lukas.uptmoor/webgis-lohne
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lukas.uptmoor:366e3db5e3c9c917b5473f45402d1e07d003ca9d
Branches Tags
lukas.uptmoor:main lukas.uptmoor:dev/patrick lukas.uptmoor:dev/tasks-module lukas.uptmoor:dev/lukas
...
compare: lukas.uptmoor:d0bba3d3f88639d1520aac82a0276141d1192302
Branches Tags
lukas.uptmoor:dev/patrick lukas.uptmoor:main lukas.uptmoor:dev/tasks-module lukas.uptmoor:dev/lukas

26 Commits
366e3db5e3 ... d0bba3d3f8

Author SHA1 Message Date
luptmoor
d0bba3d3f8 EXTENSION.md updated and completed 2026-04-28 09:20:54 +02:00
patrickzerhusen
f23897018c colapsable fotos and comments section in contribution popup, comment count in popup and sidebar 2026-04-27 14:48:05 +02:00
patrickzerhusen
c39667e368 photos and comments functionality for contributions, moderation page functionality pending 2026-04-25 14:30:58 +02:00
patrickzerhusen
cb8994b493 unified CSS, consistent headers, standardized button colors 2026-04-25 13:37:05 +02:00
patrickzerhusen
62ba9b5345 fixed html structure for news sidebar 2026-04-25 13:10:47 +02:00
patrickzerhusen
360eb3744a implemented anonymous user authentification with browser identification number from cookies 2026-04-25 12:48:24 +02:00
patrickzerhusen
601c13012c updated env.example 2026-04-25 12:11:31 +02:00
patrickzerhusen
6200b061f2 added migration for anonymous user identification by browser ID 2026-04-24 17:47:00 +02:00
patrickzerhusen
fa984e7391 author can be edited and added in news moderation page 2026-04-24 17:41:59 +02:00
patrickzerhusen
125c255115 changed favicon to relative paths from database 2026-04-24 17:29:36 +02:00
patrickzerhusen
04e692a6dd minor changed to text fields 2026-04-24 17:28:12 +02:00
patrickzerhusen
25cf797294 added news CRUD functionality in moderation portal 2026-04-24 17:18:56 +02:00
patrickzerhusen
62ae9f18b0 added date and author to news in sidebar 2026-04-24 17:08:32 +02:00
patrickzerhusen
5cadc5c1b4 reverse geocoding for contributions 2026-04-24 17:00:55 +02:00
patrickzerhusen
9ca215c36d added migration for reverse geocoding 2026-04-24 16:55:49 +02:00
patrickzerhusen
04f96b7aba commented migration for news table 2026-04-24 16:50:27 +02:00
patrickzerhusen
ffe81cdf88 migration for news table in database, news now read from database 2026-04-24 16:33:03 +02:00
patrickzerhusen
c9040b2f4e reads municipality logo from database 2026-04-24 16:13:45 +02:00
patrickzerhusen
9c8e641557 added privacy and imprint pages to meet german DSGVO criteria 2026-04-24 16:09:53 +02:00
patrickzerhusen
076e82213d added privacy and imprint pages to meet german DSGVO criteria 2026-04-24 16:06:26 +02:00
patrickzerhusen
6a721fde7c fixed point layer opacity bug, changed point layer styling 2026-04-24 15:45:27 +02:00
patrickzerhusen
8179498333 bootstrap button colours 2026-04-24 15:38:18 +02:00
patrickzerhusen
ec4c9fa8a9 changed edit button colour to primary 2026-04-23 15:30:41 +02:00
patrickzerhusen
8d67c0c0b9 title and description above text fields for contribution edit 2026-04-23 15:27:33 +02:00
patrickzerhusen
ade9ca2128 styling and fond sweetalert font override 2026-04-23 15:13:49 +02:00
patrickzerhusen
2993a443a7 removed dublicate pdo call 2026-04-23 14:59:03 +02:00
18 changed files with 2143 additions and 1182 deletions
Expand all files Collapse all files

6
.env.example
View File

@@ -3,8 +3,6 @@ POSTGRES_HOSTNAME=postgres_host
POSTGRES_PORT=postgres_port POSTGRES_PORT=postgres_port
POSTGRES_DB=postgres_database POSTGRES_DB=postgres_database
POSTGRES_USER=postgres_user POSTGRES_USER=postgres_user
POSTGRES_PASSWORD=xxxx POSTGRES_PASSWORD=
ADMIN_PASSWORD=
ADMIN_PASSWORD=xxxxx
MUNICIPALITY_SLUG=lohne MUNICIPALITY_SLUG=lohne

5
.gitignore vendored
View File

@@ -1,4 +1,7 @@
.env .env
.vscode/ .vscode/
*.log *.log
scripts scripts
public/uploads/photos/*
!public/uploads/photos/.gitkeep

141
EXTENSION.md
View File

@@ -1,8 +1,47 @@
## Neue Ideenkarte anlegen # Neue Ideenkarte anlegen
1. DNS record ```<name>``` A 195.59.32.237 600s
2. Nginx Weiterleitung in ```default.conf```:
## Übersicht
| Variable | Bedeutung |
|---|---|
| `<name>` | Name der Kommune (z.B. `lohne`) |
| `<ID>` | Eindeutige Port-ID für die Datenbank (z.B. `4` → Port `5434`) |
| `<branch-name>` | Git-Branch des Frontend-Repos |
---
## Schritt 1 — DNS Record anlegen
Im DNS-Panel einen neuen A-Record anlegen:
| Feld | Wert |
|---|---|
| Name | `<name>` |
| Typ | `A` |
| Ziel | `195.59.32.237` |
| TTL | `600s` |
> ⚠️ DNS muss vollständig propagiert sein, bevor Certbot in Schritt 3 ausgeführt wird.
Propagation prüfen:
```bash
dig <name>.endex-geodaten.de
``` ```
---
## Schritt 2 — Nginx `default.conf` anpassen
### 2a — Subdomain in den Port-80-Block eintragen
```nginx
server_name endex-geodaten.de www.endex-geodaten.de git.endex-geodaten.de lohne.endex-geodaten.de <name>.endex-geodaten.de localhost;
```
### 2b — Neuen HTTPS-Server-Block hinzufügen
```nginx
# WEBGIS <NAME>
server { server {
listen 443 ssl; listen 443 ssl;
server_name <name>.endex-geodaten.de; server_name <name>.endex-geodaten.de;
@@ -18,7 +57,7 @@ server {
} }
location ~ \.php$ { location ~ \.php$ {
fastcgi_pass webgis-<name>-php:9000; fastcgi_pass webgis-<name>-php:9000;
fastcgi_index index.php; fastcgi_index index.php;
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
@@ -26,8 +65,34 @@ server {
} }
``` ```
3. Docker container für UI ---
## Schritt 3 — SSL-Zertifikat erneuern
Da kein Wildcard-Zertifikat verwendet wird, muss das Cert neu ausgestellt werden:
```bash
docker compose run --rm certbot certonly --webroot \
--webroot-path=/var/www/certbot \
-d endex-geodaten.de \
-d www.endex-geodaten.de \
-d git.endex-geodaten.de \
-d lohne.endex-geodaten.de \
-d <name>.endex-geodaten.de
``` ```
Nginx neu laden:
```bash
docker compose exec nginx nginx -s reload
```
---
## Schritt 4 — Docker Container in `docker-compose.yml` anlegen
### PHP/UI Container
```yaml
webgis-<name>-php: webgis-<name>-php:
build: php-docker/ build: php-docker/
container_name: webgis-<name>-php container_name: webgis-<name>-php
@@ -38,41 +103,81 @@ server {
- webgis-<name>-nw - webgis-<name>-nw
``` ```
und Datenbank anlegen. ### Datenbank Container
``` ```yaml
webgis-<name>db: webgis-<name>-db:
image: postgis/postgis:15-3.3 image: postgis/postgis:15-3.3
container_name: webgis-<name>-db container_name: webgis-<name>-db
restart: always restart: always
ports: ports:
- "127.0.0.1:543<ID>:5432" # inside the container always 5432 - "127.0.0.1:543<ID>:5432" # inside the container always 5432
environment: environment:
- POSTGRES_USER=${WEBGIS_DB_USER} # maybe go back to default username - POSTGRES_USER=${WEBGIS_<NAME>_DB_USER}
- POSTGRES_PASSWORD=${WEBGIS_DB_PW} # must be secure and unique - POSTGRES_PASSWORD=${WEBGIS_<NAME>_DB_PW}
- POSTGRES_DB=${WEBGIS_DB_NAME} #same as container name - POSTGRES_DB=${WEBGIS_<NAME>_DB_NAME}
volumes: volumes:
- ./webgis-<name>-data:/var/lib/postgresql/data - ./webgis-<name>-data:/var/lib/postgresql/data
networks: networks:
- webgis-<name>-nw - webgis-<name>-nw
``` ```
4. nginx Volume für neue Stadt in ```docker-compose.yml``` anlegen ### Netzwerk ergänzen
```
./webgis-<name>:/var/www/webgis-<name> Unter dem `networks:` Block am Ende der `docker-compose.yml`:
```yaml
networks:
webgis-<name>-nw:
driver: bridge
``` ```
---
5. Frontend source code nach ```webgis-<name>``` klonen ## Schritt 5 — Nginx Volume ergänzen
Beim nginx-Service in `docker-compose.yml` das neue Volume eintragen:
```yaml
volumes:
- ./webgis-<name>:/var/www/webgis-<name>
``` ```
---
## Schritt 6 — Frontend Source Code klonen
```bash
git submodule add -b <branch-name> https://git.endex-geodaten.de/lukas.uptmoor/webgis-<name>.git git submodule add -b <branch-name> https://git.endex-geodaten.de/lukas.uptmoor/webgis-<name>.git
``` ```
Jede Kommune sollte ein eigenes Repo kriegen, da Features am Anfang variieren. > Jede Kommune erhält ein eigenes Repo, da Features initial variieren können.
---
6. Mit der Datenbank verbinden über SSH-Tunnel ## Schritt 7 — Container starten
```bash
docker compose up -d webgis-<name>-php webgis-<name>-db
``` ```
Logs prüfen:
```bash
docker compose logs -f webgis-<name>-php
docker compose logs -f webgis-<name>-db
```
---
## Schritt 8 — Datenbank vorbereiten
SSH-Tunnel öffnen:
```bash
ssh -L 5433:localhost:543<ID> root@endex-geodaten.de ssh -L 5433:localhost:543<ID> root@endex-geodaten.de
``` ```
und Datenbank für Anwendung vorbereiten.
Strukturen laden:
```bash
docker exec -it webgis-<name>-db psql -U $POSTGRES_USER -d $POSTGRES_DB < migrations/001_initial_schema.sql
```

44
migrations/003_news_table.sql Normal file
View File

@@ -0,0 +1,44 @@
-- =====================================================================
-- Migration 004: Creates News Table for Municipality Announcements
-- =====================================================================
-- ---------------------------------------------------------------------
-- Block 1: Creates Table "news"
-- ---------------------------------------------------------------------
CREATE TABLE IF NOT EXISTS news (
news_id SERIAL PRIMARY KEY,
municipality_id INTEGER NOT NULL REFERENCES municipalities(municipality_id) ON DELETE CASCADE,
title VARCHAR(255) NOT NULL,
content TEXT NOT NULL,
author_name VARCHAR(100) NOT NULL DEFAULT 'Stadtverwaltung',
published_at TIMESTAMP NOT NULL DEFAULT NOW(),
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- ---------------------------------------------------------------------
-- Block 2: Trigger Functions
-- ---------------------------------------------------------------------
-- Automatically Refresh updated_at on every UPDATE.
CREATE TRIGGER set_news_updated_at
BEFORE UPDATE ON news
FOR EACH ROW
EXECUTE FUNCTION set_updated_at();
-- ---------------------------------------------------------------------
-- Block 3 Indexes for fast Queries
-- ---------------------------------------------------------------------
CREATE INDEX idx_news_municipality ON news(municipality_id);
-- ---------------------------------------------------------------------
-- Block 4: Seed Data — Initial News Article
-- ---------------------------------------------------------------------
INSERT INTO news (municipality_id, title, content)
SELECT municipality_id, 'Mitmachkarte gestartet',
'Die Mitmachkarte als Bürgerbeteiligungsportal der Stadt Lohne (Oldenburg) wird nun freigeschaltet. Wir freuen uns auf Ihre Hinweise und Vorschläge!'
FROM municipalities WHERE slug = 'lohne';

8
migrations/004_reverse_geocoding.sql Normal file
View File

@@ -0,0 +1,8 @@
-- =====================================================================
-- Migration 004: Adds Address Column for Reverse Geocoding
-- =====================================================================
ALTER TABLE contributions
ADD COLUMN address VARCHAR(255) DEFAULT NULL;
COMMENT ON COLUMN contributions.address IS 'Reverse geocoded Address, stored automatically on Creation.';

27
migrations/005_browser_id.sql Normal file
View File

@@ -0,0 +1,27 @@
-- =====================================================================
-- Migration 005: Adds Browser ID for anonymous User Identification
-- =====================================================================
-- Adds browser_id Column to Contributions
ALTER TABLE contributions
ADD COLUMN browser_id VARCHAR(36) DEFAULT NULL;
-- Adds browser_id Column to Votes
-- Replaces voter_name for Identification
ALTER TABLE votes
ADD COLUMN browser_id VARCHAR(36) DEFAULT NULL;
-- Index for fast Vote Lookup by Browser
CREATE INDEX idx_votes_browser ON votes(browser_id);
-- New UNIQUE Constraint: One Vote per Browser per Contribution
-- Drops old Constraint voter_name based
ALTER TABLE votes
DROP CONSTRAINT IF EXISTS votes_unique_per_voter;
-- Creates new Constraint browser_id based
ALTER TABLE votes
ADD CONSTRAINT votes_contribution_browser_unique
UNIQUE (contribution_id, browser_id);

35
migrations/006_comments_and_photos.sql Normal file
View File

@@ -0,0 +1,35 @@
-- =====================================================================
-- Migration 006: Comments Table and Photo Support
-- =====================================================================
-- ---------------------------------------------------------------------
-- Block 1: Creates Table "comments"
-- Stores Comments on Contributions. Comments is linked to
-- Contributions and identified by browser_id.
-- ---------------------------------------------------------------------
CREATE TABLE IF NOT EXISTS comments (
comment_id SERIAL PRIMARY KEY,
contribution_id INTEGER NOT NULL REFERENCES contributions(contribution_id) ON DELETE CASCADE,
author_name VARCHAR(100) NOT NULL,
browser_id VARCHAR(36) DEFAULT NULL,
content TEXT NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- ---------------------------------------------------------------------
-- Block 2: Indexes for fast Comment Queries
-- ---------------------------------------------------------------------
CREATE INDEX idx_comments_contribution ON comments(contribution_id);
CREATE INDEX idx_comments_browser ON comments(browser_id);
-- ---------------------------------------------------------------------
-- Block 3: Adds Photo Path Column to Contributions
-- Stores relative Path to uploaded Photo File.
-- ---------------------------------------------------------------------
ALTER TABLE contributions
ADD COLUMN photo_path VARCHAR(255) DEFAULT NULL;
COMMENT ON COLUMN contributions.photo_path IS 'Relative Path to uploaded Photo. NULL = no Photo.';

529
public/admin.css
View File

@@ -1,529 +0,0 @@
/* =====================================================================
Moderation Page — Styles
Separate Stylesheet for the Admin Moderation Interface.
===================================================================== */
/* -----------------------------------------------------------------
Base
----------------------------------------------------------------- */
* { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: 'Segoe UI', system-ui, sans-serif;
background: #f4f5f7;
color: #1a1a2e;
font-size: 15px;
}
/* -----------------------------------------------------------------
Header
----------------------------------------------------------------- */
.admin-header {
background: var(--color-primary);
color: white;
padding: 14px 24px;
display: flex;
justify-content: space-between;
align-items: center;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
}
.admin-header h1 {
font-size: 1.15rem;
font-weight: 600;
}
.admin-nav {
display: flex;
gap: 16px;
align-items: center;
}
.admin-nav a {
color: white;
text-decoration: none;
opacity: 0.8;
font-size: 0.85rem;
transition: opacity 150ms ease;
}
.admin-nav a:hover { opacity: 1; }
/* -----------------------------------------------------------------
Container
----------------------------------------------------------------- */
.admin-container {
max-width: 960px;
margin: 24px auto;
padding: 0 16px;
}
/* -----------------------------------------------------------------
Statistics Cards
----------------------------------------------------------------- */
.stats-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
gap: 12px;
margin-bottom: 28px;
}
.stat-card {
background: white;
border-radius: 8px;
padding: 16px;
text-align: center;
border: 1px solid #e0e0e0;
}
.stat-card .stat-number {
font-size: 1.8rem;
font-weight: 700;
color: var(--color-primary);
}
.stat-card .stat-label {
font-size: 0.8rem;
color: #5a5a7a;
margin-top: 4px;
}
/* -----------------------------------------------------------------
Filter Tabs
----------------------------------------------------------------- */
.filter-tabs {
display: flex;
gap: 4px;
margin-bottom: 20px;
border-bottom: 2px solid #e0e0e0;
padding-bottom: 0;
}
.filter-tab {
padding: 8px 16px;
border: none;
background: none;
font-family: inherit;
font-size: 0.85rem;
font-weight: 600;
color: #5a5a7a;
cursor: pointer;
border-bottom: 2px solid transparent;
margin-bottom: -2px;
transition: color 150ms ease, border-color 150ms ease;
}
.filter-tab:hover {
color: var(--color-primary);
}
.filter-tab.active {
color: var(--color-primary);
border-bottom-color: var(--color-primary);
}
.filter-tab .tab-count {
background: #e0e0e0;
color: #5a5a7a;
font-size: 0.7rem;
padding: 1px 6px;
border-radius: 10px;
margin-left: 4px;
}
.filter-tab.active .tab-count {
background: var(--color-primary);
color: white;
}
/* -----------------------------------------------------------------
Sort Controls
----------------------------------------------------------------- */
.sort-controls {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 16px;
font-size: 0.85rem;
color: #5a5a7a;
}
.sort-controls select {
padding: 4px 8px;
border: 1px solid #e0e0e0;
border-radius: 4px;
font-family: inherit;
font-size: 0.85rem;
cursor: pointer;
}
/* -----------------------------------------------------------------
Collapsible Contribution Rows
----------------------------------------------------------------- */
.contribution-row {
background: white;
border: 1px solid #e0e0e0;
border-radius: 8px;
margin-bottom: 10px;
overflow: hidden;
transition: border-color 150ms ease;
}
.contribution-row:hover {
border-color: #bbb;
}
.contribution-row-header {
padding: 12px 16px;
display: flex;
justify-content: space-between;
align-items: center;
cursor: pointer;
transition: background 150ms ease;
}
.contribution-row-header:hover {
background: #f8f9fa;
}
.contribution-row-summary {
display: flex;
align-items: center;
gap: 10px;
flex: 1;
min-width: 0;
}
.contribution-row-summary .title {
font-weight: 600;
font-size: 0.95rem;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.collapse-icon {
color: #999;
font-size: 0.75rem;
flex-shrink: 0;
transition: transform 200ms ease;
}
.contribution-row.open .collapse-icon {
transform: rotate(180deg);
}
/* -----------------------------------------------------------------
Contribution Detail View (expanded)
----------------------------------------------------------------- */
.contribution-row-detail {
padding: 0 16px 16px 16px;
border-top: 1px solid #f0f0f0;
display: none;
}
.contribution-row.open .contribution-row-detail {
display: block;
}
.detail-layout {
display: flex;
gap: 16px;
margin-top: 12px;
margin-bottom: 12px;
}
.detail-map {
width: 220px;
height: 170px;
border-radius: 6px;
border: 1px solid #e0e0e0;
flex-shrink: 0;
background: #f0f0f0;
}
.detail-content {
flex: 1;
min-width: 0;
}
.detail-content .description {
font-size: 0.85rem;
line-height: 1.5;
color: #5a5a7a;
margin-bottom: 10px;
}
.detail-content .description.empty {
color: #bbb;
font-style: italic;
}
.detail-meta {
font-size: 0.8rem;
color: #999;
display: flex;
flex-direction: column;
gap: 4px;
}
.detail-meta span {
display: flex;
align-items: center;
gap: 6px;
}
/* -----------------------------------------------------------------
Action Buttons
----------------------------------------------------------------- */
.action-buttons {
display: flex;
gap: 8px;
flex-wrap: wrap;
padding-top: 12px;
border-top: 1px solid #f0f0f0;
}
.btn {
padding: 7px 14px;
border: none;
border-radius: 6px;
font-size: 0.82rem;
font-weight: 600;
cursor: pointer;
display: inline-flex;
align-items: center;
gap: 5px;
font-family: inherit;
transition: filter 150ms ease;
text-decoration: none;
}
.btn:hover { filter: brightness(1.1); }
.btn-approve { background: #2e7d32; color: white; }
.btn-reject { background: #c62828; color: white; }
.btn-edit { background: #1565C0; color: white; }
.btn-delete { background: #424242; color: white; }
.btn-map { background: #546E7A; color: white; }
/* -----------------------------------------------------------------
Badges
----------------------------------------------------------------- */
.badge {
display: inline-block;
padding: 2px 8px;
border-radius: 4px;
font-size: 0.7rem;
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.5px;
flex-shrink: 0;
}
.badge-pending { background: #fff3cd; color: #856404; }
.badge-approved { background: #d4edda; color: #155724; }
.badge-rejected { background: #f8d7da; color: #721c24; }
/* -----------------------------------------------------------------
Empty State
----------------------------------------------------------------- */
.empty-state {
text-align: center;
padding: 40px;
color: #999;
font-size: 0.9rem;
}
/* -----------------------------------------------------------------
Section Spacing
----------------------------------------------------------------- */
.section { margin-bottom: 32px; }
/* -----------------------------------------------------------------
Placeholder Tabs (future Features)
----------------------------------------------------------------- */
.placeholder-content {
text-align: center;
padding: 60px 20px;
color: #bbb;
}
.placeholder-content i {
font-size: 2.5rem;
margin-bottom: 12px;
display: block;
}
.placeholder-content p {
font-size: 0.9rem;
}
/* -----------------------------------------------------------------
Navigation Tabs (Page Sections)
----------------------------------------------------------------- */
.page-tabs {
display: flex;
gap: 4px;
margin-bottom: 24px;
background: white;
padding: 4px;
border-radius: 8px;
border: 1px solid #e0e0e0;
}
.page-tab {
padding: 8px 16px;
border: none;
background: none;
font-family: inherit;
font-size: 0.85rem;
font-weight: 600;
color: #5a5a7a;
cursor: pointer;
border-radius: 6px;
transition: all 150ms ease;
display: flex;
align-items: center;
gap: 6px;
}
.page-tab:hover { background: #f0f0f0; }
.page-tab.active {
background: var(--color-primary);
color: white;
}
/* -----------------------------------------------------------------
Login Page
----------------------------------------------------------------- */
.login-wrapper {
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.login-box {
background: white;
border-radius: 12px;
padding: 32px;
max-width: 380px;
width: 90%;
box-shadow: 0 4px 20px rgba(0, 0, 0, 0.1);
text-align: center;
}
.login-box h1 {
font-size: 1.3rem;
margin-bottom: 8px;
}
.login-box p {
font-size: 0.85rem;
color: #5a5a7a;
margin-bottom: 20px;
}
.login-box input[type="password"] {
width: 100%;
padding: 10px 12px;
border: 1px solid #e0e0e0;
border-radius: 6px;
font-size: 0.9rem;
margin-bottom: 12px;
font-family: inherit;
}
.login-box input:focus {
outline: none;
border-color: var(--color-primary);
box-shadow: 0 0 0 3px rgba(0, 55, 109, 0.1);
}
.login-box button {
width: 100%;
padding: 10px;
background: var(--color-primary);
color: white;
border: none;
border-radius: 6px;
font-size: 0.9rem;
font-weight: 600;
cursor: pointer;
font-family: inherit;
}
.login-box button:hover { filter: brightness(1.15); }
.login-error {
color: #c62828;
font-size: 0.85rem;
margin-bottom: 12px;
}
.back-link {
margin-top: 16px;
font-size: 0.8rem;
}
.back-link a { color: #5a5a7a; }
/* -----------------------------------------------------------------
Mobile Responsive
----------------------------------------------------------------- */
@media (max-width: 768px) {
.admin-header {
flex-direction: column;
gap: 8px;
padding: 12px 16px;
}
.admin-header h1 { font-size: 1rem; }
.detail-layout {
flex-direction: column;
}
.detail-map {
width: 100%;
height: 180px;
}
.contribution-row-summary .title {
max-width: 200px;
}
.action-buttons {
flex-direction: column;
}
.action-buttons .btn {
justify-content: center;
}
.filter-tabs {
overflow-x: auto;
}
.page-tabs {
overflow-x: auto;
}
}

257
public/admin.php
View File

@@ -57,6 +57,16 @@ $stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]); $stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch(); $municipality = $stmt->fetch();
// Loads News for Moderation
$stmt = $pdo->prepare("
SELECT news_id, title, content, author_name, published_at, created_at
FROM news
WHERE municipality_id = :mid
ORDER BY published_at DESC
");
$stmt->execute([':mid' => $municipality['municipality_id']]);
$news_items = $stmt->fetchAll();
// Shows Login Page if not authenticated // Shows Login Page if not authenticated
if ($page === 'login' || !is_admin()) { if ($page === 'login' || !is_admin()) {
show_login_page($municipality, $login_error ?? null); show_login_page($municipality, $login_error ?? null);
@@ -102,8 +112,7 @@ $counts['total'] = count($all_contributions);
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Moderation — <?= htmlspecialchars($municipality['name']) ?></title> <title>Moderation — <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="assets/icon-municipality.png" type="image/png"> <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
<!-- Loads CSS Dependencies --> <!-- Loads CSS Dependencies -->
@@ -114,7 +123,7 @@ $counts['total'] = count($all_contributions);
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.9.4/leaflet.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.9.4/leaflet.min.css">
<!-- Application Styles --> <!-- Application Styles -->
<link rel="stylesheet" href="admin.css"> <link rel="stylesheet" href="styles.css">
<!-- Loads JavaScript Dependencies --> <!-- Loads JavaScript Dependencies -->
@@ -131,15 +140,17 @@ $counts['total'] = count($all_contributions);
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Header --> <!-- Header -->
<!-- ============================================================= --> <!-- ============================================================= -->
<div class="admin-header"> <div class="page-header">
<h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal <?= htmlspecialchars($municipality['name']) ?></h1> <div class="page-header-inner">
<div class="admin-nav"> <h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal <?= htmlspecialchars($municipality['name']) ?></h1>
<a href="index.php"><i class="fa-solid fa-map"></i> Bürgerportal</a> <div class="page-header-nav">
<a href="admin.php?page=logout"><i class="fa-solid fa-right-from-bracket"></i> Abmelden</a> <a href="index.php"><i class="fa-solid fa-map"></i> Bürgerportal</a>
<a href="admin.php?page=logout"><i class="fa-solid fa-right-from-bracket"></i> Abmelden</a>
</div>
</div> </div>
</div> </div>
<div class="admin-container"> <div class="page-container">
<!-- ========================================================= --> <!-- ========================================================= -->
<!-- Page Navigation Tabs --> <!-- Page Navigation Tabs -->
@@ -234,6 +245,10 @@ $counts['total'] = count($all_contributions);
<div class="contribution-row-header" onclick="toggleRow(this.parentElement)"> <div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
<div class="contribution-row-summary"> <div class="contribution-row-summary">
<span class="title"><?= htmlspecialchars($item['title']) ?></span> <span class="title"><?= htmlspecialchars($item['title']) ?></span>
<span class="badge badge-category">
<i class="fa-solid <?= $cat['faIcon'] ?>"></i>
<?= $cat['label'] ?>
</span>
<span class="badge badge-<?= $item['status'] ?>"><?= $status_label[$item['status']] ?? $item['status'] ?></span> <span class="badge badge-<?= $item['status'] ?>"><?= $status_label[$item['status']] ?? $item['status'] ?></span>
</div> </div>
<i class="fa-solid fa-chevron-down collapse-icon"></i> <i class="fa-solid fa-chevron-down collapse-icon"></i>
@@ -256,10 +271,6 @@ $counts['total'] = count($all_contributions);
<?php endif; ?> <?php endif; ?>
<div class="detail-meta"> <div class="detail-meta">
<span>
<i class="fa-solid <?= $cat['faIcon'] ?>" style="color:<?= $cat['color'] ?>;"></i>
<?= $cat['label'] ?>
</span>
<span><i class="fa-solid fa-user"></i> <?= htmlspecialchars($item['author_name']) ?></span> <span><i class="fa-solid fa-user"></i> <?= htmlspecialchars($item['author_name']) ?></span>
<span><i class="fa-solid fa-calendar"></i> <?= date('d.m.Y, H:i', strtotime($item['created_at'])) ?> Uhr</span> <span><i class="fa-solid fa-calendar"></i> <?= date('d.m.Y, H:i', strtotime($item['created_at'])) ?> Uhr</span>
<span> <span>
@@ -286,7 +297,7 @@ $counts['total'] = count($all_contributions);
<?php endif; ?> <?php endif; ?>
<?php if ($item['status'] !== 'pending'): ?> <?php if ($item['status'] !== 'pending'): ?>
<button class="btn btn-edit" onclick="changeStatus(<?= $item['contribution_id'] ?>, 'pending')" style="background:#f57f17;"> <button class="btn btn-reset" onclick="changeStatus(..., 'pending')">
<i class="fa-solid fa-rotate-left"></i> Zurücksetzen <i class="fa-solid fa-rotate-left"></i> Zurücksetzen
</button> </button>
<?php endif; ?> <?php endif; ?>
@@ -312,15 +323,56 @@ $counts['total'] = count($all_contributions);
<!-- ========================================================= --> <!-- ========================================================= -->
<!-- Placeholder Tabs for future Features --> <!-- News Article Tab -->
<!-- ========================================================= --> <!-- ========================================================= -->
<div id="tab-news" class="page-tab-content" style="display:none;"> <div id="tab-news" class="page-tab-content" style="display:none;">
<div class="placeholder-content"> <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:20px;">
<i class="fa-solid fa-newspaper"></i> <h2 style="margin:0;border:none;padding:0;"><i class="fa-solid fa-newspaper"></i> Neuigkeiten</h2>
<p>Neuigkeiten verwalten - geplant in zukünftiger Version.</p> <button class="btn btn-approve" onclick="createNews()">
<i class="fa-solid fa-plus"></i> Nachricht hinzufügen
</button>
</div> </div>
<?php if (empty($news_items)): ?>
<div class="empty-state">
<i class="fa-solid fa-newspaper" style="font-size:2rem;margin-bottom:8px;display:block;"></i>
Noch keine Neuigkeiten veröffentlicht.
</div>
<?php else: ?>
<?php foreach ($news_items as $news): ?>
<div class="contribution-row" data-id="<?= $news['news_id'] ?>">
<div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
<div class="contribution-row-summary">
<span class="title"><?= htmlspecialchars($news['title']) ?></span>
<span style="font-size:0.8rem;color:#999;">
<?= date('d.m.Y', strtotime($news['published_at'])) ?>
· <?= htmlspecialchars($news['author_name']) ?>
</span>
</div>
<i class="fa-solid fa-chevron-down collapse-icon"></i>
</div>
<div class="contribution-row-detail">
<div style="padding:12px 0;font-size:0.9rem;line-height:1.6;color:#5a5a7a;">
<?= nl2br(htmlspecialchars($news['content'])) ?>
</div>
<div class="action-buttons">
<button class="btn btn-edit" onclick="editNews(<?= $news['news_id'] ?>, '<?= htmlspecialchars(addslashes($news['title']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['content']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['author_name']), ENT_QUOTES) ?>')">
<i class="fa-solid fa-pen"></i> Bearbeiten
</button>
<button class="btn btn-delete" onclick="deleteNews(<?= $news['news_id'] ?>)">
<i class="fa-solid fa-trash"></i> Löschen
</button>
</div>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div> </div>
<!-- ========================================================= -->
<!-- Placeholder Tabs for future Features -->
<!-- ========================================================= -->
<div id="tab-stats" class="page-tab-content" style="display:none;"> <div id="tab-stats" class="page-tab-content" style="display:none;">
<div class="placeholder-content"> <div class="placeholder-content">
<i class="fa-solid fa-chart-bar"></i> <i class="fa-solid fa-chart-bar"></i>
@@ -577,10 +629,14 @@ $counts['total'] = count($all_contributions);
title: 'Beitrag bearbeiten', title: 'Beitrag bearbeiten',
html: html:
'<div style="text-align:left;">' + '<div style="text-align:left;">' +
'<label style="font-weight:600;font-size:0.85rem;">Titel</label>' + '<div style="margin-bottom:12px;">' +
'<input id="swal-title" class="swal2-input" value="' + currentTitle + '">' + '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
'<label style="font-weight:600;font-size:0.85rem;">Beschreibung</label>' + '<input id="swal-title" class="swal2-input" style="margin:0;width:100%;" value="' + currentTitle + '">' +
'<textarea id="swal-description" class="swal2-textarea">' + currentDescription + '</textarea>' + '</div>' +
'<div>' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Beschreibung</label>' +
'<textarea id="swal-description" class="swal2-textarea" style="margin:0;width:100%;">' + currentDescription + '</textarea>' +
'</div>' +
'</div>', '</div>',
showCancelButton: true, showCancelButton: true,
confirmButtonText: 'Speichern', confirmButtonText: 'Speichern',
@@ -641,6 +697,156 @@ $counts['total'] = count($all_contributions);
}); });
}); });
} }
// =============================================================
// Create News Article
// =============================================================
function createNews() {
Swal.fire({
title: 'Neuigkeit hinzufügen',
html:
'<div style="text-align:left;">' +
'<div style="margin-bottom:12px;">' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
'<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" placeholder="Titel der Neuigkeit">' +
'</div>' +
'<div style="margin-bottom:12px;">' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
'<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;" placeholder="Neuigkeit verfassen..."></textarea>' +
'</div>' +
'<div>' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Autor</label>' +
'<input id="swal-news-author" class="swal2-input" style="margin:0;width:100%;" value="Stadtverwaltung">' +
'</div>' +
'</div>',
showCancelButton: true,
confirmButtonText: 'Veröffentlichen',
cancelButtonText: 'Abbrechen',
confirmButtonColor: PRIMARY_COLOR,
preConfirm: function () {
const title = document.getElementById('swal-news-title').value.trim();
const content = document.getElementById('swal-news-content').value.trim();
const author = document.getElementById('swal-news-author').value.trim() || 'Stadtverwaltung';
if (!title || !content) {
Swal.showValidationMessage('Titel und Inhalt sind Pflichtfelder.');
return false;
}
return { title: title, content: content, author_name: author };
}
}).then(function (result) {
if (!result.isConfirmed) return;
const formData = new FormData();
formData.append('action', 'create_news');
formData.append('municipality_id', MUNICIPALITY_ID);
formData.append('title', result.value.title);
formData.append('content', result.value.content);
formData.append('author_name', result.value.author_name);
fetch(API_URL, { method: 'POST', body: formData })
.then(function (r) { return r.json(); })
.then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Veröffentlicht!', 'Neuigkeit wurde veröffentlicht.', 'success')
.then(function () { location.reload(); });
});
});
}
// =============================================================
// Edit News Article
// =============================================================
function editNews(newsId, currentTitle, currentContent, currentAuthor) {
Swal.fire({
title: 'Neuigkeit bearbeiten',
html:
'<div style="text-align:left;">' +
'<div style="margin-bottom:12px;">' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
'<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" value="' + currentTitle + '">' +
'</div>' +
'<div style="margin-bottom:12px;">' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
'<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;">' + currentContent + '</textarea>' +
'</div>' +
'<div>' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Autor</label>' +
'<input id="swal-news-author" class="swal2-input" style="margin:0;width:100%;" value="' + currentAuthor + '">' +
'</div>' +
'</div>',
showCancelButton: true,
confirmButtonText: 'Speichern',
cancelButtonText: 'Abbrechen',
confirmButtonColor: PRIMARY_COLOR,
preConfirm: function () {
return {
title: document.getElementById('swal-news-title').value.trim(),
content: document.getElementById('swal-news-content').value.trim(),
author_name: document.getElementById('swal-news-author').value.trim() || 'Stadtverwaltung'
};
}
}).then(function (result) {
if (!result.isConfirmed) return;
const formData = new FormData();
formData.append('action', 'update_news');
formData.append('news_id', newsId);
formData.append('title', result.value.title);
formData.append('content', result.value.content);
formData.append('author_name', result.value.author_name);
fetch(API_URL, { method: 'POST', body: formData })
.then(function (r) { return r.json(); })
.then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Gespeichert!', 'Neuigkeit wurde aktualisiert.', 'success')
.then(function () { location.reload(); });
});
});
}
// =============================================================
// Create News Article
// =============================================================
function deleteNews(newsId) {
Swal.fire({
title: 'Neuigkeit löschen?',
text: 'Diese Aktion kann nicht rückgängig gemacht werden.',
icon: 'warning',
showCancelButton: true,
confirmButtonText: 'Löschen',
cancelButtonText: 'Abbrechen',
confirmButtonColor: '#c62828'
}).then(function (result) {
if (!result.isConfirmed) return;
const formData = new FormData();
formData.append('action', 'delete_news');
formData.append('news_id', newsId);
fetch(API_URL, { method: 'POST', body: formData })
.then(function (r) { return r.json(); })
.then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Gelöscht!', 'Neuigkeit wurde gelöscht.', 'success')
.then(function () { location.reload(); });
});
});
}
</script> </script>
</body> </body>
@@ -659,9 +865,8 @@ function show_login_page($municipality, $error = null) {
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Moderation - Anmeldung</title> <title>Moderation - Anmeldung</title>
<link rel="icon" href="assets/icon-municipality.png" type="image/png"> <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css"> <link rel="stylesheet" href="styles.css">
<link rel="stylesheet" href="admin.css">
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style> <style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head> </head>
<body> <body>
@@ -670,7 +875,7 @@ function show_login_page($municipality, $error = null) {
<h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal</h1> <h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal</h1>
<p>Bitte geben Sie das Moderationspasswort ein.</p> <p>Bitte geben Sie das Moderationspasswort ein.</p>
<?php if ($error): ?> <?php if ($error): ?>
<div class="login-error"><?= htmlspecialchars($error) ?></div> <div class="login-error"><i class="fa-solid fa-triangle-exclamation"></i> <?= htmlspecialchars($error) ?></div>
<?php endif; ?> <?php endif; ?>
<form method="POST" action="admin.php?page=login"> <form method="POST" action="admin.php?page=login">
<input type="password" name="password" placeholder="Passwort" autofocus> <input type="password" name="password" placeholder="Passwort" autofocus>

340
public/api/contributions.php
View File

@@ -38,13 +38,31 @@ switch ($action) {
case 'vote': case 'vote':
handle_vote($input); handle_vote($input);
break; break;
case 'create_news':
handle_create_news($input);
break;
case 'update_news':
handle_update_news($input);
break;
case 'delete_news':
handle_delete_news($input);
break;
case 'read_comments':
handle_read_comments($input);
break;
case 'create_comment':
handle_create_comment($input);
break;
case 'delete_comment':
handle_delete_comment($input);
break;
default: default:
error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.'); error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.');
} }
// ===================================================================== // =====================================================================
// Action Handlers // Action Handlers for Contributions
// ===================================================================== // =====================================================================
@@ -117,6 +135,23 @@ function handle_read($input) {
'features' => $features 'features' => $features
]; ];
// Includes User's Votes for persistent Vote Display
// Returns which Contributions the current Browser has voted on
$browser_id = $input['browser_id'] ?? '';
if ($browser_id !== '') {
$stmt = $pdo->prepare("
SELECT contribution_id, vote_type
FROM votes
WHERE browser_id = :bid
");
$stmt->execute([':bid' => $browser_id]);
$user_votes = [];
foreach ($stmt->fetchAll() as $v) {
$user_votes[$v['contribution_id']] = $v['vote_type'];
}
$featureCollection['user_votes'] = $user_votes;
}
json_response($featureCollection); json_response($featureCollection);
} }
@@ -126,6 +161,11 @@ function handle_read($input) {
// Required: municipality_id, geom, geom_type, category, title, author_name // Required: municipality_id, geom, geom_type, category, title, author_name
// Optional: description // Optional: description
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
// ---------------------------------------------------------------------
// CREATE: Inserts new Contributions with optional Photo Upload
// Required: municipality_id, geom, geom_type, category, title, author_name
// Optional: description, browser_id, photo (File Upload)
// ---------------------------------------------------------------------
function handle_create($input) { function handle_create($input) {
$pdo = get_db(); $pdo = get_db();
@@ -149,14 +189,23 @@ function handle_create($input) {
error_response('Invalid GeoJSON in Geometry Field.'); error_response('Invalid GeoJSON in Geometry Field.');
} }
// Handles Photo Upload
$photo_path = null;
if (isset($_FILES['photo']) && $_FILES['photo']['error'] === UPLOAD_ERR_OK) {
$photo_path = handle_photo_upload($_FILES['photo']);
if (!$photo_path) {
error_response('Photo Upload failed. JPG, PNG, GIF and WebP up to 5 MB are allowed.');
}
}
// Prepared SQL Statement // Prepared SQL Statement
try { try {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO contributions INSERT INTO contributions
(municipality_id, geom, geom_type, category, title, description, author_name) (municipality_id, geom, geom_type, category, title, description, author_name, browser_id, photo_path)
VALUES VALUES
(:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type, (:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type,
:category, :title, :description, :author_name) :category, :title, :description, :author_name, :browser_id, :photo_path)
"); ");
$stmt->execute([ $stmt->execute([
@@ -166,7 +215,9 @@ function handle_create($input) {
':category' => $input['category'], ':category' => $input['category'],
':title' => $input['title'], ':title' => $input['title'],
':description' => $input['description'] ?? '', ':description' => $input['description'] ?? '',
':author_name' => $input['author_name'] ':author_name' => $input['author_name'],
':browser_id' => $input['browser_id'] ?? null,
':photo_path' => $photo_path
]); ]);
json_response([ json_response([
@@ -205,7 +256,7 @@ function handle_update($input) {
} }
// Builds dynamic SQL Query to only update sent Fields // Builds dynamic SQL Query to only update sent Fields
$updatable_fields = ['category', 'title', 'description', 'status']; $updatable_fields = ['category', 'title', 'description', 'status', 'address'];
$set_clauses = []; $set_clauses = [];
$params = [':id' => $contribution_id]; $params = [':id' => $contribution_id];
@@ -311,11 +362,16 @@ function handle_vote($input) {
// Prepared SQL Statement // Prepared SQL Statement
try { try {
// Checks if Voter already voted on this Contribution // Checks if Voter already voted on this Contribution
$browser_id = $input['browser_id'] ?? '';
if (empty($browser_id)) {
error_response('Browser ID required for Voting.');
}
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
SELECT vote_id, vote_type FROM votes SELECT vote_id, vote_type FROM votes
WHERE contribution_id = :cid AND voter_name = :voter WHERE contribution_id = :cid AND browser_id = :bid
"); ");
$stmt->execute([':cid' => $input['contribution_id'], ':voter' => $input['voter_name']]); $stmt->execute([':cid' => $input['contribution_id'], ':bid' => $browser_id]);
$existing = $stmt->fetch(); $existing = $stmt->fetch();
if ($existing) { if ($existing) {
@@ -330,30 +386,278 @@ function handle_vote($input) {
$stmt->execute([':vid' => $existing['vote_id']]); $stmt->execute([':vid' => $existing['vote_id']]);
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type) INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype) VALUES (:cid, :voter, :vtype, :bid)
"); ");
$stmt->execute([ $stmt->execute([
':cid' => $input['contribution_id'], ':cid' => $input['contribution_id'],
':voter' => $input['voter_name'], ':voter' => $input['voter_name'],
':vtype' => $input['vote_type'] ':vtype' => $input['vote_type'],
':bid' => $browser_id
]); ]);
json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200); json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200);
} }
} else { } else {
// No existing Vote — Inserts Vote // No existing Vote — Inserts Vote
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type) INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype) VALUES (:cid, :voter, :vtype, :bid)
"); ");
$stmt->execute([ $stmt->execute([
':cid' => $input['contribution_id'], ':cid' => $input['contribution_id'],
':voter' => $input['voter_name'], ':voter' => $input['voter_name'],
':vtype' => $input['vote_type'] ':vtype' => $input['vote_type'],
]); ':bid' => $browser_id
]);
json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201); json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201);
} }
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// =====================================================================
// Action Handlers for News
// =====================================================================
// ---------------------------------------------------------------------
// CREATE NEWS: Inserts new News Entry
// Required: municipality_id, title, content
// ---------------------------------------------------------------------
function handle_create_news($input) {
$pdo = get_db();
$missing = validate_required($input, ['municipality_id', 'title', 'content']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("
INSERT INTO news (municipality_id, title, content, author_name)
VALUES (:mid, :title, :content, :author)
");
$stmt->execute([
':mid' => $input['municipality_id'],
':title' => $input['title'],
':content' => $input['content'],
':author' => $input['author_name'] ?? 'Stadtverwaltung'
]);
json_response(['message' => 'News created successfully.', 'news_id' => (int) $pdo->lastInsertId()], 201);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// UPDATE NEWS: Updates existing News Entry
// Required: news_id
// Optional: title, content
// ---------------------------------------------------------------------
function handle_update_news($input) {
$pdo = get_db();
$missing = validate_required($input, ['news_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
$set = [];
$params = [':id' => $input['news_id']];
foreach (['title', 'content', 'author_name'] as $field) {
if (isset($input[$field]) && $input[$field] !== '') {
$set[] = "$field = :$field";
$params[":$field"] = $input[$field];
}
}
if (empty($set)) {
error_response('No Fields to update.');
}
try {
$stmt = $pdo->prepare("UPDATE news SET " . implode(', ', $set) . " WHERE news_id = :id");
$stmt->execute($params);
json_response(['message' => 'News updated successfully.']);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// DELETE NEWS: Deletes existing News Entry
// Required: news_id
// ---------------------------------------------------------------------
function handle_delete_news($input) {
$pdo = get_db();
$missing = validate_required($input, ['news_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("DELETE FROM news WHERE news_id = :id");
$stmt->execute([':id' => $input['news_id']]);
json_response(['message' => 'News deleted successfully.']);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// =====================================================================
// Action Handlers for Photos
// =====================================================================
// ---------------------------------------------------------------------
// PHOTO UPLOAD: Validates and Saves uploaded Photo Files
// Returns relative Path on Success, null on Failure.
// Allowed: JPG, PNG, GIF, WebP. with maximum Size of 5 MB.
// ---------------------------------------------------------------------
function handle_photo_upload($file) {
// Validates File Size
$max_size = 5 * 1024 * 1024;
if ($file['size'] > $max_size) {
return null;
}
// Validates MIME Type
$allowed_types = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $file['tmp_name']);
finfo_close($finfo);
if (!in_array($mime, $allowed_types)) {
return null;
}
// Generates unique Filename
$ext = [
'image/jpeg' => 'jpg',
'image/png' => 'png',
'image/gif' => 'gif',
'image/webp' => 'webp'
][$mime];
$filename = uniqid('photo_', true) . '.' . $ext;
$upload_dir = __DIR__ . '/../uploads/photos/';
$target_path = $upload_dir . $filename;
// Creates Upload Directory
if (!is_dir($upload_dir)) {
mkdir($upload_dir, 0755, true);
}
// Moves uploaded File
if (move_uploaded_file($file['tmp_name'], $target_path)) {
return 'uploads/photos/' . $filename;
}
return null;
}
// =====================================================================
// Action Handlers for Comments
// =====================================================================
// ---------------------------------------------------------------------
// READ COMMENTS: Loads Comments for a Contribution
// Returns Comments sorted by Date (newest first)
// Required: contribution_id
// ---------------------------------------------------------------------
function handle_read_comments($input) {
$pdo = get_db();
$missing = validate_required($input, ['contribution_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("
SELECT comment_id, contribution_id, author_name, browser_id, content, created_at
FROM comments
WHERE contribution_id = :cid
ORDER BY created_at ASC
");
$stmt->execute([':cid' => $input['contribution_id']]);
$comments = $stmt->fetchAll();
json_response(['comments' => $comments, 'count' => count($comments)]);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// CREATE COMMENT: Adds Comments to Contributions
// Required: contribution_id, author_name, content
// Optional: browser_id
// ---------------------------------------------------------------------
function handle_create_comment($input) {
$pdo = get_db();
$missing = validate_required($input, ['contribution_id', 'author_name', 'content']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
// Validates Content Length
if (strlen($input['content']) > 1000) {
error_response('Comment too long. Maximum 1000 Characters.');
}
// Checks if Contribution exists
$stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id");
$stmt->execute([':id' => $input['contribution_id']]);
if (!$stmt->fetch()) {
error_response('Contribution not found.', 404);
}
try {
$stmt = $pdo->prepare("
INSERT INTO comments (contribution_id, author_name, browser_id, content)
VALUES (:cid, :author, :bid, :content)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':author' => $input['author_name'],
':bid' => $input['browser_id'] ?? null,
':content' => $input['content']
]);
json_response([
'message' => 'Comment created successfully.',
'comment_id' => (int) $pdo->lastInsertId()
], 201);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// DELETE COMMENT: Removes a Comment
// Required: comment_id
// ---------------------------------------------------------------------
function handle_delete_comment($input) {
$pdo = get_db();
$missing = validate_required($input, ['comment_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("DELETE FROM comments WHERE comment_id = :id");
$stmt->execute([':id' => $input['comment_id']]);
json_response(['message' => 'Comment deleted successfully.']);
} catch (PDOException $e) { } catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500); error_response('Database Error: ' . $e->getMessage(), 500);
} }

18
public/api/init.php
View File

@@ -28,24 +28,16 @@ session_start();
// Initializes Database Connection // Initializes Database Connection
try { try {
$opt = [ $dsn = "pgsql:host=$host;dbname=$db;port=$port";
$pdo = new PDO($dsn, $user, $pass, [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::ATTR_EMULATE_PREPARES => false PDO::ATTR_EMULATE_PREPARES => false
]; ]);
$dsn = "pgsql:host=$host;dbname=$db;port=$port;sslmode=disable";
$pdo = new PDO($dsn, $user, $pass, $opt);
$pdo = new PDO($dsn, $user, $pass, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
// Creates Error Message // Creates Error Message
} catch(PDOException $e) { } catch (PDOException $e) {
echo "Error: ".$e->getMessage(); echo "Error: " . $e->getMessage();
} }
?> ?>

39
public/imprint.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
require_once __DIR__ . '/api/db.php';
$pdo = get_db();
$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch();
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Impressum — <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link rel="stylesheet" href="styles.css">
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head>
<body>
<div class="page-header">
<div class="page-header-inner">
<h1><i class="fa-solid fa-scale-balanced"></i> Impressum</h1>
<div class="page-header-nav">
<a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
</div>
</div>
</div>
<div class="page-container">
<div class="page-content-box">
<div class="dev-notice">
<i class="fa-solid fa-triangle-exclamation"></i>
Dieses Portal befindet sich in der Entwicklung und wurde nicht offiziell beauftragt. Das Impressum wird mit der offiziellen Inbetriebnahme hier hinzugefügt.
</div>
<h2>Impressum</h2>
<p>Das Impressum wird hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>
</div>
</div>
</body>
</html>

78
public/index.php
View File

@@ -5,18 +5,8 @@
// Renders Leaflet Map Interface including Leaflet Plugins // Renders Leaflet Map Interface including Leaflet Plugins
// ===================================================================== // =====================================================================
// Reads Environment Configfile
$envFile = __DIR__ . '/../../.env';
if (file_exists($envFile)) {
$lines = file($envFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
if (strpos(trim($line), '#') === 0) continue;
list($key, $value) = array_map('trim', explode('=', $line, 2));
putenv("$key=$value");
}
}
require_once __DIR__ . '/api/db.php'; require_once __DIR__ . '/api/db.php';
require_once __DIR__ . '/api/auth.php';
// ----------------------------------------------------------------- // -----------------------------------------------------------------
// Loads Municipality Configuration // Loads Municipality Configuration
@@ -34,6 +24,11 @@ if (!$municipality) {
exit; exit;
} }
// Loads News for Sidebar
$stmt = $pdo->prepare("SELECT * FROM news WHERE municipality_id = :mid ORDER BY published_at DESC LIMIT 10");
$stmt->execute([':mid' => $municipality['municipality_id']]);
$news_items = $stmt->fetchAll();
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="de"> <html lang="de">
@@ -41,7 +36,7 @@ if (!$municipality) {
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Bürgerbeteiligungsportal <?= htmlspecialchars($municipality['name']) ?></title> <title>Bürgerbeteiligungsportal <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="assets/icon-municipality.png" type="image/png"> <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
<meta name="description" content="Bürgerbeteiligungsportal. Hinweise und Vorschläge auf der Karte eintragen."> <meta name="description" content="Bürgerbeteiligungsportal. Hinweise und Vorschläge auf der Karte eintragen.">
@@ -84,15 +79,17 @@ if (!$municipality) {
</style> </style>
</head> </head>
<body> <body class="portal-page">
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Header --> <!-- Header -->
<!-- ============================================================= --> <!-- ============================================================= -->
<header id="app-header"> <header id="app-header">
<div class="header-left"> <div class="header-left">
<img src="assets/logo-municipality.png" alt="<?= htmlspecialchars($municipality['name']) ?>" class="header-logo" onerror="this.style.display='none'"> <?php if (!empty($municipality['logo_path'])): ?>
<h1 class="header-title">Bürgerbeteiligung <?= htmlspecialchars($municipality['name']) ?></h1> <img src="<?= htmlspecialchars($municipality['logo_path']) ?>" alt="<?= htmlspecialchars($municipality['name']) ?>" class="header-logo" onerror="this.style.display='none'">
<?php endif; ?>
<h1 class="header-title">Mitmachkarte <?= htmlspecialchars($municipality['name']) ?></h1>
</div> </div>
<nav class="header-nav"> <nav class="header-nav">
@@ -100,14 +97,14 @@ if (!$municipality) {
<i class="fa-solid fa-circle-info"></i> <i class="fa-solid fa-circle-info"></i>
<span class="nav-label">Informationen</span> <span class="nav-label">Informationen</span>
</button> </button>
<button class="nav-btn" onclick="showPrivacyModal()"> <a href="privacy.php" class="nav-btn" target="_blank">
<i class="fa-solid fa-shield-halved"></i> <i class="fa-solid fa-shield-halved"></i>
<span class="nav-label">Datenschutz</span> <span class="nav-label">Datenschutz</span>
</button> </a>
<button class="nav-btn" onclick="showImprintModal()"> <a href="imprint.php" class="nav-btn" target="_blank">
<i class="fa-solid fa-scale-balanced"></i> <i class="fa-solid fa-scale-balanced"></i>
<span class="nav-label">Impressum</span> <span class="nav-label">Impressum</span>
</button> </a>
<a href="admin.php" class="nav-btn nav-btn-admin" title="Moderationsbereich" target="_blank"> <a href="admin.php" class="nav-btn nav-btn-admin" title="Moderationsbereich" target="_blank">
<i class="fa-solid fa-lock"></i> <i class="fa-solid fa-lock"></i>
</a> </a>
@@ -115,6 +112,8 @@ if (!$municipality) {
<!-- Mobile Hamburger Menu --> <!-- Mobile Hamburger Menu -->
<button class="header-menu-toggle" onclick="toggleMobileNav()"> <button class="header-menu-toggle" onclick="toggleMobileNav()">
<i class="fa-solid fa-bars"></i>
</button>
</header> </header>
@@ -205,12 +204,31 @@ if (!$municipality) {
<span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span> <span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span>
</h2> </h2>
<div class="sidebar-body"> <div class="sidebar-body">
<div class="news-item"> <!-- News Search -->
<span class="news-date">April 2026</span> <div class="list-search">
<h3>Portal gestartet</h3> <input type="text" id="news-search-input" placeholder="Neuigkeiten durchsuchen..." class="form-input" oninput="filterNews()">
<p>Das Bürgerbeteiligungsportal für <?= htmlspecialchars($municipality['name']) ?> ist online. Wir freuen uns auf Ihre Hinweise und Vorschläge!</p> </div>
<!-- News Items Container -->
<div id="news-list">
<?php if (empty($news_items)): ?>
<p style="text-align:center;color:#999;padding:20px;">Noch keine Neuigkeiten veröffentlicht.</p>
<?php else: ?>
<?php foreach ($news_items as $news): ?>
<div class="news-item"
data-title="<?= htmlspecialchars(strtolower($news['title'])) ?>"
data-content="<?= htmlspecialchars(strtolower($news['content'])) ?>"
data-author="<?= htmlspecialchars(strtolower($news['author_name'])) ?>">
<h3><?= htmlspecialchars($news['title']) ?></h3>
<p><?= nl2br(htmlspecialchars($news['content'])) ?></p>
<span class="news-date">
<?= htmlspecialchars($news['author_name']) ?>
· <?= date('d.m.Y', strtotime($news['published_at'])) ?>
</span>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div> </div>
<!-- News Items can be added or loaded from Database here -->
</div> </div>
</div> </div>
@@ -303,6 +321,15 @@ if (!$municipality) {
<textarea id="create-description" class="form-input" rows="4" placeholder="Detaillierte Beschreibung (optional)"></textarea> <textarea id="create-description" class="form-input" rows="4" placeholder="Detaillierte Beschreibung (optional)"></textarea>
</div> </div>
<!-- Photo Upload -->
<div class="form-group">
<label for="create-photo"></i> Foto</label>
<input type="file" id="create-photo" class="form-input" accept="image/jpeg,image/png,image/gif,image/webp">
<div id="photo-preview" style="margin-top:8px;display:none;">
<img id="photo-preview-img" style="max-width:100%;max-height:200px;border-radius:6px;border:1px solid var(--color-border);">
</div>
</div>
<input type="hidden" id="create-geom"> <input type="hidden" id="create-geom">
<input type="hidden" id="create-geom-type"> <input type="hidden" id="create-geom-type">
@@ -355,6 +382,9 @@ if (!$municipality) {
// Category Definitions from Database // Category Definitions from Database
const CATEGORIES = <?= json_encode(get_categories(), JSON_UNESCAPED_UNICODE) ?>; const CATEGORIES = <?= json_encode(get_categories(), JSON_UNESCAPED_UNICODE) ?>;
// Admin Status from PHP Session
const IS_ADMIN = <?= (function_exists('is_admin') && is_admin()) ? 'true' : 'false' ?>;
</script> </script>
<!-- Application Logic --> <!-- Application Logic -->

400
public/js/app.js
View File

@@ -16,9 +16,26 @@
// API Endpoint as relative Path // API Endpoint as relative Path
const API_URL = 'api/contributions.php'; const API_URL = 'api/contributions.php';
// Current User Name, set via Login Modal, stored in sessionStorage // Username set via Login Modal stored in sessionStorage
let currentUser = sessionStorage.getItem('webgis_user') || ''; let currentUser = sessionStorage.getItem('webgis_user') || '';
// Browser Identification Number for anonymous User Identification stored as Cookie
let browserId = getBrowserId();
function getBrowserId() {
let id = document.cookie.replace(/(?:(?:^|.*;\s*)webgis_browser_id\s*=\s*([^;]*).*$)|^.*$/, '$1');
if (!id) {
id = 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function (c) {
const r = Math.random() * 16 | 0;
return (c === 'x' ? r : (r & 0x3 | 0x8)).toString(16);
});
// Cookie Expiration in one Year
document.cookie = 'webgis_browser_id=' + id + ';path=/;max-age=31536000;SameSite=Lax';
}
return id;
}
// Application State // Application State
let map; // Leaflet Map Instance let map; // Leaflet Map Instance
let sidebar; // Sidebar Instance let sidebar; // Sidebar Instance
@@ -290,9 +307,15 @@ function apiCall(data, callback) {
}); });
} }
// Loads all Contributions from API and displays Contributions on Map // Loads all Contributions from API and displays Contributions on Map
function loadContributions() { function loadContributions() {
apiCall({ action: 'read', municipality_id: MUNICIPALITY.id }, function (data) { const readParams = { action: 'read', municipality_id: MUNICIPALITY.id };
// Sends Browser ID for persistent Vote Display
readParams.browser_id = browserId;
apiCall(readParams, function (data) {
if (data.error) { if (data.error) {
console.error('Load Error:', data.error); console.error('Load Error:', data.error);
return; return;
@@ -300,6 +323,14 @@ function loadContributions() {
contributionsData = data.features || []; contributionsData = data.features || [];
// Restores Vote Highlights from API Response
if (data.user_votes) {
userVotes = {};
for (const key in data.user_votes) {
userVotes[key] = data.user_votes[key];
}
}
// Removes existing Layer if present // Removes existing Layer if present
if (contributionsLayer) { if (contributionsLayer) {
map.removeLayer(contributionsLayer); map.removeLayer(contributionsLayer);
@@ -331,10 +362,11 @@ function stylePoint(feature, latlng) {
return L.circleMarker(latlng, { return L.circleMarker(latlng, {
radius: 8, radius: 8,
color: '#ffffff', color: cat.color,
weight: 2, weight: 3,
fillColor: cat.color, fillColor: cat.color,
fillOpacity: 0.9 fillOpacity: 0.25,
opacity: 0.8
}); });
} }
@@ -356,6 +388,7 @@ function styleLinePolygon(feature) {
// Block 9: Feature Popups for Read, Edit, Delete and Vote // Block 9: Feature Popups for Read, Edit, Delete and Vote
// ===================================================================== // =====================================================================
// Builds Popup HTML for Features called every Time the Popup opens
function buildPopupHtml(feature) { function buildPopupHtml(feature) {
const props = feature.properties; const props = feature.properties;
const cat = CATEGORIES[props.category] || CATEGORIES.other; const cat = CATEGORIES[props.category] || CATEGORIES.other;
@@ -366,38 +399,86 @@ function buildPopupHtml(feature) {
day: '2-digit', month: '2-digit', year: 'numeric' day: '2-digit', month: '2-digit', year: 'numeric'
}); });
return '' + let html = '' +
'<div class="popup-detail">' + '<div class="popup-detail">' +
'<span class="popup-detail-category">' + categoryIcon(cat) + ' ' + cat.label + '</span>' + '<span class="popup-detail-category">' + categoryIcon(cat) + ' ' + cat.label + '</span>' +
'<div class="popup-detail-title">' + escapeHtml(props.title) + '</div>' + '<div class="popup-detail-title">' + escapeHtml(props.title) + '</div>' +
(props.description ? '<div class="popup-detail-description">' + escapeHtml(props.description) + '</div>' : '') + (props.description ? '<div class="popup-detail-description">' + escapeHtml(props.description) + '</div>' : '');
'<div class="popup-detail-meta">' +
// Photo Toggle Button including hidden Photo
if (props.photo_path) {
html += '<div class="popup-photo-container" id="photo-container-' + props.contribution_id + '" style="display:none;">' +
'<img src="' + escapeHtml(props.photo_path) + '" alt="Foto" class="popup-photo-img" onclick="window.open(\'' + escapeHtml(props.photo_path) + '\', \'_blank\')">' +
'</div>' +
'<div class="popup-photo-toggle">' +
'<button class="popup-photo-btn" onclick="togglePhoto(' + props.contribution_id + ')">' +
'<i class="fa-solid fa-camera"></i> <span id="photo-label-' + props.contribution_id + '">Foto anzeigen</span>' +
'</button>' +
'</div>';
}
// Meta Information
html += '<div class="popup-detail-meta">' +
'<i class="fa-solid fa-user"></i> ' + escapeHtml(props.author_name) + '<i class="fa-solid fa-user"></i> ' + escapeHtml(props.author_name) +
' &middot; <i class="fa-solid fa-calendar"></i> ' + dateStr + ' &middot; <i class="fa-solid fa-calendar"></i> ' + dateStr +
'</div>' + '</div>';
'<div class="popup-detail-votes">' +
// Vote Buttons
html += '<div class="popup-detail-votes">' +
'<button class="popup-vote-btn' + (userVotes[props.contribution_id] === 'like' ? ' liked' : '') + '" id="vote-like-' + props.contribution_id + '" onclick="voteContribution(' + props.contribution_id + ', \'like\')" title="Gefällt mir">' + '<button class="popup-vote-btn' + (userVotes[props.contribution_id] === 'like' ? ' liked' : '') + '" id="vote-like-' + props.contribution_id + '" onclick="voteContribution(' + props.contribution_id + ', \'like\')" title="Gefällt mir">' +
'<i class="fa-solid fa-thumbs-up"></i> <span id="likes-' + props.contribution_id + '">' + props.likes_count + '</span>' + '<i class="fa-solid fa-thumbs-up"></i> <span id="likes-' + props.contribution_id + '">' + props.likes_count + '</span>' +
'</button>' + '</button>' +
'<button class="popup-vote-btn' + (userVotes[props.contribution_id] === 'dislike' ? ' disliked' : '') + '" id="vote-dislike-' + props.contribution_id + '" onclick="voteContribution(' + props.contribution_id + ', \'dislike\')" title="Gefällt mir nicht">' + '<button class="popup-vote-btn' + (userVotes[props.contribution_id] === 'dislike' ? ' disliked' : '') + '" id="vote-dislike-' + props.contribution_id + '" onclick="voteContribution(' + props.contribution_id + ', \'dislike\')" title="Gefällt mir nicht">' +
'<i class="fa-solid fa-thumbs-down"></i> <span id="dislikes-' + props.contribution_id + '">' + props.dislikes_count + '</span>' + '<i class="fa-solid fa-thumbs-down"></i> <span id="dislikes-' + props.contribution_id + '">' + props.dislikes_count + '</span>' +
'</button>' + '</button>' +
'</div>' + '</div>';
(currentUser === props.author_name ?
'<div class="popup-detail-actions">' + // Edit and Delete Buttons for Author or Admin
if (props.browser_id === browserId || (typeof IS_ADMIN !== 'undefined' && IS_ADMIN)) {
html += '<div class="popup-detail-actions">' +
'<button class="btn btn-primary" onclick="editContribution(' + props.contribution_id + ')"><i class="fa-solid fa-pen"></i> Bearbeiten</button>' + '<button class="btn btn-primary" onclick="editContribution(' + props.contribution_id + ')"><i class="fa-solid fa-pen"></i> Bearbeiten</button>' +
'<button class="btn btn-danger" onclick="deleteContribution(' + props.contribution_id + ')"><i class="fa-solid fa-trash"></i> Löschen</button>' + '<button class="btn btn-danger" onclick="deleteContribution(' + props.contribution_id + ')"><i class="fa-solid fa-trash"></i> Löschen</button>' +
'</div>' : '') + '</div>';
'</div>'; }
// Collapsible Comments Section
const commentCount = props.comment_count || 0;
html += '<div class="popup-comments">' +
'<div class="popup-comments-header" onclick="toggleComments(' + props.contribution_id + ')">' +
'<i class="fa-solid fa-comments"></i> Kommentare (' + commentCount + ')' +
' <i class="fa-solid fa-chevron-down popup-comments-toggle" id="comments-toggle-' + props.contribution_id + '"></i>' +
'</div>' +
'<div id="comments-section-' + props.contribution_id + '" style="display:none;">' +
'<div id="comments-list-' + props.contribution_id + '" class="popup-comments-list"></div>';
// Comment Input for logged-in Users
if (currentUser) {
html += '<div class="popup-comment-form">' +
'<input type="text" id="comment-input-' + props.contribution_id + '" class="popup-comment-input" placeholder="Kommentar schreiben..." maxlength="1000">' +
'<button class="popup-comment-submit" onclick="submitComment(' + props.contribution_id + ')" title="Senden">' +
'<i class="fa-solid fa-paper-plane"></i>' +
'</button>' +
'</div>';
}
html += '</div></div></div>';
return html;
} }
// Binds Popup and Tooltip to Feature Layer // Binds Popup and Tooltip to Feature Layer
function bindFeaturePopup(feature, layer) { function bindFeaturePopup(feature, layer) {
const cat = CATEGORIES[feature.properties.category] || CATEGORIES.other; const cat = CATEGORIES[feature.properties.category] || CATEGORIES.other;
// Rebuilts if Popup opens // Dynamic Popup — rebuilt every Time the Popup opens
layer.bindPopup(function () { return buildPopupHtml(feature); }, { maxWidth: 320, minWidth: 240 }); layer.bindPopup(function () { return buildPopupHtml(feature); }, { maxWidth: 320, minWidth: 240 });
// Loads Comments when Popup opens
layer.on('popupopen', function () {
loadComments(feature.properties.contribution_id);
});
// Tooltip on Hover // Tooltip on Hover
layer.bindTooltip(categoryIcon(cat) + ' ' + escapeHtml(feature.properties.title), { layer.bindTooltip(categoryIcon(cat) + ' ' + escapeHtml(feature.properties.title), {
direction: 'top', direction: 'top',
@@ -417,8 +498,9 @@ function submitCreate() {
const description = document.getElementById('create-description').value.trim(); const description = document.getElementById('create-description').value.trim();
const geom = document.getElementById('create-geom').value; const geom = document.getElementById('create-geom').value;
const geomType = document.getElementById('create-geom-type').value; const geomType = document.getElementById('create-geom-type').value;
const photoInput = document.getElementById('create-photo');
// Validates // Validates required Fields
if (!category) { if (!category) {
Swal.fire('Kategorie fehlt', 'Bitte wählen Sie eine Kategorie aus.', 'warning'); Swal.fire('Kategorie fehlt', 'Bitte wählen Sie eine Kategorie aus.', 'warning');
return; return;
@@ -432,25 +514,48 @@ function submitCreate() {
return; return;
} }
apiCall({ // Builds FormData manually to include Photo File
action: 'create', const formData = new FormData();
municipality_id: MUNICIPALITY.id, formData.append('action', 'create');
category: category, formData.append('municipality_id', MUNICIPALITY.id);
title: title, formData.append('category', category);
description: description, formData.append('title', title);
geom: geom, formData.append('description', description);
geom_type: geomType, formData.append('geom', geom);
author_name: currentUser formData.append('geom_type', geomType);
}, function (response) { formData.append('author_name', currentUser);
if (response.error) { formData.append('browser_id', browserId);
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Eingereicht!', 'Ihr Beitrag wurde erfolgreich eingereicht und wird nach Prüfung durch das Moderationsteam veröffentlicht.', 'success'); // Appends Photo File if selected
closeCreateModal(); if (photoInput.files.length > 0) {
loadContributions(); formData.append('photo', photoInput.files[0]);
}); }
// Sends directly via fetch not through apiCall, because of File Upload
fetch(API_URL, { method: 'POST', body: formData })
.then(function (response) { return response.json(); })
.then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
// Triggers Reverse Geocoding in Background
if (response.contribution_id && drawnGeometry) {
const coords = drawnGeomType === 'point' ? drawnGeometry.coordinates :
drawnGeomType === 'line' ? drawnGeometry.coordinates[0] :
drawnGeometry.coordinates[0][0];
reverseGeocode(response.contribution_id, coords[1], coords[0]);
}
Swal.fire('Eingereicht!', 'Ihr Beitrag wurde erfolgreich eingereicht und wird nach Prüfung durch das Moderationsteam veröffentlicht.', 'success');
closeCreateModal();
loadContributions();
})
.catch(function (error) {
console.error('Upload Error:', error);
Swal.fire('Verbindungsfehler', 'Verbindung zum Server fehlgeschlagen.', 'error');
});
} }
// Cancels Create, closes Modal and clears Form // Cancels Create, closes Modal and clears Form
@@ -465,6 +570,9 @@ function closeCreateModal() {
document.getElementById('create-description').value = ''; document.getElementById('create-description').value = '';
document.getElementById('create-geom').value = ''; document.getElementById('create-geom').value = '';
document.getElementById('create-geom-type').value = ''; document.getElementById('create-geom-type').value = '';
// Resets Photo Upload
document.getElementById('create-photo').value = '';
document.getElementById('photo-preview').style.display = 'none';
drawnGeometry = null; drawnGeometry = null;
drawnGeomType = null; drawnGeomType = null;
} }
@@ -484,10 +592,14 @@ function editContribution(contributionId) {
title: 'Beitrag bearbeiten', title: 'Beitrag bearbeiten',
html: html:
'<div style="text-align:left;">' + '<div style="text-align:left;">' +
'<label style="font-weight:600;font-size:0.85rem;">Titel</label>' + '<div style="margin-bottom:12px;">' +
'<input id="swal-title" class="swal2-input" value="' + escapeHtml(props.title) + '">' + '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
'<label style="font-weight:600;font-size:0.85rem;">Beschreibung</label>' + '<input id="swal-title" class="swal2-input" style="margin:0;width:100%;" value="' + escapeHtml(props.title) + '">' +
'<textarea id="swal-description" class="swal2-textarea">' + escapeHtml(props.description || '') + '</textarea>' + '</div>' +
'<div>' +
'<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Beschreibung</label>' +
'<textarea id="swal-description" class="swal2-textarea" style="margin:0;width:100%;">' + escapeHtml(props.description || '') + '</textarea>' +
'</div>' +
'</div>', '</div>',
showCancelButton: true, showCancelButton: true,
confirmButtonText: 'Speichern', confirmButtonText: 'Speichern',
@@ -557,7 +669,8 @@ function voteContribution(contributionId, voteType) {
action: 'vote', action: 'vote',
contribution_id: contributionId, contribution_id: contributionId,
voter_name: currentUser, voter_name: currentUser,
vote_type: voteType vote_type: voteType,
browser_id: browserId
}, function (response) { }, function (response) {
if (response.error) { if (response.error) {
return; return;
@@ -672,6 +785,7 @@ function updateContributionsList() {
'<span class="contribution-card-votes">' + '<span class="contribution-card-votes">' +
'<span title="Likes"><i class="fa-solid fa-thumbs-up"></i> ' + props.likes_count + '</span>' + '<span title="Likes"><i class="fa-solid fa-thumbs-up"></i> ' + props.likes_count + '</span>' +
'<span title="Dislikes"><i class="fa-solid fa-thumbs-down"></i> ' + props.dislikes_count + '</span>' + '<span title="Dislikes"><i class="fa-solid fa-thumbs-down"></i> ' + props.dislikes_count + '</span>' +
'<span title="Kommentare"><i class="fa-solid fa-comment"></i> ' + (props.comment_count || 0) + '</span>' +
'</span>' + '</span>' +
'</div>' + '</div>' +
'</div>'; '</div>';
@@ -751,7 +865,14 @@ function toggleCategoryFilter(checkbox) {
if (layer.feature) { if (layer.feature) {
const cat = layer.feature.properties.category; const cat = layer.feature.properties.category;
if (activeFilters.indexOf(cat) !== -1) { if (activeFilters.indexOf(cat) !== -1) {
layer.setStyle({ opacity: 0.8, fillOpacity: layer.feature.geometry.type === 'Point' ? 0.25 : 0.25 }); const catDef = CATEGORIES[cat] || CATEGORIES.other;
layer.setStyle({
color: catDef.color,
weight: 3,
opacity: 0.8,
fillColor: catDef.color,
fillOpacity: 0.25
});
if (layer.setRadius) layer.setRadius(8); if (layer.setRadius) layer.setRadius(8);
layer.options.interactive = true; layer.options.interactive = true;
} else { } else {
@@ -858,30 +979,6 @@ function showInfoModal() {
}); });
} }
// Privacy Modal
function showPrivacyModal() {
Swal.fire({
title: 'Datenschutz',
html: '<p style="text-align:left;line-height:1.6;">Das Bürgerbeteiligungsportal speichert die von Ihnen ' +
'hinterlegten Daten zur Durchführung der Bürgerbeteiligung.</p>' +
'<p style="text-align:left;line-height:1.6;">Ihre Daten werden nicht an Dritte weitergegeben. ' +
'Details entnehmen Sie bitte der vollständigen Datenschutzerklärung von ' +
MUNICIPALITY.name + '.</p>',
confirmButtonColor: MUNICIPALITY.primaryColor
});
}
// Imprint Modal
function showImprintModal() {
Swal.fire({
title: 'Impressum',
html: '<p style="text-align:left;line-height:1.6;">Stadt ' + MUNICIPALITY.name + '</p>' +
'<p style="text-align:left;line-height:1.6;color:#777;">Die vollständigen Angaben ' +
'werden hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>',
confirmButtonColor: MUNICIPALITY.primaryColor
});
}
// ===================================================================== // =====================================================================
// Block 14: Mobile Navigation // Block 14: Mobile Navigation
@@ -929,6 +1026,158 @@ function categoryIcon(cat) {
return '<i class="fa-solid ' + cat.faIcon + '" style="color:' + cat.color + ';"></i>'; return '<i class="fa-solid ' + cat.faIcon + '" style="color:' + cat.color + ';"></i>';
} }
// Reverse Geocodes Coordinates and saves Address to Contribution via API
function reverseGeocode(contributionId, lat, lng) {
fetch('https://nominatim.openstreetmap.org/reverse?format=json&lat=' + lat + '&lon=' + lng + '&zoom=18&addressdetails=1', {
headers: { 'Accept-Language': 'de' }
})
.then(function (r) { return r.json(); })
.then(function (data) {
if (data.display_name) {
const addr = data.address || {};
const parts = [];
if (addr.road) parts.push(addr.road + (addr.house_number ? ' ' + addr.house_number : ''));
if (addr.city || addr.town || addr.village) parts.push(addr.city || addr.town || addr.village);
const shortAddress = parts.length > 0 ? parts.join(', ') : data.display_name.split(',').slice(0, 2).join(',');
// Saves Address to Database via API
apiCall({
action: 'update',
contribution_id: contributionId,
address: shortAddress
}, function () {});
}
})
.catch(function () {});
}
// Filters News Items in Sidebar by Search Term
function filterNews() {
const searchTerm = document.getElementById('news-search-input').value.toLowerCase();
const newsItems = document.querySelectorAll('#news-list .news-item');
newsItems.forEach(function (item) {
const title = item.dataset.title || '';
const content = item.dataset.content || '';
const author = item.dataset.author || '';
// Shows Item if Search Term matches Title, Content or Author
if (!searchTerm || title.indexOf(searchTerm) !== -1 || content.indexOf(searchTerm) !== -1 || author.indexOf(searchTerm) !== -1) {
item.style.display = '';
} else {
item.style.display = 'none';
}
});
}
// Loads and Displays Comments forContributions in Popups
function loadComments(contributionId) {
apiCall({
action: 'read_comments',
contribution_id: contributionId
}, function (response) {
const listContainer = document.getElementById('comments-list-' + contributionId);
const countSpan = document.getElementById('comment-count-' + contributionId);
if (!listContainer) return;
if (response.error || !response.comments || response.comments.length === 0) {
listContainer.innerHTML = '<div class="popup-comment-empty">Noch keine Kommentare.</div>';
if (countSpan) countSpan.textContent = '(0)';
return;
}
if (countSpan) countSpan.textContent = '(' + response.count + ')';
let html = '';
response.comments.forEach(function (comment) {
const commentDate = new Date(comment.created_at).toLocaleDateString('de-DE');
const canDelete = comment.browser_id === browserId || (typeof IS_ADMIN !== 'undefined' && IS_ADMIN);
html += '<div class="popup-comment">' +
'<div class="popup-comment-meta">' +
'<strong>' + escapeHtml(comment.author_name) + '</strong>' +
' · ' + commentDate +
(canDelete ? ' · <a href="#" onclick="deleteComment(' + comment.comment_id + ', ' + contributionId + ');return false;" class="popup-comment-delete"><i class="fa-solid fa-trash"></i></a>' : '') +
'</div>' +
'<div class="popup-comment-text">' + escapeHtml(comment.content) + '</div>' +
'</div>';
});
listContainer.innerHTML = html;
});
}
// Submits a new Comment on a Contribution
function submitComment(contributionId) {
const input = document.getElementById('comment-input-' + contributionId);
const content = input ? input.value.trim() : '';
if (!content) return;
apiCall({
action: 'create_comment',
contribution_id: contributionId,
author_name: currentUser,
browser_id: browserId,
content: content
}, function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
// Clears Input and reloads Comments
if (input) input.value = '';
loadComments(contributionId);
});
}
// Deletes a Comment
function deleteComment(commentId, contributionId) {
apiCall({
action: 'delete_comment',
comment_id: commentId
}, function (response) {
if (response.error) return;
// Reloads Comments after Deletion
loadComments(contributionId);
});
}
// Toggles Photo Visibility in Popup
function togglePhoto(contributionId) {
const container = document.getElementById('photo-container-' + contributionId);
const label = document.getElementById('photo-label-' + contributionId);
if (!container) return;
if (container.style.display === 'none') {
container.style.display = 'block';
label.textContent = 'Foto verbergen';
} else {
container.style.display = 'none';
label.textContent = 'Foto anzeigen';
}
}
// Toggles Comments Section Visibility in Popup
function toggleComments(contributionId) {
const section = document.getElementById('comments-section-' + contributionId);
const toggle = document.getElementById('comments-toggle-' + contributionId);
if (!section) return;
if (section.style.display === 'none') {
section.style.display = 'block';
toggle.classList.remove('fa-chevron-down');
toggle.classList.add('fa-chevron-up');
// Loads Comments
loadComments(contributionId);
} else {
section.style.display = 'none';
toggle.classList.remove('fa-chevron-up');
toggle.classList.add('fa-chevron-down');
}
}
// ===================================================================== // =====================================================================
// Block 16: Application Startup // Block 16: Application Startup
@@ -947,6 +1196,7 @@ function buildCategoryDropdown() {
} }
} }
// Populates Category Dropdown // Populates Category Dropdown
buildCategoryDropdown(); buildCategoryDropdown();
@@ -957,4 +1207,22 @@ buildCategoryFilter();
loadContributions(); loadContributions();
// Shows Welcome Modal on first Visit // Shows Welcome Modal on first Visit
checkWelcomeModal(); checkWelcomeModal();
// Photo Preview in Create Modal
document.getElementById('create-photo').addEventListener('change', function () {
const preview = document.getElementById('photo-preview');
const previewImg = document.getElementById('photo-preview-img');
if (this.files && this.files[0]) {
const reader = new FileReader();
reader.onload = function (e) {
previewImg.src = e.target.result;
preview.style.display = 'block';
};
reader.readAsDataURL(this.files[0]);
} else {
preview.style.display = 'none';
}
});

39
public/privacy.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
require_once __DIR__ . '/api/db.php';
$pdo = get_db();
$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch();
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Datenschutz — <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link rel="stylesheet" href="styles.css">
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head>
<body>
<div class="page-header">
<div class="page-header-inner">
<h1><i class="fa-solid fa-lock"></i> Datenschutz</h1>
<div class="page-header-nav">
<a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
</div>
</div>
</div>
<div class="page-container">
<div class="page-content-box">
<div class="dev-notice">
<i class="fa-solid fa-triangle-exclamation"></i>
Dieses Portal befindet sich in der Entwicklung und wurde nicht offiziell beauftragt. Die Datenschutzerklärung wird mit der offiziellen Inbetriebnahme hier hinzugefügt.
</div>
<h2>Datenschutz</h2>
<p>Die Datenschutzerklärung wird hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>
</div>
</div>
</body>
</html>

1352
public/styles.css
View File

File diff suppressed because it is too large Load Diff

7
public/uploads/.htaccess Normal file
View File

@@ -0,0 +1,7 @@
# Prevents PHP in Upload Directory
php_flag engine off
# Allows Image Files
<FilesMatch "\.(?i:jpg|jpeg|png|gif|webp)$">
Require all granted
</FilesMatch>

0
public/uploads/photos/.gitkeep Normal file
View File