MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

cleaned admin.js, add admin/owner check (frontend), fix submit ajax

Browse Source
This commit is contained in:
Hendrik
2017-01-30 16:32:57 +01:00
parent 3f960cc091
commit e464f5bca2
8 changed files with 79 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
website/public/API/adminChangeUser.php
View File

@@ -15,6 +15,3 @@ if (isset($_POST["actions"]) && isset($_POST["userID"])) {
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) { } else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]); changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
} }
//header("location: ../admin.php");
print_r($_POST);

2
website/public/API/adminSearchUsers.php
View File

@@ -35,6 +35,8 @@ if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"]; $groupstatus = $_POST["groupstatus"];
} }
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
if ($pagetype == "user") { if ($pagetype == "user") {
include ("../../views/adminpanel-table.php"); include ("../../views/adminpanel-table.php");
} else if ($pagetype == "group") { } else if ($pagetype == "group") {

54
website/public/js/admin.js
View File

@@ -4,39 +4,45 @@ $(window).on("load", function () {
adminSearch(); adminSearch();
}); });
// all inputs and labels directly under admin filter and groupfilter // all inputs and labels directly under admin filter and groupfilter
$("#admin-filter, #admin-groupfilter > input, label").click(function(){ $("#admin-filter, #admin-groupfilter > input, label").change(function(){
adminSearch(); adminSearch();
}); });
$("#pagetype").change(function(){ $("#pagetype").change(function(){
adminSearch(); adminSearch();
}); });
/* Update hidden input to be equal to submit pressed,
because serialize doesn't take submit values. */
$('#admin-batchform > button').click(function () {
$('#batchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
$('#admin-groupbatchform > button').click(function () {
$('#groupbatchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
adminSearch(); adminSearch();
}); });
function checkAll(allbox) { function checkAll() {
var checkboxes = document.getElementsByClassName('checkbox-list'); $('.checkbox-list').each(function () {
$(this).prop('checked', $('#checkall').prop('checked'));
for (var i = 0; i < checkboxes.length; i++) { });
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
} }
function checkCheckAll(allbox) { function checkCheckAll() {
var checkboxes = document.getElementsByClassName('checkbox-list');
var checked = true; var checked = true;
for (var i = 0; i < checkboxes.length; i++) { $('.checkbox-list').each(function () {
if (checkboxes[i].type == 'checkbox') { if ($(this).prop('checked') == false) {
if (checkboxes[i].checked == false) {
checked = false; checked = false;
break; return;
} }
} });
}
allbox.checked = checked; $('#checkall').prop('checked', checked);
} }
function changeFilter() { function changeFilter() {
@@ -60,11 +66,21 @@ function adminSearch() {
"API/adminSearchUsers.php", "API/adminSearchUsers.php",
$("#admin-searchform").serialize() $("#admin-searchform").serialize()
).done(function (data) { ).done(function (data) {
console.log(data); // console.log(data);
$("#usertable").html(data); $("#usertable").html(data);
}) })
} }
function adminUpdate(form) {
console.log($(form).serialize());
$.post(
"API/adminChangeUser.php",
$(form).serialize()
).done(function () {
adminSearch();
})
}
function updatePageN() { function updatePageN() {
$.post( $.post(
"API/adminPageNumber.php", "API/adminPageNumber.php",

2
website/public/styles/adminpanel.css
View File

@@ -44,7 +44,7 @@
padding: 3px; padding: 3px;
} }
.usertable tr { .usertable th, tr {
text-align: left; text-align: left;
} }

6
website/views/adminpanel-grouptable.php
View File

@@ -16,7 +16,6 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$name = $group['name']; $name = $group['name'];
$role = $group['status']; $role = $group['status'];
$description = $group['description']; $description = $group['description'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
@@ -25,15 +24,14 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list' class='checkbox-list'
value='$groupID' value='$groupID'
form='admin-groupbatchform' form='admin-groupbatchform'
onchange='$function'> onchange='checkCheckAll();'>
</td> </td>
<td>$name</td> <td>$name</td>
<td>$role</td> <td>$role</td>
<td>$description</td> <td>$description</td>
<td> <td>
<form class='admin-groupaction' <form class='admin-groupaction'
action='API/adminChangeUser.php' onsubmit=\"adminUpdate(this); return false;\">
method='post'>
<select class='action' name='actions'> <select class='action' name='actions'>
<option value='hidden'>Hidden</option> <option value='hidden'>Hidden</option>
<option value='public'>Public</option> <option value='public'>Public</option>

26
website/views/adminpanel-table.php
View File

@@ -1,5 +1,5 @@
<tr> <tr>
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th> <th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
<th class="table-username">Gebruikersnaam</th> <th class="table-username">Gebruikersnaam</th>
<th class="table-status">Status</th> <th class="table-status">Status</th>
<th class="table-comment">Aantekening</th> <th class="table-comment">Aantekening</th>
@@ -14,7 +14,6 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$username = $user['username']; $username = $user['username'];
$role = $user['role']; $role = $user['role'];
$bancomment = $user['bancomment']; $bancomment = $user['bancomment'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo(" echo("
<tr> <tr>
@@ -24,20 +23,29 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list' class='checkbox-list'
value='$userID' value='$userID'
form='admin-batchform' form='admin-batchform'
onchange='$function'> onchange='checkCheckAll();'>
</td> </td>
<td>$username</td> <td>$username</td>
<td>$role</td> <td>$role</td>
<td>$bancomment</td> <td>$bancomment</td>
<td> <td>
<form class='admin-useraction' <form class='admin-useraction'
action='API/adminChangeUser.php' onsubmit=\"adminUpdate(this); return false;\">
method='post'> <select class='action' name='actions'>");
<select class='action' name='actions'> if (!($userinfo['role'] == 'admin'
<option value='frozen'>Bevries</option> AND ($user['role'] == 'admin'
OR $user['role'] == 'owner'))) {
echo "<option value='frozen'>Bevries</option>
<option value='banned'>Ban</option> <option value='banned'>Ban</option>
<option value='user'>Activeer</option> <option value='user'>Activeer</option>";
</select>
if ($userinfo['role'] == 'owner') {
echo "<option value='admin'>Admin</option>
<option value='owner'>Owner</option>";
}
}
echo ("</select>
<input type='hidden' name='userID' value='$userID'> <input type='hidden' name='userID' value='$userID'>
<input type='submit' value='Confirm'> <input type='submit' value='Confirm'>
</form> </form>

27
website/views/adminpanel.php
View File

@@ -7,6 +7,7 @@ $perpage = 20;
$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner"); $status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
$groupstatus = array("hidden", "public", "membersonly"); $groupstatus = array("hidden", "public", "membersonly");
$pagetype = "user"; $pagetype = "user";
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
if (isset($_GET["search"])) { if (isset($_GET["search"])) {
$search = test_input($_GET["search"]); $search = test_input($_GET["search"]);
@@ -123,20 +124,30 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<span style="float: right" id="admin-pageinfo"> <span style="float: right" id="admin-pageinfo">
</span> </span>
<form <form id="admin-batchform"
id="admin-batchform" onsubmit="adminUpdate(this); return false;">
action="API/adminChangeUser.php"
method="post">
<input type="hidden" name="batchactions" id="batchinput">
<button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button> <button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
<button type="submit" name="batchactions" id="ban" value="banned">Ban</button> <button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
<button type="submit" name="batchactions" id="restore" value="user">Activeer</button> <button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
<?php
if ($userinfo['role'] == 'owner') {
echo "<button type=\"submit\"
name=\"batchactions\"
id=\"admin\"
value=\"admin\">Maak Admin</button>
<button type=\"submit\"
name=\"batchactions\"
id=\"owner\"
value=\"owner\">Maak Owner</button>";
}
?>
</form> </form>
<form <form id="admin-groupbatchform"
id="admin-groupbatchform" onsubmit="adminUpdate(this); return false;">
action="API/adminChangeUser.php"
method="post">
<input type="hidden" name="groupbatchactions" id="groupbatchinput">
<button type="submit" name="batchactions" id="hide" value="hidden">Hide</button> <button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
<button type="submit" name="batchactions" id="ban" value="public">Public</button> <button type="submit" name="batchactions" id="ban" value="public">Public</button>
<button type="submit" name="batchactions" id="members" value="membersonly">Members</button> <button type="submit" name="batchactions" id="members" value="membersonly">Members</button>