function get_messages($tl_id = NULL) { //if the user is an admin, return only messages from other admins if (check_app_admin($_SESSION['user_id'])) { $sql = "SELECT message,fname,lname,users.user_id FROM messages NATURAL JOIN users WHERE user_id in (SELECT user_id FROM app_admin)"; $result = $_SESSION['dbconn']->query($sql) or die("Error retrieving messages: " . $_SESSION['dbconn']->error); return $result; } else { if (!isset($tl_id)) { $tl_id = get_team_leader($_SESSION['user_id']); } $sql = "SELECT message,fname,lname,users.user_id FROM messages NATURAL JOIN users WHERE tl_id=" . $tl_id; $result = $_SESSION['dbconn']->query($sql) or die("Error retrieving messages: " . $_SESSION['dbconn']->error); return $result; } }
function get_team_leader($user_id = NULL) { if (!$user_id) { $user_id = $_SESSION['user_id']; } //Check to make sure that you're not a tl if (check_supervisor($user_id)) { return $user_id; } //Also, if you're an admin... if (check_app_admin($user_id)) { return $user_id; } else { $sql = "SELECT tl_id FROM teams WHERE user_id=" . $user_id; $result = $_SESSION['dbconn']->query($sql) or die("Error checking team membership"); if ($result->num_rows != 0) { $out = $result->fetch_array(); return $out[0]; } else { return false; } } }
session_start(); require_once "incdir.php.inc"; require_once "config.php"; include_php_dir("includes", $debug); mysql_init(); handle_ajax(); document_header(); echo include_javascript_dir("js", $debug); echo include_stylesheet_dir("stylesheets", $debug); check_validated(); //If a new user was submitted! if (isset($_POST['newuser-submit'])) { $userinfo = array("username" => $_POST['username'], "fname" => $_POST['fname'], "lname" => $_POST['lname'], "emplid" => $_POST['emplid'], "password" => $_POST['password'], "email" => $_POST['email'], "phone" => $_POST['phone'], "address" => $_POST['address'], "pwconfirm" => $_POST['pwconfirm']); adduser($userinfo); } if (!check_app_admin()) { header('Location: index.php'); } open_page("Not User Management"); draw_page(); close_page(); ob_end_flush(); // Flush the buffer out to client document_footer(); mysql_end(); //The actual page. function draw_page() { ?> <div class="container">
function make_super($user_id) { if (check_supervisor($user_id)) { $_SESSION['notifications'][] = "Error, that user is already a supervisor!"; } else { if (check_app_admin($user_id)) { $_SESSION['notifications'][] = "Error, that user is an admin. Please remove that user from admins first."; } else { //First, remove the user from a team, if he's in one. remove_from_team($user_id); $sql = "INSERT INTO app_supervisor VALUES (" . $user_id . ")"; $result = $_SESSION['dbconn']->query($sql) or die("Error making supervisor: " . $_SESSION['dbconn']->error); $_SESSION['notifications'][] = "Added user to supervisors"; } } }
function draw_page($userinfo) { $userinfo['role'] = get_role($userinfo['user_id']); draw_pwreset($userinfo); if ($userinfo['inactive'] == 1) { draw_undeluser($userinfo); } else { draw_deluser($userinfo); } if ($userinfo['role'] != 'admin') { draw_makeadmin($userinfo); } else { draw_unmakeadmin($userinfo); } if ($userinfo['role'] != 'super') { draw_makesuper($userinfo); } else { draw_unmakesuper($userinfo); } ?> <div class="container"> <?php echo '<h3'; if ($userinfo['inactive'] == 1) { echo ' class="userinfo inactive"'; } echo '>'; echo $userinfo['fname'] . ' ' . $userinfo['lname']; echo ' <small>' . $userinfo['role'] . '</small>'; //ACTIVE/INACTIVE STATUS //If the user is active, display the deactivate button, else display the activate button. echo '<div class="pull-right" style="cursor:pointer;">'; if ($userinfo['inactive'] == 1) { echo '<a class="userinfo inactive" onmouseover="inactiveStatusMouseover(this)" onmouseout="inactiveStatusMouseout(this)" data-toggle="modal" data-target="#undeluser-' . $userinfo['user_id'] . '">inactive <span class="glyphicon glyphicon-ban-circle"></span></a>'; } else { echo '<a class="userinfo active" onmouseover="activeStatusMouseover(this)" onmouseout="activeStatusMouseout(this)" data-toggle="modal" data-target="#deluser-' . $userinfo['user_id'] . '">active <span class="glyphicon glyphicon-ok-circle"></span></a>'; } echo '</div>'; //END ACTIVE/INACTIVE STATUS echo '</h3>'; //BUTTON GROUP echo '<div class="btn-group btn-group-sm">'; echo '<button class="btn btn-default" data-toggle="modal" data-target="#pwreset-' . $userinfo['user_id'] . '"">reset password</button>'; //If the user is not an admin, display the makeadmin button, else display the unmakeadmin button. if ($userinfo['role'] != 'admin') { echo '<button class="btn btn-default" data-toggle="modal" data-target="#makeadmin-' . $userinfo['user_id'] . '">Make Admin</button>'; } else { echo '<button class="btn btn-default" data-toggle="modal" data-target="#unmakeadmin-' . $userinfo['user_id'] . '">Remove from Admins</button>'; } if (check_app_admin($userinfo['user_id'])) { echo '<div class=" btn-defaultbtn">user is an admin</div>'; } else { if ($userinfo['role'] != 'super') { echo '<button class="btn btn-default" data-toggle="modal" data-target="#makesuper-' . $userinfo['user_id'] . '">Make Team Leader</button>'; } else { echo '<button class="btn btn-default" data-toggle="modal" data-target="#unmakesuper-' . $userinfo['user_id'] . '">Remove from Team Leaders</button>'; } } echo '</div>'; //END BUTTON GROUP draw_edit_user_form($userinfo); ?> </div> <?php }