cleaned admin.js, add admin/owner check (frontend), fix submit ajax
This commit is contained in:
Hendrik
@@ -16,7 +16,6 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||
$name = $group['name'];
|
||||
$role = $group['status'];
|
||||
$description = $group['description'];
|
||||
$function = "checkCheckAll(document.getElementById('checkall'))";
|
||||
|
||||
echo("
|
||||
<tr>
|
||||
@@ -25,15 +24,14 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||
class='checkbox-list'
|
||||
value='$groupID'
|
||||
form='admin-groupbatchform'
|
||||
onchange='$function'>
|
||||
onchange='checkCheckAll();'>
|
||||
</td>
|
||||
<td>$name</td>
|
||||
<td>$role</td>
|
||||
<td>$description</td>
|
||||
<td>
|
||||
<form class='admin-groupaction'
|
||||
action='API/adminChangeUser.php'
|
||||
method='post'>
|
||||
onsubmit=\"adminUpdate(this); return false;\">
|
||||
<select class='action' name='actions'>
|
||||
<option value='hidden'>Hidden</option>
|
||||
<option value='public'>Public</option>
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<tr>
|
||||
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
|
||||
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
|
||||
<th class="table-username">Gebruikersnaam</th>
|
||||
<th class="table-status">Status</th>
|
||||
<th class="table-comment">Aantekening</th>
|
||||
@@ -14,7 +14,6 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||
$username = $user['username'];
|
||||
$role = $user['role'];
|
||||
$bancomment = $user['bancomment'];
|
||||
$function = "checkCheckAll(document.getElementById('checkall'))";
|
||||
|
||||
echo("
|
||||
<tr>
|
||||
@@ -24,20 +23,29 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||
class='checkbox-list'
|
||||
value='$userID'
|
||||
form='admin-batchform'
|
||||
onchange='$function'>
|
||||
onchange='checkCheckAll();'>
|
||||
</td>
|
||||
<td>$username</td>
|
||||
<td>$role</td>
|
||||
<td>$bancomment</td>
|
||||
<td>
|
||||
<form class='admin-useraction'
|
||||
action='API/adminChangeUser.php'
|
||||
method='post'>
|
||||
<select class='action' name='actions'>
|
||||
<option value='frozen'>Bevries</option>
|
||||
<option value='banned'>Ban</option>
|
||||
<option value='user'>Activeer</option>
|
||||
</select>
|
||||
onsubmit=\"adminUpdate(this); return false;\">
|
||||
<select class='action' name='actions'>");
|
||||
if (!($userinfo['role'] == 'admin'
|
||||
AND ($user['role'] == 'admin'
|
||||
OR $user['role'] == 'owner'))) {
|
||||
echo "<option value='frozen'>Bevries</option>
|
||||
<option value='banned'>Ban</option>
|
||||
<option value='user'>Activeer</option>";
|
||||
|
||||
if ($userinfo['role'] == 'owner') {
|
||||
echo "<option value='admin'>Admin</option>
|
||||
<option value='owner'>Owner</option>";
|
||||
}
|
||||
}
|
||||
|
||||
echo ("</select>
|
||||
<input type='hidden' name='userID' value='$userID'>
|
||||
<input type='submit' value='Confirm'>
|
||||
</form>
|
||||
|
||||
@@ -7,6 +7,7 @@ $perpage = 20;
|
||||
$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
|
||||
$groupstatus = array("hidden", "public", "membersonly");
|
||||
$pagetype = "user";
|
||||
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if (isset($_GET["search"])) {
|
||||
$search = test_input($_GET["search"]);
|
||||
@@ -123,20 +124,30 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
<span style="float: right" id="admin-pageinfo">
|
||||
|
||||
</span>
|
||||
<form
|
||||
id="admin-batchform"
|
||||
action="API/adminChangeUser.php"
|
||||
method="post">
|
||||
<form id="admin-batchform"
|
||||
onsubmit="adminUpdate(this); return false;">
|
||||
|
||||
<input type="hidden" name="batchactions" id="batchinput">
|
||||
<button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
|
||||
<button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
|
||||
<button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
|
||||
<?php
|
||||
if ($userinfo['role'] == 'owner') {
|
||||
echo "<button type=\"submit\"
|
||||
name=\"batchactions\"
|
||||
id=\"admin\"
|
||||
value=\"admin\">Maak Admin</button>
|
||||
<button type=\"submit\"
|
||||
name=\"batchactions\"
|
||||
id=\"owner\"
|
||||
value=\"owner\">Maak Owner</button>";
|
||||
}
|
||||
?>
|
||||
</form>
|
||||
<form
|
||||
id="admin-groupbatchform"
|
||||
action="API/adminChangeUser.php"
|
||||
method="post">
|
||||
<form id="admin-groupbatchform"
|
||||
onsubmit="adminUpdate(this); return false;">
|
||||
|
||||
<input type="hidden" name="groupbatchactions" id="groupbatchinput">
|
||||
<button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
|
||||
<button type="submit" name="batchactions" id="ban" value="public">Public</button>
|
||||
<button type="submit" name="batchactions" id="members" value="membersonly">Members</button>
|
||||
|
||||
Reference in New Issue
Block a user