diff --git a/html/admin/index.php b/html/admin/index.php index 89e8c8a2..78a02cde 100755 --- a/html/admin/index.php +++ b/html/admin/index.php @@ -12,6 +12,22 @@ if (!isset($_SESSION['userRole']) || $_SESSION['userRole'] < 50) { } $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass); + +if (isset($_POST['user-id']) && isset($_POST['user-role']) && isset($_POST['user-accreditation']) && empty($_POST['user-id']) == false) { + $userID = (int)$_POST['user-id']; + $userRole = empty($_POST['user-role']) ? 1 : (int)$_POST['user-role']; + $userAccreditation = empty($_POST['user-accreditation']) ? 0 : (int)$_POST['user-accreditation']; + $sqlRequest = "UPDATE users SET role = :userRole, accreditation = :userAccreditation WHERE ID = :userID"; + $request = $pdo->prepare($sqlRequest); + $request->bindParam(":userRole", $userRole); + $request->bindParam(":userAccreditation", $userAccreditation); + $request->bindParam(":userID", $userID); + if($request->execute()) { + $status = "Utilisateur mis à jour"; + } else { + $status = "Erreur SQL"; + } +} ?> @@ -20,6 +36,12 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData @@ -39,6 +61,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData
+ '); @@ -48,7 +71,7 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData $search = isset($_GET['search']) ? '%' . $_GET['search'] . '%' : '%%'; - $sqlRequest = "SELECT users.username, users.display_name, roles.badge_svg, users.profile_picture FROM users JOIN roles ON users.role = roles.ID WHERE users.ID LIKE :search OR users.username LIKE :search OR users.display_name LIKE :search OR users.email LIKE :search ORDER BY users.creation_date DESC"; + $sqlRequest = "SELECT users.ID, users.username, users.display_name, users.role, users.accreditation, roles.badge_svg, users.profile_picture FROM users JOIN roles ON users.role = roles.ID WHERE users.ID LIKE :search OR users.username LIKE :search OR users.display_name LIKE :search OR users.email LIKE :search ORDER BY users.creation_date DESC"; $request = $pdo->prepare($sqlRequest); $request->bindParam(":search", $search); $request->execute(); @@ -56,14 +79,32 @@ $pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlData if ($result) { echo ('
'); + $sqlRequest = "SELECT ID, name FROM confidential_levels"; + $request = $pdo->prepare($sqlRequest); + $request->execute(); + $confidentialLevels = array(); + foreach($request->fetchAll(PDO::FETCH_ASSOC) as $confidentialLevel) { + $confidentialLevels[$confidentialLevel['ID']] = $confidentialLevel['name']; + } + $sqlRequest = "SELECT ID, role_name FROM roles"; + $request = $pdo->prepare($sqlRequest); + $request->execute(); + $userRoles = array(); + foreach($request->fetchAll(PDO::FETCH_ASSOC) as $userRole) { + $userRoles[$userRole['ID']] = $userRole['role_name']; + } foreach($result as $row) { - $pubDateTime = strtotime($row['date']); + $pubDateTime = strtotime($row['creation_ate']); $pubDate = date('d/m/Y', $pubDateTime); - $userName = $row['username']; - $userDisplayName = $row['display_name']; - $userBadgeSVG = $row['badge_svg']; $userPPURL = $row['profile_picture'] == NULL ? "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png" : $row['profile_picture']; - userWidget($userPPURL, $userDisplayName, $userName, $userBadgeSVG, $rootPageURL); + + echo ('
'); + userWidget($userPPURL, $row['display_name'], $row['username'], $row['badge_svg'], $rootPageURL); + selectInput("user-role", "Role", $userRoles, $row['role']); + selectInput("user-accreditation", "Accreditation", $confidentialLevels, $row['accreditation']); + echo (''); + echo (''); + echo ('
'); } echo ('
'); } else {