Website/adminconsole.php at master · Students4Students/Website · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php include '/includes/head.php'?>

<div class="content">
        <?php if (login_check($mysqli) == "admin") : ?>
		<p>Welcome <?php echo htmlentities($_SESSION['username']); ?> (<?php echo login_check($mysqli) ?>)</p>
		Number of users: <?php echo get_number_of_users($mysqli)?><br>

		<p><a href="register.php">Add a new user</a></p>


		<p> Update username: </p>
		<form action="<?php echo esc_url($_SERVER['PHP_SELF']); ?>"
		method="post"
		name="username_update_form">
			User to update: <select name="uid" id="uid">
				<?php for ($i = 1; $i <= get_number_of_users($mysqli); $i++) {
					$username = get_username($mysqli, $i);
					echo '<option value="', $i, '">', $username,'</option>';
				}?>

			</select><br>
            Username: <input type='text'
			name='usernameupdate'
			id='usernameupdate' />
            <input type="button"
			value="Update Username"
			onclick="return userformhash(this.form,this.form.uid,
			this.form.usernameupdate);" />
		</form>

		<p> Update email:</p>
		<form action="<?php echo esc_url($_SERVER['PHP_SELF']); ?>"
		method="post"
		name="email_update_form">
		User to update: <select name="uid" id="uid">
				<?php for ($i = 1; $i <= get_number_of_users($mysqli); $i++) {
					$username = get_username($mysqli, $i);
					echo '<option value="', $i, '">', $username,'</option>';
				}?>

			</select><br>
            Email: <input type="text" name="emailupdate" id="emailupdate" />
            <input type="button"
			value="Update Email"
			onclick="return emailformhash(this.form,this.form.uid,
			this.form.emailupdate);" />
		</form>

		<p> Reset password:</p>
		<form action="<?php echo esc_url($_SERVER['PHP_SELF']); ?>"
		method="post"
		name="password_update_form">
		User to update: <select name="uid" id="uid">
				<?php for ($i = 1; $i <= get_number_of_users($mysqli); $i++) {
					$username = get_username($mysqli, $i);
					echo '<option value="', $i, '">', $username,'</option>';
				}?>

			</select><br>
            Password: <input type="password"
			name="updatepassword"
			id="updatepassword"/><br>
            Confirm password: <input type="password"
			name="updateconfirmpwd"
			id="updateconfirmpwd" /><br>
            <input type="button"
			value="Reset Password"
			onclick="return pwformhash(this.form,this.form.uid,
			this.form.updatepassword,
			this.form.updateconfirmpwd);" />
		</form>

		<p> Update permissions:</p>
		<form action="<?php echo esc_url($_SERVER['PHP_SELF']); ?>"
		method="post"
		name="email_update_form">
		User to update: <select name="uid" id="uid">
				<?php for ($i = 1; $i <= get_number_of_users($mysqli); $i++) {
					$username = get_username($mysqli, $i);
					echo '<option value="', $i, '">', $username,'</option>';
				}?>

			</select><br>
            Permission <select name="type" id="type">
			<option value="tutor">Tutor</option>
			<option value="admin">Admin</option>
			<option value="blog">Blog</option>
			</select>
            <input type="button"
			value="Update"
			onclick="return typeformhash(this.form,this.form.uid,
			this.form.type);" />
		</form>

        <?php else : ?>
		<p>
			<span class="error">You are not authorised to access this page.</span> Please <a href="login.php">login</a>.
		</p>
        <?php endif; ?>

		</div>
<?php include '/includes/footer.php'?>