diff options
| author | Camil Staps | 2016-07-26 14:27:14 +0200 |
|---|---|---|
| committer | Camil Staps | 2016-07-26 14:27:14 +0200 |
| commit | d8055192991ac8504e48c137038879790c762d2d (patch) | |
| tree | 0738603efca98c26d6d04cbd091898d4b6e9a34d /include/settings.php | |
| parent | Option to add first user during installation (diff) | |
Adding and deleting users
Diffstat (limited to 'include/settings.php')
| -rw-r--r-- | include/settings.php | 170 |
1 files changed, 145 insertions, 25 deletions
diff --git a/include/settings.php b/include/settings.php index 7dfbbc3..896152c 100644 --- a/include/settings.php +++ b/include/settings.php @@ -35,43 +35,163 @@ require('./header.php'); <!-- /.col-lg-12 --> </div> + <?php + if (isset($_GET['delete_user']) && $_user->isAdmin()) { + try { + $user = new user($_pdo, $_GET['delete_user']); + if ($user->delete()) { + echo "<div class='alert alert-success alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with username <i>{$user->getUsername()}</i> has been removed.</div>"; + } else { + echo "<div class='alert alert-danger alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with username <i>{$user->getUsername()}</i> could not be removed.</div>"; + } + } catch (PDOException $e) { + echo "<div class='alert alert-danger alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with username <i>{$user->getUsername()}</i> could not be removed due to a PDO error.</div>"; + } catch (Exception $e) { + echo "<div class='alert alert-danger alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with id {$_GET['delete_user']} could not be found.</div>"; + } + } + ?> + <div class="row"> <div class="col-md-4"> <div class="panel panel-default"> <div class="panel-heading">Password</div> - <div class="panel-body"> - <?php - if (isset($_POST['password_update'])) { - if ($_POST['password_update'] != $_POST['password_update2']) { - echo '<div class="alert alert-danger">The passwords don\'t match.</div>'; - } else if (!$_user->verifyPassword($_POST['password_current'])) { - echo '<div class="alert alert-danger">The current password was incorrect.</div>'; - } else { - try { - $_user->setPassword($_POST['password_update']); - echo '<div class="alert alert-success">Password successfully changed.</div>'; - } catch (PDOException $e) { - echo '<div class="alert alert-danger">An unknown error occurred.</div>'; - } + <div class="panel-body"> + <?php + if (isset($_POST['password_update'])) { + if ($_POST['password_update'] != $_POST['password_update2']) { + echo '<div class="alert alert-danger">The passwords don\'t match.</div>'; + } else if (!$_user->verifyPassword($_POST['password_current'])) { + echo '<div class="alert alert-danger">The current password was incorrect.</div>'; + } else { + try { + $_user->setPassword($_POST['password_update']); + echo '<div class="alert alert-success">Password successfully changed.</div>'; + } catch (PDOException $e) { + echo '<div class="alert alert-danger">An unknown error occurred.</div>'; } } - ?> - <form action="" method="post"> - <div class="form-group"> - <input class="form-control" type="password" name="password_current" placeholder="Current password"/> - </div> - <div class="form-group"> - <input class="form-control" type="password" name="password_update" placeholder="New password"/> - </div> + } + ?> + <form action="" method="post"> + <div class="form-group"> + <input class="form-control" type="password" name="password_current" id="password-current" placeholder="Current password"/> + </div> + <div class="form-group"> + <input class="form-control" type="password" name="password_update" placeholder="New password"/> + </div> + <div class="form-group"> + <input class="form-control" type="password" name="password_update2" placeholder="New password (verification)"/> + </div> + <input class="btn btn-primary" type="submit" value="Change password"/> + </form> + </div> + </div> + </div> + + <div class="col-md-4"> + <div class="panel panel-default"> + <div class="panel-heading">Users</div> + <div class="panel-body table-responsive"> + <table class="table table-bordered table-striped mixitup dataTable" id="overview-clients"> + <thead> + <tr> + <th class="mixitup-sort sorting" data-sort="mixerOrderId:desc">#</th> + <th class="mixitup-sort sorting" data-sort="mixerOrderUsername:desc">Username</th> + <?php if ($_user->isAdmin()) echo '<th>Tools</th>'; ?> + </tr> + </thead> + <tbody> + <?php + $users = BusinessAdmin::getUsers($_pdo); + foreach ($users as $user) { + echo "<tr class='mix' + data-mixer-order-id='{$user->getId()}' + data-mixer-order-username='{$user->getUsername()}'> + <td class='col-min-width'>{$user->getId()}</td> + <td class='col-max-width'>{$user->getUsername()}</td>"; + if ($_user->isAdmin()) { + if ($user->getId() == $_user->getId()) { + echo "<td class='col-min-width'> + <a title='Change password' href='#' onclick='$(\"#password-current\").focus();' class='btn btn-warning btn-circle fa fa-key'></a> + </td>"; + } else { + echo "<td class='col-min-width'> + <a title='Delete' href='?delete_user={$user->getId()}' class='btn btn-danger btn-circle fa fa-times'></a> + </td>"; + } + } + echo "</tr>"; + } + ?> + </tbody> + </table> + </div> + </div> + </div> + + <?php if ($_user->isAdmin()) : ?> + <div class="col-md-4"> + <div class="panel panel-default"> + <div class="panel-heading">Create new</div> + <div class="panel-body"> + <form role="form" id="newUser" action='<?=constants::url_external?>users/new' method="post" class="bootstrapValidator ajaxify" + data-ajaxify-options='{"success":"newUserSuccess","error":"newUserError","beforeSubmit":"newUserBeforeSubmit","clearForm":true}'> + <div class="ajaxify-response alert alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button><span class="ajaxify-response-text"></span></div> <div class="form-group"> - <input class="form-control" type="password" name="password_update2" placeholder="New password (verification)"/> + <label>Username:</label> + <input + type="text" name="username" class="form-control" placeholder="Username" + data-bv-notempty="true" data-bv-notempty-message="You have to provide a username"/> </div> - <input class="btn btn-primary" type="submit" value="Change password"/> + <button type="submit" class="btn btn-default">Go</button> </form> + <script type="text/javascript"> + // Callback for before the form is submitted + function newUserBeforeSubmit() { + $('#newUser input').prop('disabled', true); + $('#newUser .ajaxify-response').hide().removeClass('alert-success alert-danger').find('.ajaxify-response-text').html(''); + } + + // Callback for when the form is successfully submitted + function newUserSuccess(data) { + if (data.success == true) { + $('#newUser .ajaxify-response') + .addClass('alert-success') + .show() + .find('.ajaxify-response-text') + .html(data.message); + + $('#newUser input, #newUser button').prop('disabled', false); + $('#newUser').data('bootstrapValidator').resetForm(); + } else { + $('#newUser .ajaxify-response') + .addClass('alert-danger') + .show() + .find('.ajaxify-response-text') + .html(data.message); + + $('#newUser input, #newUser button').prop('disabled', false); + $('#newUser').data('bootstrapValidator').resetForm(); + } + } + + // Callback for when form submission encountered an error + function newUserError() { + $('#newUser .ajaxify-response') + .addClass('alert-danger') + .show() + .find('.ajaxify-response-text') + .html('An unknown error occurred. Please contact support.'); + + $('#newUser input, #newUser button').prop('disabled', false); + $('#newUser').data('bootstrapValidator').resetForm(); + } + </script> </div> </div> </div> - </div> + <?php endif; ?> </div> <!-- /.row --> </div> |