diff options
author | arf20 <aruizfernandez05@gmail.com> | 2024-03-17 01:34:36 +0100 |
---|---|---|
committer | arf20 <aruizfernandez05@gmail.com> | 2024-03-17 01:34:36 +0100 |
commit | 7af9970bbaaca7ec61dfb1234f1d52a03dab2811 (patch) | |
tree | 823f9781fd38f85b9341beeb9827472e3ef2da9e | |
parent | d1ae80bb6806e1c7daed1553130e9f44c8c305f6 (diff) | |
download | arfnet2-cstims-7af9970bbaaca7ec61dfb1234f1d52a03dab2811.tar.gz arfnet2-cstims-7af9970bbaaca7ec61dfb1234f1d52a03dab2811.zip |
User add working
-rwxr-xr-x | login.php | 2 | ||||
-rw-r--r-- | manageusers.php | 62 | ||||
-rw-r--r-- | style.css | 6 |
3 files changed, 67 insertions, 3 deletions
@@ -16,7 +16,7 @@ $username = $password = ""; $username_err = $password_err = "";
// Processing form data when form is submitted
-if($_SERVER["REQUEST_METHOD"] == "POST"){
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Validate username
if (empty($_POST["username"]))
$username_err = "Enter a username.";
diff --git a/manageusers.php b/manageusers.php index 30750df..b042978 100644 --- a/manageusers.php +++ b/manageusers.php @@ -19,7 +19,7 @@ mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); $users = $result->fetch_all(MYSQLI_ASSOC); -// actions +// GET actions // delete entry if (isset($_GET["del"])) { $sql = "DELETE FROM users WHERE id = ?"; @@ -31,6 +31,38 @@ if (isset($_GET["del"])) { } else header("location: ".$_SERVER['SCRIPT_NAME']); } +// POST actions +if ($_SERVER["REQUEST_METHOD"] == "POST") { + // add entry + if (isset($_POST["add"])) { + $sql = "INSERT INTO users (username, email, password, verifycode, type, status) VALUES (?, ?, ?, ?, ?, ?)"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_bind_param($stmt, "ssssss", $param_username, $param_email, $param_password, $param_verifycode, $param_type, $param_status); + $param_username = $_POST["username"]; + $param_email= $_POST["email"]; + $param_password = password_hash($_POST["password"], PASSWORD_DEFAULT); + $param_verifycode = base64_encode(random_bytes(12)); + $param_type = $_POST["type"]; + $param_status = $_POST["status"]; + + if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { + echo "SQL error."; + } else header("location: ".$_SERVER['SCRIPT_NAME']); + } + + // edit entry + +} + +function getuserbyid($id) { + global $users; + foreach ($users as $user) { + if ($user["id"] == $id) { + return $user; + } + } +} + ?> <!doctype html> @@ -50,8 +82,34 @@ if (isset($_GET["del"])) { <div class="col8"> <h2 class="center">ARFNET Client Service Ticket and Invoice Management System</h2> <h3><?php echo strtoupper($type[0]).substr($type, 1); ?> panel</h3> - <h3>Users</h3> + + <?php + if (isset($_GET["edit"])) { + $user = getuserbyid($_GET["edit"]); + echo "<div class=\"editform\"><h3>Edit user ".$user["id"]."</h3><form action=\"/manageusers.php\" method=\"post\">\n" + ."<label>Username</label><br><input type=\"text\" name=\"username\" value=\"".$user["username"]."\"><br>\n" + ."<label>Email</label><br><input type=\"text\" name=\"email\" value=\"".$user["email"]."\"><br>\n" + ."<label>Password (empty is unchanged)</label><br><input type=\"text\" name=\"email\"><br>\n" + ."<label>Type</label><br><input type=\"text\" name=\"type\" value=\"".$user["type"]."\"><br>\n" + ."<label>Status</label><br><input type=\"text\" name=\"status\" value=\"".$user["status"]."\"><br>\n" + ."<br><input type=\"submit\" name=\"save\" value=\"Save\"><a href=\"/manageusers.php\">cancel</a>" + ."</form></div>"; + } + + if (isset($_GET["add"])) { + echo "<div class=\"editform\"><h3>Add user</h3><form action=\"/manageusers.php\" method=\"post\">\n" + ."<label>Username</label><br><input type=\"text\" name=\"username\"><br>\n" + ."<label>Email</label><br><input type=\"text\" name=\"email\"><br>\n" + ."<label>Password</label><br><input type=\"text\" name=\"password\"><br>\n" + ."<label>Type</label><br><input type=\"text\" name=\"type\"><br>\n" + ."<label>Status</label><br><input type=\"text\" name=\"status\"><br>\n" + ."<br><input type=\"submit\" name=\"add\" value=\"Add\"><a href=\"/manageusers.php\">cancel</a>" + ."</form></div>"; + } + ?> + + <a href="?add">add</a> <table> <tr><th>id</th><th>user</th><th>password</th><th>email</th><th>verifycode</th><th>type</th><th>regdate</th><th>status</th><th>action</th></tr> <?php @@ -55,6 +55,12 @@ body { margin-top: 200px; } +.editform { + width: fit-content; + padding: 20px; + border-style: double; +} + table, th, td { border: 1px solid black; } |