-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin_index.php
77 lines (69 loc) · 2.21 KB
/
admin_index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?php
session_start();
require_once('conn.php');
require_once('utils.php');
$username = NULL;
$user = NULL;
if (!empty($_SESSION['username'])) {
$username = $_SESSION['username'];
$user = getUserFromUsername($username);
}
if ($user === NULL || $user['roles'] !== 'ADMIN') {
header('Location: index.php');
exit;
}
$stmt = $conn->prepare(
"SELECT id, nickname, username, roles FROM peipei_users ORDER BY id ASC"
);
$result = $stmt->execute();
if (!$result) {
die('Error' . $conn->error);
}
$result = $stmt->get_result();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Admin area</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<header class="warning">
<strong>This is a website for practicing php. Please do not leave your normal password.</strong>
</header>
<main class="board">
<section class="posts_container">
<table border>
<tr>
<th>id</th>
<th>role</th>
<th>nickname</th>
<th>username</th>
<th>Change role</th>
</tr>
<?php
while ($row = $result->fetch_assoc()) {
?>
<tr>
<td><?php echo escape($row['id']); ?></td>
<td><?php echo escape($row['roles']); ?></td>
<td><?php echo escape($row['nickname']); ?></td>
<td><?php echo escape($row['username']); ?></td>
<td>
<a href="handle_update_role.php?roles=ADMIN&id=<?php echo escape($row['id']);
?>">ADMIN</a>
<a href="handle_update_role.php?roles=NORMAL&id=<?php echo escape($row['id']);
?>">NORMAL USER</a>
<a href="handle_update_role.php?roles=BANNED&id=<?php echo escape($row['id']);
?>">BANNED</a>
</td>
</tr>
<?php } ?>
</table>
</section>
</main>
<script>
</script>
</body>
</html>