admin/users.php

   1 <?PHP
   2 include_once('../slack.php');
   3 include_once('security.php');
   4 if ($_COOKIE['level'] == 'user'){
   5   slack_general('ADMIN: Redirect User Home ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
   6   header('Location: user_home.php');
   7 }
   8 include_once('header.php');
   9 slack_general('ADMIN: user manager Loaded ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
  10 $group_id = $_COOKIE['group_id'];
  11 if(isset($_POST['name']) && isset($_POST['email']) ){
  12   $name = $petition->real_escape_string($_POST['name']);
  13   $email = $petition->real_escape_string($_POST['email']);
  14   $petition->query("insert into users (name,email,group_id,sec_level) values ('$name','$email','$group_id','user') ");
  15 }
  16 ?>
  17
  18 <h1>Managers</h1>
  19 <?PHP
  20 $q="SELECT * FROM users where level='manager' and group_id = '$group_id'";
  21 $r = $petition->query($q);
  22 while($d = mysqli_fetch_array($r)){
  23  echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>";
  24 }
  25 ?>
  26 <h1>Users</h1>
  27 <?PHP
  28 $q="SELECT * FROM users where level='users' and group_id = '$group_id'";
  29 $r = $petition->query($q);
  30 while($d = mysqli_fetch_array($r)){
  31  echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>";
  32 }
  33 ?>
  34 <h1>New User</h1>
  35 <form method='post'>
  36   name <input name='name' required>
  37   email <input name='email' required>
  38   <input type='submit'>
  39 </form>
  40
  41
  42 <?PHP
  43 include_once('footer.php');
  44 ?>