-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathprotected-book-details.php
More file actions
111 lines (86 loc) · 4.05 KB
/
protected-book-details.php
File metadata and controls
111 lines (86 loc) · 4.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
if (!isset($_SESSION['username'])) {
header("Location: book_details.php");
exit();
}
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- <link rel="stylesheet" href="style.css"> -->
<title>Geschützter Bereich</title>
<script src="js/delete_book.js"></script>
<script src="js/check_isbn.js"></script>
<script src="js/load_book_edit_form.js"></script>
</head>
<body>
<section>
<div id="edit-book" class="edit-book">
<h2>Buchdaten bearbeiten</h2>
<form id="editBookForm" action="db-files/update_book.php" method="POST">
<input type="hidden" name="book_id" value="<?php echo htmlspecialchars($book_id); ?>">
<div class="input-container">
<label for="title">Titel:</label>
<input type="text" id="title" name="title">
</div>
<div class="input-container">
<label for="subtitle">Sub-Titel:</label>
<input type="text" id="subtitle" name="subtitle">
</div>
<div class="input-container">
<label for="author">Autor:</label>
<input type="text" id="author" name="author">
</div>
<div class="input-container">
<label for="isbn">ISBN:</label>
<input type="text" name="isbn" id="isbn" oninput="validateISBN()">
<div id="isbnError" class="error-message"></div><br>
</div>
<div class="input-container">
<label for="year">Erscheinungsjahr:</label>
<input type="number" id="year" name="year" min="1901" max="2155" step="1">
</div>
<div class="season-volume-container">
<div class="input-container">
<label for="season">Season:</label>
<input type="number" id="season" name="season" min="0" placeholder="Staffel / Season">
</div>
<div class="input-container">
<label for="volume">Volume:</label>
<input type="number" id="volume" name="volume" min="0" placeholder="Band / Volume">
</div>
</div>
<label for="description">Klappentext:</label>
<textarea id="description" name="description"></textarea>
<label for="genres">Genres:</label><br>
<div id="genreCheckboxes" class="checkbox-container"></div>
<div class="button-container">
<input id="submitBtn" type="submit" value="Buch speichern">
</div>
</form>
</div>
</section>
<?php
// session_start(); // Stelle sicher, dass die Session gestartet ist
// Hier könntest du die Rolle des Benutzers abrufen
$user_role = isset($_SESSION['role']) ? $_SESSION['role'] : null; // z.B. 'admin' oder 'user'
if (isset($book_id)): ?>
<section>
<p>Sie können hier das Buch mit der <strong>Buch-ID: <?php echo htmlspecialchars($book_id); ?> </strong>löschen, wenn Sie es wollen</p>
<?php if ($user_role === 'admin'): // Überprüfung, ob der Benutzer ein Administrator ist
?>
<form id="deleteBookForm" method="POST" action="db-files/delete_book.php">
<input type="hidden" name="book_id" value="<?php echo htmlspecialchars($book_id); ?>">
<button type="button" id="deleteButton" data-book-id="<?php echo htmlspecialchars($book_id); ?>">Buch mit ID <?php echo htmlspecialchars($book_id); ?> löschen</button>
</form>
<?php else: ?>
<p>Sie haben keine Berechtigung, dieses Buch zu löschen.</p>
<?php endif; ?>
</section>
<?php else: ?>
<p>Keine Buch-ID übergeben.</p>
<?php endif; ?>
</body>
</html>