added a userlist to browse users and edit their settings as admin

This commit is contained in:
Quitta 2013-07-03 05:57:50 +02:00
parent 128529c6c1
commit ebca9d0a48
6 changed files with 85 additions and 26 deletions

View file

@ -123,4 +123,10 @@ class WebUsers extends Users{
return $reply; return $reply;
} }
public function getUsers(){
global $cfg;
$dbl = new DBLayer($cfg['db']['web']);
$data = $dbl->executeWithoutParams("SELECT * FROM ams_user");
return $data;
}
} }

View file

@ -32,7 +32,11 @@ function change_info(){
$values['fName'] = $_POST['FirstName']; $values['fName'] = $_POST['FirstName'];
} }
if(($_POST['LastName'] != "") && ($_POST['LastName'] != $current_info['LastName'])){ if(($_POST['LastName'] != "") && ($_POST['LastName'] != $current_info['LastName'])){
$query = $query . "LastName = :lName "; if($updated){
$query = $query . ", LastName = :lName ";
}else{
$query = $query . "LastName = :lName ";
}
$updated = true; $updated = true;
$values['lName'] = $_POST['LastName']; $values['lName'] = $_POST['LastName'];
} }

View file

@ -4,12 +4,17 @@ function settings(){
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//in case id-GET param set it's value as target_id, if no id-param is given, ue the session id. //in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
if(isset($_GET['id'])){ if(isset($_GET['id'])){
$result = WebUsers::getInfo($_GET['id']); if(($_GET['id'] != $_SESSION['id']) && (!WebUsers::isAdmin()) ){
if(WebUsers::isAdmin() && ($_GET['id']!= $_SESSION['id'])){ print('No permission to see this page!');
$result['isAdmin'] = "TRUE"; exit;
}else{
$result = WebUsers::getInfo($_GET['id']);
if(WebUsers::isAdmin() && ($_GET['id']!= $_SESSION['id'])){
$result['isAdmin'] = "TRUE";
}
$result['target_id'] = $_GET['id'];
$result['current_mail'] = WebUsers::getEmail($_GET['id']);
} }
$result['target_id'] = $_GET['id'];
$result['current_mail'] = WebUsers::getEmail($_GET['id']);
}else{ }else{
$result = WebUsers::getInfo($_SESSION['id']); $result = WebUsers::getInfo($_SESSION['id']);
$result['target_id'] = $_SESSION['id']; $result['target_id'] = $_SESSION['id'];

View file

@ -0,0 +1,20 @@
<?php
function userlist(){
if(WebUsers::isAdmin()){
$users = WebUsers::getUsers();
$i = 0;
$pageResult['userlist'] = Array();
while($row = $users->fetch(PDO::FETCH_ASSOC)){
$pageResult['userlist'][$i]['id'] = $row['UId'];
$pageResult['userlist'][$i]['username'] = $row['Login'];
$pageResult['userlist'][$i]['permission'] = $row['Permission'];
$pageResult['userlist'][$i]['email'] = $row['Email'];
$i++;
}
return $pageResult;
}else{
print('no permission');
exit;
}
}

View file

@ -5,6 +5,7 @@
<li style="margin-left: -2px;"><a class="ajax-link" href="index.php?page=settings"><i class="icon-cog"></i><span class="hidden-tablet"> Settings</span></a></li> <li style="margin-left: -2px;"><a class="ajax-link" href="index.php?page=settings"><i class="icon-cog"></i><span class="hidden-tablet"> Settings</span></a></li>
<li class="nav-header hidden-tablet">Admin</li> <li class="nav-header hidden-tablet">Admin</li>
<li style="margin-left: -2px;"><a class="ajax-link" href="index.php?page=libuserlist"><i class="icon-th-list"></i><span class="hidden-tablet"> Liblist</span></a></li> <li style="margin-left: -2px;"><a class="ajax-link" href="index.php?page=libuserlist"><i class="icon-th-list"></i><span class="hidden-tablet"> Liblist</span></a></li>
<li style="margin-left: -2px;"><a class="ajax-link" href="index.php?page=userlist"><i class="icon-th-list"></i><span class="hidden-tablet"> UserList</span></a></li>
<li class="nav-header hidden-tablet">Actions</li> <li class="nav-header hidden-tablet">Actions</li>
<li style="margin-left: -2px;"><a href="?page=logout"><i class="icon-off"></i><span class="hidden-tablet"> Logout </span></a></li> <li style="margin-left: -2px;"><a href="?page=logout"><i class="icon-off"></i><span class="hidden-tablet"> Logout </span></a></li>

View file

@ -1,22 +1,45 @@
{block name=content} {block name=content}
<div class="row-fluid">
<div class="box span12">
<div class="box-header well" data-original-title>
<h2><i class="icon-user"></i> Members</h2>
<div class="box-icon">
<a href="#" class="btn btn-setting btn-round"><i class="icon-cog"></i></a>
<a href="#" class="btn btn-minimize btn-round"><i class="icon-chevron-up"></i></a>
<a href="#" class="btn btn-close btn-round"><i class="icon-remove"></i></a>
</div>
</div>
<div class="box-content">
<table class="table table-striped table-bordered bootstrap-datatable datatable">
<thead>
<tr>
<th>Id</th>
<th>Username</th>
<th>Email</th>
<th>Permission</th>
<th>Action</th>
</tr>
</thead>
<tbody>
{foreach from=$userlist item=element}
<tr>
<td>{$element.id}</td>
<td class="center">{$element.username}</td>
<td class="center">{$element.email}</td>
{if $element.permission eq 1}<td class="center"><span class="label label-success">User</span></td>{/if}
{if $element.permission eq 2}<td class="center"><span class="label label-warning">Admin</span></td>{/if}
<td class="center">
<a class="btn btn-info" href="index.php?page=settings&id={$element.id}"><i class=" icon-pencil icon-white"></i>Edit User</a>
</td>
<div class="row-fluid"> </tr>
<div class="box span12"> {/foreach}
<div class="box-header well">
<h2><i class="icon-info-sign"></i> {$userlist_info}</h2>
<div class="box-icon">
<a href="#" class="btn btn-round" onclick="javascript:show_help('intro');return false;"><i class="icon-info-sign"></i></a>
<a href="#" class="btn btn-setting btn-round"><i class="icon-cog"></i></a>
<a href="#" class="btn btn-minimize btn-round"><i class="icon-chevron-up"></i></a>
<a href="#" class="btn btn-close btn-round"><i class="icon-remove"></i></a>
</div>
</div>
<div class="box-content">
<p><strong>The shard/lib/web db user list</strong> You are about to see it here!</p>
<div class="clearfix"></div> </tbody>
</div> </table>
</div> </div>
</div> </div><!--/span-->
</div><!--/row-->
{/block} {/block}