header('Location: manager_home.php');
}
include_once('header.php');
-if(isset($_POST['name']) && isset($_POST['email']) ){
+if(isset($_POST['name']) && isset($_POST['email']) && isset($_POST['group_id']) ){
$name = $petition->real_escape_string($_POST['name']);
$email = $petition->real_escape_string($_POST['email']);
- $petition->query("insert into users (email,name,group_id,sec_level) values () ");
+ $group_id = $petition->real_escape_string($_POST['group_id']);
+ $petition->query("insert into users (name,email,group_id,sec_level) values ('$name','$email','$group_id','manager') ");
}
slack_general('ADMIN: managers.php ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
?>
-
-<h1>Managers</h1>
+<h1>Groups</h1>
<?PHP
-$q="SELECT * FROM users where level='manager'";
+$q="SELECT * FROM groups order by name";
$r = $petition->query($q);
while($d = mysqli_fetch_array($r)){
- echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>";
+ echo "<li><a href='groups.php?edit=$d[id]'>EDIT</a> $d[name]</li>";
}
?>
-<h1>Groups</h1>
+<h1>Managers</h1>
<?PHP
-$q="SELECT * FROM groups";
+$q="SELECT * FROM users where sec_level='manager' order by group_id";
$r = $petition->query($q);
while($d = mysqli_fetch_array($r)){
- echo "<li>$d[id] $d[name]</li>";
+ echo "<li><a href='managers.php?edit=$d[id]'>EDIT</a> $d[email] $d[name] ".id2group($d['group_id'])."</li>";
}
?>
<h1>New Manager</h1>
<form method='post'>
- name <input name='name'>
- email <input name='email'>
- group_id <input name='group_id'>
+ Name <input name='name' required>
+ E-Mail <input name='email' required>
+ Group: <select name='group_id' required>
+ <?PHP
+$q="SELECT * FROM groups";
+$r = $petition->query($q);
+while($d = mysqli_fetch_array($r)){
+ echo "<option value='$d[id]'>$d[name]</option>
+ ";
+}
+?>
+ </select>
<input type='submit'>
</form>