admin/users.php at master · keii.dev/qrkill

keii.dev / qrkill

A php killer game implementation

qrkill / admin / users.php

at master 1.1 kB view raw

 1<?php
 2
 3session_start();
 4
 5require_once '../priv/twig.php';
 6require_once '../priv/pdo.php';
 7require_once '../priv/errorhandler.php';
 8
 9if(!isset($_SESSION['qr']['is_admin']) || $_SESSION['qr']['is_admin'] === '0')
10{
11    header('Location: index.php');
12    die();
13}
14
15
16if($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['id']))
17{ 
18    $sql = 'SELECT * FROM qr_users WHERE id = ?';
19    $model['blob'] = DB::prepare($sql)->texecute([$_GET['id']])->fetch(); 
20    echo $twig->render('admin/blob.html', $model);
21    die();
22}
23
24if($_SERVER['REQUEST_METHOD'] === 'GET')
25{ 
26    $sql = 'SELECT * FROM qr_users';
27    $model['users'] = DB::prepare($sql)->texecute()->fetchAll(); 
28    echo $twig->render('admin/users.html', $model);
29    die();
30}
31
32
33if($_SERVER['REQUEST_METHOD'] === 'POST')
34{
35    if($_POST['action'] === 'Skapa')
36    {
37        $sql = 'INSERT INTO qr_users (username, name, class, is_admin) VALUES (?, ?, ?, ?)';
38        DB::prepare($sql)->texecute([$_POST['username'], $_POST['name'], $_POST['class'], $_POST['is_admin']]);
39        header('Location: users.php?id='.DB::lastInsertId());
40        die();
41    }
42}
43