ARFNET CSTIMS

fetch_all(MYSQLI_ASSOC); // GET actions // delete entry if (isset($_GET["del"])) { $sql = "DELETE FROM users WHERE id = ?"; $stmt = mysqli_prepare($link, $sql); mysqli_stmt_bind_param($stmt, "s", $param_id); $param_id = $_GET["del"]; if (!mysqli_stmt_execute($stmt) || mysqli_stmt_affected_rows($stmt) != 1) { echo "SQL error: ".mysqli_stmt_error($stmt); } else header("location: ".$_SERVER['SCRIPT_NAME']); } // POST actions if ($_SERVER["REQUEST_METHOD"] == "POST") { // add entry if (isset($_POST["add"])) { $sql = "INSERT INTO users (username, email, password, verifycode, type, status) VALUES (?, ?, ?, ?, ?, ?)"; $stmt = mysqli_prepare($link, $sql); mysqli_stmt_bind_param($stmt, "ssssss", $param_username, $param_email, $param_password, $param_verifycode, $param_type, $param_status); $param_username = $_POST["username"]; $param_email= $_POST["email"]; $param_password = password_hash($_POST["password"], PASSWORD_DEFAULT); $param_verifycode = base64_encode(random_bytes(12)); $param_type = $_POST["type"]; $param_status = $_POST["status"]; if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { echo "SQL error: ".mysqli_stmt_error($stmt); } else header("location: ".$_SERVER['SCRIPT_NAME']); } // edit entry if (isset($_POST["save"])) { $sql = "UPDATE users SET username = ?, email = ?, password = ?, type = ?, status = ? WHERE id = ?"; $stmt = mysqli_prepare($link, $sql); mysqli_stmt_bind_param($stmt, "ssssss", $param_username, $param_email, $param_password, $param_type, $param_status, $param_id); $param_username = $_POST["username"]; $param_email = $_POST["email"]; $param_password = empty($_POST["password"]) ? getuserbyid($_POST["id"])["password"] : password_hash($_POST["password"], PASSWORD_DEFAULT); $param_type = $_POST["type"]; $param_status = $_POST["status"]; $param_id = $_POST["id"]; if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { echo "SQL error: ".mysqli_stmt_error($stmt); } else header("location: ".$_SERVER['SCRIPT_NAME']); } } function getuserbyid($id) { global $users; foreach ($users as $user) { if ($user["id"] == $id) { return $user; } } } ?> ARFNET CSTIMS

ARFNET

ARFNET Client Service Ticket and Invoice Management System

panel

Users

Edit user ".$user["id"]."

"; } if (isset($_GET["add"])) { echo "

Add user

"; } ?> add " ."" ."" ."" ."" ."" ."" ."" ."\n"; } ?>

id	user	password	email	verifycode	type	regdate	status	action
".$user['id']."	".$user['username']."	".$user['password']."	".$user['email']."	".$user['verifycode']."	".$user['type']."	".$user['regdate']."	".$user['status']."	del edit

ARFNET Client Service Ticket and Invoice Management System

panel

Users

Edit user ".$user["id"]."

Add user

Logged as

Logout

Back to admin panel