Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function adminModules() {
- //protect module from users not logged in
- protect2();
- // variables for query below
- // gets username of user logged in...
- $username = $_SESSION['username'];
- // sets $author to username that is logged in
- $author = $username;
- // gets current date
- $current_date = date('F d, Y');
- // setup query to get get users admin level
- $getAdminLevel = dbConnect()->prepare("SELECT level FROM users WHERE username = :username");
- // sets :username parameter to the $_SESSION username!
- $getAdminLevel->bindParam(':username', $username);
- // Execute the query
- $getAdminLevel->execute();
- // define admin level of user logged in (fetchs level column from user that is logged in & sets it as $adminLevel)
- $adminLevel = $getAdminLevel->fetchColumn();
- // if user is not an admin, exit!
- if ($adminLevel == 0) {
- exit();
- // closes if($adminLevel == 0) statement
- // if user is not level 0 and is admin level, continue...
- } else {
- // display module for admin to create post (level 1 module)
- echo '
- <div class="container-fluid">
- <div class="row">
- <!-- stops echo that inserts div.container-fluid && div.row -->
- ';
- // if admin level == 1 : put in one lg-col-12 row
- // if admin level == 2 : put in two lg-col-6 row
- // if admin level == 3 : put in three lg-col-4 row
- // if user is level 1 admin : put in one lg-col-12 in row
- if($adminLevel == 1) {
- echo '
- <div class="col-lg-12">
- <!-- closes echo tag that inserts div.col-lg-12 into div.row -->
- ';
- // closes if($adminLevel == 1) statement
- }
- // if user is level 2 admin : make col-lg-6
- if($adminLevel == 2) {
- echo '
- <div class="col-lg-6">
- <!-- closes echo tag that inserts div.col-lg-6 into div.row -->
- ';
- // closes if($adminLevel == 2) statement
- }
- // if user is level 3 admin : make col-lg-4
- if($adminLevel == 3) {
- echo '
- <div class="col-lg-4">
- <!-- closes echo tag that inserts div.col-lg-4 into div.row -->
- ';
- // closes if($adminLevel == 3) statement
- }
- ///////////////////////
- // start lines here //
- // //
- // //
- // //
- // start lines here //
- /////////////////////
- echo '
- <!-- heading here -->
- <h3>Admin Level 1 panel</h3>
- <p>Use this module to create new posts</p>
- <!-- button for minimizing function -->
- <button class="btn btn-default hideshow">show/hide</button>
- <div class="content">
- <form method="post" enctype="multipart/form-data" class="admin_module">
- <input class="input2" type="text" name="title" placeholder="Headline" required /><br />
- <input class="input2" type="text" name="date" value="' .$current_date. '" readonly /><br />
- <input class="input2" type="text" name="author" value="' .$author. '" readonly /><br />
- <div class="input2">
- <p>Select image to upload:</p>
- <input style="padding:3px;" type="file" name="image" id="image" />
- <!-- closes div.input2 for upload image "input"-->
- </div>
- <textarea class="ta-summary input2" type="text" name="summary" placeholder="Summary" required></textarea><br />
- <button class="btn btn-default input2" type="submit" name="submit">Submit Post</button>
- <!-- closes form -->
- </form>
- <!-- closes echo that contains heading and form for level 1 module -->
- ';
- // checks to make sure image is valid && checks form for error(s)
- include 'includes/uploadPost.php';
- echo '
- <!-- closes div.content -->
- </div>
- <!-- closes div.col-lg-? -->
- </div>
- <!-- closes echo that contains closing tags for div.col-lg-? && div.content -->
- ';
- /*
- THAT IS ALL FOR ADMIN LEVEL 1 PANEL
- */
- // if user is level 2 or greater...
- if($adminLevel > 1) {
- // if user is level 2 : use col-lg-6
- // if user is level 3 : use col-lg-4
- // if user is level 2
- if($adminLevel == 2) {
- // use col-lg-6
- echo '
- <div class="col-lg-6">
- ';
- // closing tag for if($adminLevel == 2) statement
- }
- // if user is level 3
- if($adminLevel == 3) {
- // use col-lg-4
- echo '
- <div class="col-lg-4">
- ';
- // closing tag for if($adminLevel == 3) statement
- }
- // start query to fetch all users that are not admins!
- $fetchNonAdmins = dbConnect()->prepare("SELECT * FROM users WHERE level < 1");
- // execute the query
- $fetchNonAdmins->execute();
- // select all columns from query
- $nonAdmins = $fetchNonAdmins->fetchAll();
- // echo users that aren't admins...
- echo '
- <!-- heading here -->
- <h3>Admin Level 2 Panel</h3>
- <p>Use this module to adjust regular user levels</p>
- <!-- button for minimize action in js.js -->
- <button class="btn btn-default hideshow2">show/hide</button>
- <div class="content2">
- <div class="admin_module">
- <table class="nonAdmins" border="1">
- <tr>
- <!-- header on the table to show which column is which -->
- <td class="table_header">ID</td>
- <td class="table_header">Username</td>
- <td class="table_header">Level 1</td>
- <td class="table_header">Level 2</td>
- <!-- 1st closing tag for tr -->
- </tr>
- ';
- // start to fetch users that are not admins
- foreach($nonAdmins as $row) {
- // display content of table below (each users id, username, etc...)
- echo '
- <tr>
- <!-- displays each users id from database -->
- <td class="table_content">' .$row['id']. '</td>
- <!-- displays each users username from database -->
- <td class="table_content">' .$row['username']. '</td>
- <td class="table_content">
- <!-- displays button where it will change X user to level 1 admin level -->
- <form method="post" class="table_content_form">
- <button class="btn btn-default" type="submit" name="changeLevel">Change to level 1</button>
- <input type="hidden" name="user_id" value="' .$row['id']. '" />
- <input type="hidden" name="user_level" value="1" />
- <!-- closing tag to form where it will displays button to update users level to "1" -->
- </form>
- <!-- closing tag to td that inserts form where button is displayed to update users to level 1 -->
- </td>
- <td class="table_content">
- <form method="post" class="table_content_form">
- <button class="btn btn-default" type="submit" name="changeLevel">Change to level 2</button>
- <input type="hidden" name="user_id" value="' .$row['id']. '" />
- <input type="hidden" name="user_level" value="2" />
- <!-- closing tag to form -->
- </form>
- <!-- closing tag to td that contains button to change user level to 2 -->
- </td>
- </tr>
- <!-- closing tag for echo that displays details of each user that is not an admin -->
- ';
- // closing tag for foreach($nonAdmins as $row) statement
- }
- echo '
- <!-- closing tag for table -->
- </table>
- <!-- closing tag for echo that inserts closing tag for table -->
- ';
- // if user hits a change level 1/2 button
- if(isset($_POST['changeLevel'])) {
- // set variables for query below
- $userid = $_POST['user_id'];
- $newLevel = $_POST['user_level'];
- // update users new level in database
- $updateLevel = dbConnect()->prepare("UPDATE users SET level = :level WHERE id = :id");
- // bind some parameters
- $updateLevel->bindParam(':level', $newLevel);
- $updateLevel->bindParam(':id', $userid);
- // execute query
- $updateLevel->execute();
- // echo success messsage & redirect??
- echo '<p class="success">user with ID#' .$userid. ' has been updated to level ' .$newLevel. '! <a href="index.php">refresh</a> to update table(s)...</p>';
- // closing tag for if(isset($_POST['changeLevel'])) statement
- }
- echo '
- <!-- closing tag for div.admin_module -->
- </div>
- <!-- closing tag for div.content2 -->
- </div>
- <!-- closing tag for col-lg-> -->
- </div>
- <!-- closing tag for echo to insert closing tag for col-lg-? -->
- ';
- // closing tag for if($adminLevel > 1) statement
- }
- /* DONE WITH ADMIN LEVEL 2 PANEL HERE */
- /* DONE WITH ADMIN LEVEL 2 PANEL HERE */
- /* DONE WITH ADMIN LEVEL 2 PANEL HERE */
- // if users level is greater then 2
- if($adminLevel > 2) {
- echo '
- <div class="col-lg-4">
- <!-- heading here-->
- <h3>Admin Level 3 Panel</h3>
- <p>Use this module to demote admins that are at least level 2</p>
- <!-- button to minimize module -->
- <button class="btn btn-default hideshow3">show/hide</button>
- <div class="content3">
- <div class="admin_module">
- <!-- content here -->
- ';
- // setup query to get users that are level 2
- $getLevel2Admins = dbConnect()->prepare("SELECT * FROM users WHERE LEVEL = 2");
- $getLevel2Admins->execute();
- $levelTwoAdmins = $getLevel2Admins->fetchAll();
- // content below this line!!
- echo '
- <!-- this shows the top "titles" for the table -->
- <table class="nonAdmins" border="1">
- <tr>
- <td class="table_header">ID</td>
- <td class="table_header">Username</td>
- <td class="table_header">Level 1</td>
- <td class="table_header">Level 0</td>
- <!-- closes tr tag -->
- </tr>
- <!-- closes echo tag -->
- ';
- // for each level 2 user as $row2 variable
- foreach($levelTwoAdmins as $row2) {
- echo '
- <tr>
- <!-- display each users id next to their name from database -->
- <td class="table_content">' .$row2['id']. '</td>
- <!-- display each users username -->
- <td class="table_content">' .$row2['username']. '</td>
- <td class="table_content">
- <form method="post" class="table_content_form">
- <!-- button that demotes selected users level down to 1 -->
- <button class="btn btn-default" type="submit" name="demoteLevel">Demote to level 1</button>
- <input type="hidden" name="user_id2" value="' .$row2['id']. '" />
- <input type="hidden" name="user_level2" value="1" />
- <!-- closes form -->
- </form>
- <!-- closing tag for td -->
- </td>
- <td class="table_content">
- <form method="post" class="table_content_form">
- <!-- button that demotes selected user to level 0 -->
- <button class="btn btn-default" type="submit" name="demoteLevel">Demote to level 0</button>
- <input type="hidden" name="user_id2" value=" '.$row2['id'].' " />
- <input type="hidden" name="user_level2" value="0" />
- <!-- closes form -->
- </form>
- <!-- closing td tag -->
- </td>
- <!-- closes tr tag that contains details of each user that is level 2 -->
- </tr>
- <!-- closes echo tag -->
- ';
- // closes foreach($levelTwoAdmins as $row2) statement
- }
- // if user hits demote level button
- if(isset($_POST['demoteLevel'])) {
- // set variables
- $userid2 = $_POST['user_id2'];
- $newLevel2 = $_POST['user_level2'];
- // setup query to update user in that row to level accordingly
- $demoteLevel = dbConnect()->prepare("UPDATE users SET level = :level2 WHERE id = :id2");
- // bind parameters
- $demoteLevel->bindParam(':id2', $userid2);
- $demoteLevel->bindParam(':level2', $newLevel2);
- // execute query
- $demoteLevel->execute();
- // echo success message and redirect...
- echo '<p class="success">user with ID#' .$userid2. ' has been demoted to level ' .$newLevel2. '! <a href="index.php">Refresh</a> to update table...</p>';
- // closing tag for if(isset($_POST['demoteLevel'])) statement
- }
- echo '
- <!-- closes table -->
- </table>
- <!-- closes echo tag that contains content!! -->
- ';
- echo '
- <!-- closes div.admin_module -->
- </div>
- <!-- closes div.content3 -->
- </div>
- <!-- closes div.col-lg-4 -->
- </div>
- <!-- closing tag for echo that displays admin level 3 panel -->
- ';
- // closing bracket for if($adminLevel > 2) statement
- }
- echo '
- <!-- closes div.row -->
- </div>
- <!-- closes div.container-fluid -->
- </div>
- <!-- closes echo tag that closes div.row && div.container-fluid -->
- ';
- // closes else tag directly below if($adminLevel == 0) statement
- // that determines what to do if user IS ADMIN!
- }
- // closes adminModule function
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement