1e versie

public/admin.php

@@ -0,0 +1,31 @@
+<?php
+session_start();
+require_once __DIR__ . '/../includes/functions.php';
+require_once __DIR__ . '/../includes/db.php';
+
+if (!isset($_SESSION['user']) || !isAdmin($_SESSION['user'])) {
+    header('Location: dashboard.php');
+    exit;
+}
+
+$bericht = '';
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['nieuwe_ronde'])) {
+    $lootjes = startNieuweRonde($pdo);
+    $bericht = 'Nieuwe ronde gestart!';
+}
+?>
+<!DOCTYPE html>
+<html>
+<head><title>Beheer</title></head>
+<body>
+<h2>Beheerpagina</h2>
+<?php if ($bericht): ?><p style="color:green"><?= htmlspecialchars($bericht) ?></p><?php endif; ?>
+
+<form method="post">
+    <button type="submit" name="nieuwe_ronde">Start nieuwe lootjes-ronde</button>
+</form>
+
+<p><a href="dashboard.php">Terug</a></p>
+</body>
+</html>
+

public/dashboard.php

@@ -0,0 +1,34 @@
+<?php
+session_start();
+require_once __DIR__ . '/../includes/functions.php';
+
+if (!isset($_SESSION['user'])) {
+    header('Location: login.php');
+    exit;
+}
+
+$gebruiker = $_SESSION['user'];
+$lootje = getLootjeVoor($gebruiker);
+?>
+<!DOCTYPE html>
+<html>
+<head><title>Dashboard</title></head>
+<body>
+<h2>Welkom, <?= htmlspecialchars($gebruiker) ?></h2>
+
+<?php if ($lootje): ?>
+    <p>Je hebt getrokken: <strong><?= htmlspecialchars($lootje) ?></strong></p>
+<?php else: ?>
+    <p>Er is nog geen ronde gestart.</p>
+<?php endif; ?>
+
+<p><a href="wishlist.php">Mijn verlanglijstje</a></p>
+
+<?php if (isAdmin($gebruiker)): ?>
+    <p><a href="admin.php">Beheerpagina</a></p>
+<?php endif; ?>
+
+<p><a href="logout.php">Uitloggen</a></p>
+</body>
+</html>
+

public/index.php

@@ -0,0 +1,10 @@
+<?php
+session_start();
+
+if (isset($_SESSION['user'])) {
+    header('Location: dashboard.php');
+    exit;
+}
+header('Location: login.php');
+exit;
+

public/login.php

@@ -0,0 +1,33 @@
+<?php
+session_start();
+require_once __DIR__ . '/../includes/ldap.php';
+
+$error = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $user = $_POST['username'] ?? '';
+    $pass = $_POST['password'] ?? '';
+
+    if (ldap_authenticate($user, $pass)) {
+        $_SESSION['user'] = $user;
+        header('Location: dashboard.php');
+        exit;
+    } else {
+        $error = 'Ongeldige login.';
+    }
+}
+?>
+<!DOCTYPE html>
+<html>
+<head><title>Login</title></head>
+<body>
+<h2>Login</h2>
+<form method="post">
+    <label>Gebruikersnaam: <input type="text" name="username"></label><br>
+    <label>Wachtwoord: <input type="password" name="password"></label><br>
+    <button type="submit">Aanmelden</button>
+</form>
+<p style="color:red"><?= htmlspecialchars($error) ?></p>
+</body>
+</html>
+

public/logout.php

@@ -0,0 +1,6 @@
+<?php
+session_start();
+session_destroy();
+header('Location: login.php');
+exit;
+

public/wishlist.php

@@ -0,0 +1,34 @@
+<?php
+session_start();
+require_once __DIR__ . '/../includes/db.php';
+
+if (!isset($_SESSION['user'])) {
+    header('Location: login.php');
+    exit;
+}
+
+$gebruiker = $_SESSION['user'];
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $wensen = $_POST['wensen'] ?? '';
+    $stmt = $pdo->prepare("REPLACE INTO wishlists (user, wensen) VALUES (?, ?)");
+    $stmt->execute([$gebruiker, $wensen]);
+}
+
+$stmt = $pdo->prepare("SELECT wensen FROM wishlists WHERE user = ?");
+$stmt->execute([$gebruiker]);
+$wensen = $stmt->fetchColumn();
+?>
+<!DOCTYPE html>
+<html>
+<head><title>Verlanglijstje</title></head>
+<body>
+<h2>Mijn verlanglijstje</h2>
+<form method="post">
+    <textarea name="wensen" rows="8" cols="40"><?= htmlspecialchars($wensen ?? '') ?></textarea><br>
+    <button type="submit">Opslaan</button>
+</form>
+<p><a href="dashboard.php">Terug</a></p>
+</body>
+</html>
+