janis/system0-2.0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new user management system using ajax

Browse Source
This commit is contained in:
Janis Steiner
2024-11-28 07:47:09 +00:00
parent 60d68dae88
commit 69403d7741
8 changed files with 589 additions and 296 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
sys0-code/api/delete_user.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
session_start();
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3] !== "1") {
header("location: /login/login.php");
exit;
}
require_once "../config/config.php";
function deleteDirectory($dir) {
if (!is_dir($dir)) {
return false; // Gibt false zurück, wenn das Verzeichnis nicht existiert
}
$files = array_diff(scandir($dir), array('.', '..')); // Ignoriert "." und ".."
foreach ($files as $file) {
$path = $dir . DIRECTORY_SEPARATOR . $file;
if (is_dir($path)) {
deleteDirectory($path); // Rekursiver Aufruf für Unterordner
} else {
unlink($path); // Datei löschen
}
}
return rmdir($dir); // Verzeichnis löschen
}
$userId = $_POST['userId'];
$sql = "SELECT username FROM users WHERE id = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("i", $userId);
$stmt->execute();
$stmt->bind_result($username);
$stmt->fetch();
$stmt->close();
$sql = "DELETE FROM users WHERE id = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("i", $userId);
$stmt->execute();
$stmt->close();
deleteDirectory("/var/www/html/user_files/$username/");
?>

52
sys0-code/api/fetch_users.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
session_start();
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3] !== "1") {
header("location: /login/login.php");
exit;
}
require_once "../config/config.php";
$username = isset($_GET['username']) ? '%' . htmlspecialchars($_GET['username']) . '%' : '%';
$sql = "SELECT users.id, users.username, users.role, users.class_id, users.banned, class.name
FROM users
LEFT JOIN class ON users.class_id = class.id
WHERE users.username LIKE ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
echo "<tr>";
echo "<td>{$row['username']}</td>";
echo "<td>
<select class='form-select updateField' data-field='class_id' data-userid='{$row['id']}'>";
$classQuery = $link->query("SELECT id, name FROM class");
while ($class = $classQuery->fetch_assoc()) {
$selected = $class['id'] == $row['class_id'] ? 'selected' : '';
echo "<option value='{$class['id']}' $selected>{$class['name']}</option>";
}
if($row["class_id"]==0){
echo "<option value='0' selected>Lehrperson</option>";
}
echo "</select>
</td>";
$role=substr($row['role'],0,11);
foreach (str_split($role) as $index => $perm) {
$checked = $perm === "1" ? "checked" : "";
echo "<td>
<input type='checkbox' class='form-check-input updateField' data-field='role[$index]' data-userid='{$row['id']}' $checked>
</td>";
}
if($row['banned']==1)
echo "<td><button class='btn btn-success verify_user' data-userid='{$row['id']}'>Manuell verifizieren</button></td>";
else
echo "<td>Bereits verifiziert</td>";
echo "<td><button class='btn btn-danger deleteUser' data-userid='{$row['id']}'>Löschen</button></td>";
echo "</tr>";
}
$stmt->close();
?>

34
sys0-code/api/update_user.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
session_start();
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3] !== "1") {
header("location: /login/login.php");
exit;
}
require_once "../config/config.php";
$userId = $_POST['userId'];
$field = $_POST['field'];
$value = $_POST['value'];
if (strpos($field, 'role') !== false) {
$index = (int)filter_var($field, FILTER_SANITIZE_NUMBER_INT);
$sql = "SELECT role FROM users WHERE id = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("i", $userId);
$stmt->execute();
$stmt->bind_result($role);
$stmt->fetch();
$stmt->close();
$role[$index] = $value;
$sql = "UPDATE users SET role = ? WHERE id = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("si", $role, $userId);
} else {
$sql = "UPDATE users SET $field = ? WHERE id = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("ii", $value, $userId);
}
$stmt->execute();
$stmt->close();
?>

18
sys0-code/api/verify_user.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
session_start();
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3] !== "1") {
header("location: /login/login.php");
exit;
}
require_once "../config/config.php";
$userId = $_POST['userId'];
$sql = "UPDATE users SET banned = 0 WHERE id = ?";
$stmt = $link->prepare($sql);
$stmt->bind_param("i", $userId);
$stmt->execute();
$stmt->close();
?>

354
sys0-code/app/manage_user.php
View File

@@ -1,22 +1,25 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html lang="de">
<title>Manage user</title> <head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Benutzerverwaltung</title>
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
</head>
<body style="background-color: <?php echo $_SESSION['color']; ?>;">
<?php <?php
// Initialize the session
session_start(); session_start();
require_once "../log/log.php"; require_once "../log/log.php";
// Check if the user is logged in, if not then redirect him to login page require_once "../config/config.php";
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3]!== "1"){ include "../assets/components.php";
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3] !== "1") {
header("location: /login/login.php"); header("location: /login/login.php");
exit; exit;
} }
$_SESSION["rid"]++; $_SESSION["rid"]++;
?> ?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<script src="/assets/js/load_page.js"></script> <script src="/assets/js/load_page.js"></script>
<script> <script>
function load_user() function load_user()
@@ -26,271 +29,84 @@ function load_user()
}); });
} }
</script> </script>
<?php $color=$_SESSION["color"]; ?>
<?php echo("<body style='background-color:$color'> ");?>
<div id="content"></div> <div id="content"></div>
<?php <div class="container mt-12" style="min-height:95vh">
function get_perm_string(){ <h4>Benutzer suchen und verwalten</h4>
$perm_str=""; <form id="userSearchForm">
if(isset($_POST["print"])) <input type="text" class="form-control" name="username" placeholder="Benutzername eingeben">
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["private_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["printer_ctrl_all"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["change_user_perm"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_admin"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_log"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_apikey"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_key"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["debug"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["delete_from_public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
return $perm_str;
}
function deleteDirectory($dir) {
if (!is_dir($dir)) {
return;
}
// Get list of files and directories inside the directory
$files = scandir($dir);
foreach ($files as $file) {
// Skip current and parent directory links
if ($file == '.' || $file == '..') {
continue;
}
$path = $dir . '/' . $file;
if (is_dir($path)) {
// Recursively delete sub-directory
deleteDirectory($path);
} else {
// Delete file
unlink($path);
}
}
// Delete the empty directory
rmdir($dir);
}
echo ("<script type='text/javascript' >load_user()</script>");
require_once "../config/config.php";
if(isset($_GET["update_id"]) && $_GET["rid"]==$_SESSION["rid"]-1){
$tid=$_GET["update_id"];
$perms=get_perm_string();
$sql="UPDATE users SET role = '$perms' WHERE id=$tid";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
if(isset($_GET['username']) && isset($_GET["delete"]))
{
$username_td=$_GET['username'];
$username_td=htmlspecialchars($username_td);
$sql="DELETE FROM users WHERE username = '$username_td';";
//echo($sql);
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
deleteDirectory("/var/www/html/user_files/$username_td/");
log_("Deleted $username_td","BAN:DELETION");
}
else if(isset($_GET["verify"]) && isset($_GET['username']))
{
$username_td=htmlspecialchars($_GET['username']);
$sql="UPDATE users SET banned = 0 WHERE username='$username_td'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
log_("Unanned $username_td","BAN:UNBAN");
}
//how many users do we have?
$cnt=0;
$sql="SELECT COUNT(*) FROM users";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
if(mysqli_stmt_fetch($stmt)){
}
} else{
echo "<div class='alert alert-danger' role='alert'>Oops! Something went wrong. Please try again later.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
?>
<div class="container" style="min-height:95vh; min-width:100%">
<div class="row">
<div class="col-mt-12" style="overflow-x:auto">
<div class="d-flex flex-column align-items-center">
<h4>Nach Benutzer suchen, um zu verwalten</h4>
<form action="manage_user.php" method="GET" >
<input type="text" class="form-control flex-grow-1 mr-2" name="username" placeholder="Benutzername eingeben" >
<button type="submit" class="btn btn-primary">Suchen</button> <button type="submit" class="btn btn-primary">Suchen</button>
</form> </form>
</div> <table class="table mt-5" id="userTable">
<thead>
<tr>
<th>Nutzer</th>
<th>Klasse</th>
<th>Drucken</th>
<th>Private Cloud</th>
<th>Öffentliche Cloud</th>
<th>Alle Drucker freigeben</th>
<th>Benutzerrechte</th>
<th>Admin erstellen</th>
<th>Log ansehen</th>
<th>API-Key</th>
<th>Druckschlüssel</th>
<th>Debug</th>
<th>Öffentliche Dateien löschen</th>
<th>Manuell verifizieren</th>
<th>Löschen</th>
</tr>
</thead>
<tbody></tbody>
</table>
</div>
<!-- list users and their permissions --> <div id="footer">
<?php </div>
echo("<table class='table' style='overflow-x: auto'>");
echo("<thead>");
echo("<tr>");
echo("<td>Nutzer</td>");
echo("<td>Drucken</td>");
echo("<td>Cloud</td>");
echo("<td>Öffentliche Cloud</td>");
echo("<td>Alle Drucker abbrechen / freigeben</td>");
echo("<td>Benutzereinstellungen ändern</td>");
echo("<td>Administratoren erstellen</td>");
echo("<td>Log ansehen</td>");
echo("<td>APIkey ansehen</td>");
echo("<td>Druckschlüssel erstellen</td>");
echo("<td>Debug</td>");
echo("<td>Alle Dateien von Öffentlicher Cloud löschen</td>");
echo("<td>Aktualisieren</td>");
echo("<td>Benutzer löschen</td>");
echo("<td>Benutzer manuell verifizieren</td>");
echo("</tr>");
echo("</thead>");
echo("<tbody>");
echo("<tr>");
//how many users do we have?
$cnt=0;
if(isset($_GET["username"]))
$search=htmlspecialchars($_GET["username"]);
else
$search="user_not_found";
$sql="SELECT COUNT(*) FROM users WHERE username LIKE '%$search%'"; <script>
$stmt = mysqli_prepare($link, $sql); $(document).ready(function () {
mysqli_stmt_execute($stmt); function fetchUsers(username = '') {
// Store result $.get('/api/fetch_users.php', { username }, function (data) {
mysqli_stmt_store_result($stmt); $('#userTable tbody').html(data);
mysqli_stmt_bind_result($stmt, $cnt); });
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
//now we know how many users we have.
$last_id=0;
while($cnt!=0){
$tusername="";
$trole="";
$banned=0;
$tid=0;
$sql="select id,username,role,banned from users where id>$last_id AND username LIKE '%$search%' ORDER BY id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $tid,$tusername,$trole,$banned);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
echo("<tr><form action='manage_user.php?update_id=$tid&rid=".$_SESSION["rid"]."&username=$search' method='post'>");
echo("<td>$tusername</td>");
if($trole[0]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="print" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="print" ></td>');
if($trole[1]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="private_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="private_cloud" ></td>');
if($trole[2]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="public_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="public_cloud" ></td>');
if($trole[3]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="printer_ctrl_all" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="printer_ctrl_all" ></td>');
if($trole[4]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm" ></td>');
if($trole[5]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_admin" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_admin" ></td>');
if($trole[6]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_log" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_log" ></td>');
if($trole[7]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_apikey" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_apikey" ></td>');
if($trole[8]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_key" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_key" ></td>');
if($trole[9]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="debug" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="debug" ></td>');
if($trole[10]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud" ></td>');
echo('<td><input type="submit" class="btn btn-dark mb-5" value="Aktualisieren" id="button"></td>');
echo('<td><a href="manage_user.php?username='.$tusername.'&delete" class="btn btn-danger" >Benutzer löschen</a></td>');
if($banned==1)
echo('<td><a href="manage_user.php?username='.$tusername.'&verify" class="btn btn-success" >Benutzer verifizieren</a></td>');
else
echo('<td>Benutzer bereits verifiziert</td>');
echo("</form></tr>");
$last_id=$tid;
$cnt--;
} }
// echo("</tr>");
echo("</tbody>");
echo("</table>");
mysqli_close($link);
?>
</div>
</div>
</div>
<div id="footer"></div> $('#userSearchForm').on('submit', function (e) {
e.preventDefault();
const username = $(this).find('[name="username"]').val();
fetchUsers(username);
});
$(document).on('change', '.updateField', function () {
const field = $(this).data('field');
const userId = $(this).data('userid');
const value = $(this).is(':checkbox') ? ($(this).is(':checked') ? 1 : 0) : $(this).val();
$.post('/api/update_user.php', { userId, field, value }, function (response) {
console.log(response);
});
});
$(document).on('click', '.deleteUser', function () {
const userId = $(this).data('userid');
if (confirm('Sind Sie sicher, dass Sie diesen Benutzer löschen möchten?')) {
$.post('/api/delete_user.php', { userId }, function () {
fetchUsers();
});
}
});
$(document).on('click', '.verify_user', function () {
const userId = $(this).data('userid');
$.post('/api/verify_user.php', { userId }, function () {
fetchUsers();
});
});
fetchUsers(); // Initiale Benutzer laden
load_user();
});
</script>
</body> </body>
</html> </html>

296
sys0-code/app/manage_user.php.old Normal file
View File

@@ -0,0 +1,296 @@
<!DOCTYPE html>
<html>
<title>Manage user</title>
<?php
// Initialize the session
session_start();
require_once "../log/log.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3]!== "1"){
header("location: /login/login.php");
exit;
}
$_SESSION["rid"]++;
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php $color=$_SESSION["color"]; ?>
<?php echo("<body style='background-color:$color'> ");?>
<div id="content"></div>
<?php
function get_perm_string(){
$perm_str="";
if(isset($_POST["print"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["private_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["printer_ctrl_all"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["change_user_perm"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_admin"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_log"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_apikey"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_key"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["debug"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["delete_from_public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
return $perm_str;
}
function deleteDirectory($dir) {
if (!is_dir($dir)) {
return;
}
// Get list of files and directories inside the directory
$files = scandir($dir);
foreach ($files as $file) {
// Skip current and parent directory links
if ($file == '.' || $file == '..') {
continue;
}
$path = $dir . '/' . $file;
if (is_dir($path)) {
// Recursively delete sub-directory
deleteDirectory($path);
} else {
// Delete file
unlink($path);
}
}
// Delete the empty directory
rmdir($dir);
}
echo ("<script type='text/javascript' >load_user()</script>");
require_once "../config/config.php";
if(isset($_GET["update_id"]) && $_GET["rid"]==$_SESSION["rid"]-1){
$tid=$_GET["update_id"];
$perms=get_perm_string();
$sql="UPDATE users SET role = '$perms' WHERE id=$tid";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
if(isset($_GET['username']) && isset($_GET["delete"]))
{
$username_td=$_GET['username'];
$username_td=htmlspecialchars($username_td);
$sql="DELETE FROM users WHERE username = '$username_td';";
//echo($sql);
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
deleteDirectory("/var/www/html/user_files/$username_td/");
log_("Deleted $username_td","BAN:DELETION");
}
else if(isset($_GET["verify"]) && isset($_GET['username']))
{
$username_td=htmlspecialchars($_GET['username']);
$sql="UPDATE users SET banned = 0 WHERE username='$username_td'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
log_("Unanned $username_td","BAN:UNBAN");
}
//how many users do we have?
$cnt=0;
$sql="SELECT COUNT(*) FROM users";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
if(mysqli_stmt_fetch($stmt)){
}
} else{
echo "<div class='alert alert-danger' role='alert'>Oops! Something went wrong. Please try again later.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
?>
<div class="container" style="min-height:95vh; min-width:100%">
<div class="row">
<div class="col-mt-12" style="overflow-x:auto">
<div class="d-flex flex-column align-items-center">
<h4>Nach Benutzer suchen, um zu verwalten</h4>
<form action="manage_user.php" method="GET" >
<input type="text" class="form-control flex-grow-1 mr-2" name="username" placeholder="Benutzername eingeben" >
<button type="submit" class="btn btn-primary">Suchen</button>
</form>
</div>
<!-- list users and their permissions -->
<?php
echo("<table class='table' style='overflow-x: auto'>");
echo("<thead>");
echo("<tr>");
echo("<td>Nutzer</td>");
echo("<td>Drucken</td>");
echo("<td>Cloud</td>");
echo("<td>Öffentliche Cloud</td>");
echo("<td>Alle Drucker abbrechen / freigeben</td>");
echo("<td>Benutzereinstellungen ändern</td>");
echo("<td>Administratoren erstellen</td>");
echo("<td>Log ansehen</td>");
echo("<td>APIkey ansehen</td>");
echo("<td>Druckschlüssel erstellen</td>");
echo("<td>Debug</td>");
echo("<td>Alle Dateien von Öffentlicher Cloud löschen</td>");
echo("<td>Aktualisieren</td>");
echo("<td>Benutzer löschen</td>");
echo("<td>Benutzer manuell verifizieren</td>");
echo("</tr>");
echo("</thead>");
echo("<tbody>");
echo("<tr>");
//how many users do we have?
$cnt=0;
if(isset($_GET["username"]))
$search=htmlspecialchars($_GET["username"]);
else
$search="user_not_found";
$sql="SELECT COUNT(*) FROM users WHERE username LIKE '%$search%'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
//now we know how many users we have.
$last_id=0;
while($cnt!=0){
$tusername="";
$trole="";
$banned=0;
$tid=0;
$sql="select id,username,role,banned from users where id>$last_id AND username LIKE '%$search%' ORDER BY id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $tid,$tusername,$trole,$banned);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
echo("<tr><form action='manage_user.php?update_id=$tid&rid=".$_SESSION["rid"]."&username=$search' method='post'>");
echo("<td>$tusername</td>");
if($trole[0]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="print" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="print" ></td>');
if($trole[1]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="private_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="private_cloud" ></td>');
if($trole[2]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="public_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="public_cloud" ></td>');
if($trole[3]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="printer_ctrl_all" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="printer_ctrl_all" ></td>');
if($trole[4]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm" ></td>');
if($trole[5]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_admin" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_admin" ></td>');
if($trole[6]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_log" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_log" ></td>');
if($trole[7]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_apikey" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_apikey" ></td>');
if($trole[8]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_key" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_key" ></td>');
if($trole[9]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="debug" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="debug" ></td>');
if($trole[10]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud" ></td>');
echo('<td><input type="submit" class="btn btn-dark mb-5" value="Aktualisieren" id="button"></td>');
echo('<td><a href="manage_user.php?username='.$tusername.'&delete" class="btn btn-danger" >Benutzer löschen</a></td>');
if($banned==1)
echo('<td><a href="manage_user.php?username='.$tusername.'&verify" class="btn btn-success" >Benutzer verifizieren</a></td>');
else
echo('<td>Benutzer bereits verifiziert</td>');
echo("</form></tr>");
$last_id=$tid;
$cnt--;
}
// echo("</tr>");
echo("</tbody>");
echo("</table>");
mysqli_close($link);
?>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

35
sys0-code/app/overview.php
View File

@@ -26,6 +26,12 @@ function load_user()
$('#content').load("/assets/php/user_page.php"); $('#content').load("/assets/php/user_page.php");
}); });
} }
function update_cancel_modal(printer_id,rid){
const modal_=document.getElementById("cancel_modal");
const button=document.getElementById("send_cancel_command");
button.href="overview.php?cancel="+printer_id+"&rid="+rid;
document.getElementById("open_cancel_modal").click();
}
</script> </script>
<?php <?php
echo "<script type='text/javascript' >load_user()</script>"; echo "<script type='text/javascript' >load_user()</script>";
@@ -115,6 +121,11 @@ function load_user()
</head> </head>
<body> <body>
<div id="content"></div> <div id="content"></div>
<!-- placeholder button to be activated to open cancel modal -->
<button style="display:none" type="button" class="btn btn-primary" data-bs-toggle="modal" id="open_cancel_modal" data-bs-target="#cancel_modal">
Launch cancel modal
</button>
<div> <div>
<div class="row justify-content-center"> <div class="row justify-content-center">
<div style="width: 100%;min-height:95vh"> <div style="width: 100%;min-height:95vh">
@@ -349,7 +360,8 @@ function load_user()
echo("<tr><td>Vergangene Druckzeit</td><td>$print_time</td></tr>"); echo("<tr><td>Vergangene Druckzeit</td><td>$print_time</td></tr>");
echo("<tr><td>Datei</td><td><div class='hover-element'>".short_path($json["job"]["file"]["name"],10,10)."<div class='description'>".$json["job"]["file"]["name"]."</div></div></td></tr>"); echo("<tr><td>Datei</td><td><div class='hover-element'>".short_path($json["job"]["file"]["name"],10,10)."<div class='description'>".$json["job"]["file"]["name"]."</div></div></td></tr>");
if($userid==$_SESSION["id"] or $role[3]==="1"){ if($userid==$_SESSION["id"] or $role[3]==="1"){
echo("<tr><td><a class='btn btn-danger' href='overview.php?cancel=$printer_id&rid=".$_SESSION["rid"]."'>Abbrechen</a></td></tr>"); //echo("<tr><td><a class='btn btn-danger' data-toggle='modal' data-target='cancel_modal'>Abbrechen</a></td></tr>");
echo("<tr><td><button class='btn btn-danger' onclick='update_cancel_modal(\"$printer_id\",\"".$_SESSION["rid"]."\")'>Abbrechen</button></td></tr>");
} }
echo("</thead>"); echo("</thead>");
echo("</table>"); echo("</table>");
@@ -458,7 +470,7 @@ function load_user()
</div> </div>
<div class="modal-body"> <div class="modal-body">
<p>Hallo <?php echo(str_replace("."," ",str_replace("@kantiwattwil.ch","",$_SESSION["username"]))); ?> bitte wähle deine Klasse aus der Liste unten aus. <br> <p>Hallo <?php echo(str_replace("."," ",str_replace("@kantiwattwil.ch","",$_SESSION["username"]))); ?> bitte wähle deine Klasse aus der Liste unten aus. <br>
Wenn deine Klasse nicht in der Liste ist, bitte deine Lehrperson deine Klasse in den Einstellungen hinzuzufügen.</p> Wenn deine Klasse nicht in der Liste ist, bitte deine Lehrperson deine Klasse in den Einstellungen hinzuzufügen.</p>
<form action="overview.php?set_class" method="post"> <form action="overview.php?set_class" method="post">
<select name="class"> <select name="class">
<?php <?php
@@ -481,6 +493,25 @@ Wenn deine Klasse nicht in der Liste ist, bitte deine Lehrperson deine Klasse in
</form> </form>
</div> </div>
</div> </div>
<!-- cancel modal -->
<div class="modal fade" id="cancel_modal" tabindex="1" role="dialog" aria-labelledby="cancel_modal" aria-hidden="false">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title">Druck abbrechen</h5>
</div>
<div class="modal-body">
Möchtest du den Druck wirklich abbrechen? Dies kann nicht rückgängig gemacht werden!
</div>
<div class="modal-footer">
<button type="button" class="btn btn-primary" data-bs-dismiss="modal">nicht abbrechen</button>
<a type="button" id="send_cancel_command" href="#" class="btn btn-danger">Druck abbrechen</a>
</div>
</div>
</div>
</div>
<?php <?php
if($_SESSION["class_id"]==""){ if($_SESSION["class_id"]==""){
echo("<script>"); echo("<script>");

4
sys0-code/app/print.php
View File

@@ -466,6 +466,9 @@ function time_to_seconds($print_time) {
if ($reservation_conflict && !in_array($class,$for_class) && $class!=0) { if ($reservation_conflict && !in_array($class,$for_class) && $class!=0) {
echo "<center><div style='width:50%' class='alert alert-danger' role='alert'>Die Drucker sind zurzeit reserviert! Bitte versuche es später erneut!</div></center>"; echo "<center><div style='width:50%' class='alert alert-danger' role='alert'>Die Drucker sind zurzeit reserviert! Bitte versuche es später erneut!</div></center>";
$block=true; $block=true;
}else if($class==0){
$block=false;
echo "<center><div style='width:50%' class='alert alert-danger' role='alert'>Die Drucker sind zurzeit reserviert!<br>Als Lehrperson können Sie zwar jetzt trozdem drucken, sollten es aber nur tun, wenn Sie sicher sind, dass nicht gerade eine andere Lehrperson mit einer Klasse drucken will!</div></center>";
}else{ }else{
$block=false; $block=false;
} }
@@ -473,7 +476,6 @@ function time_to_seconds($print_time) {
?> ?>
<div class="container d-flex align-items-center justify-content-center" > <div class="container d-flex align-items-center justify-content-center" >
<form class="mt-5" enctype="multipart/form-data" method="POST" action=""> <form class="mt-5" enctype="multipart/form-data" method="POST" action="">
<?php if(!isset($_GET["cloudprint"])){ <?php if(!isset($_GET["cloudprint"])){
echo ('<div class="form-group">'); echo ('<div class="form-group">');