/**
* CRUD data admin2
*/
function user_admin_admin()
{
$op = func_arg(0);
switch (strtolower(trim($op))) {
case 'add':
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$email = $_REQUEST['email'];
$admin_created = create_new_admin($username, $password, $email);
if ($admin_created === TRUE) {
$_SESSION['pop_status_msg'][] = "Admin baru berhasil dibuat: <br>• Username: {$username}<br>• Password: {$password}<br>";
} else {
$_SESSION['pop_error_msg'][] = $admin_created;
}
break;
case 'update':
$username = $_REQUEST['username'];
$old_password = $_REQUEST['old_password'];
$new_password = $_REQUEST['new_password'];
$new_email = $_REQUEST['new_email'];
$admin_updated = update_admin($username, $old_password, $new_password, $email);
if ($admin_updated === TRUE) {
$_SESSION['pop_status_msg'][] = "Data admin berhasil diupdate";
} else {
$_SESSION['pop_error_msg'][] = $admin_updated;
}
break;
case 'delete':
// user/admin/admin/[delete]/[$username]
$username = func_arg(1);
$admin_deleted = delete_admin($username);
if ($admin_deleted === TRUE) {
$_SESSION['pop_status_msg'][] = "Data admin [{$username}] berhasil dihapus";
} else {
$_SESSION['pop_error_msg'][] = $admin_deleted;
}
break;
}
// default $op = view
// dapatkan data semua admin
$lilo_mongo = new LiloMongo();
$lilo_mongo->selectDB('Users');
$lilo_mongo->selectCollection('Admin');
$admin_data_cursor = $lilo_mongo->find();
$template = new Template();
$template->basepath = $_SESSION['basepath'];
$template->admin_data_cursor = $admin_data_cursor;
// sampe senee...
$html = $template->render("modules/001_user_management/templates/user_admin_admin.php");
if (trim($ajax) == 'ajax') {
} else {
$html = ui_admin_default(NULL, $html);
}
return $html;
}
include __DIR__ . "/view.php";
break;
case 'modify_admin':
$choice = filter_input(INPUT_POST, 'choice');
if ($choice == "Back") {
header("Location: ..");
}
if ($choice == "Add Admin") {
$usr_id = filter_input(INPUT_POST, 'user_drop');
$usr_role_cde = filter_input(INPUT_POST, 'role_drop');
add_admin($usr_id, $app_cde, $usr_role_cde);
}
$assigned_roles = get_assigned_roles();
$users = get_users();
$roles = get_roles();
include __DIR__ . "/view.php";
break;
case 'delete_admin':
$usr_id = filter_input(INPUT_GET, 'usrID');
$usr_role_cde = filter_input(INPUT_GET, 'roleID');
delete_admin($usr_id, $usr_role_cde);
$assigned_roles = get_assigned_roles();
$users = get_users();
$roles = get_roles();
include __DIR__ . "/view.php";
break;
default:
display_error('Unknown account action: ' . $action);
exit;
break;
}
}
update_admin($admin_id, $email, $first_name, $last_name, $password_1, $password_2);
if ($admin_id == $_SESSION['admin']['adminID']) {
$_SESSION['admin'] = get_admin($admin_id);
}
redirect($app_path . 'admin/account/.?action=view_account');
break;
case 'view_delete_confirm':
$admin_id = filter_input(INPUT_POST, 'admin_id', FILTER_VALIDATE_INT);
if ($admin_id == $_SESSION['admin']['adminID']) {
display_error('You cannot delete your own account.');
}
$admin = get_admin($admin_id);
$first_name = $admin['firstName'];
$last_name = $admin['lastName'];
$email = $admin['emailAddress'];
include 'account_delete.php';
break;
case 'delete':
$admin_id = filter_input(INPUT_POST, 'admin_id', FILTER_VALIDATE_INT);
delete_admin($admin_id);
redirect($app_path . 'admin/account');
break;
case 'logout':
unset($_SESSION['admin']);
redirect($app_path . 'admin/account');
break;
default:
display_error('Unknown account action: ' . $action);
break;
}
return $err;
}
}
$vars = get_input_vars();
admin_check_permissions('super_user');
/*******************************************/
switch ($vars['action']) {
case 'add':
admins_add_form();
break;
case 'edit':
admins_edit_form();
break;
case 'delete':
check_demo();
if ($err = delete_admin()) {
fatal_error($err . ". <a href='admins.php'>Continue</a>", 0, 1);
} else {
admin_html_redirect("admins.php", $title = 'Admin record removed', $text = 'Admin record removed');
}
break;
case 'add_save':
if (!$_POST['action']) {
die("POST request expected");
}
check_demo();
if ($err = validate_form($vars)) {
admins_add_form($err);
} elseif ($err = add_admin($vars)) {
admins_add_form($err);
} else {
<?php
session_start();
require '../../app/Autoloader.class.php';
App\Autoloader::register();
$config = App\Config::getInstance();
$bdd = App\database\Database::getInstance_bdd($config->get("db_name"), $config->get("db_user"), $config->get("db_pass"), $config->get("db_host"));
require '../../functions/functions.php';
if (delete_admin($bdd, $_GET["id"])) {
$_SESSION['alert'] = "Success";
} else {
$_SESSION['alert'] = "Error";
}
header("Location: ../index.php?pg=list_admin");
die;
<?php
$message = '';
$id = intval($_GET['id']);
$name = trim($_GET['name']);
//we use $_GET because data input came from the URL
if (isset($_GET['id'])) {
$id = trim($id);
$deleteAdmin = find_admin($id);
if ($deleteAdmin) {
delete_admin(0, $id);
delete_photo(0, $id);
$message = "<div class = 'alert alert-success' style = 'width: 350px;'>{$name} is successfully deleted.</div>";
echo "<script>";
//go back to viewMed page after 3 seconds.
echo "setTimeout(function(){ document.location = '?p=manageAdmin/profileAdmin'; }, 2000);";
echo "</script>";
} else {
$message = "<div class = 'alert alert-warning' style = 'width: 350px;'>Specified admin cannot be found</div>";
}
}
?>
<html>
<body>
<div class="container">
<div class="row">
<div class="col-lg-4">
<?php
echo $message;
?>
</div>
<?php
if ($access != 'VALID') {
header('location:../../index.php');
}
if (!isset($_SESSION['admin'])) {
header('location:../../index.php');
}
include_once 'model/users/fonctions_admins.php';
$retour = "";
if (isset($_GET['a'])) {
include_once 'model/users/fonctions_admins.php';
if (delete_admin($_GET['a'])) {
$retour = 'La suppression a bien été effectuée';
} else {
$retour = "La suppression a echoué, veuillez réessayer";
}
}
$admins = afficher_admins();
$title = 'Gestion des Administrateurs';
include_once 'view/users/gestion_admins.php';
<input type="submit" name='add' value="Create"/>
<input type="submit" name='delete' value="Delete"/>
</td>
</tr>
</table>
</form>
<br><br><br>
<br><br><br>
<br><br><br>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
# Determines whether to add or delete the entered admin name
if (isset($_POST['add'])) {
$result = add_admin($dbc, $_SESSION['username'], $_POST['target_admin']);
echo $result . '<br>';
} elseif (isset($_POST['delete'])) {
$result = delete_admin($dbc, $_SESSION['username'], $_POST['target_admin']);
echo $result . '<br>';
}
}
?>
<br><br><br>
<br><br><br>
<a href='/admin/home.php'>Back</a>
</div>
<?php
include '../footer.php';
?>
</body>
</html>
