studentenportal toegevoegd

import/availabledevices.php

@@ -0,0 +1,52 @@
+<?PHP
+    header('Content-Type: text/html; charset=utf-8');
+	header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+	header("Cache-Control: post-check=0, pre-check=0", false);
+	header("Pragma: no-cache");
+
+    $data = array();
+	$data["type"] = "error";
+	$data["message"] = "Onbekende error";
+	$data["data"] = array();
+
+	function returnError($msg) {
+		global $data;
+		$data["type"] = "error";
+		$data["message"] = $msg;
+		$data["data"] = array();
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode($data, JSON_UNESCAPED_UNICODE|JSON_PRETTY_PRINT);
+		die();
+	}
+
+	function returnWarning($msg) {
+		global $data;
+		$data["type"] = "warning";
+		$data["message"] = $msg;
+		$data["data"] = array();
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode($data, JSON_UNESCAPED_UNICODE|JSON_PRETTY_PRINT);
+		die();
+	}
+
+	function returnData($msg, $stuff) {
+		global $data;
+		$data["type"] = "success";
+		$data["message"] = $msg;
+		$data["data"] = $stuff;
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode($data, JSON_UNESCAPED_UNICODE|JSON_PRETTY_PRINT);
+		die();
+    }
+
+    session_start();
+
+    if (isset($_GET["cart"]) && !empty($_GET["cart"]) && isset($_GET["date"]) && !empty($_GET["date"]) && isset($_GET["hour"]) && !empty($_GET["hour"])) {
+        require_once("db.php");
+        $damstedeDB = new DamstedeDB();
+        returnData("Aantal gevonden", $damstedeDB->getAmountOfDevicesLeft(intval($_GET["cart"]), $_GET["date"], intval($_GET["hour"])));
+    }
+    else {
+        returnError("Missende data: GET cart, GET date en GET hour moeten worden aangegeven.");
+    }
+?>

import/db.php

@@ -24,7 +24,7 @@ private function runQuery($query) {
         public function getStartAndEndDate($year, $week) {
             // modified from https://stackoverflow.com/questions/4861384/php-get-start-and-end-date-of-a-week-by-weeknumber
             $dto = new DateTime();
-            $dto->setISODate($year, $week);
+            $dto->setTimestamp($year, $week);
             $ret = array();
             array_push($ret, $dto->format('Y-m-d'));
             $dto->modify('+4 days');
@@ -111,6 +111,23 @@ public function getAmountOfDevicesLeft($cartId, $date, $hour) {
             }
         }
 
+        public function userHasNotReservedYet($isTeacher, $user, $date, $hour) {
+            // only students may reserve once per hour. Teachers may reserve as much as they like.
+            if ($isTeacher) {
+                return true;
+            }
+            else {
+                $result = $this->runQuery("SELECT * FROM damstede.cartreservations WHERE USER='".$this->makeSafe($user)."' AND DATE(date)=STR_TO_DATE('".$this->makeSafe($date)."', '%Y-%m-%d') AND hour='".intval($hour)."' AND cancelled=0 LIMIT 1");
+                if ($result != false) {
+                    if (mysqli_num_rows($result) > 0) {
+                        return false;
+                    }
+                    return true;
+                }
+                return false;
+            }
+        }
+
         public function reserveCart($cartId, $date, $hour, $location, $user, $teacher, $amount) {
             if ($this->getAmountOfDevicesLeft($cartId, $date, $hour) >= $amount) {
                 $result = $this->runQuery("INSERT INTO damstede.cartreservations (cart_id, date, hour, location, user, teacher, amount) VALUES ('".intval($cartId)."', '".date("Y-m-d", strtotime($date))."', '".intval($hour)."', '".$this->makeSafe($location)."', '".$this->makeSafe($user)."', '".$this->makeSafe($teacher)."', '".intval($amount)."')");
@@ -181,5 +198,18 @@ public function getCartReservation($reservationId) {
                 return false;
             }
         }
+
+        public function getMyUpcomingReservations($user, $weeks = 4, $cartId = null) {
+            $reservations = array();
+            $sql = "SELECT * FROM damstede.cartreservations WHERE USER='".$this->makeSafe($user)."' AND DATE(date) >= STR_TO_DATE('" . $this->makeSafe(date('Y-m-d', strtotime('-1 week'))) . "', '%Y-%m-%d') AND DATE(date) <= STR_TO_DATE('" . $this->makeSafe(date('Y-m-d', strtotime('+4 weeks'))) . "', '%Y-%m-%d')";
+            if (!empty($cartId)) {
+                $sql .= " AND cart_id=".intval($cartId);
+            }
+            $result = $this->runQuery($sql);
+            while ($row = mysqli_fetch_assoc($result)) {
+                array_push($reservations, $this->formatReservation($row));
+            }
+            return $reservations;
+        }
     }
 ?>

import/google-cb.php

@@ -0,0 +1,70 @@
+<?PHP
+    @session_start();
+
+    header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+	header("Cache-Control: post-check=0, pre-check=0", false);
+    header("Pragma: no-cache");
+
+    function encodeURIComponent($str) {
+		$revert = array('%21'=>'!', '%2A'=>'*', '%27'=>"'", '%28'=>'(', '%29'=>')');
+		return strtr(rawurlencode($str), $revert);
+	}
+
+	$context = stream_context_create(array(
+		'http' => array('ignore_errors' => true),
+	));
+
+    $id_token = strip_tags(stripslashes($_POST['id_token']));
+    $json = file_get_contents("https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=".encodeURIComponent($id_token), false, $context);
+
+    if ($json != false) {
+		$auth = json_decode($json, true);
+		if ($auth != null) {
+			if (!empty($auth["error"]) || !empty($auth["error_description"])) {
+				echo "error:We konden niet vaststellen dat jij het echt bent. Error details; ";
+				if (!empty($auth["error"])) {
+					echo '['.strtolower($auth["error"]).'] ';
+				}
+				echo strtolower($auth["error_description"]);
+			}
+			else {
+				if (!empty($auth["email"]) && !empty($auth["name"]) && !empty($auth["picture"]) && !empty($auth["given_name"])) {
+                    $_SESSION["google_signed_in"] = true;
+                    $_SESSION["user"] = array();
+                    $_SESSION["user"]["code"] = explode("@", $auth["email"])[0];
+                    $_SESSION["user"]["roles"] = array();
+                    $_SESSION["user"]["prefix"] = "";
+                    $_SESSION["user"]["firstName"] = (!empty($auth["given_name"]) ? $auth["given_name"] : $auth["name"]);
+                    $_SESSION["user"]["lastName"] = (!empty($auth["family_name"]) ? $auth["family_name"] : "");
+                    $_SESSION["user"]["email"] = $auth["email"];
+                    $_SESSION["user"]["schoolInSchoolYears"] = array();
+                    $_SESSION["user"]["isApplicationManager"] = false;
+                    $_SESSION["user"]["archived"] = false;
+                    $_SESSION["user"]["hasPassword"] = true;
+                    $_SESSION["user"]["isStudent"] = true;
+                    $_SESSION["user"]["isEmployee"] = false;
+                    $_SESSION["user"]["isFamilyMember"] = false;
+                    $_SESSION["user"]["isSchoolScheduler"] = false;
+                    $_SESSION["user"]["isSchoolLeader"] = false;
+                    $_SESSION["user"]["isStudentAdministrator"] = false;
+                    $_SESSION["user"]["isTeamLeader"] = false;
+                    $_SESSION["user"]["isSectionLeader"] = false;
+                    $_SESSION["user"]["isMentor"] = false;
+                    $_SESSION["user"]["isParentTeacherNightScheduler"] = false;
+                    $_SESSION["user"]["isDean"] = false;
+
+                    echo "success:Je bent nu ingelogd";
+                }
+                else {
+					echo "error:Je moet toegang geven tot de gevraagde gegevens om het Device Portaal te kunnen gebruiken.";
+				}
+            }
+        }
+        else {
+            echo "error:We konden niet vaststellen dat jij het echt bent vanwege een serverfout. Probeer het later opnieuw.";
+        }
+    }
+    else {
+        echo "error:We konden niet vaststellen dat jij het echt bent, omdat Google niet bereikbaar is. Probeer het later opnieuw.";
+    }
+?>

import/reserve-cb.php

@@ -86,6 +86,10 @@ function returnData($msg, $stuff) {
             returnError("Apparaatkar of lokaal ".intval($_POST["cart"])." bestaat niet.");
         }
 
+        if (!$cart["available"]) {
+            returnError("Deze kar of dit lokaal kan momenteel niet gereserveerd worden. Probeer het later opnieuw.");
+        }
+
         if (!$cart["amount_choosable"]) {
             if ($damstedeDB->isReserved($_POST["cart"], $_POST["date"], $_POST["hour"], $_POST["amount"])) {
                 returnError("Deze kar of dit lokaal is al gereserveerd voor dit uur. Probeer een ander uit het dropdown-menu.");

import/schedule.js

@@ -176,7 +176,7 @@ var schedule = {
             resElem.className += " cancellable";
             contents += '<a class="reservation-cancel" title="Reservering annuleren" href="javascript:void(0)" onclick="setUpReservationCanceller('+res["id"]+'); showAction(\'reservationcancel\');">&#x2716;</a>';
         }
-        contents += '<b>' + schedule.carts[res["cart_id"]]["name"] + (res["cart_type"] == 1 ? ',<span class="extra-info"> lokaal</span> '+res["location"] : ', '+res["amount"]+' plaatsen') + '</b><br/>' + res["user"];
+        contents += '<b>' + schedule.carts[res["cart_id"]]["name"] + (res["cart_type"] == 1 ? ',<span class="extra-info"> lokaal</span> '+res["location"] : ', '+res["amount"]+' plaats'+(res["amount"] > 1 ? "en" : "")) + '</b><br/>' + res["user"];
         if (res["teacher"] != null) {
             contents += ', namens:<br/><i>' + res["teacher"] + '</i>';
         }

import/studentreserve-cb.php

@@ -0,0 +1,101 @@
+<?PHP
+    // error_reporting(1); ini_set('display_errors', 1);
+
+    header('Content-Type: text/html; charset=utf-8');
+	header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
+	header("Cache-Control: post-check=0, pre-check=0", false);
+	header("Pragma: no-cache");
+
+    $data = array();
+	$data["type"] = "error";
+	$data["message"] = "Onbekende error";
+	$data["data"] = array();
+
+	function returnError($msg) {
+		global $data;
+		$data["type"] = "error";
+		$data["message"] = $msg;
+		$data["data"] = array();
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode($data, JSON_UNESCAPED_UNICODE|JSON_PRETTY_PRINT);
+		die();
+	}
+
+	function returnWarning($msg) {
+		global $data;
+		$data["type"] = "warning";
+		$data["message"] = $msg;
+		$data["data"] = array();
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode($data, JSON_UNESCAPED_UNICODE|JSON_PRETTY_PRINT);
+		die();
+	}
+
+	function returnData($msg, $stuff) {
+		global $data;
+		$data["type"] = "success";
+		$data["message"] = $msg;
+		$data["data"] = $stuff;
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode($data, JSON_UNESCAPED_UNICODE|JSON_PRETTY_PRINT);
+		die();
+    }
+
+    session_start();
+
+    if (!isset($_SESSION["google_signed_in"]) || empty($_SESSION["google_signed_in"]) || $_SESSION["google_signed_in"] === false) {
+        returnError("Je bent niet (meer) ingelogd! Log opnieuw in.");
+    }
+    else {
+        // ERROR HANDLING START
+
+        if (!isset($_POST["date"]) || empty($_POST["date"])) {
+            returnError("Datum is niet ingevuld. Vul een datum in.");
+        }
+
+        if (strtotime($_POST["date"]) < strtotime("today")) {
+            returnError("Datum is in het verleden... Je kunt alleen voor vandaag of in de toekomst reserveren!");
+        }
+
+        if (strtotime($_POST["date"]) > strtotime("+4 weeks")) {
+            returnError("Je kunt maximaal 4 weken van tevoren reserveren. Voor deze datum kun je reserveren vanaf ".date("d-m-Y", strtotime($_POST["date"] . " -4 weeks")).".");
+        }
+
+        if (!isset($_POST["hour"]) || empty($_POST["hour"])) {
+            returnError("Lesuur is niet aangegeven. Kies een lesuur in het dropdown-menu.");
+        }
+
+        if (intval($_POST["hour"]) < 1 || intval($_POST["hour"]) > 9) {
+            returnError("Ongeldig lesuur! Lesuur mag minimaal 1 en maximaal 9 zijn.");
+        }
+
+        require_once("db.php");
+        require_once("nogit.php");
+        $damstedeDB = new DamstedeDB();
+
+        $cart = $damstedeDB->getDeviceCart(5);
+
+        if (!$cart["available"]) {
+            returnError("Reserveren is momenteel niet mogelijk. Probeer het later opnieuw.");
+        }
+
+        $devicesLeft = $damstedeDB->getAmountOfDevicesLeft(5, $_POST["date"], $_POST["hour"]);
+        if ($devicesLeft < 1) {
+            returnError("Er is in het gekozen lesuur op deze datum geen plek meer in de mediatheek. Kies een ander lesuur.");
+        }
+
+        if (!$damstedeDB->userHasNotReservedYet(false, $_SESSION["user"]["code"], $_POST["date"], $_POST["hour"])) {
+            returnError("Je hebt voor dit lesuur op deze datum al een computer gereserveerd in de mediatheek.");
+        }
+
+        // ERROR HANDLING END
+
+        $reserved = $damstedeDB->reserveCart(5, $_POST["date"], $_POST["hour"], "Mediatheek", $_SESSION["user"]["code"], $_SESSION["user"]["firstName"]." ".$_SESSION["user"]["lastName"], 1);
+        if ($reserved != false) {
+            returnData("Je reservering is geplaatst!", null);
+        }
+        else {
+            returnError("Kon geen reservering plaatsen. Probeer het later opnieuw.");
+        }
+    }
+?>

index.php

@@ -1,14 +1,55 @@
-<?PHP
-    header("Location: portal.php", 301);
-    exit();
-?>
 <!DOCTYPE html>
 <html lang="nl">
 <head>
-    <title>Doorgaan...</title>
+    <title>Damstede Device Portal</title>
+    <?PHP include_once("import/headers.html"); ?>
+    <style>
+        html, body {
+            width: 100%;
+            height: 100%;
+            max-width: 100%;
+            min-width: 270px;
+            white-space: nowrap;
+            overflow: hidden;
+            margin: 0px;
+            padding: 0px;
+            font-family: Roboto, Verdana, Arial, Sans-Serif;
+            background-color: #333333;
+            color: #EDEDED;
+        }
+        #selectortitle {
+            display: block;
+            width: 100%;
+            text-align: center;
+            position: fixed;
+            top: 40px;
+            pointer-events: none;
+            font-size: 38px;
+        }
+        .selector {
+            display: inline-table;
+            width: 50%;
+            height: 100%;
+            text-align: center;
+        }
+        a {
+            display: table-cell;
+            width: 100%;
+            height: 100%;
+            vertical-align: middle;
+            color: #EDEDED !important;
+            text-decoration: none;
+            font-size: 32px;
+            transition: 0.15s;
+        }
+        .selectortext {
+            text-align: center;
+        }
+        a:hover, a:focus {
+            background-color: #B5131B;
+            transition: 0.05s;
+        }
+    </style>
 </head>
-<body>
-    <h1>Doorgaan...</h1>
-    <p>Je wordt automatisch doorgestuurd...<br/><small>Klik <a href="portal.php">shier</a> als dit niet gebeurt.</small></p>
-</body>
+<body><h1 id="selectortitle">Ik ben een...</h1><div class="selector"><a href="portal.php"><span class="selectortext">docent</span></a></div><div class="selector"><a href="student.php"><span class="selectortext">leerling</span></a></div></body>
 </html>

link.php

@@ -81,7 +81,7 @@ function getCookie(name) {
 </head>
 <body onload="document.getElementById('loading').style.display = 'none';">
     <header>
-        <h1 id="pagetitle">Log in via Zermelo - Damstede Device Portaal</h1>
+        <h1 id="pagetitle">Log in via Zermelo - Damstede Device Portaal<span class="extra-info"> voor Docenten</span></h1>
         <div id="pageoptions">
             <div class="awesome" id="manual" title="Handleiding openen (PDF)" onclick="window.open('HandleidingDevicePortalDamstede.pdf');">&#xf02d;</div>
         </div>

opmaak.css

@@ -638,6 +638,18 @@ label {
 	pointer-events: initial;
 }
 
+.reservation-list-item {
+
+}
+
+.reservation-list-item.over {
+	font-style: italic;
+}
+
+.reservation-list-item.cancelled {
+	text-decoration: line-through;
+}
+
 #spinner {
 	display: inline-block;
 	width: 60px;