From 3cf4360017906468d273a7c8aad6278c117a33be Mon Sep 17 00:00:00 2001
From: thomas <thomas@de-roo.org>
Date: Wed, 12 Nov 2025 14:48:27 +0100
Subject: [PATCH] admin

---
 admin.php         | 165 ++++++++++++++++++++++++++++++++++++++++++++++
 config/config.php |   4 ++
 2 files changed, 169 insertions(+)
 create mode 100644 admin.php

diff --git a/admin.php b/admin.php
new file mode 100644
index 0000000..61a9293
--- /dev/null
+++ b/admin.php
@@ -0,0 +1,165 @@
+<?php
+session_start();
+require __DIR__ . '/data/db.php';
+require __DIR__ . '/functions/logging.php';
+require __DIR__ . '/functions/ldap_groups.php';
+$config = require __DIR__ . '/config/config.php';
+
+// Alleen admin toegang
+if (!isset($_SESSION['user']) || !in_array($_SESSION['user']['username'], $config['admin_usernames'])) {
+    die("Toegang geweigerd. Alleen admin.");
+}
+
+$message = '';
+$members = get_group_members('APP_LootjesTrekken');
+
+// Afmelden knop
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['logout'])) {
+    log_action($pdo, $_SESSION['user']['username'], 'Uitloggen via admin', 'Admin pagina');
+    session_unset();
+    session_destroy();
+    header('Location: login.php');
+    exit;
+}
+
+// Nieuwe ronde starten
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['start_round'])) {
+    if (count($members) < 2) {
+        $message = "Niet genoeg deelnemers om een ronde te starten.";
+    } else {
+        try {
+            $rondeNaam = "Ronde " . date('Y-m-d H:i:s');
+
+            $pdo->beginTransaction();
+
+            $stmt = $pdo->prepare("INSERT INTO lootjes_rondes (naam) VALUES (?)");
+            $stmt->execute([$rondeNaam]);
+            $ronde_id = $pdo->lastInsertId();
+
+            // Shuffle algoritme: geen enkel persoon mag zichzelf trekken
+            $gevers = $members;
+            $ontvangers = $members;
+            $maxRetries = 1000;
+            $retry = 0;
+            do {
+                shuffle($ontvangers);
+                $valid = true;
+                for ($i = 0; $i < count($gevers); $i++) {
+                    if ($gevers[$i] === $ontvangers[$i]) {
+                        $valid = false;
+                        break;
+                    }
+                }
+                $retry++;
+                if ($retry > $maxRetries) {
+                    throw new Exception("Kan geen geldige lootjes toewijzen na $maxRetries pogingen.");
+                }
+            } while (!$valid);
+
+            // Opslaan in database
+            $stmtInsert = $pdo->prepare("INSERT INTO lootjes (ronde_id, gever, ontvanger) VALUES (?, ?, ?)");
+            for ($i = 0; $i < count($gevers); $i++) {
+                $stmtInsert->execute([$ronde_id, $gevers[$i], $ontvangers[$i]]);
+            }
+
+            $pdo->commit();
+
+            log_action($pdo, $_SESSION['user']['username'], "Nieuwe ronde gestart: $rondeNaam", "Admin pagina");
+            $message = "Nieuwe ronde '$rondeNaam' succesvol gestart!";
+        } catch (Exception $e) {
+            $pdo->rollBack();
+            $message = "Fout bij starten van nieuwe ronde: " . $e->getMessage();
+        }
+    }
+}
+
+// Ronde afronden
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['close_round'])) {
+    $ronde_id = $_POST['round_id'] ?? 0;
+    if ($ronde_id) {
+        $stmt = $pdo->prepare("UPDATE lootjes_rondes SET status='afgerond' WHERE id=?");
+        $stmt->execute([$ronde_id]);
+        log_action($pdo, $_SESSION['user']['username'], "Ronde $ronde_id afgerond", "Admin pagina");
+        $message = "Ronde afgerond!";
+    }
+}
+
+// Huidige rondes ophalen (nieuwste eerst)
+try {
+    $stmt = $pdo->query("SELECT * FROM lootjes_rondes ORDER BY created_at DESC");
+    $rondes = $stmt->fetchAll();
+} catch (PDOException $e) {
+    die("Fout bij ophalen van rondes: " . $e->getMessage());
+}
+?>
+
+<!DOCTYPE html>
+<html lang="nl">
+<head>
+<meta charset="UTF-8">
+<title>Admin - Lootjesbeheer</title>
+<style>
+body { font-family: Arial, sans-serif; }
+table { border-collapse: collapse; width: 100%; margin-top: 10px; }
+th, td { border: 1px solid #ccc; padding: 8px; text-align: left; }
+th { background-color: #f4f4f4; }
+button { padding: 5px 10px; margin: 2px; }
+.message { color: green; }
+</style>
+</head>
+<body>
+
+<h2>Admin - Lootjesbeheer</h2>
+
+<form method="post">
+    <button type="submit" name="logout">Uitloggen</button>
+</form>
+
+<?php if ($message): ?>
+<p class="message"><?= htmlspecialchars($message) ?></p>
+<?php endif; ?>
+
+<form method="post">
+    <button type="submit" name="start_round">Nieuwe ronde starten</button>
+</form>
+
+<h3>Rondes</h3>
+<table>
+<tr><th>ID</th><th>Naam</th><th>Status</th><th>Acties</th><th>Lootjes</th></tr>
+<?php foreach ($rondes as $r): ?>
+<tr>
+    <td><?= $r['id'] ?></td>
+    <td><?= htmlspecialchars($r['naam']) ?></td>
+    <td><?= $r['status'] ?></td>
+    <td>
+        <?php if ($r['status'] === 'open'): ?>
+        <form method="post" style="display:inline">
+            <input type="hidden" name="round_id" value="<?= $r['id'] ?>">
+            <button type="submit" name="close_round">Ronde afronden</button>
+        </form>
+        <?php else: ?>
+            Afgerond
+        <?php endif; ?>
+    </td>
+    <td>
+        <?php
+        $stmtLootjes = $pdo->prepare("SELECT gever, ontvanger FROM lootjes WHERE ronde_id=?");
+        $stmtLootjes->execute([$r['id']]);
+        $lootjes = $stmtLootjes->fetchAll();
+        if ($lootjes):
+        ?>
+            <ul style="margin:0; padding-left:15px;">
+            <?php foreach ($lootjes as $l): ?>
+                <li><?= htmlspecialchars($l['gever']) ?> → <?= htmlspecialchars($l['ontvanger']) ?></li>
+            <?php endforeach; ?>
+            </ul>
+        <?php else: ?>
+            Nog geen lootjes
+        <?php endif; ?>
+    </td>
+</tr>
+<?php endforeach; ?>
+</table>
+
+</body>
+</html>
diff --git a/config/config.php b/config/config.php
index 1c18f01..32675eb 100644
--- a/config/config.php
+++ b/config/config.php
@@ -18,6 +18,10 @@ return [
         'admin_user'   => 'CN=ldap,OU=ServiceAccounts,OU=deRoo,DC=de-roo,DC=org',
         'admin_pass'   => 'ld@ps3arch',
         'use_tls'      => false
+    ],
+    'admin_usernames' => [
+        'thomas', // vul hier de LDAP gebruikersnaam van de admin(s) in
     ]
 
+
 ];