MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'hendrik-testing' into 'master'

Browse Source 
Hendrik testing

See merge request !162
This commit was merged in pull request #166.
This commit is contained in:
Lars van Hijfte
2017-01-31 16:20:36 +01:00
parent 3397253010 52a4822477
commit e3ad9c4590
11 changed files with 211 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
website/public/API/adminChangeUser.php
View File

@@ -6,15 +6,20 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
if (isset($_POST["actions"]) && isset($_POST["userID"])) { if (isset($_POST["actions"]) && isset($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]); changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} else if (isset($_POST["actions"]) && isset($_POST["groupID"])) { } else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]); changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) { } else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]); if ($userinfo['role'] == 'owner') {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} else {
changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
}
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) { } else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]); changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
} }
//header("location: ../admin.php");
print_r($_POST);

18
website/public/API/adminPageNumber.php
View File

@@ -5,6 +5,7 @@ session_start();
require_once ("../../queries/connect.php"); require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php"); require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php"); require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$search = ""; $search = "";
if (isset($_POST["search"])) { if (isset($_POST["search"])) {
@@ -21,8 +22,17 @@ if (isset($_POST['status'])) {
$status = $_POST["status"]; $status = $_POST["status"];
} }
if ($pagetype == "user") { $groupstatus = array();
include ("../../views/adminpanel-page.php"); if (isset($_POST['groupstatus'])) {
} else { $groupstatus = $_POST["groupstatus"];
echo "Pagenumber failed!";
} }
$entries = 20;
$currentpage = 1;
if (isset($_POST['currentpage'])) {
$currentpage = (int) test_input($_POST["currentpage"]);
}
$offset = (int) $currentpage * $entries - $entries;
include ("../../views/adminpanel-page.php");

10
website/public/API/adminSearchUsers.php
View File

@@ -8,13 +8,11 @@ require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php"); require_once ("../../queries/group_page.php");
$offset = 0; $offset = 0;
if (isset($_POST["n"])) {
$offset = (int) test_input($_POST["n"]);
}
$entries = 20; $entries = 20;
if (isset($_POST["m"])) { if (isset($_POST["currentpage"])) {
$entries = (int) test_input($_POST["m"]); $offset = (int) test_input($_POST["currentpage"]) * $entries - $entries;
} }
$search = ""; $search = "";
if (isset($_POST["search"])) { if (isset($_POST["search"])) {
$search = test_input($_POST["search"]); $search = test_input($_POST["search"]);
@@ -35,6 +33,8 @@ if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"]; $groupstatus = $_POST["groupstatus"];
} }
$userinfo = getRoleByID($_SESSION['userID']);
if ($pagetype == "user") { if ($pagetype == "user") {
include ("../../views/adminpanel-table.php"); include ("../../views/adminpanel-table.php");
} else if ($pagetype == "group") { } else if ($pagetype == "group") {

2
website/public/admin.php
View File

@@ -8,7 +8,7 @@
<style> <style>
@import url("styles/adminpanel.css"); @import url("styles/adminpanel.css");
</style> </style>
<script src="js/admin.js" charset="utf-8"></script> <script src="js/admin.js" charset="utf-8"></script>
</head> </head>
<body> <body>
<?php <?php

82
website/public/js/admin.js
View File

@@ -1,42 +1,48 @@
$(window).on("load", function () { $(window).on("load", function () {
changeFilter(); changeFilter();
searchFromOne();
$(".admin-searchinput").keyup(function(){ $(".admin-searchinput").keyup(function(){
adminSearch(); searchFromOne();
}); });
// all inputs and labels directly under admin filter and groupfilter // all inputs and labels directly under admin filter and groupfilter
$("#admin-filter, #admin-groupfilter > input, label").click(function(){ $("#admin-filter, #admin-groupfilter > input, label").change(function(){
adminSearch(); searchFromOne();
}); });
$("#pagetype").change(function(){ $("#pagetype").change(function(){
adminSearch(); searchFromOne();
}); });
adminSearch(); /* Update hidden input to be equal to submit pressed,
because serialize doesn't take submit values. */
$('#admin-batchform > button').click(function () {
$('#batchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
$('#admin-groupbatchform > button').click(function () {
$('#groupbatchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
}); });
function checkAll(allbox) { function checkAll() {
var checkboxes = document.getElementsByClassName('checkbox-list'); $('.checkbox-list').each(function () {
$(this).prop('checked', $('#checkall').prop('checked'));
for (var i = 0; i < checkboxes.length; i++) { });
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
} }
function checkCheckAll(allbox) { function checkCheckAll() {
var checkboxes = document.getElementsByClassName('checkbox-list');
var checked = true; var checked = true;
for (var i = 0; i < checkboxes.length; i++) { $('.checkbox-list').each(function () {
if (checkboxes[i].type == 'checkbox') { if ($(this).prop('checked') == false) {
if (checkboxes[i].checked == false) { checked = false;
checked = false; return;
break;
}
} }
} });
allbox.checked = checked;
$('#checkall').prop('checked', checked);
} }
function changeFilter() { function changeFilter() {
@@ -55,12 +61,28 @@ function changeFilter() {
} }
} }
function searchFromOne() {
$('#currentpage').prop('value', 1);
adminSearch();
}
function adminSearch() { function adminSearch() {
console.log($("#admin-searchform").serialize());
$.post( $.post(
"API/adminSearchUsers.php", "API/adminSearchUsers.php",
$("#admin-searchform").serialize() $("#admin-searchform").serialize()
).done(function (data) { ).done(function (data) {
$("#usertable").html(data); $("#usertable").html(data);
updatePageN();
})
}
function adminUpdate(form) {
$.post(
"API/adminChangeUser.php",
$(form).serialize()
).done(function () {
adminSearch();
}) })
} }
@@ -72,3 +94,17 @@ function updatePageN() {
$("#admin-pageinfo").html(data); $("#admin-pageinfo").html(data);
}) })
} }
function toggleBancomment(button) {
$(button).siblings("div").toggle();
$(button).toggle();
}
function editComment(form) {
$.post(
"API/adminChangeUser.php",
$(form).serialize()
).done(function (data) {
adminSearch();
});
}

10
website/public/styles/adminpanel.css
View File

@@ -43,10 +43,18 @@
padding: 3px; padding: 3px;
} }
.usertable tr { .usertable th, tr {
text-align: left; text-align: left;
} }
.usertable tr:hover { .usertable tr:hover {
background-color: #f5f5f5; background-color: #f5f5f5;
} }
.bancommentedit {
display: none;
}
.bancommentform input[type="text"] {
width: 100%;
}

34
website/queries/user.php
View File

@@ -278,6 +278,25 @@ function changeMultipleUserStatusByID($ids, $status) {
return $q; return $q;
} }
function changeMultipleUserStatusByIDAdmin($ids, $status) {
$q = prepareQuery("
UPDATE
`user`
SET
`role` = :status
WHERE
FIND_IN_SET (`userID`, :ids)
AND NOT `role` = 'admin'
AND NOT `role` = 'owner'
");
$ids = implode(',', $ids);
$q->bindParam(':ids', $ids);
$q->bindParam(':status', $status);
$q->execute();
return $q;
}
function selectRandomNotFriendUser($userID) { function selectRandomNotFriendUser($userID) {
$stmt = prepareQuery(" $stmt = prepareQuery("
SELECT SELECT
@@ -378,3 +397,18 @@ function getRoleByID($userID) {
$stmt->execute(); $stmt->execute();
return $stmt->fetch()["role"]; return $stmt->fetch()["role"];
} }
function editBanCommentByID($userID, $comment) {
$stmt = prepareQuery("
UPDATE
`user`
SET
`bancomment` = :comment
WHERE
`userID` = :userID
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':comment', $comment);
$stmt->execute();
}

6
website/views/adminpanel-grouptable.php
View File

@@ -16,7 +16,6 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$name = $group['name']; $name = $group['name'];
$role = $group['status']; $role = $group['status'];
$description = $group['description']; $description = $group['description'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
@@ -25,15 +24,14 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list' class='checkbox-list'
value='$groupID' value='$groupID'
form='admin-groupbatchform' form='admin-groupbatchform'
onchange='$function'> onchange='checkCheckAll();'>
</td> </td>
<td>$name</td> <td>$name</td>
<td>$role</td> <td>$role</td>
<td>$description</td> <td>$description</td>
<td> <td>
<form class='admin-groupaction' <form class='admin-groupaction'
action='API/adminChangeUser.php' onsubmit=\"adminUpdate(this); return false;\">
method='post'>
<select class='action' name='actions'> <select class='action' name='actions'>
<option value='hidden'>Hidden</option> <option value='hidden'>Hidden</option>
<option value='public'>Public</option> <option value='public'>Public</option>

39
website/views/adminpanel-page.php
View File

@@ -5,27 +5,26 @@ if ($pagetype == "user") {
$pages = countSomeGroupsByStatus($search, $groupstatus); $pages = countSomeGroupsByStatus($search, $groupstatus);
} }
$countresults = $pages->fetchColumn(); $countresults = $pages->fetchColumn();
$mincount = min($listm, $countresults);
$minlist = min($listn + 1, $countresults);
?> ?>
Pagina: <form class="admin-pageselector" Pagina:
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>" <select class="admin-pageselect"
method="post"> name="currentpage"
<select class="admin-pageselect" id="currentpage"
name="pageselect" form="admin-searchform"
onchange="this.form.submit()" onchange="adminSearch();">
value=""> <?php
<?php for ($i=1; $i <= ceil($countresults / $entries); $i++) {
for ($i=1; $i <= ceil($countresults / $perpage); $i++) { if ($currentpage == $i) {
if ($currentpage == $i) { echo "<option value='$i' selected>$i</option>";
echo "<option value='$i' selected>$i</option>"; } else {
} else { echo "<option value='$i'>$i</option>";
echo "<option value='$i'>$i</option>";
}
} }
?> }
</select> ?>
</form> </select>
<?php <?php
echo "$minlist tot $mincount ($countresults totaal)"; $n = min($offset + 1, $countresults);
$m = min($offset + $entries, $countresults);
echo " $n tot $m ($countresults totaal)";
?> ?>

48
website/views/adminpanel-table.php
View File

@@ -1,5 +1,5 @@
<tr> <tr>
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th> <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
<th class="table-username">Gebruikersnaam</th> <th class="table-username">Gebruikersnaam</th>
<th class="table-status">Status</th> <th class="table-status">Status</th>
<th class="table-comment">Aantekening</th> <th class="table-comment">Aantekening</th>
@@ -14,7 +14,6 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$username = $user['username']; $username = $user['username'];
$role = $user['role']; $role = $user['role'];
$bancomment = $user['bancomment']; $bancomment = $user['bancomment'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
@@ -24,20 +23,47 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list' class='checkbox-list'
value='$userID' value='$userID'
form='admin-batchform' form='admin-batchform'
onchange='$function'> onchange='checkCheckAll();'>
</td> </td>
<td>$username</td> <td>$username</td>
<td>$role</td> <td>$role</td>
<td>$bancomment</td> <td>
<div class='bancomment'>$bancomment</div>
<div class='bancommentedit'>
<form class='bancommentform'
id='bancommentform'
onsubmit='editComment(this);
return false;'>
<input type='text'
name='bancommenttext'
placeholder='Schrijf een aantekening'
value='$bancomment'>
<input type='hidden'
name='bancommentuserID'
value='$userID'>
<button type='submit'>Update</button>
</form>
</div>
<button type='button' onclick='toggleBancomment(this)'>Verander</button>
</td>
<td> <td>
<form class='admin-useraction' <form class='admin-useraction'
action='API/adminChangeUser.php' onsubmit=\"adminUpdate(this); return false;\">
method='post'> <select class='action' name='actions'>");
<select class='action' name='actions'> if (!($userinfo == 'admin'
<option value='frozen'>Bevries</option> AND ($user['role'] == 'admin'
<option value='banned'>Ban</option> OR $user['role'] == 'owner'))) {
<option value='user'>Activeer</option> echo "<option value='frozen'>Bevries</option>
</select> <option value='banned'>Ban</option>
<option value='user'>Activeer</option>";
if ($userinfo['role'] == 'owner') {
echo "<option value='admin'>Admin</option>
<option value='owner'>Owner</option>";
}
}
echo ("</select>
<input type='hidden' name='userID' value='$userID'> <input type='hidden' name='userID' value='$userID'>
<input type='submit' value='Confirm'> <input type='submit' value='Confirm'>
</form> </form>

42
website/views/adminpanel.php
View File

@@ -2,11 +2,10 @@
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp --> <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
<?php <?php
$search = ""; $search = "";
$currentpage = 1;
$perpage = 20;
$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner"); $status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
$groupstatus = array("hidden", "public", "membersonly"); $groupstatus = array("hidden", "public", "membersonly");
$pagetype = "user"; $pagetype = "user";
$userinfo = getRoleByID($_SESSION['userID']);
if (isset($_GET["search"])) { if (isset($_GET["search"])) {
$search = test_input($_GET["search"]); $search = test_input($_GET["search"]);
@@ -24,13 +23,6 @@ if (isset($_GET["groupstatus"])) {
$groupstatus = $_GET["groupstatus"]; $groupstatus = $_GET["groupstatus"];
} }
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["pageselect"])) {
$currentpage = $_POST["pageselect"];
}
}
?> ?>
<div class="content"> <div class="content">
@@ -39,7 +31,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<div class="admin-options"> <div class="admin-options">
<form class="admin-searchform" <form class="admin-searchform"
id="admin-searchform" id="admin-searchform"
action="javascript:adminSearch();" action="javascript:searchFromOne();"
method="get"> method="get">
<div class="admin-searchbar"> <div class="admin-searchbar">
@@ -120,23 +112,33 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<div class="admin-users"> <div class="admin-users">
<div class="admin-usertitle"> <div class="admin-usertitle">
<h4>Resultaat:</h4> <h4>Resultaat:</h4>
<span style="float: right" id="admin-pageinfo"> <div style="float: right" id="admin-pageinfo">
</span> </div>
<form <form id="admin-batchform"
id="admin-batchform" onsubmit="adminUpdate(this); return false;">
action="API/adminChangeUser.php"
method="post">
<input type="hidden" name="batchactions" id="batchinput">
<button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button> <button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
<button type="submit" name="batchactions" id="ban" value="banned">Ban</button> <button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
<button type="submit" name="batchactions" id="restore" value="user">Activeer</button> <button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
<?php
if ($userinfo == 'owner') {
echo "<button type=\"submit\"
name=\"batchactions\"
id=\"admin\"
value=\"admin\">Maak Admin</button>
<button type=\"submit\"
name=\"batchactions\"
id=\"owner\"
value=\"owner\">Maak Owner</button>";
}
?>
</form> </form>
<form <form id="admin-groupbatchform"
id="admin-groupbatchform" onsubmit="adminUpdate(this); return false;">
action="API/adminChangeUser.php"
method="post">
<input type="hidden" name="groupbatchactions" id="groupbatchinput">
<button type="submit" name="batchactions" id="hide" value="hidden">Hide</button> <button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
<button type="submit" name="batchactions" id="ban" value="public">Public</button> <button type="submit" name="batchactions" id="ban" value="public">Public</button>
<button type="submit" name="batchactions" id="members" value="membersonly">Members</button> <button type="submit" name="batchactions" id="members" value="membersonly">Members</button>