<?php
require_once "libraries/head.php";
if (!isLogin()) {
sendAjaxRedirect("index.php");
}
if (isset($_POST["userid"]) && isset($_POST["newrole"])) {
if (!isValidID($_POST["userid"]) || !isValidID($_POST["newrole"])) {
sendAjaxResErr("User or role status invalid!");
}
$result = executeChange($_SESSION["userID"], $_POST["userid"], $_POST["newrole"]);
if ($result === true) {
sendAjaxResSuc("Change role status successfully!");
} else {
sendAjaxResErr($result);
}
}
function executeChange($currUser, $userid, $newrole)
{
if ($newrole !== "1" && $newrole !== "2" && $newrole !== "3" && $newrole !== "4") {
return "Invalid status!";
}
$userDAO = new UserDAO();
$userChan = $userDAO->getUserByID($userid);
$userCurr = $userDAO->getUserByID($currUser);
//get current session user
if ($userCurr->getRole()->getRoleID() !== "1" && $userCurr->getRole()->getRoleID() !== "2") {
return "You have no right to change user status!";
}
if ($userChan === null) {
//database
<?php
require_once "libraries/head.php";
if (!isLogin()) {
sendAjaxRedirect("login.php");
}
if (isset($_POST["groupid"]) && isset($_POST["newstatus"])) {
if (!isValidID($_POST["groupid"]) || !isValidID($_POST["newstatus"])) {
sendAjaxResErr("Group ID or Status invalid!");
}
$result = executeChange($_SESSION["userID"], $_POST["groupid"], $_POST["newstatus"]);
if ($result === true) {
sendAjaxResSuc("Change group status successfully!");
} else {
sendAjaxResErr($result);
}
}
function executeChange($userID, $groupID, $newStatus)
{
$newStatus = $newStatus;
if ($newStatus !== "1" && $newStatus !== "2" && $newStatus !== "3") {
return "Invalid status!";
}
$userDAO = new UserDAO();
$user = $userDAO->getUserByID($userID);
$groupDAO = new GroupDAO();
$group = $groupDAO->getGroupByID($groupID);
if ($group === null) {
return "Could not find this group!";
}
if ($group->getActivateStatus() === $newStatus) {
<?php
require_once "libraries/head.php";
if (!isLogin()) {
sendAjaxRedirect("login.php");
}
if (isset($_POST["recordid"]) && isset($_POST["newrecordstatus"])) {
if (!isValidID($_POST["recordid"]) || !isValidID($_POST["newrecordstatus"])) {
sendAjaxResErr("Record ID or Status invalid!");
}
$result = executeChange($_SESSION["userID"], $_POST["recordid"], $_POST["newrecordstatus"]);
if ($result === true) {
sendAjaxResSuc("Change record status successfully!");
} else {
sendAjaxResErr($result);
}
}
function executeChange($userID, $recordID, $newRecordStatus)
{
if ($newRecordStatus !== "1" && $newRecordStatus !== "2" && $newRecordStatus !== "3") {
return "Invalid status!";
}
$userDAO = new UserDAO();
$user = $userDAO->getUserByID($userID);
$recordDAO = new RecordDAO();
$record = $recordDAO->getRecordByID($recordID);
if ($record === null) {
return "Could not find this record!";
}
if ($record->getDisplayStatus() === $newRecordStatus) {
return "Old status is equal to new status, don't need to change!";
