Update 3 files
- /html/upload.php - /html/src/css/style.css - /html/users.php
This commit is contained in:
Jan BELLON
parent
055eaae5e3
commit
081ee51c05
@ -118,7 +118,6 @@ a {
|
||||
|
||||
.article-content {
|
||||
padding: 2em;
|
||||
margin: 2em;
|
||||
}
|
||||
|
||||
.row {
|
||||
|
||||
@ -4,7 +4,7 @@ require "../include/functions.php";
|
||||
|
||||
$repertoire = "/var/www/e59/";
|
||||
|
||||
if($role < 3) {
|
||||
if($_SESSION['role'] < 3) {
|
||||
header("Location: login.php");
|
||||
http_response_code(404);
|
||||
die();
|
||||
|
||||
@ -8,6 +8,19 @@ if($_SESSION['role'] < 4) {
|
||||
die();
|
||||
}
|
||||
|
||||
if(isset($_POST['userid']) && isset($_POST['role']) && $_POST['userid'] != $_SESSION['userid'] && $_POST['role'] <= $_SESSION['role']) {
|
||||
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
|
||||
|
||||
$req = $bdd->prepare("UPDATE users SET role = :role WHERE ID = :userid");
|
||||
$req->bindParam(':role',$_POST['role']);
|
||||
$req->bindParam(':userid', $_POST['userid']);
|
||||
if ($req->execute()) {
|
||||
$status = "Utilisateur mis à jour";
|
||||
} else {
|
||||
$status = "Erreur SQL";
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html lang="fr">
|
||||
@ -45,6 +58,7 @@ if($_SESSION['role'] < 4) {
|
||||
<div class="content">
|
||||
<div>
|
||||
<div>
|
||||
<div><?=$status?></div>
|
||||
<?php
|
||||
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
|
||||
$req = $bdd->prepare("SELECT display_name, username, email, role FROM users ORDER BY creation_date DESC");
|
||||
@ -61,7 +75,7 @@ if($_SESSION['role'] < 4) {
|
||||
echo '<option value="' . $id .'">' . $nom . '</option>';
|
||||
}
|
||||
}
|
||||
echo "</select><input type='submit' value='Mettre à jour'></div></form></div>";
|
||||
echo "</select><input type='hidden' name='userid' value='" . $row['ID'] . "'><input type='submit' value='Mettre à jour'></div></form></div>";
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user