diff --git a/Website/class.user.php b/Website/class.user.php index 0367175..7648185 100644 --- a/Website/class.user.php +++ b/Website/class.user.php @@ -27,8 +27,7 @@ class USER //$new_password = password_hash($upass, PASSWORD_DEFAULT); // 3.2.17 ivan changed to cleartext password saving to make it more easy... $new_password = $upass; - $stmt = $this->conn->prepare("INSERT INTO benutzer(benutzer_name,benutzer_pass) - VALUES(:uname, :upass)"); + $stmt = $this->conn->prepare("INSERT INTO benutzer(benutzer_name,benutzer_pass) VALUES(:uname, :upass)"); $stmt->bindparam(":uname", $uname); $stmt->bindparam(":upass", $new_password); diff --git a/Website/config.php b/Website/config.php new file mode 100644 index 0000000..a3a1acd --- /dev/null +++ b/Website/config.php @@ -0,0 +1,13 @@ +getMessage(); + } +?> diff --git a/Website/dbconfig.php b/Website/dbconfig.php index 90fa5bd..7afa16e 100644 --- a/Website/dbconfig.php +++ b/Website/dbconfig.php @@ -1,6 +1,8 @@ + conn = null; try { - $this->conn = new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_name, $this->db_username, $this->db_password); + $this->conn = new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_name . ";charset" . $this->db_charset, $this->db_username, $this->db_password); $this->conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch(PDOException $exception) diff --git a/Website/dblogin.sql b/Website/dblogin.sql index 4452818..724d543 100644 --- a/Website/dblogin.sql +++ b/Website/dblogin.sql @@ -19,7 +19,7 @@ SHOW GRANTS FOR 'WT1CS1usr'; -- CREATE TABLE IF NOT EXISTS `bsldb`.`benutzer` ( - `benutzer_id` int(11) NOT NULL AUTO_INCREMENT, + `benutzer_id` int(11) NOT NULL AUTO_INCREMENT, `benutzer_name` varchar(15) NOT NULL, `benutzer_pass` varchar(255) NOT NULL, `anmelde_datum` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, @@ -28,13 +28,14 @@ CREATE TABLE IF NOT EXISTS `bsldb`.`benutzer` ( ) ; CREATE TABLE IF NOT EXISTS `bsldb`.`nachfrager` ( - `erfassungs_id` int(11) NOT NULL AUTO_INCREMENT, - `benutzer_id` int(11) NOT NULL, - `nachfr_typ` varchar(15) NOT NULL, - `nachfr_quali` varchar(15) NOT NULL, - `nachfr_menge` int(11) NOT NULL, - `nachfr_lieferdatum` date, - `nachfr_datum` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `erfassungs_id` int(11) NOT NULL AUTO_INCREMENT, + `benutzer_id` int(11) NOT NULL, + `nachfr_typ` varchar(15) NOT NULL, + `nachfr_quali` varchar(15) NOT NULL, + `nachfr_menge` int(11) NOT NULL, + `nachfr_lieferdatum` date, + `nachfr_datum` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `nachfr_beschr` varchar(400), CONSTRAINT `pk_nachfrager_erfassungs_id` PRIMARY KEY (erfassungs_id), CONSTRAINT `fk_nachfrager_benutzer_id` diff --git a/Website/erfassen.php b/Website/erfassen.php new file mode 100644 index 0000000..5421aad --- /dev/null +++ b/Website/erfassen.php @@ -0,0 +1,81 @@ +runQuery("SELECT * FROM benutzer WHERE benutzer_id=:user_id"); + $stmt->execute(array(":user_id"=>$user_id)); + + $userRow=$stmt->fetch(PDO::FETCH_ASSOC); + + // Einlesen der Formular-Felder + if (isset($_POST['submit'])) { + $typ = $_POST['typ']; + $quali = $_POST['quali']; + $menge = $_POST['menge']; + $lieferdatum = $_POST['lieferdatum']; + $beschrieb = $_POST['beschrieb']; + + /* abfangen von falschen oder zu wehnig informationen. + * if($typ=="") { + * $error[] = "du musst einen Typ für dein Teil angeben!"; + * } else if($menge=="") { + * $error[] = "du musst dem Anbieter sagen wieviele Teile du benötigst!"; + * } else if(strlen($beschrieb) < 10){ + * $error[] = "du solltest einen Detailierteren beschrieb verfassen..."; + } else { */ + $stmt = $db->prepare("INSERT INTO nachfrager (benutzer_id, nachfr_typ,nachfr_quali, nachfr_menge, nachfr_lieferdatum, nachfr_beschr) VALUES (:benutzer_id, :nachfr_typ, :nachfr_quali, :nachfr_menge, :nachfr_lieferdatum, :nachfr_beschr)"); + $stmt->bindValue(':benutzer_id',$user_id); + $stmt->bindValue(':nachfr_typ',$typ); + $stmt->bindValue(':nachfr_quali',$quali); + $stmt->bindValue(':nachfr_menge',$menge); + $stmt->bindValue(':nachfr_lieferdatum',$lieferdatum); + $stmt->bindValue(':nachfr_beschr',$beschrieb); + $stmt->execute(); + } + +?> + + +
+ + +Suchen Sie ein Teil? Dann erfassen Sie es hier!
+ +User Home Page -
-
- Programming Blog Featuring Tutorials on PHP, MySQL, Ajax, jQuery, Web Design and More...
-
-
- tutorial link
-
-
Another Secure Profile Page
-
- Programming Blog Featuring Tutorials on PHP, MySQL, Ajax, jQuery, Web Design and More...
-
-
- tutorial link
-
Passwortänderung:
diff --git a/Website/session.php b/Website/session.php index 2b76731..17c3b65 100644 --- a/Website/session.php +++ b/Website/session.php @@ -5,7 +5,7 @@ require_once 'class.user.php'; $session = new USER(); - // if user session is not active(not loggedin) this page will help 'home.php and profile.php' to redirect to login page + // if user session is not active(not loggedin) this page will help 'suche.php and profile.php' to redirect to login page // put this file within secured pages that users can't access without login! if(!$session->is_loggedin()) diff --git a/Website/sign-up.php b/Website/sign-up.php index 4c78420..5a22afe 100644 --- a/Website/sign-up.php +++ b/Website/sign-up.php @@ -4,7 +4,7 @@ require_once('class.user.php'); $user = new USER(); if($user->is_loggedin()!=""){ - $user->redirect('home.php'); + $user->redirect('suche.php'); } if(isset($_POST['btn-signup'])){ $uname = strip_tags($_POST['txt_uname']); diff --git a/Website/suche.php b/Website/suche.php new file mode 100644 index 0000000..b14ae38 --- /dev/null +++ b/Website/suche.php @@ -0,0 +1,42 @@ +runQuery("SELECT * FROM benutzer WHERE benutzer_id=:user_id"); + $stmt->execute(array(":user_id"=>$user_id)); + + $userRow=$stmt->fetch(PDO::FETCH_ASSOC); + +?> + + + + + +Suchen Sie ein Teil? +
+grenzen Sie die Liste ein: < - suche - >
++ query("SELECT * FROM nachfrager") as $row) { + echo + htmlentities($row['nachfr_typ']) . " " . + htmlentities($row['nachfr_menge']) . " " . + htmlentities($row['nachfr_quali']) . " " . + htmlentities($row['nachfr_datum']) . " " . + htmlentities($row['nachfr_lieferdatum']) . ""; + } + ?> +
+ +