| 1 | <?PHP |
| 2 | include_once('../slack.php'); |
| 3 | include_once('security.php'); |
| 4 | if ($_COOKIE['level'] == 'user'){ |
| 5 | slack_general('ADMIN: Redirect User Home ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition'); |
| 6 | header('Location: user_home.php'); |
| 7 | } |
| 8 | if ($_COOKIE['level'] == 'manager'){ |
| 9 | slack_general('ADMIN: Redirect Manager Home ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition'); |
| 10 | header('Location: manager_home.php'); |
| 11 | } |
| 12 | include_once('header.php'); |
| 13 | if(isset($_POST['name']) && isset($_POST['email']) && isset($_POST['group_id']) ){ |
| 14 | $name = $petition->real_escape_string($_POST['name']); |
| 15 | $email = $petition->real_escape_string($_POST['email']); |
| 16 | $group_id = $petition->real_escape_string($_POST['group_id']); |
| 17 | $petition->query("insert into users (name,email,group_id,sec_level) values ('$name','$email','$group_id','manager') "); |
| 18 | } |
| 19 | |
| 20 | |
| 21 | slack_general('ADMIN: managers.php ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition'); |
| 22 | ?> |
| 23 | <h1>Groups</h1> |
| 24 | <?PHP |
| 25 | $q="SELECT * FROM groups order by name"; |
| 26 | $r = $petition->query($q); |
| 27 | while($d = mysqli_fetch_array($r)){ |
| 28 | echo "<li><a href='groups.php?edit=$d[id]'>EDIT</a> $d[name]</li>"; |
| 29 | } |
| 30 | ?> |
| 31 | <h1>Managers</h1> |
| 32 | <?PHP |
| 33 | $q="SELECT * FROM users where sec_level='manager' order by group_id"; |
| 34 | $r = $petition->query($q); |
| 35 | while($d = mysqli_fetch_array($r)){ |
| 36 | echo "<li><a href='managers.php?edit=$d[id]'>EDIT</a> $d[email] $d[name] ".id2group($d['group_id'])."</li>"; |
| 37 | } |
| 38 | ?> |
| 39 | <h1>New Manager</h1> |
| 40 | <form method='post'> |
| 41 | Name <input name='name' required> |
| 42 | E-Mail <input name='email' required> |
| 43 | Group: <select name='group_id' required> |
| 44 | <?PHP |
| 45 | $q="SELECT * FROM groups"; |
| 46 | $r = $petition->query($q); |
| 47 | while($d = mysqli_fetch_array($r)){ |
| 48 | echo "<option value='$d[id]'>$d[name]</option> |
| 49 | "; |
| 50 | } |
| 51 | ?> |
| 52 | </select> |
| 53 | <input type='submit'> |
| 54 | </form> |
| 55 | |
| 56 | <?PHP |
| 57 | include_once('footer.php'); |
| 58 | ?> |