<label>Ausleihdatum
<br>
<input type="date" name="borrowedDate" value="<?=date("Y-m-d");?>">
</label>
<br>
<br>
<label>Rückgabedatum
<br>
<input type="date" name="dueDate" value="<?=date_add(date_create(date('Y-m-d')), date_interval_create_from_date_string('14 days'))->format('Y-m-d');?>">
</label>
<input type="hidden" name="submissionType" value="loan">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Buch verleihen</button>
</form>
</td>
<td>
<h2>Buch einsammeln</h2>
<form id="checkInForm">
<label>Ausleiher wählen
<br>
<select id="borrowerSelect">
<option value="">Wähle einen Ausleiher</option>
<?php foreach ($borrowers as $borrower): ?>
<option value="<?= htmlspecialchars($borrower['borrowerID'])?>">
<?= htmlspecialchars($borrower['firstName'] . " " . $borrower['lastName'])?>
</option>
<?php endforeach; ?>
</select>
</label>
<br>
<br>
<label>Wähle ein Exemplar
<br>
<select id="copyReturnSelect" name="copyID-loanID">
<option>Bitte zuerst einen Ausleiher wählen</option>
</select>
</label>
<br>
<br>
<label>Zurückgegeben am
<br>
<input type="date" name="returnedDate" value=<?= date("Y-m-d") ?>>
</label>
<br>
<br>
<button type="submit">Buch einsammeln</button>
<input type="hidden" name="submissionType" value="return">
<input type="hidden" name="csrf_token" value=<?= $_SESSION['csrf_token'] ?>>
</form>
</td>
<table>
<td>
<h2>Verliehene Bücher</h2>
<table>
<th>Vorname</th><th>Nachname</th><th>Klasse/Funktion</th><th>Buch</th><th>Exemplar</th><th>Ausleihdatum</th><th>Rückgabe fällig</th>
<?php foreach ($activeLoans as $loan): ?>
<tr>
<td><?= htmlspecialchars($loan['firstName'])?></td>
<td><?= htmlspecialchars($loan['lastName'])?></td>
<td><?= htmlspecialchars($loan['borrowerRole'])?></td>
<td><?= htmlspecialchars($loan['bookTitle'])?></td>
<td>#<?= htmlspecialchars($loan['copyID'])?></td>
<td><?= date_create($loan['borrowedDate'])->format("d.m.Y")?></td>
<td><?= date_create($loan['dueDate'])->format("d.m.Y")?></td>
</tr>
<?php endforeach; ?>
</table>
</td>
<td>
<h2>Versäumte Rückgaben</h2>
<table>
<th>Vorname</th><th>Nachname</th><th>Klasse/Funktion</th><th>Buch</th><th>Exemplar</th><th>Ausleihdatum</th><th>Rückgabe fällig</th>
<?php foreach ($lateLoans as $lateLoan): ?>
<tr>
<td><?= htmlspecialchars($lateLoan['firstName'])?></td>
<td><?= htmlspecialchars($lateLoan['lastName'])?></td>
<td><?= htmlspecialchars($lateLoan['borrowerRole'])?></td>
<td><?= htmlspecialchars($lateLoan['bookTitle'])?></td>
<td>#<?= htmlspecialchars($lateLoan['copyID'])?></td>
<td><?= date_create($lateLoan['borrowedDate'])->format("d.m.Y")?></td>
<td><?= date_create($lateLoan['dueDate'])->format("d.m.Y")?></td>
</tr>
<?php endforeach; ?>
</table>
</td>
</table>
<table>
<td>
<h2>Datenbank durchsuchen</h2>
<form id="sqlSelectInputForm">
<label>
SELECT <input style="width: 500px;" type="text" name="sqlSelectTextarea" placeholder="* FROM books WHERE bookID = 5" required></input>
</label>
<input type="hidden" name="submissionType" value="selectRequest">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Abschicken</button>
</form>
</td>
</table>
</table>
<br>
<div id="result"></div>
<table>
<td>
<h2>Datenbank durchsuchen</h2>
<form id="sqlSelectInputForm">
<label>
SELECT <input style="width: 500px;" type="text" name="sqlSelectTextarea"
placeholder="* FROM books WHERE bookID = 5" required></input>
</label>
<input type="hidden" name="submissionType" value="selectRequest">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<br>
<br>
<button type="submit">Abschicken</button>
</form>
</td>
</table>
</table>
<br>
<div id="result"></div>
<?php include "script.php" ?>
</body>
<?php include "script.php" ?>
</body>
</html>

312
script.php
View file

@ -1,191 +1,191 @@
<script>
document.getElementById('bookForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
document.getElementById('bookForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
const formData = new FormData(this);
fetch('submission.php', {
method: 'POST',
body: formData
})
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // reset form after success
fetch('submission.php', {
method: 'POST',
body: formData
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // reset form after success
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
document.getElementById('copyForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
document.getElementById('copyForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
const formData = new FormData(this);
fetch('submission.php', {
method: 'POST',
body: formData
})
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
fetch('submission.php', {
method: 'POST',
body: formData
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
document.getElementById('borrowerForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
document.getElementById('borrowerForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
const formData = new FormData(this);
fetch('submission.php', {
method: 'POST',
body: formData
})
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
fetch('submission.php', {
method: 'POST',
body: formData
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
document.getElementById('loanForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
document.getElementById('loanForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
const formData = new FormData(this);
fetch('submission.php', {
method: 'POST',
body: formData
})
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
fetch('submission.php', {
method: 'POST',
body: formData
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
location.reload();
});
location.reload();
});
document.getElementById('checkInForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
document.getElementById('checkInForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
const formData = new FormData(this);
fetch('submission.php', {
method: 'POST',
body: formData
})
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
fetch('submission.php', {
method: 'POST',
body: formData
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
.then(response => response.text())
.then(data => {
document.getElementById('result').innerHTML = data; // show success/error
this.reset(); // optional: reset form after success
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
location.reload();
});
location.reload();
});
document.getElementById('sqlSelectInputForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
document.getElementById('sqlSelectInputForm').addEventListener('submit', function (e) {
e.preventDefault(); // prevent normal form submission
const formData = new FormData(this);
const formData = new FormData(this);
fetch('submission.php', {
method: 'POST',
body: formData
})
.then(response => response.text())
.then(data => {
const container = document.getElementById('result');
container.innerHTML = data; // show success/error
// scroll after the new content is in place
if (container) {
container.scrollIntoView({ behavior: 'smooth' });
}
fetch('submission.php', {
method: 'POST',
body: formData
})
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
});
.then(response => response.text())
.then(data => {
const container = document.getElementById('result');
document.querySelector("#bookSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const bookID = this.value;
const copySelect = document.querySelector("#copySelect");
container.innerHTML = data; // show success/error
// reset exemplar list
copySelect.innerHTML = '<option value="">Lade Exemplare...</option>';
if (bookID) {
fetch("submission.php?submissionType=" + encodeURI("getCopies") + "&bookID=" + encodeURIComponent(bookID) + "&csrf_token=" + encodeURIComponent(csrf_token))
.then(response => response.json())
.then(copies => {
copySelect.innerHTML = "";
if (copies.length === 0) {
copySelect.innerHTML = '<option value="">Keine Exemplare verfügbar</option>';
} else {
copies.forEach(copy => {
const opt = document.createElement("option");
opt.value = copy.copyID;
opt.textContent = "Exemplar #" + copy.copyID + " (" + copy.bookCondition + ")";
copySelect.appendChild(opt);
});
// scroll after the new content is in place
if (container) {
container.scrollIntoView({ behavior: 'smooth' });
}
})
.catch(err => {
copySelect.innerHTML = '<option value="">Fehler beim Laden</option>';
console.error(err);
.catch(error => {
document.getElementById('result').innerHTML = 'Error: ' + error;
});
} else {
copySelect.innerHTML = '<option value="">Bitte zuerst ein Buch wählen</option>';
}
});
});
document.querySelector("#borrowerSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const borrowerID = this.value;
const copySelect = document.querySelector("#copyReturnSelect");
document.querySelector("#bookSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const bookID = this.value;
const copySelect = document.querySelector("#copySelect");
// reset copy list
copySelect.innerHTML = '<option value="">Lade Exemplare...</option>';
// reset exemplar list
copySelect.innerHTML = '<option value="">Lade Exemplare...</option>';
if (borrowerID) {
fetch("submission.php?submissionType=" + encodeURI("getReturnCopies") + "&borrowerID=" + encodeURIComponent(borrowerID) + "&csrf_token=" + encodeURIComponent(csrf_token))
.then(response => response.json())
.then(copies => {
copySelect.innerHTML = "";
if (copies.length === 0) {
copySelect.innerHTML = '<option value="">Keine Exemplare ausgeliehen</option>';
} else {
copies.forEach(copy => {
const opt = document.createElement("option");
opt.value = copy.copyID + "-" + copy.loanID;
opt.textContent = copy.bookTitle + " von " + copy.bookAuthor + " Exemplar #" + copy.copyID + " (" + copy.bookCondition + ")";
copySelect.appendChild(opt);
});
}
})
.catch(err => {
copySelect.innerHTML = '<option value="">Fehler beim Laden</option>';
console.error(err);
});
} else {
copySelect.innerHTML = '<option value="">Bitte zuerst einen Ausleiher wählen</option>';
}
});
if (bookID) {
fetch("submission.php?submissionType=" + encodeURI("getCopies") + "&bookID=" + encodeURIComponent(bookID) + "&csrf_token=" + encodeURIComponent(csrf_token))
.then(response => response.json())
.then(copies => {
copySelect.innerHTML = "";
if (copies.length === 0) {
copySelect.innerHTML = '<option value="">Keine Exemplare verfügbar</option>';
} else {
copies.forEach(copy => {
const opt = document.createElement("option");
opt.value = copy.copyID;
opt.textContent = "Exemplar #" + copy.copyID + " (" + copy.bookCondition + ")";
copySelect.appendChild(opt);
});
}
})
.catch(err => {
copySelect.innerHTML = '<option value="">Fehler beim Laden</option>';
console.error(err);
});
} else {
copySelect.innerHTML = '<option value="">Bitte zuerst ein Buch wählen</option>';
}
});
document.querySelector("#borrowerSelect").addEventListener("change", function () {
const csrf_token = "<?= $_SESSION['csrf_token'] ?>";
const borrowerID = this.value;
const copySelect = document.querySelector("#copyReturnSelect");
// reset copy list
copySelect.innerHTML = '<option value="">Lade Exemplare...</option>';
if (borrowerID) {
fetch("submission.php?submissionType=" + encodeURI("getReturnCopies") + "&borrowerID=" + encodeURIComponent(borrowerID) + "&csrf_token=" + encodeURIComponent(csrf_token))
.then(response => response.json())
.then(copies => {
copySelect.innerHTML = "";
if (copies.length === 0) {
copySelect.innerHTML = '<option value="">Keine Exemplare ausgeliehen</option>';
} else {
copies.forEach(copy => {
const opt = document.createElement("option");
opt.value = copy.copyID + "-" + copy.loanID;
opt.textContent = copy.bookTitle + " von " + copy.bookAuthor + " Exemplar #" + copy.copyID + " (" + copy.bookCondition + ")";
copySelect.appendChild(opt);
});
}
})
.catch(err => {
copySelect.innerHTML = '<option value="">Fehler beim Laden</option>';
console.error(err);
});
} else {
copySelect.innerHTML = '<option value="">Bitte zuerst einen Ausleiher wählen</option>';
}
});
</script>

54
submission.php
View file

@ -4,22 +4,22 @@ include "db/functions.php";
session_start();
if(empty($_SESSION['csrf_token'])){
if (empty($_SESSION['csrf_token'])) {
die("Invalid request: No token supplied.");
}
$sessionToken = (string)($_SESSION['csrf_token'] ?? '');
$postToken = (string)($_POST['csrf_token'] ?? '');
$getToken = (string)($_GET['csrf_token'] ?? '');
$sessionToken = (string) ($_SESSION['csrf_token'] ?? '');
$postToken = (string) ($_POST['csrf_token'] ?? '');
$getToken = (string) ($_GET['csrf_token'] ?? '');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if(!hash_equals($sessionToken, $postToken)){
if (!hash_equals($sessionToken, $postToken)) {
die("Invalid request: Token mismatch.");
}
//Book Submission
if($_POST['submissionType'] == "book"){
if ($_POST['submissionType'] == "book") {
$title = $_POST['title'] ?? '';
$author = $_POST['author'] ?? '';
$area = $_POST['area'] ?? '';
@ -32,7 +32,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
//Copy Submission
if($_POST['submissionType'] == "copy"){
if ($_POST['submissionType'] == "copy") {
$bookID = $_POST['book'] ?? '';
$amount = $_POST['amount'] ?? '';
$copyCondition = $_POST['condition'] ?? '';
@ -45,80 +45,80 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
//Borrower Submission
if($_POST['submissionType'] == "borrower"){
if ($_POST['submissionType'] == "borrower") {
$firstname = $_POST['firstname'] ?? '';
$lastname = $_POST['lastname'] ?? '';
$role = $_POST['role'] ?? '';
if($firstname && $lastname && $role){
if ($firstname && $lastname && $role) {
addBorrower($pdo, $firstname, $lastname, $role);
}else{
} else {
echo "<p>Please fill in all fields.</p>";
}
}
if($_POST['submissionType'] == "loan"){
if ($_POST['submissionType'] == "loan") {
$copyID = $_POST['copyID'] ?? '';
$borrowerID = $_POST['borrowerID'] ?? '';
$borrowedDate = $_POST['borrowedDate'] ?? '';
$dueDate = $_POST['dueDate'];
if($copyID && $borrowerID && $borrowedDate && $dueDate){
if ($copyID && $borrowerID && $borrowedDate && $dueDate) {
addLoan($pdo, $copyID, $borrowerID, $borrowedDate, $dueDate);
}else{
} else {
echo "<p>Please fill in all fields.</p>";
}
}
if($_POST['submissionType'] == "return"){
if ($_POST['submissionType'] == "return") {
$copyIDLoanID = explode("-", $_POST['copyID-loanID'], 2);
$copyID = $copyIDLoanID[0];
$loanID = $copyIDLoanID[1];
$returnedDate = $_POST['returnedDate'];
if($copyID && $loanID){
if ($copyID && $loanID) {
removeLoan($pdo, $copyID, $loanID, $returnedDate);
}else{
} else {
echo "<p>Please fill in all fields</p>";
}
}
if($_POST['submissionType'] == "selectRequest"){
if ($_POST['submissionType'] == "selectRequest") {
$selectRequest = $_POST['sqlSelectTextarea'];
if($selectRequest){
if ($selectRequest) {
selectRequest($pdo, $selectRequest);
}else{
} else {
echo "<p>Please fill in all fields</p>";
}
}
}
if($_SERVER['REQUEST_METHOD'] == 'GET'){
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
if(!hash_equals($sessionToken, $getToken)){
if (!hash_equals($sessionToken, $getToken)) {
die("Invalid request: Token mismatch.");
}
if($_GET['submissionType'] == "getCopies"){
if ($_GET['submissionType'] == "getCopies") {
$bookID = $_GET['bookID'];
if($bookID){
if ($bookID) {
$copies = getAvailableCopiesOfBook($pdo, $bookID);
echo json_encode($copies);
}else{
} else {
echo json_encode([]);
}
}
if($_GET['submissionType'] == "getReturnCopies"){
if ($_GET['submissionType'] == "getReturnCopies") {
$borrowerID = $_GET['borrowerID'];
if($borrowerID){
if ($borrowerID) {
$copies = getBorrowedCopiesOfBorrower($pdo, $borrowerID);
echo json_encode($copies);
}else{
} else {
echo json_encode([]);
}
}