DEROO/lootjes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e0bfa6343048e4b698e09b2a8d8a6712de0e9866
lootjes/wishlist.php
thomas dbb48b07f4 login
2025-11-12 14:54:59 +01:00

110 lines
3.1 KiB
PHP
Raw Blame History

<?php
session_start();
if (!isset($_SESSION['user'])) {
$redirect = urlencode($_SERVER['REQUEST_URI']);
header("Location: login.php?redirect=$redirect");
exit;
}
?>
<?php
session_start();
require __DIR__ . '/data/db.php';
require __DIR__ . '/functions/logging.php';
require __DIR__ . '/auth/ldap.php';
if (!isset($_SESSION['user'])) {
header('Location: login.php'); // redirect naar login
exit;
}
$username = $_SESSION['user']['username'];
$message = '';
// Uitloggen knop
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['logout'])) {
log_action($pdo, $username, 'Uitloggen via wishlist', 'Wishlist script');
session_unset();
session_destroy();
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
}
// Verwijderen van wishlist
if (isset($_POST['delete'])) {
$stmt = $pdo->prepare("DELETE FROM wishlist WHERE id = ? AND username = ?");
$stmt->execute([$_POST['delete'], $username]);
log_action($pdo, $username, 'Wishlist item verwijderd', 'Wishlist script');
$message = "Item verwijderd!";
}
// Opslaan / bijwerken
if (isset($_POST['save'])) {
$content = $_POST['content'] ?? '';
// Check of er al een wishlist is
$stmt = $pdo->prepare("SELECT id FROM wishlist WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->rowCount() > 0) {
$row = $stmt->fetch();
$stmtUpdate = $pdo->prepare("UPDATE wishlist SET content = ? WHERE id = ?");
$stmtUpdate->execute([$content, $row['id']]);
log_action($pdo, $username, 'Wishlist geüpdatet', 'Wishlist script');
$message = "Wishlist geüpdatet!";
} else {
$stmtInsert = $pdo->prepare("INSERT INTO wishlist (username, content) VALUES (?, ?)");
$stmtInsert->execute([$username, $content]);
log_action($pdo, $username, 'Wishlist aangemaakt', 'Wishlist script');
$message = "Wishlist aangemaakt!";
}
}
// Huidige wishlist ophalen
$stmt = $pdo->prepare("SELECT * FROM wishlist WHERE username = ?");
$stmt->execute([$username]);
$wishlist = $stmt->fetch(PDO::FETCH_ASSOC);
$content = $wishlist['content'] ?? '';
?>
<!DOCTYPE html>
<html lang="nl">
<head>
<meta charset="UTF-8">
<title>Verlanglijstje</title>
</head>
<body>
<h2>Verlanglijstje van <?= htmlspecialchars($username) ?></h2>
<form method="post">
<button type="submit" name="logout">Uitloggen</button>
</form>
<?php if($message): ?>
<p style="color:green;"><?= htmlspecialchars($message) ?></p>
<?php endif; ?>
<form method="post">
<textarea id="content" name="content"><?= htmlspecialchars($content) ?></textarea><br>
<button type="submit" name="save">Opslaan / Bijwerken</button>
</form>
<?php if ($wishlist): ?>
<form method="post" style="margin-top:10px;">
<button type="submit" name="delete" value="<?= $wishlist['id'] ?>" onclick="return confirm('Weet je het zeker?');">Verwijderen</button>
</form>
<?php endif; ?>
<script src="js/tinymce/tinymce.min.js"></script>
<script>
tinymce.init({
selector: '#content',
height: 300,
menubar: false,
plugins: 'lists link paste',
toolbar: 'undo redo | bold italic underline | bullist numlist | link | removeformat',
paste_as_text: false
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink