Taylor/trojans-trophy-room
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed used-editing page for administrators - permissions editing works properly

Browse Source 
Fixed redirects for links opening in iFrame instead of redirecting the window
This commit is contained in:
FractalParadigm 2025-03-11 20:04:26 -04:00
parent 53c95d9897
commit 4b7a4003b3
2 changed files with 23 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
admin/user_management/edit_user.php
View File

@ -84,18 +84,15 @@
echo $discordLink; echo $discordLink;
echo "<p></p>"; echo "<p></p>";
if ($_POST["privileges"] == "administrator") {
if ($_POST["administrator"] != $userInfo["privileges"]) {
$privileges = 1; $privileges = 1;
} else { } else if ($_POST["privileges"] == "moderator") {
$privileges = $userInfo["privileges"];
}
if ($_POST["moderator"] != $userInfo["privileges"]) {
$privileges = 2; $privileges = 2;
} else { } else {
$privileges = $userInfo["privileges"]; $privileges = 0;
} }
// Prepare the command // Prepare the command
$update = $conn->prepare("UPDATE " . $userTableName . " SET $update = $conn->prepare("UPDATE " . $userTableName . " SET
privileges = :privileges, privileges = :privileges,
@ -118,7 +115,7 @@
$update->execute(); // Execute query $update->execute(); // Execute query
if ($username == $_SESSION["username"]) {
// Function from StackOverflow used to get the base URL, to which we append // Function from StackOverflow used to get the base URL, to which we append
// the redirect (where the user came from) // the redirect (where the user came from)
function url(){ function url(){
@ -135,10 +132,25 @@
// Redirect user back to their page // Redirect user back to their page
echo "<script>window.top.location.href = \"" . $address . "\";</script>"; echo "<script>window.top.location.href = \"" . $address . "\";</script>";
echo "<p>Account successfully updated</p>";
echo "<p>You should have been redirected to your account. Here's a link:</p>"; echo "<p>You should have been redirected to your account. Here's a link:</p>";
echo "<p><a href=\"/user/" . $_SESSION["username"] . " \">My Account</a></p>"; echo "<p><a href=\"/user/" . $_SESSION["username"] . " \" onclick=\"redirect('this', '/user/" . $_SESSION["username"] . "')\">My Account</a></p>";
} else {
function url(){
return sprintf(
"%s://%s/user/%s",
isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? 'https' : 'http',
$_SERVER['SERVER_NAME'],
$_SESSION["username"]
);
}
$address = url();
echo "<p>Account successfully updated</p>";
echo "<p><a href=\"/user/" . $username . " \" onclick=\"redirect('this', '/user/" . $username . "')\">Back</a></p>";
}
} catch (PDOException $e) { // failed connection } catch (PDOException $e) { // failed connection
echo "Connection failed: " . $e->getMessage(); echo "Connection failed: " . $e->getMessage();

1
admin/user_management/user_edit_form.php
View File

@ -83,6 +83,7 @@ try { // Try opening the SQL database connection
</div> </div>
<p>&nbsp;</p> <p>&nbsp;</p>
<input type="submit" value="EDIT" /> <input type="submit" value="EDIT" />
<input type="hidden" id="username" name="username" value="<?php echo $username; ?>" >
</form> </form>
<script>setPrivilegeLevel(<?php echo $userData["privileges"]; ?>)</script> <script>setPrivilegeLevel(<?php echo $userData["privileges"]; ?>)</script>