-
+
diff --git a/admin/dump.php b/admin/dump.php
index 47129dd..324519b 100644
--- a/admin/dump.php
+++ b/admin/dump.php
@@ -16,10 +16,13 @@
header("Location: login.php");
}
$strDistrict=$_SESSION['district'];
+ if (isset($_SESSION['superadmin'])) {
+ $boolSuperAdmin = $_SESSION['superadmin']==true;
+ } else {
+ $boolSuperAdmin=false;
+ }
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
-
- require("../config.db.php");
require ("../config.php");
// Set headers to make the browser download the results as a csv file
diff --git a/admin/export.php b/admin/export.php
index e67ae6c..36a00cb 100644
--- a/admin/export.php
+++ b/admin/export.php
@@ -15,9 +15,13 @@
if (!$boolLogin) {
header("Location: login.php");
}
+
+
+
$strDistrict=$_SESSION['district'];
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
+
require ("../config.php");
?>
diff --git a/admin/index.php b/admin/index.php
index af2f9c4..cfb3e9e 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -17,6 +17,14 @@
header("Location: login.php");
}
$strDistrict=$_SESSION['district'];
+
+
+ if (isset($_SESSION['superadmin'])) {
+ $boolSuperAdmin = $_SESSION['superadmin']==true;
+ } else {
+ $boolSuperAdmin=false;
+ }
+
include("../config.php");
$boolShowmap=false;
diff --git a/admin/login.php b/admin/login.php
index 56ef65a..81b8c16 100644
--- a/admin/login.php
+++ b/admin/login.php
@@ -25,12 +25,14 @@ $boolLogin=true;
if (isset($_POST['login']) && isset($_POST['password'])) {
$strUser = trim($_POST['login']);
$strPassword = trim($_POST['password']);
- $strSQL = "SELECT username,passwordhash FROM user WHERE username='$strUser'";
+ $strSQL = "SELECT username,passwordhash,district FROM user WHERE username='$strUser'";
$result = $db->query($strSQL);
if ($row=$result->fetch(PDO::FETCH_ASSOC)) {
- if (password_verify($strPassword,$row['passwordhash'])) {
+ $boolOk = $strDistrict==$row['district'] || $row['username']=="admin";
+ if (password_verify($strPassword,$row['passwordhash']) && $boolOk) {
$_SESSION['user']=$strUser;
$_SESSION['csrf_token'] = uniqid('', true);
+ $_SESSION['superadmin'] = $row['username']=="admin";
header ("Location: index.php");
} else {
$boolLogin=false;
diff --git a/admin/logout.php b/admin/logout.php
index e695f0e..95ae952 100644
--- a/admin/logout.php
+++ b/admin/logout.php
@@ -1,5 +1,11 @@
query($strSQL);
diff --git a/docker-compose.sample.yml b/docker-compose.sample.yml
index ba748c9..5aa6852 100644
--- a/docker-compose.sample.yml
+++ b/docker-compose.sample.yml
@@ -1,29 +1,29 @@
version: '3'
services:
- dev-unfallkarte:
+ dev-ideenmelder:
image: php81:v1
- container_name: dev-unfallkarte
+ container_name: dev-ideenmelder
volumes:
- ./:/var/www/html
labels:
- "traefik.enable=true"
- - "traefik.http.routers.dev-unfallkarte.entrypoints=https"
- - "traefik.http.routers.dev-unfallkarte.rule=Host(`unfallkarte.hpadm.de`)"
- - "traefik.http.routers.dev-unfallkarte.tls=true"
- - "traefik.http.routers.dev-unfallkarte.tls.certresolver=http"
- - "traefik.http.routers.dev-unfallkarte.middlewares=default@file"
- - "traefik.http.routers.dev-unfallkarte.service=dev-unfallkarte"
- - "traefik.http.services.dev-unfallkarte.loadbalancer.server.port=80"
+ - "traefik.http.routers.dev-ideenmelder.entrypoints=https"
+ - "traefik.http.routers.dev-ideenmelder.rule=Host(`nrw-ideenmelder.hpadm.de`)"
+ - "traefik.http.routers.dev-ideenmelder.tls=true"
+ - "traefik.http.routers.dev-ideenmelder.tls.certresolver=http"
+ - "traefik.http.routers.dev-ideenmelder.middlewares=default@file"
+ - "traefik.http.routers.dev-ideenmelder.service=dev-ideenmelder"
+ - "traefik.http.services.dev-ideenmelder.loadbalancer.server.port=80"
- "traefik.docker.network=proxy"
networks:
- default
- proxy
restart: always
- dev-unfallkarte-db:
+ dev-ideenmelder-db:
image: mariadb
- container_name: dev-unfallkarte-db
+ container_name: dev-ideenmelder-db
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=geheim #SQL root Passwort eingeben
diff --git a/index.php b/index.php
index f224eef..a96a018 100644
--- a/index.php
+++ b/index.php
@@ -1,6 +1,5 @@
@@ -79,9 +75,9 @@
* Datenbank anlegen
*
************************************************** */
-
+ $boolError=true;
echo "Datenbank anlegen: ";
-if (!$boolError && !file_exists("db/locations.db")) {
+if (!$boolError) {
require("admin/create_database.php");
echo "Datenbank angelegt";
} else {
@@ -108,7 +104,7 @@ require("config.php");