Show sourcecode
The following files exists in this folder. Click to view.
webbserverprogrammering/submissions/projekt-quiz/admin/
admin_login.php
admin_manage_quiz.php
admin_manage_users.php
admin_panel.php
admin_statistics.php
make_admin.php
admin_manage_users.php
130 lines UTF-8 Unix (LF)
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130
<?php
session_start();
require_once '../includes/db_connect.php';
// Kontrollera att admin är inloggad
if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true) {
header("Location: admin_login.php");
exit();
}
// Radera användare
if (isset($_POST['delete_user'])) {
$user_id = $_POST['user_id'];
// Förhindra radering av sig själv
if ($user_id != $_SESSION['admin_id']) {
$stmt = $pdo->prepare("DELETE FROM users WHERE id = :id");
$stmt->execute([':id' => $user_id]);
$_SESSION['success'] = "Användare raderad!";
} else {
$_SESSION['error'] = "Du kan inte radera ditt eget konto!";
}
header("Location: admin_manage_users.php");
exit();
}
// Gör användare till admin
if (isset($_POST['make_admin'])) {
$user_id = $_POST['user_id'];
$stmt = $pdo->prepare("UPDATE users SET is_admin = 1 WHERE id = :id");
$stmt->execute([':id' => $user_id]);
$_SESSION['success'] = "Användare uppgraderad till admin!";
header("Location: admin_manage_users.php");
exit();
}
// Hämta alla användare
$stmt = $pdo->query("
SELECT u.id, u.name, u.username, u.is_admin, u.last_login,
COUNT(qa.id) as quiz_count
FROM users u
LEFT JOIN quiz_attempts qa ON u.id = qa.user_id
GROUP BY u.id
ORDER BY u.name
");
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
$page_title = 'Hantera Användare';
require_once '../includes/header.php';
?>
<div class="container">
<div class="admin-section">
<h1>Hantera Användare</h1>
<a href="admin_panel.php" class="btn btn-secondary">Tillbaka till Admin Panel</a>
<?php if (isset($_SESSION['success'])): ?>
<div class="success-message">
<?php
echo htmlspecialchars($_SESSION['success']);
unset($_SESSION['success']);
?>
</div>
<?php endif; ?>
<?php if (isset($_SESSION['error'])): ?>
<div class="error-message">
<?php
echo htmlspecialchars($_SESSION['error']);
unset($_SESSION['error']);
?>
</div>
<?php endif; ?>
<table>
<thead>
<tr>
<th>Namn</th>
<th>Användarnamn</th>
<th>Status</th>
<th>Senaste inloggning</th>
<th>Antal quiz</th>
<th>Åtgärder</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['name']); ?></td>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td>
<?php if ($user['is_admin']): ?>
<span class="badge-admin">Admin</span>
<?php else: ?>
<span class="badge-user">Användare</span>
<?php endif; ?>
</td>
<td><?php echo $user['last_login'] ? date('Y-m-d H:i', strtotime($user['last_login'])) : 'Aldrig'; ?></td>
<td><?php echo $user['quiz_count']; ?></td>
<td>
<?php if (!$user['is_admin']): ?>
<form method="POST" style="display:inline;">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<button type="submit" name="make_admin" class="btn btn-small">
Gör till Admin
</button>
</form>
<?php endif; ?>
<?php if ($user['id'] != $_SESSION['admin_id']): ?>
<form method="POST" style="display:inline;" onsubmit="return confirm('Är du säker på att du vill radera denna användare?');">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<button type="submit" name="delete_user" class="btn btn-danger">Radera</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<?php require_once '../includes/footer.php'; ?>