/var/www/(Del)pathways.org.hk/MIS_bk/user/index.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

<?php
require_once(__DIR__ '/../checkuser.php');
function index() {
    global $dbh;
    
    $message $_GET['message'] ?: null;
    
    $where "user.deleted = ?";
    $parameters = array(0);
    switch ($_SESSION['webadmin']['role']) {
        case 2// Admin
            $where .= " AND user.role <> ?";
            $parameters[] = 1// SuperAdmin
            break;
        case 3// Staff
            $where .= " AND user.id = ?";
            $parameters[] = (int)$_SESSION['webadmin']['id'];
            break;
    }
    
    $sql "
SELECT user.*
FROM sys_login user
WHERE $where
ORDER BY user.role, user.username";
    $sth Db\Util::execute($dbh$sql$parameters);
    $users $sth->fetchAll();
    
    return array(
        'users' => $users,
        'message' => $message,
        'userRoleOptions' => User::roleOptions(),
    );
}
extract(index());
?><!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    
    <?php require(__DIR__ '/../inc/_head_meta.php'); ?>
    
    <?php require(__DIR__ '/../inc/_head_css.php'); ?>
    
    <?php require(__DIR__ '/../inc/_head_script.php'); ?>
    
</head>
<body>
    
    <?php require( __DIR__ '/../inc/_navbar.php'); ?>
    
    <div class="text-right">
        <ul class="breadcrumb">
            <li><a href="#">System</a> <span class="divider">&gt;</span></li>
            <li class="active">User</li>
        </ul>
    </div>
    
    <div class="container-fluid pathways-container">
        
        <?php if (isset($message) && !empty($message)): ?>
        <div class="alert alert-info">
            <button type="button" class="close" data-dismiss="alert">&times;</button>
            <h5 class="alert-heading">Note:</h5>
            <p><?=$message?></p>
        </div>
        <?php endif; ?>

        <a href="form.php" class="btn pull-right"><i class="icon-plus"></i> Add</a>
        <h3>User</h3>
        
        <?php if (empty($users)): ?>
        <p>There are no records.</p>
        <?php else: ?>
        <form id="form" action="" method="post">
            <table class="table table-striped table-bordered table-hover table-condensed">
                <thead>
                    <tr>
                        <th style="min-width:50px; width:50px">Edit</th>
                        <th style="min-width:50px; width:50px">Enable</th>
                        <th style="min-width:200px; width:200px">Role</th>
                        <th>User Name</th>
                    </tr>
                </thead>
                <tbody>
                    <?php foreach ($users as $user): ?>
                    <tr>
                        <td><a href="form.php?id=<?=h($user['id'])?>" class="btn"><i class="icon-pencil"></i></a></td>
                        <td><a href="status.php?<?=http_build_query(array('id' => $user['id'], 'active' => $user['actived'] == '0' '1'))?>" class="btn"><i class="icon-<?=$user['actived'] == 'ok' 'remove'?>"></i></a></td>
                        <td><?=h($userRoleOptions[$user['role']])?></td>
                        <td><?=h($user['username'])?></td>
                    </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>
        </form>
        <script type="text/javascript">
            $(function() {
                $('#form').validate();
            });
        </script>
        <?php endif; ?>
    
        <?php require( __DIR__ '/../inc/_footer.php'); ?>

    </div> <!-- /container -->
</body>
</html>