MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'hendrik-testing' into 'master'

Browse Source 
Hendrik testing

See merge request !162
This commit was merged in pull request #166.
This commit is contained in:
Lars van Hijfte
2017-01-31 16:20:36 +01:00
parent 3397253010 52a4822477
commit e3ad9c4590
11 changed files with 211 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
website/public/API/adminChangeUser.php
View File

@@ -6,15 +6,20 @@ require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
if (isset($_POST["actions"]) && isset($_POST["userID"])) {
changeUserStatusByID($_POST["userID"], $_POST["actions"]);
} else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
} else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
if ($userinfo['role'] == 'owner') {
changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
} else {
changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
}
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} else if (isset($_POST['bancommentuserID']) && isset($_POST['bancommenttext'])) {
editBanCommentByID($_POST['bancommentuserID'], $_POST['bancommenttext']);
}
//header("location: ../admin.php");
print_r($_POST);

18
website/public/API/adminPageNumber.php
View File

@@ -5,6 +5,7 @@ session_start();
require_once ("../../queries/connect.php");
require_once ("../../queries/checkInput.php");
require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$search = "";
if (isset($_POST["search"])) {
@@ -21,8 +22,17 @@ if (isset($_POST['status'])) {
$status = $_POST["status"];
}
if ($pagetype == "user") {
include ("../../views/adminpanel-page.php");
} else {
echo "Pagenumber failed!";
$groupstatus = array();
if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$entries = 20;
$currentpage = 1;
if (isset($_POST['currentpage'])) {
$currentpage = (int) test_input($_POST["currentpage"]);
}
$offset = (int) $currentpage * $entries - $entries;
include ("../../views/adminpanel-page.php");

10
website/public/API/adminSearchUsers.php
View File

@@ -8,13 +8,11 @@ require_once ("../../queries/user.php");
require_once ("../../queries/group_page.php");
$offset = 0;
if (isset($_POST["n"])) {
$offset = (int) test_input($_POST["n"]);
}
$entries = 20;
if (isset($_POST["m"])) {
$entries = (int) test_input($_POST["m"]);
if (isset($_POST["currentpage"])) {
$offset = (int) test_input($_POST["currentpage"]) * $entries - $entries;
}
$search = "";
if (isset($_POST["search"])) {
$search = test_input($_POST["search"]);
@@ -35,6 +33,8 @@ if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$userinfo = getRoleByID($_SESSION['userID']);
if ($pagetype == "user") {
include ("../../views/adminpanel-table.php");
} else if ($pagetype == "group") {

2
website/public/admin.php
View File

@@ -8,7 +8,7 @@
<style>
@import url("styles/adminpanel.css");
</style>
<script src="js/admin.js" charset="utf-8"></script>
<script src="js/admin.js" charset="utf-8"></script>
</head>
<body>
<?php

82
website/public/js/admin.js
View File

@@ -1,42 +1,48 @@
$(window).on("load", function () {
changeFilter();
searchFromOne();
$(".admin-searchinput").keyup(function(){
adminSearch();
searchFromOne();
});
// all inputs and labels directly under admin filter and groupfilter
$("#admin-filter, #admin-groupfilter > input, label").click(function(){
adminSearch();
$("#admin-filter, #admin-groupfilter > input, label").change(function(){
searchFromOne();
});
$("#pagetype").change(function(){
adminSearch();
searchFromOne();
});
adminSearch();
/* Update hidden input to be equal to submit pressed,
because serialize doesn't take submit values. */
$('#admin-batchform > button').click(function () {
$('#batchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
$('#admin-groupbatchform > button').click(function () {
$('#groupbatchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
});
function checkAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
function checkAll() {
$('.checkbox-list').each(function () {
$(this).prop('checked', $('#checkall').prop('checked'));
});
}
function checkCheckAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
function checkCheckAll() {
var checked = true;
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
if (checkboxes[i].checked == false) {
checked = false;
break;
}
$('.checkbox-list').each(function () {
if ($(this).prop('checked') == false) {
checked = false;
return;
}
}
allbox.checked = checked;
});
$('#checkall').prop('checked', checked);
}
function changeFilter() {
@@ -55,12 +61,28 @@ function changeFilter() {
}
}
function searchFromOne() {
$('#currentpage').prop('value', 1);
adminSearch();
}
function adminSearch() {
console.log($("#admin-searchform").serialize());
$.post(
"API/adminSearchUsers.php",
$("#admin-searchform").serialize()
).done(function (data) {
$("#usertable").html(data);
updatePageN();
})
}
function adminUpdate(form) {
$.post(
"API/adminChangeUser.php",
$(form).serialize()
).done(function () {
adminSearch();
})
}
@@ -72,3 +94,17 @@ function updatePageN() {
$("#admin-pageinfo").html(data);
})
}
function toggleBancomment(button) {
$(button).siblings("div").toggle();
$(button).toggle();
}
function editComment(form) {
$.post(
"API/adminChangeUser.php",
$(form).serialize()
).done(function (data) {
adminSearch();
});
}

10
website/public/styles/adminpanel.css
View File

@@ -43,10 +43,18 @@
padding: 3px;
}
.usertable tr {
.usertable th, tr {
text-align: left;
}
.usertable tr:hover {
background-color: #f5f5f5;
}
.bancommentedit {
display: none;
}
.bancommentform input[type="text"] {
width: 100%;
}

34
website/queries/user.php
View File

@@ -278,6 +278,25 @@ function changeMultipleUserStatusByID($ids, $status) {
return $q;
}
function changeMultipleUserStatusByIDAdmin($ids, $status) {
$q = prepareQuery("
UPDATE
`user`
SET
`role` = :status
WHERE
FIND_IN_SET (`userID`, :ids)
AND NOT `role` = 'admin'
AND NOT `role` = 'owner'
");
$ids = implode(',', $ids);
$q->bindParam(':ids', $ids);
$q->bindParam(':status', $status);
$q->execute();
return $q;
}
function selectRandomNotFriendUser($userID) {
$stmt = prepareQuery("
SELECT
@@ -378,3 +397,18 @@ function getRoleByID($userID) {
$stmt->execute();
return $stmt->fetch()["role"];
}
function editBanCommentByID($userID, $comment) {
$stmt = prepareQuery("
UPDATE
`user`
SET
`bancomment` = :comment
WHERE
`userID` = :userID
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);
$stmt->bindParam(':comment', $comment);
$stmt->execute();
}

6
website/views/adminpanel-grouptable.php
View File

@@ -16,7 +16,6 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$name = $group['name'];
$role = $group['status'];
$description = $group['description'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo("
<tr>
@@ -25,15 +24,14 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list'
value='$groupID'
form='admin-groupbatchform'
onchange='$function'>
onchange='checkCheckAll();'>
</td>
<td>$name</td>
<td>$role</td>
<td>$description</td>
<td>
<form class='admin-groupaction'
action='API/adminChangeUser.php'
method='post'>
onsubmit=\"adminUpdate(this); return false;\">
<select class='action' name='actions'>
<option value='hidden'>Hidden</option>
<option value='public'>Public</option>

39
website/views/adminpanel-page.php
View File

@@ -5,27 +5,26 @@ if ($pagetype == "user") {
$pages = countSomeGroupsByStatus($search, $groupstatus);
}
$countresults = $pages->fetchColumn();
$mincount = min($listm, $countresults);
$minlist = min($listn + 1, $countresults);
?>
Pagina: <form class="admin-pageselector"
action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
method="post">
<select class="admin-pageselect"
name="pageselect"
onchange="this.form.submit()"
value="">
<?php
for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
if ($currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
Pagina:
<select class="admin-pageselect"
name="currentpage"
id="currentpage"
form="admin-searchform"
onchange="adminSearch();">
<?php
for ($i=1; $i <= ceil($countresults / $entries); $i++) {
if ($currentpage == $i) {
echo "<option value='$i' selected>$i</option>";
} else {
echo "<option value='$i'>$i</option>";
}
?>
</select>
</form>
}
?>
</select>
<?php
echo "$minlist tot $mincount ($countresults totaal)";
$n = min($offset + 1, $countresults);
$m = min($offset + $entries, $countresults);
echo " $n tot $m ($countresults totaal)";
?>

48
website/views/adminpanel-table.php
View File

@@ -1,5 +1,5 @@
<tr>
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
<th class="table-username">Gebruikersnaam</th>
<th class="table-status">Status</th>
<th class="table-comment">Aantekening</th>
@@ -14,7 +14,6 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$username = $user['username'];
$role = $user['role'];
$bancomment = $user['bancomment'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo("
<tr>
@@ -24,20 +23,47 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list'
value='$userID'
form='admin-batchform'
onchange='$function'>
onchange='checkCheckAll();'>
</td>
<td>$username</td>
<td>$role</td>
<td>$bancomment</td>
<td>
<div class='bancomment'>$bancomment</div>
<div class='bancommentedit'>
<form class='bancommentform'
id='bancommentform'
onsubmit='editComment(this);
return false;'>
<input type='text'
name='bancommenttext'
placeholder='Schrijf een aantekening'
value='$bancomment'>
<input type='hidden'
name='bancommentuserID'
value='$userID'>
<button type='submit'>Update</button>
</form>
</div>
<button type='button' onclick='toggleBancomment(this)'>Verander</button>
</td>
<td>
<form class='admin-useraction'
action='API/adminChangeUser.php'
method='post'>
<select class='action' name='actions'>
<option value='frozen'>Bevries</option>
<option value='banned'>Ban</option>
<option value='user'>Activeer</option>
</select>
onsubmit=\"adminUpdate(this); return false;\">
<select class='action' name='actions'>");
if (!($userinfo == 'admin'
AND ($user['role'] == 'admin'
OR $user['role'] == 'owner'))) {
echo "<option value='frozen'>Bevries</option>
<option value='banned'>Ban</option>
<option value='user'>Activeer</option>";
if ($userinfo['role'] == 'owner') {
echo "<option value='admin'>Admin</option>
<option value='owner'>Owner</option>";
}
}
echo ("</select>
<input type='hidden' name='userID' value='$userID'>
<input type='submit' value='Confirm'>
</form>

42
website/views/adminpanel.php
View File

@@ -2,11 +2,10 @@
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
<?php
$search = "";
$currentpage = 1;
$perpage = 20;
$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
$groupstatus = array("hidden", "public", "membersonly");
$pagetype = "user";
$userinfo = getRoleByID($_SESSION['userID']);
if (isset($_GET["search"])) {
$search = test_input($_GET["search"]);
@@ -24,13 +23,6 @@ if (isset($_GET["groupstatus"])) {
$groupstatus = $_GET["groupstatus"];
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["pageselect"])) {
$currentpage = $_POST["pageselect"];
}
}
?>
<div class="content">
@@ -39,7 +31,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<div class="admin-options">
<form class="admin-searchform"
id="admin-searchform"
action="javascript:adminSearch();"
action="javascript:searchFromOne();"
method="get">
<div class="admin-searchbar">
@@ -120,23 +112,33 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<div class="admin-users">
<div class="admin-usertitle">
<h4>Resultaat:</h4>
<span style="float: right" id="admin-pageinfo">
<div style="float: right" id="admin-pageinfo">
</span>
<form
id="admin-batchform"
action="API/adminChangeUser.php"
method="post">
</div>
<form id="admin-batchform"
onsubmit="adminUpdate(this); return false;">
<input type="hidden" name="batchactions" id="batchinput">
<button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
<button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
<button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
<?php
if ($userinfo == 'owner') {
echo "<button type=\"submit\"
name=\"batchactions\"
id=\"admin\"
value=\"admin\">Maak Admin</button>
<button type=\"submit\"
name=\"batchactions\"
id=\"owner\"
value=\"owner\">Maak Owner</button>";
}
?>
</form>
<form
id="admin-groupbatchform"
action="API/adminChangeUser.php"
method="post">
<form id="admin-groupbatchform"
onsubmit="adminUpdate(this); return false;">
<input type="hidden" name="groupbatchactions" id="groupbatchinput">
<button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
<button type="submit" name="batchactions" id="ban" value="public">Public</button>
<button type="submit" name="batchactions" id="members" value="membersonly">Members</button>