From ac83bb750bbe3359904f8d3b0e90788c0064c304 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Mon, 23 Jan 2017 16:05:22 +0100
Subject: [PATCH 1/3] fix status for enums, fix pages

---
 website/views/adminpanel.php | 64 ++++++++++++++++++------------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index e53d679..834f54f 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -85,37 +85,37 @@ $listm = $currentpage * $perpage;
                 <div class="admin-filter" id="admin-filter">
                     <h2>Show:</h2>
 
-                    <input type="checkbox" name="status[]" id="normal" value="1"
-                           <?php if (in_array("1", $status)) echo "checked";?>>
+                    <input type="checkbox" name="status[]" id="normal" value="user"
+                           <?php if (in_array("user", $status)) echo "checked";?>>
                     <label for="normal">Normal</label><br>
-                    <input type="checkbox" name="status[]" id="frozen" value="2"
-                           <?php if (in_array("2", $status)) echo "checked";?>>
+                    <input type="checkbox" name="status[]" id="frozen" value="frozen"
+                           <?php if (in_array("frozen", $status)) echo "checked";?>>
                     <label for="frozen">Frozen</label><br>
-                    <input type="checkbox" name="status[]" id="banned" value="3"
-                           <?php if (in_array("3", $status)) echo "checked";?>>
+                    <input type="checkbox" name="status[]" id="banned" value="banned"
+                           <?php if (in_array("banned", $status)) echo "checked";?>>
                     <label for="banned">Banned</label><br>
-                    <input type="checkbox" name="status[]" id="admin" value="5"
-                           <?php if (in_array("5", $status)) echo "checked";?>>
+                    <input type="checkbox" name="status[]" id="admin" value="admin"
+                           <?php if (in_array("admin", $status)) echo "checked";?>>
                     <label for="admin">Admin</label><br>
-                    <input type="checkbox" name="status[]" id="unvalidated" value="0"
-                           <?php if (in_array("0", $status)) echo "checked";?>>
+                    <input type="checkbox" name="status[]" id="unvalidated" value="unconfirmed"
+                           <?php if (in_array("unconfirmed", $status)) echo "checked";?>>
                     <label for="unvalidated">Unvalidated</label><br>
-                    <input type="checkbox" name="status[]" id="owner" value="42"
-                           <?php if (in_array("42", $status)) echo "checked";?>>
+                    <input type="checkbox" name="status[]" id="owner" value="owner"
+                           <?php if (in_array("owner", $status)) echo "checked";?>>
                     <label for="owner">Owner</label>
                 </div>
 
                 <div class="admin-groupfilter" id="admin-groupfilter">
                     <h2>Show:</h2>
 
-                    <input type="checkbox" name="groupstatus[]" id="hidden" value="0"
-                           <?php if (in_array("0", $groupstatus)) echo "checked";?>>
+                    <input type="checkbox" name="groupstatus[]" id="hidden" value="hidden"
+                           <?php if (in_array("hidden", $groupstatus)) echo "checked";?>>
                     <label for="hidden">Hidden</label><br>
-                    <input type="checkbox" name="groupstatus[]" id="public" value="1"
-                           <?php if (in_array("1", $groupstatus)) echo "checked";?>>
+                    <input type="checkbox" name="groupstatus[]" id="public" value="public"
+                           <?php if (in_array("public", $groupstatus)) echo "checked";?>>
                     <label for="public">Public</label><br>
-                    <input type="checkbox" name="groupstatus[]" id="membersonly" value="2"
-                           <?php if (in_array("2", $groupstatus)) echo "checked";?>>
+                    <input type="checkbox" name="groupstatus[]" id="membersonly" value="membersonly"
+                           <?php if (in_array("membersonly", $groupstatus)) echo "checked";?>>
                     <label for="membersonly">Members-only</label><br>
                 </div>
 
@@ -138,11 +138,11 @@ $listm = $currentpage * $perpage;
                           id="admin-batchform"
                           action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
                           method="post">
-                        <input type="radio" name="batchactions" id="freeze" value="2">
+                        <input type="radio" name="batchactions" id="freeze" value="frozen">
                         <label for="freeze">Freeze</label><br>
-                        <input type="radio" name="batchactions" id="ban" value="3">
+                        <input type="radio" name="batchactions" id="ban" value="banned">
                         <label for="ban">Ban</label><br>
-                        <input type="radio" name="batchactions" id="restore" value="1">
+                        <input type="radio" name="batchactions" id="restore" value="user">
                         <label for="restore">Restore</label><br><br>
                         <input type="submit" value="Confirm">
                     </form>
@@ -154,11 +154,11 @@ $listm = $currentpage * $perpage;
                           id="admin-groupbatchform"
                           action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
                           method="post">
-                        <input type="radio" name="groupbatchactions" id="hide" value="0">
+                        <input type="radio" name="groupbatchactions" id="hide" value="hidden">
                         <label for="hide">Hide</label><br>
-                        <input type="radio" name="groupbatchactions" id="public" value="1">
+                        <input type="radio" name="groupbatchactions" id="public" value="public">
                         <label for="public">Public</label><br>
-                        <input type="radio" name="groupbatchactions" id="membersonly" value="2">
+                        <input type="radio" name="groupbatchactions" id="membersonly" value="membersonly">
                         <label for="membersonly">Member</label><br><br>
                         <input type="submit" value="Confirm">
                     </form>
@@ -225,7 +225,7 @@ $listm = $currentpage * $perpage;
                     $listm = $currentpage * $perpage;
 
                     if ($pagetype == 'user') {
-                        $q = searchSomeUsersByStatus($listn, $listm, $search, $status);
+                        $q = searchSomeUsersByStatus($listn, $perpage, $search, $status);
 
                         while($user = $q->fetch(PDO::FETCH_ASSOC)) {
                             $userID = $user['userID'];
@@ -252,9 +252,9 @@ $listm = $currentpage * $perpage;
                             action='$thispage'
                             method='post'>
                             <select class='action' name='actions'>
-                            <option value='2'>Freeze</option>
-                            <option value='3'>Ban</option>
-                            <option value='1'>Restore</option>
+                            <option value='frozen'>Freeze</option>
+                            <option value='banned'>Ban</option>
+                            <option value='user'>Restore</option>
                             </select>
                             <input type='hidden' name='userID' value='$userID'>
                             <input type='submit' value='Confirm'>
@@ -264,7 +264,7 @@ $listm = $currentpage * $perpage;
                             ");
                         }
                     } else {
-                        $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
+                        $q = searchSomeGroupsByStatus($listn, $perpage, $search, $groupstatus);
 
                         while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
                             $groupID = $group['groupID'];
@@ -291,9 +291,9 @@ $listm = $currentpage * $perpage;
                             action='$thispage'
                             method='post'>
                             <select class='action' name='actions'>
-                            <option value='0'>Hide</option>
-                            <option value='1'>Public</option>
-                            <option value='2'>Members</option>
+                            <option value='hidden'>Hide</option>
+                            <option value='public'>Public</option>
+                            <option value='membersonly'>Members</option>
                             </select>
                             <input type='hidden' name='groupID' value='$groupID'>
                             <input type='submit' value='Confirm'>

From 1a53d01747efff5f90c995f91e2b226ffea7fe23 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Thu, 26 Jan 2017 13:29:56 +0100
Subject: [PATCH 2/3] add authentication

---
 website/public/admin.php     |  8 ++++++++
 website/queries/user.php     | 15 +++++++++++++++
 website/views/adminpanel.php |  1 +
 3 files changed, 24 insertions(+)

diff --git a/website/public/admin.php b/website/public/admin.php
index 5faa096..fcd386a 100644
--- a/website/public/admin.php
+++ b/website/public/admin.php
@@ -12,6 +12,14 @@
  * This view adds the main layout over the screen.
  * Header and menu.
  */
+include_once ("../queries/user.php");
+
+$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+
+if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') {
+    header("location:profile.php");
+}
+
 include("../views/main.php");
 
 /* Add your view files here. */
diff --git a/website/queries/user.php b/website/queries/user.php
index be06197..104d526 100644
--- a/website/queries/user.php
+++ b/website/queries/user.php
@@ -370,3 +370,18 @@ function countSomeUsers($search) {
         $q->execute();
         return $q;
 }
+
+function getRoleByID($userID) {
+    $stmt = $GLOBALS['db']->prepare("
+        SELECT
+            `role`
+        FROM
+            `user`
+        WHERE
+            `userID` = :userID
+    ");
+
+    $stmt->bindParam(':userID', $userID);
+    $stmt->execute();
+    return $stmt;
+}
\ No newline at end of file
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index 86fbb36..fd10d15 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -2,6 +2,7 @@
 <?php
 require_once ("../queries/user.php");
 require_once ("../queries/group_page.php");
+
 ?>
 <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php

From b12eaced4a1cbe23585cc429e43b244821e15110 Mon Sep 17 00:00:00 2001
From: Hendrik <hendrik.huang@student.uva.nl>
Date: Fri, 27 Jan 2017 16:14:54 +0100
Subject: [PATCH 3/3] improve adminpanel w/ ajax, enum fixes, misc fixes

---
 website/public/API/adminChangeUser.php  |  20 +++
 website/public/API/adminPageNumber.php  |  28 ++++
 website/public/API/adminSearchUsers.php |  44 +++++
 website/public/admin.php                |   7 +-
 website/public/js/admin.js              |  43 ++++-
 website/queries/group_page.php          |   9 +-
 website/views/adminpanel-grouptable.php |  48 ++++++
 website/views/adminpanel-page.php       |  31 ++++
 website/views/adminpanel-table.php      |  47 ++++++
 website/views/adminpanel.php            | 210 ++++--------------------
 10 files changed, 302 insertions(+), 185 deletions(-)
 create mode 100644 website/public/API/adminChangeUser.php
 create mode 100644 website/public/API/adminPageNumber.php
 create mode 100644 website/public/API/adminSearchUsers.php
 create mode 100644 website/views/adminpanel-grouptable.php
 create mode 100644 website/views/adminpanel-page.php
 create mode 100644 website/views/adminpanel-table.php

diff --git a/website/public/API/adminChangeUser.php b/website/public/API/adminChangeUser.php
new file mode 100644
index 0000000..067a7ba
--- /dev/null
+++ b/website/public/API/adminChangeUser.php
@@ -0,0 +1,20 @@
+<?php
+session_start();
+
+require_once ("../../queries/connect.php");
+require_once ("../../queries/checkInput.php");
+require_once ("../../queries/user.php");
+require_once ("../../queries/group_page.php");
+
+if (isset($_POST["actions"]) && isset($_POST["userID"])) {
+    changeUserStatusByID($_POST["userID"], $_POST["actions"]);
+} else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
+    changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
+} else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
+    changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
+} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
+    changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
+}
+
+//header("location: ../admin.php");
+print_r($_POST);
\ No newline at end of file
diff --git a/website/public/API/adminPageNumber.php b/website/public/API/adminPageNumber.php
new file mode 100644
index 0000000..a6ac554
--- /dev/null
+++ b/website/public/API/adminPageNumber.php
@@ -0,0 +1,28 @@
+<?php
+
+session_start();
+
+require_once ("../../queries/connect.php");
+require_once ("../../queries/checkInput.php");
+require_once ("../../queries/user.php");
+
+$search = "";
+if (isset($_POST["search"])) {
+    $search = test_input($_POST["search"]);
+}
+
+$pagetype = "user";
+if (isset($_POST['pagetype'])) {
+    $pagetype = test_input($_POST['pagetype']);
+}
+
+$status = array();
+if (isset($_POST['status'])) {
+    $status = $_POST["status"];
+}
+
+if ($pagetype == "user") {
+    include ("../../views/adminpanel-page.php");
+} else {
+    echo "Pagenumber failed!";
+}
diff --git a/website/public/API/adminSearchUsers.php b/website/public/API/adminSearchUsers.php
new file mode 100644
index 0000000..c809db7
--- /dev/null
+++ b/website/public/API/adminSearchUsers.php
@@ -0,0 +1,44 @@
+<?php
+
+session_start();
+
+require_once ("../../queries/connect.php");
+require_once ("../../queries/checkInput.php");
+require_once ("../../queries/user.php");
+require_once ("../../queries/group_page.php");
+
+$offset = 0;
+if (isset($_POST["n"])) {
+    $offset = (int) test_input($_POST["n"]);
+}
+$entries = 20;
+if (isset($_POST["m"])) {
+    $entries = (int) test_input($_POST["m"]);
+}
+$search = "";
+if (isset($_POST["search"])) {
+    $search = test_input($_POST["search"]);
+}
+
+$pagetype = "user";
+if (isset($_POST['pagetype'])) {
+    $pagetype = test_input($_POST['pagetype']);
+}
+
+$status = array();
+if (isset($_POST['status'])) {
+    $status = $_POST["status"];
+}
+
+$groupstatus = array();
+if (isset($_POST['groupstatus'])) {
+    $groupstatus = $_POST["groupstatus"];
+}
+
+if ($pagetype == "user") {
+    include ("../../views/adminpanel-table.php");
+} else if ($pagetype == "group") {
+    include ("../../views/adminpanel-grouptable.php");
+} else {
+    echo "Search failed!";
+}
diff --git a/website/public/admin.php b/website/public/admin.php
index fcd386a..2785606 100644
--- a/website/public/admin.php
+++ b/website/public/admin.php
@@ -1,10 +1,14 @@
 <!DOCTYPE html>
 <html>
 <head>
-    <?php include("../views/head.php"); ?>
+    <?php
+    require_once ("../queries/user.php");
+    require_once ("../queries/group_page.php");
+    require_once ("../views/head.php"); ?>
     <style>
         @import url("styles/adminpanel.css");
     </style>
+    <script src="js/admin.js" charset="utf-8"></script>
 </head>
 <body>
 <?php
@@ -14,6 +18,7 @@
  */
 include_once ("../queries/user.php");
 
+// auth
 $userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
 
 if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') {
diff --git a/website/public/js/admin.js b/website/public/js/admin.js
index e3dfdd7..140c99a 100644
--- a/website/public/js/admin.js
+++ b/website/public/js/admin.js
@@ -1,6 +1,18 @@
-window.onload = function() {
+$(window).on("load", function () {
     changeFilter();
-};
+    $(".admin-searchinput").keyup(function(){
+        adminSearch();
+    });
+    // all inputs and labels directly under admin filter and groupfilter
+    $("#admin-filter, #admin-groupfilter > input, label").click(function(){
+        adminSearch();
+    });
+    $("#pagetype").change(function(){
+        adminSearch();
+    });
+
+    adminSearch();
+});
 
 function checkAll(allbox) {
     var checkboxes = document.getElementsByClassName('checkbox-list');
@@ -32,13 +44,32 @@ function changeFilter() {
         document.getElementById('admin-filter').style.display = 'none';
         document.getElementById('admin-groupfilter').style.display = 'inline-block';
 
-        document.getElementById('admin-batchactions').style.display = 'none';
-        document.getElementById('admin-groupbatchactions').style.display = 'inline-block';
+        document.getElementById('admin-batchform').style.display = 'none';
+        document.getElementById('admin-groupbatchform').style.display = 'inline-block';
     } else {
         document.getElementById('admin-filter').style.display = 'inline-block';
         document.getElementById('admin-groupfilter').style.display = 'none';
 
-        document.getElementById('admin-batchactions').style.display = 'inline-block';
-        document.getElementById('admin-groupbatchactions').style.display = 'none';
+        document.getElementById('admin-batchform').style.display = 'inline-block';
+        document.getElementById('admin-groupbatchform').style.display = 'none';
     }
 }
+
+function adminSearch() {
+    $.post(
+        "API/adminSearchUsers.php",
+        $("#admin-searchform").serialize()
+    ).done(function (data) {
+        console.log(data);
+        $("#usertable").html(data);
+    })
+}
+
+function updatePageN() {
+    $.post(
+        "API/adminPageNumber.php",
+        $("#admin-searchform").serialize()
+    ).done(function (data) {
+        $("#admin-pageinfo").html(data);
+    })
+}
\ No newline at end of file
diff --git a/website/queries/group_page.php b/website/queries/group_page.php
index f3de045..cdef6ae 100644
--- a/website/queries/group_page.php
+++ b/website/queries/group_page.php
@@ -143,15 +143,18 @@ function countSomeGroupsByStatus($keyword, $status) {
 }
 
 function changeGroupStatusByID($id, $status) {
-    $q = $GLOBALS["db"]->query("
+    $q = $GLOBALS["db"]->prepare("
     UPDATE
         `group_page`
     SET
-        `status` = $status
+        `status` = :status
     WHERE
-        `groupID` = $id
+        `groupID` = :id
     ");
 
+    $q->bindParam(':status', $status);
+    $q->bindParam(':id', $id);
+    $q->execute();
     return $q;
 }
 
diff --git a/website/views/adminpanel-grouptable.php b/website/views/adminpanel-grouptable.php
new file mode 100644
index 0000000..4999666
--- /dev/null
+++ b/website/views/adminpanel-grouptable.php
@@ -0,0 +1,48 @@
+<tr>
+    <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
+    <th class="table-username">Gebruikersnaam</th>
+    <th class="table-status">Status</th>
+    <th class="table-comment">Aantekening</th>
+    <th class="table-action">Actie</th>
+</tr>
+
+<?php
+print_r($_POST);
+
+$q = searchSomeGroupsByStatus($offset, $entries, $search, $groupstatus);
+
+while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
+    $groupID = $group['groupID'];
+    $name = $group['name'];
+    $role = $group['status'];
+    $description = $group['description'];
+    $function = "checkCheckAll(document.getElementById('checkall'))";
+
+    echo("
+        <tr>
+            <td><input type='checkbox'
+                       name='checkbox-group[]'
+                       class='checkbox-list'
+                       value='$groupID'
+                       form='admin-groupbatchform'
+                       onchange='$function'>
+            </td>
+            <td>$name</td>
+            <td>$role</td>
+            <td>$description</td>
+            <td>
+                <form class='admin-groupaction'
+                      action='API/adminChangeUser.php'
+                      method='post'>
+                    <select class='action' name='actions'>
+                        <option value='hidden'>Hidden</option>
+                        <option value='public'>Public</option>
+                        <option value='membersonly'>Members</option>
+                    </select>
+                    <input type='hidden' name='groupID' value='$groupID'>
+                    <input type='submit' value='Confirm'>
+                </form>
+            </td>
+        </tr>
+    ");
+}
\ No newline at end of file
diff --git a/website/views/adminpanel-page.php b/website/views/adminpanel-page.php
new file mode 100644
index 0000000..a17ce50
--- /dev/null
+++ b/website/views/adminpanel-page.php
@@ -0,0 +1,31 @@
+<?php
+if ($pagetype == "user") {
+    $pages = countSomeUsersByStatus($search, $status);
+} else {
+    $pages = countSomeGroupsByStatus($search, $groupstatus);
+}
+$countresults = $pages->fetchColumn();
+$mincount = min($listm, $countresults);
+$minlist = min($listn + 1, $countresults);
+?>
+    Pagina: <form class="admin-pageselector"
+                  action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+                  method="post">
+    <select class="admin-pageselect"
+            name="pageselect"
+            onchange="this.form.submit()"
+            value="">
+        <?php
+        for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
+            if ($currentpage == $i) {
+                echo "<option value='$i' selected>$i</option>";
+            } else {
+                echo "<option value='$i'>$i</option>";
+            }
+        }
+        ?>
+    </select>
+</form>
+<?php
+echo "$minlist tot $mincount ($countresults totaal)";
+?>
\ No newline at end of file
diff --git a/website/views/adminpanel-table.php b/website/views/adminpanel-table.php
new file mode 100644
index 0000000..a21c9d6
--- /dev/null
+++ b/website/views/adminpanel-table.php
@@ -0,0 +1,47 @@
+<tr>
+    <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
+    <th class="table-username">Gebruikersnaam</th>
+    <th class="table-status">Status</th>
+    <th class="table-comment">Aantekening</th>
+    <th class="table-action">Actie</th>
+</tr>
+
+<!-- Table construction via php PDO. -->
+<?php
+$q = searchSomeUsersByStatus($offset, $entries, $search, $status);
+while($user = $q->fetch(PDO::FETCH_ASSOC)) {
+    $userID = $user['userID'];
+    $username = $user['username'];
+    $role = $user['role'];
+    $bancomment = $user['bancomment'];
+    $function = "checkCheckAll(document.getElementById('checkall'))";
+
+    echo("
+        <tr>
+            <td>
+                <input type='checkbox'
+                       name='checkbox-user[]'
+                       class='checkbox-list'
+                       value='$userID'
+                       form='admin-batchform'
+                       onchange='$function'>
+            </td>
+            <td>$username</td>
+            <td>$role</td>
+            <td>$bancomment</td>
+            <td>
+                <form class='admin-useraction'
+                      action='API/adminChangeUser.php'
+                      method='post'>
+                    <select class='action' name='actions'>
+                        <option value='frozen'>Bevries</option>
+                        <option value='banned'>Ban</option>
+                        <option value='user'>Activeer</option>
+                    </select>
+                    <input type='hidden' name='userID' value='$userID'>
+                    <input type='submit' value='Confirm'>
+                </form>
+            </td>
+        </tr>
+    ");
+}
diff --git a/website/views/adminpanel.php b/website/views/adminpanel.php
index fd10d15..c48a28d 100644
--- a/website/views/adminpanel.php
+++ b/website/views/adminpanel.php
@@ -1,15 +1,11 @@
-<script src="js/admin.js" charset="utf-8"></script>
-<?php
-require_once ("../queries/user.php");
-require_once ("../queries/group_page.php");
 
-?>
 <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php
 $search = "";
 $currentpage = 1;
 $perpage = 20;
-$status = $groupstatus = array();
+$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
+$groupstatus = array("hidden", "public", "membersonly");
 $pagetype = "user";
 
 if (isset($_GET["search"])) {
@@ -30,31 +26,11 @@ if (isset($_GET["groupstatus"])) {
 
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
-    if (isset($_POST["actions"]) && isset($_POST["userID"])) {
-        changeUserStatusByID($_POST["userID"], $_POST["actions"]);
-    }
-
-    if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
-        changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
-    }
-
-    if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
-        changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
-    }
-
-    if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
-        changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
-    }
-
     if (isset($_POST["pageselect"])) {
         $currentpage = $_POST["pageselect"];
     }
-
 }
 
-$listn = ($currentpage-1) * $perpage;
-$listm = $currentpage * $perpage;
-
 ?>
 
 <div class="content">
@@ -62,7 +38,8 @@ $listm = $currentpage * $perpage;
         <h5>Zoek naar gebruikers of groepen:</h5>
         <div class="admin-options">
             <form class="admin-searchform"
-                  action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
+                  id="admin-searchform"
+                  action="javascript:adminSearch();"
                   method="get">
 
                 <div class="admin-searchbar">
@@ -71,10 +48,11 @@ $listm = $currentpage * $perpage;
                                  class="admin-searchinput"
                                  placeholder="Naam"
                                  value="<?php echo $search;?>">
+
                     Op: <select name="pagetype" id="pagetype" onchange="changeFilter()">
                         <option value="user"
                             <?php if (isset($pagetype) && $pagetype=="user") echo "selected";?>>
-                            Gerbuiker
+                            Gebruiker
                         </option>
                         <option value="group"
                             <?php if (isset($pagetype) && $pagetype=="group") echo "selected";?>>
@@ -83,32 +61,27 @@ $listm = $currentpage * $perpage;
                     </select>
                     <button type="submit"><i class="fa fa-search"></i></button>
                 </div>
+
                 <div id="admin-filter">
                     <h5>Type gebruiker:</h5>
-                    <input type="checkbox"
-                           name="status[]"
-                           id="all"
-                           value="all"
-                        <?php if (in_array("all", $status)) echo "checked";?>>
-                    <label for="normal">Allemaal</label><br>
                     <input type="checkbox"
                            name="status[]"
                            id="normal"
                            value="user"
                         <?php if (in_array("user", $status)) echo "checked";?>>
-                    <label for="normal">Normal</label><br>
+                    <label for="normal">Normaal</label><br>
                     <input type="checkbox"
                            name="status[]"
                            id="frozen"
                            value="frozen"
                         <?php if (in_array("frozen", $status)) echo "checked";?>>
-                    <label for="frozen">Frozen</label><br>
+                    <label for="frozen">Gefrozen</label><br>
                     <input type="checkbox"
                            name="status[]"
                            id="banned"
                            value="banned"
                         <?php if (in_array("banned", $status)) echo "checked";?>>
-                    <label for="banned">Banned</label><br>
+                    <label for="banned">Gebant</label><br>
                     <input type="checkbox"
                            name="status[]"
                            id="admin"
@@ -120,7 +93,7 @@ $listm = $currentpage * $perpage;
                            id="unvalidated"
                            value="unconfirmed"
                         <?php if (in_array("unconfirmed", $status)) echo "checked";?>>
-                    <label for="unvalidated">Unvalidated</label><br>
+                    <label for="unvalidated">Ongevalideerd</label><br>
                     <input type="checkbox"
                            name="status[]"
                            id="owner"
@@ -131,160 +104,47 @@ $listm = $currentpage * $perpage;
 
                 <div id="admin-groupfilter">
                     <h5>Type groep:</h5>
-                    <input type="checkbox" name="groupstatus[]" id="all" value="all"
-                        <?php if (in_array("all", $groupstatus)) echo "checked";?>>
-                    <label for="hidden">Allemaal</label><br>
-                    <input type="checkbox" name="groupstatus[]" id="hidden" value="0"
-                        <?php if (in_array("0", $groupstatus)) echo "checked";?>>
-                    <label for="hidden">Hidden</label><br>
-                    <input type="checkbox" name="groupstatus[]" id="public" value="1"
-                        <?php if (in_array("1", $groupstatus)) echo "checked";?>>
-                    <label for="public">Public</label><br>
-                    <input type="checkbox" name="groupstatus[]" id="membersonly" value="2"
-                        <?php if (in_array("2", $groupstatus)) echo "checked";?>>
-                    <label for="membersonly">Members-only</label><br>
+                    <input type="checkbox" name="groupstatus[]" id="hidden" value="hidden"
+                        <?php if (in_array("hidden", $groupstatus)) echo "checked";?>>
+                    <label for="hidden">Verborgen</label><br>
+                    <input type="checkbox" name="groupstatus[]" id="public" value="public"
+                        <?php if (in_array("public", $groupstatus)) echo "checked";?>>
+                    <label for="public">Publiek</label><br>
+                    <input type="checkbox" name="groupstatus[]" id="membersonly" value="membersonly"
+                        <?php if (in_array("membersonly", $groupstatus)) echo "checked";?>>
+                    <label for="membersonly">Alleen Leden</label><br>
                 </div>
             </form>
         </div>
+
         <div class="admin-users">
             <div class="admin-usertitle">
                 <h4>Resultaat:</h4>
-                <span style="float: right">
-                        <?php
-                        if ($pagetype == "user") {
-                            $pages = countSomeUsersByStatus($search, $status);
-                        } else {
-                            $pages = countSomeGroupsByStatus($search, $groupstatus);
-                        }
-                        $countresults = $pages->fetchColumn();
-                        $mincount = min($listm, $countresults);
-                        $minlist = min($listn + 1, $countresults);
-                        ?>
-                    Pagina: <form class="admin-pageselector"
-                                  action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
-                                  method="post">
-                              <select class="admin-pageselect"
-                                      name="pageselect"
-                                      onchange="this.form.submit()"
-                                      value="">
-                                  <?php
-                                  for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
-                                      if ($currentpage == $i) {
-                                          echo "<option value='$i' selected>$i</option>";
-                                      } else {
-                                          echo "<option value='$i'>$i</option>";
-                                      }
-                                  }
-                                  ?>
-                              </select>
-                        </form>
-                    <?php
-                    echo "$minlist tot $mincount ($countresults totaal)";
-                    ?>
-                    </span>
+                <span style="float: right" id="admin-pageinfo">
+
+                </span>
                 <form
                         id="admin-batchform"
-                        action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
+                        action="API/adminChangeUser.php"
                         method="post">
 
                     <button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
                     <button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
                     <button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
                 </form>
+                <form
+                        id="admin-groupbatchform"
+                        action="API/adminChangeUser.php"
+                        method="post">
+
+                    <button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
+                    <button type="submit" name="batchactions" id="ban" value="public">Public</button>
+                    <button type="submit" name="batchactions" id="members" value="membersonly">Members</button>
+                </form>
             </div>
-            <table class="usertable">
-                <tr>
-                    <th><input type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
-                    <th class="table-username">Gebruikersnaam</th>
-                    <th class="table-status">Status</th>
-                    <th class="table-comment">Aantekening</th>
-                    <th class="table-action">Actie</th>
-                </tr>
 
-                <!-- Table construction via php PDO. -->
-                <?php
-                $listn = ($currentpage-1) * $perpage;
-                $listm = $currentpage * $perpage;
+            <table class="usertable" id="usertable">
 
-                if ($pagetype == 'user') {
-                    $q = searchSomeUsersByStatus($listn, $listm, $search, $status);
-                    while($user = $q->fetch(PDO::FETCH_ASSOC)) {
-                        $userID = $user['userID'];
-                        $username = $user['username'];
-                        $role = $user['role'];
-                        $bancomment = $user['bancomment'];
-                        $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
-                        $function = "checkCheckAll(document.getElementById('checkall'))";
-
-                        echo("
-                            <tr>
-                            <td><input type='checkbox'
-                            name='checkbox-user[]'
-                            class='checkbox-list'
-                            value='$userID'
-                            form='admin-batchform'
-                            onchange=" . "$function" . ">
-                            </td>
-                            <td>$username</td>
-                            <td>$role</td>
-                            <td>$bancomment</td>
-                            <td>
-                            <form class='admin-useraction'
-                            action='$thispage'
-                            method='post'>
-                            <select class='action' name='actions'>
-                            <option value='frozen'>Bevries</option>
-                            <option value='banned'>Ban</option>
-                            <option value='user'>Activeer</option>
-                            </select>
-                            <input type='hidden' name='userID' value='$userID'>
-                            <input type='submit' value='Confirm'>
-                            </form>
-                            </td>
-                            </tr>
-                            ");
-                    }
-                } else {
-                    $q = searchSomeGroupsByStatus($listn, $listm, $search, $groupstatus);
-
-                    while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
-                        $groupID = $group['groupID'];
-                        $name = $group['name'];
-                        $role = $group['status'];
-                        $description = $group['description'];
-                        $thispage = htmlspecialchars(basename($_SERVER['REQUEST_URI']));
-                        $function = "checkCheckAll(document.getElementById('checkall'))";
-
-                        echo("
-                            <tr>
-                            <td><input type='checkbox'
-                            name='checkbox-group[]'
-                            class='checkbox-list'
-                            value='$groupID'
-                            form='admin-groupbatchform'
-                            onchange=" . "$function" . ">
-                            </td>
-                            <td>$name</td>
-                            <td>$role</td>
-                            <td>$description</td>
-                            <td>
-                            <form class='admin-groupaction'
-                            action='$thispage'
-                            method='post'>
-                            <select class='action' name='actions'>
-                            <option value='0'>Hide</option>
-                            <option value='1'>Public</option>
-                            <option value='2'>Members</option>
-                            </select>
-                            <input type='hidden' name='groupID' value='$groupID'>
-                            <input type='submit' value='Confirm'>
-                            </form>
-                            </td>
-                            </tr>
-                            ");
-                    }
-                }
-                ?>
             </table>
         </div>
     </div>