feuerwehr-freising-antragsformular/admin/application.php

<?php

declare(strict_types=1);

use App\App\Bootstrap;
use App\Admin\Auth;
use App\Security\Csrf;
use App\Storage\JsonStore;

require dirname(__DIR__) . '/src/autoload.php';
Bootstrap::init();

$auth = new Auth();
$auth->requireLogin();

$id = trim((string) ($_GET['id'] ?? ''));
$store = new JsonStore();
$submission = $store->getSubmissionByKey($id);

if ($submission === null) {
    http_response_code(404);
    echo 'Antrag nicht gefunden.';
    exit;
}

$csrf = Csrf::token();
?><!doctype html>
<html lang="de">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Antragsdetails</title>
    <link rel="stylesheet" href="/assets/css/tokens.css">
    <link rel="stylesheet" href="/assets/css/base.css">
</head>
<body>
<main class="container">
    <section class="card">
        <p><a href="/admin/index.php">Zur Übersicht</a></p>
        <h1>Antragsdetails</h1>
        <p><strong>E-Mail:</strong> <?= htmlspecialchars((string) ($submission['email'] ?? '')) ?></p>
        <p><strong>Eingereicht:</strong> <?= htmlspecialchars((string) ($submission['submitted_at'] ?? '')) ?></p>

        <h2>Formulardaten</h2>
        <table>
            <tbody>
                <?php foreach ((array) ($submission['form_data'] ?? []) as $key => $value): ?>
                    <tr>
                        <th><?= htmlspecialchars((string) $key) ?></th>
                        <td><?= htmlspecialchars(is_scalar($value) ? (string) $value : json_encode($value, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)) ?></td>
                    </tr>
                <?php endforeach; ?>
            </tbody>
        </table>

        <h2>Uploads</h2>
        <?php if (empty($submission['uploads'])): ?>
            <p>Keine Uploads vorhanden.</p>
        <?php else: ?>
            <p><a href="/admin/download-zip.php?id=<?= urlencode((string) ($submission['application_key'] ?? '')) ?>">Alle Uploads als ZIP herunterladen</a></p>
            <?php foreach ((array) $submission['uploads'] as $field => $files): ?>
                <h3><?= htmlspecialchars((string) $field) ?></h3>
                <ul>
                    <?php foreach ((array) $files as $idx => $file): ?>
                        <li>
                            <?= htmlspecialchars((string) ($file['original_filename'] ?? 'Datei')) ?>
                            - <a href="/admin/download.php?id=<?= urlencode((string) ($submission['application_key'] ?? '')) ?>&field=<?= urlencode((string) $field) ?>&index=<?= urlencode((string) $idx) ?>">Download</a>
                        </li>
                    <?php endforeach; ?>
                </ul>
            <?php endforeach; ?>
        <?php endif; ?>

        <h2>Löschen</h2>
        <form method="post" action="/admin/delete.php" onsubmit="return confirm('Antrag wirklich löschen?');">
            <input type="hidden" name="csrf" value="<?= htmlspecialchars($csrf) ?>">
            <input type="hidden" name="id" value="<?= htmlspecialchars((string) ($submission['application_key'] ?? '')) ?>">
            <button type="submit">Antrag löschen</button>
        </form>
    </section>
</main>
</body>
</html>