fixed pageselector in admin

website/public/API/adminChangeUser.php

@@ -6,12 +6,18 @@ require_once ("../../queries/checkInput.php");
 require_once ("../../queries/user.php");
 require_once ("../../queries/group_page.php");
 
+$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
+
 if (isset($_POST["actions"]) && isset($_POST["userID"])) {
     changeUserStatusByID($_POST["userID"], $_POST["actions"]);
 } else if (isset($_POST["actions"]) && isset($_POST["groupID"])) {
     changeGroupStatusByID($_POST["groupID"], $_POST["actions"]);
 } else if (isset($_POST["batchactions"]) && isset($_POST["checkbox-user"])) {
+    if ($userinfo['role'] == 'owner') {
         changeMultipleUserStatusByID($_POST["checkbox-user"], $_POST["batchactions"]);
+    } else {
+        changeMultipleUserStatusByIDAdmin($_POST["checkbox-user"], $_POST["batchactions"]);
+    }
 } else if (isset($_POST["groupbatchactions"]) && isset($_POST["checkbox-group"])) {
     changeMultipleGroupStatusByID($_POST["checkbox-group"], $_POST["groupbatchactions"]);
 }

website/public/API/adminPageNumber.php

@@ -5,6 +5,7 @@ session_start();
 require_once ("../../queries/connect.php");
 require_once ("../../queries/checkInput.php");
 require_once ("../../queries/user.php");
+require_once ("../../queries/group_page.php");
 
 $search = "";
 if (isset($_POST["search"])) {
@@ -21,8 +22,17 @@ if (isset($_POST['status'])) {
     $status = $_POST["status"];
 }
 
-if ($pagetype == "user") {
-    include ("../../views/adminpanel-page.php");
-} else {
-    echo "Pagenumber failed!";
+$groupstatus = array();
+if (isset($_POST['groupstatus'])) {
+    $groupstatus = $_POST["groupstatus"];
 }
+
+$entries = 20;
+$currentpage = 1;
+if (isset($_POST['currentpage'])) {
+    $currentpage = (int) test_input($_POST["currentpage"]);
+}
+
+$offset = (int) $currentpage * $entries - $entries;
+
+include ("../../views/adminpanel-page.php");

website/public/API/adminSearchUsers.php

@@ -8,13 +8,11 @@ require_once ("../../queries/user.php");
 require_once ("../../queries/group_page.php");
 
 $offset = 0;
-if (isset($_POST["n"])) {
-    $offset = (int) test_input($_POST["n"]);
-}
 $entries = 20;
-if (isset($_POST["m"])) {
-    $entries = (int) test_input($_POST["m"]);
+if (isset($_POST["currentpage"])) {
+    $offset = (int) test_input($_POST["currentpage"]) * $entries - $entries;
 }
+
 $search = "";
 if (isset($_POST["search"])) {
     $search = test_input($_POST["search"]);

website/public/js/admin.js

@@ -1,14 +1,16 @@
 $(window).on("load", function () {
     changeFilter();
+    searchFromOne();
+
     $(".admin-searchinput").keyup(function(){
-        adminSearch();
+        searchFromOne();
     });
     // all inputs and labels directly under admin filter and groupfilter
     $("#admin-filter, #admin-groupfilter > input, label").change(function(){
-        adminSearch();
+        searchFromOne();
     });
     $("#pagetype").change(function(){
-        adminSearch();
+        searchFromOne();
     });
 
     /* Update hidden input to be equal to submit pressed,
@@ -22,8 +24,6 @@ $(window).on("load", function () {
         $('#groupbatchinput').prop('value', $(this).prop('value'));
         console.log($('#batchinput').prop('value'));
     });
-
-    adminSearch();
 });
 
 function checkAll() {
@@ -61,18 +61,23 @@ function changeFilter() {
     }
 }
 
+function searchFromOne() {
+    $('#currentpage').prop('value', 1);
+    adminSearch();
+}
+
 function adminSearch() {
+    console.log($("#admin-searchform").serialize());
     $.post(
         "API/adminSearchUsers.php",
         $("#admin-searchform").serialize()
     ).done(function (data) {
-        // console.log(data);
         $("#usertable").html(data);
+        updatePageN();
     })
 }
 
 function adminUpdate(form) {
-    console.log($(form).serialize());
     $.post(
         "API/adminChangeUser.php",
         $(form).serialize()

website/queries/user.php

@@ -307,6 +307,25 @@ function changeMultipleUserStatusByID($ids, $status) {
     return $q;
 }
 
+function changeMultipleUserStatusByIDAdmin($ids, $status) {
+    $q = prepareQuery("
+    UPDATE
+        `user`
+    SET
+        `role` = :status
+    WHERE
+        FIND_IN_SET (`userID`, :ids)
+        AND NOT `role` = 'admin'
+        AND NOT `role` = 'owner'
+    ");
+
+    $ids = implode(',', $ids);
+    $q->bindParam(':ids', $ids);
+    $q->bindParam(':status', $status);
+    $q->execute();
+    return $q;
+}
+
 function selectRandomNotFriendUser($userID) {
     $stmt = prepareQuery("
     SELECT

website/views/adminpanel-page.php

@@ -5,18 +5,16 @@ if ($pagetype == "user") {
     $pages = countSomeGroupsByStatus($search, $groupstatus);
 }
 $countresults = $pages->fetchColumn();
-$mincount = min($listm, $countresults);
-$minlist = min($listn + 1, $countresults);
+
 ?>
-    Pagina: <form class="admin-pageselector"
-                  action="<?php htmlspecialchars(basename($_SERVER['REQUEST_URI'])) ?>"
-                  method="post">
-    <select class="admin-pageselect"
-            name="pageselect"
-            onchange="this.form.submit()"
-            value="">
+Pagina:
+<select class="admin-pageselect"
+        name="currentpage"
+        id="currentpage"
+        form="admin-searchform"
+        onchange="adminSearch();">
     <?php
-        for ($i=1; $i <= ceil($countresults / $perpage); $i++) {
+    for ($i=1; $i <= ceil($countresults / $entries); $i++) {
         if ($currentpage == $i) {
             echo "<option value='$i' selected>$i</option>";
         } else {
@@ -24,8 +22,9 @@ $minlist = min($listn + 1, $countresults);
         }
     }
     ?>
-    </select>
-</form>
+</select>
 <?php
-echo "$minlist tot $mincount ($countresults totaal)";
+$n = min($offset + 1, $countresults);
+$m = min($offset + $entries, $countresults);
+echo " $n tot $m ($countresults totaal)";
 ?>

website/views/adminpanel.php

@@ -2,8 +2,6 @@
 <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
 <?php
 $search = "";
-$currentpage = 1;
-$perpage = 20;
 $status = array("user", "frozen", "banned", "unconfirmed", "admin", "owner");
 $groupstatus = array("hidden", "public", "membersonly");
 $pagetype = "user";
@@ -25,13 +23,6 @@ if (isset($_GET["groupstatus"])) {
     $groupstatus = $_GET["groupstatus"];
 }
 
-
-if ($_SERVER["REQUEST_METHOD"] == "POST") {
-    if (isset($_POST["pageselect"])) {
-        $currentpage = $_POST["pageselect"];
-    }
-}
-
 ?>
 
 <div class="content">
@@ -40,7 +31,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         <div class="admin-options">
             <form class="admin-searchform"
                   id="admin-searchform"
-                  action="javascript:adminSearch();"
+                  action="javascript:searchFromOne();"
                   method="get">
 
                 <div class="admin-searchbar">
@@ -121,9 +112,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         <div class="admin-users">
             <div class="admin-usertitle">
                 <h4>Resultaat:</h4>
-                <span style="float: right" id="admin-pageinfo">
+                <div style="float: right" id="admin-pageinfo">
 
-                </span>
+                </div>
                 <form id="admin-batchform"
                       onsubmit="adminUpdate(this); return false;">