From 2993a443a74b92b63d6f332b7ccf942d5462d9d5 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Thu, 23 Apr 2026 14:59:03 +0200
Subject: [PATCH 01/25] removed dublicate pdo call

---
 public/api/init.php | 18 +++++-------------
 1 file changed, 5 insertions(+), 13 deletions(-)

diff --git a/public/api/init.php b/public/api/init.php
index 37f2952..5dd04d2 100644
--- a/public/api/init.php
+++ b/public/api/init.php
@@ -28,24 +28,16 @@ session_start();
 
 // Initializes Database Connection
 try {
-    $opt = [
+    $dsn = "pgsql:host=$host;dbname=$db;port=$port";
+    $pdo = new PDO($dsn, $user, $pass, [
         PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
         PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
         PDO::ATTR_EMULATE_PREPARES   => false
-    ];
-    $dsn = "pgsql:host=$host;dbname=$db;port=$port;sslmode=disable";
-    $pdo = new PDO($dsn, $user, $pass, $opt);
+    ]);
 
-
-    $pdo = new PDO($dsn, $user, $pass, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
-
-
-
-    
-    
 // Creates Error Message
-} catch(PDOException $e) {
-    echo "Error: ".$e->getMessage();
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
 }
 
 ?>
\ No newline at end of file
-- 
2.49.1


From ade9ca212807f13dd394ceda64ebfa96249db7aa Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Thu, 23 Apr 2026 15:13:49 +0200
Subject: [PATCH 02/25] styling and fond sweetalert font override

---
 public/admin.css | 18 ++++++++++++++++++
 public/admin.php | 10 +++++-----
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/public/admin.css b/public/admin.css
index adfb977..d9b8948 100644
--- a/public/admin.css
+++ b/public/admin.css
@@ -331,6 +331,14 @@ body {
     flex-shrink: 0;
 }
 
+.badge-category {
+    background: #e0e0e0;
+    color: #5a5a7a;
+    display: inline-flex;
+    align-items: center;
+    gap: 4px;
+}
+
 .badge-pending { background: #fff3cd; color: #856404; }
 .badge-approved { background: #d4edda; color: #155724; }
 .badge-rejected { background: #f8d7da; color: #721c24; }
@@ -486,6 +494,16 @@ body {
 .back-link a { color: #5a5a7a; }
 
 
+/* -----------------------------------------------------------------
+   SweetAlert2 Font Override
+   ----------------------------------------------------------------- */
+.swal2-input,
+.swal2-textarea,
+.swal2-select {
+    font-family: 'Segoe UI', system-ui, sans-serif !important;
+}
+
+
 /* -----------------------------------------------------------------
    Mobile Responsive
    ----------------------------------------------------------------- */
diff --git a/public/admin.php b/public/admin.php
index 144d407..03730fb 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -234,6 +234,10 @@ $counts['total'] = count($all_contributions);
                             <div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
                                 <div class="contribution-row-summary">
                                     <span class="title"><?= htmlspecialchars($item['title']) ?></span>
+                                    <span class="badge badge-category">
+                                        <i class="fa-solid <?= $cat['faIcon'] ?>"></i>
+                                        <?= $cat['label'] ?>
+                                    </span>
                                     <span class="badge badge-<?= $item['status'] ?>"><?= $status_label[$item['status']] ?? $item['status'] ?></span>
                                 </div>
                                 <i class="fa-solid fa-chevron-down collapse-icon"></i>
@@ -256,10 +260,6 @@ $counts['total'] = count($all_contributions);
                                         <?php endif; ?>
 
                                         <div class="detail-meta">
-                                            <span>
-                                                <i class="fa-solid <?= $cat['faIcon'] ?>" style="color:<?= $cat['color'] ?>;"></i>
-                                                <?= $cat['label'] ?>
-                                            </span>
                                             <span><i class="fa-solid fa-user"></i> <?= htmlspecialchars($item['author_name']) ?></span>
                                             <span><i class="fa-solid fa-calendar"></i> <?= date('d.m.Y, H:i', strtotime($item['created_at'])) ?> Uhr</span>
                                             <span>
@@ -670,7 +670,7 @@ function show_login_page($municipality, $error = null) {
             <h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal</h1>
             <p>Bitte geben Sie das Moderationspasswort ein.</p>
             <?php if ($error): ?>
-                <div class="login-error"><?= htmlspecialchars($error) ?></div>
+                <div class="login-error"><i class="fa-solid fa-triangle-exclamation"></i> <?= htmlspecialchars($error) ?></div>
             <?php endif; ?>
             <form method="POST" action="admin.php?page=login">
                 <input type="password" name="password" placeholder="Passwort" autofocus>
-- 
2.49.1


From 8d67c0c0b9b1485cbdb23468c4c5c65fceac81fc Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Thu, 23 Apr 2026 15:27:33 +0200
Subject: [PATCH 03/25] title and description above text fields for
 contribution edit

---
 public/admin.php | 12 ++++++++----
 public/js/app.js | 12 ++++++++----
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/public/admin.php b/public/admin.php
index 03730fb..d83a97e 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -577,10 +577,14 @@ $counts['total'] = count($all_contributions);
                 title: 'Beitrag bearbeiten',
                 html:
                     '<div style="text-align:left;">' +
-                        '<label style="font-weight:600;font-size:0.85rem;">Titel</label>' +
-                        '<input id="swal-title" class="swal2-input" value="' + currentTitle + '">' +
-                        '<label style="font-weight:600;font-size:0.85rem;">Beschreibung</label>' +
-                        '<textarea id="swal-description" class="swal2-textarea">' + currentDescription + '</textarea>' +
+                        '<div style="margin-bottom:12px;">' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
+                            '<input id="swal-title" class="swal2-input" style="margin:0;width:100%;" value="' + currentTitle + '">' +
+                        '</div>' +
+                        '<div>' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Beschreibung</label>' +
+                            '<textarea id="swal-description" class="swal2-textarea" style="margin:0;width:100%;">' + currentDescription + '</textarea>' +
+                        '</div>' +
                     '</div>',
                 showCancelButton: true,
                 confirmButtonText: 'Speichern',
diff --git a/public/js/app.js b/public/js/app.js
index 795d384..e8a2abd 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -484,10 +484,14 @@ function editContribution(contributionId) {
         title: 'Beitrag bearbeiten',
         html:
             '<div style="text-align:left;">' +
-                '<label style="font-weight:600;font-size:0.85rem;">Titel</label>' +
-                '<input id="swal-title" class="swal2-input" value="' + escapeHtml(props.title) + '">' +
-                '<label style="font-weight:600;font-size:0.85rem;">Beschreibung</label>' +
-                '<textarea id="swal-description" class="swal2-textarea">' + escapeHtml(props.description || '') + '</textarea>' +
+                '<div style="margin-bottom:12px;">' +
+                    '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
+                    '<input id="swal-title" class="swal2-input" style="margin:0;width:100%;" value="' + escapeHtml(props.title) + '">' +
+                '</div>' +
+                '<div>' +
+                    '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Beschreibung</label>' +
+                    '<textarea id="swal-description" class="swal2-textarea" style="margin:0;width:100%;">' + escapeHtml(props.description || '') + '</textarea>' +
+                '</div>' +
             '</div>',
         showCancelButton: true,
         confirmButtonText: 'Speichern',
-- 
2.49.1


From ec4c9fa8a98a65d4c23f43cf8893421bbf941c9e Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Thu, 23 Apr 2026 15:30:41 +0200
Subject: [PATCH 04/25] changed edit button colour to primary

---
 public/admin.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/admin.css b/public/admin.css
index d9b8948..3ed0c02 100644
--- a/public/admin.css
+++ b/public/admin.css
@@ -312,7 +312,7 @@ body {
 
 .btn-approve { background: #2e7d32; color: white; }
 .btn-reject { background: #c62828; color: white; }
-.btn-edit { background: #1565C0; color: white; }
+.btn-edit { background: var(--color-primary); color: white; }
 .btn-delete { background: #424242; color: white; }
 .btn-map { background: #546E7A; color: white; }
 
-- 
2.49.1


From 8179498333ff3e48eb5962f80cb89dc1697b17f4 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 15:38:18 +0200
Subject: [PATCH 05/25] bootstrap button colours

---
 public/admin.css | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/public/admin.css b/public/admin.css
index 3ed0c02..a8347e2 100644
--- a/public/admin.css
+++ b/public/admin.css
@@ -310,9 +310,9 @@ body {
 
 .btn:hover { filter: brightness(1.1); }
 
-.btn-approve { background: #2e7d32; color: white; }
-.btn-reject { background: #c62828; color: white; }
-.btn-edit { background: var(--color-primary); color: white; }
+.btn-approve { background: #28a745 ; color: white; }
+.btn-reject { background: #DC3545; color: white; }
+.btn-edit { background: #ffc107; color: white; }
 .btn-delete { background: #424242; color: white; }
 .btn-map { background: #546E7A; color: white; }
 
-- 
2.49.1


From 6a721fde7c99bfd937e657f42fbf3c1d8ee91931 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 15:45:27 +0200
Subject: [PATCH 06/25] fixed point layer opacity bug, changed point layer
 styling

---
 public/js/app.js | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/public/js/app.js b/public/js/app.js
index e8a2abd..500fb6d 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -331,10 +331,11 @@ function stylePoint(feature, latlng) {
 
     return L.circleMarker(latlng, {
         radius: 8,
-        color: '#ffffff',
-        weight: 2,
+        color: cat.color,
+        weight: 3,
         fillColor: cat.color,
-        fillOpacity: 0.9
+        fillOpacity: 0.25,
+        opacity: 0.8
     });
 }
 
@@ -755,7 +756,14 @@ function toggleCategoryFilter(checkbox) {
             if (layer.feature) {
                 const cat = layer.feature.properties.category;
                 if (activeFilters.indexOf(cat) !== -1) {
-                    layer.setStyle({ opacity: 0.8, fillOpacity: layer.feature.geometry.type === 'Point' ? 0.25 : 0.25 });
+                    const catDef = CATEGORIES[cat] || CATEGORIES.other;
+                    layer.setStyle({
+                        color: catDef.color,
+                        weight: 3,
+                        opacity: 0.8,
+                        fillColor: catDef.color,
+                        fillOpacity: 0.25
+                    });
                     if (layer.setRadius) layer.setRadius(8);
                     layer.options.interactive = true;
                 } else {
-- 
2.49.1


From 076e82213dc7f5b46d743d249d0c369d1e16aacf Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 16:06:26 +0200
Subject: [PATCH 07/25] added privacy and imprint pages to meet german DSGVO
 criteria

---
 public/index.php |  8 ++++----
 public/js/app.js | 24 ------------------------
 2 files changed, 4 insertions(+), 28 deletions(-)

diff --git a/public/index.php b/public/index.php
index 7423017..994143f 100644
--- a/public/index.php
+++ b/public/index.php
@@ -100,14 +100,14 @@ if (!$municipality) {
                 <i class="fa-solid fa-circle-info"></i>
                 <span class="nav-label">Informationen</span>
             </button>
-            <button class="nav-btn" onclick="showPrivacyModal()">
+            <a href="privacy.php" class="nav-btn" target="_blank">
                 <i class="fa-solid fa-shield-halved"></i>
                 <span class="nav-label">Datenschutz</span>
-            </button>
-            <button class="nav-btn" onclick="showImprintModal()">
+            </a>
+            <a href="imprint.php" class="nav-btn" target="_blank">
                 <i class="fa-solid fa-scale-balanced"></i>
                 <span class="nav-label">Impressum</span>
-            </button>
+            </a>
             <a href="admin.php" class="nav-btn nav-btn-admin" title="Moderationsbereich" target="_blank">
                 <i class="fa-solid fa-lock"></i>
             </a>
diff --git a/public/js/app.js b/public/js/app.js
index 500fb6d..357119d 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -870,30 +870,6 @@ function showInfoModal() {
     });
 }
 
-// Privacy Modal
-function showPrivacyModal() {
-    Swal.fire({
-        title: 'Datenschutz',
-        html: '<p style="text-align:left;line-height:1.6;">Das Bürgerbeteiligungsportal speichert die von Ihnen ' +
-              'hinterlegten Daten zur Durchführung der Bürgerbeteiligung.</p>' +
-              '<p style="text-align:left;line-height:1.6;">Ihre Daten werden nicht an Dritte weitergegeben. ' +
-              'Details entnehmen Sie bitte der vollständigen Datenschutzerklärung von ' +
-              MUNICIPALITY.name + '.</p>',
-        confirmButtonColor: MUNICIPALITY.primaryColor
-    });
-}
-
-// Imprint Modal
-function showImprintModal() {
-    Swal.fire({
-        title: 'Impressum',
-        html: '<p style="text-align:left;line-height:1.6;">Stadt ' + MUNICIPALITY.name + '</p>' +
-              '<p style="text-align:left;line-height:1.6;color:#777;">Die vollständigen Angaben ' +
-              'werden hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>',
-        confirmButtonColor: MUNICIPALITY.primaryColor
-    });
-}
-
 
 // =====================================================================
 // Block 14: Mobile Navigation
-- 
2.49.1


From 9c8e641557f342c570ca7ea7d19c5162790eb188 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 16:09:53 +0200
Subject: [PATCH 08/25] added privacy and imprint pages to meet german DSGVO
 criteria

---
 public/imprint.php | 55 +++++++++++++++++++++++++++++++++++++++
 public/privacy.php | 64 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 119 insertions(+)
 create mode 100644 public/imprint.php
 create mode 100644 public/privacy.php

diff --git a/public/imprint.php b/public/imprint.php
new file mode 100644
index 0000000..81f56cc
--- /dev/null
+++ b/public/imprint.php
@@ -0,0 +1,55 @@
+<?php
+// =====================================================================
+// Imprint Page
+// =====================================================================
+require_once __DIR__ . '/api/db.php';
+
+$pdo = get_db();
+$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
+$stmt->execute([':slug' => 'lohne']);
+$municipality = $stmt->fetch();
+?>
+<!DOCTYPE html>
+<html lang="de">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Impressum — <?= htmlspecialchars($municipality['name']) ?></title>
+    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
+    <style>
+        :root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }
+        * { box-sizing: border-box; margin: 0; padding: 0; }
+        body { font-family: 'Segoe UI', system-ui, sans-serif; background: #f4f5f7; color: #1a1a2e; }
+        .page-header { background: var(--color-primary); color: white; padding: 16px 24px; }
+        .page-header h1 { font-size: 1.2rem; }
+        .page-header a { color: white; opacity: 0.8; text-decoration: none; font-size: 0.85rem; }
+        .page-header a:hover { opacity: 1; }
+        .page-header-inner { max-width: 800px; margin: 0 auto; display: flex; justify-content: space-between; align-items: center; }
+        .page-content { max-width: 800px; margin: 32px auto; padding: 32px; background: white; border-radius: 8px; border: 1px solid #e0e0e0; line-height: 1.7; }
+        .page-content h2 { font-size: 1.1rem; margin: 24px 0 8px 0; color: var(--color-primary); }
+        .page-content h2:first-child { margin-top: 0; }
+        .page-content p { margin-bottom: 12px; color: #5a5a7a; }
+        @media (max-width: 768px) { .page-content { margin: 16px; padding: 20px; } }
+    </style>
+</head>
+<body>
+    <div class="page-header">
+        <div class="page-header-inner">
+            <h1><i class="fa-solid fa-scale-balanced"></i> Impressum</h1>
+            <a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
+        </div>
+    </div>
+    <div class="page-content">
+        <h2>Angaben gemäß § 5 TMG</h2>
+        <p>Stadt <?= htmlspecialchars($municipality['name']) ?></p>
+        <p>Die vollständigen Angaben (Adresse, Telefon, E-Mail, Vertretungsberechtigte) werden hier ergänzt, sobald das Portal in den Produktivbetrieb geht.</p>
+
+        <h2>Technische Umsetzung</h2>
+        <p><a href="https://endex-geodaten.de" target="_blank" style="color:var(--color-primary);">endex GmbH</a></p>
+
+        <h2>Haftungsausschluss</h2>
+        <p>Die Inhalte der Bürgerbeiträge geben die Meinung der jeweiligen Verfasser wieder. Die Stadt <?= htmlspecialchars($municipality['name']) ?> übernimmt keine Gewähr für deren Richtigkeit.</p>
+    </div>
+</body>
+</html>
\ No newline at end of file
diff --git a/public/privacy.php b/public/privacy.php
new file mode 100644
index 0000000..0c9f6a3
--- /dev/null
+++ b/public/privacy.php
@@ -0,0 +1,64 @@
+<?php
+// =====================================================================
+// Privacy Policy Page
+// =====================================================================
+require_once __DIR__ . '/api/db.php';
+
+$pdo = get_db();
+$stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
+$stmt->execute([':slug' => 'lohne']);
+$municipality = $stmt->fetch();
+?>
+<!DOCTYPE html>
+<html lang="de">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Datenschutz — <?= htmlspecialchars($municipality['name']) ?></title>
+    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
+    <style>
+        :root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }
+        * { box-sizing: border-box; margin: 0; padding: 0; }
+        body { font-family: 'Segoe UI', system-ui, sans-serif; background: #f4f5f7; color: #1a1a2e; }
+        .page-header { background: var(--color-primary); color: white; padding: 16px 24px; }
+        .page-header h1 { font-size: 1.2rem; }
+        .page-header a { color: white; opacity: 0.8; text-decoration: none; font-size: 0.85rem; }
+        .page-header a:hover { opacity: 1; }
+        .page-header-inner { max-width: 800px; margin: 0 auto; display: flex; justify-content: space-between; align-items: center; }
+        .page-content { max-width: 800px; margin: 32px auto; padding: 32px; background: white; border-radius: 8px; border: 1px solid #e0e0e0; line-height: 1.7; }
+        .page-content h2 { font-size: 1.1rem; margin: 24px 0 8px 0; color: var(--color-primary); }
+        .page-content h2:first-child { margin-top: 0; }
+        .page-content p { margin-bottom: 12px; color: #5a5a7a; }
+        @media (max-width: 768px) { .page-content { margin: 16px; padding: 20px; } }
+    </style>
+</head>
+<body>
+    <div class="page-header">
+        <div class="page-header-inner">
+            <h1><i class="fa-solid fa-shield-halved"></i> Datenschutzerklärung</h1>
+            <a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
+        </div>
+    </div>
+    <div class="page-content">
+        <h2>Verantwortliche Stelle</h2>
+        <p>Stadt <?= htmlspecialchars($municipality['name']) ?></p>
+        <p>Die vollständigen Kontaktdaten werden hier ergänzt, sobald das Portal in den Produktivbetrieb geht.</p>
+
+        <h2>Erhobene Daten</h2>
+        <p>Das Bürgerbeteiligungsportal speichert die von Ihnen eingegebenen Beiträge (Titel, Beschreibung, Geometrie, Name) sowie Ihre Abstimmungen zur Durchführung der Bürgerbeteiligung.</p>
+
+        <h2>Zweck der Verarbeitung</h2>
+        <p>Die Daten werden ausschließlich zur Durchführung und Auswertung der Bürgerbeteiligung verwendet.</p>
+
+        <h2>Weitergabe an Dritte</h2>
+        <p>Ihre Daten werden nicht an Dritte weitergegeben.</p>
+
+        <h2>Ihre Rechte</h2>
+        <p>Sie haben das Recht auf Auskunft, Berichtigung und Löschung Ihrer Daten. Kontaktieren Sie hierzu die verantwortliche Stelle.</p>
+
+        <h2>Cookies und Sitzungsdaten</h2>
+        <p>Das Portal verwendet Sitzungscookies zur Speicherung Ihres Namens während der Nutzung. Diese werden beim Schließen des Browsers gelöscht.</p>
+    </div>
+</body>
+</html>
\ No newline at end of file
-- 
2.49.1


From c9040b2f4e5d1fba0385c0f76f4248869f426039 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 16:13:45 +0200
Subject: [PATCH 09/25] reads municipality logo from database

---
 public/index.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/public/index.php b/public/index.php
index 994143f..900a11d 100644
--- a/public/index.php
+++ b/public/index.php
@@ -91,8 +91,10 @@ if (!$municipality) {
     <!-- ============================================================= -->
     <header id="app-header">
         <div class="header-left">
-            <img src="assets/logo-municipality.png" alt="<?= htmlspecialchars($municipality['name']) ?>" class="header-logo" onerror="this.style.display='none'">
-            <h1 class="header-title">Bürgerbeteiligung <?= htmlspecialchars($municipality['name']) ?></h1>
+            <?php if (!empty($municipality['logo_path'])): ?>
+                <img src="<?= htmlspecialchars($municipality['logo_path']) ?>" alt="<?= htmlspecialchars($municipality['name']) ?>" class="header-logo" onerror="this.style.display='none'">
+            <?php endif; ?>
+            <h1 class="header-title">Mitmachkarte <?= htmlspecialchars($municipality['name']) ?></h1>
         </div>
 
         <nav class="header-nav">
-- 
2.49.1


From ffe81cdf88a1e64482396ba9d5d78942d96f8bfe Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 16:33:03 +0200
Subject: [PATCH 10/25] migration for news table in database, news now read
 from database

---
 migrations/003_news_table.sql | 44 +++++++++++++++++++++++++++++++++++
 public/index.php              | 22 +++++++++++++-----
 2 files changed, 60 insertions(+), 6 deletions(-)
 create mode 100644 migrations/003_news_table.sql

diff --git a/migrations/003_news_table.sql b/migrations/003_news_table.sql
new file mode 100644
index 0000000..dbbc3ad
--- /dev/null
+++ b/migrations/003_news_table.sql
@@ -0,0 +1,44 @@
+-- =====================================================================
+-- Migration 004: Creates News Table for Municipality Announcements
+-- =====================================================================
+
+
+-- ---------------------------------------------------------------------
+-- Block 1: Creates Table "news"
+-- ---------------------------------------------------------------------
+CREATE TABLE IF NOT EXISTS news (
+    news_id         SERIAL PRIMARY KEY,
+    municipality_id INTEGER NOT NULL REFERENCES municipalities(municipality_id) ON DELETE CASCADE,
+    title           VARCHAR(255) NOT NULL,
+    content         TEXT NOT NULL,
+    author_name     VARCHAR(100) NOT NULL DEFAULT 'Stadtverwaltung',
+    published_at    TIMESTAMP NOT NULL DEFAULT NOW(),
+    created_at      TIMESTAMP NOT NULL DEFAULT NOW(),
+    updated_at      TIMESTAMP NOT NULL DEFAULT NOW()
+);
+
+
+-- ---------------------------------------------------------------------
+-- Block 2: Trigger Functions
+-- ---------------------------------------------------------------------
+
+-- Automatically Refresh updated_at on every UPDATE.
+CREATE TRIGGER set_news_updated_at
+    BEFORE UPDATE ON news
+    FOR EACH ROW
+    EXECUTE FUNCTION set_updated_at();
+
+
+-- ---------------------------------------------------------------------
+-- Block 4: Indexes for fast Queries
+-- ---------------------------------------------------------------------
+CREATE INDEX idx_news_municipality ON news(municipality_id);
+
+
+-- ---------------------------------------------------------------------
+-- Block 8: Seed Data — Initial News Article
+-- ---------------------------------------------------------------------
+INSERT INTO news (municipality_id, title, content)
+SELECT municipality_id, 'Mitmachkarte gestartet', 
+       'Die Mitmachkarte als Bürgerbeteiligungsportal der Stadt Lohne (Oldenburg) wird nun freigeschaltet. Wir freuen uns auf Ihre Hinweise und Vorschläge!'
+FROM municipalities WHERE slug = 'lohne';
\ No newline at end of file
diff --git a/public/index.php b/public/index.php
index 900a11d..b2a3d2d 100644
--- a/public/index.php
+++ b/public/index.php
@@ -34,6 +34,11 @@ if (!$municipality) {
     exit;
 }
 
+// Loads News for Sidebar
+$stmt = $pdo->prepare("SELECT * FROM news WHERE municipality_id = :mid ORDER BY published_at DESC LIMIT 10");
+$stmt->execute([':mid' => $municipality['municipality_id']]);
+$news_items = $stmt->fetchAll();
+
 ?>
 <!DOCTYPE html>
 <html lang="de">
@@ -207,12 +212,17 @@ if (!$municipality) {
                         <span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span>
                     </h2>
                     <div class="sidebar-body">
-                        <div class="news-item">
-                            <span class="news-date">April 2026</span>
-                            <h3>Portal gestartet</h3>
-                            <p>Das Bürgerbeteiligungsportal für <?= htmlspecialchars($municipality['name']) ?> ist online. Wir freuen uns auf Ihre Hinweise und Vorschläge!</p>
-                        </div>
-                        <!-- News Items can be added or loaded from Database here -->
+                        <?php if (empty($news_items)): ?>
+                            <p style="text-align:center;color:#999;padding:20px;">Noch keine Neuigkeiten veröffentlicht.</p>
+                        <?php else: ?>
+                            <?php foreach ($news_items as $news): ?>
+                                <div class="news-item">
+                                    <span class="news-date"><?= date('d.m.Y', strtotime($news['published_at'])) ?></span>
+                                    <h3><?= htmlspecialchars($news['title']) ?></h3>
+                                    <p><?= nl2br(htmlspecialchars($news['content'])) ?></p>
+                                </div>
+                            <?php endforeach; ?>
+                        <?php endif; ?>
                     </div>
                 </div>
 
-- 
2.49.1


From 04f96b7ababb87b8e842f70cb0456d6ef53e4062 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 16:50:27 +0200
Subject: [PATCH 11/25] commented migration for news table

---
 migrations/003_news_table.sql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/migrations/003_news_table.sql b/migrations/003_news_table.sql
index dbbc3ad..cd68291 100644
--- a/migrations/003_news_table.sql
+++ b/migrations/003_news_table.sql
@@ -30,13 +30,13 @@ CREATE TRIGGER set_news_updated_at
 
 
 -- ---------------------------------------------------------------------
--- Block 4: Indexes for fast Queries
+-- Block 3 Indexes for fast Queries
 -- ---------------------------------------------------------------------
 CREATE INDEX idx_news_municipality ON news(municipality_id);
 
 
 -- ---------------------------------------------------------------------
--- Block 8: Seed Data — Initial News Article
+-- Block 4: Seed Data — Initial News Article
 -- ---------------------------------------------------------------------
 INSERT INTO news (municipality_id, title, content)
 SELECT municipality_id, 'Mitmachkarte gestartet', 
-- 
2.49.1


From 9ca215c36d1f658e4d66d975801998d92ba45804 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 16:55:49 +0200
Subject: [PATCH 12/25] added migration for reverse geocoding

---
 migrations/004_reverse_geocoding.sql | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 migrations/004_reverse_geocoding.sql

diff --git a/migrations/004_reverse_geocoding.sql b/migrations/004_reverse_geocoding.sql
new file mode 100644
index 0000000..662caa8
--- /dev/null
+++ b/migrations/004_reverse_geocoding.sql
@@ -0,0 +1,8 @@
+-- =====================================================================
+-- Migration 004: Adds Address Column for Reverse Geocoding
+-- =====================================================================
+
+ALTER TABLE contributions
+    ADD COLUMN address VARCHAR(255) DEFAULT NULL;
+
+COMMENT ON COLUMN contributions.address IS 'Reverse geocoded Address, stored automatically on Creation.';
\ No newline at end of file
-- 
2.49.1


From 5cadc5c1b4386a7e10dd44e41d481555f934263f Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:00:55 +0200
Subject: [PATCH 13/25] reverse geocoding for contributions

---
 public/api/contributions.php |  2 +-
 public/js/app.js             | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/public/api/contributions.php b/public/api/contributions.php
index 4a833aa..f969d40 100644
--- a/public/api/contributions.php
+++ b/public/api/contributions.php
@@ -205,7 +205,7 @@ function handle_update($input) {
     }
 
     // Builds dynamic SQL Query to only update sent Fields
-    $updatable_fields = ['category', 'title', 'description', 'status'];
+    $updatable_fields = ['category', 'title', 'description', 'status', 'address'];
     $set_clauses = [];
     $params = [':id' => $contribution_id];
 
diff --git a/public/js/app.js b/public/js/app.js
index 357119d..eb2278d 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -448,6 +448,14 @@ function submitCreate() {
             return;
         }
 
+    // Triggers Reverse Geocoding in Background
+        if (response.contribution_id && drawnGeometry) {
+            const coords = drawnGeomType === 'point' ? drawnGeometry.coordinates :
+                           drawnGeomType === 'line' ? drawnGeometry.coordinates[0] :
+                           drawnGeometry.coordinates[0][0];
+            reverseGeocode(response.contribution_id, coords[1], coords[0]);
+        }
+
         Swal.fire('Eingereicht!', 'Ihr Beitrag wurde erfolgreich eingereicht und wird nach Prüfung durch das Moderationsteam veröffentlicht.', 'success');
         closeCreateModal();
         loadContributions();
@@ -917,6 +925,31 @@ function categoryIcon(cat) {
     return '<i class="fa-solid ' + cat.faIcon + '" style="color:' + cat.color + ';"></i>';
 }
 
+// Reverse Geocodes Coordinates and saves Address to Contribution via API
+function reverseGeocode(contributionId, lat, lng) {
+    fetch('https://nominatim.openstreetmap.org/reverse?format=json&lat=' + lat + '&lon=' + lng + '&zoom=18&addressdetails=1', {
+        headers: { 'Accept-Language': 'de' }
+    })
+    .then(function (r) { return r.json(); })
+    .then(function (data) {
+        if (data.display_name) {
+            const addr = data.address || {};
+            const parts = [];
+            if (addr.road) parts.push(addr.road + (addr.house_number ? ' ' + addr.house_number : ''));
+            if (addr.city || addr.town || addr.village) parts.push(addr.city || addr.town || addr.village);
+            const shortAddress = parts.length > 0 ? parts.join(', ') : data.display_name.split(',').slice(0, 2).join(',');
+
+            // Saves Address to Database via API
+            apiCall({
+                action: 'update',
+                contribution_id: contributionId,
+                address: shortAddress
+            }, function () {});
+        }
+    })
+    .catch(function () {});
+}
+
 
 // =====================================================================
 // Block 16: Application Startup
-- 
2.49.1


From 62ae9f18b0352698fffed6c8cfceac36ed2d958b Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:08:32 +0200
Subject: [PATCH 14/25] added date and author to news in sidebar

---
 public/index.php  | 5 ++++-
 public/styles.css | 5 ++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/public/index.php b/public/index.php
index b2a3d2d..8b99032 100644
--- a/public/index.php
+++ b/public/index.php
@@ -217,9 +217,12 @@ $news_items = $stmt->fetchAll();
                         <?php else: ?>
                             <?php foreach ($news_items as $news): ?>
                                 <div class="news-item">
-                                    <span class="news-date"><?= date('d.m.Y', strtotime($news['published_at'])) ?></span>
                                     <h3><?= htmlspecialchars($news['title']) ?></h3>
                                     <p><?= nl2br(htmlspecialchars($news['content'])) ?></p>
+                                    <span class="news-date">
+                                        <?= htmlspecialchars($news['author_name']) ?>
+                                        · <?= date('d.m.Y', strtotime($news['published_at'])) ?>
+                                    </span>
                                 </div>
                             <?php endforeach; ?>
                         <?php endif; ?>
diff --git a/public/styles.css b/public/styles.css
index 8ea0159..9da66e5 100644
--- a/public/styles.css
+++ b/public/styles.css
@@ -368,6 +368,7 @@ html, body {
    News Items (Sidebar Tab)
    ----------------------------------------------------------------- */
 .news-item {
+    font-size: 0.8rem;
     padding: var(--space-md);
     margin-bottom: var(--space-sm);
     background: var(--color-surface);
@@ -376,10 +377,8 @@ html, body {
 }
 
 .news-date {
-    font-size: 0.75rem;
+    font-size: 0.8rem;
     color: var(--color-text-secondary);
-    text-transform: uppercase;
-    letter-spacing: 0.5px;
 }
 
 .news-item h3 {
-- 
2.49.1


From 25cf797294a13808bbad6b49ab0166b4f1d968a3 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:18:56 +0200
Subject: [PATCH 15/25] added news CRUD functionality in moderation portal

---
 public/admin.php             | 197 ++++++++++++++++++++++++++++++++++-
 public/api/contributions.php |  92 ++++++++++++++++
 2 files changed, 285 insertions(+), 4 deletions(-)

diff --git a/public/admin.php b/public/admin.php
index d83a97e..4347d82 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -57,6 +57,16 @@ $stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
 $stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
 $municipality = $stmt->fetch();
 
+// Loads News for Moderation
+$stmt = $pdo->prepare("
+    SELECT news_id, title, content, author_name, published_at, created_at
+    FROM news
+    WHERE municipality_id = :mid
+    ORDER BY published_at DESC
+");
+$stmt->execute([':mid' => $municipality['municipality_id']]);
+$news_items = $stmt->fetchAll();
+
 // Shows Login Page if not authenticated
 if ($page === 'login' || !is_admin()) {
     show_login_page($municipality, $login_error ?? null);
@@ -312,15 +322,56 @@ $counts['total'] = count($all_contributions);
 
 
         <!-- ========================================================= -->
-        <!-- Placeholder Tabs for future Features                        -->
+        <!-- News Article Tab                                      -->
         <!-- ========================================================= -->
         <div id="tab-news" class="page-tab-content" style="display:none;">
-            <div class="placeholder-content">
-                <i class="fa-solid fa-newspaper"></i>
-                <p>Neuigkeiten verwalten - geplant in zukünftiger Version.</p>
+            <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:20px;">
+                <h2 style="margin:0;border:none;padding:0;"><i class="fa-solid fa-newspaper"></i> Neuigkeiten</h2>
+                <button class="btn btn-approve" onclick="createNews()">
+                    <i class="fa-solid fa-plus"></i> Nachricht hinzufügen
+                </button>
             </div>
+
+            <?php if (empty($news_items)): ?>
+                <div class="empty-state">
+                    <i class="fa-solid fa-newspaper" style="font-size:2rem;margin-bottom:8px;display:block;"></i>
+                    Noch keine Neuigkeiten veröffentlicht.
+                </div>
+            <?php else: ?>
+                <?php foreach ($news_items as $news): ?>
+                    <div class="contribution-row" data-id="<?= $news['news_id'] ?>">
+                        <div class="contribution-row-header" onclick="toggleRow(this.parentElement)">
+                            <div class="contribution-row-summary">
+                                <span class="title"><?= htmlspecialchars($news['title']) ?></span>
+                                <span style="font-size:0.8rem;color:#999;">
+                                    <?= date('d.m.Y', strtotime($news['published_at'])) ?>
+                                    · <?= htmlspecialchars($news['author_name']) ?>
+                                </span>
+                            </div>
+                            <i class="fa-solid fa-chevron-down collapse-icon"></i>
+                        </div>
+                        <div class="contribution-row-detail">
+                            <div style="padding:12px 0;font-size:0.9rem;line-height:1.6;color:#5a5a7a;">
+                                <?= nl2br(htmlspecialchars($news['content'])) ?>
+                            </div>
+                            <div class="action-buttons">
+                                <button class="btn btn-edit" onclick="editNews(<?= $news['news_id'] ?>, '<?= htmlspecialchars(addslashes($news['title']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['content']), ENT_QUOTES) ?>')">
+                                    <i class="fa-solid fa-pen"></i> Bearbeiten
+                                </button>
+                                <button class="btn btn-delete" onclick="deleteNews(<?= $news['news_id'] ?>)">
+                                    <i class="fa-solid fa-trash"></i> Löschen
+                                </button>
+                            </div>
+                        </div>
+                    </div>
+                <?php endforeach; ?>
+            <?php endif; ?>
         </div>
 
+
+        <!-- ========================================================= -->
+        <!-- Placeholder Tabs for future Features                      -->
+        <!-- ========================================================= -->
         <div id="tab-stats" class="page-tab-content" style="display:none;">
             <div class="placeholder-content">
                 <i class="fa-solid fa-chart-bar"></i>
@@ -645,6 +696,144 @@ $counts['total'] = count($all_contributions);
                 });
             });
         }
+        
+
+        // =============================================================
+        // Create News Article
+        // =============================================================
+
+        function createNews() {
+            Swal.fire({
+                title: 'Neue Nachricht',
+                html:
+                    '<div style="text-align:left;">' +
+                        '<div style="margin-bottom:12px;">' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
+                            '<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" placeholder="Titel der Nachricht">' +
+                        '</div>' +
+                        '<div>' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
+                            '<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;" placeholder="Nachricht verfassen..."></textarea>' +
+                        '</div>' +
+                    '</div>',
+                showCancelButton: true,
+                confirmButtonText: 'Veröffentlichen',
+                cancelButtonText: 'Abbrechen',
+                confirmButtonColor: PRIMARY_COLOR,
+                preConfirm: function () {
+                    const title = document.getElementById('swal-news-title').value.trim();
+                    const content = document.getElementById('swal-news-content').value.trim();
+                    if (!title || !content) {
+                        Swal.showValidationMessage('Titel und Inhalt sind Pflichtfelder.');
+                        return false;
+                    }
+                    return { title: title, content: content };
+                }
+            }).then(function (result) {
+                if (!result.isConfirmed) return;
+
+                const formData = new FormData();
+                formData.append('action', 'create_news');
+                formData.append('municipality_id', MUNICIPALITY_ID);
+                formData.append('title', result.value.title);
+                formData.append('content', result.value.content);
+
+                fetch(API_URL, { method: 'POST', body: formData })
+                    .then(function (r) { return r.json(); })
+                    .then(function (response) {
+                        if (response.error) {
+                            Swal.fire('Fehler', response.error, 'error');
+                            return;
+                        }
+                        Swal.fire('Veröffentlicht!', 'Nachricht wurde erstellt.', 'success')
+                            .then(function () { location.reload(); });
+                    });
+            });
+        }
+
+
+        // =============================================================
+        // Edit News Article
+        // =============================================================
+        function editNews(newsId, currentTitle, currentContent) {
+            Swal.fire({
+                title: 'Nachricht bearbeiten',
+                html:
+                    '<div style="text-align:left;">' +
+                        '<div style="margin-bottom:12px;">' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
+                            '<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" value="' + currentTitle + '">' +
+                        '</div>' +
+                        '<div>' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
+                            '<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;">' + currentContent + '</textarea>' +
+                        '</div>' +
+                    '</div>',
+                showCancelButton: true,
+                confirmButtonText: 'Speichern',
+                cancelButtonText: 'Abbrechen',
+                confirmButtonColor: PRIMARY_COLOR,
+                preConfirm: function () {
+                    return {
+                        title: document.getElementById('swal-news-title').value.trim(),
+                        content: document.getElementById('swal-news-content').value.trim()
+                    };
+                }
+            }).then(function (result) {
+                if (!result.isConfirmed) return;
+
+                const formData = new FormData();
+                formData.append('action', 'update_news');
+                formData.append('news_id', newsId);
+                formData.append('title', result.value.title);
+                formData.append('content', result.value.content);
+
+                fetch(API_URL, { method: 'POST', body: formData })
+                    .then(function (r) { return r.json(); })
+                    .then(function (response) {
+                        if (response.error) {
+                            Swal.fire('Fehler', response.error, 'error');
+                            return;
+                        }
+                        Swal.fire('Gespeichert!', 'Nachricht wurde aktualisiert.', 'success')
+                            .then(function () { location.reload(); });
+                    });
+            });
+        }
+
+
+        // =============================================================
+        // Create News Article
+        // =============================================================
+        function deleteNews(newsId) {
+            Swal.fire({
+                title: 'Nachricht löschen?',
+                text: 'Diese Aktion kann nicht rückgängig gemacht werden.',
+                icon: 'warning',
+                showCancelButton: true,
+                confirmButtonText: 'Löschen',
+                cancelButtonText: 'Abbrechen',
+                confirmButtonColor: '#c62828'
+            }).then(function (result) {
+                if (!result.isConfirmed) return;
+
+                const formData = new FormData();
+                formData.append('action', 'delete_news');
+                formData.append('news_id', newsId);
+
+                fetch(API_URL, { method: 'POST', body: formData })
+                    .then(function (r) { return r.json(); })
+                    .then(function (response) {
+                        if (response.error) {
+                            Swal.fire('Fehler', response.error, 'error');
+                            return;
+                        }
+                        Swal.fire('Gelöscht!', 'Nachricht wurde entfernt.', 'success')
+                            .then(function () { location.reload(); });
+                    });
+            });
+        }
+
     </script>
 
 </body>
diff --git a/public/api/contributions.php b/public/api/contributions.php
index f969d40..73ce5ab 100644
--- a/public/api/contributions.php
+++ b/public/api/contributions.php
@@ -38,6 +38,15 @@ switch ($action) {
     case 'vote':
         handle_vote($input);
         break;
+    case 'create_news':
+        handle_create_news($input);
+        break;
+    case 'update_news':
+        handle_update_news($input);
+        break;
+    case 'delete_news':
+        handle_delete_news($input);
+        break;
     default:
         error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.');
 }
@@ -357,4 +366,87 @@ function handle_vote($input) {
     } catch (PDOException $e) {
         error_response('Database Error: ' . $e->getMessage(), 500);
     }
+}
+
+
+// ---------------------------------------------------------------------
+// CREATE NEWS: Inserts new News Entry
+// Required: municipality_id, title, content
+// ---------------------------------------------------------------------
+function handle_create_news($input) {
+    $pdo = get_db();
+    $missing = validate_required($input, ['municipality_id', 'title', 'content']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    try {
+        $stmt = $pdo->prepare("
+            INSERT INTO news (municipality_id, title, content)
+            VALUES (:mid, :title, :content)
+        ");
+        $stmt->execute([
+            ':mid'     => $input['municipality_id'],
+            ':title'   => $input['title'],
+            ':content' => $input['content']
+        ]);
+        json_response(['message' => 'News created successfully.', 'news_id' => (int) $pdo->lastInsertId()], 201);
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
+}
+
+// ---------------------------------------------------------------------
+// UPDATE NEWS: Updates existing News Entry
+// Required: news_id
+// Optional: title, content
+// ---------------------------------------------------------------------
+function handle_update_news($input) {
+    $pdo = get_db();
+    $missing = validate_required($input, ['news_id']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    $set = [];
+    $params = [':id' => $input['news_id']];
+
+    foreach (['title', 'content'] as $field) {
+        if (isset($input[$field]) && $input[$field] !== '') {
+            $set[] = "$field = :$field";
+            $params[":$field"] = $input[$field];
+        }
+    }
+
+    if (empty($set)) {
+        error_response('No Fields to update.');
+    }
+
+    try {
+        $stmt = $pdo->prepare("UPDATE news SET " . implode(', ', $set) . " WHERE news_id = :id");
+        $stmt->execute($params);
+        json_response(['message' => 'News updated successfully.']);
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
+}
+
+// ---------------------------------------------------------------------
+// DELETE NEWS: Deletes existing News Entry
+// Required: news_id
+// ---------------------------------------------------------------------
+function handle_delete_news($input) {
+    $pdo = get_db();
+    $missing = validate_required($input, ['news_id']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    try {
+        $stmt = $pdo->prepare("DELETE FROM news WHERE news_id = :id");
+        $stmt->execute([':id' => $input['news_id']]);
+        json_response(['message' => 'News deleted successfully.']);
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
 }
\ No newline at end of file
-- 
2.49.1


From 04e692a6dd2cc412219cc3a4bbbe0cc60eb189c7 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:28:12 +0200
Subject: [PATCH 16/25] minor changed to text fields

---
 public/admin.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/public/admin.php b/public/admin.php
index 4347d82..47024e3 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -704,16 +704,16 @@ $counts['total'] = count($all_contributions);
 
         function createNews() {
             Swal.fire({
-                title: 'Neue Nachricht',
+                title: 'Neuigkeit hinzufügen',
                 html:
                     '<div style="text-align:left;">' +
                         '<div style="margin-bottom:12px;">' +
                             '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
-                            '<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" placeholder="Titel der Nachricht">' +
+                            '<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" placeholder="Titel der Neuigkeit">' +
                         '</div>' +
                         '<div>' +
                             '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
-                            '<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;" placeholder="Nachricht verfassen..."></textarea>' +
+                            '<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;" placeholder="Neuigkeit verfassen..."></textarea>' +
                         '</div>' +
                     '</div>',
                 showCancelButton: true,
@@ -745,7 +745,7 @@ $counts['total'] = count($all_contributions);
                             Swal.fire('Fehler', response.error, 'error');
                             return;
                         }
-                        Swal.fire('Veröffentlicht!', 'Nachricht wurde erstellt.', 'success')
+                        Swal.fire('Veröffentlicht!', 'Neuigkeit wurde veröffentlicht.', 'success')
                             .then(function () { location.reload(); });
                     });
             });
@@ -757,7 +757,7 @@ $counts['total'] = count($all_contributions);
         // =============================================================
         function editNews(newsId, currentTitle, currentContent) {
             Swal.fire({
-                title: 'Nachricht bearbeiten',
+                title: 'Neuigkeit bearbeiten',
                 html:
                     '<div style="text-align:left;">' +
                         '<div style="margin-bottom:12px;">' +
@@ -795,7 +795,7 @@ $counts['total'] = count($all_contributions);
                             Swal.fire('Fehler', response.error, 'error');
                             return;
                         }
-                        Swal.fire('Gespeichert!', 'Nachricht wurde aktualisiert.', 'success')
+                        Swal.fire('Gespeichert!', 'Neuigkeit wurde aktualisiert.', 'success')
                             .then(function () { location.reload(); });
                     });
             });
@@ -807,7 +807,7 @@ $counts['total'] = count($all_contributions);
         // =============================================================
         function deleteNews(newsId) {
             Swal.fire({
-                title: 'Nachricht löschen?',
+                title: 'Neuigkeit löschen?',
                 text: 'Diese Aktion kann nicht rückgängig gemacht werden.',
                 icon: 'warning',
                 showCancelButton: true,
@@ -828,7 +828,7 @@ $counts['total'] = count($all_contributions);
                             Swal.fire('Fehler', response.error, 'error');
                             return;
                         }
-                        Swal.fire('Gelöscht!', 'Nachricht wurde entfernt.', 'success')
+                        Swal.fire('Gelöscht!', 'Neuigkeit wurde gelöscht.', 'success')
                             .then(function () { location.reload(); });
                     });
             });
-- 
2.49.1


From 125c255115330d28969b94495c4f48f3d4f630f3 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:29:36 +0200
Subject: [PATCH 17/25] changed favicon to relative paths from database

---
 public/admin.php | 6 ++----
 public/index.php | 2 +-
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/public/admin.php b/public/admin.php
index 47024e3..98cc4c2 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -112,8 +112,7 @@ $counts['total'] = count($all_contributions);
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Moderation — <?= htmlspecialchars($municipality['name']) ?></title>
-    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
-
+    <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
 
     <!-- Loads CSS Dependencies -->
 
@@ -852,8 +851,7 @@ function show_login_page($municipality, $error = null) {
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Moderation - Anmeldung</title>
-    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
+    <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
     <link rel="stylesheet" href="admin.css">
     <style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
 </head>
diff --git a/public/index.php b/public/index.php
index 8b99032..c95a371 100644
--- a/public/index.php
+++ b/public/index.php
@@ -46,7 +46,7 @@ $news_items = $stmt->fetchAll();
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Bürgerbeteiligungsportal <?= htmlspecialchars($municipality['name']) ?></title>
-    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
+    <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
     <meta name="description" content="Bürgerbeteiligungsportal. Hinweise und Vorschläge auf der Karte eintragen.">
 
 
-- 
2.49.1


From fa984e7391ffe7b53fda2f25450b01796788febd Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:41:59 +0200
Subject: [PATCH 18/25] author can be edited and added in news moderation page

---
 public/admin.php             | 24 ++++++++++++++++++------
 public/api/contributions.php |  9 +++++----
 2 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/public/admin.php b/public/admin.php
index 98cc4c2..84aba59 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -354,7 +354,7 @@ $counts['total'] = count($all_contributions);
                                 <?= nl2br(htmlspecialchars($news['content'])) ?>
                             </div>
                             <div class="action-buttons">
-                                <button class="btn btn-edit" onclick="editNews(<?= $news['news_id'] ?>, '<?= htmlspecialchars(addslashes($news['title']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['content']), ENT_QUOTES) ?>')">
+                                <button class="btn btn-edit" onclick="editNews(<?= $news['news_id'] ?>, '<?= htmlspecialchars(addslashes($news['title']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['content']), ENT_QUOTES) ?>', '<?= htmlspecialchars(addslashes($news['author_name']), ENT_QUOTES) ?>')">
                                     <i class="fa-solid fa-pen"></i> Bearbeiten
                                 </button>
                                 <button class="btn btn-delete" onclick="deleteNews(<?= $news['news_id'] ?>)">
@@ -710,10 +710,14 @@ $counts['total'] = count($all_contributions);
                             '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
                             '<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" placeholder="Titel der Neuigkeit">' +
                         '</div>' +
-                        '<div>' +
+                        '<div style="margin-bottom:12px;">' +
                             '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
                             '<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;" placeholder="Neuigkeit verfassen..."></textarea>' +
                         '</div>' +
+                        '<div>' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Autor</label>' +
+                            '<input id="swal-news-author" class="swal2-input" style="margin:0;width:100%;" value="Stadtverwaltung">' +
+                        '</div>' +
                     '</div>',
                 showCancelButton: true,
                 confirmButtonText: 'Veröffentlichen',
@@ -722,11 +726,12 @@ $counts['total'] = count($all_contributions);
                 preConfirm: function () {
                     const title = document.getElementById('swal-news-title').value.trim();
                     const content = document.getElementById('swal-news-content').value.trim();
+                    const author = document.getElementById('swal-news-author').value.trim() || 'Stadtverwaltung';
                     if (!title || !content) {
                         Swal.showValidationMessage('Titel und Inhalt sind Pflichtfelder.');
                         return false;
                     }
-                    return { title: title, content: content };
+                    return { title: title, content: content, author_name: author };
                 }
             }).then(function (result) {
                 if (!result.isConfirmed) return;
@@ -736,6 +741,7 @@ $counts['total'] = count($all_contributions);
                 formData.append('municipality_id', MUNICIPALITY_ID);
                 formData.append('title', result.value.title);
                 formData.append('content', result.value.content);
+                formData.append('author_name', result.value.author_name);
 
                 fetch(API_URL, { method: 'POST', body: formData })
                     .then(function (r) { return r.json(); })
@@ -754,7 +760,7 @@ $counts['total'] = count($all_contributions);
         // =============================================================
         // Edit News Article
         // =============================================================
-        function editNews(newsId, currentTitle, currentContent) {
+        function editNews(newsId, currentTitle, currentContent, currentAuthor) {
             Swal.fire({
                 title: 'Neuigkeit bearbeiten',
                 html:
@@ -763,10 +769,14 @@ $counts['total'] = count($all_contributions);
                             '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Titel</label>' +
                             '<input id="swal-news-title" class="swal2-input" style="margin:0;width:100%;" value="' + currentTitle + '">' +
                         '</div>' +
-                        '<div>' +
+                        '<div style="margin-bottom:12px;">' +
                             '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Inhalt</label>' +
                             '<textarea id="swal-news-content" class="swal2-textarea" style="margin:0;width:100%;">' + currentContent + '</textarea>' +
                         '</div>' +
+                        '<div>' +
+                            '<label style="display:block;font-weight:600;font-size:1.15rem;margin-bottom:4px;">Autor</label>' +
+                            '<input id="swal-news-author" class="swal2-input" style="margin:0;width:100%;" value="' + currentAuthor + '">' +
+                        '</div>' +
                     '</div>',
                 showCancelButton: true,
                 confirmButtonText: 'Speichern',
@@ -775,7 +785,8 @@ $counts['total'] = count($all_contributions);
                 preConfirm: function () {
                     return {
                         title: document.getElementById('swal-news-title').value.trim(),
-                        content: document.getElementById('swal-news-content').value.trim()
+                        content: document.getElementById('swal-news-content').value.trim(),
+                        author_name: document.getElementById('swal-news-author').value.trim() || 'Stadtverwaltung'
                     };
                 }
             }).then(function (result) {
@@ -786,6 +797,7 @@ $counts['total'] = count($all_contributions);
                 formData.append('news_id', newsId);
                 formData.append('title', result.value.title);
                 formData.append('content', result.value.content);
+                formData.append('author_name', result.value.author_name);
 
                 fetch(API_URL, { method: 'POST', body: formData })
                     .then(function (r) { return r.json(); })
diff --git a/public/api/contributions.php b/public/api/contributions.php
index 73ce5ab..66bc512 100644
--- a/public/api/contributions.php
+++ b/public/api/contributions.php
@@ -382,13 +382,14 @@ function handle_create_news($input) {
 
     try {
         $stmt = $pdo->prepare("
-            INSERT INTO news (municipality_id, title, content)
-            VALUES (:mid, :title, :content)
+            INSERT INTO news (municipality_id, title, content, author_name)
+            VALUES (:mid, :title, :content, :author)
         ");
         $stmt->execute([
             ':mid'     => $input['municipality_id'],
             ':title'   => $input['title'],
-            ':content' => $input['content']
+            ':content' => $input['content'],
+            ':author'  => $input['author_name'] ?? 'Stadtverwaltung'
         ]);
         json_response(['message' => 'News created successfully.', 'news_id' => (int) $pdo->lastInsertId()], 201);
     } catch (PDOException $e) {
@@ -411,7 +412,7 @@ function handle_update_news($input) {
     $set = [];
     $params = [':id' => $input['news_id']];
 
-    foreach (['title', 'content'] as $field) {
+    foreach (['title', 'content', 'author_name'] as $field) {
         if (isset($input[$field]) && $input[$field] !== '') {
             $set[] = "$field = :$field";
             $params[":$field"] = $input[$field];
-- 
2.49.1


From 6200b061f23b3656da0cb3a406b9ab5f19d5bc2c Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Fri, 24 Apr 2026 17:47:00 +0200
Subject: [PATCH 19/25] added migration for anonymous user identification by
 browser ID

---
 migrations/005_browser_id.sql | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 migrations/005_browser_id.sql

diff --git a/migrations/005_browser_id.sql b/migrations/005_browser_id.sql
new file mode 100644
index 0000000..7338902
--- /dev/null
+++ b/migrations/005_browser_id.sql
@@ -0,0 +1,27 @@
+-- =====================================================================
+-- Migration 005: Adds Browser ID for anonymous User Identification
+-- =====================================================================
+
+-- Adds browser_id Column to Contributions
+ALTER TABLE contributions
+    ADD COLUMN browser_id VARCHAR(36) DEFAULT NULL;
+
+-- Adds browser_id Column to Votes
+-- Replaces voter_name for Identification
+ALTER TABLE votes
+    ADD COLUMN browser_id VARCHAR(36) DEFAULT NULL;
+
+-- Index for fast Vote Lookup by Browser
+CREATE INDEX idx_votes_browser ON votes(browser_id);
+
+
+-- New UNIQUE Constraint: One Vote per Browser per Contribution
+
+-- Drops old Constraint voter_name based
+ALTER TABLE votes
+    DROP CONSTRAINT IF EXISTS votes_contribution_id_voter_name_key;
+
+-- Creates new Constraint browser_id based
+ALTER TABLE votes
+    ADD CONSTRAINT votes_contribution_browser_unique
+    UNIQUE (contribution_id, browser_id);
\ No newline at end of file
-- 
2.49.1


From 601c13012c3d0ed4cbf6bc37ab577c1f9346be8f Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Sat, 25 Apr 2026 12:11:31 +0200
Subject: [PATCH 20/25] updated env.example

---
 .env.example | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/.env.example b/.env.example
index 755543a..6fd670d 100644
--- a/.env.example
+++ b/.env.example
@@ -3,8 +3,6 @@ POSTGRES_HOSTNAME=postgres_host
 POSTGRES_PORT=postgres_port
 POSTGRES_DB=postgres_database
 POSTGRES_USER=postgres_user
-POSTGRES_PASSWORD=xxxx
-
-ADMIN_PASSWORD=xxxxx
-
+POSTGRES_PASSWORD=
+ADMIN_PASSWORD=
 MUNICIPALITY_SLUG=lohne
\ No newline at end of file
-- 
2.49.1


From 360eb3744ad302f304d40d26cbe39fb583e4dff0 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Sat, 25 Apr 2026 12:48:24 +0200
Subject: [PATCH 21/25] implemented anonymous user authentification with
 browser identification number from cookies

---
 migrations/005_browser_id.sql |  2 +-
 public/api/contributions.php  | 57 +++++++++++++++++++++++++----------
 public/index.php              | 17 ++++-------
 public/js/app.js              | 43 +++++++++++++++++++++++---
 4 files changed, 86 insertions(+), 33 deletions(-)

diff --git a/migrations/005_browser_id.sql b/migrations/005_browser_id.sql
index 7338902..d4fdad1 100644
--- a/migrations/005_browser_id.sql
+++ b/migrations/005_browser_id.sql
@@ -19,7 +19,7 @@ CREATE INDEX idx_votes_browser ON votes(browser_id);
 
 -- Drops old Constraint voter_name based
 ALTER TABLE votes
-    DROP CONSTRAINT IF EXISTS votes_contribution_id_voter_name_key;
+    DROP CONSTRAINT IF EXISTS votes_unique_per_voter;
 
 -- Creates new Constraint browser_id based
 ALTER TABLE votes
diff --git a/public/api/contributions.php b/public/api/contributions.php
index 66bc512..80aadb3 100644
--- a/public/api/contributions.php
+++ b/public/api/contributions.php
@@ -126,6 +126,23 @@ function handle_read($input) {
         'features' => $features
     ];
 
+    // Includes User's Votes for persistent Vote Display
+    // Returns which Contributions the current Browser has voted on
+    $browser_id = $input['browser_id'] ?? '';
+    if ($browser_id !== '') {
+        $stmt = $pdo->prepare("
+            SELECT contribution_id, vote_type 
+            FROM votes 
+            WHERE browser_id = :bid
+        ");
+        $stmt->execute([':bid' => $browser_id]);
+        $user_votes = [];
+        foreach ($stmt->fetchAll() as $v) {
+            $user_votes[$v['contribution_id']] = $v['vote_type'];
+        }
+        $featureCollection['user_votes'] = $user_votes;
+    }
+
     json_response($featureCollection);
 }
 
@@ -162,10 +179,10 @@ function handle_create($input) {
     try {
         $stmt = $pdo->prepare("
             INSERT INTO contributions 
-                (municipality_id, geom, geom_type, category, title, description, author_name)
+                (municipality_id, geom, geom_type, category, title, description, author_name, browser_id)
             VALUES 
                 (:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type, 
-                 :category, :title, :description, :author_name)
+                 :category, :title, :description, :author_name, :browser_id)
         ");
 
         $stmt->execute([
@@ -175,7 +192,8 @@ function handle_create($input) {
             ':category'    => $input['category'],
             ':title'       => $input['title'],
             ':description' => $input['description'] ?? '',
-            ':author_name' => $input['author_name']
+            ':author_name' => $input['author_name'],
+            ':browser_id'  => $input['browser_id'] ?? null
         ]);
 
         json_response([
@@ -320,11 +338,16 @@ function handle_vote($input) {
     // Prepared SQL Statement
     try {
         // Checks if Voter already voted on this Contribution
+        $browser_id = $input['browser_id'] ?? '';
+        if (empty($browser_id)) {
+            error_response('Browser ID required for Voting.');
+        }
+
         $stmt = $pdo->prepare("
             SELECT vote_id, vote_type FROM votes
-            WHERE contribution_id = :cid AND voter_name = :voter
+            WHERE contribution_id = :cid AND browser_id = :bid
         ");
-        $stmt->execute([':cid' => $input['contribution_id'], ':voter' => $input['voter_name']]);
+        $stmt->execute([':cid' => $input['contribution_id'], ':bid' => $browser_id]);
         $existing = $stmt->fetch();
 
         if ($existing) {
@@ -339,27 +362,29 @@ function handle_vote($input) {
                 $stmt->execute([':vid' => $existing['vote_id']]);
 
                 $stmt = $pdo->prepare("
-                    INSERT INTO votes (contribution_id, voter_name, vote_type)
-                    VALUES (:cid, :voter, :vtype)
+                    INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
+                    VALUES (:cid, :voter, :vtype, :bid)
                 ");
                 $stmt->execute([
                     ':cid'   => $input['contribution_id'],
                     ':voter' => $input['voter_name'],
-                    ':vtype' => $input['vote_type']
+                    ':vtype' => $input['vote_type'],
+                    ':bid'   => $browser_id
                 ]);
                 json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200);
             }
         } else {
             // No existing Vote — Inserts Vote
             $stmt = $pdo->prepare("
-                INSERT INTO votes (contribution_id, voter_name, vote_type)
-                VALUES (:cid, :voter, :vtype)
-            ");
-            $stmt->execute([
-                ':cid'   => $input['contribution_id'],
-                ':voter' => $input['voter_name'],
-                ':vtype' => $input['vote_type']
-            ]);
+                    INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
+                    VALUES (:cid, :voter, :vtype, :bid)
+                ");
+                $stmt->execute([
+                    ':cid'   => $input['contribution_id'],
+                    ':voter' => $input['voter_name'],
+                    ':vtype' => $input['vote_type'],
+                    ':bid'   => $browser_id
+                ]);
             json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201);
         }
 
diff --git a/public/index.php b/public/index.php
index c95a371..a380de0 100644
--- a/public/index.php
+++ b/public/index.php
@@ -5,18 +5,8 @@
 // Renders Leaflet Map Interface including Leaflet Plugins
 // =====================================================================
 
-// Reads Environment Configfile
-$envFile = __DIR__ . '/../../.env';
-if (file_exists($envFile)) {
-    $lines = file($envFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
-    foreach ($lines as $line) {
-        if (strpos(trim($line), '#') === 0) continue;
-        list($key, $value) = array_map('trim', explode('=', $line, 2));
-        putenv("$key=$value");
-    }
-}
-
 require_once __DIR__ . '/api/db.php';
+require_once __DIR__ . '/api/auth.php';
 
 // -----------------------------------------------------------------
 // Loads Municipality Configuration
@@ -122,6 +112,8 @@ $news_items = $stmt->fetchAll();
 
         <!-- Mobile Hamburger Menu -->
         <button class="header-menu-toggle" onclick="toggleMobileNav()">
+            <i class="fa-solid fa-bars"></i>
+        </button>
     </header>
 
 
@@ -370,6 +362,9 @@ $news_items = $stmt->fetchAll();
 
         // Category Definitions from Database
         const CATEGORIES = <?= json_encode(get_categories(), JSON_UNESCAPED_UNICODE) ?>;
+
+        // Admin Status from PHP Session
+        const IS_ADMIN = <?= (function_exists('is_admin') && is_admin()) ? 'true' : 'false' ?>;
     </script>
 
     <!-- Application Logic -->
diff --git a/public/js/app.js b/public/js/app.js
index eb2278d..be8a33e 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -16,9 +16,26 @@
 // API Endpoint as relative Path
 const API_URL = 'api/contributions.php';
 
-// Current User Name, set via Login Modal, stored in sessionStorage
+// Username set via Login Modal stored in sessionStorage
 let currentUser = sessionStorage.getItem('webgis_user') || '';
 
+// Browser Identification Number for anonymous User Identification stored as Cookie
+let browserId = getBrowserId();
+
+function getBrowserId() {
+    let id = document.cookie.replace(/(?:(?:^|.*;\s*)webgis_browser_id\s*=\s*([^;]*).*$)|^.*$/, '$1');
+    if (!id) {
+        id = 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function (c) {
+            const r = Math.random() * 16 | 0;
+            return (c === 'x' ? r : (r & 0x3 | 0x8)).toString(16);
+        });
+        // Cookie Expiration in one Year
+        document.cookie = 'webgis_browser_id=' + id + ';path=/;max-age=31536000;SameSite=Lax';
+    }
+    return id;
+}
+
+
 // Application State
 let map;                                      // Leaflet Map Instance
 let sidebar;                                  // Sidebar Instance
@@ -290,9 +307,15 @@ function apiCall(data, callback) {
         });
 }
 
+
 // Loads all Contributions from API and displays Contributions on Map
 function loadContributions() {
-    apiCall({ action: 'read', municipality_id: MUNICIPALITY.id }, function (data) {
+    const readParams = { action: 'read', municipality_id: MUNICIPALITY.id };
+
+    // Sends Browser ID for persistent Vote Display
+    readParams.browser_id = browserId;
+
+    apiCall(readParams, function (data) {
         if (data.error) {
             console.error('Load Error:', data.error);
             return;
@@ -300,6 +323,14 @@ function loadContributions() {
 
         contributionsData = data.features || [];
 
+        // Restores Vote Highlights from API Response
+        if (data.user_votes) {
+            userVotes = {};
+            for (const key in data.user_votes) {
+                userVotes[key] = data.user_votes[key];
+            }
+        }
+
         // Removes existing Layer if present
         if (contributionsLayer) {
             map.removeLayer(contributionsLayer);
@@ -384,7 +415,7 @@ function buildPopupHtml(feature) {
                     '<i class="fa-solid fa-thumbs-down"></i> <span id="dislikes-' + props.contribution_id + '">' + props.dislikes_count + '</span>' +
                 '</button>' +
             '</div>' +
-            (currentUser === props.author_name ?
+            (props.browser_id === browserId || (typeof IS_ADMIN !== 'undefined' && IS_ADMIN) ?
                 '<div class="popup-detail-actions">' +
                     '<button class="btn btn-primary" onclick="editContribution(' + props.contribution_id + ')"><i class="fa-solid fa-pen"></i> Bearbeiten</button>' +
                     '<button class="btn btn-danger" onclick="deleteContribution(' + props.contribution_id + ')"><i class="fa-solid fa-trash"></i> Löschen</button>' +
@@ -441,7 +472,8 @@ function submitCreate() {
         description: description,
         geom: geom,
         geom_type: geomType,
-        author_name: currentUser
+        author_name: currentUser,
+        browser_id: browserId
     }, function (response) {
         if (response.error) {
             Swal.fire('Fehler', response.error, 'error');
@@ -570,7 +602,8 @@ function voteContribution(contributionId, voteType) {
         action: 'vote',
         contribution_id: contributionId,
         voter_name: currentUser,
-        vote_type: voteType
+        vote_type: voteType,
+        browser_id: browserId
     }, function (response) {
         if (response.error) {
             return;
-- 
2.49.1


From 62ba9b5345fdd8240cadf2849fc263501e233a0d Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Sat, 25 Apr 2026 13:10:47 +0200
Subject: [PATCH 22/25] fixed html structure for news sidebar

---
 public/index.php | 39 +++++++++++++++++++++++++--------------
 public/js/app.js | 19 +++++++++++++++++++
 2 files changed, 44 insertions(+), 14 deletions(-)

diff --git a/public/index.php b/public/index.php
index a380de0..952e653 100644
--- a/public/index.php
+++ b/public/index.php
@@ -204,20 +204,31 @@ $news_items = $stmt->fetchAll();
                         <span class="leaflet-sidebar-close"><i class="fa-solid fa-xmark"></i></span>
                     </h2>
                     <div class="sidebar-body">
-                        <?php if (empty($news_items)): ?>
-                            <p style="text-align:center;color:#999;padding:20px;">Noch keine Neuigkeiten veröffentlicht.</p>
-                        <?php else: ?>
-                            <?php foreach ($news_items as $news): ?>
-                                <div class="news-item">
-                                    <h3><?= htmlspecialchars($news['title']) ?></h3>
-                                    <p><?= nl2br(htmlspecialchars($news['content'])) ?></p>
-                                    <span class="news-date">
-                                        <?= htmlspecialchars($news['author_name']) ?>
-                                        · <?= date('d.m.Y', strtotime($news['published_at'])) ?>
-                                    </span>
-                                </div>
-                            <?php endforeach; ?>
-                        <?php endif; ?>
+                        <!-- News Search -->
+                        <div class="list-search">
+                            <input type="text" id="news-search-input" placeholder="Neuigkeiten durchsuchen..." class="form-input" oninput="filterNews()">
+                        </div>
+
+                        <!-- News Items Container -->
+                        <div id="news-list">
+                            <?php if (empty($news_items)): ?>
+                                <p style="text-align:center;color:#999;padding:20px;">Noch keine Neuigkeiten veröffentlicht.</p>
+                            <?php else: ?>
+                                <?php foreach ($news_items as $news): ?>
+                                    <div class="news-item"
+                                         data-title="<?= htmlspecialchars(strtolower($news['title'])) ?>"
+                                         data-content="<?= htmlspecialchars(strtolower($news['content'])) ?>"
+                                         data-author="<?= htmlspecialchars(strtolower($news['author_name'])) ?>">
+                                        <h3><?= htmlspecialchars($news['title']) ?></h3>
+                                        <p><?= nl2br(htmlspecialchars($news['content'])) ?></p>
+                                        <span class="news-date">
+                                            <?= htmlspecialchars($news['author_name']) ?>
+                                            · <?= date('d.m.Y', strtotime($news['published_at'])) ?>
+                                        </span>
+                                    </div>
+                                <?php endforeach; ?>
+                            <?php endif; ?>
+                        </div>
                     </div>
                 </div>
 
diff --git a/public/js/app.js b/public/js/app.js
index be8a33e..397e42f 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -983,6 +983,25 @@ function reverseGeocode(contributionId, lat, lng) {
     .catch(function () {});
 }
 
+// Filters News Items in Sidebar by Search Term
+function filterNews() {
+    const searchTerm = document.getElementById('news-search-input').value.toLowerCase();
+    const newsItems = document.querySelectorAll('#news-list .news-item');
+
+    newsItems.forEach(function (item) {
+        const title = item.dataset.title || '';
+        const content = item.dataset.content || '';
+        const author = item.dataset.author || '';
+
+        // Shows Item if Search Term matches Title, Content or Author
+        if (!searchTerm || title.indexOf(searchTerm) !== -1 || content.indexOf(searchTerm) !== -1 || author.indexOf(searchTerm) !== -1) {
+            item.style.display = '';
+        } else {
+            item.style.display = 'none';
+        }
+    });
+}
+
 
 // =====================================================================
 // Block 16: Application Startup
-- 
2.49.1


From cb8994b4938d680ff9669e804720bda6c0c6a5b6 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Sat, 25 Apr 2026 13:37:05 +0200
Subject: [PATCH 23/25] unified CSS, consistent headers, standardized button
 colors

---
 public/admin.css   |  547 ---------------------
 public/admin.php   |   20 +-
 public/imprint.php |   48 +-
 public/index.php   |    2 +-
 public/privacy.php |   59 +--
 public/styles.css  | 1166 +++++++++++++++++++++++++++-----------------
 6 files changed, 752 insertions(+), 1090 deletions(-)
 delete mode 100644 public/admin.css

diff --git a/public/admin.css b/public/admin.css
deleted file mode 100644
index a8347e2..0000000
--- a/public/admin.css
+++ /dev/null
@@ -1,547 +0,0 @@
-/* =====================================================================
-   Moderation Page — Styles
-   Separate Stylesheet for the Admin Moderation Interface.
-   ===================================================================== */
-
-
-/* -----------------------------------------------------------------
-   Base
-   ----------------------------------------------------------------- */
-* { box-sizing: border-box; margin: 0; padding: 0; }
-
-body {
-    font-family: 'Segoe UI', system-ui, sans-serif;
-    background: #f4f5f7;
-    color: #1a1a2e;
-    font-size: 15px;
-}
-
-
-/* -----------------------------------------------------------------
-   Header
-   ----------------------------------------------------------------- */
-.admin-header {
-    background: var(--color-primary);
-    color: white;
-    padding: 14px 24px;
-    display: flex;
-    justify-content: space-between;
-    align-items: center;
-    box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
-}
-
-.admin-header h1 {
-    font-size: 1.15rem;
-    font-weight: 600;
-}
-
-.admin-nav {
-    display: flex;
-    gap: 16px;
-    align-items: center;
-}
-
-.admin-nav a {
-    color: white;
-    text-decoration: none;
-    opacity: 0.8;
-    font-size: 0.85rem;
-    transition: opacity 150ms ease;
-}
-
-.admin-nav a:hover { opacity: 1; }
-
-
-/* -----------------------------------------------------------------
-   Container
-   ----------------------------------------------------------------- */
-.admin-container {
-    max-width: 960px;
-    margin: 24px auto;
-    padding: 0 16px;
-}
-
-
-/* -----------------------------------------------------------------
-   Statistics Cards
-   ----------------------------------------------------------------- */
-.stats-grid {
-    display: grid;
-    grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
-    gap: 12px;
-    margin-bottom: 28px;
-}
-
-.stat-card {
-    background: white;
-    border-radius: 8px;
-    padding: 16px;
-    text-align: center;
-    border: 1px solid #e0e0e0;
-}
-
-.stat-card .stat-number {
-    font-size: 1.8rem;
-    font-weight: 700;
-    color: var(--color-primary);
-}
-
-.stat-card .stat-label {
-    font-size: 0.8rem;
-    color: #5a5a7a;
-    margin-top: 4px;
-}
-
-
-/* -----------------------------------------------------------------
-   Filter Tabs
-   ----------------------------------------------------------------- */
-.filter-tabs {
-    display: flex;
-    gap: 4px;
-    margin-bottom: 20px;
-    border-bottom: 2px solid #e0e0e0;
-    padding-bottom: 0;
-}
-
-.filter-tab {
-    padding: 8px 16px;
-    border: none;
-    background: none;
-    font-family: inherit;
-    font-size: 0.85rem;
-    font-weight: 600;
-    color: #5a5a7a;
-    cursor: pointer;
-    border-bottom: 2px solid transparent;
-    margin-bottom: -2px;
-    transition: color 150ms ease, border-color 150ms ease;
-}
-
-.filter-tab:hover {
-    color: var(--color-primary);
-}
-
-.filter-tab.active {
-    color: var(--color-primary);
-    border-bottom-color: var(--color-primary);
-}
-
-.filter-tab .tab-count {
-    background: #e0e0e0;
-    color: #5a5a7a;
-    font-size: 0.7rem;
-    padding: 1px 6px;
-    border-radius: 10px;
-    margin-left: 4px;
-}
-
-.filter-tab.active .tab-count {
-    background: var(--color-primary);
-    color: white;
-}
-
-
-/* -----------------------------------------------------------------
-   Sort Controls
-   ----------------------------------------------------------------- */
-.sort-controls {
-    display: flex;
-    justify-content: space-between;
-    align-items: center;
-    margin-bottom: 16px;
-    font-size: 0.85rem;
-    color: #5a5a7a;
-}
-
-.sort-controls select {
-    padding: 4px 8px;
-    border: 1px solid #e0e0e0;
-    border-radius: 4px;
-    font-family: inherit;
-    font-size: 0.85rem;
-    cursor: pointer;
-}
-
-
-/* -----------------------------------------------------------------
-   Collapsible Contribution Rows
-   ----------------------------------------------------------------- */
-.contribution-row {
-    background: white;
-    border: 1px solid #e0e0e0;
-    border-radius: 8px;
-    margin-bottom: 10px;
-    overflow: hidden;
-    transition: border-color 150ms ease;
-}
-
-.contribution-row:hover {
-    border-color: #bbb;
-}
-
-.contribution-row-header {
-    padding: 12px 16px;
-    display: flex;
-    justify-content: space-between;
-    align-items: center;
-    cursor: pointer;
-    transition: background 150ms ease;
-}
-
-.contribution-row-header:hover {
-    background: #f8f9fa;
-}
-
-.contribution-row-summary {
-    display: flex;
-    align-items: center;
-    gap: 10px;
-    flex: 1;
-    min-width: 0;
-}
-
-.contribution-row-summary .title {
-    font-weight: 600;
-    font-size: 0.95rem;
-    white-space: nowrap;
-    overflow: hidden;
-    text-overflow: ellipsis;
-}
-
-.collapse-icon {
-    color: #999;
-    font-size: 0.75rem;
-    flex-shrink: 0;
-    transition: transform 200ms ease;
-}
-
-.contribution-row.open .collapse-icon {
-    transform: rotate(180deg);
-}
-
-
-/* -----------------------------------------------------------------
-   Contribution Detail View (expanded)
-   ----------------------------------------------------------------- */
-.contribution-row-detail {
-    padding: 0 16px 16px 16px;
-    border-top: 1px solid #f0f0f0;
-    display: none;
-}
-
-.contribution-row.open .contribution-row-detail {
-    display: block;
-}
-
-.detail-layout {
-    display: flex;
-    gap: 16px;
-    margin-top: 12px;
-    margin-bottom: 12px;
-}
-
-.detail-map {
-    width: 220px;
-    height: 170px;
-    border-radius: 6px;
-    border: 1px solid #e0e0e0;
-    flex-shrink: 0;
-    background: #f0f0f0;
-}
-
-.detail-content {
-    flex: 1;
-    min-width: 0;
-}
-
-.detail-content .description {
-    font-size: 0.85rem;
-    line-height: 1.5;
-    color: #5a5a7a;
-    margin-bottom: 10px;
-}
-
-.detail-content .description.empty {
-    color: #bbb;
-    font-style: italic;
-}
-
-.detail-meta {
-    font-size: 0.8rem;
-    color: #999;
-    display: flex;
-    flex-direction: column;
-    gap: 4px;
-}
-
-.detail-meta span {
-    display: flex;
-    align-items: center;
-    gap: 6px;
-}
-
-
-/* -----------------------------------------------------------------
-   Action Buttons
-   ----------------------------------------------------------------- */
-.action-buttons {
-    display: flex;
-    gap: 8px;
-    flex-wrap: wrap;
-    padding-top: 12px;
-    border-top: 1px solid #f0f0f0;
-}
-
-.btn {
-    padding: 7px 14px;
-    border: none;
-    border-radius: 6px;
-    font-size: 0.82rem;
-    font-weight: 600;
-    cursor: pointer;
-    display: inline-flex;
-    align-items: center;
-    gap: 5px;
-    font-family: inherit;
-    transition: filter 150ms ease;
-    text-decoration: none;
-}
-
-.btn:hover { filter: brightness(1.1); }
-
-.btn-approve { background: #28a745 ; color: white; }
-.btn-reject { background: #DC3545; color: white; }
-.btn-edit { background: #ffc107; color: white; }
-.btn-delete { background: #424242; color: white; }
-.btn-map { background: #546E7A; color: white; }
-
-
-/* -----------------------------------------------------------------
-   Badges
-   ----------------------------------------------------------------- */
-.badge {
-    display: inline-block;
-    padding: 2px 8px;
-    border-radius: 4px;
-    font-size: 0.7rem;
-    font-weight: 600;
-    text-transform: uppercase;
-    letter-spacing: 0.5px;
-    flex-shrink: 0;
-}
-
-.badge-category {
-    background: #e0e0e0;
-    color: #5a5a7a;
-    display: inline-flex;
-    align-items: center;
-    gap: 4px;
-}
-
-.badge-pending { background: #fff3cd; color: #856404; }
-.badge-approved { background: #d4edda; color: #155724; }
-.badge-rejected { background: #f8d7da; color: #721c24; }
-
-
-/* -----------------------------------------------------------------
-   Empty State
-   ----------------------------------------------------------------- */
-.empty-state {
-    text-align: center;
-    padding: 40px;
-    color: #999;
-    font-size: 0.9rem;
-}
-
-
-/* -----------------------------------------------------------------
-   Section Spacing
-   ----------------------------------------------------------------- */
-.section { margin-bottom: 32px; }
-
-
-/* -----------------------------------------------------------------
-   Placeholder Tabs (future Features)
-   ----------------------------------------------------------------- */
-.placeholder-content {
-    text-align: center;
-    padding: 60px 20px;
-    color: #bbb;
-}
-
-.placeholder-content i {
-    font-size: 2.5rem;
-    margin-bottom: 12px;
-    display: block;
-}
-
-.placeholder-content p {
-    font-size: 0.9rem;
-}
-
-
-/* -----------------------------------------------------------------
-   Navigation Tabs (Page Sections)
-   ----------------------------------------------------------------- */
-.page-tabs {
-    display: flex;
-    gap: 4px;
-    margin-bottom: 24px;
-    background: white;
-    padding: 4px;
-    border-radius: 8px;
-    border: 1px solid #e0e0e0;
-}
-
-.page-tab {
-    padding: 8px 16px;
-    border: none;
-    background: none;
-    font-family: inherit;
-    font-size: 0.85rem;
-    font-weight: 600;
-    color: #5a5a7a;
-    cursor: pointer;
-    border-radius: 6px;
-    transition: all 150ms ease;
-    display: flex;
-    align-items: center;
-    gap: 6px;
-}
-
-.page-tab:hover { background: #f0f0f0; }
-
-.page-tab.active {
-    background: var(--color-primary);
-    color: white;
-}
-
-
-/* -----------------------------------------------------------------
-   Login Page
-   ----------------------------------------------------------------- */
-.login-wrapper {
-    display: flex;
-    align-items: center;
-    justify-content: center;
-    min-height: 100vh;
-}
-
-.login-box {
-    background: white;
-    border-radius: 12px;
-    padding: 32px;
-    max-width: 380px;
-    width: 90%;
-    box-shadow: 0 4px 20px rgba(0, 0, 0, 0.1);
-    text-align: center;
-}
-
-.login-box h1 {
-    font-size: 1.3rem;
-    margin-bottom: 8px;
-}
-
-.login-box p {
-    font-size: 0.85rem;
-    color: #5a5a7a;
-    margin-bottom: 20px;
-}
-
-.login-box input[type="password"] {
-    width: 100%;
-    padding: 10px 12px;
-    border: 1px solid #e0e0e0;
-    border-radius: 6px;
-    font-size: 0.9rem;
-    margin-bottom: 12px;
-    font-family: inherit;
-}
-
-.login-box input:focus {
-    outline: none;
-    border-color: var(--color-primary);
-    box-shadow: 0 0 0 3px rgba(0, 55, 109, 0.1);
-}
-
-.login-box button {
-    width: 100%;
-    padding: 10px;
-    background: var(--color-primary);
-    color: white;
-    border: none;
-    border-radius: 6px;
-    font-size: 0.9rem;
-    font-weight: 600;
-    cursor: pointer;
-    font-family: inherit;
-}
-
-.login-box button:hover { filter: brightness(1.15); }
-
-.login-error {
-    color: #c62828;
-    font-size: 0.85rem;
-    margin-bottom: 12px;
-}
-
-.back-link {
-    margin-top: 16px;
-    font-size: 0.8rem;
-}
-
-.back-link a { color: #5a5a7a; }
-
-
-/* -----------------------------------------------------------------
-   SweetAlert2 Font Override
-   ----------------------------------------------------------------- */
-.swal2-input,
-.swal2-textarea,
-.swal2-select {
-    font-family: 'Segoe UI', system-ui, sans-serif !important;
-}
-
-
-/* -----------------------------------------------------------------
-   Mobile Responsive
-   ----------------------------------------------------------------- */
-@media (max-width: 768px) {
-    .admin-header {
-        flex-direction: column;
-        gap: 8px;
-        padding: 12px 16px;
-    }
-
-    .admin-header h1 { font-size: 1rem; }
-
-    .detail-layout {
-        flex-direction: column;
-    }
-
-    .detail-map {
-        width: 100%;
-        height: 180px;
-    }
-
-    .contribution-row-summary .title {
-        max-width: 200px;
-    }
-
-    .action-buttons {
-        flex-direction: column;
-    }
-
-    .action-buttons .btn {
-        justify-content: center;
-    }
-
-    .filter-tabs {
-        overflow-x: auto;
-    }
-
-    .page-tabs {
-        overflow-x: auto;
-    }
-}
\ No newline at end of file
diff --git a/public/admin.php b/public/admin.php
index 84aba59..ce77702 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -123,7 +123,7 @@ $counts['total'] = count($all_contributions);
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.9.4/leaflet.min.css">
     
     <!-- Application Styles -->
-    <link rel="stylesheet" href="admin.css">
+    <link rel="stylesheet" href="styles.css">
 
 
     <!-- Loads JavaScript Dependencies -->
@@ -140,15 +140,17 @@ $counts['total'] = count($all_contributions);
     <!-- ============================================================= -->
     <!-- Header                                                        -->
     <!-- ============================================================= -->
-    <div class="admin-header">
-        <h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal <?= htmlspecialchars($municipality['name']) ?></h1>
-        <div class="admin-nav">
-            <a href="index.php"><i class="fa-solid fa-map"></i> Bürgerportal</a>
-            <a href="admin.php?page=logout"><i class="fa-solid fa-right-from-bracket"></i> Abmelden</a>
+    <div class="page-header">
+        <div class="page-header-inner">
+            <h1><i class="fa-solid fa-shield-halved"></i> Moderationsportal <?= htmlspecialchars($municipality['name']) ?></h1>
+            <div class="page-header-nav">
+                <a href="index.php"><i class="fa-solid fa-map"></i> Bürgerportal</a>
+                <a href="admin.php?page=logout"><i class="fa-solid fa-right-from-bracket"></i> Abmelden</a>
+            </div>
         </div>
     </div>
 
-    <div class="admin-container">
+    <div class="page-container">
 
         <!-- ========================================================= -->
         <!-- Page Navigation Tabs                                      -->
@@ -295,7 +297,7 @@ $counts['total'] = count($all_contributions);
                                     <?php endif; ?>
 
                                     <?php if ($item['status'] !== 'pending'): ?>
-                                        <button class="btn btn-edit" onclick="changeStatus(<?= $item['contribution_id'] ?>, 'pending')" style="background:#f57f17;">
+                                        <button class="btn btn-reset" onclick="changeStatus(..., 'pending')">
                                             <i class="fa-solid fa-rotate-left"></i> Zurücksetzen
                                         </button>
                                     <?php endif; ?>
@@ -864,7 +866,7 @@ function show_login_page($municipality, $error = null) {
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Moderation - Anmeldung</title>
     <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
-    <link rel="stylesheet" href="admin.css">
+    <link rel="stylesheet" href="styles.css">
     <style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
 </head>
 <body>
diff --git a/public/imprint.php b/public/imprint.php
index 81f56cc..6c6af10 100644
--- a/public/imprint.php
+++ b/public/imprint.php
@@ -1,12 +1,8 @@
 <?php
-// =====================================================================
-// Imprint Page
-// =====================================================================
 require_once __DIR__ . '/api/db.php';
-
 $pdo = get_db();
 $stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
-$stmt->execute([':slug' => 'lohne']);
+$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
 $municipality = $stmt->fetch();
 ?>
 <!DOCTYPE html>
@@ -15,41 +11,29 @@ $municipality = $stmt->fetch();
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Impressum — <?= htmlspecialchars($municipality['name']) ?></title>
-    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
+    <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
-    <style>
-        :root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }
-        * { box-sizing: border-box; margin: 0; padding: 0; }
-        body { font-family: 'Segoe UI', system-ui, sans-serif; background: #f4f5f7; color: #1a1a2e; }
-        .page-header { background: var(--color-primary); color: white; padding: 16px 24px; }
-        .page-header h1 { font-size: 1.2rem; }
-        .page-header a { color: white; opacity: 0.8; text-decoration: none; font-size: 0.85rem; }
-        .page-header a:hover { opacity: 1; }
-        .page-header-inner { max-width: 800px; margin: 0 auto; display: flex; justify-content: space-between; align-items: center; }
-        .page-content { max-width: 800px; margin: 32px auto; padding: 32px; background: white; border-radius: 8px; border: 1px solid #e0e0e0; line-height: 1.7; }
-        .page-content h2 { font-size: 1.1rem; margin: 24px 0 8px 0; color: var(--color-primary); }
-        .page-content h2:first-child { margin-top: 0; }
-        .page-content p { margin-bottom: 12px; color: #5a5a7a; }
-        @media (max-width: 768px) { .page-content { margin: 16px; padding: 20px; } }
-    </style>
+    <link rel="stylesheet" href="styles.css">
+    <style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
 </head>
 <body>
     <div class="page-header">
         <div class="page-header-inner">
             <h1><i class="fa-solid fa-scale-balanced"></i> Impressum</h1>
-            <a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
+            <div class="page-header-nav">
+                <a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
+            </div>
         </div>
     </div>
-    <div class="page-content">
-        <h2>Angaben gemäß § 5 TMG</h2>
-        <p>Stadt <?= htmlspecialchars($municipality['name']) ?></p>
-        <p>Die vollständigen Angaben (Adresse, Telefon, E-Mail, Vertretungsberechtigte) werden hier ergänzt, sobald das Portal in den Produktivbetrieb geht.</p>
-
-        <h2>Technische Umsetzung</h2>
-        <p><a href="https://endex-geodaten.de" target="_blank" style="color:var(--color-primary);">endex GmbH</a></p>
-
-        <h2>Haftungsausschluss</h2>
-        <p>Die Inhalte der Bürgerbeiträge geben die Meinung der jeweiligen Verfasser wieder. Die Stadt <?= htmlspecialchars($municipality['name']) ?> übernimmt keine Gewähr für deren Richtigkeit.</p>
+    <div class="page-container">
+        <div class="page-content-box">
+            <div class="dev-notice">
+                <i class="fa-solid fa-triangle-exclamation"></i>
+                Dieses Portal befindet sich in der Entwicklung und wurde nicht offiziell beauftragt. Das Impressum wird mit der offiziellen Inbetriebnahme hier hinzugefügt.
+            </div>
+            <h2>Impressum</h2>
+            <p>Das Impressum wird hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>
+        </div>
     </div>
 </body>
 </html>
\ No newline at end of file
diff --git a/public/index.php b/public/index.php
index 952e653..f122214 100644
--- a/public/index.php
+++ b/public/index.php
@@ -79,7 +79,7 @@ $news_items = $stmt->fetchAll();
     </style>
 </head>
 
-<body>
+<body class="portal-page">
 
     <!-- ============================================================= -->
     <!-- Header                                                        -->
diff --git a/public/privacy.php b/public/privacy.php
index 0c9f6a3..f2db92f 100644
--- a/public/privacy.php
+++ b/public/privacy.php
@@ -1,12 +1,8 @@
 <?php
-// =====================================================================
-// Privacy Policy Page
-// =====================================================================
 require_once __DIR__ . '/api/db.php';
-
 $pdo = get_db();
 $stmt = $pdo->prepare("SELECT * FROM municipalities WHERE slug = :slug");
-$stmt->execute([':slug' => 'lohne']);
+$stmt->execute([':slug' => getenv('MUNICIPALITY_SLUG')]);
 $municipality = $stmt->fetch();
 ?>
 <!DOCTYPE html>
@@ -15,50 +11,29 @@ $municipality = $stmt->fetch();
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Datenschutz — <?= htmlspecialchars($municipality['name']) ?></title>
-    <link rel="icon" href="assets/icon-municipality.png" type="image/png">
+    <link rel="icon" href="<?= htmlspecialchars($municipality['logo_path'] ?? 'assets/icon-municipality.png') ?>" type="image/png">
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
-    <style>
-        :root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }
-        * { box-sizing: border-box; margin: 0; padding: 0; }
-        body { font-family: 'Segoe UI', system-ui, sans-serif; background: #f4f5f7; color: #1a1a2e; }
-        .page-header { background: var(--color-primary); color: white; padding: 16px 24px; }
-        .page-header h1 { font-size: 1.2rem; }
-        .page-header a { color: white; opacity: 0.8; text-decoration: none; font-size: 0.85rem; }
-        .page-header a:hover { opacity: 1; }
-        .page-header-inner { max-width: 800px; margin: 0 auto; display: flex; justify-content: space-between; align-items: center; }
-        .page-content { max-width: 800px; margin: 32px auto; padding: 32px; background: white; border-radius: 8px; border: 1px solid #e0e0e0; line-height: 1.7; }
-        .page-content h2 { font-size: 1.1rem; margin: 24px 0 8px 0; color: var(--color-primary); }
-        .page-content h2:first-child { margin-top: 0; }
-        .page-content p { margin-bottom: 12px; color: #5a5a7a; }
-        @media (max-width: 768px) { .page-content { margin: 16px; padding: 20px; } }
-    </style>
+    <link rel="stylesheet" href="styles.css">
+    <style>:root { --color-primary: <?= htmlspecialchars($municipality['primary_color']) ?>; }</style>
 </head>
 <body>
     <div class="page-header">
         <div class="page-header-inner">
-            <h1><i class="fa-solid fa-shield-halved"></i> Datenschutzerklärung</h1>
-            <a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
+            <h1><i class="fa-solid fa-lock"></i> Datenschutz</h1>
+            <div class="page-header-nav">
+                <a href="index.php"><i class="fa-solid fa-arrow-left"></i> Zurück zur Karte</a>
+            </div>
         </div>
     </div>
-    <div class="page-content">
-        <h2>Verantwortliche Stelle</h2>
-        <p>Stadt <?= htmlspecialchars($municipality['name']) ?></p>
-        <p>Die vollständigen Kontaktdaten werden hier ergänzt, sobald das Portal in den Produktivbetrieb geht.</p>
-
-        <h2>Erhobene Daten</h2>
-        <p>Das Bürgerbeteiligungsportal speichert die von Ihnen eingegebenen Beiträge (Titel, Beschreibung, Geometrie, Name) sowie Ihre Abstimmungen zur Durchführung der Bürgerbeteiligung.</p>
-
-        <h2>Zweck der Verarbeitung</h2>
-        <p>Die Daten werden ausschließlich zur Durchführung und Auswertung der Bürgerbeteiligung verwendet.</p>
-
-        <h2>Weitergabe an Dritte</h2>
-        <p>Ihre Daten werden nicht an Dritte weitergegeben.</p>
-
-        <h2>Ihre Rechte</h2>
-        <p>Sie haben das Recht auf Auskunft, Berichtigung und Löschung Ihrer Daten. Kontaktieren Sie hierzu die verantwortliche Stelle.</p>
-
-        <h2>Cookies und Sitzungsdaten</h2>
-        <p>Das Portal verwendet Sitzungscookies zur Speicherung Ihres Namens während der Nutzung. Diese werden beim Schließen des Browsers gelöscht.</p>
+    <div class="page-container">
+        <div class="page-content-box">
+            <div class="dev-notice">
+                <i class="fa-solid fa-triangle-exclamation"></i>
+                Dieses Portal befindet sich in der Entwicklung und wurde nicht offiziell beauftragt. Die Datenschutzerklärung wird mit der offiziellen Inbetriebnahme hier hinzugefügt.
+            </div>
+            <h2>Datenschutz</h2>
+            <p>Die Datenschutzerklärung wird hier hinzugefügt, sobald das Portal in den Produktivbetrieb geht.</p>
+        </div>
     </div>
 </body>
 </html>
\ No newline at end of file
diff --git a/public/styles.css b/public/styles.css
index 9da66e5..3a10b31 100644
--- a/public/styles.css
+++ b/public/styles.css
@@ -1,44 +1,59 @@
 /* =====================================================================
-   WebGIS Citizen Participation Portal — Styles
-   Mobile-First Layout with CSS Custom Properties for Municipality Theme
+   WebGIS Bürgerbeteiligungsportal — Unified Styles
+   Single Stylesheet for all Pages: Portal, Moderation, Legal Pages.
+   Organized in Sections: Tokens, Base, Shared, Portal, Admin, Legal.
    ===================================================================== */
 
 
-/* -----------------------------------------------------------------
-   CSS Custom Properties Defaults — overridden per Municipality
-   ----------------------------------------------------------------- */
+/* =================================================================
+   SECTION 1: Design Tokens (CSS Custom Properties)
+   Shared across all Pages. Overridden per Municipality via PHP.
+   ================================================================= */
+
 :root {
-    /* Municipality Colors */
+    /* Municipality Theme */
     --color-primary: #00376D;
     --color-primary-light: #00376D22;
 
-    /* Neutral Colors */
+    /* Neutral Palette */
     --color-bg: #f4f5f7;
     --color-surface: #ffffff;
     --color-text: #1a1a2e;
     --color-text-secondary: #5a5a7a;
     --color-border: #e0e0e0;
 
-    /* Feedback Colors */
+    /* Standardized Button Colors */
+    --color-approve: #28a745;
+    --color-reject: #DC3545;
+    --color-edit: #ffc107;
+    --color-delete: #424242;
+    --color-map-btn: #546E7A;
     --color-success: #2e7d32;
     --color-error: #c62828;
     --color-warning: #f57f17;
 
-    /* Spacing */
+    /* Badge Colors */
+    --color-badge-pending-bg: #fff3cd;
+    --color-badge-pending-text: #856404;
+    --color-badge-approved-bg: #d4edda;
+    --color-badge-approved-text: #155724;
+    --color-badge-rejected-bg: #f8d7da;
+    --color-badge-rejected-text: #721c24;
+
+    /* Spacing Scale */
     --space-xs: 4px;
     --space-sm: 8px;
     --space-md: 16px;
     --space-lg: 24px;
     --space-xl: 32px;
 
-    /* Layout */
+    /* Layout (Portal-specific, ignored by other Pages) */
     --header-height: 56px;
     --footer-height: 40px;
     --map-side-padding: 0px;
 
     /* Typography */
     --font-body: 'Segoe UI', system-ui, -apple-system, sans-serif;
-    --font-heading: 'Segoe UI', system-ui, -apple-system, sans-serif;
 
     /* Transitions */
     --transition-fast: 150ms ease;
@@ -46,9 +61,11 @@
 }
 
 
-/* -----------------------------------------------------------------
-   Reset and Base
-   ----------------------------------------------------------------- */
+/* =================================================================
+   SECTION 2: Reset and Base Styles
+   Applied to every Page.
+   ================================================================= */
+
 *,
 *::before,
 *::after {
@@ -57,402 +74,155 @@
     padding: 0;
 }
 
-html, body {
-    height: 100%;
-    overflow: hidden;
+body {
     font-family: var(--font-body);
     font-size: 15px;
     color: var(--color-text);
     background: var(--color-bg);
 }
 
+a { text-decoration: none; }
+
+
+/* =================================================================
+   SECTION 3: Shared Components
+   Reusable across Portal, Admin, and Legal Pages.
+   ================================================================= */
+
 
 /* -----------------------------------------------------------------
-   Header
+   3.1 Page Header (Admin, Legal Pages)
    ----------------------------------------------------------------- */
-#app-header {
-    position: fixed;
-    top: 0;
-    left: 0;
-    right: 0;
-    z-index: 1000;
-    height: var(--header-height);
-    display: flex;
-    align-items: center;
-    justify-content: space-between;
-    padding: 0 var(--space-md);
+.page-header {
     background: var(--color-primary);
     color: white;
+    padding: 14px 24px;
     box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
 }
 
-.header-left {
+.page-header-inner {
+    max-width: 960px;
+    margin: 0 auto;
     display: flex;
+    justify-content: space-between;
     align-items: center;
-    gap: var(--space-sm);
-    min-width: 0;
 }
 
-.header-logo {
-    height: 36px;
-    width: auto;
-    object-fit: contain;
-    flex-shrink: 0;
-}
-
-.header-title {
-    font-family: var(--font-heading);
-    font-size: 1.1rem;
+.page-header h1 {
+    font-size: 1.15rem;
     font-weight: 600;
-    white-space: nowrap;
-    overflow: hidden;
-    text-overflow: ellipsis;
 }
 
-.header-nav {
-    display: flex;
-    gap: var(--space-xs);
-}
-
-.nav-btn {
+.page-header-nav {
     display: flex;
+    gap: 16px;
     align-items: center;
-    gap: var(--space-xs);
-    padding: var(--space-sm) var(--space-md);
-    border: none;
-    background: rgba(255, 255, 255, 0.1);
+}
+
+.page-header-nav a {
     color: white;
-    border-radius: 6px;
-    cursor: pointer;
+    opacity: 0.8;
     font-size: 0.85rem;
-    transition: background var(--transition-fast);
+    transition: opacity var(--transition-fast);
 }
 
-.nav-btn:hover {
-    background: rgba(255, 255, 255, 0.25);
-}
-
-.nav-btn-admin {
-    text-decoration: none;
-    margin-left: var(--space-sm);
-    background: rgba(255, 255, 255, 0.05);
-    opacity: 0.6;
-    font-size: 0.8rem;
-}
-
-.nav-btn-admin:hover {
-    opacity: 1;
-    background: rgba(255, 255, 255, 0.2);
-}
-
-.header-menu-toggle {
-    display: none;
-    border: none;
-    background: none;
-    color: white;
-    font-size: 1.4rem;
-    cursor: pointer;
-    padding: var(--space-sm);
-}
+.page-header-nav a:hover { opacity: 1; }
 
 
 /* -----------------------------------------------------------------
-   Main and Map Container
+   3.2 Page Content Container (Admin, Legal Pages)
    ----------------------------------------------------------------- */
-#app-main {
-    position: fixed;
-    top: var(--header-height);
-    bottom: var(--footer-height);
-    left: var(--map-side-padding);
-    right: var(--map-side-padding);
+.page-container {
+    max-width: 960px;
+    margin: 24px auto;
+    padding: 0 16px;
 }
 
-#map {
-    width: 100%;
-    height: 100%;
-}
-
-
-/* -----------------------------------------------------------------
-   Footer
-   ----------------------------------------------------------------- */
-#app-footer {
-    position: fixed;
-    bottom: 0;
-    left: 0;
-    right: 0;
-    z-index: 1000;
-    height: var(--footer-height);
-    display: flex;
-    align-items: center;
-    justify-content: center;
-    padding: 0 var(--space-md);
+.page-content-box {
+    padding: 32px;
     background: var(--color-surface);
-    border-top: 1px solid var(--color-border);
-    font-size: 0.8rem;
-    color: var(--color-text-secondary);
-}
-
-.footer-content {
-    display: flex;
-    align-items: center;
-    gap: var(--space-sm);
-}
-
-.footer-logo {
-    height: 22px;
-    width: auto;
-    object-fit: contain;
-}
-
-.dev-warning {
-    position: absolute;
-    left: var(--space-md);
-
-    font-size: 0.7rem;
-    font-weight: 600;
-    color: #856404;
-    white-space: nowrap;
-
-    background: rgba(255, 243, 205, 0.8); /* leicht transparent */
-    padding: 4px 10px;
     border-radius: 8px;
-
-    border: 1px solid #856404; /* NICHT transparent */
-}
-
-@media (max-width: 768px) {
-    .dev-warning {
-        font-size: 0.6rem;
-        left: var(--space-sm);
-    }
-}
-
-/* -----------------------------------------------------------------
-   Mouse Position Display
-   ----------------------------------------------------------------- */
-.mouse-position-display {
-    background: rgba(255, 255, 255, 0.85);
-    padding: 2px 8px;
-    font-size: 0.75rem;
-    border-radius: 4px;
-}
-
-@media (max-width: 768px) {
-    .mouse-position-display {
-        display: none;
-    }
-}
-
-
-/* -----------------------------------------------------------------
-   GPS Control Button
-   ----------------------------------------------------------------- */
-.gps-control-button {
-    display: flex;
-    align-items: center;
-    justify-content: center;
-    width: 30px;
-    height: 30px;
-    font-size: 16px;
-}
-
-
-/* -----------------------------------------------------------------
-   Sidebar Overrides
-   ----------------------------------------------------------------- */
-.leaflet-sidebar {
-    z-index: 999;
-    top: var(--header-height);
-    bottom: var(--footer-height);
-}
-
-.leaflet-sidebar-header {
-    background: var(--color-primary);
-    color: white;
-}
-
-.leaflet-sidebar-close {
-    color: white;
-}
-
-.leaflet-sidebar-tabs > ul > li > a {
-    color: var(--color-text-secondary);
-    transition: color var(--transition-fast);
-}
-
-.leaflet-sidebar-tabs > ul > li.active > a {
-    color: var(--color-primary);
-    border-color: var(--color-primary);
-}
-
-.sidebar-body {
-    padding: var(--space-md);
-}
-
-.sidebar-body h3 {
-    font-size: 0.95rem;
-    font-weight: 600;
-    margin: var(--space-lg) 0 var(--space-sm) 0;
-    color: var(--color-primary);
-}
-
-.sidebar-body h3:first-child {
-    margin-top: 0;
-}
-
-.sidebar-body p {
-    margin-bottom: var(--space-sm);
-    line-height: 1.5;
-    color: var(--color-text-secondary);
-}
-
-
-/* -----------------------------------------------------------------
-   Contributions List (Sidebar Tab)
-   ----------------------------------------------------------------- */
-.list-search {
-    margin-bottom: var(--space-md);
-}
-
-.contribution-card {
-    padding: var(--space-md);
-    margin-bottom: var(--space-sm);
-    background: var(--color-surface);
     border: 1px solid var(--color-border);
-    border-radius: 8px;
-    cursor: pointer;
-    transition: box-shadow var(--transition-fast), border-color var(--transition-fast);
+    line-height: 1.7;
 }
 
-.contribution-card:hover {
-    border-color: var(--color-primary);
-    box-shadow: 0 2px 8px rgba(0, 0, 0, 0.08);
+.page-content-box h2 {
+    font-size: 1.05rem;
+    font-weight: 600;
+    margin: 24px 0 8px 0;
+    color: var(--color-primary);
 }
 
-.contribution-card-header {
-    display: flex;
+.page-content-box h2:first-child { margin-top: 0; }
+
+.page-content-box p {
+    margin-bottom: 12px;
+    color: var(--color-text-secondary);
+}
+
+.page-content-box a { color: var(--color-primary); }
+
+
+/* -----------------------------------------------------------------
+   3.3 Buttons (shared across all Pages)
+   ----------------------------------------------------------------- */
+.btn {
+    display: inline-flex;
     align-items: center;
-    gap: var(--space-sm);
-    margin-bottom: var(--space-xs);
+    justify-content: center;
+    gap: var(--space-xs);
+    padding: 8px 16px;
+    border: none;
+    border-radius: 6px;
+    font-family: var(--font-body);
+    font-size: 0.85rem;
+    font-weight: 600;
+    cursor: pointer;
+    transition: filter var(--transition-fast), transform var(--transition-fast);
+    text-decoration: none;
+    min-height: 40px;
 }
 
-.contribution-card-category {
-    font-size: 0.75rem;
+.btn:hover { filter: brightness(1.1); }
+.btn:active { transform: scale(0.97); }
+
+.btn-primary   { background: var(--color-primary);  color: white; }
+.btn-secondary { background: var(--color-bg); color: var(--color-text); border: 1px solid var(--color-border); }
+.btn-secondary:hover { background: var(--color-border); }
+.btn-approve   { background: var(--color-approve);  color: white; }
+.btn-reject    { background: var(--color-reject);   color: white; }
+.btn-edit      { background: var(--color-edit);     color: white; }
+.btn-delete    { background: var(--color-delete);   color: white; }
+.btn-map       { background: var(--color-map-btn);  color: white; }
+.btn-success   { background: var(--color-success);  color: white; }
+.btn-danger    { background: var(--color-error);    color: white; }
+.btn-reset     { background: var(--color-warning);  color: white; }
+
+
+/* -----------------------------------------------------------------
+   3.4 Badges (shared across Portal and Admin)
+   ----------------------------------------------------------------- */
+.badge {
+    display: inline-block;
+    padding: 2px 8px;
+    border-radius: 4px;
+    font-size: 0.7rem;
     font-weight: 600;
     text-transform: uppercase;
     letter-spacing: 0.5px;
-    color: var(--color-primary);
+    flex-shrink: 0;
 }
 
-.contribution-card-title {
-    font-weight: 600;
-    font-size: 0.95rem;
-    margin-bottom: var(--space-xs);
-}
-
-.contribution-card-meta {
-    display: flex;
-    justify-content: space-between;
-    font-size: 0.8rem;
-    color: var(--color-text-secondary);
-}
-
-.contribution-card-votes {
-    display: flex;
-    gap: var(--space-sm);
-}
+.badge-pending  { background: var(--color-badge-pending-bg);  color: var(--color-badge-pending-text); }
+.badge-approved { background: var(--color-badge-approved-bg); color: var(--color-badge-approved-text); }
+.badge-rejected { background: var(--color-badge-rejected-bg); color: var(--color-badge-rejected-text); }
+.badge-category { background: var(--color-border); color: var(--color-text-secondary); display: inline-flex; align-items: center; gap: 4px; }
 
 
 /* -----------------------------------------------------------------
-   News Items (Sidebar Tab)
+   3.5 Form Elements (shared across Portal and Admin)
    ----------------------------------------------------------------- */
-.news-item {
-    font-size: 0.8rem;
-    padding: var(--space-md);
-    margin-bottom: var(--space-sm);
-    background: var(--color-surface);
-    border: 1px solid var(--color-border);
-    border-radius: 8px;
-}
-
-.news-date {
-    font-size: 0.8rem;
-    color: var(--color-text-secondary);
-}
-
-.news-item h3 {
-    font-size: 0.95rem;
-    margin: var(--space-xs) 0;
-    color: var(--color-text);
-}
-
-
-/* -----------------------------------------------------------------
-   Modals (Welcome, Login, Create Contribution)
-   ----------------------------------------------------------------- */
-.modal-overlay {
-    position: fixed;
-    inset: 0;
-    z-index: 2000;
-    display: flex;
-    align-items: center;
-    justify-content: center;
-    background: rgba(0, 0, 0, 0.5);
-    backdrop-filter: blur(4px);
-}
-
-.modal-content {
-    background: var(--color-surface);
-    border-radius: 12px;
-    padding: var(--space-xl);
-    max-width: 480px;
-    width: 90%;
-    max-height: 90vh;
-    overflow-y: auto;
-    box-shadow: 0 12px 40px rgba(0, 0, 0, 0.2);
-}
-
-.modal-small {
-    max-width: 380px;
-}
-
-.modal-content h2 {
-    font-family: var(--font-heading);
-    font-size: 1.3rem;
-    margin-bottom: var(--space-md);
-    color: var(--color-primary);
-    display: flex;
-    align-items: center;
-    gap: var(--space-sm);
-}
-
-.modal-content p {
-    line-height: 1.6;
-    margin-bottom: var(--space-sm);
-    color: var(--color-text-secondary);
-}
-
-.modal-content ul {
-    margin: var(--space-sm) 0 var(--space-md) var(--space-lg);
-    line-height: 1.8;
-    color: var(--color-text-secondary);
-}
-
-.modal-actions {
-    display: flex;
-    justify-content: flex-end;
-    gap: var(--space-sm);
-    margin-top: var(--space-lg);
-}
-
-
-/* -----------------------------------------------------------------
-   Form Elements
-   ----------------------------------------------------------------- */
-.form-group {
-    margin-bottom: var(--space-md);
-}
+.form-group { margin-bottom: var(--space-md); }
 
 .form-group label {
     display: block;
@@ -480,83 +250,334 @@ html, body {
     box-shadow: 0 0 0 3px var(--color-primary-light);
 }
 
-textarea.form-input {
-    resize: vertical;
-}
+textarea.form-input { resize: vertical; }
+select.form-input { cursor: pointer; }
 
-select.form-input {
-    cursor: pointer;
+
+/* -----------------------------------------------------------------
+   3.6 SweetAlert2 Font Override
+   ----------------------------------------------------------------- */
+.swal2-input,
+.swal2-textarea,
+.swal2-select {
+    font-family: var(--font-body) !important;
 }
 
 
 /* -----------------------------------------------------------------
-   Buttons
+   3.7 Warning Notices
    ----------------------------------------------------------------- */
-.btn {
-    display: inline-flex;
-    align-items: center;
-    justify-content: center;
-    gap: var(--space-xs);
-    padding: 10px 20px;
-    border: none;
-    border-radius: 6px;
-    font-family: var(--font-body);
-    font-size: 0.9rem;
+.dev-warning {
+    position: absolute;
+    left: var(--space-md);
+    font-size: 0.7rem;
     font-weight: 600;
-    cursor: pointer;
-    transition: background var(--transition-fast), transform var(--transition-fast);
-    min-height: 44px;
-    min-width: 44px;
+    color: var(--color-badge-pending-text);
+    white-space: nowrap;
+    background: rgba(255, 243, 205, 0.8);
+    padding: 4px 10px;
+    border-radius: 8px;
+    border: 1px solid var(--color-badge-pending-text);
 }
 
-.btn:active {
-    transform: scale(0.97);
+.dev-notice {
+    background: var(--color-badge-pending-bg);
+    color: var(--color-badge-pending-text);
+    padding: 12px 16px;
+    border-radius: 8px;
+    border: 1px solid #ffc107;
+    font-size: 0.85rem;
+    margin-bottom: 16px;
 }
 
-.btn-primary {
+.dev-notice i { margin-right: 6px; }
+
+
+/* -----------------------------------------------------------------
+   3.8 Empty State
+   ----------------------------------------------------------------- */
+.empty-state {
+    text-align: center;
+    padding: 40px;
+    color: #999;
+    font-size: 0.9rem;
+}
+
+
+/* =================================================================
+   SECTION 4: Portal-specific Styles (index.php)
+   Fixed Layout with Header, Map, Sidebar, Footer.
+   ================================================================= */
+
+
+/* -----------------------------------------------------------------
+   4.1 Portal Layout
+   ----------------------------------------------------------------- */
+.portal-page { height: 100%; overflow: hidden; }
+
+#app-header {
+    position: fixed;
+    top: 0; left: 0; right: 0;
+    z-index: 1000;
+    height: var(--header-height);
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    padding: 0 var(--space-md);
     background: var(--color-primary);
     color: white;
+    box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
 }
 
-.btn-primary:hover {
-    filter: brightness(1.15);
+.header-left {
+    display: flex;
+    align-items: center;
+    gap: var(--space-sm);
+    min-width: 0;
 }
 
-.btn-secondary {
-    background: var(--color-bg);
-    color: var(--color-text);
-    border: 1px solid var(--color-border);
+.header-logo { height: 36px; width: auto; object-fit: contain; flex-shrink: 0; }
+
+.header-title {
+    font-size: 1.15rem;
+    font-weight: 600;
+    white-space: nowrap;
+    overflow: hidden;
+    text-overflow: ellipsis;
 }
 
-.btn-secondary:hover {
-    background: var(--color-border);
-}
+.header-nav { display: flex; gap: var(--space-xs); }
 
-.btn-success {
-    background: var(--color-success);
+.nav-btn {
+    display: flex;
+    align-items: center;
+    gap: var(--space-xs);
+    padding: var(--space-sm) var(--space-md);
+    border: none;
+    background: rgba(255, 255, 255, 0.1);
     color: white;
+    border-radius: 6px;
+    cursor: pointer;
+    font-size: 0.85rem;
+    transition: background var(--transition-fast);
+    text-decoration: none;
 }
 
-.btn-danger {
-    background: var(--color-error);
+.nav-btn:hover { background: rgba(255, 255, 255, 0.25); }
+
+.nav-btn-admin {
+    margin-left: var(--space-sm);
+    background: rgba(255, 255, 255, 0.05);
+    opacity: 0.6;
+    font-size: 0.8rem;
+}
+
+.nav-btn-admin:hover { opacity: 1; background: rgba(255, 255, 255, 0.2); }
+
+.header-menu-toggle {
+    display: none;
+    border: none;
+    background: none;
     color: white;
+    font-size: 1.4rem;
+    cursor: pointer;
+    padding: var(--space-sm);
+}
+
+#app-main {
+    position: fixed;
+    top: var(--header-height);
+    bottom: var(--footer-height);
+    left: var(--map-side-padding);
+    right: var(--map-side-padding);
+}
+
+#map { width: 100%; height: 100%; }
+
+#app-footer {
+    position: fixed;
+    bottom: 0; left: 0; right: 0;
+    z-index: 1000;
+    height: var(--footer-height);
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    padding: 0 var(--space-md);
+    background: var(--color-surface);
+    border-top: 1px solid var(--color-border);
+    font-size: 0.8rem;
+    color: var(--color-text-secondary);
+}
+
+.footer-content { display: flex; align-items: center; gap: var(--space-sm); }
+
+
+/* -----------------------------------------------------------------
+   4.2 Map Controls
+   ----------------------------------------------------------------- */
+.gps-control-button {
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    width: 30px;
+    height: 30px;
+    font-size: 16px;
+}
+
+.mouse-position-display {
+    background: rgba(255, 255, 255, 0.85);
+    padding: 2px 8px;
+    font-size: 0.75rem;
+    border-radius: 4px;
 }
 
 
 /* -----------------------------------------------------------------
-   Map Popup Overrides (Contribution Detail View)
+   4.3 Sidebar Overrides
    ----------------------------------------------------------------- */
-.popup-detail {
-    min-width: 220px;
-    max-width: 300px;
+.leaflet-sidebar { z-index: 999; top: var(--header-height); bottom: var(--footer-height); }
+.leaflet-sidebar-header { background: var(--color-primary); color: white; }
+.leaflet-sidebar-close { color: white; }
+
+.leaflet-sidebar-tabs > ul > li > a {
+    color: var(--color-text-secondary);
+    transition: color var(--transition-fast);
 }
 
-.popup-detail-title {
-    font-weight: 600;
-    font-size: 1rem;
-    margin-bottom: var(--space-xs);
+.leaflet-sidebar-tabs > ul > li.active > a {
+    color: var(--color-primary);
+    border-color: var(--color-primary);
 }
 
+.sidebar-body { padding: var(--space-md); }
+
+.sidebar-body h3 {
+    font-size: 0.95rem;
+    font-weight: 600;
+    margin: var(--space-lg) 0 var(--space-sm) 0;
+    color: var(--color-primary);
+}
+
+.sidebar-body h3:first-child { margin-top: 0; }
+
+.sidebar-body p {
+    margin-bottom: var(--space-sm);
+    line-height: 1.5;
+    color: var(--color-text-secondary);
+}
+
+
+/* -----------------------------------------------------------------
+   4.4 Sidebar Contributions List
+   ----------------------------------------------------------------- */
+.list-search { margin-bottom: var(--space-md); }
+
+.contribution-card {
+    padding: var(--space-md);
+    margin-bottom: var(--space-sm);
+    background: var(--color-surface);
+    border: 1px solid var(--color-border);
+    border-radius: 8px;
+    cursor: pointer;
+    transition: box-shadow var(--transition-fast), border-color var(--transition-fast);
+}
+
+.contribution-card:hover {
+    border-color: var(--color-primary);
+    box-shadow: 0 2px 8px rgba(0, 0, 0, 0.08);
+}
+
+.contribution-card-header { display: flex; align-items: center; gap: var(--space-sm); margin-bottom: var(--space-xs); }
+
+.contribution-card-category {
+    font-size: 0.75rem;
+    font-weight: 600;
+    text-transform: uppercase;
+    letter-spacing: 0.5px;
+    color: var(--color-primary);
+}
+
+.contribution-card-title { font-weight: 600; font-size: 0.95rem; margin-bottom: var(--space-xs); }
+
+.contribution-card-meta {
+    display: flex;
+    justify-content: space-between;
+    font-size: 0.8rem;
+    color: var(--color-text-secondary);
+}
+
+.contribution-card-votes { display: flex; gap: var(--space-sm); }
+
+
+/* -----------------------------------------------------------------
+   4.5 Sidebar News Items
+   ----------------------------------------------------------------- */
+.news-item {
+    font-size: 0.8rem;
+    padding: var(--space-md);
+    margin-bottom: var(--space-sm);
+    background: var(--color-surface);
+    border: 1px solid var(--color-border);
+    border-radius: 8px;
+}
+
+.news-date { font-size: 0.8rem; color: var(--color-text-secondary); }
+.news-item h3 { font-size: 0.95rem; margin: var(--space-xs) 0; color: var(--color-text); }
+
+
+/* -----------------------------------------------------------------
+   4.6 Modals
+   ----------------------------------------------------------------- */
+.modal-overlay {
+    position: fixed;
+    inset: 0;
+    z-index: 2000;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    background: rgba(0, 0, 0, 0.5);
+    backdrop-filter: blur(4px);
+}
+
+.modal-content {
+    background: var(--color-surface);
+    border-radius: 12px;
+    padding: var(--space-xl);
+    max-width: 480px;
+    width: 90%;
+    max-height: 90vh;
+    overflow-y: auto;
+    box-shadow: 0 12px 40px rgba(0, 0, 0, 0.2);
+}
+
+.modal-small { max-width: 380px; }
+
+.modal-content h2 {
+    font-size: 1.3rem;
+    margin-bottom: var(--space-md);
+    color: var(--color-primary);
+    display: flex;
+    align-items: center;
+    gap: var(--space-sm);
+}
+
+.modal-content p { line-height: 1.6; margin-bottom: var(--space-sm); color: var(--color-text-secondary); }
+
+.modal-content ul {
+    margin: var(--space-sm) 0 var(--space-md) var(--space-lg);
+    line-height: 1.8;
+    color: var(--color-text-secondary);
+}
+
+.modal-actions { display: flex; justify-content: flex-end; gap: var(--space-sm); margin-top: var(--space-lg); }
+
+
+/* -----------------------------------------------------------------
+   4.7 Map Popup
+   ----------------------------------------------------------------- */
+.popup-detail { min-width: 220px; max-width: 300px; }
+.popup-detail-title { font-weight: 600; font-size: 1rem; margin-bottom: var(--space-xs); }
+
 .popup-detail-category {
     display: inline-block;
     font-size: 0.7rem;
@@ -585,11 +606,7 @@ select.form-input {
     border-top: 1px solid var(--color-border);
 }
 
-.popup-detail-votes {
-    display: flex;
-    gap: var(--space-sm);
-    margin-top: var(--space-sm);
-}
+.popup-detail-votes { display: flex; gap: var(--space-sm); margin-top: var(--space-sm); }
 
 .popup-vote-btn {
     display: inline-flex;
@@ -604,60 +621,294 @@ select.form-input {
     transition: all var(--transition-fast);
 }
 
-.popup-vote-btn:hover {
-    border-color: var(--color-primary);
-    background: var(--color-primary-light);
+.popup-vote-btn:hover { border-color: var(--color-primary); background: var(--color-primary-light); }
+.popup-vote-btn.liked { border-color: var(--color-success); background: #e8f5e9; color: var(--color-success); }
+.popup-vote-btn.disliked { border-color: var(--color-error); background: #ffebee; color: var(--color-error); }
+
+.popup-detail-actions { display: flex; gap: var(--space-sm); margin-top: var(--space-sm); }
+.popup-detail-actions .btn { flex: 1; padding: 6px 12px; font-size: 0.8rem; min-height: 36px; }
+
+
+/* =================================================================
+   SECTION 5: Admin-specific Styles (admin.php)
+   ================================================================= */
+
+
+/* -----------------------------------------------------------------
+   5.1 Statistics Cards
+   ----------------------------------------------------------------- */
+.stats-grid {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
+    gap: 12px;
+    margin-bottom: 28px;
 }
 
-.popup-vote-btn.liked {
-    border-color: var(--color-success);
-    background: #e8f5e9;
-    color: var(--color-success);
+.stat-card {
+    background: var(--color-surface);
+    border-radius: 8px;
+    padding: 16px;
+    text-align: center;
+    border: 1px solid var(--color-border);
 }
 
-.popup-vote-btn.disliked {
-    border-color: var(--color-error);
-    background: #ffebee;
-    color: var(--color-error);
-}
+.stat-card .stat-number { font-size: 1.8rem; font-weight: 700; color: var(--color-primary); }
+.stat-card .stat-label { font-size: 0.8rem; color: var(--color-text-secondary); margin-top: 4px; }
 
-.popup-detail-actions {
+
+/* -----------------------------------------------------------------
+   5.2 Page Navigation Tabs
+   ----------------------------------------------------------------- */
+.page-tabs {
     display: flex;
-    gap: var(--space-sm);
-    margin-top: var(--space-sm);
+    gap: 4px;
+    margin-bottom: 24px;
+    background: var(--color-surface);
+    padding: 4px;
+    border-radius: 8px;
+    border: 1px solid var(--color-border);
 }
 
-.popup-detail-actions .btn {
+.page-tab {
+    padding: 8px 16px;
+    border: none;
+    background: none;
+    font-family: var(--font-body);
+    font-size: 0.85rem;
+    font-weight: 600;
+    color: var(--color-text-secondary);
+    cursor: pointer;
+    border-radius: 6px;
+    transition: all var(--transition-fast);
+    display: flex;
+    align-items: center;
+    gap: 6px;
+}
+
+.page-tab:hover { background: #f0f0f0; }
+.page-tab.active { background: var(--color-primary); color: white; }
+
+
+/* -----------------------------------------------------------------
+   5.3 Status Filter Tabs
+   ----------------------------------------------------------------- */
+.filter-tabs {
+    display: flex;
+    gap: 4px;
+    margin-bottom: 20px;
+    border-bottom: 2px solid var(--color-border);
+}
+
+.filter-tab {
+    padding: 8px 16px;
+    border: none;
+    background: none;
+    font-family: var(--font-body);
+    font-size: 0.85rem;
+    font-weight: 600;
+    color: var(--color-text-secondary);
+    cursor: pointer;
+    border-bottom: 2px solid transparent;
+    margin-bottom: -2px;
+    transition: color var(--transition-fast), border-color var(--transition-fast);
+}
+
+.filter-tab:hover { color: var(--color-primary); }
+.filter-tab.active { color: var(--color-primary); border-bottom-color: var(--color-primary); }
+
+.filter-tab .tab-count {
+    background: var(--color-border);
+    color: var(--color-text-secondary);
+    font-size: 0.7rem;
+    padding: 1px 6px;
+    border-radius: 10px;
+    margin-left: 4px;
+}
+
+.filter-tab.active .tab-count { background: var(--color-primary); color: white; }
+
+
+/* -----------------------------------------------------------------
+   5.4 Sort Controls
+   ----------------------------------------------------------------- */
+.sort-controls {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    margin-bottom: 16px;
+    font-size: 0.85rem;
+    color: var(--color-text-secondary);
+}
+
+.sort-controls select {
+    padding: 4px 8px;
+    border: 1px solid var(--color-border);
+    border-radius: 4px;
+    font-family: var(--font-body);
+    font-size: 0.85rem;
+    cursor: pointer;
+}
+
+
+/* -----------------------------------------------------------------
+   5.5 Collapsible Rows
+   ----------------------------------------------------------------- */
+.contribution-row {
+    background: var(--color-surface);
+    border: 1px solid var(--color-border);
+    border-radius: 8px;
+    margin-bottom: 10px;
+    overflow: hidden;
+    transition: border-color var(--transition-fast);
+}
+
+.contribution-row:hover { border-color: #bbb; }
+
+.contribution-row-header {
+    padding: 12px 16px;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    cursor: pointer;
+    transition: background var(--transition-fast);
+}
+
+.contribution-row-header:hover { background: #f8f9fa; }
+
+.contribution-row-summary {
+    display: flex;
+    align-items: center;
+    gap: 10px;
     flex: 1;
-    padding: 6px 12px;
-    font-size: 0.8rem;
-    min-height: 36px;
+    min-width: 0;
+}
+
+.contribution-row-summary .title {
+    font-weight: 600;
+    font-size: 0.95rem;
+    white-space: nowrap;
+    overflow: hidden;
+    text-overflow: ellipsis;
+}
+
+.collapse-icon {
+    color: #999;
+    font-size: 0.75rem;
+    flex-shrink: 0;
+    transition: transform 200ms ease;
+}
+
+.contribution-row.open .collapse-icon { transform: rotate(180deg); }
+
+.contribution-row-detail {
+    padding: 0 16px 16px 16px;
+    border-top: 1px solid #f0f0f0;
+    display: none;
+}
+
+.contribution-row.open .contribution-row-detail { display: block; }
+
+.detail-layout { display: flex; gap: 16px; margin-top: 12px; margin-bottom: 12px; }
+
+.detail-map {
+    width: 220px;
+    height: 170px;
+    border-radius: 6px;
+    border: 1px solid var(--color-border);
+    flex-shrink: 0;
+    background: #f0f0f0;
+}
+
+.detail-content { flex: 1; min-width: 0; }
+.detail-content .description { font-size: 0.85rem; line-height: 1.5; color: var(--color-text-secondary); margin-bottom: 10px; }
+.detail-content .description.empty { color: #bbb; font-style: italic; }
+
+.detail-meta { font-size: 0.8rem; color: #999; display: flex; flex-direction: column; gap: 4px; }
+.detail-meta span { display: flex; align-items: center; gap: 6px; }
+
+.action-buttons {
+    display: flex;
+    gap: 8px;
+    flex-wrap: wrap;
+    padding-top: 12px;
+    border-top: 1px solid #f0f0f0;
 }
 
 
 /* -----------------------------------------------------------------
-   SweetAlert Font Override
+   5.6 Placeholder Tabs
    ----------------------------------------------------------------- */
-.swal2-input,
-.swal2-textarea {
-    font-family: var(--font-body) !important;
-}
+.placeholder-content { text-align: center; padding: 60px 20px; color: #bbb; }
+.placeholder-content i { font-size: 2.5rem; margin-bottom: 12px; display: block; }
+.placeholder-content p { font-size: 0.9rem; }
 
 
 /* -----------------------------------------------------------------
-   Mobile Responsive Overrides
+   5.7 Login Page
    ----------------------------------------------------------------- */
+.login-wrapper { display: flex; align-items: center; justify-content: center; min-height: 100vh; }
+
+.login-box {
+    background: var(--color-surface);
+    border-radius: 12px;
+    padding: 32px;
+    max-width: 380px;
+    width: 90%;
+    box-shadow: 0 4px 20px rgba(0, 0, 0, 0.1);
+    text-align: center;
+}
+
+.login-box h1 { font-size: 1.3rem; margin-bottom: 8px; }
+.login-box p { font-size: 0.85rem; color: var(--color-text-secondary); margin-bottom: 20px; }
+
+.login-box input[type="password"] {
+    width: 100%;
+    padding: 10px 12px;
+    border: 1px solid var(--color-border);
+    border-radius: 6px;
+    font-size: 0.9rem;
+    margin-bottom: 12px;
+    font-family: var(--font-body);
+}
+
+.login-box input:focus {
+    outline: none;
+    border-color: var(--color-primary);
+    box-shadow: 0 0 0 3px rgba(0, 55, 109, 0.1);
+}
+
+.login-box button {
+    width: 100%;
+    padding: 10px;
+    background: var(--color-primary);
+    color: white;
+    border: none;
+    border-radius: 6px;
+    font-size: 0.9rem;
+    font-weight: 600;
+    cursor: pointer;
+    font-family: var(--font-body);
+}
+
+.login-box button:hover { filter: brightness(1.15); }
+
+.login-error { color: var(--color-error); font-size: 0.85rem; margin-bottom: 12px; }
+.back-link { margin-top: 16px; font-size: 0.8rem; }
+.back-link a { color: var(--color-text-secondary); }
+
+
+/* =================================================================
+   SECTION 6: Responsive Overrides
+   ================================================================= */
+
 @media (max-width: 768px) {
     :root {
         --header-height: 48px;
         --footer-height: 32px;
-        --map-side-padding: 0px;
-    }
-
-    .header-title {
-        font-size: 0.9rem;
     }
 
+    /* Portal */
+    .header-title { font-size: 0.9rem; }
     .header-nav {
         display: none;
         position: absolute;
@@ -669,31 +920,28 @@ select.form-input {
         border-radius: 0 0 0 8px;
         box-shadow: 0 4px 12px rgba(0, 0, 0, 0.2);
     }
+    .header-nav.open { display: flex; }
+    .header-menu-toggle { display: block; }
+    .modal-content { padding: var(--space-lg); border-radius: 8px; }
+    .dev-warning { font-size: 0.6rem; left: var(--space-sm); }
+    .mouse-position-display { display: none; }
 
-    .header-nav.open {
-        display: flex;
-    }
+    /* Admin */
+    .page-header { padding: 12px 16px; }
+    .page-header h1 { font-size: 1rem; }
+    .detail-layout { flex-direction: column; }
+    .detail-map { width: 100%; height: 180px; }
+    .contribution-row-summary .title { max-width: 200px; }
+    .action-buttons { flex-direction: column; }
+    .action-buttons .btn { justify-content: center; }
+    .filter-tabs { overflow-x: auto; }
+    .page-tabs { overflow-x: auto; }
 
-    .header-menu-toggle {
-        display: block;
-    }
-
-    .nav-label {
-        display: inline;
-    }
-
-    .modal-content {
-        padding: var(--space-lg);
-        border-radius: 8px;
-    }
+    /* Legal */
+    .page-content-box { padding: 20px; }
+    .page-container { padding: 0 8px; }
 }
 
-
-/* -----------------------------------------------------------------
-   Desktop Overrides
-   ----------------------------------------------------------------- */
 @media (min-width: 769px) {
-    :root {
-        --map-side-padding: 8px;
-    }
+    :root { --map-side-padding: 8px; }
 }
\ No newline at end of file
-- 
2.49.1


From c39667e368676e64245c69639f99515bf4b5c629 Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Sat, 25 Apr 2026 14:30:58 +0200
Subject: [PATCH 24/25] photos and comments functionality for contributions,
 moderation page functionality pending

---
 .gitignore                             |   5 +-
 migrations/006_comments_and_photos.sql |  35 ++++
 public/api/contributions.php           | 194 ++++++++++++++++++++-
 public/index.php                       |   9 +
 public/js/app.js                       | 224 +++++++++++++++++++++----
 public/styles.css                      |  91 ++++++++++
 public/uploads/.htaccess               |   7 +
 public/uploads/photos/.gitkeep         |   0
 8 files changed, 523 insertions(+), 42 deletions(-)
 create mode 100644 migrations/006_comments_and_photos.sql
 create mode 100644 public/uploads/.htaccess
 create mode 100644 public/uploads/photos/.gitkeep

diff --git a/.gitignore b/.gitignore
index e89a32f..8f04f9f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,7 @@
 .env
 .vscode/
 *.log
-scripts
\ No newline at end of file
+scripts
+
+public/uploads/photos/*
+!public/uploads/photos/.gitkeep
\ No newline at end of file
diff --git a/migrations/006_comments_and_photos.sql b/migrations/006_comments_and_photos.sql
new file mode 100644
index 0000000..97366f6
--- /dev/null
+++ b/migrations/006_comments_and_photos.sql
@@ -0,0 +1,35 @@
+-- =====================================================================
+-- Migration 006: Comments Table and Photo Support
+-- =====================================================================
+
+
+-- ---------------------------------------------------------------------
+-- Block 1: Creates Table "comments"
+-- Stores Comments on Contributions. Comments is linked to
+-- Contributions and identified by browser_id.
+-- ---------------------------------------------------------------------
+CREATE TABLE IF NOT EXISTS comments (
+    comment_id      SERIAL PRIMARY KEY,
+    contribution_id INTEGER NOT NULL REFERENCES contributions(contribution_id) ON DELETE CASCADE,
+    author_name     VARCHAR(100) NOT NULL,
+    browser_id      VARCHAR(36) DEFAULT NULL,
+    content         TEXT NOT NULL,
+    created_at      TIMESTAMP NOT NULL DEFAULT NOW()
+);
+
+
+-- ---------------------------------------------------------------------
+-- Block 2: Indexes for fast Comment Queries
+-- ---------------------------------------------------------------------
+CREATE INDEX idx_comments_contribution ON comments(contribution_id);
+CREATE INDEX idx_comments_browser ON comments(browser_id);
+
+
+-- ---------------------------------------------------------------------
+-- Block 3: Adds Photo Path Column to Contributions
+-- Stores relative Path to uploaded Photo File.
+-- ---------------------------------------------------------------------
+ALTER TABLE contributions
+    ADD COLUMN photo_path VARCHAR(255) DEFAULT NULL;
+
+COMMENT ON COLUMN contributions.photo_path IS 'Relative Path to uploaded Photo. NULL = no Photo.';
\ No newline at end of file
diff --git a/public/api/contributions.php b/public/api/contributions.php
index 80aadb3..2c1620f 100644
--- a/public/api/contributions.php
+++ b/public/api/contributions.php
@@ -47,13 +47,22 @@ switch ($action) {
     case 'delete_news':
         handle_delete_news($input);
         break;
+    case 'read_comments':
+        handle_read_comments($input);
+        break;
+    case 'create_comment':
+        handle_create_comment($input);
+        break;
+    case 'delete_comment':
+        handle_delete_comment($input);
+        break;
     default:
         error_response('Unknown Action. Supported Actions are read, create, update, delete, vote.');
 }
 
 
 // =====================================================================
-// Action Handlers
+// Action Handlers for Contributions
 // =====================================================================
 
 
@@ -152,6 +161,11 @@ function handle_read($input) {
 // Required: municipality_id, geom, geom_type, category, title, author_name
 // Optional: description
 // ---------------------------------------------------------------------
+// ---------------------------------------------------------------------
+// CREATE: Inserts new Contributions with optional Photo Upload
+// Required: municipality_id, geom, geom_type, category, title, author_name
+// Optional: description, browser_id, photo (File Upload)
+// ---------------------------------------------------------------------
 function handle_create($input) {
     $pdo = get_db();
 
@@ -175,14 +189,23 @@ function handle_create($input) {
         error_response('Invalid GeoJSON in Geometry Field.');
     }
 
+    // Handles Photo Upload
+    $photo_path = null;
+    if (isset($_FILES['photo']) && $_FILES['photo']['error'] === UPLOAD_ERR_OK) {
+        $photo_path = handle_photo_upload($_FILES['photo']);
+        if (!$photo_path) {
+            error_response('Photo Upload failed. JPG, PNG, GIF and WebP up to 5 MB are allowed.');
+        }
+    }
+
     // Prepared SQL Statement
     try {
         $stmt = $pdo->prepare("
             INSERT INTO contributions 
-                (municipality_id, geom, geom_type, category, title, description, author_name, browser_id)
+                (municipality_id, geom, geom_type, category, title, description, author_name, browser_id, photo_path)
             VALUES 
                 (:mid, ST_SetSRID(ST_GeomFromGeoJSON(:geom), 4326), :geom_type, 
-                 :category, :title, :description, :author_name, :browser_id)
+                 :category, :title, :description, :author_name, :browser_id, :photo_path)
         ");
 
         $stmt->execute([
@@ -193,7 +216,8 @@ function handle_create($input) {
             ':title'       => $input['title'],
             ':description' => $input['description'] ?? '',
             ':author_name' => $input['author_name'],
-            ':browser_id'  => $input['browser_id'] ?? null
+            ':browser_id'  => $input['browser_id'] ?? null,
+            ':photo_path'  => $photo_path
         ]);
 
         json_response([
@@ -394,6 +418,10 @@ function handle_vote($input) {
 }
 
 
+// =====================================================================
+// Action Handlers for News
+// =====================================================================
+
 // ---------------------------------------------------------------------
 // CREATE NEWS: Inserts new News Entry
 // Required: municipality_id, title, content
@@ -475,4 +503,162 @@ function handle_delete_news($input) {
     } catch (PDOException $e) {
         error_response('Database Error: ' . $e->getMessage(), 500);
     }
+}
+
+
+// =====================================================================
+// Action Handlers for Photos
+// =====================================================================
+
+// ---------------------------------------------------------------------
+// PHOTO UPLOAD: Validates and Saves uploaded Photo Files
+// Returns relative Path on Success, null on Failure.
+// Allowed: JPG, PNG, GIF, WebP. with maximum Size of 5 MB.
+// ---------------------------------------------------------------------
+function handle_photo_upload($file) {
+    // Validates File Size
+    $max_size = 5 * 1024 * 1024;
+    if ($file['size'] > $max_size) {
+        return null;
+    }
+
+    // Validates MIME Type
+    $allowed_types = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
+    $finfo = finfo_open(FILEINFO_MIME_TYPE);
+    $mime = finfo_file($finfo, $file['tmp_name']);
+    finfo_close($finfo);
+
+    if (!in_array($mime, $allowed_types)) {
+        return null;
+    }
+
+    // Generates unique Filename
+    $ext = [
+        'image/jpeg' => 'jpg',
+        'image/png'  => 'png',
+        'image/gif'  => 'gif',
+        'image/webp' => 'webp'
+    ][$mime];
+
+    $filename = uniqid('photo_', true) . '.' . $ext;
+    $upload_dir = __DIR__ . '/../uploads/photos/';
+    $target_path = $upload_dir . $filename;
+
+    // Creates Upload Directory
+    if (!is_dir($upload_dir)) {
+        mkdir($upload_dir, 0755, true);
+    }
+
+    // Moves uploaded File
+    if (move_uploaded_file($file['tmp_name'], $target_path)) {
+        return 'uploads/photos/' . $filename;
+    }
+
+    return null;
+}
+
+// =====================================================================
+// Action Handlers for Comments
+// =====================================================================
+
+// ---------------------------------------------------------------------
+// READ COMMENTS: Loads Comments for a Contribution
+// Returns Comments sorted by Date (newest first)
+// Required: contribution_id
+// ---------------------------------------------------------------------
+function handle_read_comments($input) {
+    $pdo = get_db();
+
+    $missing = validate_required($input, ['contribution_id']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    try {
+        $stmt = $pdo->prepare("
+            SELECT comment_id, contribution_id, author_name, browser_id, content, created_at
+            FROM comments
+            WHERE contribution_id = :cid
+            ORDER BY created_at ASC
+        ");
+        $stmt->execute([':cid' => $input['contribution_id']]);
+        $comments = $stmt->fetchAll();
+
+        json_response(['comments' => $comments, 'count' => count($comments)]);
+
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
+}
+
+
+// ---------------------------------------------------------------------
+// CREATE COMMENT: Adds Comments to Contributions
+// Required: contribution_id, author_name, content
+// Optional: browser_id
+// ---------------------------------------------------------------------
+function handle_create_comment($input) {
+    $pdo = get_db();
+
+    $missing = validate_required($input, ['contribution_id', 'author_name', 'content']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    // Validates Content Length
+    if (strlen($input['content']) > 1000) {
+        error_response('Comment too long. Maximum 1000 Characters.');
+    }
+
+    // Checks if Contribution exists
+    $stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id");
+    $stmt->execute([':id' => $input['contribution_id']]);
+    if (!$stmt->fetch()) {
+        error_response('Contribution not found.', 404);
+    }
+
+    try {
+        $stmt = $pdo->prepare("
+            INSERT INTO comments (contribution_id, author_name, browser_id, content)
+            VALUES (:cid, :author, :bid, :content)
+        ");
+        $stmt->execute([
+            ':cid'     => $input['contribution_id'],
+            ':author'  => $input['author_name'],
+            ':bid'     => $input['browser_id'] ?? null,
+            ':content' => $input['content']
+        ]);
+
+        json_response([
+            'message'    => 'Comment created successfully.',
+            'comment_id' => (int) $pdo->lastInsertId()
+        ], 201);
+
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
+}
+
+
+// ---------------------------------------------------------------------
+// DELETE COMMENT: Removes a Comment
+// Required: comment_id
+// ---------------------------------------------------------------------
+function handle_delete_comment($input) {
+    $pdo = get_db();
+
+    $missing = validate_required($input, ['comment_id']);
+    if (!empty($missing)) {
+        error_response('Missing Fields: ' . implode(', ', $missing));
+    }
+
+    try {
+        $stmt = $pdo->prepare("DELETE FROM comments WHERE comment_id = :id");
+        $stmt->execute([':id' => $input['comment_id']]);
+
+        json_response(['message' => 'Comment deleted successfully.']);
+
+    } catch (PDOException $e) {
+        error_response('Database Error: ' . $e->getMessage(), 500);
+    }
 }
\ No newline at end of file
diff --git a/public/index.php b/public/index.php
index f122214..833b6be 100644
--- a/public/index.php
+++ b/public/index.php
@@ -321,6 +321,15 @@ $news_items = $stmt->fetchAll();
                 <textarea id="create-description" class="form-input" rows="4" placeholder="Detaillierte Beschreibung (optional)"></textarea>
             </div>
 
+            <!-- Photo Upload -->
+            <div class="form-group">
+                <label for="create-photo"></i> Foto</label>
+                <input type="file" id="create-photo" class="form-input" accept="image/jpeg,image/png,image/gif,image/webp">
+                <div id="photo-preview" style="margin-top:8px;display:none;">
+                    <img id="photo-preview-img" style="max-width:100%;max-height:200px;border-radius:6px;border:1px solid var(--color-border);">
+                </div>
+            </div>
+
             <input type="hidden" id="create-geom">
             <input type="hidden" id="create-geom-type">
 
diff --git a/public/js/app.js b/public/js/app.js
index 397e42f..e46c00e 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -388,6 +388,7 @@ function styleLinePolygon(feature) {
 // Block 9: Feature Popups for Read, Edit, Delete and Vote
 // =====================================================================
 
+// Builds Popup HTML for Features
 function buildPopupHtml(feature) {
     const props = feature.properties;
     const cat = CATEGORIES[props.category] || CATEGORIES.other;
@@ -398,12 +399,20 @@ function buildPopupHtml(feature) {
         day: '2-digit', month: '2-digit', year: 'numeric'
     });
 
-    return '' +
+    let html = '' +
         '<div class="popup-detail">' +
             '<span class="popup-detail-category">' + categoryIcon(cat) + ' ' + cat.label + '</span>' +
             '<div class="popup-detail-title">' + escapeHtml(props.title) + '</div>' +
-            (props.description ? '<div class="popup-detail-description">' + escapeHtml(props.description) + '</div>' : '') +
-            '<div class="popup-detail-meta">' +
+            (props.description ? '<div class="popup-detail-description">' + escapeHtml(props.description) + '</div>' : '');
+
+    // Shows Photo if available
+    if (props.photo_path) {
+        html += '<div class="popup-detail-photo">' +
+                    '<img src="' + escapeHtml(props.photo_path) + '" alt="Foto" style="max-width:100%;border-radius:6px;margin-bottom:8px;cursor:pointer;" onclick="window.open(\'' + escapeHtml(props.photo_path) + '\', \'_blank\')">' +
+                '</div>';
+    }
+
+    html += '<div class="popup-detail-meta">' +
                 '<i class="fa-solid fa-user"></i> ' + escapeHtml(props.author_name) +
                 ' &middot; <i class="fa-solid fa-calendar"></i> ' + dateStr +
             '</div>' +
@@ -414,22 +423,52 @@ function buildPopupHtml(feature) {
                 '<button class="popup-vote-btn' + (userVotes[props.contribution_id] === 'dislike' ? ' disliked' : '') + '" id="vote-dislike-' + props.contribution_id + '" onclick="voteContribution(' + props.contribution_id + ', \'dislike\')" title="Gefällt mir nicht">' +
                     '<i class="fa-solid fa-thumbs-down"></i> <span id="dislikes-' + props.contribution_id + '">' + props.dislikes_count + '</span>' +
                 '</button>' +
-            '</div>' +
-            (props.browser_id === browserId || (typeof IS_ADMIN !== 'undefined' && IS_ADMIN) ?
-                '<div class="popup-detail-actions">' +
+            '</div>';
+
+    // Edit and Delete Buttons for Author or Admin
+    if (props.browser_id === browserId || (typeof IS_ADMIN !== 'undefined' && IS_ADMIN)) {
+        html += '<div class="popup-detail-actions">' +
                     '<button class="btn btn-primary" onclick="editContribution(' + props.contribution_id + ')"><i class="fa-solid fa-pen"></i> Bearbeiten</button>' +
                     '<button class="btn btn-danger" onclick="deleteContribution(' + props.contribution_id + ')"><i class="fa-solid fa-trash"></i> Löschen</button>' +
-                '</div>' : '') +
-        '</div>';
+                '</div>';
+    }
+
+    // Comments Section
+    html += '<div class="popup-comments" id="comments-' + props.contribution_id + '">' +
+                '<div class="popup-comments-header">' +
+                    '<i class="fa-solid fa-comments"></i> Kommentare' +
+                    ' <span id="comment-count-' + props.contribution_id + '">...</span>' +
+                '</div>' +
+                '<div id="comments-list-' + props.contribution_id + '" class="popup-comments-list"></div>';
+
+    // Comment Form only for logged-in Users
+    if (currentUser) {
+        html += '<div class="popup-comment-form">' +
+                    '<input type="text" id="comment-input-' + props.contribution_id + '" class="popup-comment-input" placeholder="Kommentar schreiben..." maxlength="1000">' +
+                    '<button class="popup-comment-submit" onclick="submitComment(' + props.contribution_id + ')" title="Senden">' +
+                        '<i class="fa-solid fa-paper-plane"></i>' +
+                    '</button>' +
+                '</div>';
+    }
+
+    html += '</div></div>';
+
+    return html;
 }
 
+
 // Binds Popup and Tooltip to Feature Layer
 function bindFeaturePopup(feature, layer) {
     const cat = CATEGORIES[feature.properties.category] || CATEGORIES.other;
 
-    // Rebuilts if Popup opens
+    // Dynamic Popup — rebuilt every Time the Popup opens
     layer.bindPopup(function () { return buildPopupHtml(feature); }, { maxWidth: 320, minWidth: 240 });
 
+    // Loads Comments when Popup opens
+    layer.on('popupopen', function () {
+        loadComments(feature.properties.contribution_id);
+    });
+
     // Tooltip on Hover
     layer.bindTooltip(categoryIcon(cat) + ' ' + escapeHtml(feature.properties.title), {
         direction: 'top',
@@ -449,8 +488,9 @@ function submitCreate() {
     const description = document.getElementById('create-description').value.trim();
     const geom = document.getElementById('create-geom').value;
     const geomType = document.getElementById('create-geom-type').value;
+    const photoInput = document.getElementById('create-photo');
 
-    // Validates
+    // Validates required Fields
     if (!category) {
         Swal.fire('Kategorie fehlt', 'Bitte wählen Sie eine Kategorie aus.', 'warning');
         return;
@@ -464,34 +504,48 @@ function submitCreate() {
         return;
     }
 
-    apiCall({
-        action: 'create',
-        municipality_id: MUNICIPALITY.id,
-        category: category,
-        title: title,
-        description: description,
-        geom: geom,
-        geom_type: geomType,
-        author_name: currentUser,
-        browser_id: browserId
-    }, function (response) {
-        if (response.error) {
-            Swal.fire('Fehler', response.error, 'error');
-            return;
-        }
+    // Builds FormData manually to include Photo File
+    const formData = new FormData();
+    formData.append('action', 'create');
+    formData.append('municipality_id', MUNICIPALITY.id);
+    formData.append('category', category);
+    formData.append('title', title);
+    formData.append('description', description);
+    formData.append('geom', geom);
+    formData.append('geom_type', geomType);
+    formData.append('author_name', currentUser);
+    formData.append('browser_id', browserId);
 
-    // Triggers Reverse Geocoding in Background
-        if (response.contribution_id && drawnGeometry) {
-            const coords = drawnGeomType === 'point' ? drawnGeometry.coordinates :
-                           drawnGeomType === 'line' ? drawnGeometry.coordinates[0] :
-                           drawnGeometry.coordinates[0][0];
-            reverseGeocode(response.contribution_id, coords[1], coords[0]);
-        }
+    // Appends Photo File if selected
+    if (photoInput.files.length > 0) {
+        formData.append('photo', photoInput.files[0]);
+    }
 
-        Swal.fire('Eingereicht!', 'Ihr Beitrag wurde erfolgreich eingereicht und wird nach Prüfung durch das Moderationsteam veröffentlicht.', 'success');
-        closeCreateModal();
-        loadContributions();
-    });
+    // Sends directly via fetch not through apiCall, because of File Upload
+    fetch(API_URL, { method: 'POST', body: formData })
+        .then(function (response) { return response.json(); })
+        .then(function (response) {
+            if (response.error) {
+                Swal.fire('Fehler', response.error, 'error');
+                return;
+            }
+
+            // Triggers Reverse Geocoding in Background
+            if (response.contribution_id && drawnGeometry) {
+                const coords = drawnGeomType === 'point' ? drawnGeometry.coordinates :
+                               drawnGeomType === 'line' ? drawnGeometry.coordinates[0] :
+                               drawnGeometry.coordinates[0][0];
+                reverseGeocode(response.contribution_id, coords[1], coords[0]);
+            }
+
+            Swal.fire('Eingereicht!', 'Ihr Beitrag wurde erfolgreich eingereicht und wird nach Prüfung durch das Moderationsteam veröffentlicht.', 'success');
+            closeCreateModal();
+            loadContributions();
+        })
+        .catch(function (error) {
+            console.error('Upload Error:', error);
+            Swal.fire('Verbindungsfehler', 'Verbindung zum Server fehlgeschlagen.', 'error');
+        });
 }
 
 // Cancels Create, closes Modal and clears Form
@@ -506,6 +560,9 @@ function closeCreateModal() {
     document.getElementById('create-description').value = '';
     document.getElementById('create-geom').value = '';
     document.getElementById('create-geom-type').value = '';
+    // Resets Photo Upload
+    document.getElementById('create-photo').value = '';
+    document.getElementById('photo-preview').style.display = 'none';
     drawnGeometry = null;
     drawnGeomType = null;
 }
@@ -1002,6 +1059,80 @@ function filterNews() {
     });
 }
 
+// Loads and Displays Comments forContributions in Popups
+function loadComments(contributionId) {
+    apiCall({
+        action: 'read_comments',
+        contribution_id: contributionId
+    }, function (response) {
+        const listContainer = document.getElementById('comments-list-' + contributionId);
+        const countSpan = document.getElementById('comment-count-' + contributionId);
+
+        if (!listContainer) return;
+
+        if (response.error || !response.comments || response.comments.length === 0) {
+            listContainer.innerHTML = '<div class="popup-comment-empty">Noch keine Kommentare.</div>';
+            if (countSpan) countSpan.textContent = '(0)';
+            return;
+        }
+
+        if (countSpan) countSpan.textContent = '(' + response.count + ')';
+
+        let html = '';
+        response.comments.forEach(function (comment) {
+            const commentDate = new Date(comment.created_at).toLocaleDateString('de-DE');
+            const canDelete = comment.browser_id === browserId || (typeof IS_ADMIN !== 'undefined' && IS_ADMIN);
+
+            html += '<div class="popup-comment">' +
+                        '<div class="popup-comment-meta">' +
+                            '<strong>' + escapeHtml(comment.author_name) + '</strong>' +
+                            ' · ' + commentDate +
+                            (canDelete ? ' · <a href="#" onclick="deleteComment(' + comment.comment_id + ', ' + contributionId + ');return false;" class="popup-comment-delete"><i class="fa-solid fa-trash"></i></a>' : '') +
+                        '</div>' +
+                        '<div class="popup-comment-text">' + escapeHtml(comment.content) + '</div>' +
+                    '</div>';
+        });
+
+        listContainer.innerHTML = html;
+    });
+}
+
+// Submits a new Comment on a Contribution
+function submitComment(contributionId) {
+    const input = document.getElementById('comment-input-' + contributionId);
+    const content = input ? input.value.trim() : '';
+
+    if (!content) return;
+
+    apiCall({
+        action: 'create_comment',
+        contribution_id: contributionId,
+        author_name: currentUser,
+        browser_id: browserId,
+        content: content
+    }, function (response) {
+        if (response.error) {
+            Swal.fire('Fehler', response.error, 'error');
+            return;
+        }
+        // Clears Input and reloads Comments
+        if (input) input.value = '';
+        loadComments(contributionId);
+    });
+}
+
+// Deletes a Comment
+function deleteComment(commentId, contributionId) {
+    apiCall({
+        action: 'delete_comment',
+        comment_id: commentId
+    }, function (response) {
+        if (response.error) return;
+        // Reloads Comments after Deletion
+        loadComments(contributionId);
+    });
+}
+
 
 // =====================================================================
 // Block 16: Application Startup
@@ -1020,6 +1151,7 @@ function buildCategoryDropdown() {
     }
 }
 
+
 // Populates Category Dropdown
 buildCategoryDropdown();
 
@@ -1030,4 +1162,22 @@ buildCategoryFilter();
 loadContributions();
 
 // Shows Welcome Modal on first Visit
-checkWelcomeModal();
\ No newline at end of file
+checkWelcomeModal();
+
+
+// Photo Preview in Create Modal
+document.getElementById('create-photo').addEventListener('change', function () {
+    const preview = document.getElementById('photo-preview');
+    const previewImg = document.getElementById('photo-preview-img');
+
+    if (this.files && this.files[0]) {
+        const reader = new FileReader();
+        reader.onload = function (e) {
+            previewImg.src = e.target.result;
+            preview.style.display = 'block';
+        };
+        reader.readAsDataURL(this.files[0]);
+    } else {
+        preview.style.display = 'none';
+    }
+});
\ No newline at end of file
diff --git a/public/styles.css b/public/styles.css
index 3a10b31..16b4e44 100644
--- a/public/styles.css
+++ b/public/styles.css
@@ -629,6 +629,97 @@ select.form-input { cursor: pointer; }
 .popup-detail-actions .btn { flex: 1; padding: 6px 12px; font-size: 0.8rem; min-height: 36px; }
 
 
+/* -----------------------------------------------------------------
+   4.8 Popup Comments
+   ----------------------------------------------------------------- */
+.popup-comments {
+    margin-top: var(--space-sm);
+    padding-top: var(--space-sm);
+    border-top: 1px solid var(--color-border);
+}
+
+.popup-comments-header {
+    font-size: 0.8rem;
+    font-weight: 600;
+    color: var(--color-text-secondary);
+    margin-bottom: var(--space-sm);
+}
+
+.popup-comments-list {
+    max-height: 150px;
+    overflow-y: auto;
+}
+
+.popup-comment {
+    padding: 6px 0;
+    border-bottom: 1px solid #f0f0f0;
+    font-size: 0.8rem;
+}
+
+.popup-comment:last-child { border-bottom: none; }
+
+.popup-comment-meta {
+    color: var(--color-text-secondary);
+    font-size: 0.75rem;
+    margin-bottom: 2px;
+}
+
+.popup-comment-text {
+    color: var(--color-text);
+    line-height: 1.4;
+}
+
+.popup-comment-delete {
+    color: var(--color-error);
+    font-size: 0.7rem;
+}
+
+.popup-comment-empty {
+    font-size: 0.8rem;
+    color: #bbb;
+    font-style: italic;
+    padding: 8px 0;
+}
+
+.popup-comment-form {
+    display: flex;
+    gap: 4px;
+    margin-top: var(--space-sm);
+}
+
+.popup-comment-input {
+    flex: 1;
+    padding: 6px 10px;
+    border: 1px solid var(--color-border);
+    border-radius: 16px;
+    font-size: 0.8rem;
+    font-family: var(--font-body);
+    outline: none;
+}
+
+.popup-comment-input:focus {
+    border-color: var(--color-primary);
+}
+
+.popup-comment-submit {
+    border: none;
+    background: var(--color-primary);
+    color: white;
+    width: 32px;
+    height: 32px;
+    border-radius: 50%;
+    cursor: pointer;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    font-size: 0.75rem;
+    flex-shrink: 0;
+    transition: filter var(--transition-fast);
+}
+
+.popup-comment-submit:hover { filter: brightness(1.15); }
+
+
 /* =================================================================
    SECTION 5: Admin-specific Styles (admin.php)
    ================================================================= */
diff --git a/public/uploads/.htaccess b/public/uploads/.htaccess
new file mode 100644
index 0000000..242e491
--- /dev/null
+++ b/public/uploads/.htaccess
@@ -0,0 +1,7 @@
+# Prevents PHP in Upload Directory
+php_flag engine off
+
+# Allows Image Files
+<FilesMatch "\.(?i:jpg|jpeg|png|gif|webp)$">
+    Require all granted
+</FilesMatch>
\ No newline at end of file
diff --git a/public/uploads/photos/.gitkeep b/public/uploads/photos/.gitkeep
new file mode 100644
index 0000000..e69de29
-- 
2.49.1


From f23897018c92330767964e9cc0a37976698b7d9c Mon Sep 17 00:00:00 2001
From: patrickzerhusen <patrick.zerhusen@endex-geodaten.de>
Date: Mon, 27 Apr 2026 14:48:05 +0200
Subject: [PATCH 25/25] colapsable fotos and comments section in contribution
 popup, comment count in popup and sidebar

---
 public/js/app.js  | 73 ++++++++++++++++++++++++++++++++++++++---------
 public/styles.css | 66 ++++++++++++++++++++++++++++++++++++------
 2 files changed, 116 insertions(+), 23 deletions(-)

diff --git a/public/js/app.js b/public/js/app.js
index e46c00e..5b2c2e4 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -388,7 +388,7 @@ function styleLinePolygon(feature) {
 // Block 9: Feature Popups for Read, Edit, Delete and Vote
 // =====================================================================
 
-// Builds Popup HTML for Features
+// Builds Popup HTML for Features called every Time the Popup opens
 function buildPopupHtml(feature) {
     const props = feature.properties;
     const cat = CATEGORIES[props.category] || CATEGORIES.other;
@@ -405,18 +405,26 @@ function buildPopupHtml(feature) {
             '<div class="popup-detail-title">' + escapeHtml(props.title) + '</div>' +
             (props.description ? '<div class="popup-detail-description">' + escapeHtml(props.description) + '</div>' : '');
 
-    // Shows Photo if available
+    // Photo Toggle Button including hidden Photo
     if (props.photo_path) {
-        html += '<div class="popup-detail-photo">' +
-                    '<img src="' + escapeHtml(props.photo_path) + '" alt="Foto" style="max-width:100%;border-radius:6px;margin-bottom:8px;cursor:pointer;" onclick="window.open(\'' + escapeHtml(props.photo_path) + '\', \'_blank\')">' +
+        html += '<div class="popup-photo-container" id="photo-container-' + props.contribution_id + '" style="display:none;">' +
+                    '<img src="' + escapeHtml(props.photo_path) + '" alt="Foto" class="popup-photo-img" onclick="window.open(\'' + escapeHtml(props.photo_path) + '\', \'_blank\')">' +
+                '</div>' +
+                '<div class="popup-photo-toggle">' +
+                    '<button class="popup-photo-btn" onclick="togglePhoto(' + props.contribution_id + ')">' +
+                        '<i class="fa-solid fa-camera"></i> <span id="photo-label-' + props.contribution_id + '">Foto anzeigen</span>' +
+                    '</button>' +
                 '</div>';
     }
 
+    // Meta Information
     html += '<div class="popup-detail-meta">' +
                 '<i class="fa-solid fa-user"></i> ' + escapeHtml(props.author_name) +
                 ' &middot; <i class="fa-solid fa-calendar"></i> ' + dateStr +
-            '</div>' +
-            '<div class="popup-detail-votes">' +
+            '</div>';
+
+    // Vote Buttons
+    html += '<div class="popup-detail-votes">' +
                 '<button class="popup-vote-btn' + (userVotes[props.contribution_id] === 'like' ? ' liked' : '') + '" id="vote-like-' + props.contribution_id + '" onclick="voteContribution(' + props.contribution_id + ', \'like\')" title="Gefällt mir">' +
                     '<i class="fa-solid fa-thumbs-up"></i> <span id="likes-' + props.contribution_id + '">' + props.likes_count + '</span>' +
                 '</button>' +
@@ -433,15 +441,17 @@ function buildPopupHtml(feature) {
                 '</div>';
     }
 
-    // Comments Section
-    html += '<div class="popup-comments" id="comments-' + props.contribution_id + '">' +
-                '<div class="popup-comments-header">' +
-                    '<i class="fa-solid fa-comments"></i> Kommentare' +
-                    ' <span id="comment-count-' + props.contribution_id + '">...</span>' +
+    // Collapsible Comments Section 
+    const commentCount = props.comment_count || 0;
+    html += '<div class="popup-comments">' +
+                '<div class="popup-comments-header" onclick="toggleComments(' + props.contribution_id + ')">' +
+                    '<i class="fa-solid fa-comments"></i> Kommentare (' + commentCount + ')' +
+                    ' <i class="fa-solid fa-chevron-down popup-comments-toggle" id="comments-toggle-' + props.contribution_id + '"></i>' +
                 '</div>' +
-                '<div id="comments-list-' + props.contribution_id + '" class="popup-comments-list"></div>';
+                '<div id="comments-section-' + props.contribution_id + '" style="display:none;">' +
+                    '<div id="comments-list-' + props.contribution_id + '" class="popup-comments-list"></div>';
 
-    // Comment Form only for logged-in Users
+    // Comment Input for logged-in Users
     if (currentUser) {
         html += '<div class="popup-comment-form">' +
                     '<input type="text" id="comment-input-' + props.contribution_id + '" class="popup-comment-input" placeholder="Kommentar schreiben..." maxlength="1000">' +
@@ -451,7 +461,7 @@ function buildPopupHtml(feature) {
                 '</div>';
     }
 
-    html += '</div></div>';
+    html += '</div></div></div>';
 
     return html;
 }
@@ -775,6 +785,7 @@ function updateContributionsList() {
                     '<span class="contribution-card-votes">' +
                         '<span title="Likes"><i class="fa-solid fa-thumbs-up"></i> ' + props.likes_count + '</span>' +
                         '<span title="Dislikes"><i class="fa-solid fa-thumbs-down"></i> ' + props.dislikes_count + '</span>' +
+                        '<span title="Kommentare"><i class="fa-solid fa-comment"></i> ' + (props.comment_count || 0) + '</span>' +
                     '</span>' +
                 '</div>' +
             '</div>';
@@ -1133,6 +1144,40 @@ function deleteComment(commentId, contributionId) {
     });
 }
 
+// Toggles Photo Visibility in Popup
+function togglePhoto(contributionId) {
+    const container = document.getElementById('photo-container-' + contributionId);
+    const label = document.getElementById('photo-label-' + contributionId);
+    if (!container) return;
+
+    if (container.style.display === 'none') {
+        container.style.display = 'block';
+        label.textContent = 'Foto verbergen';
+    } else {
+        container.style.display = 'none';
+        label.textContent = 'Foto anzeigen';
+    }
+}
+
+// Toggles Comments Section Visibility in Popup
+function toggleComments(contributionId) {
+    const section = document.getElementById('comments-section-' + contributionId);
+    const toggle = document.getElementById('comments-toggle-' + contributionId);
+    if (!section) return;
+
+    if (section.style.display === 'none') {
+        section.style.display = 'block';
+        toggle.classList.remove('fa-chevron-down');
+        toggle.classList.add('fa-chevron-up');
+        // Loads Comments
+        loadComments(contributionId);
+    } else {
+        section.style.display = 'none';
+        toggle.classList.remove('fa-chevron-up');
+        toggle.classList.add('fa-chevron-down');
+    }
+}
+
 
 // =====================================================================
 // Block 16: Application Startup
diff --git a/public/styles.css b/public/styles.css
index 16b4e44..c65704b 100644
--- a/public/styles.css
+++ b/public/styles.css
@@ -630,8 +630,47 @@ select.form-input { cursor: pointer; }
 
 
 /* -----------------------------------------------------------------
-   4.8 Popup Comments
+   4.8 Popup Photo and Comments
    ----------------------------------------------------------------- */
+
+/* Photo Toggle Button */
+.popup-photo-toggle {
+    margin: var(--space-sm) 0;
+}
+
+.popup-photo-btn {
+    display: inline-flex;
+    align-items: center;
+    gap: 4px;
+    padding: 4px 12px;
+    border: 1px solid var(--color-border);
+    border-radius: 16px;
+    background: var(--color-surface);
+    cursor: pointer;
+    font-size: 0.78rem;
+    color: var(--color-text-secondary);
+    font-family: var(--font-body);
+    transition: all var(--transition-fast);
+}
+
+.popup-photo-btn:hover {
+    border-color: var(--color-primary);
+    color: var(--color-primary);
+}
+
+/* Photo Container */
+.popup-photo-container { margin-bottom: var(--space-sm); }
+
+.popup-photo-img {
+    max-width: 100%;
+    max-height: 180px;
+    object-fit: cover;
+    border-radius: 6px;
+    cursor: pointer;
+    border: 1px solid var(--color-border);
+}
+
+/* Comments Section */
 .popup-comments {
     margin-top: var(--space-sm);
     padding-top: var(--space-sm);
@@ -642,12 +681,26 @@ select.form-input { cursor: pointer; }
     font-size: 0.8rem;
     font-weight: 600;
     color: var(--color-text-secondary);
-    margin-bottom: var(--space-sm);
+    cursor: pointer;
+    display: flex;
+    align-items: center;
+    gap: 4px;
+    padding: 4px 0;
+    transition: color var(--transition-fast);
+}
+
+.popup-comments-header:hover { color: var(--color-primary); }
+
+.popup-comments-toggle {
+    font-size: 0.65rem;
+    margin-left: auto;
+    transition: transform 200ms ease;
 }
 
 .popup-comments-list {
     max-height: 150px;
     overflow-y: auto;
+    margin-top: var(--space-sm);
 }
 
 .popup-comment {
@@ -669,10 +722,7 @@ select.form-input { cursor: pointer; }
     line-height: 1.4;
 }
 
-.popup-comment-delete {
-    color: var(--color-error);
-    font-size: 0.7rem;
-}
+.popup-comment-delete { color: var(--color-error); font-size: 0.7rem; }
 
 .popup-comment-empty {
     font-size: 0.8rem;
@@ -697,9 +747,7 @@ select.form-input { cursor: pointer; }
     outline: none;
 }
 
-.popup-comment-input:focus {
-    border-color: var(--color-primary);
-}
+.popup-comment-input:focus { border-color: var(--color-primary); }
 
 .popup-comment-submit {
     border: none;
-- 
2.49.1