feuerwehr-freising-antragsformular/admin/application.php

<?php

declare(strict_types=1);

use App\App\Bootstrap;
use App\Admin\Auth;
use App\Form\FormSchema;
use App\Mail\SubmissionFormatter;
use App\Security\Csrf;
use App\Storage\JsonStore;

require dirname(__DIR__) . '/src/autoload.php';
Bootstrap::init();
$app = Bootstrap::config('app');

$auth = new Auth();
$auth->requireLogin();

$id = trim((string) ($_GET['id'] ?? ''));
$store = new JsonStore();
$submission = $store->getSubmissionByKey($id);

if ($submission === null) {
    http_response_code(404);
    echo 'Antrag nicht gefunden.';
    exit;
}

$schema = new FormSchema();
$formatter = new SubmissionFormatter($schema);
$formattedSteps = $formatter->formatSteps($submission);
$uploadFields = $schema->getUploadFields();

$formData = (array) ($submission['form_data'] ?? []);
$uploads = (array) ($submission['uploads'] ?? []);
$firstName = (string) ($formData['vorname'] ?? '');
$lastName = (string) ($formData['nachname'] ?? '');

$csrf = Csrf::token();
?><!doctype html>
<html lang="de">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Antragsdetails</title>
    <link rel="stylesheet" href="<?= htmlspecialchars(Bootstrap::url('assets/css/tokens.css')) ?>">
    <link rel="stylesheet" href="<?= htmlspecialchars(Bootstrap::url('assets/css/base.css')) ?>">
</head>
<body class="admin-page">
<header class="site-header">
    <div class="container header-inner">
        <a class="brand" href="<?= htmlspecialchars(Bootstrap::url('admin/index.php')) ?>">
            <img class="brand-logo" src="<?= htmlspecialchars(Bootstrap::url('assets/images/feuerwehr-logo-invers.webp')) ?>" alt="Feuerwehr Logo">
            <div class="brand-title"><?= htmlspecialchars((string) ($app['project_name'] ?? 'Admin')) ?></div>
        </a>
    </div>
</header>
<main class="container">
    <section class="card">
        <p><a href="<?= htmlspecialchars(Bootstrap::url('admin/index.php')) ?>">Zur Übersicht</a></p>

        <div class="admin-detail-header">
            <h1>Antragsdetails</h1>
            <div class="admin-inline-actions">
                <form method="get" action="<?= htmlspecialchars(Bootstrap::url('admin/export-pdf.php')) ?>">
                    <input type="hidden" name="id" value="<?= htmlspecialchars((string) ($submission['application_key'] ?? '')) ?>">
                    <button type="submit" class="btn btn-small">Export als PDF</button>
                </form>
                <?php if (!empty($uploads)): ?>
                    <form method="get" action="<?= htmlspecialchars(Bootstrap::url('admin/download-zip.php')) ?>">
                        <input type="hidden" name="id" value="<?= htmlspecialchars((string) ($submission['application_key'] ?? '')) ?>">
                        <button type="submit" class="btn btn-small">Alle Uploads als ZIP herunterladen</button>
                    </form>
                <?php endif; ?>
            </div>
        </div>

        <div class="table-responsive">
            <table class="table-compact table-dense admin-meta-table">
                <tbody>
                    <tr>
                        <th>Vorname</th>
                        <td><?= htmlspecialchars($firstName !== '' ? $firstName : '-') ?></td>
                        <th>Nachname</th>
                        <td><?= htmlspecialchars($lastName !== '' ? $lastName : '-') ?></td>
                    </tr>
                    <tr>
                        <th>E-Mail</th>
                        <td><?= htmlspecialchars((string) ($submission['email'] ?? '')) ?></td>
                        <th>Eingereicht</th>
                        <td><?= htmlspecialchars((string) ($submission['submitted_at'] ?? '')) ?></td>
                    </tr>
                </tbody>
            </table>
        </div>

        <h2>Formulardaten</h2>
        <?php if ($formattedSteps === []): ?>
            <p>Keine Formulardaten vorhanden.</p>
        <?php else: ?>
            <?php foreach ($formattedSteps as $step): ?>
                <section class="admin-step-block">
                    <h3><?= htmlspecialchars((string) ($step['title'] ?? '')) ?></h3>
                    <div class="table-responsive">
                        <table class="table-compact table-dense admin-form-data-table">
                            <tbody>
                                <?php foreach ((array) ($step['fields'] ?? []) as $field): ?>
                                    <tr>
                                        <th><?= htmlspecialchars((string) ($field['label'] ?? '')) ?></th>
                                        <td><?= nl2br(htmlspecialchars((string) ($field['value'] ?? '')), false) ?></td>
                                    </tr>
                                <?php endforeach; ?>
                            </tbody>
                        </table>
                    </div>
                </section>
            <?php endforeach; ?>
        <?php endif; ?>

        <h2>Uploads</h2>
        <?php if ($uploads === []): ?>
            <p>Keine Uploads vorhanden.</p>
        <?php else: ?>
            <?php $shownUploadKeys = []; ?>
            <?php foreach ($uploadFields as $fieldKey => $fieldDef):
                $files = $uploads[$fieldKey] ?? [];
                if (!is_array($files) || $files === []) {
                    continue;
                }
                $shownUploadKeys[] = $fieldKey;
                $uploadLabel = (string) ($fieldDef['label'] ?? $fieldKey);
            ?>
                <div class="admin-upload-group">
                    <h3><?= htmlspecialchars($uploadLabel) ?></h3>
                    <ul class="admin-uploads-list">
                        <?php foreach ($files as $idx => $file): ?>
                            <li>
                                <?= htmlspecialchars((string) ($file['original_filename'] ?? 'Datei')) ?>
                                - <a href="<?= htmlspecialchars(Bootstrap::url('admin/download.php?id=' . urlencode((string) ($submission['application_key'] ?? '')) . '&field=' . urlencode((string) $fieldKey) . '&index=' . urlencode((string) $idx))) ?>">Download</a>
                            </li>
                        <?php endforeach; ?>
                    </ul>
                </div>
            <?php endforeach; ?>
            <?php foreach ($uploads as $fieldKey => $files):
                if (in_array((string) $fieldKey, $shownUploadKeys, true) || !is_array($files) || $files === []) {
                    continue;
                }
            ?>
                <div class="admin-upload-group">
                    <h3><?= htmlspecialchars((string) $fieldKey) ?></h3>
                    <ul class="admin-uploads-list">
                        <?php foreach ($files as $idx => $file): ?>
                            <li>
                                <?= htmlspecialchars((string) ($file['original_filename'] ?? 'Datei')) ?>
                                - <a href="<?= htmlspecialchars(Bootstrap::url('admin/download.php?id=' . urlencode((string) ($submission['application_key'] ?? '')) . '&field=' . urlencode((string) $fieldKey) . '&index=' . urlencode((string) $idx))) ?>">Download</a>
                            </li>
                        <?php endforeach; ?>
                    </ul>
                </div>
            <?php endforeach; ?>
        <?php endif; ?>

        <h2>Löschen</h2>
        <form method="post" action="<?= htmlspecialchars(Bootstrap::url('admin/delete.php')) ?>" onsubmit="return confirm('Antrag wirklich löschen? Der Antrag wird für alle Benutzer unwiederbringlich entfernt.');">
            <input type="hidden" name="csrf" value="<?= htmlspecialchars($csrf) ?>">
            <input type="hidden" name="id" value="<?= htmlspecialchars((string) ($submission['application_key'] ?? '')) ?>">
            <button type="submit" class="btn">Antrag löschen</button>
        </form>
    </section>
</main>
</body>
</html>