verifica

moro_detto_rocco_andrea_biciclette/admin/actions/addNewBike.php

@@ -0,0 +1,39 @@
+<?php
+require_once('../../includes/functions.php');
+checkSession();
+
+try {
+    $connection = getDbConnection();
+    $connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+    $prepare = $connection->prepare("INSERT INTO `modello` (`codice`, `descrizione`, `quantita`, `tipologia`) VALUES (NULL, ?, ?, ?);");
+    $prepare->bindParam(1, $_POST['descrizione']);
+    $prepare->bindParam(2, $_POST['quantita']);
+    $prepare->bindParam(3, $_POST['tipologia']);
+
+    try {
+        $prepare->execute();
+    } catch (PDOException $e) {
+        echo "Impossibile inserire il modello, controllare i dati";
+        die($e->getMessage());
+    }
+
+} catch (PDOException $e) {
+    die("Error: " . $e->getMessage());
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <link rel="stylesheet" href="../../includes/css/pico.min.css">
+</head>
+<body>
+    <main class="container">
+        <a href="../dashboard.php" class="button">Torna alla dashboard</a>
+        <h2>Operazione eseguita con successo</h2>
+    </main>
+</body>
+</html>

moro_detto_rocco_andrea_biciclette/admin/actions/deleteBike.php

@@ -0,0 +1,37 @@
+<?php
+require_once('../../includes/functions.php');
+checkSession();
+
+try {
+    $connection = getDbConnection();
+    $connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+    $prepare = $connection->prepare("DELETE FROM modello WHERE codice = ?;");
+    $prepare->bindParam(1, $_POST['codice']);
+
+    try {
+        $prepare->execute();
+    } catch (PDOException $e) {
+        echo "Impossibile inserire il modello, controllare i dati";
+        die($e->getMessage());
+    }
+
+} catch (PDOException $e) {
+    die("Error: " . $e->getMessage());
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <link rel="stylesheet" href="../../includes/css/pico.min.css">
+</head>
+<body>
+    <main class="container">
+        <a href="../dashboard.php" class="button">Torna alla dashboard</a>
+        <h2>Operazione eseguita con successo</h2>
+    </main>
+</body>
+</html>

moro_detto_rocco_andrea_biciclette/admin/actions/getQuantityTipologia.php

@@ -0,0 +1,47 @@
+<?php
+require_once('../../includes/functions.php');
+checkSession();
+
+try {
+    $connection = getDbConnection();
+    $connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+    $tipologia = $_GET["tipologia"];
+    $prepare = $connection->prepare("SELECT t.nome
+                                                FROM modello AS m
+                                                INNER JOIN biciclette.tipologia t on m.tipologia = t.codice
+                                                WHERE m.tipologia = ?
+                                                ORDER BY t.codice");
+
+    $prepare->bindParam(1, $tipologia);
+    $prepare->execute();
+
+    if ($prepare->rowCount() >= 1) {
+        $bici = $prepare->fetchAll();
+        $quantita = $prepare->rowCount();
+        $tipologia = $bici[0]['nome'];
+    } else {
+        echo "nessuna quantita";
+    }
+
+} catch (PDOException $e) {
+    die("Error: " . $e->getMessage());
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <link rel="stylesheet" href="../../includes/css/pico.min.css">
+</head>
+<body>
+    <main class="container">
+        <a href="../dashboard.php" class="button">Torna alla dashboard</a>
+
+        <h1>Quantita per tipologia: <?php echo $tipologia ?></h1>
+        <h1><?= $quantita ?></h1>
+    </main>
+</body>
+</html>

moro_detto_rocco_andrea_biciclette/admin/dashboard.php

@@ -0,0 +1,82 @@
+<?php
+require_once('../includes/functions.php');
+
+checkSession();
+
+error_reporting(E_ALL);
+ini_set('display_errors', 1);
+
+try {
+    $connection = getDbConnection();
+    $connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+} catch (PDOException $e) {
+    die("Error: " . $e->getMessage());
+}
+$marche = $connection->query("SELECT * FROM tipologia")->fetchAll(PDO::FETCH_ASSOC);
+$biciclette = $connection->query("SELECT * FROM modello")->fetchAll(PDO::FETCH_ASSOC);
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Dashboard</title>
+    <link rel="stylesheet" href="../includes/css/pico.min.css">
+</head>
+<body>
+    <main class="container">
+        <h1>Admin Dashboard</h1>
+        <a href="logout.php" class="button">Logout</a>
+
+        <!-- Tipologia Section -->
+        <h2>Tipologia</h2>
+        <form method="get" action="actions/getQuantityTipologia.php">
+            <label for="tipologia">Tipologia:</label>
+            <select name="tipologia" aria-label="Cerca per tipologia" required>
+                <option selected disabled value="">
+                    Cerca per Tipologia
+                </option>
+                <?php foreach ($marche as $rw) : ?>
+                    <option value=<?= $rw["codice"] ?>><?= $rw["nome"] ?></option>
+                <?php endforeach; ?>
+            </select>
+            <button type="submit">Cerca</button>
+        </form>
+
+        <!-- Add bici Section -->
+        <h2>Aggiungi Bicicletta</h2>
+        <form method="post" action="actions/addNewBike.php">
+            <label for="descrizione">Descrizione</label>
+            <input type="text" name="descrizione" id="descrizione" required>
+            <label for="quantita">Quantità</label>
+            <input type="text" name="quantita" id="quantita" required>
+            <label for="tipologia">Tipologia:</label>
+            <select name="tipologia" aria-label="Cerca per tipologia" required>
+                <option selected disabled value="">
+                    Cerca per Tipologia
+                </option>
+                <?php foreach ($marche as $rw) : ?>
+                    <option value=<?= $rw["codice"] ?>><?= $rw["nome"] ?></option>
+                <?php endforeach; ?>
+            </select>
+            <button type="submit">Aggiungi</button>
+        </form>
+
+        <!--Delete biciclette-->
+        <h2>Cancella biciclette</h2>
+        <form method="post" action="actions/deleteBike.php">
+            <label for="codice">Bici:</label>
+            <select name="codice" aria-label="Seleziona bici" required>
+                <option selected disabled value="">
+                    Seleziona Bicicletta
+                </option>
+                <?php foreach ($biciclette as $rw) : ?>
+                    <option value=<?= $rw["codice"] ?>><?= $rw["descrizione"] ?></option>
+                <?php endforeach; ?>
+            </select>
+            <button type="submit">Cancella</button>
+        </form>
+    </main>
+</body>
+</html>

moro_detto_rocco_andrea_biciclette/admin/login.php

@@ -0,0 +1,66 @@
+<?php
+require_once '../includes/functions.php';
+$error = $_SESSION["error"];
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    try {
+        $connection = getDbConnection();
+        $connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+        $username = $_POST['username'];
+        $password = $_POST['password'];
+
+        $stmt = $connection->prepare("SELECT * FROM utenti WHERE user = :username AND password = :password");
+        $stmt->bindParam(':username', $username);
+        $stmt->bindParam(':password', $password);
+        $stmt->execute();
+        $user = $stmt->fetch();
+
+        if ($user) {
+            if ($user['llivello'] == 0) {
+                $_SESSION['user_id'] = $user['idut'];
+                $_SESSION['username'] = $user['user'];
+                $_SESSION['livello'] = $user['livello'];
+                $_SESSION["login"] = true;
+
+                header('Location: dashboard.php');
+            } else {
+                $_SESSION["error"] = "Invalid username or password.";
+            }
+        } else {
+            $_SESSION["error"] = "Utente non trovato.";
+        }
+
+    } catch (PDOException $e) {
+        $error = "Error: " . $e->getMessage();
+    }
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <link rel="stylesheet" href="../includes/css/pico.min.css">
+</head>
+<body>
+    <main class="container">
+        <h1>Login</h1>
+        <?php if (!empty($_SESSION["error"])): ?>
+            <div class="alert alert-danger"><?php echo $_SESSION["error"]; ?></div>
+        <?php endif; ?>
+        <form method="post" action="">
+            <label for="username">Username:</label>
+            <input <?php if (!empty($_SESSION["error"])):
+                echo "aria-invalid=\"true\""; endif; ?> type="text" id="username" name="username" required>
+
+            <label for="password">Password:</label>
+            <input <?php if (!empty($_SESSION["error"])):
+                echo "aria-invalid=\"true\""; endif; ?> type="password" id="password" name="password" required>
+
+            <button type="submit">Login</button>
+        </form>
+    </main>
+</body>
+</html>

moro_detto_rocco_andrea_biciclette/admin/logout.php

@@ -0,0 +1,5 @@
+<?php
+session_start();
+session_destroy();
+header("location:login.php");
+