From fbbdc168179ab572725d5ba04c1214d118854f84 Mon Sep 17 00:00:00 2001
From: deadlocker8 <deadlocker@gmx.de>
Date: Thu, 3 Nov 2016 15:05:02 +0100
Subject: [PATCH] fixed #10, fixed #12

---
 js/main.js                         | 44 +++++++++++++++++++++++++-
 php/admin/admin-edit-milestone.php | 10 +++++-
 php/admin/admin-edit-roadmap.php   |  9 ++++++
 php/admin/admin-edit-subtask.php   | 10 +++++-
 php/admin/admin-edit-task.php      | 10 +++++-
 php/admin/admin-milestones.php     | 10 ++++++
 php/admin/admin-roadmaps.php       | 11 +++++++
 php/admin/admin-subtasks.php       | 10 ++++++
 php/admin/admin-tasks.php          | 10 ++++++
 php/admin/helper/checkLogin.php    | 32 +++++++++++++++++++
 php/admin/index.php                |  3 ++
 php/admin/login.php                | 51 ++++++++++++++++++++++++++++++
 php/admin/logout.php               |  8 +++++
 13 files changed, 214 insertions(+), 4 deletions(-)
 create mode 100644 php/admin/helper/checkLogin.php
 create mode 100644 php/admin/index.php
 create mode 100644 php/admin/login.php
 create mode 100644 php/admin/logout.php

diff --git a/js/main.js b/js/main.js
index e7947be..e54c099 100644
--- a/js/main.js
+++ b/js/main.js
@@ -113,6 +113,19 @@ $(document).ready(function()
 		formatSubmit: 'yyyy-mm-dd'
 	});
 
+	$('.button-login').click(function()
+	{
+		login();
+	});
+
+	$('#password').keyup(function(e)
+	{
+		if(e.keyCode === 13)    //Enter
+		{
+			login();
+		}
+	});
+
 	createTrainMap();
 });
 
@@ -447,7 +460,7 @@ function editSubtask(subtask_ID, task_ID)
 	$.post('../admin/helper/edit-subtask.php',
 		{
 			"title": title,
-			"description": description,
+			"de6scription": description,
 			"done": done,
 			"edit": edit,
 			"ID": subtask_ID,
@@ -494,4 +507,33 @@ function deleteSubtask(subtask_ID, task_ID)
 				alert('An error occurred while deleting the subtask with the ID ' + subtask_ID);
 			}
 		});
+}
+
+function login()
+{
+	var password = $('#password').val();
+
+	if(isNull(password))
+	{
+		alert("Please enter your password.");
+		return;
+	}
+
+	$.post('../admin/helper/checkLogin.php',
+		{
+			"password": password,
+
+		}, function(data, error)
+		{
+			data = data.toString().trim();
+
+			if(data != "error" && data != "bad_login")
+			{
+				window.location.href = "../admin/admin-roadmaps.php";
+			}
+			else
+			{
+				alert('Wrong password!');
+			}
+		});
 }
\ No newline at end of file
diff --git a/php/admin/admin-edit-milestone.php b/php/admin/admin-edit-milestone.php
index a1abdbc..532f0c1 100644
--- a/php/admin/admin-edit-milestone.php
+++ b/php/admin/admin-edit-milestone.php
@@ -1,10 +1,18 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
-
 if(!isset($_GET['roadmapID']))
 {
 	header('Location: ../error.php?message=error_param_missing');
diff --git a/php/admin/admin-edit-roadmap.php b/php/admin/admin-edit-roadmap.php
index d1b10d0..72b5c8b 100644
--- a/php/admin/admin-edit-roadmap.php
+++ b/php/admin/admin-edit-roadmap.php
@@ -1,6 +1,15 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
diff --git a/php/admin/admin-edit-subtask.php b/php/admin/admin-edit-subtask.php
index c3a79f7..2d35cc1 100644
--- a/php/admin/admin-edit-subtask.php
+++ b/php/admin/admin-edit-subtask.php
@@ -1,10 +1,18 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
-
 if(!isset($_GET['taskID']))
 {
 	header('Location: ../error.php?message=error_param_missing');
diff --git a/php/admin/admin-edit-task.php b/php/admin/admin-edit-task.php
index 1f84210..a17a30b 100644
--- a/php/admin/admin-edit-task.php
+++ b/php/admin/admin-edit-task.php
@@ -1,10 +1,18 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
-
 if(!isset($_GET['milestoneID']))
 {
 	header('Location: ../error.php?message=error_param_missing');
diff --git a/php/admin/admin-milestones.php b/php/admin/admin-milestones.php
index c87f6e4..dac01a5 100644
--- a/php/admin/admin-milestones.php
+++ b/php/admin/admin-milestones.php
@@ -1,6 +1,15 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
@@ -52,6 +61,7 @@ $projectName = $projectName["Projectname"];
 
 <body class="grey lighten-3">
 <a class="waves-effect waves-light btn blue darken-3" href="admin-roadmaps.php"><i class="material-icons left">arrow_back</i>Back</a>
+<a class="waves-effect waves-light btn blue darken-3 right" href="logout.php"><i class="material-icons left">lock</i>Logout</a>
 <div id="main">
 	<div class="container">
 		<h2 class="center-align" id="headline"><?php echo $projectName;?></h2>
diff --git a/php/admin/admin-roadmaps.php b/php/admin/admin-roadmaps.php
index 1562a83..3bef775 100644
--- a/php/admin/admin-roadmaps.php
+++ b/php/admin/admin-roadmaps.php
@@ -1,6 +1,15 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
@@ -29,6 +38,8 @@ $db->createTables();
 	</head>
 
 	<body class="grey lighten-3">
+		<a class="waves-effect waves-light btn blue darken-3 right" href="logout.php"><i class="material-icons left">lock</i>Logout</a>
+		<div style="clear: both;"></div>
 		<div id="main">
 			<div class="container">
 				<h2 class="center-align" id="headline">Roadmaps</h2>
diff --git a/php/admin/admin-subtasks.php b/php/admin/admin-subtasks.php
index 37dd5e7..50da1fd 100644
--- a/php/admin/admin-subtasks.php
+++ b/php/admin/admin-subtasks.php
@@ -1,6 +1,15 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
@@ -51,6 +60,7 @@ if($task == false)
 
 <body class="grey lighten-3">
 <a class="waves-effect waves-light btn blue darken-3" href="admin-tasks.php?id=<?php echo $task['MilestoneID'];?>"><i class="material-icons left">arrow_back</i>Back</a>
+<a class="waves-effect waves-light btn blue darken-3 right" href="logout.php"><i class="material-icons left">lock</i>Logout</a>
 <div id="main">
 	<div class="container">
 		<h2 class="center-align" id="headline"><?php echo $task['Title'];?></h2>
diff --git a/php/admin/admin-tasks.php b/php/admin/admin-tasks.php
index 16e6d79..88bf5ea 100644
--- a/php/admin/admin-tasks.php
+++ b/php/admin/admin-tasks.php
@@ -1,6 +1,15 @@
 <!DOCTYPE html>
 
 <?php
+if(!isset($_SESSION))
+{
+	session_start();
+}
+if(!isset($_SESSION['loggedIn']))
+{
+	header('Location: login.php');
+}
+
 include_once('../getLanguageJSON.php');
 include_once('../mysql.php');
 
@@ -51,6 +60,7 @@ if($milestone == false)
 
 <body class="grey lighten-3">
 <a class="waves-effect waves-light btn blue darken-3" href="admin-milestones.php?id=<?php echo $milestone['RoadmapID'];?>"><i class="material-icons left">arrow_back</i>Back</a>
+<a class="waves-effect waves-light btn blue darken-3 right" href="logout.php"><i class="material-icons left">lock</i>Logout</a>
 <div id="main">
 	<div class="container">
 		<h2 class="center-align" id="headline"><?php echo $milestone['Title'];?></h2>
diff --git a/php/admin/helper/checkLogin.php b/php/admin/helper/checkLogin.php
new file mode 100644
index 0000000..a5f351a
--- /dev/null
+++ b/php/admin/helper/checkLogin.php
@@ -0,0 +1,32 @@
+<?php
+
+$PASSWORD = "123";
+
+if(!isset($_SESSION))
+{
+	session_start();
+}
+
+if($_SERVER['REQUEST_METHOD'] == 'POST')
+{
+	if(isset($_POST['password']))
+	{
+		if($_POST['password'] == $PASSWORD)
+		{
+			$_SESSION['loggedIn'] = 'true';
+			echo "success";
+		}
+		else
+		{
+			echo "bad_login";
+		}
+	}
+	else
+	{
+		echo "error";
+	}
+}
+else
+{
+	echo "error";
+}
\ No newline at end of file
diff --git a/php/admin/index.php b/php/admin/index.php
new file mode 100644
index 0000000..59595ab
--- /dev/null
+++ b/php/admin/index.php
@@ -0,0 +1,3 @@
+<?php
+header('Location: admin-roadmaps.php');
+exit;
\ No newline at end of file
diff --git a/php/admin/login.php b/php/admin/login.php
new file mode 100644
index 0000000..43d64de
--- /dev/null
+++ b/php/admin/login.php
@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+
+<?php
+include_once('../getLanguageJSON.php');
+include_once('../mysql.php');
+?>
+<html xmlns="http://www.w3.org/1999/html">
+	<head>
+		<meta charset="UTF-8"/>
+		<title>Login</title>
+
+		<!--Import Google Icon Font-->
+		<link href="http://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
+		<!--Import materialize.css-->
+		<link type="text/css" rel="stylesheet" href="../../materialize/css/materialize.min.css" media="screen,projection"/>
+		<link type="text/css" rel="stylesheet" href="../../css/style.css"/>
+
+		<!--Import jQuery before materialize.js-->
+		<script type="text/javascript" src="../../js/jquery-2.2.4.min.js"></script>
+		<script type="text/javascript" src="../../materialize/js/materialize.min.js"></script>
+		<script type="text/javascript" src="../../js/main.js"></script>
+		<script type="text/javascript" src="../../js/ResizeSensor.js"></script>
+		<script type="text/javascript" src="../../js/ElementQueries.js"></script>
+
+		<!--Let browser know website is optimized for mobile-->
+		<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+	</head>
+
+	<body class="grey lighten-3">
+		<div id="main">
+			<div class="container">
+				<h2 class="center-align" id="headline">Login</h2>
+
+				<div class="row center-align">
+					<div class="col s10 offset-s1 m6 offset-m3 l4 offset-l4">
+						<div class="input-field col s12">
+							<input id="password" name="password" type="password">
+							<label for="password">Password</label>
+						</div>
+					</div>
+				</div>
+				<div class="row center-align margin-top">
+					<div class="col s12 m8 offset-m2 l6 offset-l3">
+						<a class="waves-effect waves-light btn blue darken-3" href="../index.php"><i class="material-icons left">arrow_back</i>Back</a>
+						<a class="waves-effect waves-light btn blue darken-3 margin-left button-login"><i class="material-icons left">exit_to_app</i>Login</a>
+					</div>
+				</div>
+			</div>
+		</div>
+	</body>
+</html>
\ No newline at end of file
diff --git a/php/admin/logout.php b/php/admin/logout.php
new file mode 100644
index 0000000..7a5cc7d
--- /dev/null
+++ b/php/admin/logout.php
@@ -0,0 +1,8 @@
+<?php
+session_start();
+session_unset();
+session_destroy();
+session_write_close();
+setcookie(session_name(),'',0,'/');
+session_regenerate_id(true);
+header('Location: ../index.php');
\ No newline at end of file
-- 
GitLab