single( "SELECT * FROM access_tokens WHERE uuid = ?", "s", [$uuid] ); if ($token) { // UUID existiert → weiter zum edit-Formular $action = 'uuid_edit'; $_GET['uuid'] = $uuid; } else { // UUID existiert nicht → Initial-Form $action = 'uuid_create_initial'; $_GET['uuid'] = $uuid; } } /* ───────────────────────────── CREATE IDENTITY ───────────────────────────── */ if ($action === 'identity_create') { if ($_SERVER['REQUEST_METHOD'] === 'POST') { $name = trim($_POST['name'] ?? ''); if ($name !== '') { $sql->set( "INSERT INTO identities (name) VALUES (?)", "s", [$name] ); header('Location: admin.php'); exit; } } ?> Identität anlegen

Neue Identität

← zurück

get("SELECT * FROM identities ORDER BY name ASC"); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $identityId = (int)($_POST['identity_id'] ?? 0); $notes = trim($_POST['notes'] ?? ''); if (!$identityId) { $error = 'Bitte eine Identität auswählen.'; } else { // UUID anlegen $sql->set( "INSERT INTO access_tokens (identity_id, uuid, notes) VALUES (?, ?, ?)", "iss", [$identityId, $uuid, $notes] ); // Weiterleiten zum Bearbeitungsformular header("Location: admin.php?action=uuid_edit&uuid=$uuid"); exit; } } ?> Neue UUID anlegen

Neue UUID anlegen

← zurück zum Dashboard

$attrVal) { $extraAttrString .= ' ' . htmlspecialchars($attr) . '="' . htmlspecialchars($attrVal) . '"'; } if ($type === 'file') { $options = ''; foreach ($filesForIdentity as $file) { $fileId = (string)(int)$file['id']; $selected = $fileId === $value ? ' selected' : ''; $options .= sprintf( '', htmlspecialchars($fileId), $selected, htmlspecialchars($file['filename']) ); } return ""; } if ($type === 'multi') { return ""; } $inputType = $type === 'url' ? 'url' : 'text'; return ""; } $id = (int)($_GET['id'] ?? 0); $identity = $sql->single( "SELECT * FROM identities WHERE id = ?", "i", [$id] ); if (!$identity) { exit('Identität nicht gefunden'); } $uploadErrorLabel = function (int $error): string { return match ($error) { UPLOAD_ERR_INI_SIZE => 'Datei überschreitet upload_max_filesize', UPLOAD_ERR_FORM_SIZE => 'Datei überschreitet MAX_FILE_SIZE', UPLOAD_ERR_PARTIAL => 'Datei wurde nur teilweise hochgeladen', UPLOAD_ERR_NO_FILE => 'keine Datei ausgewählt', UPLOAD_ERR_NO_TMP_DIR => 'temporäres Verzeichnis fehlt', UPLOAD_ERR_CANT_WRITE => 'Datei konnte nicht geschrieben werden', UPLOAD_ERR_EXTENSION => 'Upload durch eine Erweiterung abgebrochen', default => 'unbekannter Upload-Fehler', }; }; $fileUploadErrors = $_SESSION['fileUploadErrors'] ?? []; unset($_SESSION['fileUploadErrors']); $fileUploadSuccess = (int)($_SESSION['fileUploadSuccess'] ?? 0); unset($_SESSION['fileUploadSuccess']); $fileDeleteMessage = $_SESSION['fileDeleteMessage'] ?? ''; unset($_SESSION['fileDeleteMessage']); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $fileUploadErrors = []; $fileUploadSuccess = 0; $fileDeleteMessage = ''; if (isset($_POST['upload_files'])) { $filesInput = $_FILES['files'] ?? null; $hasSelection = false; if ($filesInput) { if (is_array($filesInput['name'])) { foreach ($filesInput['name'] as $fileName) { if (trim((string)$fileName) !== '') { $hasSelection = true; break; } } } else { $hasSelection = trim((string)$filesInput['name']) !== ''; } } if ($filesInput && $hasSelection) { $uploadDir = __DIR__ . '/_files/'; if (!is_dir($uploadDir) && !mkdir($uploadDir, 0755, true) && !is_dir($uploadDir)) { $fileUploadErrors[] = 'Upload-Verzeichnis kann nicht erstellt werden.'; } else { $total = is_array($filesInput['name']) ? count($filesInput['name']) : 1; $uploaded = 0; $finfo = finfo_open(FILEINFO_MIME_TYPE); for ($i = 0; $i < $total; $i++) { $originalName = is_array($filesInput['name']) ? $filesInput['name'][$i] : $filesInput['name']; $error = is_array($filesInput['error']) ? $filesInput['error'][$i] : $filesInput['error']; $tmpName = is_array($filesInput['tmp_name']) ? $filesInput['tmp_name'][$i] : $filesInput['tmp_name']; if ($error === UPLOAD_ERR_NO_FILE) { continue; } $originalName = trim((string)$originalName); if ($originalName === '') { continue; } if ($error !== UPLOAD_ERR_OK) { $fileUploadErrors[] = sprintf( 'Fehler beim Hochladen von %s: %s.', $originalName, $uploadErrorLabel($error) ); continue; } if (!is_uploaded_file($tmpName)) { $fileUploadErrors[] = sprintf('Datei %s konnte nicht verarbeitet werden.', $originalName); continue; } $safeName = preg_replace('/[^A-Za-z0-9._-]/', '_', basename($originalName)); if ($safeName === '') { $safeName = 'file'; } do { $storedName = bin2hex(random_bytes(12)) . '_' . $safeName; $destination = $uploadDir . $storedName; } while (is_file($destination)); if (!move_uploaded_file($tmpName, $destination)) { $fileUploadErrors[] = sprintf('Speichern von %s fehlgeschlagen.', $originalName); continue; } $mimeType = $finfo ? finfo_file($finfo, $destination) : 'application/octet-stream'; $sql->set( "INSERT INTO files (identity_id, filename, stored_name, mime_type) VALUES (?, ?, ?, ?)", "isss", [$id, $originalName, $storedName, $mimeType] ); $uploaded++; } if ($finfo) { finfo_close($finfo); } if ($uploaded > 0) { $fileUploadSuccess = $uploaded; } } } else { $fileUploadErrors[] = 'Bitte wählen Sie mindestens eine Datei aus.'; } } if (isset($_POST['delete_file'])) { $fileId = (int)($_POST['file_id'] ?? 0); if ($fileId > 0) { $file = $sql->single( "SELECT stored_name, filename FROM files WHERE id = ? AND identity_id = ?", "ii", [$fileId, $id] ); if ($file) { $diskPath = __DIR__ . '/_files/' . $file['stored_name']; if (is_file($diskPath)) { @unlink($diskPath); } $sql->set( "DELETE FROM files WHERE id = ?", "i", [$fileId] ); $fileDeleteMessage = sprintf('Datei "%s" gelöscht.', $file['filename']); } else { $fileUploadErrors[] = 'Datei nicht gefunden oder gehört nicht zu dieser Identität.'; } } else { $fileUploadErrors[] = 'Ungültige Datei.'; } } // Identität umbenennen if (isset($_POST['rename'])) { $sql->set( "UPDATE identities SET name = ? WHERE id = ?", "si", [trim($_POST['name']), $id] ); } // Neues Feld if (isset($_POST['add_field'])) { $sql->set( "INSERT INTO identity_fields (identity_id, field_key, field_value, typ) VALUES (?, ?, ?, ?)", "isss", [ $id, trim($_POST['key']), trim($_POST['value']), $_POST['typ'] ?? 'single' ] ); } // Feld aktualisieren if (isset($_POST['update_field'])) { $sql->set( "UPDATE identity_fields SET field_key = ?, field_value = ?, typ = ? WHERE id = ? AND identity_id = ?", "sssii", [ trim($_POST['key']), trim($_POST['value']), $_POST['typ'] ?? 'single', (int)$_POST['field_id'], $id ] ); } // Feld löschen if (isset($_POST['delete_field'])) { $sql->set( "DELETE FROM identity_fields WHERE id = ? AND identity_id = ?", "ii", [(int)$_POST['field_id'], $id] ); } $_SESSION['fileUploadErrors'] = $fileUploadErrors; $_SESSION['fileUploadSuccess'] = $fileUploadSuccess; $_SESSION['fileDeleteMessage'] = $fileDeleteMessage; header("Location: admin.php?action=identity_edit&id=$id"); exit; } $fields = $sql->get( "SELECT * FROM identity_fields WHERE identity_id = ? ORDER BY id ASC", "i", [$id] ); $identityFiles = $sql->get( "SELECT id, filename FROM files WHERE identity_id = ? ORDER BY uploaded_at DESC", "i", [$id] ); if ($identityFiles === false) { $identityFiles = []; } $duplicateFilenameCounts = []; foreach ($identityFiles as $file) { $filename = $file['filename'] ?? ''; if ($filename === '') { continue; } $duplicateFilenameCounts[$filename] = ($duplicateFilenameCounts[$filename] ?? 0) + 1; } $duplicateFileNames = array_keys(array_filter( $duplicateFilenameCounts, static fn (int $count): bool => $count > 1 )); ?> Identität bearbeiten

Felder

Key	Wert	Typ	Aktion

Neues Feld

Dateien hochladen

0): ?>

Datei hochgeladen.

Vorhandene Dateien

Dateien mit identischem Dateinamen bleiben getrennt und können einzeln gelöscht.

(ID ) mehrfach vorhanden

← zurück

set( "INSERT INTO access_tokens (identity_id, uuid) VALUES (?, ?)", "is", [$identityId, $uuid] ); header("Location: admin.php?action=uuid_edit&uuid=$uuid"); exit; } /* ───────────────────────────── EDIT UUID ───────────────────────────── */ if ($action === 'uuid_edit') { $uuid = $_GET['uuid'] ?? ''; $token = $sql->single( "SELECT * FROM access_tokens WHERE uuid = ?", "s", [$uuid] ); if (!$token) exit('UUID nicht gefunden'); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $sql->set( "DELETE FROM token_permissions WHERE token_id = ?", "i", [$token['id']] ); foreach ($_POST['fields'] ?? [] as $key) { $sql->set( "INSERT INTO token_permissions (token_id, field_key) VALUES (?, ?)", "is", [$token['id'], $key] ); } $sql->set( "UPDATE access_tokens SET notes = ? WHERE id = ?", "si", [trim($_POST['notes']), $token['id']] ); } // Alle Felder der zugehörigen Identität $fields = $sql->get( "SELECT field_key, field_value FROM identity_fields WHERE identity_id = ?", "i", [$token['identity_id']] ); // Welche Felder aktuell für diesen Token erlaubt sind $allowed = array_column( $sql->get( "SELECT field_key FROM token_permissions WHERE token_id = ?", "i", [$token['id']] ), 'field_key' ); // Name der Identität $identity = $sql->single( "SELECT name FROM identities WHERE id = ?", "i", [$token['identity_id']] ); $files = $sql->get( "SELECT id, filename FROM files WHERE identity_id = ? AND (token_id IS NULL OR token_id = ?) ORDER BY uploaded_at DESC", "ii", [$token['identity_id'], $token['id']] ); if ($files === false) { $files = []; } $fileLinks = array_filter(array_map(static function ($file) use ($uuid) { if (empty($file['id'])) { return null; } return [ 'url' => '/download.php?id=' . (int)$file['id'] . '&uuid=' . urlencode($uuid), 'filename' => (string)($file['filename'] ?: 'Datei'), ]; }, $files)); ?> UUID bearbeiten

UUID bearbeiten

UUID:

Identität:

Dateien

← zurück

get( "SELECT t.uuid, t.notes, i.name AS identity_name FROM access_tokens t JOIN identities i ON t.identity_id = i.id ORDER BY t.created_at DESC" ); $identities = $sql->get("SELECT * FROM identities ORDER BY id DESC"); ?> Admin Dashboard

Admin Dashboard

Alle UUIDs

UUID	Identität	Notiz	Aktion
			bearbeiten

Keine UUIDs vorhanden.

Identitäten

➕ Identität anlegen

– bearbeiten

Logout

Admin Login

Neue Identität

Neue UUID anlegen

Felder

Neues Feld

Dateien hochladen

Vorhandene Dateien

UUID bearbeiten

Sichtbare Felder

Notiz

Dateien

Admin Dashboard

Alle UUIDs

Identitäten