forked from boussou/phpMyReservation
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cp.php
170 lines (118 loc) · 5.22 KB
/
cp.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
<?php
include_once('main.php');
if(check_login() != true) { exit; }
if($_SESSION['user_is_admin'] == '1' && isset($_GET['list_users']))
{
echo list_users();
}
elseif($_SESSION['user_is_admin'] == '1' && isset($_GET['reset_user_password']))
{
$user_id = mysql_real_escape_string($_POST['user_id']);
echo reset_user_password($user_id);
}
elseif($_SESSION['user_is_admin'] == '1' && isset($_GET['change_user_permissions']))
{
$user_id = mysql_real_escape_string($_POST['user_id']);
echo change_user_permissions($user_id);
}
elseif($_SESSION['user_is_admin'] == '1' && isset($_GET['delete_user_data']))
{
$user_id = mysql_real_escape_string($_POST['user_id']);
$data = $_POST['delete_data'];
echo delete_user_data($user_id, $data);
}
elseif($_SESSION['user_is_admin'] == '1' && isset($_GET['delete_all']))
{
$data = $_POST['delete_data'];
echo delete_all($data);
}
elseif($_SESSION['user_is_admin'] == '1' && isset($_GET['save_system_configuration']))
{
$price = mysql_real_escape_string($_POST['price']);
echo save_system_configuration($price);
}
elseif(isset($_GET['get_usage']))
{
echo get_usage();
}
elseif(isset($_GET['get_reservation_reminders']))
{
echo get_reservation_reminders();
}
elseif(isset($_GET['toggle_reservation_reminder']))
{
echo toggle_reservation_reminder();
}
elseif(isset($_GET['change_user_details']))
{
$user_name = mysql_real_escape_string(trim($_POST['user_name']));
$user_email = mysql_real_escape_string($_POST['user_email']);
$user_password = mysql_real_escape_string($_POST['user_password']);
echo change_user_details($user_name, $user_email, $user_password);
}
else
{
echo '<div class="box_div" id="cp_div"><div class="box_top_div"><a href="#">Start</a> > Control panel</div><div class="box_body_div">';
if($_SESSION['user_is_admin'] == '1')
{
?>
<h3>User administration</h3>
<div id="users_div"><?php echo list_users(); ?></div>
<p class="center_p"><input type="button" class="small_button blue_button" id="reset_user_password_button" value="Reset password"> <input type="button" class="small_button blue_button" id="change_user_permissions_button" value="Change permissions"> <input type="button" class="small_button" id="delete_user_reservations_button" value="Delete reservations"> <input type="button" class="small_button" id="delete_user_button" value="Delete user"></p>
<p class="center_p" id="user_administration_message_p"></p>
<hr>
<h3>Database administration</h3>
<p class="smalltext_p">These will require a confirmation. Your user and reservations will not be deleted unless you delete everything.</p>
<p><input type="button" class="small_button" id="delete_all_reservations_button" value="Delete all reservations"> <input type="button" class="small_button" id="delete_all_users_button" value="Delete all users"> <input type="button" class="small_button" id="delete_everything_button" value="Delete everything"></p>
<p id="database_administration_message_p"></p>
<hr>
<h3>System configuration</h3>
<p class="smalltext_p">Changing the price will not affect previous reservations.</p>
<form action="." id="system_configuration_form"><p>
<input type="text" id="price_input" value="<?php echo get_configuration('price'); ?>"> <label for="price_input">Price per reservation, in <?php echo global_currency; ?></label><br><br>
<input type="submit" class="blue_button small_button" value="Save configuration">
</p></form>
<p id="system_configuration_message_p"></p>
<hr class="blue_hr thick_hr">
<?php
}
?>
<h3>Your usage</h3>
<p class="smalltext_p">If you have used without making a reservation first, please click the button below. It can't be undone.</p>
<div id="usage_div"><?php echo get_usage(); ?></div>
<p><input type="button" class="blue_button small_button" id="add_one_reservation_button" value="Add 1 to my reservations"></p>
<p id="usage_message_p"></p>
<hr>
<?php
if(global_reservation_reminders == '1')
{
?>
<h3>Your settings</h3>
<p class="smalltext_p">Before changing any setting, please verify that your details below are correct.</p>
<p><span id="reservation_reminders_span"><?php echo get_reservation_reminders(); ?></span> <label for="reservation_reminders_checkbox">Send me reservation reminders by email</label></p>
<p id="settings_message_p"></p>
<hr>
<?php
}
?>
<h3>Your details</h3>
<p class="smalltext_p">If you change your email, you must use the new one to log in. Password can be left blank to leave unchanged.</p>
<form action="." id="user_details_form" autocomplete="off"><p>
<div id="user_details_div"><div>
<label for="user_name_input">Name:</label><br>
<input type="text" id="user_name_input" value="<?php echo $_SESSION['user_name']; ?>"><br><br>
<label for="user_email_input">Email:</label><br>
<input type="text" id="user_email_input" autocapitalize="off" value="<?php echo $_SESSION['user_email']; ?>">
</div><div>
<label for="user_password_input">Password:</label><br>
<input type="password" id="user_password_input"><br><br>
<label for="user_password_confirm_input">Confirm password:</label><br>
<input type="password" id="user_password_confirm_input">
</div></div>
<p><input type="submit" class="small_button blue_button" value="Update my details"></p>
</p></form>
<p id="user_details_message_p"></p>
</div></div>
<?php
}
?>