feat: quiz, cheat sheets, admin modules - MC quiz, search, user mgmt, content import
Dieser Commit ist enthalten in:
Ursprung
03778e4bed
Commit
3cd865ccbc
6 geänderte Dateien mit 425 neuen und 0 gelöschten Zeilen
51
edu/api/admin.php
Normale Datei
51
edu/api/admin.php
Normale Datei
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
require_once __DIR__ . '/import.php';
|
||||
$admin_action = $segments[1] ?? '';
|
||||
|
||||
// GET /api/admin/users
|
||||
if (get_method() === 'GET' && $admin_action === 'users') {
|
||||
require_admin();
|
||||
$stmt = $pdo->query("SELECT id, username, display_name, is_admin, created_at FROM users ORDER BY id");
|
||||
json_ok(['users' => $stmt->fetchAll()]);
|
||||
}
|
||||
|
||||
// POST /api/admin/users
|
||||
if (get_method() === 'POST' && $admin_action === 'users') {
|
||||
require_admin();
|
||||
$body = get_json_body();
|
||||
$username = trim($body['username'] ?? '');
|
||||
$display_name = trim($body['display_name'] ?? '');
|
||||
$password = $body['password'] ?? '';
|
||||
$is_admin = !empty($body['is_admin']);
|
||||
|
||||
if (!$username || !$password || !$display_name) json_error('Benutzername, Anzeigename und Passwort erforderlich');
|
||||
if (mb_strlen($password) < 6) json_error('Passwort muss mindestens 6 Zeichen haben');
|
||||
|
||||
$hash = password_hash($password, PASSWORD_DEFAULT);
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO users (username, password_hash, display_name, is_admin) VALUES (:u, :h, :d, :a) RETURNING id");
|
||||
$stmt->execute([':u' => $username, ':h' => $hash, ':d' => $display_name, ':a' => $is_admin]);
|
||||
json_ok(['id' => $stmt->fetchColumn(), 'message' => 'Benutzer erstellt']);
|
||||
} catch (PDOException $e) {
|
||||
if (strpos($e->getMessage(), 'unique') !== false) json_error('Benutzername existiert bereits');
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
// DELETE /api/admin/users/{id}
|
||||
if (get_method() === 'DELETE' && $admin_action === 'users' && !empty($segments[2])) {
|
||||
require_admin();
|
||||
$del_id = (int) $segments[2];
|
||||
if ($del_id === $_SESSION['user_id']) json_error('Eigenen Account kann man nicht loeschen');
|
||||
$pdo->prepare("DELETE FROM users WHERE id = :id")->execute([':id' => $del_id]);
|
||||
json_ok(['ok' => true]);
|
||||
}
|
||||
|
||||
// POST /api/admin/import
|
||||
if (get_method() === 'POST' && $admin_action === 'import') {
|
||||
require_admin();
|
||||
$stats = import_all_content($pdo);
|
||||
json_ok(['message' => 'Import abgeschlossen', 'stats' => $stats]);
|
||||
}
|
||||
|
||||
json_error('Unbekannter Admin-Endpunkt', 404);
|
||||
Laden …
Tabelle hinzufügen
Einen Link hinzufügen
In neuem Issue referenzieren