torsten/fvsjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial

Browse Source
This commit is contained in:
Torsten Schulz
2023-06-16 11:57:49 +02:00
commit 44da93c0e9
328 changed files with 134580 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
include/accounts.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
include 'renderer.php';
class Accounts extends Renderer {
public function __construct(?string $templateName) {
parent::__construct($templateName);
$this->renderInactiveUsers();
$this->renderActiveUsers();
}
private function renderInactiveUsers(): void {
$result = mysqli_query($this->dbConnection, 'SELECT * FROM user WHERE active=0');
$content = '<tbody>';
while ($row = mysqli_fetch_assoc($result)) {
$content .= '<tr><td>' . $row['username'] . '</td><td>' . $this->decode($row['realname'], $row['salt'])
. '</td><td>' . $this->decode($row['email'], $row['salt']) . '</td>'
. '<td><button type="submit" name="action" value="activate:' . $row['username'] . '">Aktivieren</button>'
. '<button type="submit" name="action" value="delete:' . $row['username'] . '">Löschen</button></td></tr>';
}
$content .= '</tbody>';
$this->content['inactive_accounts'] = $content;
}
private function renderActiveUsers(): void {
$result = mysqli_query($this->dbConnection, 'SELECT * FROM user WHERE active=1');
$content = '<tbody>';
while ($row = mysqli_fetch_assoc($result)) {
$content .= '<tr><td>' . $row['username'] . '</td><td>' . $this->decode($row['realname'], $row['salt'])
. '</td><td>' . $this->decode($row['email'], $row['salt']) . '</td>'
. '<td><button type="submit" name="action" value="delete:' . $row['username'] . '">Löschen</button></td></tr>';
}
$content .= '</tbody>';
$this->content['active_accounts'] = $content;
}
protected function formAction(): void {
$actionParams = explode(':', trim(filter_input(INPUT_POST, 'action', FILTER_SANITIZE_STRING)));
switch ($actionParams[0]) {
case 'activate':
$this->activateAccount($actionParams[1]);
break;
case 'delete':
$this->deleteAccount($actionParams[1]);
break;
default:
break;
}
}
private function activateAccount(string $accountName): void {
$emailTo = 'Vorstand Förderverein AJS <foerderverein-ajs@gmx.de>';
mysqli_begin_transaction($this->dbConnection);
mysqli_query($this->dbConnection, sprintf('UPDATE `user` SET `active`=1 WHERE `username`="%s"', $accountName));
mysqli_commit($this->dbConnection);
$result = mysqli_query($this->dbConnection, 'SELECT * FROM user WHERE `username` = lower("' . trim(filter_input(INPUT_POST, 'username', FILTER_SANITIZE_ADD_SLASHES)) . '")');
$user = mysqli_fetch_assoc($result);
$message = 'Dein Account "' . $accountName . '" wurde aktiviert.';
$headers = 'From: ' . $emailTo . "\r\n" .
'Reply-To: ' . $emailTo . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($user['email'], 'Zugang zu internem Bereich beantragt', $message, $headers);
header('Location: accounts', true, 301);
die();
}
private function deleteAccount(string $accountName): void {
$emailTo = 'Vorstand Förderverein AJS <foerderverein-ajs@gmx.de>';
$result = mysqli_query($this->dbConnection, 'SELECT * FROM user WHERE `username` = lower("' . trim(filter_input(INPUT_POST, 'username', FILTER_SANITIZE_ADD_SLASHES)) . '")');
$user = mysqli_fetch_assoc($result);
mysqli_begin_transaction($this->dbConnection);
mysqli_query($this->dbConnection, sprintf('UPDATE `user` SET `active`=-1 WHERE `username`="%s"', $accountName));
mysqli_commit($this->dbConnection);
$message = 'Der Account "' . $accountName . '" wurde als gelöscht markiert.';
$headers = 'From: ' . $emailTo . "\r\n" .
'Reply-To: ' . $emailTo . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($user['email'], 'Zugang zu internem Bereich beantragt', $message, $headers);
header('Location: accounts', true, 301);
die();
}
}