initial admin page

c3a23b52 · Manuel Herrmann · 2e33fab7 · c3a23b52 · c3a23b52 · c3a23b52
Commit c3a23b52 authored 10 years ago by Manuel Herrmann
--- a/registration-system/admin/commons_admin.php
+++ b/registration-system/admin/commons_admin.php
+<?php
+require_once("../config.inc.php");
+function generateNavigationItems($page, $menu)
+{
+    $text = '';
+    foreach($menu as $name => $page)
+    {
+        $text .= "<a href='?page=$page'>$name</a>";
+    }
+    return $text;
+}
+function checkIfLogin()
+{
+    if(!isset($_POST['user']) || !isset($_POST['password']))
+        return;
+    $user = $_POST['user'];
+    $password = $_POST['password'];
+    if (isValidUser($user, $password))
+        setLoggedIn($user);
+}
+function isValidUser($user, $password)
+{
+    global $config_admins;
+    foreach($config_admins as $cfg_user => $cfg_password)
+    {
+        if ($cfg_user != $user)
+            continue;
+        if ($cfg_password[0] == '{')
+        {
+            if (strpos($cfg_password, "{SHA254}") >= 0)
+            {
+                $beginOfSalt = strpos($cfg_password, "$");
+                $salt = substr($cfg_password, 9, strpos($cfg_password, "$") - 9);
+                $hash = substr($cfg_password, $beginOfSalt + 1);
+                if (hash('sha256', $password . $salt) == $hash)
+                    return true;
+            }
+        }
+        else
+        {
+            // TODO: ONLY sha256 yet, others not implemented
+        }
+    }
+    return false;
+}
+function isLoggedIn()
+{
+    return isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] != '';
+}
+function setLoggedIn($user)
+{
+    if ($user != "")
+        $_SESSION['loggedIn'] = $user;
+    else
+    {
+        session_destroy();
+        header("location: ..");
+    }
+}
--- a/registration-system/admin/index.php
+++ b/registration-system/admin/index.php
+<?php
+/**
+ * Created by PhpStorm.
+ * User: it
+ * Date: 8/8/14
+ * Time: 4:19 PM
+ */
+session_start();
+require_once("commons_admin.php");
+require_once("pages.php");
+$template = file_get_contents("../view/admin_template.html");
+$navigation = "";
+$text = "";
+checkIfLogin();
+if (isLoggedIn())
+{
+    $menu = array(
+        "Übersicht" => "stuff",
+        "Meldeliste" => "list",
+        "Kosten" => "cost",
+        "Rundmail" => "mail"
+    );
+    $page = isset($_GET['page']) ? $_GET['page'] : "";
+    $navigation = generateNavigationItems($page, $menu);
+    switch($page)
+    {
+        case "":
+        case "stuff":
+            page_stuff(); break;
+        case "list":
+            page_list(); break;
+        //case "cost":
+            //page_cost(); break;
+        //case "mail":
+            //page_mail(); break;
+        default:
+            page_404();
+    }
+}
+else
+{
+    $text .= file_get_contents("../view/admin_login_form.html");
+}
+echo str_replace("{text}", $text, str_replace("{navigation}", $navigation, $template));
\ No newline at end of file
--- a/registration-system/admin/pages.php
+++ b/registration-system/admin/pages.php
+<?php
+function page_stuff()
+{
+    global $text;
+    $text .= "Übersichtsseite";
+}
+function page_list()
+{
+    global $text;
+    $text .= "Meldeliste";
+}
+function page_404()
+{
+    global $text;
+    $text .= "404 Seite nicht gefunden...";
+}
+?>
\ No newline at end of file
--- a/registration-system/view/admin_login_form.html
+++ b/registration-system/view/admin_login_form.html
+<form method="post">
+    <input name="user" type="text" />
+    <input name="password" type="password" />
+    <input type="submit" value="anmelden" />
+</form>
\ No newline at end of file
--- a/registration-system/view/admin_template.html
+++ b/registration-system/view/admin_template.html
@@ -3,6 +3,7 @@
 <html>
 <head>
    <title>FSFahrt - Admin Panel</title>
+    <meta charset="UTF-8" />
    <style type="text/css">
        body {
            font-family:Verdana,Helvetica,sans-serif;