archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

Add subscription management

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-10 16:00:27 +01:00
parent f7c7d7e3ee
commit 244e03adee
4 changed files with 121 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/includes/app_functions.php
View File

@@ -1,4 +1,17 @@
<?php
function get_all_users($db) {
try {
$stmt = "SELECT * FROM users";
$sql = $db->prepare($stmt);
$sql->execute();
$sql->setFetchMode(PDO::FETCH_ASSOC);
$result = $sql->fetchAll();
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
return $result;
}
function get_user_name($db, $user_uuid) {
try {
$stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";

30
app/public/actions/addsub.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
$PAGE_NAME = "Add subscriber";
require_once __DIR__ . "/../../includes/prereqs.php";
$request = get_request($db, $_POST['rid']);
$authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
// Add subscriber
if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
try {
$stmt = "INSERT INTO ticket_subscribers (ticket_uuid, user_uuid) VALUES (:tktuuid, :usruuid)";
$sql = $db->prepare($stmt);
$sql->bindParam(':tktuuid', $request['uuid']);
$sql->bindParam(':usruuid', $POST['addSubSelector']);
$sql->execute();
} catch (PDOException $e) {
$alert = array("danger", "Failed to add subscriber: " . $e->getMessage());
}
}
$newURL = "/managesub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
} else {
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
$newURL = "/managesub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
}
?>

30
app/public/actions/delsub.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
$PAGE_NAME = "Delete subscribers";
require_once __DIR__ . "/../../includes/prereqs.php";
$request = get_request($db, $_POST['rid']);
$authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
// Add subscriber
if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
try {
$stmt = "DELETE FROM ticket_subscribers WHERE ticket_uuid=:tktuuid AND user_uuid=:usruuid";
$sql = $db->prepare($stmt);
$sql->bindParam(':tktuuid', $request['uuid']);
$sql->bindParam(':usruuid', $POST['addSubSelector']);
$sql->execute();
} catch (PDOException $e) {
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
}
}
$newURL = "/managesub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
} else {
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
$newURL = "/managesub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
}
?>

102
app/public/managesub.php
View File

@@ -1,11 +1,12 @@
<?php
$PAGE_NAME = "Upload file";
$PAGE_NAME = "Manage request subscribers";
require_once __DIR__ . "/../includes/header.php";
$request = get_request($db, $_GET['rid']);
$updates = get_updates($db, $request);
$authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
$all_users = get_all_users($db);
?>
@@ -38,7 +39,9 @@
<div class="row">
<div class="col-4">
<div class="card mx-auto">
<div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
<div class="card-header"><span class="mdi mdi-information-outline">
</span> Information
</div>
<ul class="list-group list-group-flush">
<li class="list-group-item">
<div class="container">
@@ -90,66 +93,57 @@
<div class="col-8">
<div class="card mx-auto">
<div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
<div class="card-header">
<span class="mdi mdi-rss"></span> Manage Subscribers
</div>
<ul class="list-group list-group-flush">
<?php
if (count($updates) == 0) {
echo("<center><b>No updates</b></center>");
} else {
foreach($updates as $update) {
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b><?php echo(get_user_name($db, $update['user'])); ?></b></span><span class="text-muted"><i><?php echo(" " . $update['created']); ?></i></span>
</div>
<div class="row">
<span><?php echo($update['msg']); ?></span>
</div>
<li class="list-group-item">
<div class="container">
<div class="row">
<form method="post" action="/actions/delsub">
<div class="form-group">
<input type="hidden" id="rid" name="rid" value="<?php echo($request['uuid']); ?>">
<label for="delSubSelector">Remove subscribers:</label>
<select multiple class="form-control" id="delSubSelector" name="delSubSelector">
<?php foreach($authorised_users as $usr) {
$usr_name = get_user_name($db, $usr['uuid']) . " (" . $usr['uid'] . ")";
echo("<option value='" . $usr['uuid'] . "'>" . $usr_name . "</option>");
} ?>
</select>
</div>
<button type="submit" class="btn btn-danger">Submit</button>
</form>
</div>
</li>
<?php } } ?>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<form method="post" action="/actions/addsub">
<div class="form-group">
<input type="hidden" id="rid" name="rid" value="<?php echo($request['uuid']); ?>">
<label for="addSubSelector">Add subscriber:</label>
<select class="form-control" id="addSubSelector" name="addSubSelector">
<?php foreach($all_users as $usr) {
if (!in_array($usr['uuid'], $authorised_users)) {
$usr_name = get_user_name($db, $usr['uuid']) . " (" . $usr['uid'] . ")";
echo("<option value='" . $usr['uuid'] . "'>" . $usr_name . "</option>");
}
} ?>
</select>
</div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
</div>
</div>
</li>
</ul>
</div>
</div>
</div>
</div>
</section>
<section style="margin-top: 2%;">
<div class="col-sm">
<div class="card mx-auto">
<div class="card-header">
<span class="mdi mdi-rss"></span> Request Subscribers
</div>
<ul class="list-group list-group-flush">
<?php
if (count($subscribers) == 0) {
echo("<center><b>No subscribers</b></center>");
} else {
foreach($subscribers as $sub) { ?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo sprintf("%'.05d\n", $sub["id"]); ?> </span><span><b><?php echo($sub['title']); ?></b></span> <span style="display: inline;" class="text-muted"><?php echo("(Creator: " . get_user_name($db, $sub['created_by']) . ")"); ?></span>
<p class="m-0"><?php echo($sub['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($sub["uuid"]); ?>" role="button">Edit</a>
<a class="btn btn-success float-right" href="view?rid=<?php echo($sub["uuid"]); ?>" role="button">Delete</a>
</div>
</div>
</div>
</li>
<?php } } ?>
</ul>
</div>
</section>
</div>
</section>
<?php } else if ($is_authorised == false) { ?>
<section class="jumbotron text-center">
<div class="container">