aboutsummaryrefslogtreecommitdiff
path: root/Html/admin/users.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--Html/admin/users.php170
1 files changed, 170 insertions, 0 deletions
diff --git a/Html/admin/users.php b/Html/admin/users.php
new file mode 100644
index 0000000..9e12cd9
--- /dev/null
+++ b/Html/admin/users.php
@@ -0,0 +1,170 @@
+<?php
+//include config
+require_once '../includes/config.php';
+
+//Si pas connecté OU si le membre n'est pas admin, pas de connexion à l'espace d'admin --> retour sur la page login
+if(!$user->is_logged_in()) {
+ header('Location: login.php');
+}
+
+if(isset($_SESSION['userid'])) {
+ if($_SESSION['userid'] != 1) {
+ header('Location: '.SITEURL);
+ }
+}
+
+//show message from add / edit page
+if(isset($_GET['deluser'])){
+
+ //if user id is 1 ignore
+ if($_GET['deluser'] !='1'){
+
+ // On supprime l'avatar du membre
+ $stmt = $db->prepare('SELECT avatar FROM blog_members WHERE memberID = :memberID');
+ $stmt->execute(array(':memberID' => (int) $_GET['deluser']));
+ $sup = $stmt->fetch();
+ $file = $REP_IMAGES_AVATARS.$sup['avatar'];
+ if (!empty($sup['avatar'])) {
+ unlink($file);
+ }
+
+ // on supprime le membre
+ $stmt = $db->prepare('DELETE FROM blog_members WHERE memberID = :memberID') ;
+ $stmt->execute(array(':memberID' => (int) $_GET['deluser']));
+
+ // on supprime les données torrent du membre
+ $stmt1 = $db->prepare('DELETE FROM xbt_users WHERE uid = :uid') ;
+ $stmt1->execute(array(':uid' => (int) $_GET['deluser']));
+
+ // on supprime les commentaires du membre
+ //$delname = html($_GET['delname']);
+ //$stmt2 = $db->prepare('DELETE FROM blog_posts_comments WHERE cuser = :cuser') ;
+ //$stmt2->execute(array(':cuser' => $delname));
+
+ header('Location: users.php?action=supprime');
+ exit;
+
+ }
+}
+
+// titre de la page
+$pagetitle= 'Admin : gestion des membres';
+include_once '../includes/header.php';
+
+?>
+
+<body>
+
+<div id="container">
+
+ <?php
+ include_once '../includes/header-logo.php';
+ include_once '../includes/nav.php';
+ ?>
+
+
+ <div id="body">
+ <div id="content">
+
+ <?php include('menu.php');?>
+
+ <?php
+ //show message from add / edit user
+ if(isset($_GET['action']) && $_GET['action'] == 'supprime'){
+ echo '<h3>Le membre a été supprimé avec succès.</h3>';
+ }
+ if(isset($_GET['action']) && $_GET['action'] == 'ajoute'){
+ echo '<h3>Le membre a été ajouté avec succès.</h3>';
+ }
+ ?>
+
+ <table>
+ <tr>
+ <th>ID</th>
+ <th>Pseudo</th>
+ <th>PID</th>
+ <th>Email</th>
+ <th style="text-align: center;">Inscription</th>
+ <th>Validé</th>
+ <th style="text-align: center;">Action</th>
+ </tr>
+ <?php
+ try {
+ $pages = new Paginator('10','p');
+
+ $stmt = $db->query('SELECT memberID FROM blog_members');
+
+ //pass number of records to
+ $pages->set_total($stmt->rowCount());
+
+ $stmt = $db->query('SELECT memberID,username,pid,email,memberDate,active FROM blog_members ORDER BY memberID DESC '.$pages->get_limit());
+ while($row = $stmt->fetch()){
+
+ echo '<tr>';
+ echo '<td>'.html($row['memberID']).'</td>';
+ echo '<td>'.html($row['username']).'</td>';
+ echo '<td style="font-size: 10px;">'.html($row['pid']).'</td>';
+ echo '<td style="font-size: 11px;">'.html($row['email']).'</td>';
+
+ sscanf($row['memberDate'], "%4s-%2s-%2s %2s:%2s:%2s", $annee, $mois, $jour, $heure, $minute, $seconde);
+ echo '<td style="font-size: 10px; text-align: center;">'.$jour.'-'.$mois.'-'.$annee.'</td>';
+ ?>
+
+ <?php
+ echo '<td style="text-align:center;">';
+ if($row['active'] == 'yes') {
+ echo 'oui';
+ }
+ elseif($row['active'] != 'yes' || $row['active'] == 'no') {
+ echo 'non';
+ }
+ echo '</td>';
+ ?>
+
+ <td style="text-align: center;">
+ <a style="text-decoration: none;" href="edit-user.php?id=<?php echo html($row['memberID']);?>">
+ <input type="button" class="button" value="Edit." /></a>
+ <?php if($row['memberID'] != 1){?>
+ | <a style="text-decoration: none;" href="javascript:deluser('<?php echo html($row['memberID']);?>','<?php echo html($row['username']);?>')">
+ <input type="button" class="button" value="Supp." /></a>
+ <?php } ?>
+ </td>
+
+ <?php
+ echo '</tr>';
+
+ }
+
+ } catch(PDOException $e) {
+ echo $e->getMessage();
+ }
+ ?>
+ </table>
+
+ <br />
+
+ <?php
+ echo $pages->page_links();
+ ?>
+
+ <p style="text-align: right;">
+ <a href="add-user.php" style="text-decoration: none;"><input type="button" class="button" value="Ajouter un membre" /></a>
+ </p>
+ </div>
+
+ <?php
+ include_once '../sidebar.php';
+ ?>
+
+ <div class="clear"></div>
+ </div>
+</div>
+
+<div id="footer">
+ <?php
+ include_once '../includes/footer.php';
+ ?>
+</div>
+
+</body>
+</html>