-
Notifications
You must be signed in to change notification settings - Fork 0
/
addrole.php
133 lines (80 loc) · 3.04 KB
/
addrole.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?php
session_start();
?>
<?php include 'head.php';?>
<?php
if($_SESSION['role']== "2") {
if(isset($_POST['clear'])){
$role = "1";
$sql = "SELECT * FROM UserAccounts WHERE role='$role' ";
$result = mysqli_query($conn, $sql);
$accounts = mysqli_fetch_all($result, MYSQLI_ASSOC);
}
if(isset($_POST['search'])){
$email = $_POST['email'];
$sql = "SELECT * FROM UserAccounts WHERE email='$email' ";
$result = mysqli_query($conn, $sql);
$accounts = mysqli_fetch_all($result, MYSQLI_ASSOC);
} else {
$user = "1";
$sql = "SELECT * FROM UserAccounts WHERE role='$user' ";
$result = mysqli_query($conn, $sql);
$accounts = mysqli_fetch_all($result, MYSQLI_ASSOC);
}
if(isset($_POST['addrole'])){
$userid = $_POST['userid'];
$newrole = "1";
$setrole = "UPDATE `UserAccounts` SET `role`='$newrole' WHERE `UserAccounts`.`id`='$userid' ";
$conn->query($setrole);
header('Location: addrole.php');
}
if(isset($_POST['removerole'])){
$userid = $_POST['userid'];
$newrole = "0";
$setrole = "UPDATE `UserAccounts` SET `role`='$newrole' WHERE `UserAccounts`.`id`='$userid' ";
$conn->query($setrole);
header('Location: addrole.php');
}
?>
<h3 class="phonesavailable"><center>Search accounts</center></h3>
<div class="searchbar">
<div class="searchcontainer">
<form method="POST" style="margin-top:5px;" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<input type="text" placeholder="Enter an email" id="email" name="email" style="border-radius:25px 0px 0px 25px">
<button type="submit" name="search"><i class="fa fa-search"></i></button>
<button type="submit" name="clear" style="border-radius:25px;">Clear</button>
</form>
</div>
</div>
<br>
<div class="d-flex flex-column justify-content-center align-items-center">
<?php if(empty($accounts)): ?>
<p class="lead mt3">There are no accounts to display with that email.</p>
<?php endif; ?>
<div class="all accounts">
<?php foreach($accounts as $item): ?>
<div class="card">
<div class="card-body text-center fit" style="margin:auto;">
<div class="text-secondary mt-1">
<h2><?php echo $item['name']; ?></h2>
<p><b>Email:</b> <?php echo $item['email']; ?></p>
<p><b>Phone Number:</b> <?php echo $item['PhoneNumber']; ?></p>
<p><b>Role:</b> <?php echo $item['role']; ?></p>
<p>Role: 1 means account is associate. Role: 0 means account is customer</p>
<form method="POST" style="margin-top:5px;border:none;" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<input type="hidden" name="userid" id="userid" value="<?=$item['id']?>" >
<input type="submit" class="button1" name="addrole" value="Add as associate account">
<input type="submit" class="button1" name="removerole" value="Remove associate account rights">
</form>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
</div>
<?php
}else {
echo "You do not have permission to view this page";
exit;
}
?>