first commit

app/controllers/AuthController.php

@@ -0,0 +1,117 @@
+<?php
+
+require_once __DIR__ . '/../models/User.php';
+
+class AuthController
+{
+    public function loginForm(): void
+    {
+        $error = $_SESSION['error'] ?? null;
+        unset($_SESSION['error']);
+        require __DIR__ . '/../views/login.php';
+    }
+
+    public function login(): void
+    {
+        $login = trim($_POST['login'] ?? '');
+        $password = $_POST['password'] ?? '';
+
+        if (empty($login) || empty($password)) {
+            $_SESSION['error'] = 'Proszę podać login i hasło.';
+            header('Location: /logowanie');
+            exit;
+        }
+
+        $user = User::verifyPassword($login, $password);
+
+        if (!$user) {
+            $_SESSION['error'] = 'Nieprawidłowy login lub hasło.';
+            header('Location: /logowanie');
+            exit;
+        }
+
+        // Generowanie kodu weryfikacyjnego
+        $code = sprintf('%06d', random_int(0, 999999));
+
+        User::saveVerificationCode($user['id'], $code);
+
+        // Symulacja wysyłki maila
+        $_SESSION['pending_user_id'] = $user['id'];
+        $_SESSION['pending_user_login'] = $user['login'];
+        $_SESSION['simulated_code'] = $code; // W produkcji nie pokazywać!
+
+        header('Location: /weryfikacja');
+        exit;
+    }
+
+    public function verifyForm(): void
+    {
+        if (!isset($_SESSION['pending_user_id'])) {
+            header('Location: /logowanie');
+            exit;
+        }
+
+        $error = $_SESSION['error'] ?? null;
+        $simulatedCode = $_SESSION['simulated_code'] ?? null;
+        $userLogin = $_SESSION['pending_user_login'] ?? '';
+        unset($_SESSION['error']);
+
+        require __DIR__ . '/../views/verify.php';
+    }
+
+    public function verify(): void
+    {
+        if (!isset($_SESSION['pending_user_id'])) {
+            header('Location: /logowanie');
+            exit;
+        }
+
+        $code = trim($_POST['code'] ?? '');
+        $userId = $_SESSION['pending_user_id'];
+
+        if (empty($code)) {
+            $_SESSION['error'] = 'Proszę podać kod weryfikacyjny.';
+            header('Location: /weryfikacja');
+            exit;
+        }
+
+        if (!User::verifyCode($userId, $code)) {
+            $_SESSION['error'] = 'Nieprawidłowy lub wygasły kod weryfikacyjny.';
+            header('Location: /weryfikacja');
+            exit;
+        }
+
+        // Usunięcie kodu po użyciu
+        User::deleteVerificationCode($userId);
+
+        // Pełna autoryzacja
+        $_SESSION['user_id'] = $userId;
+        $_SESSION['user_login'] = $_SESSION['pending_user_login'];
+        $_SESSION['logged_in'] = true;
+
+        unset($_SESSION['pending_user_id']);
+        unset($_SESSION['pending_user_login']);
+        unset($_SESSION['simulated_code']);
+
+        header('Location: /panel');
+        exit;
+    }
+
+    public function dashboard(): void
+    {
+        if (!isset($_SESSION['logged_in']) || !$_SESSION['logged_in']) {
+            header('Location: /logowanie');
+            exit;
+        }
+
+        $userLogin = $_SESSION['user_login'] ?? 'Użytkownik';
+        require __DIR__ . '/../views/dashboard.php';
+    }
+
+    public function logout(): void
+    {
+        session_destroy();
+        header('Location: /logowanie');
+        exit;
+    }
+}

app/controllers/EventController.php

@@ -0,0 +1,179 @@
+<?php
+
+require_once __DIR__ . '/../models/Event.php';
+
+class EventController
+{
+    private function requireAuth(): void
+    {
+        if (!isset($_SESSION['logged_in']) || !$_SESSION['logged_in']) {
+            header('Location: /logowanie');
+            exit;
+        }
+    }
+
+    public function index(): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $userLogin = $_SESSION['user_login'];
+
+        // Pobierz rok i miesiąc z parametrów lub użyj bieżących
+        $year = isset($_GET['rok']) ? (int) $_GET['rok'] : (int) date('Y');
+        $month = isset($_GET['miesiac']) ? (int) $_GET['miesiac'] : (int) date('m');
+
+        // Walidacja
+        if ($month < 1) {
+            $month = 12;
+            $year--;
+        } elseif ($month > 12) {
+            $month = 1;
+            $year++;
+        }
+
+        $events = Event::getByMonth($userId, $year, $month);
+
+        // Grupowanie wydarzeń po dacie
+        $eventsByDate = [];
+        foreach ($events as $event) {
+            $eventsByDate[$event['event_date']][] = $event;
+        }
+
+        $success = $_SESSION['success'] ?? null;
+        $error = $_SESSION['error'] ?? null;
+        unset($_SESSION['success'], $_SESSION['error']);
+
+        require __DIR__ . '/../views/calendar/index.php';
+    }
+
+    public function dayEvents(string $date): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $userLogin = $_SESSION['user_login'];
+
+        // Walidacja daty
+        if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', $date)) {
+            $_SESSION['error'] = 'Nieprawidłowy format daty.';
+            header('Location: /kalendarz');
+            exit;
+        }
+
+        $events = Event::getByDate($userId, $date);
+
+        $success = $_SESSION['success'] ?? null;
+        $error = $_SESSION['error'] ?? null;
+        unset($_SESSION['success'], $_SESSION['error']);
+
+        require __DIR__ . '/../views/calendar/day.php';
+    }
+
+    public function create(string $date = null): void
+    {
+        $this->requireAuth();
+
+        $userLogin = $_SESSION['user_login'];
+        $event = null;
+        $isEdit = false;
+        $selectedDate = $date ?? date('Y-m-d');
+
+        require __DIR__ . '/../views/calendar/form.php';
+    }
+
+    public function store(): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $title = trim($_POST['title'] ?? '');
+        $content = trim($_POST['content'] ?? '');
+        $eventDate = $_POST['event_date'] ?? '';
+
+        if (empty($title)) {
+            $_SESSION['error'] = 'Tytuł wydarzenia jest wymagany.';
+            header('Location: /kalendarz/nowe');
+            exit;
+        }
+
+        if (empty($eventDate)) {
+            $_SESSION['error'] = 'Data wydarzenia jest wymagana.';
+            header('Location: /kalendarz/nowe');
+            exit;
+        }
+
+        Event::create($userId, $title, $content, $eventDate);
+        $_SESSION['success'] = 'Wydarzenie zostało dodane.';
+        header('Location: /kalendarz/dzien/' . $eventDate);
+        exit;
+    }
+
+    public function edit(int $id): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $userLogin = $_SESSION['user_login'];
+        $event = Event::getById($id, $userId);
+
+        if (!$event) {
+            $_SESSION['error'] = 'Wydarzenie nie zostało znalezione.';
+            header('Location: /kalendarz');
+            exit;
+        }
+
+        $isEdit = true;
+        $selectedDate = $event['event_date'];
+
+        require __DIR__ . '/../views/calendar/form.php';
+    }
+
+    public function update(int $id): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $title = trim($_POST['title'] ?? '');
+        $content = trim($_POST['content'] ?? '');
+        $eventDate = $_POST['event_date'] ?? '';
+
+        if (empty($title)) {
+            $_SESSION['error'] = 'Tytuł wydarzenia jest wymagany.';
+            header("Location: /kalendarz/edytuj/$id");
+            exit;
+        }
+
+        $event = Event::getById($id, $userId);
+        if (!$event) {
+            $_SESSION['error'] = 'Wydarzenie nie zostało znalezione.';
+            header('Location: /kalendarz');
+            exit;
+        }
+
+        Event::update($id, $userId, $title, $content, $eventDate);
+        $_SESSION['success'] = 'Wydarzenie zostało zaktualizowane.';
+        header('Location: /kalendarz/dzien/' . $eventDate);
+        exit;
+    }
+
+    public function delete(int $id): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $event = Event::getById($id, $userId);
+
+        if (!$event) {
+            $_SESSION['error'] = 'Wydarzenie nie zostało znalezione.';
+            header('Location: /kalendarz');
+            exit;
+        }
+
+        $eventDate = $event['event_date'];
+        Event::delete($id, $userId);
+        $_SESSION['success'] = 'Wydarzenie zostało usunięte.';
+        header('Location: /kalendarz/dzien/' . $eventDate);
+        exit;
+    }
+}

app/controllers/NoteController.php

@@ -0,0 +1,126 @@
+<?php
+
+require_once __DIR__ . '/../models/Note.php';
+
+class NoteController
+{
+    private function requireAuth(): void
+    {
+        if (!isset($_SESSION['logged_in']) || !$_SESSION['logged_in']) {
+            header('Location: /logowanie');
+            exit;
+        }
+    }
+
+    public function index(): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $userLogin = $_SESSION['user_login'];
+        $notes = Note::getAllByUser($userId);
+
+        $success = $_SESSION['success'] ?? null;
+        $error = $_SESSION['error'] ?? null;
+        unset($_SESSION['success'], $_SESSION['error']);
+
+        require __DIR__ . '/../views/notes/index.php';
+    }
+
+    public function create(): void
+    {
+        $this->requireAuth();
+
+        $userLogin = $_SESSION['user_login'];
+        $note = null;
+        $isEdit = false;
+
+        require __DIR__ . '/../views/notes/form.php';
+    }
+
+    public function store(): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $title = trim($_POST['title'] ?? '');
+        $content = trim($_POST['content'] ?? '');
+        $color = $_POST['color'] ?? 'primary';
+
+        if (empty($title)) {
+            $_SESSION['error'] = 'Tytuł notatki jest wymagany.';
+            header('Location: /notatnik/nowa');
+            exit;
+        }
+
+        Note::create($userId, $title, $content, $color);
+        $_SESSION['success'] = 'Notatka została dodana.';
+        header('Location: /notatnik');
+        exit;
+    }
+
+    public function edit(int $id): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $userLogin = $_SESSION['user_login'];
+        $note = Note::getById($id, $userId);
+
+        if (!$note) {
+            $_SESSION['error'] = 'Notatka nie została znaleziona.';
+            header('Location: /notatnik');
+            exit;
+        }
+
+        $isEdit = true;
+        require __DIR__ . '/../views/notes/form.php';
+    }
+
+    public function update(int $id): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $title = trim($_POST['title'] ?? '');
+        $content = trim($_POST['content'] ?? '');
+        $color = $_POST['color'] ?? 'primary';
+
+        if (empty($title)) {
+            $_SESSION['error'] = 'Tytuł notatki jest wymagany.';
+            header("Location: /notatnik/edytuj/$id");
+            exit;
+        }
+
+        $note = Note::getById($id, $userId);
+        if (!$note) {
+            $_SESSION['error'] = 'Notatka nie została znaleziona.';
+            header('Location: /notatnik');
+            exit;
+        }
+
+        Note::update($id, $userId, $title, $content, $color);
+        $_SESSION['success'] = 'Notatka została zaktualizowana.';
+        header('Location: /notatnik');
+        exit;
+    }
+
+    public function delete(int $id): void
+    {
+        $this->requireAuth();
+
+        $userId = $_SESSION['user_id'];
+        $note = Note::getById($id, $userId);
+
+        if (!$note) {
+            $_SESSION['error'] = 'Notatka nie została znaleziona.';
+            header('Location: /notatnik');
+            exit;
+        }
+
+        Note::delete($id, $userId);
+        $_SESSION['success'] = 'Notatka została usunięta.';
+        header('Location: /notatnik');
+        exit;
+    }
+}