From 7af9970bbaaca7ec61dfb1234f1d52a03dab2811 Mon Sep 17 00:00:00 2001 From: arf20 Date: Sun, 17 Mar 2024 01:34:36 +0100 Subject: User add working --- login.php | 2 +- manageusers.php | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-- style.css | 6 ++++++ 3 files changed, 67 insertions(+), 3 deletions(-) diff --git a/login.php b/login.php index c7c4115..3bac945 100755 --- a/login.php +++ b/login.php @@ -16,7 +16,7 @@ $username = $password = ""; $username_err = $password_err = ""; // Processing form data when form is submitted -if($_SERVER["REQUEST_METHOD"] == "POST"){ +if ($_SERVER["REQUEST_METHOD"] == "POST") { // Validate username if (empty($_POST["username"])) $username_err = "Enter a username."; diff --git a/manageusers.php b/manageusers.php index 30750df..b042978 100644 --- a/manageusers.php +++ b/manageusers.php @@ -19,7 +19,7 @@ mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); $users = $result->fetch_all(MYSQLI_ASSOC); -// actions +// GET actions // delete entry if (isset($_GET["del"])) { $sql = "DELETE FROM users WHERE id = ?"; @@ -31,6 +31,38 @@ if (isset($_GET["del"])) { } else header("location: ".$_SERVER['SCRIPT_NAME']); } +// POST actions +if ($_SERVER["REQUEST_METHOD"] == "POST") { + // add entry + if (isset($_POST["add"])) { + $sql = "INSERT INTO users (username, email, password, verifycode, type, status) VALUES (?, ?, ?, ?, ?, ?)"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_bind_param($stmt, "ssssss", $param_username, $param_email, $param_password, $param_verifycode, $param_type, $param_status); + $param_username = $_POST["username"]; + $param_email= $_POST["email"]; + $param_password = password_hash($_POST["password"], PASSWORD_DEFAULT); + $param_verifycode = base64_encode(random_bytes(12)); + $param_type = $_POST["type"]; + $param_status = $_POST["status"]; + + if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { + echo "SQL error."; + } else header("location: ".$_SERVER['SCRIPT_NAME']); + } + + // edit entry + +} + +function getuserbyid($id) { + global $users; + foreach ($users as $user) { + if ($user["id"] == $id) { + return $user; + } + } +} + ?> @@ -50,8 +82,34 @@ if (isset($_GET["del"])) {

ARFNET Client Service Ticket and Invoice Management System

panel

-

Users

+ +

Edit user ".$user["id"]."

\n" + ."

\n" + ."

\n" + ."

\n" + ."

\n" + ."

\n" + ."
cancel" + ."
"; + } + + if (isset($_GET["add"])) { + echo "

Add user

\n" + ."

\n" + ."

\n" + ."

\n" + ."

\n" + ."

\n" + ."
cancel" + ."
"; + } + ?> + + add
iduserpasswordemailverifycodetyperegdatestatusaction