122 lines
5.0 KiB
PHP
122 lines
5.0 KiB
PHP
<?php
|
|
session_start();
|
|
require_once("inc/config.inc.php");
|
|
require_once("inc/functions.inc.php");
|
|
//Überprüfe, dass der User eingeloggt ist
|
|
//Der Aufruf von check_user() muss in alle internen Seiten eingebaut sein
|
|
$user = check_user();
|
|
?>
|
|
|
|
<?php include 'header.php'; ?>
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-md-12">
|
|
|
|
<?php
|
|
if (isset($_GET['id']) && is_numeric($_GET['id'])) {
|
|
$id = $_GET['id'];
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$mitarbeiter = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$mitarbeiter) {
|
|
die('Mitarbeiter nicht gefunden!');
|
|
}
|
|
} else {
|
|
die('Ungültige Anfrage!');
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
$email = $_POST['email'];
|
|
$vorname = $_POST['vorname'];
|
|
$nachname = $_POST['nachname'];
|
|
$card_id = $_POST['card_id'] ?? '';
|
|
$card2_id = $_POST['card2_id'] ?? '';
|
|
$worker = $_POST['worker'] ?? 0;
|
|
|
|
$sql = "UPDATE users SET email=?, vorname=?, nachname=?, worker=?, admin=?, zeiterfassung=?, card_id=?, card2_id=? WHERE id=?";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute([$email, $vorname, $nachname, $_POST['worker'], $_POST['admin'], $_POST['zeiterfassung'], $card_id, $card2_id, $id]);
|
|
|
|
// Zusatzaktion für users_worker
|
|
if ($worker == 1) {
|
|
// Prüfen, ob der Eintrag schon existiert
|
|
$checkSql = "SELECT COUNT(*) FROM users_worker WHERE userid = ?";
|
|
$checkStmt = $pdo->prepare($checkSql);
|
|
$checkStmt->execute([$id]);
|
|
$exists = $checkStmt->fetchColumn();
|
|
|
|
if ($exists == 0) {
|
|
// Eintrag hinzufügen
|
|
$insertSql = "INSERT INTO users_worker (workerid, userid) VALUES (?, ?)";
|
|
$insertStmt = $pdo->prepare($insertSql);
|
|
$insertStmt->execute([$id, $id]);
|
|
}
|
|
} else {
|
|
// Eintrag löschen
|
|
$deleteSql = "DELETE FROM users_worker WHERE userid = ?";
|
|
$deleteStmt = $pdo->prepare($deleteSql);
|
|
$deleteStmt->execute([$id]);
|
|
}
|
|
|
|
echo "<br><div class='alert alert-success' role='alert'>Mitarbeiter erfolgreich aktualisiert.</div>";
|
|
// Optional: Umleitung
|
|
// header('Location: index.php');
|
|
}else{
|
|
?>
|
|
|
|
<div class="container mt-5">
|
|
<h2>Mitarbeiter bearbeiten</h2>
|
|
<form action="" method="post" class="mt-3">
|
|
<div class="form-group">
|
|
<label for="email">Email</label>
|
|
<input type="text" class="form-control" name="email" id="email" value="<?php echo htmlspecialchars($mitarbeiter['email']); ?>" required>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="vorname">Vorname</label>
|
|
<input type="text" class="form-control" name="vorname" id="vorname" value="<?php echo htmlspecialchars($mitarbeiter['vorname']); ?>" required>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="nachname">Nachname</label>
|
|
<input type="text" class="form-control" name="nachname" id="nachname" value="<?php echo htmlspecialchars($mitarbeiter['nachname']); ?>" required>
|
|
</div>
|
|
<div class="form-group form-check">
|
|
<input type="checkbox" class="form-check-input" name="zeiterfassung" id="zeiterfassung" value="1" <?php if($mitarbeiter['zeiterfassung']== "1") echo 'checked'; ?>>
|
|
<label class="form-check-label" for="zeiterfassung">Zeiterfassung</label>
|
|
</div>
|
|
<div class="form-group form-check">
|
|
<input type="checkbox" class="form-check-input" name="worker" id="worker" value="1" <?php if($mitarbeiter['worker'] == "1") echo 'checked'; ?>>
|
|
<label class="form-check-label" for="worker">Worker</label>
|
|
</div>
|
|
<div class="form-group form-check">
|
|
<input type="checkbox" class="form-check-input" name="admin" id="admin" value="1" <?php if($mitarbeiter['admin']== "1") echo 'checked'; ?>>
|
|
<label class="form-check-label" for="admin">Admin</label>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="card_id">Card ID</label>
|
|
<input type="text" class="form-control" name="card_id" id="card_id" value="<?php echo htmlspecialchars($mitarbeiter['card_id']); ?>">
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="card2_id">Card2 ID</label>
|
|
<input type="text" class="form-control" name="card2_id" id="card2_id" value="<?php echo htmlspecialchars($mitarbeiter['card2_id']); ?>">
|
|
</div>
|
|
<button type="submit" class="btn btn-primary">Aktualisieren</button>
|
|
</form>
|
|
</div>
|
|
<div class="container mt-5">
|
|
<?php
|
|
echo "<td><a class='btn btn-primary btn-sm' href='editworkerpassword.php?id=" . $mitarbeiter['id'] . "'>Passwort des Mitarbeiters ändern</a></td>";
|
|
?>
|
|
</div>
|
|
|
|
<?php
|
|
}
|
|
?>
|
|
<div class="container mt-5">
|
|
<button type="button" class="btn btn-secondary" onclick="window.location.href='showworker.php';">Zurück</button>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
<?php include 'footer.php'; ?>
|