mirror of
https://github.com/xevidos/codiad.git
synced 2024-12-22 22:02:15 +01:00
Finished user access switch in users panel.
This commit is contained in:
parent
3d122eb296
commit
4298962b14
3 changed files with 312 additions and 283 deletions
|
@ -410,6 +410,22 @@ class User {
|
|||
}
|
||||
}
|
||||
|
||||
public function update_access() {
|
||||
|
||||
global $sql;
|
||||
$query = "UPDATE users SET access=? WHERE username=?;";
|
||||
$bind_variables = array( $this->access, $this->username );
|
||||
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
||||
|
||||
if( $return > 0 ) {
|
||||
|
||||
echo formatJSEND( "success", "Updated access for {$this->username}" );
|
||||
} else {
|
||||
|
||||
echo formatJSEND( "error", "Error updating project" );
|
||||
}
|
||||
}
|
||||
|
||||
//////////////////////////////////////////////////////////////////
|
||||
// Verify Account Exists
|
||||
//////////////////////////////////////////////////////////////////
|
||||
|
|
|
@ -147,5 +147,18 @@ if ($_GET['action']=='verify') {
|
|||
if ( $_GET['action'] == 'update_access' ) {
|
||||
|
||||
checkSession();
|
||||
echo json_encode( array( $_GET["username"], $_GET["access"] ) );
|
||||
|
||||
if ( ! isset( $_GET['access'] ) || ! isset( $_GET['username'] ) ) {
|
||||
|
||||
die( formatJSEND( "error", "Could not update access." ) );
|
||||
}
|
||||
|
||||
if( ! is_admin() ) {
|
||||
|
||||
die( formatJSEND( "error", "You do not have permission to update access." ) );
|
||||
}
|
||||
|
||||
$User->username = $_GET["username"];
|
||||
$User->access = $_GET["access"];
|
||||
$User->update_access();
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue