new system prototype

This commit is contained in:
2026-04-15 10:19:42 +02:00
parent e805f225bc
commit 034b108c7e
80 changed files with 12212 additions and 890 deletions

View File

@ -1,18 +1,13 @@
<?php
// /var/www/html/db_view_ordered.php
require_once __DIR__ . '/common.php';
require_once __DIR__ . '/db_init.php';
header('Content-Type: text/html; charset=UTF-8');
// ---- Auth ----
$auth = $_SERVER['HTTP_AUTHORIZATION'] ?? ($_SERVER['Authorization'] ?? '');
if (stripos($auth, 'Bearer ') !== 0) { http_response_code(401); echo "Missing Bearer token"; exit; }
$token = substr($auth, 7);
if (!token_is_valid($token)) { http_response_code(403); echo "Invalid or expired token"; exit; }
$tokenRec = require_valid_token();
// ---- Paths for order, header labels and value translations ----
$ORDER_JSON = __DIR__ . '/header_order.json';
$LABELS_JSON = __DIR__ . '/questions_en.json'; // Spaltenüberschriften (2. Kopfzeile)
$VALS_JSON = __DIR__ . '/translations_en.json'; // NEU: Werte-Übersetzungen
$LABELS_JSON = __DIR__ . '/questions_en.json';
$VALS_JSON = __DIR__ . '/translations_en.json';
$order = @json_decode(@file_get_contents($ORDER_JSON), true);
$labels = @json_decode(@file_get_contents($LABELS_JSON), true);
@ -22,10 +17,7 @@ if (!is_array($labels)) $labels = [];
if (!is_array($vals)) $vals = [];
function t_val(string $id, string $raw, array $vals): string {
// feste Wörter direkt durchlassen
if ($raw === '' || $raw === 'None' || $raw === 'Done' || $raw === 'Not Done') return $raw;
// Kandidaten: exakt, normalisiert, id+value
$norm = strtolower(preg_replace('/[^a-z0-9]+/i', '_', $raw));
$cands = [$raw];
if ($norm && $norm !== $raw) $cands[] = $norm;
@ -33,19 +25,15 @@ function t_val(string $id, string $raw, array $vals): string {
$cands[] = "{$id}-{$raw}";
$cands[] = "{$id}_{$norm}";
$cands[] = "{$id}-{$norm}";
foreach ($cands as $k) {
if (isset($vals[$k]) && is_string($vals[$k]) && $vals[$k] !== '') return $vals[$k];
}
// Fallback: Versuch mit einfachen globalen Keys (z. B. "yes","no","consent_signed")
if (isset($vals[$norm])) return (string)$vals[$norm];
if (isset($vals[$raw])) return (string)$vals[$raw];
return $raw; // nichts gefunden → Original anzeigen
return $raw;
}
// ---- load & decrypt DB ----
$dbPath = __DIR__ . '/uploads/questionnaire_database';
$dbPath = QDB_PATH;
if (!file_exists($dbPath)) { http_response_code(404); echo "Database not found"; exit; }
$enc = file_get_contents($dbPath);
if ($enc === false) { http_response_code(500); echo "Read error"; exit; }
@ -53,7 +41,6 @@ if ($enc === false) { http_response_code(500); echo "Read error"; exit; }
try { $plain = aes256_cbc_decrypt_bytes($enc, get_master_key_bytes()); }
catch (Throwable $e) { http_response_code(500); echo "Decryption failed"; exit; }
// ---- temp SQLite file ----
$tmp = tempnam(sys_get_temp_dir(), 'qdb_');
file_put_contents($tmp, $plain);
@ -61,27 +48,49 @@ try {
$pdo = new PDO("sqlite:$tmp");
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$clients = $pdo->query("SELECT clientCode FROM clients ORDER BY clientCode")->fetchAll(PDO::FETCH_COLUMN) ?: [];
$questionnaireIds = $pdo->query("SELECT id FROM questionnaires")->fetchAll(PDO::FETCH_COLUMN) ?: [];
[$rbacClause, $rbacParams] = rbac_client_filter($tokenRec);
$clientStmt = $pdo->prepare(
"SELECT client.clientCode FROM client WHERE $rbacClause ORDER BY client.clientCode"
);
foreach ($rbacParams as $k => $v) $clientStmt->bindValue($k, $v);
$clientStmt->execute();
$clients = $clientStmt->fetchAll(PDO::FETCH_COLUMN) ?: [];
$questionnaireIds = $pdo->query("SELECT questionnaireID FROM questionnaire")->fetchAll(PDO::FETCH_COLUMN) ?: [];
$qidSet = array_fill_keys($questionnaireIds, true);
$completed = [];
$stmt = $pdo->query("SELECT clientCode, questionnaireId, isDone FROM completed_questionnaires");
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$c = $row['clientCode'] ?? 'undefined';
$q = $row['questionnaireId'] ?? 'undefined';
$completed[$c][$q] = ((int)($row['isDone'] ?? 0)) ? true : false;
$cqStmt = $pdo->prepare(
"SELECT cq.clientCode, cq.questionnaireID, cq.status
FROM completed_questionnaire cq
JOIN client ON client.clientCode = cq.clientCode
WHERE $rbacClause"
);
foreach ($rbacParams as $k => $v) $cqStmt->bindValue($k, $v);
$cqStmt->execute();
while ($row = $cqStmt->fetch(PDO::FETCH_ASSOC)) {
$completed[$row['clientCode']][$row['questionnaireID']] = $row['status'];
}
// client_answer uses questionID, which maps to old "questionId" format
$answers = [];
$stmt = $pdo->query("SELECT clientCode, questionId, answerValue FROM answers");
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$c = $row['clientCode'] ?? 'undefined';
$q = $row['questionId'] ?? 'undefined';
$answers[$c][$q] = (string)($row['answerValue'] ?? '');
$ansStmt = $pdo->prepare(
"SELECT ca.clientCode, ca.questionID, ca.answerOptionID, ca.freeTextValue, ca.numericValue
FROM client_answer ca
JOIN client ON client.clientCode = ca.clientCode
WHERE $rbacClause"
);
foreach ($rbacParams as $k => $v) $ansStmt->bindValue($k, $v);
$ansStmt->execute();
while ($row = $ansStmt->fetch(PDO::FETCH_ASSOC)) {
$val = $row['freeTextValue'] ?? $row['answerOptionID'] ?? '';
if ($val === '' && $row['numericValue'] !== null) {
$val = (string)$row['numericValue'];
}
$answers[$row['clientCode']][$row['questionID']] = $val;
}
// ---- HTML ----
echo '<style>
table{border-collapse:collapse;width:100%;}
th,td{border:1px solid #ddd;padding:6px 8px;text-align:left;vertical-align:top;}
@ -93,12 +102,10 @@ try {
echo '<table id="qdb-table">';
echo '<thead>';
// Row 1: checkbox + IDs (bleiben als technische Schlüssel im Kopf Werte darunter sind übersetzt)
echo '<tr><th class="chkcol"><input type="checkbox" id="chkAll" title="select all"></th>';
foreach ($order as $id) echo '<th data-id="'.htmlspecialchars($id).'">'.htmlspecialchars($id).'</th>';
echo '</tr>';
// Row 2: blank + English labels
echo '<tr><th class="chkcol"></th>';
foreach ($order as $id) {
$lbl = $labels[$id] ?? '';
@ -113,7 +120,8 @@ try {
if ($id === 'client_code') {
$val = $client;
} elseif (isset($qidSet[$id]) && strpos($id, '-') === false) {
$val = ($completed[$client][$id] ?? false) ? 'Done' : 'Not Done';
$status = $completed[$client][$id] ?? '';
$val = ($status === 'done' || $status === 'Done') ? 'Done' : ($status !== '' ? $status : 'Not Done');
} else {
$raw = $answers[$client][$id] ?? '';
$val = (strlen(trim($raw)) > 0) ? t_val($id, $raw, $vals) : 'None';
@ -126,7 +134,8 @@ try {
} catch (Throwable $e) {
http_response_code(500);
echo "Error: ".htmlspecialchars($e->getMessage());
error_log($e->getMessage());
echo "Server error";
} finally {
@unlink($tmp);
}