lukas.uptmoor/webgis-lohne
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lukas.uptmoor:7aa0cad5fb1a4c80ba7aa1129ef1647966a5c1b4
Branches Tags
lukas.uptmoor:main lukas.uptmoor:dev/patrick lukas.uptmoor:dev/tasks-module lukas.uptmoor:dev/lukas
...
compare: lukas.uptmoor:dev/patrick
Branches Tags
lukas.uptmoor:dev/patrick lukas.uptmoor:main lukas.uptmoor:dev/tasks-module lukas.uptmoor:dev/lukas

126 Commits
7aa0cad5fb ... dev/patric

Author SHA1 Message Date
patrickzerhusen
13a1f50134 news sort control in sidebar 2026-06-16 16:58:25 +02:00
patrickzerhusen
7e9c8cd60d news sort control in sidebar 2026-06-16 16:58:15 +02:00
patrickzerhusen
2aae2cd518 contribution sort control in sidebar 2026-06-16 16:35:49 +02:00
patrickzerhusen
286026d7ba polished sidebar design 2026-06-16 16:32:56 +02:00
patrickzerhusen
5aa1fbf13c contribution sort control in sidebar 2026-06-16 16:27:56 +02:00
patrickzerhusen
36ef947be0 redesigned category filter in sidebar 2026-06-16 16:24:11 +02:00
patrickzerhusen
cf09e88a5b custom edit and create modals 2026-06-16 16:06:25 +02:00
patrickzerhusen
70fe829e97 cutom edit contribution modal 2026-06-16 15:53:42 +02:00
patrickzerhusen
c1dd6cc009 replaced sweet alert inline styles with CSS classes 2026-06-16 15:43:48 +02:00
patrickzerhusen
336e7cf3a6 moved add news button 2026-06-16 15:32:39 +02:00
patrickzerhusen
6898a837e8 adapted sweet alert styles to design theme 2026-06-16 15:19:00 +02:00
patrickzerhusen
a859e61483 replaced sweet alert inline styles with CSS classes 2026-06-16 15:15:18 +02:00
patrickzerhusen
3fa47a3347 developer notice colour in modals 2026-06-16 15:10:54 +02:00
patrickzerhusen
7c0a17c915 added utility designs 2026-06-16 15:05:25 +02:00
patrickzerhusen
59147deec6 added utility designs 2026-06-16 15:00:20 +02:00
patrickzerhusen
d5efbc02d2 added utility designs 2026-06-16 14:58:19 +02:00
patrickzerhusen
60d6b9e4b6 added utility designs 2026-06-16 14:57:52 +02:00
patrickzerhusen
ee84734601 replaced inline styles with CSS classes 2026-06-16 14:42:57 +02:00
patrickzerhusen
2bfb245a46 added utility designs 2026-06-16 14:34:05 +02:00
patrickzerhusen
90dc71e1c3 added design tokens for fonds, radiuses, shadows and spacings 2026-06-16 14:27:53 +02:00
patrickzerhusen
35caac394c fixed sidebar colours 2026-06-12 13:36:22 +02:00
patrickzerhusen
bb855d1510 removed leaflet flag 2026-06-12 13:30:11 +02:00
patrickzerhusen
59b9440420 layer control redesign 2026-06-12 13:16:42 +02:00
patrickzerhusen
649a2bab9c removed scale bar 2026-06-12 12:59:50 +02:00
patrickzerhusen
9f8312b88b larger close button for popups 2026-06-12 12:49:03 +02:00
patrickzerhusen
e1204cd311 moved sweet alert message above login modal 2026-06-12 12:46:20 +02:00
patrickzerhusen
1ffe2d5d57 removed button offset in menu 2026-06-12 12:42:19 +02:00
patrickzerhusen
f1f503af77 custom germen geoman labels 2026-06-12 12:40:07 +02:00
patrickzerhusen
9b84ff1367 pans map if popup behind header 2026-06-12 12:27:16 +02:00
patrickzerhusen
7be37bd30f removed cancel icon from onboarding popup 2026-06-12 12:03:44 +02:00
patrickzerhusen
2039f5d03d fixed popup auto-position with padding 2026-06-11 17:10:19 +02:00
patrickzerhusen
38c48861a9 changed fa-icon in create modal 2026-06-11 16:39:52 +02:00
patrickzerhusen
30044e00e9 progress bar skip button, labeled arrow hint 2026-06-11 16:38:25 +02:00
patrickzerhusen
23027d54d7 optimized onboarding tutorial for mobile screens 2026-06-11 15:58:03 +02:00
patrickzerhusen
5e10d19bbd hides map controls on mobile screens if sidebar open 2026-06-11 15:36:04 +02:00
patrickzerhusen
1953df262c prevents auto-zoom on mobile screens 2026-06-11 15:15:50 +02:00
patrickzerhusen
ac40c7d949 updatet sidebar styling and texts, included statistics in category-filter 2026-05-13 14:21:05 +02:00
patrickzerhusen
cc8bdd4ea1 updated folder structure 2026-05-06 15:59:59 +02:00
patrickzerhusen
bbb2e830b3 removed legacy 2026-05-06 15:56:31 +02:00
patrickzerhusen
dbc617ad81 changed favorite and header icons 2026-05-06 15:53:30 +02:00
patrickzerhusen
fa7d83fc36 corrected typos 2026-05-04 15:17:18 +02:00
patrickzerhusen
a062f08ed7 replaced inline javascript in admin.php with admin.js 2026-04-30 17:14:26 +02:00
patrickzerhusen
bd576665c8 replaced inline javascript in admin.php with admin.js 2026-04-30 16:56:05 +02:00
patrickzerhusen
5bfdda2340 restructured admin.js 2026-04-30 16:36:03 +02:00
patrickzerhusen
acfc50a244 added admin.js for javascript refractoring of moderation portal 2026-04-30 15:57:56 +02:00
patrickzerhusen
b4ee8fa6e0 added admin.js for javascript refractoring of moderation portal 2026-04-30 15:57:38 +02:00
patrickzerhusen
e1cf6f21f5 integrated onboarding tutorial for citizen portal 2026-04-30 15:28:45 +02:00
patrickzerhusen
ffc53f23e2 renamed buergerbeteiligungsportal to mitmachkarte 2026-04-30 13:59:38 +02:00
luptmoor
dd15e3468a disclaimer rephrased 2026-04-29 14:29:40 +02:00
patrickzerhusen
af820b5384 commented admin.php 2026-04-28 16:01:02 +02:00
patrickzerhusen
950ac25828 fixed comment count bug in moderation portal 2026-04-28 15:50:58 +02:00
patrickzerhusen
5b77b0b524 page tab in moderation portal saved for persistence after reload 2026-04-28 15:32:24 +02:00
patrickzerhusen
bc37051619 username now saved in cookie 2026-04-28 15:25:27 +02:00
patrickzerhusen
9463530ee5 changed position of photo toggle button 2026-04-28 15:22:33 +02:00
patrickzerhusen
e68ddd0ccf changed position of photo toggle button 2026-04-28 15:21:41 +02:00
patrickzerhusen
b18811c453 fixed comments count in citizen portal 2026-04-28 15:15:33 +02:00
patrickzerhusen
879d7c5858 photos section in moderation portal with slider 2026-04-27 15:30:33 +02:00
patrickzerhusen
be7bbfc28b comment section in moderation portal 2026-04-27 15:17:17 +02:00
patrickzerhusen
f23897018c colapsable fotos and comments section in contribution popup, comment count in popup and sidebar 2026-04-27 14:48:05 +02:00
patrickzerhusen
c39667e368 photos and comments functionality for contributions, moderation page functionality pending 2026-04-25 14:30:58 +02:00
patrickzerhusen
cb8994b493 unified CSS, consistent headers, standardized button colors 2026-04-25 13:37:05 +02:00
patrickzerhusen
62ba9b5345 fixed html structure for news sidebar 2026-04-25 13:10:47 +02:00
patrickzerhusen
360eb3744a implemented anonymous user authentification with browser identification number from cookies 2026-04-25 12:48:24 +02:00
patrickzerhusen
601c13012c updated env.example 2026-04-25 12:11:31 +02:00
patrickzerhusen
6200b061f2 added migration for anonymous user identification by browser ID 2026-04-24 17:47:00 +02:00
patrickzerhusen
fa984e7391 author can be edited and added in news moderation page 2026-04-24 17:41:59 +02:00
patrickzerhusen
125c255115 changed favicon to relative paths from database 2026-04-24 17:29:36 +02:00
patrickzerhusen
04e692a6dd minor changed to text fields 2026-04-24 17:28:12 +02:00
patrickzerhusen
25cf797294 added news CRUD functionality in moderation portal 2026-04-24 17:18:56 +02:00
patrickzerhusen
62ae9f18b0 added date and author to news in sidebar 2026-04-24 17:08:32 +02:00
patrickzerhusen
5cadc5c1b4 reverse geocoding for contributions 2026-04-24 17:00:55 +02:00
patrickzerhusen
9ca215c36d added migration for reverse geocoding 2026-04-24 16:55:49 +02:00
patrickzerhusen
04f96b7aba commented migration for news table 2026-04-24 16:50:27 +02:00
patrickzerhusen
ffe81cdf88 migration for news table in database, news now read from database 2026-04-24 16:33:03 +02:00
patrickzerhusen
c9040b2f4e reads municipality logo from database 2026-04-24 16:13:45 +02:00
patrickzerhusen
9c8e641557 added privacy and imprint pages to meet german DSGVO criteria 2026-04-24 16:09:53 +02:00
patrickzerhusen
076e82213d added privacy and imprint pages to meet german DSGVO criteria 2026-04-24 16:06:26 +02:00
patrickzerhusen
6a721fde7c fixed point layer opacity bug, changed point layer styling 2026-04-24 15:45:27 +02:00
patrickzerhusen
8179498333 bootstrap button colours 2026-04-24 15:38:18 +02:00
patrickzerhusen
ec4c9fa8a9 changed edit button colour to primary 2026-04-23 15:30:41 +02:00
patrickzerhusen
8d67c0c0b9 title and description above text fields for contribution edit 2026-04-23 15:27:33 +02:00
patrickzerhusen
ade9ca2128 styling and fond sweetalert font override 2026-04-23 15:13:49 +02:00
patrickzerhusen
2993a443a7 removed dublicate pdo call 2026-04-23 14:59:03 +02:00
luptmoor
025cd975f0 removed TODOs after successful test 2026-04-23 10:10:53 +02:00
luptmoor
0b02b435ef added municipality slug as env var 2026-04-23 10:01:18 +02:00
luptmoor
c52dbf618e added comments for slug as env var 2026-04-23 09:29:14 +02:00
luptmoor
2b1f7e3a38 SSL mode changed to disable 2026-04-23 09:29:14 +02:00
patrickzerhusen
4926433c35 opens moderation portal in new tab 2026-04-22 16:02:38 +02:00
patrickzerhusen
aae29618b3 added development warning in footer 2026-04-22 16:02:07 +02:00
patrickzerhusen
a828a3878e fixed point opacity bug when deactivating categories in sidebar 2026-04-22 15:56:30 +02:00
patrickzerhusen
f107d97b87 categories now only once defined in db.php, not longer multiple hardcoded definitions 2026-04-22 15:49:12 +02:00
patrickzerhusen
7e6b55abd4 categories now only once defined in db.php, not longer multiple hardcoded definitions 2026-04-22 15:48:58 +02:00
patrickzerhusen
d98d6a6713 commented db.php 2026-04-22 15:43:01 +02:00
patrickzerhusen
3e73dee40b commented moderation portal and changed textblocks 2026-04-22 15:16:40 +02:00
patrickzerhusen
adf863934e rebuild moderation page with filter and sorting functions, CRUD operations, map preview function and shared categories 2026-04-22 14:39:38 +02:00
patrickzerhusen
27d41c0847 simplified admin and mod authentification for new moderation page 2026-04-22 14:34:03 +02:00
patrickzerhusen
9d7eb25d1f get categories function for category definition in moderation page 2026-04-22 14:32:13 +02:00
patrickzerhusen
f30a01615e bugfix like dislikes disappeared when reopening closed contribution popup 2026-04-22 14:16:13 +02:00
patrickzerhusen
2c02a61791 refractored all var to const or let 2026-04-21 17:02:35 +02:00
patrickzerhusen
a38cf999f2 adapted basemap attributions 2026-04-21 16:49:44 +02:00
patrickzerhusen
78bdc22781 added layer control icons 2026-04-21 16:44:46 +02:00
patrickzerhusen
f810ed520c removed circles in sidebar legend, added contribution icon in layer control 2026-04-21 16:35:35 +02:00
patrickzerhusen
2b3fcb6ebf replaced category emojis with fontawesome icons 2026-04-21 16:13:56 +02:00
patrickzerhusen
5fe7522f5f deactivated mouse position control and polyline measure plugin 2026-04-21 15:52:41 +02:00
patrickzerhusen
f8f0d514bb added map previews in moderation portal 2026-04-21 12:33:15 +02:00
patrickzerhusen
5e8b4745f1 moved header navigation items right 2026-04-21 12:33:15 +02:00
lukas.uptmoor
c3569d6b98 Merge pull request 'dev/patrick' (#1) from dev/patrick into main 
Reviewed-on: #1
 2026-04-20 16:32:31 +02:00
patrickzerhusen
7dea362c89 added moderation portal with admin authentification and seperate styling 2026-04-20 16:01:10 +02:00
patrickzerhusen
11a062dd84 added ende attribution in footer 2026-04-20 15:31:49 +02:00
patrickzerhusen
aec6a9bfb6 commented new vote function 2026-04-20 15:21:58 +02:00
patrickzerhusen
94d4308d3f added visual vote deefback without sweet alert 2026-04-20 15:19:56 +02:00
patrickzerhusen
a37c1ffe01 likes and dislikes changable if citizen changes oppinion 2026-04-20 15:06:07 +02:00
patrickzerhusen
8151390835 warning message portal still in development in welcome modal 2026-04-20 14:55:24 +02:00
patrickzerhusen
99cf34671a changed language of geoman plugin to german 2026-04-20 14:48:16 +02:00
patrickzerhusen
f9187a3e84 pinned version of sweetalert 2026-04-20 14:45:31 +02:00
patrickzerhusen
94100b9371 removed sweetalert duplicate 2026-04-20 14:43:38 +02:00
patrickzerhusen
84ce0de870 sweetalert font override 2026-04-20 14:40:28 +02:00
patrickzerhusen
391cec07c8 custom GPS button styling 2026-04-20 14:38:14 +02:00
patrickzerhusen
d3cfcbab25 custom mouse position styling 2026-04-20 14:30:43 +02:00
patrickzerhusen
1eafc27c53 dynamic categories in contribution modal dropdown 2026-04-20 14:21:11 +02:00
patrickzerhusen
dbacae3f2e removed login with key press funcitonality 2026-04-20 14:10:18 +02:00
luptmoor
de9724b820 extension.md extended 2026-04-19 16:55:54 +02:00
patrickzerhusen
556c5ea4b9 bugfixe sweet alert showed behind login modal 2026-04-19 16:55:19 +02:00
patrickzerhusen
1dfffd93e5 added map boundaries based on municipality center 2026-04-19 16:49:31 +02:00
patrickzerhusen
b3879d812f Merge branch 'dev/patrick' of https://git.endex-geodaten.de/lukas.uptmoor/webgis-lohne into dev/patrick 2026-04-19 16:43:37 +02:00
patrickzerhusen
f0a88b13d1 categories searchable in contribution list 2026-04-19 16:42:25 +02:00
35 changed files with 4576 additions and 1116 deletions
Expand all files Collapse all files

2
.env.example
View File

@@ -4,3 +4,5 @@ POSTGRES_PORT=postgres_port
POSTGRES_DB=postgres_database POSTGRES_DB=postgres_database
POSTGRES_USER=postgres_user POSTGRES_USER=postgres_user
POSTGRES_PASSWORD= POSTGRES_PASSWORD=
ADMIN_PASSWORD=
MUNICIPALITY_SLUG=lohne

3
.gitignore vendored
View File

@@ -2,3 +2,6 @@
.vscode/ .vscode/
*.log *.log
scripts scripts
public/uploads/photos/*
!public/uploads/photos/.gitkeep

20
EXTENSION.md
View File

@@ -31,10 +31,6 @@ server {
webgis-<name>-php: webgis-<name>-php:
build: php-docker/ build: php-docker/
container_name: webgis-<name>-php container_name: webgis-<name>-php
environment:
- POSTGRES_USER=${WEBGIS_DB_USER}
- POSTGRES_PASSWORD=${WEBGIS_DB_PW}
- POSTGRES_DB=${WEBGIS_DB_NAME}
volumes: volumes:
- ./webgis-<name>:/var/www/webgis-<name> - ./webgis-<name>:/var/www/webgis-<name>
networks: networks:
@@ -50,12 +46,11 @@ und Datenbank anlegen.
container_name: webgis-<name>-db container_name: webgis-<name>-db
restart: always restart: always
ports: ports:
- "127.0.0.1:5432:543<ID>" - "127.0.0.1:543<ID>:5432" # inside the container always 5432
environment: environment:
- POSTGRES_HOSTNAME=${WEBGIS_DB_HOSTNAME} - POSTGRES_USER=${WEBGIS_DB_USER} # maybe go back to default username
- POSTGRES_USER=${WEBGIS_DB_USER} - POSTGRES_PASSWORD=${WEBGIS_DB_PW} # must be secure and unique
- POSTGRES_PASSWORD=${WEBGIS_DB_PW} - POSTGRES_DB=${WEBGIS_DB_NAME} #same as container name
- POSTGRES_DB=${WEBGIS_DB_NAME}
volumes: volumes:
- ./webgis-<name>-data:/var/lib/postgresql/data - ./webgis-<name>-data:/var/lib/postgresql/data
networks: networks:
@@ -74,3 +69,10 @@ git submodule add -b <branch-name> https://git.endex-geodaten.de/lukas.uptmoor/w
``` ```
Jede Kommune sollte ein eigenes Repo kriegen, da Features am Anfang variieren. Jede Kommune sollte ein eigenes Repo kriegen, da Features am Anfang variieren.
6. Mit der Datenbank verbinden über SSH-Tunnel
```
ssh -L 5433:localhost:543<ID> root@endex-geodaten.de
```
und Datenbank für Anwendung vorbereiten.

48
legacy/delete_data.php
View File

@@ -1,48 +0,0 @@
<?php
// ToDo's
// Whitelists oder Prepared Statements gegen SQL-Injection hinzufügen
include 'init.php';
$request = htmlspecialchars($_POST['request'], ENT_QUOTES);
if ($request=='buildings') {
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
try {
$pdo -> query("DELETE FROM buildings WHERE webgis_id = '$webgis_id'");
} catch (PDOException $e) {
echo "ERROR ".$e->getMessage();
}
}
if ($request == 'pipelines') {
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
try {
$pdo -> query("DELETE from pipelines where webgis_id= '$webgis_id' ");
} catch(PDOException $e) {
echo "ERROR ".$e->getMessage();
}
}
if ($request == 'valves') {
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
try {
$pdo -> query("DELETE from valves where webgis_id= '$webgis_id' ");
} catch(PDOException $e) {
echo "ERROR ".$e->getMessage();
}
}
?>

52
legacy/find_data.php
View File

@@ -1,52 +0,0 @@
<?php
// ToDo's
// Whitelists oder Prepared Statements gegen SQL-Injection hinzufügen
// PostgreSQL-Serververbindung
include 'init.php';
// HTTP-POST-Methode für Formulardaten
$table = htmlspecialchars($_POST['table'], ENT_QUOTES);
$field = htmlspecialchars($_POST['field'], ENT_QUOTES);
$value = htmlspecialchars($_POST['value'], ENT_QUOTES);
try {
// Datenbankabfrage
$result = $pdo -> query("SELECT *, ST_AsGeoJSON(geom) as geojson FROM $table WHERE $field = '$value'");
$features = [];
foreach($result as $row) {
// PHP-Objekt erstellen
$geometry = json_decode($row['geojson']);
// PHP-Objekt bereinigen
unset($row['geom']);
unset($row['geojson']);
// JSON-Feature hinzufügen
$feature = [
"type"=>"Feature",
"geometry"=>$geometry,
"properties"=>$row
];
array_push($features, $feature);
};
// Feature-Collection hinzufügen
$featureCollection = [
"type"=>"FeatureCollection",
"features"=>$features
];
echo json_encode($featureCollection);
// Fehlernachricht ausgeben
} catch(PDOException $e) {
echo "ERROR ".$e->getMessage();
}
?>

73
legacy/insert_data.php
View File

@@ -1,73 +0,0 @@
<?php
// ToDo's
// Whitelists oder Prepared Statements gegen SQL-Injection hinzufügen
// PostgreSQL-Serververbindung
include 'init.php';
$request = htmlspecialchars($_POST['request'], ENT_QUOTES);
if ($request == 'valves') {
$valve_id = htmlspecialchars($_POST['valve_id'], ENT_QUOTES);
$valve_type = htmlspecialchars($_POST['valve_type'], ENT_QUOTES);
$valve_dma_id = htmlspecialchars($_POST['valve_dma_id'], ENT_QUOTES);
$valve_diameter = htmlspecialchars($_POST['valve_diameter'], ENT_QUOTES);
$valve_visibility = htmlspecialchars($_POST['valve_visibility'], ENT_QUOTES);
$valve_location = htmlspecialchars($_POST['valve_location'], ENT_QUOTES);
$valve_geometry = $_POST['valve_geometry'];
$result = $pdo -> query("SELECT * FROM valves WHERE valve_id = '$valve_id'");
if ($result->rowCount()>0) {
echo "ERROR: Valve ID already exists. Please type in another ID!";
} else {
// Datenbankabfrage
$result = $pdo -> query("INSERT INTO valves(valve_id, valve_type, valve_dma_id, valve_diameter, valve_location, valve_visibility, geom) VALUES ('$valve_id', '$valve_type', '$valve_dma_id', '$valve_diameter', '$valve_location', '$valve_visibility', ST_SetSRID(ST_GeomFromGeoJSON('$valve_geometry'), 4326))");
}
}
if ($request == 'pipelines') {
$pipeline_id = htmlspecialchars($_POST['pipeline_id'], ENT_QUOTES);
$pipeline_category = htmlspecialchars($_POST['pipeline_category'], ENT_QUOTES);
$pipeline_dma_id = htmlspecialchars($_POST['pipeline_dma_id'], ENT_QUOTES);
$pipeline_diameter = htmlspecialchars($_POST['pipeline_diameter'], ENT_QUOTES);
$pipeline_method = htmlspecialchars($_POST['pipeline_method'], ENT_QUOTES);
$pipeline_location = htmlspecialchars($_POST['pipeline_location'], ENT_QUOTES);
$pipeline_geometry = $_POST['pipeline_geometry'];
$result = $pdo -> query("SELECT * FROM pipelines WHERE pipeline_id = '$pipeline_id'");
if ($result->rowCount()>0) {
echo "ERROR: Pipeline ID already exists. Please type in another ID!";
} else {
// Datenbankabfrage
$result = $pdo -> query("INSERT INTO pipelines(pipeline_id, pipeline_category, pipeline_dma_id, pipeline_diameter, pipeline_method, pipeline_location, geom) VALUES ('$pipeline_id', '$pipeline_category', '$pipeline_dma_id', '$pipeline_diameter', '$pipeline_method', '$pipeline_location', ST_SetSRID(ST_GeomFromGeoJSON('$pipeline_geometry'), 4326))");
}
}
if ($request == 'buildings') {
$account_no = htmlspecialchars($_POST['account_no'], ENT_QUOTES);
$building_category = htmlspecialchars($_POST['building_category'], ENT_QUOTES);
$building_dma_id = htmlspecialchars($_POST['building_dma_id'], ENT_QUOTES);
$building_storey = htmlspecialchars($_POST['building_storey'], ENT_QUOTES);
$building_population = htmlspecialchars($_POST['building_population'], ENT_QUOTES);
$building_location = htmlspecialchars($_POST['building_location'], ENT_QUOTES);
$building_geometry = $_POST['building_geometry'];
$result = $pdo -> query("SELECT *from buildings where account_no= '$account_no'");
if ($result->rowCount()>0) {
echo "ERROR: Building ID already exists. Please type in another ID!";
} else {
$sql = $pdo -> query("INSERT INTO buildings(account_no, building_category, building_dma_id, building_storey, building_population, building_location, geom) VALUES ('$account_no', '$building_category', '$building_dma_id', '$building_storey', '$building_population', '$building_location', ST_Force3DZ(ST_SetSRID(ST_GeomFromGeoJSON('$building_geometry'), 4326)))");
}
}
?>

63
legacy/load_data.php
View File

@@ -1,63 +0,0 @@
<?php
// ToDo's
// Whitelists oder Prepared Statements gegen SQL-Injection hinzufügen
// PostgreSQL-Serververbindung
include 'init.php';
// HTTP-POST-Methode für Formulardaten
$table = htmlspecialchars($_POST['table'], ENT_QUOTES);
$dma_id = htmlspecialchars($_POST['dma_id'], ENT_QUOTES);
if($table == 'valves') {
$dma_id_field = "valve_dma_id";
}
if($table == 'buildings') {
$dma_id_field = "building_dma_id";
}
if($table == 'pipelines') {
$dma_id_field = "pipeline_dma_id";
}
try {
// Datenbankabfrage
$result = $pdo -> query("SELECT *, ST_AsGeoJSON(geom) as geojson FROM $table WHERE $dma_id_field = '$dma_id'");
$features = [];
foreach($result as $row) {
// PHP-Objekt erstellen
$geometry = json_decode($row['geojson']);
// PHP-Objekt bereinigen
unset($row['geom']);
unset($row['geojson']);
// JSON-Feature hinzufügen
$feature = [
"type"=>"Feature",
"geometry"=>$geometry,
"properties"=>$row
];
array_push($features, $feature);
};
// Feature-Collection hinzufügen
$featureCollection = [
"type"=>"FeatureCollection",
"features"=>$features
];
echo json_encode($featureCollection);
// Fehlernachricht ausgeben
} catch(PDOException $e) {
echo "ERROR ".$e->getMessage();
}
?>

97
legacy/test.html
View File

@@ -1,97 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
<!-- jQuery UI -->
<link rel="stylesheet" href="source/jquery-ui.min.css">
<script src="source/jquery-ui.min.js"></script>
<!-- Bootstrap Stylesheet & Skript -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
<link rel="stylesheet" href="styles.css">
<!-- Sidebar Plugin -->
<link rel="stylesheet" href="plugins/sidebar/leaflet-sidebar.css">
<script src="plugins/sidebar/leaflet-sidebar.js"></script>
<!-- Button Plugin -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/leaflet-easybutton@2/src/easy-button.css">
<script src="https://cdn.jsdelivr.net/npm/leaflet-easybutton@2/src/easy-button.js"></script>
<!-- Font Plugin -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.1/css/all.min.css">
<!-- PolylineMeasure Plugin -->
<link rel="stylesheet" href="https://ppete2.github.io/Leaflet.PolylineMeasure/Leaflet.PolylineMeasure.css">
<script src="https://ppete2.github.io/Leaflet.PolylineMeasure/Leaflet.PolylineMeasure.js"></script>
<!-- MousePosition Plugin -->
<link rel="stylesheet" href="plugins/mouseposition/L.Control.MousePosition.css">
<script src="plugins/mouseposition/L.Control.MousePosition.js"></script>
<!-- Geoman Plugin -->
<link rel="stylesheet" href="https://unpkg.com/@geoman-io/leaflet-geoman-free@latest/dist/leaflet-geoman.css">
<script src="https://unpkg.com/@geoman-io/leaflet-geoman-free@latest/dist/leaflet-geoman.js"></script>
<!-- Minimap Plugin -->
<link rel="stylesheet" href="plugins/minimap/Control.MiniMap.min.css">
<script src="plugins/minimap/Control.MiniMap.min.js"></script>
<!-- ajax Plugin -->
<script src="plugins/ajax/leaflet.ajax.js"></script>
</head>
<body>
<div class="popup-container">
<input type="hidden" name="building_database_id" class="updateBuilding" value="something">
<input type="hidden" name="account_no_old" class="updateBuilding" value="something">
<div class="popup-form-group">
<label class="control-label popup-label">Building ID</label>
<input type="text" class="form-control popup-input text-center updateBuilding" value="something" name="account_no">
</div>
<div class="popup-form-group">
<label class="control-label popup-label">Category</label>
<input type="text" class="form-control popup-input text-center updateBuilding" value="something" name="building_category">
</div>
<div class="popup-form-group">
<label class="control-label popup-label">Storey</label>
<input type="number" class="form-control popup-input text-center updateBuilding" value="something" name="building_storey">
</div>
<div class="popup-form-group">
<label class="control-label popup-label">Population</label>
<input type="number" class="form-control popup-input text-center updateBuilding" value="something" name="building_population">
</div>
<div class="popup-form-group">
<label class="control-label popup-label">Location</label>
<input type="text" class="form-control popup-input text-center updateBuilding" value="something" name="building_locationn">
</div>
<div class="popup-button-group">
<button type="submit" class="btn btn-success popup-button">Update</button>
<button type="submit" class="btn btn-danger popup-button">Delete</button>
</div>
</div>
</body>
</html>

98
legacy/update_data.php
View File

@@ -1,98 +0,0 @@
<?php
include 'init.php';
$request = htmlspecialchars($_POST['request'], ENT_QUOTES);
if ($request=='buildings') {
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
$account_no_old = htmlspecialchars($_POST['account_no_old'], ENT_QUOTES);
$account_no = htmlspecialchars($_POST['account_no'], ENT_QUOTES);
$building_category = htmlspecialchars($_POST['building_category'], ENT_QUOTES);
$building_storey = htmlspecialchars($_POST['building_storey'], ENT_QUOTES);
$building_population = htmlspecialchars($_POST['building_population'], ENT_QUOTES);
$building_location = htmlspecialchars($_POST['building_location'], ENT_QUOTES);
$building_dma_id = htmlspecialchars($_POST['building_dma_id'], ENT_QUOTES);
try {
if ($account_no_old != $account_no) {
$result = $pdo -> query("SELECT * FROM buildings WHERE account_no = '$account_no'");
if ($result -> rowCount()>0) {
echo "ERROR: Account Number already exists. Pleas type in another Account Number!";
} else {
$pdo -> query("UPDATE buildings SET account_no = '$account_no', building_category = '$building_category', building_storey = '$building_storey', building_population = '$building_population', building_location = '$building_location', building_dma_id = '$building_dma_id' WHERE webgis_id = '$webgis_id'");
}
} else { $pdo -> query("UPDATE buildings SET account_no = '$account_no', building_category = '$building_category', building_storey = '$building_storey', building_population = '$building_population', building_location = '$building_location', building_dma_id = '$building_dma_id' WHERE webgis_id = '$webgis_id'");
}
} catch (PDOException $e) {
echo "ERROR ".$e->getMessage();
}
}
if ($request == 'pipelines') {
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
$pipeline_id_old = htmlspecialchars($_POST['pipeline_id_old'], ENT_QUOTES);
$pipeline_id = htmlspecialchars($_POST['pipeline_id'], ENT_QUOTES);
$pipeline_dma_id = htmlspecialchars($_POST['pipeline_dma_id'], ENT_QUOTES);
$pipeline_diameter = htmlspecialchars($_POST['pipeline_diameter'], ENT_QUOTES);
$pipeline_location = htmlspecialchars($_POST['pipeline_location'], ENT_QUOTES);
$pipeline_category = htmlspecialchars($_POST['pipeline_category'], ENT_QUOTES);
$pipeline_length = htmlspecialchars($_POST['pipeline_length'], ENT_QUOTES);
try {
if ($pipeline_id_old != $pipeline_id) {
$result = $pdo -> query("SELECT *from pipelines where pipeline_id = '$pipeline_id' ");
if ($result -> rowCount()>0) {
echo "ERROR: Pipeline ID already exists. Please choose a new ID";
} else {
$pdo -> query("UPDATE pipelines set pipeline_id = '$pipeline_id', pipeline_dma_id = '$pipeline_dma_id', pipeline_diameter = '$pipeline_diameter', pipeline_location = '$pipeline_location', pipeline_category='$pipeline_category', pipeline_length='$pipeline_length' where webgis_id = '$webgis_id'");
}
} else {
$pdo -> query("UPDATE pipelines set pipeline_id = '$pipeline_id', pipeline_dma_id = '$pipeline_dma_id', pipeline_diameter = '$pipeline_diameter', pipeline_location = '$pipeline_location', pipeline_category='$pipeline_category', pipeline_length='$pipeline_length' where webgis_id = '$webgis_id'");
}
} catch(PDOException $e) {
echo "ERROR ".$e->getMessage();
}
}
if ($request == 'valves') {
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
$valve_id_old = htmlspecialchars($_POST['valve_id_old'], ENT_QUOTES);
$valve_id = htmlspecialchars($_POST['valve_id'], ENT_QUOTES);
$valve_dma_id = htmlspecialchars($_POST['valve_dma_id'], ENT_QUOTES);
$valve_type = htmlspecialchars($_POST['valve_type'], ENT_QUOTES);
$valve_diameter = htmlspecialchars($_POST['valve_diameter'], ENT_QUOTES);
$valve_location = htmlspecialchars($_POST['valve_location'], ENT_QUOTES);
$valve_visibility = htmlspecialchars($_POST['valve_visibility'], ENT_QUOTES);
try {
if ($valve_id_old != $valve_id) {
$result = $pdo -> query("SELECT *from valves where valve_id = '$valve_id' ");
if ($result -> rowCount()>0) {
echo "ERROR: Valve ID already exists. Please choose a new ID";
} else {
$pdo -> query("UPDATE valves set valve_id = '$valve_id', valve_dma_id = '$valve_dma_id', valve_type = '$valve_type', valve_diameter = '$valve_diameter', valve_location = '$valve_location', valve_visibility = '$valve_visibility' where webgis_id = '$webgis_id' ");
}
} else {
$pdo -> query("UPDATE valves set valve_id = '$valve_id', valve_dma_id = '$valve_dma_id', valve_type = '$valve_type', valve_diameter = '$valve_diameter', valve_location = '$valve_location', valve_visibility = '$valve_visibility' where webgis_id = '$webgis_id' ");
}
} catch(PDOException $e) {
echo "ERROR ".$e->getMessage();
}
}
?>

44
migrations/003_news_table.sql Normal file
View File

@@ -0,0 +1,44 @@
-- =====================================================================
-- Migration 004: Creates News Table for Municipality Announcements
-- =====================================================================
-- ---------------------------------------------------------------------
-- Block 1: Creates Table "news"
-- ---------------------------------------------------------------------
CREATE TABLE IF NOT EXISTS news (
news_id SERIAL PRIMARY KEY,
municipality_id INTEGER NOT NULL REFERENCES municipalities(municipality_id) ON DELETE CASCADE,
title VARCHAR(255) NOT NULL,
content TEXT NOT NULL,
author_name VARCHAR(100) NOT NULL DEFAULT 'Stadtverwaltung',
published_at TIMESTAMP NOT NULL DEFAULT NOW(),
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- ---------------------------------------------------------------------
-- Block 2: Trigger Functions
-- ---------------------------------------------------------------------
-- Automatically Refresh updated_at on every UPDATE.
CREATE TRIGGER set_news_updated_at
BEFORE UPDATE ON news
FOR EACH ROW
EXECUTE FUNCTION set_updated_at();
-- ---------------------------------------------------------------------
-- Block 3 Indexes for fast Queries
-- ---------------------------------------------------------------------
CREATE INDEX idx_news_municipality ON news(municipality_id);
-- ---------------------------------------------------------------------
-- Block 4: Seed Data — Initial News Article
-- ---------------------------------------------------------------------
INSERT INTO news (municipality_id, title, content)
SELECT municipality_id, 'Mitmachkarte gestartet',
'Die Mitmachkarte als Bürgerbeteiligungsportal der Stadt Lohne (Oldenburg) wird nun freigeschaltet. Wir freuen uns auf Ihre Hinweise und Vorschläge!'
FROM municipalities WHERE slug = 'lohne';

8
migrations/004_reverse_geocoding.sql Normal file
View File

@@ -0,0 +1,8 @@
-- =====================================================================
-- Migration 004: Adds Address Column for Reverse Geocoding
-- =====================================================================
ALTER TABLE contributions
ADD COLUMN address VARCHAR(255) DEFAULT NULL;
COMMENT ON COLUMN contributions.address IS 'Reverse geocoded Address, stored automatically on Creation.';

27
migrations/005_browser_id.sql Normal file
View File

@@ -0,0 +1,27 @@
-- =====================================================================
-- Migration 005: Adds Browser ID for anonymous User Identification
-- =====================================================================
-- Adds browser_id Column to Contributions
ALTER TABLE contributions
ADD COLUMN browser_id VARCHAR(36) DEFAULT NULL;
-- Adds browser_id Column to Votes
-- Replaces voter_name for Identification
ALTER TABLE votes
ADD COLUMN browser_id VARCHAR(36) DEFAULT NULL;
-- Index for fast Vote Lookup by Browser
CREATE INDEX idx_votes_browser ON votes(browser_id);
-- New UNIQUE Constraint: One Vote per Browser per Contribution
-- Drops old Constraint voter_name based
ALTER TABLE votes
DROP CONSTRAINT IF EXISTS votes_unique_per_voter;
-- Creates new Constraint browser_id based
ALTER TABLE votes
ADD CONSTRAINT votes_contribution_browser_unique
UNIQUE (contribution_id, browser_id);

35
migrations/006_comments_and_photos.sql Normal file
View File

@@ -0,0 +1,35 @@
-- =====================================================================
-- Migration 006: Comments Table and Photo Support
-- =====================================================================
-- ---------------------------------------------------------------------
-- Block 1: Creates Table "comments"
-- Stores Comments on Contributions. Comments is linked to
-- Contributions and identified by browser_id.
-- ---------------------------------------------------------------------
CREATE TABLE IF NOT EXISTS comments (
comment_id SERIAL PRIMARY KEY,
contribution_id INTEGER NOT NULL REFERENCES contributions(contribution_id) ON DELETE CASCADE,
author_name VARCHAR(100) NOT NULL,
browser_id VARCHAR(36) DEFAULT NULL,
content TEXT NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- ---------------------------------------------------------------------
-- Block 2: Indexes for fast Comment Queries
-- ---------------------------------------------------------------------
CREATE INDEX idx_comments_contribution ON comments(contribution_id);
CREATE INDEX idx_comments_browser ON comments(browser_id);
-- ---------------------------------------------------------------------
-- Block 3: Adds Photo Path Column to Contributions
-- Stores relative Path to uploaded Photo File.
-- ---------------------------------------------------------------------
ALTER TABLE contributions
ADD COLUMN photo_path VARCHAR(255) DEFAULT NULL;
COMMENT ON COLUMN contributions.photo_path IS 'Relative Path to uploaded Photo. NULL = no Photo.';

14
migrations/007_comment_moderation.sql Normal file
View File

@@ -0,0 +1,14 @@
-- =====================================================================
-- Migration 007: Adds Status Column to Comments for Moderation
-- =====================================================================
-- Adds Status Column with Default 'pending'
ALTER TABLE comments
ADD COLUMN status VARCHAR(20) NOT NULL DEFAULT 'pending'
CHECK (status IN ('pending', 'approved', 'rejected'));
-- Index for fast Status Filtering
CREATE INDEX idx_comments_status ON comments(status);
-- Approves existing Comments
UPDATE comments SET status = 'approved';

65
migrations/008_comment_count_trigger.sql Normal file
View File

@@ -0,0 +1,65 @@
-- =====================================================================
-- Migration 008: Adds comment_count Column with automatic Trigger
-- Mirrors Pattern from likes_count and dislikes_count.
-- =====================================================================
-- ---------------------------------------------------------------------
-- Block 1: Adds comment_count Column to Contributions
-- ---------------------------------------------------------------------
ALTER TABLE contributions
ADD COLUMN comment_count INTEGER NOT NULL DEFAULT 0;
-- ---------------------------------------------------------------------
-- Block 2: Backfills existing Comment Counts
-- ---------------------------------------------------------------------
UPDATE contributions c
SET comment_count = (
SELECT COUNT(*)
FROM comments cm
WHERE cm.contribution_id = c.contribution_id
AND cm.status = 'approved'
);
-- ---------------------------------------------------------------------
-- Block 3: Trigger Function to update comment_count
-- Fires on Status Change on comments. Only counts approved Comments
-- ---------------------------------------------------------------------
CREATE OR REPLACE FUNCTION update_comment_count()
RETURNS TRIGGER AS $$
BEGIN
IF TG_OP = 'INSERT' OR TG_OP = 'UPDATE' THEN
UPDATE contributions
SET comment_count = (
SELECT COUNT(*) FROM comments
WHERE contribution_id = NEW.contribution_id
AND status = 'approved'
)
WHERE contribution_id = NEW.contribution_id;
END IF;
IF TG_OP = 'DELETE' OR (TG_OP = 'UPDATE' AND OLD.contribution_id != NEW.contribution_id) THEN
UPDATE contributions
SET comment_count = (
SELECT COUNT(*) FROM comments
WHERE contribution_id = OLD.contribution_id
AND status = 'approved'
)
WHERE contribution_id = OLD.contribution_id;
END IF;
RETURN NULL;
END;
$$ LANGUAGE plpgsql;
-- ---------------------------------------------------------------------
-- Block 4: Attaches Trigger to comments Table
-- ---------------------------------------------------------------------
CREATE TRIGGER trigger_update_comment_count
AFTER INSERT OR DELETE OR UPDATE OF status
ON comments
FOR EACH ROW
EXECUTE FUNCTION update_comment_count();

672
public/admin.php Normal file
View File

@@ -0,0 +1,672 @@
<?php
// =====================================================================
// Moderation Page
// Lists Contributions for Review. Moderators can approve, reject,
// edit and delete Contributions. Includes Map Preview and Filtering.
// =====================================================================
// Reads Environment Configfile
$envFile = __DIR__ . '/../../.env';
if (file_exists($envFile)) {
$lines = file($envFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
if (strpos(trim($line), '#') === 0) continue;
list($key, $value) = array_map('trim', explode('=', $line, 2));
putenv("$key=$value");
}
}
require_once __DIR__ . '/api/db.php';
require_once __DIR__ . '/api/auth.php';
// -----------------------------------------------------------------
// Routing: Login, Logout, or Main Page
// -----------------------------------------------------------------
$page = $_GET['page'] ?? 'main';
// Handles Login
if ($page === 'login' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$password = $_POST['password'] ?? '';
if (admin_login($password)) {
header('Location: admin.php');
exit;
} else {
$login_error = 'Falsches Passwort.';
}
}
// Handles Logout
if ($page === 'logout') {
admin_logout();
header('Location: admin.php?page=login');
exit;
}
// -----------------------------------------------------------------
// Loads Municipality Configuration for Theming
// -----------------------------------------------------------------
$pdo = get_db();
$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch();
// Loads News for Moderation
$stmt = $pdo->prepare("
SELECT news_id, title, content, author_name, published_at, created_at
FROM news
WHERE municipality_id = :mid
ORDER BY published_at DESC
");
$stmt->execute([':mid' => $municipality['municipality_id']]);
$news_items = $stmt->fetchAll();
// Loads all Comments with Contribution Titles for Moderation
$stmt = $pdo->prepare("
SELECT cm.comment_id, cm.contribution_id, cm.author_name, cm.browser_id,
cm.content, cm.status, cm.created_at,
co.title AS contribution_title, co.category AS contribution_category
FROM comments cm
JOIN contributions co ON cm.contribution_id = co.contribution_id
WHERE co.municipality_id = :mid
ORDER BY cm.created_at DESC
");
$stmt->execute([':mid' => $municipality['municipality_id']]);
$all_comments = $stmt->fetchAll();
// Counts Comments per Status
$comment_counts = ['pending' => 0, 'approved' => 0, 'rejected' => 0];
foreach ($all_comments as $c) {
if (isset($comment_counts[$c['status']])) {
$comment_counts[$c['status']]++;
}
}
$comment_counts['total'] = count($all_comments);
// Shows Login Page if not authenticated
if ($page === 'login' || !is_admin()) {
show_login_page($municipality, $login_error ?? null);
exit;
}
// -----------------------------------------------------------------
// Loads shared Category Definitions
// -----------------------------------------------------------------
$categories = get_categories();
// -----------------------------------------------------------------
// Loads Contributions and Statistics
// -----------------------------------------------------------------
// Loads all Contributions for Municipality
$stmt = $pdo->prepare("
SELECT contribution_id, title, category, description, author_name, photo_path,
geom_type, status, likes_count, dislikes_count, comment_count, created_at, updated_at
FROM contributions
WHERE municipality_id = :mid
ORDER BY created_at DESC
");
$stmt->execute([':mid' => $municipality['municipality_id']]);
$all_contributions = $stmt->fetchAll();
// Counts per Status
$counts = ['pending' => 0, 'approved' => 0, 'rejected' => 0];
foreach ($all_contributions as $item) {
if (isset($counts[$item['status']])) {
$counts[$item['status']]++;
}
}
$counts['total'] = count($all_contributions);
// -----------------------------------------------------------------
// Renders Main Page
// -----------------------------------------------------------------
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Moderation — <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="assets/shield-halved-solid-off-black.png" type="image/png">
<!-- Loads CSS Dependencies -->
<!-- Font Awesome for Icons -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<!-- Leaflet -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.9.4/leaflet.min.css">
<!-- Application Styles -->
<link rel="stylesheet" href="styles.css">
<!-- Loads JavaScript Dependencies -->
<!-- SweetAlert2 -->
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.14.0/dist/sweetalert2.all.min.js"></script>
<!-- Loads Municipality Theme from Database -->
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head>
<body>
<!-- ============================================================= -->
<!-- Header -->
<!-- ============================================================= -->
<div class="page-header">
<div class="page-header-inner">
<h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal <?= htmlspecialchars($municipality['name']) ?></h1>
<div class="page-header-nav">
<a href="index.php"><i class="fa-solid fa-map"></i> Bürgerportal</a>
<a href="admin.php?page=logout"><i class="fa-solid fa-right-from-bracket"></i> Abmelden</a>
</div>
</div>
</div>
<div class="page-container">
<!-- ========================================================= -->
<!-- Page Navigation Tabs -->
<!-- ========================================================= -->
<div class="page-tabs">
<button class="page-tab active" onclick="showPageTab('contributions')">
<i class="fa-solid fa-list-check"></i> Beiträge
</button>
<button class="page-tab" onclick="showPageTab('comments')">
<i class="fa-solid fa-comments"></i> Kommentare
</button>
<button class="page-tab" onclick="showPageTab('news')">
<i class="fa-solid fa-newspaper"></i> Neuigkeiten
</button>
<button class="page-tab" onclick="showPageTab('stats')">
<i class="fa-solid fa-chart-bar"></i> Statistik
</button>
<button class="page-tab" onclick="showPageTab('users')">
<i class="fa-solid fa-users"></i> Benutzer
</button>
</div>
<!-- ========================================================= -->
<!-- Contributions Tab -->
<!-- ========================================================= -->
<div id="tab-contributions" class="page-tab-content">
<!-- Status Filter Tabs -->
<div class="filter-tabs">
<button class="filter-tab active" onclick="filterByStatus('all', this)">
Alle <span class="tab-count"><?= $counts['total'] ?></span>
</button>
<button class="filter-tab" onclick="filterByStatus('pending', this)">
Ausstehend <span class="tab-count"><?= $counts['pending'] ?></span>
</button>
<button class="filter-tab" onclick="filterByStatus('approved', this)">
Akzeptiert <span class="tab-count"><?= $counts['approved'] ?></span>
</button>
<button class="filter-tab" onclick="filterByStatus('rejected', this)">
Abgelehnt <span class="tab-count"><?= $counts['rejected'] ?></span>
</button>
</div>
<!-- Sort Controls -->
<div class="sort-controls">
<span id="visible-count"><?= $counts['total'] ?> Beiträge</span>
<select onchange="sortContributions(this.value)">
<option value="date-desc">Neueste zuerst</option>
<option value="date-asc">Älteste zuerst</option>
<option value="category">Nach Kategorie</option>
</select>
</div>
<!-- Contribution List -->
<div id="contributions-container">
<?php if (empty($all_contributions)): ?>
<div class="empty-state">
<i class="fa-solid fa-inbox"></i>
Noch keine Beiträge vorhanden.
</div>
<?php else: ?>
<?php foreach ($all_contributions as $item):
$cat = $categories[$item['category']] ?? ['label' => $item['category'], 'faIcon' => 'fa-question', 'color' => '#999'];
$status_label = ['pending' => 'Ausstehend', 'approved' => 'Akzeptiert', 'rejected' => 'Abgelehnt'];
?>
<div class="contribution-row"
data-status="<?= $item['status'] ?>"
data-category="<?= htmlspecialchars($item['category']) ?>"
data-date="<?= $item['created_at'] ?>"
data-id="<?= $item['contribution_id'] ?>">
<!-- Collapsed Header: Title + Status -->
<div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
<div class="contribution-row-summary">
<span class="title"><?= htmlspecialchars($item['title']) ?></span>
<span class="badge badge-category">
<i class="fa-solid <?= $cat['faIcon'] ?>"></i>
<?= $cat['label'] ?>
</span>
<span class="badge badge-<?= $item['status'] ?>"><?= $status_label[$item['status']] ?? $item['status'] ?></span>
</div>
<i class="fa-solid fa-chevron-down collapse-icon"></i>
</div>
<!-- Expanded Detail -->
<div class="contribution-row-detail">
<div class="detail-layout">
<!-- Map and Photo Slider -->
<div class="detail-slider" id="slider-<?= $item['contribution_id'] ?>">
<!-- Slide 1: Map -->
<div class="detail-slide active" data-slide="map">
<div class="detail-map" id="map-<?= $item['contribution_id'] ?>"
data-contribution-id="<?= $item['contribution_id'] ?>">
</div>
</div>
<?php if (!empty($item['photo_path'])): ?>
<!-- Slide 2: Photo -->
<div class="detail-slide" data-slide="photo" style="display:none;">
<img src="<?= htmlspecialchars($item['photo_path']) ?>" alt="Foto"
class="detail-slide-photo" onclick="window.open('<?= htmlspecialchars($item['photo_path']) ?>', '_blank')">
</div>
<!-- Slider Arrows -->
<button class="slider-arrow slider-arrow-left" onclick="slideDetail(<?= $item['contribution_id'] ?>, -1)">
<i class="fa-solid fa-chevron-left"></i>
</button>
<button class="slider-arrow slider-arrow-right" onclick="slideDetail(<?= $item['contribution_id'] ?>, 1)">
<i class="fa-solid fa-chevron-right"></i>
</button>
<?php endif; ?>
</div>
<!-- Content -->
<div class="detail-content">
<?php if ($item['description']): ?>
<div class="description"><?= htmlspecialchars($item['description']) ?></div>
<?php else: ?>
<div class="description empty">Keine Beschreibung vorhanden.</div>
<?php endif; ?>
<div class="detail-meta">
<span><i class="fa-solid fa-user"></i> <?= htmlspecialchars($item['author_name']) ?></span>
<span><i class="fa-solid fa-calendar"></i> <?= date('d.m.Y, H:i', strtotime($item['created_at'])) ?> Uhr</span>
<span>
<i class="fa-solid fa-thumbs-up"></i> <?= $item['likes_count'] ?>
&middot;
<i class="fa-solid fa-thumbs-down"></i> <?= $item['dislikes_count'] ?>
&middot;
<i class="fa-solid fa-comment"></i> <?= $item['comment_count'] ?? 0 ?>
</span>
</div>
</div>
</div>
<!-- Action Buttons -->
<div class="action-buttons">
<?php if ($item['status'] !== 'approved'): ?>
<button class="btn btn-approve" onclick="changeStatus(<?= $item['contribution_id'] ?>, 'approved')">
<i class="fa-solid fa-check"></i> Akzeptieren
</button>
<?php endif; ?>
<?php if ($item['status'] !== 'rejected'): ?>
<button class="btn btn-reject" onclick="changeStatus(<?= $item['contribution_id'] ?>, 'rejected')">
<i class="fa-solid fa-xmark"></i> Ablehnen
</button>
<?php endif; ?>
<?php if ($item['status'] !== 'pending'): ?>
<button class="btn btn-reset" onclick="changeStatus(<?= $item['contribution_id'] ?>, 'pending')">
<i class="fa-solid fa-rotate-left"></i> Zurücksetzen
</button>
<?php endif; ?>
<button class="btn btn-edit" onclick="editContribution(<?= $item['contribution_id'] ?>, '<?= htmlspecialchars(addslashes($item['title']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($item['description'] ?? ''), ENT_QUOTES) ?>')">
<i class="fa-solid fa-pen"></i> Bearbeiten
</button>
<button class="btn btn-delete" onclick="deleteContribution(<?= $item['contribution_id'] ?>)">
<i class="fa-solid fa-trash"></i> Löschen
</button>
<!-- <a class="btn btn-map" href="index.php" target="_blank">
<i class="fa-solid fa-map-location-dot"></i> Karte
</a> -->
</div>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div>
</div>
<!-- ========================================================= -->
<!-- Comments Moderation Tab -->
<!-- ========================================================= -->
<div id="tab-comments" class="page-tab-content" style="display:none;">
<!-- Status Filter Tabs for Comments -->
<div class="filter-tabs" id="comment-filter-tabs">
<button class="filter-tab active" onclick="filterCommentsByStatus('all', this)">
Alle <span class="tab-count"><?= $comment_counts['total'] ?></span>
</button>
<button class="filter-tab" onclick="filterCommentsByStatus('pending', this)">
Ausstehend <span class="tab-count"><?= $comment_counts['pending'] ?></span>
</button>
<button class="filter-tab" onclick="filterCommentsByStatus('approved', this)">
Akzeptiert <span class="tab-count"><?= $comment_counts['approved'] ?></span>
</button>
<button class="filter-tab" onclick="filterCommentsByStatus('rejected', this)">
Abgelehnt <span class="tab-count"><?= $comment_counts['rejected'] ?></span>
</button>
</div>
<!-- Sort Controls -->
<div class="sort-controls">
<span id="comment-visible-count"><?= $comment_counts['total'] ?> Kommentare</span>
<select onchange="sortCommentRows(this.value)">
<option value="date-desc">Neueste zuerst</option>
<option value="date-asc">Älteste zuerst</option>
<option value="contribution">Nach Beitrag</option>
</select>
</div>
<!-- Comments List -->
<div id="comments-mod-container">
<?php if (empty($all_comments)): ?>
<div class="empty-state">
<i class="fa-solid fa-comments"></i>
Noch keine Kommentare vorhanden.
</div>
<?php else: ?>
<?php foreach ($all_comments as $comment):
$comment_cat = $categories[$comment['contribution_category'] ?? ''] ?? ['label' => 'Unbekannt', 'faIcon' => 'fa-question', 'color' => '#999'];
$comment_status_label = ['pending' => 'Ausstehend', 'approved' => 'Akzeptiert', 'rejected' => 'Abgelehnt'];
?>
<div class="contribution-row comment-mod-row"
data-status="<?= $comment['status'] ?>"
data-date="<?= $comment['created_at'] ?>"
data-contribution="<?= htmlspecialchars($comment['contribution_title']) ?>">
<!-- Collapsed: Contribution Title + Comment Status + Category -->
<div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
<div class="contribution-row-summary">
<span class="title"><?= htmlspecialchars($comment['contribution_title']) ?></span>
<span class="badge badge-<?= $comment['status'] ?>"><?= $comment_status_label[$comment['status']] ?? $comment['status'] ?></span>
<span class="badge badge-category">
<i class="fa-solid <?= $comment_cat['faIcon'] ?>"></i>
<?= $comment_cat['label'] ?>
</span>
</div>
<i class="fa-solid fa-chevron-down collapse-icon"></i>
</div>
<!-- Expanded Detail -->
<div class="contribution-row-detail">
<div>
<!-- Comment Content -->
<div class="detail-block">
<?= nl2br(htmlspecialchars($comment['content'])) ?>
</div>
<!-- Meta -->
<div class="detail-meta">
<span><i class="fa-solid fa-user"></i> <?= htmlspecialchars($comment['author_name']) ?></span>
<span><i class="fa-solid fa-calendar"></i> <?= date('d.m.Y, H:i', strtotime($comment['created_at'])) ?> Uhr</span>
</div>
</div>
<!-- Action Buttons -->
<div class="action-buttons">
<?php if ($comment['status'] !== 'approved'): ?>
<button class="btn btn-approve" onclick="changeCommentStatus(<?= $comment['comment_id'] ?>, 'approved')">
<i class="fa-solid fa-check"></i> Akzeptieren
</button>
<?php endif; ?>
<?php if ($comment['status'] !== 'rejected'): ?>
<button class="btn btn-reject" onclick="changeCommentStatus(<?= $comment['comment_id'] ?>, 'rejected')">
<i class="fa-solid fa-xmark"></i> Ablehnen
</button>
<?php endif; ?>
<?php if ($comment['status'] !== 'pending'): ?>
<button class="btn btn-reset" onclick="changeCommentStatus(<?= $comment['comment_id'] ?>, 'pending')">
<i class="fa-solid fa-rotate-left"></i> Zurücksetzen
</button>
<?php endif; ?>
<button class="btn btn-edit" onclick="editModComment(<?= $comment['comment_id'] ?>, '<?= htmlspecialchars(addslashes($comment['content']), ENT_QUOTES) ?>')">
<i class="fa-solid fa-pen"></i> Bearbeiten
</button>
<button class="btn btn-delete" onclick="deleteModComment(<?= $comment['comment_id'] ?>)">
<i class="fa-solid fa-trash"></i> Löschen
</button>
</div>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div>
</div>
<!-- ========================================================= -->
<!-- News Article Tab -->
<!-- ========================================================= -->
<div id="tab-news" class="page-tab-content" style="display:none;">
<!-- Filter -->
<div class="filter-tabs" id="news-filter-tabs">
<button class="filter-tab active" onclick="filterNewsByStatus('all', this)">
Alle <span class="tab-count"><?= count($news_items) ?></span>
</button>
</div>
<!-- Sort Controls -->
<div class="sort-controls">
<span id="news-visible-count"><?= count($news_items) ?> Neuigkeiten</span>
<div style="display:flex;gap:var(--space-sm);align-items:center;">
<select onchange="sortNewsRows(this.value)">
<option value="date-desc">Neueste zuerst</option>
<option value="date-asc">Älteste zuerst</option>
</select>
</div>
</div>
<?php if (empty($news_items)): ?>
<div class="empty-state">
<i class="fa-solid fa-newspaper"></i>
Noch keine Neuigkeiten veröffentlicht.
</div>
<?php else: ?>
<?php foreach ($news_items as $news): ?>
<div class="contribution-row" data-id="<?= $news['news_id'] ?>" data-date="<?= $news['published_at'] ?>">
<div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
<div class="contribution-row-summary">
<span class="title"><?= htmlspecialchars($news['title']) ?></span>
<span class="detail-block-meta">
<?= date('d.m.Y', strtotime($news['published_at'])) ?>
· <?= htmlspecialchars($news['author_name']) ?>
</span>
</div>
<i class="fa-solid fa-chevron-down collapse-icon"></i>
</div>
<div class="contribution-row-detail">
<div class="detail-block">
<?= nl2br(htmlspecialchars($news['content'])) ?>
</div>
<div class="action-buttons">
<button class="btn btn-edit" onclick="editNews(<?= $news['news_id'] ?>, '<?= htmlspecialchars(addslashes($news['title']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['content']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['author_name']), ENT_QUOTES) ?>')">
<i class="fa-solid fa-pen"></i> Bearbeiten
</button>
<button class="btn btn-delete" onclick="deleteNews(<?= $news['news_id'] ?>)">
<i class="fa-solid fa-trash"></i> Löschen
</button>
</div>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
<div class="tab-footer-action">
<button class="btn btn-approve" onclick="createNews()">
<i class="fa-solid fa-plus"></i> Neuigkeit hinzufügen
</button>
</div>
</div>
<!-- ========================================================= -->
<!-- Placeholder Tabs for future Features -->
<!-- ========================================================= -->
<div id="tab-stats" class="page-tab-content" style="display:none;">
<div class="placeholder-content">
<i class="fa-solid fa-chart-bar"></i>
<p>Statistiken und Analysen - geplant in zukünftiger Version.</p>
</div>
</div>
<div id="tab-users" class="page-tab-content" style="display:none;">
<div class="placeholder-content">
<i class="fa-solid fa-users"></i>
<p>Benutzerverwaltung - geplant in zukünftiger Version.</p>
</div>
</div>
</div>
<!-- ============================================================= -->
<!-- Edit Contribution Modal (Admin) -->
<!-- ============================================================= -->
<div id="admin-edit-modal" class="modal-overlay" style="display:none;">
<div class="modal-content">
<h2><i class="fa-solid fa-pen"></i> Beitrag bearbeiten</h2>
<div class="form-group">
<label for="admin-edit-title">Titel</label>
<input type="text" id="admin-edit-title" class="form-input">
</div>
<div class="form-group">
<label for="admin-edit-description">Beschreibung</label>
<textarea id="admin-edit-description" class="form-input" rows="4"></textarea>
</div>
<input type="hidden" id="admin-edit-id">
<div class="modal-actions">
<button class="btn btn-secondary" onclick="closeAdminModal('admin-edit-modal')">Abbrechen</button>
<button class="btn btn-primary" onclick="submitAdminEdit()">Speichern</button>
</div>
</div>
</div>
<!-- ============================================================= -->
<!-- Edit Comment Modal (Admin) -->
<!-- ============================================================= -->
<div id="admin-comment-modal" class="modal-overlay" style="display:none;">
<div class="modal-content">
<h2><i class="fa-solid fa-pen"></i> Kommentar bearbeiten</h2>
<div class="form-group">
<label for="admin-comment-content">Inhalt</label>
<textarea id="admin-comment-content" class="form-input" rows="4"></textarea>
</div>
<input type="hidden" id="admin-comment-id">
<div class="modal-actions">
<button class="btn btn-secondary" onclick="closeAdminModal('admin-comment-modal')">Abbrechen</button>
<button class="btn btn-primary" onclick="submitAdminComment()">Speichern</button>
</div>
</div>
</div>
<!-- ============================================================= -->
<!-- Create/Edit News Modal (Admin) -->
<!-- ============================================================= -->
<div id="admin-news-modal" class="modal-overlay" style="display:none;">
<div class="modal-content">
<h2 id="admin-news-modal-title"><i class="fa-solid fa-newspaper"></i> Neuigkeit hinzufügen</h2>
<div class="form-group">
<label for="admin-news-title">Titel</label>
<input type="text" id="admin-news-title" class="form-input" placeholder="Titel der Neuigkeit">
</div>
<div class="form-group">
<label for="admin-news-content">Inhalt</label>
<textarea id="admin-news-content" class="form-input" rows="4" placeholder="Neuigkeit verfassen..."></textarea>
</div>
<div class="form-group">
<label for="admin-news-author">Autor</label>
<input type="text" id="admin-news-author" class="form-input" value="Stadtverwaltung">
</div>
<input type="hidden" id="admin-news-id">
<input type="hidden" id="admin-news-mode">
<div class="modal-actions">
<button class="btn btn-secondary" onclick="closeAdminModal('admin-news-modal')">Abbrechen</button>
<button class="btn btn-primary" onclick="submitAdminNews()">Speichern</button>
</div>
</div>
</div>
<!-- ============================================================= -->
<!-- Loads JavaScript Dependencies -->
<!-- ============================================================= -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.9.4/leaflet.min.js"></script>
<!-- ============================================================= -->
<!-- Admin Configuration passed to JavaScript -->
<!-- ============================================================= -->
<script>
const ADMIN_CONFIG = {
id: <?= $municipality['municipality_id'] ?>,
name: "<?= htmlspecialchars($municipality['name'], ENT_QUOTES) ?>",
slug: "<?= htmlspecialchars($municipality['slug'], ENT_QUOTES) ?>",
center: [<?= $municipality['center_lat'] ?>, <?= $municipality['center_lng'] ?>],
zoom: <?= $municipality['default_zoom'] ?>,
primaryColor: "<?= htmlspecialchars($municipality['primary_color'], ENT_QUOTES) ?>"
};
</script>
<!-- Application Logic -->
<script src="js/admin.js"></script>
</body>
</html>
<?php
// -----------------------------------------------------------------
// Login Page
// -----------------------------------------------------------------
function show_login_page($municipality, $error = null) {
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Moderation - Anmeldung</title>
<link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link rel="stylesheet" href="styles.css">
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head>
<body>
<div class="login-wrapper">
<div class="login-box">
<h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal</h1>
<p>Bitte geben Sie das Moderationspasswort ein.</p>
<?php if ($error): ?>
<div class="login-error"><i class="fa-solid fa-triangle-exclamation"></i> <?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<form method="POST" action="admin.php?page=login">
<input type="password" name="password" placeholder="Passwort" autofocus>
<button type="submit"><i class="fa-solid fa-right-to-bracket"></i> Anmelden</button>
</form>
<div class="back-link"><i class="fa fa-arrow-left"></i> <a href="index.php">Zurück zum Bürgerportal</a></div>
</div>
</div>
</body>
</html>
<?php
}
?>

28
public/api/auth.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
// =====================================================================
// Admin Authentication Helper
// Provides simple Password-based Session Authentication for the
// Moderation Page. Reads Password from .env File.
// ToDo: Replace with full User Authentication in Phase 3-3.
// =====================================================================
// Checks if current Session is authenticated as Admin
function is_admin() {
return isset($_SESSION['is_admin']) && $_SESSION['is_admin'] === true;
}
// Authenticates with Password, returns true on Success
function admin_login($password) {
$correct = getenv('ADMIN_PASSWORD');
if ($correct && $password === $correct) {
$_SESSION['is_admin'] = true;
return true;
}
return false;
}
// Logs out Admin Session
function admin_logout() {
$_SESSION['is_admin'] = false;
session_destroy();
}

422
public/api/contributions.php
View File

@@ -38,13 +38,34 @@ switch ($action) {
case 'vote': case 'vote':
handle_vote($input); handle_vote($input);
break; break;
case 'create_news':
handle_create_news($input);
break;
case 'update_news':
handle_update_news($input);
break;
case 'delete_news':
handle_delete_news($input);
break;
case 'read_comments':
handle_read_comments($input);
break;
case 'create_comment':
handle_create_comment($input);
break;
case 'delete_comment':
handle_delete_comment($input);
break;
case 'update_comment':
handle_update_comment($input);
break;
default: default:
error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.'); error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.');
} }
// ===================================================================== // =====================================================================
// Action Handlers // Action Handlers for Contributions
// ===================================================================== // =====================================================================
@@ -67,9 +88,16 @@ function handle_read($input) {
// Builds SQL Query with Placeholders for prepared Statement // Builds SQL Query with Placeholders for prepared Statement
$sql = "SELECT *, ST_AsGeoJSON(geom) AS geojson $sql = "SELECT *, ST_AsGeoJSON(geom) AS geojson
FROM contributions FROM contributions
WHERE municipality_id = :mid AND status = 'approved'"; WHERE municipality_id = :mid";
$params = [':mid' => $municipality_id]; $params = [':mid' => $municipality_id];
// Optional: Filters by Status (Default: only approved)
$status = $input['status'] ?? 'approved';
if ($status !== 'all') {
$sql .= " AND status = :status";
$params[':status'] = $status;
}
// Optional: Filters by Category // Optional: Filters by Category
if (!empty($input['category'])) { if (!empty($input['category'])) {
$sql .= " AND category = :cat"; $sql .= " AND category = :cat";
@@ -110,6 +138,23 @@ function handle_read($input) {
'features' => $features 'features' => $features
]; ];
// Includes User's Votes for persistent Vote Display
// Returns which Contributions the current Browser has voted on
$browser_id = $input['browser_id'] ?? '';
if ($browser_id !== '') {
$stmt = $pdo->prepare("
SELECT contribution_id, vote_type
FROM votes
WHERE browser_id = :bid
");
$stmt->execute([':bid' => $browser_id]);
$user_votes = [];
foreach ($stmt->fetchAll() as $v) {
$user_votes[$v['contribution_id']] = $v['vote_type'];
}
$featureCollection['user_votes'] = $user_votes;
}
json_response($featureCollection); json_response($featureCollection);
} }
@@ -119,6 +164,11 @@ function handle_read($input) {
// Required: municipality_id, geom, geom_type, category, title, author_name // Required: municipality_id, geom, geom_type, category, title, author_name
// Optional: description // Optional: description
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
// ---------------------------------------------------------------------
// CREATE: Inserts new Contributions with optional Photo Upload
// Required: municipality_id, geom, geom_type, category, title, author_name
// Optional: description, browser_id, photo (File Upload)
// ---------------------------------------------------------------------
function handle_create($input) { function handle_create($input) {
$pdo = get_db(); $pdo = get_db();
@@ -142,14 +192,23 @@ function handle_create($input) {
error_response('Invalid GeoJSON in Geometry Field.'); error_response('Invalid GeoJSON in Geometry Field.');
} }
// Handles Photo Upload
$photo_path = null;
if (isset($_FILES['photo']) && $_FILES['photo']['error'] === UPLOAD_ERR_OK) {
$photo_path = handle_photo_upload($_FILES['photo']);
if (!$photo_path) {
error_response('Photo Upload failed. JPG, PNG, GIF and WebP up to 5 MB are allowed.');
}
}
// Prepared SQL Statement // Prepared SQL Statement
try { try {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO contributions INSERT INTO contributions
(municipality_id, geom, geom_type, category, title, description, author_name) (municipality_id, geom, geom_type, category, title, description, author_name, browser_id, photo_path)
VALUES VALUES
(:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type, (:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type,
:category, :title, :description, :author_name) :category, :title, :description, :author_name, :browser_id, :photo_path)
"); ");
$stmt->execute([ $stmt->execute([
@@ -159,7 +218,9 @@ function handle_create($input) {
':category' => $input['category'], ':category' => $input['category'],
':title' => $input['title'], ':title' => $input['title'],
':description' => $input['description'] ?? '', ':description' => $input['description'] ?? '',
':author_name' => $input['author_name'] ':author_name' => $input['author_name'],
':browser_id' => $input['browser_id'] ?? null,
':photo_path' => $photo_path
]); ]);
json_response([ json_response([
@@ -198,7 +259,7 @@ function handle_update($input) {
} }
// Builds dynamic SQL Query to only update sent Fields // Builds dynamic SQL Query to only update sent Fields
$updatable_fields = ['category', 'title', 'description', 'status']; $updatable_fields = ['category', 'title', 'description', 'status', 'address'];
$set_clauses = []; $set_clauses = [];
$params = [':id' => $contribution_id]; $params = [':id' => $contribution_id];
@@ -303,24 +364,349 @@ function handle_vote($input) {
// Prepared SQL Statement // Prepared SQL Statement
try { try {
// Checks if Voter already voted on this Contribution
$browser_id = $input['browser_id'] ?? '';
if (empty($browser_id)) {
error_response('Browser ID required for Voting.');
}
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type) SELECT vote_id, vote_type FROM votes
VALUES (:cid, :voter, :vtype) WHERE contribution_id = :cid AND browser_id = :bid
"); ");
$stmt->execute([':cid' => $input['contribution_id'], ':bid' => $browser_id]);
$existing = $stmt->fetch();
$stmt->execute([ if ($existing) {
':cid' => $input['contribution_id'], if ($existing['vote_type'] === $input['vote_type']) {
':voter' => $input['voter_name'], // Same Vote Type — Removes Vote
':vtype' => $input['vote_type'] $stmt = $pdo->prepare("DELETE FROM votes WHERE vote_id = :vid");
]); $stmt->execute([':vid' => $existing['vote_id']]);
json_response(['message' => 'Vote removed.', 'action' => 'removed']);
} else {
// Different Vote Type — Switches Vote
$stmt = $pdo->prepare("DELETE FROM votes WHERE vote_id = :vid");
$stmt->execute([':vid' => $existing['vote_id']]);
json_response(['message' => 'Vote recorded successfully.'], 201); $stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype, :bid)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type'],
':bid' => $browser_id
]);
json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200);
}
} else {
// No existing Vote — Inserts Vote
$stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype, :bid)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type'],
':bid' => $browser_id
]);
json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201);
}
} catch (PDOException $e) { } catch (PDOException $e) {
// UNIQUE Constraint Violation - Voter already voted on this Contribution error_response('Database Error: ' . $e->getMessage(), 500);
if ($e->getCode() == '23505') { }
error_response('You have already voted on this Contribution.', 409); }
}
// =====================================================================
// Action Handlers for News
// =====================================================================
// ---------------------------------------------------------------------
// CREATE NEWS: Inserts new News Entry
// Required: municipality_id, title, content
// ---------------------------------------------------------------------
function handle_create_news($input) {
$pdo = get_db();
$missing = validate_required($input, ['municipality_id', 'title', 'content']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("
INSERT INTO news (municipality_id, title, content, author_name)
VALUES (:mid, :title, :content, :author)
");
$stmt->execute([
':mid' => $input['municipality_id'],
':title' => $input['title'],
':content' => $input['content'],
':author' => $input['author_name'] ?? 'Stadtverwaltung'
]);
json_response(['message' => 'News created successfully.', 'news_id' => (int) $pdo->lastInsertId()], 201);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// UPDATE NEWS: Updates existing News Entry
// Required: news_id
// Optional: title, content
// ---------------------------------------------------------------------
function handle_update_news($input) {
$pdo = get_db();
$missing = validate_required($input, ['news_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
$set = [];
$params = [':id' => $input['news_id']];
foreach (['title', 'content', 'author_name'] as $field) {
if (isset($input[$field]) && $input[$field] !== '') {
$set[] = "$field = :$field";
$params[":$field"] = $input[$field];
}
}
if (empty($set)) {
error_response('No Fields to update.');
}
try {
$stmt = $pdo->prepare("UPDATE news SET " . implode(', ', $set) . " WHERE news_id = :id");
$stmt->execute($params);
json_response(['message' => 'News updated successfully.']);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// DELETE NEWS: Deletes existing News Entry
// Required: news_id
// ---------------------------------------------------------------------
function handle_delete_news($input) {
$pdo = get_db();
$missing = validate_required($input, ['news_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("DELETE FROM news WHERE news_id = :id");
$stmt->execute([':id' => $input['news_id']]);
json_response(['message' => 'News deleted successfully.']);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// =====================================================================
// Action Handlers for Photos
// =====================================================================
// ---------------------------------------------------------------------
// PHOTO UPLOAD: Validates and Saves uploaded Photo Files
// Returns relative Path on Success, null on Failure.
// Allowed: JPG, PNG, GIF, WebP. with maximum Size of 5 MB.
// ---------------------------------------------------------------------
function handle_photo_upload($file) {
// Validates File Size
$max_size = 5 * 1024 * 1024;
if ($file['size'] > $max_size) {
return null;
}
// Validates MIME Type
$allowed_types = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $file['tmp_name']);
finfo_close($finfo);
if (!in_array($mime, $allowed_types)) {
return null;
}
// Generates unique Filename
$ext = [
'image/jpeg' => 'jpg',
'image/png' => 'png',
'image/gif' => 'gif',
'image/webp' => 'webp'
][$mime];
$filename = uniqid('photo_', true) . '.' . $ext;
$upload_dir = __DIR__ . '/../uploads/photos/';
$target_path = $upload_dir . $filename;
// Creates Upload Directory
if (!is_dir($upload_dir)) {
mkdir($upload_dir, 0755, true);
}
// Moves uploaded File
if (move_uploaded_file($file['tmp_name'], $target_path)) {
return 'uploads/photos/' . $filename;
}
return null;
}
// =====================================================================
// Action Handlers for Comments
// =====================================================================
// ---------------------------------------------------------------------
// READ COMMENTS: Loads Comments for a Contribution
// Returns Comments sorted by Date (newest first)
// Required: contribution_id
// ---------------------------------------------------------------------
function handle_read_comments($input) {
$pdo = get_db();
$missing = validate_required($input, ['contribution_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("
SELECT comment_id, contribution_id, author_name, browser_id, content, status, created_at
FROM comments
WHERE contribution_id = :cid AND status = 'approved'
ORDER BY created_at ASC
");
$stmt->execute([':cid' => $input['contribution_id']]);
$comments = $stmt->fetchAll();
json_response(['comments' => $comments, 'count' => count($comments)]);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// CREATE COMMENT: Adds Comments to Contributions
// Required: contribution_id, author_name, content
// Optional: browser_id
// ---------------------------------------------------------------------
function handle_create_comment($input) {
$pdo = get_db();
$missing = validate_required($input, ['contribution_id', 'author_name', 'content']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
// Validates Content Length
if (strlen($input['content']) > 1000) {
error_response('Comment too long. Maximum 1000 Characters.');
}
// Checks if Contribution exists
$stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id");
$stmt->execute([':id' => $input['contribution_id']]);
if (!$stmt->fetch()) {
error_response('Contribution not found.', 404);
}
try {
$stmt = $pdo->prepare("
INSERT INTO comments (contribution_id, author_name, browser_id, content)
VALUES (:cid, :author, :bid, :content)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':author' => $input['author_name'],
':bid' => $input['browser_id'] ?? null,
':content' => $input['content']
]);
json_response([
'message' => 'Comment created successfully.',
'comment_id' => (int) $pdo->lastInsertId()
], 201);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// DELETE COMMENT: Removes a Comment
// Required: comment_id
// ---------------------------------------------------------------------
function handle_delete_comment($input) {
$pdo = get_db();
$missing = validate_required($input, ['comment_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
try {
$stmt = $pdo->prepare("DELETE FROM comments WHERE comment_id = :id");
$stmt->execute([':id' => $input['comment_id']]);
json_response(['message' => 'Comment deleted successfully.']);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500);
}
}
// ---------------------------------------------------------------------
// UPDATE COMMENT: Changes Comment Status or Content
// Required: comment_id
// Optional: status, content
// ---------------------------------------------------------------------
function handle_update_comment($input) {
$pdo = get_db();
$missing = validate_required($input, ['comment_id']);
if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing));
}
$set = [];
$params = [':id' => $input['comment_id']];
// Updates Status if provided
if (isset($input['status']) && $input['status'] !== '') {
$valid = ['pending', 'approved', 'rejected'];
if (!in_array($input['status'], $valid)) {
error_response('Invalid Status.');
}
$set[] = "status = :status";
$params[':status'] = $input['status'];
}
// Updates Content if provided
if (isset($input['content']) && $input['content'] !== '') {
$set[] = "content = :content";
$params[':content'] = $input['content'];
}
if (empty($set)) {
error_response('No Fields to update.');
}
try {
$stmt = $pdo->prepare("UPDATE comments SET " . implode(', ', $set) . " WHERE comment_id = :id");
$stmt->execute($params);
json_response(['message' => 'Comment updated successfully.']);
} catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500); error_response('Database Error: ' . $e->getMessage(), 500);
} }
} }

25
public/api/db.php
View File

@@ -1,8 +1,8 @@
<?php <?php
// ===================================================================== // =====================================================================
// Database Helper // Database Helper Functions
// Provides PDO Connection to Database and shared miscellaneous // Provides PDO Connection, JSON Response Helpers, Category Definitions
// Functions for all API Endpoints. // and shared miscellaneous Functions for all API Endpoints.
// ===================================================================== // =====================================================================
require_once __DIR__ . '/init.php'; require_once __DIR__ . '/init.php';
@@ -92,3 +92,22 @@ function get_db() {
return $pdo; return $pdo;
} }
// ---------------------------------------------------------------------
// Category Definitions
// Returns associative Array of Category Keys to Labels, Icons,
// and Colors. Shared between Citizen Participation Portal and
// Moderation Page.
// ToDo: Move to Database Table.
// ---------------------------------------------------------------------
function get_categories() {
return [
'consumption' => ['label' => 'Geschäfte', 'faIcon' => 'fa-cart-shopping', 'color' => '#C00000'],
'building' => ['label' => 'Bauen', 'faIcon' => 'fa-building', 'color' => '#E65100'],
'energy' => ['label' => 'Energie', 'faIcon' => 'fa-bolt', 'color' => '#FFC000'],
'environment' => ['label' => 'Umwelt', 'faIcon' => 'fa-seedling', 'color' => '#92D050'],
'mobility' => ['label' => 'Mobilität', 'faIcon' => 'fa-bus', 'color' => '#0070C0'],
'industry' => ['label' => 'Industrie', 'faIcon' => 'fa-industry', 'color' => '#7030A0'],
'other' => ['label' => 'Sonstiges', 'faIcon' => 'fa-thumbtack', 'color' => '#7F7F7F'],
];
}

18
public/api/init.php
View File

@@ -28,24 +28,16 @@ session_start();
// Initializes Database Connection // Initializes Database Connection
try { try {
$opt = [ $dsn = "pgsql:host=$host;dbname=$db;port=$port";
$pdo = new PDO($dsn, $user, $pass, [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::ATTR_EMULATE_PREPARES => false PDO::ATTR_EMULATE_PREPARES => false
]; ]);
$dsn = "pgsql:host=$host;dbname=$db;port=$port";
$pdo = new PDO($dsn, $user, $pass, $opt);
$pdo = new PDO($dsn, $user, $pass, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
// Creates Error Message // Creates Error Message
} catch(PDOException $e) { } catch (PDOException $e) {
echo "Error: ".$e->getMessage(); echo "Error: " . $e->getMessage();
} }
?> ?>

BIN
public/assets/lock-solid-off-black.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
public/assets/scale-balanced-solid-off-black.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

BIN
public/assets/shield-halved-solid-off-black.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
public/assets/user-group-solid-off-black.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
public/assets/user-group-solid-off-white.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

39
public/imprint.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
require_once __DIR__ . '/api/db.php';
$pdo = get_db();
$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch();
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Impressum — <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="assets/scale-balanced-solid-off-black.png" type="image/png">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link rel="stylesheet" href="styles.css">
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head>
<body>
<div class="page-header">
<div class="page-header-inner">
<h1><i class="fa-solid fa-scale-balanced"></i> Impressum</h1>
<div class="page-header-nav">
<a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
</div>
</div>
</div>
<div class="page-container">
<div class="page-content-box">
<div class="dev-notice">
<i class="fa-solid fa-triangle-exclamation"></i>
Dieses Portal befindet sich in der Entwicklung und wurde nicht offiziell beauftragt. Das Impressum wird mit der offiziellen Inbetriebnahme hier hinzugefügt.
</div>
<h2>Impressum</h2>
<p>Das Impressum wird hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>
</div>
</div>
</body>
</html>

237
public/index.php
View File

@@ -6,15 +6,14 @@
// ===================================================================== // =====================================================================
require_once __DIR__ . '/api/db.php'; require_once __DIR__ . '/api/db.php';
require_once __DIR__ . '/api/auth.php';
// ----------------------------------------------------------------- // -----------------------------------------------------------------
// Loads Municipality Configuration // Loads Municipality Configuration
// ToDo's: Dynamic Loading via URL Slug once multi-tenant Routing
// is implemented. Hardcoded Slug for now.
// ----------------------------------------------------------------- // -----------------------------------------------------------------
$pdo = get_db(); $pdo = get_db();
$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug"); $stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => 'lohne']); $stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch(); $municipality = $stmt->fetch();
if (!$municipality) { if (!$municipality) {
@@ -23,14 +22,19 @@ if (!$municipality) {
exit; exit;
} }
// Loads News for Sidebar
$stmt = $pdo->prepare("SELECT * FROM news WHERE municipality_id = :mid ORDER BY published_at DESC LIMIT 10");
$stmt->execute([':mid' => $municipality['municipality_id']]);
$news_items = $stmt->fetchAll();
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="de"> <html lang="de">
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Bürgerbeteiligungsportal <?= htmlspecialchars($municipality['name']) ?></title> <title>Mitmachkarte <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="assets/icon-municipality.png" type="image/png"> <link rel="icon" href="assets/user-group-solid-off-black.png" type="image/png">
<meta name="description" content="Bürgerbeteiligungsportal. Hinweise und Vorschläge auf der Karte eintragen."> <meta name="description" content="Bürgerbeteiligungsportal. Hinweise und Vorschläge auf der Karte eintragen.">
@@ -54,17 +58,18 @@ if (!$municipality) {
<link rel="stylesheet" href="https://unpkg.com/leaflet-control-geocoder@2.4.0/dist/Control.Geocoder.css"> <link rel="stylesheet" href="https://unpkg.com/leaflet-control-geocoder@2.4.0/dist/Control.Geocoder.css">
<!-- Leaflet Polyline Measurement Tool --> <!-- Leaflet Polyline Measurement Tool -->
<link rel="stylesheet" href="https://ppete2.github.io/Leaflet.PolylineMeasure/Leaflet.PolylineMeasure.css"> <!-- <link rel="stylesheet" href="https://ppete2.github.io/Leaflet.PolylineMeasure/Leaflet.PolylineMeasure.css"> -->
<!-- SweetAlert2 for Confirmation Dialogs --> <!-- Font Awesome for Icons -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css">
<!-- Font Awesome 6 for Icons -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<!-- Application Styles --> <!-- Application Styles -->
<link rel="stylesheet" href="styles.css"> <link rel="stylesheet" href="styles.css">
<!-- Shepherd.js Onboarding Tour -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/shepherd.js@11.2.0/dist/css/shepherd.css">
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Municipality Theme loaded from Database --> <!-- Municipality Theme loaded from Database -->
<!-- ============================================================= --> <!-- ============================================================= -->
@@ -76,15 +81,17 @@ if (!$municipality) {
</style> </style>
</head> </head>
<body> <body class="portal-page">
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Header --> <!-- Header -->
<!-- ============================================================= --> <!-- ============================================================= -->
<header id="app-header"> <header id="app-header">
<div class="header-left"> <div class="header-left">
<img src="assets/logo-municipality.png" alt="<?= htmlspecialchars($municipality['name']) ?>" class="header-logo" onerror="this.style.display='none'"> <?php if (!empty($municipality['logo_path'])): ?>
<h1 class="header-title">Bürgerbeteiligung <?= htmlspecialchars($municipality['name']) ?></h1> <img src="assets/user-group-solid-off-white.png" alt="user-group-solid-off-white" class="header-logo" onerror="this.style.display='none'">
<?php endif; ?>
<h1 class="header-title">Mitmachkarte <?= htmlspecialchars($municipality['name']) ?></h1>
</div> </div>
<nav class="header-nav"> <nav class="header-nav">
@@ -92,14 +99,17 @@ if (!$municipality) {
<i class="fa-solid fa-circle-info"></i> <i class="fa-solid fa-circle-info"></i>
<span class="nav-label">Informationen</span> <span class="nav-label">Informationen</span>
</button> </button>
<button class="nav-btn" onclick="showPrivacyModal()"> <a href="privacy.php" class="nav-btn" target="_blank">
<i class="fa-solid fa-shield-halved"></i> <i class="fa-solid fa-shield-halved"></i>
<span class="nav-label">Datenschutz</span> <span class="nav-label">Datenschutz</span>
</button> </a>
<button class="nav-btn" onclick="showImprintModal()"> <a href="imprint.php" class="nav-btn" target="_blank">
<i class="fa-solid fa-scale-balanced"></i> <i class="fa-solid fa-scale-balanced"></i>
<span class="nav-label">Impressum</span> <span class="nav-label">Impressum</span>
</button> </a>
<a href="admin.php" class="nav-btn nav-btn-admin" title="Moderationsbereich" target="_blank">
<i class="fa-solid fa-lock"></i>
</a>
</nav> </nav>
<!-- Mobile Hamburger Menu --> <!-- Mobile Hamburger Menu -->
@@ -121,9 +131,9 @@ if (!$municipality) {
<div class="leaflet-sidebar-tabs"> <div class="leaflet-sidebar-tabs">
<ul role="tablist"> <ul role="tablist">
<li><a href="#tab-home" role="tab"><i class="fa-solid fa-house"></i></a></li> <li><a href="#tab-home" role="tab"><i class="fa-solid fa-house"></i></a></li>
<li><a href="#tab-help" role="tab"><i class="fa-solid fa-circle-question"></i></a></li>
<li><a href="#tab-list" role="tab"><i class="fa-solid fa-list"></i></a></li> <li><a href="#tab-list" role="tab"><i class="fa-solid fa-list"></i></a></li>
<li><a href="#tab-news" role="tab"><i class="fa-solid fa-newspaper"></i></a></li> <li><a href="#tab-news" role="tab"><i class="fa-solid fa-newspaper"></i></a></li>
<li><a href="#tab-help" role="tab"><i class="fa-solid fa-circle-question"></i></a></li>
</ul> </ul>
</div> </div>
@@ -138,17 +148,12 @@ if (!$municipality) {
</h2> </h2>
<div class="sidebar-body"> <div class="sidebar-body">
<p>Willkommen beim Bürgerbeteiligungsportal <strong><?= htmlspecialchars($municipality['name']) ?></strong>.</p> <p>Willkommen beim Bürgerbeteiligungsportal <strong><?= htmlspecialchars($municipality['name']) ?></strong>.</p>
<p>Verwenden Sie die Karte, um Hinweise und Aufgaben für die Stadtverwaltung hinzuzufügen oder bestehende Beiträge der Bürgerschaft zu betrachten.</p> <p>Verwenden Sie die Karte, um Hinweise für die Stadtverwaltung hinzuzufügen oder bestehende Beiträge zu betrachten, zu bewerten und zu kommentieren.</p>
<h3>Kategorien</h3> <h3>Kategorien</h3>
<div id="category-filter"> <div id="category-filter">
<!-- Category Filter Checkboxes — populated by app.js --> <!-- Category Filter Checkboxes — populated by app.js -->
</div> </div>
<h3>Statistik</h3>
<div id="stats-container">
<!-- Contribution Statistics — populated by app.js -->
</div>
</div> </div>
</div> </div>
@@ -162,33 +167,22 @@ if (!$municipality) {
<div class="list-search"> <div class="list-search">
<input type="text" id="list-search-input" placeholder="Beiträge durchsuchen..." class="form-input"> <input type="text" id="list-search-input" placeholder="Beiträge durchsuchen..." class="form-input">
</div> </div>
<div class="list-controls">
<select id="list-sort" class="form-input list-sort-select" onchange="updateContributionsList()">
<option value="date-desc">Neueste zuerst</option>
<option value="date-asc">Älteste zuerst</option>
<option value="category">Nach Kategorie</option>
<option value="likes">Meiste Bewertungen</option>
<option value="comments">Meiste Kommentare</option>
</select>
<span id="list-count" class="list-count"></span>
</div>
<div id="contributions-list"> <div id="contributions-list">
<!-- Contribution Cards — populated by app.js --> <!-- Contribution Cards — populated by app.js -->
</div> </div>
</div> </div>
</div> </div>
<!-- Help Tab -->
<div class="leaflet-sidebar-pane" id="tab-help">
<h2 class="leaflet-sidebar-header">
Hilfe
<span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span>
</h2>
<div class="sidebar-body">
<h3><i class="fa-solid fa-map-location-dot"></i> Karte bedienen</h3>
<p>Verschieben Sie die Karte per Mausklick und Ziehen. Zoomen Sie mit dem Mausrad oder den Zoom-Buttons.</p>
<h3><i class="fa-solid fa-plus"></i> Beitrag erstellen</h3>
<p>Verwenden Sie die Zeichenwerkzeuge rechts, um Beiträge als Punkte, Linien oder Flächen zu zeichnen. Anschließend können Sie Kategorie und Beschreibung hinzufügen.</p>
<h3><i class="fa-solid fa-thumbs-up"></i> Abstimmen</h3>
<p>Klicken Sie auf bestehende Beiträge und nutzen Sie die Like/Dislike Funktion, um Ihre Meinung kundzugeben.</p>
<h3><i class="fa-solid fa-magnifying-glass"></i> Suchen</h3>
<p>Verwenden Sie die Adresssuche rechts, um bestimmte Orte auf der Karte zu finden.</p>
</div>
</div>
<!-- News Tab --> <!-- News Tab -->
<div class="leaflet-sidebar-pane" id="tab-news"> <div class="leaflet-sidebar-pane" id="tab-news">
<h2 class="leaflet-sidebar-header"> <h2 class="leaflet-sidebar-header">
@@ -196,12 +190,72 @@ if (!$municipality) {
<span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span> <span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span>
</h2> </h2>
<div class="sidebar-body"> <div class="sidebar-body">
<div class="news-item"> <!-- News Search -->
<span class="news-date">April 2026</span> <div class="list-search">
<h3>Portal gestartet</h3> <input type="text" id="news-search-input" placeholder="Neuigkeiten durchsuchen..." class="form-input" oninput="filterNews()">
<p>Das Bürgerbeteiligungsportal für <?= htmlspecialchars($municipality['name']) ?> ist online. Wir freuen uns auf Ihre Hinweise und Vorschläge!</p>
</div> </div>
<!-- News Items can be added or loaded from Database here -->
<div class="list-controls">
<select id="news-sort" class="form-input list-sort-select" onchange="sortNews()">
<option value="date-desc">Neueste zuerst</option>
<option value="date-asc">Älteste zuerst</option>
</select>
<span class="list-count"><?= count($news_items) ?> Neuigkeiten</span>
</div>
<!-- News Items Container -->
<div id="news-list">
<?php if (empty($news_items)): ?>
<p class="empty-state">Noch keine Neuigkeiten veröffentlicht.</p>
<?php else: ?>
<?php foreach ($news_items as $news): ?>
<div class="news-item"
data-title="<?= htmlspecialchars(strtolower($news['title'])) ?>"
data-content="<?= htmlspecialchars(strtolower($news['content'])) ?>"
data-author="<?= htmlspecialchars(strtolower($news['author_name'])) ?>"
data-date="<?= $news['published_at'] ?>">
<h3><?= htmlspecialchars($news['title']) ?></h3>
<p><?= nl2br(htmlspecialchars($news['content'])) ?></p>
<span class="news-date">
<?= htmlspecialchars($news['author_name']) ?>
· <?= date('d.m.Y', strtotime($news['published_at'])) ?>
</span>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div>
</div>
</div>
<!-- Help Tab -->
<div class="leaflet-sidebar-pane" id="tab-help">
<h2 class="leaflet-sidebar-header">
Hilfe
<span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span>
</h2>
<div class="sidebar-body">
<h3><i class="fa-solid fa-book"></i> Interaktive Anleitung</h3>
<p>Klicken Sie unten auf Tutorial starten um Schritt für Schritt durch die Kernfunktionen der Mitmachkarte geführt zu werden.</p>
<p>
<button class="btn btn-primary" onclick="if(typeof restartOnboarding==='function'){sidebar.close();restartOnboarding()}">
<i class="fa-solid fa-route"></i> Tutorial starten
</button>
</p>
<h3><i class="fa-solid fa-map-location-dot"></i> Karte bedienen</h3>
<p>Verschieben Sie die Karte per Mausklick und Ziehen. Zoomen Sie mit dem Mausrad oder den Zoom-Buttons.</p>
<h3><i class="fa-solid fa-location-dot"></i> Beitrag hinzufügen</h3>
<p>Verwenden Sie die Zeichenwerkzeuge rechts, um Hinweise, Anregungen und Vorschläge auf der Mitmachkarte als Punkte, Linien oder Flächen hinzuzufügen.</p>
<h3><i class="fa-solid fa-thumbs-up"></i> Bewerten</h3>
<p>Klicken Sie auf bestehende Beiträge und nutzen Sie die Bewertungsfunktion, um Ihre Meinung zu äußern.</p>
<h3><i class="fa-solid fa-comments"></i> Kommentieren</h3>
<p>Gerne können Sie Ihre Meinung zu bestehenden Beiträgen auch durch die Kommentarfunktion äußern.</p>
<h3><i class="fa-solid fa-magnifying-glass"></i> Suchen</h3>
<p>Verwenden Sie die Adresssuche rechts, um schnell den richtigen Ort auf der Mitmachkarte zu finden.</p>
</div> </div>
</div> </div>
@@ -218,9 +272,11 @@ if (!$municipality) {
<!-- Footer --> <!-- Footer -->
<!-- ============================================================= --> <!-- ============================================================= -->
<footer id="app-footer"> <footer id="app-footer">
<span class="dev-warning">
<i class="fa-solid fa-triangle-exclamation"></i> Demoversion - nicht in Rücksprache mit der Stadt Lohne entwickelt! Alle Beitrage, Kommentare und Personen sind frei erfunden.
</span>
<div class="footer-content"> <div class="footer-content">
<img src="assets/logo-company.png" alt="Company Logo" class="footer-logo" onerror="this.style.display='none'"> <span class="footer-text">© <a href="https://endex-geodaten.de" target="_blank" style="color:inherit;">endex GmbH</a></span>
<span class="footer-text"> Bürgerbeteiligungsportal <?= htmlspecialchars($municipality['name']) ?> </span>
</div> </div>
</footer> </footer>
@@ -237,8 +293,10 @@ if (!$municipality) {
<li>Hinweise und Verbesserungsvorschläge für die Stadtverwaltung hinzufügen</li> <li>Hinweise und Verbesserungsvorschläge für die Stadtverwaltung hinzufügen</li>
<li>Bestehende Beiträge der Bürgerschaft betrachten und bewerten</li> <li>Bestehende Beiträge der Bürgerschaft betrachten und bewerten</li>
</ul> </ul>
<p>Zum Hinzufügen von Beiträgen geben Sie bitte zunächst Ihren Namen ein.</p> <p class="dev-notice">
<div class="modal-actions"> <i class="fa-solid fa-triangle-exclamation"></i> <strong>Hinweis:</strong> Demoversion - nicht in Rücksprache mit der Stadt Lohne entwickelt! Alle Beitrage, Kommentare und Personen sind frei erfunden.
</p>
<p>Zum Hinzufügen von Beiträgen geben Sie bitte zunächst Ihren Namen ein.</p> <div class="modal-actions">
<button class="btn btn-primary" onclick="closeWelcomeAndShowLogin()">Loslegen</button> <button class="btn btn-primary" onclick="closeWelcomeAndShowLogin()">Loslegen</button>
</div> </div>
</div> </div>
@@ -270,19 +328,13 @@ if (!$municipality) {
<!-- ============================================================= --> <!-- ============================================================= -->
<div id="create-modal" class="modal-overlay" style="display:none;"> <div id="create-modal" class="modal-overlay" style="display:none;">
<div class="modal-content"> <div class="modal-content">
<h2><i class="fa-solid fa-plus-circle"></i> Beitrag</h2> <h2><i class="fa-solid fa-pencil"></i> Beitrag hinzufügen</h2>
<div class="form-group"> <div class="form-group">
<label for="create-category">Kategorie</label> <label for="create-category">Kategorie</label>
<select id="create-category" class="form-input"> <select id="create-category" class="form-input">
<option value="">— Bitte wählen —</option> <option value="">— Bitte wählen —</option>
<option value="mobility">🚲 Mobilität</option> <!-- Categories populated dynamically -->
<option value="building">🏗️ Bauen</option>
<option value="energy">⚡ Energie</option>
<option value="environment">🌳 Umwelt</option>
<option value="industry">🏭 Industrie</option>
<option value="consumption">🛒 Konsum</option>
<option value="other">📌 Sonstiges</option>
</select> </select>
</div> </div>
@@ -296,6 +348,15 @@ if (!$municipality) {
<textarea id="create-description" class="form-input" rows="4" placeholder="Detaillierte Beschreibung (optional)"></textarea> <textarea id="create-description" class="form-input" rows="4" placeholder="Detaillierte Beschreibung (optional)"></textarea>
</div> </div>
<!-- Photo Upload -->
<div class="form-group">
<label for="create-photo"></i> Foto</label>
<input type="file" id="create-photo" class="form-input" accept="image/jpeg,image/png,image/gif,image/webp">
<div id="photo-preview" style="margin-top:8px;display:none;">
<img id="photo-preview-img" style="max-width:100%;max-height:200px;border-radius:6px;border:1px solid var(--color-border);">
</div>
</div>
<input type="hidden" id="create-geom"> <input type="hidden" id="create-geom">
<input type="hidden" id="create-geom-type"> <input type="hidden" id="create-geom-type">
@@ -308,7 +369,34 @@ if (!$municipality) {
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Loads JavaScript Dependencies --> <!-- Edit Contribution Modal -->
<!-- ============================================================= -->
<div id="edit-modal" class="modal-overlay" style="display:none;">
<div class="modal-content">
<h2><i class="fa-solid fa-pen"></i> Beitrag bearbeiten</h2>
<div class="form-group">
<label for="edit-title">Titel</label>
<input type="text" id="edit-title" class="form-input">
</div>
<div class="form-group">
<label for="edit-description">Beschreibung</label>
<textarea id="edit-description" class="form-input" rows="4"></textarea>
</div>
<input type="hidden" id="edit-contribution-id">
<div class="modal-actions">
<button class="btn btn-secondary" onclick="closeEditModal()">Abbrechen</button>
<button class="btn btn-primary" onclick="submitEdit()">Speichern</button>
</div>
</div>
</div>
<!-- ============================================================= -->
<!-- Loads JavaScript Dependencies -->
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Leaflet 1.9.4 --> <!-- Leaflet 1.9.4 -->
@@ -327,17 +415,24 @@ if (!$municipality) {
<script src="https://unpkg.com/leaflet-control-geocoder@2.4.0/dist/Control.Geocoder.min.js"></script> <script src="https://unpkg.com/leaflet-control-geocoder@2.4.0/dist/Control.Geocoder.min.js"></script>
<!-- Leaflet PolylineMeasure --> <!-- Leaflet PolylineMeasure -->
<script src="https://ppete2.github.io/Leaflet.PolylineMeasure/Leaflet.PolylineMeasure.js"></script> <!-- <script src="https://ppete2.github.io/Leaflet.PolylineMeasure/Leaflet.PolylineMeasure.js"></script> -->
<!-- SweetAlert2 --> <!-- SweetAlert2 -->
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.14.0/dist/sweetalert2.all.min.js"></script>
<!-- Shepherd.js Library -->
<script src="https://cdn.jsdelivr.net/npm/shepherd.js@11.2.0/dist/js/shepherd.min.js"></script>
<!-- Onboarding Logic -->
<script src="js/onboarding.js"></script>
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Municipality Configuration (passed to JavaScript) --> <!-- Municipality Configuration passed to JavaScript -->
<!-- ============================================================= --> <!-- ============================================================= -->
<script> <script>
// Municipality Configuration from Database — used by app.js // Municipality Configuration from Database
var MUNICIPALITY = { const MUNICIPALITY = {
id: <?= $municipality['municipality_id'] ?>, id: <?= $municipality['municipality_id'] ?>,
name: "<?= htmlspecialchars($municipality['name'], ENT_QUOTES) ?>", name: "<?= htmlspecialchars($municipality['name'], ENT_QUOTES) ?>",
slug: "<?= htmlspecialchars($municipality['slug'], ENT_QUOTES) ?>", slug: "<?= htmlspecialchars($municipality['slug'], ENT_QUOTES) ?>",
@@ -345,6 +440,12 @@ if (!$municipality) {
zoom: <?= $municipality['default_zoom'] ?>, zoom: <?= $municipality['default_zoom'] ?>,
primaryColor: "<?= htmlspecialchars($municipality['primary_color'], ENT_QUOTES) ?>" primaryColor: "<?= htmlspecialchars($municipality['primary_color'], ENT_QUOTES) ?>"
}; };
// Category Definitions from Database
const CATEGORIES = <?= json_encode(get_categories(), JSON_UNESCAPED_UNICODE) ?>;
// Admin Status from PHP Session
const IS_ADMIN = <?= (function_exists('is_admin') && is_admin()) ? 'true' : 'false' ?>;
</script> </script>
<!-- Application Logic --> <!-- Application Logic -->

622
public/js/admin.js Normal file
View File

@@ -0,0 +1,622 @@
// =====================================================================
// WebGIS Moderation Portal — Application Logic
// Initializes Map Preview, loads Contributions from the API,
// handles CRUD Workflow, sorting and filtering for Contributions,
// Comments and News, and manages all UI Interactions
//
// Depends on: ADMIN_CONFIG Object set in Moderation Page
// =====================================================================
// =====================================================================
// Block 0: Configuration and Application State
// =====================================================================
// API Endpoint as relative Path
const API_URL = 'api/contributions.php';
// =====================================================================
// Block 1: Page Tab Navigation
// =====================================================================
// Restores active Tab after Page Reload
const savedTab = sessionStorage.getItem('admin_active_tab');
if (savedTab) {
// Delays to ensure DOM is ready
setTimeout(function () {
const tabBtn = document.querySelector('.page-tab[onclick*="' + savedTab + '"]');
if (tabBtn) tabBtn.click();
}, 100);
}
// Page Tab Navigation
function showPageTab(tabName) {
// Saves active Tab for Persistence after Reload
sessionStorage.setItem('admin_active_tab', tabName);
document.querySelectorAll('.page-tab-content').forEach(function (el) {
el.style.display = 'none';
});
// Deactivates all Tab Buttons
document.querySelectorAll('.page-tab').forEach(function (el) {
el.classList.remove('active');
});
// Shows selected Tab and activates Button
document.getElementById('tab-' + tabName).style.display = 'block';
event.currentTarget.classList.add('active');
}
// =====================================================================
// Block 2: Collapsible Rows for Contributions and Comments
// =====================================================================
function toggleRow(row) {
const wasOpen = row.classList.contains('open');
// Closes all open Rows
document.querySelectorAll('.contribution-row.open').forEach(function (el) {
el.classList.remove('open');
});
// Toggles clicked Row
if (!wasOpen) {
row.classList.add('open');
// Loads Map Preview if not already loaded
const mapDiv = row.querySelector('.detail-map');
if (mapDiv && !mapDiv.dataset.loaded) {
loadMapPreview(mapDiv);
}
}
}
// =====================================================================
// Block 3: Details Slider for Maps and Photos
// =====================================================================
function slideDetail(contributionId, direction) {
const slider = document.getElementById('slider-' + contributionId);
if (!slider) return;
const slides = slider.querySelectorAll('.detail-slide');
let activeIndex = -1;
// Finds active Slide
slides.forEach(function (slide, i) {
if (slide.style.display !== 'none') activeIndex = i;
});
// Calculates next Slide Index
const nextIndex = (activeIndex + direction + slides.length) % slides.length;
// Switches Slides
slides.forEach(function (slide) { slide.style.display = 'none'; });
slides[nextIndex].style.display = 'block';
// Loads Map if switching to Map Slide
if (slides[nextIndex].dataset.slide === 'map') {
const mapDiv = slides[nextIndex].querySelector('.detail-map');
if (mapDiv && !mapDiv.dataset.loaded) {
loadMapPreview(mapDiv);
}
}
}
// =====================================================================
// Block 4: Map Preview (Leaflet Mini Map per Contribution)
// =====================================================================
// Erstellt eine Leaflet-Mini-Map in einem Beitrags-Detail-Container.
// Lädt alle Beiträge via API und zeigt die Geometrie des entsprechenden Beitrags.
// Markiert die Map als geladen (data-loaded="true"), um doppeltes Laden zu verhindern.
function loadMapPreview(mapDiv) {
const contributionId = mapDiv.dataset.contributionId;
// Fetches all Contributions to find the Geometry
const formData = new FormData();
formData.append('action', 'read');
formData.append('municipality_id', ADMIN_CONFIG.id);
formData.append('status', 'all');
fetch(API_URL, { method: 'POST', body: formData })
.then(function (r) { return r.json(); })
.then(function (data) {
if (!data.features) return;
// Finds specific Contribution
const feature = data.features.find(function (f) {
return f.properties.contribution_id == contributionId;
});
if (!feature) {
mapDiv.innerHTML = '<div class="empty-state">Geometrie nicht gefunden.</div>';
return;
}
// Creates Leaflet Mini Map
const miniMap = L.map(mapDiv, {
zoomControl: false,
attributionControl: false,
dragging: true,
scrollWheelZoom: false
});
L.tileLayer('https://{s}.basemaps.cartocdn.com/light_all/{z}/{x}/{y}{r}.png', {
maxZoom: 20
}).addTo(miniMap);
// Adds Geometry to Mini Map
const geojsonLayer = L.geoJSON(feature, {
style: {
color: ADMIN_CONFIG.primaryColor,
weight: 3,
fillOpacity: 0.2
},
pointToLayer: function (f, latlng) {
return L.circleMarker(latlng, {
radius: 8,
color: '#ffffff',
weight: 2,
fillColor: ADMIN_CONFIG.primaryColor,
fillOpacity: 0.9
});
}
}).addTo(miniMap);
// Fits Map to Geometry Bounds
const bounds = geojsonLayer.getBounds();
if (bounds.isValid()) {
miniMap.fitBounds(bounds, { padding: [25, 25], maxZoom: 17 });
} else {
miniMap.setView(ADMIN_CONFIG.center, 15);
}
mapDiv.dataset.loaded = 'true';
})
.catch(function () {
mapDiv.innerHTML = '<div class="empty-state">Karte nicht verfügbar.</div>';
});
}
// =====================================================================
// Block 5: Contributions Filter and Sorting
// =====================================================================
// Filters Contributions
let currentFilter = 'all';
function filterByStatus(status, tabButton) {
currentFilter = status;
// Updates active Tab
document.querySelectorAll('.filter-tab').forEach(function (el) {
el.classList.remove('active');
});
tabButton.classList.add('active');
// Shows or Hides Contribution Rows
let visibleCount = 0;
document.querySelectorAll('#contributions-container .contribution-row').forEach(function (row) {
if (status === 'all' || row.dataset.status === status) {
row.style.display = '';
visibleCount++;
} else {
row.style.display = 'none';
}
});
// Updates Count Display
document.getElementById('visible-count').textContent = visibleCount + ' Beiträge';
}
// Sorts Contributions
function sortContributions(sortBy) {
const container = document.getElementById('contributions-container');
const rows = Array.from(container.querySelectorAll('.contribution-row'));
rows.sort(function (a, b) {
if (sortBy === 'date-desc') return new Date(b.dataset.date) - new Date(a.dataset.date);
if (sortBy === 'date-asc') return new Date(a.dataset.date) - new Date(b.dataset.date);
if (sortBy === 'category') return a.dataset.category.localeCompare(b.dataset.category);
return 0;
});
// Reappends sorted Rows
rows.forEach(function (row) { container.appendChild(row); });
}
// =====================================================================
// Block 6: Comments Filter and Sorting
// =====================================================================
// Filters Comments
function filterCommentsByStatus(status, tabButton) {
// Updates active Tab
document.querySelectorAll('#comment-filter-tabs .filter-tab').forEach(function (el) {
el.classList.remove('active');
});
tabButton.classList.add('active');
// Shows or Hides Comments Rows
let visibleCount = 0;
document.querySelectorAll('.comment-mod-row').forEach(function (row) {
if (status === 'all' || row.dataset.status === status) {
row.style.display = '';
visibleCount++;
} else {
row.style.display = 'none';
}
});
// Updates Count Display
document.getElementById('comment-visible-count').textContent = visibleCount + ' Kommentare';
}
// Sorts Comments
function sortCommentRows(sortBy) {
const container = document.getElementById('comments-mod-container');
const rows = Array.from(container.querySelectorAll('.comment-mod-row'));
rows.sort(function (a, b) {
if (sortBy === 'date-desc') return new Date(b.dataset.date) - new Date(a.dataset.date);
if (sortBy === 'date-asc') return new Date(a.dataset.date) - new Date(b.dataset.date);
if (sortBy === 'contribution') return a.dataset.contribution.localeCompare(b.dataset.contribution);
return 0;
});
// Reappends sorted Rows
rows.forEach(function (row) { container.appendChild(row); });
}
// =====================================================================
// Block 7: News Filter and Sorting
// =====================================================================
// Sorts News
function sortNewsRows(sortBy) {
var container = document.getElementById('tab-news');
var rows = Array.from(container.querySelectorAll('.contribution-row'));
rows.sort(function (a, b) {
if (sortBy === 'date-desc') return new Date(b.dataset.date || 0) - new Date(a.dataset.date || 0);
if (sortBy === 'date-asc') return new Date(a.dataset.date || 0) - new Date(b.dataset.date || 0);
return 0;
});
rows.forEach(function (row) { row.parentNode.appendChild(row); });
}
// =====================================================================
// Block 8: Helper Functions
// =====================================================================
// Sends a POST request to API
// promise-based instead of callback-based
function apiCall(data) {
const formData = new FormData();
for (const key in data) {
formData.append(key, data[key]);
}
return fetch(API_URL, { method: 'POST', body: formData })
.then(function (r) { return r.json(); });
}
// Escapes HTML to prevent Cross-Site Scripting (XSS) in Popups and Lists
function escapeHtml(text) {
if (!text) return '';
const div = document.createElement('div');
div.appendChild(document.createTextNode(text));
return div.innerHTML;
}
// Closes Admin Modals by ID
function closeAdminModal(modalId) {
document.getElementById(modalId).style.display = 'none';
}
// Closes Admin Modals on Escape Key
document.addEventListener('keydown', function (e) {
if (e.key === 'Escape') {
document.querySelectorAll('.modal-overlay').forEach(function (modal) {
modal.style.display = 'none';
});
}
});
// =====================================================================
// Block 9: CRUD Operations for Contributions
// =====================================================================
// STATUS: Changes Contribution Status
function changeStatus(contributionId, newStatus) {
const labels = { approved: 'freigeben', rejected: 'ablehnen', pending: 'zurücksetzen' };
Swal.fire({
title: 'Beitrag ' + labels[newStatus] + '?',
showCancelButton: true,
confirmButtonText: 'Ja',
cancelButtonText: 'Abbrechen',
confirmButtonColor: ADMIN_CONFIG.primaryColor
}).then(function (result) {
if (!result.isConfirmed) return;
apiCall({
action: 'update',
contribution_id: contributionId,
status: newStatus
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
// Reloads Page to reflect Changes
location.reload();
});
});
}
// UPDATE: Edits existing Contributions
function editContribution(contributionId, currentTitle, currentDescription) {
document.getElementById('admin-edit-id').value = contributionId;
document.getElementById('admin-edit-title').value = currentTitle;
document.getElementById('admin-edit-description').value = currentDescription;
document.getElementById('admin-edit-modal').style.display = 'flex';
}
// Submits Edit from Custom Modal
function submitAdminEdit() {
var id = document.getElementById('admin-edit-id').value;
var title = document.getElementById('admin-edit-title').value.trim();
var description = document.getElementById('admin-edit-description').value.trim();
if (!title) {
Swal.fire('Titel fehlt', 'Bitte geben Sie einen Titel ein.', 'warning');
return;
}
apiCall({
action: 'update',
contribution_id: id,
title: title,
description: description
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
closeAdminModal('admin-edit-modal');
Swal.fire('Gespeichert!', 'Beitrag wurde aktualisiert.', 'success')
.then(function () { location.reload(); });
});
}
// DELETE: Deletes existing Contributions
function deleteContribution(contributionId) {
Swal.fire({
title: 'Beitrag löschen?',
text: 'Diese Aktion kann nicht rückgängig gemacht werden.',
icon: 'warning',
showCancelButton: true,
confirmButtonText: 'Beitrag löschen',
cancelButtonText: 'Abbrechen',
customClass: { confirmButton: 'swal-btn-danger' },
}).then(function (result) {
if (!result.isConfirmed) return;
apiCall({
action: 'delete',
contribution_id: contributionId
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Gelöscht!', 'Beitrag wurde gelöscht.', 'success')
.then(function () { location.reload(); });
});
});
}
// =====================================================================
// Block 10: CRUD Operations for Comments
// =====================================================================
// STATUS: Changes Comment Status
function changeCommentStatus(commentId, newStatus) {
const labels = { approved: 'akzeptieren', rejected: 'ablehnen', pending: 'zurücksetzen' };
Swal.fire({
title: 'Kommentar ' + labels[newStatus] + '?',
showCancelButton: true,
confirmButtonText: 'Ja',
cancelButtonText: 'Abbrechen',
confirmButtonColor: ADMIN_CONFIG.primaryColor
}).then(function (result) {
if (!result.isConfirmed) return;
apiCall({
action: 'update_comment',
comment_id: commentId,
status: newStatus
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
location.reload();
});
});
}
// UPDATE: Edits existing Comments
function editModComment(commentId, currentContent) {
document.getElementById('admin-comment-id').value = commentId;
document.getElementById('admin-comment-content').value = currentContent;
document.getElementById('admin-comment-modal').style.display = 'flex';
}
// Submits Comment Edit from Custom Modal
function submitAdminComment() {
var id = document.getElementById('admin-comment-id').value;
var content = document.getElementById('admin-comment-content').value.trim();
if (!content) {
Swal.fire('Inhalt fehlt', 'Bitte geben Sie einen Inhalt ein.', 'warning');
return;
}
apiCall({
action: 'update_comment',
comment_id: id,
content: content
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
closeAdminModal('admin-comment-modal');
Swal.fire('Gespeichert!', 'Kommentar wurde aktualisiert.', 'success')
.then(function () { location.reload(); });
});
}
// DELETE: Deletes existing Comments
function deleteModComment(commentId) {
Swal.fire({
title: 'Kommentar löschen?',
text: 'Diese Aktion kann nicht rückgängig gemacht werden.',
icon: 'warning',
showCancelButton: true,
confirmButtonText: 'Löschen',
cancelButtonText: 'Abbrechen',
customClass: { confirmButton: 'swal-btn-danger' },
}).then(function (result) {
if (!result.isConfirmed) return;
apiCall({
action: 'delete_comment',
comment_id: commentId
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Gelöscht!', 'Kommentar wurde entfernt.', 'success')
.then(function () { location.reload(); });
});
});
}
// =====================================================================
// Block 11: CRUD Operations for News
// =====================================================================
// CREATE: Creates News
function createNews() {
document.getElementById('admin-news-modal-title').innerHTML = '<i class="fa-solid fa-newspaper"></i> Neuigkeit hinzufügen';
document.getElementById('admin-news-id').value = '';
document.getElementById('admin-news-mode').value = 'create';
document.getElementById('admin-news-title').value = '';
document.getElementById('admin-news-content').value = '';
document.getElementById('admin-news-author').value = 'Stadtverwaltung';
document.getElementById('admin-news-modal').style.display = 'flex';
}
// UPDATE: Edits existing News
function editNews(newsId, currentTitle, currentContent, currentAuthor) {
document.getElementById('admin-news-modal-title').innerHTML = '<i class="fa-solid fa-pen"></i> Neuigkeit bearbeiten';
document.getElementById('admin-news-id').value = newsId;
document.getElementById('admin-news-mode').value = 'edit';
document.getElementById('admin-news-title').value = currentTitle;
document.getElementById('admin-news-content').value = currentContent;
document.getElementById('admin-news-author').value = currentAuthor;
document.getElementById('admin-news-modal').style.display = 'flex';
}
// Submits News from Custom Modal (Create or Edit)
function submitAdminNews() {
var mode = document.getElementById('admin-news-mode').value;
var title = document.getElementById('admin-news-title').value.trim();
var content = document.getElementById('admin-news-content').value.trim();
var author = document.getElementById('admin-news-author').value.trim() || 'Stadtverwaltung';
if (!title || !content) {
Swal.fire('Pflichtfelder', 'Titel und Inhalt sind Pflichtfelder.', 'warning');
return;
}
var data;
if (mode === 'create') {
data = {
action: 'create_news',
municipality_id: ADMIN_CONFIG.id,
title: title,
content: content,
author_name: author
};
} else {
data = {
action: 'update_news',
news_id: document.getElementById('admin-news-id').value,
title: title,
content: content,
author_name: author
};
}
apiCall(data).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
closeAdminModal('admin-news-modal');
var msg = mode === 'create' ? 'Neuigkeit wurde veröffentlicht.' : 'Neuigkeit wurde aktualisiert.';
Swal.fire('Gespeichert!', msg, 'success')
.then(function () { location.reload(); });
});
}
// DELETE: Deletes existing News
function deleteNews(newsId) {
Swal.fire({
title: 'Neuigkeit löschen?',
text: 'Diese Aktion kann nicht rückgängig gemacht werden.',
icon: 'warning',
showCancelButton: true,
confirmButtonText: 'Löschen',
cancelButtonText: 'Abbrechen',
customClass: { confirmButton: 'swal-btn-danger' },
}).then(function (result) {
if (!result.isConfirmed) return;
apiCall({
action: 'delete_news',
news_id: newsId
}).then(function (response) {
if (response.error) {
Swal.fire('Fehler', response.error, 'error');
return;
}
Swal.fire('Gelöscht!', 'Neuigkeit wurde gelöscht.', 'success')
.then(function () { location.reload(); });
});
});
}

1004
public/js/app.js
View File

File diff suppressed because it is too large Load Diff

304
public/js/onboarding.js Normal file
View File

@@ -0,0 +1,304 @@
// =====================================================================
// WebGIS Citizen Participation Portal — Onboarding Tour
// Guides Users through the Participation Portal.
// On Mobile centered Overlays. On Desktop attached to User Interface.
// =====================================================================
// =================================================================
// Block 1: Onboarding Configuration
// =================================================================
// Prevents double Initialization
let onboardingStarted = false;
// Detects Mobile Viewport
function isMobile() {
return window.innerWidth < 769;
}
// =================================================================
// Block 2: Tour Definition
// =================================================================
function startTour(manual) {
// Prevents double Start
if (onboardingStarted) return;
onboardingStarted = true;
const mobile = isMobile();
const tour = new Shepherd.Tour({
useModalOverlay: !mobile,
defaultStepOptions: {
cancelIcon: { enabled: false },
scrollTo: false,
classes: 'onboarding-step',
popperOptions: {
modifiers: [
{ name: 'offset', options: { offset: [0, 14] } }
]
}
}
});
// -----------------------------------------------------------------
// Step 1: Welcome — Skip Timer at automatic Start
// -----------------------------------------------------------------
var welcomeButtons = [
{
text: 'Überspringen',
action: tour.cancel,
classes: 'shepherd-button-secondary' + (manual ? '' : ' skip-btn-locked')
},
{
text: 'Los geht\'s <i class="fa-solid fa-arrow-right"></i>',
action: tour.next,
classes: 'shepherd-button-primary'
}
];
tour.addStep({
id: 'welcome',
title: '<i class="fa-solid fa-hand-wave"></i> Willkommen bei der Mitmachkarte!',
text: 'Dieses <strong>interaktive Tutorial</strong> zeigt Ihnen die Kernfunktionen der Mitmachkarte.' +
'<br><br><span style="color:var(--color-text-secondary);">Sie können das Tutorial jederzeit über den Hilfe-Tab der Seitenleiste wiederholen.</span>',
buttons: welcomeButtons,
when: {
show: function () {
if (manual) return;
// Locks Skip Button with Progress Bar for 5 Seconds
var skipBtn = document.querySelector('.skip-btn-locked');
if (!skipBtn) return;
skipBtn.disabled = true;
skipBtn.style.pointerEvents = 'none';
setTimeout(function () {
skipBtn.disabled = false;
skipBtn.style.pointerEvents = '';
skipBtn.classList.remove('skip-btn-locked');
}, 5000);
}
}
});
// -----------------------------------------------------------------
// Step 2: Drawing Tools
// -----------------------------------------------------------------
var drawingStep = {
id: 'drawing-tools',
title: '<i class="fa-solid fa-pencil"></i> Beitrag hinzufügen',
buttons: [
{
text: '<i class="fa-solid fa-arrow-left"></i> Zurück',
action: tour.back,
classes: 'shepherd-button-secondary'
},
{
text: 'Weiter <i class="fa-solid fa-arrow-right"></i>',
action: tour.next,
classes: 'shepherd-button-primary'
}
]
};
if (mobile) {
drawingStep.text = 'Verwenden Sie die <strong>Zeichenwerkzeuge</strong> ' +
'<i class="fa-solid fa-location-dot"></i> ' +
'rechts, um Hinweise als Punkte, Linien oder Flächen hinzuzufügen.';
} else {
drawingStep.text = 'Verwenden Sie die <strong>Zeichenwerkzeuge</strong>, um Hinweise, Anregungen und Vorschläge auf der Mitmachkarte als Punkte, Linien oder Flächen hinzuzufügen.';
drawingStep.attachTo = { element: '.leaflet-pm-toolbar', on: 'left' };
drawingStep.beforeShowPromise = function () {
return new Promise(function (resolve) {
sidebar.close();
setTimeout(resolve, 300);
});
};
}
tour.addStep(drawingStep);
// -----------------------------------------------------------------
// Step 3: Address Search
// -----------------------------------------------------------------
var searchStep = {
id: 'address-search',
title: '<i class="fa-solid fa-magnifying-glass"></i> Adresssuche',
buttons: [
{
text: '<i class="fa-solid fa-arrow-left"></i> Zurück',
action: tour.back,
classes: 'shepherd-button-secondary'
},
{
text: 'Weiter <i class="fa-solid fa-arrow-right"></i>',
action: tour.next,
classes: 'shepherd-button-primary'
}
]
};
if (mobile) {
searchStep.text = 'Verwenden Sie die <strong>Adresssuche</strong> ' +
'<i class="fa-solid fa-magnifying-glass"></i> rechts, um schnell den richtigen Ort auf der Mitmachkarte zu finden.';
} else {
searchStep.text = 'Verwenden Sie die <strong>Adresssuche</strong>, um schnell den richtigen Ort auf der Mitmachkarte zu finden.';
searchStep.attachTo = { element: '.leaflet-control-geocoder', on: 'left' };
}
tour.addStep(searchStep);
// -----------------------------------------------------------------
// Step 4: Layer Control
// -----------------------------------------------------------------
var layerStep = {
id: 'layer-control',
title: '<i class="fa-solid fa-layer-group"></i> Kartenansicht',
buttons: [
{
text: '<i class="fa-solid fa-arrow-left"></i> Zurück',
action: tour.back,
classes: 'shepherd-button-secondary'
},
{
text: 'Weiter <i class="fa-solid fa-arrow-right"></i>',
action: tour.next,
classes: 'shepherd-button-primary'
}
]
};
if (mobile) {
layerStep.text = 'Wechseln Sie über das <strong>Layer-Symbol</strong> ' +
'<i class="fa-solid fa-layer-group"></i> oben rechts zwischen verschiedenen Hintergrundkarten und Satellitenbildern.';
} else {
layerStep.text = 'Wechseln Sie zwischen verschiedenen <strong>Hintergrundkarten</strong> und <strong>Satellitenbildern</strong>.';
layerStep.attachTo = { element: '.leaflet-control-layers', on: 'left' };
}
tour.addStep(layerStep);
// -----------------------------------------------------------------
// Step 5: Sidebar
// -----------------------------------------------------------------
var sidebarStep = {
id: 'sidebar',
title: '<i class="fa-solid fa-bars"></i> Seitenleiste',
buttons: [
{
text: '<i class="fa-solid fa-arrow-left"></i> Zurück',
action: tour.back,
classes: 'shepherd-button-secondary'
},
{
text: 'Abschließen <i class="fa-solid fa-check"></i>',
action: tour.next,
classes: 'shepherd-button-primary'
}
]
};
if (mobile) {
sidebarStep.text = 'In der <strong>Seitenleiste</strong> ' +
'<i class="fa-solid fa-house"></i> ' +
'links finden Sie Hilfestellungen, Listenansichten und Neuigkeiten.';
} else {
sidebarStep.text = 'In der <strong>Seitenleiste</strong> finden Sie Hilfestellungen, Listenansichten und Neuigkeiten.';
sidebarStep.attachTo = { element: '#sidebar', on: 'right' };
sidebarStep.beforeShowPromise = function () {
return new Promise(function (resolve) {
sidebar.open('tab-help');
setTimeout(resolve, 400);
});
};
}
tour.addStep(sidebarStep);
// -----------------------------------------------------------------
// Completion and Cancellation — shows Drawing Arrow
// -----------------------------------------------------------------
function onTourEnd() {
onboardingStarted = false;
if (mobile) sidebar.close();
// Shows Arrow Hint
if (!localStorage.getItem('webgis_onboarding_done')) {
localStorage.setItem('webgis_onboarding_done', 'true');
showDrawingArrow();
}
}
tour.on('complete', onTourEnd);
tour.on('cancel', onTourEnd);
tour.start();
}
// =================================================================
// Drawing Arrow — Points to Geoman Toolbar after Tour
// =================================================================
function showDrawingArrow() {
var hint = document.createElement('div');
hint.id = 'drawing-hint-arrow';
hint.innerHTML = '<span class="drawing-hint-label">' +
'<i class="fa-solid fa-pencil"></i> Beitrag hinzufügen' +
'</span>' +
'<span class="drawing-hint-chevrons">' +
'<i class="fa-solid fa-chevron-right"></i>' +
'<i class="fa-solid fa-chevron-right"></i>' +
'</span>';
document.body.appendChild(hint);
// Positions Hint centered on Geoman Toolbar
function positionHint() {
var toolbar = document.querySelector('.leaflet-pm-toolbar');
if (!toolbar) { removeDrawingArrow(); return; }
var rect = toolbar.getBoundingClientRect();
var hintHeight = hint.offsetHeight || 32;
hint.style.top = (rect.top + (rect.height / 2) - (hintHeight / 2)) + 'px';
hint.style.right = (window.innerWidth - rect.left + 10) + 'px';
}
positionHint();
window.addEventListener('resize', positionHint);
var timeout = setTimeout(removeDrawingArrow, 60000);
map.on('pm:globaldrawmodetoggled', function onDraw() {
clearTimeout(timeout);
removeDrawingArrow();
map.off('pm:globaldrawmodetoggled', onDraw);
window.removeEventListener('resize', positionHint);
});
}
function removeDrawingArrow() {
var arrow = document.getElementById('drawing-hint-arrow');
if (arrow) {
arrow.classList.add('fade-out');
setTimeout(function () { arrow.remove(); }, 300);
}
}
// =================================================================
// Manual Tour Restart (from Info Modal or Help Tab)
// =================================================================
function restartOnboarding() {
onboardingStarted = false;
startTour(true);
}

39
public/privacy.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
require_once __DIR__ . '/api/db.php';
$pdo = get_db();
$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
$municipality = $stmt->fetch();
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Datenschutz — <?= htmlspecialchars($municipality['name']) ?></title>
<link rel="icon" href="assets/lock-solid-off-black.png" type="image/png">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link rel="stylesheet" href="styles.css">
<style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
</head>
<body>
<div class="page-header">
<div class="page-header-inner">
<h1><i class="fa-solid fa-lock"></i> Datenschutz</h1>
<div class="page-header-nav">
<a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
</div>
</div>
</div>
<div class="page-container">
<div class="page-content-box">
<div class="dev-notice">
<i class="fa-solid fa-triangle-exclamation"></i>
Dieses Portal befindet sich in der Entwicklung und wurde nicht offiziell beauftragt. Die Datenschutzerklärung wird mit der offiziellen Inbetriebnahme hier hinzugefügt.
</div>
<h2>Datenschutz</h2>
<p>Die Datenschutzerklärung wird hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>
</div>
</div>
</body>
</html>

1614
public/styles.css
View File

File diff suppressed because it is too large Load Diff

7
public/uploads/.htaccess Normal file
View File

@@ -0,0 +1,7 @@
# Prevents PHP in Upload Directory
php_flag engine off
# Allows Image Files
<FilesMatch "\.(?i:jpg|jpeg|png|gif|webp)$">
Require all granted
</FilesMatch>

0
public/uploads/photos/.gitkeep Normal file
View File

2
README.md
View File

@@ -5,10 +5,8 @@ Citizen Participation Portal for Lohne (Oldenburg).
## Project Structure ## Project Structure
- `migrations/` — versioned SQL Schema Migrations - `migrations/` — versioned SQL Schema Migrations
- `api/` — Backend (PHP)
- `public/` — Frontend (HTML, CSS, JS) - `public/` — Frontend (HTML, CSS, JS)
- `scripts/` — Maintenance Scripts (backup, deployment) - `scripts/` — Maintenance Scripts (backup, deployment)
- `legacy/` — Reference Code from Prototype
## Local Setup ## Local Setup