alex le bg

1. <?php
2.  
3.  
4. ob_start();
5. require_once '../includes/db.php';
6. require_once '../includes/init.php';
7. if (!($user -> LoggedIn()))
8. {
9. header('location: ../login.php');
10. die();
11. }
12. if (!($user->isAdmin($odb)))
13. {
14. header('unset.php');
15. die();
16. }
17. if (!($user -> notBanned($odb)))
18. {
19. header('location: ../login.php');
20. die();
21. }
22.  
23. $id = $_GET['id'];
24. $SQLGetInfo = $odb -> prepare("SELECT * FROM `users` WHERE `ID` = :id LIMIT 1");
25. $SQLGetInfo -> execute(array(':id' => $_GET['id']));
26. $userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
27. $username = htmlentities($userInfo['username']);
28. $password = htmlentities($userInfo['password']);
29. $email = htmlentities($userInfo['email']);
30. $rank = htmlentities($userInfo['rank']);
31. $membership = htmlentities($userInfo['membership']);
32. $currentPage = "admin_edof";
33. $pageon = "Éditer les offres";
34. $status = htmlentities($userInfo['status']);
35. $plansql = $odb -> prepare("SELECT `users`.*,`plans`.`name`, `plans`.`mbt`,`plans`.`max_boots` AS `pboots` FROM `users`, `plans` WHERE `plans`.`ID` = `users`.`membership` AND `users`.`ID` = :id LIMIT 1");
36. $plansql -> execute(array(":id" => $_SESSION['ID']));
37. $userInfo = $plansql -> fetch(PDO::FETCH_ASSOC);
38. ?>
39. <!DOCTYPE html>
40. <html lang="en">
41. <head><meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
42.  
43. <meta name="viewport" content="width=device-width, initial-scale=1.0">
44. <title><?php echo $bootername; ?><?php echo $pageon ?></title>
45.  
46. <link rel="icon" sizes="192x192" href="../img/touch-icon.png" />
47. <link rel="apple-touch-icon" href="../img/touch-icon-iphone.png" />
48. <link rel="apple-touch-icon" sizes="76x76" href="../img/touch-icon-ipad.png" />
49. <link rel="apple-touch-icon" sizes="120x120" href="../img/touch-icon-iphone-retina.png" />
50. <link rel="apple-touch-icon" sizes="152x152" href="../img/touch-icon-ipad-retina.png" />
51.  
52. <link rel="shortcut icon" type="image/x-icon" href="../img/favicon.ico" />
53.  
54. <link rel="stylesheet" type="text/css" href="../css/bootstrap.min.css">
55. <link rel="stylesheet" type="text/css" href="../css/main.min.css">
56. </head>
57. <body>
58. <header class="top-bar">
59. <?php include "../includes/template/header.php"; ?>
60. </header> <!-- /top-bar -->
61.  
62.  
63. <div class="wrapper">
64.  
65. <aside class="sidebar">
66. <?php include "../includes/template/sidebar.php"; ?>
67. </aside> <!-- /sidebar -->
68.  
69. <section class="content">
70. <header class="main-header">
71. <div class="main-header__nav">
72. <h1 class="main-header__title">
73. <i class="pe-7f-wallet"></i>
74. <span> <?php echo $pageon ?></span>
75. </h1>
76. <ul class="main-header__breadcrumb">
77. <li><a href="#" onclick="return false;"><?php include '../includes/name.php'; ?></a></li>
78. <li><a href="#" onclick="return false;"><?php echo $pageon ?></a></li>
79.  
80. </ul>
81. </div>
82.  
83. <div class="main-header__date">
84. <input type="radio" id="radio_date_1" name="tab-radio" value="today" checked><!--
85. --><input type="radio" id="radio_date_2" name="tab-radio" value="yesterday"><!--
86. --><button>
87. <i class="pe-7f-date"></i>
88. <span><?php echo date('d-m-Y' ,$userInfo['expire']); ?></span>
89. </button>
90. </div>
91. </header>
92.  
93. <!-- /main-header -->
94. <!-- /row -->
95. <?php
96. if (isset($_POST['rBtn']))
97. {
98. $sql = $odb -> prepare("DELETE FROM `users` WHERE `ID` = :id");
99. $sql -> execute(array(':id' => $id));
100. header('location: users.php');
101. }
102. if (isset($_POST['updateBtn']))
103. {
104. $update = false;
105. if ($username!= $_POST['username'])
106. {
107. if (ctype_alnum($_POST['username']) && strlen($_POST['username']) >= 4 && strlen($_POST['username']) <= 26)
108. {
109. $SQL = $odb -> prepare("UPDATE `users` SET `username` = :username WHERE `ID` = :id");
110. $SQL -> execute(array(':username' => $_POST['username'], ':id' => $id));
111. $update = true;
112. $username = $_POST['username'];
113. }
114. else
115. {
116. echo '<div class="g_12"><div class="alert alert-danger">Le pseudo doit être de 4 à 26 caractères</div></div>';
117. }
118. }
119. if (!empty($_POST['password']))
120. {
121. $SQL = $odb -> prepare("UPDATE `users` SET `password` = :password WHERE `ID` = :id");
122. $SQL -> execute(array(':password' => SHA1($_POST['password']), ':id' => $id));
123. $update = true;
124. $password = SHA1($_POST['password']);
125. }
126. if ($email != $_POST['email'])
127. {
128. if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
129. {
130. $SQL = $odb -> prepare("UPDATE `users` SET `email` = :email WHERE `ID` = :id");
131. $SQL -> execute(array(':email' => $_POST['email'], ':id' => $id));
132. $update = true;
133. $email = $_POST['email'];
134. }
135. else
136. {
137. echo '<div class="g_12"><div class="alert alert-danger">Cette adresse est invalide</div></div>';
138. }
139. }
140. if ($rank != $_POST['rank'])
141. {
142. $rank = $_POST['rank']
143. $alex = $odb->prepare("UPDATE users SET rank = ? WHERE id = ?");
144. $alex->execute(array($rank, $id));
145. $update = true;
146. }
147. if ($membership != $_POST['plan'])
148. {
149. if ($_POST['plan'] == 0)
150. {
151. $SQL = $odb -> prepare("UPDATE `users` SET `expire` = '0', `membership` = '0' WHERE `ID` = :id");
152. $SQL -> execute(array(':id' => $id));
153. $update = true;
154. $membership = $_POST['plan'];
155. }
156. else
157. {
158. $getPlanInfo = $odb -> prepare("SELECT `unit`,`length` FROM `plans` WHERE `ID` = :plan");
159. $getPlanInfo -> execute(array(':plan' => $_POST['plan']));
160. $plan = $getPlanInfo -> fetch(PDO::FETCH_ASSOC);
161. $unit = $plan['unit'];
162. $length = $plan['length'];
163. $newExpire = strtotime("+{$length} {$unit}");
164. $updateSQL = $odb -> prepare("UPDATE `users` SET `expire` = :expire, `membership` = :plan WHERE `id` = :id");
165. $updateSQL -> execute(array(':expire' => $newExpire, ':plan' => $_POST['plan'], ':id' => $id));
166. $update = true;
167. $membership = $_POST['plan'];
168. }
169. }
170.  
171. if ($status != $_POST['status'])
172. {
173. $SQL = $odb -> prepare("UPDATE `users` SET `status` = :status WHERE `ID` = :id");
174. $SQL -> execute(array(':status' => $_POST['status'], ':id' => $id));
175. $update = true;
176. $status = $_POST['status'];
177. }
178. if ($update == true)
179. {
180. echo '<div class="g_12"><div class="alert alert-success">SUCCES: Utilisateur mis à jour</div></div>';
181. }
182. else
183. {
184. echo '<div class="g_12"><div class="alert alert-success">ERREUR: </div></div>';
185. }
186. }
187. ?>
188.  
189. <div class="row">
190. <form action="" method="POST">
191. <div class="col-md-12">
192. <article class="widget widget__form">
193. <header class="widget__header">
194. <div class="widget__title">
195. <i class="pe-7s-menu"></i><h3><?php echo $pageon ?></h3>
196. </div>
197. <div class="widget__config">
198. <a href="#"><i class="pe-7f-refresh"></i></a>
199. <a href="#"><i class="pe-7s-close"></i></a>
200. </div>
201. </header>
202.  
203. <div class="widget__content">
204. <input placeholder="Username" name="username" maxlength="15" value="<?php echo $username;?>" type="text"/>
205. <input placeholder="Password" name="password" type="text"/>
206. <input placeholder="Email" name="email" type="text" value="<?php echo htmlentities($email);?>"/>
207. <select name="rank" style='color:#000;' class="btn btn-block gray dropdown-toggle">
208. <?php
209. function selectedR($check, $rank)
210. {
211. if ($check == $rank)
212. {
213. return 'selected="selected"';
214. }
215. }
216. ?>
217. <option value="0" <?php echo selectedR(0, $rank); ?> >User</option>
218. <option value="1" <?php echo selectedR(1, $rank); ?> >Admin</option>
219. </select>
220. <select name="plan" style='color:#000;' class="btn btn-block gray dropdown-toggle">
221. <option value="0">No Membership</option>
222. <?php
223. $SQLGetMembership = $odb -> query("SELECT * FROM `plans` ORDER BY `price` ASC");
224. while($memberships = $SQLGetMembership -> fetch(PDO::FETCH_ASSOC))
225. {
226. $mi = $memberships['ID'];
227. $mn = $memberships['name'];
228. $selectedM = ($mi == $membership) ? 'selected="selected"' : '';
229. echo '<option value="'.$mi.'" '.$selectedM.'>'.$mn.'</option>';
230. }
231. ?>
232.  
233.  
234. </select>
235. <select class="btn btn-block gray dropdown-toggle" style='color:#000;' name="status">
236. <?php
237. function selectedS($check, $rank)
238. {
239. if ($check == $rank)
240. {
241. return 'selected="selected"';
242. }
243. }
244. ?>
245. <option value="0" <?php echo selectedS(0, $status); ?>>Actif</option>
246. <option value="1" <?php echo selectedS(1, $status); ?>>Banni</option>
247. </select>
248.  
249.  
250.  
251. <button type="submit" name="updateBtn">Mettre à jour</button>
252. <button type="submit" name="rBtn">Supprimer</button>
253.  
254. </div>
255. </div>
256.  
257.  
258.  
259. </article><!-- /widget -->
260. </div>
261.  
262. </section> <!-- /content -->
263.  
264. </div>
265.  
266.  
267.  
268. <script type="text/javascript" src="../js/main.js"></script>
269. <script type="text/javascript" src="../js/amcharts/amcharts.js"></script>
270. <script type="text/javascript" src="../js/amcharts/serial.js"></script>
271. <script type="text/javascript" src="../js/amcharts/pie.js"></script>
272. <script type="text/javascript" src="../js/chart.js"></script>
273. </body>
274. </html>