clearOrphanedStaff(); break; case "clearRoles": clearRoles(); break; case "customDept": customDept(); break; case "editRole": editRole(); break; case "editStaff": editStaff(); break; case "manageStaff": manageStaff(); break; default: header("Location: " . XHELP_BASE_URL . "/admin/index.php"); break; } function addRole() { require_once XHELP_CLASS_PATH . '/session.php'; $_xhelpSession = new Session(); global $oAdminButton; if (!isset($_POST['add'])) { // Set array of security items $tasks = array(XHELP_SEC_TICKET_ADD => _AM_XHELP_SEC_TEXT_TICKET_ADD, XHELP_SEC_TICKET_EDIT => _AM_XHELP_SEC_TEXT_TICKET_EDIT, XHELP_SEC_TICKET_DELETE => _AM_XHELP_SEC_TEXT_TICKET_DELETE, XHELP_SEC_TICKET_MERGE => _AM_XHELP_SEC_TEXT_TICKET_MERGE, XHELP_SEC_TICKET_OWNERSHIP => _AM_XHELP_SEC_TEXT_TICKET_OWNERSHIP, XHELP_SEC_TICKET_STATUS => _AM_XHELP_SEC_TEXT_TICKET_STATUS, XHELP_SEC_TICKET_PRIORITY => _AM_XHELP_SEC_TEXT_TICKET_PRIORITY, XHELP_SEC_TICKET_LOGUSER => _AM_XHELP_SEC_TEXT_TICKET_LOGUSER, XHELP_SEC_RESPONSE_ADD => _AM_XHELP_SEC_TEXT_RESPONSE_ADD, XHELP_SEC_RESPONSE_EDIT => _AM_XHELP_SEC_TEXT_RESPONSE_EDIT, XHELP_SEC_FILE_DELETE => _AM_XHELP_SEC_TEXT_FILE_DELETE, XHELP_SEC_FAQ_ADD => _AM_XHELP_SEC_TEXT_FAQ_ADD, XHELP_SEC_TICKET_TAKE_OWNERSHIP => _AM_XHELP_SEC_TEXT_TICKET_TAKE_OWNERSHIP); xoops_cp_header(); echo $oAdminButton->renderButtons('manStaff');
function setStaffRank($db, $mtg, $logs) { global $users; ?> <h3 class="content-subhead">Setting a player's staff rank</h3><?php if (!isset($_POST['submit'])) { ?> <form action="staff/?pull=ranks&action=set" method="post" class="pure-form pure-form-aligned"> <div class="pure-control-group"> <label for="player">Player</label> <?php echo $users->listPlayers('user1', false, 'pure-u-1-3'); ?> </div> <div class="pure-control-group"> <label for="player-id"><u>OR</u> Player ID</label> <input type="number" name="user2" class="pure-u-1-3" /> </div> <div class="pure-control-group"> <label for="rank">Rank</label> <select name="rank" class="pure-u-1-3"> <option value="0">None</option><?php $db->query('SELECT `rank_id`, `rank_name`, `rank_desc` FROM `staff_ranks` WHERE `rank_id` <> 1 ORDER BY `rank_order` ASC'); $db->execute(); if (!$db->num_rows()) { echo '<option value="0">No ranks available</option>'; } else { $rows = $db->fetch_row(); foreach ($rows as $row) { printf('<option value="%u">%s - %s</option>', $row['rank_id'], $mtg->format($row['rank_name']), $mtg->format($row['rank_desc'])); } } ?> </select> </div> <div class="pure-controls"> <button type="submit" name="submit" value="true" class="pure-button pure-button-primary">Change Rank</button> <button type="reset" class="pure-button pure-button-secondary"><i class="fa fa-recycle"></i> Reset</button> </div> </form><?php } else { $_POST['user1'] = isset($_POST['user1']) && ctype_digit($_POST['user1']) ? $_POST['user1'] : null; $_POST['user2'] = isset($_POST['user2']) && ctype_digit($_POST['user2']) ? $_POST['user2'] : null; if (empty($_POST['user1']) && empty($_POST['user2'])) { $mtg->error('You didn\'t select a valid player'); } if (!empty($_POST['user1']) && !empty($_POST['user2'])) { $mtg->error('Select one option only'); } $_POST['user'] = empty($_POST['user2']) ? $_POST['user1'] : $_POST['user2']; if (in_array($_POST['user'], [1, 2])) { $mtg->error('Owner ranks can\'t be changed'); } $db->query('SELECT `id` FROM `users` WHERE `userid` = ?'); $db->execute([$_POST['user']]); if (!$db->num_rows()) { $mtg->error('That player doesn\'t exist'); } $_POST['rank'] = isset($_POST['rank']) && ctype_digit($_POST['rank']) ? $_POST['rank'] : 0; $rank = 'none'; if ($_POST['rank']) { $db->query('SELECT `rank_name` FROM `staff_ranks` WHERE `rank_id` = ?'); $db->execute([$_POST['rank']]); if (!$db->num_rows()) { $mtg->error('That rank doesn\'t exist'); } $rank = $mtg->format($db->fetch_single()); } $db->query('UPDATE `users` SET `staff_rank` = ? WHERE `id` = ?'); $db->execute([$_POST['rank'], $_POST['user']]); $logs->staff('Set ' . $mtg->username($_POST['user']) . '\'s staff rank to ' . $rank); $mtg->success('You\'ve set ' . $mtg->username($_POST['user']) . '\'s staff rank to ' . $rank); if (isset($_POST['fromStaff'])) { manageStaff($db, $mtg, $logs); } } }