Verze s uzivateli a kolarnami.
authorLadislav Láska <laska@kam.mff.cuni.cz>
Sun, 6 Mar 2011 20:29:32 +0000 (21:29 +0100)
committerLadislav Láska <laska@kam.mff.cuni.cz>
Sun, 6 Mar 2011 20:29:32 +0000 (21:29 +0100)
42 files changed:
Makefile [new file with mode: 0644]
classes/auth.php [new file with mode: 0644]
classes/bikeroom.php [new file with mode: 0644]
classes/database.php [new file with mode: 0644]
classes/href.php [new file with mode: 0644]
classes/msgbox.php [new file with mode: 0644]
classes/room.php [new file with mode: 0644]
config.php [new file with mode: 0644]
controllers/bikeroom.php [new file with mode: 0644]
controllers/bikeroom_manage.php [new file with mode: 0644]
controllers/bikerooms.php [new file with mode: 0644]
controllers/error.php [new file with mode: 0644]
controllers/login.php [new file with mode: 0644]
controllers/logout.php [new file with mode: 0644]
controllers/newbikeroom.php [new file with mode: 0644]
controllers/register.php [new file with mode: 0644]
controllers/useredt.php [new file with mode: 0644]
controllers/usermod.php [new file with mode: 0644]
index.php [new file with mode: 0644]
sql/database.sql [new file with mode: 0644]
style.css [new file with mode: 0644]
template/Makefile [new file with mode: 0644]
template/bikeroom_manage.php [new file with mode: 0644]
template/bikerooms_adminlist.php [new file with mode: 0644]
template/bikerooms_head.php [new file with mode: 0644]
template/bikerooms_list.css [new file with mode: 0644]
template/bikerooms_list.php [new file with mode: 0644]
template/fmaker.inc [new file with mode: 0644]
template/foot.php [new file with mode: 0644]
template/head.php [new file with mode: 0644]
template/index.php [new file with mode: 0644]
template/login.php [new file with mode: 0644]
template/main.css [new file with mode: 0644]
template/msgbox.css [new file with mode: 0644]
template/msgbox.php [new file with mode: 0644]
template/newbikeroom.php [new file with mode: 0644]
template/register.css [new file with mode: 0644]
template/register.php [new file with mode: 0644]
template/useredt.php [new file with mode: 0644]
template/usermod.css [new file with mode: 0644]
template/usermod.php [new file with mode: 0644]
tools/lang.php [new file with mode: 0644]

diff --git a/Makefile b/Makefile
new file mode 100644 (file)
index 0000000..2110659
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,2 @@
+all:
+       make -C template
diff --git a/classes/auth.php b/classes/auth.php
new file mode 100644 (file)
index 0000000..c62461d
--- /dev/null
@@ -0,0 +1,153 @@
+<?php
+
+require_once "database.php";
+require_once "room.php";
+
+define("P_USERMOD", 2);
+define("P_ADMIN", 2);
+define("P_GROUNDSMAN", 1);
+
+class User {
+       private $data = array('login' => 'Anonymous', 'privileges' => -1, 'id' => -1);
+       private $newpass = false;
+       public $lastErrorMessage;
+
+       public function __construct( $login = null, $passwd = null) {
+               if (is_null($login)) return;
+               if (!is_null($passwd)) $AND = " AND `password` = SHA1(?)"; else $AND = "";
+               $query = DB::query("SELECT * FROM `users` WHERE LOWER(`login`) = LOWER(?) $AND;");
+               $query->set(0, $login);
+               if (!is_null($passwd)) $query->set(1, $passwd);
+               $res = $query->commit();
+               if (mysql_num_rows($res)>0) $this->data = mysql_fetch_array($res);
+       }
+
+       private function setData($data) {
+               $this->data = $data;
+       }
+
+       public static function listAll($cond = null) {
+               /* Cond is not used! */
+               $query = DB::query("SELECT * FROM `users` ORDER BY login,name");
+               $res = $query->commit();
+               $array = array();
+               while ($row = mysql_fetch_array($res)) {
+                       $u = new User();
+                       $u->setData($row);
+                       $array[] = $u;
+               }
+               return $array;
+       }
+
+       public function has_privileges( $min = 0 ) {
+               return ($this->data['privileges'] >= $min);
+       }
+       
+       public function update() {
+               if ($this->id == -1) {
+                       /* New user */
+                       $query = DB::query("INSERT INTO `users` SET `login` = ?, `name` = ?, `room` = ?, `email` = ?, `phone` = ?, `password` = SHA1(?), `privileges` = 0;", 
+                               array($this->login, $this->name, $this->room, $this->email, $this->phone, $this->password));
+                       if ($query->commit()) {
+                               $this->data['id'] = $query->lastId();
+                               $this->data['privileges'] = 0;
+                       } else die("SQL query died in User::update.");
+               } else {
+                       /* Update */
+                       $query = DB::query("UPDATE `users` SET `login` = ?, `name` = ?, `room` = ?, `email` = ?, `phone` = ?, `privileges` = ? WHERE `id` = ?",
+                               array($this->login, $this->name, $this->room, $this->email, $this->phone, $this->privileges, $this->id) );
+                       $query->commit() or die("SQL query died in User::update.");
+                       if ($this->newpass) {
+                               $query = DB::query("UPDATE `users` SET `password` = SHA1(?) WHERE `id` = ?;",
+                                       array($this->password, $this->id));
+                               $query->commit() or die("SQL query died in User::update.");
+                       }
+               }
+               
+               return true;
+       }
+
+       public function delete() {
+               $query = DB::query("DELETE FROM `users` WHERE `id` = ?", array($this->id));
+               $query->commit() or die("SQL query died in User::delete.");
+       }
+
+       public function __get( $name ) {
+               return $this->data[$name];
+       }
+
+       public function setLogin($value) {
+               $tu = new User($value);
+               if ($tu->id == -1)
+                       { $this->data['login'] = $value; return true; }
+               else { $this->lastErrorMessage = tr("Takový uživatel již existuje."); return false; }
+       }
+
+       public function setPassword($value) {
+               if (strlen($value) >= 6) 
+                       { $this->data['password'] = $value; $this->newpass = true; return true; }
+               else { $this->lastErrorMessage = tr("Heslo musí mít alespoň 6 znaků."); return false; }
+       }
+
+       public function setName($value) {
+               if ((strlen($value) >= 0) && (!(strpos($value, " ") === FALSE))) 
+                       { $this->data['name'] = $value; return true; }
+               else { $this->lastErrorMessage = tr("Použite prosím své celé jméno."); return false; }
+       }
+
+       public function setRoom($value) {
+               if (validate_room($value)) 
+                       { $this->data['room'] = $value; return true; }
+               else { $this->lastErrorMessage = tr("Neplatné číslo pokoje."); return false; }
+       }
+
+       public function setEmail($value) {
+               if (preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $value))
+                       { $this->data['email'] = $value; return true; }
+               else { $this->lastErrorMessage = tr("Neplatná emailová adresa."); return false; }
+       }
+       
+       public function setPhone($value) {
+               if (preg_match('/^(\+[0-9]{3})?[0-9 ]{8,}$/', $value)) 
+                       { $this->data['phone'] = $value; return true; }
+               else { $this->lastErrorMessage = tr("Neplatné telefonní číslo."); return false; }
+       }
+}
+
+class Auth {
+       public $user = null;
+
+       public function __construct() {
+               /* Initialize session */
+               session_start();
+               if (!isset($_SESSION['user'])) { $_SESSION['user'] = null; }
+               if ($_SESSION['user'] != null) $this->login();
+       }
+
+       public function login($user = null, $passwd = null) {
+               if (is_null($user)) {
+                       /* Login thru session */
+                       $user = $_SESSION['user'];
+               }
+               $this->user = new User($user);
+               if ($this->verify()) {
+                       $_SESSION['user'] = $this->user->login;
+               }
+               return true;
+       }
+
+       public function verify($priv = 0) {
+               if ($this->user == null) login();
+               return $this->user->has_privileges($priv);
+       }
+
+       public function logout() {
+               $_SESSION['user'] = $_SESSION['pass'] = $_SESSION['userID'] = null;
+       }
+
+       public function __get( $name ) {
+               return $this->user->$name;
+       }
+}
+
+?>
diff --git a/classes/bikeroom.php b/classes/bikeroom.php
new file mode 100644 (file)
index 0000000..6efa719
--- /dev/null
@@ -0,0 +1,104 @@
+<?php
+
+require_once "database.php";
+
+class Bikeroom {
+       private $data = array( 'id' => -1, 'floor' => -1, 'building' => '', 'space' => 0, 'groundsman' => 0);
+       public $lastErrorMessage;
+
+       public function __construct($name = null) {
+               if (is_null($name)) return;
+               $query = DB::query(
+                       "SELECT 
+                               `bikerooms`.*, 
+                               CONCAT(UPPER(building),floor) AS `name`, 
+                               `users`.`name` AS `groundsmanName`, 
+                               (`space` - (SELECT COUNT(*) FROM `bikes` WHERE `bikeroom` = `bikerooms`.`id`)) AS `freeSpace`
+                       FROM `bikerooms` 
+                       LEFT JOIN `users` ON (`users`.`id` = `bikerooms`.`groundsman`)
+                       WHERE CONCAT(UPPER(building),floor) = UPPER(?)", array($name));
+               $res = $query->commit();
+               if (mysql_num_rows($res)>0) $this->data = mysql_fetch_array($res);
+       }
+
+       public function update() {
+               if ($this->id == -1) {
+                       /* New bikeroom */
+                       $query = DB::query("INSERT INTO `bikerooms` (`building`, `floor`, `space`, `groundsman`) VALUES (?,?,?,?);",
+                       array($this->building, $this->floor, $this->space, $this->groundsman));
+                       if (!$query->commit()) return false;
+                       $this->data['id'] = $query->lastId();
+               } else {
+                       $query = DB::query("UPDATE `bikerooms` SET `building` = ?, `floor` = ?, `space` = ?, `groundsman` = ? WHERE `id` = ?;",
+                               array($this->building, $this->floor, $this->space, $this->groundsman, $this->id));
+                       if (!$query->commit()) return false;
+               }
+               return true;
+       }
+
+       public static function listAll() {
+               $query = DB::query("SELECT CONCAT(UPPER(building),floor) AS `name` FROM `bikerooms` ORDER BY `building` ASC,`floor`ASC;");
+               $res = $query->commit();
+               $array = array();
+               while ($row = mysql_fetch_array($res))
+                       $array[] = new Bikeroom($row['name']);
+               return $array;
+       }
+
+       public function setData($data) {
+               $this->data = $data;
+               return true;
+       }
+
+       public function delete() {
+               $query = DB::query("DELETE FROM `bikerooms` WHERE `id` = ?", array($this->id));
+               $query->commit() or die("SQL query died in Bikeroom::delete.");
+       }
+
+       public function setName($value) {
+               if ($value == $this->name) return true;
+               if (preg_match('/^([abAB])([0-9]{1,2})$/',$value,$matches)) {
+                       $b = new Bikeroom($value);
+                       if ($b->id >= 0) {
+                               $this->lastErrorMessage = tr("Kolárna takového jména již existuje!");
+                               return false;
+                       } else return $this->setFloor($matches[2]) && $this->setBuilding($matches[1]);
+               } else {
+                       $this->lastErrorMessage = tr("Neplané jméno.");
+                       return false;
+               }
+               return true;
+       }
+
+       public function setSpace($value) {
+               if (preg_match('/^[0-9]+$/', $value))
+                       $this->data['space'] = $value;
+               else {
+                       $this->lastErrorMessage = tr("Počet míst musí být číselná hodnota!");
+                       return false;
+               }
+               return true;
+       }
+
+       public function setGroundsman($value) {
+               if (is_object($value)) {
+                       $this->groundsman = $value->id;
+               } else $this->groundsman = $value;
+               return true;
+       }
+
+       public function setFloor($value) {
+               if ($value > 0) $this->data['floor'] = $value;
+               else return false;
+               return true;
+       }
+
+       public function setBuilding($value) {
+               $this->data['building'] = $value;
+               return true;
+       }
+       
+       public function __get( $name ) {
+               return $this->data[$name];
+       }
+}
diff --git a/classes/database.php b/classes/database.php
new file mode 100644 (file)
index 0000000..5aac4f8
--- /dev/null
@@ -0,0 +1,84 @@
+<?php
+
+require_once "config.php";
+
+
+class Query {
+       private $handle;
+       public $string;
+       private $args;
+
+       public function __construct($string, $handle) {
+               $this->handle = $handle;
+               $this->string = $string;
+       }
+
+       public function set($pos, $val) {
+               if (debug && isset($this->args[$pos])) die("Setting already defined argument.");
+               $this->args[$pos] = mysql_real_escape_string($val);
+       }
+
+       public function commit() {
+               $string = $this->string;
+               $args = $this->args;
+               $out = "";
+               $ap = 0;
+               $k = 0;
+               for ($i = 0; $i < strlen($string); $i++) {
+                       if ($string[$i] == "'") $ap = ($ap + 1) % 2;
+                       if (($ap == 0) && ($string[$i] == '?')) {
+                               if (isset($args[$k]))
+                                       $out .= "'".$args[$k]."'";
+                               else { 
+                                       $space="";
+                                       for (; $i > 0; $i--) $space.="_";
+                                       die("<pre>".tr("Commited query with empty argument.").
+                                       "\n    Query: ".$string.
+                                       "\n    _______$space^".
+                                       "\n    Argument missing: $k\n"."</pre>");
+                               }
+                               $k++;
+                       } else $out .= $string[$i];
+               }
+               $res = mysql_query($out, $this->handle);
+               if ($res) return $res;
+               die("<pre>\n".tr("MySQL failed with error:").
+                       "\n     ".mysql_error($this->handle).
+                       "\nTemplate was:".
+                       "\n     ".$this->string.
+                       "\nQuery was:".
+                       "\n     ".$out."\n</pre>\n");
+       }
+
+       public function lastId() {
+               return mysql_insert_id($this->handle);
+       }
+}
+
+class DB {
+       static $handle = null;
+       public static function handle() {
+               if (self::$handle) return self::$handle;
+               
+               global $conf;
+
+               self::$handle = mysql_connect($conf['mysql_server'], $conf['mysql_user'], 
+                       $conf['mysql_password']) or die(tr("Database connection died.")."\n".mysql_error());
+
+               mysql_select_db($conf['mysql_database'], self::$handle);
+
+               return self::$handle;
+       }
+
+       public static function query($string, $vars = null) {
+               $query = new Query($string, DB::handle());
+               if ($vars)
+               foreach ($vars as $key => $value) {
+                       $query->set($key, $value);
+               }
+               return $query;
+       }
+
+}
+
+?>
diff --git a/classes/href.php b/classes/href.php
new file mode 100644 (file)
index 0000000..6e401e2
--- /dev/null
@@ -0,0 +1,27 @@
+<?php
+
+require_once "config.php";
+
+function href($url, $name) {
+       global $conf;
+       if (preg_match('/^http:\/\//', $url)) {
+               $uri = $url;
+       } else {
+               $uri = $conf['http_base']."?page=$url";
+       }
+       return "<a href=\"$uri\">$name</a>";
+}
+
+function redir($url = "index") {
+       global $conf;
+       if (preg_match('/^http:\/\//', $url)) {
+               $uri = $url;
+       } else {
+               $uri = $conf['http_base']."?page=$url";
+       }
+       ob_clean();
+       header("Location: $uri");
+       die();
+}
+
+?>
diff --git a/classes/msgbox.php b/classes/msgbox.php
new file mode 100644 (file)
index 0000000..5f4c95d
--- /dev/null
@@ -0,0 +1,11 @@
+<?php
+function box_succ($message = "OK.") {
+       $color = "green";
+       include "template/msgbox.php";
+}
+
+function box_fail($message = "Failed.") {
+       $color = "red";
+       include "template/msgbox.php";
+}
+?>
diff --git a/classes/room.php b/classes/room.php
new file mode 100644 (file)
index 0000000..ab8f38e
--- /dev/null
@@ -0,0 +1,20 @@
+<?php
+
+function room_number($room) { return substr($room, -2); }
+function room_floor($room) { return substr($room, 1, -2); }
+function room_building($room) { return strtoupper(substr($room, 0, 1)); }
+function room_parse($room) { return array(room_building($room), room_floor($room), room_number($room)); }
+
+function validate_room($room) {
+       list($building, $floor, $number) = room_parse($room);
+       if ($building == 'A') {
+               if (($floor >= 1) && ($floor <= 20) && ($number >= 1) && ($number <= 24)) return true;
+               else return false;
+       } else if ($building == 'B') {
+               if (($floor >= 1) && ($floor <= 16) && ($number >= 1) && ($number <= 16)) return true;
+               else return false;
+       } else return false;
+       print "tralala";
+}
+
+?>
diff --git a/config.php b/config.php
new file mode 100644 (file)
index 0000000..c58e71f
--- /dev/null
@@ -0,0 +1,18 @@
+<?php
+
+define("debug", true);
+
+set_include_path("./classes" . PATH_SEPARATOR . get_include_path());
+
+$conf['mysql_server'] = "localhost";
+$conf['mysql_user'] = "kolarny_krakonos";
+$conf['mysql_password'] = "aicoocoong";
+$conf['mysql_database'] = "kolarny_krakonos_org";
+
+$conf['http_base'] = "http://kolarny.krakonos.org/";
+
+
+require_once "tools/lang.php";
+
+
+?>
diff --git a/controllers/bikeroom.php b/controllers/bikeroom.php
new file mode 100644 (file)
index 0000000..f4dc34c
--- /dev/null
@@ -0,0 +1,12 @@
+<?php
+require_once "bikeroom.php";
+require_once "href.php";
+if (isset($_GET['del'])) {
+       if (!$auth->verify(P_ADMIN)) redir(403);
+       $b = new Bikeroom($_GET['del']);
+       $b->delete();
+       redir("bikerooms");
+} else if (isset($_GET['name'])) {
+       include "bikeroom_manage.php";
+}
+?>
diff --git a/controllers/bikeroom_manage.php b/controllers/bikeroom_manage.php
new file mode 100644 (file)
index 0000000..d2bb7cf
--- /dev/null
@@ -0,0 +1,25 @@
+<?php
+require_once "msgbox.php";
+$b = new Bikeroom($_GET['name']);
+
+if ($auth->verify(P_ADMIN)) {
+/* Tohle smi jenom administrator */
+if (isset($_POST['name'])) {
+       $formok = true;
+       if (!$b->setName($_POST['name'])) { $formok = false; $formmsg['name'] = $b->lastErrorMessage; }
+       if (!$b->setSpace($_POST['space'])) { $formok = false; $formmsg['space'] = $b->lastErrorMessage; }
+       if (!$b->setGroundsman($_POST['groundsman'])) { $formok = false; $formmsg['groundsman'] = $b->lastErrorMessage; }
+       if ($formok) {
+               $b->update() or die("Kolárnu nelze založit!");
+               box_succ(tr("Data kolárny byla uložena."));
+       }
+}
+
+$datamine = $b;
+include "template/bikeroom_manage.php";
+}
+
+if ($auth->verify(P_GROUNDSMAN)) {
+/* Tohle smí i s právce kolárny */
+}
+?>
diff --git a/controllers/bikerooms.php b/controllers/bikerooms.php
new file mode 100644 (file)
index 0000000..46a9632
--- /dev/null
@@ -0,0 +1,10 @@
+<?php
+
+require_once "bikeroom.php";
+
+if ($auth->verify(P_ADMIN))
+include "template/bikerooms_adminlist.php";
+include "template/bikerooms_head.php";
+$bikerooms = Bikeroom::listAll();
+include "template/bikerooms_list.php";
+?>
diff --git a/controllers/error.php b/controllers/error.php
new file mode 100644 (file)
index 0000000..5818137
--- /dev/null
@@ -0,0 +1,7 @@
+<?php
+       $messages = array(
+               403 => tr("Permission denied."),
+               404 => tr("Page not found: $page.")
+       );
+?>
+<h1><?=$messages[$code]?></h1>
diff --git a/controllers/login.php b/controllers/login.php
new file mode 100644 (file)
index 0000000..037ddcb
--- /dev/null
@@ -0,0 +1,25 @@
+<?php
+
+require_once "msgbox.php";
+
+$showform = true;
+
+if (isset($_POST['login']) && isset($_POST['password'])) {
+       if ((strlen($_POST['login']) == 0) || (strlen($_POST['password']) == 0)) {
+               box_fail(tr("Vyplňte prosím přihlašovací jméno i heslo."));
+       } else {
+               $auth->login($_POST['login'], $_POST['password']);
+               if ($auth->verify()) {
+                       header("Location: /");
+                       box_succ(tr("Úspěch!"));
+                       $showform = false;
+               } else {
+                       box_fail(tr("Chybný login nebo heslo!"));
+               }
+       }
+}
+
+if ($showform) {
+       include "template/login.php";
+}
+?>
diff --git a/controllers/logout.php b/controllers/logout.php
new file mode 100644 (file)
index 0000000..a5ef527
--- /dev/null
@@ -0,0 +1,4 @@
+<?php
+       $auth->logout();
+       header("Location: /");
+?>
diff --git a/controllers/newbikeroom.php b/controllers/newbikeroom.php
new file mode 100644 (file)
index 0000000..e25f763
--- /dev/null
@@ -0,0 +1,22 @@
+<?php
+require_once "bikeroom.php";
+require_once "msgbox.php";
+
+if (!$auth->verify(P_ADMIN)) redir("403");
+
+if (isset($_POST['name'])) {
+       $formok = true;
+       $b = new Bikeroom();
+       if (!$b->setName($_POST['name'])) { $formok = false; $formmsg['name'] = $b->lastErrorMessage; }
+       if (!$b->setSpace($_POST['space'])) { $formok = false; $formmsg['space'] = $b->lastErrorMessage; }
+       if (!$b->setGroundsman($_POST['groundsman'])) { $formok = false; $formmsg['groundsman'] = $b->lastErrorMessage; }
+       if ($formok) {
+               $b->update() or die("Kolárnu nelze založit!");
+       }
+}
+
+if (isset($formok) && $formok)
+       redir("bikerooms");
+else
+       include "template/newbikeroom.php";
+?>
diff --git a/controllers/register.php b/controllers/register.php
new file mode 100644 (file)
index 0000000..7a80a83
--- /dev/null
@@ -0,0 +1,32 @@
+<?php
+
+require_once "msgbox.php";
+require_once "auth.php";
+
+if ($auth->verify()) redir(); /* If user is logged in, don't allow registration! */
+
+if (isset($_POST['login'])) {
+       $formok = true;
+       /* User submited form! */
+       $nu = new User(null);
+       /* Check passwords */
+       if ($_POST['password'] != $_POST['password2']) {
+               $formok = false;
+               $formmsg['password2'] = tr("Hesla nejsou stejná!");
+       }
+       if (!$nu->setLogin($_POST['login'])) { $formok = false; $formmsg['login'] = $nu->lastErrorMessage; }
+       if (!$nu->setPassword($_POST['password']))      { $formok = false; $formmsg['password'] = $nu->lastErrorMessage; }
+       if (!$nu->setName($_POST['name'])) { $formok = false; $formmsg['name'] = $nu->lastErrorMessage; }
+       if (!$nu->setRoom($_POST['room'])) { $formok = false; $formmsg['room'] = $nu->lastErrorMessage; }
+       if (!$nu->setEmail($_POST['email'])) { $formok = false; $formmsg['email'] = $nu->lastErrorMessage; }
+       if (!$nu->setPhone($_POST['phone'])) { $formok = false; $formmsg['phone'] = $nu->lastErrorMessage; }
+       if ($formok) $nu->update() or die("User could not be created.");
+}
+
+if (!isset($formok) || (!$formok)) {
+       include "template/register.php";
+} else {
+       box_succ(tr("Registrace byla úspěšná, nyní se můžete přihlásit."));
+}
+
+?>
diff --git a/controllers/useredt.php b/controllers/useredt.php
new file mode 100644 (file)
index 0000000..cc76a36
--- /dev/null
@@ -0,0 +1,42 @@
+<?php
+
+require_once "msgbox.php";
+
+$user = null;
+
+if (($auth->verify(P_USERMOD)) && (isset($_GET['mod']))) {
+       $user = new User($_GET['mod']);
+} else if ($auth->verify() && (!isset($_GET['mod']))) {
+       $user = $auth->user;
+} else {
+       redir("403");
+}
+
+if (isset($_POST['name'])) {
+       $formok = true;
+       /* Check passwords */
+       if (strlen($_POST['password']) != 0) {
+               if ($_POST['password'] != $_POST['password2']) {
+                       $formok = false;
+                       $formmsg['password2'] = tr("Hesla nejsou stejná!");
+               }
+               if (!$user->setPassword($_POST['password'])) { $formok = false; $formmsg['password'] = $user->lastErrorMessage; }
+       }
+
+
+       if (!$user->setName($_POST['name'])) { $formok = false; $formmsg['name'] = $user->lastErrorMessage; }
+       if (!$user->setRoom($_POST['room'])) { $formok = false; $formmsg['room'] = $user->lastErrorMessage; }
+       if (!$user->setEmail($_POST['email'])) { $formok = false; $formmsg['email'] = $user->lastErrorMessage; }
+       if (!$user->setPhone($_POST['phone'])) { $formok = false; $formmsg['phone'] = $user->lastErrorMessage; }
+       if ($auth->verify(P_USERMOD)) {
+               $user->privileges = $_POST['privileges']; 
+       }
+       if ($formok) $user->update() or die("User could not be updated.");
+
+       if ($formok) box_succ("Data uživatele byla uložena.");
+}
+
+
+$datamine = $user;
+include "template/useredt.php";
+?>
diff --git a/controllers/usermod.php b/controllers/usermod.php
new file mode 100644 (file)
index 0000000..3fb7a09
--- /dev/null
@@ -0,0 +1,20 @@
+<?php
+       include "msgbox.php";
+
+       if (!$auth->verify(2)) die("Not authorized.");
+
+       if (isset($_GET['del'])) {
+               $u = new User($_GET['del']);
+               if ($u->has_privileges(0)) {
+                       $u->delete();
+                       box_succ(tr("Uživatel")." ".$u->login." ".tr("byl odstraněn."));
+               } else {
+                       box_fail(tr("Uživatel")." ".$_GET['del']." ".tr("neexistuje!"));
+               }
+       }
+
+       $users = User::listAll();
+
+       include "template/usermod.php";
+
+?>
diff --git a/index.php b/index.php
new file mode 100644 (file)
index 0000000..2bddafb
--- /dev/null
+++ b/index.php
@@ -0,0 +1,32 @@
+<?php
+ob_start();
+
+require_once "config.php";
+require_once "database.php";
+require_once "auth.php";
+require_once "href.php";
+
+$auth = new Auth();
+$auth->login(); /* Handle login thru session, if possible */
+
+if (!isset($_GET['page'])) $page = 'index';
+else $page = $_GET['page'];
+
+if (preg_match('/[a-zA-Z_0-9-]+/', $page)) {
+       
+       include "template/head.php";
+
+       if (file_exists("controllers/$page.php")) {
+               include "controllers/$page.php";
+       } else if (file_exists("template/$page.php")) {
+               include "template/$page.php";
+       } else {
+               if (preg_match('/[0-9]+/', $page)) $code = $page;
+               else $code = 404;
+               include "controllers/error.php";
+       }
+
+       include "template/foot.php";
+} else die("Invalid page format.");
+
+?>
diff --git a/sql/database.sql b/sql/database.sql
new file mode 100644 (file)
index 0000000..5c163e9
--- /dev/null
@@ -0,0 +1,37 @@
+CREATE TABLE `users` (
+       id int AUTO_INCREMENT,
+       login varchar(50),
+       password varchar(100),
+       name varchar(100),
+       room varchar(5),
+       email varchar(50),
+       phone varchar(25),
+       privileges tinyint,
+       PRIMARY KEY(id)
+);
+
+CREATE TABLE `bikerooms` (
+       id int AUTO_INCREMENT,
+       building varchar(10),
+       floor smallint,
+       space smallint,
+       groundsman int,
+       PRIMARY KEY(id)
+);
+
+CREATE TABLE `bikes` (
+       id int AUTO_INCREMENT,
+       user int,
+       bikeroom int,
+       description text,
+       PRIMARY KEY(id)
+);
+
+CREATE TABLE `keys` (
+       id int AUTO_INCREMENT,
+       user int,
+       bikeroom int,
+       `from` datetime,
+       `to` datetime,
+       PRIMARY KEY(id)
+);
diff --git a/style.css b/style.css
new file mode 100644 (file)
index 0000000..55b4b95
--- /dev/null
+++ b/style.css
@@ -0,0 +1,95 @@
+div.formerrbox {
+       font-weight: bold;
+       font-color: red;
+}
+table#bikeroomlist, table#bikeroomlist tr, table#bikeroomlist tr td, table#bikeroomlist tr th {
+       border-collapse: collapse;
+       border: 1px solid grey;
+}
+
+table#bikeroomlist tr td, table#bikeroomlist tr th {
+       padding: 2px 0.5em 2px 0.5em;
+}
+
+table#bikeroomlist td.full { color: red; }
+table#bikeroomlist td.free { color: green; }
+div.msgbox_outer {
+       text-align: center;
+}
+
+div.msgbox_inner {
+       padding: 0.5em 1em 0.5em 1em;
+       margin: 0 auto 0 auto;
+       width: 50%;
+       background-color: #e3e3e3;
+}
+
+div.msgbox_red {
+       border: 1px dashed red;
+}
+
+div.msgbox_green {
+       border: 1px dashed green;
+}
+div#head {
+       padding: 1em;
+       text-align: right;
+}
+
+div#menu {
+       padding: 5px;
+       border: 2px solid #eee;
+}
+
+div#menu .right {
+       text-align: right;
+       float:right;
+}
+
+div#menu .right a {
+       padding: 0 0.5em 0 0.5em;
+}
+
+div#menu .right a:hover {
+       background-color: #eee;
+}
+
+div#content {
+       padding: 5px;
+       background: #eee;
+       min-height: 400px;
+}
+
+.center {
+       text-align: center;
+}
+
+.centered{
+       margin: 0 auto 0 auto;
+}
+
+table.table_nostyle, table.table_nostyle tr, table.table_nostyle tr td {
+       border: 0;
+       text-align: left;
+}
+
+div.adminlist {
+       float: right;
+       width: 200px;
+       border: 1px solid black;
+       padding: 5px;
+       margin: 5px;
+}      
+
+h1 { font-size: 150%; }
+h2 { font-size: 130%; }
+h3 { font-size: 110%; }
+h4,h5,h6 { font-size: 100%; }
+table#userlist, table#userlist tr, table#userlist tr td, table#userlist tr th {
+       border-collapse: collapse;
+       border: 1px solid grey;
+}
+
+table#userlist tr td, table#userlist tr th {
+       padding: 2px 0.5em 2px 0.5em;
+}
diff --git a/template/Makefile b/template/Makefile
new file mode 100644 (file)
index 0000000..7adbbab
--- /dev/null
@@ -0,0 +1,2 @@
+all:
+       cat `find ./ -name "*.css" ` > ../style.css
diff --git a/template/bikeroom_manage.php b/template/bikeroom_manage.php
new file mode 100644 (file)
index 0000000..b60aca0
--- /dev/null
@@ -0,0 +1,19 @@
+<?php
+       require_once "fmaker.inc";
+?>
+
+<h1><?=tr("Správa kolárny")." ".$datamine->name?></h1>
+<form action="#" method="post">
+<table>
+<?php
+       $l = array(-1 => "---");
+       foreach (User::listAll() as $u) {
+               $l[$u->id] = "$u->name ($u->login)";
+       }
+       field("Jméno", "text", "name");
+       field("Kapacita", "text", "space");
+       select("Správce", "groundsman", $l, -1);
+       field("Uložit", "submit");
+?>
+</table>
+</form>
diff --git a/template/bikerooms_adminlist.php b/template/bikerooms_adminlist.php
new file mode 100644 (file)
index 0000000..4c3f051
--- /dev/null
@@ -0,0 +1,4 @@
+<div class="adminlist">
+<h2><?=tr("Úlohy správy")?></h2>
+<?=href("newbikeroom", "Nová kolárna")?>
+</div>
diff --git a/template/bikerooms_head.php b/template/bikerooms_head.php
new file mode 100644 (file)
index 0000000..ebb7482
--- /dev/null
@@ -0,0 +1 @@
+<h1>Kolárny</h1>
diff --git a/template/bikerooms_list.css b/template/bikerooms_list.css
new file mode 100644 (file)
index 0000000..f2a36a7
--- /dev/null
@@ -0,0 +1,11 @@
+table#bikeroomlist, table#bikeroomlist tr, table#bikeroomlist tr td, table#bikeroomlist tr th {
+       border-collapse: collapse;
+       border: 1px solid grey;
+}
+
+table#bikeroomlist tr td, table#bikeroomlist tr th {
+       padding: 2px 0.5em 2px 0.5em;
+}
+
+table#bikeroomlist td.full { color: red; }
+table#bikeroomlist td.free { color: green; }
diff --git a/template/bikerooms_list.php b/template/bikerooms_list.php
new file mode 100644 (file)
index 0000000..f6191f6
--- /dev/null
@@ -0,0 +1,25 @@
+<table id="bikeroomlist">
+       <tr>
+               <th><?=tr("Kolárna")?></th>
+               <th><?=tr("Volno")?></th>
+               <th><?=tr("Správce")?></th>
+<? if ($auth->verify(P_GROUNDSMAN)) { ?>
+               <th><?=tr("Akce")?></th>
+<? } ?>
+       </tr>
+<?     foreach ($bikerooms as $bikeroom) { ?>
+       <tr>
+               <td><?=$bikeroom->name?></td>
+               <td class="<?=($bikeroom->freeSpace == 0) ? "full" : "free" ?>"><?=(int)$bikeroom->freeSpace?>/<?=(int)$bikeroom->space?></td>
+               <td><?=(strlen($bikeroom->groundsmanName)==0) ? tr("žádný") : $bikeroom->groundsmanName?></td>
+<? if ($auth->verify(P_GROUNDSMAN)) { ?>
+               <td>
+                       <? if ($auth->verify(P_ADMIN) || ($auth->id == $bikeroom->groundsman))
+                               echo href("bikeroom&name=".$bikeroom->name, tr("Spravovat"));
+                       else echo "&nbsp;";
+                       if ($auth->verify(P_ADMIN)) echo ', '.href("bikeroom&del=".$bikeroom->name, tr("Smazat")) ?>
+               </td>
+<? } ?>
+       </tr>
+<? } ?>
+</table>
diff --git a/template/fmaker.inc b/template/fmaker.inc
new file mode 100644 (file)
index 0000000..55fef49
--- /dev/null
@@ -0,0 +1,99 @@
+<?php
+       function heading($text) {
+               ?><tr><th colspan="2"><?=tr($text)?></th><td>&nbsp;</td></tr><?php
+               
+       }
+
+       function select($label, $name, $data, $default) {
+               if (isset($_POST[$name])) $default = $_POST[$name];
+               ?>
+                       <tr><td><?=tr($label)?></td><td>
+                       <select name="<?=$name?>">
+                       <? foreach ($data as $key => $value) {
+                               if ($default==$key) $sel = 'selected="selected"';
+                               else $sel = '';
+                       ?>
+                               <option value="<?=$key?>" <?=$sel?>><?=tr($value)?></option>
+                       <?
+                       }?>
+                       </select>
+                       </td></tr>
+               <?
+       }
+       
+       function field($label, $type, $name = "", $hook = null) {
+               global $formmsg;
+               global $datamine;
+               if (!is_null($hook)) {
+                       $hook= "oninput=\"$hook(this)\"";
+               }
+
+               $val = "";
+               if ($type != "password") {
+                       if (isset($datamine) && ($name != ""))
+                               $val = $datamine->$name;
+                       if (isset($_POST[$name])) 
+                               $val = $_POST[$name];
+               }
+               
+               if ($type == "plain") {
+                       /* Plain */
+               ?>
+                       <tr><td><?=tr($label)?></td><td colspan="2"><?=$val?></td></tr>
+               <?
+                       /* End of plain */
+               } else if ($type == "submit") {
+               ?>
+                       <tr><td colspan="2"><div class="center"><input type="submit" name="submit" value="<?=tr($label)?>" /></div></td><td>&nbsp;</td></tr>
+               <?
+               } else {
+                       /* Input */
+               ?>
+                       <tr>
+                               <td><?=tr($label)?></td>
+                               <td><input id="form_<?=$name?>" type="<?=$type?>" name="<?=$name?>" value="<?=$val?>" <?=$hook?>/></td>
+                               <td><div class="formerrbox" id="repbox<?=$name?>"><?=isset($formmsg[$name]) ? $formmsg[$name] : "&nbsp;"?></div></td>
+                       </tr>
+               <?php
+                       /* End of input */
+               }
+       }
+
+?>
+
+<script language="JavaScript">
+/* Display message on element */
+function display(field, message) {
+       document.getElementById("repbox"+field.name).firstChild.nodeValue = message;
+}
+
+function validateRoom(field) {
+       if (!field.value.match(/^[AB][0-9]{3,4}$/)) display(field, "<?=tr("Není platné označení pokoje.")?>");
+       else display(field, "");
+}
+function validateSomething(field) {
+       if (!field.value.match(/^.+$/)) display(field, "<?=tr("Toto pole je povinné.")?>");
+       else display(field, "");
+}
+function validatePassword(field) {
+       var pass1 = document.getElementById("form_password");
+       var pass2 = document.getElementById("form_password2");
+       if (pass1.value.length < 6) display(pass1, "<?=tr("Heslo musí mít alespoň 6 znaků.")?>");
+       else display(pass1, "");
+       if (pass1.value == pass2.value) display(pass2, "");
+       else display(pass2, "<?=tr("Hesla nejsou stejná!")?>");
+}
+function validatePasswordEmpty(field) {
+       var pass1 = document.getElementById("form_password");
+       var pass2 = document.getElementById("form_password2");
+       if (pass1.value.length > 0 || pass1.value.length > 0) validatePassword(field);
+       else {
+               display(pass1,"");
+               display(pass2,"");
+       }
+}
+function validateEmail(field) {
+       if (!field.value.match(/^.+@.+\..+$/)) display(field, "<?=tr("Toto není platná emailová adresa.")?>");
+       else display(field, "");
+}
+</script>
diff --git a/template/foot.php b/template/foot.php
new file mode 100644 (file)
index 0000000..9943ff0
--- /dev/null
@@ -0,0 +1,3 @@
+</div>
+</body>
+</html>
diff --git a/template/head.php b/template/head.php
new file mode 100644 (file)
index 0000000..d673277
--- /dev/null
@@ -0,0 +1,41 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<title>Kolarny</title>
+<link href="style.css" rel="stylesheet" type="text/css" />
+
+</head>
+
+<div id="head">
+Správa koláren VŠK 17. listopadu
+</div>
+
+<div id="menu">
+Přihlášený uživatel: <?=$auth->login?> | <? if ($auth->id==-1) echo href("login", tr("Přihlásit se"))." | ".href("register", tr("Registrovat se")); else echo href("logout", tr("Odhlásit se")); ?>
+<div class="right">
+<?php 
+       switch ($auth->privileges) {
+               case 0:
+                       echo href("bikerooms", tr("Kolárny"));
+                       echo href("bikes", tr("Moje kola"));
+                       break;
+               case 1:
+                       echo href("bikerooms", tr("Kolárny"));
+                       echo href("bikes", tr("Kola"));
+                       break;
+               case 2:
+                       echo href("bikerooms", tr("Kolárny"));
+                       echo href("bikes", tr("Kola"));
+                       echo href("usermod", tr("Správa uživatelů"));
+                       echo href("summaries", tr("Sestavy"));
+                       break;
+       }
+?>
+</div>
+</div>
+
+<div id="content">
+
diff --git a/template/index.php b/template/index.php
new file mode 100644 (file)
index 0000000..44985cc
--- /dev/null
@@ -0,0 +1,19 @@
+<?php
+       if (!$auth->verify()) {
+?>
+<p>Vítejte na stránkách správy koláren koleje 17. listopadu. Pro používání systému se prosím přihlašte:</p>
+<?php 
+       include "controllers/login.php";
+       } else {
+?>
+
+
+
+
+
+
+
+
+
+
+<? } ?>
diff --git a/template/login.php b/template/login.php
new file mode 100644 (file)
index 0000000..5f8c320
--- /dev/null
@@ -0,0 +1,9 @@
+<div class="center">
+<form action="#" method="post">
+<table class="centered table_nostyle">
+<tr><td><?=tr("Login")?></td><td> <input type="text" name="login" /></td></tr>
+<tr><td><?=tr("Heslo")?></td><td><input type="password" name="password" /></td></tr>
+<tr><td colspan="2"><div class="center"><input type="submit" name="submit" value="<?=tr("Přihlásit se")?>" /></div></td></tr>
+</table>
+</form>
+</div>
diff --git a/template/main.css b/template/main.css
new file mode 100644 (file)
index 0000000..d0811c5
--- /dev/null
@@ -0,0 +1,54 @@
+div#head {
+       padding: 1em;
+       text-align: right;
+}
+
+div#menu {
+       padding: 5px;
+       border: 2px solid #eee;
+}
+
+div#menu .right {
+       text-align: right;
+       float:right;
+}
+
+div#menu .right a {
+       padding: 0 0.5em 0 0.5em;
+}
+
+div#menu .right a:hover {
+       background-color: #eee;
+}
+
+div#content {
+       padding: 5px;
+       background: #eee;
+       min-height: 400px;
+}
+
+.center {
+       text-align: center;
+}
+
+.centered{
+       margin: 0 auto 0 auto;
+}
+
+table.table_nostyle, table.table_nostyle tr, table.table_nostyle tr td {
+       border: 0;
+       text-align: left;
+}
+
+div.adminlist {
+       float: right;
+       width: 200px;
+       border: 1px solid black;
+       padding: 5px;
+       margin: 5px;
+}      
+
+h1 { font-size: 150%; }
+h2 { font-size: 130%; }
+h3 { font-size: 110%; }
+h4,h5,h6 { font-size: 100%; }
diff --git a/template/msgbox.css b/template/msgbox.css
new file mode 100644 (file)
index 0000000..d41b3ff
--- /dev/null
@@ -0,0 +1,18 @@
+div.msgbox_outer {
+       text-align: center;
+}
+
+div.msgbox_inner {
+       padding: 0.5em 1em 0.5em 1em;
+       margin: 0 auto 0 auto;
+       width: 50%;
+       background-color: #e3e3e3;
+}
+
+div.msgbox_red {
+       border: 1px dashed red;
+}
+
+div.msgbox_green {
+       border: 1px dashed green;
+}
diff --git a/template/msgbox.php b/template/msgbox.php
new file mode 100644 (file)
index 0000000..4edbd57
--- /dev/null
@@ -0,0 +1,5 @@
+<div class="msgbox_outer">
+<div class="msgbox_inner msgbox_<?=$color?>">
+       <span><?=$message?></span>
+</div>
+</div>
diff --git a/template/newbikeroom.php b/template/newbikeroom.php
new file mode 100644 (file)
index 0000000..b021e2e
--- /dev/null
@@ -0,0 +1,19 @@
+<?php
+       require_once "fmaker.inc";
+?>
+
+<h1><?=tr("Nová kolárna")?></h1>
+<form action="#" method="post">
+<table>
+<?php
+       $l = array(-1 => "---");
+       foreach (User::listAll() as $u) {
+               $l[$u->id] = "$u->name ($u->login)";
+       }
+       field("Jméno", "text", "name");
+       field("Kapacita", "text", "space");
+       select("Správce", "groundsman", $l, -1);
+       field("Vytvořit", "submit");
+?>
+</table>
+</form>
diff --git a/template/register.css b/template/register.css
new file mode 100644 (file)
index 0000000..7aa47d5
--- /dev/null
@@ -0,0 +1,4 @@
+div.formerrbox {
+       font-weight: bold;
+       font-color: red;
+}
diff --git a/template/register.php b/template/register.php
new file mode 100644 (file)
index 0000000..629a70b
--- /dev/null
@@ -0,0 +1,22 @@
+<?php include "fmaker.inc"; ?>
+<form action="#" method="post">
+<p>Všechna pole v registračním formuláři jsou povinná. Telefonní číslo je myšleno číslo, na kterém jste k zastižení 
+mimo kolej (nejlépe mobilní telefon), toto číslo bude dostupné pouze správcům systému (nikoliv správcům kolárny) a to pro
+případ, že by bylo potřeba Vás okamžitě informovat o závažné věci (odcizení kola, havárie vody v kolárně atp.)</p>
+
+<table>
+<?php
+       heading("Přihlašovací údaje");
+       field("Login", "text", "login", "validateSomething");
+       field("Heslo", "password", "password", "validatePassword");
+       field("Zopakovat heslo", "password", "password2", "validatePassword");
+       heading("Osobní údaje");
+       field("Jméno", "text", "name", "validateSomething");
+       field("Pokoj", "text", "room", "validateRoom");
+       field("Email", "text", "email", "validateEmail");
+       field("Telefon", "text", "phone", "validateSomething");
+?>
+<tr><th colspan="2"><div class="center"><input type="submit" value="<?=tr("Registrovat")?>" /></div></th><td>&nbsp;</td></tr>
+</table>
+
+</form>
diff --git a/template/useredt.php b/template/useredt.php
new file mode 100644 (file)
index 0000000..702c6e9
--- /dev/null
@@ -0,0 +1,26 @@
+<?php 
+       include "fmaker.inc";
+?>
+<form action="#" method="post">
+<table>
+<?php
+       heading("Osobní údaje");
+       field("Login", "plain", "login");
+       field("Jméno", "text", "name", "validateSomething");
+       field("Pokoj", "text", "room", "validateRoom");
+       field("Email", "text", "email", "validateEmail");
+       field("Telefon", "text", "phone", "validateSomething");
+       heading("Změnit heslo");
+       field("Nové heslo", "password", "password", "validatePasswordEmpty");
+       field("Zopakovat heslo", "password", "password2", "validatePasswordEmpty");
+       if ($auth->verify(P_USERMOD)) {
+               heading("Práva");
+               select("Práva", "privileges", 
+                       array( 0 => "Uživatel", 1 => "Správce kolárny", 2 => "Administrátor"),
+               $user->privileges);
+       }
+?>
+<tr><th colspan="2"><div class="center"><input type="submit" value="<?=tr("Uložit")?>" /></div></th><td>&nbsp;</td></tr>
+</table>
+
+</form>
diff --git a/template/usermod.css b/template/usermod.css
new file mode 100644 (file)
index 0000000..707f1b5
--- /dev/null
@@ -0,0 +1,8 @@
+table#userlist, table#userlist tr, table#userlist tr td, table#userlist tr th {
+       border-collapse: collapse;
+       border: 1px solid grey;
+}
+
+table#userlist tr td, table#userlist tr th {
+       padding: 2px 0.5em 2px 0.5em;
+}
diff --git a/template/usermod.php b/template/usermod.php
new file mode 100644 (file)
index 0000000..0f74d9c
--- /dev/null
@@ -0,0 +1,32 @@
+<table id="userlist">
+       <tr>
+               <th>login</th>
+               <th>name</th>
+               <th>room</th>
+               <th>email</th>
+               <th>phone</th>
+               <th>privileges</th>
+               <th>action</th>
+       </tr>
+       <? foreach ($users as $user) { ?>
+       <tr>
+               <td><?=$user->login?></td>
+               <td><?=$user->name?></td>
+               <td><?=$user->room?></td>
+               <td><?=$user->email?></td>
+               <td><?=$user->phone?></td>
+               <td><?
+                       switch ($user->privileges) {
+                               case 0: echo tr("Uživatel"); break;
+                               case 1: echo tr("Správce kolárny"); break;
+                               case 2: echo tr("Administrátor"); break;
+                       }
+               ?></td>
+               <td>
+                       <?=href("useredt&amp;mod=".urlencode($user->login), tr("Editovat"))?>, 
+                       <?=href("usermod&amp;del=".urlencode($user->login), tr("Smazat"))?>, 
+                       <?=href("userrel&amp;rel=".urlencode($user->login), tr("Relace"))?>
+               </td>
+       </tr>
+       <? } ?>
+</table>
diff --git a/tools/lang.php b/tools/lang.php
new file mode 100644 (file)
index 0000000..16dda79
--- /dev/null
@@ -0,0 +1,7 @@
+<?php
+
+function tr($string) {
+       return $string;
+}
+
+?>