MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Marijn button #99

Merged
11166932 merged 152 commits from marijn-button into master 2017-01-23 13:25:08 +01:00
Conversation 2 Commits 152 Files Changed 52 +410 -96
5 changed files with 410 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 7390898721 - Show all commits

23
website/public/styles/adminpanel.css
View File

@@ -32,17 +32,36 @@
margin-bottom: 10px; margin-bottom: 10px;
} }
.admin-filter { .admin-filter, .admin-filtertype, .admin-groupfilter {
display: inline-block; display: inline-block;
margin: 10px; margin: 10px;
vertical-align: top; vertical-align: top;
margin-right: 100px; margin-right: 50px;
margin-left: 50px;
}
.admin-filter, .admin-groupfilter {
width: 120px;
}
.admin-groupfilter {
display: none;
} }
.admin-users { .admin-users {
margin: 10px; margin: 10px;
} }
.admin-userpage {
width: 170px;
margin-bottom: 20px;
float: right;
}
.usertitle {
width: 150px;
}
.usertable { .usertable {
width: 100%; width: 100%;
} }

45
website/queries/group_page.php
View File

@@ -53,4 +53,47 @@ function select20GroupsByStatusFromN($db, $n, $status) {
"); ");
} }
?> function search20GroupsFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
SELECT
`groupID`,
`name`,
`status`,
`description`
FROM
`group_page`
WHERE
`name` LIKE :keyword AND
FIND_IN_SET (`status`, :statuses)
ORDER BY
`name`
LIMIT
:n, 20
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeGroupStatusByID($db, $id, $status) {
$q = $db->query("
UPDATE
`group_page`
SET
`status` = $status
WHERE
`groupID` = $id
");
return $q;
}
?>

86
website/queries/user.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
function select20UsersFromN($db, $n) {
return $db->query("
SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user`
ORDER BY
`role`,
`username`
LIMIT
$n, 20
");
}
function search20UsersFromN($db, $n, $keyword) {
$q = $db->prepare("
SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user`
WHERE
`username` LIKE :keyword
ORDER BY
`username`
LIMIT
:n, 20
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$q->execute();
return $q;
}
function search20UsersFromNByStatus($db, $n, $keyword, $status) {
$q = $db->prepare("
SELECT
`userID`,
`username`,
`role`,
`bancomment`
FROM
`user`
WHERE
`username` LIKE :keyword AND
FIND_IN_SET (`role`, :statuses)
ORDER BY
`role`,
`username`
LIMIT
:n, 20
");
$keyword = "%$keyword%";
$q->bindParam(':keyword', $keyword);
$q->bindParam(':n', $n, PDO::PARAM_INT);
$statuses = implode(',', $status);
$q->bindParam(':statuses', $statuses);
$q->execute();
return $q;
}
function changeUserStatusByID($db, $id, $status) {
$q = $db->query("
UPDATE
`user`
SET
`role` = $status
WHERE
`userID` = $id
");
return $q;
}
?>

350
website/views/adminpanel.php
View File

@@ -1,98 +1,266 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Admin Panel</title> <title>Admin Panel</title>
<script type="text/javascript"> <script type="text/javascript">
function checkAll(allbox) { window.onload = function() {
var checkboxes = document.getElementsByName('check1'); changeFilter();
};
for (var i = 0; i < checkboxes.length; i++) { function checkAll(allbox) {
if (checkboxes[i].type == 'checkbox') { var checkboxes = document.getElementsByName('checkbox-user[]');
checkboxes[i].checked = allbox.checked;
} for (var i = 0; i < checkboxes.length; i++) {
if (checkboxes[i].type == 'checkbox') {
checkboxes[i].checked = allbox.checked;
} }
} }
</script> }
</head>
<body> function changeFilter() {
<div class="content"> if (document.getElementById('group').checked) {
<div class="platform admin-panel"> document.getElementById('admin-filter').style.display = 'none';
<div class="admin-title"> document.getElementById('admin-groupfilter').style.display = 'inline-block';
<h1>User Management Panel</h1> } else {
</div> <br> document.getElementById('admin-filter').style.display = 'inline-block';
<form action="admin.php" method="post"> document.getElementById('admin-groupfilter').style.display = 'none';
<div class="admin-options"> }
<form action="admin.php" method="post"> }
<div class="admin-searchbar">
<h2>Search</h2> </script>
<input type="text" name="search" class="admin-searchinput"> <br> <?php
<input type="submit" value="Search"> include_once("../queries/user.php");
</div> include_once("../queries/group_page.php");
<div class="admin-filter"> ?>
<h2>Show users:</h2> </head>
<input type="checkbox" name="status" value="Active"> Active <br> <body>
<input type="checkbox" name="status" value="Muted"> Muted <br>
<input type="checkbox" name="status" value="Banned"> Banned <!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
</div> <?php
</form> $search = "";
<div class="admin-actions"> $listnr = 0; // TODO: add page functionality
<h2>Batch Actions: </h2> $status = $groupstatus = array();
<input type="radio" name="actions" value="mute"> Mute <br> $pagetype = "user";
<input type="radio" name="actions" value="ban"> Ban <br>
<input type="radio" name="actions" value="unban"> Unban <br> <br> if ($_SERVER["REQUEST_METHOD"] == "POST") {
<input type="submit" value="Confirm"> if (!empty($_POST["search"])) {
</div> $search = test_input($_POST["search"]);
</div> }
<br>
<div class="admin-users"> if (!empty($_POST["pagetype"])) {
<h2>Users:</h2> $pagetype = test_input($_POST["pagetype"]);
<table class="usertable"> }
<tr>
<th class="table-checkbox"> if (!empty($_POST["status"])) {
<input type="checkbox" name="checkall" onchange="checkAll(this)"> $status = $_POST["status"];
</th> }
<th class="table-username">User</th>
<th class="table-status">Status</th> if (!empty($_POST["groupstatus"])) {
<th class="table-comment">Comment</th> $groupstatus = $_POST["groupstatus"];
<th class="table-action">Action</th> }
</tr>
<tr> if (!empty($_POST["actions"]) && !empty($_POST["userID"])) {
<td><input type="checkbox" name="check1"></td> changeUserStatusByID($db, $_POST["userID"], $_POST["actions"]);
<td>John Smith</td> } elseif (!empty($_POST["actions"]) && !empty($_POST["groupID"])) {
<td>Banned</td> changeGroupStatusByID($db, $_POST["groupID"], $_POST["actions"]);
<td>unregulated time travel</td> }
<td>
<form class="admin-useraction" action="index.html" method="post"> }
<select class="action" name="actions">
<option value="mute">Mute</option> function test_input($data) {
<option value="ban">Ban</option> $data = trim($data);
<option value="unban">Unban</option> $data = stripslashes($data);
</select> $data = htmlspecialchars($data);
<input type="submit" value="Confirm"> return $data;
</form> }
</td> ?>
</tr>
<tr> <div class="content">
<td><input type="checkbox" name="check1"></td> <div class="platform admin-panel">
<td>poey jokeaim</td> <div class="admin-title">
<td>Banned</td> <h1>User Management Panel</h1>
<td>l33t h4xx</td> </div> <br>
<td> <form class="admin-actionform"
<form class="admin-useraction" action="index.html" method="post"> action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
<select class="action" name="actions"> method="post">
<option value="mute">Mute</option> <div class="admin-options">
<option value="ban">Ban</option> <form class="admin-searchform"
<option value="unban">Unban</option> action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
</select> method="post">
<input type="submit" value="Confirm"> <div class="admin-searchbar">
</form> <h2>Search</h2>
</td> <input type="text"
</tr> name="search"
</table> class="admin-searchinput"
</div> value="<?php echo $search;?>"> <br>
</form> <input type="submit" value="Search">
</div>
<div class="admin-filter" id="admin-filter">
<h2>Show:</h2>
<input type="checkbox" name="status[]" id="normal" value="1"
<?php if (in_array("1", $status)) echo "checked";?>>
<label for="normal">Normal</label><br>
<input type="checkbox" name="status[]" id="frozen" value="2"
<?php if (in_array("2", $status)) echo "checked";?>>
<label for="frozen">Frozen</label><br>
<input type="checkbox" name="status[]" id="banned" value="3"
<?php if (in_array("3", $status)) echo "checked";?>>
<label for="banned">Banned</label><br>
<input type="checkbox" name="status[]" id="admin" value="5"
<?php if (in_array("5", $status)) echo "checked";?>>
<label for="admin">Admin</label><br>
<input type="checkbox" name="status[]" id="unvalidated" value="0"
<?php if (in_array("0", $status)) echo "checked";?>>
<label for="unvalidated">Unvalidated</label><br>
<input type="checkbox" name="status[]" id="owner" value="42"
<?php if (in_array("42", $status)) echo "checked";?>>
<label for="owner">Owner</label>
</div>
<div class="admin-groupfilter" id="admin-groupfilter">
<h2>Show:</h2>
<input type="checkbox" name="groupstatus[]" id="hidden" value="0"
<?php if (in_array("0", $groupstatus)) echo "checked";?>>
<label for="hidden">Hidden</label><br>
<input type="checkbox" name="groupstatus[]" id="public" value="1"
<?php if (in_array("1", $groupstatus)) echo "checked";?>>
<label for="public">Public</label><br>
<input type="checkbox" name="groupstatus[]" id="membersonly" value="2"
<?php if (in_array("2", $groupstatus)) echo "checked";?>>
<label for="membersonly">Members-only</label><br>
</div>
<div class="admin-filtertype">
<h2>Page Type:</h2>
<input type="radio" name="pagetype" id="user" value="user"
<?php if (isset($pagetype) && $pagetype=="user") echo "checked";?>
onchange="changeFilter()">
<label for="user">Users</label><br>
<input type="radio" name="pagetype" id="group" value="group"
<?php if (isset($pagetype) && $pagetype=="group") echo "checked";?>
onchange="changeFilter()">
<label for="group">Groups</label>
</div>
</form>
<div class="admin-actions">
<h2>Batch Actions: </h2>
<input type="radio" name="actions" id="freeze" value="freeze">
<label for="freeze">Freeze</label><br>
<input type="radio" name="actions" id="ban" value="ban">
<label for="ban">Ban</label><br>
<input type="radio" name="actions" id="restore" value="restore">
<label for="restore">Restore</label><br><br>
<input type="submit" value="Confirm">
</div>
</div> </div>
</div> <br>
</body>
<div class="admin-users">
<h2 class="usertitle">Users:</h2>
<div class="admin-userpage">
<input type="submit" name="prev" value="prev">
1 / 1
<input type="submit" name="next" value="next">
</div> <br>
<table class="usertable">
<tr>
<th class="table-checkbox">
<input type="checkbox" name="checkall" onchange="checkAll(this)">
</th>
<th class="table-username">User</th>
<th class="table-status">Status</th>
<th class="table-comment">Comment</th>
<th class="table-action">Action</th>
</tr>
<!-- Table construction via php PDO. -->
<?php
if ($pagetype == 'user') {
$q = search20UsersFromNByStatus($db, $listnr, $search, $status);
while($user = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $user['userID'];
$username = $user['username'];
$role = $user['role'];
$bancomment = $user['bancomment'];
$thispage = htmlspecialchars($_SERVER['PHP_SELF']);
echo("
<tr>
<td><input type='checkbox'
name='checkbox-user[]'
value='$userID'>
</td>
<td>$username</td>
<td>$role</td>
<td>$bancomment</td>
<td>
<form class='admin-useraction'
action='$thispage'
method='post'>
<select class='action' name='actions'>
<option value='2'>Freeze</option>
<option value='3'>Ban</option>
<option value='1'>Restore</option>
</select>
<input type='hidden' name='userID' value='$userID'>
<input type='submit' value='Confirm'>
</form>
</td>
</tr>
");
}
} else {
$q = search20GroupsFromNByStatus($db, $listnr, $search, $groupstatus);
while ($group = $q->fetch(PDO::FETCH_ASSOC)) {
$groupID = $group['groupID'];
$name = $group['name'];
$role = $group['status'];
$description = $group['description'];
$thispage = htmlspecialchars($_SERVER['PHP_SELF']);
echo("
<tr>
<td><input type='checkbox'
name='checkbox-group[]'
value='$groupID'>
</td>
<td>$name</td>
<td>$role</td>
<td>$description</td>
<td>
<form class='admin-groupaction'
action='$thispage'
method='post'>
<select class='action' name='actions'>
<option value='0'>Hide</option>
<option value='1'>Public</option>
<option value='2'>Members-only</option>
</select>
<input type='hidden' name='groupID' value='$groupID'>
<input type='submit' value='Confirm'>
</form>
</td>
</tr>
");
}
}
?>
</table>
</div>
</form>
<pre>
<?php print_r($_POST); ?>
</pre>
</div>
</div>
</body>
</html> </html>

2
website/views/head.php
View File

@@ -18,5 +18,3 @@
include_once("../queries/connect.php"); include_once("../queries/connect.php");
session_start(); session_start();
?>