true,
'cookie_httponly' => true
]);
$ip = $_SERVER['REMOTE_ADDR'];
/**
* đ IP-Sperre prĂŒfen
*/
if (isIpLocked($ip, $sql)) {
http_response_code(403);
exit('Zu viele Fehlversuche. IP fĂŒr 1 Stunde gesperrt.');
}
/**
* đ LOGIN (wenn nicht eingeloggt)
*/
if (!($_SESSION['is_admin'] ?? false)) {
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$user = $_POST['username'] ?? '';
$pass = $_POST['password'] ?? '';
$admin = $sql->single(
"SELECT * FROM admin_users WHERE username = ?",
"s",
[$user]
);
if (!$admin || !password_verify($pass, $admin['password_hash'])) {
registerFailedLogin($ip, $sql);
$error = 'UngĂŒltige Zugangsdaten';
} else {
clearLoginAttempts($ip, $sql);
$_SESSION['is_admin'] = true;
$_SESSION['admin_id'] = $admin['id'];
header('Location: admin.php');
exit;
}
}
// đ Login-Formular
?>
Admin Login
single(
"SELECT * FROM access_tokens WHERE uuid = ?",
"s",
[$uuid]
);
/**
* đ UUID existiert noch nicht â an feste IdentitĂ€t hĂ€ngen
*/
if (!$token) {
$sql->set(
"INSERT INTO access_tokens (identity_id, uuid)
VALUES (1, ?)",
"s",
[$uuid]
);
$token = $sql->single(
"SELECT * FROM access_tokens WHERE uuid = ?",
"s",
[$uuid]
);
}
/**
* đ Speichern
*/
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$issuedTo = $_POST['issued_to'] ?? '';
$fields = $_POST['fields'] ?? [];
// Notiz speichern
$sql->set(
"UPDATE access_tokens SET notes = ? WHERE id = ?",
"si",
[$issuedTo, $token['id']]
);
// Rechte neu setzen
$sql->set(
"DELETE FROM token_permissions WHERE token_id = ?",
"i",
[$token['id']]
);
foreach ($fields as $key) {
$sql->set(
"INSERT INTO token_permissions (token_id, field_key)
VALUES (?, ?)",
"is",
[$token['id'], $key]
);
}
$saved = true;
}
// Alle Felder der IdentitÀt
$allFields = $sql->get(
"SELECT DISTINCT field_key FROM identity_fields WHERE identity_id = ?",
"i",
[$token['identity_id']]
);
// Aktive Rechte
$allowed = $sql->get(
"SELECT field_key FROM token_permissions WHERE token_id = ?",
"i",
[$token['id']]
);
$allowedKeys = array_column($allowed, 'field_key');
?>
UUID bearbeiten
UUID verwalten
Gespeichert â'; ?>
â ZurĂŒck
get("SELECT * FROM identities ORDER BY id DESC");
$tokens = $sql->get("SELECT * FROM access_tokens ORDER BY created_at DESC");
?>
Admin Dashboard
Admin Dashboard
IdentitÀten
UUIDs
Logout