diff --git a/assets/frontend-form.js b/assets/frontend-form.js new file mode 100644 index 0000000..bdc7f85 --- /dev/null +++ b/assets/frontend-form.js @@ -0,0 +1,60 @@ +// Client-side validation for Workshopwahl frontend form +// This script validates required fields and email format before submission + +document.addEventListener('DOMContentLoaded', function () { + var form = document.querySelector('.kc-workshopwahl-form'); + if (!form) return; + + form.addEventListener('submit', function (e) { + var valid = true; + var errorMessages = []; + + // Example: Validate required text fields + var requiredFields = form.querySelectorAll('[required]'); + requiredFields.forEach(function (field) { + if (!field.value.trim()) { + valid = false; + errorMessages.push(field.getAttribute('data-label') || field.name + ' ist erforderlich.'); + field.classList.add('kc-field-error'); + } else { + field.classList.remove('kc-field-error'); + } + }); + + // Example: Validate email format + var emailField = form.querySelector('input[type="email"]'); + if (emailField && emailField.value) { + var emailPattern = /^[^@\s]+@[^@\s]+\.[^@\s]+$/; + if (!emailPattern.test(emailField.value)) { + valid = false; + errorMessages.push('Bitte eine gültige E-Mail-Adresse eingeben.'); + emailField.classList.add('kc-field-error'); + } else { + emailField.classList.remove('kc-field-error'); + } + } + + // Example: Validate max workshop selections (if relevant) + var maxWorkshops = parseInt(form.getAttribute('data-max-workshops'), 10); + if (maxWorkshops) { + var checked = form.querySelectorAll('input[type="checkbox"][name^="workshop_"]:checked'); + if (checked.length > maxWorkshops) { + valid = false; + errorMessages.push('Es dürfen maximal ' + maxWorkshops + ' Workshops gewählt werden.'); + } + } + + // Show error messages + var errorBox = form.querySelector('.kc-form-errors'); + if (!errorBox) { + errorBox = document.createElement('div'); + errorBox.className = 'kc-form-errors'; + form.prepend(errorBox); + } + errorBox.innerHTML = errorMessages.length ? '' : ''; + + if (!valid) { + e.preventDefault(); + } + }); +}); diff --git a/includes/admin-teamer.php b/includes/admin-teamer.php index e40934b..06affe9 100644 --- a/includes/admin-teamer.php +++ b/includes/admin-teamer.php @@ -14,8 +14,10 @@ function kc_teamer_page() { delete_option('kc_teamer_password_hash'); echo '
Teamer-Passwort entfernt.
'; } else { - update_option('kc_teamer_password_hash', wp_hash_password($pw)); - echo '
Teamer-Passwort gespeichert.
'; + // Sichere Speicherung mit password_hash + $hash = password_hash($pw, PASSWORD_DEFAULT); + update_option('kc_teamer_password_hash', $hash); + echo '
Teamer-Passwort gespeichert.
'; } } } diff --git a/includes/frontend-form.php b/includes/frontend-form.php index a83effd..0a043a2 100644 --- a/includes/frontend-form.php +++ b/includes/frontend-form.php @@ -4,6 +4,10 @@ add_shortcode('konficastle_workshopwahl', function($atts) { $wahl_id = intval($atts['wahl']); global $wpdb; + // Enqueue client-side validation JS + add_action('wp_footer', function() { + echo ''; + }); // KRITISCHER TEST: Ausgabe ganz am Anfang //$debug_output = '
'; @@ -278,8 +282,17 @@ add_shortcode('konficastle_teamer_create', function($atts) { } else { $pw = trim($_POST['kc_teamer_pw'] ?? ''); $saved_hash = get_option('kc_teamer_password_hash', ''); - if (empty($saved_hash) || !wp_check_password($pw, $saved_hash)) { - $msg = '
Falsches Passwort.
'; + $valid_pw = false; + if (!empty($saved_hash)) { + if (password_verify($pw, $saved_hash)) { + $valid_pw = true; + } else if (function_exists('wp_check_password') && wp_check_password($pw, $saved_hash)) { + // Rückwärtskompatibilität: alter Hash + $valid_pw = true; + } + } + if (!$valid_pw) { + $msg = '
Falsches Passwort.
'; } else { $vorname = sanitize_text_field($_POST['vorname'] ?? ''); $nachname = sanitize_text_field($_POST['nachname'] ?? '');