<?php
session_start();
require_once('./config.php');
require_once('./managemyusers.class.php');
// var_dump($_POST);
if(count($_POST)==1){
/*
When you get a very large site with users activities you must avoid bug by before deleting a user
handle all the activities of the user you want to delete like we do for groups in the group_properties.php
file.You could erase them too, or you could attribute them to an administrator.You can instead of erase users
and even activities, simply hide all that by creating in the database a field "display" in all the tables
and just put it on hiden or display when you need.
So we provide this part just to delete the user but you must imperativily choose your way to handle all
other activities... and put it before this code like in the group_properties.php
file
*/
$query=$bdd->prepare('DELETE FROM users WHERE username=:name');//now do what admin ask: delete the user
$query->execute(array('name'=>$_POST["user"]));
$query->CloseCursor();
echo'User deleted';
}elseif(isset($_POST['add'])){
$query=$bdd->prepare('SELECT user_id FROM users WHERE username=:name');//get the id
$query->bindValue(':name',$_POST["user"],PDO::PARAM_STR);
$query->execute();
$id=$query->fetch();
$query->CloseCursor();
$query=$bdd->prepare('SELECT mail FROM users WHERE mail=:mail');//get the id
$query->bindValue(':mail',$_POST["mail"],PDO::PARAM_STR);
$query->execute();
$mail=$query->fetch();
$query->CloseCursor();
if(empty($id)&&empty($mail)){
$statutvalidation=(isset($_POST["statutvalidation"]))?$_POST["statutvalidation"]:0;
$role=(isset($_POST["role"]))?$_POST["role"]:"user";
$user=new managemyusers($bdd,$_POST['user'],md5($_POST['password']),$_POST['firstname'],$_POST['lastname'],$_POST['mail'],$_POST['groupid'],$role,$statutvalidation);
$user->add();
}else{
if(!empty($id)){
echo 'An user with the same username already exists please change the username or use the edit option to edit the user with this username';
}elseif(!empty($mail)){
echo 'This email address is already associated to another account';
}
}
}elseif(isset($_POST['update'])){
if(!empty($_POST["mail"])||$_POST["mail"]!=""){
$query=$bdd->prepare('SELECT user_id FROM users WHERE mail=:mail');//look for unique mail step1
$query->bindValue(':mail',$_POST["mail"],PDO::PARAM_STR);
$query->execute();
$mail=$query->fetch();
// echo '<pre>';
// var_dump($mail);
$query->CloseCursor();
$query=$bdd->prepare('SELECT user_id FROM users WHERE username=:username');//look for unique mail step2
$query->bindValue(':username',$_POST["oldusername"],PDO::PARAM_STR);
$query->execute();
$id=$query->fetch();
// var_dump($id);
$query->CloseCursor();
if($_POST["user"]!=$_POST["oldusername"]){
$query=$bdd->prepare('SELECT user_id FROM users WHERE username=:username');//look for unique new username
$query->bindValue(':username',$_POST["user"],PDO::PARAM_STR);
$query->execute();
$cusername=$query->fetch();
$query->CloseCursor();
}
// var_dump($cusername);
if(!isset($cusername)||empty($cusername)){
if((!$mail||$mail==$id)){
$statutvalidation=(isset($_POST["statutvalidation"]))?$_POST["statutvalidation"]:0;
$role=(isset($_POST["role"]))?$_POST["role"]:"user";
$group=new managemyusers($bdd,$_POST['user'],md5($_POST['password']),$_POST['firstname'],$_POST['lastname'],$_POST['mail'],$_POST['groupid'],$role,$statutvalidation);
$group->update($_POST['oldusername']);
}else{
echo 'This email address is already associated to another account';
}
}else{
echo 'your new username is already used by another user please change it and try again <br>';
}
}else{
echo 'your email address can not be empty';
}
}else{
echo "you have nothing to do here";
}
?>
|
Download
