mirror of
https://github.com/Fluffy-Bean/image-gallery.git
synced 2025-06-21 17:26:18 +00:00
In progress admin page
This commit is contained in:
parent
67dedc60cc
commit
e28157de3c
13 changed files with 364 additions and 37 deletions
|
|
@ -420,3 +420,60 @@ if (isset($_POST['submit_signup'])) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
|-------------------------------------------------------------
|
||||
| Toggle Admin
|
||||
|-------------------------------------------------------------
|
||||
| Please save me
|
||||
|-------------------------------------------------------------
|
||||
*/
|
||||
if (isset($_POST['toggle_admin'])) {
|
||||
$is_admin = mysqli_query($conn, "SELECT * FROM users WHERE id = " . $_POST['id'] . " ORDER BY id DESC LIMIT 1");
|
||||
|
||||
while ($user_info = mysqli_fetch_assoc($is_admin)) {
|
||||
$admin_status = $user_info['admin'];
|
||||
$username = $user_info['username'];
|
||||
}
|
||||
|
||||
$sql = "UPDATE users SET admin = ? WHERE id = ?";
|
||||
|
||||
if ($stmt = mysqli_prepare($conn, $sql)) {
|
||||
// Bind variables to the prepared statement as parameters
|
||||
mysqli_stmt_bind_param($stmt, "ii", $param_admin_status, $param_user_id);
|
||||
|
||||
// Set parameters
|
||||
if ($admin_status) {
|
||||
$param_admin_status = 0;
|
||||
$admin_update_message = "removed from the admins list";
|
||||
} elseif (!$admin_status) {
|
||||
$param_admin_status = 1;
|
||||
$admin_update_message = "added to the admins list";
|
||||
}
|
||||
$param_user_id = $_POST['id'];
|
||||
|
||||
// Attempt to execute the prepared statement
|
||||
if (mysqli_stmt_execute($stmt)) {
|
||||
?>
|
||||
<script>
|
||||
sniffleAdd('Bap!', '<?php echo $username; ?> has been <?php echo $admin_update_message; ?>!', 'var(--green)', 'assets/icons/check.svg');
|
||||
flyoutClose();
|
||||
</script>
|
||||
<?php
|
||||
} else {
|
||||
?>
|
||||
<script>
|
||||
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', 'assets/icons/cross.svg');
|
||||
flyoutClose();
|
||||
</script>
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<script>
|
||||
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', 'assets/icons/cross.svg');
|
||||
flyoutClose();
|
||||
</script>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
11
app/app.php
11
app/app.php
|
|
@ -76,9 +76,16 @@ class Account {
|
|||
Returns True if user is privilaged
|
||||
Returns False if user is NOT privilaged
|
||||
*/
|
||||
function is_admin($id) {
|
||||
function is_admin($conn, $id) {
|
||||
if (isset($id) || !empty($id)) {
|
||||
if ($id == 1) {
|
||||
// Setting SQL query
|
||||
$sql = "SELECT * FROM users WHERE id = ".$id;
|
||||
// Getting results
|
||||
$query = mysqli_query($conn, $sql);
|
||||
// Fetching associated info
|
||||
$user_array = mysqli_fetch_assoc($query);
|
||||
|
||||
if ($user_array['admin'] || $id == 1) {
|
||||
return True;
|
||||
} else {
|
||||
return False;
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ if (isset($_POST['submit_delete'])) {
|
|||
$image_array = $image_info->get_image_info($conn, $_POST['id']);
|
||||
|
||||
// If user owns image or has the ID of 1
|
||||
if ($image_info->image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
|
||||
if ($image_info->image_privilage($image_array['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
|
||||
// Delete from table
|
||||
$sql = "DELETE FROM images WHERE id = ?";
|
||||
if ($stmt = mysqli_prepare($conn, $sql)) {
|
||||
|
|
@ -101,7 +101,7 @@ if (isset($_POST['submit_description'])) {
|
|||
// Get all image info
|
||||
$image_array = $image_info->get_image_info($conn, $_POST['id']);
|
||||
// If user owns image or has the ID of 1
|
||||
if ($image_info->image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
|
||||
if ($image_info->image_privilage($image_array['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
|
||||
// getting ready forSQL asky asky
|
||||
$sql = "UPDATE images SET alt=? WHERE id=?";
|
||||
|
||||
|
|
@ -159,7 +159,7 @@ if (isset($_POST['submit_tags'])) {
|
|||
// Get all image info
|
||||
$image_array = $image_info->get_image_info($conn, $_POST['id']);
|
||||
// If user owns image or has the ID of 1
|
||||
if ($image_info->image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
|
||||
if ($image_info->image_privilage($image_array['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
|
||||
// Clean input
|
||||
$tags_string = $make_stuff->tags(trim($_POST['input']));
|
||||
|
||||
|
|
@ -218,7 +218,7 @@ if (isset($_POST['submit_tags'])) {
|
|||
*/
|
||||
if (isset($_POST['submit_author'])) {
|
||||
// If user has the ID of 1
|
||||
if ($user_info->is_admin($_SESSION['id'])) {
|
||||
if ($user_info->is_admin($conn, $_SESSION['id'])) {
|
||||
// getting ready forSQL asky asky
|
||||
$sql = "UPDATE images SET author=? WHERE id=?";
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue