mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

Admin.php - Fixed Bug 485 Lecturer should not have the administration panel that allows him to create other Lecturer accounts

pull/49/head
YAKUBU ABDULAI 2022-11-19 21:48:07 +08:00
parent 74a8a68ee9
commit 67647de04a
1 changed files with 70 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
Admin.php
View File

@ -7,13 +7,13 @@ $page = "admin";
include 'Header.php'; include 'Header.php';
?> ?>
<?php <!-- <?php
if ($_SESSION['user_type'] != "Lecturer") { // if ($_SESSION['user_type'] != "Lecturer") {
$_SESSION["info_login"] = "You must log in first."; // $_SESSION["info_login"] = "You must log in first.";
echo $_SESSION["info_login"]; // echo $_SESSION["info_login"];
header("Location: index.php"); // header("Location: index.php");
} // }
?> ?> -->
<style> <style>
.col-md-4 { .col-md-4 {
@ -36,10 +36,23 @@ if ($_SESSION['user_type'] != "Lecturer") {
<hr> <hr>
--> -->
<div class="col-md-6"> <div class="col-md-6">
<h4> User Account Management </h4>
<hr>
<b>Lecturer / TA Accounts </b><br> <?php
if ($_SESSION['user_type'] == "Lecturer") {
echo " <h4> TA Account Management </h4>
<hr> " ;
echo "<b>TA Accounts </b><br>" ;
}
else if(($_SESSION['user_type'] == "Admin")){
echo " <h4> Lecturer Account Management </h4>
<hr> ";
echo "<b>Lecturer Accounts </b><br>";
}
?>
<div class="container"> <div class="container">
@ -65,7 +78,19 @@ if ($_SESSION['user_type'] != "Lecturer") {
<div id="home" class="container tab-pane active"><br> <div id="home" class="container tab-pane active"><br>
<b>Create Lecturer/TA Accounts </b> <?php
if ($_SESSION['user_type'] == "Lecturer") {
echo "<b>Create TA Accounts </b>";
}
else if(($_SESSION['user_type'] == "Admin")){
echo "<b>Create Lecturer Accounts </b>";
}
?>
<form method="post" action="Script.php" id="create_account_form"> <form method="post" action="Script.php" id="create_account_form">
<input type="hidden" name="frm_createlecturrer" value="true" required="" /> <input type="hidden" name="frm_createlecturrer" value="true" required="" />
Full_Name Full_Name
@ -76,9 +101,25 @@ if ($_SESSION['user_type'] != "Lecturer") {
Passport_Number / ID (Used as Intial Password) Passport_Number / ID (Used as Intial Password)
<input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required=""> <input type="text" class="form-control" name="passport" placeholder="Passport No./ID" required="">
<br> User Type : <br> User Type :
<input type="radio" name="type" value="Lecturer" required="" id="role_lecturer"> Lecturer
<input type="radio" name="type" value="TA" required="" id="role_TA"> T/A <?php
if ($_SESSION['user_type'] == "Lecturer") {
echo ' <input type="radio" name="type" value="TA" required="" id="role_TA"> T/A ';
}
else if(($_SESSION['user_type'] == "Admin")){
echo " <input type='radio' name = 'type' value = 'Lecturer' required = '' id='role_lecturer' > Lecturer ";
}
?>
<input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br> <input type="submit" class="btn btn-primary" value="Create" id="create_btn"><br>
<?php <?php
error_reporting(E_ALL); error_reporting(E_ALL);
@ -112,10 +153,22 @@ if ($_SESSION['user_type'] != "Lecturer") {
</tr> </tr>
<?php <?php
if ($_SESSION['user_type'] == "Lecturer") {
$result = mysqli_query( $result = mysqli_query(
$con, $con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer','TA')" "SELECT * FROM Users_Table WHERE UserType in ('TA')"
); );
}
else if(($_SESSION['user_type'] == "Admin")){
$result = mysqli_query(
$con,
"SELECT * FROM Users_Table WHERE UserType in ('Lecturer')"
);
}
while ($row = mysqli_fetch_assoc($result)) { while ($row = mysqli_fetch_assoc($result)) {
$pass = $row['Passport_Number']; $pass = $row['Passport_Number'];
$btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>"; $btn = "<button class='btn-primary' onclick=\"updatePass(" . $row['User_ID'] . ",'$pass')\">Reset</button>";