[clinton/MarylandElectronicPetitionSignature.git] / admin / users.php

<?PHP 
include_once('../slack.php');
include_once('security.php');
if ($_COOKIE['level'] == 'user'){
  slack_general('ADMIN: Redirect User Home ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
  header('Location: user_home.php');
}
include_once('header.php');
slack_general('ADMIN: user manager Loaded ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
$group_id = $_COOKIE['group_id'];
if(isset($_POST['name']) && isset($_POST['email']) ){
  $name = $petition->real_escape_string($_POST['name']);
  $email = $petition->real_escape_string($_POST['email']);
  $petition->query("insert into users (name,email,group_id,sec_level) values ('$name','$email','$group_id','user') ");
}
?>

<h1>Managers</h1>
<?PHP
$q="SELECT * FROM users where sec_level='manager' and group_id = '$group_id'";
$r = $petition->query($q);
while($d = mysqli_fetch_array($r)){
 echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>"; 
}
?>
<h1>Users</h1>
<?PHP
$q="SELECT * FROM users where sec_level='users' and group_id = '$group_id'";
$r = $petition->query($q);
while($d = mysqli_fetch_array($r)){
 echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>"; 
}
?>
<h1>New User</h1>
<form method='post'>
  name <input name='name' required>
  email <input name='email' required>
  <input type='submit'>
</form>


<?PHP
include_once('footer.php');
?>
Commit	Line	Data
3f5a9c9d	1	<?PHP
4941dd3a	2	include_once('../slack.php');
3f5a9c9d	3	include_once('security.php');
4941dd3a PM	4	if ($_COOKIE['level'] == 'user'){
	5	slack_general('ADMIN: Redirect User Home ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
	6	header('Location: user_home.php');
	7	}
3f5a9c9d PM	8	include_once('header.php');
3f5a9c9d PM	9	slack_general('ADMIN: user manager Loaded ('.$_COOKIE['name'].') ('.$_COOKIE['level'].')','md-petition');
c003c201 PM	10	$group_id = $_COOKIE['group_id'];
	11	if(isset($_POST['name']) && isset($_POST['email']) ){
	12	$name = $petition->real_escape_string($_POST['name']);
	13	$email = $petition->real_escape_string($_POST['email']);
dc486d4c	14	$petition->query("insert into users (name,email,group_id,sec_level) values ('$name','$email','$group_id','user') ");
c003c201	15	}
3f5a9c9d PM	16	?>
3f5a9c9d PM	17
c003c201 PM	18	<h1>Managers</h1>
c003c201 PM	19	<?PHP
b568785c	20	$q="SELECT * FROM users where sec_level='manager' and group_id = '$group_id'";
c003c201 PM	21	$r = $petition->query($q);
	22	while($d = mysqli_fetch_array($r)){
	23	echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>";
	24	}
	25	?>
	26	<h1>Users</h1>
	27	<?PHP
b568785c	28	$q="SELECT * FROM users where sec_level='users' and group_id = '$group_id'";
c003c201 PM	29	$r = $petition->query($q);
	30	while($d = mysqli_fetch_array($r)){
	31	echo "<li>$d[id] $d[email] $d[name] $d[group_id] $d[sec_level]</li>";
	32	}
	33	?>
	34	<h1>New User</h1>
	35	<form method='post'>
	36	name <input name='name' required>
	37	email <input name='email' required>
	38	<input type='submit'>
	39	</form>
3f5a9c9d PM	40
	41
	42	<?PHP
	43	include_once('footer.php');
	44	?>