lukas.uptmoor/webgis-lohne
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

implemented anonymous user authentification with browser identification number from cookies

Browse Source
This commit is contained in:
patrickzerhusen
2026-04-25 12:48:24 +02:00
parent 601c13012c
commit 360eb3744a
4 changed files with 86 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
public/api/contributions.php
View File

@@ -126,6 +126,23 @@ function handle_read($input) {
'features' => $features
];
// Includes User's Votes for persistent Vote Display
// Returns which Contributions the current Browser has voted on
$browser_id = $input['browser_id'] ?? '';
if ($browser_id !== '') {
$stmt = $pdo->prepare("
SELECT contribution_id, vote_type
FROM votes
WHERE browser_id = :bid
");
$stmt->execute([':bid' => $browser_id]);
$user_votes = [];
foreach ($stmt->fetchAll() as $v) {
$user_votes[$v['contribution_id']] = $v['vote_type'];
}
$featureCollection['user_votes'] = $user_votes;
}
json_response($featureCollection);
}
@@ -162,10 +179,10 @@ function handle_create($input) {
try {
$stmt = $pdo->prepare("
INSERT INTO contributions
(municipality_id, geom, geom_type, category, title, description, author_name)
(municipality_id, geom, geom_type, category, title, description, author_name, browser_id)
VALUES
(:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type,
:category, :title, :description, :author_name)
:category, :title, :description, :author_name, :browser_id)
");
$stmt->execute([
@@ -175,7 +192,8 @@ function handle_create($input) {
':category' => $input['category'],
':title' => $input['title'],
':description' => $input['description'] ?? '',
':author_name' => $input['author_name']
':author_name' => $input['author_name'],
':browser_id' => $input['browser_id'] ?? null
]);
json_response([
@@ -320,11 +338,16 @@ function handle_vote($input) {
// Prepared SQL Statement
try {
// Checks if Voter already voted on this Contribution
$browser_id = $input['browser_id'] ?? '';
if (empty($browser_id)) {
error_response('Browser ID required for Voting.');
}
$stmt = $pdo->prepare("
SELECT vote_id, vote_type FROM votes
WHERE contribution_id = :cid AND voter_name = :voter
WHERE contribution_id = :cid AND browser_id = :bid
");
$stmt->execute([':cid' => $input['contribution_id'], ':voter' => $input['voter_name']]);
$stmt->execute([':cid' => $input['contribution_id'], ':bid' => $browser_id]);
$existing = $stmt->fetch();
if ($existing) {
@@ -339,27 +362,29 @@ function handle_vote($input) {
$stmt->execute([':vid' => $existing['vote_id']]);
$stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type)
VALUES (:cid, :voter, :vtype)
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype, :bid)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type']
':vtype' => $input['vote_type'],
':bid' => $browser_id
]);
json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200);
}
} else {
// No existing Vote — Inserts Vote
$stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type)
VALUES (:cid, :voter, :vtype)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type']
]);
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype, :bid)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type'],
':bid' => $browser_id
]);
json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201);
}