MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

cleaned admin.js, add admin/owner check (frontend), fix submit ajax

Browse Source
This commit is contained in:
Hendrik
2017-01-30 16:32:57 +01:00
parent 3f960cc091
commit e464f5bca2
8 changed files with 79 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
website/public/API/adminChangeUser.php
View File

@@ -15,6 +15,3 @@ if (isset($_POST["actions"]) && isset($_POST["userID"])) {
} else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
}
//header("location: ../admin.php");
print_r($_POST);

2
website/public/API/adminSearchUsers.php
View File

@@ -35,6 +35,8 @@ if (isset($_POST['groupstatus'])) {
$groupstatus = $_POST["groupstatus"];
}
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
if ($pagetype == "user") {
include ("../../views/adminpanel-table.php");
} else if ($pagetype == "group") {

2
website/public/admin.php
View File

@@ -8,7 +8,7 @@
<style>
@import url("styles/adminpanel.css");
</style>
<script src="js/admin.js" charset="utf-8"></script>
<script src="js/admin.js" charset="utf-8"></script>
</head>
<body>
<?php

54
website/public/js/admin.js
View File

@@ -4,39 +4,45 @@ $(window).on("load", function () {
adminSearch();
});
// all inputs and labels directly under admin filter and groupfilter
$("#admin-filter, #admin-groupfilter > input, label").click(function(){
$("#admin-filter, #admin-groupfilter > input, label").change(function(){
adminSearch();
});
$("#pagetype").change(function(){
adminSearch();
});
/* Update hidden input to be equal to submit pressed,
because serialize doesn't take submit values. */
$('#admin-batchform > button').click(function () {
$('#batchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
$('#admin-groupbatchform > button').click(function () {
$('#groupbatchinput').prop('value', $(this).prop('value'));
console.log($('#batchinput').prop('value'));
});
adminSearch();
});
function checkAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
}
}
function checkAll() {
$('.checkbox-list').each(function () {
$(this).prop('checked', $('#checkall').prop('checked'));
});
}
function checkCheckAll(allbox) {
var checkboxes = document.getElementsByClassName('checkbox-list');
function checkCheckAll() {
var checked = true;
for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
if (checkboxes[i].checked == false) {
$('.checkbox-list').each(function () {
if ($(this).prop('checked') == false) {
checked = false;
break;
return;
}
}
}
allbox.checked = checked;
});
$('#checkall').prop('checked', checked);
}
function changeFilter() {
@@ -60,11 +66,21 @@ function adminSearch() {
"API/adminSearchUsers.php",
$("#admin-searchform").serialize()
).done(function (data) {
console.log(data);
// console.log(data);
$("#usertable").html(data);
})
}
function adminUpdate(form) {
console.log($(form).serialize());
$.post(
"API/adminChangeUser.php",
$(form).serialize()
).done(function () {
adminSearch();
})
}
function updatePageN() {
$.post(
"API/adminPageNumber.php",

2
website/public/styles/adminpanel.css
View File

@@ -44,7 +44,7 @@
padding: 3px;
}
.usertable tr {
.usertable th, tr {
text-align: left;
}

6
website/views/adminpanel-grouptable.php
View File

@@ -16,7 +16,6 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$name = $group['name'];
$role = $group['status'];
$description = $group['description'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo("
<tr>
@@ -25,15 +24,14 @@ while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list'
value='$groupID'
form='admin-groupbatchform'
onchange='$function'>
onchange='checkCheckAll();'>
</td>
<td>$name</td>
<td>$role</td>
<td>$description</td>
<td>
<form class='admin-groupaction'
action='API/adminChangeUser.php'
method='post'>
onsubmit=\"adminUpdate(this); return false;\">
<select class='action' name='actions'>
<option value='hidden'>Hidden</option>
<option value='public'>Public</option>

26
website/views/adminpanel-table.php
View File

@@ -1,5 +1,5 @@
<tr>
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll(this)"></th>
<th><input class="table-checkbox" type="checkbox" id="checkall" name="checkall" onchange="checkAll()"></th>
<th class="table-username">Gebruikersnaam</th>
<th class="table-status">Status</th>
<th class="table-comment">Aantekening</th>
@@ -14,7 +14,6 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$username = $user['username'];
$role = $user['role'];
$bancomment = $user['bancomment'];
$function = "checkCheckAll(document.getElementById('checkall'))";
echo("
<tr>
@@ -24,20 +23,29 @@ while($user = $q->fetch(PDO::FETCH_ASSOC)) {
class='checkbox-list'
value='$userID'
form='admin-batchform'
onchange='$function'>
onchange='checkCheckAll();'>
</td>
<td>$username</td>
<td>$role</td>
<td>$bancomment</td>
<td>
<form class='admin-useraction'
action='API/adminChangeUser.php'
method='post'>
<select class='action' name='actions'>
<option value='frozen'>Bevries</option>
onsubmit=\"adminUpdate(this); return false;\">
<select class='action' name='actions'>");
if (!($userinfo['role'] == 'admin'
AND ($user['role'] == 'admin'
OR $user['role'] == 'owner'))) {
echo "<option value='frozen'>Bevries</option>
<option value='banned'>Ban</option>
<option value='user'>Activeer</option>
</select>
<option value='user'>Activeer</option>";
if ($userinfo['role'] == 'owner') {
echo "<option value='admin'>Admin</option>
<option value='owner'>Owner</option>";
}
}
echo ("</select>
<input type='hidden' name='userID' value='$userID'>
<input type='submit' value='Confirm'>
</form>

27
website/views/adminpanel.php
View File

@@ -7,6 +7,7 @@ $perpage = 20;
$status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
$groupstatus = array("hidden", "public", "membersonly");
$pagetype = "user";
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
if (isset($_GET["search"])) {
$search = test_input($_GET["search"]);
@@ -123,20 +124,30 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<span style="float: right" id="admin-pageinfo">
</span>
<form
id="admin-batchform"
action="API/adminChangeUser.php"
method="post">
<form id="admin-batchform"
onsubmit="adminUpdate(this); return false;">
<input type="hidden" name="batchactions" id="batchinput">
<button type="submit" name="batchactions" id="freeze" value="frozen">Bevries</button>
<button type="submit" name="batchactions" id="ban" value="banned">Ban</button>
<button type="submit" name="batchactions" id="restore" value="user">Activeer</button>
<?php
if ($userinfo['role'] == 'owner') {
echo "<button type=\"submit\"
name=\"batchactions\"
id=\"admin\"
value=\"admin\">Maak Admin</button>
<button type=\"submit\"
name=\"batchactions\"
id=\"owner\"
value=\"owner\">Maak Owner</button>";
}
?>
</form>
<form
id="admin-groupbatchform"
action="API/adminChangeUser.php"
method="post">
<form id="admin-groupbatchform"
onsubmit="adminUpdate(this); return false;">
<input type="hidden" name="groupbatchactions" id="groupbatchinput">
<button type="submit" name="batchactions" id="hide" value="hidden">Hide</button>
<button type="submit" name="batchactions" id="ban" value="public">Public</button>
<button type="submit" name="batchactions" id="members" value="membersonly">Members</button>