<?php require_once "libraries/head.php"; if (!isLogin()) { sendAjaxRedirect("index.php"); } if (isset($_POST["userid"]) && isset($_POST["newrole"])) { if (!isValidID($_POST["userid"]) || !isValidID($_POST["newrole"])) { sendAjaxResErr("User or role status invalid!"); } $result = executeChange($_SESSION["userID"], $_POST["userid"], $_POST["newrole"]); if ($result === true) { sendAjaxResSuc("Change role status successfully!"); } else { sendAjaxResErr($result); } } function executeChange($currUser, $userid, $newrole) { if ($newrole !== "1" && $newrole !== "2" && $newrole !== "3" && $newrole !== "4") { return "Invalid status!"; } $userDAO = new UserDAO(); $userChan = $userDAO->getUserByID($userid); $userCurr = $userDAO->getUserByID($currUser); //get current session user if ($userCurr->getRole()->getRoleID() !== "1" && $userCurr->getRole()->getRoleID() !== "2") { return "You have no right to change user status!"; } if ($userChan === null) { //database
<?php require_once "libraries/head.php"; if (!isLogin()) { sendAjaxRedirect("login.php"); } if (isset($_POST["groupid"]) && isset($_POST["newstatus"])) { if (!isValidID($_POST["groupid"]) || !isValidID($_POST["newstatus"])) { sendAjaxResErr("Group ID or Status invalid!"); } $result = executeChange($_SESSION["userID"], $_POST["groupid"], $_POST["newstatus"]); if ($result === true) { sendAjaxResSuc("Change group status successfully!"); } else { sendAjaxResErr($result); } } function executeChange($userID, $groupID, $newStatus) { $newStatus = $newStatus; if ($newStatus !== "1" && $newStatus !== "2" && $newStatus !== "3") { return "Invalid status!"; } $userDAO = new UserDAO(); $user = $userDAO->getUserByID($userID); $groupDAO = new GroupDAO(); $group = $groupDAO->getGroupByID($groupID); if ($group === null) { return "Could not find this group!"; } if ($group->getActivateStatus() === $newStatus) {
<?php require_once "libraries/head.php"; if (!isLogin()) { sendAjaxRedirect("login.php"); } if (isset($_POST["recordid"]) && isset($_POST["newrecordstatus"])) { if (!isValidID($_POST["recordid"]) || !isValidID($_POST["newrecordstatus"])) { sendAjaxResErr("Record ID or Status invalid!"); } $result = executeChange($_SESSION["userID"], $_POST["recordid"], $_POST["newrecordstatus"]); if ($result === true) { sendAjaxResSuc("Change record status successfully!"); } else { sendAjaxResErr($result); } } function executeChange($userID, $recordID, $newRecordStatus) { if ($newRecordStatus !== "1" && $newRecordStatus !== "2" && $newRecordStatus !== "3") { return "Invalid status!"; } $userDAO = new UserDAO(); $user = $userDAO->getUserByID($userID); $recordDAO = new RecordDAO(); $record = $recordDAO->getRecordByID($recordID); if ($record === null) { return "Could not find this record!"; } if ($record->getDisplayStatus() === $newRecordStatus) { return "Old status is equal to new status, don't need to change!";