Wire up auroraalt mailer
This commit is contained in:
@@ -0,0 +1,93 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/functions.php';
|
||||
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
function currentUser(): ?array
|
||||
{
|
||||
if (empty($_SESSION['user_id'])) {
|
||||
return null;
|
||||
}
|
||||
static $user;
|
||||
if ($user) {
|
||||
return $user;
|
||||
}
|
||||
|
||||
$stmt = db()->prepare('SELECT * FROM users WHERE id = :id');
|
||||
$stmt->execute([':id' => $_SESSION['user_id']]);
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
|
||||
return $user;
|
||||
}
|
||||
|
||||
function login(string $email, string $password): bool
|
||||
{
|
||||
$stmt = db()->prepare('SELECT * FROM users WHERE email = :email');
|
||||
$stmt->execute([':email' => $email]);
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if (!$user || !password_verify($password, $user['password'])) {
|
||||
return false;
|
||||
}
|
||||
if ((int) $user['verified'] !== 1) {
|
||||
throw new RuntimeException('Bitte verifiziere zuerst deine E-Mail.');
|
||||
}
|
||||
$_SESSION['user_id'] = $user['id'];
|
||||
return true;
|
||||
}
|
||||
|
||||
function logout(): void
|
||||
{
|
||||
session_destroy();
|
||||
}
|
||||
|
||||
function register(array $data): array
|
||||
{
|
||||
$token = bin2hex(random_bytes(16));
|
||||
$stmt = db()->prepare('INSERT INTO users (name, email, password, role, city, verified, verification_token, created_at)
|
||||
VALUES (:name, :email, :password, :role, :city, 0, :token, :created)');
|
||||
$stmt->execute([
|
||||
':name' => $data['name'],
|
||||
':email' => $data['email'],
|
||||
':password' => password_hash($data['password'], PASSWORD_DEFAULT),
|
||||
':role' => $data['role'],
|
||||
':city' => $data['city'] ?? null,
|
||||
':token' => $token,
|
||||
':created' => (new DateTimeImmutable())->format('c'),
|
||||
]);
|
||||
|
||||
if ($data['role'] === 'band') {
|
||||
$band = db()->prepare('INSERT INTO bands (user_id, name, city, genre, price, description, status)
|
||||
VALUES (:user_id, :name, :city, :genre, :price, :description, :status)');
|
||||
$band->execute([
|
||||
':user_id' => (int) db()->lastInsertId(),
|
||||
':name' => $data['band_name'] ?? 'Neue Band',
|
||||
':city' => $data['city'] ?? '',
|
||||
':genre' => $data['genre'] ?? '',
|
||||
':price' => 0,
|
||||
':description' => 'Bitte Profil ergänzen.',
|
||||
':status' => 'prüfung',
|
||||
]);
|
||||
}
|
||||
|
||||
return ['token' => $token];
|
||||
}
|
||||
|
||||
function requireLogin(): void
|
||||
{
|
||||
if (!currentUser()) {
|
||||
header('Location: login.php');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function requireAdmin(): void
|
||||
{
|
||||
$user = currentUser();
|
||||
if (!$user || $user['role'] !== 'admin') {
|
||||
http_response_code(403);
|
||||
echo 'Keine Berechtigung';
|
||||
exit;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,10 @@
|
||||
<?php
|
||||
const SITE_NAME = 'GetYourBand';
|
||||
const DB_PATH = __DIR__ . '/../storage/database.sqlite';
|
||||
const SUPPORT_EMAIL = 'support@getyourband.ch';
|
||||
const BASE_URL = '';
|
||||
const COOKIE_NAME = 'gyb_consent';
|
||||
|
||||
if (!is_dir(__DIR__ . '/../storage')) {
|
||||
mkdir(__DIR__ . '/../storage', 0775, true);
|
||||
}
|
||||
@@ -0,0 +1,144 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/config.php';
|
||||
|
||||
function db(): PDO
|
||||
{
|
||||
static $pdo = null;
|
||||
if ($pdo instanceof PDO) {
|
||||
return $pdo;
|
||||
}
|
||||
|
||||
$dsn = 'sqlite:' . DB_PATH;
|
||||
$pdo = new PDO($dsn);
|
||||
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
initializeDatabase($pdo);
|
||||
|
||||
return $pdo;
|
||||
}
|
||||
|
||||
function initializeDatabase(PDO $pdo): void
|
||||
{
|
||||
$schema = file_get_contents(__DIR__ . '/../database.sql');
|
||||
$pdo->exec($schema);
|
||||
|
||||
seedData($pdo);
|
||||
}
|
||||
|
||||
function seedData(PDO $pdo): void
|
||||
{
|
||||
$count = (int) $pdo->query('SELECT COUNT(*) FROM users')->fetchColumn();
|
||||
if ($count > 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
$now = (new DateTimeImmutable())->format('c');
|
||||
$password = password_hash('secret123', PASSWORD_DEFAULT);
|
||||
|
||||
$stmt = $pdo->prepare('INSERT INTO users (name, email, password, role, verified, verification_token, created_at)
|
||||
VALUES (:name, :email, :password, :role, :verified, :token, :created)');
|
||||
|
||||
$stmt->execute([
|
||||
':name' => 'Admin',
|
||||
':email' => 'admin@getyourband.ch',
|
||||
':password' => $password,
|
||||
':role' => 'admin',
|
||||
':verified' => 1,
|
||||
':token' => null,
|
||||
':created' => $now,
|
||||
]);
|
||||
|
||||
$stmt->execute([
|
||||
':name' => 'Maya Keller',
|
||||
':email' => 'maya@getyourband.ch',
|
||||
':password' => $password,
|
||||
':role' => 'band',
|
||||
':verified' => 1,
|
||||
':token' => null,
|
||||
':created' => $now,
|
||||
]);
|
||||
|
||||
$stmt->execute([
|
||||
':name' => 'David Graf',
|
||||
':email' => 'david@example.com',
|
||||
':password' => $password,
|
||||
':role' => 'kunde',
|
||||
':verified' => 1,
|
||||
':token' => null,
|
||||
':created' => $now,
|
||||
]);
|
||||
|
||||
$bands = [
|
||||
[
|
||||
'user_id' => 2,
|
||||
'name' => 'Neon Groove Kollektiv',
|
||||
'city' => 'Zürich',
|
||||
'genre' => 'Funk / Soul',
|
||||
'price' => 4200,
|
||||
'description' => '7-köpfige Funk- und Soulband mit knalligem Brass-Sound und interaktiver Show.',
|
||||
'status' => 'aktiv',
|
||||
'style_tags' => 'Funk,Retro,Showband',
|
||||
'video_url' => 'https://www.youtube.com/embed/dQw4w9WgXcQ',
|
||||
],
|
||||
[
|
||||
'user_id' => null,
|
||||
'name' => 'Sonnenblitz Orchester',
|
||||
'city' => 'Bern',
|
||||
'genre' => 'Pop / Party',
|
||||
'price' => 3700,
|
||||
'description' => 'Party-Coverband mit LED-Lichtshow und zweistimmigem Gesang.',
|
||||
'status' => 'aktiv',
|
||||
'style_tags' => 'Pop,Party,LED',
|
||||
'video_url' => 'https://www.youtube.com/embed/5NV6Rdv1a3I',
|
||||
],
|
||||
];
|
||||
|
||||
$bandStmt = $pdo->prepare('INSERT INTO bands (user_id, name, city, genre, price, description, status, style_tags, video_url)
|
||||
VALUES (:user_id, :name, :city, :genre, :price, :description, :status, :style_tags, :video_url)');
|
||||
|
||||
foreach ($bands as $band) {
|
||||
$bandStmt->execute([
|
||||
':user_id' => $band['user_id'],
|
||||
':name' => $band['name'],
|
||||
':city' => $band['city'],
|
||||
':genre' => $band['genre'],
|
||||
':price' => $band['price'],
|
||||
':description' => $band['description'],
|
||||
':status' => $band['status'],
|
||||
':style_tags' => $band['style_tags'],
|
||||
':video_url' => $band['video_url'],
|
||||
]);
|
||||
$bandId = (int) $pdo->lastInsertId();
|
||||
|
||||
$mediaStmt = $pdo->prepare('INSERT INTO band_media (band_id, type, url) VALUES (:band_id, :type, :url)');
|
||||
$mediaStmt->execute([':band_id' => $bandId, ':type' => 'image', ':url' => 'https://images.unsplash.com/photo-1507878866276-a947ef722fee']);
|
||||
$mediaStmt->execute([':band_id' => $bandId, ':type' => 'image', ':url' => 'https://images.unsplash.com/photo-1489515217757-5fd1be406fef']);
|
||||
|
||||
$availStmt = $pdo->prepare('INSERT INTO band_availability (band_id, event_date, status) VALUES (:band_id, :event_date, :status)');
|
||||
for ($i = 0; $i < 4; $i++) {
|
||||
$availStmt->execute([
|
||||
':band_id' => $bandId,
|
||||
':event_date' => (new DateTimeImmutable('+' . ($i + 1) * 7 . ' days'))->format('Y-m-d'),
|
||||
':status' => $i % 2 === 0 ? 'frei' : 'option',
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
$pdo->exec("INSERT INTO settings (key, value) VALUES ('paypal_enabled', '0'), ('service_fee', '8')");
|
||||
|
||||
$requestStmt = $pdo->prepare('INSERT INTO requests (band_id, user_id, event_date, location, budget, event_type, message, status, created_at)
|
||||
VALUES (:band_id, :user_id, :event_date, :location, :budget, :event_type, :message, :status, :created)');
|
||||
|
||||
$requestStmt->execute([
|
||||
':band_id' => 1,
|
||||
':user_id' => 3,
|
||||
':event_date' => (new DateTimeImmutable('+30 days'))->format('Y-m-d'),
|
||||
':location' => 'Basel',
|
||||
':budget' => 5000,
|
||||
':event_type' => 'Firmenfeier',
|
||||
':message' => 'Wir suchen einen funky Act für die Sommerparty.',
|
||||
':status' => 'bestätigt',
|
||||
':created' => $now,
|
||||
]);
|
||||
|
||||
$pdo->exec("INSERT INTO reviews (band_id, user_id, rating, comment, status, created_at) VALUES (1, 3, 5, 'Mega Stimmung und super Show!', 'freigegeben', datetime('now'))");
|
||||
}
|
||||
@@ -0,0 +1,25 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/../includes/config.php';
|
||||
require_once __DIR__ . '/../auroraalt.php';
|
||||
|
||||
function sendEmail(string $to, string $subject, string $message): void
|
||||
{
|
||||
$sent = auroraalt_mail($to, $subject, $message, [
|
||||
'from_email' => SUPPORT_EMAIL,
|
||||
'from_name' => SITE_NAME,
|
||||
]);
|
||||
|
||||
$logDir = __DIR__ . '/../storage/logs';
|
||||
if (!is_dir($logDir)) {
|
||||
mkdir($logDir, 0775, true);
|
||||
}
|
||||
$entry = sprintf(
|
||||
"%s\nTo: %s\nSubject: %s\nStatus: %s\n%s\n---\n",
|
||||
date('c'),
|
||||
$to,
|
||||
$subject,
|
||||
$sent ? 'SENT' : 'FAILED',
|
||||
$message
|
||||
);
|
||||
file_put_contents($logDir . '/mail.log', $entry, FILE_APPEND);
|
||||
}
|
||||
@@ -0,0 +1,159 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/database.php';
|
||||
|
||||
function allBands(array $filters = []): array
|
||||
{
|
||||
$pdo = db();
|
||||
$where = ['status = :status'];
|
||||
$params = [':status' => 'aktiv'];
|
||||
|
||||
if (!empty($filters['genre'])) {
|
||||
$where[] = 'genre LIKE :genre';
|
||||
$params[':genre'] = '%' . $filters['genre'] . '%';
|
||||
}
|
||||
|
||||
if (!empty($filters['city'])) {
|
||||
$where[] = 'city LIKE :city';
|
||||
$params[':city'] = '%' . $filters['city'] . '%';
|
||||
}
|
||||
|
||||
$sql = 'SELECT * FROM bands WHERE ' . implode(' AND ', $where) . ' ORDER BY name';
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute($params);
|
||||
|
||||
return $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
function findBand(int $id): ?array
|
||||
{
|
||||
$stmt = db()->prepare('SELECT * FROM bands WHERE id = :id');
|
||||
$stmt->execute([':id' => $id]);
|
||||
$band = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
return $band ?: null;
|
||||
}
|
||||
|
||||
function bandMedia(int $bandId): array
|
||||
{
|
||||
$stmt = db()->prepare('SELECT * FROM band_media WHERE band_id = :id');
|
||||
$stmt->execute([':id' => $bandId]);
|
||||
return $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
function bandAvailability(int $bandId): array
|
||||
{
|
||||
$stmt = db()->prepare('SELECT * FROM band_availability WHERE band_id = :id ORDER BY event_date');
|
||||
$stmt->execute([':id' => $bandId]);
|
||||
return $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
function bandReviews(int $bandId): array
|
||||
{
|
||||
$stmt = db()->prepare('SELECT r.*, u.name AS author
|
||||
FROM reviews r
|
||||
JOIN users u ON u.id = r.user_id
|
||||
WHERE r.band_id = :id AND r.status = "freigegeben"
|
||||
ORDER BY r.created_at DESC');
|
||||
$stmt->execute([':id' => $bandId]);
|
||||
return $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
function averageRating(int $bandId): ?float
|
||||
{
|
||||
$stmt = db()->prepare('SELECT AVG(rating) FROM reviews WHERE band_id = :id AND status = "freigegeben"');
|
||||
$stmt->execute([':id' => $bandId]);
|
||||
$value = $stmt->fetchColumn();
|
||||
return $value ? round((float) $value, 1) : null;
|
||||
}
|
||||
|
||||
function formatPrice(int $amount): string
|
||||
{
|
||||
return number_format($amount, 0, ',', '.') . ' CHF';
|
||||
}
|
||||
|
||||
function createRequest(array $data): void
|
||||
{
|
||||
$stmt = db()->prepare('INSERT INTO requests (band_id, user_id, event_date, location, budget, event_type, message, status, created_at)
|
||||
VALUES (:band_id, :user_id, :event_date, :location, :budget, :event_type, :message, :status, :created_at)');
|
||||
$stmt->execute([
|
||||
':band_id' => $data['band_id'],
|
||||
':user_id' => $data['user_id'],
|
||||
':event_date' => $data['event_date'],
|
||||
':location' => $data['location'],
|
||||
':budget' => $data['budget'],
|
||||
':event_type' => $data['event_type'],
|
||||
':message' => $data['message'],
|
||||
':status' => 'neu',
|
||||
':created_at' => (new DateTimeImmutable())->format('c'),
|
||||
]);
|
||||
}
|
||||
|
||||
function userRequests(int $userId): array
|
||||
{
|
||||
$stmt = db()->prepare('SELECT * FROM requests WHERE user_id = :id ORDER BY created_at DESC');
|
||||
$stmt->execute([':id' => $userId]);
|
||||
return $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
function storeReview(array $data): void
|
||||
{
|
||||
$stmt = db()->prepare('INSERT INTO reviews (band_id, user_id, rating, comment, status, created_at)
|
||||
VALUES (:band_id, :user_id, :rating, :comment, :status, :created_at)');
|
||||
$stmt->execute([
|
||||
':band_id' => $data['band_id'],
|
||||
':user_id' => $data['user_id'],
|
||||
':rating' => $data['rating'],
|
||||
':comment' => $data['comment'],
|
||||
':status' => 'wartend',
|
||||
':created_at' => (new DateTimeImmutable())->format('c'),
|
||||
]);
|
||||
}
|
||||
|
||||
function eligibleForReview(int $bandId, int $userId): bool
|
||||
{
|
||||
$stmt = db()->prepare('SELECT COUNT(*) FROM requests WHERE band_id = :band AND user_id = :user AND status = "bestätigt"');
|
||||
$stmt->execute([':band' => $bandId, ':user' => $userId]);
|
||||
return (int) $stmt->fetchColumn() > 0;
|
||||
}
|
||||
|
||||
function settings(): array
|
||||
{
|
||||
$stmt = db()->query('SELECT key, value FROM settings');
|
||||
$data = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
|
||||
return $data ?: ['paypal_enabled' => '0', 'service_fee' => '0'];
|
||||
}
|
||||
|
||||
function updateSetting(string $key, string $value): void
|
||||
{
|
||||
$stmt = db()->prepare('INSERT INTO settings (key, value) VALUES (:key, :value)
|
||||
ON CONFLICT(key) DO UPDATE SET value = excluded.value');
|
||||
$stmt->execute([':key' => $key, ':value' => $value]);
|
||||
}
|
||||
|
||||
function moderationItems(string $type): array
|
||||
{
|
||||
$pdo = db();
|
||||
if ($type === 'bands') {
|
||||
return $pdo->query('SELECT * FROM bands WHERE status != "aktiv"')->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
if ($type === 'reviews') {
|
||||
return $pdo->query('SELECT r.*, b.name AS band_name, u.name AS author
|
||||
FROM reviews r
|
||||
JOIN bands b ON b.id = r.band_id
|
||||
JOIN users u ON u.id = r.user_id
|
||||
WHERE r.status = "wartend"')->fetchAll(PDO::FETCH_ASSOC);
|
||||
}
|
||||
return [];
|
||||
}
|
||||
|
||||
function changeBandStatus(int $bandId, string $status): void
|
||||
{
|
||||
$stmt = db()->prepare('UPDATE bands SET status = :status WHERE id = :id');
|
||||
$stmt->execute([':status' => $status, ':id' => $bandId]);
|
||||
}
|
||||
|
||||
function changeReviewStatus(int $reviewId, string $status): void
|
||||
{
|
||||
$stmt = db()->prepare('UPDATE reviews SET status = :status WHERE id = :id');
|
||||
$stmt->execute([':status' => $status, ':id' => $reviewId]);
|
||||
}
|
||||
Reference in New Issue
Block a user