malango
/
LRR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Admin.php: fix a bug that prevents Lecturer from blocking/activating a TA

Bug460-Malango
Lan Hui 2023-08-20 22:03:33 +08:00
parent 48cff9c8d9
commit aed70f3056
3 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Admin.php
View File

@ -71,8 +71,8 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
<input type="text" name="fullname" placeholder="Full Name" class="form-control" required=""> <br>
Email
<input type="text" name="email" placeholder="Email / Student Number" class="form-control" required=""> <br>
Passport number/ID (used as the initial password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required=""> <br>
Passport No. (used as the initial password)
<input type="text" class="form-control" name="passport" placeholder="Passport No" required=""> <br>
User type:
<?php
if ($_SESSION['user_type'] == "Lecturer") {
@ -131,7 +131,7 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Passport_Number'];
$btn = "<button class='btn btn-warning' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
$btn = "<button class='btn btn-warning' onclick=\"updatePassword(" . $row['User_ID'] . ",'$pass')\">Reset</button>";
if ($row['Status'] == "Active") {
$newstatus = "Blocked";
$btnBlock = "<button class='btn btn-danger' onclick=\"blockUser(" . $row['User_ID'] . ",'$newstatus')\" id=\"block_account_1\">Block</button>";
@ -224,7 +224,7 @@ if ($_SESSION['user_type'] != "Lecturer" && $_SESSION['user_type'] != "Admin") {
<?php include 'Footer.php';?>
<script>
function updatePass(id, pass) {
function updatePassword(id, pass) {
if (!confirm('Are you sure to reset user password?')) {
return;
}

7
Header.php
View File

@ -190,11 +190,4 @@ if (mysqli_connect_errno()) {
window.location.href = "\Script.php\?action=passchange&uid=" + id + "&pass=" + pass;
}
function blockUser(id, status) {
if (!confirm('Are you sure you want to change user status?')) {
return;
}
window.location.href = "\Script.php\?action=statuschange&uid=" + id + "&status=" + status;
}
</script>

3
Script.php
View File

@ -987,13 +987,12 @@ if (!empty($_GET["action"])) {
}
}
if ($action == "statuschange" && $_SESSION['user_id'] == $uid && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
if ($action == "statuschange" && ($_SESSION['user_type'] == "Lecturer" || $_SESSION['user_type'] == "Admin")) {
$sql = "UPDATE users_table set Status='$status' where User_ID='$uid';";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user Status updated successfully ";
header("Location: Admin.php");
} else {
// echo "Error: " . $sql . "<br>" . $con->error;
echo "Something really bad happened while changing status. Contact lanhui at zjnu.edu.cn. Thanks!";
}
}