diff options
Diffstat (limited to 'www-ssl/admin')
-rwxr-xr-x | www-ssl/admin/userChangeSecure.php | 49 | ||||
-rwxr-xr-x | www-ssl/admin/userSaveSecure.php | 36 |
2 files changed, 66 insertions, 19 deletions
diff --git a/www-ssl/admin/userChangeSecure.php b/www-ssl/admin/userChangeSecure.php index bae26ad4..9da7bc75 100755 --- a/www-ssl/admin/userChangeSecure.php +++ b/www-ssl/admin/userChangeSecure.php @@ -16,12 +16,6 @@ if (IsSet($_GET["enterUID"])) "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel ". "bereits sein T-Shirt erhalten hat.<br><br>\n"; - echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n"; - echo "<table border=\"0\">\n"; - echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n"; - - // CVS-Rechte - echo " <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n"; $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'"; $Erg_CVS = mysql_query($SQL_CVS, $con); @@ -30,6 +24,25 @@ if (IsSet($_GET["enterUID"])) echo "Sorry, der Engel (UID=". $_GET["enterUID"]. ") wurde in der Liste nicht gefunden."; else { + // Rename if is an group + if( $_GET["enterUID"] < 0 ) { + $SQLname = "SELECT `Name` FROM `UserGroups` WHERE `UID`='". $_GET["enterUID"]. "'"; + $ErgName = mysql_query($SQLname, $con); + echo mysql_error($con); + + echo "<form action=\"./userSaveSecure.php?action=changeGroupName\" method=\"POST\">\n"; + echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n"; + echo "<input type=\"text\" name=\"GroupName\" value=\"". mysql_result($ErgName, 0, "Name"). "\">\n"; + echo "<input type=\"submit\" value=\"rename\">\n"; + echo "</form>"; + } + + echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n"; + echo "<table border=\"0\">\n"; + echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n"; + echo " <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n"; + + $CVS_Data = mysql_fetch_array($Erg_CVS); $CVS_Data_i = 1; foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) @@ -78,19 +91,19 @@ if (IsSet($_GET["enterUID"])) } //IF } //Foreach echo "</td></tr>\n"; - } // IF TYPE - - // Ende Formular - echo "</td></tr>\n"; - echo "</table>\n<br>\n"; - echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n"; - echo "<input type=\"submit\" value=\"sichern...\">\n"; - echo "</form>"; + + // Ende Formular + echo "</td></tr>\n"; + echo "</table>\n<br>\n"; + echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n"; + echo "<input type=\"submit\" value=\"sichern...\">\n"; + echo "</form>"; - echo "<form action=\"./userSaveSecure.php?action=delete\" method=\"POST\">\n"; - echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n"; - echo "<input type=\"submit\" value=\"löschen...\">\n"; - echo "</form>"; + echo "<br><form action=\"./userSaveSecure.php?action=delete\" method=\"POST\">\n"; + echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n"; + echo "<input type=\"submit\" value=\"löschen...\">\n"; + echo "</form>"; + } } include ("../../includes/footer.php"); diff --git a/www-ssl/admin/userSaveSecure.php b/www-ssl/admin/userSaveSecure.php index 6eadeddc..4a3c1eae 100755 --- a/www-ssl/admin/userSaveSecure.php +++ b/www-ssl/admin/userSaveSecure.php @@ -65,8 +65,23 @@ if ( ($Right=="Y") && IsSet($_GET["action"])) echo "<h1>Fehler: UserID (enterUID) wurde nicht per POST übergeben</h1>\n"; break; + case "changeGroupName": + if (IsSet($_POST["enterUID"]) && ($_POST["enterUID"]<0) ) + { + $SQL = "UPDATE `UserGroups` SET `Name`='". $_POST["GroupName"]. "' WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1 ;"; + $Erg = db_query($SQL, "Update Group Name"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } + else + echo "<h1>Fehler: UserID (enterUID) wurde nicht per POST übergeben</h1>\n"; + break; + case "delete": - if (IsSet($_POST["enterUID"])) + if (IsSet($_POST["enterUID"]) && ($_POST["enterUID"]>0) ) { echo "delate User..."; $SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; @@ -95,6 +110,25 @@ if ( ($Right=="Y") && IsSet($_GET["action"])) } else { echo "Fehler beim speichern...\n(". mysql_error($con). ")"; } + } elseif (IsSet($_POST["enterUID"]) && ($_POST["enterUID"]<0) ) { + echo "delate Group..."; + $SQL="DELETE FROM `UserGroups` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + $Erg = db_query($SQL, "Group delete"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + + echo "<br>\ndelate UserCVS..."; + $SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; + $Erg = db_query($SQL2, "User CVS delete"); + if ($Erg == 1) { + echo "Änderung wurde gesichert...\n"; + } else { + echo "Fehler beim speichern...\n(". mysql_error($con). ")"; + } + } break; } // end switch |