Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('include/session.php');
- if ($userlevel_session < 10) {
- header('Location: adgangforbudt.php');
- }
- function renderForm($username1 = '', $navn1 ='', $email1 = '', $password1 ='', $steam1 ='', $error = '', $id = '') {
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <meta name="description" content="">
- <meta name="author" content="">
- <title><?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?></title>
- <!-- Bootstrap Core CSS -->
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <!-- MetisMenu CSS -->
- <link href="vendor/metisMenu/metisMenu.min.css" rel="stylesheet">
- <!-- Custom CSS -->
- <link href="dist/css/sb-admin-2.css" rel="stylesheet">
- <!-- Custom Fonts -->
- <link href="vendor/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">
- <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
- <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
- <!--[if lt IE 9]>
- <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
- <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
- <![endif]-->
- </head>
- <body>
- <div id="wrapper">
- <?php include 'include/sidebar.php';?>
- <!-- Page Content -->
- <div id="page-wrapper">
- <div class="container-fluid">
- <div class="row">
- <div class="col-lg-12">
- <h1 class="page-header"><?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?></h1>
- </div>
- <div class="col-lg-6">
- <form role="form" method="post" action="">
- <?php
- if ($error != '') { echo "$error"; }
- ?>
- <div class="form-group">
- <label>Brugernavn:</label>
- <input class="form-control" name="username" value="<?php echo $username1; ?>">
- </div>
- <div class="form-group">
- <label>Navn:</label>
- <input class="form-control" name="navn" value="<?php echo $navn1; ?>">
- </div>
- <div class="form-group">
- <label>Email:</label>
- <input class="form-control" name="email" value="<?php echo $email1; ?>">
- </div>
- <div class="form-group">
- <label>Password:</label>
- <input class="form-control" name="password" placeholder="Password" type="password">
- </div>
- <div class="form-group">
- <label>Steam link:</label>
- <input class="form-control" name="steam" value="<?php echo $steam1; ?>">
- </div>
- <div class="form-group">
- <label>Administrator?</label>
- <label class="checkbox-inline">
- <input type="checkbox" value="10" name="admin">
- </label>
- </div>
- <input type="submit" name="submit" value="Tilføj/Update" class="btn btn-danger">
- </form>
- </div>
- <!-- /.col-lg-12 -->
- </div>
- <!-- /.row -->
- </div>
- <!-- /.container-fluid -->
- </div>
- <!-- /#page-wrapper -->
- </div>
- <!-- /#wrapper -->
- <?php }
- include_once('include/mysql_config.php');
- if (isset($_GET['id'])) {
- if (isset($_POST['submit'])) {
- if (is_numeric($_POST['id'])) {
- $id = $_POST['id'];
- $username = htmlentities($_POST['username']);
- $navn = htmlentities($_POST['navn']);
- $email = htmlentities($_POST['email']);
- $password = md5 ($_POST['password']);
- $admin = htmlentities($_POST['admin']);
- $steamlink = htmlentities($_POST['steam']);
- if ($username == '' || $email == '' || $password == '') {
- $error = "<div class='alert alert-danger alert-dismissable'>
- <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>
- FEJL! Alle felter skal udfyldes!.
- </div>";
- renderForm($username, $navn, $email, $password, $steamlink, $admin, $id);
- }
- $mysql_get_users = mysqli_query($dbconnect, "SELECT * FROM users where username='$username'");
- $get_rows = mysqli_affected_rows($dbconnect);
- if($get_rows >=1){
- $error = "<div class='alert alert-danger alert-dismissable'>
- <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>
- FEJL! Brugernavnet eksistere allerede!.
- </div>";
- renderForm($username, $navn, $email, $password, $steamlink, $admin, $id);
- } else {
- if ($stmt = $dbconnect->prepare("UPDATE users SET username = ?, navn = ?, email = ?, password = ?, userlevel = ?, steam = ? WHERE id=?")) {
- $stmt->bind_param("ssssisi", $username, $navn, $email, $password, $admin, $steamlink, $id);
- $stmt->execute();
- $stmt->close();
- } else {
- echo "ERROR: SQL statement";
- }
- header("Location: users.php");
- }
- } else {
- echo "ERROR";
- }
- } else {
- if (is_numeric($_GET['id']) && $_GET['id'] > 0) {
- $id = $_GET['id'];
- if ($stmt = $dbconnect->prepare("SELECT * FROM users WHERE id=?")) {
- $stmt->bind_param("i", $id);
- $stmt->execute();
- $result = $stmt->get_result();
- $num_of_rows = $result->num_rows;
- $row = $result->fetch_assoc();
- $id = $row['user_id'];
- $username = $row['username'];
- $email = $row['email'];
- $password = $row['password'];
- $navn = $row['navn'];
- $steamlink = $row['steam'];
- $admin = $row['userlevel'];
- renderForm($username, $navn, $email, NULL, $steamlink, NULL, $id);
- $stmt->free_result();
- $stmt->close();
- } else {
- echo "Du er grim!";
- }
- }else {
- header("Location: users.php");
- }
- }
- } else {
- if (isset($_POST['submit'])) {
- $username = htmlentities($_POST['username']);
- $navn = htmlentities($_POST['navn']);
- $email = htmlentities($_POST['email']);
- $password = md5 ($_POST['password']);
- $admin = htmlentities($_POST['admin']);
- $steamlink = htmlentities($_POST['steam']);
- if ($username == '' || $email == '' || $password == '') {
- $error = "<div class='alert alert-danger alert-dismissable'>
- <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>
- FEJL! Alle felter skal udfyldes!.
- </div>";
- renderForm($username, $navn, $email, $password, $steamlink, $admin, $id);
- }
- $mysql_get_users = mysqli_query($dbconnect, "SELECT * FROM users where username='$username'");
- $get_rows = mysqli_affected_rows($dbconnect);
- if($get_rows >=1){
- $error = "<div class='alert alert-danger alert-dismissable'>
- <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>
- FEJL! Brugernavnet eksistere allerede!.
- </div>";
- renderForm($username, $navn, $email, $password, $steamlink, $admin, $id);
- } else {
- if ($stmt = $dbconnect->prepare("INSERT INTO users (username, navn, email, password, userlevel, steam) VALUES (?,?,?,?,?,?) ")) {
- $stmt->bind_param("ssssis", $username, $navn, $email, $password, $admin, $steamlink);
- $stmt->execute();
- $stmt->close();
- } else {
- echo "ERROR: SQL statement";
- }
- header("Location: users.php");
- }
- } else {
- renderForm();
- }
- }
- $dbconnect->close();
- ?>
- <!-- jQuery -->
- <script src="vendor/jquery/jquery.min.js"></script>
- <!-- Bootstrap Core JavaScript -->
- <script src="vendor/bootstrap/js/bootstrap.min.js"></script>
- <!-- Metis Menu Plugin JavaScript -->
- <script src="vendor/metisMenu/metisMenu.min.js"></script>
- <!-- Custom Theme JavaScript -->
- <script src="dist/js/sb-admin-2.js"></script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement