-
Notifications
You must be signed in to change notification settings - Fork 0
/
edit_user.php
185 lines (150 loc) · 6.78 KB
/
edit_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
<?php
session_start();
require "backend/db_conn.php";
if ($_SESSION["login_user"] == false) {
header("location: index.php");
}
$sub_user_id = $_GET["id"];
if (isset($_SESSION["admin"]) || isset($_SESSION["super_admin"])) {
if ($_SESSION["login_user"] == $sub_user_id) {
header("location: user.php");
}
} else {
header("location: user.php");
}
if (isset($_GET["id"])) {
@$uid = $_GET["id"];
$result = mysqli_query($conn, "SELECT * FROM user_prod WHERE user_id='$uid' and is_active='1'");
@$user_product_details = array();
while ($row = mysqli_fetch_array($result)) {
$user_product_details[$row['short_code']] = $row['product'];
}
//var_dump($user_product_details);
$my_query = "SELECT * FROM user_role WHERE user_id='$uid'";
$result2 = mysqli_query($conn, $my_query) or die("Query Failed");
if (mysqli_num_rows($result2) > 0) {
while ($row = mysqli_fetch_array($result2)) {
@$sub_user_role = $row['role'];
}
}
$admin_products = $_SESSION['products'];
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["role"])) {
$all = $_POST;
$sub_user_id = $_POST["user_id"];
$sub_user_role = $_POST["role"];
if (count($all) > 2) {
echo $sub_user_id;
//user role changing
$sqlquery = "SELECT * FROM user_role WHERE user_id='$sub_user_id'";
$result = mysqli_query($conn, $sqlquery);
if (mysqli_num_rows($result) > 0) {
$role_update_query = "UPDATE user_role SET role='$sub_user_role' WHERE user_id='$sub_user_id'";
if (mysqli_query($conn, $role_update_query) === TRUE) {
echo "Record inserted successfully";
} else {
echo "Error: " . $role_update_query . "<br>" . $conn->error;
}
}
// remove all products from user
$remove_query = "UPDATE user_prod SET is_active=0 WHERE user_id='$sub_user_id'";
if (mysqli_query($conn, $remove_query) === TRUE) {
//header("location: user.php");
} else {
echo "Error rmv: " . $remove_query . "<br>" . $conn->error;
}
//echo count($all);
// insert product
foreach ($all as $x => $value) {
if ($x != "user_id" && $x != "role") {
$sqlquery = "INSERT INTO user_prod (user_id, short_code, product) VALUES ('$sub_user_id', '$x', '$value')";
if (mysqli_query($conn, $sqlquery) === TRUE) {
echo "record inserted successfully";
} else {
echo "Error: " . $sqlquery . "<br>" . $conn->error;
}
}
}
} else {
$_SESSION['double_create_error'] = "Checkbox Empty";
}
header("location: user.php");
} else {
session_destroy();
header("location: index.php");
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.css" />
<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-+0n0xVW2eSR5OomGNYDnhzAbDsOXxcvSN1TPprVMTNDbiYZCxYbOOl7+AMvyTG2x" crossorigin="anonymous">
<link rel="stylesheet" href="css/style.css" />
<title>Image Tracking System</title>
</head>
<body>
<?php require "layouts/navbar_sidebar.php"; ?>
<main class="mt-5 pt-3">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<h4>Edit User</h4>
<hr>
<form action="edit_user.php" method="POST">
<?php
if (isset($_SESSION['super_admin'])) { ?>
<select class="form-select mb-1" name="role" id="edit_user_role" required>
<option value="">Select One</option>
<option value="admin" <?php if (@$sub_user_role == 'admin') {
echo "selected";
}; ?>>admin</option>
<option value="user" <?php if (@$sub_user_role == 'user') {
echo "selected";
}; ?>>user</option>
</select>
<?php
} elseif (isset($_SESSION['admin'])) { ?>
<input type="text" name="role" value="user" hidden>
<?php
} {
}
?>
<input type="text" name="user_id" id="edit_user_id" class="form-control mb-1" value="<?php echo $uid; ?>" placeholder="user id" readonly>
<div class="form-check">
<ul>
<?php
//var_dump($user_product_details);
foreach ($admin_products as $key => $value) {
?>
<li>
<input class="form-check-input" <?php if (in_array($value, $user_product_details)) {
echo "checked";
} ?> type="checkbox" name="<?php echo $key; ?>" value="<?php echo $value; ?>">
<label for=""> <?php echo $value; ?> </label>
</li>
<?php
}
?>
</ul>
</div>
<input type="submit" class="btn btn-sm btn-outline-success" value="Update">
<div class="text-end">
<a href="user.php" class="btn btn-secondary">Back</a>
</div>
</form>
</div>
</div>
</div>
</main>
<?php
require "backend/footer.php";
?>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-gtEjrD/SeCtmISkJkNUaaKMoLD0//ElJ19smozuHV6z3Iehds+3Ulb9Bn9Plx0x4" crossorigin="anonymous">
</script>
</body>
</html>