diff --git a/app.py b/app.py index 4bd1f53..2a5037f 100644 --- a/app.py +++ b/app.py @@ -411,61 +411,154 @@ def download_logs(): return redirect(url_for("landing_page")) @app.route("/admin/giveaways", methods=["GET", "POST"]) -def admin_giveaways(): - """Zeigt eine Liste aller Giveaways an und ermöglicht das Bearbeiten und Sortieren.""" - if is_admin(): - connection = get_giveaway_db_connection() # Verbindung zur Giveaway-Datenbank +def manage_giveaways(): + """Verwalte alle Giveaways (nur für Admins).""" + if "discord_user" in session: + user_info = session["discord_user"] + user_id = user_info["id"] + + # Überprüfe, ob der Benutzer Admin-Rechte hat + connection = get_db_connection() # Verbindung zur User-Datenbank cursor = connection.cursor(dictionary=True) - # Sortierung nach bestimmten Feldern - sort_field = request.args.get("sort", "id") # Standardmäßig nach 'id' sortieren - order = request.args.get("order", "asc") # Standardmäßig aufsteigend sortieren + cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_id,)) + user_data = cursor.fetchone() - # Holen aller Giveaways aus der Datenbank - cursor.execute(f"SELECT * FROM giveaways ORDER BY {sort_field} {order}") - giveaways = cursor.fetchall() - - cursor.close() - connection.close() + if user_data and user_data["permission"] >= 8: + connection.close() + + # Verbindung zur Giveaway-Datenbank herstellen + giveaway_connection = get_giveaway_db_connection() + giveaway_cursor = giveaway_connection.cursor(dictionary=True) + + # Alle Giveaways aus der Giveaway-Datenbank abrufen + giveaway_cursor.execute("SELECT * FROM giveaways") + giveaways = giveaway_cursor.fetchall() + + giveaway_cursor.close() + giveaway_connection.close() + + return render_template("admin_giveaways.html", user_info=user_info, giveaways=giveaways) + else: + return redirect(url_for("user_dashboard")) - return render_template("admin_giveaways.html", giveaways=giveaways, sort_field=sort_field, order=order) return redirect(url_for("login")) -@app.route("/admin/giveaways/edit/", methods=["GET", "POST"]) -def edit_giveaway(giveaway_id): - """Bearbeitet ein spezifisches Giveaway.""" - if is_admin(): - connection = get_giveaway_db_connection() # Verbindung zur Giveaway-Datenbank + +@app.route("/admin/giveaway/edit/", methods=["GET", "POST"]) +def edit_giveaway(id): + """Bearbeite ein bestehendes Giveaway.""" + if "discord_user" in session: + user_info = session["discord_user"] + user_id = user_info["id"] + + # Überprüfe, ob der Benutzer Admin-Rechte hat + connection = get_db_connection() cursor = connection.cursor(dictionary=True) - if request.method == "POST": - platform = request.form.get("platform") - name = request.form.get("name") - game_key = request.form.get("game_key") - winner_dc_id = request.form.get("winner_dc_id") - aktiv = bool(request.form.get("aktiv")) + cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_id,)) + user_data = cursor.fetchone() - # Update der Giveaways-Daten - cursor.execute(""" - UPDATE giveaways - SET platform = %s, name = %s, game_key = %s, winner_dc_id = %s, aktiv = %s - WHERE id = %s - """, (platform, name, game_key, winner_dc_id, aktiv, giveaway_id)) - connection.commit() + if user_data and user_data["permission"] >= 8: + connection.close() - flash("Giveaway updated successfully!", "success") - return redirect(url_for("admin_giveaways")) + giveaway_connection = get_giveaway_db_connection() + cursor = giveaway_connection.cursor(dictionary=True) - # Daten des spezifischen Giveaways laden - cursor.execute("SELECT * FROM giveaways WHERE id = %s", (giveaway_id,)) - giveaway = cursor.fetchone() - - cursor.close() - connection.close() + if request.method == "POST": + platform = request.form["platform"] + name = request.form["name"] + game_key = request.form["game_key"] + winner_dc_id = request.form["winner_dc_id"] + + # Update the giveaway + cursor.execute(""" + UPDATE giveaways + SET platform = %s, name = %s, game_key = %s, winner_dc_id = %s + WHERE id = %s + """, (platform, name, game_key, winner_dc_id, id)) + giveaway_connection.commit() + + cursor.close() + giveaway_connection.close() + + return redirect(url_for("manage_giveaways")) + + # Hole die aktuellen Daten des Giveaways + cursor.execute("SELECT * FROM giveaways WHERE id = %s", (id,)) + giveaway = cursor.fetchone() + + cursor.close() + giveaway_connection.close() + + return render_template("edit_giveaway.html", giveaway=giveaway) - return render_template("edit_giveaway.html", giveaway=giveaway) return redirect(url_for("login")) +@app.route("/admin/giveaway/delete/", methods=["POST"]) +def delete_giveaway(id): + """Lösche ein Giveaway aus der Datenbank.""" + if "discord_user" in session: + user_info = session["discord_user"] + user_id = user_info["id"] + + connection = get_db_connection() + cursor = connection.cursor(dictionary=True) + + cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_id,)) + user_data = cursor.fetchone() + + if user_data and user_data["permission"] >= 8: + connection.close() + + # Verbindung zur Giveaway-Datenbank herstellen + giveaway_connection = get_giveaway_db_connection() + cursor = giveaway_connection.cursor() + + cursor.execute("DELETE FROM giveaways WHERE id = %s", (id,)) + giveaway_connection.commit() + + cursor.close() + giveaway_connection.close() + + return redirect(url_for("manage_giveaways")) + + return redirect(url_for("login")) + +@app.route("/admin/giveaway/toggle_active/", methods=["POST"]) +def toggle_active(id): + """Aktiviere oder deaktiviere ein Giveaway.""" + if "discord_user" in session: + user_info = session["discord_user"] + user_id = user_info["id"] + + connection = get_db_connection() + cursor = connection.cursor(dictionary=True) + + cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_id,)) + user_data = cursor.fetchone() + + if user_data and user_data["permission"] >= 8: + connection.close() + + giveaway_connection = get_giveaway_db_connection() + cursor = giveaway_connection.cursor(dictionary=True) + + # Hole den aktuellen Status + cursor.execute("SELECT aktiv FROM giveaways WHERE id = %s", (id,)) + giveaway = cursor.fetchone() + + # Toggle den Aktiv-Status + new_status = not giveaway["aktiv"] + cursor.execute("UPDATE giveaways SET aktiv = %s WHERE id = %s", (new_status, id)) + giveaway_connection.commit() + + cursor.close() + giveaway_connection.close() + + return redirect(url_for("manage_giveaways")) + + return redirect(url_for("login")) @app.route("/user/giveaways", methods=["GET"]) def user_giveaways(): diff --git a/templates/admin_giveaways.html b/templates/admin_giveaways.html index 1f4e6f0..22ee8c5 100644 --- a/templates/admin_giveaways.html +++ b/templates/admin_giveaways.html @@ -4,14 +4,8 @@ - Admin - Giveaways + Manage Giveaways - @@ -31,12 +25,15 @@

Giveaways Management

- - +

Manage all active and inactive giveaways in the system.

+ +
+ - - - + + + + @@ -49,26 +46,26 @@ + - + + - {% endfor %}
IDPlatformNameIDPlatformNameUUID Game Key Winner Discord ID Active{{ giveaway.id }} {{ giveaway.platform }} {{ giveaway.name }}{{ giveaway.uuid }} {{ giveaway.game_key }}{{ giveaway.winner_dc_id or 'Not Assigned' }}{{ giveaway.winner_dc_id }}{{ 'Yes' if giveaway.aktiv else 'No' }} - {% if giveaway.aktiv %} - Active - {% else %} - Inactive - {% endif %} - - Edit + Edit +
+ +
+
+ +
- - -