From 6a52fe386e66e438a6b8c72a159da4d91ac72c63 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ivan=20Ho=CC=88rler?= <i.hoerler@me.com>
Date: Thu, 16 Feb 2017 18:39:11 +0100
Subject: [PATCH] =?UTF-8?q?Userinterface=20erster=20entwurf=20der=20funkti?=
 =?UTF-8?q?oniert.=20Basiert=20auf=20einer=20zweiten=20config=20was=20unsc?=
 =?UTF-8?q?h=C3=B6n=20ist.=20Muss=20=C3=BCberarbeitet=20werden.=20Es=20feh?=
 =?UTF-8?q?lt=20auch=20noch=20die=20Suche,=20Datenvalidation,=20Datenmanip?=
 =?UTF-8?q?ulation,=20Angebot=20abgeben=20und=20Darstellung.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Website/class.user.php |  3 +-
 Website/config.php     | 13 ++++++
 Website/dbconfig.php   |  4 +-
 Website/dblogin.sql    | 17 ++++----
 Website/erfassen.php   | 81 +++++++++++++++++++++++++++++++++++++
 Website/home.php       | 92 ------------------------------------------
 Website/index.php      |  4 +-
 Website/logout.php     |  4 +-
 Website/nav.php        | 31 ++++++++++++++
 Website/profile.php    | 61 ++++------------------------
 Website/session.php    |  2 +-
 Website/sign-up.php    |  2 +-
 Website/suche.php      | 42 +++++++++++++++++++
 13 files changed, 193 insertions(+), 163 deletions(-)
 create mode 100644 Website/config.php
 create mode 100644 Website/erfassen.php
 delete mode 100644 Website/home.php
 create mode 100644 Website/nav.php
 create mode 100644 Website/suche.php

diff --git a/Website/class.user.php b/Website/class.user.php
index 0367175..7648185 100644
--- a/Website/class.user.php
+++ b/Website/class.user.php
@@ -27,8 +27,7 @@ class USER
 			//$new_password = password_hash($upass, PASSWORD_DEFAULT); // 3.2.17 ivan changed to cleartext password saving to make it more easy...
 			$new_password = $upass;
 
-			$stmt = $this->conn->prepare("INSERT INTO benutzer(benutzer_name,benutzer_pass)
-		                                               VALUES(:uname, :upass)");
+			$stmt = $this->conn->prepare("INSERT INTO benutzer(benutzer_name,benutzer_pass) VALUES(:uname, :upass)");
 
 			$stmt->bindparam(":uname", $uname);
 			$stmt->bindparam(":upass", $new_password);
diff --git a/Website/config.php b/Website/config.php
new file mode 100644
index 0000000..a3a1acd
--- /dev/null
+++ b/Website/config.php
@@ -0,0 +1,13 @@
+<?php
+    $db_charset = "utf8";
+    $db_host = "localhost";
+    $db_name = "bsldb";
+    $db_username = "WT1CS1usr";
+    $db_password = "ibz4life-WT1CS1";
+
+    try {
+      $db = new PDO("mysql:host=" . $db_host . ";dbname=" . $db_name . ";charset=" . $db_charset, $db_username, $db_password);
+    } catch(PDOException $exception) {
+            echo "Connection error: " . $exception->getMessage();
+    }
+?>
diff --git a/Website/dbconfig.php b/Website/dbconfig.php
index 90fa5bd..7afa16e 100644
--- a/Website/dbconfig.php
+++ b/Website/dbconfig.php
@@ -1,6 +1,8 @@
+
 <?php
 class Database
 {
+    private $db_charset = "utf8";
     private $db_host = "localhost";
     private $db_name = "bsldb";
     private $db_username = "WT1CS1usr";
@@ -13,7 +15,7 @@ class Database
 	    $this->conn = null;
         try
 		{
-            $this->conn = new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_name, $this->db_username, $this->db_password);
+            $this->conn = new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_name . ";charset" . $this->db_charset, $this->db_username, $this->db_password);
 			$this->conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
         }
 		catch(PDOException $exception)
diff --git a/Website/dblogin.sql b/Website/dblogin.sql
index 4452818..724d543 100644
--- a/Website/dblogin.sql
+++ b/Website/dblogin.sql
@@ -19,7 +19,7 @@ SHOW GRANTS FOR 'WT1CS1usr';
 --
 
 CREATE TABLE IF NOT EXISTS `bsldb`.`benutzer` (
-  `benutzer_id` 		int(11) 		NOT NULL AUTO_INCREMENT,
+  `benutzer_id` 		  int(11) 		  NOT NULL AUTO_INCREMENT,
   `benutzer_name` 		varchar(15) 	NOT NULL,
   `benutzer_pass` 		varchar(255) 	NOT NULL,
   `anmelde_datum` 		timestamp 		NOT NULL DEFAULT CURRENT_TIMESTAMP,
@@ -28,13 +28,14 @@ CREATE TABLE IF NOT EXISTS `bsldb`.`benutzer` (
 ) ;
 
 CREATE TABLE IF NOT EXISTS `bsldb`.`nachfrager` (
-  `erfassungs_id` 		int(11) 		NOT NULL AUTO_INCREMENT,
-  `benutzer_id` 		int(11)		 	NOT NULL,
-  `nachfr_typ` 			varchar(15) 	NOT NULL,
-  `nachfr_quali` 		varchar(15) 	NOT NULL,
-  `nachfr_menge` 		int(11) 		NOT NULL,
-  `nachfr_lieferdatum` 	date,
-  `nachfr_datum` 		timestamp 		NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `erfassungs_id` 		int(11) 		  NOT NULL AUTO_INCREMENT,
+  `benutzer_id` 		  int(11)		 	  NOT NULL,
+  `nachfr_typ` 			  varchar(15) 	NOT NULL,
+  `nachfr_quali` 		  varchar(15) 	NOT NULL,
+  `nachfr_menge` 		  int(11) 		  NOT NULL,
+  `nachfr_lieferdatum` date,
+  `nachfr_datum` 		  timestamp 		NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `nachfr_beschr` 		varchar(400),
   CONSTRAINT `pk_nachfrager_erfassungs_id`
   	PRIMARY KEY (erfassungs_id),
   CONSTRAINT `fk_nachfrager_benutzer_id`
diff --git a/Website/erfassen.php b/Website/erfassen.php
new file mode 100644
index 0000000..5421aad
--- /dev/null
+++ b/Website/erfassen.php
@@ -0,0 +1,81 @@
+<?php
+
+	require_once("session.php");
+  include 'config.php';
+	require_once("class.user.php");
+	$auth_user = new USER();
+
+	$user_id = $_SESSION['user_session'];
+
+	$stmt = $auth_user->runQuery("SELECT * FROM benutzer WHERE benutzer_id=:user_id");
+	$stmt->execute(array(":user_id"=>$user_id));
+
+	$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
+
+	// Einlesen der Formular-Felder
+	if (isset($_POST['submit'])) {
+	    $typ = $_POST['typ'];
+	    $quali = $_POST['quali'];
+			$menge = $_POST['menge'];
+	    $lieferdatum = $_POST['lieferdatum'];
+			$beschrieb = $_POST['beschrieb'];
+
+	    /* abfangen von falschen oder zu wehnig informationen.
+			*		if($typ=="")	{
+			*				$error[] = "du musst einen Typ für dein Teil angeben!";
+			*		} else if($menge=="")	{
+			*				$error[] = "du musst dem Anbieter sagen wieviele Teile du benötigst!";
+			*		} else if(strlen($beschrieb) < 10){
+			*				$error[] = "du solltest einen Detailierteren beschrieb verfassen...";
+				} else { */
+							$stmt = $db->prepare("INSERT INTO nachfrager (benutzer_id, nachfr_typ,nachfr_quali, nachfr_menge, nachfr_lieferdatum, nachfr_beschr) VALUES (:benutzer_id, :nachfr_typ, :nachfr_quali, :nachfr_menge, :nachfr_lieferdatum, :nachfr_beschr)");
+							$stmt->bindValue(':benutzer_id',$user_id);
+							$stmt->bindValue(':nachfr_typ',$typ);
+							$stmt->bindValue(':nachfr_quali',$quali);
+							$stmt->bindValue(':nachfr_menge',$menge);
+							$stmt->bindValue(':nachfr_lieferdatum',$lieferdatum);
+							$stmt->bindValue(':nachfr_beschr',$beschrieb);
+							$stmt->execute();
+	}
+
+?>
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="UTF-8">
+		<link rel="stylesheet" href="style.css" type="text/css"  />
+		<title>Hallo <?php print($userRow['benutzer_name']); ?></title>
+	</head>
+	<body>
+ 		<?php include 'nav.php';?>
+			<h1>erfassen</h1>
+			<p>Suchen Sie ein Teil? Dann erfassen Sie es hier!</p>
+			<form method="post" action="<?= $_SERVER['PHP_SELF'] ?>">
+				Typ:
+					<input type="text" name="typ" value="" placeholder="zum beispiel: Schraube "/><br />
+				Qualität:
+					<input type="range" min="0" max="10" value="5" step="1" name="quali"><br />
+				Benötigte Stückzahl:
+					<input type="number" name="menge" min="1"  value="" placeholder="mindestens 1" /><br />
+				Lieferdatum:
+					<input type="date" name="lieferdatum" min="
+						<script>
+							document.getElementById('e').value = new Date().toISOString().substring(0, 10);
+						</script>" value="" placeholder="YYYY-MM-DD"/><br />
+				Beschrieb<br />
+					<textarea rows="10" cols="60" name="beschrieb"></textarea><br />
+				<input type="submit" name="submit" />
+			</form>
+			<div id="error">
+				<?php
+					if(isset($error)){
+						foreach($error as $error){
+							echo $error;
+						}
+					} else if(isset($_GET['joined'])) {
+ 						echo "Dein $typ wurde in die Datenbank aufgenommen.";
+					}
+				?>
+			</div>
+	</body>
+</html>
diff --git a/Website/home.php b/Website/home.php
deleted file mode 100644
index 8a0567b..0000000
--- a/Website/home.php
+++ /dev/null
@@ -1,92 +0,0 @@
-<?php
-
-	require_once("session.php");
-
-	require_once("class.user.php");
-	$auth_user = new USER();
-
-	$user_id = $_SESSION['user_session'];
-
-	$stmt = $auth_user->runQuery("SELECT * FROM benutzer WHERE benutzer_id=:user_id");
-	$stmt->execute(array(":user_id"=>$user_id));
-
-	$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
-
-?>
-<!DOCTYPE html>
-<html>
-	<head>
-		<meta charset="UTF-8">
-		<link rel="stylesheet" href="style.css" type="text/css"  />
-		<title>welcome - <?php print($userRow['benutzer_name']); ?></title>
-	</head>
-	<body>
-		<nav class="navbar navbar-default navbar-fixed-top">
-      <div class="container">
-        <div class="navbar-header">
-          <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
-            <span class="sr-only">Toggle navigation</span>
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-          </button>
-          <a class="navbar-brand" href="http://www.codingcage.com">Coding Cage</a>
-        </div>
-	        <div id="navbar" class="navbar-collapse collapse">
-	          <ul class="nav navbar-nav">
-	            <li class="active"><a href="http://www.codingcage.com/2015/04/php-login-and-registration-script-with.html">Back to Article</a></li>
-	            <li><a href="http://www.codingcage.com/search/label/jQuery">jQuery</a></li>
-	            <li><a href="http://www.codingcage.com/search/label/PHP">PHP</a></li>
-	          </ul>
-	          <ul class="nav navbar-nav navbar-right">
-	            <li class="dropdown">
-	              <a href="#" class="dropdown-toggle" data-toggle="dropdown" 	role="button" aria-haspopup="true" aria-expanded="false">
-				  				<span class="glyphicon glyphicon-user">
-									</span>&nbsp;Hi'
-									<?php echo $userRow['benutzer_name'];
-									?>&nbsp;
-									<span class="caret">
-									</span>
-								</a>
-	              <ul class="dropdown-menu">
-	                <li><a href="profile.php"><span class="glyphicon glyphicon-user"></span>&nbsp;View Profile</a></li>
-	                <li><a href="logout.php?logout=true"><span class="glyphicon glyphicon-log-out"></span>&nbsp;Sign Out</a></li>
-	              </ul>
-	            </li>
-	          </ul>
-	        </div><!--/.nav-collapse -->
-	      </div>
-	    </nav>
-	    <div class="clearfix">
-			</div>
-			<div class="container-fluid" style="margin-top:80px;">
-	    <div class="container">
-	    	<label class="h5">welcome :
-					<?php print($userRow['benutzer_name']);
-					?>
-				</label>
-	        <hr />
-				<h1>
-	        <a href="home.php">
-						<span class="glyphicon glyphicon-home">
-						</span> home
-					</a> &nbsp;
-	        <a href="profile.php">
-						<span class="glyphicon glyphicon-user">
-						</span> profile
-					</a>
-				</h1>
-	      <hr />
-	      <p class="h4">User Home Page
-				</p>
-	    	<p class="blockquote-reverse" style="margin-top:200px;">
-	    		Programming Blog Featuring Tutorials on PHP, MySQL, Ajax, jQuery, Web Design and More...
-					<br />
-					<br />
-	    		<a href="http://www.codingcage.com/2015/04/php-login-and-registration-script-with.html">tutorial link
-					</a>
-	    	</p>
-	    </div>
-		</div>
-	</body>
-</html>
diff --git a/Website/index.php b/Website/index.php
index 312bec7..a0a9e8a 100644
--- a/Website/index.php
+++ b/Website/index.php
@@ -4,13 +4,13 @@ require_once("class.user.php");
 $login = new USER();
 
 if($login->is_loggedin()!=""){
-	$login->redirect('home.php');
+	$login->redirect('suche.php');
 }
 if(isset($_POST['btn-login'])){
 	$uname = strip_tags($_POST['txt_uname']);
 	$upass = strip_tags($_POST['txt_password']);
 		if($login->doLogin($uname,$upass)){
-		$login->redirect('home.php');
+		$login->redirect('suche.php');
 		} else {
 			$error = "Wrong Details !";
 		}
diff --git a/Website/logout.php b/Website/logout.php
index d78f37e..f5a3b25 100644
--- a/Website/logout.php
+++ b/Website/logout.php
@@ -2,10 +2,10 @@
 	require_once('session.php');
 	require_once('class.user.php');
 	$user_logout = new USER();
-	
+
 	if($user_logout->is_loggedin()!="")
 	{
-		$user_logout->redirect('home.php');
+		$user_logout->redirect('suche.php');
 	}
 	if(isset($_GET['logout']) && $_GET['logout']=="true")
 	{
diff --git a/Website/nav.php b/Website/nav.php
new file mode 100644
index 0000000..6f46a4a
--- /dev/null
+++ b/Website/nav.php
@@ -0,0 +1,31 @@
+<nav class="nav">
+  <label class="h5">Willkommen :
+    <a href="profile.php">
+      <span class="profile-link"><?php print($userRow['benutzer_name']);?></span>
+    </a>
+    auf der businessstreamline Website!
+  </label>
+  <hr />
+  <h1>
+    </label>
+      <a href="suche.php">
+        <span class="menu">
+        </span> suchen
+      </a>
+    </label>
+     &nbsp;
+    <label>
+      <a href="erfassen.php">
+        <span class="menu">
+        </span> erfassen
+      </a>
+    </label>
+     &nbsp;
+    <label>
+      <a href="logout.php?logout=true">
+        <i class="menu"></i> logout
+      </a>
+    </label>
+  </h1>
+  <hr />
+</nav>
diff --git a/Website/profile.php b/Website/profile.php
index 82eabe2..2235058 100644
--- a/Website/profile.php
+++ b/Website/profile.php
@@ -1,15 +1,14 @@
 <?php
 
 	require_once("session.php");
-
+  include 'config.php';
 	require_once("class.user.php");
 	$auth_user = new USER();
 
-
 	$user_id = $_SESSION['user_session'];
 
 	$stmt = $auth_user->runQuery("SELECT * FROM benutzer WHERE benutzer_id=:user_id");
-	$stmt->execute(array(":user_id"=>$benutzer_id));
+	$stmt->execute(array(":user_id"=>$user_id));
 
 	$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
 
@@ -19,57 +18,11 @@
 	<head>
 		<meta charset="UTF-8">
 		<link rel="stylesheet" href="style.css" type="text/css"  />
-	<title>welcome - <?php print($userRow['benutzer_name']); ?></title>
+		<title>Hallo <?php print($userRow['benutzer_name']); ?></title>
 	</head>
-		<body>
-			<nav class="navbar navbar-default navbar-fixed-top">
-	      <div class="container">
-	        <div class="navbar-header">
-	          <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
-	            <span class="sr-only">Toggle navigation</span>
-	            <span class="icon-bar"></span>
-	            <span class="icon-bar"></span>
-	            <span class="icon-bar"></span>
-	          </button>
-	          <a class="navbar-brand" href="http://www.codingcage.com">Coding Cage</a>
-	        </div>
-	        <div id="navbar" class="navbar-collapse collapse">
-	          <ul class="nav navbar-nav">
-	            <li class="active"><a href="http://www.codingcage.com/2015/11/ajax-login-script-with-jquery-php-mysql.html">Back to Article</a></li>
-	            <li><a href="http://www.codingcage.com/search/label/jQuery">jQuery</a></li>
-	            <li><a href="http://www.codingcage.com/search/label/PHP">PHP</a></li>
-	          </ul>
-	          <ul class="nav navbar-nav navbar-right">
-	            <li class="dropdown">
-	              	<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
-				  				<span class="glyphicon glyphicon-user"></span>&nbsp;Hi' <?php echo $userRow['benutzer_name']; ?>&nbsp;<span class="caret"></span></a>
-	            	<ul class="dropdown-menu">
-	              	<li><a href="#"><span class="glyphicon glyphicon-user"></span>&nbsp;View Profile</a></li>
-	                <li><a href="logout.php?logout=true"><span class="glyphicon glyphicon-log-out"></span>&nbsp;Sign Out</a></li>
-	              </ul>
-	            </li>
-	          </ul>
-	        </div><!--/.nav-collapse -->
-	      </div>
-	    </nav>
-		<div class="clearfix">
-		</div>
-  	<div class="container-fluid" style="margin-top:80px;">
-    	<div class="container">
-    		<label class="h5">welcome : <?php print($userRow['benutzer_name']); ?></label>
-        <hr />
-        <h1>
-        <a href="home.php"><span class="glyphicon glyphicon-home"></span> home</a> &nbsp;
-        <a href="profile.php"><span class="glyphicon glyphicon-user"></span> profile</a></h1>
-        <hr />
-      	<p class="h4">Another Secure Profile Page</p>
-    		<p class="blockquote-reverse" style="margin-top:200px;">
-    		Programming Blog Featuring Tutorials on PHP, MySQL, Ajax, jQuery, Web Design and More...
-				<br />
-				<br />
-    		<a href="http://www.codingcage.com/2015/04/php-login-and-registration-script-with.html">tutorial link</a>
-				</p>
-    	</div>
-		</div>
+	<body>
+ 		<?php include 'nav.php';?>
+			<h1>Benutzerprofil</h1>
+			<p>Passwortänderung:</p>
 	</body>
 </html>
diff --git a/Website/session.php b/Website/session.php
index 2b76731..17c3b65 100644
--- a/Website/session.php
+++ b/Website/session.php
@@ -5,7 +5,7 @@
 	require_once 'class.user.php';
 	$session = new USER();
 
-	// if user session is not active(not loggedin) this page will help 'home.php and profile.php' to redirect to login page
+	// if user session is not active(not loggedin) this page will help 'suche.php and profile.php' to redirect to login page
 	// put this file within secured pages that users can't access without login!
 
 	if(!$session->is_loggedin())
diff --git a/Website/sign-up.php b/Website/sign-up.php
index 4c78420..5a22afe 100644
--- a/Website/sign-up.php
+++ b/Website/sign-up.php
@@ -4,7 +4,7 @@ require_once('class.user.php');
 $user = new USER();
 
 if($user->is_loggedin()!=""){
-	$user->redirect('home.php');
+	$user->redirect('suche.php');
 }
 if(isset($_POST['btn-signup'])){
 	$uname = strip_tags($_POST['txt_uname']);
diff --git a/Website/suche.php b/Website/suche.php
new file mode 100644
index 0000000..b14ae38
--- /dev/null
+++ b/Website/suche.php
@@ -0,0 +1,42 @@
+<?php
+
+	require_once("session.php");
+  include 'config.php';
+	require_once("class.user.php");
+	$auth_user = new USER();
+
+	$user_id = $_SESSION['user_session'];
+
+	$stmt = $auth_user->runQuery("SELECT * FROM benutzer WHERE benutzer_id=:user_id");
+	$stmt->execute(array(":user_id"=>$user_id));
+
+	$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
+
+?>
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="UTF-8">
+		<link rel="stylesheet" href="style.css" type="text/css"  />
+		<title>Hallo <?php print($userRow['benutzer_name']); ?></title>
+	</head>
+	<body>
+ 		<?php include 'nav.php';?>
+			<h1>Suchen</h1>
+			<p>Suchen Sie ein Teil?
+			</p>
+			<p>grenzen Sie die Liste ein: < - suche - > </p>
+			<p>
+				<?php
+					foreach ($db->query("SELECT * FROM nachfrager") as $row) {
+						echo
+						htmlentities($row['nachfr_typ']) . " " .
+						htmlentities($row['nachfr_menge']) . " " .
+						htmlentities($row['nachfr_quali']) . " " .
+						htmlentities($row['nachfr_datum']) . " " .
+						htmlentities($row['nachfr_lieferdatum']) . "</br>";
+				}
+			?>
+		  </p>
+	</body>
+</html>