admin
This commit is contained in:
165
admin.php
Normal file
165
admin.php
Normal file
@@ -0,0 +1,165 @@
|
||||
<?php
|
||||
session_start();
|
||||
require __DIR__ . '/data/db.php';
|
||||
require __DIR__ . '/functions/logging.php';
|
||||
require __DIR__ . '/functions/ldap_groups.php';
|
||||
$config = require __DIR__ . '/config/config.php';
|
||||
|
||||
// Alleen admin toegang
|
||||
if (!isset($_SESSION['user']) || !in_array($_SESSION['user']['username'], $config['admin_usernames'])) {
|
||||
die("Toegang geweigerd. Alleen admin.");
|
||||
}
|
||||
|
||||
$message = '';
|
||||
$members = get_group_members('APP_LootjesTrekken');
|
||||
|
||||
// Afmelden knop
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['logout'])) {
|
||||
log_action($pdo, $_SESSION['user']['username'], 'Uitloggen via admin', 'Admin pagina');
|
||||
session_unset();
|
||||
session_destroy();
|
||||
header('Location: login.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
// Nieuwe ronde starten
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['start_round'])) {
|
||||
if (count($members) < 2) {
|
||||
$message = "Niet genoeg deelnemers om een ronde te starten.";
|
||||
} else {
|
||||
try {
|
||||
$rondeNaam = "Ronde " . date('Y-m-d H:i:s');
|
||||
|
||||
$pdo->beginTransaction();
|
||||
|
||||
$stmt = $pdo->prepare("INSERT INTO lootjes_rondes (naam) VALUES (?)");
|
||||
$stmt->execute([$rondeNaam]);
|
||||
$ronde_id = $pdo->lastInsertId();
|
||||
|
||||
// Shuffle algoritme: geen enkel persoon mag zichzelf trekken
|
||||
$gevers = $members;
|
||||
$ontvangers = $members;
|
||||
$maxRetries = 1000;
|
||||
$retry = 0;
|
||||
do {
|
||||
shuffle($ontvangers);
|
||||
$valid = true;
|
||||
for ($i = 0; $i < count($gevers); $i++) {
|
||||
if ($gevers[$i] === $ontvangers[$i]) {
|
||||
$valid = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
$retry++;
|
||||
if ($retry > $maxRetries) {
|
||||
throw new Exception("Kan geen geldige lootjes toewijzen na $maxRetries pogingen.");
|
||||
}
|
||||
} while (!$valid);
|
||||
|
||||
// Opslaan in database
|
||||
$stmtInsert = $pdo->prepare("INSERT INTO lootjes (ronde_id, gever, ontvanger) VALUES (?, ?, ?)");
|
||||
for ($i = 0; $i < count($gevers); $i++) {
|
||||
$stmtInsert->execute([$ronde_id, $gevers[$i], $ontvangers[$i]]);
|
||||
}
|
||||
|
||||
$pdo->commit();
|
||||
|
||||
log_action($pdo, $_SESSION['user']['username'], "Nieuwe ronde gestart: $rondeNaam", "Admin pagina");
|
||||
$message = "Nieuwe ronde '$rondeNaam' succesvol gestart!";
|
||||
} catch (Exception $e) {
|
||||
$pdo->rollBack();
|
||||
$message = "Fout bij starten van nieuwe ronde: " . $e->getMessage();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Ronde afronden
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['close_round'])) {
|
||||
$ronde_id = $_POST['round_id'] ?? 0;
|
||||
if ($ronde_id) {
|
||||
$stmt = $pdo->prepare("UPDATE lootjes_rondes SET status='afgerond' WHERE id=?");
|
||||
$stmt->execute([$ronde_id]);
|
||||
log_action($pdo, $_SESSION['user']['username'], "Ronde $ronde_id afgerond", "Admin pagina");
|
||||
$message = "Ronde afgerond!";
|
||||
}
|
||||
}
|
||||
|
||||
// Huidige rondes ophalen (nieuwste eerst)
|
||||
try {
|
||||
$stmt = $pdo->query("SELECT * FROM lootjes_rondes ORDER BY created_at DESC");
|
||||
$rondes = $stmt->fetchAll();
|
||||
} catch (PDOException $e) {
|
||||
die("Fout bij ophalen van rondes: " . $e->getMessage());
|
||||
}
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html lang="nl">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>Admin - Lootjesbeheer</title>
|
||||
<style>
|
||||
body { font-family: Arial, sans-serif; }
|
||||
table { border-collapse: collapse; width: 100%; margin-top: 10px; }
|
||||
th, td { border: 1px solid #ccc; padding: 8px; text-align: left; }
|
||||
th { background-color: #f4f4f4; }
|
||||
button { padding: 5px 10px; margin: 2px; }
|
||||
.message { color: green; }
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<h2>Admin - Lootjesbeheer</h2>
|
||||
|
||||
<form method="post">
|
||||
<button type="submit" name="logout">Uitloggen</button>
|
||||
</form>
|
||||
|
||||
<?php if ($message): ?>
|
||||
<p class="message"><?= htmlspecialchars($message) ?></p>
|
||||
<?php endif; ?>
|
||||
|
||||
<form method="post">
|
||||
<button type="submit" name="start_round">Nieuwe ronde starten</button>
|
||||
</form>
|
||||
|
||||
<h3>Rondes</h3>
|
||||
<table>
|
||||
<tr><th>ID</th><th>Naam</th><th>Status</th><th>Acties</th><th>Lootjes</th></tr>
|
||||
<?php foreach ($rondes as $r): ?>
|
||||
<tr>
|
||||
<td><?= $r['id'] ?></td>
|
||||
<td><?= htmlspecialchars($r['naam']) ?></td>
|
||||
<td><?= $r['status'] ?></td>
|
||||
<td>
|
||||
<?php if ($r['status'] === 'open'): ?>
|
||||
<form method="post" style="display:inline">
|
||||
<input type="hidden" name="round_id" value="<?= $r['id'] ?>">
|
||||
<button type="submit" name="close_round">Ronde afronden</button>
|
||||
</form>
|
||||
<?php else: ?>
|
||||
Afgerond
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
<td>
|
||||
<?php
|
||||
$stmtLootjes = $pdo->prepare("SELECT gever, ontvanger FROM lootjes WHERE ronde_id=?");
|
||||
$stmtLootjes->execute([$r['id']]);
|
||||
$lootjes = $stmtLootjes->fetchAll();
|
||||
if ($lootjes):
|
||||
?>
|
||||
<ul style="margin:0; padding-left:15px;">
|
||||
<?php foreach ($lootjes as $l): ?>
|
||||
<li><?= htmlspecialchars($l['gever']) ?> → <?= htmlspecialchars($l['ontvanger']) ?></li>
|
||||
<?php endforeach; ?>
|
||||
</ul>
|
||||
<?php else: ?>
|
||||
Nog geen lootjes
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</table>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
@@ -18,6 +18,10 @@ return [
|
||||
'admin_user' => 'CN=ldap,OU=ServiceAccounts,OU=deRoo,DC=de-roo,DC=org',
|
||||
'admin_pass' => 'ld@ps3arch',
|
||||
'use_tls' => false
|
||||
],
|
||||
'admin_usernames' => [
|
||||
'thomas', // vul hier de LDAP gebruikersnaam van de admin(s) in
|
||||
]
|
||||
|
||||
|
||||
];
|
||||
|
||||
Reference in New Issue
Block a user