Enrique Cruzado 4 yıl önce
ebeveyn
işleme
9a22a7a588

+ 11
- 0
Admin backend/db.php Dosyayı Görüntüle

@@ -0,0 +1,11 @@
1
+<?php
2
+# Connect to database
3
+$conn = new mysqli("localhost", "ComedoresEscolares", "1234");
4
+$conn->select_db("ComedoresEscolar");
5
+
6
+# Checks connection
7
+if($conn->connect_error){
8
+    header("500 Internal Server Error", true, 500);
9
+    exit();
10
+}
11
+?>

+ 45
- 0
Admin backend/login.php Dosyayı Görüntüle

@@ -0,0 +1,45 @@
1
+<?php
2
+header('Content-type: application/json');
3
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
4
+    # Gets json from POST
5
+    $json = json_decode(file_get_contents('php://input'), true);
6
+
7
+    # Input validation for username y password
8
+    $username = $json["username"];
9
+    $password = $json["password"];
10
+    if(strlen($username) == 0 or strlen($password) == 0){
11
+        header("400 Bad Request", true, 400);
12
+        exit();
13
+    }
14
+
15
+    include 'db.php';
16
+
17
+    # Select username row
18
+    $sql = "SELECT hash FROM login WHERE username = '".$username."'";
19
+    $result = $conn->query($sql);
20
+    if($result->num_rows){
21
+        $result = $result->fetch_assoc();
22
+        $hash = $result["hash"];
23
+    } else {
24
+        $conn->close();
25
+        header("400 Bad Request", true, 400);
26
+        exit();
27
+    }
28
+
29
+    # Verifies password
30
+    if(!password_verify($password, $hash)){
31
+        $conn->close();
32
+        header("400 Bad Request", true, 400);
33
+        exit();
34
+    }
35
+
36
+    # Returns 200
37
+    $conn->close();
38
+    header("200 OK", true, 200);
39
+    exit();
40
+    
41
+} else {
42
+    header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
43
+    exit();
44
+}
45
+?>

BIN
Admin backend/logo.png Dosyayı Görüntüle


+ 107
- 0
Admin backend/members.php Dosyayı Görüntüle

@@ -0,0 +1,107 @@
1
+<!DOCTYPE html>
2
+<html>
3
+    <head>
4
+        <style>
5
+        body { 
6
+            margin:0px;
7
+        }
8
+        table, th, td {
9
+            border: 1px solid black;
10
+            border-collapse: collapse;
11
+        }
12
+        th, td {
13
+            padding: 5px;
14
+        }
15
+        th {
16
+            text-align: left;
17
+        }
18
+
19
+        .container {
20
+            height:100%;
21
+            width:100%;
22
+            position: fixed;
23
+            z-index: -1
24
+        }
25
+
26
+        .members {
27
+            margin-top: 8px;
28
+            margin-left: 1em;
29
+            margin-right: 1em;
30
+        }
31
+
32
+        /* Add a black background color to the top navigation */
33
+        .topnav {
34
+            background-color: #ED7D31;
35
+            overflow: hidden;
36
+            box-shadow: 0 4px 2px 0px gray;
37
+        }
38
+
39
+        /* Style the links inside the navigation bar */
40
+        .topnav a {
41
+            float: left;
42
+            color: black;
43
+            text-align: center;
44
+            padding: 14px 16px;
45
+            text-decoration: none;
46
+            font-size: 23px;
47
+        }
48
+
49
+        .topnav a:hover {
50
+            background-color: #BA6127;
51
+        }
52
+
53
+        .logo {
54
+            padding: 0px 0px ! important;
55
+        }
56
+        
57
+        .logo img {
58
+            float: left;
59
+            height: 54px;
60
+        }
61
+
62
+        </style>
63
+    </head>
64
+    <body>
65
+        <div class="topnav">
66
+            <a class="logo" href="/members.php"><img src="logo.png"></a>
67
+            <a href="/members.php">Tabla de Miembros</a>
68
+        </div> 
69
+
70
+        <div class="container">
71
+            <div class="members">
72
+    <?php
73
+    if ($_SERVER["REQUEST_METHOD"] == "GET") {
74
+        include 'db.php';
75
+
76
+        # Select username row
77
+        $sql = "SELECT username, nombre, organizacion, puesto, urbanizacion, calle, pueblo, cpostal, telefono, correo, membresia, vigencia FROM login NATURAL JOIN miembros;";
78
+        
79
+
80
+        if($result = $conn->query($sql)){
81
+            // username 	nombre 	organizacion 	puesto 	urbanizacion 	calle 	pueblo 	cpostal 	telefono 	correo 	membresia 	vigencia 
82
+            echo "<table style=\"width:100%\"><tr><th>Username</th><th>Nombre</th><th>Organizacion</th><th>Puesto</th><th>Urbanizacion</th>
83
+                    <th>Calle</th><th>Pueblo</th><th>Codigo Posta</th><th>Telefono</th><th>Correo</th><th>Membresia</th><th>Vigencia</th></tr>";
84
+            while($row = $result->fetch_assoc()){
85
+                echo "<tr><td>".$row["username"]."</td><td>".$row["nombre"]."</td><td>".$row["organizacion"]."</td><td>".$row["puesto"]."</td><td>".
86
+                    $row["urbanizacion"]."</td><td>".$row["calle"]."</td><td>".$row["pueblo"]."</td><td>".$row["cpostal"]."</td><td>".$row["telefono"]."</td><td>"
87
+                    .$row["correo"]."</td><td>".$row["membresia"]."</td><td>".$row["vigencia"]."</tr>";
88
+            }
89
+            echo "</table>";
90
+
91
+        } else {
92
+            echo "Could not get rows";
93
+        }
94
+
95
+        # Closes databde
96
+        $conn->close();
97
+        
98
+    } else {
99
+        header('Content-type: application/json');
100
+        header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
101
+        exit();
102
+    }
103
+    ?>
104
+            </div>
105
+        </div>
106
+    </body>
107
+</html>

+ 2
- 0
Admin backend/php.ini Dosyayı Görüntüle

@@ -0,0 +1,2 @@
1
+extension=php_mysqli.dll
2
+extension=php_pdo_mysql.dll

+ 77
- 0
Admin backend/signup.php Dosyayı Görüntüle

@@ -0,0 +1,77 @@
1
+<?php
2
+header('Content-type: application/json');
3
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
4
+    # Gets json from POST
5
+    $json = json_decode(file_get_contents('php://input'), true);
6
+    
7
+    # Input validation for username y password
8
+    $username = $json["username"];
9
+    $password = $json["password"];
10
+    if(strlen($username) == 0 or strlen($password) == 0){
11
+        header("400 Bad Request", true, 400);
12
+        exit();
13
+    }
14
+    
15
+    # Hashed password
16
+    $hash = password_hash($password,  PASSWORD_BCRYPT);
17
+
18
+    include 'db.php';
19
+
20
+    # Starts a transaction
21
+    $conn->autocommit(FALSE);
22
+    $conn->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
23
+
24
+    # Inserts into login
25
+    $sql = "INSERT INTO login (username, hash) VALUES ('".$username."', '".$hash."')";
26
+    if($conn->query($sql) === FALSE){
27
+        $conn->rollback();
28
+        $conn->close();
29
+        header("500 Internal Server Error", true, 500);
30
+        exit();
31
+    }
32
+
33
+    # Grabs all data
34
+    $userid = $conn->insert_id;
35
+    $nombre = $json["nombre"];
36
+    $organizacion = $json["organizacion"];
37
+    $puesto = $json["puesto"];
38
+    $urbanizacion = $json["urbanizacion"];
39
+    $calle = $json["calle"];
40
+    $pueblo = $json["pueblo"];
41
+    $cpostal = $json["cpostal"];
42
+    $telefono = $json["telefono"];
43
+    $correo = $json["correo"];
44
+
45
+    # Checks if necessary data is empty
46
+    if(!(strlen($nombre) or strlen($urbanizacion) or strlen($calle) or strlen($pueblo) or strlen($cpostal) or strlen($telefono) or strlen($correo))){
47
+        $conn->rollback();
48
+        $conn->close();
49
+        header("400 Bad Request", true, 400);
50
+        exit();
51
+    }
52
+
53
+    # Inserts into miembros
54
+    $sql = "INSERT INTO miembros (userid, nombre, organizacion, puesto, urbanizacion, calle, pueblo, cpostal, telefono, correo) VALUES "
55
+            ."('".$userid."', '".$nombre."', '".$organizacion."', '".$puesto."', '".$urbanizacion.
56
+            "', '".$calle."', '".$pueblo."', '".$cpostal."', '".$telefono."', '".$correo."')";
57
+            
58
+    if($conn->query($sql) === FALSE){
59
+        $conn->rollback();
60
+        $conn->close();
61
+        header("500 Internal Server Error", true, 500);
62
+        exit();
63
+    }
64
+
65
+    # Commits changes
66
+    $conn->commit();
67
+    $conn->close();
68
+
69
+    # Returns 200
70
+    header("200 OK", true, 200);
71
+    exit();
72
+    
73
+} else {
74
+    header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
75
+    exit();
76
+}
77
+?>

+ 22
- 0
Admin backend/tables.sql Dosyayı Görüntüle

@@ -0,0 +1,22 @@
1
+CREATE TABLE login (
2
+    userid INTEGER PRIMARY KEY AUTO_INCREMENT,
3
+    username VARCHAR(16),
4
+    hash VARBINARY(255),
5
+    UNIQUE(username)
6
+);
7
+
8
+CREATE TABLE miembros (
9
+  userid INTEGER,
10
+  nombre VARCHAR(64),
11
+  organizacion TINYTEXT,
12
+  puesto VARCHAR(64),
13
+  urbanizacion TINYTEXT,
14
+  calle TINYTEXT,
15
+  pueblo VARCHAR(32),
16
+  cpostal CHAR(5),
17
+  telefono CHAR(10),
18
+  correo VARCHAR(64),
19
+  membresia VARCHAR(16),
20
+  vigencia DATE,
21
+  FOREIGN KEY (userid) REFERENCES login(userid) ON DELETE CASCADE
22
+);