The following files exists in this folder. Click to view.
h_adminpowers.php83 lines ASCII Unix (LF) 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283
<?php
session_start();
require_once("databaseconnection.php");
if(!isset($_SESSION["username"])){
header("location:index.php?mess=session_timeout");
exit();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin</title>
<link rel="stylesheet" href="/spectre/spectre-master/dist/spectre.css">
</head>
<body style="text-align:center;">
<?php
$sql = "SELECT `username`, `userId`, `password` FROM users WHERE `role` = :role";
$stm = $pdo->prepare($sql);
$stm->execute([
':role' => "user"
]);
$memberInfo = $stm->fetchAll(PDO::FETCH_ASSOC);
if(isset($_GET["mess"])){
switch($_GET["mess"]){
case "1":
echo"<h1>Create another account</h1><br>
<form method=\"post\" action=\"do.php?mess=create|noId\">
<input type=\"text\" name=\"n-usn\" placeholder=\"username\"><br>
<input type=\"password\" name=\"n-pwd\" placeholder=\"password\"><br>
<input type=\"submit\" class=\"btn btn-primary\">
</form>";
break;
case "2":
echo"<h1>Delete one of the following users:</h1>";
if(!$memberInfo){
echo"there are no users to delete";
}
else{
for($i=0; $i <= count($memberInfo)-1; $i++){
$memberName=$memberInfo[$i]["username"];
echo"<a href=\"do.php?mess=delete|{$memberInfo[$i]["userId"]}\" class=\"btn\">$memberName</a>";
}
}
break;
case "3":
echo"<h1>change the username of one of the following users:</h1><br>";
if(!$memberInfo){
echo"there are no users to change username of";
}
echo"<form method=\"post\" action=\"do.php?mess=username|noId\">";
for($i=0; $i <= count($memberInfo) -1; $i++){
$memberName=$memberInfo[$i]["username"];
echo"<label for\"{$memberInfo[$i]["userId"]}\">$memberName</label><input type=\"radio\" id=\"{$memberInfo[$i]["userId"]}\" name=\"userchange\" value=\"{$memberInfo[$i]["userId"]}\">";
}
echo"<br><input type=\"text\" name=\"c-usn\" placeholder=\"New username\"><br><input type=\"submit\" class=\"btn btn-primary\"></form>";
break;
case "4":
echo"<h1>change the password of one of the following users:</h1><br>";
if(!$memberInfo){
echo"there are no users to change password of";
}
echo"<form method=\"post\" action=\"do.php?mess=password|noId\">";
for($i=0; $i <= count($memberInfo) -1; $i++){
$memberName=$memberInfo[$i]["username"];
echo"<label for\"{$memberInfo[$i]["userId"]}\">$memberName</label><input type=\"radio\" id=\"{$memberInfo[$i]["userId"]}\" name=\"passchange\" value=\"{$memberInfo[$i]["userId"]}\">";
}
echo"<br><input type=\"password\" name=\"c-pwd\" placeholder=\"New password\"><br><input type=\"submit\" class=\"btn btn-primary\"></form>";
break;
}
}
?>
</body>
</html>