From 69403d77411e397c7137d39b8da03d95c0de7065 Mon Sep 17 00:00:00 2001 From: Janis Steiner Date: Thu, 28 Nov 2024 07:47:09 +0000 Subject: [PATCH] new user management system using ajax --- sys0-code/api/delete_user.php | 44 ++++ sys0-code/api/fetch_users.php | 52 +++++ sys0-code/api/update_user.php | 34 +++ sys0-code/api/verify_user.php | 18 ++ sys0-code/app/manage_user.php | 346 +++++++----------------------- sys0-code/app/manage_user.php.old | 296 +++++++++++++++++++++++++ sys0-code/app/overview.php | 87 +++++--- sys0-code/app/print.php | 8 +- 8 files changed, 589 insertions(+), 296 deletions(-) create mode 100644 sys0-code/api/delete_user.php create mode 100644 sys0-code/api/fetch_users.php create mode 100644 sys0-code/api/update_user.php create mode 100644 sys0-code/api/verify_user.php create mode 100644 sys0-code/app/manage_user.php.old diff --git a/sys0-code/api/delete_user.php b/sys0-code/api/delete_user.php new file mode 100644 index 0000000..aa0b0e0 --- /dev/null +++ b/sys0-code/api/delete_user.php @@ -0,0 +1,44 @@ +prepare($sql); +$stmt->bind_param("i", $userId); +$stmt->execute(); +$stmt->bind_result($username); +$stmt->fetch(); +$stmt->close(); + +$sql = "DELETE FROM users WHERE id = ?"; +$stmt = $link->prepare($sql); +$stmt->bind_param("i", $userId); +$stmt->execute(); +$stmt->close(); + +deleteDirectory("/var/www/html/user_files/$username/"); +?> diff --git a/sys0-code/api/fetch_users.php b/sys0-code/api/fetch_users.php new file mode 100644 index 0000000..3a48bde --- /dev/null +++ b/sys0-code/api/fetch_users.php @@ -0,0 +1,52 @@ +prepare($sql); +$stmt->bind_param("s", $username); +$stmt->execute(); +$result = $stmt->get_result(); + +while ($row = $result->fetch_assoc()) { + echo ""; + echo "{$row['username']}"; + echo " + + "; + + $role=substr($row['role'],0,11); + foreach (str_split($role) as $index => $perm) { + $checked = $perm === "1" ? "checked" : ""; + echo " + + "; + } + + if($row['banned']==1) + echo ""; + else + echo "Bereits verifiziert"; + echo ""; + echo ""; +} +$stmt->close(); +?> diff --git a/sys0-code/api/update_user.php b/sys0-code/api/update_user.php new file mode 100644 index 0000000..a646264 --- /dev/null +++ b/sys0-code/api/update_user.php @@ -0,0 +1,34 @@ +prepare($sql); + $stmt->bind_param("i", $userId); + $stmt->execute(); + $stmt->bind_result($role); + $stmt->fetch(); + $stmt->close(); + + $role[$index] = $value; + $sql = "UPDATE users SET role = ? WHERE id = ?"; + $stmt = $link->prepare($sql); + $stmt->bind_param("si", $role, $userId); +} else { + $sql = "UPDATE users SET $field = ? WHERE id = ?"; + $stmt = $link->prepare($sql); + $stmt->bind_param("ii", $value, $userId); +} +$stmt->execute(); +$stmt->close(); +?> diff --git a/sys0-code/api/verify_user.php b/sys0-code/api/verify_user.php new file mode 100644 index 0000000..d65c700 --- /dev/null +++ b/sys0-code/api/verify_user.php @@ -0,0 +1,18 @@ +prepare($sql); +$stmt->bind_param("i", $userId); +$stmt->execute(); +$stmt->close(); + +?> diff --git a/sys0-code/app/manage_user.php b/sys0-code/app/manage_user.php index 2e0a0f9..6702596 100644 --- a/sys0-code/app/manage_user.php +++ b/sys0-code/app/manage_user.php @@ -1,22 +1,25 @@ - - Manage user + + + + + Benutzerverwaltung + + + + - - - - ");?>
- +

Benutzer suchen und verwalten

+
+ + +
+ + + + + + + + + + + + + + + + + + + + + +
NutzerKlasseDruckenPrivate CloudÖffentliche CloudAlle Drucker freigebenBenutzerrechteAdmin erstellenLog ansehenAPI-KeyDruckschlüsselDebugÖffentliche Dateien löschenManuell verifizierenLöschen
+ - // Get list of files and directories inside the directory - $files = scandir($dir); + - foreach ($files as $file) { - // Skip current and parent directory links - if ($file == '.' || $file == '..') { - continue; - } +"); - require_once "../config/config.php"; - if(isset($_GET["update_id"]) && $_GET["rid"]==$_SESSION["rid"]-1){ - $tid=$_GET["update_id"]; - $perms=get_perm_string(); - $sql="UPDATE users SET role = '$perms' WHERE id=$tid"; - $stmt = mysqli_prepare($link, $sql); - mysqli_stmt_execute($stmt); - } - if(isset($_GET['username']) && isset($_GET["delete"])) - { - $username_td=$_GET['username']; - $username_td=htmlspecialchars($username_td); - $sql="DELETE FROM users WHERE username = '$username_td';"; - //echo($sql); - $stmt = mysqli_prepare($link, $sql); - mysqli_stmt_execute($stmt); - deleteDirectory("/var/www/html/user_files/$username_td/"); - log_("Deleted $username_td","BAN:DELETION"); - } - else if(isset($_GET["verify"]) && isset($_GET['username'])) - { - $username_td=htmlspecialchars($_GET['username']); - $sql="UPDATE users SET banned = 0 WHERE username='$username_td'"; - $stmt = mysqli_prepare($link, $sql); - mysqli_stmt_execute($stmt); - log_("Unanned $username_td","BAN:UNBAN"); - } - + $.post('/api/update_user.php', { userId, field, value }, function (response) { + console.log(response); + }); + }); - //how many users do we have? - $cnt=0; - $sql="SELECT COUNT(*) FROM users"; - if($stmt = mysqli_prepare($link, $sql)){ - // Bind variables to the prepared statement as parameters - - // Attempt to execute the prepared statement - if(mysqli_stmt_execute($stmt)){ - // Store result - mysqli_stmt_store_result($stmt); - mysqli_stmt_bind_result($stmt, $cnt); - if(mysqli_stmt_fetch($stmt)){ - - } - } else{ - echo ""; - } - - // Close statement - mysqli_stmt_close($stmt); + $(document).on('click', '.deleteUser', function () { + const userId = $(this).data('userid'); + if (confirm('Sind Sie sicher, dass Sie diesen Benutzer löschen möchten?')) { + $.post('/api/delete_user.php', { userId }, function () { + fetchUsers(); + }); } - ?> + }); + $(document).on('click', '.verify_user', function () { + const userId = $(this).data('userid'); + $.post('/api/verify_user.php', { userId }, function () { + fetchUsers(); + }); + }); -
-
-
-
-

Nach Benutzer suchen, um zu verwalten

-
- - -
-
+ fetchUsers(); // Initiale Benutzer laden + load_user(); +}); + - - "); - echo(""); - echo(""); - echo("Nutzer"); - echo("Drucken"); - echo("Cloud"); - echo("Öffentliche Cloud"); - echo("Alle Drucker abbrechen / freigeben"); - echo("Benutzereinstellungen ändern"); - echo("Administratoren erstellen"); - echo("Log ansehen"); - echo("APIkey ansehen"); - echo("Druckschlüssel erstellen"); - echo("Debug"); - echo("Alle Dateien von Öffentlicher Cloud löschen"); - echo("Aktualisieren"); - echo("Benutzer löschen"); - echo("Benutzer manuell verifizieren"); - echo(""); - echo(""); - echo(""); - echo(""); - //how many users do we have? - $cnt=0; - if(isset($_GET["username"])) - $search=htmlspecialchars($_GET["username"]); - else - $search="user_not_found"; - - $sql="SELECT COUNT(*) FROM users WHERE username LIKE '%$search%'"; - $stmt = mysqli_prepare($link, $sql); - mysqli_stmt_execute($stmt); - // Store result - mysqli_stmt_store_result($stmt); - mysqli_stmt_bind_result($stmt, $cnt); - mysqli_stmt_fetch($stmt); - mysqli_stmt_close($stmt); - //now we know how many users we have. - $last_id=0; - while($cnt!=0){ - $tusername=""; - $trole=""; - $banned=0; - $tid=0; - $sql="select id,username,role,banned from users where id>$last_id AND username LIKE '%$search%' ORDER BY id"; - $stmt = mysqli_prepare($link, $sql); - mysqli_stmt_execute($stmt); - // Store result - mysqli_stmt_store_result($stmt); - mysqli_stmt_bind_result($stmt, $tid,$tusername,$trole,$banned); - mysqli_stmt_fetch($stmt); - mysqli_stmt_close($stmt); - echo("
"); - echo("$tusername"); - if($trole[0]==="1") - echo(''); - else - echo(''); - if($trole[1]==="1") - echo(''); - else - echo(''); - if($trole[2]==="1") - echo(''); - else - echo(''); - if($trole[3]==="1") - echo(''); - else - echo(''); - if($trole[4]==="1") - echo(''); - else - echo(''); - if($trole[5]==="1") - echo(''); - else - echo(''); - if($trole[6]==="1") - echo(''); - else - echo(''); - if($trole[7]==="1") - echo(''); - else - echo(''); - if($trole[8]==="1") - echo(''); - else - echo(''); - if($trole[9]==="1") - echo(''); - else - echo(''); - if($trole[10]==="1") - echo(''); - else - echo(''); - echo(''); - echo('Benutzer löschen'); - if($banned==1) - echo('Benutzer verifizieren'); - else - echo('Benutzer bereits verifiziert'); - echo("
"); - $last_id=$tid; - $cnt--; - } - // echo(""); - echo(""); - echo(""); - mysqli_close($link); - ?> -
-
-
- - - diff --git a/sys0-code/app/manage_user.php.old b/sys0-code/app/manage_user.php.old new file mode 100644 index 0000000..2e0a0f9 --- /dev/null +++ b/sys0-code/app/manage_user.php.old @@ -0,0 +1,296 @@ + + + Manage user + + + + + + + ");?> +
+load_user()"); + require_once "../config/config.php"; + if(isset($_GET["update_id"]) && $_GET["rid"]==$_SESSION["rid"]-1){ + $tid=$_GET["update_id"]; + $perms=get_perm_string(); + $sql="UPDATE users SET role = '$perms' WHERE id=$tid"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_execute($stmt); + } + if(isset($_GET['username']) && isset($_GET["delete"])) + { + $username_td=$_GET['username']; + $username_td=htmlspecialchars($username_td); + $sql="DELETE FROM users WHERE username = '$username_td';"; + //echo($sql); + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_execute($stmt); + deleteDirectory("/var/www/html/user_files/$username_td/"); + log_("Deleted $username_td","BAN:DELETION"); + } + else if(isset($_GET["verify"]) && isset($_GET['username'])) + { + $username_td=htmlspecialchars($_GET['username']); + $sql="UPDATE users SET banned = 0 WHERE username='$username_td'"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_execute($stmt); + log_("Unanned $username_td","BAN:UNBAN"); + } + + + //how many users do we have? + $cnt=0; + $sql="SELECT COUNT(*) FROM users"; + if($stmt = mysqli_prepare($link, $sql)){ + // Bind variables to the prepared statement as parameters + + // Attempt to execute the prepared statement + if(mysqli_stmt_execute($stmt)){ + // Store result + mysqli_stmt_store_result($stmt); + mysqli_stmt_bind_result($stmt, $cnt); + if(mysqli_stmt_fetch($stmt)){ + + } + } else{ + echo ""; + } + + // Close statement + mysqli_stmt_close($stmt); + } + ?> + + +
+
+
+
+

Nach Benutzer suchen, um zu verwalten

+
+ + +
+
+ + + "); + echo(""); + echo(""); + echo("Nutzer"); + echo("Drucken"); + echo("Cloud"); + echo("Öffentliche Cloud"); + echo("Alle Drucker abbrechen / freigeben"); + echo("Benutzereinstellungen ändern"); + echo("Administratoren erstellen"); + echo("Log ansehen"); + echo("APIkey ansehen"); + echo("Druckschlüssel erstellen"); + echo("Debug"); + echo("Alle Dateien von Öffentlicher Cloud löschen"); + echo("Aktualisieren"); + echo("Benutzer löschen"); + echo("Benutzer manuell verifizieren"); + echo(""); + echo(""); + echo(""); + echo(""); + //how many users do we have? + $cnt=0; + if(isset($_GET["username"])) + $search=htmlspecialchars($_GET["username"]); + else + $search="user_not_found"; + + $sql="SELECT COUNT(*) FROM users WHERE username LIKE '%$search%'"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_execute($stmt); + // Store result + mysqli_stmt_store_result($stmt); + mysqli_stmt_bind_result($stmt, $cnt); + mysqli_stmt_fetch($stmt); + mysqli_stmt_close($stmt); + //now we know how many users we have. + $last_id=0; + while($cnt!=0){ + $tusername=""; + $trole=""; + $banned=0; + $tid=0; + $sql="select id,username,role,banned from users where id>$last_id AND username LIKE '%$search%' ORDER BY id"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_execute($stmt); + // Store result + mysqli_stmt_store_result($stmt); + mysqli_stmt_bind_result($stmt, $tid,$tusername,$trole,$banned); + mysqli_stmt_fetch($stmt); + mysqli_stmt_close($stmt); + echo("
"); + echo("$tusername"); + if($trole[0]==="1") + echo(''); + else + echo(''); + if($trole[1]==="1") + echo(''); + else + echo(''); + if($trole[2]==="1") + echo(''); + else + echo(''); + if($trole[3]==="1") + echo(''); + else + echo(''); + if($trole[4]==="1") + echo(''); + else + echo(''); + if($trole[5]==="1") + echo(''); + else + echo(''); + if($trole[6]==="1") + echo(''); + else + echo(''); + if($trole[7]==="1") + echo(''); + else + echo(''); + if($trole[8]==="1") + echo(''); + else + echo(''); + if($trole[9]==="1") + echo(''); + else + echo(''); + if($trole[10]==="1") + echo(''); + else + echo(''); + echo(''); + echo('Benutzer löschen'); + if($banned==1) + echo('Benutzer verifizieren'); + else + echo('Benutzer bereits verifiziert'); + echo("
"); + $last_id=$tid; + $cnt--; + } + // echo(""); + echo(""); + echo(""); + mysqli_close($link); + ?> +
+
+
+ + + + + diff --git a/sys0-code/app/overview.php b/sys0-code/app/overview.php index cc1dff2..178e10c 100644 --- a/sys0-code/app/overview.php +++ b/sys0-code/app/overview.php @@ -26,6 +26,12 @@ function load_user() $('#content').load("/assets/php/user_page.php"); }); } +function update_cancel_modal(printer_id,rid){ + const modal_=document.getElementById("cancel_modal"); + const button=document.getElementById("send_cancel_command"); + button.href="overview.php?cancel="+printer_id+"&rid="+rid; + document.getElementById("open_cancel_modal").click(); +} load_user()"; @@ -115,7 +121,12 @@ function load_user()
-
+ + + +
Vergangene Druckzeit$print_time"); echo("Datei
".short_path($json["job"]["file"]["name"],10,10)."
".$json["job"]["file"]["name"]."
"); if($userid==$_SESSION["id"] or $role[3]==="1"){ - echo("Abbrechen"); + //echo("Abbrechen"); + echo(""); } echo(""); echo(""); @@ -451,36 +463,55 @@ function load_user()