diff --git a/apps/api/email/registration-successful.mjml b/apps/api/email/registration-successful.mjml
index c78b0b3e..1e49badc 100644
--- a/apps/api/email/registration-successful.mjml
+++ b/apps/api/email/registration-successful.mjml
@@ -7,6 +7,19 @@
   Vielen Dank für deine Anmeldung zur Veranstaltung {{ veranstaltung }}.
 </mj-text>
 
+{{#if accessToken}}
+<mj-text
+  font-size="16px"
+  line-height="1.5"
+>
+  <span>Bitte lade im nächsten Schritt ein Bild für {{ name }} hoch:&nbsp;</span>
+  <a
+    href="https://{{ hostname }}/ausschreibung/{{ unterveranstaltungId }}/anmeldung/{{ anmeldungId }}/foto-upload?accessToken={{ accessToken }}"
+    >Hier Foto hochladen</a
+  >
+</mj-text>
+{{/if}}
+
 <mj-text
   font-size="16px"
   line-height="1.5"
@@ -33,6 +46,32 @@
   deinem Account zuzuordnen.
 </mj-text>
 
+<mj-text
+  font-size="16px"
+  line-height="1.5"
+>
+  <p>Dazu befolgt du einfach die folgenden Schritte:</p>
+
+  <ol>
+    <li>
+      Du erstellst dir einen Account auf
+      <a
+        href="https://{{ hostname }}/registrierung"
+        rel="noreferrer"
+        >{{ hostname }}</a
+      >
+    </li>
+    <li>
+      Du gibst den unten genannten <b>Zuordnungscode</b> auf der folgenden Seite ein:
+      <a
+        href="https://{{ hostname }}/my/anmeldung-zuordnen"
+        rel="noreferrer"
+        >Anmeldung per Code zuordnen</a
+      >
+    </li>
+  </ol>
+</mj-text>
+
 <mj-text
   font-size="16px"
   line-height="1.5"
diff --git a/apps/api/prisma/migrations/20250210192033_anmeldung_access_token/migration.sql b/apps/api/prisma/migrations/20250210192033_anmeldung_access_token/migration.sql
new file mode 100644
index 00000000..bc485b8c
--- /dev/null
+++ b/apps/api/prisma/migrations/20250210192033_anmeldung_access_token/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Anmeldung" ADD COLUMN     "accessToken" UUID;
diff --git a/apps/api/prisma/schema/Anmeldung.prisma b/apps/api/prisma/schema/Anmeldung.prisma
index ba804334..8cf54640 100644
--- a/apps/api/prisma/schema/Anmeldung.prisma
+++ b/apps/api/prisma/schema/Anmeldung.prisma
@@ -10,6 +10,7 @@ model Anmeldung {
   createdAt      DateTime        @default(now())
   status         AnmeldungStatus @default(OFFEN)
   comment        String?
+  accessToken    String?         @db.Uuid
   assignmentCode String?         @db.Uuid
 
   unterveranstaltungId Int
diff --git a/apps/api/prisma/seeders/index.ts b/apps/api/prisma/seeders/index.ts
index e38c1a75..4d82b3a4 100644
--- a/apps/api/prisma/seeders/index.ts
+++ b/apps/api/prisma/seeders/index.ts
@@ -13,7 +13,7 @@ export type Seeder = (prisma: PrismaClient) => Promise<void>
 
 const seeders: Seeder[] = (() => {
   // in produktion nur Gliederungen importieren
-  if (isProduction()) {
+  if (isProduction() || process.env.DISABLE_SEEDER === '1') {
     return [importGliederungen]
   }
 
diff --git a/apps/api/src/server.ts b/apps/api/src/server.ts
index f03ba503..99014228 100644
--- a/apps/api/src/server.ts
+++ b/apps/api/src/server.ts
@@ -26,7 +26,6 @@ app.use(
         'img-src': ["'self'", '*.githubusercontent.com', 'data:', 'dlrgbrahmseedigitalprod.blob.core.windows.net'],
         'connect-src': ["'self'", 'dlrgbrahmseedigitalprod.blob.core.windows.net'],
       },
-      reportOnly: true,
     },
   })
 )
diff --git a/apps/api/src/services/anmeldung/anmeldung.router.ts b/apps/api/src/services/anmeldung/anmeldung.router.ts
index 72465e36..f68c80d1 100644
--- a/apps/api/src/services/anmeldung/anmeldung.router.ts
+++ b/apps/api/src/services/anmeldung/anmeldung.router.ts
@@ -1,5 +1,7 @@
 // Prettier ignored is because this file is generated
 import { mergeRouters } from '../../trpc.js'
+import { anmeldungAccessTokenValidateProcedure } from './anmeldungAccessTokenValidate.js'
+import { anmeldungFotoUploadProcedure } from './anmeldungFotoUpload.js'
 
 import { anmeldungGetProcedure } from './anmeldungGet.js'
 import { anmeldungGliederungPatchProcedure } from './anmeldungGliederungPatch.js'
@@ -26,6 +28,8 @@ export const anmeldungRouter = mergeRouters(
   anmeldungCountProcedure.router,
   anmeldungListProcedure.router,
   anmeldungGetProcedure.router,
-  anmeldungZuordnenProcedure.router
+  anmeldungZuordnenProcedure.router,
+  anmeldungAccessTokenValidateProcedure.router,
+  anmeldungFotoUploadProcedure.router
   // Add Routes here - do not delete this line
 )
diff --git a/apps/api/src/services/anmeldung/anmeldungAccessTokenValidate.ts b/apps/api/src/services/anmeldung/anmeldungAccessTokenValidate.ts
new file mode 100644
index 00000000..a906cd4b
--- /dev/null
+++ b/apps/api/src/services/anmeldung/anmeldungAccessTokenValidate.ts
@@ -0,0 +1,44 @@
+import z from 'zod'
+
+import prisma from '../../prisma.js'
+import { definePublicQueryProcedure } from '../../types/defineProcedure.js'
+
+export const anmeldungAccessTokenValidateProcedure = definePublicQueryProcedure({
+  key: 'accessTokenValidate',
+  inputSchema: z.strictObject({
+    unterveranstaltungId: z.number().int(),
+    anmeldungId: z.number().int(),
+    accessToken: z.string().uuid(),
+  }),
+  handler: ({ input: { unterveranstaltungId, anmeldungId, accessToken } }) =>
+    prisma.anmeldung.findFirst({
+      where: {
+        unterveranstaltungId,
+        id: anmeldungId,
+        accessToken,
+      },
+      select: {
+        person: {
+          select: {
+            id: true,
+            firstname: true,
+            lastname: true,
+          },
+        },
+        unterveranstaltung: {
+          select: {
+            veranstaltung: {
+              select: {
+                name: true,
+              },
+            },
+            gliederung: {
+              select: {
+                name: true,
+              },
+            },
+          },
+        },
+      },
+    }),
+})
diff --git a/apps/api/src/services/anmeldung/anmeldungFotoUpload.ts b/apps/api/src/services/anmeldung/anmeldungFotoUpload.ts
new file mode 100644
index 00000000..240d3a61
--- /dev/null
+++ b/apps/api/src/services/anmeldung/anmeldungFotoUpload.ts
@@ -0,0 +1,32 @@
+import z from 'zod'
+
+import prisma from '../../prisma.js'
+
+import { definePublicMutateProcedure } from '../../types/defineProcedure.js'
+
+export const anmeldungFotoUploadProcedure = definePublicMutateProcedure({
+  key: 'anmeldungFotoUpload',
+  inputSchema: z.strictObject({
+    unterveranstaltungId: z.number().int(),
+    anmeldungId: z.number().int(),
+    accessToken: z.string().uuid(),
+    fileId: z.string(),
+  }),
+  handler: async ({ input: { unterveranstaltungId, anmeldungId, accessToken, fileId } }) => {
+    await prisma.anmeldung.update({
+      where: {
+        unterveranstaltungId,
+        id: anmeldungId,
+        accessToken,
+      },
+      data: {
+        accessToken: null,
+        person: {
+          update: {
+            photoId: fileId,
+          },
+        },
+      },
+    })
+  },
+})
diff --git a/apps/api/src/services/anmeldung/anmeldungPublicCreate.ts b/apps/api/src/services/anmeldung/anmeldungPublicCreate.ts
index 43d8a76a..8ec020ed 100644
--- a/apps/api/src/services/anmeldung/anmeldungPublicCreate.ts
+++ b/apps/api/src/services/anmeldung/anmeldungPublicCreate.ts
@@ -71,6 +71,7 @@ export async function handle({ ctx, input, isPublic }: HandleProps) {
     },
   })
 
+  const accessToken = randomUUID()
   const assignmentCode = ctx.authenticated ? null : randomUUID()
   const anmeldung = await prisma.anmeldung.create({
     data: {
@@ -90,6 +91,7 @@ export async function handle({ ctx, input, isPublic }: HandleProps) {
       customFieldValues: {
         createMany: customFieldValuesCreateMany(input.customFieldValues),
       },
+      accessToken,
       assignmentCode,
     },
   })
@@ -119,7 +121,10 @@ export async function handle({ ctx, input, isPublic }: HandleProps) {
       gliederung: unterveranstaltung.gliederung.name,
       veranstaltung: unterveranstaltung.veranstaltung.name,
       hostname: unterveranstaltung.veranstaltung.hostname!.hostname,
+      unterveranstaltungId: unterveranstaltung.id,
+      anmeldungId: anmeldung.id,
       assignmentCode,
+      accessToken,
     },
   })
 }
diff --git a/apps/api/src/services/file/anmeldungPublicFotoUpload.ts b/apps/api/src/services/file/anmeldungPublicFotoUpload.ts
new file mode 100644
index 00000000..e2c385eb
--- /dev/null
+++ b/apps/api/src/services/file/anmeldungPublicFotoUpload.ts
@@ -0,0 +1,31 @@
+import { z } from 'zod'
+import { definePublicMutateProcedure } from '../../types/defineProcedure.js'
+import { fileCreateSchema, handleFileUpload } from './fileCreate.js'
+import client from '../../prisma.js'
+import { TRPCError } from '@trpc/server'
+
+export const anmeldungPublicFotoUploadProcedure = definePublicMutateProcedure({
+  key: 'anmeldungPublicFotoUpload',
+  inputSchema: fileCreateSchema.extend({
+    unterveranstaltungId: z.number().int(),
+    anmeldungId: z.number().int(),
+    accessToken: z.string().uuid(),
+  }),
+  handler: async ({ input: { unterveranstaltungId, anmeldungId, accessToken, mimetype } }) => {
+    const anmeldung = await client.anmeldung.findFirst({
+      where: {
+        unterveranstaltungId,
+        id: anmeldungId,
+        accessToken,
+      },
+    })
+
+    if (anmeldung === null) {
+      throw new TRPCError({
+        code: 'UNAUTHORIZED',
+      })
+    }
+
+    return await handleFileUpload({ mimetype })
+  },
+})
diff --git a/apps/api/src/services/file/file.router.ts b/apps/api/src/services/file/file.router.ts
index dd53cb58..b91e3d63 100644
--- a/apps/api/src/services/file/file.router.ts
+++ b/apps/api/src/services/file/file.router.ts
@@ -1,5 +1,6 @@
 // Prettier ignored is because this file is generated
 import { mergeRouters } from '../../trpc.js'
+import { anmeldungPublicFotoUploadProcedure } from './anmeldungPublicFotoUpload.js'
 
 import { fileCreateProcedure } from './fileCreate.js'
 import { fileGetUrlActionProcedure } from './fileGetUrl.js'
@@ -7,6 +8,7 @@ import { fileGetUrlActionProcedure } from './fileGetUrl.js'
 
 export const fileRouter = mergeRouters(
   fileCreateProcedure.router,
-  fileGetUrlActionProcedure.router
+  fileGetUrlActionProcedure.router,
+  anmeldungPublicFotoUploadProcedure.router
   // Add Routes here - do not delete this line
 )
diff --git a/apps/api/src/services/file/fileCreate.ts b/apps/api/src/services/file/fileCreate.ts
index d55ea7ad..c13ab41b 100644
--- a/apps/api/src/services/file/fileCreate.ts
+++ b/apps/api/src/services/file/fileCreate.ts
@@ -9,48 +9,52 @@ import config from '../../config.js'
 import prisma from '../../prisma.js'
 import { defineProtectedMutateProcedure } from '../../types/defineProcedure.js'
 
+export const fileCreateSchema = z.strictObject({
+  mimetype: z.string(),
+})
+
+export async function handleFileUpload(input: z.infer<typeof fileCreateSchema>) {
+  const provider = config.fileDefaultProvider
+  let key: string = randomUUID()
+  if (provider === 'AZURE') {
+    key = `${config.fileProviders.AZURE.folder}/${key}`
+  }
+
+  const file = await prisma.file.create({
+    data: {
+      provider: provider,
+      key: key,
+      mimetype: input.mimetype,
+    },
+    select: {
+      id: true,
+      provider: true,
+      uploaded: true,
+    },
+  })
+
+  let azureUploadUrl: string | null = null
+  if (file.provider === 'AZURE' && azureStorage !== null) {
+    const containerClient = azureStorage.getContainerClient(config.fileProviders.AZURE.container)
+    const blockBlobClient = containerClient.getBlockBlobClient(key)
+    const permissions = BlobSASPermissions.from({ read: true, write: true, add: true, create: true })
+    azureUploadUrl = await blockBlobClient.generateSasUrl({
+      startsOn: dayjs().subtract(5, 'minute').toDate(),
+      expiresOn: dayjs().add(20, 'minute').toDate(),
+      permissions: permissions,
+      contentType: input.mimetype,
+    })
+  }
+
+  return {
+    ...file,
+    azureUploadUrl,
+  }
+}
+
 export const fileCreateProcedure = defineProtectedMutateProcedure({
   key: 'fileCreate',
   roleIds: ['ADMIN', 'GLIEDERUNG_ADMIN'],
-  inputSchema: z.strictObject({
-    mimetype: z.string(),
-  }),
-  async handler(options) {
-    const provider = config.fileDefaultProvider
-    let key: string = randomUUID()
-    if (provider === 'AZURE') {
-      key = `${config.fileProviders.AZURE.folder}/${key}`
-    }
-
-    const file = await prisma.file.create({
-      data: {
-        provider: provider,
-        key: key,
-        mimetype: options.input.mimetype,
-      },
-      select: {
-        id: true,
-        provider: true,
-        uploaded: true,
-      },
-    })
-
-    let azureUploadUrl: string | null = null
-    if (file.provider === 'AZURE' && azureStorage !== null) {
-      const containerClient = azureStorage.getContainerClient(config.fileProviders.AZURE.container)
-      const blockBlobClient = containerClient.getBlockBlobClient(key)
-      const permissions = BlobSASPermissions.from({ read: true, write: true, add: true, create: true })
-      azureUploadUrl = await blockBlobClient.generateSasUrl({
-        startsOn: dayjs().subtract(5, 'minute').toDate(),
-        expiresOn: dayjs().add(20, 'minute').toDate(),
-        permissions: permissions,
-        contentType: options.input.mimetype,
-      })
-    }
-
-    return {
-      ...file,
-      azureUploadUrl,
-    }
-  },
+  inputSchema: fileCreateSchema,
+  handler: ({ input }) => handleFileUpload(input),
 })
diff --git a/apps/api/src/types/defineCustomFieldValues.ts b/apps/api/src/types/defineCustomFieldValues.ts
index 618a5aa7..f681b768 100644
--- a/apps/api/src/types/defineCustomFieldValues.ts
+++ b/apps/api/src/types/defineCustomFieldValues.ts
@@ -5,7 +5,7 @@ export function defineCustomFieldValues() {
   return z.array(
     z.strictObject({
       fieldId: z.number().int(),
-      value: z.union([z.string(), z.boolean(), z.undefined()]),
+      value: z.union([z.string(), z.boolean(), z.undefined(), z.number()]),
     })
   )
 }
diff --git a/apps/frontend/package.json b/apps/frontend/package.json
index 08631cdf..4ec38e0b 100644
--- a/apps/frontend/package.json
+++ b/apps/frontend/package.json
@@ -38,6 +38,7 @@
     "clsx": "^2.1.1",
     "http2-proxy": "^5.0.53",
     "intl-tel-input": "^24.4.0",
+    "primevue": "^4.2.5",
     "radix-vue": "^1.9.5",
     "remixicon": "^3.5.0",
     "simple-syntax-highlighter": "^3.1.1",
diff --git a/apps/frontend/src/components/BasicInputs/BasicInputNumber.vue b/apps/frontend/src/components/BasicInputs/BasicInputNumber.vue
index ec62901d..f7ee6e10 100644
--- a/apps/frontend/src/components/BasicInputs/BasicInputNumber.vue
+++ b/apps/frontend/src/components/BasicInputs/BasicInputNumber.vue
@@ -1,23 +1,28 @@
 <script setup lang="ts">
-import { useVModel } from '@vueuse/core'
-
 import useValidationModel from '../../composables/useValidationModel'
 
 import BasicFormGroup from './components/BasicFormGroup.vue'
 import { type BasicInputDefaultProps } from './defaultProps'
+import InputNumber from 'primevue/inputnumber'
 
 const props = withDefaults(
   defineProps<
     BasicInputDefaultProps<number> & {
-      inputClass?: string
-      disableValidation?: boolean
+      locale?: string
+      currency?: string
+      prefix?: string
+      suffix?: string
+      minFractionDigits?: number
+      maxFractionDigits?: number
+      useGrouping?: boolean
+      min?: number
+      max?: number
+      step?: number
     }
   >(),
   {
-    type: 'text',
-    autocapitalize: 'off',
-    inputClass: '',
-    disableValidation: false,
+    locale: 'de-DE',
+    useGrouping: true,
   }
 )
 const emit = defineEmits<{
@@ -25,12 +30,7 @@ const emit = defineEmits<{
   focus: []
   blur: []
 }>()
-const { model, errorMessage } = props.disableValidation
-  ? {
-      model: useVModel(props, 'modelValue', emit),
-      errorMessage: undefined,
-    }
-  : useValidationModel(props, emit)
+const { model, errorMessage } = useValidationModel(props, emit)
 </script>
 
 <template>
@@ -41,21 +41,30 @@ const { model, errorMessage } = props.disableValidation
     :required="required"
     :error-message="errorMessage"
   >
-    <div class="align-items-center flex">
-      <input
-        :id="id || name || label"
-        v-model="model"
-        :name="id || name || label"
-        type="number"
-        :placeholder="placeholder || label || name"
-        :class="[{ 'rounded-r-none': $slots.append }, inputClass]"
-        :disabled="disabled"
-        @focus="emit('focus')"
-        @blur="emit('blur')"
-      />
-      <div class="flex-shrink-0">
-        <slot name="append" />
-      </div>
+    <InputNumber
+      :id="id || name || label"
+      v-model="model"
+      :name="id || name || label"
+      :placeholder="placeholder || label || name"
+      :class="{ 'rounded-r-none': $slots.append }"
+      :disabled="disabled"
+      :locale="locale"
+      :currency="currency"
+      :prefix="prefix"
+      :suffix="suffix"
+      :min-fraction-digits="minFractionDigits"
+      :max-fraction-digits="maxFractionDigits"
+      :use-grouping="useGrouping"
+      :min="min"
+      :max="max"
+      :step="step"
+      mode="decimal"
+      input-class="input-style"
+      class="block"
+      unstyled
+    />
+    <div class="flex-shrink-0">
+      <slot name="append" />
     </div>
   </BasicFormGroup>
 </template>
diff --git a/apps/frontend/src/components/CustomFields/CustomField.vue b/apps/frontend/src/components/CustomFields/CustomField.vue
index e05189d3..d87d2b67 100644
--- a/apps/frontend/src/components/CustomFields/CustomField.vue
+++ b/apps/frontend/src/components/CustomFields/CustomField.vue
@@ -69,6 +69,7 @@ const model = computed({
     v-model="model"
     :label="field.name"
     :required="field.required"
+    :min="0"
   />
   <BasicRadio
     v-if="field.type === 'BASIC_RADIO'"
diff --git a/apps/frontend/src/components/LayoutComponents/Sidebar/Sidebar.vue b/apps/frontend/src/components/LayoutComponents/Sidebar/Sidebar.vue
index f76c4762..6d202c5d 100644
--- a/apps/frontend/src/components/LayoutComponents/Sidebar/Sidebar.vue
+++ b/apps/frontend/src/components/LayoutComponents/Sidebar/Sidebar.vue
@@ -115,20 +115,20 @@ const navigation = computed<Array<SidebarItem | DividerItem>>(() => [
   // },
   // { type: 'DividerItem', name: 'Ausschreibung', visible: hasPermissionToView(['ADMIN', 'GLIEDERUNG_ADMIN']) },
 
-  { type: 'DividerItem', name: 'Meine Daten', visible: true },
+  { type: 'DividerItem', name: 'Meine Daten', visible: hasPermissionToView(['USER']) },
   {
     type: 'SidebarItem',
     name: 'Personen',
     route: { name: 'Meine Personen' },
     icon: UsersIcon,
-    visible: true,
+    visible: hasPermissionToView(['USER']),
   },
   {
     type: 'SidebarItem',
     name: 'Anmeldungen',
     route: { name: 'Meine Anmeldungen' },
     icon: UsersIcon,
-    visible: true,
+    visible: hasPermissionToView(['USER']),
   },
 
   { type: 'DividerItem', name: 'Gliederung', visible: hasPermissionToView(['GLIEDERUNG_ADMIN']) },
diff --git a/apps/frontend/src/components/forms/person/FormPersonGeneral.vue b/apps/frontend/src/components/forms/person/FormPersonGeneral.vue
index 18285105..39b4204a 100644
--- a/apps/frontend/src/components/forms/person/FormPersonGeneral.vue
+++ b/apps/frontend/src/components/forms/person/FormPersonGeneral.vue
@@ -249,7 +249,7 @@ const submit = () => {
       <Button
         color="primary"
         class="w-full justify-center mt-5 mb-20 disabled:bg-gray-300"
-        :disabled="isPublicAnmeldung && (!acceptTeilnahmebedingungen || !acceptDatenschutz)"
+        :disabled="isLoading || (isPublicAnmeldung && (!acceptTeilnahmebedingungen || !acceptDatenschutz))"
         type="submit"
       >
         <template v-if="isLoading">
diff --git a/apps/frontend/src/components/forms/unterveranstaltung/FormUnterveranstaltungGeneral.vue b/apps/frontend/src/components/forms/unterveranstaltung/FormUnterveranstaltungGeneral.vue
index 01185bfa..798551c1 100644
--- a/apps/frontend/src/components/forms/unterveranstaltung/FormUnterveranstaltungGeneral.vue
+++ b/apps/frontend/src/components/forms/unterveranstaltung/FormUnterveranstaltungGeneral.vue
@@ -257,6 +257,11 @@ const disableddates = computed(() => {
           required
           label="Teilnahmegebühr"
           placeholder="Teilnahmegebühr"
+          :min="0"
+          :min-fraction-digits="2"
+          :max-fraction-digits="2"
+          currency="EUR"
+          suffix="€"
         />
       </div>
       <div class="lg:col-span-3">
@@ -265,6 +270,7 @@ const disableddates = computed(() => {
           required
           label="Maximale Teilnehmenden Zahl"
           placeholder="Maximale Teilnehmenden Zahl"
+          :min="0"
         />
       </div>
 
diff --git a/apps/frontend/src/components/forms/veranstaltung/FormVeranstaltungGeneral.vue b/apps/frontend/src/components/forms/veranstaltung/FormVeranstaltungGeneral.vue
index 82840dd0..840d339c 100644
--- a/apps/frontend/src/components/forms/veranstaltung/FormVeranstaltungGeneral.vue
+++ b/apps/frontend/src/components/forms/veranstaltung/FormVeranstaltungGeneral.vue
@@ -154,6 +154,7 @@ const { state: hostnames } = useAsyncState(async () => {
           required
           label="Maximale Teilnehmenden Zahl"
           placeholder="Maximale Teilnehmenden Zahl"
+          :min="0"
         />
       </div>
 
@@ -163,6 +164,11 @@ const { state: hostnames } = useAsyncState(async () => {
           required
           label="Teilnahmegebühr"
           placeholder="Teilnahmegebühr"
+          :min="0"
+          :min-fraction-digits="2"
+          :max-fraction-digits="2"
+          currency="EUR"
+          suffix="€"
         />
       </div>
 
diff --git a/apps/frontend/src/helpers/handleUpload.ts b/apps/frontend/src/helpers/handleUpload.ts
index a51a1125..b8f20125 100644
--- a/apps/frontend/src/helpers/handleUpload.ts
+++ b/apps/frontend/src/helpers/handleUpload.ts
@@ -1,6 +1,7 @@
 import { BlockBlobClient } from '@azure/storage-blob'
 
 import { apiClient } from '@/api'
+import type { RouterInput, RouterOutput } from '@codeanker/api'
 
 type uploadedFile = {
   id: string
@@ -8,6 +9,8 @@ type uploadedFile = {
 }
 type uploadedFiles = uploadedFile[]
 
+type dbFile = RouterOutput['file']['fileCreate']
+
 export function handleUpload(file: File): Promise<{ id: string; mimetype: string }>
 export function handleUpload(file: File[]): Promise<{ id: string; mimetype: string }[]>
 
@@ -19,18 +22,26 @@ export async function handleUpload(file: File | File[]): Promise<uploadedFiles |
   if (Array.isArray(file)) {
     const files: uploadedFiles = []
     for await (const element of file) {
-      const res = await uploadFile(element)
+      const dbFile = await apiClient.file.fileCreate.mutate({ mimetype: element.type })
+      const res = await uploadFile(element, dbFile)
       if (res) files.push(res)
     }
     return files
   } else {
-    return await uploadFile(file)
+    const dbFile = await apiClient.file.fileCreate.mutate({ mimetype: file.type })
+    return await uploadFile(file, dbFile)
   }
 }
 
-async function uploadFile(file: File): Promise<uploadedFile> {
-  const dbFile = await apiClient.file.fileCreate.mutate({ mimetype: file.type })
+export async function handlePublicPhotoUpload(
+  file: File,
+  payload: Omit<RouterInput['file']['anmeldungPublicFotoUpload'], 'mimetype'>
+) {
+  const dbFile = await apiClient.file.anmeldungPublicFotoUpload.mutate({ mimetype: file.type, ...payload })
+  return await uploadFile(file, dbFile)
+}
 
+async function uploadFile(file: File, dbFile: dbFile): Promise<uploadedFile> {
   const formData = new FormData()
   formData.append('file', file)
 
diff --git a/apps/frontend/src/main.ts b/apps/frontend/src/main.ts
index a7dc8fe8..12012725 100644
--- a/apps/frontend/src/main.ts
+++ b/apps/frontend/src/main.ts
@@ -3,8 +3,9 @@ import { createApp } from 'vue'
 import App from './App.vue'
 import router from './router'
 import './assets/main.scss'
+import PrimeVue from 'primevue/config'
 
-createApp(App).use(router).mount('#app')
+createApp(App).use(router).use(PrimeVue).mount('#app')
 
 // Set Document Title relate to the Hostname
 document.title = window.location.hostname
diff --git a/apps/frontend/src/views/Anmeldung/AnmeldungFormGeneral.vue b/apps/frontend/src/views/Anmeldung/AnmeldungFormGeneral.vue
index fcb64785..de618a8e 100644
--- a/apps/frontend/src/views/Anmeldung/AnmeldungFormGeneral.vue
+++ b/apps/frontend/src/views/Anmeldung/AnmeldungFormGeneral.vue
@@ -160,7 +160,6 @@ const {
         :error="errorCreate as Error"
         submit-text="Anmeldung abschicken"
         :is-public-anmeldung="props.isPublic"
-        :show-tshirt="unterveranstaltung?.veranstaltung?.hostname?.hostname !== 'landes.digital'"
         @submit="(value) => createAnmeldung(undefined, value)"
         @show-terms="showBedingungen = true"
       >
diff --git a/apps/frontend/src/views/Anmeldung/FotoUpload.vue b/apps/frontend/src/views/Anmeldung/FotoUpload.vue
new file mode 100644
index 00000000..83cddbca
--- /dev/null
+++ b/apps/frontend/src/views/Anmeldung/FotoUpload.vue
@@ -0,0 +1,114 @@
+<script setup lang="ts">
+import { useRoute } from 'vue-router'
+
+import { apiClient } from '@/api'
+import InputFileUploadArea from '@/components/BasicInputs/InputFileUploadArea.vue'
+import Loading from '@/components/UIComponents/Loading.vue'
+import { handlePublicPhotoUpload } from '@/helpers/handleUpload'
+import { injectUnterveranstaltung } from '@/layouts/AnmeldungLayout.vue'
+import { useAsyncState } from '@vueuse/core'
+import { ref, watch } from 'vue'
+
+const route = useRoute()
+
+const unterveranstaltung = injectUnterveranstaltung()
+
+const anmeldungId = route.params.anmeldungId as string
+const accessToken = route.query.accessToken as string
+
+const { state, execute, error } = useAsyncState(
+  () =>
+    apiClient.anmeldung.accessTokenValidate.query({
+      unterveranstaltungId: unterveranstaltung.value.id,
+      anmeldungId: parseInt(anmeldungId),
+      accessToken,
+    }),
+  undefined,
+  { immediate: false }
+)
+
+watch(unterveranstaltung, (unterveranstaltung) => {
+  if (unterveranstaltung) {
+    execute()
+  }
+})
+
+const uploadPending = ref(false)
+const uploadSuccess = ref(false)
+async function upload(toUploadFile: File) {
+  uploadPending.value = true
+  try {
+    const res = await handlePublicPhotoUpload(toUploadFile, {
+      unterveranstaltungId: unterveranstaltung.value.id,
+      anmeldungId: parseInt(anmeldungId),
+      accessToken,
+    })
+    console.log(res)
+    await apiClient.anmeldung.anmeldungFotoUpload.mutate({
+      unterveranstaltungId: unterveranstaltung.value.id,
+      anmeldungId: parseInt(anmeldungId),
+      accessToken,
+      fileId: res.id,
+    })
+    uploadSuccess.value = true
+  } catch (error) {
+    console.error(error)
+  }
+  uploadPending.value = false
+}
+</script>
+
+<template>
+  <div class="container mx-auto grow">
+    <p class="text-lg font-bold">Fotoupload</p>
+
+    <template v-if="error">
+      <p class="text-lg font-medium">Ein Fehler ist aufgetreten</p>
+      <p class="text-red-600 font-medium">
+        {{ error }}
+      </p>
+    </template>
+    <template v-else-if="uploadSuccess">
+      <p>Das Bild wurde hochgeladen!</p>
+    </template>
+    <template v-else-if="state === undefined">
+      <p>Lade Daten …</p>
+      <Loading />
+    </template>
+    <template v-else-if="state === null">
+      Die angegeben Daten konnten nicht verifiziert werden. Wahrscheinlich ist der Zugangstoken falsch!
+    </template>
+    <template v-else>
+      <p>
+        Vielen Dank für die Anmeldung von <u>{{ state.person.firstname }} {{ state.person.lastname }}</u> zur
+        Veranstaltung <u>{{ state.unterveranstaltung.veranstaltung.name }}</u>
+      </p>
+
+      <div class="mb-6 flex justify-between">
+        <button
+          type="button"
+          class="btn btn-link -mr-3 -mt-1 px-3 py-1"
+        >
+          <i class="fas fa-times" />
+        </button>
+      </div>
+      <div class="flex w-full justify-center">
+        <div
+          v-if="uploadPending"
+          class="flex flex-col text-justify-center items-center"
+        >
+          <Loading size="md" />
+          <span>dein Bild wird hochgeladen</span>
+        </div>
+        <InputFileUploadArea
+          v-else
+          accept="image/*"
+          :multiple="false"
+          upload-text="Bild hier hin ziehen oder klicken."
+          class="w-full"
+          @uploaded="upload"
+        />
+      </div>
+    </template>
+  </div>
+</template>
diff --git a/apps/frontend/src/views/Anmeldung/routes.ts b/apps/frontend/src/views/Anmeldung/routes.ts
index 637ea607..97f68068 100644
--- a/apps/frontend/src/views/Anmeldung/routes.ts
+++ b/apps/frontend/src/views/Anmeldung/routes.ts
@@ -26,7 +26,17 @@ const routesAusschreibungen: Route[] = [
       {
         name: 'Public Anmeldung Result',
         path: 'anmeldung/result',
-        component: () => import('../Anmeldung/PublicAnmeldungResultView.vue'),
+        component: () => import('./PublicAnmeldungResultView.vue'),
+        meta: {
+          public: true,
+          hidePublicHeaderBgOnMobile: true,
+          useFullheight: true,
+        },
+      },
+      {
+        name: 'Public Anmeldung Fotoupload',
+        path: 'anmeldung/:anmeldungId/foto-upload',
+        component: () => import('./FotoUpload.vue'),
         meta: {
           public: true,
           hidePublicHeaderBgOnMobile: true,
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index ecdd0db6..ad8f165c 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -337,6 +337,9 @@ importers:
       intl-tel-input:
         specifier: ^24.4.0
         version: 24.8.2
+      primevue:
+        specifier: ^4.2.5
+        version: 4.2.5(vue@3.5.13(typescript@5.7.2))
       radix-vue:
         specifier: ^1.9.5
         version: 1.9.13(vue@3.5.13(typescript@5.7.2))
@@ -1684,6 +1687,24 @@ packages:
   '@popperjs/core@2.11.8':
     resolution: {integrity: sha512-P1st0aksCrn9sGZhp8GMYwBnQsbvAWsZAX44oXNNvLHGqAOcoVxmjZiohstwQ7SqKnbR47akdNi+uleWD8+g6A==}
 
+  '@primeuix/styled@0.3.2':
+    resolution: {integrity: sha512-ColZes0+/WKqH4ob2x8DyNYf1NENpe5ZguOvx5yCLxaP8EIMVhLjWLO/3umJiDnQU4XXMLkn2mMHHw+fhTX/mw==}
+    engines: {node: '>=12.11.0'}
+
+  '@primeuix/utils@0.3.2':
+    resolution: {integrity: sha512-B+nphqTQeq+i6JuICLdVWnDMjONome2sNz0xI65qIOyeB4EF12CoKRiCsxuZ5uKAkHi/0d1LqlQ9mIWRSdkavw==}
+    engines: {node: '>=12.11.0'}
+
+  '@primevue/core@4.2.5':
+    resolution: {integrity: sha512-+oWBIQs5dLd2Ini4KEVOlvPILk989EHAskiFS3R/dz3jeOllJDMZFcSp8V9ddV0R3yDaPdLVkfHm2Q5t42kU2Q==}
+    engines: {node: '>=12.11.0'}
+    peerDependencies:
+      vue: ^3.3.0
+
+  '@primevue/icons@4.2.5':
+    resolution: {integrity: sha512-WFbUMZhQkXf/KmwcytkjGVeJ9aGEDXjP3uweOjQZMmRdEIxFnqYYpd90wE90JE1teZn3+TVnT4ZT7ejGyEXnFQ==}
+    engines: {node: '>=12.11.0'}
+
   '@prisma/client@5.22.0':
     resolution: {integrity: sha512-M0SVXfyHnQREBKxCgyo7sffrKttwE6R8PMq330MIUF0pTwjUhLbW84pFDlf06B27XyCR++VtjugEnIHdr07SVA==}
     engines: {node: '>=16.13'}
@@ -4078,6 +4099,10 @@ packages:
     resolution: {integrity: sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==}
     engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0}
 
+  primevue@4.2.5:
+    resolution: {integrity: sha512-7UMOIJvdFz4jQyhC76yhNdSlHtXvVpmE2JSo2ndUTBWjWJOkYyT562rQ4ayO+bMdJLtzBGqgY64I9ZfEvNd7vQ==}
+    engines: {node: '>=12.11.0'}
+
   prisma@5.22.0:
     resolution: {integrity: sha512-vtpjW3XuYCSnMsNVBjLMNkTj6OZbudcPPTPYHqX0CJfpcdWciI1dM8uHETwmDxxiqEwCIE6WvXucWUetJgfu/A==}
     engines: {node: '>=16.13'}
@@ -5892,6 +5917,25 @@ snapshots:
 
   '@popperjs/core@2.11.8': {}
 
+  '@primeuix/styled@0.3.2':
+    dependencies:
+      '@primeuix/utils': 0.3.2
+
+  '@primeuix/utils@0.3.2': {}
+
+  '@primevue/core@4.2.5(vue@3.5.13(typescript@5.7.2))':
+    dependencies:
+      '@primeuix/styled': 0.3.2
+      '@primeuix/utils': 0.3.2
+      vue: 3.5.13(typescript@5.7.2)
+
+  '@primevue/icons@4.2.5(vue@3.5.13(typescript@5.7.2))':
+    dependencies:
+      '@primeuix/utils': 0.3.2
+      '@primevue/core': 4.2.5(vue@3.5.13(typescript@5.7.2))
+    transitivePeerDependencies:
+      - vue
+
   '@prisma/client@5.22.0(prisma@5.22.0)':
     optionalDependencies:
       prisma: 5.22.0
@@ -8746,6 +8790,15 @@ snapshots:
       ansi-styles: 5.2.0
       react-is: 18.3.1
 
+  primevue@4.2.5(vue@3.5.13(typescript@5.7.2)):
+    dependencies:
+      '@primeuix/styled': 0.3.2
+      '@primeuix/utils': 0.3.2
+      '@primevue/core': 4.2.5(vue@3.5.13(typescript@5.7.2))
+      '@primevue/icons': 4.2.5(vue@3.5.13(typescript@5.7.2))
+    transitivePeerDependencies:
+      - vue
+
   prisma@5.22.0:
     dependencies:
       '@prisma/engines': 5.22.0