if (!$role) {
header("Location: main.php");
}
//get the current user
$current_user = $_COOKIE['login'];
//query to fill the select dropdown - omit
//the currently logged in user
$select_query = "SELECT * FROM tbl_Employee WHERE NOT logonName='{$current_user}' ORDER BY nameLast";
$select_result = $dbconn->query("{$select_query}");
// the conditional below validates that the form
// was really submitted.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$delete = $_POST['deleteuser'];
$delete_query = "DELETE FROM tbl_Employee WHERE employeeId={$delete}";
if ($dbconn->query("{$delete_query}")) {
ok_message("User deleted!");
} else {
error_message("Something went wrong");
}
}
?>
<html>
<head>
<title>Delete a Mama G's User</title>
<link href="css/bootstrap.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="css/starter-template.css" rel="stylesheet">
</head>
<body>
<div class="container">
$valid_password = 1;
}
// no need to validate role. Just update it if needed
$userrole = $_POST['role'];
// we should be validated at this point
if ($valid_fname && $valid_lname && $valid_logonName && $valid_password) {
if (!empty($_POST['password'])) {
//hash the password
$password = md5($password);
$update_query = "UPDATE tbl_Employee SET nameFirst='{$firstname}', nameLast='{$lastname}',logonName='{$logonName}',password='******', admin='{$userrole}' WHERE employeeId='{$selectuser}'";
} else {
$update_query = "UPDATE tbl_Employee SET nameFirst='{$firstname}', nameLast='{$lastname}',logonName='{$logonName}', admin='{$userrole}' WHERE employeeId='{$selectuser}'";
}
//run the query and report the result.
if ($dbconn->query("{$update_query}")) {
ok_message("User updated!");
} else {
error_message("Something went wrong");
}
} else {
error_message("Form didn't validate. Try again.<br/>");
}
}
?>
<html>
<head>
<title>Edit existing Mama G's user</title>
<link href="css/bootstrap.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="css/starter-template.css" rel="stylesheet">
} else {
$valid_edate = 1;
}
if ($valid_name && $valid_discount && $valid_amount && $valid_sdate && $valid_edate) {
//add it!
$addcoupon_query = "call couponAdd( '{$name}', '{$amount}', '{$sdate}', '{$edate}' )";
if ($dbconn->query("{$addcoupon_query}")) {
//Now, link the coupon the the product in the tbl_ProductCoupon table
$addcoupon_id_query = "SELECT LAST_INSERT_ID()";
$addcoupon_id_query_result = $dbconn->query("{$addcoupon_id_query}");
while ($row = mysqli_fetch_array($addcoupon_id_query_result)) {
$coupon_id = $row['LAST_INSERT_ID()'];
}
$link_coupon_query = "call productCouponAdd( '{$coupon_id}', '{$selectproduct}' )";
if ($dbconn->query("{$link_coupon_query}")) {
ok_message("New Coupon Added!");
} else {
error_message("Something went wrong");
}
} else {
error_message("Something went wrong");
}
} else {
error_message("Form failed validation. Try again.");
}
}
?>
<html>
<head>
<title>Add a new Coupon</title>
<link href="css/bootstrap.css" rel="stylesheet">
COUNT(*) AS nb FROM user GROUP BY BINARY paire HAVING nb > 1 ORDER BY nb DESC";
$loginDouble = list_ManyResult($sqlLoginDouble, 'paire');
$tool_content .= "<div class='table-responsive'>
<table class='table-default'>
<tr class='list-header'>
<th><b>$langMultiplePairs LOGIN - PASS</b></th>
<th class='right'><b>$langResult</b></th>
</tr>";
if (count($loginDouble) > 0) {
$tool_content .= tablize($loginDouble);
$tool_content .= "<tr><td class='right' colspan='2'>";
$tool_content .= error_message();
$tool_content .= "</td></tr>";
} else {
$tool_content .= "<tr><td class='right' colspan='2'>";
$tool_content .= ok_message();
$tool_content .= "</td></tr>";
}
$tool_content .= "</table></div>";
break;
case 'vmusers':
$tool_content .= "<div class='row'>
<div class='col-sm-12'>
<h3 class='content-title'>$langUsers</h3>
<ul class='list-group'>
<li class='list-group-item'><label><a href='listusers.php?search=yes&verified_mail=1'>$langMailVerificationYes</a></label>
<span class='badge'>" . Database::get()->querySingle("SELECT COUNT(*) AS cnt FROM user WHERE verified_mail = " . EMAIL_VERIFIED . ";")->cnt . "</span>
</li>
<li class='list-group-item'><label><a href='listusers.php?search=yes&verified_mail=2'>$langMailVerificationNo</a></label>
<span class='badge'>" . Database::get()->querySingle("SELECT COUNT(*) AS cnt FROM user WHERE verified_mail = " . EMAIL_UNVERIFIED . ";")->cnt . "</span>
</li>
$oldpassword = md5($oldpassword);
if ($oldpassword != $password) {
error_message("Old password does not match records!");
} else {
if (!validate_password(htmlspecialchars($_POST['newpassword']))) {
error_message("Check entry for new password");
} else {
$newpassword = htmlspecialchars($_POST['newpassword']);
}
// we should be validated at this point
//hash the password
$newpassword = md5($newpassword);
$change_query = "UPDATE tbl_Employee SET password='******' WHERE logonName='{$current_user}'";
//run the query and report the result.
if ($dbconn->query("{$change_query}")) {
ok_message("Password Changed!");
} else {
error_message("Something went wrong");
}
}
}
}
?>
<html>
<head>
<title>Change Passwod</title>
<link href="css/bootstrap.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="css/starter-template.css" rel="stylesheet">
</head>
if (!validate_date(htmlspecialchars($_POST['hiredate']))) {
error_message("Check entry for hire date");
$valid_hiredate = 0;
} else {
$hiredate = htmlspecialchars($_POST['hiredate']);
$valid_hiredate = 1;
}
// we should be validated at this point
if ($valid_fname && $valid_lname && $valid_logon && $valid_password && $valid_hiredate) {
//hash the password
$password = md5($password);
$admin = $_POST['role'];
$add_query = "call employeeAdd('{$username}', '{$password}', '{$firstname}', '{$lastname}', '{$admin}', '{$hiredate}')";
//run the query and report the result.
if ($dbconn->query("{$add_query}")) {
ok_message("User added!");
} else {
error_message("Something went wrong");
}
} else {
error_message("Form didn't validate. Try again.");
}
}
}
?>
<html>
<head>
<title>Add a new Mama G's user</title>
<link href="css/bootstrap.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- Custom styles for this template -->
<?php
include 'include/header.php';
include 'include/validate.php';
//query to fill the select dropdown
$select_coupon_query = "SELECT couponId, amount, startDate, endDate FROM tbl_Coupon where active = 'Y'";
$select_coupon_result = $dbconn->query("{$select_coupon_query}");
// the conditional below validates that the form
// was really submitted.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$delete = $_POST['deletecoupon'];
$delete_query = "UPDATE tbl_Coupon SET active = 'N' where couponId={$delete}";
if ($dbconn->query("{$delete_query}")) {
ok_message("Coupon deleted!");
} else {
error_message("Something went wrong 1");
}
}
?>
<html>
<head>
<title>Delete A Mama G's Coupon</title>
<link href="css/bootstrap.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="css/starter-template.css" rel="stylesheet">
</head>
<body>
<div class="container">
<div class="col-md-10 col-md-offset-1 material-animated-card">
<?php
$valid_startdate = 0;
} else {
$valid_startdate = 1;
}
if (!validate_date($enddate)) {
error_message("Check entry for end date<br/>");
$valid_enddate = 0;
} else {
$valid_enddate = 1;
}
// we should be validated at this point
if ($valid_name && $valid_discount && $valid_amount && $valid_startdate && $valid_enddate) {
$update_query = "UPDATE tbl_Coupon SET name='{$name}', amount='{$amount}', startDate='{$startdate}',endDate='{$enddate}' WHERE couponId='{$selectcoupon}'";
//run the query and report the result.
if ($dbconn->query("{$update_query}")) {
ok_message("Coupon updated!");
} else {
error_message("Something went wrong");
}
} else {
error_message("Form didn't validate. Try again.<br/>");
}
}
?>
<html>
<head>
<title>Edit Existing Mama G's Coupon</title>
<link href="css/bootstrap.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="css/starter-template.css" rel="stylesheet">
