?>

<meta charset="utf-8">

<meta http-equiv="X-UA-Compatible" content="IE=edge">

<meta name="viewport" content="width=device-width, initial-scale=1">

<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->

<title><?php retrieveTitle(); ?></title>

<!-- Bootstrap -->

<link href="<?php

if (!is_dir('admin')) {

print '../';

}

?>core/css/bootstrap.css" rel="stylesheet">

<link href="<?php

if (!is_dir('admin')) {

print '../';

}

?>core/css/style.css" rel="stylesheet">

<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800' rel='stylesheet' type='text/css'>

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css">

<script src="http://code.jquery.com/jquery-1.6.3.min.js"></script>

<script src="<?php

if (!is_dir('admin')) {

print '../';

}

?>core/js/jquery.js"/></script>

<script type="text/javascript">

$(document).ready(function () {

$("#myTab a:first").tab('show');

});

$(function () {

// for bootstrap 3 use 'shown.bs.tab', for bootstrap 2 use 'shown' in the next line

$('a[data-toggle="tab"]').on('shown.bs.tab', function (e) {

// save the latest tab; use cookies if you like 'em better:

localStorage.setItem('lastTab', $(this).attr('href'));

});

// go to the latest tab, if it exists:

var lastTab = localStorage.getItem('lastTab');

if (lastTab) {

$('[href="' + lastTab + '"]').tab('show');

}

;

$(function () {

$("#editor").wysibb();

});

});

</script>

<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->

<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->

<!--[if lt IE 9]>

<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>

<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>

<![endif]-->

<?php

global $pdo;

$stmt = $pdo->prepare("SELECT * FROM SiteGegevens;");

$stmt->execute();

while ($row = $stmt->fetch()) {

$sitenaam = $row['sitenaam'];

print ($sitenaam);

}

?>

<nav class="navbar navbar-default" role="navigation">

<div class="container">

<!-- Brand and toggle get grouped for better mobile display -->

<div class="navbar-header">

<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navbar-brand-centered">

<span class="sr-only">Toggle navigation</span>

<span class="icon-bar"></span>

<span class="icon-bar"></span>

<span class="icon-bar"></span>

</button>

<div class="navbar-brand navbar-brand-centered">LaserGameBox</div>

</div>

<!-- Collect the nav links, forms, and other content for toggling -->

<div class="collapse navbar-collapse" id="navbar-brand-centered">

<ul class="nav navbar-nav">

<li><a href="<?php

if (!is_dir('admin')) {

print '../';

}

?>index.php">Home</a></li>

<li><a href="<?php

if (!is_dir('admin')) {

print '../';

}

?>over-ons.php">Over ons</a></li>

<li><a href="<?php

if (!is_dir('admin')) {

print '../';

}

?>pakketten.php">Pakketten</a></li>

</ul>

<ul class="nav navbar-nav navbar-right">

<li><a href="<?php

if (!is_dir('admin')) {

print '../';

}

?>contact.php">Contact</a></li>

<li><a href="<?php

if (!is_dir('admin')) {

print '../';

}

?>reservering.php">Mijn reservering</a></li>

<li><a target="_blank" href="http://facebook.com"><i class="fa fa-facebook-square"></i></a></li>

</ul>

</div><!-- /.navbar-collapse -->

</div><!-- /.container-fluid -->

</nav>

<?php

if ($_SESSION['login'] == TRUE) {

?>

<div class="adminnav col-lg-8 col-lg-offset-2 col-md-10 col-md-offset-1 col-sm-10 col-sm-offset-1">

<li class="dropdown pull-right"><a href="#" class="dropdown-toggle" data-toggle="dropdown">Hallo, <?php print $_SESSION['naam'] . " "; ?><b class="caret"></b></a>

<ul class="dropdown-menu list-inline">

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>index.php"><span class="glyphicon glyphicon-stats"></span>Dashboard</a></li>

<?php if ($_SESSION['functie'] == "Administrator") { ?>

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_reserveringen.php"><span class="glyphicon glyphicon-tasks"></span>Reserveringen</a></li>

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_medewerkers.php"><span class="glyphicon glyphicon-user"></span>Accounts</a></li>

<?php } ?>

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_paginas.php"><span class="glyphicon glyphicon-book"></span>Pages</a></li>

<li class="divider col-xs-12"></li>

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>account.php"><span class="glyphicon glyphicon-user"></span>Mijn Account</a></li>

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>instellingen.php"><span class="glyphicon glyphicon-cog"></span>Instellingen</a></li>

<li class="col-xs-12"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>logout.php"><span class="glyphicon glyphicon-off"></span>Uitloggen</a></li>

</ul>

</li>

</div>

<?php

}

?>

<header>

<div class="header-content">

<div class="header-content-inner">

<h1>Lasergamebox</h1>

<p>Lasergamen in je eigen omgeving!</p>

<hr class="light">

<a href="tel:0652654053" class="btn btn-primary hidden-lg hidden-md hidden"><span class="glyphicon glyphicon-phone-alt"></span> Bel ons.</a>

<a href="/reserveren.php" class="btn btn-primary">Reserveer direct!</a>

</div>

</div>

</header>

<?php

?>

<div id="myCarousel" class="carousel slide" data-ride="carousel">

<!-- Indicators -->

<ol class="carousel-indicators">

<li data-target="#myCarousel" data-slide-to="0" class="active"></li>

<li data-target="#myCarousel" data-slide-to="1"></li>

<li data-target="#myCarousel" data-slide-to="2"></li>

</ol>

<div class="carousel-inner" role="listbox">

<div class="carousel-inner" role="listbox">

<div class="item active">

<img class="first-slide" src="core/img/slide1.jpg" alt="First slide">

<div class="container">

<div class="carousel-caption">

<h2>Lasergamen in je eigen omgeving.</h2>

<p></p>

<p><a class="btn btn-lg btn-primary" href="#" role="button">Reserveer nu!</a></p>

</div>

</div>

</div>

<div class="item">

<img class="second-slide" src="core/img/slide1.jpg" alt="Second slide">

<div class="container">

<div class="carousel-caption">

<h2>Vrijgezellenfeest?</h2>

<p>Ga gezellig met zijn allen lasergamen in een leuke of spannende omgeving. Voor jong en oud!</p>

<p><a class="btn btn-lg btn-primary" href="#" role="button">Reserveer nu!</a></p>

</div>

</div>

</div>

<div class="item">

<img class="third-slide" src="core/img/slide1.jpg" alt="Third slide">

<div class="container">

<div class="carousel-caption">

<h2>Geen inspiratie voor een kinderfeestje?</h2>

<p>Ga gezellig met zijn allen lasergamen in een leuke of spannende omgeving. Neem de kinderen mee naar het bos! Laat ze daar elkaar beschieten!</p>

<p><a class="btn btn-lg btn-primary" href="#" role="button">Reserveer nu!</a></p>

</div>

</div>

</div>

</div>

<a class="left carousel-control" href="#myCarousel" role="button" data-slide="prev">

<span class="glyphicon glyphicon-chevron-left" aria-hidden="true"></span>

<span class="sr-only">Previous</span>

</a>

<a class="right carousel-control" href="#myCarousel" role="button" data-slide="next">

<span class="glyphicon glyphicon-chevron-right" aria-hidden="true"></span>

<span class="sr-only">Next</span>

</a>

</div><!-- /.carousel -->

<?php

?>

<div class="reservation hidden-xs">

<div class="row">

<div class="col-lg-12 col-md-10 col-md-offset-1 col-sm-12 col-sm-offset-0">

<div class="input-group">

<div class="col-lg-3 col-md-3 col-sm-6 col-xs-6">

<div class="input-group reserveerbar">

<span class="input-group-addon" id="sizing-addon2">Van: </span>

<input type="text" class="form-control" placeholder="" aria-describedby="sizing-addon2">

</div>

</div>

<div class="col-lg-3 col-md-3 col-sm-6 col-xs-6">

<div class="input-group reserveerbar">

<span class="input-group-addon" id="sizing-addon2">Tot:</span>

<input type="text" class="form-control" placeholder="" aria-describedby="sizing-addon2">

</div>

</div>

<div class="col-lg-3 col-md-4 col-sm-6 col-xs-6">

<div class="input-group spinner reserveerbar">

<span class="input-group-addon" id="sizing-addon2">Aantal Pistolen:</span>

<input type="text" class="form-control" value="6" min="6" max="<?php onzichtbareVoorraad(); ?>">

<div class="input-group-btn-vertical">

<button class="btn btn-default" type="button"><i class="fa fa-caret-up"></i></button>

<button class="btn btn-default" type="button"><i class="fa fa-caret-down"></i></button>

</div>

</div>

</div>

<div class="col-lg-2 col-md-2 col-sm-6 col-xs-6 reserveerbar">

<a class="btn btn-primary reserveerknop" href="#" role="button">Reserveer</a>

</div>

</div>

</div>

</div>

</div>

<?php

?>

<footer>

<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">

<p class="text-right">&copy; <?php echo date("Y"); ?> Lasergamebox.nl. Lasergamebox.nl is een onderdeel van GFretail.</p>

</div>

</footer>

<?php

?>

<div class="col-md-10 col-md-offset-1">

<div class="bs-example">

<ul class="nav nav-tabs" id="myTab">

<li class="active"><a data-toggle="tab" href="#overzicht">Account overzicht</a></li>

<li><a data-toggle="tab" href="#toevoegen">Account toevoegen</a></li>

<!-- <li class="pull-right"><input type="text" class="form-control search-form" placeholder="Zoeken" ></li> -->

</ul>

<div class="tab-content">

<div id="overzicht" class="tab-pane fade in active ">

<p><table class = "table table-hover"><thead>

<tr>

<th>Naam</th>

<th>Achternaam</th>

<th>E-mail</th>

<th>Rechten</th>

<th> </th>

</tr>

</thead>

<?php account_overzicht(); ?>

</table></p>

</div>

<div id="toevoegen" class="tab-pane fade">

<div class="balk"><b>Gegevens account</b></div>

<script>

$('#form-content').on('show.bs.modal', function (e) {

$(this).find('.btn-ok').attr('href', $(e.relatedTarget).data('href'));

});

</script>

<form role="form" class="form-horizontal" method="post" action="overzicht_medewerkers.php">

<fieldset>

<!-- Text input-->

<div class="form-group">

<label class="col-sm-2 control-label" for="textinput">Voornaam</label>

<div class="col-sm-4">

<input type="text" placeholder="Voornaam" name="voornaam" class="form-control">

</div>

<label class="col-sm-2 control-label" for="textinput">Achternaam</label>

<div class="col-sm-4">

<input type="text" placeholder="Achternaam" name="achternaam" class="form-control">

</div>

</div>

<!-- Text input-->

<div class="form-group">

<label class="col-sm-2 control-label" for="textinput">Email</label>

<div class="col-sm-10">

<input type="text" placeholder="Email" name="email" class="form-control">

</div>

</div>

<!-- Text input-->

<div class="form-group">

<label class="col-sm-2 control-label" for="textinput">Wachtwoord</label>

<div class="col-sm-10">

<input type="text" placeholder="Wachtwoord" name="pass" class="form-control">

</div>

</div>

<!-- Text input-->

<div class="form-group">

<label class="col-sm-2 control-label" for="textinput">Functie</label>

<div class="col-sm-10">

<select class="form-control" id="functie" name="functie">

<option>Administrator</option>

<option>Web-administrator</option>

</select>

</div>

</div>

<div class="balk"><b>Na het aanmaken van een account word er een email verstuurd naar opgegeven emailadres met daarin de inlog gegevens.</b></div>

<div class="form-group">

<div class="col-sm-offset-2 col-sm-10">

<div class="pull-right">

<input type="submit" class="btn btn-primary" name="toevoegen" value="Toevoegen">

</div>

</div>

</div>

</fieldset>

</form>

</div>

</div>

</div> <!-- einde van tab-content -->

<?php

//Global gebruiken anders vindt die de gegevens(PDO string) niet en moet je keer op keer de connectie opnieuw invullen.

global $pdo;

$stmt = $pdo->prepare("SELECT * FROM medewerker");

$stmt->execute();

$medewerkers = $stmt->fetchAll();

foreach ($medewerkers as $medewerker) {

print("<tr class=\"active\">");

print("<td>" . $medewerker["naam"] . "</td>");

print("<td>" . $medewerker["achternaam"] . "</td>");

print("<td>" . $medewerker["email"] . "</td>");

print("<td>" . $medewerker["functie"] . "</td>");

if ($medewerker["mnr"] != $_SESSION['mnr']) {

print("<td>

<div class=\"btn-group\">

<a class=\"btn btn-default\" href=\"account_wijzig.php?mnr=" . $medewerker['mnr'] . "\">

<i class=\"fa fa-pencil-square-o\"></i>

</a>

<a class=\"btn btn-default\" onclick=\"return confirm('Weet u zeker dat u deze medewerker wilt verwijderen?')\" name=\"delete\" href=\"overzicht_medewerkers.php?delete=true&mnr=" . $medewerker['mnr'] . "\">

<i class=\"fa fa-times\"></i>

</a>

</div>

</td>");

} else {

print("<td></td>");

}

print("</tr>");

}

global $pdo;

$reserveringnr = "";

if (isset($_POST["reserveringnr"])) {

$reserverinsnr = $_POST["reserverinsnr"];

}

$klantnr = "";

if (isset($_POST["klantnr"])) {

$klantnr = $_POST["klantnr"];

}

$status = "";

if (isset($_POST["status"])) {

$status = $_POST["status"];

}

$naam = "";

if (isset($_POST["naam"])) {

$naam = $_POST["naam"];

}

$achternaam = "";

if (isset($_POST["achternaam"])) {

$achternaam = $_POST["achternaam"];

}

$telnummer = "";

if (isset($_POST["telnummer"])) {

$telnummer = $_POST["telnummer"];

}

$email = "";

if (isset($_POST["email"])) {

$email = $_POST["email"];

}

$postcode = "";

if (isset($_POST["postcode"])) {

$postcode = $_POST["postcode"];

}

$huisnummer = "";

if (isset($_POST["huisnummer"])) {

$huisnummer = $_POST["huisnummer"];

}

$straat = "";

if (isset($_POST["straat"])) {

$straat = $_POST["straat"];

}

$woonplaats = "";

if (isset($_POST["woonplaats"])) {

$woonplaats = $_POST["woonplaats"];

}

//datum moet nog andersom!!

$van = "";

if (isset($_POST["van"])) {

$van = $_POST["van"];

}

$tot = "";

if (isset($_POST["tot"])) {

$tot = $_POST["tot"];

}

$aantal_pistolen = "";

if (isset($_POST["aantal_pistolen"])) {

$aantal_pistolen = $_POST["aantal_pistolen"];

}

$aanbetaling = "";

if (isset($_POST["aanbetaling"])) {

$aanbetaling = $_POST["aanbetaling"];

}

$pakket_kosten = "";

if (isset($_POST["pakket_kosten"])) {

$pakket_kosten = $_POST["pakket_kosten"];

}

$borg = "";

if (isset($_POST["borg"])) {

$borg = $_POST["borg"];

}

$totaal = "";

if (isset($_POST["totaal"])) {

$totaal = $_POST["totaal"];

}

$array = array();

try {

print ('<br>');

//hier is gekozen voor het controleren op empty en niet voor isset - op moment dat er een spatie is ingevuld is de string al niet meer empty dus wordt de isset functie TRUE

if (isset($_POST["opslaan"]) && (empty($_POST["checkbox"])) && (empty($_POST["reserveringnr"]) || empty($_POST["klantnr"]) || empty($_POST["status"]) || empty($_POST["naam"]) || empty($_POST["achternaam"]) || empty($_POST["telnummer"]) || empty($_POST["postcode"]) || empty($_POST["huisnummer"]) || empty($_POST["straat"]) || empty($_POST["woonplaats"]) || empty($_POST["van"]) || empty($_POST["tot"]) || empty($_POST["aantal_pistolen"]) || empty($_POST["aanbetaling"]) || empty($_POST["pakket_kosten"]) || empty($_POST["borg"]) || empty($_POST["totaal"]) || empty($_POST["email"]) )) {

$controler = array('Voornaam' => $_POST["naam"], 'Achternaam' => $_POST["achternaam"], 'Email' => $_POST["email"], 'Reserveringnr' => $_POST["reserveringnr"], 'Klantnr' => $_POST["status"], 'Telefoonnummer' => $_POST["telnummer"],

'Postcode' => $_POST["postcode"], 'Huisnummer' => $_POST["huisnummer"], 'Straat' => $_POST["straat"], 'Plaats' => $_POST["plaats"], 'Van welke datum?' => $_POST["van"],

'Tot welke datum?' => $_POST["tot"], 'Aantal pistolen' => $_POST["aantal_pistolen"], 'Aanbetaling' => $_POST["aanbetaling"], 'Pakket kosten' => $_POST["pakket_kosten"],

'Borg' => $_POST["borg"], 'Totaal' => $_POST["totaal"]);

foreach ($controler as $key => $waarde) {

if (empty($waarde)) {

print('<div class="alert alert-danger" role="alert">' . $key . ' is leeg.</div>');

}

}

} else {

$stmt = $pdo->prepare("INSERT INTO klant (klantnr, naam, achternaam, email, telnummer, straat, huisnummer, woonplaats, postcode) VALUES(?,?,?,?,?,?,?,?,?)");

$stmt->execute(array($_POST["klantnr"], $_POST["naam"], $_POST["achternaam"], $_POST["email"], $_POST["telnummer"], $_POST["straat"], $_POST["huisnummer"], $_POST["woonplaats"], $_POST["postcode"]));

$stmt = $pdo->prepare("INSERT INTO reservering (reserveringnr, klantnr, aantal_pistolen, van, tot, status) VALUES(?, ?, ?, ?, ?, ?)");

$stmt->execute(array($_POST["reserveringnr"], $_POST["klantnr"], $_POST["aantal_pistolen"], $_POST["van"], $_POST["tot"], $_POST["status"]));

if ($stmt->rowCount() == 1) {

// als de klant is toegevoegd worden de ingevoerde waarden niet opnieuw getoond

$naam = $_POST["naam"];

$achternaam = $_POST["achternaam"];

$email = $_POST["email"];

$klantnr = $_POST["klantnr"];

$telnummer = $_POST["telnummer"];

$straat = $_POST["straat"];

$huisnummer = $_POST["huisnummer"];

$woonplaats = $_POST["woonplaats"];

$postcode = $_POST["postcode"];

$reserveringnr = $_POST["reserveringnr"];

$aantal_pistolen = $_POST["aantal_pistolen"];

$van = $_POST["van"];

$tot = $_POST["tot"];

$status = $_POST["status"];

print("<div class=\"alert alert-success\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Gelukt!</strong>

Reservering aangemaakt.

</div>");

$to = $email;

$subject = 'Reservering van lasergamepistolen';

$headers = "From: info@stomic.com\r\n";

$headers .= "MIME-Version: 1.0\r\n";

$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

$message = '<html><body>';

$message .= '<img src="http://project.stomic.com/core/img/slide1.jpg" height="200" width="700" alt="lasergamebox.nl" />';

$message .= '<h1>Lasergamebox.nl</h1>';

$message .= '<h3>Inlog gegevens</h3>';

$message .= '<p>Beste ' . $naam . '</p>';

$message .= 'Wij hebben succesvol een reservering voor u kunnen plaatsen.<br>';

$message .= 'Je kunt inloggen met de volgende gegevens:<br>';

$message .= '<table rules="all" style="border-color: #666;" cellpadding="10">';

$message .= "<tr><td><strong>Email:</strong> </td><td>" . $email . "</td></tr>";

$message .= "<tr><td><strong>Reserveringsnummer:</strong> </td><td>" . $reserveringnr . "</td></tr>";

$message .= '<tr><td><strong>Login:</strong> </td><td><a href="http://project.stomic.com/reservering.php">Mijn reservering</a></td></tr>';

$message .= "</table>";

$message .= '<p></p>';

$message .= "</body></html>";

mail($to, $subject, $message, $headers);

}

}

} catch (PDOException $e) {

print "<div class=\"alert alert-danger\" role=\"alert\">Het aanmaken is mislukt. <a href=\"javascript: window.history.go(-1)\">Ga terug</a> </div>";

}

$pdo = NULL;

//Global gebruiken anders vindt die de gegevens(PDO string) niet en moet je keer op keer de connectie opnieuw invullen.

global $pdo;

/*

$naam = "";

if (isset($_POST["voornaam"])) {

$naam = $_POST["voornaam"];

}

$achternaam = "";

if (isset($_POST["achternaam"])) {

$achternaam = $_POST["achternaam"];

}

$email = "";

if (isset($_POST["email"])) {

$achternaam = $_POST["email"];

}

$functie = "";

if (isset($_POST["functie"])) {

$functie = $_POST["functie"];

}

$pass = "";

if (isset($_POST["pass"])) {

$pass = $_POST["pass"];

}

$medewerker = array();

*/

//hier is gekozen voor het controleren op empty en niet voor isset - op moment dat er een spatie is ingevuld is de string al niet meer empty dus wordt de isset functie TRUE

if (empty($_POST["voornaam"]) OR empty($_POST["achternaam"]) OR empty($_POST["email"]) OR empty($_POST["pass"])) {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-danger\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Mislukt!</strong> Vul a.u.b alle gegevens in.

</div>";

} else {

$stmt = $pdo->prepare("SELECT * FROM medewerker WHERE email=?");

$stmt->execute(array($_POST["email"]));

if ($stmt->rowCount() == 1) {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-danger\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Mislukt!</strong> Een medewerker met dit e-mail adres staat al in het systeem geregistreerd.

</div>";

} else {

$salt = hash('sha256', $pass);

$stmt = $pdo->prepare("INSERT INTO medewerker (naam,achternaam,wachtwoord,email,functie) VALUES(?,?,?,?,?)");

$stmt->execute(array($_POST["voornaam"], $_POST["achternaam"], $salt, $_POST["email"], $_POST["functie"]));

if ($stmt->rowCount() == 1) {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-success\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Gelukt!</strong>

Medewerker toegevoegd.

</div>";

// als de medewerker is toegevoegd worden de ingevoerde waarden niet opnieuw getoond

$naam = $_POST["voornaam"];

$achternaam = $_POST["achternaam"];

$email = $_POST["email"];

$pass = $_POST["pass"];

$to = $email;

$subject = 'Account registratie';

$headers = "From: info@stomic.com\r\n";

$headers .= "MIME-Version: 1.0\r\n";

$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

$message = '<html><body>';

$message .= '<img src="http://project.stomic.com/core/img/slide1.jpg" height="200" width="700" alt="lasergamebox.nl" />';

$message .= '<h1>Lasergamebox.nl</h1>';

$message .= '<h3>Inlog gegevens</h3>';

$message .= '<p>Beste ' . $naam . '</p>';

$message .= 'Je bent succesvol geregistreerd op de website.<br>';

$message .= 'Je kunt inloggen met de volgende gegevens:<br>';

$message .= '<table rules="all" style="border-color: #666;" cellpadding="10">';

$message .= "<tr><td><strong>Email:</strong> </td><td>" . $email . "</td></tr>";

$message .= "<tr><td><strong>Wachtwoord:</strong> </td><td>" . $pass . "</td></tr>";

$message .= '<tr><td><strong>Login:</strong> </td><td><a href="http://project.stomic.com/admin">admin paneel</a></td></tr>';

$message .= "</table>";

$message .= '<p></p>';

$message .= "</body></html>";

mail($to, $subject, $message, $headers);

}

}

}

$pdo = NULL;

//Global gebruiken anders vindt die de gegevens(PDO string) niet en moet je keer op keer de connectie opnieuw invullen.

global $pdo;

try {

if (isset($_POST["opslaan"])) {

if (!empty($_POST['pass'])) {

$pass = $_POST['pass'];

$salted = hash('sha256', $pass);

$stmt = $pdo->prepare("UPDATE medewerker SET naam=?,achternaam=?,email=?,functie=?,wachtwoord=? WHERE mnr=?");

$stmt->execute(array($_POST["voornaam"], $_POST["achternaam"], $_POST["email"], $_POST["functie"], $salted, $_GET["mnr"]));

print("<div class=\"alert alert-success\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Gelukt!</strong>

Medewerker bewerkt

</div>");

} elseif (empty($_POST["voornaam"]) || empty($_POST["achternaam"]) || empty($_POST["email"])) {

$controler = array('Voornaam' => $_POST["voornaam"], 'Achternaam' => $_POST["achternaam"], 'Email' => $_POST["email"]);

foreach ($controler as $key => $waarde) {

if (empty($waarde)) {

print('<div class="alert alert-danger" role="alert">' . $key . ' mag niet leeg zijn</div>');

}

}

} else {

$stmt = $pdo->prepare("UPDATE medewerker SET naam=?,achternaam=?,email=?,functie=? WHERE mnr=?");

$stmt->execute(array($_POST["voornaam"], $_POST["achternaam"], $_POST["email"], $_POST["functie"], $_GET["mnr"]));

print("<div class=\"alert alert-success\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Gelukt!</strong>

Medewerker bewerkt

</div>");

}

}

if ($_GET["mnr"] != "") {

$stmt = $pdo->prepare("SELECT * FROM medewerker WHERE mnr=?");

$stmt->execute(array($_GET["mnr"]));

$medewerker = $stmt->fetch();

$mnr = $medewerker["mnr"];

$naam = $medewerker["naam"];

$achternaam = $medewerker["achternaam"];

$email = $medewerker["email"];

$functie = $medewerker["functie"];

print " <form role=\"form\" class=\"form-horizontal\" method=\"post\" action=\"account_wijzig.php?mnr=$mnr\">";

print "<fieldset>";

print "<!-- Text input-->";

print "<div class=\"form-group\">";

print "<label class=\"col-sm-2 control-label\" for=\"textinput\">Voornaam</label>";

print "<div class=\"col-sm-4\">";

print "<input type=\"text\" placeholder=\"Voornaam\" name=\"voornaam\" class=\"form-control\" value=\"$naam\">";

print "</div>";

print "<label class=\"col-sm-2 control-label\" for=\"textinput\">Achternaam</label>";

print "<div class=\"col-sm-4\">";

print "<input type=\"text\" placeholder=\"Achternaam\" name=\"achternaam\" class=\"form-control\" value=\"$achternaam\">";

print "</div>";

print "</div>";

print "<!-- Text input-->";

print "<div class=\"form-group\">";

print "<label class=\"col-sm-2 control-label\" for=\"textinput\">Email</label>";

print "<div class=\"col-sm-10\">";

print "<input type=\"text\" placeholder=\"Email\" name=\"email\" class=\"form-control\" value=\"$email\">";

print "</div>";

print "</div>";

print "<!-- Text input-->";

print "<div class=\"form-group\">";

print "<label class=\"col-sm-2 control-label\" for=\"textinput\">Wachtwoord</label>";

print "<div class=\"col-sm-10\">";

print "<input type=\"text\" placeholder=\"Wachtwoord\" name=\"pass\" class=\"form-control\">";

print "</div>";

print "</div>";

print "<!-- Text input-->";

print "<div class=\"form-group\">";

print "<label class=\"col-sm-2 control-label\" for=\"textinput\">Functie</label>";

print "<div class=\"col-sm-10\">";

print "<select class=\"form-control\" id=\"functie\" name=\"functie\">";

print '<option value="Administrator" ' . (($functie == 'Administrator') ? 'selected="selected"' : "") . '>Administrator</option>';

print '<option value="Web-administrator" ' . (($functie == 'Web-administrator') ? 'selected="selected"' : "") . '>Web-administrator</option>';

print "</select>";

print "</div>";

print "</div>";

print "<div class=\"form-group\">";

print "<div class=\"col-sm-offset-2 col-sm-10\">";

print "<div class=\"pull-right\">";

print "<input type=\"submit\" class=\"btn btn-danger\" name=\"terug\" value=\"Ga Terug\">";

print "<span> &nbsp&nbsp&nbsp </span>";

print "<input type=\"submit\" class=\"btn btn-success\" name=\"opslaan\" value=\"Opslaan\">";

print "</div>";

print "</div>";

print "</div>";

print "</fieldset>";

print "</form> ";

} else {

print "<div class=\"alert alert-danger\" role=\"alert\">Het medewerker nummer mist. <a href=\"javascript: window.history.go(-1)\">Ga terug</a> </div>";

}

} catch (PDOException $e) {

print "<div class=\"alert alert-danger\" role=\"alert\">Het bewerken is mislukt, probeer het opnieuw. <a href=\"javascript: window.history.go(-1)\">Ga terug</a> </div>";

}

$pdo = NULL;

//Global gebruiken anders vindt die de gegevens(PDO string) niet en moet je keer op keer de connectie opnieuw invullen.

global $pdo;

if ($_GET['mnr'] != $_SESSION['mnr']) {

if (isset($_GET['mnr'])) {

try {

$stmt = $pdo->prepare("DELETE FROM medewerker WHERE mnr=?");

$stmt->execute(array($_GET['mnr']));

if ($stmt->rowCount() == 1) {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-success\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Gelukt!</strong>

Medewerker verwijderd.

</div>";

} else {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-danger\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Mislukt!</strong>

Het verwijderen van de mederwerker is mislukt. Probeer het later opnieuw.

</div>";

}

} catch (PDOException $e) {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-danger\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Mislukt!</strong>

Er ging iets mis met de prepare statement. Neem contact met een IT boy.

</div>";

}

$pdo = NULL;

}

} else {

$_SESSION['AccountStatus'] = TRUE;

$_SESSION['AccountMessage'] = "<div class=\"alert alert-danger\" id=\"success-alert\">

<button type=\"button\" class=\"close\" data-dismiss=\"alert\">x</button>

<strong>Mislukt!</strong>

U kunt uw eigen account niet verwijderen. Duh!

</div>";

}

?>

<div class="col-md-6 col-md-offset-5"><h2><b>Admin Paneel</b></h2> </div>

<div class="col-md-5 col-md-offset-3"

<div class="panel panel-default">

<div class="panel-body">

<form action="index.php" class="form-horizontal" method="POST">

<fieldset>

<div class="form-group">

<label class="col-sm-4 control-label" for="textinput">Email</label>

<div class="col-sm-8">

<input class="form-control" placeholder="E-mail" name="email" type="text">

</div>

</div>

<div class="form-group">

<label class="col-sm-4 control-label" for="textinput">Wachtwoord</label>

<div class="col-sm-8">

<input class="form-control" placeholder="Wachtwoord" name="wachtwoord" type="password">

</div>

</div>

<div class="form-group">

<div class="col-sm-8 col-sm-offset-4">

<a href="wachtwoord_vergeten.php">Wachtwoord vergeten?</a>

</div>

</div>

<div class="form-group">

<div class="col-sm-8 col-sm-offset-4">

<input class="btn btn-md btn-success btn-block" type="submit" name="submit" value="Inloggen">

</div>

</div>

</fieldset>

</form>

</div>

</div>

<?php

if (isset($_POST['submit'])) {

global $pdo;

$email = $_POST['email'];

$pass = $_POST['wachtwoord'];

$sha256 = hash('sha256', $pass);

if (isset($_POST) && $email != '' && $pass != '') {

$stmt = $pdo->prepare("SELECT mnr, naam, email, wachtwoord,functie FROM medewerker WHERE email =?");

$stmt->execute(array($email));

while ($result = $stmt->fetch()) {

$p = $result['wachtwoord'];

$naam = $result['naam'];

$rechten = $result['functie'];

$mnr = $result['mnr'];

}

if ($p == $sha256) {

$_SESSION['naam'] = $naam;

$_SESSION['mnr'] = $mnr;

$_SESSION['login'] = TRUE;

$_SESSION['functie'] = $rechten;

print '<script>window.location.assign("index.php")</script>';

} else {

print "<br><div class=\"alert alert-danger\" role=\"alert\">De combinatie van e-mail en wachtwoord is onjuist. </div>";

}

} else {

print "<br><div class=\"alert alert-danger\" role=\"alert\">Vul een e-mail en wachtwoord in. </div>";

}

}

if ($_SESSION['functie'] == "Administrator") {

?>

<div class="col-lg-10 col-md-12 col-sm-12 col-xs-12 col-lg-offset-1 col-md-offset-0 col-sm-offset-0">

<h2>Admin Dashboard</h2>

<ul class="list-group">

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_reserveringen.php"><span class="glyphicon glyphicon-tasks"></span>Reserveringen</a></li>

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_medewerkers.php"><span class="glyphicon glyphicon-user"></span>Accounts</a></li>

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_paginas.php"><span class="glyphicon glyphicon-book"></span>Pages</a></li>

<li></li>

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>account.php"><span class="glyphicon glyphicon-user"></span>Mijn Account</a></li>

<li class="list-group-item"><a href="instellingen.php"><span class="glyphicon glyphicon-cog"></span>Instellingen</a></li>

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>logout.php"><span class="glyphicon glyphicon-off"></span>Uitloggen</a></li>

</ul>

</div> <?php

} else {

?>

<div class="col-lg-10 col-md-12 col-sm-12 col-xs-12 col-lg-offset-1 col-md-offset-0 col-sm-offset-0">

<h2>ADMIN DASHBOARD</h2>

<ul class="list-group">

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}

?>overzicht_paginas.php"><span class="glyphicon glyphicon-book"></span>Pages</a></li>

<li class="divider"></li>

<li class="list-group-item"><a href="<?php

if (is_dir('admin')) {

print 'admin/';

}