R40fendt/ritzenbergen-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fomulare multiple-Spalte, Admin Panel Auth angefangen

Browse Source
This commit is contained in:
R40fendt
2026-01-03 19:49:22 +01:00
parent 53ce8a4491
commit a7cad8edca
4 changed files with 55 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
admin/login.php Executable file
View File

@@ -0,0 +1,20 @@
<?php
include("../../mysqlverbinden.php");
if(!isset($_GET["username"])) die("GET username fehlt");
$username=$_GET["username"];
if(!isset($_GET["password"])) die("GET password fehlt");
$password=$_GET["password"];
$result=mysqli_execute_query($db_id,"SELECT `password` FROM `adminpanel-users` WHERE `username`=?;",[$username])->fetch_assoc();
if(!isset($result["password"]))
die('{"error":"Falscher Benutzername","success":false}');
if($result["password"]!=$password)
die('{"error":"Falsches Passwort","success":false}');
$token="";
echo json_encode(["token"=>$token,"success"=>true],JSON_UNESCAPED_UNICODE|JSON_UNESCAPED_SLASHES);

0
admin/userinfo.php Executable file
View File

36
formulare/submit.php
View File

@@ -4,10 +4,42 @@ include("../../mysqlverbinden.php");
if(!isset($_POST["internalformid"])) die("POST internalformid fehlt"); if(!isset($_POST["internalformid"])) die("POST internalformid fehlt");
$formid=$_POST["internalformid"]; $formid=$_POST["internalformid"];
print_r($_POST);
if(mysqli_execute_query($db_id,"SELECT * FROM `formulare` WHERE `id`=?;",[$formid])->fetch_assoc()["multiple"]==0) {
foreach(mysqli_execute_query($db_id,"SELECT `id` FROM `formulare-ergebnisse`;") as $row){
$same=true;
$checkedKeys=[];
foreach(mysqli_execute_query($db_id,"SELECT `name` FROM `formulare-fields` WHERE `formular`=?;",[$formid]) as $fieldName){
$name=$fieldName["name"];
$nameStripped=$name;
if(substr($name,-2)=="[]"){
$nameStripped=substr($name,0,-2);
}
$row2=mysqli_execute_query($db_id,"SELECT `name`,`value` FROM `formulare-ergebnis` WHERE `ergebnisid`=? AND `name`=?;",[$row["id"],$name])->fetch_assoc();
if(isset($row2["value"])!=isset($_POST[$nameStripped])){
$same=false;
continue;
}
$value=$_POST[$nameStripped];
if(is_array($value)){
$value=json_encode($value,JSON_UNESCAPED_UNICODE|JSON_UNESCAPED_SLASHES);
}
if(!is_string($value)) $value=strval($value);
if($value!=$row2["value"]){
$same=false;
}
$checkedKeys[]=$name;
}
if($same) die("Fehler: Doppelte Einträge sind nicht erlaubt");
}
}
mysqli_execute_query($db_id,"INSERT INTO `formulare-ergebnisse` (`formular`) VALUES (?);",[$formid]); mysqli_execute_query($db_id,"INSERT INTO `formulare-ergebnisse` (`formular`) VALUES (?);",[$formid]);
$id = mysqli_insert_id($db_id); $id = mysqli_insert_id($db_id);
echo $id;
foreach($_POST as $key => $value){ foreach($_POST as $key => $value){
if($key=="internalformid") continue; if($key=="internalformid") continue;

2
hits.txt
View File

@@ -1 +1 @@
5 7