/** * CRUD data admin2 */ function user_admin_admin() { $op = func_arg(0); switch (strtolower(trim($op))) { case 'add': $username = $_REQUEST['username']; $password = $_REQUEST['password']; $email = $_REQUEST['email']; $admin_created = create_new_admin($username, $password, $email); if ($admin_created === TRUE) { $_SESSION['pop_status_msg'][] = "Admin baru berhasil dibuat: <br>• Username: {$username}<br>• Password: {$password}<br>"; } else { $_SESSION['pop_error_msg'][] = $admin_created; } break; case 'update': $username = $_REQUEST['username']; $old_password = $_REQUEST['old_password']; $new_password = $_REQUEST['new_password']; $new_email = $_REQUEST['new_email']; $admin_updated = update_admin($username, $old_password, $new_password, $email); if ($admin_updated === TRUE) { $_SESSION['pop_status_msg'][] = "Data admin berhasil diupdate"; } else { $_SESSION['pop_error_msg'][] = $admin_updated; } break; case 'delete': // user/admin/admin/[delete]/[$username] $username = func_arg(1); $admin_deleted = delete_admin($username); if ($admin_deleted === TRUE) { $_SESSION['pop_status_msg'][] = "Data admin [{$username}] berhasil dihapus"; } else { $_SESSION['pop_error_msg'][] = $admin_deleted; } break; } // default $op = view // dapatkan data semua admin $lilo_mongo = new LiloMongo(); $lilo_mongo->selectDB('Users'); $lilo_mongo->selectCollection('Admin'); $admin_data_cursor = $lilo_mongo->find(); $template = new Template(); $template->basepath = $_SESSION['basepath']; $template->admin_data_cursor = $admin_data_cursor; // sampe senee... $html = $template->render("modules/001_user_management/templates/user_admin_admin.php"); if (trim($ajax) == 'ajax') { } else { $html = ui_admin_default(NULL, $html); } return $html; }
function save_admin() { if ($u = get_admin_info_by_id(_post('id'))) { if ($u['password'] != _post('oldpassword')) { return ajax_echo('旧密码不正确,保存失败'); } } if (update_admin(_post('adminname'), _post('newpassword') ? _post('newpassword') : $u['password'])) { return ajax_echo('您的资料已更改'); } return ajax_echo('修改失败,原因未知'); }
order_list($db, $order_list_actual, "type_os", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_type_os"]) && $_POST["update_type_os"] == "1") { $id = intval($_POST["id"]); $type_os = addslashes($_POST["type_os"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $type_os . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_type_os' value='1' />\n\t\t\t\t\t<input type='text' name='type_os_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_type_os_db"]) && $_POST["update_type_os_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["type_os_updated"]); update_admin($db, $id, $data, "type_os"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "type_os"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau système d'exploitation</h2> <input type="hidden" name="add_type_os" value="1" /> Nom du système d'exploitation : <input name="type_os" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
// View admin accounts include 'account_view.php'; break; case 'view_edit': // Get admin user data $admin_id = intval($_POST['admin_id']); $admin = get_admin($admin_id); $first_name = $admin['firstName']; $last_name = $admin['lastName']; $email = $admin['emailAddress']; // Display Edit page include 'account_edit.php'; break; case 'update': $admin_id = intval($_POST['admin_id']); update_admin($admin_id, $_POST['email'], $_POST['first_name'], $_POST['last_name'], $_POST['password_1'], $_POST['password_2']); if ($admin_id == $_SESSION['admin']['adminID']) { $_SESSION['admin'] = get_admin($admin_id); } redirect($app_path . 'admin/account'); break; case 'view_delete_confirm': $admin_id = intval($_POST['admin_id']); if ($admin_id == $_SESSION['admin']['adminID']) { display_error('You cannot delete your own account.'); } $admin = get_admin($admin_id); $first_name = $admin['firstName']; $last_name = $admin['lastName']; $email = $admin['emailAddress']; include 'account_delete.php';
order_list($db, $order_list_actual, "servers", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_servers"]) && $_POST["update_servers"] == "1") { $id = intval($_POST["id"]); $servers = addslashes($_POST["servers"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $servers . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_servers' value='1' />\n\t\t\t\t\t<input type='text' name='servers_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_servers_db"]) && $_POST["update_servers_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["servers_updated"]); update_admin($db, $id, $data, "servers"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "servers"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau serveur</h2> <input type="hidden" name="add_servers" value="1" /> Nom du serveur : <input name="servers" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
order_list($db, $order_list_actual, "antivirus", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_antivirus"]) && $_POST["update_antivirus"] == "1") { $id = intval($_POST["id"]); $antivirus = addslashes($_POST["antivirus"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $antivirus . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_antivirus' value='1' />\n\t\t\t\t\t<input type='text' name='antivirus_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_antivirus_db"]) && $_POST["update_antivirus_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["antivirus_updated"]); update_admin($db, $id, $data, "antivirus"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "antivirus"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouvel antivirus</h2> <input type="hidden" name="add_antivirus" value="1" /> Nom de l'antivirus : <input name="antivirus" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
order_list($db, $order_list_actual, "shop", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_shop"]) && $_POST["update_shop"] == "1") { $id = intval($_POST["id"]); $shop = addslashes($_POST["shop"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $shop . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_shop' value='1' />\n\t\t\t\t\t<input type='text' name='shop_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_shop_db"]) && $_POST["update_shop_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["shop_updated"]); update_admin($db, $id, $data, "shop"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "shop"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau magasin</h2> <input type="hidden" name="add_shop" value="1" /> Nom du magasin : <input name="shop" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
update_admin($fName, $mName, $lName, $id); update_account($pass, $id); $message = "<div class = 'alert alert-success' style = 'width: 350px;'>Account is successfully updated.</div>"; echo "<script>"; //go back to viewMed page after 3 seconds. echo "setTimeout(function(){ document.location = '?p=profileAdmin'; }, 2000);"; echo "</script>"; } else { if ($photo && !$photo['error']) { $name = $photo['name']; $type = $photo['type']; $path = $photo['tmp_name']; $bytes = file_get_contents($path); $user = $_SESSION['user']; update_photo($name, $type, $bytes, $user, $id); update_admin($fName, $mName, $lName, $id); update_account($pass, $id); $message = "<div class = 'alert alert-success' style = 'width: 350px;'>Account is successfully updated.</div>"; echo "<script>"; //go back to viewMed page after 3 seconds. echo "setTimeout(function(){ document.location = '?p=profileAdmin'; }, 2000);"; echo "</script>"; } else { $message = "<div class = 'alert alert-warning' style = 'width: 350px;'>Invalid File.</div>"; } } } else { //if not submitted we retrieve the data from the database $adminFind = find_admin($id); $user_pass = get_pass($id); if ($adminFind) {
<?php if ($access != 'VALID') { header('location:../../index.php'); } //Contrôleur secondaire affichage admin $retour = ''; if (!isset($_SESSION['admin'])) { header('location:../../index.php'); } else { include_once 'model/users/fonctions_admins.php'; if (isset($_POST['nom'])) { if ($_POST['mdp'] == $_POST['mdp2']) { $mdp = crypt($_POST['mdp'], SEL); if (update_admin($_GET['a'], $mdp, $_POST['nom'])) { $retour = 'La modification a bien été effectuée'; } else { $retour = 'Il y a eu une erreur lors de la mise à jour de l\'administrateur'; } } else { $retour = 'Les mots de passe que vous avez entrés ne sont pas identiques'; } } $url = "?module=users&action=admins"; $action = "Retourner à la liste des admin"; $title = 'Edition d\'utilisateur'; include_once 'view/retour.php'; }
order_list($db, $order_list_actual, "type_hardware", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_type_hardware"]) && $_POST["update_type_hardware"] == "1") { $id = intval($_POST["id"]); $type_hardware = addslashes($_POST["type_hardware"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $type_hardware . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_type_hardware' value='1' />\n\t\t\t\t\t<input type='text' name='type_hardware_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_type_hardware_db"]) && $_POST["update_type_hardware_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["type_hardware_updated"]); update_admin($db, $id, $data, "type_hardware"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "type_hardware"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau type de matériel</h2> <input type="hidden" name="add_type_hardware" value="1" /> Nom du type de matériel : <input name="type_hardware" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
order_list($db, $order_list_actual, "techs", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_tech"]) && $_POST["update_tech"] == "1") { $id = intval($_POST["id"]); $name_tech = addslashes($_POST["name_tech"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $name_tech . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_tech_db' value='1' />\n\t\t\t\t\t<input type='text' name='name_tech_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_tech_db"]) && $_POST["update_tech_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["name_tech_updated"]); update_admin($db, $id, $data, "techs"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "techs"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau technicien</h2> <input type="hidden" name="add_tech" value="1" /> Nom du technicien : <input name="tech" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
$conn = connDB(); $sql = "UPDATE tbl_admin SET `role` = '{$role}', \n `username` = '{$username}', \n\t\t\t\t\t\t\t\t `email` = '{$email}', \n\t\t\t\t\t\t\t\t `level` = '{$level}'\n WHERE `id` = '{$admin_id}'\n\t\t\t "; $query = mysql_query($sql, $conn) or die(mysql_error()); } $role = $_POST['admin_role']; $username = $_POST['username']; $email = $_POST['email']; $old_pass = $_POST['old_password']; $new_pass = $_POST['new_password']; $new_pass_retype = $_POST['r_new_password']; $admin_id = $_POST['admin_id']; if (isset($_POST['btn-index-account'])) { if ($_POST['btn-index-account'] == "Save Changes") { $validation = validation_old_password($old_pass); if ($validation['rows'] > 0) { update_admin($role, $username, $email, $new_pass_retype, 'NOT DEFINED YET', $admin_id); ?> <script> alert("Success update for username : <?php echo $_POST['username']; ?> "); </script> <?php } else { if ($validation['rows'] = 0) { ?> <script> alert("Please enter the correct password"); </script> <?php
$acc_new_pass = $_POST['admin_r_new_password']; if (empty($acc_role)) { $role = "super admin"; } else { $role = $acc_role; } update_admin_half($role, $acc_name, $acc_email, '1', $acc_id); $_SESSION['alert'] = "success"; $_SESSION['msg'] = "Changes successfully saved"; // VERIFY ADMIN $cek_admin = get_admin_validation($acc_id, $acc_name, $acc_old_pass); if (!empty($acc_old_pass)) { if ($cek_admin['rows'] == 1) { if (empty($acc_new_pass)) { } else { update_admin($role, $acc_name, $acc_email, $acc_new_pass, '1', $acc_id); } $_SESSION['alert'] = "success"; $_SESSION['msg'] = "Changes successfully saved"; } else { $_SESSION['alert'] = "error"; $_SESSION['msg'] = "Please input valid information"; } } } } // END ISSET /* # ---------------------------------------------------------------------- # GENERAL # ----------------------------------------------------------------------
$validate->email('email', $email); $validate->text('first_name', $first_name); $validate->text('last_name', $last_name); $validate->text('password_1', $password_1, false, 6, 30); $validate->text('password_2', $password_2, false, 6, 30); // If validation errors, redisplay Login page and exit controller if ($fields->hasErrors()) { include 'admin/account/account_edit.php'; break; } if ($password_1 !== $password_2) { $password_message = 'Passwords do not match.'; include 'admin/account/account_edit.php'; break; } update_admin($admin_id, $email, $first_name, $last_name, $password_1, $password_2); if ($admin_id == $_SESSION['admin']['adminID']) { $_SESSION['admin'] = get_admin($admin_id); } redirect($app_path . 'admin/account/.?action=view_account'); break; case 'view_delete_confirm': $admin_id = filter_input(INPUT_POST, 'admin_id', FILTER_VALIDATE_INT); if ($admin_id == $_SESSION['admin']['adminID']) { display_error('You cannot delete your own account.'); } $admin = get_admin($admin_id); $first_name = $admin['firstName']; $last_name = $admin['lastName']; $email = $admin['emailAddress']; include 'account_delete.php';
order_list($db, $order_list_actual, "type_interv", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_type_interv"]) && $_POST["update_type_interv"] == "1") { $id = intval($_POST["id"]); $type_interv = addslashes($_POST["type_interv"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $type_interv . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_type_interv' value='1' />\n\t\t\t\t\t<input type='text' name='type_hardware_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_type_interv_db"]) && $_POST["update_type_interv_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["type_interv_updated"]); update_admin($db, $id, $data, "type_interv"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "type_interv"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau type d'intervention</h2> <input type="hidden" name="add_type_interv" value="1" /> Nom du type d'intervention : <input name="type_interv" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>
<?php $sql = edit_admin(); ?> <div class="col-1"> <div class="box-title"> <h1>EDIT ADMIN</h1> </div> <?php if (isset($_POST['update'])) { update_admin(); } ?> <form action="?redirect=edit_admin" method="post"> <table class="tab-in"> <?php while ($data = mysql_fetch_array($sql)) { ?> <tr> <th class="th-ho">Nama</th> <th class="th-v"><input class="text-in" type="text" name="nama_lengkap" value="<?php echo $data['nama_lengkap']; ?> "></th> </tr> <tr> <th class="th-ho">User Name</th> <th class="th-v"><input class="text-in" type="text" name="user" value="<?php echo $data['user_name']; ?> "></th>
order_list($db, $order_list_actual, "software", "down", $max_line); unset($_POST); } // ------------- // --- MODIFICATION if (!empty($_POST) && isset($_POST["update_software"]) && $_POST["update_software"] == "1") { $id = intval($_POST["id"]); $software = addslashes($_POST["software"]); echo "Modification du champ<br />\n\t\t\t\tAncienne valeur = [<b>" . $software . "</b>]<br />\n\t\t\t\t<form action='#' method='POST'> <input type='hidden' name='id' value='" . $id . "' /> <input type='hidden' name='update_software' value='1' />\n\t\t\t\t\t<input type='text' name='software_updated' class='form-control' />\n\t\t\t\t\t<button class='btn btn-large btn-primary'>Enregistrer<br />les modifications</button>\n\t\t\t\t</form>"; unset($_POST); } // --- MODIFICATION DANS DB if (!empty($_POST) && isset($_POST["update_software_db"]) && $_POST["update_software_db"] == "1") { $id = $_POST["id"]; $data = addslashes($_POST["software_updated"]); update_admin($db, $id, $data, "software"); } ?> <div class="col-lg-8 col-md-8 col-sm-12 col-xs-12"> <?php listing_admin($db, "software"); ?> </div> <div class="col-lg-4 col-md-4 col-sm-12 col-xs-12"> <form method="POST" class="well"> <h2 class="text-center">Ajouter un nouveau logiciel</h2> <input type="hidden" name="add_software" value="1" /> Nom du logiciel : <input name="software" type="text" class="form-control" required /><br /><br /> <button class="btn btn-large btn-success">Ajouter<br /><span class="glyphicon glyphicon-tag"></span></button> </form>