Umfragen
admin.php
Go to the documentation of this file.
1 <?php
2 /*
3  * backend/admin.php
4  *
5  * Copyright 2012 Johannes <jojo@jojo-42>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
20  * MA 02110-1301, USA.
21  *
22  *
23  */
24 
25 
26 require_once("../config.php");
27 require_once(DOCUMENT_ROOT."/inc/user.class.php");
28 require_once(DOCUMENT_ROOT."/inc/tools.php");
29 
30 require_once(DOCUMENT_ROOT."/inc/db.class.php");
31 require_once(DOCUMENT_ROOT."/inc/config.class.php");
32 require_once(DOCUMENT_ROOT."/inc/auth.class.php");
33 
34 require_once(DOCUMENT_ROOT."/inc/poll.class.php");
35 require_once(DOCUMENT_ROOT."/inc/html.class.php");
36 require_once(DOCUMENT_ROOT."/inc/messages.class.php");
37 
38 // SESSION
39 make_session();
40 
41 $is_super_admin = false;
42 $action = "";
43 
44 function check_db_connection(){
45  try {
46  $dbh = new PDO("mysql:dbname=".DB_DATABASE.";host=".DB_HOST, DB_USER, DB_PASS,
47  array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"));
48  return true;
49  } catch (PDOException $e) {
50  return false;
51  }
52 }
53 
54 function display_db_tables($db){
55  $dbs = $db->check_tables();
56  $desc = array("umfragen" => "enthält alle Umfragen, sowie deren Einstellungen und Status",
57  "user_config" => "enthält Profileinstellungen der Benutzer",
58  "config" => "enthält Einstellungen der Software",
59  "email_stack" => "enthält eine Liste von Emails, die abzusenden sind.");
60  echo "<table style='border-collapse:collapse;border-top:1px solid #E6E6E6;'>";
61  foreach( array_keys($dbs) as $name ){
62  echo "<tr style='border-bottom:1px solid #E6E6E6;'>";
63  echo "<th style='text-align:right;padding:.2em 1em .2em 0em;'>$name</th>";
64  if( $dbs[$name] === true ){
65  echo "<td style='background-color:#C7FF3E;padding:.2em .4em'>Gefunden</td>";
66  echo "<td></td>";
67  }else{
68  echo "<td style='background-color:#FF3E41;padding:.2em .4em'>Fehlt!</td>";
69  echo "<td style='padding:.2em 0em .2em 1em'> <a href='".$_SERVER['SCRIPT_NAME']."?make_db=$name'>erstellen</a></td>";
70  }
71  echo "<td style='padding-left:1em;'>{$desc[$name]}</td>";
72  echo "</tr>";
73  }
74  echo "</table>";
75 
76 }
77 
78 function check_all_tables_present($db){
79  $tables_present = $db->check_tables();
80  $all_tables_present = true;
81  foreach( $tables_present as $table ){
82  if( $table == false ){
83  $all_tables_present = false;
84  }
85  }
86  return $all_tables_present;
87 }
88 
89 $super_admins = explode(",",SUPER_ADMIN);
90 if( ($_SESSION["user"]->is_auth == true) AND (in_array( $_SESSION["user"]->ID ,$super_admins)) ){
91 
92 }else{
93  header("Location: ../login.php");
94  exit();
95 }
96 
97 
98 // PURGE
99 //-------------------------------------
100 if( (isset($_GET["purge"])) AND ($_GET["purge"] != "") AND (is_numeric($_GET["purge"])) ){
101  $action = "purge_confirm";
102  $purge_ID = intval($_GET["purge"]);
103  if( (isset($_POST["purge_poll_confirm"])) AND ($_POST["purge_poll_confirm"] != "") ){
104  $action = "purge";
105  }
106 
107 // MULTIPLE PURGE
108 //-------------------------------------
109 }else if( (isset($_POST["purge_selected"])) AND (isset($_POST["selection"])) AND (is_array($_POST["selection"]) ) ){
110  $action = "purge_confirm_selection";
111  $purge_IDs = array();
112  $keys = array_keys($_POST["selection"]);
113  foreach( $keys as $ID ){
114  $purge_IDs[] = intval($ID);
115  }
116 
117  if( (isset($_POST["purge_poll_confirm_selection"])) AND ($_POST["purge_poll_confirm_selection"] != "") ){
118  $action = "purge_selection";
119  }
120 
121 // RESTORE
122 //-------------------------------------
123 }else if( (isset($_GET["restore"])) AND ($_GET["restore"] != "") AND (is_numeric($_GET["restore"])) ){
124  $action = "restore_confirm";
125  $restore_ID = intval($_GET["restore"]);
126  if( (isset($_POST["restore_poll_confirm"])) AND ($_POST["restore_poll_confirm"] != "") ){
127  $action = "restore";
128  }
129 
130 // MULTIPLE RESTORE
131 //-------------------------------------
132 }else if( (isset($_POST["restore_selected"])) AND (isset($_POST["selection"])) AND (is_array($_POST["selection"]) ) ){
133  $action = "restore_confirm_selection";
134  $restore_IDs = array();
135  $keys = array_keys($_POST["selection"]);
136  foreach( $keys as $ID ){
137  $restore_IDs[] = intval($ID);
138  }
139 
140  if( (isset($_POST["restore_poll_confirm_selection"])) AND ($_POST["restore_poll_confirm_selection"] != "") ){
141  $action = "restore_selection";
142  }
143 
144 // CREATE DB TABLES
145 //-------------------------------------
146 }else if( (isset($_GET["make_db"])) AND (in_array($_GET["make_db"],array("umfragen","user_config","config","email_stack"))) ){
147  $action = "make db table";
148  $name = $_GET["make_db"];
149 }
150 
151 
152 if( check_db_connection() === false){
153  die( "Konnte keine Verbindung zur Datenbank aufbauen. Bitte Einstellungen in config.php und Datenbankrechte prüfen." );
154 }
155 
156 
157 $db= new db( DB_USER, DB_PASS, DB_DATABASE, DB_HOST );
158 $config = new config($db);
159 $config->load();
160 
161 $messages = new messageHandler();
162 $au = make_auth_object();
163 
164 $all_tables_present = check_all_tables_present($db);
165 
166 // override action and force create db tables
167 if( ($all_tables_present === false) AND ($action != "make db table") ){
168  $action = "init db";
169 }
170 
171 // when not all db tables are present, do nothing
172 if( $action != "init db" ){
173  // PURGE !!
174  //-------------------------------------
175  if($action == "purge"){
176  $db->drop_poll($purge_ID);
177  $db->drop_poll_results($purge_ID);
178  $db->delete_poll($purge_ID);
179  header("Location: admin.php");
180  exit();
181 
182  // MULTIPLE PURGE !!
183  //-------------------------------------
184  }else if($action == "purge_selection"){
185  foreach($purge_IDs as $purge_ID){
186  $db->drop_poll($purge_ID);
187  $db->drop_poll_results($purge_ID);
188  $db->delete_poll($purge_ID);
189  }
190  header("Location: admin.php");
191  exit();
192 
193  // RESTORE !!
194  //-------------------------------------
195  } else if($action == "restore"){
196  $db->update_poll_field($restore_ID,"status",STATUS_USER_DEACTIVATED);
197  header("Location: admin.php");
198  exit();
199 
200  // MULTIPLE RESTORE !!
201  //-------------------------------------
202  }else if($action == "restore_selection"){
203  foreach($restore_IDs as $restore_ID){
204  $db->update_poll_field($restore_ID,"status",STATUS_USER_DEACTIVATED);
205  }
206  header("Location: admin.php");
207  exit();
208 
209  }
210 }
211 
212 // MAKE DB TABLE
213 //-------------------------------------
214 if($action == "make db table"){
215  if( $name == "umfragen" ){
216  $db->make_umfragen_table();
217  }else if ($name == "user_config"){
218  $db->make_user_config_table();
219  }else if ($name == "config"){
220  $db->make_config_table();
221  }else if($name == "email_stack"){
222  $db->make_email_stack_table();
223  }
224  header("Location: admin.php");
225  exit();
226 }
227 
228 
229 
230 HTML::doctype();
231 HTML::head("",1); // extra header section , level of deepness for relative paths
232 HTML::menu();
233 
234 $messages->display_messages();
235 $messages->del_all_messages();
236 
237 
238 if( $action != "init db" ){
239  $poll_list_del = $db->get_all_polls_array_from_status( STATUS_DELETED );
240 }
241 // CREATE DATABASE TABLES
242 //-------------------------------------
243 if( $action == "init db" ){
244  echo "<p>Folgende Tabellen <b>müssen</b> existieren und durch die Software selbst angelegt werden. Bitte fehlende Tabellen erstellen (Link)</p>";
245  display_db_tables($db);
246 // CONFIRM PURGE
247 //-------------------------------------
248 }else if($action == "purge_confirm"){
249  $poll_purge = array("ID"=>$purge_ID);
250  foreach($poll_list_del as $p){
251  if($p["ID"] == $purge_ID){
252  $poll_purge = $p;
253  }
254  }
255  if (isset($poll_purge["name"])){
256  print_warning("Umfrage <b>{$poll_purge["name"]}</b> mit der ID <b>{$poll_purge["ID"]}</b> wirklich <b>endgültig</b> mit <b>allen Daten</b> löschen?");
257  }else{
258  print_warning("Umfrage mit der ID <b>{$poll->ID}</b> wirklich <b>endgültig</b> mit <b>allen Daten</b> löschen?");
259  }
260  echo "<form method='POST' action=''>";
261  echo "<input type='submit' name='purge_poll_confirm' value='Ja, wirklich' />";
262  echo "</form>";
263 
264 
265 // CONFIRM MULTIPE PURGE
266 //-------------------------------------
267 }else if($action == "purge_confirm_selection"){
268  $poll_purge = array();
269  foreach($poll_list_del as $p){
270  if( in_array($p["ID"], $purge_IDs) ){
271  $poll_purge[] = $p;
272  }
273  }
274 
275  $text = "Folgende Umfragen unwiederruflich mit <b>allen Daten</b> löschen? <ul>";
276  foreach($poll_purge as $p){
277  if (isset($p["name"])){
278  $text = $text."<li><b>{$p["name"]}</b> mit der ID <b>{$p["ID"]}</b></li>
279  <input type='hidden' name='selection[{$p["ID"]}]' value='ok'/>";
280  }else{
281  $text = $text."<li>mit der ID <b>{$p["ID"]}</b>
282  <input type='hidden' name='selection[{$p["ID"]}]' value='ok'/> </li>";
283  }
284  }
285  $text = $text."</ul>";
286 
287  echo "<form method='POST' action=''>";
288  print_warning($text);
289  echo "<input type='hidden' name='purge_selected' value='true' />";
290  echo "<input type='submit' name='purge_poll_confirm_selection' value='Ja, wirklich' />";
291  echo "</form>";
292 
293 
294 // CONFIRM RESTORE
295 //-------------------------------------
296 }else if($action == "restore_confirm"){
297  $poll_restore = array("ID"=>$restore_ID);
298  foreach($poll_list_del as $p){
299  if($p["ID"] == $restore_ID){
300  $poll_restore = $p;
301  }
302  }
303  if (isset($poll_restore["name"])){
304  print_warning("Umfrage <b>{$poll_restore["name"]}</b> mit der ID <b>{$poll_restore["ID"]}</b> wirklich wiederherstellen?");
305  }else{
306  print_warning("Umfrage mit der ID <b>{$restore_ID}</b> wirklich wiederherstellen?");
307  }
308  echo "<form method='POST' action=''>";
309  echo "<input type='submit' name='restore_poll_confirm' value='Ja, wirklich' />";
310  echo "</form>";
311 
312 
313 // CONFIRM MULTIPE RESTORE
314 //-------------------------------------
315 }else if($action == "restore_confirm_selection"){
316  $poll_restore = array();
317  foreach($poll_list_del as $p){
318  if( in_array($p["ID"], $restore_IDs) ){
319  $poll_restore[] = $p;
320  }
321  }
322 
323  $text = "Folgende Umfragen wiederherstellen? <ul>";
324  foreach($poll_restore as $p){
325  if (isset($p["name"])){
326  $text = $text."<li><b>{$p["name"]}</b> mit der ID <b>{$p["ID"]}</b></li>
327  <input type='hidden' name='selection[{$p["ID"]}]' value='ok'/>";
328  }else{
329  $text = $text."<li>mit der ID <b>{$p["ID"]}</b>
330  <input type='hidden' name='selection[{$p["ID"]}]' value='ok'/> </li>";
331  }
332  }
333  $text = $text."</ul>";
334 
335  echo "<form method='POST' action=''>";
336  print_warning($text);
337  echo "<input type='hidden' name='restore_selected' value='true' />";
338  echo "<input type='submit' name='restore_poll_confirm_selection' value='Ja, wirklich' />";
339  echo "</form>";
340 
341 // INDEX PAGE
342 //-------------------------------------
343 }else{
344  echo "<h2>Gelöschte Umfragen</h2>";
345  echo "<div class='admin_container'>";
346  if (sizeof($poll_list_del) >0){
347  echo "<form action='' method='POST'>";
348  echo "<table class='table_1'> ";
349  echo "<tr> <th></th> <th>ID</th> <th>Name</th> <th>Von</th> <th>edit</th> </tr>";
350  $i=0;
351  foreach($poll_list_del as $poll){
352  $r = $i%2;
353  echo "<tr class='line$r'>";
354  echo "<td><input type='checkbox' name='selection[{$poll["ID"]}]' /></td>";
355  echo "<td>{$poll["ID"]}</td>";
356  echo "<td>{$poll["name"]}</td>";
357  echo "<td>{$poll["owner_fn"]}</td>";;
358  echo "<td>
359  <a href='admin.php?purge={$poll["ID"]}'><img src='".APP_ROOT."/icons/22/list-remove.png' alt='delete' title='Löschen'/></a>
360  <a href='admin.php?restore={$poll["ID"]}'><img src='".APP_ROOT."/icons/22/list-add.png' alt='restore' title='wiederherstellen'/></a>
361  </td>";
362  echo "</tr>";
363  ++$i;
364  }
365  echo "</table>";
366  echo "<br/> Selektierte Umfragen: <input type='submit' name='purge_selected' value='löschen!' />
367  <input type='submit' name='restore_selected' value='wiederherstellen' style='margin-left:2em'/>";
368  echo "</form>";
369  }else{
370  echo "<p>Es sind keine Umfragen im Papierkorb.</p>";
371  }
372 
373  echo "</div>";
374  echo "<h2>Datenbank</h2>";
375  echo "<div class='admin_container'>";
376  echo "<p>Folgende Tabellen werden von der Software benötigt. Fehlende Tabellen bitte erstellen.</p>";
377  display_db_tables($db);
378  echo "</div>";
379 
380 
381  echo "<h2>Konfiguration</h2>";
382  echo "<div class='admin_container'>";
383  echo "<p> <a href='config.php'>Weiter zu den Einstellungen</a> </p>";
384  echo "</div>";
385 
386 
387 }
388 
389 
390 
391 HTML::FOOT();
392 
393 ?>