<div class="col-lg-12">
<h1 class="page-header">Admin Management</h1>
<p>
<a href="addadmin.php" class="btn btn-primary"><i class="fa fa-plus"></i> Add Admin</a>
<h3> Search for an Admin:</h3>
<form action="adminslist.php" method="post">
First Name: <input type="text" name="search_fname" />
Last Name: <input type="text" name="search_lname" />
Email: <input type="text" name="search_email" />
<input type='submit' value='Search' class="btn btn-default" />
</form>
<?php
include "../../databaseInfo.php";
if (isset($_POST["adminID"]) && isset($_POST["adminName"]) && isset($_POST["adminEmail"])) {
if (deleteAdmin($_POST["adminID"])) {
generatePage("success", $_POST["adminName"], $_POST["adminEmail"]);
} else {
generatePage("fail", $_POST["adminName"], $_POST["adminEmail"]);
}
} else {
generatePage("", "", "");
}
function deleteAdmin($adminID)
{
try {
$connection = new PDO("mysql:host=" . DB_HOST_NAME . ";dbname=" . DB_NAME . ";charset=utf8", DB_USER_NAME, DB_PASSWORD);
// Exceptions fire when occur
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$accountInformationQuery = $connection->query('
DELETE FROM ' . ADMIN_CREDENTIAL_TABLE . '
function deleteUser($userid)
{
$query = mysql_query("SELECT type FROM users WHERE userid = {$userid}");
$type = @mysql_result($query, 0);
$query = mysql_query("DELETE FROM users WHERE userid = {$userid} LIMIT 1") or die("DeleteFunction.php: Unable to delete selected User(s) - " . mysql_error());
switch ($type) {
case "Teacher":
// Get the list of teachers/substitutes that will also be deleted and delete them //
$query = mysql_query("SELECT teacherid FROM teachers WHERE userid = {$userid}") or die("DeleteFunctions.php: Unable to get list of teachers to delete for deleteUser() - " . mysql_error());
while ($teacherid = mysql_fetch_row($query)) {
deleteTeacher($teacherid[0]);
}
break;
case "Student":
// Get the list of students that will also be deleted and delete them //
$query = mysql_query("SELECT studentid FROM students WHERE userid = {$userid}") or die("DeleteFunctions.php: Unable to get list of students to delete for deleteUser() - " . mysql_error());
while ($studentid = @mysql_result($query, 0)) {
deleteStudent($studentid);
}
break;
case "Parent":
// Get the list of parents that will also be deleted and delete them //
$query = mysql_query("SELECT parentid FROM parents WHERE userid = {$userid}") or die("DeleteFunctions.php: Unable to get list of parents to delete for deleteUser() - " . mysql_error());
while ($parentid = @mysql_result($query, 0)) {
deleteParent($parentid);
}
break;
case "Admin":
// Get the list of administration staff that will also be deleted and delete them //
$query = mysql_query("SELECT adminid FROM adminstaff WHERE userid = {$userid}") or die("DeleteFunctions.php: Unable to get list of admins to delete for deleteUser() - " . mysql_error());
while ($adminid = @mysql_result($query, 0)) {
deleteAdmin($adminid);
}
break;
}
}
?>
</div>
<div id="menu-bottom" />
</div>
<div id="content">
<?php
if (isset($_POST['chosenAdmin'])) {
/* show input fields to mod admin */
showModAdmin($_POST['chosenAdmin']);
} elseif (isset($_POST['adminToModId'])) {
/* submit admin mod */
submitModAdmin($_POST['modAdminName'], $_POST['modAdminPass'], $_POST['adminToModId']);
} elseif (isset($_POST['adminToDeleteId'])) {
/* id of admin to delete */
deleteAdmin($_POST['adminToDeleteId']);
} elseif (isset($_POST['addNewAdmin'])) {
/* show addNewAdmin form */
addNewAdminForm();
} elseif (isset($_POST['submitNewAdmin'])) {
/* submit new admin to database */
insertNewAdmin($_POST['newAdminNick'], $_POST['newAdminPass']);
} else {
/* show admin selection form */
showAdminList();
}
?>
</div>
<div class="separate sfondo-footer"><?php
bottomPageInfo();
}
} else {
header('Location: ../index.php');
}
} else {
header('Location: ../index.php');
}
} else {
header('Location: ../index.php');
}
$id = $db = $name_of_id = $status = '';
if (isset($_GET['id']) && isset($_GET['db']) && isset($_GET['idname']) && isset($_GET['delete'])) {
$id = mysql_real_escape_string($_GET['id']);
$db = mysql_real_escape_string($_GET['db']);
$name_of_id = mysql_real_escape_string($_GET['idname']);
deleteAdmin($db, $name_of_id, $id);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<title>Admin Panel</title>
<meta name="description" content="TechPoint">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="css/admin_style.css">
<link rel="shortcut icon" href="img/favicon.ico" type="image/x-icon" />
<script type="text/javascript" src="https://www.gstatic.com/charts/loader.js"></script>